FOSS and patches

30/03/2008

Something that explains better than I did:

 

Corporate IT staff frequently do not immediately patch their critical software until they know what the patch will actually do and that it will not cause other problems or expose other vulnerabilities. Apple’s distributing of FOSS patches to its commercial customers requires a similar delay. FOSS projects can blow out patches fast and furiously, but Apple can’t or we’d all be annoyed to see patch updates in Software Update on a daily basis. Apple’s commercial customers demand software that “just works,” which requires a very different approach to version management than the “do it yourself” model in the Linux world.

 

As we know, Firefox is a FOSS project, so it must update furiously because it is open source: Vulnerabilities are too well-known to be left unpatched, but this means that users are sometimes frequently annoyed by pop-up boxes telling them to upgrade. This stands in contrast with Apple’s secretiveness, allowing it to release updates in less hectic intervals.