Tech News Blog
4.20.05
Sober Worm Returnth
Maybe it was never really gone, but according to security experts, the Sober worm is making a return visit and this time the crackers are after the e-mail addresses of all your friends. The subject line includes the following: "I've got your e-mail on my account". Check out the following article for more information:
Sober worm makes a comeback
Mass-mailing pest is spreading again, harvesting e-mail addresses for spammers, security companies have warned. [CNET News.com - Security]

Getting Scrubbed Ain't Easy
CNET is running a story about the difficulties of scrubbing a hard drive before disposal. If you're considering dumping an old hard drive, read this item first:
Skeletons on your hard drive
It's a tough task to clean every scrap of information--including sensitive data--off discarded PC drives, experts say.

In This Corner: AOL Takes on Phishing Sites
Stepping up to the plate in the battle to stem phishing attempts, AOL will begin to identify and block web sites that are created by crackers to extract you secure information. PC World has this on the subject:
AOL Fights Phishing
Internet giant begins a campaign to identify and block fraudulent Web sites. [PCWorld.com - Latest News Stories]

Apple Has Another Update
Apple released another update on Tuesday, this one to patch a glitch with iSync. For more information on this issue click on the following story:
About Security Update 2005-004
Release date: Tue, 19 Apr 2005 17:35:20 -0500 [Apple Computer Top Mac OS X Documents]
Apple releases Security Update 2005-004
Hot on the heels of Mac OS X 10.3.9, Apple has released Security Update 2005-004, which fixes buffer overflow in iSync could lead to local privilege escalation. Apple's description reads [MacFixIt]

Next PeoplesChoice Could Be the IRS
According to a report from Reuters, the Internal Revenue Service has a database ripe for the picking and millions of American tax payers might be at risk if the holes aren't plugged soon:
IRS Flaws Expose Taxpayers to Snooping, Study Finds
WASHINGTON (Reuters) - Computer-security flaws at the U.S. tax-collection agency expose millions of taxpayers to potential identity theft or illegal police snooping, according to a congressional report released on Monday. [Reuters: Technology]

Flaw in Netscape
Secunia is warning Netscape 7.x users of two bugs graded ‘ßmoderately critical’ that can allow crackers to remotely control your PC. The solution according to Secunia is: “Disable JavaScript support and do not install untrusted search plugins.”

Open Source Updates
Open source users have the following updates available according to Secunia: Fedora, SuSE, Red Hat (1, 2), Gentoo (1,), and Debian (1, 2).

Tip of the Day From Multiple Platforms.com: Helpful Web Sites
Today our tip is a link to Consumer.gov/, a web site devoted to helping the consumers in the United States find details on all things that are consumer related; this site is a virtual clearing house of links for the consumer.

What is Consumer.gov?
According to the Consumer.gov web site, “FirstGov for Consumers -- is a "one-stop" link to a broad range of federal information resources available online. It is designed so that you can locate information by category -- such as Food, Health, Product Safety, Your Money, and Transportation. Each category has subcategories to direct you to areas within individual federal web sites containing related information.”

Tech News Blog
4.19.05
Screen Saver Fans Rejoice: Podcast of The Gang is Back
If you were a fan of the old Screen Savers, you are going to be glad to hear that a podcast of the gang will be available weekly. Leo Laporte, Patrick Norton, Kevin Rose, and the lab master Robert Herron are starting a program to judge interest and this effort may evolve into a new show available by cable or the Internet, depending upon opportunities. To download the podcast visit The Laporte Report:
The Revenge of the Bleep
It is done. The first ROTSS has been posted. Subscribe to the podcast to get it by midnight every Sunday, press the play button to the left, or download it directly.
[The Laporte Report]

Reminder: Update Firefox and Mozilla
A follow-up on our report from yesterday: make sure you update your Firefox and/or Mozilla browsers to keep your PC safe. PC World has the following regarding the update:
Security Holes Bite Firefox
Mozilla Foundation patches eight flaws, six of which also affect Mozilla suite. [PCWorld.com - Latest News Stories]

Some Problems Reported With Apple Update
MacFixIt is reporting that some Mac-heads are experiencing problems with the new update from Apple, OS X 10.3.9/. The Safari update is causing the most annoyances and MacFixIt suggests re-installing the patch issue by Apple previously for Java, I have also included a link CNET's story regarding this issue:
Java glitch hits OS X update
Recent update causes Java-related headaches for some Mac owners, Apple has acknowledged. [CNET News.com]
Mac OS X 10.3.9 (#3): Fixes for Safari crashes, slow performance; Multiple user account issues, solutions; more
Safari 1.3 Re-applying Security Update 2005-002 for launch problems, crashes Two workarounds have been most consistently able to solve major problems (for som [MacFixIt]

