For some it is a monthly occurence and for others they would like to do it every day. The ones who have it once a month are used to it and plan their activities around it. Those who want it every day either put aside a few minutes or have it done automatically. For what ever reason it is done for protection, or simply for the latest and greatest. Just in case your wondering what the heck I am talking about I am talking about patching the programs installed on your computer.
From the operating system to the web browser, all programs need to be patched and kept up to date for prevention against malicious programs and script kiddies exploring the latest metasploit release. If regular updates are not done, your system is as vulnerable as an egg soaked in vineger. There are currently two schools of thought regarding patches and updates that I know of.
The first one is the monthly updates. Most famously known as microsoft's patch Tuesday. This is where patches are developed and tested then made available on a monthly basis. While this seems great for planning and keeping a regular schedule it does leave a large window of opportunity for malicious programs and hackers to exploit the latest security holes. Not only that, due to the large amount of patches being deployed at the same time the chances of things going wrong are increased. It is also harder to figure out where exactly things go wrong.
On the flip side of the coin is the open source mode of thinking. Patch early and patch often. This means that there are available patches to install almost on a daily basis. With modern Linux distributions this is a very low impact activity and you simply as allow the patches to install themselves. This can be made automatic if wished. While this may seem to be an irritant in our daily routine (I feel the same about brushing my teeth :) it actually provides more protection for your system (as brushing does for your teeth). The time frame between a security fix and available patch is reduced from weeks to days or, in the best scenario, hours. Also, if a patch does go bad it is immediately known where the culprit is and corrective action can be taken. Generally a new patch to fix the bad one is available within hours. This allows for a more secure, up to date and stable system.
Personally I like it every day. How about you? Do you get it once a month or do you prefer a daily occurance?
- Locutus's blog
- Add new comment
- 509 reads
Little and Often
Its definitely better to patch daily, because if something goes wrong you know exactly what was installed: you can just check in /var/log/dpkg.log and roll back the offending packages.
Another key differentiator which you don't mention is the fact that more often than not, Windows requires a reboot after an update. In a server environment this is not fantastic. In some cases, Windows will actually force you to reboot after a certain delay, which has maddened me on some occasions, when I'm in the middle of a task.
Linux requires less rebooting altogether, and when it does need to reboot, its happy to wait for a time which suits you.
hello
Good work! Your post/article is an excellent example of why I keep comming back to read your excellent quality content that is forever updated. Thank you! http://www.evdenevenakliyatt.net/