Bob Sneidar wrote: > Each of these Mac OS exploits require that the end user install > something on their computer, or allow it. As far as the doorstop > comparison, well that comment is a bit of a red herring now isn't it? > Brand new computers with current AV definitions and a completely > updated OS involves "some degree of risk". > > My point is that if you use a computer in such a way that it performs > it's job as it always has, an internal SQL server with no exposure to > the internet for example, then all other things being equal, it's not > obsolete by a certain definition.
How often do computer vendors advertise their network-capable products as not being fit for use on networks?
I suppose we could slice and dice to come up with all sorts of definitions. Here's where I'm coming from:
Somehow this conversation became mistaken for one of brand advocacy. I mentioned macOS 10.7.5 only because that's the version Richmond isn't allowed to upgrade beyond. Those who've been on this list a while have seen me use the phrase "not safe to use" for any brand of OS that has reached end-of-life (EOL).
If this has to be about one brand, I think there's an argument to be made that Apple does a better job in some (but not all) areas of security. But they're not a magic pony. There is no magic pony. Even the best software is just imperfect humans making imperfect systems riddled with flaws waiting to by found by someone with an IQ north of 160 who devotes their life to finding such things. And they do, new ones every week.
If the phrases "safe to use" and its corollary "not safe to use" are uncomfortable, I got nothing for that. I come across them frequently in discussions of OS EOL. Given how many exploits are made possible by unpatched systems, the more I read on the subject the more I come across those phrases.
In this context, "obsolete" refers to a product comprised of hardware and software where the software half of it has reached what the vendor has determined is "end of life".
True, it's possible to extend the useful life of a computer by limiting oneself to a much narrower range of tasks than the product was originally designed for.
Another option is to replace the EOL'd software half of the product with something that's kept current. Given the cost, ease of updating, and well-published EOL dates for most distros, Linux makes a logical choice for that, since it supports a much broader range of hardware than any other OS. But even that isn't brand advocacy (if it were I'd be suggesting that everyone replace their OS before the vendor EOLs it <g>), but merely pragmatism for those cases where the vendor provides no upgrade path for the now-EOL'd OS.
But neither of those options, viable as they may be for some users, are part of the product offering as sold. Once the software half of a product no longer has an option to remain current with critical patches, the product as originally offered is no longer fit to serve the role it was designed for. One word commonly used to describe a product beyond end-of-life is "obsolete".
Knowingly running unpatched systems is kind of a problem. I don't feel at all uncomfortable encouraging folks to aim a bit higher than an Oingo Boingo security policy:
https://www.youtube.com/watch?v=qpjHW4mr6qo ;) -- Richard Gaskin Fourth World Systems Software Design and Development for the Desktop, Mobile, and the Web ____________________________________________________________________ ambassa...@fourthworld.com http://www.FourthWorld.com _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
