Google Chrome updated to 25.0.1364.172

Posted by:
Date: Wednesday, March 13th, 2013, 07:08
Category: News, security, Software

google-chrome-logo

Hey, take an update where you can find it.

On Wednesday, Google released version 25.0.1364.172 of its Chrome web browser. The update, a 48.8 megabyte download, adds the following fixes and changes:

– This release contains stability improvements, and a new version of Adobe Flash.

Google Chrome 25.0.1364.172 requires an Intel-based Mac with Mac OS X 10.6 or later to install and run. If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Adobe releases Flash Player 11.6.602.180

Posted by:
Date: Wednesday, March 13th, 2013, 07:37
Category: News, Software

An update’s an update.

Late Tuesday, Adobe released Flash Player 11.6.602.180 for Mac OS X, a 16.9 megabyte download via MacUpdate as a pre-release beta. The new version adds the following fixes and changes:

Fixed Issues:
– Loading of telemetry.cfg causes performance problems on page refresh(3506936).

– Opera browser crash(3488141).

– Flash Player crash due to integer overflow(3475889).

New Features:
Memory intrinics: To enable memory intrinics two changes are required:
– Produce the memory op codes by changing the compiler
– Expose the appropriate APIs through playeglobal.swc to leverage these opcodes

Graphics Data Query:
– Improved permissions UI for full screen keyboard access.

– Multiple SWF support(iOS).

– Setting device specific Retina Display resolution(iOS).

– Updated File API following App store guidelines(iOS).

– HiDpi support for FlashPro.

Adobe Flash Player 11.6.602.180 requires an Intel-based Mac running Mac OS X 10.6 or later to install and run.

If you’ve tried the new Flash Player and have any feedback to offer, please let us know in the comments.

Dropbox 2.0.0 released

Posted by:
Date: Tuesday, March 12th, 2013, 11:27
Category: News, Software

A nifty thing has just hit version 2.0.0.

On Tuesday, Dropbox released version 2.0.0 of its cloud-based storage client for Mac OS X. The new version, a 26.1 megabyte download (via MacUpdate), which adds the following fixes and changes:
– Fix a bug where discrete graphics would be enabled on OS X laptops.

– Add support for Brazilian Portuguese.

– Other small fixes.

Dropbox 2.0.0 requires Mac OS X 10.4 or later to install and run.

If you’ve tried the new beta and have any feedback to offer, please let us know in the comments.

Microsoft releases Office 2011 14.3.2, Microsoft Office 2008 12.3.6 updates for Mac

Posted by:
Date: Tuesday, March 12th, 2013, 09:17
Category: News, Software

On Tuesday, Microsoft released its Microsoft Office 2011 14.3.2 update. The update, a 118 megabyte download, adds the following fixes and features:

– This update fixes critical issues and also helps to improve security. It includes fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer’s memory with malicious code.

Microsoft Office 2011 14.3.2 requires Mac OS X 10.5.8 or later to install and run.

The company also released its Office 2008 12.3.6 update, a 219.9 megabyte download (via MacUpdate), which offers the following fixes and changes:

– This update fixes critical issues and also helps to improve security. It includes fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer’s memory with malicious code.

Microsoft Office 2008 12.3.6 requires Mac OS X 10.4.9 or later to install and run.

AMD announces upcoming Richland chips, boasts new features, no word as to whether they’ll find their way into Apple products

Posted by:
Date: Tuesday, March 12th, 2013, 08:50
Category: Hardware, News

amd_logo_27739

There’s no guarantee that they’ll be in the next MacBook Pro or MacBook Air that you buy, but there’s cool AMD stuff on the horizon.

Per Engadget, AMD has announced that it’s planning to release a fresh batch of low-power APUs just 11 months after Trinity. Known as “Richland”, this generation won’t be vastly different at the silicon level, as it’s built on the same 32nm process as Trinity, has the same number of transistors and offers very similar compute performance in terms of raw GFLOPs. However, there are some noteworthy upgrades in attendance, including a move to Radeon HD 8000M graphic processors, which are claimed to deliver a 20-40 percent increase in “visual performance” in higher-end models, plus power-saving tweaks that should provide over an hour of additional battery life while watching 720p video.

