On May 15, 2017, at 4:31 PM, Jonathan Roach <jonathan.ro...@oracle.com> wrote:
> What's key is that administrators need to know how to secure their > estates. If they've failed to apply the patch, that's their failure, not > Microsoft's, but patching was not the only way to have curtailed this > weekend's outbreak. But their failure leads to further intrusions elsewhere. Their failure has consequences beyond their own borders. IMO, this is a herd immunity problem that Microsoft needs to get better at. The analogy I would make here is the German versus the American approaches to road fatalities. In the German approach, if there are significant road fatalities in a given location, then that implies there is a failure with the way the road system is engineered, and it needs to be fixed so that the number of fatalities is brought down. No blame is automatically assumed on the part of the drivers who failed at that location. In the American approach, if there are a significant number of road fatalities, then it's the drivers own fault and they should have taken more care. They are automatically to blame for their own failure. But if you're one of the other drivers out there who might be impacted by the lack of due diligence practiced by another driver on the road, which approach are you going to want to see implemented? -- Brad Knowles <b...@shub-internet.org>
