tag:blogger.com,1999:blog-28632302758774511642024-03-13T16:25:13.508-04:00Macintosh SecuritySecurity news and education for the Mac computer community. Laugh at the FUD! Learn the facts about Mac security. ©2023 Derek Currie:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.comBlogger337125tag:blogger.com,1999:blog-2863230275877451164.post-32856854755016459652023-01-06T15:36:00.004-05:002023-01-06T15:42:54.535-05:00When Ransomeware Attacks!<p style="text-align: center;"> --</p><div class="separator" style="clear: both; text-align: center;"><a href="https://www.muyseguridad.net/wp-content/uploads/2019/11/ransomware-1000x600.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img border="0" data-original-height="600" data-original-width="1000" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlp-KuuI5uVeT7G2ExTux61xhX4Sg8rqQVRrP5TJ6xzpGazojlw3B8eOfX44AdGvi5E15V_2oGZPYGhQ3wDB_CVzdpuHbmW80LllGMSvmrLE_Pk_br-f44YhH7RDJ1KEAiZ3GnBtBK3dFyN6m4e82JBrvjNADST04XsVh_a3XDmWlLqwKHLHmc3zsQfA/s320/ransomware-1000x600.jpg" width="320" /></a></div><p style="text-align: left;">Thank you Microsoft.</p><p style="text-align: left;"><span style="font-family: arial; font-size: medium;"><a href="https://thehackernews.com/2023/01/microsoft-reveals-tactics-used-by-4.html" target="_blank">Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS</a></span></p><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px;"><p style="text-align: left;"><i>'"Ransomware continues to be one of the most prevalent and impactful threats affecting organizations, with attackers constantly evolving their techniques and expanding their tradecraft to cast a wider net of potential targets," Microsoft said.'</i></p></blockquote><p style="text-align: left;"><b>Q:</b> What is the single best defense against ransomeware?</p><p style="text-align: left;"><b>A:</b> It's the <b>#1 Rule of Computing</b>: <b>Make a backup.</b></p><p style="text-align: left;">The ideal backup of course is continual, hour by hour, <i>encrypted</i> and saved both <i>locally</i> for quick access, and <i>off-site</i> at a location that is <i>not</i> allowed to be overwritten. This serves two purposes:</p><p style="text-align: left;">1) <i>Encryption</i> means the bad guys can't steal it then blackmail you to pay up or they'll release the data to the public. All they can share is the gobbledegook mess of encryption noise. This kills their incentive to steal the data in the first place.</p><p style="text-align: left;">2) You have <i>off-site</i> all the data you need to restore your system in a hurry, ASAP, that day. You don't have to pay any ransom. They may have found your encrypted data, stolen it and ruined everything on your computer systems. And you don't care because you have a fully intact, made an hour ago encrypted backup they could not destroy. You RESTORE and you're back up and running. Just be sure your restore does not include the ransomware that got you nailed.</p><p style="text-align: left;"><b>Q: </b>Should you also use an anti-malware system?</p><p style="text-align: left;"><b>A: </b>If you can afford it, I vote YES. Some detection systems from anti-malware vendors are <i>free!</i> Just be certain you're using anti-malware that is rated as well run and frequently updated. </p><p style="text-align: left;">As is evident, I'm no longer deep in the anti-malware world. But I can point out what works for me and what's known to be garbage.</p><p style="text-align: left;"><b><span style="font-size: medium;">What I Use:</span></b></p><p style="text-align: left;">• <b><a href="https://www.malwarebytes.com/mac">Malwarebytes</a>:</b> This is a simple and useful anti-malware system created and maintained by a former colleague and collaborator from years past. It's useful on a per machine basis. The free version is a good start.</p><p style="text-align: left;">• <b><a href="https://www.intego.com/" target="_blank">Intego VirusBarrier</a></b>: I've been using their software for 17 years, testing both Mac and Windows systems on my computers. They remain excellent IMHO. Keep an eye out for discounted license deals.</p><p style="text-align: left;">• <b><a href="https://objective-see.org/products/ransomwhere.html" target="_blank">RansomWhere?</a></b> : Patrick Wardle is a saint of macOS security. Among other things, he provides useful anti-malware tools free of charge. He also provides a free book for Mac security professionals entitled "<b><a href="https://taomm.org/" target="_blank">The Art of Mac Malware</a></b>".</p><p style="text-align: left;"><b><span style="font-size: medium;">Don't Use</span></b> (IMHO of course)<b>: </b></p><p style="text-align: left;"><b><a href="https://en.wikipedia.org/wiki/Avast" target="_blank">Avast</a></b>, aka <b>AVG</b>, aka Gen Digital, aka HMA, aka Piriform Software, aka Inmite, aka <b>NortonLifeLock</b>, aka Jumpshot (now defunct). Why?</p><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px;"><p style="text-align: left;"><i>"In January 2020, a joint investigation by Motherboard and PCMag found that the Avast Antivirus and AVG AntiVirus Free version were collecting user data, which was being resold to personalize advertising through a subsidiary, Jumpshot...."</i></p></blockquote><p style="text-align: left;">There have been and likely will be other such invasions of privacy from a variety of sources, sadly including anti-malware. Therefore, be wary and investigate any security system, security dependent software or device, before buying and installing. Searching out the reputation of any company is considerably easy over the Internet. Check a variety of sources for comparison.</p><p style="text-align: left;">On an enterprise level system, I am only familiar with <b>Sophos</b>. But there are other options to investigate as well!</p><p style="text-align: left;">IF you do your proper backups AND do your best to keep the malware off your systems (remember that wetware error is here to stay), you can keep out and/or frustrate ransomeware attacks. Be prepared! Investing in computer security is worth the expense in EVERY situation. Expect to be attacked. Be able to rely on your preparations to save you.</p><p style="text-align: left;"><b>Remember</b>: Almost every victim of ransomware that ends up paying up has FAILed at the <b>First Rule of Computing</b>. They didn't store a safe, encrypted <b>backup</b>. Don't follow their foolish example.</p><p style="text-align: left;"><i>More reading:</i></p><p style="text-align: center;"><b><a href="https://www.howtogeek.com/680617/how-to-protect-your-mac-from-ransomware/" target="_blank">How to Protect Your Mac From Ransomware</a></b></p><div class="separator" style="clear: both; text-align: center;"><a href="https://www.howtogeek.com/680617/how-to-protect-your-mac-from-ransomware/" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img border="0" data-original-height="553" data-original-width="1200" height="147" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIQvzTHRnbDLpjvUpCYOKyru1N5reymCVdSOVqki0eERHbCx0wFkztHUX4785hb71-T68Me5TV4ZI2S0Hs2kaQC9FuyndK5yE8WaxA6SnNIymjGYGBgd6ZFYM5r2Z7OsmpcXJlXmYeoZsYnN-UoIblRphbLUEAniCP5NliWQRfnKDGSB4FaYq6nz-b3A/s320/mac-ransomware-attack.webp" width="320" /></a></div><p style="text-align: center;">--</p>:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-61454485375354588592021-05-24T20:50:00.001-04:002021-05-24T20:52:30.056-04:00Apple Lied To Me<p style="text-align: center;"> <span style="font-family: georgia; font-size: large; text-align: center;">--</span></p><p style="text-align: left;"><span style="font-family: georgia; font-size: medium;">After weeks of battling with a lemon (aka badly broken) refurbished MacBook Air M1 I'd ordered from Apple, going way beyond what was asked of me to diagnose what was wrong with the junk, I was *lied to* by their technician Greg that I could get a swap replacement today at the local (badly run) Apple Store. [Thanks Brandon and Adam for creating an irate. It was classic.] I took my money back and am no longer supporting Apple.</span></p><p><span style="font-family: georgia; font-size: medium;">This is an extremely tough decision for me. But Apple has fallen so badly in every way I've interacted with them over the last five years that I am, for the sake of my own well being, cutting myself off from the company. (I've done beta testing for them for over a decade). </span></p><p><span style="font-family: georgia; font-size: medium;">I cried over it. That's how difficult this is for me.</span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-1lxxK-P7t9k/YKxI-tC0CbI/AAAAAAAADGc/QgIGO7hw0aYFACsv4iDeQF-9bwzMq_BBwCLcBGAsYHQ/s701/rotten_apple.png" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: georgia; font-size: medium;"><img border="0" data-original-height="701" data-original-width="688" height="320" src="https://1.bp.blogspot.com/-1lxxK-P7t9k/YKxI-tC0CbI/AAAAAAAADGc/QgIGO7hw0aYFACsv4iDeQF-9bwzMq_BBwCLcBGAsYHQ/s320/rotten_apple.png" /></span></a></div><p style="text-align: center;"><span style="font-family: georgia; font-size: medium;">--</span></p>:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-78275993700518673692019-12-23T18:37:00.004-05:002019-12-23T18:41:30.923-05:00Oh Good, A Secure IoT Standard At Long Bloody Last, Kind Of... Sort Of... Maybe...<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<span style="font-family: "georgia" , "times new roman" , serif;">I'll believe it when I see it. </span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">Don't count your horses just yet. ;-)</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://www.activistpost.com/2018/08/the-idiots-guide-to-the-internet-of-things-iot-with-an-almost-75-failure-rate-security-experts-suggest-only-idiots-would-want-to-install-it.html" target="_blank"><img border="0" data-original-height="252" data-original-width="450" height="179" src="https://1.bp.blogspot.com/-oPEDfDPepLk/XgFLLC-zBiI/AAAAAAAAC9U/Nt56xId_lPcA0eJEs_0gn5LO92e-1U_eQCLcBGAsYHQ/s320/IdiOT.jpg" width="320" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Meanwhile, read with hope in your heart:</span><br />
<span style="font-family: "georgia"; font-size: 15px;"><br /></span>
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b>The IoT wars are over, maybe? Amazon, Apple, Google give up on smart-home domination dreams, agree to develop common standards</b></span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">The bad news: You may have to buy all new kit if you want things to work</span><br />
<i><span style="font-size: x-small;">By Kieren McCarthy in San Francisco 18 Dec 2019 at 19:41</span></i><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><a href="https://www.theregister.co.uk/2019/12/18/iot_standards_war/">https://www.theregister.co.uk/2019/12/18/iot_standards_war/</a></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">After years of trying and failing to dominate the smart home market with their own standards, tech giants Amazon, Apple and Google have finally agreed to work on a set of common code that will allow smart home products, from thermostats to cameras to plugs to digital assistants, to work together seamlessly. </span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">The new “<a href="https://www.connectedhomeip.com/" target="_blank">Connected Home over IP</a>” approach will be developed through a new working group within smart home veteran organization the Zigbee Alliance, and the broad brush blueprint of the new standard is stark in its obviousness. It will be an IP-based protocol so it can connect directly to the internet rather than require a hub; it will be open-source and royalty-free and allow for end-to-end secure communication; and it will work with core standards like Bluetooth and Wi-Fi. </span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">The new standard should emerge in draft form in late 2020, meaning that 2021 will be the start of a new era in smart home tech, where Alexa talks to Nest and you can have a single app on your phone to talk to everything else....</span></blockquote>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://pacweb.alamo.edu/InteractiveHistory/projects/rhines/StudentProjects/2007/Utopia/Utopia%20010.jpg" target="_blank"><img border="0" data-original-height="748" data-original-width="1251" height="191" src="https://1.bp.blogspot.com/-6uT5Mrh_xj8/XgFJZ_7NevI/AAAAAAAAC9I/dF6MFFuC_xM30sEX1Tfc58dqUyhhI16tgCLcBGAsYHQ/s320/Utopia%2B010.png" width="320" /></a></div>
OK!<br />
But wait!<br />
What about...?<br />
<br />
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b>Microsoft built its own custom Linux OS to secure IoT devices</b></span><br />
<a href="https://thehackernews.com/2018/04/microsoft-azure-sphere-iot-linux.html">https://thehackernews.com/2018/04/microsoft-azure-sphere-iot-linux.html</a><br />
<br />
<i>AND</i><br />
<br />
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b>FIDO Alliance looks to create standards for internet of things devices</b></span><br />
<a href="https://www.cnet.com/g00/news/fido-alliance-looks-to-create-standards-for-internet-of-things-devices/">https://www.cnet.com/g00/news/fido-alliance-looks-to-create-standards-for-internet-of-things-devices/</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://images.yourstory.com/cs/wordpress/2016/11/how-to-diffuse-conflict.png" target="_blank"><img border="0" data-original-height="400" data-original-width="800" height="160" src="https://1.bp.blogspot.com/-LLhH7ethiu4/XgFPcA_zWWI/AAAAAAAAC9g/hDfQPUWef1MD9vvdr5rq2QNCYTuLiWNkwCLcBGAsYHQ/s320/how-to-diffuse-conflict.png" width="320" /></a></div>
<div style="text-align: center;">
--</div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-84653023143630079832019-10-15T14:44:00.000-04:002019-10-15T15:02:37.280-04:00Filler: What I'm Up To...<div style="text-align: center;">
<span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><a href="https://www.metmuseum.org/toah/images/hb/hb_2008.7.jpg" style="background-color: #f3f3f3;" target="_blank"><img border="0" data-original-height="1301" data-original-width="1297" height="320" src="https://1.bp.blogspot.com/-C_oeSyHLwKg/XaYRZsI_UQI/AAAAAAAAC8g/QM7WAM5pfZ0HRIko2jfhPHEfI3Kuc_Y2gCLcBGAsYHQ/s320/Wanderer%2BIn%2BA%2BStorm%2Bzoom%252Blight.png" width="319" /></a></span></div>
<span style="background-color: #f3f3f3;"><span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><b style="background-color: #f3f3f3;">An explanation of what I've been up to.</b><span style="background-color: #f3f3f3;"> For visitors who've wished I had been around lately, thank you.</span></span></span><br />
<span style="background-color: #f3f3f3;"><span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">I continue to keep up with Mac security news every day. Somehow, it's play time for my brain. But I've lost a sense that I have much to contribute to it here at Blogger. The blog sometimes had 1000 readers a day, but that hasn't been <span style="color: #1c1e21; white-space: pre-wrap;">enough of an in</span><span style="color: #1c1e21; white-space: pre-wrap;">c</span>entive for me. Doing the routine of collecting and repeating what's going on in the field isn't inspiring or useful. Instead, I've been posting around the net about ongoing Mac security situations when I see a need for comments. I'm a regular at both Ars Technica and The Register.</span></span><br />
<span style="background-color: #f3f3f3;"><span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">Recently, the majority of the Mac security gestalt I've been part of has gone professional. My oft-times collaborator Al Varnell and I continue to contribute to the group when something unique, obscure and important shows up. But generally, we wander and stray where we are needed. Most of the rest of the group is now in a semi-state of competition. That's a good thing as it is part of the maturing of the Mac security community. It means blogs like this one are less necessary and useful. There are now some excellent places to keep up with Mac security news and methods.</span></span><br />
<span style="background-color: #f3f3f3;"><span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">Locally, I'm still working with the computer/technology user group as it inevitably shrinks. I tend to present something each month about security. Lately, I've been presenting about block chain and cryptocurrency.</span></span><br />
<span style="background-color: #f3f3f3;"><span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">Meanwhile, the computer security business in general, both practical and journalistic, remains unprofessional, unscientific, unstandardized, haphazard, detrimentally lazy and ignorant. The more I chatter about this fact, the less inclined I am to bother. There is </span><span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">little</span><span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;"> ongoing change apart from the very beneficial proliferation of people involved with computer security and places to learn about and keep up with what's going on. There is still plenty of wrong information being proliferated, a standard ignorance of best security practices and standards. Software and hardware coding quality isn't improving. General cynicism regarding human comprehension of technology and coding increases, not decreases, over time. Scapegoating technology for the failings of we humans subsequently increases via the usual default human behaviors. Short-term thinking in pursuit of quick cash remains the norm, along with the inevitable long-term catastrophes. A simple example, IMHO, is continued blight that is the Android operating system, despite supposed efforts to bring its security under control.</span></span><br />
<span style="background-color: #f3f3f3;"><span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">I can also point at Apple's periodic lackadaisical attitude toward security. This has been a relatively horrible year for Mac and iOS device security with some outright stunning and occasionally irreparable harm done. Still, Apple gets accolades because their lethargy is far superior to the vast majority of the rest of the technology industry. </span></span><br />
<span style="background-color: #f3f3f3;"><span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">The most extreme ongoing example of worthless garbage, absent of reliable security, is <b>IOT</b>: The <b>Internet Of </b><i>dangerous</i><b> Things</b>. Abominable. If I were to write a blog about IOT, it would consist of the same statement every day: <b>DON'T</b>. There is at last a working security standard for IOT. But whether it catches on, whether it actually helps, we'll have to wait and see. For now, IOT is GeeWhiz! techno garbage for the tech-ignorant consuming masses. Again, the lack of professionalism in computer security resounds. Or is this assumed incompetence actually or partially a method of extending hacker, business and governmental surveillance of the world's citizenry? Time will tell.</span></span><br />
<span style="background-color: #f3f3f3;"><span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">So, be careful out there. If something critical shows up in the Mac security community, if I have something insightful or professorial to offer, I'll still be around.</span></span><br />
<span style="background-color: #f3f3f3;"><span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">:-Derek</span></span><br />
<span style="background-color: #f3f3f3;"><span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><a href="https://jessgroopman.files.wordpress.com/2013/08/beecham_research_internet_of_things.jpg" style="background-color: #f3f3f3;" target="_blank"><img border="0" data-original-height="778" data-original-width="1200" height="207" src="https://1.bp.blogspot.com/-orWJ93peaYY/XaYPl40-1kI/AAAAAAAAC8M/QYygQdXFSCQGKFEQ9d9X4E6b8TUv6aNYgCLcBGAsYHQ/s320/beecham_research_internet_of_things.jpg" width="320" /></a></span></div>
<div style="text-align: center;">
<span style="background-color: #f3f3f3; font-family: "georgia" , "times new roman" , serif;">--</span></div>
<span style="background-color: #f3f3f3;">
<span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><br /></span></span>