The top-end quad-core A10-5750M is claimed to beat a laptop Core i7 by over 50 percent in terms of 3DMark performance, and even a dual-core A6-5350M is said to have a 20 percent advantage. There’s no sign of any all-round computing benchmarks, however, or even real-world gaming frame rate comparisons, so it’ll be up to later benchmarking efforts somewhere down the line.

Richland should arrive in regular-shaped notebooks (with TDPs between 20 and 35 watts) starting next month, while ultra-thin notebooks (17 watts or less) and desktop parts should get here by the summer. By then, we’ll be a lot closer to the launch of AMD’s Kaveri APUs, which are to due to ship before the end of this year and should represent a more radical leap than Richland. And in the midst of all this, there’s also Intel’s upcoming Haswell architecture, which is set to debut sometime this year.

Stay tuned for additional details as they become available.

Security firm Skycure illustrates possible hacking attacks through iOS’ use of Provisioning Profiles

Posted by:
Date: Tuesday, March 12th, 2013, 07:41
Category: iOS, iPhone, News, security, Software

In the words of assorted security analysts, Apple may be setting itself up for a malware fall thanks to its Provisioning Profiles.

Per The Next Web, while iOS users have been relatively safe from malware on their devices, researchers from security company Skycure say they’re concerned about a feature of iOS that could be used by malicious actors to read information, passwords and even encrypted data from devices without customers knowledge. They’ve detailed the new vulnerability in a presentation at the Herzliya Conference and a company blog post.

It’s worth noting at the beginning that Skycure’s product, still in development, is a mobile firewall with a cloud component designed to secure devices against attacks just like these. This isn’t all that unusual, though, as many security firms like Sophos and Intego produce research reports along with consulting and security products.

Provisioning Profiles (mobileconfigs) are small files installed with a single tap on iOS devices. They essentially function as instruction lists which can alter many settings, including network configurations and they’re used by thousands of companies around the world including app developers, corporations with IT departments and more.

Their use is officially approved by Apple and there is nothing innately malicious about any given profile. But, if put to the right uses, they do open up the ability to read usernames and passwords right off of a screen, transmit data that would normally be secure (over HTTPS) to a malicious server where it can be read and a lot more.

In a demonstration, Skycure’s CTO Yair Amit and CEO Adi Sharabani sent the author to a website where a link was offered. A provisioning profile was presented, installed and led to a screen that looked a lot like a phishing attempt, which requires an action on the part of a user in order to infect or grant access to a hacker.

After the profile was installed, Sharabani demonstrated that he could not only read exactly which websites the author had visited, but also scrape keystrokes, searches and login data from apps like Facebook and LinkedIn. To be perfectly clear, this is not a vulnerability within iOS, instead it uses standardized frameworks to deliver a profile that has malicious intent.

iOS has typically been far more secure than other platforms because of its heavy use of curation on the App Store, but also because it has been built from the ground up to use sandboxing. This means that apps are cordoned off, unable to reach outside of their data box or to affect any other apps that have not given them explicit permission to do so.

Provisioning Profiles step outside of that protection and can do things like route all of a victim’s traffic through a third-party server, install root certificates allowing for interception and decryption of secure HTTPS traffic and more.

Sharabani provides a couple of scenarios by which people could be convinced to install what seems like a harmless provisioning profile, only to be a victim of a traffic re-routing attack:

– Victims browse to an attacker-controlled website, which promises them free access to popular movies and TV shows. In order to get the free access, “all they have to do” is to install an iOS profile that will “configure” their devices accordingly.

– Victims receive a mail that promises them a “better battery performance” or just “something cool to watch” upon installation.

