On obsolescence
Thursday, 13 January 2005 07:16 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
daLife is Change, and woe to those who can't deal with that.
I ran across this philosophy stated in stronger terms, that God is Change, but I won't go so far as to suggest that right now. Maybe later when I'm in an Octavia Butler mood. That post will probably have a lot to do with Internal versus External Locus of Control. But this entry is instead about obsolescence.
Three signs of change that prolly ought to piss me off but don't this morning, in order of increasing amusement value:
On a personal level, the Internet just got more complicated for both me and my brother Zack. Our mother started reading my journal. Long story short, I talked with her and we worked out that it was awkward enough that I didn't want her reading it, but I'd email her more instead. Then, she found![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif)
cyanpill my brother and the results weren't pretty. Objectively, I think, there are some mom-alarm-worthy moments in his journal, but hell, the guy's 22, of course there will be (if they're going to be posted in a public journal). So he's gone friends-only posts. Mom hasn't told him she won't read his. So it's rather messy. It's leading to all kinds of interesting talks in my family at least, but it's definitely an off-kilter way to have them. So far, neither of us in my household are switching to friends-only posts, but I now have reason to consider it.
On a more interpersonal level, in the last 12 hours, my personal email address got 111 spam messages that got through spamassassin (version 2.64). I'm a patient guy, but ~175 a day aren't worth wading through. I considered killing the address completely, but I like the domain, and I was there first. So I'm going to lower my spam threshold and consider killing the address completely if that and similar fixes don't work. It's surprising to me, since taking a "regular job", the number of previously unquestionable assumptions I can now question, since I don't have to put so much work energy into finding and keeping clients myself. (Can I move my server in-house and save $100US/month? Do I need to answer email at so many addresses? Do I need a cell-phone? Do I need a PO box in Ithaca for business mail? and so on.) Every change I've made has felt freeing, and simplification is good.
On a not-at-all connected to me level, seems to me that Microsoft's security model has got to be in trouble. It appears that any windows program that uses MSHTML is an attack vector, according to those who report such things.
So, if you run Windows (up through XP/Server 2003 including SP 2) better patch or unplug from the network. I think I no longer trust any argument that security works better in a closed company than in an open-source project. How many thousands of engineers, how many levels of security audits did their latest OSes go through? This looks like a pretty wide hole, at least to a relatively naive non-windows-programmer like me.
I ran across this philosophy stated in stronger terms, that God is Change, but I won't go so far as to suggest that right now. Maybe later when I'm in an Octavia Butler mood. That post will probably have a lot to do with Internal versus External Locus of Control. But this entry is instead about obsolescence.
Three signs of change that prolly ought to piss me off but don't this morning, in order of increasing amusement value:
On a personal level, the Internet just got more complicated for both me and my brother Zack. Our mother started reading my journal. Long story short, I talked with her and we worked out that it was awkward enough that I didn't want her reading it, but I'd email her more instead. Then, she found
cyanpill my brother and the results weren't pretty. Objectively, I think, there are some mom-alarm-worthy moments in his journal, but hell, the guy's 22, of course there will be (if they're going to be posted in a public journal). So he's gone friends-only posts. Mom hasn't told him she won't read his. So it's rather messy. It's leading to all kinds of interesting talks in my family at least, but it's definitely an off-kilter way to have them. So far, neither of us in my household are switching to friends-only posts, but I now have reason to consider it.On a more interpersonal level, in the last 12 hours, my personal email address got 111 spam messages that got through spamassassin (version 2.64). I'm a patient guy, but ~175 a day aren't worth wading through. I considered killing the address completely, but I like the domain, and I was there first. So I'm going to lower my spam threshold and consider killing the address completely if that and similar fixes don't work. It's surprising to me, since taking a "regular job", the number of previously unquestionable assumptions I can now question, since I don't have to put so much work energy into finding and keeping clients myself. (Can I move my server in-house and save $100US/month? Do I need to answer email at so many addresses? Do I need a cell-phone? Do I need a PO box in Ithaca for business mail? and so on.) Every change I've made has felt freeing, and simplification is good.
On a not-at-all connected to me level, seems to me that Microsoft's security model has got to be in trouble. It appears that any windows program that uses MSHTML is an attack vector, according to those who report such things.
So, if you run Windows (up through XP/Server 2003 including SP 2) better patch or unplug from the network. I think I no longer trust any argument that security works better in a closed company than in an open-source project. How many thousands of engineers, how many levels of security audits did their latest OSes go through? This looks like a pretty wide hole, at least to a relatively naive non-windows-programmer like me.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
On Security, Microsoft and Open Source
Date: Friday, 14 January 2005 02:31 am (UTC)It is my suspicion, not borne out by hard data, that Microsoft's security holes are more serious and the security model they choose for ActiveX and assorted web prototocols (in part to make it easier for naive users?) makes it easier for exploits to result in serious harm.
I'm mostly concerned about the number of successful exploits made on machines run by security-concious admins. That is a better test of whether the operating system is insecure, as far as I'd think.
I'm on security mailing lists that cover Windows and Unix; and the size of the holes in windows (anacdotally, as I remember) are greater; things like "if you don't disable activex now, you're machine's wide open." As opposed to local exploits, which seem more prevalant on Unix.
*shrug*