TechMiso

Jeremiah Grossman has uncovered a fatal privacy flaw in Apple’s Safari Web Browser v4 and v5 which allows a malicious web site to surreptitiously extract data automatically filled Jeremiah Grossman by way of the “AutoFill” functionality.

All a malicious website would have to do to surreptitiously extract Address Book card data from Safari is dynamically create form text fields with the aforementioned names, probably invisibly, and then simulate A-Z keystroke events using JavaScript. When data is populated, that is AutoFill’ed, it can be accessed and sent to the attacker.

There is currently no fix available for this vulnerability. Until Apple does release a security update addressing this exploit, immediately turn off the AutoFill feature in Safari. Either that or modify your Address Book Card to something with innocuous data.

On a side note, according to Grossman he informed Apple over a month ago about the exploit but has yet to receive a response. No surprise there – Apple is renown for not responding to such submissions. This is not to say they will not provide a response, but rather to keep the issue on the down-low, which is really how Apple rolls when it comes to flaws with their products.

A recently discovered flaw with Windows shortcut LNK files is being exploited by installing malicious software which is then used to gain administrator level access by esoterically installing a rootkit.

Microsoft has already warned users, in the Microsoft Security Advisory (2286198), that hackers are exploiting an unpatched Windows vulnerability within the Windows Shell component where Windows incorrectly parses shortcuts. Since the warning, Microsoft has reconfirmed what researchers discovered this exploitation to be an issue with shortcut (.LNK) files. The vulnerability is apt to allow malicious code to be executed most likely through removable drives. When executed, the malware includes a Trojan horse which can implement attack code that downloads a rootkit and then remain undetected while running.

Several version of Windows are affected by the Shortcut flaw including Windows 7 and the now-unsupported Windows XP SP2 (Service Pack 2 – As of July 13, 2010 Microsoft no longer provides security updates or support for Windows XP SP2). Researchers have noticed that the related Shortcut flaw malware is mostly from an infected USB drive.

There is a strong chance anti-virus software would not have caught this malware, mainly because it is a 0day but also because it is becoming exceedingly difficult to adequately detect rootkit installations. There is strong evidence suggesting the attackers will take advantage of this vulnerability to spread malware through Windows XP SP2 installations since Microsoft is opting not to offer a patch for that version of the operating system. A lot of SP2 installs are floating around the internets, for some reason completing ignoring the fact that Microsoft released XP SP3 well over 18 months ago.

The Washington Post has a fascinating expose of the post-911 government after concluding an interesting two-year investigative journalism project.

To ensure that the country’s most sensitive duties are carried out only by people loyal above all to the nation’s interest, federal rules say contractors may not perform what are called “inherently government functions.” But they do, all the time and in every intelligence and counterterrorism agency, according to a two-year investigation by The Washington Post.

What started as a temporary fix in response to the terrorist attacks has turned into a dependency that calls into question whether the federal workforce includes too many people obligated to shareholders rather than the public interest — and whether the government is still in control of its most sensitive activities. In interviews last week, both Defense Secretary Robert M. Gates and CIA Director Leon Panetta said they agreed with such concerns.

The Post investigation uncovered what amounts to an alternative geography of the United States, a Top Secret America created since 9/11 that is hidden from public view, lacking in thorough oversight and so unwieldy that its effectiveness is impossible to determine.

I have not read through even a small percentage of the content available online so formulating an opinion on the subject matter is going to take some time. However, I have direct experience where contractors regularly act on behalf of the US government even though doing so is against the law. In most cases this is not malicious, but because the job has to get done and sometimes “acting on behalf of the US government” is so subjective that the answer could be debated for years.

Nonetheless, the Washington Post should be commended for the exceptional amount of time it took to amass all the data they have compiled and placed online for public consumption. This is the type of journalism we need, whereby the press performs those much needed checks against what our government is doing on a daily basis. These expose’s are an important part of democracy and will only serve to make America stronger in the longrun.

In what has got to be one of the wackiest technology related stories I have read in quite some time, Wired’s Threat Level is reporting that kids across the United States are getting high on the internet thanks to so-called ecstasy-inducing MP3 files:

Kids around the country are getting high on the internet, thanks to MP3s that induce a state of ecstasy. And it could be a gateway drug leading teens to real-world narcotics.

