Installing packages or updating is not a profession
Posted Sep 14, 2009 21:08 UTC (Mon) by man_ls
In reply to: Installing packages or updating is not a profession
Parent article: Attacks against WordPress installations
But that's not a problem -- it's a known trade-off, and GNU/Linux distributors have chosen one path. Nobody forces you to use a distributor -- in fact you might just compile everything statically and upgrade each bit independently. But nobody has chosen that path, because of the enormous waste and bloat. And also because, as the number of copies of a library grows, the probability that all of them are upgraded when a security hole is found approaches zero. Especially given that most of those programs cannot be upgraded automatically, and if users had to pay attention to all those upgrades they would do little else in their lives. The result? Tons of malware.
The Windows solution does not work IMHO. World domination yes, but at what price?
to post comments)