Incidents.org has been running their security tip a day this month and I really liked this one. It’s essentially a way to encrypt your wireless traffic using ssh. That’s something I’ve covered here before, but it’s worth reminding that it’s possible and a good idea.
Month: August 2006
-
Mythtv based hardware available from monolith
The title really says most all, it looks like you can get a preconfigured mythtv box starting at $695. Prebuilt, preconfigured no muss/no fuss. (No subscription fees like the tivo’s…)
-
MS patch problems
Sans has updated their chart that illustrates Microsoft’s August patches. They’ve updated it to give information about the problems that have been reported with now 2 of this months patches (MS06-040 and MS06-042) as well as what fixes are available.
-
Is the firmware current?
The other day I was struggling with something that should have worked “out of the box”. It was a little wireless bridge (Linksys WET54G Wireless-G Ethernet Bridge). The idea was to just connect it to the pc and it would just work. Well…. in a word NO. It “sort of worked”, the problem is the pc didn’t receive the dhcp address, so I had to manually set it. I didn’t know the correct gateway information (should it be the bridged device ip or the REAL gateway.) At one point I got dns lookups working, but routing to the internet was not working, then the access point got pulled off a shelf and EVERYTHING stopped working. Checking in on the bridge would show it was just cycling through the WPA handshake process over and over and over.
-
Helixplayer to include Windows media file viewer
WMV and WMA file formats (Windows Media Video and Windows Media Audio) have been one of those sore spots for desktop linux. Yes, I KNOW mplayer and other players can handle them. (If the codecs are installed.) (and wine can run media player) But, there have been licensing issues there. The fact is, distributions that are strict about their “open source only” policy have a situation where those formats don’t work out of the box. That appears as though it will change soon as Real Networks includes open source codecs for those formats in it’s Helixplayer. DRM (Digital Rights Management) will not be supported in the helixplayer project.
-
Google Coupons and improving Picasa
There are a couple of stories on the “Google front” today. First up Coupons tied into Google location searching (maps.) More details at the Adwords blog. (BTW, this is open to US businesses, an Adwords account is not a requirement.) It looks like they’ll put up printable coupons for businesses. There seem to be quite a few possibilities for extending this idea. (More coverage here.) The next item puts to rest a rumor from some time back. It seems as though at one point in time, Google was interested in Riya, who specializes in image recognition (hey – that’s Bob in that picture.)
-
Real time Global strategy game using Google Maps?
Some time back, there was a Risk clone using Google maps which was interesting, but taken offline due to a legal letter. Well, I have had a long interest in strategy games…. (Risk/Axis&Allies and variants as well as the civilization/freeciv variety and Age of Empires/etc….) Anyway… saw this last week… Online strategy game using Google Maps. Upon visiting, I found out the site has moved under heavy load to a new location…. Here’s the new site gmworldwar.com. I don’t know, I’m not terribly eager to strategize world war right now – it seems a bit too much like reality seem to be shaping up for right now… Anyway – it’s called Endgame and uses Google Maps as the back end. It’s currently limited to beta testers due to high demand so, the general public will have to wait.
-
Squirrelmail 1.4.8
Security Update to a previously announced vulnerability.
-
Other MS patch news as well as a Yahoo vulnerability?
Or lack of currently available patch as the case may be. From the previous link it appears that there was at least one previously announced vulnerability that was not addressed in the recent patch day from Microsoft. From MS…
“this is a DoS only issue that was not addressed in MS06-040, but will be addressed in a bulletin.”
Not timeline yet on when… There are also public exploits out for (possibly related to MS06-046) which is related to the MS Help system.
-
MS06-040 update
MS06-040 is one of last weeks Windows updates and is the one that was probably the biggest target for “wormable” activity. There’s a good deal of news from over the weekend with regards to this. First: Snort signatures, the MS06-040 exploit was spotted actively “in the wild”, and of course, our perennial friends in the spamming world didn’t waste much time in making use of this one.