At least, that’s what Oklahoma News 9 is reporting about a phenomenon called “i-dosing,” which involves finding an online dealer who can hook you up with “digital drugs” that get you high through your headphones.

Oddly enough, an Oklahoma school is taking this whack-ass threat seriously. They ended up sending out letters to parents to warn of this supposed new “drug” making its rounds on the internets. A side effect of this is the school has now banned iPods on school grounds to hopefully prevent students from becoming “cyber-drug” fiends. Seriously.

For the life of me I can not believe this is serious. No matter how much these digital drug dealers try, I can not fathom how this would even work to create some crack-like state of ecstasy. This whole idea is ridiculous.

Now I’ve listened to some MP3 music which made me want throw my laptop out of a fourth story window because the music was absolutely horrifyingly bad. I’ve listened to other highly intense music which made me feel all tingly inside.

But never have I listened to an MP3 which made me high, as if I had just gotten baked off some of the good stuff. Never. Ever.

The article is worth a read, if for no other reason than the amusement factor. Maybe it was meant to be taken in stride, maybe it is completely serious. Whatever the case, it sounds like there are some morons out there “educating” our students about things that do not yet exist.

The lesson in all this: keep your kids away from the Oklahoma Mustang Public School district because they will surely not be receiving a quality education from idiotic teachers like those who believe one can get high off an MP3 file.

According to Jim Dalrymple Apple will be holding a press conference this coming Friday to discuss the iPhone 4, presumably to chat about the recent antenna and reception issues:

Apple on Wednesday invited select press to a special press conference to be held this Friday in California.

Apple would only say that the press conference would be regarding the iPhone 4. No other information was available when I spoke with them tonight.

Could this possibly be the first time that Apple has held a press conference for something other than to announce a new product? One such theory by Dan Rubin is that Apple will finally announce the availability of the iPhone on Verizon. This would ultimately change the conversation to something positive – misdirection if you will – because Verizon has the most robust mobile network in the states. But what about the international people complaining about the iPhone 4 and its antenna reception issues?

Whatever happens on Friday, it should be very interesting. I imagine a lot of folks would welcome the iPhone on Verizon but I’m not buying it. However, and this is a big if – maybe this is why the white iPhone is taking so long to manufacture – because its the fabled CDMA version for Verizon?

Microsoft has caved in to the loud demands of their customers and announced Windows XP will be sticking around on the operating system scene for another ten years. Yes – ten more years with XP. Its default Playskool-like blue interface will continue to irritate more people than those who admit to enjoying the godawful GUI through 2020.

Prior to shipping Windows 7, we communicated that end-user downgrade rights provided in the software license terms of Windows 7 Professional or Windows 7 Ultimate editions preinstalled on a new PC would allow a customer to downgrade to either Windows XP Professional or similar Windows Vista versions for 18 months, or until the availability of SP1, whichever came sooner. Generally, PC manufacturers are in the process of ramping down Windows XP downgrade facilitation options that some offer today. As background, an OEM’s ability to generally offer downgrade facilitation options (e.g., preinstalling Windows XP Professional on a new PC that includes end-user rights for Windows 7 Professional) ends on October 22, 2010.

This is good news, especially if you have no compelling reason to upgrade from XP to Windows 7. A lot of folks, myself included, continue to run XP and actually prefer the operating system over Microsoft’s newer endeavors. Although many rave about Windows 7, there really is no reason to upgrade if all you do is use XP as vehicle for launching a web browser to reach the internets.

My main workstation is a MacBook Pro, however I continue to run an older HP desktop as a backup. It runs XP quite smoothly and is rarely used. Why would someone in a similar situation consider purchasing Windows 7 when Microsoft is committed to continually supporting XP through 2020?

In a move that is surely upsetting the Recording Industry Association of America, Judge Nancy Gertner followed in the footsteps of a previous verdict, slashing a $675,000 verdict by a factor of 10, stating over half-million dollars in damages for merely file-sharing a few MP3 files is unconstitutionally excessive.

“Weighing all of these considerations, I conclude that the jury’s award of $675,000 in statutory damages for Tenenbaum’s infringement of thirty copyrighted works is unconstitutionally excessive,” she wrote. “This award is far greater than necessary to serve the government’s legitimate interests in compensating copyright owners and deterring infringement. In fact, it bears no meaningful relationship to these objectives. To borrow Chief Judge Michael J. Davis’ characterization of a smaller statutory damages award in an analogous file-sharing case, the award here is simply ‘unprecedented and oppressive.’”

