Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “Local Discovers iTunes ID & Password Disclosure on Apple TV”, 2) “Free Intro to Linux Course”, and 1) “US Gives Up Control of DNS Root Zone”. If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference.
A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered remote-access.
Free Intro to Linux Course: Massive Open Online Courses (MOOC) are all the rage these days and here is a chance to pick up a free Linux course. Normally priced at $2,400, the Linux Foundation is offering their “Introduction to Linux” course this summer at no cost. You can choose to just listen in and audit the course or fully enroll and get a certificate. I work with a lot of analysts these days and find that those with some basic Linux skills put them a cut above most of their peers. My advice for those looking to further their career in this area … DO IT. (continued here)
Local Discovers iTunes ID & Password Disclosure on Apple TV: Local David “@DarthNull” Schuetz continues to make the headlines in all things Apple. Before it was the discovery of the source of the UDID leak (a.k.a., BlueToadGate); now he has found a password disclosure flaw in recent firmware versions for the Apple TV. It all started with David trying to hack back the “Add Site” feature Apple recently restricted. He tried several unsuccessful techniques but then came across the newer Touch Setup capability. In investigating this feature David found his iTunes ID and password written in clear text to the logs. See the story from CSO Online below but be sure to check out the full details on the Intrepidus Group blog and view the report on Full Disclosure. (continued here)
Graduation Day for MACH37 Companies: We’ve covered MACH37 before, the local security startup incubator. Well last week they announced graduation day for a number of companies they have been working with. (continued here)
US Gives Up Control of DNS Root Zone: Out of no where Friday night the National Telecommunications and Information Administration (NTIA) announced its intention to give up its final function of controlling the Internet … DNS. Specifically, the NTIA, part of the US Department of Commerce, plans to release control of the authoritative root zone file that contains the name and IP address mappings for the top level domain names (e.g., .com, .org, and .net). This undertaking completes the US government’s policy put forth in the late ’90s of transitioning control of the Internet to the global community. (continued here)
Hope everyone had a wonderful week! Have a great weekend!