So how did this happen? Microsoft claim my username was used to access to account when the rogue campaign. I’m pretty careful with access so I believe it must have been some form of cross side script or it’s an internal hack. Microsoft are currently investigating so I’ll share the results when they get back to me.

The security of personal data is a major area of concern as we’re constantly hearing about more frequent online security breaches. Unfortunately, this will continue so you need to be more aware.

Self protection is a simple way to help mitigate lost as you have some control of where and how you enter information. Ask yourself the questions, do I trust a particular organisation to look after my personal data? Should I let a particular company hold my credit card information?

Below I have listed some simple rules for entering data on the Internet

• You can use multiple email addresses. This will allow you to have separation between the type of information received. Think about it, do you always need to use your main email address when signing up for stuff on the web?

• Use multiple passwords. Have a password for trivial stuff like this signing up to download software or newsletters. Have another password for email, social networking, etc… which you change on a regular basis. Then there are the financial institution passwords which should demand the use of additional password security (Well I hope they do).

• Do not allow your credit card information to be stored. Websites like Amazon or web applications like iTunes store your credit card to speed up purchases. I recommend deleting this information after every purchase. However, it’s all about trust, do you trust Amazon or Apple to look after this data? Corporations which have a business model which relies predominately on website sales, or financial institutions (banks, credit card companies, PayPal) will most probably do a good job.

I can’t remember different passwords you say. Consumer users tend not to set strong passwords. They also tend the use the same password for multiple websites. Unfortunately, password separation between general web, email, social networking & financial logons is essential.

Consider the Sony incident. The breached information includes your credit card, email address and password (because the password wasn’t encrypted). Now imagine if you had used the same password for your email, social networking, etc… Now can you see why password separation is important.

This is not new information, I’ve just related it to the Sony security incident. Unfortunately there will be more incidents  so it worth taking a minute to consider this simple method the protect your personal information.

Social engineering is currently the best way to circumvent security. It works on deception and the gullibility of users. This is clearly seen with the mobile phone voicemail hacking case currently heading the UK news.

Gaining access to someone’s voicemail is very simple as long as you have their mobile number. You call a central number and key in their mobile phone number. To gain access you’ll need their four-digit personal identification number (PIN). This can be easy to guess as it may still be set with the default PIN. Or, it is set with a very simple number like 1234, 4321, etc.

The same is true for accessing someone’s work place voicemail. Many PINs are set with their own extension number.

If the PIN cannot be guessed, the attacker may attempt to trick the network provider into releasing the PIN or change the PIN.

I’m not sure what the exact details of the current mobile phone voicemail hacking case are. I do know that users need to take more responsibility for their own security. The operators will improve their procedures, so users need to do their bit too.

1: Stop SUS

2: Download http://swscan.apple.com/content/meta/mirror-config-1.plist and copy it to /usr/share/swupd/html/content/meta/mirror-config-1.plist

3: Change it to look like this:

<?xml version=”1.0″ encoding=”UTF-8″?>
<!DOCTYPE plist PUBLIC “-//Apple Computer//DTD PLIST 1.0//EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd”>
<plist version=”1.0″>
<dict>
<key>PrimaryCatalog</key>
<string>http://swscan.apple.com/content/catalogs/index.sucatalog</string>
<key>CatalogsList</key>
<array>
<string>http://swscan.apple.com/content/catalogs/index.sucatalog</string>
<string>http://swscan.apple.com/content/catalogs/others/index-leopard.merged-1.sucatalog</string>
<string>http://swscan.apple.com/content/catalogs/others/index-leopard-snowleopard.merged-1.sucatalog</string>
</array>
</dict>
</plist>

4: Edit /etc/swupd/swupd.plist and change the metaIndexURL entry to look like this:

<key>metaIndexURL</key>
<string>http://myserver.com:8088/content/meta/mirror-config-1.plist</string>
<key>portToUse</key>

5: Start SUS and wait for it to download the catalog files and to generate the local versions thereof.

6: Once it has generated the local catalog files add some symlinks like this:

cd /usr/share/swupd/html
ln -s /usr/share/swupd/html/content/catalogs/index.sucatalog .
ln -s /usr/share/swupd/html/content/catalogs/others/index-leopard.merged-1.sucatalog .
ln -s /usr/share/swupd/html/content/catalogs/others/index-leopard-snowleopard.merged-1.sucatalog .

7: Just in case restart SUS

8: Wait for SUS to download all the updates

9: On your 10.6 client go in the Finder to /Library/Preferences and open com.apple.SoftwareUpdate.plist. Change the CatalogURL entry to point to http://myserver.com:8088/index-leopard-snowleopard.merged-1.sucatalog

10: Launch Software Update on your 10.6 client and be happy

It should behave like a 10.6 server now as it is serving the catalog files according to the 10.6 server documentation as described on page 89 here: http://images.apple.com/server/macosx/docs/System_Imaging_and_SW_Update_Admin_v10.6.pdf

The report focuses on various Trojan horse attacks, malware found in Torrent application downloads, attacks on jailbroken iPhones, Mac OS X vulnerabilities and third party vulnerabilities.

The following excerpt is taken from the report: -

Many of these operating system vulnerabilities pave the way for unseen malware attacks. Some of them are such that merely visiting a booby-trapped web page can compromise a Mac. This underscores the importance of security software that protects not only from malware but also from web threats and the many other kinds of menaces that target Macs. It also highlights the need to keep software up-to-date. Both for Mac OS X and for third-party software, users should make sure that they have the latest versions of their software, since some programs—such as Adobe Reader, commonly used to view PDF files—are easy to attack with known exploits circulating in the wild.

The report is available from http://blog.intego.com/2010/01/25/the-year-in-mac-security-2009/