MAAS History
Disclaimer
exocrine exocrine

All information Provided as is.

Entries by Sean OConnell Public (117)

Monday
Jul082013

Condition Remains GREEN

Researchers have discovered that the proposed password for a WiFi personal hotspot is weak in iOS. The RISK remains low to this kind of attack, however a malicious actor may be able to gain access to a iOS WiFi personal hot spot under certain conditions. There will be a future presentation about this weakness promting hype generated reporting.

To eliminate the RISK users should avoid the proposed WiFi personal hotspot password in iOS, similar to any suggested default passwords. Users should set a custom password for their iOS personal hot spot. Similar to your WiFi network at home or in a small office use a passphrase with a combination of characters and recommended length of at least 24 characters. (Apple requires that the length be at least 8 characters, see reference link for more information about setting up personal hotspot.)

 

Users should also disable WiFi and their personal hotspot when not in use in iOS. 

Friday
Jan112013

Condition Remains GREEN

Gatekeeper can prevent rouge software developed by unidentified developers from runnig. This includes JAVA and PKG files, two vectors that criminal hackers can use to exploit software flaws in MacOSX or various APPs. 

The APP Store only setting provides the highest level of restriction in Gatekeeper and is recommended for a majority of users.