So after my last post, which autotwittered, I got a reply from a guy by the name of Frank Eliason, who goes by the handle “ComcastCares” on Twitter. And this is how the converation went: mubix: Blogged Comcast: The start of a new series http://tinyurl.com/6jrvhe 5 days ago comcastcares: @mubix I would like to help. Email me *********[snipped]@cable.comcast.com (new email: We_Can_Help@cable.comcast.com) 5 days ago mubix: @comcastcares it shouldn’t come to the point where you need to help.
So, now that your feed reader is full up of all the DNS problems, I would like to present you with one more tidbit. How many of you have checked your iPhone, Blackberry, or other web enabled mobile device against this vulnerability? I did, and wasn’t happy. For more information please check out these links: In depth explination: http://www.mcgrewsecurity.com/?p=151 To check to see if you are vulnerable: http://www.doxpara.com/ http://www.mckeay.net/2008/07/21/patch-dns-now/ http://www.matasano.com/log/mtso/
I am truely getting tired of iPhone “Web Apps”. I created the title like I was going to give them a fair chance, but they truely have ZERO integration into the actual phone. They do have a pretty interface and I have to give props to some of the design developers, but does this seem more of a copout to anyone else? I’ll give an example. I LOVE Remember the Milk.
Now, I don’t like to publicly bad mouth companies, but at some point, Comcast’s lack of “service” has got to stop. Well, let me rephrase that: Comcast needs to be held accountable for their utter lack of due diligence. I have been a Comcast customer by default ever since they swallowed the portion of Adelphia that held my area. I say this because only recently, have I actually had a choice in the matter.
To All, Well, this year marks the first annual DEFCON Podcaster’s Meetup, and we will be doing it in STYLE. For those of you who made it out to the second annual Podcaster’s Meetup at ShmooCon, we ran into some hitches (like sound), but as we grow, so do the problems. Let me start off by telling you some sweet news. We are nailing down time in a SkyBox! So we will have plenty of room, piece and quite for recording, and a nice view over the con, plus NO WALKING TO THE PARTY.
Since I wasn’t able to catch the commenter before they went offline I will leave it anonymous but they make a good point about my Crazed Bovine Traversal post: In response to your “Crazed Bovine Traversal” blog post, a ringtone virus would likely depend upon some sort of code execution bug in the audio parsing code of the mobile device. Propagation could simply be done via text messaging or web site.
On a Dutch news site there was a story about a hacker that stole 50,000 credit cards (well, the information at least) and also stole a prerelease version of Quake Wars. What do you think made the title line? Quake Wars. That puts things in perspective on what is impotant. Big companies like the one that made Quake Wars have the liquid budget to chase this guy down, but the 50,000 individuals don’t.
So, I made a new category basically for posts that I want to keep for myself and also post for other people not to have as hard a time finding: Archiving. In Ubuntu I have always set a password for root and “su -” up to root to run things that needed root access. Well after watching IronGeek’s latest video on Labrea (click here to watch the video). I gleaned a new way to get to a root prompt without having to set a password and su up each time.
Just wanted to pimp Paul from PaulDotCom’s class coming up here shortly. Also, to register go to http://www.pauldotcom.com/sans and help their podcast out. SANS Institute - SANSFIRE 2008 Wednesday, July 23, 2008 : 9am - 5pm Paul Asadoorian, Defensive Intuition 6 CPE Credits
Now that everyone and their mother has posted about Back|Track Final being released I feel that I am safe in disclosing that information. But on to the topic, with said release, the folks over at Paterva have released a “Community” edition of Maltego. Straight from the horses mouth, here are the limitations: Limitations The Community Edition is limited in the following ways: A 15second nag screen Save and Export has been disabled