I attempted to get this message to the 4 researchers...hopefully it finds them well. Otherwise here's food for thought for the critics: I was just thinking about this more and maybe if they described it differently it wouldn?t be so bad. It would need really good and TRUSTWORTHY / secure / reliable updating mechanisms. But thinking about how routing tables get updated on routers might be a better concept. If a computer had the ability to ask its peers what patch level it was at, it could compare the patch levels to its own and realize hey?I think I?m missing that one. Not sure if it would ask the neighbor for the patch, but I think it would be better if after discovering it?s behind to go ask the ?patch authority? ? whoever that delegation may be ? an internal server or the vendor?s server. Otherwise poisoning could be an issue. But I think there could be a whole standardized framework for all vendors? applications to query their network peers. Royce Renteria

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11506/35010#35010