Should Open Source Software Expire?

Daffy writes "Jon Lasser at SecurityFocus has an idea for combating the tendancy most sysadmins have to leave old versions of software running long after they're known to have security holes. He proposes implanting time codes into all open source networking and security software that cause it to "expire" like a Blade Runner replicant when it reaches a certain age, forcing an update."

Alternative: SecurityFocus Pager for example?

[rtos]

Yeah, nothing like having your systems go down over a weekend because you didn't upgrade fast enough. Pfft!

Why not try something a little more reasonable, such as SecurityFocus Pager 3.0? And I blockquote:

"The SecurityFocus Pager is a dynamic application designed to help system administrators track content of interest to them on the SecurityFocus.com web site. It affords the system administrator the ability to select categories of interest and tracks them automatically, notifying the administrator when new content arrives. The Security Focus Pager displays short descriptive summaries allowing the administrator to stay updated on relevant issues in the security world, including vulnerabilities, news articles, software releases, and other important information."

Of course, there are other tools available that do the same thing (or something similar). The point is tools like this allow admins to stay up on security issues, but let them upgrade immediately or as soon as practicable.

Or you can just do an apt-get update; apt-get upgrade; once in a while like I do. ;)