Here’s an interesting attack vector: get your mark to listen to music to hack them.  Sounds silly?  Well it isn’t.

Apple just recently fixed this “binary planting” vulnerability in their iTunes for Windows application.  A remote attacker merely has to plant a malicious DLL using a specific name in the same network share as a media file and as soon as someone comes along to listen to that media file, BAM!  iTunes would load that laced DLL to play the music and execute goodness only knows what evil.

Many sysadmins are sighing with a bit of relief as this attack vector does require a network share to pull off, which is not something they intend to allow hackers to do this on their networks.  But, need I remind you of the Web Client service, enabled by default, with features like WebDAV, which allows remote network shares, as in internet-based, as in not safely behind  your intranet?

Fortunately, besides disabling these features, you also have options like  firewalls to stop the evil WebDAV and likewise outbound traffic.

Also of good news is that Apple has fixed this security hole in iTunes.

But!

Was iTunes the only hole needing to be patched?  Not according to H.D. Moore of Metasploit, who says that about 40 applications are exploitable in Windows because of the way in which Windows loads “safe” file types from network locations.  A problem which affects not only the older and less-secure Windows XP, but even Windows Vista and Windows 7.

So be warned.  Be wary.  And secure those PCs please.

If you think surfing the internet is a scary thing to do, what with so many malicious websites out there ready to infect your computer (or smartphone) then try being a website owner.

Network Solutions, Happily Providing Website Owners With Malware Since…

Take, for example, anyone running a website hosted by Network Solutions.  Turns out that one of their widgets, there to make your website construction easier, was actually infected with malware!

What’s worse, Network Solutions is neither apologizing for infecting your websites, nor even saying how their widget got infected in the first place.  They just tell you to delete it.  Oh.  How informative.  How helpful.

Initial reports based on Google and Yahoo searches estimate anywhere between half a million and five million domains may have been infected.  Network Solutions, of course, denies any such numbers as being so high, but as of yet has failed to provide its own numbers to back that up.

SQL Vs. Apple … And A Whole Lot Of Others

An SQL attack has hit approximately half a million legitimate webpages with database commands that attempt to hide malware exploit links into the webpage code.  Of those infected is included the ever famous Apple, who’s iTunes podcast promotion pages were identified as hit.  Fortunately Apple was quick to clean up their infections.

Plenty of other websites have been hacked by this SQL vuln as well, obviously.  The continued SQL database injection attacks are frequently changing enough that tjey jave yet to be stopped.

Adobe – Chilly Towards A Hot ColdFusion Vuln

Adobe’s ColdFusion application server saw a recent update to patch a security hole that it labeled as “important”. But just how important was patching this exploit?  Well a number of researchers now claim that it should have been labeled “critical” because the vuln could actually let hackers seize control of servers in a “full system compromise”.  It not only allows someone to manipulate the system files, but to also upload scripts and even mess around with the database natively.  As holes go, it really doesn’t get worse than that.

Fortunately, Adobe did patch the hole.  But downplaying the importance of the vulnerability may lead to less people upgrading to the fix as they should.

Disney – Sued For Spying On Your Kids?

Walt Disney’s internet subsidiary, Walt Disney Internet Group, and several partners such as Clearspring Technologies and Warner Bros. Records, are being sued in the US District Court of Los Angeles for allegedly using Adobe Flash Player cookies to track highly personal information about users, the majority of whom are minors.  The Locally Shared Objects (LSOs) otherwise known as Flash Cookies, have supposedly been gathering detailed user information over long periods of time since at least 2007, in ways that, are claimed, violate the sites’ privacy policies.   These LSOs were left behind, and used to respawn deleted browser cookies, becoming “zombie cookies” which allegedly were used to re-identify users to continue tracking them without warning or knowledge thereof.

False rumors have been spread that an upcoming European tour of Guns N’ Roses was canned, thanks to a bit of Twitter hacking of Axl Rose’s account.  The tweet from Axl that all was over was, of course, not really from Axl at all.  And he might have even been able to catch it and prevent the spread, had he ever been using his Twitter account instead of, well, doing anything more entertaining than tweeting.  But, alas, he actually has a life.  And so the hack went uncontested long enough for people to believe it.  It’s nice to see someone on Twitter actually busy with real life for a change.  But it’s also a good reminder that if you choose to have an online presence, maybe you should at least log in every once in a while.  Or just let it drop entirely if you’re too busy to take it seriously.

