... why I should invest some $$$ in the shitcoin "du jour"?
I have always said that computer security is a huge mess. As the crypto-currencies gain value, they provide more and more incentives to bad guys to hack your computer to get at your wallet.
Cloud companies so security on a massive scale and all the big guys like Amazon, Microsoft and Google have a track record of keeping their systems up to date and secure. It's no wonder, because they can afford the best security staff and security is a core part of their business.
Well... In that particular case, Amazon, Microsoft and Google are "more" secure because Intel gave them advance warnings and probably some detailed patch and vulnerability information. And Linux got patched really quickly because Google and Amazon have invested massively in that operating system.
The smallest projects, like OpenBSD, were left in the cold to fend off for themselves. Theo and other developpers asked Intel if they could be a part of the embargo. They never received a response.
... Except, of course, that if you are "root" on *any* box, systemd or not, you will be able to delete any logs you'd like, binary of plain text (journald anyone?).
So what was your point again? Ah, yes, displaying your total ignorance. Mission Accomplished!
The best answer I have ever had to this question was:
"If you want to keep something secret, never EVER put it on a computer, ESPECIALLY a computer connected to a network (any kind of network). If you want to keep something secret, put it in writing on a piece of paper, and keep the paper inside a safe".
The older I get, the more I realize the wisdom of these words. Let's face it, a "generalist" operating system will always be exposed and vulnerable to something or other. This being said, there are "secure" operating systems but most of these are either experimental/academic or extremely expensive.
This is the appeal of OpenBSD: these guys offer, by default, a reasonably secure operating system, with many protections and hardenings built-in. And these are real-life hardenings vs real-life exploits and attacks. All the things that OpenBSD does, Linux can do as well, but none of the protections offered by OpenBSD in a standard installation are activated by default on most Linux distributions.
Install OpenBSD, get a hardened, reasonably secure system. Install Linux, get something that requires hours of work to secure. Is OpenBSD perfect? No. Is it more secure "out of the box" than Linux? Yes.
Unfortunately, it's difficult to uncouple the init system from the rest. And, e.g., I dislike logs that aren't text based (or have they finally fixed the bugs in that piece...last I heard it was "won't fix").
It's not that "difficult" to remove systemd: a lot of Linux distributions do that, like Slackware, Devuan, and Gentoo, just to name the biggest three.
And, yes, binary logs suck, and systemd developpers are a bunch of whiny little bitches, with no understanding or appreciation for UNIX philosophy and history (hence, the appeal of the BSDs, where things are closer to what they used to be).
At this stage, honestly, I'd like to have solid numbers on, say, the number of times Debian has been downloaded vs Devuan, for instance, but I suspect the vast majority of today's sysadmins blindly go with whatever Red Hat/CentOS decides, because, hey, it's Red Hat, and no one has ever been fired for buying that crap. Hence the appeal, for a minority, of the BSDs.
That means there won't have to be a person sitting in the driver's seat, waiting to take over, and that the car's computer system will complete all parts of the driving task -- though for now, only in some of the company's cars in Phoenix, Ariz.
Now: Phoenix, Arizona. Probably one of the driest spots in the USA, and one with nice, straight roads. Hmmm... Is it possible that the Waymo / Alphabet / Googleplex cars are not that good at self-driving?
I mean this seriously: the more I think about it, and the harder it is for me to take the idea of a self-driving car seriously in anything that is not in the southwestern United States.
A self driving car in some parts of Europe would simply be very, very difficult: anyone who has navigated the beautiful little streets of, say, Granada in Spain knows what I am talking about (hint: very narrow). Anyone who has driven in Norway, or any other country in Scandinavia, knows that the weather can be grueling there (Alaska or North Dakota, some parts of Illinois or Wisconsin also come to mind).
All of this to say, a decade into this slef-driving car project, has Waymo been blowing smoke all along? Is the self-driving car vaporware? Discuss.
Computer systems, both hardware and software, have simply become too complicated for the average PHB and for the average company.
