Shell Shock, Take a Pause

After reviewing the depth of the shell shock vulnerability experts seem to be taking a step back to come up with a more considered plan. As mentioned in yesterday’s blog the problem appears to be deeper than it originally appeared and may require more than just a fix of the problem program named bash. It may require changes by IT staff across the globe to change programs or test programs with a substitute program for bash. Researches are now divided on how sever this problem is. From my own research I see that a good portion of what was originally thought to be a problem are not a...

read more

Shell Shocked Apology

In the previous blog I brought up the specter of our printers and other devices being affected by the Shell Shock vulnerability in the Bash program. This is on the alarmist side and I apologize for my over zealousness. While it is a possible threat most devices will probably use one of the smaller cousins of Bash. Worse Than We Thought The problem in Bash while deeper and worse than we in the IT industry at first suspected the dangers do not increase for the regular computer user. The problems just make it harder for us to fix. There have been three fixes in the last two days. These we have...

read more

Shell Shocked (Printer?)

The popular press is reporting on the recently discovered vulnerability in many of the Internet’s servers. While not a virus (it can’t spread from machine to machine) it can infect Macs and Linux computers. It does NOT infect Windows computers. However many of the places you go on the web can be compromised and thus what you put into those sites can be at risk. How Big Is The Threat Web servers are computers that take request from you via the Internet and return you the web page you ask for. The software that does this are from various groups. When you get a web page you have...

read more

Bleeding Heart

By now many of you have heard of the Heart Bleed security problem on the Internet. This is not a problem on user’s computers but on servers that run “secure” Internet and email sites. It doesn’t matter if you are running Mac or Windows. All systems are vulnerable. Do you have to do anything? Yes. WHEN your email or the secure website says it’s fixed, then you can change your passwords. (System administrators may want to get new security certificates.) Also if you have what is called two factor authentications you may want to reset that too. Two factor authentication is usually...

read more