Threat Level: green Handler on Duty: Jim Clausing

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2006-04-03 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Treo 700w DST Ooooops!

Published: 2006-04-03
Last Updated: 2006-04-03 22:48:17 UTC
by Tom Liston (Version: 1)
0 comment(s)
It appears that the new WindowsCE based Treo 700w had some "issues" with DST.  According to Palm:

"After Daylight Saving Time begins (2:00 a.m., first Sunday in April), you may notice that some appointments in your smartphone's Calendar appear one hour early. For example, if you had scheduled a dental appointment for 9:00 a.m. Monday, it would appear on your smartphone as 8:00 a.m. Monday; it will also appear incorrectly in Outlook on your desktop PC as 8:00 a.m. Monday.

In addition, full-day appointments may appear one day early."

The point?  Well, first off, because I own a Palm OS based Treo 650, I enjoyed having the chance to take a cheap shot at Palm/MS for the 700w's problems.  But beyond that, this issue harkens back to a diary entry by the always suave and debonaire Mr. Tony Carothers.  While dealing with the whole DST protocol seems, on the surface, to be pretty simple, there are always hidden "gotchas" lurking out there that rear their ugly heads every spring and fall.  Remember-- On tap for next year: The U.S. Congress gives the DST Gotcha Tree a healthy shake... anyone else wondering what'll fall out?
Keywords:
0 comment(s)

Apple Firms Up Their Firmware

Published: 2006-04-04
Last Updated: 2006-04-04 00:49:32 UTC
by Tom Liston (Version: 2)
0 comment(s)

Steve and the gang out in Cupertino have made Mac OS X v10.4.6 and Mac OS X Server v10.4.6 available for your fruity OS-updatin' pleasure. Aside from providing some general system improvements, they also deliver a fix for a security issue whereby MacIntel (Inteltosh?) boxes could have their firmware password bypassed, essentially giving anyone with physical access to the box the ability to drop to "Single User Mode" and run amok. (More details here.)

Update links and checksums (you *do* confirm checksums before patching, now don't you?):

Go here. (http://www.apple.com/support/downloads/)

For Mac OS X v10.4.5 (PowerPC)
The download file is named: "MacOSXUpd10.4.6PPC.dmg"
Its SHA-1 digest is: b65564786f9e15d6bdac2ea3eed1294e5fd8f122

For Mac OS X v10.4 through Mac OS X v10.4.4 (PowerPC)
The download file is named: "MacOSXUpdCombo10.4.6PPC.dmg"
Its SHA-1 digest is: c9fde5a23bcebd08149301b7ad300881a563c398

For Mac OS X v10.4.5 (Intel)
The download file is named: "MacOSXUpd10.4.6Intel.dmg"
Its SHA-1 digest is: a0d26811f55c8a3accac0f0237355431d0ca3938

For Mac OS X v10.4.4 (Intel)
The download file is named: "MacOSXUpdCombo10.4.6Intel.dmg"
Its SHA-1 digest is: 487dfcb211911c97f9862872a70b72eb4486d724

For Mac OS X Server v10.4.5
The download file is named: "MacOSXServerUpdate10.4.6.dmg"
Its SHA-1 digest is: 17b92d74ebe0a499fee5189b6d1074d5d5f72b15

For Mac OS X Server v10.4 through Mac OS X Server v10.4.5
The download file is named: "MacOSXSrvrUpdCombo10.4.6.dmg"
Its SHA-1 digest is: 746fe2b304f8bfb6a5f84ff0e08edd32722a8cb9

Or, you can be a big old wimp and just use the Software Update pane in System Preferences... (thanks Swa, for pointing that out!)

Update: Here is an article from Apple that explains how to use the new firmware boot protection.

Keywords:
0 comment(s)
Diary Archives