2008-07-25 20:45:20

A rant: Security is not war

These days we're living in a world which was stuffed with war, attacks and extremists of all sorts. In the one corner we have the islamic terror which, thanks to series like Sleepers Cell, can now also be enjoyed from the living room. People with the turbans carry around bombs and kill millions of people every day. The youths are sniffing anthrax and have nothing better to do than to segregate themselves from the community only in order to get angry about it and to adhere to extremism.

On the other hand, the communist culture of deportation is still alive. Women of all the world are deported to Moscow, there is not a family in this world who hasn't at least lost one member to them. The deported then have to build nuclear weapons which are specially crafted to attack the United States, the holy grail, the center of the prosper world. For this reason, a protection shield is being established around Poland, Czechia — not Turkey this time, there have been bad experiences with the last attempt.

However, the world of computer security is in no way comparable to it. After a recent security incident of the Baslerzeitung, reports said that “efforts were made to fend off the attacks”. On the bloody morning after, one tin soldier rides away.

In truth, the issue was very simple. The software used by the newspaper was written poorly and allowed to inject additional web site elements (“Javascript Injection”, apparently through SQL). Rather than to line up the tin soldier at the server room, armed with guns to fend off the attackers, the newspaper simply patched their software. Starting from this point, it doesn't matter how many attackers are running against the web site — it is “vaccinated” and no longer vulnerable to the attack.

It is very questionable if the people who write the type of articles quoted by BloggingTom can ever be educated on the issue. It should be clarified to them that computer programs are more comparable to dogs than to countries. Except to the point that there probably are no “badly coded dogs”.


Posted by Tonnerre Lombard | Permanent link | File under: security, network