<span style="background-color: white; font-family: "georgia" , "times new roman" , serif;"><br /></span>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-60713548862772638822018-10-18T10:12:00.004-04:002018-10-18T10:23:54.267-04:00Apple's New Privacy Pages: Your Reading Assignment!<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-yBSm797HFBc/W8iTbWYJShI/AAAAAAAAC4g/sm1NhB1VE2M7sWDHdvPXMOvuK1pCnRSHACLcBGAs/s1600/BackdoorsAreForBozos.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="303" data-original-width="500" height="193" src="https://2.bp.blogspot.com/-yBSm797HFBc/W8iTbWYJShI/AAAAAAAAC4g/sm1NhB1VE2M7sWDHdvPXMOvuK1pCnRSHACLcBGAs/s320/BackdoorsAreForBozos.jpg" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "georgia" , "times new roman" , serif;">In this day and age, when the western world is being increasingly China-fied and Russia-fied, IOW </span><i style="font-family: georgia, "times new roman", serif;">devolving</i><span style="font-family: "georgia" , "times new roman" , serif;"> into totalitarian surveillance states, it's wonderful to watch </span><b style="font-family: georgia, "times new roman", serif;">Apple</b><span style="font-family: "georgia" , "times new roman" , serif;"> </span><i style="font-family: georgia, "times new roman", serif;">resist</i><span style="font-family: "georgia" , "times new roman" , serif;"> and </span><i style="font-family: georgia, "times new roman", serif;">insist</i><span style="font-family: "georgia" , "times new roman" , serif;"> upon user privacy. Good on 'em!</span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">It used to be that Apple merely provided semi-annual transparency reports, annual white papers on Apple gear security and some diffuse documents about securing, hardening our Apple devices. Now, everything has been gathered into one area on their website for easy access along with elaborations no doubt inspired by EU's <a href="https://en.wikipedia.org/wiki/General_Data_Protection_Regulation" target="_blank"><b>GDPR</b>, General Data Protection Regulations</a>.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Where to start:</b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><a href="https://www.apple.com/privacy/" target="_blank">Privacy - Apple</a></span></b><br />
<ul>
<li><span style="font-family: "trebuchet ms" , sans-serif;"><a href="https://www.apple.com/privacy/approach-to-privacy/" target="_blank">Our Approach to Privacy</a></span></li>
<li><span style="font-family: "trebuchet ms" , sans-serif;"><a href="https://www.apple.com/privacy/manage-your-privacy/" target="_blank">Manage Your Privacy</a></span></li>
<li><span style="font-family: "trebuchet ms" , sans-serif;"><a href="https://www.apple.com/privacy/government-information-requests/" target="_blank">Transparency Report</a></span></li>
<li><span style="font-family: "trebuchet ms" , sans-serif;"><a href="https://www.apple.com/legal/privacy/en-ww/" target="_blank">Our Privacy Policy</a></span></li>
</ul>
<span style="font-family: "georgia" , "times new roman" , serif;">The pages tend to be iOS centric, no surprise of late. But Apple's privacy policy is relevant to Mac gear as well. As we dig into the various sub-subjects, we find an elaborate exposition of Apple security details. Take an hour and dig around. If you <i>require</i> security on your Apple gear, it's worth the time to read through it all in order to know what Apple offers and how to put it to work for you.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="https://www.apple.com/privacy/approach-to-privacy/" target="_blank">Topics include:</a></b></span></span><br />
<ul>
<li><span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">Encryption </span><i style="font-family: georgia, "times new roman", serif;">(Get stuffed Australia surveillance maniacs!)</i></span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">Apple Pay</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">iMessage, FaceTime</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">Health and fitness data</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">Analytics </span><i style="font-family: georgia, "times new roman", serif;">(under our control!)</i></span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">Safari</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">iCloud</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">Education</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">Advertising</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">Photos</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">Siri & Dictation</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">HealthKit</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">Music</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">News</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">Maps</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">Siri & Spotlight</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">DeviceCheck</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">HomeKit</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">ResearchKit</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">CareKit</span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;">CloudKit</span></li>
</ul>
<span style="font-family: "georgia" , "times new roman" , serif;">There are odds and ends here I'd hadn't been aware of!</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">The core of the Privacy site is <b><a href="https://www.apple.com/privacy/approach-to-privacy/" target="_blank">Manage Your Privacy</a></b>. All of us should dig through this page in order to maximize our understanding and control of our own privacy settings.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif; font-size: large;"><b>What everyone should read NOW:</b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="https://www.apple.com/privacy/manage-your-privacy/" target="_blank">Manage Your Privacy:</a></b></span></span><br />
<ul>
<li><span style="font-family: "georgia" , "times new roman" , serif;"><a href="https://www.apple.com/privacy/manage-your-privacy/#secure-your-devices" target="_blank">Secure your devices</a></span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;"><a href="https://www.apple.com/privacy/manage-your-privacy/#manage-apple-id" target="_blank">Manage your Apple ID</a></span></li>
<li><span style="font-family: "georgia" , "times new roman" , serif;"><a href="https://www.apple.com/privacy/manage-your-privacy/#be-aware" target="_blank">Be aware of what you're sharing</a></span></li>
</ul>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">Each of these sections provides links to helpful, more detailed information.</span> </span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">Of most immediate concern is this section under <b>Manage your Apple ID</b>:</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Beware of phishing!</b> Phishing spam has become increasingly elaborate and deceitful. The worst of these are the fake charge receipts. The idea is to send us scrambling to UNdo charges we are lead to believe have been made without our permission. They are remarkably successful, as has been demonstrated most explicitly in China in recent weeks. Apple provides further elaboration about phishing <a href="https://support.apple.com/en-us/HT204759" target="_blank">HERE</a>. </span> </span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">It takes time to pour through all this, but it's well worth it.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></span>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">.</span></span><a href="https://2.bp.blogspot.com/-9lMOOsTlIzE/W8iUcktNdHI/AAAAAAAAC4s/bzXegHSasuA417jwT09o16T-RUuH9Z7owCLcBGAs/s1600/Incorrect.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" data-original-height="469" data-original-width="620" height="242" src="https://2.bp.blogspot.com/-9lMOOsTlIzE/W8iUcktNdHI/AAAAAAAAC4s/bzXegHSasuA417jwT09o16T-RUuH9Z7owCLcBGAs/s320/Incorrect.jpg" width="320" /></span></a></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-69269699386880317472018-10-16T08:57:00.002-04:002018-10-16T09:00:33.017-04:00iOS 12.0.1 Security Bug Workaround (O_o)<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-B4_Xq774jng/W8Xf-2JN2kI/AAAAAAAAC4U/sDoV5H9A2C8hJkk3XTdrhHVs-JVGWIu0gCLcBGAs/s1600/fffacepalm.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="639" data-original-width="1600" height="126" src="https://4.bp.blogspot.com/-B4_Xq774jng/W8Xf-2JN2kI/AAAAAAAAC4U/sDoV5H9A2C8hJkk3XTdrhHVs-JVGWIu0gCLcBGAs/s320/fffacepalm.png" width="320" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Yes, here we go again. The Bug:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="https://thehackernews.com/2018/10/iphone-lock-passcode-bypass.html" target="_blank">New iPhone Bug Gives Anyone Access to Your Private Photos</a></b></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">...The new hack allows anyone with physical access to your locked iPhone to access your photo album, select photos and send them to anyone using Apple Messages. </span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">Since the new hack requires much less effort than the previous one, it leaves any iPhone user vulnerable to a skeptic or distrustful partner, curious college, friend or roommate who could access your iPhone's photo album and grab your private photos....</span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">The new passcode bypass method works on all current iPhone models, including iPhone X and XS devices, running the latest version of the Apple mobile operating system, i.e., <b>iOS 12 to 12.0.1</b>. </span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">Until Apple comes up with a security patch, you can <b>temporarily fix</b> the issue by disabling Siri from the lockscreen. <b>Here's how to disable Siri: </b></span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">Go to the <b>Settings</b> → <b>Face ID & Passcode</b> (<b>Touch ID & Passcode</b> on iPhones with Touch ID) and <b>Disable Siri</b> toggle under "Allow access when locked."</span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">(<b>Bolding</b> mine).</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">If you kept the workaround for the similar bug in iOS 12.0, then you're already safe. </span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">The general consensus at this point is that it is UNSAFE to leave Siri on when the screen of an iOS device is locked. Therefore, we might want to leave Siri disabled when locked. That means we have to unlock the device first, then access Siri. As ever, it's <b>convenience versus security</b>. Take your pick, find your balance.</span></span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://rockit.cloud/wp-content/uploads/2017/08/Convenience-vs-SecurityHR.jpg" target="_blank"><img border="0" data-original-height="385" data-original-width="356" height="320" src="https://1.bp.blogspot.com/-fU_YxROo820/W8XJEneWhxI/AAAAAAAAC4I/hlEzYoZZfIc2EEYKLXWiiExFyTCRvIvJACLcBGAs/s320/Convenience-vs-SecurityHR.png" width="295" /></a></div>
<div style="text-align: center;">
--</div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-67192503764416033282018-09-29T11:45:00.001-04:002018-10-03T14:01:00.036-04:00iOS 12.0 Security Bug Workarounds<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://s.aolcdn.com/hss/storage/midas/237af41f8ed1179d42ef976683d621ad/206660080/Untitled-2.jpg" target="_blank"><img border="0" data-original-height="1338" data-original-width="1309" height="200" src="https://3.bp.blogspot.com/-e-mew5t_W-U/W6-bCGP9G8I/AAAAAAAAC3o/SuwlDGG83aQp9CRpU5b9R5-2ZamitCgYQCLcBGAs/s200/iphone_xs_series.png" width="195" /></a></div>
<div style="text-align: center;">
<br /></div>
<span style="font-family: "georgia" , "times new roman" , serif;">One of my common themes is the difficulty of writing secure software in our ever more complicated coding times. [Detailed rant withheld.] Therefore, any code of substantial complexity is going to have bugs and the worst bugs are typically security holes. The computer security community gradually adjusts to increased code complexity through new processes of complex code scrutiny. Here are a couple excellent examples along with, thankfully, a couple convenient workarounds. I've added relevant screenshots below:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="https://appleinsider.com/articles/18/09/28/complex-ios-passcode-bypasses-grant-access-to-iphone-contacts-and-photos" target="_blank">Complex iOS passcode bypasses grant access to iPhone Contacts and Photos</a></b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">By Mikey Campbell @appleinsider</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">Friday, September 28, 2018</span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">A pair of extremely involved passcode bypasses discovered in Apple's latest iOS 12 can grant attackers access to Contacts and Photo data on a user's iPhone, including models protected by Face ID. . . .</span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">Apple has yet to address the vulnerabilities in the latest iOS 12.1 beta. </span><span style="font-family: "georgia" , "times new roman" , serif;">Concerned users can minimize exposure to the apparent bugs by disabling Siri lock screen access in <b>Settings > Face ID & Passcode</b> or <b>Settings > Touch ID & Passcode</b> under the "Allow access when locked" heading. The second attack can be thwarted by enabling password protection for Notes by navigating to <b>Settings > Notes > Password</b>. </span></blockquote>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-4m2AhG8WQa4/W6-WdvI3-GI/AAAAAAAAC3U/kuEfFItGgDUdRPklgX3y7KfDXSKTfuQrwCLcBGAs/s1600/Siri%2BOff%2BAt%2BLock%2BScreen.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="421" data-original-width="263" height="320" src="https://3.bp.blogspot.com/-4m2AhG8WQa4/W6-WdvI3-GI/AAAAAAAAC3U/kuEfFItGgDUdRPklgX3y7KfDXSKTfuQrwCLcBGAs/s320/Siri%2BOff%2BAt%2BLock%2BScreen.PNG" width="199" /></a></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-CXopH2VCUd8/W6-WoNo363I/AAAAAAAAC3Y/fDxrCB3-hl8f55hCXy14L8hnjPCjfbGEgCLcBGAs/s1600/Password%2BProtect%2BNotes.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="286" data-original-width="262" src="https://2.bp.blogspot.com/-CXopH2VCUd8/W6-WoNo363I/AAAAAAAAC3Y/fDxrCB3-hl8f55hCXy14L8hnjPCjfbGEgCLcBGAs/s1600/Password%2BProtect%2BNotes.PNG" /></a></div>
<div>
<br /></div>
<div>
<span style="font-family: "georgia" , "times new roman" , serif;">Please read through Mikey Campbell's article before enacting the workarounds in order to understand what you're changing in iOS 12. Turning off Siri at the lock screen may not cause problems. However, creating and having to use a password for your Notes may create inconvenience. It's the usual theme of security vs. convenience.</span></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://i.ebayimg.com/00/s/MTYwMFgxNjAw/z/0qYAAOSwHnFVyZ16/$_35.JPG" target="_blank"><img border="0" data-original-height="300" data-original-width="300" src="https://2.bp.blogspot.com/-g02Bd4jpHmE/W6-dmILvnMI/AAAAAAAAC30/kna2LlQuaLofeYtdyVDCdAeXFAo6fSAzACLcBGAs/s1600/byebye_fly.png" /></a></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-58311022799120766222018-06-07T17:07:00.001-04:002018-06-07T18:14:38.644-04:00Another In-The-Wild Adobe Flash Exploit, Another Out-Of-Band Update<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-xzwSZVnv8uk/Wxmde8J6YOI/AAAAAAAAC0I/IqewAIiWaUMP3IFBsDQ-0l-xRxjUs81vwCLcBGAs/s1600/the_same_old_story_ack.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="402" data-original-width="600" height="214" src="https://3.bp.blogspot.com/-xzwSZVnv8uk/Wxmde8J6YOI/AAAAAAAAC0I/IqewAIiWaUMP3IFBsDQ-0l-xRxjUs81vwCLcBGAs/s320/the_same_old_story_ack.png" width="320" /></a></div>
<br />
<span style="font-family: Georgia, Times New Roman, serif;">Same old story. Flash is being exploited <i>in-the-wild</i> again. Adobe has pushed out another unscheduled Flash update. The new version is <b>Adobe Flash 30.0.0.113</b>. Update ASAP if you don't already have Flash automatic update running. Or simply tip the Flash Internet plugin into your Trash and empty it.</span><br />
<br />
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><a href="https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" target="_blank">Security updates available for Flash Player | APSB18-19</a></span><br />
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 29.0.0.171 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user. </span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">Adobe is aware of a report that an exploit for <b>CVE-2018-5002</b> exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.</span></blockquote>
<span style="font-family: Georgia, Times New Roman, serif;">And Adobe has also pushed out at the same time <b>Adobe AIR 30.0.0.107</b>. So far, the update has no security update document.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;"><b>Remember</b> to <i>ONLY</i> download Adobe stuff <i>DIRECTLY</i> from <b>Adobe</b>. Never, ever, ever trust any Adobe installers that are shoved at you by any website. They're 100% fake and a prominent source of malware infection.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<b><span style="font-family: Georgia, Times New Roman, serif;">Those Adobe download pages are:</span></b><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">Adobe Flash: <a href="https://get.adobe.com/flashplayer/">https://get.adobe.com/flashplayer/</a></span><br />
<span style="font-family: Georgia, Times New Roman, serif;">Adobe AIR: <a href="https://get.adobe.com/air/">https://get.adobe.com/air/</a></span><br />
<span style="font-family: Georgia, Times New Roman, serif;">Adobe Reader DC: <a href="https://get.adobe.com/reader/">https://get.adobe.com/reader/</a></span><br />
<span style="font-family: Georgia, Times New Roman, serif;">Adobe Shockwave: <a href="https://get.adobe.com/shockwave/">https://get.adobe.com/shockwave/</a></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://farm4.staticflickr.com/3386/3625998760_1a0619b943_z.jpg" target="_blank"><span style="font-family: Georgia, Times New Roman, serif;"><img border="0" data-original-height="423" data-original-width="640" height="211" src="https://2.bp.blogspot.com/-HrFkDzJ1U50/WxmeUb6C_DI/AAAAAAAAC0U/g0QWfTdlURcLeKfOWIPymwhouMHkt8FngCLcBGAs/s320/yawn.jpg" width="320" /></span></a></div>
<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-42806849462227701302018-05-14T19:14:00.002-04:002018-05-15T08:44:34.239-04:00Critical Out-Of-Band Adobe Security Updates! And ongoing minor Mac concerns...<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-fwK-nJpkRBU/Wvon4sCdASI/AAAAAAAACy8/AcgppK774McWI8Mr18Pso34W65jzFakDQCLcBGAs/s1600/adobe_smashed_glass.png" imageanchor="1" style="font-family: Georgia, "Times New Roman", serif; margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="208" data-original-width="300" src="https://4.bp.blogspot.com/-fwK-nJpkRBU/Wvon4sCdASI/AAAAAAAACy8/AcgppK774McWI8Mr18Pso34W65jzFakDQCLcBGAs/s1600/adobe_smashed_glass.png" /></a></div>
</div>
<span style="font-family: "georgia" , "times new roman" , serif;">Adobe has just announced to critical updates for Adobe Acrobat and Reader and Adobe Photoshop CC. The announcements are linked and summarized below:</span><br />
<blockquote class="tr_bq">
