Will H. Backman wrote:
>>-----Original Message-----
>>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
>>
>>
>Of
>
>
>>Theo de Raadt
>>Sent: Tuesday, September 06, 2005 11:43 AM
>>To: Stephan A. Rickauer
>>Cc: misc@openbsd.org
>>Subject: Re: Lifecycle question
>>
>>
>>
>>>The reason why I bother this list is that I am impressed of OpenBSD
>>>
>>>
>from
>
>
>>>the technical point of view. I like its consistency and purity. But
>>>
>>>
>in
>
>
>>>business environments or comparable organizations where money is an
>>>issue, one needs to think about system management very carefully,
>>>
>>>
>since
>
>
>>>it has a direct impact on money as well. That's why I can't
>>>
>>>
>understand
>
>
>>>people can really live with the 6 months lifecycle.
>>>
>>>
>>I don't understand this whole conversation.
>>
>>Instead, what those vendors give people is a 5 year patch-every-month
>>cycle.
>>
>>That is completely unsustainable. The pieces we build upon are
>>advancing too fast.
>>
>>I don't buy into that method of operating system componentizatio at
>>all, that you can just keep patching and patching. It was not true 15
>>years ago, 10 years ago, 5 years ago, and I see no proof that it will
>>be true ever in the future.
>>
>>
>
>"Familiarity breeds content"
>
>I'm scared to death just patching OpenBSD, but I just did another
>successful one recently and my stress levels go down every time. While
>I have been personally using OpenBSD for years, it was only with version
>3.6 that I started using it in production. I'm sure that over time,
>I'll be less scared.
>
>I'm nervous when I update Linux, Windows, Novell, OSX, or OpenBSD. I
>think what scares me about OpenBSD is that _I_ will make a mistake due
>to the additional manual steps. Most other systems automate more, and I
>can falsely assume that people smarter than me have worked through the
>issues.
>
>It is hard to get a feel for the true level of risk without statistics.
>People can give anecdotal evidence about how a Windows security update
>blew out their accounting server and required a rebuild. You can get
>those stories for any OS.
>
>
Yeah. But the thing about other OS's doing that is that they have
significant data loss, complete dead systems and software that cannot
run on that machine until it gets updated. This is not very likely with
OpenBSD as the whole system is patched and built as a whole. That's one
of the great things about OpenBSD as opposed to some *other* OS's...
it's not simply a kernel, or userland, or windows.... it's the complete
package all in one.
Brandon
