SCO Issues OpenSSL Patch, 10 Months Late
23rd January, 2005
While The SCO Group has become famed for its Linux-related lawsuits, its corporate motto continues to be "The Power of Unix."; but SCO customers might be forgiven for thinking that it should be "The Power of Unpatched Unix."
On Thursday SCO issued a security advisory announcing the release of UnixWare patches for flaws in OpenSSL that could leave secure servers open to denial of service attacks. The only problem is that the flaw was made public more than 10 months ago.
Posted by Rich Miller in Security
Lapse at Melbourne IT Enabled Panix.com Hijacking
18th January, 2005
Domain registrar Melbourne IT today acknowledged that it failed to properly confirm a transfer request for Panix.com, allowing the domain for the New York ISP to be hijacked for most of the weekend. The Panix incident has focused attention on recent ICANN rule changes that allow domains to be transferred more easily, which some registrars warned would also make it easier to hjack domains.
The hijacking disabled all email and Internet access for thousands of Panix customers, and persisted despite active efforts by the North American Network Operators Group (NANOG) to assist Panix in recovering the domain. The delays were blamed on unresponsiveness by several providers within the domain management system, but especially Melbourne IT, which appears to have no readily-accessible support on weekends. The Panix.com hijacking was not reversed until Melbourne IT's offices opened in Australia Monday morning (late Sunday in New York).
Posted by Rich Miller in Around the Net
Earthlink's Corporate Blog Hosted Offsite
18th January, 2005
Apparently not. The Earthlink Protection Blog is hosted by Six Apart on its TypePad blog hosting service, which is in turn hosted in an Internap data center in San Jose.
Posted by Rich Miller in Hosting
Toolbar community reports Internet Explorer address bar spoofing vulnerabilities actively exploited
16th January, 2005
The image above illustrates a live phishing site in action. In this case, the
content looks genuine, as the URL appears to belong to the PayPal web
https://www.paypal.com/cgi-bin/webscr?cmd=_login-run, but the
content is really being served from a phishing site at
The only clue that something is wrong is that the browser is not displaying the padlock
in the bottom right hand corner, indicating that this is not really a secure
web page. A bug in the script also causes the popup window to remain visible
even when the browser is minimized.
However, the Toolbar reveals the true location of the web site, which is hosted in Poland. People using the toolbar are then able to report the site, and thereby block access to the page for other less alert people using the Toolbar.
Similar attacks against institutions including PayPal, eBay, TCF Bank, Regions, GarantiBank and LloydsTSB, have been reported and blocked by the Toolbar community in the last few days. In all cases, nearly-identical scripts have been used, suggesting either that the same fraudsters are responsible for all of the attacks, or perhaps simply that fraudsters are copying ideas from each other.
This can affect all versions of Internet Explorer on Windows XP although the popup window does not correctly obscure the real URL if Service Pack 2 is installed.
The Netcraft Toolbar is currently available for Internet Explorer, and automatically blocks access to known phishing sites whilst displaying the longevity, hosting location and country for each site you visit. The toolbar can be freely downloaded.
Posted by Paul Mutton in Security
Server Struggles Slow Torrent Hub LokiTorrent
14th January, 2005
LokiTorrent is among the most visible portals supporting BitTorrent, the popular distributed file-serving technology developed by Bram Cohen. LokiTorrent is among the sites facing lawsuits from the Motion Picture Association of America (MPAA) over the use of BitTorrent in illegal file-sharing.
A dynamically upgrading chart of www.lokitorrent.com is available here.
Posted by Rich Miller in Performance
Apple Store, MacWorld Expo Sites Slowed by Heavy Traffic
12th January, 2005
The Apple web site, which runs on Mac OS X, experienced some slowdowns but was largely available. Apple's online store (also on Mac OS X) struggled, however, experiencing outages and lengthy response times. Faring even worse was the official site for MacWorld Expo, which runs on Windows Server 2003, and was offline for hours following the show's keynote address by Apple CEO Steve Jobs.
Dynamically updating performance charts are available for the www.apple.com, store.apple.com and www.macworldexpo.com sites.