Re: Open Letter to D-Link about their NTP vandalism

["Chris Kuethe" <chris.kuethe () gmail com>]

On 4/12/06, Steve Sobol <sjsobol () justthe net> wrote:
> On Tue, 11 Apr 2006, Steven M. Bellovin wrote:
> > By the way, since we're talking about D-Link, it's instructive to read the
> > warnings on their firmware update pages.
> >
> >       Do NOT upgrade firmware on any D-Link product over a wireless
> >       connection. Failure of the device may result. Use only hard-wired
> >       network connections.
>
> Cisco/Linksys says the same thing.

Who here hasn't been burned at least once by changing packet filters,
routes or interface configurations over the wire/air? Or maybe getting
your userland and kernel out of sync on a *NIX machine?

It's not really that surprising that they put that in there, other
than maybe the fact that it's useful advice. And maybe it'll reduce
support costs.

Loading a new firmware is a risky operation - I don't know of too many
consumer network widgets with a reflash safety protocol to prevent you
from destroying the device with an aborted upload. Heck, that's still
a pretty rare feature in pee-cees. Sure it's easy to implement such a
thing, but that would cost money. I think this thread has done a good
job of demonstrating that those who would choose the right (and maybe
slightly more expensive up front) solution are outvoted by those who
would just take a quick, cheap and easy hack.

CK

--
GDB has a 'break' feature; why doesn't it have 'fix' too?