I haven’t blogged in a little while because things have been fairly uneventful here. That is not to say that there has been no work to do – we have been busy – but most of it is stuff that we really can’t talk about because it is internal process or customer confidential. Some of the time has been spent trying to sort out some of the issues with MS07-040 which didn’t go as smoothly as we had hoped but I have been developing some training on investigating malware. A lot of the skills used in debugging are similar to those used for determining the functionality of a bit of unknown software. Given the nature of the software being examined, this is nervous work, often time critical and not something that you want to do while connected to a corporate network.
It seems that even hackers need a vacation now and then… or maybe they are all off at the BlackHat convention. Time will tell.
One question that sometimes comes up is about the backdoors that we put into our software to allow the FBI/CIA/Russian Organised Crime/Howard Hughes to access your computer. Naturally, we deny the existence of any such backdoor. Even if we were wholly happy with the idea that anyone other than you has an automatic right to your data (and we are very unhappy with that idea) there is a very simple reason why there is no back door. Anything that lets in the good guys can let in the bad guys. A lot of people don’t believe us though which is hardly new. When I worked in developer support, people would ask about the royalty model for the Visual Studio runtime. I would explain that they are free to redistribute the files listed in the redistribution document and good luck to them. People would look for catches. Sometimes there just aren’t any.
So, patch day is getting closer and we are getting all our ducks in a row which should keep us busy. It is like the land rushes of the old wild west on patch day. We queue up the content ready to go live. There are briefings at various levels from the deeply technical to the management overview. Details are checked again (and yet there will be something missed) and the timer ticks down to 10AM, Redmond time. Activity rises to a fever pitch and status emails fly back and forth. I am not going to say how many web servers we have but it is hardly a secret that there are more than 2 or 3 systems in the load balanced network. It is non-trivial to replicate that much content over that many servers in as tight a time frame as possible. For system administrators, this event marks the start of quite a lot of work. For development, it marks the end of a lot of work. For me? It marks the middle.
Signing off for now