</blockquote>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><a href="https://helpx.adobe.com/security/products/acrobat/apsb18-09.html" target="_blank"><b>APSB18-09: Security update available for the Adobe Acrobat and Reader</b></a></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">Originally posted: May 14, 2018</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">Summary: Adobe has released security updates for Adobe Acrobat and Reader for Windows and MacOS. These updates address critical vulnerabilities, and successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe recommends that customers apply the appropriate update using the instructions provided in the "Solution" section of the security bulletin.</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">Priority Rating: </span><span style="font-family: "georgia" , "times new roman" , serif;">Adobe categorizes this update as priority 1.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="https://helpx.adobe.com/security/products/photoshop/apsb18-17.html" target="_blank">APSB18-17: Security updates available for Adobe Photoshop CC</a></b></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">Originally posted: May 14, 2018</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">Summary: Adobe has released updates for Photoshop CC for Windows and macOS. These updates resolve a critical vulnerability in Photoshop CC 19.1.3 and earlier 19.x versions, as well as 18.1.3 and earlier 18.x versions. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe recommends that customers apply the appropriate update using the instructions provided in the "Solution" section of the security bulletin.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">Priority Rating: </span><span style="font-family: "georgia" , "times new roman" , serif;">Adobe categorizes these updates as priority 3.</span></span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">The new patched versions are:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">• Acrobat DC and Acrobat Reader DC v<b>2018.011.20040</b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">• Acrobat 2017 and Acrobat Reader DC 2017 v<b>2017.011.30080</b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">• Acrobat DC (Classic 2015) and Acrobat Reader DC (Classic 2015) v<b>2015.006.30418</b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">• Photoshop CC 2018 v<b>19.1.4</b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">• Photoshop CC 2017 v<b>18.1.4</b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Update IMMEDIATELY. Exploits have <i>not</i> been reported by Adobe to be in-the-wild. But the Acrobat patches are of highest priority and plentiful.</span><br />
<br />
<span style="font-family: "georgia" , "times new roman" , serif;">There was also the usual monthly security patch of awful <b>Adobe Flas</b>h on 'Patch Tuesday', the second Tuesday of the month. Several other security patches were released as well. The list of Adobe's latest security patch updates can always been found here:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<a href="https://helpx.adobe.com/security.html" target="_blank"><b style="font-family: Georgia, "Times New Roman", serif;">https://helpx.adobe.com/security.html</b></a><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">- - - -</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://petertyre.files.wordpress.com/2011/04/first-apple-computer-apple-11.jpg" style="font-family: Georgia, "Times New Roman", serif;" target="_blank"><img border="0" data-original-height="320" data-original-width="457" height="224" src="https://2.bp.blogspot.com/-qenMEikqqdA/WvokpSfubBI/AAAAAAAACyk/LfrrMZ3iVskjNlVUOmZyMl-6qZ3xdj_RACLcBGAs/s320/first-apple-computer-tweaked.png" width="320" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><span style="font-family: "georgia" , "times new roman" , serif; font-size: large;">What Else Is Up?</span></b><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">There aren't many Mac security concerns at the moment. In the mean time, I highly recommend everyone obtain and use the free <b><a href="https://www.malwarebytes.com/mac/" target="_blank">Malwarebytes Anti-Malware</a></b> application, run it and keep it up-to-date. My colleague Thomas Reed has been doing a great job enabling it to find all current adware and PUPs (potentially unwanted programs) as well as the few active Mac malware.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Up and coming is Thomas Reed's <b>Malwarebytes for iOS</b>, seeing as Thomas is now in charge of mobile security as well as Mac security at Malwarebytes. The free version of the app will assist iOS device users with ad blocking and text message filtering. The Premier version will help protect users from malicious cell phone calls and malicious web sites. The app is currently in beta.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">There isn't any active malware of iOS these days. Subsequently, Apple has removed and forbidden any apps that scan for iOS malware. Meanwhile, Apple has identified and removed several <b>apps that surveil users</b> from its App Store. They are in violation of Apple's iOS programming rules. It's disconcerting that these apps were originally approved and allowed to run on user devices. Thankfully, Apple has caught up with their oversight and removed the problem.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">The biggest security hole in the entire Mac and iOS security system remains the same as last year: Rogue developers who've paid for <b>Apple security certificates</b> then applied those certificates to malicious software. The consequences of this security hole in Apple's certification system pop up all over the world from time to time. I wish these rogue certificates were an impossibility. However, Apple's only solution for now is to pull these certificates, making the malicious applications essentially inert. Stolen certificates from enterprise developers remains a problem. But Apple appears to have taken better control of them as I have not heard of any enterprise certificates being applied to malicious software in 2018. Let's hope it stays that way.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><span style="font-family: "georgia" , "times new roman" , serif; font-size: large;">Spectre & Meltdown </span></b><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://www.mytechguys.ca/wp-content/uploads/2018/01/Spectre-Meltdown.jpg" style="font-family: Georgia, "Times New Roman", serif;" target="_blank"><img border="0" data-original-height="315" data-original-width="560" height="180" src="https://3.bp.blogspot.com/-cz2XzPp4VvA/WvojhUllqWI/AAAAAAAACyY/BUBy1_g-TwAkIBSv1y_GCeGS5aEhPPn2wCLcBGAs/s320/spectre-meltdown.png" width="320" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Of GREAT concern to every <b>Intel</b> and <b>AMD</b> <b>CPU</b> user is the ever evolving and elaborating <b><a href="https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)" target="_blank">Spectre</a></b> (speculative execution) hardware security vulnerability catastrophe. Apple, as well as other computer manufacturers, have been responding as best they can in coordination with Intel and AMD. But the Spectre problems are profound and have no full solution in sight. Fortunately, exploiting Spectre is relatively difficult and no major exploitation has been reported in-the-wild. As this catastrophe unfolds, be certain to keep up-to-date with Apple security patches.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Of related concern has been the <b><a href="https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)" target="_blank">Meltdown</a></b> vulnerability in Intel, AMD, ARM (Apple A-Series) and IBM Power CPUs. Meltdown has been easier to mitigate and has not become a concern on Mac computers. Just be certain you're up-to-date with Apple security updates.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Apple</b> has provided a document about <b>Spectre</b> and <b>Meltdown </b>and its mitigations here:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><a href="https://support.apple.com/en-us/HT208394" style="font-family: Georgia, "Times New Roman", serif;" target="_blank">About speculative execution vulnerabilities in ARM-based and Intel CPUs</a></b><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>iMore</b> has kindly provided further information here:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><a href="https://www.imore.com/meltdown-spectre-faq" style="font-family: Georgia, "Times New Roman", serif;" target="_blank">'Meltdown' and 'Spectre' FAQ: What Mac and iOS users need to know about the Intel, AMD, and ARM flaw</a></b><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><span style="font-family: "georgia" , "times new roman" , serif; font-size: large;">Rowhammer</span></b><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://hackadaycom.files.wordpress.com/2015/03/rowthumb.png" style="font-family: Georgia, "Times New Roman", serif;" target="_blank"><img border="0" data-original-height="307" data-original-width="307" src="https://1.bp.blogspot.com/-_vq3CZP_7nw/Wvoiosj7aWI/AAAAAAAACyM/jG_gNxXXFss7CZUZ1nnqt7ttHDMK2qZWwCLcBGAs/s1600/rowhammer.png" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;">Continuing and evolving is exploitation of the <b>DRAM Rowhammer</b> phenomenon. It affects all DDR3 and DDR4 SDRAM. It affects all modern Mac computers. There is no for solution for this problem. The phenomenon is a product of the ever shrinking and subsequently spatially intimate physical components of RAM chips. Some attempts at using software mitigations have been tried and more are forthcoming. But the problem has not been solved. Fortunately, there have not been any active exploits on Mac or iOS hardware. If an exploit is reported, I'll be posting.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Newly discovered is a method of exploiting Rowhammer using <b>GPU</b> <b>memory chips</b> on <b>Android</b> devices. The exploit is called <b><a href="https://arstechnica.com/information-technology/2018/05/drive-by-rowhammer-attack-uses-gpu-to-compromise-an-android-phone/" target="_blank">GLitch</a></b> and can be triggered by malicious JavaScript embedded into web pages. So far, there has been no similar exploit discovered for iOS devices.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><span style="font-family: "georgia" , "times new roman" , serif; font-size: large;">APFS: Not Ready For Prime Time </span></b><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-qUgH_4ilVJg/Wvogac9Gq4I/AAAAAAAACxo/KfLbsYYqUfgTOgoB-M0P2T25ZPMQ_nt-ACLcBGAs/s1600/unfilled_apfs_tank_2.png" imageanchor="1" style="font-family: Georgia, "Times New Roman", serif; margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="189" data-original-width="256" src="https://1.bp.blogspot.com/-qUgH_4ilVJg/Wvogac9Gq4I/AAAAAAAACxo/KfLbsYYqUfgTOgoB-M0P2T25ZPMQ_nt-ACLcBGAs/s1600/unfilled_apfs_tank_2.png" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;">In March, there was concern over a severe programming bug found in Apple's as yet unfinished APFS file system, exploitable on devices running macOS 10.13 and 10.13.1 High Sierra. The bug allowed a simple command in the OS terminal to reveal the <b>administrative password</b> for an APFS encrypted Mac device. The exploitation command could be enacted either by direct physical access to the Mac or via malicious code on a web page. Macs running macOS 10.13.2 and higher have been patched against this security bug. More about this situation can be found here:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><a href="https://thehackernews.com/2018/03/macos-apfs-password.html" style="font-family: Georgia, "Times New Roman", serif;" target="_blank">Apple macOS Bug Reveals Passwords for APFS Encrypted Volumes in Plaintext</a></b><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">It should be noted that you would not find the password in the plaintext when converting a non-APFS drive to APFS and then encrypting the drive.</span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">My advice regarding <b>APFS</b>, the new Apple File System, remains the same: <b>Don't use it. </b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">• The finished APFS specification has <i>not</i> been released to developers or the public.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">• APFS is <i>still</i> incompatible with Fusion drives.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">• There continue to be problems <i>accessing</i> APFS partitions from HFS+ Macs, despite Apple's attempts to provide a solution.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">• There is <i>no</i> complete method for <b>repairing</b> APFS systems apart from Apple's meagre Disk Utility application. Micromat was the first and currently only disk utility developer to provide partial repair support for APFS in <b>TechTool Pro 9.6+</b>. But Micromat make it clear that it is <i>not</i> a complete APFS repair solution. All disk utility developers point out that the reason for this delay continues to be Apple and their unwillingness / inability to provide finished APFS specification documentation.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">IOW: <b>APFS is <i>not</i> a finished standard</b>. It is not ready for prime time. IMHO, it is to be avoided.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Meanwhile, Apple says:</span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">When you install macOS High Sierra on the Mac volume of a solid-state drive (SSD) or other all-flash storage device, that volume is automatically converted to APFS. Fusion Drives, traditional hard disk drives (HDDs), and non-Mac volumes aren’t converted. <b>You can’t opt out of the transition to APFS</b>.</span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Wrong.</b> <b><i>There is a solution</i></b> to Apple's forced conversion of HFS+ to APFS when installing High Sierra. I suggest <i>enacting</i> this solution unless you have some compelling reason to <i>experiment</i> with APFS. You can read about the solution here:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><a href="http://osxdaily.com/2017/10/17/how-skip-apfs-macos-high-sierra/" style="font-family: Georgia, "Times New Roman", serif;" target="_blank">How to Skip Converting to APFS When Installing macOS High Sierra</a></b><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">Despite the Apple support article saying that you can’t opt out of the transition to APFS, it turns out that you can skip APFS if you choose to <b>start the installer from the command line</b> of Mac OS and <b>give a directive to skip file system conversion.</b></span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-98bDLFIITE0/WvodLeulk3I/AAAAAAAACxU/99EZhQFP-OofdiQPPJ60V2EhXIbBAtD9QCLcBGAs/s1600/Paragon%2BSoftware%2BLogo.png" imageanchor="1" style="font-family: Georgia, "Times New Roman", serif; margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="75" data-original-width="267" src="https://1.bp.blogspot.com/-98bDLFIITE0/WvodLeulk3I/AAAAAAAACxU/99EZhQFP-OofdiQPPJ60V2EhXIbBAtD9QCLcBGAs/s1600/Paragon%2BSoftware%2BLogo.png" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Potentially helpful for those who have converted to APFS is the <span style="font-style: italic;">free </span>downloadable <b><a href="https://www.paragon-software.com/business/apfs-kit-mac/#features" target="_blank">APFS Retrofit Kit</a></b> available from <b>Paragon</b>:</span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">If you work on a Mac computer with macOS 10.10 to 10.12 and want to read APFS-formatted HDD, SSD or flash drives, you need APFS Retrofit Kit for macOS by Paragon Software. </span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">Paragon is working to provide the kit for Windows and Linux users as well. Due to my concern that APFS is an <i>unfinished</i> standard, use Paragon's kit <i>with caution. </i></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">And as ever, <b><i>Make A Backup</i></b> before engaging in any computer device adventure. It will save your butt. It's the <b>#1 Rule of Computing!</b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>HEY APPLE! FINISH APFS ALREADY!</b> Sheesh.<b> </b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Stay safe out there kids.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">:-Derek</span><br />
<br />
<span style="font-family: "georgia" , "times new roman" , serif;">~ ~ ~ ~ ~ </span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Addendum</b> Reading Assignment:</span><br />
<br />
<b style="font-family: "Trebuchet MS", sans-serif;"><a href="https://www.theregister.co.uk/2018/05/14/adobe_critical_fixes/" target="_blank"><span style="font-size: large;">How many ways can a PDF mess up your PC? 47 in this Adobe update alone</span></a></b><br />
<span style="font-family: "trebuchet ms" , sans-serif;"><a href="https://www.theregister.co.uk/2018/05/14/adobe_critical_fixes/" target="_blank">Tons of critical fixes for Reader, Acrobat and Photoshop</a></span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-dfys8S41is8/Wvo2BTCyeJI/AAAAAAAACzM/a4iOTVZPdY0vo4c5NJMc28YWasURf_yawCLcBGAs/s1600/ants.png" imageanchor="1" style="font-family: Georgia, "Times New Roman", serif; margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="390" data-original-width="486" height="256" src="https://4.bp.blogspot.com/-dfys8S41is8/Wvo2BTCyeJI/AAAAAAAACzM/a4iOTVZPdY0vo4c5NJMc28YWasURf_yawCLcBGAs/s320/ants.png" width="320" /></a></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-6967442787123930862018-02-04T15:04:00.000-05:002018-02-04T15:04:28.176-05:00Active Adobe Flash Zero-Day Exploit Active In-The-Wild<div style="text-align: center;">
--</div>
<br />
Same old story. <b>Don't Use Flash v28.0.0.137</b> (or earlier) until Adobe provides an update! The update should be out this coming week. Keep an eye out.<br />
<br />
The current known attack vector, <b>CVE-2018-4878</b>, is a malicious Microsoft Excel document containing a malware Flash object which, when opened, triggers the installation of <b>ROKRAT</b>, (Remote Administration Tool), capable of taking over the infected computer. At this time, the infection vector is assumed to have originated in North Korea and is primarily targeting South Korea.<br />
<br />
<b><a href="https://helpx.adobe.com/security/products/flash-player/apsa18-01.html" target="_blank">Adobe's Security Advisory:</a></b><br />
<blockquote class="tr_bq">
A critical vulnerability (<a href="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4878" target="_blank">CVE-2018-4878</a>) exists in <b>Adobe Flash Player 28.0.0.137 and earlier</b> versions. Successful exploitation could potentially allow an attacker to take control of the affected system.<br /><br />Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash content distributed via email.<br /><br />Adobe will address this vulnerability in a release planned for the week of <b>February 5</b>.</blockquote>
More about the exploit from <b><a href="https://arstechnica.com/information-technology/2018/02/theres-a-new-adobe-flash-0day-and-up-and-coming-hackers-are-exploiting-it/" target="_blank">Dan Goodin at Ars Technica</a></b>:<br />
<br />
<span style="font-family: Trebuchet MS, sans-serif; font-size: large;"><b><a href="https://arstechnica.com/information-technology/2018/02/theres-a-new-adobe-flash-0day-and-up-and-coming-hackers-are-exploiting-it/" target="_blank">An Adobe Flash 0day is being actively exploited in the wild</a></b></span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><b><a href="https://arstechnica.com/information-technology/2018/02/theres-a-new-adobe-flash-0day-and-up-and-coming-hackers-are-exploiting-it/" target="_blank">Adobe plans to have a fix for the critical flaw next week.</a></b></span><br />
<blockquote class="tr_bq">
... While the number of in-the-wild attacks exploiting Flash zerodays has dropped significantly over the past year or two, the risk posed by the Adobe media player remains unacceptably high relative to the benefit it provides most users. And now that word of the vulnerability is circulating, it wouldn't be surprising for other groups to use it against a much wider audience.</blockquote>
[Note that Ars Technica quotes the CVE as "2018-4877" as opposed to 2018-4878. I consider '2018-4877' to be a typo. Sadly, as usual, Dan's article is being quoted verbatim around the Internet along with the wrong CVE number. Stick with CVE-2018-4878, the CVE identified by Adobe. Because of the precautions taken at CVE.Mitre.org, it's impossible to identify the differences between these two CVE numbers until after the current zero-day as been patched. Meanwhile, the <a href="https://nvd.nist.gov/vuln/search" target="_blank">NIST (National Standards of and Technology) CVE database</a> doesn't yet list either number. Bureaucracy at work. Zzzz.]<br />
<br />
