• Explore the magic and the mystery!


  • Listen to The Tech Night Owl LIVE

    Last Episode — August 24: Gene presents a regular, tech podcaster and commentator Kirk McElhearn , who comes aboard to talk about the impact of the outbreak of data hacks and ways to protect your stuff with strong passwords. He’ll also provide a common sense if unsuspected tip in setting one up. Also on the agenda, rumors about the next Mac mini from Apple. Will it, as rumored, be a visual clone of the Apple TV, and what are he limitations of such a form factor? As a sci-fi and fantasy fan, Kirk will also talk about some of his favorite stories and more. In is regular life, Kirk is a lapsed New Yorker living in Shakespeare’s home town, Stratford-upon-Avon, in the United Kingdom. He writes about things, records podcasts, makes photos, practices zen, and cohabits with cats. He’s an amateur photographer, and shoots with Leica cameras and iPhones. His writings include regular contributions to The Mac Security Blog , The Literature & Latte Blog, and TidBITS, and he has written for Popular Photography, MusicWeb International, as well as several other web sites and magazines. Kirk has also written more than two dozen books and documentation for dozens of popular Mac apps, as well as press releases, web content, reports, white papers, and more.

    For more episodes, click here to visit the show’s home page.

    Mac Malware Revisited

    April 12th, 2012

    Back in the early days, Mac users confronted a moderate level of malware infections. I remember one occasion when I visited a local software store — back in Edison, New Jersey — and bought a screen saver from a reputable publisher. The floppy was infected, however. I didn’t have anti-virus software at hand, and had to reformat my Mac IIcx’s drive and reinstall everything. Well, it was only weeks after I bought the computer. I didn’t have much to reinstall, so the restore process wasn’t as intimidating as it might have otherwise seemed.

    In passing, I quickly discovered the value of security software, and download an shareware app, called Virus Detective, which I used until the author, Jeffrey Shulman (no relation to the famous poker player by the way), give it up. The computer store took back the infected floppy and refunded my money, with abject apologies.

    Not long thereafter, my employer, a graphic arts studio in New York City, encountered a virtual avalanche of floppies infected by a so-called desktop virus called WDEF. This was back in the early 1990s.

    Of course, Mac viruses paled into insignificance compared to what happened on the Windows platform over the years, until Microsoft began to clean up their act. With the arrival of Unix-based Mac OS X, it was felt that Macs couldn’t possibly be infected by malware, and millions of Mac users were more or less lulled into a sense of security.

    But a lot of things have happened in recent years. The arrival of Apple’s mobile gadgets has turned the company into a worldwide powerhouse, with a market cap ahead of all other companies on the planet. Anything Apple does gains worldwide headlines, so one expects it would only be a matter of time before Internet criminals look to Macs to spread their misery. The fact that Mac sales are growing faster than Windows sales these days only makes the platform even more appealing.

    Most Mac malware outbreaks, though, have consisted of so-called Trojan Horse apps, which masquerade as something real but, when installed, have the potential to take over your system. Last year, lots of Mac users paid money for a fake anti-virus app called MAC Defender (also known by other names), which presented itself on a site that claimed to have discovered the presence of malware after allegedly scanning your Mac. The app, after claiming to remove the non-existent virus, did nothing further — other than take your money in license fees of course.

    Apple updated security definitions in recent versions of OS X to guard against that particular malware outbreak.

    But the most threatening malware of all first appeared last September as a Trojan Horse, a fake Flash-based player app labeled as Flashback. The most recent iteration, a so-called “drive-by download,” has reportedly infected over 600,000 Macs worldwide according to some estimates. By “drive-by,” I mean you visit a site that hosts Flashback, and it will infect unprotected Macs by exploiting a security leak in Java.

    The end result is that the infected Macs can be taken over and become part of a large bot network that could spread spam and even more malware. Not a pretty picture.

    Last week, Apple updated Java for Snow Leopard and Lion to fix the security leak that made Macs susceptible to Flashback. It doesn’t, however, actually remove the malware if it’s already there. But the major virus protection apps, such as Intego’s VirusBarrier, have long since been updated to guard against Flashback. Intego, by the way, was perhaps the first company to discover the existence of Flashback.

    After saying nothing for a while, Apple has since posted a support document at their site that explains what Flashback is all about, and how to get the Java security update. On Thursday, Apple released yet another Java security update, this one designed to rid infected Macs of Flashback, and disable the “automatic execution of Java applets.” In working with ISPs to take down the servers causing the outbreak, Apple apparently also tried to bring down a server run by a security software publisher, Dr. Web, which was designed to measure the extent of the infection. Talk about the laws of unintended consequences.

    It’s good to know Apple finally recognizes the seriousness of Flashback and is taking steps to wipe it off infected Macs. But it may also be a case of trying to close the barn doors after the cows have left. Up till now, Apple has played down the potential for Mac malware. While support documents will guide you on how to protect yourself, and they even mention security software as a possible solution, most Mac users aren’t being actively informed about the dangers. A false sense of security isn’t going to protect you from possible infection.

