This post is sure to ruffle some feathers…

ByMike McBride Reading Time: 2 minutes

Because I’ve been in the “not putting up with any BS” mood all weekend, I present to you some critiques of things you commonly see online:

As more information came in about the blogger hack, it is amazing how many people who immediately kicked in with their own “expert” opinions about what happened were so absolutely wrong. First it was “the blogger programming is obviously insecure”, then it was, “well that’s what they get for using IIS and SQL Server”, when in fact the hack was through an unpatched server running Red Hat Linux. Yes, it appears that even Linux has to be patched to remain secure, imagine that.

The second thing that seemed to be popular was “well I use Movable Type, so I don’t have to worry about security problems like this.”, no not really. If you’re running MT on a Red Hat server, you still have to have the same vulnerability patched, since it was a server vulnerability, not a blogging software vulnerability. Secondly, take a look at Phil’s post about spammers using a script to comment to every one of your MT posts. Sounds like an issue to me, although it obviously isn’t limited to MT.

My point is not to trash MT and Red Hat, but it is to point out to those of you who have an “expert” opinion about every security hole out there, that security is a problem for every OS, every software package, and every PC on the internet, not just the one’s you happen to not like. Those are both examples of fine software, but software that still requires you to pay attention to security issues! I am so tired of hearing from supposed experts that because of the software they use, they don’t have to worry about security holes. Anyone who would say such a thing is obviously not an expert, and it’s an opinion you should pay absolutely no heed to at all! Blogger got hacked because they missed a security issue and failed to patch one of their servers. They messed up and got caught, just like hundreds of other websites have. If you think it’s so easy and that you would never get caught like that, maybe you should open up your own hosting company and prove it instead of bitching from the sidelines.

We don’t host websites at my job, but there have certainly been issues that I missed, or made the wrong call on. It happens. You fix it, admit you screwed up and move on with your life.

Share with your friends!
LinkedInBlueskyMastodonThreadsRedditBuffer

Similar Posts

  • I have the power, not!

    ByMike McBride Reading Time: 1 minute

    As my wife described last night, after about 11 hours of travelling back from Virginia, including a couple of stops, I arrived home to news that our file and database server at work was dead. We quickly unloaded the car and I loaded back into it to go off to the office, where I discovered…

  • Suggestions

    ByMike McBride Reading Time: 1 minute

    Back to a previous topic, I am seriously giving thought to doing something different with the photo albums. Does anyone have any suggestions for some photo album software that would be compatible with a Windows hosting environment? It can’t be based on MySQL, perhaps something is ASP using Access or PHP without using a database?…

  • What I’m Sharing (weekly)

    ByMike McBride Reading Time: 2 minutes

    Nope. Sorry. Don’t believe you. – “AI is not the norm and I would be willing to bet a majority of lawyers can’t describe AI to their clients and can’t imagine their day WITH an AI.” – I would have to agree The phishing techniques law firms are falling for -Some of it is just…

  • Back at it

    ByMike McBride Reading Time: 1 minute

    It was a nice 4 day weekend, even though we spent all but the few hours we were at my parents Christmas Day inside the house. It’s still cold and icy here in Columbus, but they are promising us warmer weather starting tomorrow, so maybe some of this ice will, finally, start to melt! I…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)