Today, I learned that RedHat wants to charge me to get security updates.
Having moved my site to a Linux machine, I decided to get the box current on security updates. As always, I first tried to use the RedHat automated updating tool, up2date. I got a dialog box that said that the tool is currently available only to paid subscribers, and that I should try back later. That’s cool — I’m a big boy, and I don’t have any problem downloading and applying security fixes manually, so I started doing that.
Working my way through the available security updates, though, I came across this page, for an update to bind (the domain name resolver). It told me that my system needs a newer update, and to go here. Going to that page, though, I learned that “the unlinked packages above are only available from the Red Hat Network” — the update is only available via the updater tool that is only working for those who pay the annual subscription rate.
Effectively, RedHat has just told me that there’s a fix for a buffer overflow that is only available to paid subscribers. What!?!?!
Remember this whenever you begin to bitch about Microsoft’s security update process.
i’ve been under the impression that getting a red hat network account for updating a single machine is free.
but i’d say the best alternative is to simply switch to debian (http://www.debian.org/). the initial install isn’t quite as friendly, but apt-get and the well-managed debian package pool makes it all worthwhile. the popularity of red hat on servers simply boggles my mind.
• Posted by: jim winstead on Aug 17, 2002, 5:37 PMI’ve been seriously thinking about ditching RH for a couple of years now. Something major seems to be borken in just about every release, and their mercenary attitude turns me off.
I even got as far as downloading ISOs for Debian Potato once. After that I figured out that it was going to cost me a couple of hundred to go out and buy hardware that Debian supports, or a couple weeks of Copious Spare Time to build and install all the drivers myself.
So the Linux on my Linux box is still RH. But I turn on the Linux box less and less frequently these days, especially since I bought the iBook.
I don’t think I’d be hosting on Linux anyway, when you can get BSD for the same price.
• Posted by: Jeff Carroll on Aug 17, 2002, 7:21 PMIf you’ve done time with RedHat, you might want to try FreeBSD. Debian is fiddly, and FreeBSD is very friendly to people who want to install or update. Actually, the friendliness and ease of use of the updating system elicited a chorus of gasps from a collection of engineers at my work.
• Posted by: Tom Blackwell on Aug 23, 2002, 2:32 PM