    Now since most Mac malware has so far arrived in the form of a Trojan Horse, being careful about what you download and where is usually enough to keep you safe. But a drive-by infection can just happen. You visit the wrong site, and the vulnerability can be exploited in a matter of seconds without your direct intervention. You aren’t even presented with a request for your system password.

    Now some suggest you just turn off Java in Safari (it’s in the app’s preferences, under Security). The steps of disabling Java from other browsers is more complicated, and you need to read the Help menus. But don’t confuse Java with Javascript. The latter is simply a scripting language that allows a site to display dynamic content. If you turn it off, some of the nifty features on those sites, such as the ability to post a message almost instantaneously in our forums, will be deactivated.

    For most of you, living without Java isn’t such a big deal. Few apps use it these days, but some Web-based conference tools and interactive chat rooms require Java. So if you see the coffee cup icon on a site that you want to visit, and you’re sure it’s a safe site, you may just want to turn Java back on. Meantime, I do hope Apple takes this malware outbreak as a wake-up call to become more proactive about protecting Mac users. They’ve taken positive steps in OS X, but more needs to be done.


    Does the World Need a Larger iPhone?

    April 11th, 2012

    Along with reports that there will be an iPad mini some time in our near or distant future, there’s yet another report — equally unconfirmed — that has it that the next iPhone must be the long-awaited total redesign. Since Apple is redesigning the thing, why not a larger screen?

    Now in today’s smartphone market, the present iPhone, with a 3.5-inch display, must seem strikingly diminutive. It fits easily in one’s pants or shirt pocket. With all those Android smartphones — and the Nokia Lumia 900 with the Windows Phone OS — sporting larger screens, I suppose some of you might feel Apple is somewhat behind the curve.

    Perhaps this is part of the bigger, better syndrome. More power, bigger screens, must all combine to yield a superior customer experience. There’s even a 13-inch tablet on the market, part of the Toshiba Excite family, although that size kinda defeats a fair amount of the portability factor. But I suppose it looked good in the company’s PowerPoint presentations.

    Unfortunately, Consumer Reports — ever deficient in understanding how to properly review tech gear — has validated the value of smartphones with bigger displays. Some of those models were rated equal to or better than the iPhone 4s in a recent feature, regardless of other considerations, such as the usability of the OS. CR is only considering perceived touch response and little else.

    So what is the iPhone 5 — if that’s what Apple chooses to call it — going to be like? I suspect Apple might be forced kicking and screaming into avoiding the specter of a possible iPhone 4GS, simply because they already got hammered by ill-informed tech pundits over the 4S. So the chatter has it that the next iPhone revision will mean a new case with an aluminum backing similar to the unibody on Mac note-books. Apple’s compromise on the display size front would be to reduce the borders of the screen, keep the size of the unit only a tad larger than it is now, and go to a 4-inch screen.

    I’m sure you realize that a new display size has the potential to cause difficulties for iOS developers who only have to consider the four schemes now: The iPhone with and without the Retina Display, and the new and old iPad with similar setups. A different aspect ratio would be a non-starter.

    One possible solution is for Apple to simply keep the screen resolution as it is now. That way, developers don’t have to change a thing. The Retina Display would still be technically a Retina Display, but only if you hold the iPhone several inches farther from your face.

    The theory sounds good enough. You tend to hold a portable gadget with a larger display farther away from your face anyway, so the text would seem about as sharp and clear as it does now. Perhaps other enhancements in the panels Apple uses would provide superior eye-popping impact as well. It seems a worthy compromise, and Apple wouldn’t necessarily be kowtowing to the industry trends that accommodate several screen sizes ranging from 4.3-inches up to five inches.

    Now I suppose the critics will demand that Apple deliver a larger iPhone, for otherwise they are in danger of falling behind the intensifying competition. Published reports that AT&T might invest as much as $150 million to advertise the Lumia 900 might be another reason for Apple to believe that some sort of response is necessary.

    At the same time, it’s well known that Apple regularly experiments with different sized products, and will only put a new model into production if it passes suites of internal quality and usability testing. No, Apple doesn’t play the focus group game, but surely their product designers will understand the value of different form factors, and what might get the best reception from customers. It’s predicting what the customer will like that puts Apple head and shoulders ahead of most tech companies.

    But the ultimate question is this: Will Apple really deliver an iPhone with a larger screen? Does it make sense, or is 3.5 inches quite enough for most customers? Doesn’t the media realize that Apple never played the model proliferation game?

    From my not-so-humble point of view, yes I’d like to see a 4-inch iPhone, and I don’t think I’d find the larger pixel size a significant negative at a normal viewing distance. There are times when I chafe at the smaller screen of today’s iPhone and grab an iPad to perform some sort of task. But I also appreciate the fact that the existing model is quite portable, and handling a larger device might just be inconvenient. As I said, the iPhone 4s fits nicely into a regular pants or shirt pocket. I realize pockets are of different sizes, but I find it just about right for my left pocket, which shares a wallet. If the iPhone were just a bit larger, it would be awkward to remove in a rush to answer a phone call.

    The convenience issue is certainly only one consideration that Apple must evaluate as it finalizes design of the next iPhone. Will the display be a little larger? I may be totally wrong about this, but I think it will be.


