g r o t t o 1 1

Peeve Farm
Breeding peeves for show, not just to keep as pets 
  Blog \Blôg\, n. [Jrg, fr. Jrg. "Web-log".
     See {Blogger, BlogSpot, LiveJournal}.]
     A stream-of-consciousness Web journal, containing
     links, commentary, and pointless drivel.

On My Blog Menu:

InstaPundit
USS Clueless
James Lileks
Little Green Footballs
As the Apple Turns
Entropicana
Cold Fury
Capitalist Lion
Red Letter Day
Eric S. Raymond
Tal G in Jerusalem
Secular Islam
Aziz Poonawalla
Corsair the Rational Pirate
.clue

« ? Blogging Brians # »





Book Plug:

Buy it and I get
money. I think.
BSD Mall



 10/6/2003 -  10/8/2003
 9/29/2003 -  10/5/2003
 9/22/2003 -  9/28/2003
 9/15/2003 -  9/21/2003
  9/8/2003 -  9/14/2003
  9/1/2003 -   9/7/2003
 8/25/2003 -  8/31/2003
 8/18/2003 -  8/24/2003
 8/11/2003 -  8/17/2003
  8/4/2003 -  8/10/2003
 7/28/2003 -   8/3/2003
 7/21/2003 -  7/27/2003
 7/14/2003 -  7/20/2003
  7/7/2003 -  7/13/2003
 6/30/2003 -   7/6/2003
 6/23/2003 -  6/29/2003
 6/16/2003 -  6/22/2003
  6/9/2003 -  6/15/2003
  6/2/2003 -   6/8/2003
 5/26/2003 -   6/1/2003
 5/19/2003 -  5/25/2003
 5/12/2003 -  5/18/2003
  5/5/2003 -  5/11/2003
 4/28/2003 -   5/4/2003
 4/21/2003 -  4/27/2003
 4/14/2003 -  4/20/2003
  4/7/2003 -  4/13/2003
 3/31/2003 -   4/6/2003
 3/24/2003 -  3/30/2003
 3/17/2003 -  3/23/2003
 3/10/2003 -  3/16/2003
  3/3/2003 -   3/9/2003
 2/24/2003 -   3/2/2003
 2/17/2003 -  2/23/2003
 2/10/2003 -  2/16/2003
  2/3/2003 -   2/9/2003
 1/27/2003 -   2/2/2003
 1/20/2003 -  1/26/2003
 1/13/2003 -  1/19/2003
  1/6/2003 -  1/12/2003
12/30/2002 -   1/5/2003
12/23/2002 - 12/29/2002
12/16/2002 - 12/22/2002
 12/9/2002 - 12/15/2002
 12/2/2002 -  12/8/2002
11/25/2002 -  12/1/2002
11/18/2002 - 11/24/2002
11/11/2002 - 11/17/2002
 11/4/2002 - 11/10/2002
10/28/2002 -  11/3/2002
10/21/2002 - 10/27/2002
10/14/2002 - 10/20/2002
 10/7/2002 - 10/13/2002
 9/30/2002 -  10/6/2002
 9/23/2002 -  9/29/2002
 9/16/2002 -  9/22/2002
  9/9/2002 -  9/15/2002
  9/2/2002 -   9/8/2002
 8/26/2002 -   9/1/2002
 8/19/2002 -  8/25/2002
 8/12/2002 -  8/18/2002
  8/5/2002 -  8/11/2002
 7/29/2002 -   8/4/2002
 7/22/2002 -  7/28/2002
 7/15/2002 -  7/21/2002
  7/8/2002 -  7/14/2002
  7/1/2002 -   7/7/2002
 6/24/2002 -  6/30/2002
 6/17/2002 -  6/23/2002
 6/10/2002 -  6/16/2002
  6/3/2002 -   6/9/2002
 5/27/2002 -   6/2/2002
 5/20/2002 -  5/26/2002
 5/13/2002 -  5/19/2002
  5/6/2002 -  5/12/2002
 4/29/2002 -   5/5/2002
 4/22/2002 -  4/28/2002
 4/15/2002 -  4/21/2002
  4/8/2002 -  4/14/2002
  4/1/2002 -   4/7/2002
 3/25/2002 -  3/31/2002
 3/18/2002 -  3/24/2002
 3/11/2002 -  3/17/2002
  3/4/2002 -  3/10/2002
 2/25/2002 -   3/3/2002
 2/18/2002 -  2/24/2002
 2/11/2002 -  2/17/2002
  2/4/2002 -  2/10/2002
 1/28/2002 -   2/3/2002
 1/21/2002 -  1/27/2002
 1/14/2002 -  1/20/2002
  1/7/2002 -  1/13/2002
12/31/2001 -   1/6/2002
12/24/2001 - 12/30/2001
12/17/2001 - 12/23/2001
Monday, August 4, 2003
15:52 - We Love the Leader!

 (top) link
Yesterday, the reporters on KCBS were running as their topmost story a breathless, bowled-over commentary on the latest e-mail worm to travel through all our inboxes-- the "admin@yourhost.com" one-- and how Microsoft has so amazingly quickly "nipped it in the bud".

The worm in question is the one that goes like this:

From: admin@grotto11.com
Date: Mon Aug 4, 2003  3:19:05  PM US/Pacific
To: Btman 

Subject: your account                         eioeofao
Reply-To: admin@grotto11.com
Attachments: There is 1 attachment



Hello there,

I would like to inform you about important information regarding your
email address. This email address will be expiring.
Please read attachment for details.

---
Best regards, Administrator
eioeofao


And of course there's a bright, shiny, candy-like attachment for you to double-click on, thereby infecting your computer and sending out another few thousand copies of itself to anybody your machine has ever had contact with.

The news said that Microsoft had posted a fix "within an hour" of the exploit being reported. They ran interviews with "technology consultants" and "security experts" who professed to being astonished by Microsoft's response, hailing it as a clear demonstration of how far they've leaped forward in embracing security as a prime business concern.

Nary a word about how they plan to apply the fix to all the millions of Outlook installations in the world, or address the fact that my inbox is still filling with about twenty of these a day.

This story, by the way, was a major turnaround from how KCBS normally covers such news. Usually they point out how posting a fix is not the same thing as stopping the spread of a virus or worm, and how the real indicator of increased commitment to security is when fewer of these vulnerabilities appear in Microsoft software in the first place. Usually they get someone to phone in a few sound-bites about "genies" and "bottles" and "monopolies that don't have any incentive to provide secure software, because what are you gonna do-- not run Windows?"

So why the sudden change? Did their whole news staff suddenly forget what security is about? Or did someone drop a suspiciously heavy brown paper bag in an alley behind the station?

I'd be interested in knowing if they'll follow this up with a story about how quickly Microsoft posted fixes for the Code Red and Nimda vulnerabilities.

"Why, they were so foresighted, they posted fixes six months before the exploits started to break out!"

Tireless warriors on the wrong front.
Back to Top

© Brian Tiemann