Robert Pogson

One man, closing all the windows.

Daily Archives / Friday, September 9, 2011

  • Sep 09 / 2011
  • 2

First There Were Zero-day Vulnerabilities. Now They are Five Days.

It used to be M$ would announce a bunch of vulnerabilities once a month and the malware artists would get a standing start to sabotage the world’s IT. Today the clock is ticking on four vulnerabilities announced four days before Patch Tuesday. That means the bad guys have a five-day headstart on most folks using that other OS. Time to quit that. I suggest using Debian GNU/Linux. It works for you not the bad guys. I remember when my employer used that other OS and I had to update systems currently in use all over the building… Of course M$ announced the vulnerabilities in the middle of our work day so I had to wait hours until folks had gone home for dinner to unleash the hounds, updating 7 servers and 100 clients. This week I would be losing sleep on day 0-Friday, day 1-Saturday, day 2-Sunday, day 3-Monday, day 4-Tuesday and into day 5-Wednesday to hunt down the reluctant updaters… I am glad I am not on the job in an M$ shop this week.

UPDATE Here’s what SANS thinks of the vulnerabilities. Several that M$ thinks are “important” are classed as “critical” by SANS, things like remote code execution in your word-processor.

  • Sep 09 / 2011
  • 3

M$ Cannot Keep a DNS Server Running Yet Many Trust M$ With Their IT

A DNS service is a simple server/cluster with a configuration. It’s easy. It’s a well-defined protocol. Yet M$’s cloud came crashing down because of a failure of DNS for hours. Was there no one awake to reboot the servers? I have run BIND 9 many times on my LAN and never had it fail. Maybe M$ should try Debian GNU/Linux instead of its own dogfood. I see three current bug reports on Debian’s bug tracking system: one for a fix when multiple instances are run, one when a misconfiguration prevents killing the process and one wishing for the newest version of Berkely DB to be used. That is, no one has any issues with the thing doing its job in the normal way. If M$ cannot use its software to run its systems flawlessly, why should you rely on them to run your systems? Is a discount going to make up for your loss of productivity?