March 2009 Archives

I'd like your opinion on whether we need to be doing anything in particular in relation to the Conficker worm. Is it anything you guys are concerning yourself with?

I am honestly surprised at the coverage that the Conficker worm (aka Downadup or a few other names) is receiving.

It is a serious problem, and worthy of attention. So is any other worm. Its original form exploited a brutal vulnerability in Windows, one of those "here, kind sir attacker, I place all my resources at your disposal, please treat me gently" sorts of problems, and it exploited the problem fairly well, generating millions of infections.

But that vulnerability was fixed in October 2008. On our campus it could have been bad; in January I found nearly 200 machines lacking the MS08-67 patch. With some aggressive scanning and network disconnects, we had that number down to a handful of isolated machines by the time MS09-01 came out. We saw 0 Conficker infections, despite security policies and management attitudes that a pessimist would say haven't changed much after we got absolutely hammered by Code Red and Slammer. Two years ago, Storm was a genuine problem on campus, and every day we get dozens of notifications of one security issue or another.

This is not to say that our experiences with Conficker mirror those of the entire outside world. China's apparent infection numbers are a full order of magnitude greater than any North American or European country. Brazil and Russia have been vulnerable as well. But the North American press is approaching this as an apocalypse, when the figures just aren't there to back this up: total US, Canadian, and Mexican infections are less than half of Russia's.

Worldwide problem? Yes.

Serious issue? Yes. It's a worm, but one whose spread is mitigated by proper patching.

Problem for my co-workers? Not really. Keep pushing and improving your security policies, and you'll be all right.

References, in increasing order of technical complexity:

Wikipedia writeup

Verizon Business Security

SRI International writeup

This didn't look like a game between a team desperate to make the playoffs, and another team which is pretty much the model for "bad team." It looked like a game between two teams that didn't really want to win very badly. There didn't appear to be a great deal of intensity, save for a few brief spurts and towards the end of the game. As a result, I didn't actually get a lot of notes on anybody at all, which suggests I could have just given pretty much everybody a 4 and be done with it. (Scoring chances from Dennis King's post at mc79hockey. My recording device has been on the fritz and we're getting ready to move, so I haven't bothered replacing it - I'm open to correction on my memory of who did what, since I was also scoring the game after a 17 hour day. Nevertheless...

Smid, 4: he didn't make any terrible plays himself, but he was on the wrong end of far more scoring chances than he was on the right end for. He was on the ice for Lombardi's goal, although I don't think he contributed to the GA - Lombo came down Strudwick's side of the ice.

Horcoff, 5: outchanced the opposition, but didn't outscore them, and that's what counts. 3:30 of power play time needs to get a goal.

Nilsson, 3: didn't do much, and got benched later in the game, seeing only 2 shifts in the third. He wasn't skating hard, and if he's not skating hard, he's ineffective.

Cogliano, 3: part of the crew that was on for Klee's goal, and again for Hanzal's. A very well-deserved -2 on the night, 2 missed shots. At least he was 50% on faceoffs. Penner took over for him a few times at #3C late in the game. He started out the game well though; he had a great 2 on 1 rush with Reddox and put it off the post, but after that seemed deflated.

Moreau, 4: 3 shots, good PK time. He was his usual #18, except without the bad penalties, or even any penalties at all. Maybe some more aggressiveness would have been better, for a change. 1 hit might have had something to do with that; that part wasn't his usual self. Marked down for that.

O'Sullivan, 5: -1, 2 shots, 1 hit. 3:26 on the power play on a night the Oilers could have used a PPG. I didn't like either of his penalties. He had a few chances but couldn't convert. Maybe a 4.

Kotalik, 6: potted a nice goal, 7 shots led the team (2 blocked, 2 more missed). He even won both his faceoffs. He managed to not give up any bad chances going the other way and had a couple himself. He wasn't what was wrong last night, very low event except when the puck went in behind Bryzgalov.

Staios, 5: pretty low-event as well, he played 21:54 total, 3:13 of PK time. 2 shots, 3 hits, but astonishingly, he didn't limp off the ice from any shot-blocks - he had none at all. Got a helper and was +1.

