Okay, it’s not that scary, other than the fact Martin isn’t even in the episode this week. That’s right, I flew solo and invited Glenn Fleishman from TidBITS
Glenn Fleishman is a TidBITS contributing editor and a Seattle journalist who covers technology for publications like The New York Times, Popular Science, and The Economist. He blogs daily about Wi-Fi and other wireless networking at Wi-Fi Networking News. Glenn lives in Seattle with his wife Lynn, sons Ben and Rex, two iPhones, and a dozen Macs of various vintages.
This is one of the most significant updates to the OS X series of the Mac operating system, with more dedicated security updates than any other version. But although Apple clearly invested in security, they didn’t necessarily finish the job. A combination of incomplete security feature implementations and some new operating system features with security implications make this a release for us security geeks to keep our eyes on.
- Rich’s pre-release TidBITS article on Security Improvements in Leopard
- Thomas Ptacek’s article evaluating the Leopard security features, post-release
- The ISFYM (Internet Security For Your Mac) post on Back to My Mac security problems by Open Door Networks
- follow up article on Leopard Security
Network Security Podcast, Episode 82, October 31, 2007
Tonight’s podcast is a little on the short side because of the fact
that I’m on the road and we’re still trying to figure out how to
record. I owe Rich a big thanks for doing all the heavy lifting for
tonight’s podcast, including purchasing a copy of Audio Hijack Pro,
recording the podcast and doing all the editing. Of course, now he has
an idea of what I go through every week; a little empathy is usually a
We’re a bit heavy on the Apple side of things tonight, but that’s
because there’s so much interesting stuff going on with them right
now. We barely even touched on the fact that Apple is going to be
releasing an SDK for the iPhone and other similar products. I’ll be
interested to see what hoops developers will have to jump through to
get the SDK and what additional hurdles they’ll face in getting their
code signed by Apple.
I’m really enjoying my time in Denver, though I’m ready to get back to
the wife and kids. I had some plans to meet up with a few security
professionals in the area, but those fell through. I’ll be in Chicago
all of next week and plan on attending ChiSec,
but if you’re in the area drop me a line; I’ll probably be available
Monday and Wednesday nights, and maybe even Tuesday night if Rich and I
can get the podcast recorded in a reasonable amount of time. Barring
technical difficulties that is.
- OS X Leopard release and security features
- iPhone Metasploit package
- Russian Business Network
- Citrix flaws or bad configuration
- Sorry, no music tonight
Network Security Podcast, Episode 81, October 17, 2007
Rich and I wandered into the realm of politics several times in this
podcast, something we’re gong to try to avoid for the most part in the
future. Listener feedback brought out some of the our own strong
feelings so we went along with it. Neither Rich nor I want to turn
this into a political podcast, mostly because neither of us feel
qualified to comment on politics. I guess that any time you start
wandering into an area people feel strongly about, it gets political,
which makes it hard to avoid politics all together.
By the way,
at one point in the podcast I couldn’t remember the name of a software
author. The guy who’s name I fumble over is Mark Russinovich, formerly
of Sysinternals, now working at Microsoft. And the comments I made
about the CyberSpeak Podcast are from the 23 Sep 2007 episode.
Network Security Podcast, Episode 80, October 9, 2007