Death to Old Software

Threat level definition

Death to Old Software
Jon Lasser, 2002-04-03

We all know that outdated network software is security hazard. The solution: hard-wired expiration codes that self-destruct an old program when it's past its prime.

Expand all | Post comment

I don't like it. 2002-04-03
Anonymous

The problem is you can't count on an open-source package coming out with that kind of regularity. It's also common for open-source packages to be hopelessly broken in new releases; a lot of us wait until a release has gone through a few minor revisions before making the decision to deploy it. Adding expirations would remove system administrators' discretion to do upgrades when they see fit, based on their reliability requirements and how serious any vulnerabilities in the old package are in the environment they're running the softare.

I'd certainly remove any time-bomb code from open-source software I decided to deploy on my servers.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/72/11605#11605

You are right. 2002-04-03
J. J. Horner

Death to Old Software 2002-04-03
Not Really Anonymous

Death to Old Software 2002-04-03
Reaten

Death to Old Software 2002-04-03
Steve (1 replies)

Death to Old Software 2002-04-03
Anonymous (1 replies)

I have a better solution 2002-04-04
A Debian User (1 replies)

I have a better solution 2002-04-11
Anonymous

Counting the cost 2002-04-03
Working poor

Death to Old Software 2002-04-03
Anonymous

Good idea 2002-04-03
Anonymous (1 replies)

Re: Good idea 2005-10-29
Anonymous

Death to Old Software 2002-04-03
Anonymous

Death to Old Software 2002-04-03
Paul Wouters

Death to Old Software 2002-04-03
CodePunk

A really bad idea: The solution is better placed elsewhere 2002-04-03
Robert A. Klahn (rklahn@acm.org) (1 replies)

A really bad idea: The solution is better placed elsewhere 2002-04-04
CCH

a sane suggestion 2002-04-03
Anonymous

Very stupid, here's why 2002-04-03
Anonymous

What a horrible idea. 2002-04-03
Steve Briggs

Is it a bug or has it expired 2002-04-03
Anonymous

You have got to me kidding me. 2002-04-03
Anonymous

What about incompatibilities 2002-04-03
Anonymous

Death to Old Software 2002-04-04
Anonymous

Death to Old Software - this is a belated April Fool's Joke, right? 2002-04-04
Anonymous

Death to Old Software 2002-04-04
Anonymous

Death to Old Software 2002-04-04
Anonymous

Death to Old Software 2002-04-04
Anonymous

Monumentally *BAD* Idea 2002-04-04
Arne Flones

If it aint broke don;t fix it 2002-04-04
Anonymous

other options? 2002-04-04
Mac guy

Moronic iin the extreme... 2002-04-04
Anonymous

Death to Old Software - What a Crock 2002-04-04
Paul Mauriks

Death to Old Software 2002-04-04
Anonymous

Death to Old Software 2002-04-04
Chicken

Hey an even bigger security hole.. 2002-04-04
Anonymous

Death to Old Software 2002-04-04
Anonymous

Death to Old Software... not in my organization 2002-04-04
Steven C. Buttgereit (sf@buttgereit.net)

Death to Old Software? 2002-04-04
Anonymous

Death to Old Software 2002-04-04
Anonymous

A really, really stupid idea 2002-04-04
Anonymous

Death to Old Software, you NUTS 2002-04-04
Anonymous

Death to Old Software 2002-04-04
Elf Qrin

Death to Old Software 2002-04-04
Anonymous

Interesting, but No. 2002-04-04
Chris Fairbairn

Poor idea, poorly thought out, poorly described 2002-04-04
Rex Bob Lowenstein

Death to Old Software: Problems with this idea 2002-04-04
Vinnie

Horrible Idea !!! 2002-04-04
Anonymous

Bad Idea! 2002-04-04
Anonymous

Death to Old Software (good idea bad implementation) 2002-04-04
Anonymous

A cure worse than the disease? 2002-04-04
Echo8

Death to Old Software 2002-04-04
Paul

Death to Old Software 2002-04-04
Anon.

A Deepness in the Sky 2002-04-05
Adrian Close <adrian@close.wattle.id.au>

Death to Old Software 2002-04-05
wwb

Death to Old Software 2002-04-06
Grant Bayley

Isn't *availability* a security concern anymore? 2002-04-06
KSAJ

DJB does it right 2002-04-07
Anonymous

Extremely bad idea: here's why... 2002-04-07
Anonymous

Death to Old Software 2002-04-08
Anonymous

Death to Old Software - Stupid Idea 2002-04-09
NightOwl

Availability, mate... 2002-04-09
Anonymous

Death to Old Software 2002-04-11
Stephen

This already has a name! 2002-04-11
AnonymousG

Death to Old Software -- Not 2002-04-11
Anonymous

What we REALLY need... 2002-04-12
BAShMaster

Death to Old Software...HUH? 2002-04-12
Anonymous

Print an expiration message 2002-04-17
Computer Science Tory

This hard disk will self-destruct in 5 seconds........ 2002-04-18
Bob Radvanovsky

Bad idea: Death to Old Software 2002-04-18
lewiray

Pathetic 2002-04-19
dw

Death to Old Software 2002-04-20
Anonymous

Death to Old Software 2002-04-20
Anonymous

Death to Old Software 2002-04-21
InterWN Labs <interwn@interwn.nl>

Death to Old Software 2002-04-22
Greg

Death to Old Software - Expiration Message 2002-04-23
Anonymous Mike

Privacy Statement
Copyright 2009, SecurityFocus