Drupal 5.9 Released: Security Fix

July 29, 2008

Drupal 5.9 has just been released to fix a security hole introduced in 5.8. Sounds serious.

Filed in Web Design, Security.


Another DNS Checker: Is Your ISP Vulnerable to the DNS Poisoning Exploit?

July 29, 2008

I posted a couple of days ago about a free DNS checker to see if your ISP’s name servers are vulnerable to the DNS poisoning exploit that is now in the wild. I found another reputable one: https://www.dns-oarc.net/oarc/services/dnsentropy. Or at least, it seems reputable. This one has a more elaborate test than the one provided in my previous post.

Filed in Security, News.

Are Your ISP’s DNS Servers Vulnerable? Test It.

July 27, 2008

The DNS exploit is now in the wild. DNS servers that have not been patched can be exploited so that if you type a URL, such as for your bank’s website, you may be directed to some other site pretending to be your bank. You won’t be able to tell the difference, since the DNS name server will tell you that that is actually the bank’s site. From there, the site can steal your user name, password and other data.

To test whether your ISP has patched their DNS servers, go to Dan Kaminsky’s blog and use the Check My DNS button. More than 52% of ISPs have vulnerable DNS name servers!

Filed in Security, News.

WordPress 2.6 is out!

July 15, 2008

Whoa, after a long silence, which is unusual for it, WordPress version 2.6 has been released. It doesn’t really look like there’s any real compelling new features. Just some bunch of user interface improvements that make things easier especially for newbies.

Oh yes, there’s also a version control system built into this version as well.

Filed in WordPress, Software.