[ga] Apple Clients Still Vulnerable After DNS Patch

["Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>]

All,

  All is still not well with Apple.com even after Apple finnaly patched
the original DNS problem.  It seems that industry leaders are again
showing their lack of knowledge in IT related issues that effect
the security of their clients and who knows how many other
unsuspecting users.  Shame on Apple!

  Has the ISC or the SSAC gotten in touch with Apple and
expressed that they need to do better?  Well I don't know, but
it sure doesn't seem so.

See:
Glenn Fleishman sends word that SANS Institute testing indicates that,
even after installing
http://it.slashdot.org/article.pl?sid=08/08/01/1215209&tid=172 Apple's
latest patch for the DNS vulnerability,
http://db.tidbits.com/article/9721 Leopard desktops (not servers) are
still vulnerable ? or at least
perpetuate risky behavior that makes exploitation easier. This matters
because "With servers rapidly being patched worldwide, it's likely
that the low-hanging fruit disappears, and vectors [will be] designed
to attack massive numbers of clients on ISP networks."

Regards,

Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@xxxxxxxxxxxxx
My Phone: 214-244-4827