Ok so I’m old.

I can tell not by my drivers license, but because I remember the days when a 128 mb of ram on a 90 Mhz processor was a pretty powerful server. Granted the client computer were 486 DX 33 Mhz running DOS 6.22, with a Novell 4.11 client, and 10 mb network cards. The big threat then was the insidious boot sector virus. All the data for the development environment fit nicely on 9 gb of drive space. Cool stuff for someone that started writing COBOL on punch cards. Running jobs on what was basically a steam powered computer in comparison.

Each year the technology leaped forward to the point that it is only through reflection that I can recognize how much things have changed. I can’t put my finger on when it all changed so dramatically. This is very similar to adopting a puppy. Out of the blue, you realize the dog is huge! When did that happen?

Follow up:

It seems like the biggest growth has been in the number of threats, and attack vectors that have emerged over the last few years. Root kits are ab old hat, but they continue to grow more complex as time goes on. By the same token, the amount of spyware has sky rocketed over the same amount of time. Virus writers have changed their tactics. Used to be when you had a virus there was no doubt that the writer wanted you to know he got you. Now, malware keeps a low profile to avoid suspicion and targets to a smaller set of computers to avoid signature based anti-virus detection engines. Buffer overflows have been a problem since the days of the old coal fired computers, and it is still a big issue today.

I feel a bit overwhelmed by the leaps in the nastiness that has transpired. Then again, anti-virus has gotten better in the on-going cat and mouse game of malware. In the mid 90’s, so many companies ran without a firewall and everyone used a routable IP address to connect to what was a text based internet. Back then no one used the internet to check their bank accounts, or purchase items from an online site.

I once worked for a company that refused to spend any money to purchase a firewall, and I was frantic about this stance as it made me look bad. Needless to say, I did not stay at that particular company very long. A couple of years later, I ended up at another company that had no firewall, but was 0wn3d. My first week was consumed with figuring out which of these NT 4 machines were actually hacked. It was easier to figure out which ones were not. The list included none. For the first month, it seemed that all I did was make the new owners mad by breaking their software if only for a day. Eventually I installed a firewall, and reinstalled all the servers and all the workstations, and eventually had a clean network. We moved to a new location within five months, but I always imagined that the hackers would still beat on the spot where the T1 line was installed out of habit. Kind of like the way elephants dig where the river ran before it dried up. The users were not of much help, at first, as they would install all kinds of peer to peer network sharing software. They all thought I was paranoid. I’d review my firewall logs, and very quietly, ask them to remove the copy of Kazaa from the workstation. If they did, I would not tell on them. The company did not have an actual software policy, and the management was not thrilled with my windows policy to not allow users to install software on their workstations.

What was once perfectly acceptable is now laughable!

I was at a Jiffy Lube the other day and thought back of these jobs.. Certainly, as a mechanic I would not have to fight everyone for the right to run a secure network. Seems like a better life. All I’d have to do is make sure the old oil filter gasket was removed, and that the drain plug was tight, and no one would think I was being an intrusive, control freak. After all who wants to buy a new engine just because all the oil leaked out. Most car owners are not much better than the users on a network. They may notice the oil light is on, but they may not stop immediately. Instead they’d try to get home, and then call the local Jiffy lube to complain. Of course by then it’d be too late. So maybe that’s not the way to go either.

I feel like the main character in American Beauty. He gets a job at a fast food restaurant, and proclaims that he is looking for a job with the least amount of responsibility. The only problem with this approach is the money. Minimum wage is impossible to live on. Maybe I should go back to programming, but that has changed dramatically too. Writing games on a TI-994A was a pain in that the machine was slow, and the code had to be efficient, but there was no network card, and viral code was still in the future.

Now I have to worry about data validation, stack overflows, etc. Not to mention my skills are not up to speed with the current day. So I’d better make the most out of my current situation, and stay up to speed with the current network threats, and counter measures. It’s a lot of work, but it better than making minimum wage as a dishwasher. Yes I know about that one too, and I’ll leave it at that.