Mac OS X vulnerable? Trojan horse on the move

1 11 2007

Security software firm Intego is warning Mac OS X users today about a trojan horse that targets the Mac. OSX.RSPlug.A is showing up on pornography sites disguised as a movie. When someone clicks the link to watch the video clip, a Web page states that a new QuickTime codec must be installed. Opening the disk image that downloads results in the installer asking for an administrative password (which is the first serious sign of trouble); if the option to Open “Safe” Files After Downloading is enabled in Safari, the image opens automatically (you should disable that feature in Safari; see “Significant Safari Exploit Discovered,” 2007-09-07).

Once given root access, the trojan changes the computer’s DNS settings to point to phishing sites or ads for other pornography sites. Even if the DNS is reset manually, a background task added by the trojan changes the DNS again automatically.

Rob Griffiths at Macworld has written up instructions for removing OSX.RSPlug.A manually; Intego’s VirusBarrier X4 with updated virus definitions for 31-Oct-07 also identifies and removes the trojan. Griffith writes: “This is really bad. Really. And even though it’s targeted at porn surfers today, the malware could easily be associated with anything else, like a new viral video site, or a site that purports to show commercials from the upcoming Super Bowl.”

As always, the best defense against such attacks is to not install third-party software that you’re not familiar with, especially any that require an administrator password. Although the Mac has proved remarkably resilient to the threat of viruses and other malware, it’s not immune.

Advertisements




Leopard Installer – Case of the disappearing Volumes!

31 10 2007

Discussions boards are filling with reports of odd behavior with the Leopard Installer. I joined that experience yesterday with my first attempt at the upgrade.Since I have some important apps in my workflow that have yet to be declared fully Leopard compatible, I decided to wait on upgrading the primary drive in my MacBook Pro. Instead, I planned to upgrade to an external hard drive; and to begin that journey, I cloned the entire contents of my notebook to a volume on a USB 2.0 HDD.

After rebooting into the Leopard Installer DVD, I began the process of clicking through various screens. Soon, I ran into a serious roadblock: in the “Destination” screen where we choose the volume to be upgraded, no volumes appeared. Nothing. Read the rest of this entry »





Leopard crosses 2 million sales mark

31 10 2007

Apple said it sold more than 2 million copies of the latest version of its operating system, Mac OS X Leopard, since its release on Friday.

Leopard introduces new features to Apple PCs, including automatic backup, a quick way to browse and share files over multiple Macs, and a new way to see files without opening an application, the company said in a statement.





Mac OS X 10.6

30 10 2007

According to Wikipedia, Mac OS X 10.6 is the next operating system from Apple Inc., it is estimated to be released in 2009. It is speculated to possibly be named either “Cougar” or “Lynx“, as both names were also trademarked by Apple Inc. at the same time as “Leopard” and “Tiger“.

Lets just hope that atleast this OS will not be easily hacked and that it wont have any early issues.





Google Phone – may be out by mid 2008

30 10 2007

Web search leader Google Inc (GOOG.O) is expected to announce advanced software and services enabling handset makers to bring Google-powered phones to market by mid-2008, the Wall Street Journal reported Tuesday, citing people familiar with the matter.

The announcement is expected to come within the next two weeks, the newspaper reported.

No one at Google could immediately be reached for comment.

Google has moved rapidly over the past year to extend its reach beyond text-based, pay-per-click Web search advertising into a variety of new markets, including online video, television, radio and print advertising.

Google has also expanded into enterprise software, which has traditionally been Microsoft Corp’s (MSFT.O) domain.

According the Wall Street Journal, the Google-powered phones are expected to meld several of its applications, including Google Maps, YouTube and Gmail.

The ground-breaking part of the plan, according to the newspaper, is Google’s aim to make the phone’s software “open,” right down to the operating system which controls applications and interacts with hardware.

This will grant independent software developers access to the tools they need to build additional phone features, the Wall Street Journal said.





iPhone sales – Restricted by Apple

28 10 2007

Apple Inc. no longer accepts cash for iPhone purchases and now limits sales of the cell phone to two per person in a move to stop people from reselling them.

The new policy started Thursday, said Apple spokeswoman Natalie Kerris. Before then, there was no cash restriction and the purchase limit was five per person.

“Customer response to the iPhone has been off the charts, and limiting iPhone sales to two per customer helps us ensure that there are enough iPhones for people who are shopping for themselves or buying a gift,” Kerris said. “We’re requiring a credit or debit card for payment to discourage unauthorized resellers.”

More than 1.4 million units of the hybrid cell phone-iPod have been sold since it debuted June 29, according to Apple. It is expected to be a popular gift for the holidays.

Apple thinks some people already have bought multiple iPhones to resell, including those looking to modify, or “unlock,” the phones so they work on networks other than Apple’s carrier partner in the United States, AT&T Inc.

Apple estimates that buyers of 250,000 of the iPhones sold so far intended to unlock them, Apple’s chief operating officer Tim Cook said in a conference call with analysts this week.

Apple’s attempts to prevent that “unlocking” activity, which included a software update that blocked the workarounds hackers had developed, have frustrated users — and sparked two lawsuits.