One of my favorite hobby horses here is security and patch management for open source and Linux.
Often the response of those who comment is, "Linux doesn't have that problem, it's naturally secure" or "just use iptables."
That's not the problem. The problem lies in communicating and closing vulnerabilities. Microsoft, and Windows-based anti-virals, do this because they have to.
Open source should, too. We may not have to as often, but seldom isn't never.
But hey, I'm just a journalist. I'm not a techie (not really). So it was gratifying when Mike Mullins of TechRepublic echoed the call today.
One of the most persistent problems with software is patch management — and the larger the enterprise, the larger the problem.
Microsoft has taken steps to address this issue with Automatic Updates service. In my opinion, the software company has done a good job of notifying users of available patches and updates.
On the other hand, the open source community continues to struggle with developing an integrated patch management solution. Most administrators have little time to check for patches or read vulnerability notices — if they've even signed up to receive them. That's why it's essential to know exactly what you've deployed on your systems and to check regularly for updates for that software.
Exactly. What we need is for someone, or several someones, with solid development budgets to create an open source patch management project, and a clearinghouse for security alerts.
The Internet you save may be your own.