On Tue, Sep 16, 2014 at 8:29 AM, Przemek Klosowski przemek.klosowski@nist.gov wrote:
On 09/16/2014 06:33 AM, Richard Hughes wrote:
I've triaged many bugs to do with online and offline update failures, and if we're going to say that we actually care about the users data, it becomes increasingly hard to defend the "old" way of doing it. I'm sure I could find numerous bugs numbers where doing an online update made the session/terminal crash which of course leaves you with duplicate packages on your system which may or may not be fixable. Richard
OK, but this is means that we painted ourselves in the corner---something is wrong if my Android phone, which I don't have to reboot for updates, has higher uptime than my computer.
You don't have to restart your phone for app updates, but the app itself is restarted. For Android updates, it does require you to reboot the phone. Android updates happen rather infrequently. Your analogy is slightly flawed.
We are in a bind: on one hand, the best security practice is to upgrade daily to avoid emerging vulnerabilities; on the other hand daily reboots aren't really a nutritious alternative. Something has to give---which one do we do:
- create a separate daily security upgrade stream, curated to not require
reboots if at all possible
This has been suggested before and it isn't a terrible idea. It requires people to work on it though.
- follow Microsoft and do a fixed 'patch Tuesday' schedule instead of ASAP
updates
There have been suggestions around having "levels" of updates. A firehose level, which is the equivalent of today, and then a batched level, etc. Also needs people to work on it.
josh