I have come across two articles that have been well worth reading in the past 12 hours. The first is a general article on the possible security implications of international travel and your personal electronic devices. The second is related to two blackouts that may be related to network intrusion activity. Both are well worth the read.
Archive for May, 2008
Two network security articles worth reading
Friday, May 30th, 2008comcast.net “hijacked”
Thursday, May 29th, 2008Well, this isn’t exactly as bad as it sounds actually, but it’s worth noting that some people have not learned from the aol.com and other dns server redirections in the past. What happens is someone submits a web form or spoofs an email and it moves the dns for your domain to some other servers. In this case, the fallout will be felt for up to two days by some people. This can seriously hurt your reputation as folks may think that the security of your relationship with your registrar is congruent with your overall security strategy. Most (All?) registrars allow you to put your domain in some form of a locked mode. My domain (nether.net) has the following flag set: clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited
It may be time to review what your settings are and make sure history does not repeat itself on your domains.
The internet is dangerous (this time it’s plug-ins)
Wednesday, May 28th, 2008I’m reminded the past two days why I always run my web browsers with plugins disabled by default. With the recent events of people getting malware into ad networks, and the revelation of at least one (if not two) flash vulnerabilities being exploited in the past 48 hours, the safety of my i-hate-flash policy is once again revealed. If you’re unaware, you should be disabling plugins except when you need them from your ‘trusted’ sources, or if you use a firefox derivative browser, check out flashblock.