Secured updating network systems
The problem is typically in the implementation of these things," said Wolfgang Kandek, CTO of Qualys.
"I think cryptographers are talking about quantum computing potentially being able to break the cryptography and take over the process, but as far as we know, nobody has the technology at this point in time." Corman went beyond the cryptography and broke down the proper architecture for delivering updates by saying it needs to be stable, so the update doesn't cause device failure; secure, meaning not passing updates in the clear or without digital signatures; and hygienic, meaning the software has been checked for authenticity and quality before being signed or delivered.
"There was a time where people would not apply patches when they came out because they could break your system.
Patch Tuesday came because their user base essentially asked that they didn't get updates at random intervals that would suddenly make their networks go black," Jun said.
"For Microsoft to remove the Patch Tuesday concept, it means they have a lot more confidence in the stability of the rollout process and systems aren't going to go down in the middle of the night when they push updates." Corman said he hopes the Microsoft update rollout process for Windows 10 is more stable, because some companies don't fully understand the business value of providing a stable and secure update process.
He described a car company that knew the cost and brand impact of doing a recall, but not the flip side where mobile app developers can push updates every day without a negative impact.
"The burden of security people is not to scare people; our challenge is to make the safer thing the easier thing," Corman said.
Just use something that's out there." Corman agreed the need for a stable centralized update mechanism is critical, but also warned that because there are so many different technology platforms, especially with industrial control systems, it is unlikely there will ever be a single update process for everyone.