The attacks, Sharabani stated, can be configured to use a VPN, APN proxy or a wireless proxy (WiFi), so just because you’re not on a WiFi network doesn’t mean that the profile can’t send your traffic to a third-party. This also means that (unlike a VPN, where there is an indicator in your status bar), you could also be affected by the hack without your knowledge. Of course, you would still have had to install a profile in the first place.

For the third attack scenario, Skycure came up with a list of cellular carriers that ask clients to install a special profile that configures their device to work with that network’s data servers. Of course, those sites could end up being compromised to deliver corrupted profiles, but it’s bound to be harder to do if it’s the carrier’s own servers doing the distribution.

As of now, no evidence has been found of a Provisioning Profile attack in the wild. And, to be extremely blunt once again, you are not at risk at all if you don’t install any profiles to your device, period. And if you have to, make sure that those profiles are from a trusted source and are verified. You should also only download and install profiles from ‘secure’ HTTPS links.

The disclosure of the issue, Sharabani says, is really about raising awareness, rather than starting a panic. While the attacks can be powerful and harmful, the Provisioning Profile attack, much like phishing, relies on user ignorance. Just as you wouldn’t type your password into a page provided as a random link, don’t install profiles from websites that you don’t know and avoid them completely if at all possible.

Because of the deep integration of Provisioning Profiles into the workflows of IT departments and other companies, it’s unlikely that they’ll be going away any time soon. So the best defense for now is knowledge and care.

Stay tuned for additional details as they become available.

Lawmakers drafting bipartisan bill that would allow for cell phone unlocking after contract terms have been met

Posted by:
Date: Tuesday, March 12th, 2013, 07:30
Category: iPhone, Legal, News

Well, maybe SOME aspects of the government sort of work.

Per AppleInsider, U.S. Senator Al Franken and members of the Senate Judiciary Committee have introduced bipartisan legislation that would allow users to legally unlock their smartphone once their contract subsidy has concluded.

The Democrat from Minnesota announced on Tuesday that the “Unlocking Consumer Choice and Wireless Competition Act” would restore an exemption to the Digital Millennium Copyright Act and allow users to unlock their cell phone once their contract expires.

Joining Franken were Judiciary Committee Chairman Sen. Patrick Leahy (D-Vt.), Judiciary Committee Ranking Member Sen. Chuck Grassley (R-Iowa), Sen. Orrin Hatch (R-Utah), and Sen. Mike Lee (R-Utah).

The senators defined the bill as a “narrow and common sense proposal” that they believe will promote competition and improve consumer choice.

The bill was prompted by a Library of Congress ruling made in late 2012 that determined cell phone unlocking would be removed as a legal exemption from the Digital Millennium Copyright Act. As of Jan. 26, 2013, unauthorized unlocking of all newly purchased phones became illegal. “This bipartisan legislation will quickly allow consumers to unlock their current phones instead of having to purchase a new one.” — Sen. Al Franken

“Right now, folks who decide to change cellphone carriers are frequently forced to buy a new phone or risk the possibility of criminal penalties, and that’s just not fair for consumers,” Franken said. “This bipartisan legislation will quickly allow consumers to unlock their current phones instead of having to purchase a new one. I support this commonsense solution to save consumers money.”

Last week, President Barack Obama’s administration also came out in support of legalizing the unlocking of cell phones and tablets. Their endorsement was given in response to a White House petition created by Sina Khanifar, which to date has received nearly 115,000 signatures.

Khanifar said he frequently travels from Europe to San Francisco, Calif. Those international trips have made cell phone locking not only a nuisance, but also a financial burden.

“Anyone who travels internationally, and most people do at some point, you won’t be able to take your cell phone with you,” he said. “Trying to use it with the existing roaming fees that carriers charge is almost impossible because they’re so exorbitant.”

The proposed Senate bill would alleviate those issues for consumers like Khanifar. A similar bipartisan bill is also expected to be introduced in the House of Representatives this week.

