[ale] contradictions in the world of patching

[JD]

On 10/10/2013 02:56 PM, Ron Frazier (ALE) wrote:
> Hi all,
> 
> I was just sitting here having the "fun" of doing the monthly ritual of installing patches on my Windows laptop.  Last Tuesday was the 2nd Tuesday, patch day.  There were 23 this time.  Next, I get to have the fun of replicating that procedure on my other computers and vm's, which, all combined, is a fair number of machines.
> 
> Linux Mint is not much better.  Since patches are continuously released, it's not uncommon for me to patch Mint every time I boot it.  If I ignore either OS for a couple of months, it's not uncommon to have to install almost 100 patches.
> 
> Now, I think it's a good thing that the OS's are being kept as secure as possible, assuming this is the best way we have to do this.
> 
> Here's the contradiction I thought of.  My Android tablet NEVER gets updated by Acer.  They did bump me from Honeycomb (Android 3.??) to Ice Cream Sandwich (Android 4.??).  But, aside from that, as far as I know, there are no updates.
> 
> So, is it necessary to do all this patching or not?  If it is, why does Android get left out in the cold?
> 
> Any thoughts?
> 

Easy. Acer sucks. They are ignoring released patches from the upstream.  I have
an A500 too. Acer is treating them like a simple toaster vendor - ignoring older
models.

Daily patching of Linux - really?  1st thing every Saturday morning, I patch.
NEVER during the week. It is easy enough to script or use tools that it doesn't
really matter if I patch 1 or 50 systems then.

For Windows, I'm on automatic for things from MS. Don't use many other programs
on Windows, but when I do, I try to use ninite installer for the high-risk
things and just re-run it.  That grabs the latest and installs it.  Almost like
APT. ;)