|
 |
Tuesday, July 9, 2002 |
The media's all abuzz about a security problem in Apple's Software Update, which is susceptible to a DNS spoof attack. While this is admittedly a problem, I have to say that I don't really think it's a big deal. If someone's spoofing DNS on your network they can trick you into doing more or less anything, so the fact that they can do it via Software Update isn't really impressive.
Should Apple fix it? Sure. They just have to sign their downloads and they'll never have to hear about it again. But I'd much rather see them focus on changing password files to not be world-readable first. I'm surprised that hole hasn't received far more attention than the DNS spoofing problem. [Eric's Weblog]
10:05:27 AM 
|
|
© Copyright 2002 Stephen C. Johnson.
|
|
 |
 |
 |
 |
| July 2002 |
| Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
| |
1 |
2 |
3 |
4 |
5 |
6 |
| 7 |
8 |
9 |
10 |
11 |
12 |
13 |
| 14 |
15 |
16 |
17 |
18 |
19 |
20 |
| 21 |
22 |
23 |
24 |
25 |
26 |
27 |
| 28 |
29 |
30 |
31 |
|
|
|
| Jun Aug |
|
 |
 |
 |
 |
|
