I am provoked by ISC for the 10 years statement that ISC refuse to fulfill (Re: DNSSEC setup for stealth master and multi slave/recursive - Multiple DS keys?)

Sun Feb 11 17:32:47 UTC 2024

On Sun, Feb 11, 2024 at 10:41:34AM -0600, Tim Daneliuk via bind-users wrote:

! I realize that there was a whole kerfuffle here that I mercifully missed and
! have absolutely no interest in.

I didn't understand it, and was wondering if I should.

! But it did "provoke" a question.  Does anyone think not restarting *anything* for 10 years
! is a good idea?
! 
! I realize there were all these fanbois back in the day that wanted to prove
! *NIX could stay up longer and with greater stability than Windows.

It's not about stability, it's about systems management attitide:
if something does not work as intended, you could say, the fix is to
reboot the machine.
But you could also say, one needs to understand what exactly is going
wrong, look into the code, change it accordingly and make certain that
the problem will not happen again.

Obviousely it's a matter of taste which way you prefer.

! But best practices
! would suggest that you patch and restart monthly at a minimum and more often for
! zero-days and more immediate threats.  I would include among this the OS itself
! as well as key infrastructure services.

This has nothing to do with IT. It is rather about prayer, confession
and sacrament. People seem to believe that regular church service (aka
patching) should protect them from the devil, and distributions are
required to provide that kind of service (aka "support").

Few people bother to understand what a patch actually does, so
installing them can no longer be called engineering. And "best
practices" within a believe system are just that.

Now, seriousely, religions were created with the honest intention
to create a better world for all. And also, security maintenance
is designed to create a safer internet for all. But, the results
from the first are, well, suboptimal, and I'm not really sure
about the second. In any case I tend to question believe systems.

! Oh, and for the record, I think ISC does a very fine job ;)

Me too.