[ale] IBM is buying Redhat!

Simba simbalion-ale at tailpuff.net
Mon Oct 29 11:15:38 EDT 2018


Irrelevant. Every day that a vulnerable system remains unpatched is a
day that system could be compromised.

You can't go on for hours about how DoD demands rigorous standards, then
tell me that they're incapable of patching in a reasonable timeframe,
and call that competence.

I would fire everyone for not reaching that conclusion on their own, and
I would re-write the rules to prioritize technology security.

Simba Lion - https://tailpuff.net
https://keybase.io/simbalion

"Why is a raven like a writing desk?"

On 10/29/18 11:06 AM, Solomon Peachy wrote:
> On Mon, Oct 29, 2018 at 10:33:30AM -0400, Simba via Ale wrote:
>> 30 days is being generous. Most simple patches could be tested and
>> rolled out in 48 hours in a well run environment. 30 days IS for the
>> complicated ones.
> 
> 30 days doesn't even scratch the surface for safety-critical 
> applications, even if no bespoke hardware is involved.
> 
> For example, the testing regimen of the last DoD project I worked on 
> included simulated EMP bursts as well as the usual environmental 
> hazards.  Those tests took days to run.. after the several weeks it took 
> to get lab time scheduled.
> 
>  - Solomon
> 


More information about the Ale mailing list