* Posts by jz879546213

2 posts • joined 24 Sep 2015

Microsoft steps up Windows 10 nagging


Full Circle

The circle is now complete and we users are now, again, being chained to mainframes albeit in a more 'polite' way. "Sure, you have that now but what about -this-? We're doing -you- a favor and just giving you a new Windows!" The disguise of convenience in this ever expanding world of technological wonders is the sweet nectar that draws in the unsuspecting to this metaphorical Venus Fly Trap. All of your data, shared across the multitude of digital devices that are so commonly owned, right there when you need it! Between your smartphone, smart TV, PC, and perhaps even your own little IoT infrastructure, who could say no to such convenience? But all that data has to be stored somewhere. A funny thing about big clouds; when it rains, it pours.

This present situation is one that I find to be ironic, (and I am fully prepared to be corrected on using that word) considering Microsoft's instrumental role in what could be considered a liberation of personal computing. While not the only player in the symphony of the computer revolution, they certainly helped bring in an amount of standardization into a mire of unique and individual personal home computers. A world where attempting to connect one to the other could potentially cause shorting circuits or over-volts, or both.

Now that, for the most average user, PC hardware technology has hit a plateau the impetus cycle of hardware upgrades is now relegated to those relatively few who need the number-crunching processing power that the latest and greatest has to offer. This, as someone who can fondly remember the 25-30 3.5inch (90mm) floppy disk installation process of Windows 95 on the family's 486 all-in-wonder Compaq, I think terrifies Microsoft. The OEM market is saturated and PC sales are, as far as I know, fairly stagnate.

As such, they have to create a new source of revenue along with justifying yet another version of Windows (let alone pay for it) and are taking note of Google particularly with the ad driven or at the very least data mining being said source of new revenues. All that data in one place is just ripe for the algorithms to learn, dissect, and then disseminate to the highest bidder, and all faster than you can blink your eye.

It may take time, but I think that Microsoft's own headfirst sprint into this area will the fracturing that will create change, and perhaps, the toppling of their own industry-standard crown.

Sysadmins, here's your weekly Cisco bug-splat


patch the gibson!

As a current student of Cisco's CCENT course, I would like to state that network security by design is currently being drilled deeply into my head. Currently working on VLANs, some of their attack vectors, network segregation and port security. While the SSH bugxploit is dangerous, it can be mitigated with planned out VLANs, permission levels, and/or relegating mission critical equipment configuration/modification to console only connections. While inconvenient and probably not an option in many cases ( I can't imagine management would enjoy having to send an admin cross-country to reconfigure a switch or router), security is always inverse to useability/ease-of-access.

At least the other bugs can only cause a reload of the vulnerable equipment. Yes, that can be damaging in its own way, but attackers don't have the possibility to glean sensitive network information vs the SSH authentication bug. Many of those vulnerable features can be disabled, or segregated, and having a fail-over network setup can minimize the downtime. In my opinion, at this time, a fail-over network should be running, at least the outer edges, equipment from a different vendor, and the internet facing IP should be different with DNS to help the redirection of traffic. How that might ever work in an actual large business network, let alone the acquisition, training, etc, I cannot even guess at. Ultimately if your forward facing Cisco equipment has been compromised in some way, then having a fail-over with the exact same equipment just sounds like tempting fate.

At the end of the day, a network should be like an ogre. It should have layers. We all should be a bit more concerned with that physical DoS attack wherein high voltage is fed through the Ethernet connector and gets passed around all the devices like some sort of circuit-exploding herpes.


Biting the hand that feeds IT © 1998–2019