Surfing in Kansas
I was reading an article on LWN about security vulnerabilities on newly shipped machines. The qualm is that the same place that the updates for vulnerabilities come from is the same place where you are going to get infected. They are asking if there isn't possibly a better way to do it. I think there is:
Don't let the user use network facing services until the system is patched. When the user first gets the machine, don't let ftp/ssh/etc. connect and give them a warning that they have to update their systems before they can have access to the internet. This will keep them protected until their machine has a chance to update, with the update mechanism the only way for them to be infected.
Comments have been close for this post.
Posted at 12:35 p.m. on February 19, 2008
Comments: 0
Large Problems in Django, Mostly Solved: Delayed Execution
1 month Ago (Comments: 10)
Django Inspect: A generic introspection API for Django models
5 months, 2 weeks Ago (Comments: 7)
The role of designers in the Django community
5 months, 3 weeks Ago (Comments: 23)
Large Problems in Django, Mostly Solved: Documentation
5 months, 3 weeks Ago (Comments: 7)
6 months, 3 weeks Ago (Comments: 0)
I may not have gone where I intended to go, but I think I have ended up where I intended to be.
- Douglas Adams
