[comp.os.vms] Security patch distributions.

STEWART_SYS@uta.EDU (Dan Stewart) (06/16/87)

Perhaps in distributing security patches, or any needed patch for that matter,
DEC could set up a similar system to what SAS Institute has, which is called
Dial-A-Patch.  You call into their system and interactively select the patch
that you need and download it.  DEC could use the same method of identification
as for RDC, in an online form, asking for your system ID and a registered
contact name.  In this manner, people could get a patch when they need it,
after they've become aware of a problem, or they could simply make it a practiceto regularly dial in to see what current patches exist.

This solution would involve some expenses on DECs part, as far as setting up
a machine for this purpose, and some kind of rotary-answer modem system, but
as it is now, they have to send out tapes to everyone, which must be a large
expense in itself.

Dan Stewart
Univ. of Texas - Arlington

DHASKIN@CLARKU.BITNET.UUCP (06/19/87)

> Perhaps in distributing security patches, or any needed patch for that
> matter, DEC could set up a similar system to what SAS Institute has, which
> is called Dial-A-Patch.  You call into their system and interactively
> select the patch that you need and download it.  DEC could use the same
> method of identification as for RDC, in an online form, asking for your
> system ID and a registered contact name.  In this manner, people could get
> a patch when they need it, after they've become aware of a problem, or they
> could simply make it a practiceto regularly dial in to see what current
> patches exist.
>
> This solution would involve some expenses on DECs part, as far as setting
> up a machine for this purpose, and some kind of rotary-answer modem system,
> but as it is now, they have to send out tapes to everyone, which must be a
> large expense in itself.

They already have it... well, sort of.  The TSC in Colorado supports what
they call DSIN - *D*igital *S*oftware *I*nformation *N*etwork.  It makes
available to customers (who have software support) a subset of the database
that TSC 'engineers' use in diagnosing problems called in via voice.  One
can dial up and examine various items -- 'flash' data, which is supposed
to be new info on certain software products, but tends to be rather old;
symptom and solution information, which is probably the most useful... one
can search on keywords to find info, examples, etc.  One can also submit
problems to the TSC via the DSIN (akin to phoning in a problem) and even
submit SPRs (don't worry, response thru these SPRs is *just* as slow as
by US Snail).

Re-reading the above I realize I don't make it sound very good, but before we
joined BITNet I found it extremely useful.  I am now happy to say that I think
Info-VAX may have the edge.  I haven't used the DSIN in 5-6 months.

One can't really 'download' information, but I use SET HOST/DTE/LOG to dial
out, and that gives you a reasonably workable file back home.  I think I left a
message in the suggestion box about supporting Kermit, but haven't had a
response yet.

To get more info, ask TSC next time you call, or contact your (uh-oh) sales
rep.

Ciao -


% Denis W. Haskin                             Manager, Technical Services %
% ----------------------------------------------------------------------- %
% DHASKIN@CLARKU.BITNET   Office of Information Systems     (617)793-7193 %
% Clark University               950 Main Street      Worcester MA  01610 %
%                                                                         %
% "Revenge is best served cold."  -- Anonymous                            %