| About InfoWorld : Advertise : Subscribe : Contact Us : Awards : Events : Store |
 |
||||
|
||||
 |
||||
 |
|
|||
 |
||||
|
|
|
||
|
|||||||||||||||||||||||||||||||||||||||||
 COLUMN
Proof in the pudding THE BAD NEWS is there are now two more things for security administrators to worry about: Macromedia Flash and Microsoft's .Net Framework. The good news is that you don't have to spend much time worrying about them ... yet.
Nevertheless, it's an interesting way to start the new year. Even though these viruses are lab critters of the first order -- they aren't loose, and the creators gave the concerned vendors a heads-up and example code before calling the press -- they simply shouldn't come as news to anyone. If there is a way to subvert computer security, no matter how closely controlled or poorly documented the vulnerability, it will be found and used. Granted, I've seen plenty of Flash implementations that have grabbed every scrap of my computer's resources while I frantically tried to shut my browser window, so I wouldn't mind seeing a mass roundup and re-education of anyone noting Flash skills on his or her résumé. Although this would do wonders for San Francisco parking, it won't solve the security problem. If you use Flash on your site and you're not actively securing the content, this is your wake-up call. I could go on in a similar vein regarding the .Net Framework; but discussing the ills of Microsoft products can be a full-time job, and this column is already a day late thanks to some unplanned downtime. I'm positive that Microsoft's developers aren't clowns, and I'm sure that when company representatives tell me that security is a priority, those words are the absolute truth. After all, not many people wake up in the morning and decide: "Hey, today, I'm going to write some really crappy software that's riddled with security holes." I don't write code for a living, but I do know that programming is more art than science. Software is very much like a house of cards in that one false move can collapse the entire structure. But as a reader pointed out in response to some remarks I made in regard to IIS (Internet Information Server), when was the last time you heard of a virus taking out an AS/400, iSeries, or whatever IBM's calling it this year? Granted, there are a lot more Windows boxes out there than there are AS/400s, and like any predator, computer attackers go after the easiest prey first. This alone would seem a compelling rationale to find alternatives to Microsoft's computing platform, but whoever said humans were rational? P.J. Connolly (pj_connolly@infoworld.com) covers collaboration, networking, OSes, and security for the Test Center. Get this column free via email each week. Sign up at www.iwsubscribe.com/newsletters .  RELATED SUBJECTS  SecurityMORE > SPONSORED WHITE PAPERS 
SPONSORED LINKS
|
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||
|
||||||||||
