Re: [Fed-Talk] Snow Leopard security update article
Re: [Fed-Talk] Snow Leopard security update article
- Subject: Re: [Fed-Talk] Snow Leopard security update article
- From: JEFFREY COMPTON <email@hidden>
- Date: Thu, 27 Feb 2014 23:21:42 -0500
I would not categorize the long list of vulnerabilities a "single criteria." And mitigation strategies are unique to every organization. Perhaps we can agree that strategies developed at your org would most likely not be very effective at my org and vice versa.
What irks me most of all is that I had two product managers from Cupertino (names many on this list would recognize) sit in our conference room last fall and tell me to my face - "do not count on security updates for any OS other than the current OS."
And it looked like that was indeed the case for several months.
All I want is a clear statement. If the statement is "current -1" or "only current" - or "only when we get embarrassed" - I don't care!
Just state the damn policy!
How hard can it be? I can not think of one single drawback.
Don't get me wrong / I'm thrilled that we have successfully moved 900+ systems to Mav in a few months. Much easier to support, etc
I'm just getting tired of sitting in staff meetings attempting to defend Apple's apparent schizophrenia to a bunch of Microsoft veterans. They just don't get it. And I'm not even sure I do at this point
Sent from my iPhone
> On Feb 27, 2014, at 7:56 PM, Carlos Velazquez <email@hidden> wrote:
>
> OK. It was a cheap shot. It is a sore subject for me.
>
> Enterprise wide decisions should not be made on a single criteria.
>
> I could go on various alternatives that mitigate or reduce such risks but this probably is not the forum for it.
>
> Sent from my 📲
>
>> On Feb 27, 2014, at 5:00 PM, "JEFFREY COMPTON" <email@hidden> wrote:
>>
>> How's that self inflicted?
>>
>> Was the better choice to allow systems with known vulnerabilities to roam around for 5 months?
>>
>> Maybe your org is not as security-conscious as my org
>>
>> I suppose you knew all along updates for 10.7 and 10.8 would be released?
>>
>>
>> Sent from my iPhone
>>
>>> On Feb 27, 2014, at 3:40 PM, Carlos Velazquez <email@hidden> wrote:
>>>
>>> Sounds like a sys admin self inflicted wound...
>>>
>>>> On Feb 27, 2014, at 3:04 PM, email@hidden wrote:
>>>>
>>>> Message: 1
>>>> Date: Thu, 27 Feb 2014 13:57:18 -0500
>>>> From: JEFFREY COMPTON <email@hidden>
>>>> To: Todd Heberlein <email@hidden>
>>>> Cc: Fed Talk <email@hidden>
>>>> Subject: Re: [Fed-Talk] Snow Leopard security update article
>>>> Message-ID: <email@hidden>
>>>> Content-Type: text/plain; charset="utf-8"
>>>>
>>>> I can not understand for the life of me why they can’t just spell out their policy. Sometimes I think their primary guiding principle is - “Hmm, how can we make mac enterprise admins look like morons today?” I just got done getting all our users to Mavericks. My answer for “Why do we have to upgrade to Mavericks” was “there are un-patched security vulnerabilities in 10.7 and 10.8." Now - literally days after the deadline our users had to upgrade - Apple releases the patches for 10.7 and 10.8. Thanks Apple.
>>>
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Fed-talk mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden