ITunes | Bach Seat

Tag Archive for ITunes

RB | March 19, 2012

Packet Pushers Podcast

Now that Spring has magically erupted here and I no longer have to white-knuckle my daily commute thru ice and snow and rain sometimes in the same drive, I can starting listening to the Packet Pushers Podcast’s again. The podcasts help me keep my tech info up to date as I get more deeply involved in the business side of IT. It is also good to hear global opinions on tech.

On the podcast, they talk about routing, switching, security, firewalls, data center, and industry trends in a round table format. According to the website, topics can be “deep-dived” where they focus on practical technology issues, or they sometimes review the latest announcements from vendors and discuss the technologies.

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: 2012, ITunes, Networking, Packet Pushers Podcast, Podcast

RB | November 22, 2011

7 comments

Apple OS X Security Update

The magical virus-proof Apple operating systems have had a rough couple of weeks. Apple (AAPL) released security updates for OS X Lion and Snow Leopard, iOS, Numbers for iOS, and Pages for iOS. UK-based security company Sophos says that the OS X patch addressed 75 known vulnerabilities. Most of the vulnerabilities could lead to arbitrary code execution, while others lead to denial of service or privilege escalation. The bug fix weighs in at a whopping 880MB with recovery download.

Next Apple released a gargantuan update to iTunes for Windows that fixes 79 vulnerabilities. Sophos reports that the patch fixes 73 holes that could cause remote code execution in WebKit, used to render HTML content. Other fixes resolve remote code execution bugs.

Despite the huge patches, cyber-criminals have figured out how to disable the rudimentary anti-virus protection XProtect Apple has built into Mac OS X by enhancing an existing trojan horse Flashback. The Flashback trojan leaves the Mac vulnerable by preventing XProtect from receiving security definition updates. Sophos makes the point that Mac malware writers are eager to infect Apple computers because of the potential financial rewards.

The Mac malware authors are not resting on their laurels. Within days, of spotting Flashback in the wild, Sophos reported that Tsunami, a new backdoor trojan horse for Mac OS X, had been discovered. Sophos indicates that the new Mac malware may be a port of Kaiten, a Linux backdoor Trojan horse that uses an IRC channel for instructions.

Code like this is used to commandeer compromised computers into a DDoS (distributed denial-of-service) attack, flooding a website with traffic. ESET notes that as well as enabling DDoS attacks, the backdoor can enable a remote user to download files, such as more malware or updates to the Tsunami code. The malware can also execute shell commands, giving it the ability to essentially take control of the affected Mac.

Only a few more days passed before the DevilRobber (Miner-D) Mac OS X Trojan horse was discovered. DevilRobber was embedded in hacked versions of Mac OS X image editing app GraphicConverter version 7.4 distributed via file-sharing torrent sites such as PirateBay. Miner-D tries to generate Bitcoins, the currency of the anonymous digital cash system, by stealing lots of GPU (Graphics Processing Unit) time. GPUs are better than regular CPUs at performing the mathematical calculations required for Bitcoin mining.

Sophos reports that in addition to Bitcoin mining, Miner-D also spies on its victim by taking screen captures and stealing usernames and passwords. In addition, it runs a script that copies information to a file called dump.txt regarding truecrypt data, Vidalia (TOR plugin for Firefox), Safari browsing history, and .bash_history. To complete the assault – if the malware finds the user’s Bitcoin wallet it will also steal that.

DevilRobber was recently been updated according to F-Secure researchers. F-Secure researchers point out that the newly discovered Trojan is the third iteration of the malware and that it poses as the popular image-editing app PixelMator.

Help Net Security says this version of DevilRobber has new features that the original version is lacking. It tries to harvest the shell command history, the system log file, and the contents of 1Password, the popular software for managing passwords. Unfortunately, its Bitcoin mining and stealing capabilities are still there, as well.

rb-

So despite Apple’s continued instance that their machines do not need anti-malware software, standard malware prevention techniques apply to Macs. Clearly, Mac users like their Windows cousins should practice safe computing. Some of the safer computing practices for Mac and Windows users include

