I will be providing my observations and picks from this year’s MacWorld Expo. But I will not be providing live coverage of the Keynote by Jobs. For that, try the following sites:
Check back here later for my periodic reports of MacWorld.
by patrick
by patrick
I am loving Leopard and have found very few snafus since installing it almost 2 months ago. One of the great features in Leopard is the automated backup software called TimeMachine.
Like many busy computer users, I am quite lax about doing backups on a regular basis. It usually takes a catastrophic loss of data to remind me that I should’ve been doing backups. A lesson learned the hard way.
But TimeMachine handles this for me now. I connect an external USB drive to my machine and, once every hour, TimeMachine does an incremental backup of my hard drive
by patrick
There are a fair number of predictions this year for MacWorld Expo 2008. They begin each year in December, then reach a fever pitch in the weeks before the expo. I won’t go over all of the predictions and rumors I’ve come across, but I will offer here a few of the more interesting ones I’ve seen.
MacBook Tablet
This rumor has been made on several sites, each with an interesting take on what form this tablet will take. Common to all the predictions is that is will be small (13″), thin, and a tablet. Here is an interesting video of what form it might take:
Next Gen iPhone
The other rumor I am particularly fond of is the unveiling of the next generation iPhone. Among the most important features of this new iPhone will be 3G wireless technology and the unshackling of its service to the AT&T network. Also, look for some interesting new apps to be introduced for the iPhone.
Mid-Range Mac Desktop
This last rumor is also one I’ve been wishing for: a mid-range, easily upgradeable desktop Mac position between the iMac line and the Mac Pro line. This should be at a price point that makes it attractive for the PC switchers.
See you at MacWorld!
by patrick
It’s pretty well known by now that ZDNet is the CNN of tech reporting. Basically, they’re one big infomercial for the highest bidder. I usually don’t bother with these things. But Dignan’s posting of December 18 is a really good example of yet another MicroSoft shill’s take on the disaster that is Windows Vista.
He uses this handy little Terrorist-Threat-Color-Coded table to show that Mac OS X users should arm themselves and hide under their beds waiting for the impending doom:
Even assuming that these numbers represent anything close to reality, one has to wonder if Dignan recognizes the very significant distinction between a vulnerability and an exploit. We should expect these kind articles to continue from establishments like ZDNet, given that MicroSoft is taking a major hit in Vista sales because it’s not only buggy, but it presents some very real security concerns.
One of the many responses to this posting summed it up quite well when he labeled the article a classic Tu Quoque:
“Tu Quoque is a very common fallacy in which one attempts to defend oneself or
another from criticism by turning the critique back against the accuser. This is a
classic Red Herring since whether the accuser is guilty of the same, or a similar,
wrong is irrelevant to the truth of the original charge. However, as a diversionary
tactic, Tu Quoque can be very effective, since the accuser is put on the defensive, and
frequently feels compelled to defend against the accusation.”
Carry on…
by patrick
Apple just released a big old pile of patches for the security-burdened Leopard and Tiger operating systems. Among the addressed problems:
- Address Book
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution - CFNetwork
Impact: Visiting a malicious website could allow the automatic download of files to arbitrary folders to which the user has write permission - Core Foundation
Impact: Usage of CFURLWriteDataAndPropertiesToResource API may lead to the disclosure of sensitive information - Desktop Services
Impact: Opening a directory containing a maliciously-crafted .DS_Store file in Finder may lead to arbitrary code execution -
Flash Player Plug-in
Description: Adobe Flash Player is updated to version 9.0.115.0 to address CVE-2007-5476.
Further information is available via the Adobe site at http://www.adobe.com/support/security/advisories/apsa07-05.html
Credit to Opera - GNU Tar
Impact: Extracting a maliciously crafted tar archive could overwrite arbitrary files - iChat
Impact: A person on the local network may initiate a video connection without the user’s approval - IO Storage Family
Impact: Opening a maliciously crafted disk image may lead to an unexpected system shutdown or arbitrary code execution - Launch Services
Impact: Opening a maliciously crafted HTML file may lead to information disclosure or cross-site scripting
Impact: Opening an executable mail attachment may lead to arbitrary code execution with no warning - Mail
Impact: SMTP accounts set up through Account Assistant may use plaintext authentication even when MD5 Challenge-Response authentication is available - Quick Look
Impact: Previewing a file with QuickLook enabled may lead to the disclosure of sensitive information
Impact: Previewing a movie file may access URLs contained in the movie - Safari
Impact: Visiting a malicious website may result in the disclosure of sensitive information - Safari RSS
Impact: Accessing a maliciously crafted feed: URL may lead to an application termination or arbitrary code execution - Samba
Impact: Multiple vulnerabilities in Samba - Shockwave Plug-in
Impact: Opening maliciously crafted Shockwave content may lead to arbitrary code execution - SMB
Impact: A local user may be able to execute arbitrary code with system privileges - Software Update
Impact: A man-in-the-middle attack could cause Software Update to execute arbitrary commands - Spin Tracer
Impact: A local user may be able to execute arbitrary code with system privileges - Spotlight
Impact: Downloading a maliciously crafted .xls file may lead to an unexpected application termination or arbitrary code execution
Get a look at Apple’s full descriptions of issues and fixes at their site: Security Update 2007-009
