Money from the air
This post reflects only my personal opinion.
I attended the Open Source Summit (http://www.pcweek.ru/foss/conference/program/), even made a report there in the section “Certified and protected solutions based on open source software”.
In the same section, a comrade from here at this company www.cis.ru spoke with a report: “Problems in certifying updates of certified software products”.
')
The report told about the difficulties they face when certifying Microsoft Windows updates according to “guiding documents” (get rid of the topic for the Open Source Summit!), How to overcome these difficulties and still convey certified Windows updates to a grateful consumer.
They have some kind of secure storage in which they manage to certify on a certain day. In this case, not all updates are certified, but only those that they consider important for certification - the remaining updates of the SIS are kindly allowed to be installed directly from the Microsoft website.
I was very pleased with the criteria for selecting updates for certification - “based on what Microsoft itself writes about the update.”
At the same time, the SIS said that certification takes time, so “critical updates” can be installed without the permission of the SIS, but at your own risk and risk, the certified one will no longer be considered. That is, the administrator has a choice. Either close the real security hole, but run into a penalty from the regulator (and risk your work, yeah). Either live with a “certified hole” until the ICU gives the nod to its closure.
When certifying updates, Microsoft company SIS source, of course, does not provide. What does the certification procedure technically look like?
What happens if the update does not satisfy the certification requirements? Does ICU file a Microsoft claim?
It turns out in this case, the SIS will not allow users to install the update until Microsoft fixes it. What does the phrase “Microsoft fix” mean? I never got it. And if the user does not listen and install the update, then his Windows will again be considered non-certified.
Reflections on the topic “what the business of this company is built with” lead to sad reflections on the topic “why this business is possible in one particular state”.
PS I was pleased that many of the listeners of the report reacted in much the same way.
I attended the Open Source Summit (http://www.pcweek.ru/foss/conference/program/), even made a report there in the section “Certified and protected solutions based on open source software”.
In the same section, a comrade from here at this company www.cis.ru spoke with a report: “Problems in certifying updates of certified software products”.
')
The report told about the difficulties they face when certifying Microsoft Windows updates according to “guiding documents” (get rid of the topic for the Open Source Summit!), How to overcome these difficulties and still convey certified Windows updates to a grateful consumer.
They have some kind of secure storage in which they manage to certify on a certain day. In this case, not all updates are certified, but only those that they consider important for certification - the remaining updates of the SIS are kindly allowed to be installed directly from the Microsoft website.
I was very pleased with the criteria for selecting updates for certification - “based on what Microsoft itself writes about the update.”
At the same time, the SIS said that certification takes time, so “critical updates” can be installed without the permission of the SIS, but at your own risk and risk, the certified one will no longer be considered. That is, the administrator has a choice. Either close the real security hole, but run into a penalty from the regulator (and risk your work, yeah). Either live with a “certified hole” until the ICU gives the nod to its closure.
When certifying updates, Microsoft company SIS source, of course, does not provide. What does the certification procedure technically look like?
What happens if the update does not satisfy the certification requirements? Does ICU file a Microsoft claim?
It turns out in this case, the SIS will not allow users to install the update until Microsoft fixes it. What does the phrase “Microsoft fix” mean? I never got it. And if the user does not listen and install the update, then his Windows will again be considered non-certified.
Reflections on the topic “what the business of this company is built with” lead to sad reflections on the topic “why this business is possible in one particular state”.
PS I was pleased that many of the listeners of the report reacted in much the same way.
Source: https://habr.com/ru/post/142097/
All Articles