Archive for OS X

Android, Windows 7 & OS X “Leak” Location Data

Posted in Commentary with tags , , , on July 4, 2014 by itnerd

If you have an Android phone and you are interested in your privacy, then you should read this story. According to the Electronic Frontier Foundation, the Preferred Network Offload feature in the Android OS extends battery life which is good. But it also leaks location data which is very very bad:

The preferred network offload (PNO) feature, found in Android versions from Honeycomb (Android 3.1) onwards, allows devices to connect to wi-fi networks while in low power in order to extend battery life. The feature prioritises less power-hungry wi-fi connections over cellular connections.

But the feature is broadcasting a list of the 15 most recent wi-fi networks the device was connected to even while the device is in sleep mode, the EFF found, meaning anyone within wi-fi range of the device is able to access the connection history and map the user’s recent physical location.

“Wi-fi devices that are not actively connected to a network can send out messages that contain the names of networks they’ve joined in the past in an effort to speed up the connection process,” the EFF found.

The good news is that this is in the process of being fixed:

The offending code is the open source wpa_supplicant application which is used by Android to manage wi-fi, the EFF said. It said Google yesterday submitted a patch to the application which fixed the issue, ahead of Google integrating the fix into the downstream Android code.

“We take the security of our users’ location data very seriously and we’re always happy to be made aware of potential issues ahead of time. Since changes to this behavior would potentially affect user connectivity to hidden access points, we are still investigating what changes are appropriate for a future release,” Google told the EFF.

The bad news is that other OSes have this issue. Namely OS X from Apple and Windows 7 from Microsoft. Those will have to be fixed at some point. But to protect yourself, the EFF suggests that you either turn off “keep wi-fi on during sleep” in device’s wi-fi settings (assuming the device has such a feature) or manually clear the network history to remain secure.

 

Leave a comment »

Apple Hires Ex Microsoft Security Expert To Beef Up OS X

Posted in Commentary with tags , , on December 10, 2012 by itnerd

I’ve been very critical of Apple in the past because it hasn’t taken security seriously. That seems to be changing. Apple Insider is reporting that ex Microsoft security hacker Kristin Paget is now an Apple employee:

When employed by Microsoft, Paget worked alongside a small team of hackers tasked to find security holes in Windows Vista before the OS was released to the public in 2007, reports Wired. The group apparently found so many flaws that Vista’s launch date was pushed back while fixes were put in place.

According to her LinkedIn profile, as of September Paget is listed as being a “Core OS Security Researcher at Apple” based out of Cupertino. Previously, she held the position of chief hacker at security firm Recursion Ventures, but said in June that she wanted to find a job building “security-focused hardware.”

Well. It’s good to see Apple finally take security seriously. Lord knows that with threats like Flashback that it’s days of being secure by being obscure are surely numbered.

Now if Oracle will step up to the security plate to fix all the holes in Java…

1 Comment »

An Update To My Issue Regarding Updating My Wife’s Mac Mini to OS X 10.8.2

Posted in Commentary with tags , , on November 26, 2012 by itnerd

Frequent readers will recall that my wife got a new Mac Mini a couple of weeks ago and I had an issue updating to OS X 10.8.2. I did some research and found this thread on the Apple Support Communities regarding this issue. It seems that there was a specific update for the new Mac Mini and MacBook Pro 13″ with retina display. What I’ve found out since then is the following:

  • That update was apparently pulled due to some problems with the update. This site references problems with the HDMI port, but there’s nothing definitive as to a reason.
  • The Apple Support Communities thread that I referenced earlier makes mention that there’s an update coming this week to fix that.
  • There is a update that came out for those who have already installed the 10.8.2  update. But it seems to address Keychain related issues and not the HDMI problems that I mentioned earlier.

Also of note is a suggestion by many on the Internet to find a copy of the update and install it as is still apparently floating around some non-Apple sites. I would strongly suggest that you not do that. You’re likely going to be introducing issues that may not be fixed easily. Though Apple’s silence is far from cool, it’s a safe bet that they’re working on this and some sort of fix will appear. So I would suggest waiting for that fix.

Having said that, it seems beyond bizarre that the owners of Apple’s latest and greatest hardware can’t install the latest bug and security fixes. Apple really needs to address this sooner rather than later.

Leave a comment »

Java On Macs Starts To Transition From Apple To Oracle

Posted in Commentary with tags , , on October 20, 2012 by itnerd

This week there were two seperate updates to the Apple supplied Java that’s on most Macs. But what was interesting was the fact that the updates actually removed something. If you’re running Lion or Mountain Lion, any versions of Java before version 7 gets removed automatically. If you’re running Snow Leopard, the update will configure Web browsers to not automatically run Java applets.

