Tuesday, August 16, 2005

Patch Tuesday

Just one week after Microsoft’s August monthly release of critical update patches from Windows, commonly known as Patch Tuesday, CNN’s network was hit hard by some variant of a worm that exploited one of these patched vulnerabilities. Lou Dobb’s show and some others were affected. Sadly, the cause is quite clear to me as it is to any good network administrator. CNN has not been updating it’s Windows network. There is literally no good excuse for this failure. Let me explain why.

Microsoft has been under attack by hundreds if not thousands of computer programmers for the past five years or more. The reasons vary but usually include the fact that 95 percent of all PC’s in the world run Windows and or overly complex and often poorly designed features included in Microsoft operating systems. There are simply more ways to exploit Windows and more people doing it than with any other system ever built. If I was a hacker I’d hack Windows before I bothered with anything else because it is easier and more effective to attack Windows. Who cares if somebody writes a virus for the TRS-80?

Knowing that your systems are the most popular and most vulnerable means you have to take the bad with the good. If you are going to use Windows because it is easy, cheap, portable, or whatever, then you must also be prepared to do what it takes to defend your system or network. Microsoft has made this pretty painless. Individuals since 1998 have been able to turn on automatic updates and get these critical patches with little or no effort on their part. Not doing so is as dumb as leaving a loaded gun lying around unsecured. It is an invitation to disaster. Apple and Linux users are laughing now but will eventually face similar issues once they gain enough market share to be significant.

Networks have special considerations. They also have professional administrators whose job includes providing the security individuals can do for themselves on unmanaged systems. Microsoft has gone out of their way to make this task as easy as possible for this group as well. Years ago, IT departments had to apply patches manually at each desktop or pay huge sums for System Management Server (SMS) to deploy these patches automatically. In the past few years Microsoft has released several versions of free administrative tools that contain most of this functionality. Software Update Service (SUS) was such a success it was updated and became Windows Update Service (WUS). Administrators can use WUS to download and selectively test and install software patches to any recent version of Windows client or server machine.

There is NO reason not to do this promptly each month. Because the process of documenting and fixing vulnerabilities makes the weakness known, it is vital to apply these patches promptly BEFORE new viruses and worms are written to exploit them. If a patch cannot be applied because it affects some poorly written but vital software application, then administrators must fall back on the training and intelligence of network users until the vital software can be repaired or replaced.

Sharp network administrators make it a top priority to download and test all new critical updates immediately when they become available the second Tuesday of each month. Many other software vendors including Oracle, RedHat, and others time their regular patch releases to coincide with Microsoft’s. As soon as these patches prove compatible with vital software on representative sample machines on the network, updates are flagged for widespread distributed via WUS. No network machines should be without a critical patch a week after being released. CNN’s were and the results were painfully obvious.

Typically, the government is slow at most everything so it was no surprise to hear that some machines in offices on the out-of-session Capital Hill were affected. A few companies (Caterpillar?) were also caught with their patches down. Shame on their administrators or maybe shame for being on vacation without a trained replacement. Management is generally to blame and must accept responsibility for excessive IT cutbacks, incompetent directors, poorly trained, lowly paid, overworked staff. Otherwise, Administrators had the wrong priorities. Nearly 50 percent of business networks still run Windows 2000 because it still works fine. But you have to apply available patches to any operating system.

Thursday, August 11, 2005

Energy Crisis

I’ve always been proud to say that I participated in the very first Earth Day in 1970. As an idealistic college student I took a few whacks with a sledge hammer at a donated gas guzzler to demonstrate our rejection of the status quo. To this day I remain committed to the concept of conservation in all aspects of my life.

I generate far less garbage than the average American. "The average American generates four pounds of solid trash per day... 1,460 pounds per year." http://ask.yahoo.com/ask/20020606.html Whenever I drink a soda from an aluminum can, I save the can and eventually turn it over to a charity to recycle it. It takes 75 Megawatts of electricity to make a new aluminum can but only 1 megawatt to make a recycled one. I recycle plastic bottles as well, to avoid placing them in landfills where they would remain forever.

But I learned long ago that as a consumer my impact on the planet is miniscule when compared to industry and government. I’m reminded of ridiculous lawn watering restrictions applied by power crazed bureaucrats while millions of gallons of water regularly spill from poorly maintained city water systems and construction sites. Consequently, it would appear that political activism is far more effective than personal conservation in saving our planet from the ill effects of human expansion and consumption. Still, doing my share seems like the right thing to do. If everyone felt that way, our world would be noticeably better.