The vast majority of the managers have no idea, NONE, how these systems work, how they are put together, and how they should be maintained and updated. They simply select software based on the latest buzzword, the latest Gartner "quadrant" (whatever that is) or the latest fad and/or "safe" choice (Remember: "Nobody ever got fired for buying IBM"? Or Microsoft, or Oracle, or Red Hat Linux, or...).
What is even worse is that everyone right now is under pressure to deliver, deliver, deliver: services, software, profits, what have you. Simple common sense, such as using simple, proven techonologies, updating (or even replacing) things on a regular basis, and testing for the most common security and configuration mistakes, not to mention advanced standards (PCI-DSS anyone?) is simply forgotten and/or swept under the carpet. There, the issues accumulate and fester, until the rot and stench become unbearable and attract the script kiddies and the bottom-feeders of the Internet.
Add to this technical and engineering teams that are under-staffed, underpaid, overworked, often demoralized and threatened constantly with being axed and replaced by H1B or outsourced to a third-world country, and you have a recipe for disaster. Hence the Equifax we will now have on a regular basis and the Internet of Shit, the half-baked PHP pages, coded by the moronic intern, that are simply begging to be hacked, drawn and quartered. Hence the constant scapegoating of the technical team -- both "dev" and "ops" -- that results in those perfectly avoidable disasters.
To the average PHB and countless ''bro'' startup CEOs, the people who know their stuff are simply nerds, both too expensive and too whiny, useful idiots to be ignored, discarded and replaced at will in their quest for more profit, "eyeballs", "clicks", and even more profits. And these same PHBs and CEOs parade and strut in front of their peers, talking nonsense about things they do not understand, piling buzzwords on top of buzzwords while their nerds and geeks desperately try to warn them about this or that issue or vulnerability.
It's time for a new revenge of the nerds. It's time for companies and their leaders to be held accountable for their failings -- except they will probably find easier to scapegoat the nerds.
The issue is not open-source software. The issue is not closed-source software, or even computers. The issue is that nobody cares about a job well done anymore, because profits. Try to wake up the idiots that rule companies and you will either be ignored or dismissed. Propaganda (just another word for PR) and appearances are more important than caring for your customers or your employees. Save a buck, damn the torpedoes and full speed ahead. What do you mean we have to patch this? Shut up!
This is not new or even special (Exhibit #1: the Ford Pinto). This is just a bit more visible these days. We are back in the Gilded Age of the Robber Barons.
And by the way, if you are reading this, you are probably not one of the Robber Barons. You are one of the nerds. Welcome.
Welp I know this will get modded down, but hell why not play devil's advocate here? Vendor support. You have actual companies that will stand behind and certify software and hardware for Linux.
Hilarious. Try getting actual, useful support from Red Hat and SuSE, to name just two of the biggest... Go on, I'll be waiting right here.
The level of incompetence in these companies is simply astounding. Sure, there are some very good guys in there, but not in front-line support, that's for sure.
And, just so you know: hardware certification these days is usually Linux + FreeBSD, and it's done by the hardware vendor, not the software "supplier".
systemd homogenizes Linux. A single known Linux versus a half dozen BSDs where commercial support is iffy at best [...]
Yes, systemd homogenizes Linux... Down to the level of utter, absolutely unstable crap like Windows.
And there is not "a half dozen BSDs" - there is only three: FreeBSD, NetBSD, OpenBSD.
Compared to the situation of Linux, with not "half a dozen BSD", but litterally HUNDREDS of distributions, I am not sure you are being serious...
Most of them will get ten seconds to have 100 servers up and running, ready for whatever software the PHB has selected. With BSD you'll be lucky to get past configuring disks in that ten seconds. With Linux you'll have an army of AWS boxes at your command ready to go before your first cup of coffee is poured.
Ah yes, AWS, that marvelous field of shitty softare and even shittier infrastructure. Just FYI, it's called an "AMI", a system image in other words, and there are AMI for all of the BSDs. And the same is true for Azure and many other cloud offerings out there. You simply don't know what you are talking about, right? Either that, or you should stop blindly clicking on the Ubuntu AMI every time you create a VM in EC2.