Speed Up to Safari
Caution: Read the item above before jumping on this next story. According to MacMinute, the speed of Safari is greatly improved with the latest update from Apple, OS X 10.3.9. The source MacMinute quotes claims that the speed of Safari has increased by thirty-five percent:
Safari gets major performance boost, other improvements
While undocumented in the release notes, last week's Mac OS X 10.3.9 update includes a new version of Safari that brings substantially improved page load times... [MacMinute]

Open Source Updates
Secunia has announced the following bulletins open source systems: Gentoo (1, 2), Debian, Mandrake, Fedora (1, 2), SuSE, and Sun Solaris.

Tip of the Day from Multiple Platforms.com
Another web site today that provides useful information for a variety of products is the Consumer Information Center a part of the FCIC (see below for definition); they even have a section for computers with a free tip on online security.

What is the FCIC?
The Federal Citizen Information Center provides this definition for FCIC, “
For over 30 years, the Federal Citizen Information Center (FCIC) has been a trusted one-stop source for answers to questions about consumer problems and government services. Consumers can get the information they need in three ways: by calling toll-free 1 (800) FED-INFO, through printed publications, or through information posted on FCIC’s family of websites: www.firstgov.gov;
www.pueblo.gsa.gov; www.kids.gov; www.consumeraction.gov/.

Tech News Blog
4.18.05
Secunia Warns of 'Highly Critical' Flaw in Mozilla/Firefox
Secunia has released security bulletins graded 'Highly Critical' for the popular Mozilla family of browsers, Firefox and Mozilla (0.x to 1.7.x). The solution for both issues involves updating your browser to the latest version. I also included a story from eWeek regarding the latest versions of both browsers from Mozilla:
New Firefox, Mozilla Versions Plug Critical Security Holes
Third critical security update in less than two months fixes nine bugs in Firefox. [eWEEK Technology News]
Mozilla Multiple Vulnerabilities
Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system. [Secunia - Latest Secunia Security Advisories]
Mozilla Firefox Multiple Vulnerabilities
Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system. [Secunia - Latest Secunia Security Advisories]

Microsoft Will Bombard Airwaves
If you think that advertisement for political contests starts prematurely, then you will love Microsoft’s new ad campaign that will celebrate the 20th anniversary of Windows 15 months early:
Microsoft plans massive Windows ad campaign
Advertising campaign will last for 15 months as Microsoft gears up for 20th anniversary of Windows. [CNET News.com]

Apple Releases One More Patch
Apple has released an update for their Panther operating system, OS X 10.3.9 and as usual, you might want to wait five to seven days before installing this fix from Apple. To help you learn more about this issue, I have included headlines and links to the following stories:
About the security content of the Mac OS X 10.3.9 Update
Release date: Fri, 15 Apr 2005 18:18:16 -0500 [Apple Computer Top Mac OS X Documents]
Mac OS X 10.3.9 (#3): Fixes for Safari crashes, slow performance; Multiple user account issues, solutions; Third-party applicati
Safari 1.3 Re-applying Security Update 2005-002 for launch problems, crashes Two workarounds have been most consistently able to solve major problems (for som [MacFixIt]
Mac OS X Security Update Fixes Multiple Vulnerabilities
Apple has issued an update for Mac OS X, which fixes various vulnerabilities. [Secunia - Latest Secunia Security Advisories]

Open Source Updates
Secunia released the following bulletins for open source users: Gentoo (1, 2), Debian (1, 2), and SuSE.

Tip of the Day from Multiple Platforms.com: Helpful Web Sites
Last week the link Multiple Platforms provided for the Internal Revenue Service was a popular click-through and served as inspiration for this weeks tips from Multiple Platforms.com/, helpful web sites for you; today we feature a link to the United States Product Safety Commission. This web site lists products that are the subject of recent recalls and provides links to many useful sites with safety associated themes.

What is the CSPC?
According to Wikipedia, “The Consumer Product Safety Commission (CPSC) is an independent agency of the U.S. federal government created in 1972 to protect “against unreasonable risks of injuries associated with consumer products”. As of 2004 its chairman is Hal Stratton.

The CSPC has the authority to regulate the sale and manufacture of most consumer products, with the exception of those regulated by other agencies such as the Food and Drug Administration (FDA) or the National Highway Traffic Safety Administration (NHTSA).”