« June 2011 | Main | August 2011 »

July 2011

July 23, 2011

Killing Apple batteries for fun & profit: Another reason why default passwords are bad

So in yet another example of why default passwords are bad, consider your Apple laptop batteries as a potential threat. Yep, thats right... a threat.

According to a recent Forbes article, a default password stored in the chip that controls the batteries of Apple laptop allows an attacker the ability hijack the firmware and have their way with it. Since the firmware is designed to control the microcontrollers ability to monitor power levels of the unit, the operating system can be tricked to think it is running in a good condition when it could actually be overheating, could cause the system to stop charging, or possibly even implanting malware that could reinfect the host, even after you were to completely wipe and reinstall the system.

At present, there is no practical attack to this vulnerability. However at this year's BlackHat conference the researcher that found the vulnerability will be discussing this attack, and releasing an interm fix to address it. I am going to miss sitting in on this talk, but would be interested to hear what others say about it at the parties.

Reality is, we are back to square 1. You cannot rely on default passwords for anything. They are a bad idea. They are unsafe. And as we see here, potentially disasterous when used in hardware.

Posted at 01:12 PM in In the Trenches | | Comments (0) | TrackBack (0)

| |

July 22, 2011

Notice: Corporate website will be down a bit today

Hey everybody,

I wanted to give you a heads up to inform you that at present, our corporate website is down. Our hosting provider had to perform some emergency maintenance and didn't have time to notify us to schedule it better.

All product services, including the Customer Portal and Knowledge base are still in operation. However, if you attempt to reach our main public facing website, it may not be reachable, or show a temporary landing page.

Our apologies.

In the meantime, if you need to get some information you can call us directly at 888-407-4285.

Thanks for your patience.

Posted at 09:25 AM in Blog Maintenance | | Comments (0) | TrackBack (0)

| |

July 12, 2011

Introducing a new web series - 'Beyond the Data'

If there is one thing we are seeing from many of the IT Service Provider Providers that we work with, it is a disconnect between what Information Security Management (ISM) is about, and how to properly align ISM with the security safeguards that you know and love. In many cases, poor decisions can be made that exposes you to more business liability than you may like, and at times can feel very burdensome.

So we wanted to do something about it. Introducing 'Beyond the Data'... a new web series focused on doing just that. Every second Tuesday a new episode will be released that will guide you in aligning ISM with your safeguards to meet the requirements of ITIL. Check out the pilot below to get an idea what we will be talking about.

For more information, head over to www.beyondthedata.tv to keep up with the show.

Posted at 10:26 AM in Beyond the Data, In the Trenches | | Comments (0) | TrackBack (0)

| |

Visit Our Company Website
Subscribe to this blog's feed

Categories

Archives

More...

Become a Fan

Connect With Us