• federico3@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    3 years ago

    The article is indeed one-sided and often makes exaggerated claims.

    One example: "This is in contrast to a rolling release model, in which users can update as soon as the software is released, thereby acquiring all security fixes up to that point. "

    This ignores that facts that new releases are the only source of new vulnerabilities.

    Plus, new vulnerabilities are still to be reported. A 0-day in the wild is usually worse than a published vulnerability: at least you can learn about the latter and take decisions on how to handle it.

    • Echedenyan@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      3 years ago

      They also ignore effort of some distributions to backport fixes to their supported version of the software as well as promoting the maintenance-mode or ESR releases of software.