Tag Archives: security

When I think “security consultant”, I think “manager of Staples”

Posted on by
Reply

Anyone else watching what a media shitstorm Conflicker has turned into?

As if we don’t have enough FUD already, we have some genius at ABC news advising how to make your computer less secure.

If you don’t purchase the software you could also save your files to an external hard drive and be sure turn off any automatic updates until this super worm is killed.

Wow, that’s special. I’m wondering if whoever the technical adviser was for that article isn’t on Conflicker’s payroll? See, Conflicker spreads in three ways:

      External drives (USB flash drives, external hard drives)
      By exploiting bugs that were already fixed before Conflicker was released and deployed by Microsoft through Automatic Updates..
      Weak passwords across your LAN.

So the correct course of action is to do the exact opposite of what ABC suggests: Turn on automatic updates, make sure you’re up to date right now, then scan your external hard drives before trusting them.

And then of course there is this little gem:

“Well the best thing a customer can do is purchase a Norton 360, what it will do is give you complete virus protection it also spyware and adware..in addition it gives you two gigabytes of online backup so you could put your files on a backup server”, said Luke Rider, Manager of Staples.

Because when I think “security consultant”, the first thing I do is go to my nearest Staples store and ask for the manager.

Related posts:
  1. Giggity giggity
  2. Windows Vista / USB device detection problems
  3. Seagate Warranty Service – Two Thumbs Up
  4. Security Theatre
  5. More Security Theatre

The TSA wins once again

Posted on by
2

The TSA is spending $100,000-$120,000 per machine on new Millimeter Wave Machines and despite the privacy concerns and cost of the equipment, and despite the fact that they’ve been testing these since 2007 the success story that the TSA chooses to present to us is a foiled terrorist plot? No. Maybe a nutjob planning to blow up his shoes? Not so much. I know, maybe someone with a concealed carry permit who was running late and forgot to secure his gun? Heck, even a nail file with a sharp edge?

Here we are in 2009 and the best the TSA presents to us on their blog is that they finally cause one piece of contraband, a bottle of lotion.

I think I’m going to go ahead and agree with the TSA’s own comment: “Thank the heavens for the TSA. Without them, a harmless bottle of lotion would have made it onto an airplane”

Good job TSA.

Related posts:
  1. Delete your MySpace day
  2. Security Theatre
  3. WordPress URL format changes
  4. 15 seats to myself
  5. Personal blog? Or commercial venture?

Why IE6 is bad

Posted on by
1

There is a scourge on the Web, it is called Internet Explorer 6.

Here we are, two years after Internet Explorer 7 was released, at least a year since Internet Explorer 7 was pushed out as an automatic upgrade, and some ~30% of people are still using it. Heck, we’re all but on the cusp of IE8’s release, and some people are still stuck in the past with IE6!

This upgrade lag is simply unacceptable, especially to all of the web developers out there who are busy creating the content that feeds the monster you the internet.

So what’s the problem? Well, it is a real pain to make sure your Web apps work on five different browsers, but that’s just part of the game. Adding a sixth is a minor annoyance you say? Well actually no, it’s a huge pain! See, you can’t have IE6 installed on the same machine as a later IE version, so I’m stuck using an entirely separate machine that exists only for Internet Explorer 6 just to test minor site changes in IE6.

Not only that, but IE6 “supports” some non-standard features and functions that are not compatible with other browsers, and has a ton of CSS and even JavaScript incompatibilities, so things that should be dead simple in every other browser are a huge pain in IE6. The security vulnerabilities aren’t too much fun either.

For the manager types who need a bullet point list, okay, here it is. There are many reasons to upgrade your browser, but here are the most pertinent:

  • Security improvements and fixes.
  • Better rendering support for websites.
  • Enhanced privacy options.

If you are a web developer you already know many of the headaches associated with Internet Explorer 6, so I’d encourage you to do what you can do encourage users to upgrade.

So, upgrade to what? There are a ton of alternatives to Internet Explorer 6, with the most popular browsers, all available for free, being listed below (in order of my personal preference):

So please, upgrade!

For those unfortunate souls still running Internet Explorer 6, I’ve added a handy annoying reminder to get a better browser. I’m trying to be nice, so I made it only appear on the main page, you can still wander around the site without too much pain, but please, if you see the reminder, it’s there for your own good as well as for mine.

Related posts:
  1. Oh yeah? Well why don’t you go Google yourself?
  2. Cell phone insanity
  3. WordPress 2.5