[jimbob45]

>A world where you no longer have to update dozens of applications one at a time or worse never at all is a very good thing.

Maybe from a storage perspective but storage is practically free these days. It doesn't even make sense from a time perspective since application updating can be done in the background with no kerfuffle.

There's just no advantage to having shared libraries outside of ensuring that you'll eventually break every application on your machine due to some obscure versioning/corruption/capabilities issue that is nigh-impossible for a layman to solve. I'm with the parent poster - Linux can keep its Package Managers to itself (not to say Windows doesn't have equally stupid features - looking at you, Windows Registry).

[rbanffy]

> There's just no advantage to having shared libraries outside of ensuring that you'll eventually break every application

If an application or service is using a vulnerable outdated library, I WANT it to break. It’s better to have it broken than have it expose sensitive user data.

[jimbob45]

Hard disagree. I'll decide which applications I want updated and when. I don't need my applications breaking because someone decided I'm not allowed to use it anymore.

[rbanffy]

We don’t have the luxury to decide when we will get hacked.

[_8j50]

That's not how security risk assesment work. You do get to decide when and how long you remain hackable and implement mitigating security controls. Not everyone has the luxury of being tolerant to outages and it is terrible security practice to take a forceful uncompromising approach like that with no consideration to why and how the software is being used and in what context.

The last thing you want in securing a system is for your securitu effort itself to be a security risk (availability)