<b>CONCLUSIONS:</b><br />
<br />
Don't use Microsoft Excel<br />
Don't use Adobe Flash<br />
<br />
:-Derek<br />
<br />
<div style="text-align: center;">
--</div>
<br />:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-21522754272111583032017-07-25T13:41:00.000-04:002017-07-25T13:41:33.533-04:00Adobe Flash Marked For Death At The Stroke of Midnight December 31, 2020<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-ojey7dADI2Q/WXd_qXPfySI/AAAAAAAACus/jQwSLmohIFoGynRVEEl7VA0Th66mO5E1wCLcBGAs/s1600/open-grave.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Georgia, Times New Roman, serif;"><img border="0" data-original-height="437" data-original-width="437" height="320" src="https://1.bp.blogspot.com/-ojey7dADI2Q/WXd_qXPfySI/AAAAAAAACus/jQwSLmohIFoGynRVEEl7VA0Th66mO5E1wCLcBGAs/s320/open-grave.png" width="320" /></span></a></div>
<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span></div>
<span style="font-family: Georgia, Times New Roman, serif;">Adobe will be assassinating the pestilence that is Flash at the end of 2020. They've posted the hit contract here:</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<a href="https://blogs.adobe.com/conversations/2017/07/adobe-flash-update.html" target="_blank"><span style="font-family: Trebuchet MS, sans-serif; font-size: large;">FLASH & THE FUTURE OF INTERACTIVE CONTENT</span></a><br />
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">Adobe has long played a leadership role in advancing interactivity and creative content – from video, to games and more – on the web. Where we’ve seen a need to push content and interactivity forward, we’ve innovated to meet those needs. Where a format didn’t exist, we invented one – such as with Flash and Shockwave.</span></blockquote>
<span style="font-family: Georgia, Times New Roman, serif;">No actually. Adobe <i>bought</i> both Flash and Shockwave along with Macromedia in 2005.</span><br />
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">And over time, as the web evolved, these new formats were adopted by the community, in some cases formed the basis for open standards, and became an essential part of the web. . . .</span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">Given this progress, and in collaboration with several of our technology partners – including Apple, Facebook, Google, Microsoft and Mozilla – Adobe is planning to end-of-life Flash. Specifically, <i>we will stop updating and distributing the Flash Player <b>at the end of 2020</b></i> and encourage content creators to migrate any existing Flash content to these new open formats. . . .</span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">Looking ahead, Adobe will continue to . . .</span></blockquote>
<span style="font-family: Georgia, Times New Roman, serif;">...Yeah, yeah.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">We now have (as of today) another 3.4 years of Flash & Shockwave insecurity to endure. And after, there shall of course be those who cling to Flash as an orphaned rat still suckles...</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">Remember, if you <i>must</i> use Flash, be certain to <i><b>keep it Up-To-Date!</b></i> Else peril awaits like a ravenous zombie shackled with rusting chains...</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">Party at my place, New Year's Eve 2021.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif; margin-left: 1em; margin-right: 1em;"><a href="https://3.bp.blogspot.com/-eJJVk0zmXnc/WXeAot7szQI/AAAAAAAACu0/OaxAf5SIYYcfykANRCuV0WpV-eTruVJ8ACLcBGAs/s1600/Flash%2BTombstone%2B01.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="313" data-original-width="400" height="250" src="https://3.bp.blogspot.com/-eJJVk0zmXnc/WXeAot7szQI/AAAAAAAACu0/OaxAf5SIYYcfykANRCuV0WpV-eTruVJ8ACLcBGAs/s320/Flash%2BTombstone%2B01.jpg" width="320" /></a></span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;">--</span></div>
<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;">Who wants to set up a web timer?</span></div>
<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-14542956405447556572017-06-19T17:26:00.000-04:002017-06-19T17:59:32.916-04:00Stack Clash: A UNIX Security bug likely to affect macOS<div style="text-align: center;">
--</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-j1kNqMW5vJg/WUhBDMBJNlI/AAAAAAAACts/t7yUJAHL9TQJgSQGyPhBt7x80IPi1w93ACEwYBhgL/s1600/stack_representation.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="345" data-original-width="500" height="220" src="https://2.bp.blogspot.com/-j1kNqMW5vJg/WUhBDMBJNlI/AAAAAAAACts/t7yUJAHL9TQJgSQGyPhBt7x80IPi1w93ACEwYBhgL/s320/stack_representation.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<span style="font-family: "georgia" , "times new roman" , serif;">I'm posting this information as a warning to those running macOS as a server. The '<b>Stack Clash</b>' security bug is likely to affect macOS owing to the fact that macOS is certified BSD UNIX.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Apple has been notified and no doubt will examine the situation and provide a patch ASAP if required. (Likely required).</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">For now, have a read of this article by <b>Dan Goodwin</b> over at <b>Ars Technica</b>.</span><br />
<br />
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="https://arstechnica.com/security/2017/06/12-year-old-security-hole-in-unix-based-oses-isnt-plugged-after-all/" target="_blank">Serious privilege escalation bug in Unix OSes imperils servers everywhere</a></b></span><br />
<span style="font-family: "trebuchet ms" , sans-serif;"><b><a href="https://arstechnica.com/security/2017/06/12-year-old-security-hole-in-unix-based-oses-isnt-plugged-after-all/" target="_blank">“Stack Clash” poses threat to Linux, FreeBSD, OpenBSD, and other OSes.</a></b></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">Anyone running a Unix-based OS should check with the developer immediately to find out if a patch or security advisory is available. The best bet is to install a patch if one is available or, as a temporary workaround, set the hard RLIMIT STACK and RLIMIT_AS of local users and remote services to a low value. </span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">The Stack Clash security bug is listed as <b><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364" target="_blank">CVE-2017-1000364</a></b>.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">This <i>isn't</i> a <i>PaNiC</i> situation. But it's important to be aware that this bug is likely to affect macOS.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">There will be more information available shortly, no doubt. I'll post here as it is released.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">:-Derek</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-bubXQyySbAc/WUhFB5f8bvI/AAAAAAAACt8/3pyXvxty5rYESboHg5qnmPpt1JMB-WvPgCLcBGAs/s1600/The%2BClash%2BCLASH.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="900" data-original-width="900" height="320" src="https://2.bp.blogspot.com/-bubXQyySbAc/WUhFB5f8bvI/AAAAAAAACt8/3pyXvxty5rYESboHg5qnmPpt1JMB-WvPgCLcBGAs/s320/The%2BClash%2BCLASH.png" width="320" /></a></div>
<br />
<div style="text-align: center;">
--</div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-7318575647194791992017-02-28T22:34:00.001-05:002017-02-28T22:55:56.579-05:00Making My Own Trouble: Calling Out Kaspersky<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-5rkREU2i08Y/WLXuLwlb9II/AAAAAAAACsM/jfEj3EjQSCkVg9gxTJROmAk_17d0cCDoQCLcB/s1600/eugene-kaspersky%2BColor%2BCorrected.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Georgia, Times New Roman, serif;"><img border="0" height="234" src="https://3.bp.blogspot.com/-5rkREU2i08Y/WLXuLwlb9II/AAAAAAAACsM/jfEj3EjQSCkVg9gxTJROmAk_17d0cCDoQCLcB/s320/eugene-kaspersky%2BColor%2BCorrected.jpeg" width="320" /></span></a></div>
<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span></div>
<span style="font-family: Georgia, Times New Roman, serif;"><b>Introduction:</b></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">It's been fairly quiet regarding Mac security. There have recently been three malware out-in-the-wild, but they've proven to be not much of anything. Therefore, I haven't bothered to FUD anyone about them. I don't like FUD.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Therefore, having a low boredom tolerance, I often make my own trouble for my own amusement. I decided to share this particular experience with those here who are interested. It's my call out to Kaspersky for distribution of BS.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>The Article Of Interest:</b></span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">I visit snarky <a href="https://www.theregister.co.uk/" target="_blank"><b>The Register</b></a> every day for computer security news, among several other websites. I get tired of the puerile cockney humor but they do a good job covering the subject. This was the article that inspired my trouble making today:</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<a href="https://www.theregister.co.uk/2017/02/27/macos_safer_but_not_for_reason_you_think/" target="_blank"><span style="font-family: Trebuchet MS, sans-serif; font-size: large;"><b>Apple's macOS is the safer choice – but not for the reason you think</b></span></a><br />
<span style="font-family: Trebuchet MS, sans-serif;"><b><a href="https://www.theregister.co.uk/2017/02/27/macos_safer_but_not_for_reason_you_think/" target="_blank">Eugene Kaspersky looks forward to a new darker dawn</a></b></span><br />
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">Apple's Mac operating system may be the safer choice – but only because <i>cybercriminals</i> <i>can't get their hands on people who know how to exploit it.</i><br /><br />That's according to security showman <b>Eugene Kaspersky</b>, who gave a keynote at the Mobile World Congress in Barcelona on Monday. In recent months, Kaspersky has made a habit of giving MacOS a kicking, and this keynote was no different.<br /><br />"People still think MacOS is safe," he told attendees with some measure of incredulity. But it's not. While there is certainly less malware for the operating system than, say, Windows, it's more a case of difficulty in hacker recruitment than evidence of stronger inherent security.<br /><br />Of course, this zeal may have something to do with a big push from Kaspersky for its security software for the Mac, not that you'd need it from Eugene's logic. And that may have something to do with Kaspersky's huge certificate cock-up at the start of the year that exposed millions of people to interception attacks. . . .<br /><br />So what's the solution? A complete redesign of all of our systems, starting from scratch by building on top of secure platforms and software. He dreams of systems that are no longer "secure" but "immune."</span></blockquote>
<span style="font-family: Georgia, Times New Roman, serif;">Emphasis mine. Before I continue, let me point out that creating an 'immune' operating system is exactly what we want. Let's all champion that effort.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">But Mr. Kaspersky's keynote comments about the Mac remind me of something from way back in <b>2005</b> when lousy (IMHO) <b>Symantec</b> attempted to <b>FUD</b> Mac users into believing their chosen computer platform was going to be inundated with malware, just like Windows. It was only a matter of time.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif; font-size: large;"><b><a href="http://Take Away My Net Neutrality Mr. Pai And I Will Short Your Circuit!" target="_blank">Symantec: Mac users deluding themselves over security</a></b></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Symantec's 2005 FUD campaign, obviously an attempt to promote Norton for Mac sales, was the impetus that inspired me to study and write about Mac security. Thank you Symantec! I hate you. </span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Therefore, here's what I have to say back to assertions Mr. Kaspersky made in his keynote, which is what I posted at The Register:</span></span><br />
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><b>Maybe Aricept Can Help</b></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><i>"So what's the solution? A complete redesign of all of our systems, starting from scratch by building on top of secure platforms and software. He dreams of systems that are no longer "secure" but "immune.""</i></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">OS X (macOS) is an operating system started from scratch by building on top of a secure platform and software. It was built on top of <b>BSD UNIX</b>, which remains the single most secure (by testing and reputation) operating system available. OS X is certified BSD UNIX.</span> </span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"></span><span style="font-family: "georgia" , "times new roman" , serif;">So Mr. Kaspersky, maybe Aricept can help. Either that or do your research before you blether.</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">An "immune" OS is something else entirely. We have no such thing at this time apart from running a standalone computer with no input and no output, no EM radiation or sound emanations, etc.</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><b>Hint To Kaspersky:</b></span> </span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;">One reason your anti-malware isn't a hit on OS X (macOS) is that, thanks to the work of many people, both volunteer and paid, malware is discovered, described and tested with the results passed along to Apple. On a good day, Apple then responds ASAP by providing automatic OS subsystem updates blocking that malware within their <b>XProtect</b> anti-malware system. (Yes, Apple has plenty of bad days when they don't keep up, such as their current forgetfulness about blocking out-of-date versions of Adobe's supremely dangerous Flash Player Internet plug-in).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">As a result, there's very little point in bothering to write malware for OS X seeing as it will typically be squashed by Apple within a brief period of time, thanks again to the work of many of us OUTSIDE of Apple.</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">Mr. Kaspersky, realism is always welcome. Pulling bonehead Symantec quality FUD manoeuvres is NEVER welcome. Make your choice.</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">In any case, thank you Kaspersky for your many contributions to the computer security community. Apologies that they don't result in profits from your Mac software.</span></span></blockquote>
<span style="font-family: Georgia, Times New Roman, serif;">If I die before I wake, you know why. ;-)</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.lupi.ch/Internet/UnixMacLinux.jpg" target="_blank"><span style="font-family: Georgia, Times New Roman, serif;"><img border="0" height="320" src="https://2.bp.blogspot.com/-valXUyIdyHg/WLXvL4gIkVI/AAAAAAAACsk/aAS-NWoGQTAir9iR-j089P71LTFTEAwQwCEw/s320/UnixMacLinux.jpg" width="253" /></span></a></div>
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Oh and here's The Register's 4 Jan 2017 article about <i>"Kaspersky's huge certificate cock-up"</i> mentioned above:</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<a href="https://www.theregister.co.uk/2017/01/04/kaspersky_fixing_serious_certificate_slip/" target="_blank"><b><span style="font-family: Trebuchet MS, sans-serif; font-size: large;">Kaspersky fixing serious certificate slip</span></b></a><br />
<a href="https://www.theregister.co.uk/2017/01/04/kaspersky_fixing_serious_certificate_slip/" target="_blank"><b><span style="font-family: Trebuchet MS, sans-serif;">Security smashed for 400 MEEELLION users</span></b></a><br />
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;">Kaspersky is moving to fix a bug that disabled certificate validation for 400 million users.</span> </span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">Discovered by Google's dogged bug-sleuth Tavis Ormandy, the flaw stems from how the company's antivirus inspects encrypted traffic. . . .</span></blockquote>
<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;">~ ~ ~ ~ ~</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://media-cache-ec0.pinimg.com/736x/50/14/e9/5014e9e30f45597fc04ca9b78eb39b66.jpg" target="_blank"><span style="font-family: Georgia, Times New Roman, serif;"><img border="0" height="179" src="https://1.bp.blogspot.com/-yRLGXej8lNs/WLZDeHBelMI/AAAAAAAACs0/5qjDYyJ_HDkSYOH80Uxg3Ojo63GepESlACLcB/s320/FUD%2BBulldozer.jpg" width="320" /></span></a></div>
<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-26251613355780783622016-12-12T14:44:00.000-05:002016-12-12T19:58:51.834-05:00Apple Adds 'Junk' Option To iCloud Calendar: Spam Rats Exterminated<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://iansadler.files.wordpress.com/2012/01/pastedgraphic-36.jpeg" target="_blank"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="320" src="https://4.bp.blogspot.com/-VHPyjit07oQ/WE76w_WIZ0I/AAAAAAAACrw/LslHqA352DA0TOhaSB7kyh5X1dhHoTXcACLcB/s320/Exterminate%2BExterminate%2BExterminate.jpeg" width="240" /></span></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Apple has kindly responded, in part, to the Calendar spam nightmare. They've now provided a couple ways to 'Junk' the spam directly inside the iCloud Calendar rather than forcing victims to 'Accept', 'Decline' or 'Maybe' the spam, none of which were acceptable options.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="http://appleinsider.com/articles/16/12/12/apple-activates-icloudcom-calendar-spam-reporting-feature" target="_blank">Apple activates iCloud.com Calendar spam reporting feature</a></b></span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">By AppleInsider Staff </span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">Sunday, December 11, 2016, 09:31 pm PT (12:31 am ET)</span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">Apple on Sunday instituted a new junk content reporting feature on its iCloud.com web portal, the first step in what appears to be an activation of countermeasures against iCloud Calendar spam invites users began to receive in volume last month.</span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">There are <b>two</b> ways to attack invitation spam in the iCloud Calendar.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-dPosY2VoNvc/WE7wAAtzfzI/AAAAAAAACq4/hFr52x1WlLsqWQ8r6PsaXW-rE7sLmFkXwCLcB/s1600/01%2BCalendar%2BInfection%2BEvident%2Bb.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="263" src="https://3.bp.blogspot.com/-dPosY2VoNvc/WE7wAAtzfzI/AAAAAAAACq4/hFr52x1WlLsqWQ8r6PsaXW-rE7sLmFkXwCLcB/s400/01%2BCalendar%2BInfection%2BEvident%2Bb.png" width="400" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif; font-size: x-small;">(Click to enlarge)</span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">In the screenshot above, we notice the invitation spam via both a <b>Calendar entry</b>, marked as <b>A</b>, and the <b>Notifications counter</b> at the bottom of the window, marked as <b>B</b>. AppleInsider, in the article linked above, has described how to use the Notifications counter to 'Junk' the invitation spam. I'm going to describe how to perform the same function using the invitation spam Calendar entry.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-x_741iYCluw/WE71_JIQY1I/AAAAAAAACrU/9Uj-_poCPR0dAYq7Kl41Ye7NgGZ7r5CdACLcB/s1600/02%2BDouble-click%2Bthe%2Bspam%2Band%2Byou%2Bsee%2Bc.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="263" src="https://3.bp.blogspot.com/-x_741iYCluw/WE71_JIQY1I/AAAAAAAACrU/9Uj-_poCPR0dAYq7Kl41Ye7NgGZ7r5CdACLcB/s400/02%2BDouble-click%2Bthe%2Bspam%2Band%2Byou%2Bsee%2Bc.png" width="400" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: xx-small;"><span style="font-family: "georgia" , "times new roman" , serif; font-size: x-small;">(Click to enlarge)</span></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">In the screenshot above, I've double-clicked the invitation spam entry in my Calendar. The result is a detailed <b>information</b> sub-window. I prefer this approach for removing invitation spam specifically because of the details provided. The text in the sub-window is a bit scrambled, but we can make out some typical signs of spam. The sender is Chinese. The invitation spam was sent to victims on an alphabetical spam-it list. The invitation spam directs the victim to an unfamiliar website.