Now don't get me wrong, I'm not sitting here dissing the BSD folks, but there's a serious need for folks to look past systemd as the sole reason everyone and their dog is leaving Linux.
Actually, no, systemd IS the reason serious system administrators and quite a few devops are leaving Linux behind. The crap you have to deal with gets simply unbearable after a while.
I could go on refuting your ridiculous arguments again and again, but frankly, I have better things to do with my time. You are a very poor devil's advocate and an even worse technologist/system admin/unix admin I am afraid. Your level of ignorance is frankly stunning.
In the not-too-distant past the dominant voice on this site took a hard right turn. During the administration of Obama we saw a constant barrage of anti-Obama and anti-Clinton news bits on the front page, while simultaneously seeing articles that championed various right wing causes.
Yes, it's called "astro-turfing". It's been all over the news these days.
Unless there is absolutely no way to trigger AML remotely, I'm not sure I'd trust this system either.
I'll grant you that. It could be tricky to put together well.
On the other hand, if you are that concerned with your privacy, do a Richard Stallman, and refuse to have a cell phone at all: he has said several times he considered them are nothing more than advanced tools for the intelligence community. Plus, of course, closed-source software, etc.
To be honest, I recently bought a very specific smartphone precisely for that reason: it was one of the rare model that still offered a removable battery, so who am I to criticize?
Yeah cause we can trust that this advanced location tracking feature won't be abused by governments to spy on its citizens. Its not like apple had to stand up against the intelligence industrial complex of multiple nations... yadda yadda yadda...
Yeah, and if you are in China how is that "standing up to Governments and protecting free speech" thing working out for you? Hmmm?
And, again, you have not read a single line of the article: AML mandates activating GPS and wifi when, and ONLY when, you call the equivalent of 9-1-1.
Implementing AML in a safe and privacy-protecting way is, as far as I am concerned, a trivial exercice for Apple engineers.
Come on, I am all for protecting free speech and privacy, but Apple not adopting AML is simply ridiculous.
Specifically, European regulation. Any smartphone sold in Europe should integrate AML, or be banned outright. Period. No exceptions. You have 6 months to comply and communicate with the European regulators a detailed timetable for your compliance.
72 hours after that regulation is passed by the European Parliament, I bet you Apple will come out with an announcement supporting AML and a couple of months later, with the latest iOS updates, all iPhones would be AML-Compliant.
Sure, a lot of imbeciles will scream bloody murder, Big Brother and governmental interference with the free market, but seriously, this is what works with these companies. Apple makes tons of money in the EU, and it won't take the risk to lose that market.
First of all, let me state that most of my machines are Linux, or BSD. I find the whole panic over WCry absolutely hilarious.
Something like OpenBSD, but less stringent:
First-tier is average OS support - six months support tops, after that, you need to upgrade. You have version 4.3 while the latest version is 7? Tough luck.
Second-tier is emergency OS support: 12 to 18 months support tops. On a specific version (meaning fubar 6.0 but not fubar 6.1 for instance ), only back-port of the most critical patches to base system.
Every 5 years, for embedded and ultra-secure needs, you get an ULTS (Ultra-Long Term Support) version, which is going to be supported - provided you sign an annual support contract with mucho dinero - as long as necessary, including backporting patches from the newest version of the OS, but only for the base system. Anything extra you add to that base system is your responsibility.
The issue here really is pretty much the same as an "Internet of Things" issue: please, dear MegaCorps, use a nice, updated AND SECURE DEFAULT CONFIGURATION for your freaking products - no, Windows XP is not nice, updated and secure out of the box, and neither is Linux if you open 200 ports and services with "admin" and "secure" as login and password, respectively.
On a more general note, if you use Windows within your product, I don't care what that product is, you are asking for trouble.
- Tape: inexpensive and slow, require frequent testing (backup we do, it's restoration the problem!), usually unreadable after 6 to 12 months or less (that's in production people).
- WORM: more expensive than tape and just as slow, work well in the medium term (meaning 10 years top).
