Flash isn’t Shockwave and Shockwave isn’t Flash

Bad things happen when security pros like me start asking our infrastructure brethren to patch Flash. We get better security, but the Flash upgrade fails enough of the time to cause extra workload, and it can be confusing.

Consequently, I see more Flash-related helpdesk tickets than I ever saw, even when I was doing desktop support long ago. Adobe doesn’t make it any easier by calling the plugin “Shockwave Flash.”

Continue reading Flash isn’t Shockwave and Shockwave isn’t Flash

My garbage disposal adventure

Changing a worn-out garbage disposal can be a 10-minute job–assuming you anticipate everything, use the same brand as the old one, you know what you’re doing, and the person who installed the old one was at least as competent as you.

It didn’t quite work out for me like that the last time.

Continue reading My garbage disposal adventure

Resources for learning SQL

Whether you’re a sysadmin, an analyst, or use a computer for something else professionally–even if you’re not a database administrator or developer–SQL is a useful skill to know. I’ve gotten by for 20 years without knowing much more SQL other than simple SELECT statements, but those days are rapidly winding down–if I want to be good at my current job, I’m going to have to take some time to learn SQL.

Here are two resources:



SQL is the underlying language behind Oracle, Microsoft SQL, MySQL, PostgresSQL, and probably a few other databases I’m forgetting. If you’re doing something beyond Microsoft Access, it’s probably using some kind of SQL. Each implementation has its own quirks but the basics remain the same between all of them.

Microsoft looks back at MS08-067

The most infamous Microsoft patch of all time, in security circles at least, is MS08-067. As the name suggests, it was the 67th security update that Microsoft released in 2008. Less obviously, it fixed a huge problem in a file called netapi32.dll. Of course, 2008 was a long time ago in computing circles, but not far enough. I still hear stories about production servers that are missing MS08-067.

Last week, Microsoft took a look back at MS08-067, sharing some of its own war stories, including how they uncovered the vulnerability, developed a fix, and deployed it quickly. It’s unclear who besides Microsoft knew about the problem at the time, but one must assume others were aware of it and using it. They certainly were after the fall of 2008.

Continue reading Microsoft looks back at MS08-067

Disrupting online crime by attacking profit margins

The question of why people hack is a common one, but increasingly, it’s to fuel a vast, immensely profitable underground economy. Google researchers suggest the best way to slow or stop it is to undermine that economy, rather than the conventional methods which try to make hacking harder.

Continue reading Disrupting online crime by attacking profit margins

How long it takes to paint a room with a Graco 360DS paint sprayer

I had to paint a house this month for the first time in about five years. I don’t particularly enjoy painting and I’m not particularly good at it.

An old high school friend helped me out with the exterior, and after seeing his paint sprayer, I had to get one myself. Mine’s less expensive and less fancy than his: I bought a handheld Graco 360DS. While it has some limitations, I’m very glad I bought it.

Continue reading How long it takes to paint a room with a Graco 360DS paint sprayer

Cleaning a PC when fdisk-format-reinstall isn’t an option

There are any number of pie-in-the-sky pundits who will tell you when a computer starts to get slow, to format the hard drive, reinstall Windows, and go on your merry way.

Unfortunately it’s not always realistic. I don’t clean up PCs all that often anymore, but here’s what I do when I need to.

Continue reading Cleaning a PC when fdisk-format-reinstall isn’t an option

The difference between a vulnerability scanner and a SEIM

I heard an interesting question the other day: What’s the difference between Nessus (a vulnerability scanner) and Arcsight (a log collector/SEIM). To a security practitioner, the tools couldn’t be much more different, but not everyone is a security practitioner.

On a basic, fundamental level, a vulnerability scanner deals in what’s missing in the environment and what could happen as a result of those things that are missing, where a SEIM deals in what actually has happened and is happening.

Continue reading The difference between a vulnerability scanner and a SEIM

David L. Farquhar, computer security professional and sometime author