    The AT&T is Dumb Report

    April 10th, 2012

    AT&T has at last updated their policy about refusing to unlock iPhones, and thrown their customers a bone. A very small bone. The new policy only partly echoes the unlocking methods used by their main competitors in the U.S.: Sprint and Verizon Wireless. The iPhone is also available, or becoming available, with several smaller regional carriers, and they will have varying policies about such matters.

    But AT&T’s new plan still reeks of paranoia. If your two-year contract for the iPhone has expired, no problem. If the contract hasn’t expired, you have to pay the early termination fee to get the thing unlocked. While encouraging, it’s still stupid with a capital “S.”

    Now consider why most people want their phones unlocked. Take, for example, my son, Grayson. Several years ago, he moved to Madrid. Obviously, he’d have to pay a bundle to AT&T to use his vintage Motorola RAZR outside of the U.S., even with the pathetic plans offered by AT&T, at least while the contract was in force. But they agreed to unlock his phone. When he returns to the U.S., he’s on their network. When he’s at home, he can plug in a different SIM and take advantage of whatever plan he can get from a local carrier. Actually, he uses a low-cost Nokia smartphone, since AT&T wouldn’t let him unlock an iPhone for travel.

    In a small part, I understand AT&T’s reluctance. They pay a premium price to Apple for every iPhone, and they only make a profit if you use most of your two-year contract. But AT&T still doesn’t get it. Consider the plight of someone who has to travel overseas on occasion. They aren’t leaving AT&T. They just need a way to be able to use their iPhone in another country without having to pay exorbitant global connection rates. They plan to return, so AT&T is not losing a customer.

    So wouldn’t it make sense for AT&T to agree to unlock an iPhone free of charge with your agreement that you only need to use a different carrier temporarily? If you fail to return to the AT&T network in a timely fashion, they can charge you that early termination fee, although that’s still an absurd maneuver, even if the corporate accountants may believe it’s necessary.

    But the real solution is rather more logical. AT&T and other wireless careers should, themselves, make deals with overseas telcos to allow you to travel almost unrestricted around the world and pay a modest sum for calls and data. These carriers are just looking now for short-term profits, gouging the customer rather than offering a sensible solution to a fairly common problem.

    Sure, you can jailbreak your iPhone and unlock it yourself, if you are willing to take the risk and suffer from a possible voided warranty. But why?

    I would think that anything lost from offering a cheap overseas calling and data bundle would be more than compensated for by volume. Not to mention keeping your customers happy, which may be an obsolete concept in this day and age.

    Yes, I suppose you could just pay full price for an iPhone, so it’s not tethered to a specific carrier. Maybe you prefer it that way, so you can turn off one plan and switch to another depending on where you might be at any given point in time. For a world traveler, it might even make sense. If you can afford all those travel bills — unless you’re bicycling your way through Europe and have no spare cash — you can probably afford to pay upwards of $600 for that unlocked iPhone.

    However, the carriers only have themselves to blame for this sad state of affairs. Yes, I understand why most of you would prefer to get a subsidized iPhone real cheap now, and pay for it over time as part of your long-term wireless contract. That’s the reason why so many millions have gotten iPhones. If you were forced to pay three times the price, would Apple be selling tens of millions of copies every quarter? Yes, I realize you do have to pay full price for wireless handsets in some parts of the world.

    The larger question, however, is why wireless carriers so seldom consider the customer in coming up with lamebrain policies of this sort. That old adage, “The customer is always right,” has become an obsolete cliche. The MBAs who run those wireless carriers are devoted to enticing you to buy a phone, any phone, and sign up with that long-term contract. After that, they stop caring, unless you fail to pay your bill of course.

    What’s more, the inability to understand why you might need to unlock your wireless handset from time to time is only one problem. Consider all those people buying Android OS smartphones who will never, ever, be able to upgrade the OS because the carrier won’t let them. Whatever you think about the iPhone’s competitors, they should be able to take advantage of the latest and greatest features of their chosen OS, and get critical security updates.

    So AT&T, by throwing us a crumb, still doesn’t realize we deserve the whole slice of bread.


    Newsletter Issue #645: A Few Offhand Observations About the New iPad

    April 9th, 2012

    Leave it to Apple to keep us talking about them. Even the name of the third generation iPad became fodder for lots of discussion. Why not call it iPad 3 and be done with it? But, no, Apple chose instead to employ the Mac model, and use the generic product name, regardless of the revision. So you have, for example, the most recent iMac, which may be called iMac (Mid 2011). What this means is that we must call it iPad (third generation) I suppose.

    Until next year, when Apple might just upset the applecart and use yet another type of product designation, and no, not the new new iPad. Just so long as we continue to talk about it, as I’ve just done, I’m sure Apple will relish in the free publicity.

    But now that the initial furore has died down, it’s time to take a more thorough look at how the latest and greatest iPad stacks up compared to its predecessor. I won’t concern myself with other tablets, since I don’t think there are any out there that match Apple except for superficial specs. That’s why, except for the cheap 7-inch Amazon Kindle Fire, it remains an iPad market.

    Continue Reading…