At 10:04 PM 12/29/01 -0700, Ryan Russell wrote: >I'm starting to think more and >more that a 3-month expiration date on Windows is a good idea. If you >haven't patched in 3 months, then your machine will refuse to do anything >but download patches... After watching all the NIMDA hit's we're still seeing, this idea has some appeal but I also seem to recall a great hue and cry from the digerati when DCMA and UCITA were interpreted to include a "remote kill" function a software publisher could trigger that sounds a lot like this. Think back to July and September, would we *really* want anyone to have the ability turn off IIS all over the world in response to Code Red or NIMDA? I might even suggest Windows has an expiration of sorts, who hasn't re-installed the OS on 9x just to improve preformance on a box that's been in use over a year? Have we (those of us complaining about it) been urging MS to tweak Windows' performance and reliability in the wrong direction? -- Dave Kennedy CISSP Director of Research Services TruSecure Corp. http://www.trusecure.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Jan 03 2002 - 08:28:07 PST