- XFS NAS: faster than the above, require good hardware and a bit more work than either tape or worm. Don't forget to setup replication to multiple systems. May suffer from bitrot in the long term (checksumming/hashing files might be a good idea). Very stable, large capacity file system. Tape backup is always a good idea.
- ZFS NAS: slightly slower than XFS (at least, that's my experience, YMMV). Ultra-large capacity. Snapshotting is just a breeze. Again, replication to multiple, distant systems is mandatory. Very stable file system. Tape backup is always a good idea.
- DNA, 3D crystal lattice, holographic memory: what we are all going to use in the future. Still in beta testing, though.
Slashdot Mirror
I have used OpenBSD on the desktop since 2005.
It was a great OS for my laptop at the time, and it still is. I used OpenBSD exclusively on it, and managed to get everything done without any issue.
My current laptop is a MacBook Air, but the next one will run OpenBSD again.
... why I should invest some $$$ in the shitcoin "du jour"?
I have always said that computer security is a huge mess. As the crypto-currencies gain value, they provide more and more incentives to bad guys to hack your computer to get at your wallet.
Cloud companies so security on a massive scale and all the big guys like Amazon, Microsoft and Google have a track record of keeping their systems up to date and secure. It's no wonder, because they can afford the best security staff and security is a core part of their business.
Well... In that particular case, Amazon, Microsoft and Google are "more" secure because Intel gave them advance warnings and probably some detailed patch and vulnerability information. And Linux got patched really quickly because Google and Amazon have invested massively in that operating system.
The smallest projects, like OpenBSD, were left in the cold to fend off for themselves. Theo and other developpers asked Intel if they could be a part of the embargo. They never received a response.
... Except, of course, that if you are "root" on *any* box, systemd or not, you will be able to delete any logs you'd like, binary of plain text (journald anyone?).
So what was your point again? Ah, yes, displaying your total ignorance. Mission Accomplished!
The best answer I have ever had to this question was:
"If you want to keep something secret, never EVER put it on a computer, ESPECIALLY a computer connected to a network (any kind of network). If you want to keep something secret, put it in writing on a piece of paper, and keep the paper inside a safe".
The older I get, the more I realize the wisdom of these words. Let's face it, a "generalist" operating system will always be exposed and vulnerable to something or other. This being said, there are "secure" operating systems but most of these are either experimental/academic or extremely expensive.
This is the appeal of OpenBSD: these guys offer, by default, a reasonably secure operating system, with many protections and hardenings built-in. And these are real-life hardenings vs real-life exploits and attacks. All the things that OpenBSD does, Linux can do as well, but none of the protections offered by OpenBSD in a standard installation are activated by default on most Linux distributions.
Install OpenBSD, get a hardened, reasonably secure system. Install Linux, get something that requires hours of work to secure. Is OpenBSD perfect? No. Is it more secure "out of the box" than Linux? Yes.
Unfortunately, it's difficult to uncouple the init system from the rest. And, e.g., I dislike logs that aren't text based (or have they finally fixed the bugs in that piece...last I heard it was "won't fix").
It's not that "difficult" to remove systemd: a lot of Linux distributions do that, like Slackware, Devuan, and Gentoo, just to name the biggest three.
And, yes, binary logs suck, and systemd developpers are a bunch of whiny little bitches, with no understanding or appreciation for UNIX philosophy and history (hence, the appeal of the BSDs, where things are closer to what they used to be).
At this stage, honestly, I'd like to have solid numbers on, say, the number of times Debian has been downloaded vs Devuan, for instance, but I suspect the vast majority of today's sysadmins blindly go with whatever Red Hat/CentOS decides, because, hey, it's Red Hat, and no one has ever been fired for buying that crap. Hence the appeal, for a minority, of the BSDs.
Don't forget NetBSD, which is also a very good BSD.
If you are still using Microsoft Windows... I feel sorry for you.
Sorry, just had to post that.
