Note: This articles was written for, and first published in, the NUI Maynooth student news paper The Maynooth Advocate.

With the recent Eircom controversy the security of our home networks has at last come to the attention of the press. That attention has focused mainly on one particular flaw in Eircom wireless routers but all broadband users could do with giving their broadband connection a quick security once-over.

Read more

Apple’s security reputation takes another dent this week with yet another zero-day exploit in its QuickTime media player. There is now proof-of-concept code out there which uses this exploit to remotely compromise computers running both Windows and Mac OS X. The vulnerability exists in QuickTime’s handling of media streamed over the RTSP protocol. If you are a bad guy all you have to do to use this exploit to attack someone is to get them to open a specially crafted RTSP URL (a url starting with rtsp://). If the victim’s browser has JavaScript enabled you can make things even easier for yourself, you can get JavaScript to open the RTSP URL for you! What this all means is that you can now have your Mac compromised by simply visiting a web page. This is a lot worse than the Trojan that I discussed a few weeks ago where you had to actually download and install a program giving it admin access in the process in order to be compromised. I should mention that this exploit does NOT give the attacker admin access to your machine, it ‘just’ lets the attacker run any code they want as the user running QuickTime. This is not as bad as an exploit which would allow the attacker to execute any command as root/admin but it’s still very bad.

You can get more details from US-CERT. That page also gives you some guidance on protecting yourself. However, those instructions are very windows-centric.

Technorati Tags: , ,

Read more

There’s a lot of buzz around the place today because something we all knew would happen eventually, has finally happened. There is malware out there actively going after Mac users. Is this malware exploiting some flaw in the Mac OS? Nope, it’s exploiting the innocence of many Mac users when it comes to security matters. The exploit actually requires the user to not only run an installer, but also to enter their password to give the installer administrative privileges! The only way this could ever work would be if there were a lot of naive Mac users out there so convinced of their security that they’ll happily install any random crap from internet. Uh oh ….

Technorati Tags: , ,

Read more

How Leopard Will Improve Your Security - a great article explaining the security enhancements brought by Leopard in plain English.

The letters which Eircom promised to send out to users to inform them of the security flaw I described previously have started arriving and one of the boards.ie users was good enough to post a scan on his website. In this post I’m just going to go through some of the choice bits of this letter and rip them apart. I really wish Eircom had made a competent reply so this wouldn’t be necessary, but sadly it really is. They still don’t get security and seem more interested in glossing over the problems rather than addressing them.

Technorati Tags: , , , , ,

Read more

Eircom’s security issues are bad enough to be getting on with but at least users can protect themselves with a few easy steps. BT customers seem to be much worse off with a remotely exploitable authentication bypass vulnerability. A quick scan of their website shows no announcement of the flaw or mention of it. They had better respond soon and respond well!

Please note that this article is a follow-on article from two previous articles (Eircom Exposes Its Broadband Customers to Serious Security Risks and Eircom Security – More Bad News and Some Suggested Solutions). The previous articles lay out the problems and some suggested solutions in detail. This article will not repeat those detailed explanations and justifications. I am writing this article with the assumption that readers will have first read the two original articles.

This article starts by presenting the details of Eircom’s response before providing a brief analysis leading to some conclusions. For those of you too lazy to read the whole article, were this to be school I’d give Eircom a passing grade, but not a great one. Say a high D or a low C.

Technorati Tags: , , ,

Read more

It’s not long ago that I posted about Apple not patching their SAMBA implementation for months after a patch became available. Now there is a Quick Time vulnerability in the wild that was apparently reported to Apple about a year ago. I constantly give off to Microsoft for this kind of carry-on, so, each time I catch Apple at it I’m going to highlight it too. The Mac user experience is currently fantastic but Apple’s continued complacency about security is putting that experience at serious risk. How bad will things have to get before Apple cop on to themselves?

For more details on this vulnerability (which affects Windows too) check out this Mac World article

Technorati Tags: , ,

This is a follow-up article to my earlier article Eircom Exposes Its Broadband Customers to Serious Security Risks. If you’re following the comments on that article you’ll see that I’m trying to bring these problems to Eircom’s attention. I haven’t gotten very far yet but I’ll keep updating those comments with what ever progress I manage to make. However, there has been another development that I feel I need to bring to people’s attention. This afternoon I was anonymously sent some very interesting information regarding yet another alleged hole in Eircom’s security. I MUST STRESS THAT I HAVE NOT VERIFIED THESE CLAIMS as to do so would involve attempting to break in to someone’s network and that’s illegal. However, should this prove to be true Eircom has yet another problem to fix. In this article I’ll start by explaining the alleged problem, then propose a simple solution, and end with some simple advice for Eircom customers who wish to protect themselves from these security vulnerabilities.

Technorati Tags: ,

Read more

I had heard complaints from people in the past that Eircom didn’t seem to do the whole security thing properly at all. I guess I just hopped they’d have sorted themselves out by now. They haven’t. I’m not sure if it’s down to incompetence or just not caring about their customers, but, in my book there are no valid excuses for leaving your customers exposed. Eircom have chosen to give their customers a wireless router. This makes things a lot simpler for the customer since it means they don’t have to go messing around with cables and such, but it potentially opens them up to significantly higher security risks. In the relationship between an Internet Service Provider (ISP) and a customer, the ISP must be the one on top of security issues. The average broadband customer cannot realistically be expected to be a security expert. Customers can only be expected to follow instructions from their ISP, and they have every right to assume that these instructions will not expose them to serious risks. Having gone through the process of setting up Eircom broadband for my grandfather last weekend I can tell you they are totally failing to protect their users by instructing their customers to set up their networks in a way that is highly insecure.

Technorati Tags: , , , ,

Read more

« go backkeep looking »