Mozilla has released Firefox 6.0.2 to remove additional DigiNotar-issued SSL certificates. According to a Mozilla blog post, DigiNotar, the Dutch certificate authority that was used by an Iranian hacker to issue fraudulent SSL certificates, also issued some certificates used by the Dutch government. The Dutch government’s initial assessment indicated that those certificates were still trustworthy, so Mozilla exempted them from Firefox 6.0.1’s removal of DigiNotar root certificates. After an audit of DigiNotar, the Dutch government rescinded that initial assessment of trust, so Mozilla has now removed all DigiNotar certificates from Firefox. Google has updated Chrome (which happens automatically), and Apple has now released Security Update 2011-005 to protect Safari users (it’s also possible to excise the DigiNotar certificates from your base keychain if you’re not yet in a position to apply Apple’s update). Firefox users should update to 6.0.2 to avoid the real-world exploits based on these fraudulent certificates. (Free, 28.1 MB, release notes)
Improve Apple Services with AirPort Base Stations
You can make iChat file transfers, iDisk, and Back to My Mac work better by turning on a setting with Apple AirPort base stations released starting in 2003. Launch AirPort Utility, select your base station, click Manual Setup, choose the Internet view, and click the NAT tab. Check the Enable NAT Port Mapping Protocol (NAT-PMP) box, and click Update. NAT-PMP lets your Mac OS X computer give Apple information to connect back into a network that's otherwise unreachable from the rest of the Internet. This speeds updates and makes connections work better for services run by Apple.