Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Caveat Emptor - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Caveat Emptor

Jon dropped us a note pointing to an interesting article by Gene Spafford on the dangers of automatic updating of systems.

www.cerias.purdue.edu/site/blog/post/customer_disservice/

While not specifically written about a firewall, or other information security component it is a sobering view of what happens when QA for patches isn't done properly.

Chris

140 Posts
Sounds much like the Windows XP SP3 that automatically updated numerous systems including those with AMD processors that failed to restart afterwards. Many other vendors have had similar issues. But at least that could be recovered by the user, unlike this situation. I understand that vendors can't test for everything, but for embedded systems such as the article described one ends up with a brick rather than a functioning device as a result of a fully preventable situation neglected by the vendor. Simply unacceptable in the situation described by the article.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!