PACKET RAT: Patches in the pipeline send the Rat to the breaking point
Michael J. Bechetti
'I'm telling you, it's a conspiracy,' the Rat grumbled on a recent Tuesday as he and his troops tested the latest tsunami of software patches to be inflicted on system administrators worldwide. 'Microsoft, Oracle, Cisco, Apple, Mozilla ... all shipping patches within a day of each other? It's gotta be some sort of conspiracy to drive sysadmins out of their minds.'
Microsoft released three 'critical' patches on its usual patch day, the second Tuesday of the month. That would have been plenty, but then Oracle released 49 patches for its database products. Apple sent a security update of Tiger, Mozilla sent out a security update for Firefox, and just about every Linux distribution had one sort of a fix or another. And Cisco had a denial-of-service vulnerability patch for its CallManager voice over IP software.
All of which meant that the Rat was a hair away from a total paranoid-delusional episode.
Of course, the worst thing to do was try to reason with him'and some newbie on his staff tried to do just that. 'Sir, there's no way Microsoft and any of those other companies could conspire with each other,' the clueless noob said calmly. 'They all hate each other.'
The wirebiter turned toward his unfortunate understudy, his eyes swirling with darkness. 'That's just what they'd all like us to think,' he whispered. 'ISN'T IT! Well, let me tell you, young bucko...'
And the Rat told him. And the young acolyte did despair.
While Larry Ellison, Bill Gates, Steve Jobs and Linus Torvalds may, in fact, not be members of the Illuminati, and probably aren't planning on paving the way to total global domination by throwing the protectors of networks around the world into collective confusion with such a massive barrage of alleged security 'fixes,' you might understand why the Rat could think so.
Certainly, carpet-bombing the guardians of the infrastructure without much warning doesn't seem like something out of the Big Book of Security Best Practices.
Sure, getting security holes fixed as quickly as possible is a good thing. But once you patch, the patching never ends. And, strangely, the Rat has'or at least, had'stopped worrying and come to love Patch Tuesday just because it meant he could plan his month around that day.
'Scheduled insanity is better than surprise insanity,' his wife agreed, making sure to fill the Patch Tuesday of every month with black marker so that she knew to make sure her husband's prescriptions were all filled in advance.
But Oracle and the others just ship their patches whenever they feel like it'which, this time, they did all at once.
'It wouldn't be so bad if there was some way to signal that something was coming,' the Rat reflected later that night, while yet another patch was finally being committed to the management server.
He turned to the senior Oracle DBA. 'Like, you remember that joke about the guy who's traveling, and his brother sends him a telegram to tell him his cat's died?
'He comes back and chews out his brother''You could have broken it to me easier, so I had time to get ready; you could have said first that the cat was on the roof and you couldn't get it down.'
'So the next time he was on a trip, he gets a telegram from his brother: 'Mother's on the roof and we can't get her down.' '
'So, what you're saying,' the DBA replied, 'is that Oracle should send out a message that says''
'Your software's on the roof,' the Rat concluded.The Packet Rat once managed networks but now spends his time ferreting out bad packets in cyberspace. E-mail him at [email protected].