Never open an email attachment unless you are POSITIVE about the source.
Do NOT click on any pop-up that advertises anti-virus or anti-spyware software especially a program promising to provide every feature known to humanity.
Use an AntiVirus program. A free one is better than none. There are several free versions that work well, like Microsoft Security Essentials which is also free has had good reviews.
Keep your OS and AV updated. Make sure that you install those important updates. An out-of-date antivirus program does not help in detecting new infections.
Use a personal firewall. Use a firewall between your DSL router or cable modem and the computer will protect you from inbound attacks. A software firewall on the computer can protect you from both inbound and outbound attacks.
Do NOT download freeware or shareware unless you have must. These often come bundled with spyware, adware, or fake anti-virus programs. Be especially wary of screensavers, games, browser add-ons, peer-to-peer (P2P) clients, and any downloads claiming to be “cracked” or free versions of expensive applications.
Avoid questionable websites. Some sites may automatically download malicious software onto your computer.
Browse responsibly. Sometimes you might not even have to download and install something but just open a website in your browser for a rogue program to infect your computer. So be careful where you go when you are browsing.
Pay attention to your incoming e-mails. Some of them can contain viruses or content pointing to malicious sites. Don’t click on links provided by false institutes that invite you to change passwords or similar.
“Phishing” describes scams that attempt to acquire confidential information such as credit card numbers and passwords by sending out e-mails that look like they come from real companies or trusted people. If you happen to receive an e-mail message announcing that your account will be closed, that you need to confirm an order, or that you need to verify your billing information, do not reply to the e-mail or click on any links. If you want to find out whether the e-mail is legitimate, you can go to their website by directly typing their address into your browser or by calling them.

Related articles

Tsunami Trojan: First Mac attack based on Linux crack (go.theregister.com)
New Mac OS X malware with DDoS functionality spotted in the wild (zdnet.com)

Category: Uncategorized | Tags: 2011, AAPL, Apple, Bitcoin, Bitocin mining, F-Secure, GraphicConverter, IOS, ITunes, Mac OS, Security, Sophos, Trojan Horse

RB | July 2, 2011

Comments Off

AccountKiller KO’s Online Accounts

AccountKiller.com says it is a website dedicated to helping social network users reclaim their personal data. The website helps users reclaim their personal data by explaining and ranking social networking sites. The website explains how to delete online accounts and ranks them by how hard it is to reclaim your personal information.

AccountKiller provides instructions to remove your account or public profile on most popular websites, including Skype, Facebook, Microsoft (MSFT) Windows Live, Hotmail, MSN, Twitter, Google (GOOG), and many more.

The creators of AccountKiller have also created a blacklist of sites that do not allow their users to reclaim their online account information. According to the website a black-listed site indicates it’s probably impossible or highly difficult to get rid of your account. Among the sites AccountKiller has blacklisted are:

The grey-listed sites may cost you some irritation or effort – but it should be possible to terminate your online accounts says AccountKiller. These sites will require you need to send a mail to the site, send a message using a webform or even call them to recover your personal information.

The creators of AccountKiller say that social media sites purposely make it difficult or even impossible to delete your account for two reasons. First, because they are profiting from their users’ data. These sites are in the business of ~~data~~ customer retention. Alternatively, they suggest that these developers may simply be ignorant, lazy, or incompetent, i.e. not being able to create some account deletion function.

rb-

Kudos to the creators of AccountKiller, I now recommend this site to anyone who has questions about these social networking sites. It is time for social networking sites to provide transparency into their real business model, data collection, otherwise, there could be a social networking bubble.

What do you think?

Do you know how to get out of your social networking sites? Can you?

News Corp finally sells MySpace (pakistannewsupdate.wordpress.com)
Burglars scan social network sites (autonetinsurance.co.uk)

Apple (AAPL)

Category: Data protection | Tags: 2011, Facebook, FB, GOOG, Google, Groupon, ITunes, Microsoft, MSFT, MSN, Online Communities, Skype, Social media, Twitter, Wordpress

RB | June 29, 2011

Comments Off

Richard Dreyfuss Reads the iTunes EULA

CNET asks why are end-user license agreements (EULA) and terms of service so long and convoluted. In order to find out, they asked Academy Award winner Richard Dreyfuss to help them understand by doing a dramatic reading of the Apple (AAPL) EULA.

Remains of the Day: iCloud Brings Music DRM Back to iTunes [For What It’s Worth] (lifehacker.com)

Category: Uncategorized | Tags: 2011, AAPL, Academy Award, Apple, Business, EULA, ITunes, Richard Dreyfuss, Software license agreement

RB | June 20, 2011

Comments Off

Tablet Notes

iPad sold three million units in the first 80 days after its April 2010 release. Its current sales rate is about 4.5 million units per quarter, according to Bernstein Research. This sales rate is blowing past records. iPad is outselling iPhone and the DVD player, the most quickly adopted non-phone electronic product.

