MS08-067

I think this is the second or third time MS have published an out of cycle patch, and it may be the first proper Windows (as opposed to IE or Office) vulnerability to get this treatment.

It probably deserves it. When I read the notice, my heart sank. I remember staying up thirty-six hours in August 2003 dealing with Nachi/Welchia running through our systems because we didn't suceed in patching MS03-026. It didn't help that I was pissed as a fart for the first six hours or so -- having been hauled out of the pub at 10PM by an aggrieved network engineer watching our traffic heading through the roof -- and my boss had to hide me in the machine room trying to figure out what was going on, while she explained to her boss that she'd sent me home. What did help was that it used ping to explore the network, and it dropped nice clear signature files. That night I experienced the sheer beauty of Cisco VACLs (level 2 filters) when I found we could use them to suppress ICMP, and that left the worm blind enough for us to clean up by hand, though I didn't dare turn it back on for a week, and we left the filter on the link to Group for years....

That vulnerability was in DCOM -- pretty important, but possibly fixable by switching off the service in the registry. This one is SMB, and there's no switching that off. You may as well shut down.  Oh, and a modern malware wouldn't make the same mistakes as nachi, or be so gentle to its hosts. So I was pretty uncompromising all Friday, and reading the increasingly nervy statements from MS, I really don't think I was too rough. We're inserting this patch as a special into the October/September patch cycle that was just starting its route to live on the Friday. We'll have to re-do all the test servers. I hope that's enough.

Real Financial Insecurity

Prostitute's postcard seen today in a phone box in King William Street:

• A very conventional picture of a youngish woman in partial undress, and
  
• A site: "London Bridge" -- in reality that would be far out in the Borough, but never mind...

All ordinary. But what struck me was the caption. It wasn't "Maid for Pleasure." It wasn't "New 19 YO Swedish." It wasn't even that perennial City favourite: "Fully Equipped Dungeon."

No. The caption was: "Kisses and Cuddles." If that isn't the clearest sign of financial calamity, I don't know what would be.

God bless her, though. It's wonderful to imagine that there's a living in snogging.

Consequences of Solving a Non-problem

http://wvgazette.com/News/200810180251
Whatever was so wrong with marking X's in the boxes with a 3B pencil?
Or is the real problem that people are voting wrong?

The Current Status of the Pound

I'm writing this on 28/10 but I'm back-posting to the day it happened, right in the middle of the (first?) UK banking turmoil.
I had occasion to use the toilet in the headquarters of a big four bank. As I reached for the paper I noticed a little blemish on the white(ish) sheet. Being unsqeamish about this sort of thing, I gave it a little scratch and a shred of coloured paper came away on my finger nail. I pushed back my specs for a closer look and found a tiny fragment of a £10 Bank of England note -- barely a millimetre across, but the engraving and colour so fine as to be unmistakeable. That bank had been wiping their collective arses on thousands of pounds in fine rag paper -- and they never knew.
I do wonder whether it's co-incidence, or whether support from the BoE comes with an unpublished obligation to help them get rid of their pulp....

Boot (If You Can) and Nuke.

Endless problems trying to get DBAN to boot reliably off a USB stick for Desktop to erase a bunch of machines with.

The Windows installer never quite managed to make the stick bootable and there isn't an installer for Linux. Eventually I booted into linux and just dd'd the floppy disk image over the raw device (/dev/sdb rather than /dev/sdb1 -- though I'd previously made sdb1 bootable) -- there are no partitions on a floppy, and that seems to boot, but not very happily.

I'd have made a real floppy, but I can't believe that many of those machines would actually manage to read a whole FD without error. What they don't have is CD readers, and I don't know the general process to make an ISO bootable on a USB stick.