Silicon Shecky

Before I get started let me say this, I believe in patching, and updating systems and software. It is essential to security fo a system.

That being said, there is something to be said about forcing updated software by calling it a high priority update. Yep, I’m talking about IE8 yet again. Don’t get me wrong, I’ve used it, and for general web browsing, it is ok, although a lot of sites still seem broken when using it.Some of it is because of the higher security settings built into IE8 the rest because a lot of sites are not optimized for IE8 yet.

The problem is that it is listed as a high priority update, and if you have a machine set to automatically install critical updates, it gets automatically installed on your machine. This is totally against the statement from Microsoft that IE8 is optional. The non-tech person does not know to check, nor is expected to know how to decline the installation of something like IE8. All of a sudden this is costing my clients money, due to the fact that they have to pay me to remove IE8 and then reinstall IE7 on their machine.

Yeah, its nice for my revenu, but it makes the IT world look bad overall. Clients jsut want things to work, and I can’t blame them on that. I just want things to work also. Microsoft doesn’t seem to care about anything except market share and money, and with more and more viable options coming out, they better start learning that reputation means everything, and properly working software is the way to get more market share and money.

Keeping up in the IT world, you come across all sorts of interesting things. You also start seeing patterns that can almost be seen as a microcosm to the rest of the world. With all the focus on Swine Flu lately, you can see some similarities between the way it is being presented and say, Cornficker.

Swine Flu is still making headlines, while Cornficker has done exactly what I figured. It feel from the spotlight, and it fell hard. So hard that the FBI complained about the over-hype and problems that the over-hype caused. Now we are seeing that exact same over-hype with the whole Swine Flu health issue, but no one will ever say it was over-hyped. Cornficker, by the way, has one variant that is about the self destruct, while most of the others have been turning into spam-bots, creating a very large botnet.

The Swine Flu is a nasty illness, but it is being called an epidemic, when in reality such a small portion of people are getting it, and an extremely small amount are dying from it. Yes it is nasty, and yes it needs to be fought, but it doesn’t seem to be any more widespread than any other influenza, just a strain that is more rare.

So one has to wonder, with the latest Zero-Day Adobe Exploit, what we are doing about it. The answer is nothing. People are supposedly waiting for the patch for the newest exploit, yet they still haven’t applied the patches for the prior exploit. Mind you, these things get no press, even though they can be just as dangerous as anything else out there.

Yes, you should test patches before deploying them, but you need to have a plan and a time frame that is not insanely long for a decision. The patches for exploits out in the wild (zero-day) should be deployed as fast as possible. It is simple common sense.

Of course, common sense isn’t so common anymore. Just look at the plan on the Swine Flu “epidemic”.  It consists of scaring everyone to death, hurting the economy because of travel bans, and basically hyping the hell out of it until we become complacent and don’t even listen to the people who are basically crying wolf constantly about it.

Hype can be good, but in this day and age, we over-hype so much so fast that I have to wonder, “What are we thinking?”