Saturday, November 17, 2007

Bad Security?

It seems like a never ending cat and mouse game between the hackers and the software programmers. To be sure much if the holes boil down to bad programing habits and also lack of imagination as it why on earth would some one do that? 

Microsoft Windows XP is a very popular OS and its very common so no surprise this week when "a Microsoft executive calls the ease with which two British e-crime specialists managed to hack into a Windows XP computer as both enlightening and frightening." It very common for an novice computer user to buy a computer and toss it on the Internet with out patching it. "After all who has time for that I have work to do!" I have been told my more then one manager the he was frustrated that I was always patching systems. "After all I can just go down to the computer store an buy a computer from the store and it's ready to go!" Scary right? Well all too common a mind set that IT Pro have to deal with.

This week a hacker found over 492,000 unprotected Oracle & Microsoft SQL database servers connected directly to the internet an not even protected by a firewall. True even with a good firewall it's possible to use an SQL injection attack to nuke a database. But IMHO some security is better then none at all. 

Even if you use a smart phone you may not be totally safe. Before Apple released the iPhone 1.1.2 patch there was a security hole that users we using to add software to their iPhone. The Fast Company recently published a story about how it might be possible to hack an iPhone. Click here to see the video.


No comments: