U2. I couldn’t help but notice during U2’s halftime performance yesterday how much Bono has aged. Now, granted, he’s 42 or 43 now, so he’s not going to look 22 anymore, but last night he didn’t look 42 to me. His voice didn’t seem terribly strong either, but that’s something he’s battled for more than 20 years. During their famous Sarajevo gig in 1997, Edge had to sing a few numbers (including Sunday Bloody Sunday) because Bono had lost his voice.
Above all else, it was a show. The band showed up on stage, sans Bono. He was walking through the crowd. They played one obvious song (Beautiful Day), then in a flash of showmanship, projected the names of 9/11 victims as they played an obscure song off The Unforgettable Fire, the haunting MLK (one of two tributes to Martin Luther King Jr. on that album) before segueing into Where the Streets Have No Name, with a few improvised lyrics (including a chorus from All You Need is Love, a nod to Paul McCartney).
Very typical U2. U2 fans undoubtedly loved it or at least enjoyed it; not-so-big fans probably weren’t so impressed (they sounded worse than, for instance, Mariah Carey, but a musician I work with is convinced she was lip-syncing) and U2 haters probably found something else to hate. I was impressed that they didn’t sell out by playing three songs off their current album. They played a hit from a year ago, then they played an obscure song, then they played a minor hit from 15 years ago, but it wasn’t one of the two huge hits off that album.
Heartbreak. That was what the game itself was. The Rams didn’t show up to play for the first three quarters. I have to wonder how badly Warner was hurting, because he definitely didn’t look 100% (and if I can notice a difference, there definitely is one). I have to wonder what if he hadn’t taken those hits late in the game three weeks ago against Green Bay…?
Security. I see from this story that Linux is less secure than Windows, based on counting reports at SecurityFocus.
SecurityFocus reported a total of 96 Linux vulnerabilities, versus 42 Windows NT/2000 vulnerabilityes (24 for Windows 2000 and 18 for NT4.0). Buried deeper in the article, you see that Mandrake Linux 7.2 notched up 33 vulnerabilities, Red Hat 7.0 suffered 28, Mandrake 7.1 had 27 and Debian 2.2 had 26.
So, first things first, James Middleton seems to think 2=4.
Now, math aside, those 26 Debian vulnerabilities were in all likelihood present in all the other distributions. So there’s a lot of triple- or even quadruple-counting here.
I remember a good number of those Linux vulnerabilities. Some of them were buffer overflows in utilities that would be difficult or impossible to exploit without shell access to the machine. Some of them were in daemons (services) that may or may not be running at any given time. Very few were in the kernel itself. Bottom line is, a typical Linux-based Web server sitting behind a firewall with only port 80 exposed probably didn’t have anything to worry about. The same goes for a typical Linux-based Samba server.
This isn’t like Windows, where you get the components Microsoft deems necessary, whether you want them or not, and you fear removing or disabling them because you don’t know what else will break and have no way of knowing. With Mandrake, you’ll get some services you don’t want, but you can disable them without breaking stuff. Red Hat has reformed and installs surprisingly little in its minimum installation these days. Debian installs even less.
So, the dirty little secret this article didn’t tell you: Not all the security problems affected any given Linux server. Chances are most of the security flaws affected any given Windows server.
I hate it when technology journalists blindly spit out numbers without having a clue what they mean.
I may publish again. I was mad enough to fire off a proposal to one of my former editors to see if he’d be interested in a few magazine articles. It’s time there was some stuff out there written by someone who has a clue what he’s talking about.
Useful link. For once I saw a banner ad that halfway interested me today. At LowerMyBills.com you can compare different utilities services available to you. Long-distance rates include both the interstate and intrastate rate (important if you’re like me and rarely call out-of-state). Alas, they don’t list local phone service providers, and their high-speed Internet listings aren’t complete, but it’s better than nothing. They also do listings for loans and debt relief, neither of which I need right now.
If the site’s useful to you, you’ll know.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.