North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Sat, 10 Feb 2007 23:36:32 -0600 "Stasiniewicz, Adam" <[email protected]> wrote: > Another time I was do some consulting work for a NPO. I was going > over the findings of my audit and I told the IT manager that all of > his machines were missing patches. His response: "we only install > service packs, individual patches take too much time to install and > tend to break more stuff than they fix". Ironically, a month latter > he calls me back asking for help because his network got infect with > Blaster... He was both right and wrong -- patches do break a lot of stuff. He was facing two problems: the probability of being off the air because of an attack versus the probability of being off the air because of bad interactions between patches and applications. Which is a bigger risk? It's not an easy question to answer. One scenario that scares me is what happens if the April Patch Tuesday takes out, say, TurboTax, just as Americans are getting ready to file their tax returns. There are no good answers to this question. Of course, being an academic I can view such problems as opportunities, and it is in fact a major focus of my research. Today, though, it's a serious issue for system managers. --Steve Bellovin, http://www.cs.columbia.edu/~smb
|