Thursday, July 11, 2013

Security news

Lots of Windowsy goodness in this week's Patch Tuesday, including a fix that covers all versions of Windows.  That's right, something that could be exploited in every Windows machine.  Cool beans.  One of the vulnerabilities is being exploited in the wild.  And bonus Internet Explorer fixes. Get yer fixes here (you need to use Internet Explorer for this).

Adobe released security updates for Flash and Shockwave.  Restarting your browser likely will do this (Adobe will tell you there's an update and ask you if you want it).  Or get it here.

The Commerce Department has an interesting approach to getting rid of malware: grind up the computers in industrial shredders:
A US Department of Commerce agency has been chastised for spunking $2.7m chasing down a supposed major malware infection that was actually limited to a handful of PCs.

The Economic Development Administration adopted a scorched earth policy - isolating itself from the internet before destroying more than $170,000 worth of equipment including printers, TVs, and even computer mice - in a comically inept attempt to resolve the phantom outbreak.

The physical destruction of equipment only ceased after the department's disposal budget was exhausted. "The destruction of IT components was clearly unnecessary," the Office of the Inspector General’s (OIG) auditor said in an official report released last month.
[rolls eyes]

Here are a couple of interesting browser plugins to combat nosy web tracking.  Ghostery and DoNotTrackMe are worth a look.  Note that this only protects you against nosy marketing types, not against the NSA.

Security guru Rich Mogul has a very interesting article about Apple's security strategy: make security both effective and invisible to the user:

For many years, Apple tended to choose good user experience at the expense of leaving users vulnerable to security risks. That strategy worked for a long time, in part because Apple’s comparatively low market share made its products less attractive targets. But as Apple products began to gain in popularity, many of us in the security business wondered how Apple would adjust its security strategies to its new position in the spotlight.

As it turns out, the company not only handled that change smoothly, it has embraced it. Despite a rocky start, Apple now applies its impressive design sensibilities to security, playing the game its own way and in the process changing our expectations for security and technology.
Worth a read.

3 comments:

Mark/GreyLocke said...

Any reason why after the last flash I can no longer stop video's such as youtube video's from downloading? I use to right click and the menu offered me stop download now it doesn't Also firefox won't let me copy/paste without selecting half a page to copy instead of just the one sentence I want. I've gone through all the mozilla support forums and reset firefox re-installed everything and it still giving me problems.

Borepatch said...

GreyLocke, I have no idea. Haven't heard this before.

JD(not the one with the picture) said...

I can't believe the Commerce Dept. shredded all those machines to stop the spread of computer viruses. Everyone knows all you have to do is wipe them down with Clorox wipes.