MAAS History
Disclaimer
exocrine exocrine

All information Provided as is.

Wednesday
Apr062011

Condition Remains GREEN

Some users are reporting that FaceTime shows random pictures or photos from a previous session. We have been unable to duplicate the glitch and suspect that it is related to the application saving state when the phone switches application or locks the screen. At this stage we suspect that it is a software issue, this has very limited privacy concerns at this time.

If you experience these issues try these steps:

  1. Report the issue to Apple discussion board indicating what applications are running, hardware and software on the device.
  2. Make sure you are running the latest firmware and iOS version.
  3. Disable FaceTime and then do a restart of the device. This will ensure that settings are removed.
  4. Download any APP updates for your device.
  5. Enable FaceTime from the APP store again after completing step 3.

If the issue still continues try the following:

  1. Clear the photos on your device saving them to your Mac/PC and then reload them using iTunes.  

See the reference below to link to the Apple Discussion on the subject. 

Wednesday
Apr062011

Condition Remains GREEN

Researches have released a Proof of Concept (POC) which exploits a standard in IPv6's Stateless Address Auto Configuration (SLAAC) which allows host to find each other on a network. The POC demonstrates using an unauthorized access point within your network along with flaws in the implementation in various operating systems will result in routing traffic over the IPv6 network. This is due to the fact most operating systems will choose the newer protocol over the older. This creates a IPv6 network within your IPv4 network allowing an attacker to listen in over the wire.

We think that a rouge wireless access point or an adoc-hoc v host would be the most cost affective way to exploit this vulnerability. 

To mitigate this type of attack we recommend the following:

  • If you are not using IPv6 then make sure to turn it off in System Preferences>Network.
  • Make sure that access to these controls are protected, do not allow users administrator rights.
  • Sent you AirPort device to Local-Link Only. 
  • If you do use IPv6 make sure to turn on the firewall on your Airport Extreme.
  • Disable IPv6 on another devices on your network if you do not use it.
  • Block IPv6 at the boarder.

IPv6 is coming but we expect the shift to be very slow. For the foreseeable future we expect IPv4 and IPv6 to coexist. This will create a host of management failures resulting into these kinds of vulnerabilities.