Full Disclosure mailing list archives
Re: Getting Off the Patch
From: Pete Herzog <lists () isecom org>
Date: Thu, 13 Jan 2011 19:45:13 +0100
Yeah, sounds good in theory. What about when vulnerabilities (and presumably patches) come out for your "sandbox" or other security software?
That's why you use a wide array of operational controls and not just one, like a sandbox. The sandbox in the article was just a small example.
IMO, adding more software to a system rarely results in overall management gains. This is because most software, including security software, sucks. If you find yourself patching too often, or you can't trust that the patches won't break your environment, then you probably need to find a software vendor that invests more in QA.
I couldn't agree more. Flaws in operational controls (security software) are a serious shame on the security industry and as you suggested, if you have that many flaws in a software, replace the vendor. However, I'll go one more- if you find your patches breaking too often or too many things, then stop patching and find an alternative. Sincerely, -pete. -- Pete Herzog - Managing Director - pete () isecom org ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Getting Off the Patch Pete Herzog (Jan 11)
- Re: Getting Off the Patch Zach C (Jan 11)
- Re: Getting Off the Patch Valdis . Kletnieks (Jan 11)
- Re: Getting Off the Patch Tim (Jan 11)
- Re: Getting Off the Patch Pete Herzog (Jan 13)
- Re: Getting Off the Patch Tim (Jan 14)
- Re: Getting Off the Patch Valdis . Kletnieks (Jan 11)
- Re: Getting Off the Patch Zach C (Jan 11)
- Re: Getting Off the Patch Pete Herzog (Jan 13)
- Re: Getting Off the Patch Zach C (Jan 13)
- Re: Getting Off the Patch Pete Herzog (Jan 14)
- Re: Getting Off the Patch Valdis . Kletnieks (Jan 14)
- Re: Getting Off the Patch phocean (Jan 14)
- Re: Getting Off the Patch Pete Herzog (Jan 14)
- Re: Getting Off the Patch Thor (Hammer of God) (Jan 14)
- Re: Getting Off the Patch Christian Sciberras (Jan 14)
- Re: Getting Off the Patch Thor (Hammer of God) (Jan 14)