Penner, 4: unusually, he was outchanced. He also had almost as much power play time as he did even strength time; 5:47 to 8:37. 2 shots, 3 more blocked, 1 hit and 4-4 in the faceoff circle as Cogliano lost the coach's confidence there. I'd give him a 3, except his defensive play was at least there and he was no less physical than anybody else. He drove the net hard a couple of times and showed some muscle in front of it. But nearly 6 minutes on the power play! That needs to result in a goal. The PP to start the second was good, he spent nearly a minute in front of Bryzgalov, but nobody could get the puck to that area. He showed some restraint when he and Gagner and Hemsky were competing for the puck behind the Phoenix goal and he was crosschecked at least four or five by Michalek. A lot of guys would have turned around and laid some lumber back for a retaliation penalty, or scrummed it up (as #27 was clearly tempted to do) but he didn't. Some would say that's typical Penner; maybe so, but he's been playing with more fire lately and was obviously incredibly pissed off.

Pisani, 4: -2 on the night as well. 1 shot, 1 hit, 4 chances for and 6 against. Not much going on last night for San Fernando.

Grebeshkov, 5: loads of fruitless PP time, 6:20 of it (23:14 total). Still, he had a couple shots and generally outchanced the opposition.

Strudwick, 3: he wasn't totally out to lunch, but he was outclassed by a speedy Phoenix team. He had a hard time keeping up and when he could, he couldn't lay the body on them. 1 hit, outchanced 8-2, and it was he who couldn't cut Lombardi off (or down) when the forward was dancing in on Roloson.

Souray, 4: he was nasty and physical (5 hits led both teams, nearly 25% of Edmonton's) and made some good passes, was on the ice for Hemsky's goal, and gobbled up nearly half the game on the ice. He couldn't get his point shot away in 7:20 of power play time, was on the ice for Klee's goal, and was pointless. Call it a saw-off, with a mark off for somebody who's worn the C and has an A on a team that largely phoned it in.

Brodziak, 5: he did what he needed to, he was skating and hitting and killing penalties. He wasn't scoring though. Pretty average.

Gilbert, 4: chances were a saw-off, except while he was on the ice the ones for weren't great, and some of the ones against were. When Phoenix were buzzing, he had a hard time clearing the puck and he shied away from hits a couple of times, once resulting in a turnover. He did have 3 shots blocked though. This was the kind of game I'd have expected from Grebeshkov earlier in the year.

Hemsky, 6: I docked him a grade for an ineffective first half of the game, but he really came to life later on. Scored 1-1-2, 4 shots, 3 more blocked, he took some doozies of some hits to make plays and handed out a couple himself. He runs the power play though, so the lack of scoring there has a lot to do with him - he did come up with some good scoring chances though.

Reddox, 3: those who think MacTavish has a crush on this player, whom they imagine resembles old #14 himself, should watch this game. Reddox's line was badly outchanced, and while that's not all on #85, he only saw the ice twice in the third period. He wasn't skating hard and wasn't really hitting at all. Far from his best game. Made a rookie mistake on Hanzal's goal.

Gagner, 3: didn't have much going on at evens, he had some sniffs on the power play but obviously no result. His turnover, described at length by David Staples, was a killer, and I marked him down a grade for it.

Roloson, 5: he maybe could have had Lombo's goal, probably should have. He did make some good saves later on though, as Phoenix outshot and outchanced the Oilers. Not his best game, but definitely not the sort that had Garon starting last year. MacT may have to reconsider his goalie strategy.

Per findingada, this is my Ada Lovelace tribute. My exemplar of women excelling in technology is one of the people who got me interested in - inspired me to take up - technology as a career. Despite not being a system administrator or a techie or a programmer or a designer herself, she nevertheless set a good example for me and, I believe, a couple of generations of young women she taught to use computers to solve problems.

This woman's name is Dian, although when we talk on our weekly telephone calls, I call her Mum.

My mother isn't any of what we would recognize as one of the traditional technical roles. She has a PhD in quantitative genetics and is a professor of animal science, but some of my earliest memories as a child involve going with her to the computer lab at the University of Guelph. She would set me up on a keypunch machine with a few cards while she did her own computer runs and other work.

When we moved to Nova Scotia, she helped to set up a computer lab at the Agricultural College, and one of the courses she used to teach involved computerized statistical analysis. I spent parts of a few summers helping her to run the lab, and got my start in security there too; I found some of the lab machines had been infected using Stoned while chasing down what I thought was a bug in a program I'd written to do hardware inventories.

I found out later that that class was infamous among some of her students; it was required for those who wanted to do the pre-vet program, and when I ran a business in the same town in which my mother teaches, I had a veterinary clinic as a client. The staff there had mostly done their pre-vet at the AC. Their expressions became very guarded when I told them who my mother was, and they cautiously expressed the opinion that the class was good but extremely tough, my mother a tough but fair professor, and that while they didn't come out of the class loving computer analysis, they did respect the machine as a tool.