Quoting from the article:
That means there won't have to be a person sitting in the driver's seat, waiting to take over, and that the car's computer system will complete all parts of the driving task -- though for now, only in some of the company's cars in Phoenix, Ariz.
Now: Phoenix, Arizona. Probably one of the driest spots in the USA, and one with nice, straight roads. Hmmm... Is it possible that the Waymo / Alphabet / Googleplex cars are not that good at self-driving?
I mean this seriously: the more I think about it, and the harder it is for me to take the idea of a self-driving car seriously in anything that is not in the southwestern United States.
A self driving car in some parts of Europe would simply be very, very difficult: anyone who has navigated the beautiful little streets of, say, Granada in Spain knows what I am talking about (hint: very narrow). Anyone who has driven in Norway, or any other country in Scandinavia, knows that the weather can be grueling there (Alaska or North Dakota, some parts of Illinois or Wisconsin also come to mind).
All of this to say, a decade into this slef-driving car project, has Waymo been blowing smoke all along? Is the self-driving car vaporware? Discuss.
Computer systems, both hardware and software, have simply become too complicated for the average PHB and for the average company.
The vast majority of the managers have no idea, NONE, how these systems work, how they are put together, and how they should be maintained and updated. They simply select software based on the latest buzzword, the latest Gartner "quadrant" (whatever that is) or the latest fad and/or "safe" choice (Remember: "Nobody ever got fired for buying IBM"? Or Microsoft, or Oracle, or Red Hat Linux, or...).
What is even worse is that everyone right now is under pressure to deliver, deliver, deliver: services, software, profits, what have you. Simple common sense, such as using simple, proven techonologies, updating (or even replacing) things on a regular basis, and testing for the most common security and configuration mistakes, not to mention advanced standards (PCI-DSS anyone?) is simply forgotten and/or swept under the carpet. There, the issues accumulate and fester, until the rot and stench become unbearable and attract the script kiddies and the bottom-feeders of the Internet.
Add to this technical and engineering teams that are under-staffed, underpaid, overworked, often demoralized and threatened constantly with being axed and replaced by H1B or outsourced to a third-world country, and you have a recipe for disaster. Hence the Equifax we will now have on a regular basis and the Internet of Shit, the half-baked PHP pages, coded by the moronic intern, that are simply begging to be hacked, drawn and quartered. Hence the constant scapegoating of the technical team -- both "dev" and "ops" -- that results in those perfectly avoidable disasters.
To the average PHB and countless ''bro'' startup CEOs, the people who know their stuff are simply nerds, both too expensive and too whiny, useful idiots to be ignored, discarded and replaced at will in their quest for more profit, "eyeballs", "clicks", and even more profits. And these same PHBs and CEOs parade and strut in front of their peers, talking nonsense about things they do not understand, piling buzzwords on top of buzzwords while their nerds and geeks desperately try to warn them about this or that issue or vulnerability.
It's time for a new revenge of the nerds. It's time for companies and their leaders to be held accountable for their failings -- except they will probably find easier to scapegoat the nerds.
The issue is not open-source software. The issue is not closed-source software, or even computers. The issue is that nobody cares about a job well done anymore, because profits. Try to wake up the idiots that rule companies and you will either be ignored or dismissed. Propaganda (just another word for PR) and appearances are more important than caring for your customers or your employees. Save a buck, damn the torpedoes and full speed ahead. What do you mean we have to patch this? Shut up!
This is not new or even special (Exhibit #1: the Ford Pinto). This is just a bit more visible these days. We are back in the Gilded Age of the Robber Barons.
And by the way, if you are reading this, you are probably not one of the Robber Barons. You are one of the nerds. Welcome.
Stop being on Facebook.
Except Facebook will remember you even if you delete your account.
Except Facebook will remember you even if you have separate accounts.
Except Facebook will find out who you are if you have friends and family on Facebook. Especially if they mention you by name in a Facebook post.
Except Facebook is probably tracking you right now because of all those little "like" buttons you can see everywhere.
Except Facebook... Oh, fsck it, I give up.
Frankly, who needs the NSA when you have Facebook? Oh, wait, they are probably working together right now.
