Compiled by Charles Moore
and edited by
Dan Knight
- 2006.02.24
It
finally happened - the first pieces of malware aimed at Mac
OS X has made it into the wild.
Known as Leap-A, Oompa Loompa, and Oomp-A, this is a script that
distributes itself via iChat and requires the recipient to agree to
accept the file. There is no warning that this is an executable
file, and once the user accepts the file, there is no request for a
password. Leap-A uses Spotlight, and thus requires OS X
10.4.x, and it runs every time the infected machine is restarted.
When it detects iChat being launched, it attempts to spread itself
to the user's buddy list.
Inqtana-A, a proof-of-concept malware hack, distributes itself
by exploiting a Bluetooth vulnerability, so the infecting Mac has
to be in near proximity. Inqtana-A is considered a very low risk
but could pave the way for more threatening programs.
There's also a newly discovered security hole in Safari that
could compromise your Mac just by visiting a website. It looks like
the days of taking security for granted may be behind us.
PowerBook, iBook, iPod, and other portable computing is covered
in The 'Book Review. News about
Apple's transition to Intel CPUs and other Intel developments is
covered in The Macintel Report.
iPod news is covered in The iNews Review.
All prices are in US dollars unless otherwise noted.
First OS X Malware
News & Opinion
Tips
First OS X Malware
Mac Malware Attack 'a Load of Crap'
Wired's Leander Kahney says:
"Is the sky falling in on our smug little Mac universe?
"On Tuesday, there was news of a security hole in Apple's Safari
web browser that allows a system to be compromised by merely
visiting a website. And last week, the first worm to pose a serious
threat to Mac OS X, Leap-A or Oompa Loompa, raised its ugly little
head.
"These security woes prompted a rant from one of our editors in
a daily story meeting.
"Mac security-threat stories are annoying, he said, because they
play off misconceptions - held with a fervor bordering on the
religious - that the Mac platform is inherently more secure than
Windows. Not so, he insisted. Microsoft has done some stupid things
that exposed its customers to unnecessary risks compared to Mac
users. But all systems are theoretically vulnerable, so it's
inevitable that the Mac citadel will eventually be breached.
"I'm not going to be running any anti-virus
software anytime soon, just as I haven't run it for many
years."
"The Mac has had no viruses to date, he said, primarily because
of its small market share.... Now that hackers are taking more
notice, life will get harder for Mac owners. He suggested I tackle
this 'wake up call' in this column.
"Naturally, I agreed. 'You're right,' I said. 'The Mac is sure
to become a target now it is becoming more popular, and by
definition, no system is 100 percent secure.'
"So, imagine his reaction when he sees this:
"I'm not going to be running any anti-virus software anytime
soon, just as I haven't run it for many years....
"The smuggest of smug Mac users is right: the platform is more
secure, and these new security threats are no more threatening that
a paraplegic kitten."
- Editor's note: Hear!, Hear!. A refreshing breath of fresh air
amid the smog of media hysteria over the "OS X Malware
Threat." cm
Mac OS X Malware Latches onto Bluetooth
Vulnerability
The Register's John Leyden reports:
"A second strain of malware targeting Mac OS X has been
discovered days after a Mac OS X Trojan appeared on the scene. The
latest malware, Inqtana-A, is a proof-of-concept worm that attempts
to spread using a Bluetooth vulnerability.
"The worm is not spreading in the wild and uses an internal
counter that means it will expire on February 24, so it's unlikely
to ever be much of a problem. Nonetheless, Mac OS X 10.4 (Tiger)
users are still advised to make sure they're patched up in order to
guard against attack from any future worm that uses the same
exploit."
- Link: Mac
OS X Malware Latches onto Bluetooth Vulnerability
ClamXav Limitations in Fighting Malware
macattorney.com's Randy B. Singer writes:
"There have been a couple of new OS X malware threats introduced
recently, and though neither have been very widespread, or
particularly malicious, they could presage the introduction of a
number of much more virulent threats to our Macintoshes in the near
future.
"There are, of course, several really nice commercial anti-viral
applications applications for the Macintosh, such as VirusBarrier and Sophos
Anti-Virus.
However, many folks have been hoping for a free alternative to
combat malware. Something along the lines of the now
long-discontinued Disenfectant [sic].
