Apple once again throws us under the bus
Have you heard about what Apple’s been up to recently? Apparently, if I understand it right, they’ve been wrestling with the CIA, the Bavarian Illuminati, and the Gnomes of Zürich for top seat in the eye of the pyramid. If you didn’t catch the initial go-round of what they’re up to, they updated their privacy policy a while back to include this gem – nestled deep...
Read MoreApple: bigger problem, less excuse? Or same problem, same excuse?
Folks out there know I’ve been critical of Apple when it comes to product security. I’ve criticized Apple on two counts primarily: #1) for giving the user base (particularly the non-technical user base) a false sense of security #2) for stacking up poorly relative to the competition on response time to fix vulnerabilities What’s interesting to me about the discussion is...
Read MoreCongress demands answers on iPhone location data
Usually, I’m disappointed by how out of touch lawmakers and regulators are with technology issues. But this week, I’ve been pleasantly surprised – twice. First, the thing about the FTC cleaning up Twitter and now this: congress issues targeted questions to Apple about what they’re up to with the recent changes to their privacy statement. Personally, I can’t decide...
Read MoreApple secretly fixes problems they claim not to have
So Apple has apparently secretly patched OS X to address some Trojan-horse malware issues (HellRTS) that they’ve been having since about April or so. Basically, the malware allowed attackers basically full access to OS X machines. Now, some folks have been pretty critical of the fact that they patched this thing in secret. In my opinion, these folks have a point. It is without question...
Read MoreBehold the Poison Apple
So, Ira Winkler has a great post over at ComputerWorld called “It’s time for the FTC to investigate Mac security”. It’s pure awesomeness. The point he makes is that Apple continues to beat the drum about how they are immune to security problems, while in fact they are just as susceptible as the next OS. In fact, when you actually look at how long it takes for Apple to...
Read MoreBest and Worst Things about Apple
OK, so if you haven’t seen it, check out Silicon.com’s 10 Best Things about Apple and their 10 Worst Things about Apple. What I found particularly interesting about this is that (for the most part), these points exactly correlated with my own assessment as a Mac-owner. One minor point that I would make is to point out that “security” should probably be represented...
Read MoreApple “Vista Dude” Replaces Agent Smith as My Personal Hero
You know what’s a great affectation? An ear piece… Seriously. I’ve always liked them. I guess it’s because it’s the stereotypical “man in black” thing – like a black suit (I have one of those) or some dark sunglasses (have them too). All sorts of interesting characters sport the ear piece, which makes sense because they’re both chic and...
Read MoreMonth of Apple Bugs… Does it Matter?
So, you’ve probably noticed that the month of Apple bugs is going on even as we speak… Much like the month of browser bugs, the month of kernel bugs, and the month of Oracle bugs (which kinda petered out), the plan is to post a full month’s worth of bugs impacting Apple at a rate of one per day. Now I saw that this Apple bug thing was going on and I didn’t write about it...
Read MoreOS X still virus and adware free (according to some)
On the Security Protocols blog I came across an interesting entry today; specifically, they pointed out a Blog entry criticizing the recently-hyped “iAdware” (F-Secure’s designation) detailed by F-Secure earlier in the week. To quote from the entry: # F-Secure bear the ultimate responsibility because through their staggering pompousness and ineptitude they totally...
Read MoreCloud of Smug Centered over Apple HQ
Did you ever see that South Park episode where everyone was so self-satisfied from driving hybrid cars that a gigantic cloud of Smug formed over South Park and threatened to cause the end of the world? People were going around saying things like “I prefer to be part of the solution rather than part of the problem” and holding themselves up on a pedestal because they’re so...
Read MoreMcAfee Warning about Mac Malware
Interestingly, McAfee has decided to warn us all about the probability of malware appearing for OS X in the near future. McAfee has apparently put out a whitepaper called “The New Apple of Malware’s Eye.” The Register implies that the McAfee’s whitepaper is pretty much a hollow justification for their new VirusScan product for Mac on Intel, but there’s actually...
Read MoreThe Gigantic “Bull’s Eye” on Apple’s Forehead
You know that sweet little icon that Apple (the company) paints on their products? You know the one I mean; it’s a (usually glowing) picture of a stylized apple (the fruit) with a tiny bite taken out of it. Well, what if I told you that Apple (the company) was going to replace that icon on all it’s products with a gigantic friggin bulls-eye that says “hack me,...
Read MoreBootCamp, RebootCamp, and Virtual Security
Along with a bunch of other folks, I’ve been following the numerous discussions about Apple’s Bootcamp with a bit of interest; “dual booting” isn’t a particulary new technology for most of us, but it’s interesting nevertheless. Today, I cam across a post on Peter O’Kelly’s Reality Check that made the topic even more interesting – a technology...
Read MoreApple – they’re killing me
Today, I came across a post on Illuminata called “Apple, Enemy of Reason” discussing the Apple “Boot Camp” technology. Briefly, BootCamp allows OS X to run XP applications on Macs with Intel hardware. Most of the pro-Apple sites that I read tend to view this as a positive development… I’m just ticked cause I have a PowerPC Mac so I’m left in the...
Read MoreApple Easter-Egg Courtesy of Illuminata
OK, long story short – I just figured out that Illuminata (one of my two most favorite analyst firms) has a real bona-fide weblog called “Illuminata perspectives”. I had been subscribing to the “new articles” feed over there, but the blog is way cooler. Anyway, courtesy of them, check out the nifty Easter-egg in OS...
