-
Blog Search
Translate
According to an article on the SeattlePI.com Website, Microsoft CEO Steve Ballmer said that Vista is a “work in progress”. This report was published in April, so it’s old news by now. I just came across it again recently, and it reminded me of something I had thought about when I first saw it.
A US News and World Report article published on November 28, 2008, states that a US military base in Afghanistan was hit by a virus that affected nearly 75% of its computers. I find this puzzling, because the press was largely silent at the time of the attack. I don’t think it can all be attributed to the military remaining tight-lipped to preserve security.
A common bit of advice to programmers is to avoid “reinventing the wheel”. The idea is to use code and tools that have already been created, instead of trying to write your own from scratch. Instead of writing your own screen display routine, for example, you can use one of several that already exist. That can save you time and effort, which in a professional setting equates to making more money with less effort. For professionals, it’s usually good advice. The situation is different, I believe, for amateurs.
Sometimes your site will be hammered by automated scripts trying to crack your password or otherwise gain access to your system. You can find such attempted exploits in your logs. On my Ubuntu system, logs are located at /var/log. Apache logs are located at /var/log/apache2. There are three basic logs that may be useful to find information of suspicious activities against your site. They are /var/log/auth.log, /var/log/apache2/access.log, and /var/log/apache2/error.log.
All too often our security measures are “reactive”. Someone manages to break into our server, and we then have to clean up the mess, pick up the pieces, and try to figure out how it happened - and what we can do to prevent it in the future. This approach is easy, until you’ve been successfully attacked. Then the real cost in labor becomes apparent. It’s easier to prevent problems, than to fix them. You need to dig around to see whether anything suspicious is happening. Often you can thwart an attempted attack, if you know someone is trying it. You have to go looking for trouble.
Although there are many false myths about the dangers of using Linux, there are also some myths about the upside of Linux. In the interest of fair play, and possibly to annoy some Linux zealots, I want to share a few of those other myths.
More »
If you have a Website, there are likely going to be times when it gets hammered by rude bots, malicious attackers, or infected servers that are being used to automate malware seeking weaknesses in your defenses. It really doesn’t matter how small or insignificant you think your Website may be. Many of these attacks are performed automatically, without regard to the importance of the site they attack. They will mindlessly hammer on your site until they find a way in, or time out and move on to the next site on their list. These are called brute force attacks, or dictionary attacks.
That idea is from a Sherlock Holmes short story, but it seems to fit a notion about security in real life and in computers. The most effective security doesn’t result in any alarms. It stops problems before they ever become noticeable. For security people and software that can be a problem, because people may equate a lack of alarms with a lack of threats.
When I was a kid, my father bemoaned the existence of Dutch elm disease. This disease devastated elm trees throughout the US, sometimes nearly wiping out large forests of these trees. One of the reasons why this disease was so devastating was that elms were popular trees. Many communities had planted elms along their streets. Once one tree became infected, it was easy for the disease to spread to the other trees. There wasn’t enough variety among the trees. Had there been, then probably fewer elms would have been killed. The other trees would have been unaffected, leaving at least some trees standing.
The situation with computers is similar. A lack of variety makes us highly vulnerable to any virus or other exploit. If such an exploit is successful, it can affect most of the computers that are online.
In a previous post I wrote a favorable review about wine, which is a sort of compatibility between a Windows program and the Linux operating system. In order to test out wine, I put it through what I thought would have been a fairly rigorous test. It turns out I was sadly mistaken.