Tag Archives: Exchange

Lately, we have seen some really bad vulnerabilities in regards to SSL (Heartbleed) and Bash (later dubbed “Shellshock”), along with some slightly “lighter” linux/open source ones.

In September of this year, Google first discovered a fallback attack for SSL v3.0, and they wrote published a paper on it: https://www.openssl.org/~bodo/ssl-poodle.pdf.
Today, it was officially confirmed that SSL version 3.0 is no longer secure, and thus, it is no longer recommended in client software (ex: web browsers, mail clients, etc…) or server software (ex: apache, postfix, etc…).
This was dubbed the “POODLE” vulnerability, and given CVE-2014-3566

A “POODLE attack” can be used against any website or browser that still supports SSLv3.
Browsers and websites need to turn off SSLv3 as soon as possible in order to avoid compromising sensitive/private information. Even though a really small percent of servers/browsers are vulnerable (mozilla estimates 0.3% of the internet), that is quite large in the total number of users.

How can I check if my browser is Vulnerable?
The guys at dshield setup this nice browser check: https://sslv3.dshield.org:444/index.html For checking your browser, use: https://www.poodletest.com

Poodletest was first mentioned to me by Curtis Wilcox.
Continue Reading →OpenSSL – SSL 3.0 Poodle Vulnerability

Let me preface this with the fact that, you just can’t do this unless your iphone is jailbroken. For the non-curious, stop reading here.

This one came about as I was recently forced at work to switch from using the Unix email system to the hosted Exchange solution, in order for our calendars to be centrally accessible by everyone. Details aside, after adding my exchange to my iPhone (since I am trying to keep my blackberry off BES), I realized that the color schemes absolutely suck. From somewhere, it decided that purple was the best color, and I couldn’t change it. After aimlessly searching through the Calendar.app on the iPhone for a color changing option, I came to the realization that there was no way to do it. Luckily, my iphone was jailbroken, and there are plenty of ways to do this with a little background work. I found this amazing article: http://chriscarey.com/wordpress/2009/02/10/how-to-modify-iphone-calendar-colors-with-sqlite3/

To summarize it, in case the article disappears:

Start by ssh-ing into your phone

One tip that I can give, if you don’t have sqlite3 on your iphone (which you wouldn’t by default), is to scp the file to your computer, apply the changes, and scp it back to the iPhone.

Here are the RGB Values for the Standard Colors:

Red = (181,0,13)

Orange = (229,98,0)

Green = (47,141,0)

Blue = (15,77,140)

Purple = (103,10,108)

So, with the line:

I was able to make my default calendar (the Exchange one) RED — which portrayes the “important” notion and it’s easily visible.

Hope this helps everyone who is trying to accomplish this. Don’t forget to close and re-start your Calendar.app. If you don’t have a jailbroken iPhone, you can change your non-exchange calendars by syncing them to the iCal app, and changing the color back, and syncing them.