sorinmustaca.com – Sorin Mustaca – personal blog. Security software, agile development, scrum, programming and more

From Agilescout.com

“Lazy developers cannot hide specific problems for weeks. Every day you have to explain your progress.”

“Lazy developers hate Scrum because they have to report progress everyday.”

“It’s really a team effort, the team has the responsibility to deliver together.”

“Lazy developer are often the ones that now have to show what they’ve been hiding before from a customer.”

“In sum we do believe lazy developers hate Scrum and Agile because they have to change, they have to be much more visible to what they are doing and cannot hide.”

My opinion:

I think that there is no such thing as “lazy” developers.

There are developers who are demotivated, who don’t have a solid technical background or simply doesn’t understand what they have to do.

And all these have as effect that the project doesn’t move forward.

For those who see the problem from outside, this gives the impression that a developer is “lazy” because he doesn’t produce the expected results.

Five Apple Security Myths — and the Disturbing Truths

Five hard lessons

With that in mind, here are five Apple security myths — and the brutal truth behind each:

Myth: I don’t need antivirus and spam protection because I work on a Mac.

Truth: The Mac OS X operating system is targeted less frequently by malware only because it’s not as widespread as Windows. It’s no more secure than any other operating system, said Sorin Mustaca, data security expert at Germany-based Avira.

As for phishing attacks, said Mustaca, “the biggest problem in this case is not the computer itself, but rather it’s the user.”

Myth: I can’t be infected by any malicious software because I get my applications exclusively from the iTunes App Store.

Truth: “We’ve seen a couple of times already that the App Store is not such a secure fortress as one might have hoped,” said Mustaca. “It is extremely difficult to check every single application that is inserted there.”

Myth: Mac OS X is inherently more secure than Windows.

Truth: Apple’s brand-new products are being hacked almost immediately upon arrival. For example, “jailbreaking” your iPhone is as easy as browsing to a specific website.

“For a while, it was easier to write exploits for Mac OS X systems than it was for Windows, but now they’re relatively equal,” said Core Security technical specialist Dan Crowley. “Bugs seem to be just as easy — if not easier — to find in Mac OS versus Windows.”

Myth: Apple’s Safari browser is more secure than Microsoft’s Internet Explorer.

Truth: Safari had more than twice the number of reported vulnerabilities in 2009 (94) than did Internet Explorer (41), according to Symantec’s Global Internet Security Threat Report.

Myth: iPad users are not susceptible to the same sorts of attacks that Windows users experience.

Truth: According to Anup Ghosh, founder and chief scientist of Fairfax, Va.-based Invincea, Apple released the iOS 3.2.2 software update for the iPad specifically to fix a critical vulnerability in Adobe Reader that can be exploited by malicious PDF files.

So what can you do to make your Apple device more secure? First of all, never open an e-mail attachment you’re not expecting, even if it’s from someone you know.

Always check the URL — the long string of characters that begins with “http” — in your browser address window when surfing the Web, even on an iPhone or iPod Touch. Be very careful about using free Wi-Fi hotspots in coffeeshops, libraries or airports — it’s safer to just use your cellular carrier’s data service.

I recently bought a new LCD TV from Philips : The 47″ PFL8404H/12 with NetTV.

Philips 47 PFL 8404 H 119,4 cm (47 Zoll) Full-HD Ambilight LCD-Fernseher mit integriertem DVB-T / DVB-C Tuner schwarz

Actually, I chose this TV because of two features it has:
1. The display : Full HD, 47″ , non reflective having the “Pixel Precise” feature
2. the Net TV: which means practically the you have an Internet connection in your TV set.

I have the FritzBox! 7240 from AVM which is a goot DSL modem and router.

The problem

However, after installating the TV and connecting it to the Internet I noticed that it looses, apparently randomly the connection to the router.
When connecting the old FritzBox 7170, everything worked as expected.

The reason

All FritzBoxes have a nice feature which tries to make the device eco friendly (aka “green”) by reducing the power consumption.
So, it has some automatic detection if a LAN port is used or not.

Philips 47 PFL 8404 H 119,4 cm (47 Zoll) Full-HD Ambilight LCD-Fernseher mit integriertem DVB-T / DVB-C Tuner schwarz

The Solution
After discussing with Heino, a colleague from Avira, he gave me an idea: what if the automatic detection of the LAN ports is not functioning correctly ?
And he was right.
Apparently, this automatic detection is not working correctly and it deactivates the port way to soon.
I deactivated the automatic detection by configuring that the ports must be always enabled and now everything is working perfectly !

And NetTV is a great feature !!!
YouTube on a 47″ TV is a nice thing. Or at least my 2 years old son thinks this when he is watching his Pluto cartoons.

Philips 47 PFL 8404 H 119,4 cm (47 Zoll) Full-HD Ambilight LCD-Fernseher mit integriertem DVB-T / DVB-C Tuner schwarz

I read this article from Heise ( http://www.h-online.com/security/news/item/Internet-Service-Providers-have-a-pessimistic-view-of-the-future-917562.html) and I couldn’t stop asking myself : WHY ?!

I mean where is the problem in building a better protection from inside ?
Why Inside ?
Because most of the attacks come from inside their network or from the networks from their own partners.
So, guys, sit together to a beer or something and discuss how to act together against those bad guys.
And in the case that the attack comes from a network from another state which doesn’t obey to these rules, just filter them from your network.
This way they’ll learn that it is better to cooperate than to sit and do nothing.

Project Honeypot published this nice article which contains all kind of data and graphics here:
1 Billion Spammers Served

All nice and shiny, but I have a problem with this graphic:

Notice that PayPal is about 1% …

Our data, gathered by the URLCheck service, gives us completely different numbers:

So, don’t believe everything what you see…

I am subscribed to the TAROM (Romanian Airlines) Newsletter which is sent approximately once a month.
Each month I receive the same corrupted email which looks like the one in the picture:

tarom's newsletter

Why is this happening ?

Simply because they add some newlines in the wrong places. Actually, it is enough only the first one to ruin everything.
See the red arrows ? Those newlines shouldn’t be there.

Badly formatted newsletter

I wrote to Tarom (newsletter@tarom.ro) and they didn’t reply back. And they also didn’t fix the problem.
This could’ve been avoided very easily if they just preview the newsletter before they mass mail it.