SecuraBit before it Bytes

We’re working with new software this time around, yeah sorry to bring you all aboard the beta failbus, but we’ll get it out to you as soon as we can.  It’s probably one of our best episodes content-wise.

-Peace

Interesting security news for 08/29/08:

White House Imposes New Security Mandate for Federal Agencies (Washington Post) - All government agencies will be required to implement DNSSEC by January 2009.

Apple to fix hole in password-protected iPhones (Cnet) - Apple announces that it will release an update in September to fix a hole that allows users to bypass the unlock screen.

Dan Kaminsky Soundboard (0×000000.com) - Can’t get enough Dan Kaminsky, now have him talk to you all the time, any time.

MIT working on network vulnerability analysis (Slashdot) - Researchers at MIT are working on detecting exploitable vulnerabilites by graphing attacks in near real time.

We’ll be streaming live somewhere around 7 or 8pm EST on Wednesday, August 27th.  Get the URL on our irc at irc.freenode.net #securabit and enjoy the craziness.

Politics is by no means our idea of entertainment when it comes to our blogs, however to see such a strong candidate pick a “technological bi-polar” candidate as the potential VP, it makes you wonder if McCain is already a winner.

Joe Biden was picked as Obama’s VP candidate if they are to take the White House this upcoming election. Apparently his views towards net neutrality, the RIAA, and anti-encryption are a little skewed over the past few years. I’m sure the EFF doesn’t think too highly of him either. Although he may have experience in foreign policy, how does that protect our rights here in the U.S. as he was a key player when it came to the Patriot Act amongst many other laws that passed through the Senate. Follow the links below to make your own assumption of our potential Vice President.

Yahoo News

Gizmodo write-up

As announced on a Fedora mailing list, some Fedora servers were illegally accessed and “a small number of OpenSSH packages” were singed by the intruder. The servers were taken offline quickly after the breach was discovered.

As a security precaution, Red Hat has changed the signing keys for Fedora, updated OpenSSH packages and also issued OpenSSH blacklist scripts that allow admins to check to see if any of the affected packages are installed on their systems.

If you are running any Fedora or Red Hat systems, you might want to check them out just to be safe.