Tech Risk & Security

My computer did not show any network connection after I installed my computer with all 9 security patches. After some search, MS also noticed this problem and the update is below. http://support.microsoft.com/?kbid=909444 This experience prompt me for 2 issues (one technical , one management) 1. MS recommend one setting "Everyone group should have Bypass Traverse Checking permission". But this violated the default server built standard at some companies. The servers before put into production was hardened and this permission was changed to Domain User or Authenticated User. Should we ask ourselves "Are we doing too much security hardening?" or "Why Everyone is need this permission?" 2. While it took 5 days for malicious hacker to publish exploit code, MS took 4 days to resolve their buggy patch. How IT admin is going to manage their internet facing server if running MS IIS ? Patch too soon, we are at risk of MS bug. Patch too late, we are at risk of exploi

BBC news reported two twenty-something were convinced for 3 and 6 months. What alter me is that the judge by putting them behind bars was sending message to other young people. “Young men, like you, have to be deterred from committing this kind of offence.” By Judge Beatrice Bolton http://news.bbc.co.uk/1/hi/england/4319942.stm