{"id":10084,"date":"2006-09-07T09:18:38","date_gmt":"2006-09-07T16:18:38","guid":{"rendered":"http:\/\/hill-kleerup.org\/blog\/wp\/2006\/09\/07\/patch-management-and-the-bottom-line.html"},"modified":"2006-09-07T09:18:38","modified_gmt":"2006-09-07T16:18:38","slug":"patch_managemen","status":"publish","type":"post","link":"https:\/\/hill-kleerup.org\/blog\/2006\/09\/07\/patch_managemen.html","title":{"rendered":"Patch Management and the bottom line"},"content":{"rendered":"<p>Bruce Schneier asks (rhetorically) why is it that Micro$oft can only bring itself to issue patches once a month to clean up security holes in its operating system, browser, and applications &#8230; but is <a href=\"http:\/\/www.schneier.com\/blog\/archives\/2006\/09\/microsoft_and_f.html\" target=\"_blank\">willing to scramble within days<\/a> to issue patches to its Digital Rights Management (DRM) software when someone out there finds a way to crack it?<\/p>\n<p>The obvious (rhetorical) answer:  money.  Broken OS\/browser\/applications aren&#8217;t going to (yet) seriously impact the M$ bottom line.  Causing media companies to think that their recordings aren&#8217;t safe, though, if they use the Micro$oft platform will.  Thus the scramble to patch these gaps as soon as they come up.<\/p>\n<p>It&#8217;s not that M$ is necessarily evil or wrong for this.  But it&#8217;s indicative of where their true interests are (only peripherally with their end-user community), and who they&#8217;re willing to do what for to protect those interests.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Bruce Schneier asks (rhetorically) why is it that Micro$oft can only bring itself to issue patches once a month to clean up security holes in its operating system, browser, and&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[35,20,28],"tags":[],"class_list":["post-10084","post","type-post","status-publish","format-standard","hentry","category-big-business","category-hi-tech","category-media-moguls"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":4155,"url":"https:\/\/hill-kleerup.org\/blog\/2003\/01\/28\/patch_it_just_p.html","url_meta":{"origin":10084,"position":0},"title":"Patch it!  Just patch it!  Whoo!","author":"***Dave","date":"Tue 28-Jan-03 7:04am","format":false,"excerpt":"Micro$oft is more than happy to slam lax sysadmins who don't keep their systems patched up-to-the-minute, and thus leave them vulnerable to things like the recent Slammer\/Sapphire virus. \"Just keep...","rel":"","context":"In &quot;Hi-Tech&quot;","block_context":{"text":"Hi-Tech","link":"https:\/\/hill-kleerup.org\/blog\/category\/hi-tech"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9387,"url":"https:\/\/hill-kleerup.org\/blog\/2006\/07\/18\/broken_controls.html","url_meta":{"origin":10084,"position":1},"title":"Broken controls","author":"***Dave","date":"Tue 18-Jul-06 6:43am","format":false,"excerpt":"My company is finally rolling out the critical, and increasingly inescapable Micro$oft Security Patch MS06-021.\u00a0 This cumulative patch includes lawsuit-required code to break (or at least bend) ActiveX controls.\u00a0 Rather...","rel":"","context":"In &quot;Hi-Tech&quot;","block_context":{"text":"Hi-Tech","link":"https:\/\/hill-kleerup.org\/blog\/category\/hi-tech"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7391,"url":"https:\/\/hill-kleerup.org\/blog\/2005\/03\/16\/microoft_to_bri.html","url_meta":{"origin":10084,"position":2},"title":"Micro$oft to bring Internet Explorer to the 21st Century","author":"***Dave","date":"Wed 16-Mar-05 11:32am","format":false,"excerpt":"Leaking rumor has it that IE7 (due for beta this summer, production sometime next year, or so M$ says), will not only feature New, Improved Security, but will integrate M$'s...","rel":"","context":"In &quot;Hi-Tech&quot;","block_context":{"text":"Hi-Tech","link":"https:\/\/hill-kleerup.org\/blog\/category\/hi-tech"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5801,"url":"https:\/\/hill-kleerup.org\/blog\/2004\/07\/15\/why_firefox.html","url_meta":{"origin":10084,"position":3},"title":"Why Firefox?","author":"***Dave","date":"Thu 15-Jul-04 2:05pm","format":false,"excerpt":"When faced with suggestions from everyone from CERT to Slate to stop using IE, it certainly raises (or should raise) some questions in folks' minds about whether that's good advice....","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1501,"url":"https:\/\/hill-kleerup.org\/blog\/2001\/12\/23\/why_look_more_n.html","url_meta":{"origin":10084,"position":4},"title":"Why, look, more news on crappy Micro$oft security!","author":"***Dave","date":"Sun 23-Dec-01 5:36pm","format":false,"excerpt":"Dudes, when the frickin' FBI starts ragging on you about your security, yes, you probably have problems. Remember, folks: this is the company whose security strategy consists of swearing to...","rel":"","context":"In &quot;Hi-Tech&quot;","block_context":{"text":"Hi-Tech","link":"https:\/\/hill-kleerup.org\/blog\/category\/hi-tech"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5858,"url":"https:\/\/hill-kleerup.org\/blog\/2004\/07\/09\/security_is_a_c.html","url_meta":{"origin":10084,"position":5},"title":"Security is a &#8220;competitive advantage&#8221;","author":"***Dave","date":"Fri 9-Jul-04 9:44am","format":false,"excerpt":"Micro$oft is selling security as a \"competitive advantage\" that it has over the industry. Attendees at last year's event, in New Orleans, cheered when Microsoft Chief Executive Officer (CEO) Steve...","rel":"","context":"In &quot;Hi-Tech&quot;","block_context":{"text":"Hi-Tech","link":"https:\/\/hill-kleerup.org\/blog\/category\/hi-tech"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts\/10084","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/comments?post=10084"}],"version-history":[{"count":0,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts\/10084\/revisions"}],"wp:attachment":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/media?parent=10084"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/categories?post=10084"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/tags?post=10084"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}