So I’ve made a bit of a change up to my normal routine recently. Instead of sitting on the trains and playing video games, I’ve decided to get my read on, instead. At the moment, all of the reading is focussed on work and continueing my education since I haven’t had any training since I came to Groove. That being said, I’ve decided to start with Michael Howard and David LeBlanc’s Writing Secure Code 2nd Edition. I took their four hour training seminar while I was in Redmond, and, try as I might, I could only take so much of Sedgewick’s Algorithms in C++. But it’s a good book, and it has some really great quotes. I know that ‘Tos will get a kick out of these at the least.
A handful of knowledgeable people is more effective than an army of fools
Software never dies; it just becomes insecure.
My favorite of the bunch:
Security flaws are like cockroaches: you see one in the kitchen, so you et rid of it. The problem is that the creature has many brothers, sisters, grandkids, cousins, nieces, nephews, and so on.
Yeah, it’s a pretty good book. I’m enjoying it so far, and it’s a pretty quick read (at least the first part). Anyway, sorry to geek out like that, but I wanted to get some of these quotes recorded.
Programming, Quotes, Security, Software
My comment spam program owns you. Seriously. You might as well just go home. 95 of your comments have gotten caught.
*smiles*
Prepping old blog for importation: $0 x 2 hours
Installing and testing new system: $0 x 4 hours
Taking my website back from the spammers: Priceless
*smiles*
Security, The Internet, Web Development
Ok, so it’s happened again. Microsoft has released a patch, and someone’s written an exploit for it. And it only took three days.
I just don’t get it anymore. Is it really that hard to keep a Windows computer up to date? I mean, it is just a simple setting. Just click ÒEnable Automatic Updates.Ó That’s it. Just enable the updates to be auto-magically downloaded and installed on your computer. And you’ll be safe. Ok, maybe I’m being hard on people. I’m much more technically savvy than most.
But the fact that CNN,ABC and The New York Times got hit. Well, I can’t have sympathy for that. These are not general consumers. They’re major corporations. They should have serious IT staffs. This needs to get patched. I understand you don’t have the budget to move everyone off of the 5 year old OS you’re currently running. That’s fine. It’s not like you’re running Win 9x. But come on. If you’re a systems admin, patch the systems on your network. Your job is to maintain the network. Patching systems is part of the maintenance process.
And of course, everyone who hates Microsoft (Slashdot, I’m looking in your direction) is going to go, my God it’s so insecure. This should never have been allowed to happen. Well, you wouldn’t run Linux with a gaping hole in the kernel. (Yes they do exist) so why do you expect Windows to be the same?
Ultimately, this is just another example of people ignoring the recall notice that was put out. Yes, a recall notice. That’s what a patch is. And the best part is, in the end, the real lessons of keeping one’s machine up to date will not have been learned. Instead, people will merely say it’s Microsoft’s fault for releasing windows, and the people who just didn’t patch will get off Scot free.
Security
