Reply to post: Step #1 Missing

No wonder we're being hit by Internet of Things botnets. Ever tried patching a Thing?

Don Dumb

Step #1 Missing

The process to install the patch is missing the most difficult bit -

Step #1 - vendor produces and issues patch on their website.

I didn't think that the process of patching sounded that difficult. However, this is all completely academic if the vendor doesn't ever consider supporting the device, let alone issue patches for a 'reasonable' period - that reasonable period being a lot longer than the support durations of even most IT company policies.

People expect appliances to last for longer than a decade, if they are a Thing On The Internet, that means they need to be supportable for that period (either by the manufacturer or by a third party). If the government is serious about 'Cyber' being one of the big threats, then they need to back this up with policy and regulations.

Patching just isn't something that the novice is aware they actually need to do and the old fashioned principle of "if it's not broken don't fix it" conflicts with the principle of regular patching. Getting people to do the patching isn't anywhere near as difficult as getting them to even consider it in the first place.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021