Busy times, crazy life.

It's been a really busy week or two so I haven't had time to write much. I realize that it's only common sense, but I still find it amusing that I have the least time to write about what's going on when the most is happening. Funny, how that happens. Anyway, once the opportunity presents itself I like sitting down to make an attempt at describing everything that's been happening. I've mostly been posting hit and run messages to Twitter lately (like everybody else on the planet these days) because I can do that without looking up from everything else …

Read more...

Just when you thought it was safe to route packets...

One of the most arcane yet commonly encountered pieces of equipment on the Net today are routers - devices (usually big, expensive devices) that look at the destination IP addresses of each packet they see and decide which port to throw them out of to help them on their way. Usually you don't see them up close because they tend to live in data centers or wiring closets (for smaller shops) in racks, safely locked away. While there are a couple of manufacturers out there who specialize in them, for people in the know the first thing they think of when …

Read more...

MBR infecting rootkits: All the old things are new again.

It seems as if malware evolves just as fast as biological diseases anymore. Earlier this year, it was made public that batches of flu vaccine were probably ineffective against this year's upper respiratory plague that I've complained about more than enough lately (my apologies to house Laurelinde, though - Lyssa and I will bring over something tasty soon for you). Around the same time, a new strain of rootkit called Mebroot hit the Net that infects the Master Boot Record of boxen it's installed into. It compromises the machine below the level of the operating system because executable code referenced by …

Read more...

Two heads-up posts from the infosec world that could hit close to home.

First off, someone's created a trojan horse program that affects unlocked Apple iPhones. By definition, you can't install anything on an iPhone unless you crack it, so the impact of this is potentially smaller than it could be. At any rate, it pretends to be a patch for v1.1.3 of the iPhone firmware. It doesn't do anything until you try to uninstall it (because it doesn't look like it does anything), at which time it will take any copies of OpenSSH and Erica's Utilities with it when it goes. While the original website that offered this utility is …

Read more...