The Security Skeptic

Following three high profile hijackings (eBay/Paypal, ICANN, and Comcast), ICANN's SSAC began a study to determine whether domain registrars could offer additional protective measures to customers (registrants) who held high-profile, "business critical" domain portfolios. Since August, the committee has interviewed customers and registrars who have been victimized by attackers to better understand the vectors, exploits, and social engineering tactics attackers used to gain administrative control over high value domains. SSAC also interviewed registrars who offer online reputation protection services and organizations who have strong opinions regarding the types of preventative measures they feel are necessary to protect their names from theft and abuse.

I presented an interim report of SSAC's progress at the ICANN Cairo meeting. Download a copy a presentation I will give next wee at the Cairo Meeting.

Archived at http://www.securityskeptic.com/arc20081001.htm#BlogID707 by Dave Piscitello  

I've been asked this question several times recently, by Windows converts who are accustomed to defragging Windows XP drives as part of their optimization routine. My recollection from maintaining BSD for my long departed but not forgotten TIS Gauntlet Firewall on BSD lead me to conclude, "this is a BSD based system and I don't recall having to do this manually, ever, so I doubt there's value to defragging a Mac OS X partition". My instincts tell me, "this is a Mac, the nightmare stories about defragging are part of pop culture, so it's safe to assume it's not the sort of detail Apple might overlook in distinguishing Macs from PCs".

If you surf the net, you'll find a variety of claims ranging from "yes do it regularly" to "Oh my God never do this you'll screw up everything!". The truth lies between these extremes. The canonical word can be found at About disk optimization with Mac OS X.

Briefly, the support page says in most cases, defragging a drive is unnecessary. The reasons cited supporting this claim run the gamut from trite to practical to clever. The trite answer is that hard drives are very large today. Among the practical answers you'll learn that applications take advantage of the faster hard drives and better caching and simply rewrite an entire file each time rather appending data to existing files at the first convenient free space discovered. The clever answers include a delayed allocation modle for Mac OS X Extended-formatted volumes to allow "a number of small allocations to be combined into a single large allocation in one area of the disk."

The Support page does in fact lend credence to the claim " "Oh my God never do this you'll screw up everything!" It seems that Mac OS X defines what Apple calls "hot band items", a set of files that Apple writes together so that Macs can offer that zippy system startup user experience that always astonish Windows users. Defragmenting might move one of these files and this would add delay to startup.

The conclusion? Few circumstances warrant defragmenting Mac OS X.

Archived at http://www.securityskeptic.com/arc20081001.htm#BlogID706 by Dave Piscitello  

Colleague Scott Pinzon and I discuss recent phishing trends in the October 8 broadcast of Radio Free Security. We review some of the statistical trends revealed in the APWG Annual Global Phishing Report 2007, and discuss the increasing use of subdomain registries? Not familiar with subdomain registries? Listen in, read Scott Pinzon's In the war against phish, a report from the phront, and look for something in print from me shortly.

.

Archived at http://www.securityskeptic.com/arc20081001.htm#BlogID705 by Dave Piscitello