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Note</b> that Apple has added '<b>Report Junk</b>' link beneath the text "This sender is not in your contacts." Click "Report Junk" and this new sub-window appears:</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-4waOUz0z_3E/WE73TO8REtI/AAAAAAAACrg/AoK9TOW6fr8n4Ca0yzhEIHCxgUykCfuNwCLcB/s1600/03%2BInvitation%2Breported%2Bas%2Bjunk.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="263" src="https://3.bp.blogspot.com/-4waOUz0z_3E/WE73TO8REtI/AAAAAAAACrg/AoK9TOW6fr8n4Ca0yzhEIHCxgUykCfuNwCLcB/s400/03%2BInvitation%2Breported%2Bas%2Bjunk.png" width="400" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: xx-small;"><span style="font-family: "georgia" , "times new roman" , serif; font-size: x-small;">(Click to enlarge)</span></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Click '<b>OK</b>' and the deed is done! The invitation spam will be <i>safely</i> removed from both the Calendar and the Notifications counter. </span><span style="font-family: "georgia" , "times new roman" , serif;"><i>Extermination achieved.</i></span><span style="font-family: "georgia" , "times new roman" , serif;"> Perform this procedure on further invitation spam. When you're done, your Calendar will be clean and back to normal.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-poOKg7mWKfU/WE737THgcvI/AAAAAAAACrk/euryDAteglAWFawDuEECQO54SVoD15U1ACLcB/s1600/04%2BCalendar%2BCleaned.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="263" src="https://2.bp.blogspot.com/-poOKg7mWKfU/WE737THgcvI/AAAAAAAACrk/euryDAteglAWFawDuEECQO54SVoD15U1ACLcB/s400/04%2BCalendar%2BCleaned.png" width="400" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: xx-small;"><span style="font-family: "georgia" , "times new roman" , serif; font-size: x-small;">(Click to enlarge)</span></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">It is assumed at this time that Apple is using Calendar 'Junk' reports to create a '<b>Black List</b>' that will keep future invitation spam out of the Calendar. Because of the very similar coding used for email spam, I expect Apple will eventually combine both their email spam and Calendar invitation spam filtering systems. We'll see.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>WHAT'S LEFT TO FIX</b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>1)</b> Apple still has to provide a 'Junk' reporting method in both the <b>macOS</b> and <b>iOS</b> <b>Calendar</b> applications.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>2)</b> Apple still has to provide a fix for <b>Photo Sharing</b> invitation spam.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Little steps to solve big problems.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://c1.staticflickr.com/5/4075/4757136393_4c756d5d92_z.jpg" target="_blank"><img border="0" height="160" src="https://2.bp.blogspot.com/-Ja53nftV51o/WE77dLBO8cI/AAAAAAAACr0/YeJua_a6Pxo2QmTozJ-w2TqeqTTwOzbxACLcB/s200/Rat%2BTrap.jpg" width="200" /></a></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-19705458687025426352016-11-29T15:11:00.000-05:002016-11-29T15:20:21.505-05:00Permanent Solution To Calendar Spam Attacks!<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://wpmedia.o.canada.com/2013/01/spam.jpg" target="_blank"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="196" src="https://3.bp.blogspot.com/-CCI0fOow8Cc/WD23xl086fI/AAAAAAAACqA/2j5kJRMRuwcNsz3Dgj_GuUFUNjigMAsQQCLcB/s320/spam.jpg" width="320" /></span></a></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;">Over the US Thanksgiving holiday weekend, I was bombarded with two further Calendar spam rat attacks foisting fraudulent flotsam from China. I happily dispatched them with the previously prescribed method, no dangerous 'decline' required.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><i>But better yet!</i> Yesterday (11-29) <b>Sean Gallagher</b> of <b>Ars Technica</b> posted a <i><b>permanent</b></i> <i><b>solution</b></i> to <b>Calendar</b> spam rat attacks that works the charm. It shoves off spam 'invitations' (infestations) into the Mail application instead, where the crapulent assaults will be forced through your spam filtration system, killing them dead. </span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">√ Spam rat exterminated.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-_DTcE7juJGQ/WD3grFll5KI/AAAAAAAACqg/yOHCYhW3ReQCIl-bSsaFeQL2bVKy6iUkQCLcB/s1600/Dead%2BSpam%2BRat%2BOn%2BWhite.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="121" src="https://1.bp.blogspot.com/-_DTcE7juJGQ/WD3grFll5KI/AAAAAAAACqg/yOHCYhW3ReQCIl-bSsaFeQL2bVKy6iUkQCLcB/s200/Dead%2BSpam%2BRat%2BOn%2BWhite.png" width="200" /></a></div>
<br />
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="http://arstechnica.com/information-technology/2016/11/how-to-stop-the-wave-of-apple-calendar-alert-spam/" target="_blank">How to stop the wave of Apple Calendar invite spam</a></b></span><br />
<span style="font-family: "trebuchet ms" , sans-serif;"><a href="http://arstechnica.com/information-technology/2016/11/how-to-stop-the-wave-of-apple-calendar-alert-spam/" target="_blank">Deleting them just encourages them—and confirms your address is live.</a></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">Sean Gallagher, Ars Technica, 2016-11-28</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Here is my slightly simplified set of instructions. Note that this must be performed on a desktop/laptop computer. It will <i>not</i> work using iOS!</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>1)</b> <b>Sign in</b> (log in) to your iCloud account at:</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><a href="https://www.icloud.com/"><b>https://www.icloud.com</b></a></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-udF4fH-PoGo/WD2uNcGl9wI/AAAAAAAACpU/kJPWqvqvdI0X0TxUlzqm6VuEMkjkj3ebACLcB/s1600/Sign%2Bin%2Bto%2BiCloud.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="229" src="https://1.bp.blogspot.com/-udF4fH-PoGo/WD2uNcGl9wI/AAAAAAAACpU/kJPWqvqvdI0X0TxUlzqm6VuEMkjkj3ebACLcB/s320/Sign%2Bin%2Bto%2BiCloud.png" width="320" /></span></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>2)</b> Click on the <b>Calendar</b> icon.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-lmuj0lqj9KI/WD2uaLLCAZI/AAAAAAAACpY/0ctn-bh4avcoJjIkmH6i4hGqOnSw9ZaAgCLcB/s1600/Calendar%2BIcon.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="200" src="https://1.bp.blogspot.com/-lmuj0lqj9KI/WD2uaLLCAZI/AAAAAAAACpY/0ctn-bh4avcoJjIkmH6i4hGqOnSw9ZaAgCLcB/s200/Calendar%2BIcon.png" width="168" /></span></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>3)</b> When your Calendar page is loaded, look down at the bottom left for the <b>gear</b> symbol. Click on it and choose '<b>Preferences</b>'.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-IS_IMlmZ9zQ/WD2vXfNkgkI/AAAAAAAACpg/1klg2yLxtL8n0zadqOI-T19raIdz9D4YACLcB/s1600/Gear-%2BPreferences.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="320" src="https://1.bp.blogspot.com/-IS_IMlmZ9zQ/WD2vXfNkgkI/AAAAAAAACpg/1klg2yLxtL8n0zadqOI-T19raIdz9D4YACLcB/s320/Gear-%2BPreferences.png" width="230" /></span></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>4)</b> In the Preferences sub-window, click on the '<b>Advanced</b>' tab.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-nOMipH5BTiI/WD2wY__xqjI/AAAAAAAACps/exrveaDo2yYY7_OZ0fXHe5ElaEPmvIyewCLcB/s1600/Advanced-Tab.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="132" src="https://4.bp.blogspot.com/-nOMipH5BTiI/WD2wY__xqjI/AAAAAAAACps/exrveaDo2yYY7_OZ0fXHe5ElaEPmvIyewCLcB/s320/Advanced-Tab.png" width="320" /></span></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>5)</b> In the bottom section of the 'Advanced' window, labeled '<b>Invitations</b>', you'll see the default radio button setting is 'In-app notifications'. Click instead '<b>Email to</b> ...' your iCloud email address. (Ignore 'Use this option if...).</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-kVjOK0OpBDI/WD2zMCd3KmI/AAAAAAAACp0/KRqO4dJJa1sbP71vPnNWlDgJFjzAeuteACLcB/s1600/Email%2Bto....png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="400" src="https://3.bp.blogspot.com/-kVjOK0OpBDI/WD2zMCd3KmI/AAAAAAAACp0/KRqO4dJJa1sbP71vPnNWlDgJFjzAeuteACLcB/s400/Email%2Bto....png" width="385" /></span></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>6)</b> Click '<b>Save</b>' in the bottom right.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">No more 'invitation' infestations into your Calendar. <b>But note!</b> Any legitimate Calendar invitations will also be sent to your email account. Therefore, be careful when perusing your email to watch for invitations you'd like to accept. In Mail you can choose to have them added to your Calendar.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">When you receive spam rat 'invitations' in <b>Mail</b> you can simply mark them as '<b>Junk</b>'. More garbage from the same spam rats should in future be flung into your 'Junk' without your having to ask.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Reporting Calendar 'Invitation' Spam:</b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">I had a chat with tech support over at <a href="http://spamcop.net/">SpamCop.net</a> about Calendar 'invitation' spam. They kindly declined to recode their spam reporting website software to accept this new spam variety and instead referred me to another organization that might take up the challenge. But the fix Sean Gallagher provided solves the problem. I can in future toss off 'invitation' spam to SpamCop directly from Mail.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Remaining problem,</b> <b>iCloud Photo Sharing spam:</b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Sadly, there is no similar preference fix to stop iCloud Photo Sharing spam. That one is Apple's burden to solve.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://kasperskycontenthub.com/global/files/2014/11/smashedapple1.png" target="_blank"><img border="0" height="240" src="https://4.bp.blogspot.com/-FnH64wWtb1w/WD25C5ootjI/AAAAAAAACqI/tw11GK5agwAoJs381ULEUtwkEgtmJfQWgCLcB/s320/smashedapple1.png" width="320" /></a></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-84634372492491439012016-11-18T10:54:00.002-05:002016-11-25T12:04:16.401-05:00The New Spam Rat Vectors: Calendar and Photo Sharing<div style="line-height: normal; min-height: 14px; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://imagazin.hu/wp-content/uploads/2016/11/iCloud-Calendar-spam-cover2.jpg" target="_blank"><img border="0" height="225" src="https://3.bp.blogspot.com/-SHnoB1d2H-A/WC8iBe8jKtI/AAAAAAAACo4/stEwgkqfgf0Sxl-RQyW7CVUSOGs58Wj6wCLcB/s400/iCloud-Calendar-spam-cover2.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">Today, I ran into one of the new spam rat vectors. Without any approval on my part, a two day event was shoved into my Calendar for today and tomorrow. It came from a persistent source of spam that attempts to foist ads for fake Chinese Ray-Ban sunglasses before my eyes. I've received (and reported to SpamCop.net) quite a few of their spam emails. Now they're using this new vector to get attention. How they pulled off the spam is new to me! The thing was sent via my iCloud.com account.</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">It should be easy to Delete anything inserted into the macOS Calendar. Right? That's the intuitive thing to do. Apple of course provide that option if you use the contextual menu while clicking on the spam calendar event. Except it's NOT delete at all. We're forced to either 'Cancel' and keep the spam or 'Decline' the event. When we 'Decline' the event, this is the same as shouting to the spam rat 'HEY! I'M A LIVE BODY! SPAM ME SOME MORE!' That's the very <i>last</i> thing we want to do. The spam rats will spam us further as a direct result of hitting 'Decline'.</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">The only recourse available is to ignore the Calendar spam. It will sit there in your Calendar forever. I hate that.</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Result</b>: Apple has inadvertently allowed a spam vector we cannot avoid! That has to end. I'll be sending Apple a kindly request to end this madness immediately. I'll also be corresponding with SpamCop.net to see if they can incorporate the reporting of such spam into their system. At the moment, their interface has no idea what to do with this kind of spam, despite the URL for the spam rat being incorporated in the 'Invite' code.</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">Meanwhile, similar spam is reported to be infesting iCloud Photo Sharing. Another great one Apple. :-P</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">Thankfully, there is a solution to this stupid spam problem in Calendar. I've provided some links to articles with the solution below. Sadly, there is not yet any solution the stupid spam problem in iCloud Photo Sharing. The best you can do is turn <i>off</i> iCloud Photo Sharing. When a solution arrives or Apple get their act together, I'll post again.</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">If you can read Dutch, this is the first website to figure out how to kill off the stupid spam problem in Calendars:</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<a href="https://www.appletips.nl/icloud-spam-agenda/" target="_blank"><span style="font-family: "trebuchet ms" , sans-serif; font-size: large;">iCloud: Nieuw soort spam in Agenda en fotodelen</span></a></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">appletips, 2016-11-08</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">Both <b>9TO5MAC</b> and <b>TechTimes</b> have provided translations of the solution as well as discussion:</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<a href="https://9to5mac.com/2016/11/09/icloud-photo-sharing-and-calendar-spam/" target="_blank"><span style="font-family: "trebuchet ms" , sans-serif; font-size: large;">Many iCloud users receiving spam Calendar & Photo Sharing invitations, here’s how to fix</span></a></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">9TO5MAC, 2016-11-09</span></div>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">Performing the steps below will <i>move the spam invitation to a separate calendar,</i> and from there, that calendar can be <i>deleted.</i> Thus, removing the spam invitation without having to hit “Decline” on the actual notification. . . .</span></blockquote>
<div style="line-height: normal; min-height: 14px;">
<a href="http://www.techtimes.com/articles/185394/20161110/heres-how-to-stop-icloud-calendar-and-photo-spam-invites.htm" target="_blank"><span style="font-family: "trebuchet ms" , sans-serif; font-size: large;">Here's How To Stop iCloud Calendar And Photo Spam Invites</span></a></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">Anu Passary, Tech Times, 2016-11-09</span></div>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><b>Any Solution For iCloud Photo Sharing Spam?</b></span><span style="font-family: "georgia" , "times new roman" , serif;">The only option is to <i>turn off the feature completely.</i> To do so follow these steps: . . .</span></span></blockquote>
<div style="line-height: normal; min-height: 14px; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">~ ~ ~ ~ ~</span></div>
<div style="line-height: normal; min-height: 14px; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-Wcr87aI1Rvs/WC8kIcCZWvI/AAAAAAAACpE/SoM2PXDhffMtvk50HK131kcZm7D6dqAWACLcB/s1600/Accept-Decline.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="45" src="https://3.bp.blogspot.com/-Wcr87aI1Rvs/WC8kIcCZWvI/AAAAAAAACpE/SoM2PXDhffMtvk50HK131kcZm7D6dqAWACLcB/s320/Accept-Decline.png" width="320" /></span></a></div>
<div style="line-height: normal; min-height: 14px; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">For those interested in the code buried behind these spam abominations, here is what I received (with personal and potentially dangerous data removed, as indicated in <i>italic</i> brackets):</span></div>
<blockquote class="tr_bq">
<span style="font-family: "courier new" , "courier" , monospace;">BEGIN:VCALENDAR<br />VERSION:2.0<br />PRODID:-//Apple Inc.//Mac OS X 10.12.1//EN<br />CALSCALE:GREGORIAN<br />BEGIN:VEVENT<br />TRANSP:TRANSPARENT<br />DTEND;VALUE=DATE:20161120<br />LAST-MODIFIED:20161118T134030Z<br />ORGANIZER;CN="黄周朝":/aMjUwNTI0MjYwNzgyNTA1Mqtter-QwRgjzoGWqFbNhgT2wV1SrD6<br /> t8E_Di4m4H-sa/principal/<br />UID:7F700ED9-2C8B-DE19-5648-34298F6E1BD9<br />DTSTAMP:20161118T134034Z<br />DESCRIPTION:<i>[URL of spam rat removed]</i> $19.99 Ray-ban&Oakley Sunglasses Onli<br /> ne.Up To 80% Off Sunglasses.Compare And Save.<br />SEQUENCE:0<br />X-APPLE-TRAVEL-ADVISORY-BEHAVIOR:AUTOMATIC<br />SUMMARY:$19.99 Ray-ban&Oakley Sunglasses Online.Up To 80% Off Sunglasses<br /> .Compare And Save. <i>[URL of spam rat removed]</i><br />DTSTART;VALUE=DATE:20161118<br />CREATED:20161118T141038Z<br />ATTENDEE;CUTYPE=INDIVIDUAL;PARTSTAT=NEEDS-ACTION;ROLE=REQ-PARTICIPANT;RS<br /> VP=TRUE:mailto:<i>[Victim at icloud.com]</i><br />ATTENDEE;CUTYPE=INDIVIDUAL;PARTSTAT=NEEDS-ACTION;ROLE=REQ-PARTICIPANT;RS<br /> VP=TRUE:mailto:<i>[Victim at gmail.com]</i><br />ATTENDEE;CUTYPE=INDIVIDUAL;PARTSTAT=NEEDS-ACTION;ROLE=REQ-PARTICIPANT;RS<br /> VP=TRUE:mailto:<i>[Victim at hotmail.com]</i><br />ATTENDEE;CUTYPE=INDIVIDUAL;PARTSTAT=NEEDS-ACTION;ROLE=REQ-PARTICIPANT;RS<br /> VP=TRUE:mailto:<i>[Victim at icloud.com]</i><br />ATTENDEE;CUTYPE=INDIVIDUAL;PARTSTAT=NEEDS-ACTION;ROLE=REQ-PARTICIPANT;RS<br /> VP=TRUE:mailto:<i>[Victim at icloud.com]</i><br />ATTENDEE;CUTYPE=INDIVIDUAL;PARTSTAT=NEEDS-ACTION;ROLE=REQ-PARTICIPANT;RS<br /> VP=TRUE:mailto:<i>[Victim at yahoo.com]</i><br />ATTENDEE;CUTYPE=INDIVIDUAL;PARTSTAT=NEEDS-ACTION;ROLE=REQ-PARTICIPANT;RS<br /> VP=TRUE:mailto:<i>[Victim at gmail.com]</i><br />ATTENDEE;CUTYPE=INDIVIDUAL;PARTSTAT=NEEDS-ACTION;ROLE=REQ-PARTICIPANT;RS<br /> VP=TRUE:mailto:<i>[Victim at gmail.com]</i><br />ATTENDEE;CUTYPE=INDIVIDUAL;PARTSTAT=NEEDS-ACTION;ROLE=REQ-PARTICIPANT;RS<br /> VP=TRUE:mailto:<i>[Victim at icloud.com]</i><br />ATTENDEE;CN="<i>[Victim]</i>";CUTYPE=INDIVIDUAL;EMAIL="<i>[Victim at icloud.com]</i>";PARTSTAT=NEEDS-ACTION;ROLE=REQ-PARTICIPANT;RSVP=TRUE:/aMTEyMDgzMTQxM<br /> TIwODMxNG5OQKIRBVWuL0Ah_fCetZ3Z3V61ZwF1SPf_pZtFhpme/principal/<br />ATTENDEE;CN="黄周朝";CUTYPE=INDIVIDUAL;EMAIL="<i>[Nonsensical email address]</i>";PARTSTA<br /> T=ACCEPTED;ROLE=CHAIR:/aMjUwNTI0MjYwNzgyNTA1Mqtter-QwRgjzoGWqFbNhgT2wV1S<br /> rD6t8E_Di4m4H-sa/principal/<br />BEGIN:VALARM<br />X-WR-ALARMUID:BCE20FBE-0652-41A3-9224-A9C3E37720AA<br />UID:BCE20FBE-0652-41A3-9224-A9C3E37720AA<br />TRIGGER:-PT15H<br />X-APPLE-DEFAULT-ALARM:TRUE<br />ATTACH;VALUE=URI:Basso<br />ACTION:AUDIO<br />END:VALARM<br />END:VEVENT<br />END:VCALENDAR</span></blockquote>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">The victim email addresses were apparently copied and pasted alphabetically from a distributed spam-it list. The victim IDs in this case all started with 'derek'-something. The victim email addresses were <i>not</i> exclusive to iCloud, as I've indicated above.</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;">So Apple! What's with the sloppy attention to security lately? Wake up! You're making Google look good. And that's bad.</span></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.calendars.com/img/p/orig/201600001063_2.jpg" target="_blank"><img border="0" height="320" src="https://1.bp.blogspot.com/-ufu9ZcLos4I/WC8cyoHOPKI/AAAAAAAACow/flj5YKw1Q0kW9iWy_mJaMm3kBktOB5YAQCEw/s320/201600001063_2.png" width="162" /></a></div>
