Monday, January 29, 2007


Should Security Patches always be free?

I was seeking an answer from industry analyst firms in terms of public opinion on whether all vendors should always make security patches freely available and couldn't find any definitive research...

It seems as if different vendors have different opinions on this topic. For example, Sun makes them freely available (in terms of cost) but requires registration while other vendors may take approaches that still require support contracts. Of course in open source, patches are always free but not always clearly delineated.

I wonder if folks such as Gunnar Peterson, Michael Howard, Mark O'Neill, Phil Windley, Bruce Schneier, Bill Gross, Jeff Jones, Anton Chuvakin, Tom Olzak, Lou Bolanis and Sol Tzvi have an opinion on what vendors should do in this regard?

<< Home
| | View blog reactions

This page is powered by Blogger. Isn't yours?