« Posts tagged security

Unacceptable Apple

April 15, 2012 / posted in Whatever / Comments Off

Apple, and it customers have been trying to deal with there latest and greatest security threat, know as the Flashback malware.  Apple has finally released tool to identify and remove the malware from a system … for Lion users ONLY:

In its ongoing battle to clean up the Flashback malware mess, Apple has now released a standalone removal tool.

The downloadable utility is available exclusively for Mac owners running OS X Lion. It will not run on Mac OS X 10.6 (Snow Leopard) or earlier versions.

A description and download link are available here. The accompanying security bulletin says “This update is recommended for all OS X Lion users without Java installed.”

link

It is bad enough that because Apple controls it update process so much so tightly that when 3rd party security updates are released that they are not pushed to users in a more timely fashion. But when a fix is made available it is ONLY available those running the very latest major release of OS X even when ALL releases of OS X that care Java are effected. Just me but I think that if you are going to spend money software security support should be available to at least the last 2 major releases. Just sayin’

< , , , , >

Security breach at TripAdvisor

March 25, 2011 / posted in Internet, Technology / 1 Comment

WARNING: If you use TripAdvisor:

TripAdvisor is the latest company to announce a security breach of its customer email addresses. The travel advice company has published limited details of the incident at http://www.tripadvisor.com/vpages/more_information.html, but is still investigating when the breach actually occurred.

via TripAdvisor email list stolen | Netcraft.

< , >

Federal Government wants to wiretap the Internet … the fools

September 28, 2010 / posted in Law, Technology / Comments Off

WASHINGTON — Federal law enforcement and national security officials are preparing to seek sweeping new regulations for the Internet, arguing that their ability to wiretap criminal and terrorism suspects is “going dark” as people increasingly communicate online instead of by telephone.

Essentially, officials want Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages.

via U.S. Tries to Make It Easier to Wiretap the Internet – NYTimes.com.

I’m not going to comment on the privacy issues. I’m sure that what most people are talking about in regard to this case. But I don’t see how such a law could be effective if interacted enacted. While they could serve order to Facebook or RIM, who provided encrypted communication as a service, software would be immune. Maybe not from a legal standpoint, but from a piratical practical stand point, yes.

What most lawmakers don’t understand is that the power of the Internet is at it edges, not the center. All any suspect would have to do is use an app that makes uses of asymmetric encryption. They could subpoena, data from carriers & ISPs all they want. Unless they buy a couple of years on Cray to decipher data, they won’t know what they got.

If they want the same capability that they have with wire-line phones, then they are going to have to attack the system at the edges, meaning handsets.

< >