This is the second time a damages award in a P2P file-sharing victory has been minimized by a Judge. Previously, a Minnesota jury awarded the RIAA $1.9 million but Judge Michael Davis reduced the damages to $2250 per song.

It is good to see these trials starting to backfire against the RIAA. They came in with an agenda to make examples of a few people, hoping for huge verdicts which would scare people from using P2P networks to share music. Unfortunately for the RIAA, as we all are quite well aware of, this has not happened – more music is being shared today than ever, while the recording industry continues to generate record-breaking revenue.

File-sharing is hardly hurting the bottom lines of the companies the RIAA represents. In fact, many would argue quite the opposite – that file-sharing is aiding the industry in generating more revenue by allowing people to be exposed to music they otherwise would never have previously considered purchasing. Try before you buy, if you will.

Although the Tenenbaum case was mostly a joke, it is quite nice to see a judge apply some common sense to these verdicts. The amount of damages written in to copyright law is there as a deterrent for people who attempt to profit off illegally selling music. The idea of file-sharing was not a glimmer in anyones eyes and was never taken in to account when the law was written. Is it time for Congress to revisit this clause and update it so it takes modern technology in to account?

Those jackasses at patent holding company NTP once again have opted to use the courtroom to attempt to generate revenue rather than innovating in the technology space. This time they are suing Google, Apple, HTC, LG, Microsoft and Motorola for allegedly violating eight of their patents covering wireless email delivery.

In 2001, NTP filed a similar suit against Research In Motion, and in 2006, the suit was dismissed after RIM paid $612 million in a settlement. As a result of that arrangement, RIM is not named in the new suit, nor is Nokia — the world’s largest smartphone maker — since both companies have licensing agreements with the patent company.

I find the timing quite interesting. The NTP vs. RIM lawsuit concluded in 2006, yet it took NTP four additional years before deciding to sue these companies. Here in 2010 Apple and HTC own the smartphone market with their iPhone and Android products respectively. Could this suit have anything to do with the extreme popularity of those devices?

Surely there is a relationship otherwise, for example, why not sue Apple upon the release of the first iPhone since its email capabilities have virtually remained the same?

Either way, patent holding companies like NTP – companies which purchase patents rather than innovating themselves – which do not produce any types of products but opt to use the courts for profit only end up hurting the technology sector as a whole. As long as there are greedy bastards like NTP running around suing companies on baseless grounds then many corporations will be afraid to take risks for fear of being in the crosshairs of some pointless, faceless, product-less lawsuit machine.

What a lovely Independence Day surprise: global iTunes accounts have been compromised and used to purchase up to $600 worth of AppStore apps per account. Initially the suspicious activity pointed towards one specific developer, but has since spread to multiple developers, multiple iTunes accounts and more than the US iTunes store. The Next Web has a detailed list of the facts surrounding this breach.

• A number of iTunes have been account from across the globe, not just the US, and used to purchase apps.
• iTunes users have reported anywhere between $100-$1400 spent using their accounts.
• Many of the apps have been purchased to specifically climb up the iTunes ranking to gain momentum in the hope that others will purchase the apps based on their high sales.
• Currently all the app purchased have been owned by Asia based developers with little information known about them. Clearly they feel being based in Asia will give them immunity to any US laws.
• The developers website and support links direct users to non-existent websites or landing pages.
• The initial rogue developer’s have now been removed from the app store but other unethical developers still have their accounts available in the app store – details on those to come.

Check your iTunes purchase history and/or your online banking access to determine if your account has been compromised in this security breach. If it has, I suggest immediately contacting Apple’s iTunes customer service and your bank to dispute the charges, so that you may recover any potentially lost funds as a result of this incident.

It is not really known how widespread this security breach is, or what vector was used to facilitate the hack. The initial hack by Vietnamese developer “Thuat Nguyen” that was reported all over the blogosphere may have lead to discussion about entirely unrelated security incidents.

At this point nobody knows exactly what is going on or how all the breaches are tied together. Be on the lookout for additional information once it becomes available. In the meantime, check out your purchase history to ensure your account was not used in the breach.