It’s a fair question to ask how to account for period between jobs. Depending on the circumstances, it may not matter very much. But it’s always a good idea to have an answer.
Vulnerability management and patch management are close relatives. In most companies, think of them as siblings who hate each other. That’s usually how it plays out. It doesn’t always have to be that way, but it takes some thought and strategy from both sides. Here are some ideas for patch management strategy.
What’s the best color to paint a rental property? You have some leeway, of course, but the color you paint it really does make a difference. Both the interior and exterior matter, but it’s more common that the interior needs a paint job.
The other day I heard a reference to the “high side vs low side” of a computer system in a podcast, and the speaker didn’t stop to clarify. Worse yet is when you hear “on the low side” or “on the high side.” I came from the private sector into government contracting myself. I wasn’t born knowing this jargon either, so I’ll explain it.
The most infamous Microsoft patch of all time, in security circles at least, is MS08-067. As the name suggests, it was the 67th security update that Microsoft released in 2008. Less obviously, it fixed a huge problem in a file called netapi32.dll. Of course, 2008 was a long time ago in computing circles, but not far enough. I still hear stories about production servers that are missing MS08-067.
Last week, Microsoft took a look back at MS08-067, sharing some of its own war stories, including how they uncovered the vulnerability, developed a fix, and deployed it quickly. It’s unclear who besides Microsoft knew about the problem at the time, but one must assume others were aware of it and using it. They certainly were after the fall of 2008.
Much has been made of Hillary Clinton’s use of her own mail server, running out of her home. It didn’t change my opinion of her, and I don’t think it changed anyone else’s either–it just reinforces what everyone has thought of her since the early 1990s. Then, Ars Technica came forward with the bizarre case of Scott Gration, an ambassador who ran his own shadow IT shop out of a bathroom stall in Nairobi.
The money quote from Ars: “In other words, Gration was the end user from hell for an understaffed IT team.” And it concluded with, “[A]s with Clinton, Gration was the boss—and the boss got what the boss wanted.”
Indeed. And it doesn’t just happen in the government.
A college classmate contacted me a week or two ago. A relative of hers got scammed, and she wanted to know what to do.
“Get the charges reversed on the credit card,” was my simple response.
“What about cleaning up the computer?” she asked.
That’s the easy part. Read more
In my day, I did plenty of hardware maintenance in the field. In fact, the only time one of my bosses ever saw me working, I was swapping out failed memory in a server.
“How’d you know it needed to be done?” he asked.
“It told me.” That’s why I always loved HP Proliant servers. My boss looked confused at my answer but didn’t ask me to elaborate.
But not all of my field maintenance always went quite so smoothly. Read more
I met a young IT contractor a little while back. His talent was sky high. So was his potential. And his rawness. It’s not my place to go into great detail about that rawness, but one thing I noticed about him was that he had a very self-defeating attitude about him. It shouldn’t have been hard for him to succeed as an IT contractor, but he was his own worst enemy.
Several times he started a statement with, “If I don’t get fired,” or something to that effect.
It occurs to me that perhaps my experience as a contractor would be helpful.
I saw a story yet again about the tech worker shortage, and the backlash against H1-B visas. Reading the comments on Slashdot, I increasingly got the feeling the shortage is a mirage. The people are out there, but the matchups with job openings aren’t happening.
My experience may be anecdotal, but it mirrors this. Read more