Smartphones, most of us want one.  The apps.  The ability to not just text, but email.  Music.  Camera.  There’s almost nothing that a good smartphone can’t do.

Including being a security problem.

I’ve already told you how Symbian smartphones have been turned into a mass-mailing zombie network. But let me tell you, that’s only the beginning.

Palm Pre phones are prone to a vulnerability in receiving malicious messages that can compromise them with a backdoor which can allow hackers to record and transmit audio, effectively “bugging” your Palm Pre, as well as the usual theft of stored data.

Also, Apple has only just recently patched critical security holes in its iOS.  One allowed hackers to install malicious apps on iPhones, iPads, and iPod Touches through poisoned PDF files which, by default, open automatically.

Another let attackers break out of the iOS security “sandbox” to access the root account, allowing unlimited access to the device.  This flaw, by the way, was the one used by jailbreaking software to let your iPhone be used how you want it to be used.  So don’t go thinking that this fix was entirely driven by just security over at Apple.

So there you have it, your smartphone is becoming more and more just another computer for hackers to attack.  They contain the same security risks as any Mac or PC.  Be conscious and use good security practices, even with your cute little phones, or you just might be caught unaware by a nasty ol’ hacker.

The dual boot: it’s the answer to all of life’s mysteries.  Well, okay, so maybe not all of them.  But the biggest one, of how to enjoy the security of Linux whilst still being able to use all of your Windows apps and play all of the latest games.  Because as good as Linux is, it just isn’t gaining any popularity, so most software is still in the demesne of Windows.

Well, okay, so in theory there’s also Macintosh in there somewhere.  But honestly, who cares about that?

And, again, another theoretical solution is to use virtualization, like VMware, to run one OS natively and the other on virtualized hardware from inside the native OS.  Except that’s not really the solution that it should be.  If you run Linux native and Windows virtual, it’ll work, sure, but the point of a lot of people of running Windows is to play games that Linux can’t, and even though VMware has made some great strides in graphics virtualization, now that they actually virtualize the 3D acceleration as well, there’s still a significant performance loss running on virtualized hardware.  Which rather defeats the purpose.  Who wants to play their games slowly? But the alternative, running Windows natively so that you get full performance, and virtualizing Linux, is frankly even more useless since you’ve just thrown the whole Linux security advantage out the window.  And really, what can Linux do that Windows can’t?  So then what would be the point of using Linux at all if you were going to make your base OS Windows?  You could just use Windows.

So the answer is to dual boot.  Install Linux and Windows side-by-side and choose which one you want to load at startup.  It’s supposed to be easy.  And solve all of your problems.

Except for when it isn’t, and doesn’t.

Frankly, Linux (and all things related) is really starting to piss me off.

To start with, I decided to try a distro I’ve never touched before, because I’m old school I guess: Ubuntu.  It’s cute.  It’s snazzy.  Shame it couldn’t properly recognize my RAID0 array and trashed it each and every time I tried to install it.  Having installed Windows first in the process, that meant a lot of re-installing Windows, drivers, etc.  It was a royal pain in the asterisk.

But I’m nothing if not persistent.  I switched from using my Intel Matrix RAID controller to the dinky JMicron one that I don’t trust worth a darn, and voila, Ubuntu stops trying to access the component drives separately and treats the RAID0 array as a single disk.  Windows, mind you, had no problem properly using either.

That settled, move on in time.  To a procedure I’d put off perhaps a little too long: making my first backup.

Here’s a freaking rant in and of itself.  Windows Backup in Windows 7 can’t be used because the Linux bootloader partition used by GRUB I stupidly partitioned and formatted for Linux.  You might think “duh” there, as what else would you do?  Well Windows 7 has a stupid shadow copy technique used when backing up drives.  This is poorly programmed, and requires so much free space on each partition.  And yes, you guessed it, Windows both is smart enough to recognize that it needs to backup that bootloader partition, but too dumb to know how to read any Linux-formatted partitions.  So unless you were smart enough to make that bootloader a FAT32 or NTFS format, Windows Backup fails each and every time because it can’t shadow the bootloader partition.  Never mind that you could have literal terabytes of space free on your drive.  The shadow has to be on the partition being copied, and if the partition format can’t be read by Windows, you’re SOL.  And, in fact, I can’t even be sure that making that partition Windows-readable will fix this Windows Backup woe, because I have yet to try it.  It’s only a theory that it might make Windows Backup usable on a dual-boot box.

But honestly, it’s no big deal.  That’s okay, because Windows Backup is a PoS anyway.  There’s so much better software out there, right?  Comodo, for example, is free and does a much better job.  I would have just used my old copy of Norton Ghost, like I have on so many Windows XP boxes past, but it’s not compatible with Windows 7.  Oh, sure, some newer version is, but I’m not going to stump-up cash for that if there’s a free alternative that meets my needs.  And besides, I don’t want to just back up my Windows partitions anyway.  We’re talking dual boot.  We’re talking Windows and Linux living side-by-side.  So a Windows-only backup would be darn stupid anyway.  Just as a Linux-only backup would be.

So let’s try bringing in something truly multiplatform, that can read NTFS and Linux formats equally well, and will respect the whole of the hard drive, the master boot record, the partitions, everything exactly as they are.  Why not try something like Partimage Is Not Ghost (PING) then.

And then watch during a routine backup as PING totally destroys the Windows partition so badly that no Windows or Linux tool can restore it without reformatting the whole NTFS partition Windows used to be using before it was slaughtered by bad programming and heavy Linux hands.

Honestly.  Can anyone tell me why anyone would think a typical Windows user would, at this point, having had his Windows install raped and slaughtered repeatedly by Linux, be even remotely interested in trying to use Linux at this point?  At all?  Ever?

I can’t think of a single reason.

In fact, I feel pretty damn stupid for even giving Linux this many opportunities to nuke my Windows install.

I honestly have no idea why I’m so determined to use Linux at all.  Dualboot is just not working here.  I don’t know why not.  It’s a freaking simple concept.  I know Linux works just great on its own.  And Windows, well, is Windows.  Can’t live with it, can’t live without it.  So…

…I keep on trying.

But if anyone has ever wondered why Windows users don’t switch to Linux for the better security, lower overhead, and easier access to a plethora of wonderful free software?  There you go.  It’s because of all of the bad things that Linux does, that Windows doesn’t.  Like happily deconstruct a RAID array and then write to the drives individually, destroying the array.  Or blithely nuke Windows during a routine hard drive backup, when it should only be reading from the Windows partition in the first place.  Not many Windows users would be happy to reinstall everything from scratch because “oops” we had a little bug.

I’ve decided that I really don’t like Ubuntu though.  So maybe I’ll go back to openSUSE.  Or Fedora.

But later.  Much later.  When the seething anger has gone back down to a dull ache and I can burn a distro to DVD without wanting to throw it across the room, grind it into pulp, etc.

I really never thought I would cherish anything Microsoftian this much.  But I’m about damn ready to mount my Windows 7 disk on a wall.  With those holograms, it’s even kind of shiny…

TippingPoint has long been a proponent of information technology security, especially known for its Zero Day Initiative bug-hunt rewards program in which security researchers can earn thousands of dollars by revealing new vulnerabilities to TippingPoint, who in turns contacts the faulted software developers to get them to patch the holes in their code.

But a recent perusal in the ZDI database for high-risk vulns still sitting unpatched after more than a year after disclosure has grated on some nerves.  Some of those privately disclosed security holes have even gone as many as three years without being fixed by their respective software vendors.  And that’s just no good.

TippingPoint had been trying to be responsible, keeping the disclosure of the bugs private, giving their creators time to fix them to keep everyone safe without going full disclosure and letting the hackers also know of these vulnerabilities.  But after seeing too many software companies sit upon their laurels and do nothing about their holes, TippingPoint has had enough.

The new ZDI police will still be to privately contact software companies, but to only give them six months of privacy to correct their flaws.  After that six months, if no extension is agreed upon, TippingPoint will turn around and give full disclosure of the bug to the world at large, giving third parties an opportunity to fix the holes that a software vendor refused to act upon.

While many proponents (including myself) laud this tough-on-bugs approach, opposition to the “full disclosure” method (such as Microsoft, of course, inventors of security through obfuscation) argue that set timescales don’t work because some bugs take longer to fix and test than others, and that hackers can also use the disclosed information to make their job of getting into your computer easier.

And these are valid points.  But then, that’s probably why TippingPoint in fact has a method in place to file for an extension to that six month timeline.  TippingPoint seems to make it clear that if Microsoft can make a convincing argument on why they can’t fix their security hole in a mere six months, TippingPoint will be more than happy to extend that timeline to give them all of the privacy they need.

Meanwhile, there’s the other end of the spectrum.  Recently Google has expressed a policy similar to this new one from TippingPoint, but with a mere 60 days, just two months, of privacy, a much tougher deadline to meet.