Thursday, May 07, 2009

Sunday, May 03, 2009

Busting your Bubble: Security is on the rise...

...perhaps because us niche Geeks are demanding it.

In a quiet and understated expose my long time Internet friend and verbal jousting opponent, Mr. Steven Hodson, in his rambling diatribe, Whining about a secure Windows, took me to task for asking "Why?" Why we can't get a secure copy of Windows XP.

He states and I agreed that Microsoft has provided a product for 'Joe Average' who "... just want[s] to be able to turn on the machine and do their stuff." Security down through the Windows ages, says the Crankster, ...

wasn’t high on anyone’s priority list.

Microsoft paid heavily for this and continues to pay for it to this day. Unfortunately though Microsoft suffered from another major problem – it was too popular. While it may have had made billions from this popularity they did it by appealing to everyone and their proverbial brother. They weren’t in the market to cater to niche type users.

Yeah, well, I guess I am just a niche guy looking for a secure OS. Now, here is the rub - as the Cranky Old Fart was so very gracious to point out - I am a network administrator. I am the guy that people call when their instance of Windows XP doesn't allow them to blithely "do their thing and not worry about all that ‘other stuff’."

I am the 'Computer Police'. I am the policy enforcer who has to employ all the cobbled together bits and after-thought pieces that Microsoft finally acknowledged as necessary security "fixes". And yes, my 'Joe&Jane Average' users complain mightily when they encounter the cold hard edges of Administrator imposed limits. But you should hear how LOUD they complain when their WinXP won't allow them to work at all because of some "harmless" visit to You2CanWinMillions.com.

I do not disagree that the majority of Windows XP users just want to be able to turn on their PC and do what ever they do without having to jump through a huge number of hoops. I do not however believe that just because the average user has no more PC savvy than the plastic mouse they so delicately fondle while surfing God know where that this is a valid excuse for knowingly fielding the height of OS mediocrity.

Now, lets take a brief moment to check in on some 'average' friends of mine, XP users. On average their PC is delivered to Dave-the-PC-Guy three times a year for a Format-n-Reload. Why? Because my friends Jim&Jill Average are the typical users you described. AND... Microsoft Windows XP is sooooo vulnerable - UNLESS - you jump through all.those.freaking.pesky.hoops.

Yeah, I am the niche guy complaining loudly about security. Yeah, I am the niche guy who adopted Slackware Linux early. Yeah, I am the niche guy who has to worry about all the issues that Joe&Jane and Jim&Jill just simply ignore. Yeah, and then I read the last paragraph of the article that I quoted from earlier about the USAF...
Gilligan also said that he hopes that this project marks the beginning of the end of companies arrogantly resisting locking down their products. "They're still in the model that they want to give all the features enabled to clients," he said, "But I think we've reached a point where that model is one that is no longer effective. I'm of the opinion that all products ought to be configured with these locked-down configurations, and if the customer decides they want to undo them, then they can do that. They cannot continue fielding products where the cost that is being borne by the consumer in terms of having to maintain configurations and deal with attacks is so high." [Link to original article.]


P.S. Related Article

MCRC Blog - 2009

Apr 22, 2009

How a cybergang operates a network of 1.9 million infected computers

Today we announced our recent discovery of a network of 1.9 million infected computers controlled by cybercriminals. This is one of the largest bot networks controlled by a single team of cybercriminals (or cybergang) that we found this year. In this blog post we will provide you with additional details about this network, the malware in use and how the operators are using it to make money – after all, this is the main drive for cybercrime today.


Yeah, 1.9 million infected computers running Microsoft OSs.

Okay but how about the rest of us???

posted by Thom Holwerda on Sun 3rd May 2009 09:16 UTC, submitted by SReilly
. . .
So, the USAF talked to Ballmer, and the CEO actually got personally involved in the project. "He has half-a-dozen clients that he personally gets involved with, and he saw that this just made a lot of sense," Gilligan said, "They had already done preliminary work themselves trying to identify what would be a more secure configuration. So we fine-tuned and added to that."
. . .
So, how secure is this system? Gilligan said that 85% of attacks are blocked by the new configuration. "Turns out when you configure things properly and don't touch them, they actually work pretty well," he added. The Air Force configuration is now in use in many other departments because it has been such a success.
My first question is, "Why can't we 'regular' folks get the same level of consideration and protection from Microsoft???"

The only conclusion I can draw is that Microsoft doesn't care about us 'regular' folks. In their seeming lack of caring they are fielding a product that they know is substandard. They continue to sell us this substandard product because we, unlike the USAF, cannot afford to call Steve Ballmer on the carpet and demand it be fixed. So, now that it has been fixed, how about the rest of us?

When can I get my locked-down secure version of Windows XP???

Back to biscuits and blogging...

After a hiatus of more than two weeks Sunday morning finds me back in the kitchen at the keyboard...

The latest batch of biscuits are now cooling having been taken out of the oven just moments ago... hot melty goodness... flavored this time with sharp cheddar and spicy hot breakfast sausage. Here in Kentucky all I need is a little milk gravy made up from the sausage skillet and it would be a little bit of 'hawg heaven' on a plate. Iffen they aren't eaten right away they will make great hand breakfasts at least until Tuesday.

Blogging has taken a seat way in the back of my short bus. My last posting,
Words and work to live by..., was both a great observation made by Hugh ...and... prophetic. Allow me to elucidate.

I have the very great luxury of being able to work tenaciously at something I do in fact love ... Information System Management. Okay, so I'm a nerd. Sure, it doesn't have a distinctive ring, say like, "Musician" or "Artist" but it is my vocation and more importantly my avocation.

This pottering about with computers and networks and the like affords me another great reward. In addition to all the more mundane concerns I am afforded the opportunity to take time off. In this case my time began just after my last blog post and ran until last Wednesday. By the calendar it was 12 days. The first and last of those days were for travel from here in Kentucky to southern Michigan and then back again.

Albion is in southern Michigan. Shenstone's anagama kiln is in Albion. Firing of this, the largest kiln of its kind in north America, started just before midnight on Friday the 17th. 10 days later, just before midnight, the firing was declared complete and the kiln was sealed. A two week cooling period follows.

The following morning I got up and spent the day traveling back to Philpot Kentucky, back to hearth and home.

... back to biscuits and blogging.

. . .