I swear it’s only a couple of weeks since I downloaded iPodderX, and already it’s moved from a bare-bones version 1.1 to a nifty, svelte and fanciable 2.something. Download it now.
Yesterday I spent a happy morning piecing together a story for eWeek, on a malicious script which has been found lurking around the Internet. The script itself is, as my story made clear, not a true virus and it poses little threat. In order to progagate, you need to tell it your Admin password – although to run it, you don’t.
As is usual, I checked the story this morning for comments, and I find this one, from a certain “martincase”:
I went and looked at that script and it really does pose a threat to anyone STUPID ENOUGH to ignore the 100 or so lines of comments that tell the user EXACTLY WHAT THE SCRIPT DOES and to then go ahead and download it, run it and give it your ADMIN PASSWORD. It’s a good thing we have irresponsible journalists like you to alert us all to the danger of running this script on our computers! What’s your next big story? APPLE’S MAC OS X INCLUDES TRASH CAN – USERS “AFRAID FOR THEIR DATA” Any reporters interested in actually looking at the script before writing about it could follow the link from the original macintouch.com post like I did.
Well, excuse me for breathing. I replied with something accurate and measured, when to be honest what I wanted to do was write “Hey, Martin, how about you read the story before you vent? And how about you meet some users in the real world, who will happily click on anything labelled ‘Britney Spears – NUDE!’? And while you’re at it, how about you learn a bit about security? And talk to your doctor about Prozac, because my friend you REALLY need to CALM DOWN AND STOP USING CAPS!!”
There’s a certain kind of arrogant, dumb computer user who thinks that everyone in the world can read a shell script and understand what it’s doing. Combine this with the kind of stupidity that makes you think that because it’s running Unix it’s automatically secure, and you have a problem. Add in a measure of Apple fanaticism, and you have a recipe for complacency and, sooner or later, disaster. Macs ARE more secure than Windows out of the box. But that doesn’t mean they can’t have malware written for them, and sooner or later someone is going to package up something nasty. And because people like “martincase” are mouthing off telling their friends that Macs are immune to malware, Mac users who listen to the fanboys are going to get hit, badly.
Ain’t blogging great? Not only can bozo’s like “martincase” have their say, we journalists can have our say back!
The Cult of Mac Blog writes about the rather nasty little Opener malware that’s been found for OS X:
“There’s no means for Opener to spread, and no way for it to infect a machine remotely.”
It’s worth noting that this strictly isn’t true. Opener will, according to the original Macintouch report, copy itself to any mounted volume, presumably including servers. It also turns on File Sharing and puts a copy into each user’s Public (shared) folder. Another user opening one of these copies would, if they put in their admin password, be infected themselves. So while Opener has nothing like the kind of exploit that spread Sasser, it does have a crude method of spreading.
Jon “Hannibal” Stokes contines his excellent series entitled “PowerPC on Apple: An Architectural History, Part II over at Ars Technica. Essential reading for chip nerds.
Somewhere over to your left, you’ll see a big orange button for LiveMessage alerts. What this allows you to do is a get a message sent to your MSN Messenger whenever I update. Neat, eh?
Larry Seltzer has a good piece on why Google Desktop Search Doesn’t Threaten Security. However, I’ve found that Google Desktop does threaten one thing: my sanity. It’s the first piece of software I’ve found in quite a while that can reduce the performance of my laptop to a crawl at a single stroke, thanks to its large-scale background activities.
Of course, my laptop isn’t all that powerful – a 1GHz Centrino with 512MB of RAM. And of course, it’ll be better once it’s done all the necessary indexing of pre-existing files. But on a laptop, I don’t want to leave it on overnight to do it. So, for me at least, it’s bye-bye Google Desktop.
The outfit that puts the chips in the music player has no profits, lacks a contract with Apple, and may face competition. Expect a hot IPO.
Apple has updated both its iBook and Xserve ranges, as well as introducing a new single processor Power Mac G5. All good stuff, although it’s missed a trick with the low end 12 inch iBook: given that this is likely to be the main machine for a lot of students, a 30GB drive is not enough.
Storage requirements have done a flip of late: low end users are much more likely to have vast amounts of MP3 files than business users, taking up lots and lots of drive room. I wouldn’t recommend anything less than 80GB for a home user these days. Upgrade that iBook to 512MB of RAM and an 80GB drive and it goes from £749 – a nice deal – to £929, which makes it look less of a bargain.
David Coursey: ‘Podcasting’: Is It Just Noise?
Joe Wilcox has a good piece on Debunking JPEG FUD, showing how the recent news that there’s malicious JPEG’s out in the wild has been somewhat overplayed. In my own story for eWeek about it, I noted that if you’re using Norton Anti-Virus and keeping your definitions up to date, you have no need to worry about this one at all. However, make sure you keep an eye on this one: my colleague Larry Seltzer, in a follow up story, notes that Symantex has discovered another wild malicious JPEG out there.
(Via Microsoft Monitor.)