<div style="line-height: normal; min-height: 14px;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="line-height: normal; min-height: 14px; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-87646552212342045112016-11-07T12:46:00.005-05:002016-11-07T12:55:38.680-05:00Apple's iOS App Store Faceplant: Infiltration of Hundreds of Fake Apps<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-iY9Ax6mwasc/WCC9kKTyWfI/AAAAAAAACoU/Ud85S38Hf9oUctu0QAE8BppICfrrY24lwCLcB/s1600/face_plant.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="213" src="https://3.bp.blogspot.com/-iY9Ax6mwasc/WCC9kKTyWfI/AAAAAAAACoU/Ud85S38Hf9oUctu0QAE8BppICfrrY24lwCLcB/s320/face_plant.jpg" width="320" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><span style="font-family: "georgia" , "times new roman" , serif;"><a href="http://www.urbandictionary.com/define.php?term=face%20plant" target="_blank">Faceplant</a>:</span></b><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">An unintentional result of a <i>risky</i> or <i>stupid</i> activity whereby a person becomes fully inverted from the normal upright position while one or more parts of the face impact the ground simultaneously with the full weight of the body.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<i><span style="font-family: "georgia" , "times new roman" , serif;">A faceplant (also face plant) is like doing a handstand except with no hands so all that's left is your face.</span></i><br />
<i><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></i>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">~ ~ ~</span><br />
<br /></div>
<span style="font-family: "georgia" , "times new roman" , serif;">Apple is in the midst of an unprecedented faceplant whereby a reported hundreds of FAKE apps have been steadily infiltrating the iOS App Store. This of course is NEVER supposed to happen. Preventing this from happening is the single biggest point of using the iOS App Store. Consider the safety reputation of the Apple iOS App Store severely damaged. This is shameful of Apple. Consider me disgusted.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Below, I've posted links to relevant articles. I'll post further links if this situation worsens.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<a href="http://nypost.com/2016/10/30/experts-see-giant-increase-in-digital-scammers/" target="_blank"><b><span style="font-family: "trebuchet ms" , sans-serif; font-size: large;">Fake shopping apps are invading the iPhone</span></b></a><br />
<span style="font-family: "georgia" , "times new roman" , serif;">New York Post</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">James Covert, October 30, 2016</span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">... A slew of knockoff shopping apps have quietly infiltrated Apple’s App Store in recent months, looking to lure unsuspecting iPhone owners with bogus deals on everything from jewelry to designer duds.<br /><br />The fake apps mimic the look of legit apps — and have proliferated since this summer, experts said.<br /><br />It didn’t help that earlier this month, Apple introduced search ads in its App Store. The fake apps are buying search terms, it would appear, to increase their exposure to consumers.<br /><br />The crooks are looking to tap into the fast-growing market for mobile sales, which last year leaped 56 percent to $49.2 billion, according to comScore. . . .</span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><a href="http://www.nytimes.com/2016/11/07/technology/more-iphone-fake-retail-apps-before-holidays.html" target="_blank"><span style="font-family: "trebuchet ms" , sans-serif; font-size: large;">Beware, iPhone Users: Fake Retail Apps Are Surging Before Holidays</span></a></b><br />
<span style="font-family: "georgia" , "times new roman" , serif;">New York Times</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">By Vindu Goel, November. 6, 2016</span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Hundreds</b> of fake retail and product apps have popped up in Apple’s App Store in recent weeks — just in time to deceive holiday shoppers.</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">The counterfeiters have <b>masqueraded as retail chains</b> like Dollar Tree and Foot Locker, big department stores like Dillard’s and Nordstrom, online product bazaars like Zappos.com and Polyvore, and luxury-goods makers like Jimmy Choo, Christian Dior and Salvatore Ferragamo.</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">“We’re seeing a barrage of fake apps,” said Chris Mason, chief executive of Branding Brand, a Pittsburgh company that helps retailers build and maintain apps. He said his company constantly tracks new shopping apps, and this was the <b>first time</b> it had seen so many counterfeit iPhone apps emerge in a short period of time.</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">But there are serious risks to using a fake app. Entering <b>credit card information</b> opens a customer to potential <b>financial fraud</b>. Some fake apps contain malware that can steal personal information or even lock the phone until the user pays a <b>ransom</b>. And some fakes encourage users to log in using their Facebook credentials, potentially exposing<b> sensitive personal information</b>.</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">The rogue apps, most of which came from developers in <b>China</b>, slipped through Apple’s process for reviewing every app before it is published. . . .</span></blockquote>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">~ ~ ~</span></div>
<br />
<span style="font-family: "georgia" , "times new roman" , serif;">Be safe out there kids! At the moment, Apple <i>doesn't</i> have your back. (-_-) zzz</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-xFNV57GVLA8/UDHlVTGBtUI/AAAAAAAAQF8/D3Kyj9Y9sMM/s1600/faceplant-demotivational-poster-1249221470.jpg" target="_blank"><img border="0" height="320" src="https://1.bp.blogspot.com/-G0Ac83UOwWg/WCC87TTo7pI/AAAAAAAACoQ/2aC2b7Ku98ATZHDzMM2Jv2MmYCfC5C79wCLcB/s320/faceplant-demotivational-poster-1249221470.jpg" width="300" /></a></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-69964170491650923722016-07-27T09:21:00.001-04:002016-07-27T09:33:33.457-04:00PAC Attacks When Using HTTPS! VPN To The Rescue<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://www.blackhat.com/us-16/briefings.html#crippling-https-with-unholy-pac" target="_blank"><img border="0" src="https://4.bp.blogspot.com/-MJCd1DHtjNQ/V5i0XV70vpI/AAAAAAAACnQ/sp1F0HvKA2Azl0hao3fCpkTN1VPKNH_uACLcB/s1600/Black%2BBlackhat%2BLogo.png" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;"><b>Introduction:</b> What I discuss below fits within the realm of computer networking. As such, it is complicated, has a learning curve and may require homework, time and patience to understand. However, as usual, I've tried to translate the technology into something reasonably easy to comprehend and I've provided some useful reference links.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Open Wi-Fi Hotspots Are Not Our Friend</b></span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Using open, no password required, hot spot Wi-Fi routers is dangerous. It's trivial for anyone also on the router to spy on all your Internet activity. There are several tools for the hack job on all computer platforms. So what do you do?</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Using HTTPS on the Web is one generally reliable way to encrypt your connections, resulting in hacker spies seeing only gibberish pass between your computer and your destination. That's great, except a lot of servers still use old <a href="http://www.webopedia.com/TERM/S/SSL.html" target="_blank"><b>SSL</b> (Secure Sockets Layer)</a> protocols that are no longer secure, and there are older browser applications that still allow the use of SSL. The replacement technology is <a href="https://en.wikipedia.org/wiki/Transport_Layer_Security" target="_blank"><b>TLS</b> (Transport Layer Security)</a> and is considerably safer, albeit not perfect as of yet. For general Web access at a Wi-Fi hotspot, HTTPS via TLS should be adequate.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Except this happened:</b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="http://arstechnica.com/security/2016/07/new-attack-that-cripples-https-crypto-works-on-macs-windows-and-linux/" target="_blank">New attack bypasses HTTPS protection on Macs, Windows, and Linux</a></b></span><br />
<a href="http://arstechnica.com/security/2016/07/new-attack-that-cripples-https-crypto-works-on-macs-windows-and-linux/" target="_blank"><span style="font-family: "trebuchet ms" , sans-serif;">Hack can be carried out by operators of Wi-Fi hotspots, where HTTPs is needed most.</span></a><br />
<span style="font-family: Georgia, Times New Roman, serif;">- DAN GOODIN, Ars Technica - 7/26/2016, 1:14 PM</span><br />
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">The most likely way the attack might be carried out is for a network operator to send a malicious response when a computer uses the dynamic host configuration protocol to connect to a network. Besides issuing addresses, DHCP can be used to help set up a proxy server that browsers will use when trying to access certain URLs. This attack technique works by forcing the browser to obtain a <b>proxy autoconfig (PAC) file</b>, which specifies the types of URLs that should trigger use of the proxy. Because the malicious PAC code receives the request before the HTTPS connection is established, the <b>attackers obtain the entire URL in plaintext</b>....</span></blockquote>
<span style="font-family: Georgia, Times New Roman, serif;">(Emphasis mine).</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">This is a fairly sophisticated attack for the moment. But again could be made trivial with proliferated hacking tools.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>So now what do we do?</b></span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">If you're a casual web browsing user who doesn't mind having your URL connections surveilled in public, you wait for web browser and server updates to solve this problem.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif; font-size: large;"><b>VPN</b></span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">If you're a professional who must NOT be surveilled in your work online, you enroll into a <b><a href="https://en.wikipedia.org/wiki/Virtual_private_network" target="_blank">VPN (Virtual Private Network)</a></b> service. I won't go into the techy details. But a good VPN service allows you to encrypt every little thing you do on the Internet from wherever you are, on whatever router you're using, out to a server run by the VPS server somewhere else on the planet. You can typically choose your exit server from a list provided by the VPN service. After you exit the VPN server out to the actual Internet, no one can trace back who you are. None of your data is visible at your Wi-Fi router location. Everything is encrypted through the VPN service. Problem solved.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">There are many VPN services available. Some of them offer 'Life Time Membership' for a reasonable price. There is typically one VPN service or another running a special offer via a one of the 'Deal' websites / email lists at any point in time.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">As examples, I'm on the <b>MacAppware</b> and <b>9To5Toys</b> 'Deal' lists, which are part of a network of 'Deal' services run through <b>StackCommerce</b>. They offer a variety of hardware, software and service 'Deals' at special discount prices, typically for a limited period of time. If you see something you like on the lists, you check it out. If you like it, you buy it. (Please note how I am deliberately not providing URLs as I am not selling or recommending any of these services. Do a search on their names and you'll find them).</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Continuing these examples: <b>9To5Toys</b> is currently offering both a 3-year subscription and full lifetime subscription to Tiger VPN for decent prices. <b>MacAppware</b> is currently featuring five different VPN service discounts. They include HideMyAss!, Hotspot Shield Elite, PureVPN, and VPN Unlimited.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">The closest I'll come to a recommendation is to say that I have a friend who swears by HideMyAss! He regularly uses it to stream sports game video from Europe with great results. I have a lifetime membership with proXPN that works fine for my purposes.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">One <b>limiting factor</b> with VPNs is speed, aka bandwidth. Obviously, you run into this factor when you're streaming a lot of data at once, for example when watching video. If that's what you want to do via VPN, it pays to shop around for the fastest service. Be sure to verify that what you read about a VPN service is real. For example, PureVPN calls itself "The World's Fastest VPN." Maybe it is or maybe it isn't. Check out a number of reviews to find out what users have experienced according to their usage of the VPN.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Another <b>limiting factor</b> is which VPN connection protocols the services offer. They may use <b><a href="https://en.wikipedia.org/wiki/OpenVPN" target="_blank">OpenVPN</a></b> and/or <b><a href="https://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol" target="_blank">PPTP (Point-to-Point Tunneling Protocol)</a></b>. It's important to know what your hardware and OS can handle. Some cannot, for example, deal with OpenVPN. Therefore, in this case, you don't want a VPN service that only offers OpenVPN. You'll want one that offers PPTP. Many provide both.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">From a security point of view, at the moment it is safer to use PPTP. OpenVPN has had a series of security compromises and was at one point assumed to be hackable. The OpenVPN has been good about patching known security flaws, but they have recently been discovered on a regular basis. Meanwhile, PPTP is considered by some to be 'broken'. Microsoft recommends using a more recent and superior alternative protocol called <b><a href="https://en.wikipedia.org/wiki/Layer_2_Tunneling_Protocol" target="_blank">L2TP/IPSec</a></b>, with which I am somewhat unfamiliar. If a VPN offers it, consider using it instead of PPTP.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">I could link here to a comparison chart of these three protocols, but what I found online was not up-to-date and would therefore be misleading. From a fanatical security perspective, it may be that all three of these protocols are hackable <i>IF</i> someone wants to target specifically <i>YOU.</i> VPN attacks are sophisticated and take time to enact. As such, for general professional use, any of these three VPN protocols is adequate. Open source advocates of course prefer OpenVPN because its protocol is entirely available for scrutiny and theoretically that means the security holes are found and patched more readily. Meanwhile, Microsoft has been involved with both PPTP and L2TP/IPSec, which may give users a reason to cringe. You decide.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Nice things about good VPN services: </b></span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>First</b>, my VPN rates the quality/speed of their own servers day-to-day. I'm in New York. So you'd think connecting to their New York City server would be great! It used to be. Now it's rated on the <i>bottom</i> of their connection listing. IOW it's the <i>last</i> server I want to use. Instead, I typically use the Chicago server, which is in the top third of their connection list. I often visit sites within the UK, in which case I use their London server. Thankfully, that is also in the top third of their connection list at this time. </span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Meanwhile, if I want to use an exit server in or near Japan, forget it! There aren't any. That could have killed my interest in their VPN service, if it mattered to me. The closest server is in Singapore, and its near the bottom of the connection list. IOW: It may be important to know what servers a VPN offers, according to your purposes.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Second</b>, my VPN regularly changes its servers in cases where they are being blocked by ISPs. My VPN application grabs the latest list of available servers every day, which prevents me for connection to what amounts to a dead server. </span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Why are VPN servers blocked?</b> This gets into a controversy regarding copyright, marketing and costs. To give you at least a rough idea of how and why this can happen: Imagine you're the BBC in the UK. Someone uses VPN to connect to a London server. The IP address of that server is broadcast to every website to which you connect. It's obviously a British IP address, so you look to be British. Therefore, you can access all British web content as a British citizen. You have full access to all BBC web media, including any of their posted TV program streams. What can be 'bad' about that is that: (A) You may not actually be in Britain. You're using a VPN. (B) If you aren't British, you have no access to British copyrighted media. (C) BBC marketing people may go maniacal that you're breaking through an artificial marketing zone barrier to access media directly in the UK. (D) You haven't paid the taxes that support the BBC. Therefore, the BBC is motivated to find and have blocked all VPN servers within the UK.</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-TRmjCZ0fpzg/V5izD7HCUBI/AAAAAAAACnE/4h40eCF_uGIEFouWD3EulqLmfDdmIyplQCLcB/s1600/BIG%2BMAO%2BIS%2BWATCHING.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Georgia, Times New Roman, serif;"><img border="0" height="256" src="https://2.bp.blogspot.com/-TRmjCZ0fpzg/V5izD7HCUBI/AAAAAAAACnE/4h40eCF_uGIEFouWD3EulqLmfDdmIyplQCLcB/s320/BIG%2BMAO%2BIS%2BWATCHING.png" width="320" /></span></a></div>
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Then there's that annoying <b><span style="color: #cc0000;">totalitarianism</span></b> issue where FAILed governments abuse their citizens, rather than serve them. Check this out:</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><a href="https://www.le-vpn.com/countries-vpn-use-prohibited/" target="_blank"><b>Countries Where VPN Use is Prohibited</b></a></span><br />
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">WHAT COUNTRIES HAVE BANNED THE USE OF VPN?<br />VPN is typically banned in countries that have authoritative laws, such as <b>China</b>, <b>North Korea</b> and <b>Iran</b>. With limited access to a majority of online content, in order to unblock blocked websites, citizens, tourists and expats in those countries typically resort to the use of proxy servers and VPN software. </span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: Georgia, Times New Roman, serif;">WHY HAVE THESE COUNTRIES MADE VPN USAGE ILLEGAL?<br />Some countries have banned the use of Virtual Private Networks so that they can maintain a bird’s eye view on all online movement made by their citizens, who the governments of these countries consider as nonconformists, as well as to control the information their citizens have access to by censoring websites with liberal or opposing views. VPNs allow to bypass censorship and keep all online activities confidential.</span></blockquote>
