Curtis D. Levin said:
Not to me it isn't. Their machines were attacking others. That, is
a security problem, by every definition of the word.
Which could of been prevented if they weren't asleep at their posts.
If someone else other than them is expected to do something
about it, then what's the point? They manned up and said that
they didn't apply the patches. That's their fault.
Patches or not, they neglected their duty as sysadmins.
MS makes it easy. Microsoft update. Every day. Not so stupid now.
Which can force you to reboot if you're running as a non admin user on
Vista.
Linux is good. Don't get me wrong. But it is fallible too.
I've bene using various distros and versions of Linux, for both
home/personal usage and as an admin of live servers, and I really haven't
found much fallible about it. The core is rock solid. What's fallible is
running out dated software with known security holes. A good sysadmin would
stay on top of that, and at the very least watch the logs, keep an eye on
who is and has bene connecting and such.
Anyone who reads cert.org can tell you that. Luckily, most
people who know how to do bad things don't do them to
linux as frequently as they do them to us. Doesn't mean it
can't be done. It can.
It can, but it's not so much Linux but either bad software or improperly
configured software. Again, that is a sizable difference when you compare to
all the security flaws at Window's core, which includes IE (ever since they
integrated it into Explorer back in Win 98.) Just look at how many exploits
are found at the _core_ and sometimes patches are then released to try to
fix them and sometimes new one arises. Problems at the core problems are
generally not an issue in Linux, but rather the different softwares that run
with in.
Bottom line, security patches help, doing your job as a system's
administrator is even better. There just sin't any substitute for that imho.