Hacker News new | ask | show | jobs
by 77pt77 705 days ago
> They are quite vocal when customers don’t turn in automatic updates.

I'm sorry but this is the customer's fault.

If I'm using your services you work for me and you don't get to bully me into doing whatever you think needs to be done.

People that chose this solution need to be penalized, but they won't.
1 comments
mbreese 705 days ago
Customers don’t always have a choice here. They could be restricted by compliance programs (PCI, et al) and be required under those terms to have auto updates on.

Compliance also has to share some of the blame here, if best practices (local testing) aren’t allowed to be followed in the name of “security”.

link
nerdjon 705 days ago
This needs to keep being repeated anytime someone wants to blame the company.

Many don’t have a choice, a lot of compliance is doing x to satisfy a checkbox and you don’t have a lot of flexibility in that or you may not be able to things like process credit cards which is kinda unacceptable depending on your company. (Note: I didn’t say all)

CrowdStrike automatic update happens to satisfy some of those checkboxes.

link