So, according to my iPhone, the DNS servers that it uses is patched. (18.104.22.168 - schinetdns.mycingular.net) However, when I tried to send an image of the doxpara page through email it gave me an SSL error and asked me to accept the certificate…. Um, no thank you. So, for the time being I will not be checking my email for a while, or for that matter anything I need to authenticate with.
It’s almost that time. DefCon is right around the corner and things are coming together nicely. Here is where we stand and a rough schedule of events: Bloggers welcome. I got a lot of feedback asking if it’s just for “Podcasters” but we would like to invite bloggers to participate as well. I-Hacked.com and Astaro are our current sponsors, and I am still waiting on confirmation from two others.
So after my last post, which autotwittered, I got a reply from a guy by the name of Frank Eliason, who goes by the handle “ComcastCares” on Twitter. And this is how the converation went: mubix: Blogged Comcast: The start of a new series http://tinyurl.com/6jrvhe 5 days ago comcastcares: @mubix I would like to help. Email me *********[snipped]@cable.comcast.com (new email: We_Can_Help@cable.comcast.com) 5 days ago mubix: @comcastcares it shouldn’t come to the point where you need to help.
So, now that your feed reader is full up of all the DNS problems, I would like to present you with one more tidbit. How many of you have checked your iPhone, Blackberry, or other web enabled mobile device against this vulnerability? I did, and wasn’t happy. For more information please check out these links: In depth explination: http://www.mcgrewsecurity.com/?p=151 To check to see if you are vulnerable: http://www.doxpara.com/ http://www.mckeay.net/2008/07/21/patch-dns-now/ http://www.matasano.com/log/mtso/
I am truely getting tired of iPhone “Web Apps”. I created the title like I was going to give them a fair chance, but they truely have ZERO integration into the actual phone. They do have a pretty interface and I have to give props to some of the design developers, but does this seem more of a copout to anyone else? I’ll give an example. I LOVE Remember the Milk.
Now, I don’t like to publicly bad mouth companies, but at some point, Comcast’s lack of “service” has got to stop. Well, let me rephrase that: Comcast needs to be held accountable for their utter lack of due diligence. I have been a Comcast customer by default ever since they swallowed the portion of Adelphia that held my area. I say this because only recently, have I actually had a choice in the matter.
To All, Well, this year marks the first annual DEFCON Podcaster’s Meetup, and we will be doing it in STYLE. For those of you who made it out to the second annual Podcaster’s Meetup at ShmooCon, we ran into some hitches (like sound), but as we grow, so do the problems. Let me start off by telling you some sweet news. We are nailing down time in a SkyBox! So we will have plenty of room, piece and quite for recording, and a nice view over the con, plus NO WALKING TO THE PARTY.
Since I wasn’t able to catch the commenter before they went offline I will leave it anonymous but they make a good point about my Crazed Bovine Traversal post: In response to your “Crazed Bovine Traversal” blog post, a ringtone virus would likely depend upon some sort of code execution bug in the audio parsing code of the mobile device. Propagation could simply be done via text messaging or web site.
On a Dutch news site there was a story about a hacker that stole 50,000 credit cards (well, the information at least) and also stole a prerelease version of Quake Wars. What do you think made the title line? Quake Wars. That puts things in perspective on what is impotant. Big companies like the one that made Quake Wars have the liquid budget to chase this guy down, but the 50,000 individuals don’t.
So, I made a new category basically for posts that I want to keep for myself and also post for other people not to have as hard a time finding: Archiving. In Ubuntu I have always set a password for root and “su -” up to root to run things that needed root access. Well after watching IronGeek’s latest video on Labrea (click here to watch the video). I gleaned a new way to get to a root prompt without having to set a password and su up each time.