• iPhone

    iPhone Worm is Crap

    Sorry, I can’t help it. That whole “iPhone Security Problems” thread I’ve seen on a few sites recently due to that worm. Oh, then there was a second worm that did the same thing. Really? Did these awesome security gurus realize that the device has to be jailbroken? Oh and they have to still have the default password used for SSH? I would hope that if you know enough to jailbreak the device without bricking it that you know enough to change the default SSH password. Interestingly enough though, an estimated 6 to 8 percent of iPhones are jail-broken… If there have been 21 million sold, that provides an attack…

  • Ubuntu,  Unix

    Looking at Google Android's Internals

    Google’s Android is a very small Linux distribution. Recently I needed to test some applications that were developed by a couple of friends of mine. Rather than run out to T-Mobile I figured I’d just install the new LiveAndroid disk and thought I would write up how to get setup using VMware Fusion and then go about doing some tasks with Android. To get started make sure you’re running the latest Fusion (or Parallels or Q or VirtualBox). Then download two ISO files from http://code.google.com/p/live-android/ liveandroidv0.2.iso.001 and liveandroidv0.2.iso.002. Once you have downloaded the two ISO files we’re going to need to join them.  To do so cat liveandroidv0.2.iso.001 liveandroidv0.2.iso.002 >…

  • personal

    Facebook and Privacy

    A friend sent me an article the other day about Facebook, where the author had an almost chilling reception to Facebook’s privacy policy/terms of use.  In fact, last week alone I got at minimum three such emails asking what “a security guy” thought and since the new privacy policy was put into place I’ve gotten no less than 30 or 40 requests/invitations to join various groups that seem to have serious issues with this policy (btw – not all “security guys” wear tin foil hats). Someone once told me not to put anything in writing (or on film) that I didn’t want my grandmother to see.  The obvious extension of…

  • Mac OS X,  Mac Security

    More on OS X Memory/Security

    I know I’ve talked about memory before, but I haven’t really talked about the library randomization that was added to 10.5. Library randomization is part of ASLR (address space layout randomization) and a good part of the way to moving into full ASLR inclusion, but they haven’t completed that circuit, which a recent TechTarget article mentions: The weakness Dai Zovi exploits is in heap memory, which is memory that’s not in use. To address memory security issues, the PaX project for Linux developed a set of features to protect address space. Two of these are Address Space Layout Randomization (ASLR) and Non-executable memory (NX). ASLR makes it harder for malware…

  • Business,  Mac Security

    MinneSec

    May 21st at the Bulldog in NE Minneapolis – MinneSec.  Provided I’m allowed by the evil travel lords I will be there to partake in what I’m sure will be fantastic discussions on security topics.  The website.

  • Mac OS X,  Mac Security,  Windows XP

    Lo/Jack

    It’s Friday and I’m feeling fairly non-technical after a call earlier today with actual end users (I’d forgotten we had those).  So I’m going to talk about Lo/Jack.  Tangent time: One of the great parts about being involved with MacWorld is the schwag.  The speaker bags are full of stuff that, to be quite honest, I would almost never think to buy myself.  Not that the vendors who throw crap in there don’t get me hooked on their phonics.  But one of the few things that have caused me to think about security strategies from that bag is LoJack for Laptops.  The thing is, I don’t really need it for…

  • Mac OS X,  Mac OS X Server,  Mass Deployment

    Mac OS X: Check Point FDE

    So we’ve been messing around with Check Point for awhile.  But we never actually had to mass deploy it until recently.  After messing around for awhile, we decided that we actually kinda’ like how they do things.  There are various strategies you can take with how you choose to deploy the software, but they all boil down to building an *.ips file and either publishing it through a network mount as part of the installation package for Check Point FDE.  The software automatically begins to encrypt the drive when you push it out, so you don’t need to push out an image with a pre-encrypted drive, although you will need…