Patches | Silicon Shecky

Google Chrome has more Patches

May 6, 2009 By Michael Kavka Leave a Comment

So Chrome updates itself silently, which can be a good thing, unless the patches require a restart of the browser. If this does happen you all of a sudden get a notice saying, “Changes have been made, you need to restart for them to take effect, ” or something along those lines. I get it with Firefox also. IE doesn’t do that, which is why it can’t be as secure.

Anyway, I digress. It seems that in the pas month Chrome has had to do some major patching quite often. People talk about how secure Chrome is, and while I haven’t tried it yet, I do have to wonder if it is being heavily targeted, or did the developers just make that many misses on bug testing?

http://blogs.zdnet.com/security/?p=3324#more-3324

So with all the browser choices out there, how many do you think have more problems than they know because of security through obscurity?

Overhype:Flu Vs. IT

April 30, 2009 By Michael Kavka Leave a Comment

Keeping up in the IT world, you come across all sorts of interesting things. You also start seeing patterns that can almost be seen as a microcosm to the rest of the world. With all the focus on Swine Flu lately, you can see some similarities between the way it is being presented and say, Cornficker.

Swine Flu is still making headlines, while Cornficker has done exactly what I figured. It feel from the spotlight, and it fell hard. So hard that the FBI complained about the over-hype and problems that the over-hype caused. Now we are seeing that exact same over-hype with the whole Swine Flu health issue, but no one will ever say it was over-hyped. Cornficker, by the way, has one variant that is about the self destruct, while most of the others have been turning into spam-bots, creating a very large botnet.

The Swine Flu is a nasty illness, but it is being called an epidemic, when in reality such a small portion of people are getting it, and an extremely small amount are dying from it. Yes it is nasty, and yes it needs to be fought, but it doesn’t seem to be any more widespread than any other influenza, just a strain that is more rare.

So one has to wonder, with the latest Zero-Day Adobe Exploit, what we are doing about it. The answer is nothing. People are supposedly waiting for the patch for the newest exploit, yet they still haven’t applied the patches for the prior exploit. Mind you, these things get no press, even though they can be just as dangerous as anything else out there.

Yes, you should test patches before deploying them, but you need to have a plan and a time frame that is not insanely long for a decision. The patches for exploits out in the wild (zero-day) should be deployed as fast as possible. It is simple common sense.

Of course, common sense isn’t so common anymore. Just look at the plan on the Swine Flu “epidemic”. It consists of scaring everyone to death, hurting the economy because of travel bans, and basically hyping the hell out of it until we become complacent and don’t even listen to the people who are basically crying wolf constantly about it.

Hype can be good, but in this day and age, we over-hype so much so fast that I have to wonder, “What are we thinking?”

IE8 not being pushed? Only if you work in PR.

April 29, 2009 By Michael Kavka Leave a Comment

IE8, still not ready for everyone to use due to compatibility issues with many websites out there. Microsoft says, “We are not pushing IE8 out there yet.” Everyone breaths a sigh of relief.

At least until today. If you run updates, you should take a close look at the high priority updates. Yeah the ones that get pushed down through Automatic Updates. You will see IE8 there. Sounds like a push to me. Yet Microsoft is still claiming that they are not pushing it out.

Now I don’t know about you, but if I saw it in the Optional Software updates, I would believe them, but with it in High Priority? Come on, we all know that usually we just let the high priority updates get installed, because they are usually the most critical of the updates, and if you are set up to autoupdate, it will get pushed down and installed unless you are set up to check what updates have been downloaded for install.

To use a phrase from a segment on a sports show I listen to.. Microsoft, Who Ya Crappin?