|Redhat and Mandrake Dropping Support |
Jon Lasser says, "security nightmare"
|Open source opponents have for years warned, "You get what you pay for." |
I think what bothers me most is this, "After the expiration date, security patches will be provided at Red Hat's discretion only."
Fulle Story: [theregister.co.uk...]
Most software vendors (and most automakers and such) cease to produce updates (parts) for old products. It goes beyond normal expectations (and law) for vendors and manufacturers to provide support (free or otherwise) in perpetuity. If you want people to fix your antiquated stuff, pay them for that specific task.
When is the last time you saw an update to DOS 6 or NT3.1 or whatever those old Microsoft products were?
We're not talking "antiquated" we're talking about systems that are widely used and future releases. In addition, they are saying that they are offering a 12 month window of support and after that, no support at all.
In many shops, by the time the OS is implemented and tested the support will run out.
Best support for RH is their mailing list. And it would be silly not to supply patches/fixes to relatively recent releases.
Storm in tea cup I reckon...
They announced this a short time ago. There are a few points about this to keep in mind, IMO:
First, Red Hat and Mandrake are NOT the only Linux, let alone *nix (i.e. FreeBSD, OpenBSD, NetBSD, et all) open source operating systems out there.
I'm sure Debian, to name just one of the well known Linux distros, will keep putting out the patches quickly as they always have.
I'm sure the BSD folks will also keep their operating system patches available up to date, too.
As for Red Hat, I suspect besides the fact they are a public company under continuous pressure to improve profitability, this is also geared to nudge users of their distro to move up to the much more expensive Advanced Server version of their operating system -- that just happens to have a MUCH longer support life -- but at a much higher cost when a company buys a support contract, too.
I'm sure reducing cost of supporting their older distros is one reason for this new policy of course. But nudging customers to Advanced Server would seem a likely strategy behind their new support policy as well -- maybe an even bigger part of the reason they are doing this.
As for Mandrake, they have been going thru various financial pinches for awhile now. Periodically, they ask their customers for financial support....I think from selling memberships of various sorts IIRC. So only time will tell for sure what will happen with Mandrake no matter what their policy on updates.
Moreover, just because two Linux distros with a lot of brand recognition and market share announce this does NOT mean "the show won't keep going on". Due to the GPL, anyone could put a site on the net and pick up offering patches where Red Hat and Mandrake leave off.
So I suspect either one or more organizations will spring up to meet the need...if it continues to exist...or folks will simply migrate to other distros (including more up to date versions of Red Hat) that DO keep security patches up to date and available in a timely fashion.
I think it will likely be that latter of the two above due to the newer GCC and the recently released nice fonts the Gnome folks were happy about recently.
One more point about this is the update mechanism for an open source operating system as a criteria to select which one to deploy.
Besides the RPM based updates Red Hat and Mandrake use, there are also the different ones the Debian and Gentoo Linux Distros use, the one Slackware type distros use and of course the way FreeBSD, to name just one of the BSD operating systems, use to keep folks up to date on all patches -- let alone just security patches.
For those not familiar with it, you might find the way the BSD crowd does it results in a much easier to keep up to date production server than using Red Hat's RPM based system. This is of course an area of many flame wars. I'm just pointing out there are many other methods and open source operating system available to one wishing to avoid running Microsoft Windows as one's server OS -- no matter what Red Hat and Mandrake do.
That's what I love about the Linux crowd, the optimism and lack of cynicism.
MS announced they were dropping support for Win95 and hordes of people pounced. "How could they, what about the people still using that 8 year-old OS"?
From the Linux folks... "ehh, we'll move on". ;)
>>MS announced they were dropping support for Win95 and hordes of people pounced.<<
Pretty sure that Win95 wasn't free, not to mention all the "bundled" apps that MS tacked onto it and charged for.
Apples and Oranges.
>>Pretty sure that Win95 wasn't free
Of course it wasn't free, but it was eight years old. People were upset about losing support for an ancient OS.
Forget about apples and oranges and consider whether you would go with an OS that only had support for a year.
People are making much to much fuss out of those whole thing. Look at it this way:
If you have it IT manpower to apply patches that RedHat/Mandrake/et al release, you also have the manpower to upgrade versions.
If you don't have the manpower to upgrade versions, you probably aren't installing the security patches anyway.
If you install patches from these vendors on any large scale, you've probaly got a service contract with them or are using their "premiere" products which means that you'll have patches for at least 24 months.
For Me, personally, I don't really care -- I run 5 Redhat Linux servers for my site and when I need a security patch get it from the module provider themselves and not the distibutor. And if I ever need extended support I'd buy the advanced server version of Redhard which gives updates for 4 years.
|We're not talking "antiquated" we're talking about systems that are widely used and future releases. In addition, they are saying that they are offering a 12 month window of support and after that, no support at all. |
So don't use RedHat Linux.
This is no different than any other product or brand in the world. If it doesn't meet your needs, or if you don't agree the thier price/support structure, just go to the competitor.
Don't like Pepsi? Drink Coke.
Don't like McDonalds? Eat at Burger King.
There are dozens of other Linux distros out there. Show RedHat that they're making a mistake by not using them. If they see a mass exodus from their products to a competitor, you can bet they'll change their policies.
Digitalghost, as you know, this forum avoids any MS vs Linux debate -- this thread is bordering on that now.
Lets address the points within the *nix framework and avoid references to Redmond. If you must do MS vs. Linux then open up a new thread in FOO.
To address some of the points...
>"You get what you pay for."
Well, if you buy the official packages of Mandrake and RedHat that is actually quite a bit.
Official Mandrake Linux 9.0 ProSuite Edition -> $180
Official Red Hat Linux 8.0 Professional -> $149
This has nothing to do with open source, this has to do with companies trying to squeeze the end user into updating their software during lean economic times. In this respect they are taking the cue from many closed source vendors. I can't say I blame Mandrake, they are one foot in the grave and are doing everything they can to hang on to life.
>"You get what you pay for."
This simply is an irrelevant argument, if the corporation or individual was running FreeBSD, Debian, or Gentoo they would have an up to date system without having to pay any vendor.
>>Digitalghost, as you know, this forum avoids any MS vs Linux debate
Why are ya picking on me? I didn't bring up MS first. :)
I called some admins and they aren't really happy with the announcement and it seems like everyone is eyeing this as if I was talking about a home box. I could care less what people put on their bitty box at the house.
A large company that just implemented a version of Linux that won't have support in a year might have a right to be upset.
>>If you have it IT manpower to apply patches that RedHat/Mandrake/et al release, you also have the manpower to upgrade versions
What? People don't just slap new versions up overnight. By the time some of them get through the testing phase it will be time for the next version.
I'm beginning to wonder if anyone is actually reading the article...