MAAS History
Archives

Entries by drStrangeP0rk (171)

Monday
Jan052009

Private Browsing is Not Always Private

DateMonday, January 5, 2009 at 07:34AM

Well, duh! Private browsing in browsers such as Safari or Fire Fox is not what it seems to be unless you take advantage of tools and or services such as JAP, TOR-Proxy or Proxify. When selecting private browsing on any system third party products such as Flash or Google gears have their own way of storing information and of course their own way of managing the privacy of that information. This is all included in the installer(s) and downloader(s) but like much of everything in our on demand world people confuse the OK button with security.

A big issue for users and administrators with the Flash plug-in is that the global settings are accessed via a SSL site, which may be blocked for users behind corporate firewalls. This is something administrators should consider if Flash is part of their install. Simply put it is important to configure these privacy settings as well.

To access and change your Flash settings access the following site, the settings are the actual application loaded into the page. I have it set for the highest privacy settings, which accepts and stores nothing on any of my systems. 

Adobe - Flash Player : Settings Manager - Global Storage Settings Panel

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in
Monday
Dec152008

OSX Update 10.5.6

DateMonday, December 15, 2008 at 10:38PM

Apple has release an update that addresses about 21 security issues that can be exploited in a variety of ways. If you are using egress filtering between groups/departments the effects of local attacks may be contained but it it recommended to install the update for your particular system. Popular exploitation delivery includes directing a user to a web site or sending a corrupt image to be viewed locally. This can in the worst case result in the execution of code and hijacking the entire system. 

Overview

 

  • Heap buffer overflow in CoreGraphics.
  • Flash Plug-in Vulnerabilities which are web directed exploits. 
  • CoreServices credential hijack vulnerability. 

 

These can result in:

 

  • Session fixation attack.
  • Denial of Service.
  • Elevation of privilege.

 

 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in
Monday
Nov242008

Safari Updates Address Security Concerns

DateMonday, November 24, 2008 at 11:17PM

Apple released updates to Safari on November 13, I have been busy with school so sorry about the delayed posting. It addresses several issues in the Macintosh version including the possibility that a local user can obtain sensitive data from the cache. Webkit issues address include out of bound memory access, termination and arbitrary code execution. 

Make sure that this update has been install since there are currently exploits in the wild that are taking advantage of application termination issues. 

AuthordrStrangeP0rk | CommentPost a Comment | Reference5 References |
in
Tuesday
Nov042008

Acrobat Reader Critical Validation Flaws

DateTuesday, November 4, 2008 at 11:10PM

Adobe has released a bulletin related to critical flaws in Reader and Acrobat. The details are not fully disclosed but Secunia, a security research company, does discuss a boundary error related to certain types of content in PDF's. It is possible that this boundary error can be exploited, code can be executed and privileges compromised. Many researchers believe that the other validation errors are simular in nature and delivery. This is a platform independent issue so Windows users are also affected.

Users have to download a PDF and view it which gets back to a bigger issue, that users should only open files from users that they know or from sites that are trusted. It is important that users update their Acrobat or Reader application to the latest versions. 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in ,
Wednesday
Oct152008

Definition of Trust

DateWednesday, October 15, 2008 at 07:05AM

From a general social standard one will ask oneself on daily interaction with an individual “can I trust this person?” Mac users and administrators for years had little to worry about in terms of the level of trust that is place in the user and his or her daily interaction with public networks or files. This has changed in the last 10 years. From the administrator's standpoint this is a high-end Unix system that is being tasked more and more with providing a wide range of services. When implementing a secure Macintosh framework, a major goal is to provide a system for measuring the evidence to have confidence in the truth of the person or thing.

Due to the fact that we are humans, we are unable to identify a quantitative measure of confidence; we need to evaluate the evidence presented to a security structure. This allows the administrator to achieve a measure of assurance that the person cannot abuse this degree of trust. So, we need to develop a way to trust users, administrators and the files interacting within the secure Mac framework.

Ok, I know what you are thinking, these are Macs, security is taken care of and as a business we do not need to do the stuffy work of the rest of the IT world. Again, this is a warning, you are not just a Mac administrator you are an UNIX administrator. Think about how much better the Mac platform is since OSX. Why wouldn’t we not just want but also need to take the professionalism of the experience of Unix security gurus and make the Mac platform more secure? Security engineering methods make perfect sense and allow for continuous improvement and measurement by the organization. So as part of my final project for my masters in CS from BU, I plan to post my working framework for a secure Macintosh environment. 

AuthordrStrangeP0rk | CommentPost a Comment |
in
Page 1 ... 31 32 33 34 35 Next 5 Entries ยป