Apple iPad Will Fail in the Enterprise

the Apple (AAPL) iPad would ultimately fail in the enterprise. That is what Andy Lark, Dell‘s (DELL) global head of marketing for large enterprises and public organizations told CIO Australia.

… longer term, open, capable and affordable will win, not closed, high price and proprietary [Apple has] done a really nice job, they’ve got a great product, but the challenge they’ve got is that already Android is outpacing them.

Apple is great if you’ve got a lot of money and live on an island. It’s not so great if you have to exist in a diverse, open, connected enterprise; simple things become quite complex.

Mr. Lark claimed Dell had taken an enterprise approach toward tablet PCs. This approach will ultimately give Dell an edge. Dell has a major stake in Microsoft Windows and the desktop PC market. “We’ve taken a very considered approach to tablets, given that the vast majority of our business isn’t in the consumer space,” he said.

The cost of Apple products was another deterrent to iPad deployments. Dell’s Lark claims that the economics on a fully loaded iPad did not add up. “An iPad with a keyboard, a mouse, and a case [means] you’ll be at $1500 or $1600; that’s double of what you’re paying,” he claimed. “That’s not feasible.”

Despite the company’s history with Microsoft, it had embraced both Windows Phone 7 and Android operating systems “…Our strategy is multi-OS,” Lark said. “We will do Windows 7 coupled with Android Honeycomb, and we’re really excited. We think that giving people that choice is very important.”

Outlook on the iPhone and iPad

Help has arrived for Apple (AAPL) iPhone and iPad owners who need access to their Microsoft (MSFT) Outlook e-mail. AppScout says users can check their email even when they don’t have an Internet connection.Pst Mail from Arrow Bit is an iPad app that provides offline access, potentially saving money on the user’s data plan. With the app, you can carry around a year’s worth of messages with you. Pst Mail can interact with the Mail app on your iPhone or iPad to reply to or forward messages. It can also open pst files created with any version of Microsoft Outlook.

AppScout says to find messages in large pst files, Pst Mail includes an advanced search feature. You can search by sender, recipient, subject text, message body, or even attachment name. You can also limit the search to a particular time frame. The developers offer a free lite version of the app in the iTunes Store, which has all the same features as the full version but is limited to the number of messages a user may open in each folder. The full version costs $9.99 in the iTunes app store.

GoToMyPC: iPad App

Citrix (CTXS) has launched an Apple (AAPL) iPad version of GoToMyPC, a remote desktop application that lets you log in to your computer and control it on the go. Up until recently, you needed a PC to log in to a remote PC using the service. But the iPad app lets you do it anywhere you can get an internet connection on an iPad.

Mobilputing says GoToMyPC is hardly the first app of its type for the iPad. LogMein, TeamViewer, Parallels, and Splashtop all offer similar apps. But the GoToMyPC app has tight security features including 128-bit AES encryption, user authentication, and dual passwords, oriented for business.

Apple Sued Over Apps Giving Information to Advertisers

Apple (AAPL) and Apple app developers have been sued over the collection and sharing of user data with outside companies (which I wrote about here). Two suits were filed in the Northern District of CA against the iPhone and iPad manufacturer. Apple is named in Lalo v. Apple, 10-5878.

Lalo seeks class action and claims that iPhones and iPads are encoded with identifying devices that allow advertising networks to track what applications users download, how frequently they’re used, and for how long. “Some apps are also selling additional information to ad networks, including users’ location, age, gender, income, ethnicity, sexual orientation, and political views,” reports Bloomberg’s BusinesWeek.

According to Wired the second suit, Freeman v. Apple seeks both monetary damages and a court order to stop the profiling by app makers being sued are Pandora and Dictionary.com, Toss It, Text4Plus, The Weather Channel, Talking Tom Cat, and Pimple Popper Lite.

Hi-Res iPad 3 coming this year? (Report) (chatootsboots.wordpress.com)
The Most Clever Use Of The iPad’s Smart Cover We’ve Seen Yet (AAPL) (businessinsider.com)
“iPad3,1? and “iPad3,2.” make an appearance in iOS 5 (9to5mac.com)

Category: Uncategorized | Tags: 2011, AAPL, Android, App Store, Apple, Citirx, CTXS, Dell, GoToMyPC, Hardware, iPad, iPhone, iPod, ITunes, Law suit, Microsoft, MSFT, Outlook, PST Mail

« Older Entries

S	M	T	W	T	F	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30

Bach Seat

Tag Archive for ITunes

Related articles

Related articles

Related articles

Meta