FreeBSD Security Survey

[Miroslav Lachman]

Doufam, ze to nikomu nebude vadit, ale repostnu sem mail, ktery dnes 
poslal Colin Percival (FreeBSD Security Officer) do konference Security 
a Stable. To pro ty, kteri tyhle konference nesleduji, ale zrovna tohle 
je celkem zajimava zalezitost.
Ve strucnosti - jedna se o jednoduchy online dotaznik (link na konci 
textu), ktery se snazi zjistit navyky uzivatelu/administratoru FreeBSD 
co se bezpecnostnich aktualizaci jejich systemu tyce.
Zaroven se na zaklade tohoto mailu spustila i celkem zajimava diskuze v 
obou zminenych konferencich, tak kdyby mel nekdo zajem, doporucuji 
podivat se do weboveho archivu.

Miroslav Lachman


Dear FreeBSD users and system administrators,

While the FreeBSD Security Team has traditionally been very good at
investigating and responding to security issues in FreeBSD, this only
solves half of the security problem: Unless users and administrators
of FreeBSD systems apply the security patches provided, the advisories
issued accomplish little beyond alerting potential attackers to the
presence of vulnerabilities.

The Security Team has been concerned for some time by anecdotal reports
concerning the number of FreeBSD systems which are not being promptly
updated or are running FreeBSD releases which have passed their End of
Life dates and are no longer supported. In order to better understand
which FreeBSD versions are in use, how people are (or aren't) keeping
them updated, and why it seems so many systems are not being updated, I
have put together a short survey of 12 questions. The information gathered
will inform the work done by the Security Team, as well as my own personal
work on FreeBSD this summer.

If you administrate system(s) running FreeBSD (in the broad sense of "are
responsible for keeping system(s) secure and up to date"), please visit
   http://people.freebsd.org/~cperciva/survey.html
and complete the survey below before May 31st, 2006.

Thanks,
Colin Percival
FreeBSD Security Officer