End Users are Funny Pt II

Here's another conversation during a remote support session today:

Client: "So Paul, have you seen the internet today?"

Me: "Well, I've been on the internet today, does that count?"

Client: "Take a look at the front page of the internet when you can. There is this crazy looking guy on the front page."

5 Things I Learned from Air Force Networks

After completing what may very well be my last tour as a Cyber Systems Operator with the Air Force Reserves, I'd like to offer this (unclassified and possibly incorrect) insight into the wonderful system that is the Air Force Global Information Grid (AF-GIG):

Secunia Half-Year Report 2010

I usually try to avoid reposting information from others, but Secunia has a great security report that has some down to earth information relevant to every computer user:
https://docs.google.com/viewer?url=http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf

Among the interesting statistics?

• A group of ten vendors, including Microsoft, Apple, Oracle, IBM, Adobe, and Cisco, account on average for 38 percent of all vulnerabilities disclosed per year.
• In the two years from 2007 to 2009, the number of vulnerabilities affecting a typical end-user PC almost doubled from 220 to 420, and based on the data of the first six months of 2010, the number is expected to almost double again in 2010 to 760.
• During the first six months of 2010, 380 vulnerabilities or 89% of the figures for all of 2009 has already been reached.
• A typical end-user PC with 50 programs installed had 3.5 times more vulnerabilities in the 24 3rd party programs installed than in the 26 Microsoft programs installed. It is expected that this ratio will increase to 4.4 in 2010.
• An Windows end-user can patch 35% of vulnerabilities with one tool from Microsoft, but requires another 13 to patch most of the rest.

Also, in terms of the raw number of vulnerabilities, Apple has shot past Microsoft and Oracle to claim the #1 spot. However, this doesn't take into account how severe the vulnerabilities are or how quickly a patch is released.

Symantec Installation Failure

We've been looking for alternatives to Trend Micro WFBS lately, and I thought I'd give Symantec Endpoint Protection another shot. I spent several hours fighting with the installation package and Symantec Support, but continually had issues with a VBS file that is supposed to run in the setup. A week and several pots of coffee later, I found the problem.

End Users are Funny

I have a client who submits tickets and e-mails to me in haiku.

Paul I have a problem,

   our e-mail is not working ...

can you call me please?

I have not decided if this is intentional or not.

 Can you please help me?

 Susan cannot print today ...

     and reports are due.

But it is certainly relaxing to read.

Facebook Accounts Are Almost Worthless

How much would your Facebook account bring you if you sold it? According to VeriSign, just a couple of pennies. I spotted an article on Dark Reading the other day detailing a recent black market advertisement for over a million Facebook accounts, sold in 1,000 unit increments for $25-$45. About 2 to 4 cents per account, which highlights how easy it has become for these accounts to get compromised and used to spread malicious software.

Secure the Edge: Protecting Exchange 2007 Connectors

Many small companies employ a service such as AppRiver to provide affordable messaging security, but not many take the time to properly secure their Exchange connectors afterwards.