Updating Windows is like wearing seatbelts
April 13th, 2009. Published under My Recent Reads. No Comments.
pulled from Google Reader (click on title for original post)
When I was a structural engineer in the auto industry several decades ago (just trying that phrase on for size as I approach the midpoint of my first century), I became obsessed with the value of seat belts and safety. My kids were required to use car seats. I would not start the car if everyone was not buckled up. In the crash tests I ran with one of GM’s biggest vehicles, the Chevroolet Caprice Classic, the value of seat belts was dramatically demonstrated. We ran tests with one inch of slack space between the test dummy and its shoulder belt. That one inch meant increased G forces measured by the accelerometers in the dummy’s chest. With the belt cinched up so there was no slack the dummy experienced less than 50 G’s. With one inch of slack ite experienced greart than 50 g’s, a lethal load. Survival and death were determined by how tight you wore your shoulder belt.
What really got under my skin was news reports of traffic fatalities that failed to mention whether or not the victims were belted in. It seemed like the writers of those stories where evincing compassion for the victim’s families who did not need to hear about how stupid their loved one was to cause his or her own death by negligence. See? I can get pretty passionate on the subject.
I am starting to feel the same way about news reports of major infections. Take the just reported story:
Conficker worm hits University of Utah computers.
The AP reports that
University of Utah officials say a computer virus has infected more than 700 campus computers, including those at the school’s three hospitals.
We know two things from this story even though they go unreported. 1. The University of Utah does not have an effective solution for updating Windows machines. You cannot get infected with Conficker if you patched your system anytime in the last six months. 2. The University of Utah does a really bad job with anti-virus software as well. All AV software has signatures for Conficker by this time.
Why do journalists not ask hard questions? Why don’t they ask the police officer on the scene if victims were wearing seatbelts? Why don’t they ask IT admins why they were not patched?
Post from: ThreatChaos
Updating Windows is like wearing seatbelts