This one is just for the cool factor.

This week our ICT Manager went off to shred some hard drives at Midex. Nothing is allowed to come out that isn't shredded metal in a tray. Here are the photos he took (uploaded to Flickr with permission).

Well, this global DNS bug is causing the inevitable problems. Someone has now taken the time to code up something that uses the DNS bug to spoof upgrades for the following applications:

Java plugin; Winzip; Winamp; MacOS; "OpenOffices"; iTunes; Linkedin Toolbar; DAP [Download Accelerator]; notepad++; speedbit

This tool effectively allows the attacker to install Trojans onto your computer with your consent, with you believing it's a legitimate software update.

So, if you're presented with the Update Available dialogs for these, click cancel and do an NSLOOKUP on the web site address, do a whois on the IP address, check that it's owned by the right company, if so, manually download the software update from that web site. If not, your nearest DNS cache has been poisoned. Also check HTTPS certificates for the chain of trust - who signed the certificate etc.

How to convey this knowledge to the average user? Shut down your computer, wait till BBC or your nearest TV station gives the all clear. OR, uninstall those applications.

What these software vendors didn't consider implementing was signing updates and checking the signatures of updates to make sure they're not spoofed by a man in the middle or an imposter.