Read MoreOS X Challenge Wrap-up: How to waste time and not prove anything
Have you seen the Onion’s “Dolphins Not So Intelligent On Land” report? Is it just me or does this (obviously fictional) study remind anyone else of the hacking challenges going on in the OS X world the past few days: After capturing the dolphins from the ocean, Lindell and his colleagues tagged them and placed them under the intense, high-wattage lights of a moisture-proof...
Read MoreMath-Impaired Mac Security Advocates
I was reading through Security Focus “Triple Threat to Macs Largely Academic” article this morning, since it is a topic of interest to me. The article was interesting, and I found it worthwhile that the author addressed the PR aspects of the recent security issues. All in all, an interesting read. But, being a glutton for punishment, I decided to read the comments as well. I...
Read MoreMore on the Mac 0\/\/n1ng
Following up on the rm-my-mac news, this topic was picked up on the Cult of Mac Weblog. Their take on what happened? Check it out: In addition, the owner of the challenge site notes that the computer is “on a shitty wireless network.” Shitty wireless networks typically have shitty encryption. This whole thing is about as far from a test of OS X’s security as you can get. So...
Read MoreBad Publicity for Apple on the Security Front
Usually, I’m not a fan of “hacking challenges” for a few reasons: they don’t prove anything about security, they’re usually not fair, and whetever prize being offered is usually not worth the time investment. However, there is one place where hacking challenges matter: public opinion. In other words, for good or for ill, people tend to take notice when somebody...
Read MoreApple Malware Galore
There is a new piece of malware for OS X circulating this week – this time, it’s called OSX.Inqtana.A (actually that’s the SYMC designatation). The malware itself isn’t that original, isn’t that complicated, and probably won’t spread very quickly. However, according to one of the Sophos engineers the article cites: Apple Mac users need to be just as careful...
Read MoreApple Dunkin’
Remember how I’ve been saying that the security of OS X is an illusion? Well, just in case you wanted some proof, The Register has the play-by-play of a public 0//ning of a (fully-patched) OS X system. The victim, a security researcher who asked to remain anonymous, had locked down the system prior to the conference and believes that a previously unknown exploit caused the...
Read MoreOne from the vaults
You know how some people tout Apple’s OS X platform as being completely free from security issues? I’m sure you’ve seen the rhetoric: “Mac OS X… untouched by the ocean of security issues, threats, virus and worms epidemic which have become instead Windows-users daily worry and preoccupation.” -Robin Good “Viruses don’t have to be a fact of life....
Read MoreSANS and OSX
There’s been a lot out there for the diligent security practitioner to read about the Mac the past couple weeks. Adam Shostack has some great ranting over at Emergent Chaos, we’ve ranted about it here, and now even SANS is ranting about it. Usually I’m pretty critical of SANS, but in this case, my hat is off to them for finally helping to dispel the myth that Macs are somehow...
Read MoreI *heart* my Mac, but I can’t stand the Mac mafia
I came across this article this morning. It’s “Ask Leo” commenting on the security of OS X compared to other platforms. Leo himself seems pretty astute, but what really sent me over the edge were the comments; don’t get me wrong, I love my Mac – but the complete lack of sense demonstrated by the raving Mac users forces me to comment. Most of the comments are from...
Read MoreThese words taste like apples
In case you haven’t been keeping up, Adam Shostack has a series of interesting articles about the Mac this week. As a regular Mac user, I highly recommend checking these out. He started with commentary about the security ramifications of OSX86 – Apple’s impending move to the x86 architecture. He moved from there on to Apple’s handling of Quicktime ‘pay to...
Read MoreChocolate Cigarettes?
As a connoisseur of human folly, I saw the chocolate cigarettes with an iMac on it and I just had to pass it along.
Read MoreiPod’s Death-Token and the Mini-Cooper
I came across this via the Peter O’Kelly Reality Check this morning – Greg Matter : How the New iPod will lead to their self-extinction (eventually!). I’ve been keeping my eye on the iPod since it has the wicked-cool connector to the Mini Cooper but I’m waiting for the whole process to come down in price before making the move. I hope this isn’t bad news in that...
Read MoreDashboard security issue?
According to one developer, the OS X Tiger dashboard has an exploit whereby a widget can do nasty things to the underlying OS. Of course, this is all fully documented by Apple (e.g. widget.system(“rm -rf /”, null) would be nasty, but is fully permitted if the right security entry is made in the widget’s Info.plist file.) The ability to run software is not a vulnerability...
Read MoreAn Apple A Day…
According to lore, apples both “keep the doctor away” and also precipitate the fall of humankind from Eden. Which is it? The security press is no less dichotomized: Apple slapped for inferior security Apple praised for superior...
Read MoreApple’s online music coup ignites a budding industry">Apple’s online music coup ignites a budding industry
“That Apple’s store sold a million tracks in the week following its April 28 launch apparently shocked record executives, who said they would have been satisfied with a million in a month.” . . . “Singer-songwriter Janis Ian, a Grammy Hall of Fame inductee and vocal critic of her industry’s anti-piracy tactics, is thrilled by Apple’s offering. ‘You...
Read MoreTuesday September 7, 2010
Diana Kelley's profile