cancel
Showing results for 
Search instead for 
Did you mean: 

The Actuator - May 17th

Level 17

The big news since last week is the WannyCry attack. I've got a lot I want to say on the subject of data security and will put together my thoughts in a different post. But for now I just want to remind everyone that security is a shared responsibility. With each attack, there seems to be more finger pointing and fewer solutions being offered.

As always, here are some links from the Intertubz that I hope will hold your interest. Enjoy!

Everything you need to know about the WannaCry / Wcry / WannaCrypt ransomware

Nice summary from Troy Hunt, helping to make sense of what happened last week. And while it is easy to say "just patch everything", the reality is that some systems aren't able to be patched. The truth is, the current software business model is broken.

Why “Just Patch It!” Isn’t as Easy as You Think

Having worked in an industry that doesn't like to touch systems that are working, I can relate to how some systems might be patched infrequently, if ever.

Don’t Blame Microsoft For WannaCrypt Vulnerability Exploitation

There are some people out there that believe Microsoft should be providing security updates for every OS they have ever built since 1983. What scares me most is that these same people are allowed to vote and drive cars.

Logs and Metrics

What's the difference between logs and metrics? Seems like an easy question to answer. But for some, there is little difference between the two.

Understanding the Kubernetes ecosystem

A quick Q&A about Kubernetes that reinforces the concept that there is no silver bullet when it comes to technology.

Microsoft debuts Azure Cosmos DB, a superset of its DocumentDB service

Microsoft is taking the first steps towards creating a truly global database for any type of data. Relational, NoSQL, NewSQL, it all just data, and Microsoft wants to make it easy to store your data with them.

Cybercrime on the high seas: the new threat facing billionaire superyacht owners

The struggle is real.

I've found the company responsible for every butt-dial phone call ever placed:

IMG_4935.JPG

24 Comments
Jfrazier
Level 18

superyachts...wow...so much money and so little sense...all in the name of convenience.

rschroeder
Level 21

pastedImage_0.png

Kubernetes:

     This Cluster Management solution might be OK--Google seems to endorse / use it.  Or it might just be another high-priced "cluster" . . .

        

Azure Disperse Even Further:

     Another way to spread your data further around the planet, exposing it to more physical and virtual access of which you may remain unaware?  I think so . . .

Cybercrime and the Ultra-Rich:

     As a "have-not," one might be inclined to think "rich/self-entitled folks get what they deserve . . ." especially if they have something (money, a life style, ridiculously expensive and pretentious toys) that you do NOT have.  But they're also just like less-well-paid, less entitled folks, in that they have a learning curve, they have come to expect a certain amount of functionality from the IoT.  Granted, like the rest of the world, they MUST understand their vulnerabilities and deal with them through proper practices, patching, protection, etc.  I'd be happy to offer my services and secure their mega-yachts' WLAN's, but I suspect these folks aren't interested in anything that might be an inconvenience, and restricting access and firewalling and using VPN's can certainly be that!

I was interested in the photo of the luxury yacht tied up to large military vessel in the article.  Not that a Destroyer can't trust a rich person's plaything, but SHOULD it?  I think not . . .   I wouldn't call that a "best practice" in the military understanding of the term.

mcam
Level 14

I love that log vs metrics post

Also love anyone who uses conflate in a sentence and means it.

language is important, use it

ScottRich
Level 12

more good stuff! thanks sqlrockstar

looks like I will need to add a firewall on my yacht!220px-BWCA_Canoe_Outing_-_001.jpg

ecklerwr1
Level 19

With the recent problems with Oracle now wanting you to license your Oracle database with every core in your virtualization infrastructure it could possibly run on.  When you have 100's of cores in it it's a total disaster!  We're going to make small virtual environment just for Oracle to get around the problem but it's just bad.  Maybe now with SQL Server for linux and stuff like the Azure DB we can finally start kicking Oracle to the curb wherever it's possible!

rschroeder
Level 21

pastedImage_0.png

vinay.by
Level 16

another cool article

sqlrockstar
Level 17

"with recent problems with Oracle" should just be "with problems with Oracle". Their licensing and strong-arm sales tactics have been known for years.

ecklerwr1
Level 19

Yeah it's really disappointing to me a long time user of SunOS then Solaris.  Oracle really ruined Sun.  The Oracle DB licensing stuff and attempts to monetize java are really turning me off on anything Oracle does.  Get this because of the number of Cisco UCS blades we have in our virtualization environment Oracle said we owe them over 40M dollars discounted from 75M.  We are just going to take a small number of our UCS blades isolated and say that's our environment to get around the ludicrous  new "you have to license every core in your entire environment BS from Oracle.