Many Mac users have been hoping that ClamXav would fill that
niche. ClamXav is a
free OS X graphic front end of ClamAV, which is a free and opensource
UNIX toolkit, mainly used on UNIX servers as an anti-virus
application for use with Windows networks. (ClamAV is also included
with Apple's Mac OS X Server software.)
The problem with relying on ClamXav, for now, is that the ClamAV
database doesn't include definitions for all known Macintosh
malware. (For instance, it doesn't include definitions for
Opener/Renepo, or for any of the OS 8/9 viruses that can still
infect Classic running in OS X.) Part of the reason for this
is that folks in the industry won't release any new malware threats
that they encounter to anyone other than well-known established
developers of commercial anti-viral software (and probably rightly
so).
To deal with this, there is a site where users who suspect that
they have been infected with a virus or a Trojan that isn't already
in ClamAV's database can upload a sample of any file that they
consider suspicious, so that it can be inspected, and it can be
used to create a new definition to be added to the ClamAV
database.
http://cgi.clamav.net/sendvirus.cgi
Hopefully users will take advantage of this service and ClamXav
will grow to be a complete, and free, defense against all Macintosh
malware.
Randy B. Singer
Co-Author of: The Macintosh Bible (4th, 5th and 6th editions)
Routine OS X
Maintenance and Generic Troubleshooting
News & Opinion
Intel iBook, Mac mini Set to Launch?
The New York Daily News says:
"Apple Computer, maker of iPod music players and Macintosh
computers, could be adding versions of its Mac mini and iBook
laptop with Intel chips next week.
"American Technology Research analyst Shaw Wu predicted the
introduction of the computers and a new portable stereo for the
iPod after Apple sent out an E-mail invitation yesterday for a
'fun' product announcement on Feb. 28 at its California
headquarters.
"The computers may help limit lost sales as CEO Steve Jobs
switches all Macs to chips from Intel. The shares have fallen 19%
since a Jan. 13 peak, pushing the company's market value to $58.6
billion from more than $70 billion, on concern Mac sales may slow
as customers hold off purchases until the Intel transition is
complete."
- Link: Apple's
Intel Era Seen Set to Launch
Will Apple Adopt Windows?
PC Mag's John C. Dvorak says:
"The idea that Apple would ditch its own OS for Microsoft
Windows came to me from Yakov Epstein, a professor of psychology at
Rutgers University, who wrote to me convinced that the process had
already begun.
"I was amused, but after mulling over various coincidences, I'm
convinced he may be right. This would be the most phenomenal
turnabout in the history of desktop computing.
...the Apple Switch ad campaign was over, and
nobody switched.
"Epstein made four observations. The first was that the Apple
Switch ad campaign was over, and nobody switched. The second was
that the iPod lost its FireWire connector because the PC world was
the new target audience.
"Also, although the iPod was designed to get people to move to
the Mac, this didn't happen. And, of course, that Apple had
switched to the Intel microprocessor.
"Though these points aren't a slam-dunk for Epstein's thesis,
other observations support it. The theory explains several odd
occurrences, including Apple's freak-out and lawsuits over
Macintosh gossip sites that ran stories about a musicians' breakout
box that has yet to be shipped. Like, who cares?"
Editor's note: And pigs might fly! The Mac OS is the
substance and essence of the Mac. cm
- Link: Dvorak: Will
Apple Adopt Windows?
Concerns Over Intel Transition Exaggerated
Forbes' Maya Roney reports:
"Piper Jaffray research analyst Gene Munster called concerns
about the impact of Apple Computer's transition to Intel processors
on Mac sales 'blown out of proportion.'
"'There may not be significant upside to Apple estimates over
the next two quarters based on the Intel transition, but we believe
numbers are achievable and we see now as the time to get positioned
for the next peak,' wrote the analyst in a research note
Tuesday."
- Link:
Concerns Over Apple's Intel Transition Seen Exaggerated
Taiwan's Top Computer Makers to Benefit from
Apple's Sales Boom
The China Economic News Service reports:
"Thanks to the projected sales boom of Apple Computer Inc. for
this year, Taiwan's leading contract computer manufacturers,
including Hon Hai Precision Ind. Co., Quanta Computer Inc., and
Asustek Computer Inc., are expected to enjoy growing orders from
the U.S. computer giant.
