November 2008

WPA Cracked

If you use WiFi to connect to your Internet provider via a wireless router be aware that recently a crack has been found that could allow eavedroppers to detect your passphrase. The simple solution (for now) is to use WPA2 rather than the now vulnerable WPA. If by some chance you missed the memo about the much older WEP protocol you should have stopped using that years ago! If your router does not use WPA2 then ensure it is using AES encryption and not TKIP. Also be damned sure your passphrase is long (12+ characters minimum) and contains a mixture of lower case, upper case, numerals and characters. So, password IS NOT up to scratch. k*uh7%vg4Sk9jNVfdxq)( is just about right ;-)

Critical Patches Released for Adobe Applications

Adobe has released patches that fix at least eight security holes in both its Acrobat and Adobe Reader programs. These flaws could be used by evil doers to take control of vulnerable systems. Versions 8.1.2 and earlier are affected. Adobe has rated these updates as “critical” indicating that the flaws could allow attackers to comptomise an unpatched system without the users knowledge. The Windows update may be found here.

Opera 9.62 released

The latest version of the safest browser around has been released. You are advised to download and install to patch two security holes that could be used for, among other things, cross-scripting attacks. It is available here: http://www.opera.com/download/