It’s 2010! Can you ruddy believe it!?
From everyone here at the International Mac Podcast, we want to wish all our amazing readers, listeners and now viewers (thanks to Keaton) the best year and let’s hope for you it is a fantastic year.
Thank you so much for making 2009 great for us and we have so much more to come in 2010 as we grow more and more.
I am pleased to announce that after several weeks of development, a month or two of beta testing, and another month of sitting on my rear, doing nothing, IMP for iPhone has been submitted to the App Store and is in review. We’re hoping that we can get this approved as quickly as possible to get it out to you people. So, keep your eyes peeled, and we’ll even let you know when it’s out.
If you’re in the US, and reading this in time to take advantage of it, let me congratulate you on being very dedicated to your RSS feeds. It is clear that you really deserve what I am about to reveal.
So what am I babbling about? One simple word: 1Password. Here’s another to get you excited: free. Now, here are some about the offer’s limitations: Thanksgiving day only.
You only need two things, besides the 1Password free trial. A Mac, which you almost certainly have, and a friend with a licensed copy of 1Password who has not already given away their free licenses. (more…)
We haven’t had a security update in quite some time from Apple, and now we get two important ones at once, a bit like busses I guess! If you have an iPhone, an iPod Touch, or a Mac, you should probably update your software as soon as possible. Some of the vulnerabilities which have been patched are rather nasty. If you’re interested in all the gory details you can see the details of both updates here and here. For a short summary and some analysis (I use the word loosely), keep reading.
Yesterday Apple released security update 2008-005 which was supposed to fix the DNS flaw I recently complained about Apple not having fixed yet. Well, it appears that Apple only half-fixed the problem. Yes, they have fixed the BIND DNS server in OS X, but in reality that only protects X-Serves running a DNS server. Sure, regular OS X ships with the BIND DNS server installed, but it’s not on by default, and almost no one turns it on. What we all use all the time is the stub resolver that’s part of OS X, and that’s what Apple didn’t fix. This means that regular Mac users are still not protected from this DNS flaw while just about everyone else is.
One of the things I really love about OS X is its Unix underpinnings. Under the hood we get all the *nix tools and utilities I’ve come to know and love. Printing with CUPS, remote shell with OpenSSH, Windows sharing with SAMBA, web publishing with Apache, and so on and so forth. This gives OS X great power, but it also places a great responsibility on Apple. Just like with any other software, vulnerabilities surface in open source programs. In general the open source community is very responsive to security issues, and patches are released quickly. Those patches protect those who update, but they leave those who don’t even more vulnerable. The reason for this is that the patches can generally be reverse engineered, making it easy for the bad guys to attack un-patched machines. In order to keep OS X secure Apple need to push out patches in the open source components in OS X to users as quickly as possible. This is where Apple fall down, they are notoriously slow at getting patches out.
A few weeks back I posted about how there was a major flaw in DNS and how the details were being kept secret to give everyone time to patch. I did say that it would be a matter of when this got out, and not if. When turns out to be today. Details of the flaw were accidentally published on a blog and then un-published but once information gets out onto the net it’s out. There’s no way to put that genie into the bottle. I was able to find the details of the flaw, so if I can, the bad guys certainly can!
If you haven’t done so already, go to www.doxpara.com and click the button to check your DNS server:
Should the test fail, you need to do two things. Firstly you need to switch your DNS service to a safe service such as the free OpenDNS. Once that’s done you’re safe, however a few poor ISPs block DNS to all servers but their own so if you’re very unfortunate you will be unable to protect yourself. Secondly you need to contact your ISP to complain. It is not acceptable that hey are being slow about something as big as this. If they don’t give you a good response consider switching ISP. If they are not competent enough to keep their servers patched do you trust them?
