Flashback is the first significant MacOS botnet, reportedly infecting and controlling over half a million Macs. Flashback has been around for since September 2011 but recently got a boost with a Trojan that exploits a security hole in Apple's Java distribution; a vulnerable Mac can be infected simply by visiting a web site, no user password required. Apple released a fix for the Java exploit yesterday, some six weeks after Microsoft, Adobe, and Oracle released their fixes.
Two days ago a user asked Google about a strange warning he was getting when trying to access Gmail from Iran. Turns out he was getting a fraudulent SSL certificate that was issued incorrectly for *.google.com by DigiNotar, a Dutch certificate authority. It seems likely this was a deliberate man-in-the-middle attack to snoop email in Iran. This attack is the second SSL certificate compromise in a year (previously), pointing to a fundamental design flaw in Internet security. [more inside]
The best thing about WIRED Magazine's 15th Anniversary celebration is it's not all self-congratulatory. Of course, any media entity involved in the rapidly-changing but well-archived internet is going to sometimes do silly things that we all can see - forever. In one area, at least, WIRED is owning up to its bad judgment with the Lamest (their word) Gear Ever Highlighted in their 'Fetish' Feature. 1993-1995. 1996-1998. 1999-2006. It's not that there are less lame items in recent years; they're just waiting for history to confirm what smart readers saw all along. My favorites - and why some of them may not be so lame: [more inside]