2007.07.27 Daily Security Reading

Security Evaluation of Apple’s iPhone (pdf)

The iPhone’s applications for surfing the web and checking emails are potentially at risk to remote attacks. We wanted to determine exactly how well the software on the iPhone was designed to resist such attacks.

Anti-(Anti-Malware) Malware detects if in VM environment and reboots

By detecting virtual machines and changing the behavior, malware authors make analysis more difficult – an AV researcher either has to run the malware on physical machines, modify the virtual environment he’s using to prevent detection or manually analyze the malware.

BIND 9 DNS Cache Poisoning

The paper shows that BIND 9 DNS queries are predictable i.e. that the source UDP port and DNS transaction ID can be effectively predicted.