Wasn't there a story about that creep Zuckerberg wanting to become President of the United States of Facebook?
Oh boy, so many things wrong here...
Welp I know this will get modded down, but hell why not play devil's advocate here? Vendor support. You have actual companies that will stand behind and certify software and hardware for Linux.
Hilarious. Try getting actual, useful support from Red Hat and SuSE, to name just two of the biggest... Go on, I'll be waiting right here.
The level of incompetence in these companies is simply astounding. Sure, there are some very good guys in there, but not in front-line support, that's for sure.
And, just so you know: hardware certification these days is usually Linux + FreeBSD, and it's done by the hardware vendor, not the software "supplier".
systemd homogenizes Linux. A single known Linux versus a half dozen BSDs where commercial support is iffy at best [...]
Yes, systemd homogenizes Linux... Down to the level of utter, absolutely unstable crap like Windows.
And there is not "a half dozen BSDs" - there is only three: FreeBSD, NetBSD, OpenBSD.
Compared to the situation of Linux, with not "half a dozen BSD", but litterally HUNDREDS of distributions, I am not sure you are being serious...
Most of them will get ten seconds to have 100 servers up and running, ready for whatever software the PHB has selected. With BSD you'll be lucky to get past configuring disks in that ten seconds. With Linux you'll have an army of AWS boxes at your command ready to go before your first cup of coffee is poured.
Ah yes, AWS, that marvelous field of shitty softare and even shittier infrastructure. Just FYI, it's called an "AMI", a system image in other words, and there are AMI for all of the BSDs. And the same is true for Azure and many other cloud offerings out there. You simply don't know what you are talking about, right? Either that, or you should stop blindly clicking on the Ubuntu AMI every time you create a VM in EC2.
Now don't get me wrong, I'm not sitting here dissing the BSD folks, but there's a serious need for folks to look past systemd as the sole reason everyone and their dog is leaving Linux.
Actually, no, systemd IS the reason serious system administrators and quite a few devops are leaving Linux behind. The crap you have to deal with gets simply unbearable after a while.
I could go on refuting your ridiculous arguments again and again, but frankly, I have better things to do with my time. You are a very poor devil's advocate and an even worse technologist/system admin/unix admin I am afraid. Your level of ignorance is frankly stunning.
I believe that iXsystems owns FreeBSD and TrueOS, and pays the people who work on it. Apple too employs a few
iXsystems does not *own* FreeBSD - it hired some (former) FreeBSD people.
FreeBSD itself is -- as far as I know -- "managed" by the FreeBSD Foundation, and, in turn, that Foundation is managed by the FreeBSD developers.
In the not-too-distant past the dominant voice on this site took a hard right turn. During the administration of Obama we saw a constant barrage of anti-Obama and anti-Clinton news bits on the front page, while simultaneously seeing articles that championed various right wing causes.
Yes, it's called "astro-turfing". It's been all over the news these days.
Unless there is absolutely no way to trigger AML remotely, I'm not sure I'd trust this system either.
I'll grant you that. It could be tricky to put together well.
On the other hand, if you are that concerned with your privacy, do a Richard Stallman, and refuse to have a cell phone at all: he has said several times he considered them are nothing more than advanced tools for the intelligence community. Plus, of course, closed-source software, etc.
To be honest, I recently bought a very specific smartphone precisely for that reason: it was one of the rare model that still offered a removable battery, so who am I to criticize?
Yeah cause we can trust that this advanced location tracking feature won't be abused by governments to spy on its citizens. Its not like apple had to stand up against the intelligence industrial complex of multiple nations... yadda yadda yadda...
Yeah, and if you are in China how is that "standing up to Governments and protecting free speech" thing working out for you? Hmmm?
And, again, you have not read a single line of the article: AML mandates activating GPS and wifi when, and ONLY when, you call the equivalent of 9-1-1.
Implementing AML in a safe and privacy-protecting way is, as far as I am concerned, a trivial exercice for Apple engineers.