While I never owned an SUV, I admit I could have been more careful in choosing my automobile. I have an older full-sized sedan that gets nearly 22 MPG in town and 27 on the highway. While that’s as good as most new cars today, it is far less than my 1983 Nissan Stanza that got 43 MPG on the highway at 75 MPH with the air conditioner on and 36 around town. The secret was a 2.0 Liter four cylinder engine with eight spark plugs and a high energy ignition system. It also had a clever fuel cut-off float in the carburetor that shut off fuel flow immediately upon entering a turn or slowing down. That made it a bit jerky, but very efficient for a low-tech solution. With today’s computer controlled fuel injection I have no doubt Detroit could nearly double average fuel economy with a few minor changes to their vehicles. Perhaps they will once gasoline hits $3 a gallon. I’m eager to see what changes in the next model year but I won’t run out and buy the first new products American automakers offer us. I remember the self-destructing GM Diesel sedans of the mid-1970’s.

If only the recently passed $295 Billion Energy Bill (advertised as $286.4 Billion) had been spent to make our highways and intersections more efficient rather than building $223 Million bridges to nowhere. Every significant intersection in Germany has a right-turn merge lane with a yield sign to avoid unnecessary stops. Traffic circles and synchronized stop lights could save millions of gallons of gasoline every years. We haven't seriously considered such measures.

The original US energy crisis in 1973 was bogus. It was mostly created by the powers that control production and distribution to see if they could get away with rapid price increases the same way sugar producers had recently done. Eventually, all commodities went through similar supply interruptions to gage the potential for price increases. I recall a visit to Columbia during the peak of the coffee shortage in 1975. Our embassy contact took my flight crew up into the hills to a distributor whose warehouse was stacked 30 feet high and overflowing with cases of the best coffee in the world. We flew a car load back to Panama for distribution to base personnel. In a few months, prices stabilized and there was plenty of coffee for everyone but at new, higher prices.

Our current energy dilemma is not artificial. It is the predictable and unstoppable result of the rapid economic expansion of China and India. For years, commodity prices have been under pressure from these two “Billion consumer” economies as they expand at ever increasing rates. http://www.cia.gov/cia/publications/factbook/rankorder/2119rank.html Construction materials in recent years have been in short supply, especially steel and gypsum for concrete due largely to the world’s largest dam construction project in China. More recently, general growth in China has increased to double digits (nearly three times America’s growth rate) and demand for energy and raw materials far exceeds previous years. Chinese oil imports are up 35 percent. http://www.rgj.com/news/printstory.php?id=90612

OPEC is pumping oil at nearly maximum capacity and American refineries are working overtime trying to keep up with our growing demand. Even drilling oil in Alaska’s wildlife refuge won’t have a significant impact on this supply crunch. To make matters worse, China’s banks are holding Billions of US dollars they need to use to buy more resources for their continued growth. They are even trying to buy America’s third largest oil company. Congress hasn’t decided whether to oppose this move. They are waiting to see how much more bribe money China is willing to offer them to allow it.

Expect to pay at least $2.50 a gallon for gasoline the rest of this year and $3.00 or more starting next year. Europe is at the mercy of Iran, which provides over half of their oil. That’s why Iran laughs off European threats over their nuclear ambitions. China, a member of the UN Security Council, has already assured Iran they will not oppose Iran becoming a nuclear power and has recently agreed to purchase oil from them.

Hydrogen cars may be the only solution, but don’t expect to see them for another six years in any volume. Over nine hundred Billion dollars has been invested in our gasoline distribution system and it won’t easily be converted to distribute hydrogen or hydrogen fuel cells. Until that happens, large numbers of hydrogen vehicles simply won’t be able to replace current vehicles. That’s why everyone is concentrating on the interim solution of hybrid gas/electric vehicles. This transition makes a lot of sense and could reduce our consumption dramatically. The Japanese are years ahead in this technology since every other country in the world pays several times what Americans pay for fuel. Japan is especially vulnerable because they must import 100% of their oil.

We import up to 25% of the oil we use, most of it from Saudi Arabia. http://www.eia.doe.gov/emeu/cabs/saudi.html But we could easily reduce our consumption by half if we had to do so. America’s Happy Days of conspicuous consumption are unique in the world. The price of that excess is now measured in lives and limbs lost daily to maintain our excessive lifestyle and economic survival. With all the jobs we’ve exported in the past five years our economy would be in Depression if we had to bear the energy costs other nations endure.

Iraq’s 2.2 Billion barrel reserve becomes our strategic reserve when the Saud family is eventually overthrown in Saudi Arabia. Clearly, that’s the reason Cheney and his brain trust engineered the invasion of Iraq more than three years ago.

"Although Americans represent roughly 5% of the world's population, we generate 40% of its waste." Like addicts, we are not willing or able to make the conservation adjustments accepted long ago by Europe and Third World nations. It will be a hard lesson for our children to learn but eventually we must learn to live more humbly. That includes stopping our excessive waste of all kinds of natural resources, beginning with petroleum.

http://www.nrdc.org/cities/recycling/recyc/appenda.asp

Truth About Oil
http://www.fortune.com/fortune/investing/articles/0,15114,1105683,00.html