TCLP 2007-04-15 News (Comment Line 360-252-7284)

This episode is news cast number 93.

Yet another reminder to make your travel arrangements for BaltiCon 41.

Security alerts this week include a severe and exploitable flaw in Microsoft’s DNS server and a flaw in a Linux WiFi driver though it may only be exploitable for a DoS rather than total pwnage.

In the news this week Debian r4, Etch, was released, IBM releases Identity Mixer as part of their identity framework (there’s an existing browser extension but I’ll stick with Sxipper for now), AFP and Google settle though no one knows the terms so we cannot gauge the effect on copyright, and debunking the myth of the superhacker.

This week I follow up on a second AACS crack despite last week’s patches and BT at least feels more bandwidth is more cost effective than breaking network neutrality.

Download the show directly. Grab the detailed show notes with time offsets and additional links either as PDF or OPML.

Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

3 Replies to “TCLP 2007-04-15 News (Comment Line 360-252-7284)”

  1. Just a nag – the link to the DNS story on The Register is ‘good’ in the website but 404s from the linky thing embedded in the podcast.

    Why does a DNS server have an RPC service? I don’t know but likely because it’s easier to turn on the bells and whistles than to install a bare-bones operating service.

  2. Thanks, Brian. I will take a look at the audio project file, correct the link and report the enhanced file.

    Easy. Simple. The counter intuition is for the typical users’ definitions of these terms, software engineers have to add more. More complexity. More services and components. The more functions a single piece of software has, the more points of attack.

    This was a point that Marcus Ranum made in the interview I conducted with him recently. (If I can get the audio cleaned up enough, it will go up soon. There is some very bad line hum, he’s out in the country, so we may have to re-record.)

Leave a Reply

Your email address will not be published. Required fields are marked *