Basically Oracle decided to say... the Oracle DB could run on any core in the entire environment so you have to license ALL of them!  Even if say you only configure it to run on 4 say...  My guidance is to move as many DB's off of Oracle as we possibly can just in revolt to these tactics.  Also ever since Oracle bought Sun it's gotten worse and worse trying to get servers to run Solaris from them.  It was also very sad to see many GREAT developers at Sun leave.

sqlrockstar
Level 17

Yep, those are the stories I've been hearing as well. FWIW, it's *really* easy to migrate data from Oracle to SQL Server these days, and pay 10% of Oracle costs and get 10x the number of features.

ecklerwr1
Level 19

That's exactly what we're hoping to do more of... also with linux SQL Server coming this seems to have BIG promise!

mcam
Level 14

I'm conflicted with SQL Server on linux

From the techie/geek perspective I love the idea because I love linux and everything it stands for.

I also love that microsoft have finally started to support something other than windows

however, from the mgmt perspective, I hate that the cost of hiring a linux admin is much, much higher than getting a windows admin and much harder to get (and keep)

add that to getting a SQL Server DBA that knows the slightest thing about linux makes it even worse

sqlrockstar
Level 17

A good DBA isn't going to have an issue with Linux. Now, if you are expecting your MSSQL DBA to also be an experienced Linux admin, you might struggle to find that combination. But I would then ask why you are having your DBA also be the O/S admin.

Good DBAs are going to understand the basics (disk, network, CPU, memory) to enough depth that Linux won't be the issue.

mcam
Level 14

Oh for sure for the DBA comments and fully agree.

But I was meaning that I still have to hire and retain an admin for the linux OS - which is much more costly and harder to retain.

sqlrockstar
Level 17

Right, gotcha. Not sure why a Linux admin would cost more though. Maybe they charge more because they know you are saving money on not buying an O/S? Then again, if you are using Oracle that means you do have money, but you spent it all on Oracle forcing you to use Linux and there's nothing left for salaries anyway.

rschroeder
Level 21

Would you say that once many folks become aware of, and comfortable using, SQL on Linux, Oracle's prices should decline?

tinmann0715
Level 16

Oracle ruined... <fill_in_blank>

tinmann0715
Level 16

I am in the process of implementing a Patch Mgmt strategy

Ugh! I have now resorted to using a sledgehammer to implement it because the "Collaborative approach" will only lead to violent acts. My response to every excuse to why we shouldn't patch is, "Tough Toenails!" because everyone has an excuse.

I do applaud Microsoft for rising to the occasion and making patches available for W2003 and XP on response to Wannacry. Wannacry should be (yet another) wake-up call to IT shops to get their critical apps current so they aren't vulnerable.

CourtesyIT
Level 15

I liked this article and gave me some good jumping point to learn more about the hack last week.  Going to start coming to the Actuator more often. 

Jfrazier
Level 18

These weekly posting by sqlrockstar​ great jumping points for many things including things you never knew you needed to jump off to find out about.

mprobus
Level 13

I feel for those trying to patch their systems.  I was the "patching guy" for a couple of years.  Glad I'm not that guy anymore. 

byrona
Level 21

I think patching is one of the biggest challenges we have.  As a MSP we include patching as one of the services we offer and it may seem difficult to keep your own companies systems patched, try keeping the systems a bunch of different companies patched.  And it's not just the patching but we also need good reporting to show how well the systems are being patched and remediation plans to fix the ones that fall off the boat.  This alone is a full time job.

gfsutherland
Level 14

sqlrockstar​ another great collection of good stuff.

Patching older systems is the proverbial house of cards... close your eyes and gently put card in place....

jkump
Level 15

I love that analogy about patching.  I may have to use that one!!!

Great article sqlrockstar

About the Author
Thomas LaRock is a Head Geek at SolarWinds and a Microsoft® Certified Master, SQL Server® MVP, VMware® vExpert, and a Microsoft Certified Trainer. He has over 15 years experience in the IT industry in roles including programmer, developer, analyst, and database administrator.