<span style="font-family: Georgia, Times New Roman, serif;">Such is our species. I thoroughly recommend deposing all such governments. That's what revolutions are for. We all deserve personal freedom and privacy, no exceptions (apart from the crooks and crazies).</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif; font-size: large;"><b>So what about DNSCrypt?</b></span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">I use <b><a href="https://dnscrypt.org/" target="_blank">DNSCrypt</a></b> on all my Macs. I've had no trouble with it and it kindly encrypts all my DNS lookups for free. It works <i>hella</i> better than my IPS's DNS servers! (Time Warner Cable :-P). Thank you OpenDNS and Cisco! It prevents any open Wi-Fi hotspot hackers from seeing what websites I want to visit. It even prevents your ISP or anyone else from surveilling your DNS lookups.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">Except DNSCrypt won't help with the PAC attacks on HTTPS. Sorry! The resulting IP address still ends up in-the-clear when using the PAC hack. Nonetheless, DNSCrypt is a great precaution and works extremely well. Finishing DNSCrypt took <i>years</i> of annoying betas. Now it's something approaching perfection. Highly recommended.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;"><b>Questions?</b> Further reference requests? Please drop me a comment below.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">:-Derek</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://dnscrypt.org/" target="_blank"><img border="0" height="219" src="https://3.bp.blogspot.com/-ubqyuZ85OTY/V5i0tpBv8FI/AAAAAAAACnY/la4aPzEgtj84Y8U5ZUCWsNoaMGfbK7rYACLcB/s320/dnscrypt.png" width="320" /></a></div>
<br />
<div style="text-align: center;">
--</div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-59645965358910442432016-07-20T14:08:00.000-04:002016-07-20T14:10:19.145-04:00Critical Little Snitch Update to v3.6.4!<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-osT9cSSEoVs/V4-9WqvOa5I/AAAAAAAACmo/O1abcZOj4tM3sBKcxlYaNAebqezEM_JegCLcB/s1600/littlesnitch_320%25402x.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="https://3.bp.blogspot.com/-osT9cSSEoVs/V4-9WqvOa5I/AAAAAAAACmo/O1abcZOj4tM3sBKcxlYaNAebqezEM_JegCLcB/s200/littlesnitch_320%25402x.png" width="200" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Today, <b>Objective Development</b> released a critical update of <b>Little Snitch</b> to version <b>3.6.4</b>. Update <b>ASAP</b>!</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Here are the <a href="https://www.obdev.at/products/littlesnitch/releasenotes.html" target="_blank">release notes</a> from the installer:</span><br />
<blockquote class="tr_bq">
<b><span style="font-family: "trebuchet ms" , sans-serif; font-size: large;">Little Snitch 3.6.4</span></b> </blockquote>
<blockquote class="tr_bq">
<b><span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"></span></b><span style="font-family: "trebuchet ms" , sans-serif;"><b><span style="color: red;">This update fixes critical issues. Please update as soon as possible!</span></b></span><br />
<ul><span style="font-family: "trebuchet ms" , sans-serif;">
<li>Added IKEv2 VPN support to Automatic Profile Switching detection.</li>
<li>Fixed: A <b>critical bug</b> enabling potential attackers to circumvent the Little Snitch network filter (thanks to @osxreverser for the report).</li>
<li>Fixed: Under rare circumstances Fast User Switching causes all connection without rules to be denied without showing an alert.</li>
<li>Fixed: Alerts triggered via “ask rule” sometimes produce rules with “Until Quit” instead of “Once” lifetime.</li>
<li>Fixed: Rare crash when searching for rules or suggestions in Little Snitch Configuration.</li>
<li>Other bugfixes and improvements.</li>
</span></ul>
<span style="font-family: "trebuchet ms" , sans-serif;">
</span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">I've made certain that MacUpdate and MajorGeeks Mac (the two download sites I still use) have been notified. If you haven't used <b>Little Snitch</b>, you can find out more about this excellent 'reverse firewall' program <a href="https://www.obdev.at/products/littlesnitch/index.html" target="_blank"><b>HERE</b></a>. It has a learning curve well worth climbing if you want to stop applications from phoning home or stop potential bot infections dead in their tracks. Intego's NetBarrier has similar functionality.</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-r55k4UnC4ho/V4-911O9JwI/AAAAAAAACmw/h6kyEEWoUjws9rIkncWUyZ8r1q0gwT7UwCLcB/s1600/Little-Snitch-Icon.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="https://3.bp.blogspot.com/-r55k4UnC4ho/V4-911O9JwI/AAAAAAAACmw/h6kyEEWoUjws9rIkncWUyZ8r1q0gwT7UwCLcB/s200/Little-Snitch-Icon.png" width="200" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-k1Tw6frmM3I/V4-9hL6HHrI/AAAAAAAACms/6j3C_yZ-CPQBMdrMXyIbhrY0Lqkfb6_KACEw/s1600/Objective%2BDevelopment%2BLogo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="58" src="https://1.bp.blogspot.com/-k1Tw6frmM3I/V4-9hL6HHrI/AAAAAAAACms/6j3C_yZ-CPQBMdrMXyIbhrY0Lqkfb6_KACEw/s200/Objective%2BDevelopment%2BLogo.png" width="200" /></a></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-71811067573232501362016-07-13T18:41:00.000-04:002016-07-13T18:41:07.034-04:00'Backdoor.MAC.Eleanor' Is Now XProtected!<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-XYnxU7xNN2U/V4bDUw1kMuI/AAAAAAAACmY/cVRp-bf-sok0C4DfuBj43EgRAv72BanLgCLcB/s1600/happy-birthday-eleanor-you-c-nt.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://4.bp.blogspot.com/-XYnxU7xNN2U/V4bDUw1kMuI/AAAAAAAACmY/cVRp-bf-sok0C4DfuBj43EgRAv72BanLgCLcB/s320/happy-birthday-eleanor-you-c-nt.png" width="274" /></a></div>
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">Yes! Apple has updated <b>XProtect</b> to guard against <b>OSX.Trojan.Eleanor.A</b>.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">XProtect is Apple's built-in anti-malware system. It was first integrated into OS X 10.7 Snow Leopard and is regularly and automatically updated over the Internet.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">Apple has been a bit slow updating XProtect to ward off evil <b>adware</b>. But, with nagging from the field, Apple eventually catches up. Alongside Eleanor, Apple has also provided protection against the adware <span style="text-indent: -36px;"><b>OSX.Hmining.A.2</b></span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="text-indent: -36px;"><br /></span></span>
<span style="font-family: Georgia, Times New Roman, serif;"><span style="text-indent: -36px;">Grateful thanks to my right-hand Mac security pal <b>Al Varnell</b> for helping out, as ever!</span></span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><span style="text-indent: -36px;"><br /></span></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-GW3e-uqfySo/V4bCZNRZvfI/AAAAAAAACmI/Zce7cgCs-gcI37AA4Dnz_aOcadX138aqQCLcB/s1600/adware-21-300x164.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://4.bp.blogspot.com/-GW3e-uqfySo/V4bCZNRZvfI/AAAAAAAACmI/Zce7cgCs-gcI37AA4Dnz_aOcadX138aqQCLcB/s1600/adware-21-300x164.jpg" /></a></div>
<div style="text-align: center;">
<span style="font-family: Georgia, Times New Roman, serif;"><span style="text-indent: -36px;">--</span></span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-2184169146232069392016-07-12T14:49:00.000-04:002016-07-12T14:56:21.459-04:00Happy Adobe Security Update Day For July<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://static2.businessinsider.com/image/52288ad36bb3f7250c8b4567-1200-858/rtx13843.jpg" target="_blank"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="266" src="https://3.bp.blogspot.com/-P3sxhF_2ieM/V4U6kK2OAOI/AAAAAAAAClw/t83dV8a49RkOBuPB9J2IJd10EA7shMV-ACLcB/s400/Pileup2.jpg" width="400" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">Second Tuesday of the month, the day when Adobe lets loose all the security patches they've been saving up for the past month. </span><span style="font-family: "courier new" , "courier" , monospace;">(0_o)</span><span style="font-family: "georgia" , "times new roman" , serif;"> On this Tue2, Adobe is serving updates for:</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" target="_blank">Adobe Flash</a> </b>- <b>52</b> critical CVEs patched</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" target="_blank">Adobe Acrobat and Reader</a></b> - <b>32</b> critical CVEs patched</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="https://helpx.adobe.com/security/products/xmpcore/apsb16-24.html" target="_blank">Adobe XMP Tool for Java</a></b> - <b>1</b> CVE patched</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">The links above lead to accompanying Adobe security bulletins.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">So where's the required <b>Adobe AIR update?</b> After all, Adobe Flash is integrated into Adobe AIR! Nothing new. That's worrying. If you're running AIR, be sure to have it self-check for updates!</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Where to get the security updates:</b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="https://get.adobe.com/flashplayer/" target="_blank">Adobe Flash</a></b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Mac" target="_blank">Adobe Acrobat</a></b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="https://get.adobe.com/reader/" target="_blank">Adobe Reader</a></b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="http://www.adobe.com/devnet/xmp.html" target="_blank">Adobe XMP Tool for Java</a></b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif; font-size: large;"><b>The Gory Details</b></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Adobe Flash Vulnerability Details</b></span></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve a race condition vulnerability that could lead to information disclosure (CVE-2016-4247).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4223, CVE-2016-4224, CVE-2016-4225).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4248).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-4249).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve a memory leak vulnerability (CVE-2016-4232).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve stack corruption vulnerabilities that could lead to code execution (CVE-2016-4176, CVE-2016-4177).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2016-4178).</span></span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><span style="font-family: "georgia" , "times new roman" , serif;">Adobe Acrobat and Reader Vulnerability Details</span></b></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2016-4210).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2016-4190).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-4209).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve various methods to bypass restrictions on Javascript API execution (CVE-2016-4215).</span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4189, CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252).</span></span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Adobe XMP Tool for Java Vulnerability Details</b></span></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">This update resolves an issue associated with the parsing of crafted XML external entities in XMPCore that could lead to information disclosure (CVE-2016-4216).</span></blockquote>
<div style="text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><b>Stay safe out there kids!</b></span><br />
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://vignette1.wikia.nocookie.net/disaters/images/6/67/Women-drivers-car-pile-up.jpg" target="_blank"><img border="0" height="265" src="https://4.bp.blogspot.com/-N9yVpEn3ZOg/V4U6mndFzDI/AAAAAAAACl0/SSCCwkej-78cxY68N3wEel5_wrUEljIJgCEw/s400/Pileup1.jpg" width="400" /></a></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-5788006866434556252016-07-06T16:55:00.005-04:002016-07-07T01:54:50.351-04:00Beware New Mac Malware: 'Backdoor.MAC.Eleanor'<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-mQuKCLmeWG8/V31vmvFTL6I/AAAAAAAAClc/_QYk6zXn2BIXyTR3HuYzYcuoq3CB3M03wCK4B/s1600/keep-calm-and-kill-eleanor.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://1.bp.blogspot.com/-mQuKCLmeWG8/V31vmvFTL6I/AAAAAAAAClc/_QYk6zXn2BIXyTR3HuYzYcuoq3CB3M03wCK4B/s320/keep-calm-and-kill-eleanor.png" width="274" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span><span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">[Updated: 2016-07-07 @1:50 am ET with additional references]</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">This malware should more properly be named <b>OSX.Trojan.Eleanor.A</b>. In the field, it is being called </span><b>Backdoor.MAC.Eleanor</b> by <b>BitDefender LABS</b>. It is being served up to victims at a number of websites, including apparently MacUpdate.com. BEWARE!</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">I'll create my own write up about the malware as further details are available. For now, here are some excellent sources of information about <b>Eleanor</b>:</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Bitdefender LABS</b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><b><br /></b></span>
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="https://labs.bitdefender.com/wp-content/uploads/2016/07/Backdoor-MAC-Eleanor_final.pdf" target="_blank">Backdoor.MAC.Eleanor Grants Attackers Full Access to Mac Systems</a></b></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><b>A. Description:</b> </span></blockquote>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">- - The application name is <b>EasyDoc Converter.app</b>, and its main functionality should be to convert documents, but it does anything but that. . . .</span></blockquote>
<b style="font-family: georgia, 'times new roman', serif;"><span style="font-family: "georgia" , "times new roman" , serif;">9To5Mac</span></b><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><b><br /></b></span>
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="http://9to5mac.com/2016/07/06/backdoor-mac-elanor-mac-malware/" target="_blank">New Mac malware in the wild, Backdoor.MAC.Elanor – can steal data, execute code, control webcam</a></b></span><br />
<div style="text-align: center;">
<br />
<div style="text-align: left;">
<span style="font-family: "georgia" , "times new roman" , serif;">More about Eleanor from my colleague <b>Thomas Reed</b> over at <b>Malwarebytes</b>:</span></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="https://blog.malwarebytes.com/cybercrime/2016/07/new-mac-backdoor-malware-eleanor/" target="_blank">New Mac backdoor malware: Eleanor</a></b></span></div>
<blockquote class="tr_bq">
<div style="text-align: left;">
<span style="font-family: "georgia" , "times new roman" , serif;">When the app is opened, it runs a shell script whose first task is to check for the presence of Little Snitch. . . . If <b>LittleSnitch</b> is not present, and if the malware has not already been installed, it then installs three LaunchAgents in the user folder plus a hidden folder full of executable files. All these items have names that attempt to make them seem like Dropbox components....</span></div>
</blockquote>
<blockquote class="tr_bq">
<div style="text-align: left;">
<span style="font-family: "georgia" , "times new roman" , serif;">Interestingly, this app’s page on MacUpdate has ratings submitted by users between 2014 and March 26, 2016, all but one of which are 4.5 or 5 stars. Since this malware appears to have first “turned on” in April, I suspect that the real EasyDoc Converter may have been <b>abandoned</b> by its developer and somehow <b>obtained by malware authors</b>....</span></div>
<span style="font-family: "georgia" , "times new roman" , serif;">
</span></blockquote>
<blockquote class="tr_bq" style="text-align: left;">
<span style="font-family: "georgia" , "times new roman" , serif;">If you have <a href="https://www.malwarebytes.com/antimalware/mac/" target="_blank"><b>Malwarebytes Anti-Malware for Mac</b></a>, it will detect this malware as OSX.Backdoor.Eleanor.</span></blockquote>
<div style="text-align: left;">
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">I</span><span style="font-family: "georgia" , "times new roman" , serif;">.E. the free <b>Malwarebytes</b> Anti-Malware for Mac already detects Eleanor. Use the link in the quote above.</span></span></div>
<div style="text-align: left;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;">And, <b>Dan Goodin</b> of <b>Ars Technica</b> posted an article about <b>Eleanor</b> as well as a couple other pests: <b>Pellit</b> and <b>Keydnap</b>. I'm waiting for more details about these last two before I bother writing about them.</span></span></div>
<div style="text-align: left;">
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="background-color: white; color: #263034;"><br /></span></span></div>
<div style="text-align: left;">
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><a href="http://arstechnica.com/security/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/" target="_blank"><b>After hiatus, in-the-wild Mac backdoors are suddenly back</b></a></span></div>
<div style="text-align: left;">
<span style="font-family: "trebuchet ms" , sans-serif; font-size: medium;"><a href="http://arstechnica.com/security/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/" target="_blank">Three new pieces of Mac-targeting malware access webcams, passwords, and more.</a></span></div>
<div style="text-align: left;">
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="background-color: white; color: #263034;"><br /></span></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;">
<span style="font-family: "georgia" , "times new roman" , serif;">~ ~</span></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Keep in mind that such malware can have <i>ANY name.</i> Therefore, don't simply avoid 'EasyDoc Converter'. Watch out for ALL software that is not signed by an Apple approved developer via ANY source.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Safety Step:</b></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Verify that you <i>at least</i> have Apple's <b>Gateway</b> setup this way in System Preferences...: Security & Privacy: General:</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-7DlRNzGPPqk/V31sPDE-BsI/AAAAAAAAClQ/DMMGJVYzmZ4YPJkzKXZrKYKXKwLe5zMjACK4B/s1600/Security%2B%2526%2BPrivacy%2BSetup.png" imageanchor="1"><img border="0" height="223" src="https://2.bp.blogspot.com/-7DlRNzGPPqk/V31sPDE-BsI/AAAAAAAAClQ/DMMGJVYzmZ4YPJkzKXZrKYKXKwLe5zMjACK4B/s400/Security%2B%2526%2BPrivacy%2BSetup.png" width="400" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">IOW: <i>Don't</i> have '<b>Anywhere</b>' selected. </span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">(If you're using macOS 10.12 Sierra, you won't even see 'Anywhere' available).</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Until this malware is blocked by Apple, do NOT override Gateway and open unsigned software. </span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">IOW: If you have Gateway setup properly, you attempt to open something you downloaded and OS X protests that the software may be insecure, do <i>NOT</i> open it. Take the advice of OS X. This will keep you safe from the Eleanor malware. Set the questionable software aside until protection against Eleanor is provided by Apple via its <b>XProtect</b> system. I'll report when XProtect has been updated against Eleanor.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><b>Further helpful information from Apple:</b></span></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="https://support.apple.com/en-us/HT201940" target="_blank">About the "Are you sure you want to open it?" alert (File Quarantine / Known Malware Detection) in OS X</a></b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">:-Derek</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-WHCEOaZCf1o/V31vtPP6ZaI/AAAAAAAAClk/epUQBiPYtrozSYRYTFUqnHINvlpLsVtdQCK4B/s1600/quote-when-you-cease-to-make-a-contribution-you-begin-to-die-eleanor-roosevelt-157921.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="187" src="https://2.bp.blogspot.com/-WHCEOaZCf1o/V31vtPP6ZaI/AAAAAAAAClk/epUQBiPYtrozSYRYTFUqnHINvlpLsVtdQCK4B/s400/quote-when-you-cease-to-make-a-contribution-you-begin-to-die-eleanor-roosevelt-157921.jpg" width="400" /></a></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-65897235194243443322016-06-18T16:02:00.003-04:002016-06-18T16:18:40.224-04:00Help Us Stop the Updates to Rule 41 -EFF Calls for a Day of Action on June 21st-<div style="text-align: center;">
