tag:blogger.com,1999:blog-7347279.post4797440975297731256..comments2023-08-26T05:04:33.009-04:00Comments on anti-virus rants: does conficker have a silver lining?kurt wismerhttp://www.blogger.com/profile/03810635947269551517noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-7347279.post-87452736114531657862009-01-30T17:02:00.000-05:002009-01-30T17:02:00.000-05:00You're right, Kurt, they are always changing. If n...You're right, Kurt, they are always changing. If nothing else, employees and managers come and go (along with their lessons learned!) and new systems are put into place, sometimes without going through all the possibly new steps.<BR/><BR/>It might be something like a sore tooth. One day eating might be painful, and you might even make motions to go to the dentist to have it checked out. But if in a day or two the pain subsides, appointments may be cancelled or never made. <BR/><BR/>Until there is a real value and force behind actually doing the steps pro-actively, the only people who will do them are the ones who both care and have the free time.<BR/><BR/>Hell, even amongst the same people, I often have to re-justify or re-explain architecture or security implementations every few quarters.<BR/><BR/>It all comes down to whether the security (availability) is valuable or not.<BR/><BR/>That's not to say I'm totally cynical! :) There are employees, managers, and even companies that learn from this and will make better decisions ongoing. Others will make those more permanent changes to patch management or system builds that won't necessarily be forgotten tomorrow. But I wouldn't say that's the norm...Unknownhttps://www.blogger.com/profile/15357840241031190415noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-34753844945792108792009-01-28T13:40:00.000-05:002009-01-28T13:40:00.000-05:00@don c. webberthat's exactly it - without remember...@don c. webber<BR/>that's exactly it - without remembering the reason why those modifications were made to the business' infrastructure it will not be retained down the road when something else trigger's another infrastructure change...<BR/><BR/>you and lonervamp probably have a better idea of how businesses work than i do, but my impression is that this is something that is not static - deployments, security configurations, etc are in subtle but constant motion... as such i expect the improvements to be nullified sooner rather than later...kurt wismerhttps://www.blogger.com/profile/03810635947269551517noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-87905603506419686252009-01-28T13:12:00.000-05:002009-01-28T13:12:00.000-05:00Yes, I admit this will probably be quickly forgott...Yes, I admit this will probably be quickly forgotten. But the modifications to a business infrastructure to address this worm will hopefully continue forward. Admins and managers should understand their deployments better and the efforts involved with maintenance and security. Even if simple things like patch management solutions are fixed the Internet should be a safer place. At least until somebody makes a modification without understanding the ramifications, and then the organization's threat to the Internet will return to normal....opps, I mean increase.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7347279.post-20104882494079073072009-01-27T12:12:00.000-05:002009-01-27T12:12:00.000-05:00@lonervampit could be the changing technology, or ...@lonervamp<BR/>it could be the changing technology, or it could be that the lessons learned were never fully understood in the first place...<BR/><BR/>take for example the caution we eventually learned to use with floppy disks - that caution should have applied to all removable media but somehow we've collectively forgotten to be cautious and autorun worms thrived as a result... <BR/><BR/>did we think we think the need for caution was specific to floppy disks and not applicable to 'anything you can put stuff on', or has removable media changed so much that we can't see the connection between the old and the new? i think it's a toss-up...kurt wismerhttps://www.blogger.com/profile/03810635947269551517noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-33414296933897624132009-01-27T12:01:00.000-05:002009-01-27T12:01:00.000-05:00A sad amen to that! I wonder if this is because te...A sad amen to that! I wonder if this is because technology changes so quickly that we "forget" the lessons learned? I know business has this tendency to be intolerate of one-offs and perpetual activities (secure it 100% and we're done!) in almost every piece of it. But changes go faster than that...<BR/><BR/>The situation can go back to the age-old analogy of an immune system building up resitance to a cold bug for a short time after being affected, but eventually those antibodies wear off and you becoming increasingly more apt to pick up a cold again.Unknownhttps://www.blogger.com/profile/15357840241031190415noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-18306141400731322992009-01-22T16:06:00.000-05:002009-01-22T16:06:00.000-05:00Good point, well made.As a fellow old-timer, I hav...Good point, well made.<BR/><BR/>As a fellow old-timer, I have to wearily agree with you. People get hit by a virus, learn the lesson *for*a*short*while and then soon return to their old bad practices.<BR/><BR/>But at least the headlines and mayhem surrounding Conficker will have encouraged many to update their security patches and review their protection.<BR/><BR/>It may have been too late to prevent them from being hit by Conficker, but who knows what other malware they successfully prevented by having a new year refresh of their security?Anonymousnoreply@blogger.com