Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm very familiar with the DoD's byzantine and prehistoric policies. You're absolutely right. And it's ironic, because changing their patch management strategy would provide better security. The DoD is stuck in a compliance world, rather that one in which they manage risk.


Yep. They're getting left behind when they should be on the cutting edge. It's sad, really.


Yea but IE9/IE10 are number one at stopping malicious downloads which happens to be the easiest/most prevalent way to take over a computer. Plus IE 8+ is the only browser that has TLS 1.2.


Only on Win7 (since IE depends on SChannel), and Opera has TLS 1.2 too.


There is the risk of having your computers compromised and there is the risk of being fired for making someonewho writes policies look incompetent.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: