Recently in General Category

So Donna thinks that PC World is a victim of DNS Cache Poisoning.

What is the attack here? pcworld.com DNS resolves to 70.42.185.10 which according to an IPWHOIS is their IP address.

So what if removespyware.ru resolves to the same address. Unless they can modify the routing, I dont see what they've accomplished other than getting Donna to add the IP the Outpost firewall blacklist while invoking the name Dan Kaminsky.

If a site "malware.r.us" has a reputation for serving malware, and they change their DNS to resolve that URL to my website, why should my website be blocked. The biggest security problem here is the denial of service instigated by the Outpost personal firewall against a innocent website.

I guess when you're looking for a DNS cache poisoning attack, everything looks like a DNS cache poisoning attack.

I've seen more than a handful of snarky posts linking results from http://www.doxpara.com's DNS tester and complaining that their ISP is still vulnerable to DNS attack mere days after the patches were released.

The Verizon Business Security Blog has some good comments and reports they have recommended to their customers to patch within 30 days.

No not this one. I'm just falling into the classic blog trap of making a cutsey title rather than a descriptive one.

I've been thinking a bit about birthdates and identity theft. What is it they're going to do with my birthdate? I don't know but apparently I'm supposed to be afraid of anyone having data about me (watch out for Google) even if the data isn't personally identifying.

Sophos reported yesterday a bugin a beta version of Facebook (since fixed) . It would display the date of birth even when it was marked as private.

You've all heard of the "trade your password for a chocolate bar" test. Apparently many people are failing the "trade your date of birth for a scoup of ice cream at Baskin Robins" test.

I guess I'd rather have my friends wish me happy birthday on the right day. I'd rather not have to remember which day my fake birthday is so I can get my free scoup of ice cream. I'd rather not get busted for phony documents because I need a ID with my fake birthday on it to get a free meal (the the purchase of a second meal) at Texas de Brazil (coupon required).

Firefox 2.0.16 and 3.0.1 is out to fix the following security vulnerabilities.

MFSA 2008-35 Command-line URLs launch multiple tabs when Firefox not running
MFSA 2008-34 Remote code execution by overflowing CSS reference counter

UPDATE - looks like 3.0.1 isn't out just yet. Keep your eyes open for it. http://www.mozilla.org/security/known-vulnerabilities/firefox30.html

Secunia PSI has been alerting on a vulnerable version of zlib.dll in many of my applications on my home computer. In a security writeup from July 2005, Secunia reports

a vulnerability in zlib, which can be exploited by malicious people to cause a DoS (Denial of Service) against a vulnerable application.

The vulnerability has been reported in version 1.2.2. Prior versions may also be affected

This doesn't bother me so much when it is detected in old versions of Taxcut installed on the computer, but when it is reported in Wireshark 1.0.1 (not sure if this is fixed in Wireshark 1.0.2) and the latest version of iTunes, I wonder what the deal is.

UPDATE - See the comments, this is actually fixed in Wireshark in spite of the Secunia detection.

I renamed the old dll and replaced it with the latest version from http://www.zlib.net/. Secunia is happy, and it didn't seem to cause any issues with the applications.