"Insiders indicated that the total sales volume of Apple's
desktop and notebook personal computers (PCs) is likely to
challenge 10 million units for this year, which may help the
company return to the world's "top five computer brands" club."
- Link:
Taiwan's Top Computer Makers to Benefit from Apple's Sales
Boom
Health Concerns Limit WiFi at Canada's Lakehead
University
ITBusiness.ca's Kathleen Sibley reports:
"There are many benefits to studying at Lakehead University.
Ubiquitous wireless Internet access, however, isn't one of
them.
"That's because president Fred Gilbert won't allow it until he's
satisfied EMF (electric and magnetic fields) exposure doesn't pose
a health risk, particularly to young people.
"Gilbert, who was interviewed last week on the CBC about the
university's policy as stated in a town hall meeting last fall,
told ITBusiness.ca he based his decision on scientific literature
that indicates the potential for 'some fairly significant' health
consequences....
"Gilbert cited studies done by scientists for the California
Public Utilities Commission, whose findings boil down to the fact
that while there is no proven link between EMFs exposure and
diseases such as leukemia and brain tumours, the possible risk
warrants further investigation."
Editor's note: You have to wonder if they ask students
not to hold cell phones near their heads.... dk
- Link:
Health Concerns Limit Wireless Internet at Canada's Lakehead
University
Mac and Cello Create New Kind of Music
vnunet.com's William Eazel reports:
"An Apple Power Mac G5 and a cello are being combined to create
a new kind of musical instrument which will be premiered in London
this week.
"Although not an instrument with a new a physical shape like
digital age meta-trumpets or hyper-flutes, the cello/Mac combo
marks an evolutionary step in the use of computers for music
composition and performance.
"The instrument comprises a cello and its player, both connected
to the G5 via censors, the Apple computer and the virtual devices
encoded in its software."
- Link:
Air on a G5 String - Mac and Cello Create New Kind of
Music
Belkin CableFree USB Hub Garners Laptop
Magazine's Best of CES Award
PR: Belkin has received Laptop magazine's Best of CES
Award in the Accessories category for its CableFree USB Hub, the
industry's first USB Hub to enable wireless connectivity between a
computer and its USB peripherals. The Best of CES Awards were
chosen by Laptop magazine's editors and announced on January 9,
after the 2006 International Consumer Electronics Show (CES) in Las
Vegas.
"After meeting with legions of company reps and touring
countless booths, meeting rooms, and hotel suites, we found a few
products that shined above the rest. There wasn't a single product
that we felt was better than all of the others, but rather a few
that continue to push mobility further and innovate the ways that
we work and play." (Laptop magazine)
Belkin's CableFree USB Hub was one of eight other products
honored with Laptop's Best of CES Award. Full reviews of these
products will be available within the next few months in the print
issue of the magazine.
In early spring 2006, Belkin will offer a four-port hub and
dongle set that will enable immediate high-speed wireless
connectivity for any USB device without requiring software. The
CableFree USB Hub gives desktop computer users the freedom to place
their USB devices - such as printers, scanners, hard drives, and
MP3 players - anywhere in the room without running long cables.
Laptop users gain the freedom to roam wirelessly while still
maintaining access to their stationary USB devices.
The Belkin CableFree USB Hub continues to earn recognition since
its announcement on January 3, 2006. Other accolades include the
2006 CES Popular Mechanics' Editor's Choice Award and the CNET Best
of CES Award.
- Link: Belkin
Tips
Chart of Available Mac OS X 10.3
Software Updates
Learn about Mac OS updates available for Mac OS X 10.3 Panther
in this updated Apple Knowledge Base article:
- Link: Mac OS X
10.3: Chart of Available Mac OS Software Updates
Desktop Mac
Deals
Low End Mac updates the following price trackers every two
weeks:
For more deals on current, recently discontinued, and older
notebooks, see our MacBook Pro
deals, 12" PowerBook G4
deals, 15" aluminum PowerBook G4
deals, 17" PowerBook G4
deals, titanium PowerBook G4
deals, iBook G4 deals,
PowerBook G3 deals, and iBook G3 deals.
