Jun 25 2004
Many of you are enjoying the recently released Camino v0.8, but are unhappy with its current lack of AutoFill capabilities. As a small suggestion, I recommend using this small bookmarklet, available over at efritz.net. Just set it up and add it to your Bookmarks Bar. The next time you see a form, just click on the bookmarklet and watch the form magically fill in with all of your information.
Note:
By admin • General News, hax0r, News • Comments Off
May 19 2004
If you browse the internet (since you read this, that means you), watch out for the latest OS X exploit. It seems to only be a problem in Panther. The help: protocol can be abused to launch AppleScripts. Why is this bad? Terminal commands can be called from AppleScript. In other words, simply visiting a web page can do serious damage. A proof of concept (harmless, but scary) is located here. What can you do? Download an application like More Internet or GURLfriend and remap the help protocol. If you have any tips, please leave a comment.
Update: NetNewsWire might also be affected, though it is rare you would subscribe to a feed that wants to erase your hard drive.
Note:We have not yet seen this exploit used in the field to cause damage, but you should still take the matter seriously. Especially if you frequent web pages that you have not been to before or are not run by responsible publishers.
By admin • General News, hax0r, News • Comments Off
May 12 2004
Intego, the company who tried to trick Mac users into buying their product by talking up a possible exploit that was never actually exploited, is at it again. Today a press release crossed the wires warning users of another “trojan horse” that is simply an AppleScript with the icon of Microsoft Office’s installer. If you download Microsoft Office (from a Warez site?) and it’s only 100K, odds are it is not Microsoft Office. The said AppleScript (that Intego is calling AS.MW2004.Trojan just to sound like they know what they are talking about) deletes your home folder.
Moral of the story? If you have a file that you don’t know where it came from, check the file type (command-I). Don’t waste your money on some faux security software.
Note:
By admin • General News, hax0r, News • Comments Off
