Singing the Update Blues

I wrote some versus on the subject about10 years ago, and I updated it a little bit when Bill Gates got named man of the year:

Bill Gates - "Man of the Year" ???

My DOS/Win dot 3 worked just fine
But a new LapTop I'd find
' Bout 19-66
A horrific fix
Ensnared me in a bad bind

The ThinkPad and Windows were wed
In the factory, in the same bed
They shipped 95
To keep it alive
An upgrade to 98 I ded

98 was very much worse
I should have guessed it, of course
It choked very hard
When I tried a sound card
All I could do was to curse

The most outrageous abuse
When Netscape I tried to use
Explorer stomped in
GPF'd it like sin
Unplug it was all I could douche

My times not worth much anymore
I'm just an old Pro-fes-sore
With me it's my health
Compared to his wealth
His geek thugs are what I deplore

When at the young age 23
Keats got a bad case of TB
He then wrote some lines
That helped me define
What Bill Gates has taken from me

"When I have thoughts that I may cease to be
Before my pen has gleaned my teeming brain"

I have tried to put it in rhyme
Think about it in your spare time
And then you will see
What my time's worth to me
To take it away was a crime.

m david tilson

blues pianist, poet, and philsopher

There was a code writer named Martin,
who made a very nice living bloggin'
until the upgrades he discovered,
as the more bugs he uncovered,
the less and less time he recovered.

Comparing apples with oranges here, I'm afraid.

What you get when you run updates on Windows XP is upgrades to the operating system, the graphical user interface, Explorer, Windows Media Player. Not even MS Office!

What you get when you run updates in any Linux distributions is updates to all of the above plus all additional applications you have installed via the distributors package system. This especially includes also OpenOffice, Firefox and Thunderbird/Evlolution (or whatever you use to read email.)

The 2nd question is: how big is the impact of running security updates? Microsoft has a long history of occasionally distributing upgrades crippling at least parts of the system. In Debian, as far as I can recall (since Debian 2.2), this happened very, very rarely (once? twice?), and even on my usually very, very hacked system (meaning here: it is basically Debian, but with lots of tweaks and configuration changes accumulated over the years), I can just run all updates and trust that the system continues to work exactly like before.

The 3rd question is the severity of the security flaws that are fixed. Microsoft often fixes security flaws that allow attackers to take over the whole computer, and that are actively exploited by malware in circulation. Most securoity flaws fixed in Linux distributions allow an attacker to crash one application or the system (but not take it over, an important distinction), or take over the user account of the persion running the faulty software. Security wholes where an attacker can just take the whole machine have become quite rare. And most of these security holes are found before attackers are actively using them, so even if you don't apply security updates for quite a while, nothing will happen for quite a while.

Summary: While the Linux world is far from perfect, I still hold it to be far superior when compared to the Microsoft world. Also and especially when looking at how security upgrades are handled.

Adrian has very aptly stated most of what I was prompted to write, with one exception.

You also have to take into account what the linux distribution's design goals are. From the front page of the website:

Fedora is a Linux-based operating system that showcases the latest in free and open source software. ... The Fedora Project is out front for you, leading the advancement of free, open software and content.

Fedora is not the project to choose if you're looking for stable. It's what you use if you want to ride the front edge. I'd be concerned if there weren't lots of updates given that project's stance.

If you want stability from an RPM-based distribution, go with RHEL, or CENTOS.