Now why would Apple do that? Oracle now supplies Mac users with Java. Thus it makes sense for Apple to exit from the responsibility of having to update something it doesn’t make. Therefore if there’s another Flashback Trojan, Apple can always point the finger at Oracle. Interesting strategy. But it doesn’t make OS X any safer. That’s really what matters. It would be really nice if security was the focus rather than optics.

Leave a comment »

Review: OS X Mountian Lion – Part 3: My Impressions

Posted in Uncategorized with tags , , on July 30, 2012 by itnerd

So I’ve used OS X Mountain Lion for almost a week now and my impressions of it are very good. It’s not any faster, but Apple didn’t say it would be. So that’s fine. Having said that it feels like Apple spent a lot more time and effort than they did with Lion to make it feel polished. And to boot, it’s fixed a couple of annoying bugs that I had with Lion. For example, VNC connectivity under Lion quite frankly sucked. It had some serious problems in terms of VNC clients connecting to a computer that have been well documented. Those have thankfully been fixed. Finally, Mountain Lion hasn’t broken any of my apps. Thus this is a no brainier upgrade. If you’re running Lion, upgrade today. That’s right, don’t bother waiting for the bug fixes to appear. Don’t bother being conservative. Join the three million or so people who have already upgraded. You’ll be glad you did.

Microsoft, the bar has been set pretty high. Let’s see if your Windows 8 OS is up to the challenge.

1 Comment »

Review: OS X Mountian Lion – Part 2: The New Features

Posted in Commentary with tags , , on July 28, 2012 by itnerd

I’ve used OS X Mountain Lion for almost two days now. There’s over 200 new features in this release of OS X. There’s no way I can cover them all. But here’s the key ones that you should care about:

  • If you have an Apple TV on your HDTV, then you can mirror the display of your Macbook to the TV over WiFi. The iPad has had this feature for some time so why not every other Apple product? There’s a problem though, you have to have the hardware to run it. Here’s the list of hardware that works with this feature:
    • iMac (mid-2011 or newer
    • Mac mini (mid-2011 or newer)
    • MacBook Air (mid-2011 or newer)
    • MacBook Pro (Early 2011 or newer)
  • Notification Center makes an appearance in Mountain Lion. A rather plain graphic added to the upper-right corner of your desktop’s toolbar: three parallel lines, the one in the center slightly shorter than the other ones. Click it and a panel opens up on the right. You can see everything from Tweet replies to e-mails. Facebook will be added later this year. Any notifications that you see are subtle and they can be tweaked in the control panel.
  • iChat is dead. Long live Messages. If you’re used to it on your iPhone, it works the same way in Mountain Lion. Text, video, it’s all there.
  • Game Center that has been in iOS for some time is now in Mountain Lion. There’s only a handful of games in there at the moment and currently there’s nothing that will make me want to dump my copy of Steam.
  • There’s more integration between the App Store and the OS. Click on Software Update and the App Store opens up for example. Clearly Apple wants you to use the App Store for your software needs.
  • There’s a bit more security in Mountain Lion. Gatekeeper is a new feature that keeps you safe by letting you know when apps do something that you may not like. It will even step in and stop an app from running if your security preferences are set to keep it from running. That may be good, that may be a sign of increasing control from Apple. Maybe both. We’ll see how that works.

In the next part of my review, I’ll give you my impressions of the OS and wrap things up.

Leave a comment »

Review: OS X Mountian Lion – Part 1: The Install

Posted in Commentary with tags , , on July 26, 2012 by itnerd

Normally, I don’t install any new OS the second it comes out. I usually wait until the first few bug fixes or service pack in the case of Windows comes out before diving in. That changed last night when I dropped $19.99 to get OS X Mountain Lion onto my MacBook Pro. It’s only available from the App Store and once you pay your money it starts a download of 4.3 GB. Make sure you’ve got a fast connection or that will take a while. Once that’s done it will start an installer that will do three minutes or work and then reboots your computer. The install then continues for the next 40 minutes or so and then there’s another reboot. At that point you’ve got Mountain Lion. Sound familiar? It’s basically the way you got OS X Lion last year. It’s clean and and simple. Anyone can do it.

Now, having had the OS installed for 24 hours I can say that I have not had any problems thus far. All my apps work and I haven’t had to re-learn anything the way I did with Lion. That’s a good thing. I can also say that it fixed a few annoyances that I had with Lion. More on that later.

The next part of this review will cover the new features that are part of this OS.

Leave a comment »