this post was submitted on 28 Feb 2024
347 points (98.3% liked)
linuxmemes
21304 readers
1358 users here now
Hint: :q!
Sister communities:
- LemmyMemes: Memes
- LemmyShitpost: Anything and everything goes.
- RISA: Star Trek memes and shitposts
Community rules (click to expand)
1. Follow the site-wide rules
- Instance-wide TOS: https://legal.lemmy.world/tos/
- Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html
2. Be civil
- Understand the difference between a joke and an insult.
- Do not harrass or attack members of the community for any reason.
- Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
- Bigotry will not be tolerated.
- These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
3. Post Linux-related content
- Including Unix and BSD.
- Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of
sudo
in Windows. - No porn. Even if you watch it on a Linux machine.
4. No recent reposts
- Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
Please report posts and comments that break these rules!
Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There is nothing more important than security patches on a system.
I used to work at an FMI, which’s motto was “keep things stable”. Even the ciso department bought that crap. Until we hired a white hat hacker. The only thing given was the name of the company. He managed to get into the building, access an employee’s workstation and install a root kit on one of the most important financial message tracking systems (you know, the one that instructs other systems to transfer money), using a security bug, which would have been patched if they kept a regular (security) update cycle. After shit hit the fan, many people were fired and an update cycle was introduced.
No system is important enough to not patch. And if you believe it is, you’re wrong.
Yeah, but that just takes way too much work. You think I really care about the company's/bank's money if I'm not getting paid enough for that job? Security patches can also introduce new problems, like x changes, so y doesn't work, so the main app doesn't work... and what, then I have to manually edit code, introduce the thing that x relied on so that y can work again?
I'm sorry, but this is not your average IT department's job... or if it is, I expect a damn good compensation for it.
I've updated and rolled back snapshots because of shit like this... nah, not gonna try and figure out what the problem was... at least not for the salary I'm currently getting paid. If it burns, it burns, so be it.
I’d be surprised if you actually saw anything change from security updates tbh, I don’t think I’ve ever seen anything break from a quick patch.
Dist upgrades are when things might break, but they’re only once every few years. Leave them too long though and you may end up with compatibility issues if you need to make changes.
Fair enough if you’re not getting paid enough, the company should hire more people to stay on top of that though.
They have and that is why I don't do them any more. Happened a few months ago in fact. Updated one of the Debian servers for one of webapps we have running (a black box piece of shit VM that's stuck in 2010 I think)... suddenly, the app in the VM doesn't work. The VM does start, but the app doesn't work, just throws a 404. Why? Beats me, don't have time to troubleshoot. Roll back a snapshot, everything works again. Conclusion, don't update that.
See, around here, you don't keep your job by messing around with things that already work. They work, period, why did even feel the need to mess with that 🤨. If that's management's view on security, fine, so be it 🤷.
I still file reports on things not being up to date, just so that if shit hits the fan, I'm not the one taking the fall for it.