--</div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">This issue is critical to all US citizen computer users.</span></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">Therefore, I'm posting about it here to bring it to everyone's attention.</span></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">:-Derek</span></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://noglobalwarrants.org/" target="_blank"><img border="0" height="132" src="https://4.bp.blogspot.com/-PwZFyoMp9FA/V2WiAYzV1bI/AAAAAAAACkc/oRHiG9TFpvUeRNGxfoKWYqWcNPr0k5DtwCLcB/s400/rule-41-banner4.png" width="400" /></a></div>
<div style="text-align: center;">
<b><a href="https://www.eff.org/deeplinks/2016/06/help-us-stop-updates-rule-41" target="_blank"><span style="font-family: "arial" , "helvetica" , sans-serif; font-size: large;">Please join us</span></a></b></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: center;">
<b><span style="font-family: "georgia" , "times new roman" , serif; font-size: large;">From the Electronic Frontier Foundation</span></b></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">"U.S. government agents want to use an obscure procedure to radically expand their use of hacking techniques. We need to stop them.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">"The change to <b><a href="https://www.law.cornell.edu/rules/frcrmp/rule_41" target="_blank">Rule 41</a></b> would make it easier for U.S. government agents to break into our computers, take data, and use hacking techniques.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">"The rule change especially impacts people using privacy-protective technologies, including <b>Tor</b> and <b>VPNs</b>.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">"The United States Congress <b>never approved</b> this expansion of the FBI’s powers. But now, Congress is our last chance to stop the change from taking effect."</span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">Please reject the changes to Rule 41 of the Federal Rules of Criminal Procedure by passing the Stopping Mass Hacking Act (S.2952, H.R.5321). These amendments would lead to a vast expansion of government hacking, a largely unregulated law enforcement technique that makes us all less secure. </span></blockquote>
<div style="text-align: center;">
<span style="color: red; font-family: "arial" , "helvetica" , sans-serif; font-size: large;"><b><a href="https://act.eff.org/action/stop-the-changes-to-rule-41" target="_blank">Send an email to your member of Congress</a></b></span></div>
<br />
<div style="text-align: center;">
<b><span style="font-family: "georgia" , "times new roman" , serif; font-size: large;">Why you should care</span></b></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">"We’ve written a <b><a href="https://www.eff.org/deeplinks/2016/04/rule-41-little-known-committee-proposes-grant-new-hacking-powers-government" target="_blank">detailed explanation of the changes to Rule 41</a></b>, which explains why this update will result in a dramatic <i>increase</i> in <i>government hacking.</i> Here’s an overview of some of the main reasons we are concerned:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">"Government agents hacking into computers more frequently is a recipe for disaster. Law enforcement will increase their exploitation of security vulnerabilities in common software products, meaning vulnerabilities that could affect millions will be left open instead of patched.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">"Law enforcement will forum shop, finding government-friendly magistrate judges to sign off on warrants with a loose connection to the judicial district.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">"Law enforcement will pressure judges to sign off on remote searches of thousands of computers with a single warrant—<b>a direct violation of the Fourth Amendment</b> and a pattern we’re already seeing.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">"This rule change especially impacts people using <b>privacy protective</b> technologies like Tor or VPNs, which is why we’re asking privacy tools to join us in standing up for users on <b>June 21</b>."</span><br />
<br />
<div style="text-align: center;">
<span style="color: #6aa84f; font-family: "arial" , "helvetica" , sans-serif; font-size: large;"><b><a href="https://act.eff.org/action/stop-the-changes-to-rule-41" target="_blank">Send an email to your member of Congress</a></b></span></div>
<div>
<span style="color: red; font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<div>
<span style="font-family: "georgia" , "times new roman" , serif;">"The <b>proposal</b> comes from the advisory committee on criminal rules for the Judicial Conference of the United States. The <a href="https://www.justsecurity.org/wp-content/uploads/2014/09/proposed-amendment-rule-41.pdf" target="_blank"><b>amendment</b></a> [PDF] would update <b>Rule 41 of the Federal Rules of Criminal Procedure</b>, creating a sweeping expansion of law enforcement’s ability to engage in hacking and surveillance. The Supreme Court just passed the proposal to Congress, which has until December 1 to disavow the change or it becomes the rule governing every federal court across the country. This is part of a statutory process through which federal courts may create new procedural rules, after giving public notice and allowing time for comment, under a “rules enabling act.”</span></div>
<br />
<div style="text-align: center;">
<span style="color: blue; font-family: "arial" , "helvetica" , sans-serif; font-size: large;"><b><a href="https://act.eff.org/action/stop-the-changes-to-rule-41" target="_blank">Send an email to your member of Congress</a></b></span></div>
</div>
<div>
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://noglobalwarrants.org/" target="_blank"><img border="0" src="https://4.bp.blogspot.com/-LQVNGPjeFJs/V2WmO8TOTyI/AAAAAAAACko/DKkZw6Iv1FInnuBrBU15sUYWEQZVLt85ACLcB/s1600/EFF%2BAction.png" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://noglobalwarrants.org/" target="_blank"><img border="0" height="210" src="https://1.bp.blogspot.com/-E8KGL6pdrys/V2Wm-Y0SDDI/AAAAAAAACk0/uQMc0HD7FI8LBiKCTJfN5kl7HW1meQOwQCLcB/s400/Fight%2BFor%2BYour%2BDigital%2BRights.png" width="400" /></a></div>
<div style="text-align: center;">
--</div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-30088508052246757492016-06-16T21:01:00.001-04:002016-06-16T21:13:26.379-04:00Adobe Flash Has Another In-The-Wild Exploit: Flash 22.0.0.192 and AIR 22.0.0.153 Updates Plus Other Adobe Security Updates<div class="tr_bq" style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://digiday.com/wp-content/uploads/2015/08/flash-banner2-1600x380.jpg" target="_blank"><img border="0" height="320" src="https://1.bp.blogspot.com/-645sn3PD5v0/V2NLVGXkgLI/AAAAAAAACkM/cf1cx0kHy7cLsTA5HJy0axcPHTfpNHI5wCLcB/s320/flash-banner2%2Bcropped.png" width="257" /></a></div>
<span style="font-family: "georgia" , "times new roman" , serif; font-size: large;"><b><u>Adobe Flash and AIR Updates:</u></b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Adobe was supposed to release a security update of Adobe <b>Flash</b>, and therefore <b>AIR</b>, on Tuesday, June 14th. But a Flash zero-day exploit was discovered and Adobe delayed the update until today, Thursday, June 16th. Adobe kindly posted a <a href="https://helpx.adobe.com/security/products/flash-player/apsa16-03.html" target="_blank">warning Security Bulletin</a> to that effect. If this sounds familiar, the same scenario played out in May as well. </span><span style="font-family: "courier new" , "courier" , monospace;">(0_o)</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">The new versions are <b>Flash v22.00.192</b> and <b>AIR v22.0.0.153</b>.</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">You can find the current versions of Adobe Flash and AIR here:</span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><a href="https://get.adobe.com/flashplayer/"><b>https://get.adobe.com/flashplayer/</b></a></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b><a href="https://get.adobe.com/air/download/">https://get.adobe.com/air/download/</a></b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;">
</span>
<br />
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">- -</span></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Adobe Flash v22.00.192 update:</b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><a href="https://helpx.adobe.com/security/products/flash-player/apsb16-18.html"><span style="font-family: "georgia" , "times new roman" , serif;">https://helpx.adobe.com/security/products/flash-player/apsb16-18.html</span></a></b></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Vulnerability Details</b><br />These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4144, CVE-2016-4149).<br /><br />These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4142, CVE-2016-4143, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147, CVE-2016-4148).<br /><br />These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2016-4135, CVE-2016-4136, CVE-2016-4138).<br /><br />These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4137, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154, CVE-2016-4155, CVE-2016-4156, CVE-2016-4166, <b>CVE-2016-4171</b>).<br /><br />These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4140).<br /><br />These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2016-4139). </span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">The CVE currently being exploited In-The-Wild is </span><b>CVE-2016-4171</b>, bolded above. If you'd like to know more about this exploit, have a read of Dan Goodin's article on the subject:<br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><b><a href="http://arstechnica.com/security/2016/06/critical-adobe-flash-bug-under-active-attack-currently-has-no-patch/" target="_blank">Critical Adobe Flash bug under active attack currently has no patch</a></b></span><br />
<span style="font-family: "trebuchet ms" , sans-serif;"><a href="http://arstechnica.com/security/2016/06/critical-adobe-flash-bug-under-active-attack-currently-has-no-patch/" target="_blank">Exploit works against the most recent version; Adobe plans update later this week.</a></span><br />
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Adobe AIR v22.0.0.153 Update:</b></span></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<b><span style="font-family: "georgia" , "times new roman" , serif;"><a href="https://helpx.adobe.com/security/products/air/apsb16-23.html">https://helpx.adobe.com/security/products/air/apsb16-23.html</a></span></b></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Vulnerability Details</b><br /><br />This update resolves a vulnerability in the directory search path used by the Air (sic) installer that could lead to code execution (CVE-2016-4116).</span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">Note that this is actually a vulnerability found in the previous <i>installer</i> for AIR.</span><br />
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">~ ~ ~ ~ ~</span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif; font-size: large;"><u><b>The <i>other</i> Adobe security updates from Tuesday, June 14th:</b></u></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Adobe ColdFusion Hotfixes available:</b></span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<a href="https://helpx.adobe.com/security/products/coldfusion/apsb16-22.html"><span style="font-family: "georgia" , "times new roman" , serif;">https://helpx.adobe.com/security/products/coldfusion/apsb16-22.html</span></a></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Vulnerability Details</b><br /><br />These hotfixes resolve an important input validation issue (CVE-2016-4159) that could be exploited to conduct cross-site scripting attacks.</span></blockquote>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"> </span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Adobe Creative Cloud Desktop Application </b></span><b>v3.7.0.272</b><b style="font-family: georgia, 'times new roman', serif;"> Update</b><span style="font-family: "georgia" , "times new roman" , serif;">:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<a href="https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html"><span style="font-family: "georgia" , "times new roman" , serif;">https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html</span></a></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Vulnerability Details</b><br /><br />This update resolves a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4157).<br /><br />This update resolves an unquoted service path enumeration vulnerability in the Creative Cloud Desktop Application(CVE-2016-4158).</span></blockquote>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Adobe Brackets v1.7 Update</b>:</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<a href="https://helpx.adobe.com/security/products/brackets/apsb16-20.html"><span style="font-family: "georgia" , "times new roman" , serif;">https://helpx.adobe.com/security/products/brackets/apsb16-20.html</span></a></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Vulnerability Details</b><br />This update resolves a JavaScript injection vulnerability, which could be abused in a cross-site scripting attack (CVE-2016-4164).<br /><br />This update resolves an input validation vulnerability in the extension manager (CVE-2016-4165).</span></blockquote>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span></div>
<b><span style="font-family: "georgia" , "times new roman" , serif;">Adobe DNG Software Development Kit (SDK) 1.4 (2016 release) Update:</span></b><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<a href="https://helpx.adobe.com/security/products/dng-sdk/apsb16-19.html"><span style="font-family: "georgia" , "times new roman" , serif;">https://helpx.adobe.com/security/products/dng-sdk/apsb16-19.html</span></a></span><br />
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;"><b>Vulnerability Details</b><br /><br />This update resolves a memory corruption vulnerability (CVE-2016-4167).</span></blockquote>
<div style="text-align: center;">
~ ~ ~ ~ ~</div>
<br />
<div>
<span style="font-family: "georgia" , "times new roman" , serif;"><b>And some H<i>a</i>PP<i>y </i>news!</b></span></div>
<div>
<br /></div>
<div>
<b><span style="font-family: "trebuchet ms" , sans-serif; font-size: large;"><a href="http://www.macrumors.com/2016/06/14/safari-macos-sierra-plugins-disabled-default/" target="_blank">Safari in macOS Sierra Deactivates Flash and Other Plug-ins By Default</a></span></b></div>
<blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">In <b>Safari 10</b>, set to ship with <b>macOS Sierra</b>, Apple plans to disable common plug-ins like <b>Adobe Flash</b>, <b>Java</b>, <b>Silverlight</b>, and <b>QuickTime</b> by default in an effort to focus on HTML5 content and improve the overall web browsing experience. . . .<br /><br />. . . When a website offers both Flash and HTML5 content, Safari will always deliver the more modern <b>HTML5</b> implementation. On a website that requires a plug-in like Adobe Flash to function, users can activate it with a click. . . .<br /><br />Safari 10 will also include a command to reload a page with installed plug-ins activated to give users additional options for controlling the content that's displayed, and there are preferences for choosing which plug-ins are visible to which websites in Safari's Security preferences. . . .</span></blockquote>
<span style="font-family: "georgia" , "times new roman" , serif;">One more nail in the coffin of poorly written Internet plugins. (^_^)</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"><a href="http://betanews.com/wp-content/uploads/2016/04/Flash-coffin.jpg" target="_blank"><img border="0" height="320" src="https://4.bp.blogspot.com/-YzEj24PSCmI/V2NJrR7uQWI/AAAAAAAACkA/ncMUEZFCtV8EiyG49n2jOoPVsuN7TqiqACLcB/s320/Flash-coffin.png" width="268" /></a></span></div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;"> <span style="text-align: center;">--</span></span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0tag:blogger.com,1999:blog-2863230275877451164.post-62092296486943735482016-05-13T22:23:00.002-04:002016-05-13T22:27:05.407-04:00Adobe Flash In-The-Wild Exploit Patched: Flash v21.0.0.242, AIR v21.0.0.215 Plus ColdFusion Hotfixes<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://animalnewyork.com/wp-content/uploads/todseelie.jpg" rel="noreferrer" target="_blank"><span style="font-family: "georgia" , "times new roman" , serif;"><img border="0" height="220" src="https://2.bp.blogspot.com/-IdYTLl60t24/VzaICLpuNxI/AAAAAAAACjo/MsQCk-S1kIoScNiOKeVjgEcZnny353qSwCLcB/s320/todseelie_crop.png" width="320" /></span></a></div>
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Adobe has released <b>Flash v21.0.0.242</b> and <b>AIR v21.0.0.215</b>. The patch blocks an <b>in-the-wild exploit</b> of Flash. There is a total of <b>25 CVE patches</b>. Presumably, this patch is two days later than Adobe's usual 'second Tuesday of the month' patching schedule due to the late discovery of the ongoing exploit.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<a href="https://get.adobe.com/flashplayer/" rel="noreferrer" target="_blank"><b><span style="font-family: "georgia" , "times new roman" , serif;">Download Flash Update</span></b></a><br />
<a href="https://get.adobe.com/air/" rel="noreferrer" target="_blank"><b><span style="font-family: "georgia" , "times new roman" , serif;">Download Air Update</span></b></a><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">The security bulletin is <a href="https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" rel="noreferrer" target="_blank"><b>HERE</b></a>.</span><br />
<blockquote class="tr_bq">
<b><span style="font-family: "georgia" , "times new roman" , serif;">Vulnerability Details</span></b><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1105, CVE-2016-4117).</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4110).</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-1101).</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2016-1103).</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115).</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4116).</span></blockquote>
<b><span style="font-family: "georgia" , "times new roman" , serif;">Also of note:</span></b><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">Adobe has released security hotfixes for <b>ColdFusion</b> versions <b>10</b>, <b>11</b> and the <b>2016</b> release.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">The security bulletin is <b><a href="https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html" rel="noreferrer" target="_blank">HERE</a></b>.</span><br />
<blockquote class="tr_bq">
<b><span style="font-family: "georgia" , "times new roman" , serif;">Vulnerability Details</span></b> </blockquote>
<blockquote class="tr_bq">
<span style="font-family: "georgia" , "times new roman" , serif;">These hotfixes resolve an important input validation issue (CVE-2016-1113) that could be abused to conduct cross-site scripting attacks.</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">These hotfixes include an updated version of the Apache Commons Collections library to mitigate an important Java deserialization vulnerability (CVE-2016-1114).</span><br />
<span style="font-family: "georgia" , "times new roman" , serif;"><br /></span>
<span style="font-family: "georgia" , "times new roman" , serif;">These hotfixes resolve a moderate host name verification problem affecting wild card certificates (CVE-2016-1115).</span></blockquote>
<div>
<span style="font-family: "georgia" , "times new roman" , serif;">Hopefully, that's the end of Adobe security patches for May. </span><span style="font-family: "courier new" , "courier" , monospace;">(0_o)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif; margin-left: 1em; margin-right: 1em;"><img border="0" height="240" src="https://4.bp.blogspot.com/-fw9vh4ojKoA/VzaIPyOTKNI/AAAAAAAACjs/KJJ51I-JGKY5LwtTJH6u2af7Ysxt6LlAQCLcB/s320/4-burning-car-ian-rasmussen.png" width="320" /></span></div>
</div>
<div style="text-align: center;">
<span style="font-family: "georgia" , "times new roman" , serif;">--</span></div>
:-Derekhttp://www.blogger.com/profile/01192230834913012760noreply@blogger.com0