When I was 12 or 13, I came home one day to find my parents formatting floppy disks for their latest acquisition, a Commodore PC-10II. I know now that it was an 8088 at 4.77MHz with 640KB of RAM and a CGA adapter, but at the time I was slightly disappointed that it was not a Commodore 64. Nevertheless, I played around with it, and when I took a computer class in high school and learned some Pascal, my parents bought me a copy of Turbo Pascal 5.0. My mother encouraged me to continue programming and bought me upgrades to TP 5.5 and 6.0 Pro. I spent my allowance on and received for Christmas and birthday presents several programming books and tools: Pascal, x86 assembler, graphics, QuickC, Turbo Assembler, and probably lots of others I've forgotten. I was never an expert user of any of these tools, but I did learn a lot, went on to CS at UNB, failed out, and now I work in IT anyway.

I don't know that my mother will ever win any awards for women in technology, but to me she proves that you don't need to be a hardcore coder or a sysadmin to be successful at using computers. I hope her students learned that too, while they struggled with their analyses. She is definitely responsible for helping to put me where I am now.

One of those games that makes you wonder how MacTavish has any hair left at all, never mind gray hair. Smid hurt in the first 10 minutes and gone for the game, Hemsky turning the puck over as often as not, Gilbert braincramping, and Roloson eventually having 40 shots on him in his record-breaking 21st game in a row. MacT rolled the same lineup that started against Ottawa the other night, subbing in Reddox for Jacques. I should say that for chances, I'm relying on Dennis King's ratings. Once again, the top 6 forwards weren't really such, and the bottom 6 did as much or more to get the win. I want to like O'Sullivan and Kotalik, I really do, but I can't help but wish that Cole was still around.

Smid, no rating: bad-luck game for #5, first he got smoked in the face with an errant elbow, then the ref fell on him, and then he got to lie there while the play went into his own zone. Hughson said Souray must have been asking why the whistle wasn't blown after that; I'm wondering if Souray was asking why no penalty, although the elbow wasn't on purpose. Hope he's back next game.

Horcoff, 6: Two assists and some special teams time, 20:05 icetime - so it's down a bit, but not much. Pretty good on faceoffs, and his giveaway wasn't bad (unlike some others I will mention). Maybe a 7; he was +6/-6 for ES chances on a night the Oilers got schooled everywhere but the scoreboard and fight card.

Cogliano, 7: 12:37 icetime, most of it in the second period. He played very well the first couple of periods but faded a bit, which partially explains the reduced time in the third. One assist, +1, 3 shots, and he was frequently on the good side of dangerous plays. He bailed Roli out on a leaker in the first, making a nice second effort to clear the puck before Blake pounced on it in the crease with Roli out. +5/-5 on ES chances. I won't mention the "f" word though.

O'Sullivan, 4: how he got 16:38 icetime is beyond me. He didn't make a lot of mistakes, but he didn't have a lot going offensively either. PP got nothing done with him on it more time than any forward not named Hemsky or Horcoff. He had his feet moving and delivered a couple of hits, but he needs to help out more in the offensive zone.

Kotalik, 4: the best hit he laid all night was on Gagner, and he nearly took out Hemsky too. He did have a couple of near-chances off feeds from Hemsky, although it's not his fault he couldn't convert - I thought 83 was trying to feed his countryman a bit too much. Still, 3 hits on guys in blue to go with his pair of own-hits, and no giveaways or horrifically bad plays. I docked a point for a play he made for the Leafs in the third period; Hemsky was rushing up the middle on the power play and Kotalik was just standing at the Leafs blue line, his back to the play. Hemsky nearly ran him down, the puck turned over, and the Leafs had a good rush the other way. That was likely just unfamiliarity with the team, since he's had more games than practises, but still, at least watch the guy with the puck.

Staios, 5: stepped up once Smid went down. Was even on the night but still played nearly half the game. PK was perfect, and he made a great block at the end of the second period. With +4/-10 chances though, his mark may be reflected as much by Roloson's play as anything else. +1 for icetime, -1 for chances against.

