Going to free-write today, but I did dig up something from the archive.
What i picked up on with the explosion in Beirut yesterday was definitely the big story.
Ended up having a bit of a conversation on Twitter about it; you can click and read….
Well, typical things with work. I hate that I make mistakes sometimes. I did catch it, however, and figured out how to deal with it.
What I’m dealing with, however, is actually newish stuff to my coworkers. It used to be a case of check-things-once-and-forget-it-for-years. A bit of the Ronco method; “set it, and forget it!” No, tech doesn’t work that way. You have to be constantly vigilant about things.
Unfortunately, I’m not seeing that I wrote about it in my Shmoocon section.
One of the presentations this year or last was about how hardware with flashable firmware actually get less secure the more that you patch them. Why? Feature creep in newer revisions, and attempts to work around the applied patches.
It’s counterintuitive, sure.
But that realization has really influenced my thinking about having old shit out on the network. You apply a laundry list of things to a system to address bugs, but you end up introducing new bugs as part of the fix, and leave undiscovered, unpatched things festering.
In other words, that creaky old server you’ve had for fifteen years is probably susceptible as hell to being haxxed, and patching it actually might make it more likely to be hacked.
There’s a ton of things you can do, however, to mitigate vulnerabilities that don’t involve applying AcmeCo’s latest patch.
Even so, maybe it’s a better idea to not leave ancient shit on your network for years. Document what it does. Have the data in a transferrable format, build something new, and restore data to the new secure system.
Bubuhbut we’ll have to retrain the users!!1!
Cry me a river.
Today’s flashback is probably on-point. I don’t know what in particular set me off writing this, but I would imagine it was something similar.
We do things this way. This is the only way that we do things, so you should just work with that.
Less than two years later, not adhering to that attitude, combined with my health issues would find me in a job for which I was incredibly overqualified.
The situation sucked. But at least the guy responsible is in Federal Pound-Me-In-The-Ass prison for a while longer.
8/5/2011 – 8/5/2011
Tffftbt. I don’t like having to drag people kicking and screming into the new realities of their business. It’s frustrating. What’s more frustrating is that many of the people on my level are intentionally ignoring the new realities. They’ve been working one way for so long; that must mean that one way is the best and only way.
Maybe I can recharge this weekend. Next week is going to be hell, though I do get to go to lala land Wednesday. Unfortunately, it requires an hour inside an electromagnet.
I delayed my medication refill until after my tests. Notsomuch because I want to switch meds, but I don’t want three months’ supply around if the doctor decides to switch me to something different.
So little to do, so much time.