Come on, I am all for protecting free speech and privacy, but Apple not adopting AML is simply ridiculous.
I seem to recall the EU mandated that all phones had to use microUSB for their charging ports. Last I checked, iPhones still do not.
Agreed, but there is a difference between a charging port and saving lives.
In that respect, (safety) regulation probably is more important than regulation.
Have you even read the article?
It specifically states that AML only turns on location (automatically) WHEN you dial 9-1-1.
Oh, wait, this is Slashdot, so your libetarian little ego could not stand the magic word at the top of my rant, right?
Sorry about that, my bad.
It's called re-gu-la-ti-on...
Specifically, European regulation. Any smartphone sold in Europe should integrate AML, or be banned outright. Period. No exceptions. You have 6 months to comply and communicate with the European regulators a detailed timetable for your compliance.
72 hours after that regulation is passed by the European Parliament, I bet you Apple will come out with an announcement supporting AML and a couple of months later, with the latest iOS updates, all iPhones would be AML-Compliant.
Sure, a lot of imbeciles will scream bloody murder, Big Brother and governmental interference with the free market, but seriously, this is what works with these companies. Apple makes tons of money in the EU, and it won't take the risk to lose that market.
Also, it's pretty rich from Apple to refuse AML, when it deleted all VPN apps from its Chinese store. Fsck that company. Support AML or eat dung.
- "Uh? There has been another issue with systemd? Really?"
- "Yeah, but anyway, never mind, we have better things to do."
- "Okay."
Slackware: no systemd, sane defaults, no weirdo patches.
Yeah, it works.
First of all, let me state that most of my machines are Linux, or BSD. I find the whole panic over WCry absolutely hilarious.
Something like OpenBSD, but less stringent:
First-tier is average OS support - six months support tops, after that, you need to upgrade. You have version 4.3 while the latest version is 7? Tough luck.
Second-tier is emergency OS support: 12 to 18 months support tops. On a specific version (meaning fubar 6.0 but not fubar 6.1 for instance ), only back-port of the most critical patches to base system.
Every 5 years, for embedded and ultra-secure needs, you get an ULTS (Ultra-Long Term Support) version, which is going to be supported - provided you sign an annual support contract with mucho dinero - as long as necessary, including backporting patches from the newest version of the OS, but only for the base system. Anything extra you add to that base system is your responsibility.
The issue here really is pretty much the same as an "Internet of Things" issue: please, dear MegaCorps, use a nice, updated AND SECURE DEFAULT CONFIGURATION for your freaking products - no, Windows XP is not nice, updated and secure out of the box, and neither is Linux if you open 200 ports and services with "admin" and "secure" as login and password, respectively.
On a more general note, if you use Windows within your product, I don't care what that product is, you are asking for trouble.
And that is all I have to say.
This sucks, but I'll have to search a decent open-source app for to do lists.
In the meantime, I'll probably use Keep, by the other Great Satan.
Oh, and F* you Microsoft.
Pick your poison:
- Tape: inexpensive and slow, require frequent testing (backup we do, it's restoration the problem!), usually unreadable after 6 to 12 months or less (that's in production people).
- WORM: more expensive than tape and just as slow, work well in the medium term (meaning 10 years top).
- XFS NAS: faster than the above, require good hardware and a bit more work than either tape or worm. Don't forget to setup replication to multiple systems. May suffer from bitrot in the long term (checksumming/hashing files might be a good idea). Very stable, large capacity file system. Tape backup is always a good idea.
- ZFS NAS: slightly slower than XFS (at least, that's my experience, YMMV). Ultra-large capacity. Snapshotting is just a breeze. Again, replication to multiple, distant systems is mandatory. Very stable file system. Tape backup is always a good idea.
- DNA, 3D crystal lattice, holographic memory: what we are all going to use in the future. Still in beta testing, though.
- DVD: don't make me laugh.
zfs
ZFS is a pretty good solution. Multiple NAS ZFS systems with snapshots and replication are even better.
I personally like XFS in production (including LVM), but ZFS is hard to beat if bitrot is your #1 concern.