[IS&T Security-FYI] SFYI Newsletter, December 5, 2008
Monique Yeaton
myeaton at MIT.EDU
Fri Dec 5 15:29:49 EST 2008
In this issue:
1. Apple Issues Update for iPhone, iPod Touch
2. Leaving a Digital Trail: What About Privacy?
3. Update: Advanced SANS Forensics Course
-----------------------------------------------------------
1. Apple Issues Update for iPhone, iPod Touch
-----------------------------------------------------------
Apple released an update for the iPhone and the iPod touch. In
addition to new features, the update incorporates security patches for
a dozen vulnerabilities, including two iPhone data exposure problems.
The first of these was noted in August and allows someone with
physical access to a passcode-locked device to launch applications
without needing to know the passcode. The second is a vulnerability
that exposes incoming SMS messages if the iPhone is set to emergency
call mode. Other vulnerabilities addressed in the update include
remote code execution flaws in the way the device handles image files
and web pages.
[Source: SANS NewsBites]
Read full story here:
<http://www.vnunet.com/vnunet/news/2231088/apple-releases-iphone-update>
<http://news.cnet.com/8301-1009_3-10105450-83.html>
----------------------------------------------------------
2. Leaving a Digital Trail: What About Privacy?
----------------------------------------------------------
A story featured in The Tech earlier this week, and was originally
published in the New York Times, discusses a study being conducted at
Random Hall at MIT, in which students exchange privacy for smart
phones that generate digital trails to be beamed to a central
computer. Data is collected as the basis for an emerging field called
collective intelligence.
It does make one wonder about the future of privacy, or lack thereof,
in this electronic age. Read the full story here:
<http://tech.mit.edu/V128/N59/privacy.html>
To show that using these types of digital trails for specific purposes
is not so far-fetched, also read this other New York Times article,
which follows how MetroCards in NYC are being used to trace murder
suspects:
<http://www.nytimes.com/2008/11/19/nyregion/19metrocard.html?_r=1&th&emc=th
>
----------------------------------------------------------
3. Update: Advanced SANS Forensics Course
----------------------------------------------------------
As a reader of this newsletter pointed out earlier this week, the
Advanced SANS Forensics course <http://www.sans.org/info/30523> is
available at a discount, if more than one person from an organization
is attending.
According to the group registration information on the site:
SANS Local Mentor Program is pleased to offer two (2) or more Students
who work at the same organization, a Group Discount tuition fee. To
obtain the Group Discount fee and Registration Code offered for this
course, contact tuition at sans.org PRIOR to registering and provide the
names and e-mail addresses of all the students registering within your
organization.
So, if you ARE interested in attending, or know of anyone, please
reply to <ist-security-fyi at mit.edu> so that a potential list can be
collected before registering.
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20081205/672e601f/attachment.htm
More information about the ist-security-fyi
mailing list