Check Your Sites With Google

Earlier this week, I received a report that something fishy was going on with one of my websites. The report indicated that some sort of spam had infiltrated the site, informing users about great deals on pharmaceuticals. Needless to say, since we had not recently gone into the business of selling drugs (legal or otherwise), this was a bit suspicious.

I headed to the page that was included in the report and checked it out in about 20 different ways. I opened it in each of the five browsers I have installed; I viewed the regular source of the page; I viewed the generated source (after the JavaScript has run and modified the source) of the page and couldn’t find anything about the pharmaceuticals reported in the message.

iPhone OS 3.0.1 – Does It Really Fix Anything?

On Friday, Apple released iPhone OS 3.0.1 for iPhone devices. The release was apparently put out in response to a vulnerability pointed out during the Black Hat Security Conference. To install the “patch” for this vulnerability, iPhone owners must download an entirely new version of the iPhone operating system (230 megabytes) rather than just being able to install a smaller patch.

However, there are rumors floating around the Web that the patch only fixes one of two separate vulnerabilities exposed at the Black Hat conference. The first vulnerability, known as the Miller hack, is apparently what the new OS patches. However, another vulnerability, referred to as the Miras/Lackey hack is still open and can potentially effect any phone on a GSM carrier (not just the iPhone). About the Miras/Lackey hack, @musclenerd says “3.0.1 doesn’t begin to fix them.”

It will be interesting to see if any patches or fixes come out to close the hole exposed by Miras and Lackey, how long it takes to do so, and from where the patches will come (will the phone companies themselves release them, or will they come from the manufacturers).