Windows Update for Business (wub wub wub wub) Who employed Claptrap?
-
That's amazing.
-
It's already in the preview.
It can do peer to peer locally and over the internet. By default it does local and with anyone on the internet.
My guess is this will be the first feature attacked. Even with local p2p only. If they can spread malware and viruses with it it could be very effective.
-
It's just local WSUS, basically. So the attack surface is probably very similar.
-
Except WSUS is centrally controlled. This is every computer acting as one. Meaning if any computer gets infected it could have a chance to infect others. This is also going to allow p2p application level updates (thought its not working yet.). It's a bit torrent technology they bought from Pando.
-
@thecreativeone91 said:
Except WSUS is centrally controlled. This is every computer acting as one. Meaning if any computer gets infected it could have a chance to infect others. This is also going to allow p2p application level updates (thought its not working yet.). It's a bit torrent technology they bought from Pando.
That's true. But WSUS had the same risk. Yes, there was only one copy of it, but it was the same basic risk. If you could hack WSUS it would infect everything. Yes this is more copies of WSUS, but the concept remains the same. Risk higher? Yes. Risk high? Only if WSUS was a high risk.
And I assume you can control the peer to peer nature as well. So that not all peers can push updates.
-
And I think that they made a point of central control existing here too.
-
@thecreativeone91 said:
Except WSUS is centrally controlled. This is every computer acting as one. Meaning if any computer gets infected it could have a chance to infect others. This is also going to allow p2p application level updates (thought its not working yet.). It's a bit torrent technology they bought from Pando.
Just because distribution is P2P, that does not mean that there is no central control mechanism.. One does not infer the other.
-
@scottalanmiller said:
And I assume you can control the peer to peer nature as well. So that not all peers can push updates.
As of now, no. You can only choose when they get updates.
-
I have to assume that even if the updates themselves are coming from a peer, that they are checksummed against something in the Windows Update for Business system, not just taking the word of the peer.
Assuming this all stays cloud based we should be even more protected than WSUS was.
-
So is WSUS gone? and replaced with a cloud service? How do you register?
FYI I haven't clicked on the link yet.
-
No cloud service. It's a bit torrent service. With groups to roll updates in phases.
-
@thecreativeone91 said:
@scottalanmiller said:
And I assume you can control the peer to peer nature as well. So that not all peers can push updates.
As of now, no. You can only choose when they get updates.
I expect that to change very quickly.
