It's Patch Tuesday...Again...
Overnight I received an email from a friend, forwarding me an article from Redmond Magazine. The topic of the magazine was the huge Patch Tuesday dump that our friends in Redmond have sent down. There was also some discussion about the patch bundles dropped by Adobe and Oracle as well. In the words of the author of the article It's a heavy burden for just this month. The email, though was what I wanted to highlight. My friend said to me:
Here's a good ad for Linux! ("Ya load 16 patches and whaddayaget? Another day older and deeper in debt. Saint Peter dontcha take me 'cause I can't goooooo; I owe my soul to the Microsoft stooooore" - with apologies to Tennessee Ernie Ford).
I am sure there are a number of Linux people that are waking up and pointing at their Windows using friends and saying I told you so, but I can assure you, most of those people are not professional Linux administrators. In fact, most of us that use Linux for a living would say not so fast.... Over the past two weeks I have had a number of things patched on my Fedora 13 system. I say things because I really was not paying attention to exactly what was being patched, pretty much the same way I do not not really pay much attention to what Microsoft (or Oracle or Adobe) are patching this week. Now you might argue that I not only should be paying attention, but that I inspect each and every patch before I apply it for relevancy and value. Yea, OK. Show of hands, who has time for that? Yes, there are some of you out there that not only do test each and every patch, but know exactly the impact it is going to have on your systems. Further, you also know that if one of your systems is down for even a second, the amount of money lost is more than enough to pay for the test and development systems needed to test patches when they come out. But most of us just take it on faith. We have to. Linux continues to be one of the safest operating systems on the market today. This is because of the model of access (least privilege) and the intense scrutiny of the code. But even with an average of one bug per 1000 lines of code, even we have patches, security issues and exploits that we have to be ever vigilant of. It is easy for us to point our fingers and laugh, but we should not become complacent.
|Free Today: September Issue of Linux Journal (Retail value: $5.99)||Sep 27, 2016|
|nginx||Sep 27, 2016|
|Epiq Solutions' Sidekiq M.2||Sep 26, 2016|
|Nativ Disc||Sep 23, 2016|
|Android Browser Security--What You Haven't Been Told||Sep 22, 2016|
|The Many Paths to a Solution||Sep 21, 2016|
- Free Today: September Issue of Linux Journal (Retail value: $5.99)
- Android Browser Security--What You Haven't Been Told
- Readers' Choice Awards 2013
- Epiq Solutions' Sidekiq M.2
- The Many Paths to a Solution
- Downloading an Entire Web Site with wget
- Nativ Disc
- Securing the Programmer
- Returning Values from Bash Functions
Pick up any e-commerce web or mobile app today, and you’ll be holding a mashup of interconnected applications and services from a variety of different providers. For instance, when you connect to Amazon’s e-commerce app, cookies, tags and pixels that are monitored by solutions like Exact Target, BazaarVoice, Bing, Shopzilla, Liveramp and Google Tag Manager track every action you take. You’re presented with special offers and coupons based on your viewing and buying patterns. If you find something you want for your birthday, a third party manages your wish list, which you can share through multiple social- media outlets or email to a friend. When you select something to buy, you find yourself presented with similar items as kind suggestions. And when you finally check out, you’re offered the ability to pay with promo codes, gifts cards, PayPal or a variety of credit cards.Get the Guide