Re "Internet slowed by electronic assualt," Jan. 26: The SQL Slammer (Saphire) worm demonstrated once
again what computer security professionals already know about the vulnerabilities of the Internet.
The weakest link in the security chain is usually people. In this case, it lays directly on the
shoulders of SQL Server system administrators.
Although I don't normally defend Microsoft, in this case, they did exactly what they should have.
Six months ago, when the vulnerability was discovered, Microsoft published a security patch. The
fact that some system administrators failed to apply this patch means they are either lazy or
incompetent. In either case, they shouldn't be maintaining systems that contain critical, sensitive
or private data.
What most people still don't realize is that sometimes it's not the computer itself or the data that
a hacker wants. More and more it's the access to the computer's network bandwidth. A hacker with
unlimited bandwidth is a threat to us all.
For the sake of our critical infrastructure, the guilty parties here should be collecting an extra 13
weeks of unemployment benefits.