<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Garamond, sans-serif; ">
<div>
<div>
<div>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
In this issue:</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Safari Updated to Fix Security Issues</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. IS&T Suggests Waiting to Upgrade to Mountain Lion</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Four Million Hotel Rooms Could Be Hacked + Theft Is Increasing = Be Careful</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">--------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Safari Updated to Fix Security Issues</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">--------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Apple has released an updated version of its Safari browser. Safari 6 for OS X 10.7 (Lion) addresses more than 120 security issues present in 5.x versions of the browser that could have been exploited
to allow cross-site scripting attacks, arbitrary code execution, and file theft. Safari 6 also incorporates several new features.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><a href="http://www.h-online.com/security/news/item/Safari-6-addresses-numerous-security-vulnerabilities-1652411.html">Read the story in the news</a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">---------------------------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. IS&T Suggests Waiting to Upgrade to Mountain Lion</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">---------------------------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Based on preliminary testing of prerelease versions of Mac OS X 10.8, Information Services and Technology (IS&T) recommends that Mac users wait to upgrade and continue to use Mac OS X 10.6 or 10.7
while IS&T completes its review and testing of OS X 10.8. The testing is done to ensure that incompatibilities or bugs can be addressed. Known issues and workarounds have been documented
<a href="https://wikis.mit.edu/confluence/display/SWRT/OS+X+10.8+-+Mountain+Lion">
here</a> (certificate required to view this link). </p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Limited support is being offered by the IS&T Computing Help Desk and documentation for 10.8 has been posted in the
<a href="http://kb.mit.edu/confluence/display/istcontrib/OS+X+Mountain+Lion+%2810.8%29+Landing+Page">
Knowledge Base</a>. The information included there will be frequently updated as testing is completed for applications and features commonly used at MIT.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">For any questions regarding the release, please contact the
<a href="mailto:swrt@mit.edu">Software Release Team</a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">------------------------------------------------------------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Four Million Hotel Rooms Could Be Hacked + Theft Is Increasing = Be Careful</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">------------------------------------------------------------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">With less than $50 of off-the-shelf hardware and a bit of programming, it's possible for a hacker to gain instant, untraceable access to millions of key card-protected hotel rooms.
<a href="http://www.extremetech.com/computing/133448-black-hat-hacker-gains-access-to-4-million-hotel-rooms-with-arduino-microcontroller">
This hack was demonstrated</a> at the Black Hat conference in Las Vegas. Apparently, there is no easy fix. If the hotels want to secure their guests, every single lock will have to be changed.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">If you are traveling this year, I would recommend not leaving anything valuable in your hotel room. If the room has a safe, use it. If not, take your items with you, such as hard drives, thumb drives,
computers, tablets, smart phones and iPods. Incidentally, if it's a Mac product, beware:
<a href="http://online.wsj.com/article/SB10000872396390443931404577550823904439852.html">
according to the Wall Street Journal</a>, 40% of all major city robberies now involve Apple products.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">===================================================================================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read all Security FYI Newsletter articles and submit comments online at
<a href="http://securityfyi.wordpress.com/"><span style="text-decoration: underline ; color: #1e37ee">http://securityfyi.wordpress.com/</span></a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">===================================================================================</p>
</div>
<div>
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; font-family: Helvetica; ">
<span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; ">
<div style="font-size: 12px; "><br>
</div>
<div style="font-size: 12px; "><br>
</div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">Monique
Yeaton</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">IT
Security Communications Consultant</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">MIT
Information Services & Technology (IS&T)</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">(617)
253-2715</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">http://ist.mit.edu/security</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><br class="khtml-block-placeholder">
</div>
<br class="Apple-interchange-newline">
</span></span></span></span></span></span></span></div>
</div>
</div>
</div>
</body>
</html>