One week in Corvallis…
I’ve spent the last several days here in Corvallis attending a SANs class on “Securing Windows.”
That’s right; I’ve been spending the week with a group of 150 computer geeks at the site of one of the largest open source labs around for a class on Microsoft products.
Yep, Star Trek jokes, snort laughs, Bill Gates bashing, mouth breathing, open zippers and huge bellies. It’s like a giant basement erupted, spewing permanent adolescents everywhere. There are like ten people that look like the comic book guy from the Simpsons.
I’ve heard more conversations about World of Warcraft in the last week than you can imagine. I also got snide, snarky looks for having never played the game. I don’t want to talk about what happened when I didn’t get the Star Trek jokes (I don’t watch much TV, and when I do, I don’t watch Star Trek. Now Firefly, on the other hand….)
The worst part? The bathroom. Let’s just say that geeks aren’t known for their aim. In addition, carrying half a dozen electronic gadgets on your belt apparently causes your pubic hair to fall out in freaking clumps.
You could easily make your own computer guy from the hair, urine, and other trace genetic material that is easily salvaged from the restroom.
I’m not even going to talk about the wonderful experience that is the “three o’clock group geek dump.” Four to five stalls, really bad noises, and a smell that will literally burn your soul. The sad thing? One of them will be on a cell phone.
The instructor looks like Bruce McCulloch from Kids in the Hall. I keep expecting him to scream “My Pen!” and run from the room.
The good stuff? There is free coffee all day long, as well as snacks. The snacks are usually pastries, cookies, and fruit.
The funny thing? There is never fruit left over. You wouldn't know it from looking at this crowd.
OK, I’m exaggerating. The serious, “take his lunch money” geek count stands at about sixty-five percent. However, this is still a pretty dork-heavy crowd. The bathroom, however, really is disgusting.
These things are always kind of odd. There is the realization that these are, to some degree, “my people.” My wife maintains that I belong to the “not so dorkish, scary-smart, explosion-and-boobies-loving Mythbusters group,” (Her term, not mine.)
The classes have been good, if not long. The most interesting aspect has been my own overview.
Microsoft has some very big, deeply-rooted problems. The idea that it takes a six day course to learn how to secure an operating system is a little disturbing. The fact that some guy named Bubba can buy a computer at Wal-Mart and by default has the ability to quickly and unknowingly turn it into a member of some massive bot-net spam factory is, frankly, irresponsible.
Giving Bubba complete administrative control (by default) of his first computer is simply bad form. He just wants to read dirty jokes in the email from his buddies and look at freaky German porn. If something pops up telling him to “install this plug-in” so he can see Bea Arthur nekkid, he’s going to be on that like stink on Warrenton.
He doesn’t know any better. To him, the computer is just a television with a keyboard. It should just work for him.
Microsoft has exploited this. In a effort to get an “easy-to-use” and infinitely backwards compatible OS, they sacrificed security. This isn’t 1980. We don’t connect to CompuServe with 2400 baud modems anymore.
The average home has an under $50 broadband connection that provides more raw throughput than the old “high capacity” leased-lines that we used to pay thousands of dollars for. Add in a powerful computer running an inherently insecure operating system (either due to programming or user error) and the Internet as we know it is actually in danger of being rendered useless.
As an example, look at electronic mail. What was once an effective communication tool has become a trap for crap. Right now, 75-80% of all mail traffic is spam. The majority of that spam originates from these bot-nets running compromised Windows XP.
Who is ultimately responsible?
Microsoft argues that it simply provides the tools, and people misuse them. They argue that things like kernel level access are there in case an advanced user needs them.
That’s like mounting a 4 foot wide spinning lawn mower blade on the front of Grandma’s car in case she ends up in a real life version of “Death Race 2000,” then letting Grandpa take it to the Sunday Market.
Now, they’re releasing Vista- the most secure Windows yet! That’s like calling it the most reliable Dodge Dart- ever! It is still a Dodge Dart. Just because they “started with security” doesn’t mean they didn’t finish with more of the same insecure easily bypassed (by unknowing users) shit.
Time will ultimately tell, however.
In the meantime, my opinion has changed a bit. As a consultant, I loved Microsoft. Their products guaranteed a constant stream of revenue. I made a fortune just from Exchange.
As an admin, they scare the crap out of me. I’m lucky in that none of our mission-critical applications rely on their products. As time goes on, more of our systems will probably move away (OpenOffice anyone?)
I see shops that are completely, end-to-end Microsoft in what amounts to an abusive relationship. Microsoft keeps smacking them around, then they apologize and try to make up. It is the digital version of domestic violence.
“Yeah baby, I’m sorry about that first version of WindowsXP. Here’s a service pack- it won’t happen again, ‘cause I love you.”
More time, more patches, another service pack. More malware, viruses, and problems. It is a cycle.
People, there are alternatives. Check them out. Break the cycle of abuse.
Shit. I hope I'm not turning into one of those *nix geeks.
posted by Tom @ 11:21 PM
8 comments
The long bench is now a saw table.
I built this work table out of scraps and extra lumber (who doesn't have 4x4 presure treated posts around?)
