These worms (including Nimda and Code Red) always have targeted holes that have been known and fixed for months, but the masses who never keep up with security updates are still cracked. These many people who never keep up with security updates will always exist due to ignorance.
I can't count the number of times I tried to convince someone to apply updates, but they always say "My system isn't important, nobody will want to crack it."
But of course, that type of system is a prime candidate for cracking, because often the owner wont even notice that they have been compromised and they can usually be used to launch more attacks for a long period of time.
All of Microsoft's recent products now do automatic updating by default. Yes, automatic updates annoys power users and Administrators due to the risks and loss of control, but unfortunately this is exactly what the ignorant masses want, it is taken care for them so they don't care. (Effort is a rare thing to most end-users.)
On the flip side, none of the Linux distributions do automatic updating by default, nor do they saliently annoy the Administrator with pop-ups saying "You need to update!"
It is good that Mandake 8.2 and higher give you the option to download updates in the installer, but after you have booted you aren't ever told "Updates are available" or "Please update."
I ask this question, would Automatic Updating be a good thing as an install option of popular end-user distributions? Say the installer had a screen saying "Automatic Updating is on by default. Uncheck this box to disable it." This will of course annoy knowledgable users, but unchecking a box isn't hard! Simpy uncheck and enjoy the control that you expect. You haven't lost anything!
This idea is mainly to protect the uneducated end-users who probably will never apply updates. These people don't care about control, and they wouldn't be installing conflicting custom operating system components that may potentially screw up automatic updates.
I just worry about a future where Microsoft end-user machines are always fully patched, while many Linux end-user machines are not due to ignorance. That will NOT be good PR if more of these Linux worms occur while they no longer occur to Microsoft.
Slashdot Mirror
This mirror list should be more useful than the official Red Hat mirror list.
http://redhat.dsi.internet2.edu/8.0
And don't forget about Internet2 if you are at an I2 connected institution.
I can't count the number of times I tried to convince someone to apply updates, but they always say "My system isn't important, nobody will want to crack it."
But of course, that type of system is a prime candidate for cracking, because often the owner wont even notice that they have been compromised and they can usually be used to launch more attacks for a long period of time.
All of Microsoft's recent products now do automatic updating by default. Yes, automatic updates annoys power users and Administrators due to the risks and loss of control, but unfortunately this is exactly what the ignorant masses want, it is taken care for them so they don't care. (Effort is a rare thing to most end-users.)
On the flip side, none of the Linux distributions do automatic updating by default, nor do they saliently annoy the Administrator with pop-ups saying "You need to update!"
It is good that Mandake 8.2 and higher give you the option to download updates in the installer, but after you have booted you aren't ever told "Updates are available" or "Please update."
I ask this question, would Automatic Updating be a good thing as an install option of popular end-user distributions? Say the installer had a screen saying "Automatic Updating is on by default. Uncheck this box to disable it." This will of course annoy knowledgable users, but unchecking a box isn't hard! Simpy uncheck and enjoy the control that you expect. You haven't lost anything!
This idea is mainly to protect the uneducated end-users who probably will never apply updates. These people don't care about control, and they wouldn't be installing conflicting custom operating system components that may potentially screw up automatic updates.
I just worry about a future where Microsoft end-user machines are always fully patched, while many Linux end-user machines are not due to ignorance. That will NOT be good PR if more of these Linux worms occur while they no longer occur to Microsoft.