Lessons Learned From Blaster

CowboyRobot writes "It's been nearly a year since Blaster struck, causing hundreds of millions of dollars in fixes and lost revenue. Jim Morrison of Symantec goes step-by-step in looking at how the Blaster worm got out of control so quickly, and what lessons can be learned from that event, by studying how one utility company dealt with it." The story is written as a fun, technothriller narrative; here's an snippet: "The laptops, usually out in the field, were always a hit-and-miss proposition to find on the network and deliver a patch or to have the user take the machine to a field office. That meant that on the 16th they could see a flood of traffic launched against Microsoft. The second phase of Blaster, launching a DoS (denial of service) attack against windowsupdate.com, was imminent."

Don't Use Microsoft?

[john_smith_45678]

Is that the lesson?

Isn't the lesson simpler than that?

[bigberk]

I thought the lesson was, software monoculture in the global computing industry is opening the door for disaster -- what we need is diversity in platforms and applications.

Things I learned from the Blaster virus.

[master_p]

I think the most important lesson is that the more proprietary software is, the more difficult it is to mature. Microsoft's closed development model does not help in the direction of code maturity, no matter how many programmers there may be. One of the reasons is that the open source developer may feel more pressure to deliver something that works flawlessly than the closed sourced developer.