Better Safe Than Sorry

DNS Poisoning

DNS servers the world over have been targeted by evil doers. Flaws in these servers could allow creeps to silently redirect your browser sessions to anywhere.

To check to see if your ISP is vulnerable go here.

If the results (above) are less then satisfactory do contact your ISP and complain bitterly.

You could also use DNS servers that are patched. I suggest OpenDNS.com - they even have a handy application that corrects your settings when your ISP's DHCP server changes your IP.

Here is a good synoposis from the blog Security Fix:

At issue is a basic design flaw in the domain name system. DNS is the communications standard that acts as a kind of telephone book for the Internet, translating human-friendly Web site names like example.com into numeric addresses that are easier for networking equipment to handle and route. When people type a Web site name into their Internet browser, the process of routing of that name to Internet address is generally handled through DNS servers managed by Internet service providers and corporations. But according to research released this month, most of those DNS servers are vulnerable to a security flaw that allows miscreants to silently alter the virtual road maps that those systems rely on to route traffic. As a result, a cyber criminal could trivially rewrite those records so that when customers of a vulnerable ISP or network provider try to visit a particular Web site, they are instead taken to a counterfeit site created by the bad guys.

Security begins at home. Never assume your ISP has a clue.

OS X Something!

No, I have not RTFA. I do know that having faith that a certain OS is more secure than others is, one day, going to cause . . . problems.

iPhone Released

It's from Apple. It's cool. It's got a few neat ideas few of which are truly new. It's joined at the hip with Apple exactly like Microsoft software yet this linkage is muted because, well, with Apple this is a feature. Sure. For business users it holds nothing except promise in that you know version 2.0 will build on the hype (and, by this time, sales) to leveredge Apple into a nice position to take a run at the dying Music Industry.

Apple Quicktime Exploit

A highly critical security hole affecting Apple QuickTime version 7.1.3 (or earlier versions) has been exposed. Users of Quicktime are advised to disable Real Time Streaming Protocol. Windows XP users navigate to: Edit –> Preferences -> Quicktime Preferences -> File Types tab : uncheck ‘’Streaming - Streaming Movies‘’. Secunia has suggested users be very wary of opening files with the extension .qtl hosted on sites that look in any way dodgy.

Hardware Mayhem

First, it was promotional mp3 players from McDonald's Japan that contained a trojan now it's some Apple Video IPods that shipped with a virus. So, the mantra you must repeat is, "Security is a process NOT a product." Best Practices? Be aware of the possibility of viruses, trojans, etc. appearing in all manner of places and have your defences (Anti-Virus, Firewall, Spyware killers, etc.) ready before you are infected.

Mac Patches You Need

Apple has patched some 31 flaws but according to reports (here and here) there are still flaws that won't be addressed for some time to come :-(

Mac Safari Browser Vulnerabilty

Secunia is reporting on a vulnerability in the Safari browser caused by an error in the processing of file association meta data (found in the "__MACOSX" folder) in .ZIP archives. This could cause users to execute a malicious shell script that has been renamed to a safe file extension stored in a .ZIP archive.

Worse, it can also be exploited automatically when Safari visits an evil web site.

Secunia has a test available to confirm if your system is vulnerable: http://secunia.com/mac_os_x_command_execution_vulnerability_test/

The vulnerability can be lessened by disabling the "Open safe files after Downloading" option in Safari.

Basic Mac Security

Remember the old adage, security is a process not a product? Well, process this Macheads: A simple list of items you should know/do/avoid when using OS X 10.4 courtesy of user codeport at Mac Geekery.

Mac OS X Bluetooth (Proof of Concept) Worm

When it rains it pours for you Macheads. F-secure received a sample virus, Inqtana.A, that spreads via the Bluetooth OBEX Push vulnerability described here: http://www.osvdb.org/displayvuln.php?osvdb_id=16074. The exploit is not in the wild and will expire on February 24, 2006 but to be safe from this threat now and in the future you are advised to install the latest patches for your OS X version 10.4 ASAP.

First Mac OS X Virus

The first virus for Mac OS X has been encountered today. Called OSX/Leap.A. by F-Secure the Malware was posted via a link to MacRumors forum. Supposedly a screenshot for Mac OS X v10.5 Leopard the virus spreads through iChat.

It appears the victim must be running in Admin. mode to be infected. As with any OS you should generally not be swaning around while in Admin. mode because of the risk of compromising your PC at the "root level" where all the important processes live. If these processes are taken over by rogue software you can lose complete control without even knowing it.

Do yourself a favour and make a new user on your Windows box with less than Admin. privileges before you go wandering off into the Interweb.

Apple iWeb - RSS for Macheads

Apple has introduced an RSS reader/writer as part of the iLife suite. iThink mac users will love it :-)
Hotwired has the info here: http://www.hotwired.com/webmonkey/06/02/index3a.html.

Time to Update ReaPlayer

Secunia is reporting the 'ole buffer overflow in RealPlayer, RealOne and HelixPlayer. Time to upgrade! That includes you Mac Heads, right?

Mac OS X 10.4.3 Update (Delta)

Apple has introduced a minor fix for OS X - Read about it here: http://docs.info.apple.com/article.html?artnum=301984.

Apple Patches iTunes Flaw