S E R V E R   S I D E
View current page
...more recent posts

Lots of main stream press stories about a remote root exploit in Apple wireless drivers. Seems like there is some truth here, and also a little bit of confusion. First off, this isn't just about Macs - the hacker duo demonstrating the exploit say it works against most wireless drivers on any platform. And secondly, they didn't actually demonstrate the exploit against the shipping Apple wireless drivers - they demonstrated it against a 3rd party wireless card (not the shipping Airport card) running 3rd party drivers. Color me unimpressed there. However, they say that it works against Apple's card and driver as well. I guess we'll have to wait for confirmation on that. And thirdly, the vulnerability can be fixed with one click in system preferences. I am still trying to figure out if new systems ship in an exploitable state, or if this "feature" is off by default. In any case, to protect yourself you just need to set Airport to only search and join known wireless networks automatically (instead of just joining any open wireless network within range.)

To do this, open System Preferences. Click on Networking. In Networking set 'Show:' to Airport, and on that screen set 'By default, join:' to 'Preferred Networks' (not 'Automatic'.)
- jim 8-03-2006 7:59 pm [link] [1 comment]

Mod_ext_filter is an Apache 2.0 module that pipes about to be served content through an external filter before sending it to the client. The filter can be any command line program that reads from standin and writes to standout.

This is the first time it has been an advantage for me to be running Apache 2 instead of 1.3 (where this module is not available.) I need to serve downsampled mp3s, and I don't have the room to cache them, so I'm going to try to do it on the fly using mod_ext_filter to send them through LAME. I think I can do this in better than real time, but I'm not totally sure. I might theoretically need up to 10 simultaneous downsamplings (re-encodings) at once. We'll see if the server is up to it.
- jim 8-03-2006 1:11 am [link] [add a comment]

older posts...