A potpourri of random ramblings

It has been some time since I have had a moment to sit and write an entry here. Things just seem to be getting more hectic of late. Anyway here are some general thoughts and notes.

  • Last weekend all hell broke loose for a few hours due to the saphire (aka slammer) worm. Like many others, I was awakened around 04:00 to deal with it. As we have all read or heard in the media, this worm took advantage of a known Microsoft SQL exploit in order to propagate itself. Since the worm’’s release, there has been a great deal of finger pointing and asinine suggestions as to what could have been done differently and what’s to be done in the future. Some people have suggested just filtering all Microsoft specific protocols at their network edges; others have put forth the idea of a second — business only — Internet, where access will be limited and some security standard adhered to. Most of these suggestions seem to absolve the group that is primarily responsible for the propagation of the worm: System Administrators, and IT Managers. I am no fan of Microsoft and their products, for many reasons, but a patch for SQL server was released over six months ago which closed the vulnerability exploited by this worm. Yes - this patch and succeeding ones are poorly documented; Yes - many Microsoft patches occansionally break other applications; Yes - production servers must be available nearly all the time. Yet, all systems require maintance and updates at some time or another. If you are running a server, and don’t trust the patch tree, then you should have a development server to test your patches and code on. Managers who wine that it’’s too costly or takes too much time, shouldn”t be depolying servers. System administrators who are too lazy or busy to plow through the documentation of a patch tree and security notices, shouldn”t be maintaining servers. Just because a server has the same look and feel as your desktop, doesn”t mean you can treat them the same. Network security is NOT about protecting just your network. Maintaining proper security patch and anti-virus levels not only keeps your systems functioning well but greatly contributes to the overall health of the Internet. Within the Internet, all things are connected.
  • As some of you are aware, this week PIR took control of the .org TLD. This move has created a great deal of confusion and annoyance for many domain administrators and registrars. PIR decided to maintain a thin whois database, instead of the traditional thick database. Thus, several specific whois querries are required to confirm contact and host information for .org domains. PIR’’s plan to move to a thick database seems months away - one would have hoped that they would have considered the general confusion that has ensued prior to the changeover. While PIR has many lofty goals for their registry, we are left to wonder if these will be carried out with the same lack of forethought as thier management of the chaneover. PIR whois lookups can be conducted at http://pir.org/whois/
  • On January 15th the Supreme Court of the United States ruled against the plaintiffs in Eldred v. Ashcroft. This ruling effectively extended copyright protection for an additional 20 years. Essentailly, the court held that although it thought the extention was a bad idea, it had no authority to intervine. While copyrights are important to ensure that creators and holders are paid for their work, the framers of our Constitution recognized that copyright protection must be limited, and a greater good comes from allowing materials to enter the public domain. During the last 100 years copyright protection has continued to be extended, so that not one element produced since the late 1800’s has fallen into the public domain. We are left to wonder whether or not any item ever will. Jack Valenti (president of the MPAA) has said that “since the U.S. Constitution demands that limits be put upon copyright terms” he would like to see copyright protection extended for “forever minus a day.” The public good seems to have little to do with the law rencently, and all we can be certain of is that another copyright extention bill will be introduced within the next 20 years. . .
  • Bev Harris of talion.com has begun reporting on the possible tampering with electonic voting machines. Apparently, in many states there is no software or code review to ensure these systems operate impartially, and no independent review to guarantee that the code is the same accross all machines. In at least one case the code and machines were developed and by a company who had a primary shareholder as candidate in the election. It seems that when Ms. Harris brought this issue to light, the company involved threatend her with legal action. Was this elections “rigged”? Who knows. But this kind of chicanery greatly underminds the belief in an impartial system.

    As any of us have done some simple coding know, its pretty simple to insert some subroutines to change the outcome of an algorithm at a specific or random point. We also know that just because one distribution of code is clean another may very well be tainted. Ms. Harris’’s investigation has brought to light some distrubing facts and trends, and it should be reviewed by voters and lawmakers alike. Action must be taken to create strong and impartial checks on electronic voting systems. All source code should be freely available, and digital signatures and checks put into place for each installation of the code to ensure its authenticity. Failure to act now, puts the future of democracy in grave peril.\r\n\r\nBev Harris’’s investigation can be found at http://www.blackboxvoting.com/ and
    http://www.talion.com/election-machines.html

This entry was posted by steve on Sunday, February 2nd, 2003 at 10:28 am and is filed under Misc. Ramblings, Internet, Politics. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

1 Comment so far

  1. on November 12, 2008 at 8:00 pm Amber Nolan wrote:

    8v5ibf41×96243ua

Have your say

Fields in bold are required. Email addresses are never published or distributed.

Some HTML code is allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>
URIs must be fully qualified (eg: http://www.domainname.com) and all tags must be properly closed.

Line breaks and paragraphs are automatically converted.

Please keep comments relevant. Off-topic, offensive or inappropriate comments may be edited or removed.

  1. Random Quote

    This is the bitterest pain among men, to have much knowledge but no power.
    Herodotus

  2. Tag Cloud

  3. RSS ONI News

  4. Meta

  5. The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.

  6. bandwidth provided by onShore