Oh MacAfee I hardly knew ye

Yeah yeah every blogger in creation had a field day with this story, about how MacAfee AV flagged an innocent ol Windows file as malware, causing computers everywhere to suddenly reboot over and over and over. Imagine how annoying that would be to a PC user. Imagine what a disaster it must have been at countless businesses that depend on MacAfee AV to keep their puters safe from malware.

No one expected of course that MacAfee would be the one to bring all of their computers to their knees instead of some evil software.

One problem with AV of course is that it is reactive instead of proactive. Wouldn’t that be nice..AV that anticipates what future malware will be like. It’s fantasy of course.

Wouldn’t it be nice if AV would actually FIND malware instead of marking a non-malicious program AS malware. I spoke of this before. One AV program I tried installing found 240 instances of malware on my system. Somehow I realized if I really had that much bad stuff on my machine it wouldn’t run. At all. Or the AV that marked two of my previously presumed innocent programs as malware. Somewhere the malware creators are probably smirking. They couldn’t have planned this any better. An AV update brought computers everywhere to their knees. And tomorrow help desks across the US and the world will continue to be silently cursing the company called MacAfee.

It will be interesting to see what spin they put on what happened today.

Changing Passwords

I’ve often wondered how effective changing your password every six months was. Apparently it isn’t. There was n article online I saw last week that studied the effectiveness of this policy and discovered it didn’t really work. Go figure huh? I mean nowadays passwords of any kind can be figured out pretty quickly. The best defense I suppose is to make passwords long and cumbersome. If you do that, you’ll make the break-in more difficult for someone. You’ve also made it much more difficult for you to remember that cumbersome password. Your mileage may of course vary.

On that same topic, I recently came across the security blog called CodetoCoffee.org. One post mentioned how certain non alphanumeric characters still weren’t allowed to be used in creating passwords. Ones like single or double quotes or backslashes. My question is why the hell not? Seems like if you can’t use alphanumeric characters what are you supposed to use? I know, it doesn’t matter if someone really wants in. But isn’t it best to be able to use every line of defense? Or am I just pissing in the wind?

San Francicso Giants

A year ago, the Washington Nationals baseball team had the misfortune to get uniforms that were spelled “Natinals.” it seems the company that makes major league team uniforms didn’t learn anything from that debacle. Yesterday, one of my beloved SF Giants’ players sported a uniform that said “San Francicso” instead of San Francisco. Ummmm do the workers need magnifying glasses? Or are they doing this just to see if anyone notices? Inquiring minds want to know. 🙂

The Titanic and Business Continuity Planning

Last night I attended the Pacific IT Pros monthly meeting. I chatted with one guy who commented that the Titanic and Business Continuity Planning (ie Disaster Planning) had a good deal in common. Interesting concept..you take one of the biggest cruise ship disasters in history and compare it to something all businesses should do. He told me a few things I never knew about that disaster…ranging from inadequate testing (thanks to the outdated rules in effect at the time) to gross miscommunication (ie ignoring an iceberg warning because the warning apparently didn’t apply to the Titanic) to striking the iceberg itself. And apparently the iceberg didn’t even really gash the Titanic all that much. But it clearly was enough!

He also pointed out that enough things had to happen in order for this disaster to occur. But it was the combination of poor design, bad communication, poor safety guidelines in addition to hitting the iceberg that did in the Titanic. Is there a moral? I’m not really sure. I would assume (but we all know what happens when we assume right?) that having good plans in place will not prevent a tragedy from occurring but will likely greatly lessen the impact of it.