Episode 125 – April 3, 2010
Interviews, Episode 125: Big Batches of Patches! Following huge releases on Patch Tuesday from Microsoft, Apple, Sun/Java, Mozilla Firefox, and Mozilla Thunderbird, we talk with patch management expert Jason Miller. He’s Data and Security Team Manager from Shavlik Technologies. Jason’s interview starts about 22 minutes into the program.
We also talked with Randy Sarafan, the Author of 62 Projects to Make With a Dead Computer. Fun stuff. Interview starts about 53 minutes into the show. You can download the file from our XML feed, from iTunes, and other sites. See the Listening Options page, or use the flash player below:
Our Take on This Week’s News
CNN presents a glowing story about the success of airport whole body scanners, which have found drugs and other junk in people’s pockets. The TSA plans to roll out 1000 more of the machines. Meanwhile, the Electronic Privacy Information Center posted this doc, in which the TSA contradicts itself to congress regarding the ability of the machines to store and transmit images. See item # 8, where they claim that the airport scanning machines are not capable of transmitting images, BUT, the images they transmit to remote viewing facilities are encrypted.
A new web service allows businesses to monitor the social networking communications of their employees. Facebook and Twitter users, you should probably just assume that what you post publicly is being monitored by your employer. Employers, you should probably assume that your employees post a lot of stuff that shouldn’t be shared.
Quip app security hole shares private photos. People who used a free service to send naked photos of themselves were exposed. Hey wait a minute… doesn’t the Apple app store performed extensive reviews before they accept a product?
iPad is coming to the office, and we found some security applications for it. iTeleport: Jaadu VNC is encrypted remote access allows a secure connection between the iPad and a desktop comupter. ALSO — in PC World, Tom Bradly Reports another option from Array Networks: “One app that is not yet available, but has significant promise for leveraging the iPad to connect with Microsoft Windows systems is Array Networks Desktop Direct.
Report: 64% of all Microsoft vulnerabilities for 2009 mitigated by Least Privilege accounts.
Whole Foods Scam on Facebook. Free gift cards worth $500 for the first 12,000 users. Uh-huh.
Cleveland Plain Dealer exposes identity of community leader who posts anonymous comments. Starts debate about privacy versus the public’s right to know. We wonder why just anyone at the newspaper can look at the email registry.
This entry was posted on April 3, 2010 at 10:11 pm and is filed under Breach, Court Cases, darkweb, Legislation, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags Apple, darkweb, Drive-by download, endpoints, iPad, iPhone, patching, Social Networks, SQL Injection, WiFi. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.