[linux-elitists] Are we Dead Yet? (or "For every sprinkle I find, I shall kill you!)

Martin Pool mbp@sourcefrog.net
Tue Jan 25 16:22:32 PST 2005


On 21 Jan 2005, Rick Moen <rick@linuxmafia.com> wrote:

> Indeed, I'm getting really tired of seeing bullshit "reports" about Linux
> security by self-promoting security-industry flacks.

A troll with a press release is still a troll...

> One is moved to wonder _why_ you would leave a glaringly obsolete
> Linux distribution unpatched.  Both RH 9 and 7.3 are now EOL; even
> errata for them are no longer published:  Updates, as you say, ended
> last April.

It's unrepresentative, but still there must be thousands of such
machines.  Many people do just install Linux and never do any
maintenance.

What we need, and are gradually getting to, is that machines will just
look after themselves: download and install patches automatically and
with minimal interruption to service.  Getting this perfectly right is
not easy (consider kernel patches, signing, user policy) and as I
remember it was not really handled at all in the RH7 days.

> And, c'mon: Those distributions were released 20 months and 32
> months prior to the study's date of operation, respectively.

I would hope that sometime in the future it would be possible to
install a machine, seal it behind a wall with only net/power, and have
it run securely without owner intervention until the hardware fails.
Why not?

(I realize this is not an Elite way to run a machine, but it would be
pretty cool to fix the engineering problems so that it is possible.)

-- 
Martin



More information about the linux-elitists mailing list