December 3rd, 2008 by Charles Gardner
The little extra fee you pay on new PCs for Microsoft Windows, whether you want it or not, has long been called the Microsoft tax, but what about their counterparts over at Apple? Is there a Mac Tax? Let’s check.
I bought a new laptop about four months ago. I had entertained both a Dell and a Mac. The Dell I looked at is the Latitude D830, the top of the line of their business laptops. I then tried to spec a similar MacBookPro, which required the addition of some options and a three year warranty to match the Dell. Here’s the interesting part – the Dell cost $1050 and the Mac was right at $3000. That’s a price differential that’s hard to justify on performance or utility alone.
To try to better compare the buying decision, I decided to set a theoretical spending budget of $3000 and see what I could get.
Option 1
- Dell Latitude D830 laptop ($1050)
- Asus EEEPC 1000 ultra portable laptop ($500)
- 1 Terabyte external hard drive ($175)
- 5 x 4GB USB thumb drives ($150)
- Nintendo Wii ($250) - After all that work, a little fun is in order
- 42″ plasma TV ($750) - Maybe a little more fun while we’re at it
Option 2
For the money, I will take option 1.
Before you Mac folks stone me, I do like Macs. I work with them regularly and always walk away impressed. BUT the apparent Mac Tax has always stopped me short of actually buying one.
I think I’ll go play on the Wii for a few minutes and think about it.
Commentary
December 2nd, 2008 by Charles Gardner
In late October, Microsoft released a software patch to address a problem in Windows operating systems. Every month Microsoft releases new software patches on the second Tuesday of the month, aka Patch Tuesday. For most companies Patch Tuesday is followed by Reboot Wednesday which is when the most important of these updates are installed and systems rebooted. In larger companies, Patch Tuesday is the beginning of a process to prioritize, test, and stage these updates as needed.
So what’s the big deal about October? Microsoft released an out-of-cycle patch (MS08-067) for Windows on October 23rd, nine days after Patch Tuesday. Typically patches are queued up until the next second Tuesday, but this one was so important that Microsoft released it immediately. The urgency about this patch was directly related to the potential damage that could be caused by the flaw it fixes. In theory the flaw could be exploited by a worm that would blow through networks like wildfire, causing severe damage along the way.
To be fair, Microsoft’s mistake was the flaw in Windows; their handling of the situation has been very good.
How can you benefit from this? It’s now over a month past the release of this patch, and it’s time to look at how your business handled the situation. You can use this event as one method to evaluate your overall IT posture. If you are in management, this may require digging in with the technical folks to get the details. Specifically, look at the following areas:
- Awareness
- When - When did your organization first become aware this out-of-cycle patch had been released? Was it within hours, days, a week, or more?
- How - This is important. How did your company learn about this? Was it picked up from active reading of email, blogs, news? Was it just luck that someone noticed it, or do you have an active process to stay informed?
- Attention
- Did this event garner the proper amount of attention from the proper people? If awareness was high, but the appropriate people were so busy “putting out fires” that they didn’t get to it for a week, you have a problem.
- Application
- How quickly was this patch applied? Given the unplanned nature of it, did this patch take longer than normal to go from awareness to actually being installed?
- Audit
- Has the installation of this patch been audited? You need to know that the patch was actually installed. Setting a patch management system to deploy the patch isn’t enough. You must be able to verify that computers have actually installed the patch, and have a plan to deal with any problems.
Take a look at how your business responded. Use this opportunity to identify any shortcomings and work to fix them. Oh, and if you look around and see that this was handled well, give your IT people the credit they deserve.
Commentary, Other, Security, Windows
April 22nd, 2008 by Charles Gardner
Over at the Matasano Chargen blog, Thomas Ptacek challenges the conventional wisdom of Defense in Depth by taking to task the comparison of InfoSec and war strategies. Analyzing the analogies we use is an excellent exercise to better refine when and where they truly apply. Defense in depth is a very useful analogy, but as with any trite saying can become diluted and useless when overused.
The best point made in Thomas’ post has to be from Eric Monti:
“It irks me when vendors talk about ‘defense in depth’,” he says, but “I generally take it as good sign when customers do.”
BINGO. The depth mindset is great for implementers, as it shows an honest assessment of the situation. When used correctly, depth shouldn’t be for depth’s sake though.
Why go deep? Generally we recognize a weakness and add another layer to help compensate for the weakness in the first layer. Followed logically, we should be shooting for as shallow a depth as possible while adding something meaningful at each layer. Also logically, we can say that the need for deep layering may represent crappy raw materials. Hence the agreement with Eric’s assertion about vendors.
So, go deep, but not one layer more than absolutely necessary. And if you find yourself getting really deep in it, maybe you need to wonder just what “it” is.
Rants
April 14th, 2008 by Charles Gardner
Basically these are items I’ve flagged over the last few days. This list is so I don’t forget anything.
Other
April 9th, 2008 by Charles Gardner
I setup a new site at www.TampaBaySec.org to handle postings about, well, TampaBaySec. Hopefully that will grow some legs here and can be a central point of information for the meetings.
Events
April 9th, 2008 by Charles Gardner
I just loaded up Windows Server 2008 into a VM under VMWare Server. I’ve installed one VM as a full load of the OS, and I’m preparing to install a second VM as the “server core” load of 2008 (basically no GUI). To my surprise, it’s gone very well so far. There was only one snafu, and that was easily fixed with a trip to the Google oracle. When the VM first came up, it had no recognized network card. To get a working NIC, add the following to your .vmx file:
ethernet0.virtualDev = “e1000″
Restart the VM, and you’re off to the races.
VMWare, Windows, Windows Server 2008
March 27th, 2008 by Charles Gardner
The SANS Internet Storm Center has announced a podcast feed. If you don’t follow the ISC Handler’s Diary, you really should check it out. If the podcast meets the content of the Diary, it should be a winner.
Podcasts
March 25th, 2008 by Charles Gardner
For quite a while I’ve been keeping several items rolling forward in my blog reader, simply as reminders or bookmarks. I am dumping them here to clean out my Reblog and to ensure I don’t lose them. Some are rather old, some aren’t.
Uncategorized
March 25th, 2008 by Charles Gardner
I have been queueing up the last couple of Richard Bejtlich’s Snort Reports in my blog reader, so I decided to hunt up and notate the link for the list of Snort Reports.
Snort
March 25th, 2008 by Charles Gardner
There is a good whitepaper over at Adobe about Deploying Adobe Reader 8 that goes into details about unpacking and deploying the Adobe Reader via automated methods, including GPO assignment.
Applications