Risk is relative and not just about THAT security. I worked at an AV vendor and the joke internally was our security threat lists were the scoreboard for bad actors. But if you asked our salespeople you are an irresponsible hack if you don't keep up to date. They never account for the person who really can do it himself -- that is not their customer.
Yes I used to build custom FreeBSD kernels a lot. I manually made security patches on a few occasions and I put in many work-arounds by reading the security mailing list etc. Yes I went well past EOLs a few times for sure.
Always behind a firewall, workloads always in a Jail.
IIRC the release cycles used to be longer and it was less of an issue ~10 years ago. Can anyone confirm?
Most of my downtimes started with a power issue in the datacenter or a need for a hardware upgrade.
Risk is relative and not just about THAT security. I worked at an AV vendor and the joke internally was our security threat lists were the scoreboard for bad actors. But if you asked our salespeople you are an irresponsible hack if you don't keep up to date. They never account for the person who really can do it himself -- that is not their customer.
Yes I used to build custom FreeBSD kernels a lot. I manually made security patches on a few occasions and I put in many work-arounds by reading the security mailing list etc. Yes I went well past EOLs a few times for sure.
Always behind a firewall, workloads always in a Jail.
IIRC the release cycles used to be longer and it was less of an issue ~10 years ago. Can anyone confirm?
Most of my downtimes started with a power issue in the datacenter or a need for a hardware upgrade.