Penner, 5: Big Dustin Penner(tm) wasn't given many chances tonight; no Oilers forward played less than he did, and the only Leafs who played less were hurt or named May and Mayers. 23 seconds in the third, 8:16 total. He did play his usual corner game, getting the puck out front once or twice, and early in the game managed to keep up with Cogliano on a rush. He was even a +1. Either he's hurt, or his benching in the third was a result of the turnover he made at his own blueline. Or MacTavish is only playing him because he likes Nilsson even less. Who knows any more? ES chances were +4/-2 (only Oilers forward in the black); he was on the ice for Pisani's goal and helped a bit by rushing the net, although I doubt Staples will be giving him any unofficial assists on the play.

Pisani, 6: nice goal in the second period. Played a fairly solid defensive game with Cogs and Penner / O'Sullivan. One shot, two more blocked, one more missed, +6/-7 chances-wise. Just the way I like my #34, although a few less shots on Roli with him on the ice would have been nice.

Grebeshkov, 7: +4, an assist, no blatant mistakes, 24:54 icetime; only way he could have been better would have been if the PP scored. Outchanced the Leafs at evens. Top-pairing quality on the night, this player gets it.

Strudwick, 5: +1, chances at evens were even, he stepped up a bit with Smid out, laid a heavy hit and stood up and schooled his challenger, even though he didn't want to. Third pairing D wasn't the problem tonight. That being said, I docked him a mark for letting Ponikarovski charge in on net for his goal.

Souray, 5: he was bruising all night despite 0 credited hits, but +3/-13 at evens chances, and 22:41 of icetime - not one of #44's best games as an Oiler. The Leafs knew how to play him on the power play and it showed as he got no shots on net, with one missed and one blocked. He made a few nice defensive plays though, so "not good, not bad."

Stortini, 5: when he was able to set up the cycle he was good. When he and Reddox and Brodziak got trapped in their own end, they were trapped. Nevertheless, he gets some marks for his physical play; 3 hits and a fight.

Brodziak, 6: once again centred one of the better Oilers lines, he doesn't seem to miss Glencross as much now as he used to. Pretty solid 10:42 of even strength and 1:44PK, although he was on for the PPG against. Scored a real goal and had the empty netter on some strong work exiting the defensive zone. Faceoffs were pretty good, 5/9 for 56%.

Gilbert, 5: it pains me to say it, but despite his +3 rating, an assist, and some nice plays, I don't think 77 played very well. Definitely a high-event game for him, he seemed to be struggling a bit early on and settled down a bit later. 3 shots on net, 2 hits, +8/-8, but there's that terrible penalty he took at the end of the first and he had a few brutal giveaways.

Pouliot, 4: not much happening tonight, he had a good chance in tight on Gerber, but took a bad penalty and had a brutal time clearing the defensive zone in the second. +2/-5 at ES chances. He rescued himself from a possible 3 with some physical play and by showing some competence in the faceoff circle. He needs to do more to stay on the second line; I suspect he's only there because of the coach's antipathy towards Penner and Nilsson.

Hemsky, 5: that was a beauty goal, and he added a helper and was +2 with 2 shots. At one point, he was on with Stortini, who was handling the puck below the goal line; Hemsky stepped in and delivered a solid hit to give Storts some clearance. But man oh man, I don't remember him giving the puck up this much since he was a second year player. I thought he spent too much time trying to set up Kotalik, and those bad passes at the blue lines make me shriek. (It's true, ask my wife.) Could be a 6, but he absolutely cannot give that puck away when the team's nursing a 3-1 lead. Those giveaways probably accounted for most of his -6 chances at evens (to go with his +4).

Reddox, 5: he was skating a mile a minute, but wasn't as physical as he has been. Bouncing around a bit in the lineup probably didn't help him much. He did manage a +1 rating though, and got a shot on goal.

Gagner, 4: he soaked up a pretty hard hit from Kotalik, although it didn't seem to make a difference in his game. His line didn't have much going tonight. +1/-7 chances, they got hemmed in a fair bit and just couldn't clear the zone. Nothing at all going on the power play either.

Roloson, 9: set an Oilers record, even Fuhr never started that many games in a row when he played 75 of 80. Chew on that for a minute: in a year that Grant Fuhr played in all but 5 games for the Oilers, he started no more than 20 in a row. (Other goalies in 87-88 were Bill Ranford, Daryl Reaugh, and Warren Skorodenski, he of the 6.89 GAA and .720SP.) Roloson made 39 saves on 40 shots, and while a lot of them were fairly routine, a .975SP is a .975. He got some help from his friends, especially Souray and Cogliano, but what does a guy have to do? Make 39 saves, apparently. And look forward to probably starting #22 on Wednesday. I did think he was fighting the puck a bit in the first, and he probably could have played the one GA better - but he's allowed one mistake, right?