“It just makes sense that cell phone users should be able to do what they want with their phones after satisfying their initial service contract,” Hatch said. “This bill reinstates that ability, while also ensuring that copyrights are not violated.”

Stay tuned for additional details as they become available.

Some 15-inch MacBook Pro Retina users report fan issues, SanDisk SSDs could be part of problem

Posted by:
Date: Monday, March 11th, 2013, 07:29
Category: Hardware, MacBook Pro, News

Well, God invented firmware fixes for situations like these…

Per Geek.com, a number of complaints has emanated from owners of Apple’s 15-inch Retina MacBook Pro regarding overactive fans. The issue has been noted in our forums and is the subject of a lengthy thread in Apple’s discussion forums. From one report:

“My first instance of runaway fans was under the lightest of conditions, having only one browser open only a few tabs and a cool computer. The fact it was cold is what is so alarming. Out of nowhere the fans spun up to a roar, stayed there for a few minutes, then decelerated back down to idle. Every so often this happens, usually daily, and it’s horribly annoying on a high quality well engineered computer.
From the list of reports flowing in, users suspect that Apple’s recent shift to using SanDisk solid-state drives in the Retina MacBook Pro may have something to do with the issue, although it is likely a software issue rather than a hardware one.”

Apple support staff have offered mixed responses to the issue, with some customers receiving replacement machines while others have been assured that the behavior is normal. If the issue is indeed a software one as is suspected, Apple should be able to fix it relatively easily with an update pushed out to owners of the affected machines, but it is unclear whether Apple is working on a fix at this time.

Stay tuned for additional details as they become available and if you’ve seen this issue on your end, please let us know in the comments.

Mozilla VP confirms that Firefox won’t be ported to iOS until Apple relaxes web browser stipulations

Posted by:
Date: Monday, March 11th, 2013, 07:12
Category: News, Software

elfirefox

If you were hoping to see Firefox on your iOS browser, it might never happen.

Per CNET, Mozilla vice president Jay Sullivan was quoted as saying that Firefox will not be coming to iPads and iPhones until Apple decides to loosen the restrictions governing browsers iOS.

The comments, which came at a South by Southwest Interactive panel on Saturday. Sullivan says Apple’s current rules — which forbid browsers that do not use Apple’s version of WebKit — make it so that Firefox cannot build the browser it wants to for Apple’s platform.

In addition to the WebKit requirement, iOS prevents users from setting any non-Safari app as the default means of handling browsing. Apple’s Mobile Safari is the top mobile browser according to industry reports, with about 60 percent share of all mobile browser usage.

Mozilla pulled its Firefox Home app from Apple’s App Store in September of 2012. The company isn’t working on an iOS version of Firefox and, according to Sullivan, doesn’t have any plans to do so.

Another member of the panel, Dolphin Browser’s David Dehgahn, lamented Apple’s policy as inhibiting competition.

“Competition is critical to our survival,” Dehgahn said. Sullivan and Mike Taylor from Opera Software — which recently released a WebKit-based version of Opera for iOS — agreed, saying that giving consumers browser choice was necessary in order to move the mobile web forward. Users suffer, they said, under Apple’s closed system.

CNet’s report says that the panel’s moderator then performed a quick poll of the audience, asking how many of them were suffering being largely limited to Safari. Very few hands were raised.

Stay tuned for additional details as they become available.

AT&T cites support for unlocking handsets provided conditions are met

Posted by:
Date: Friday, March 8th, 2013, 13:17
Category: iPhone, News

attlogo

This might make things easier.

Per TechHive and AT&T’s company blog, in the wake of efforts being made by consumers, politicians and the the top librarian at the Library of Congress to permit unlocking your own mobile phone is a violation of the Digital Millennium Copyright Act (DMCA), AT&T has gone on the record to state that the company won’t impede these efforts and will assist where possible.

“I want to be completely clear that AT&T’s policy is to unlock our customers’ devices if they’ve met the terms of their service agreements and we have the unlock code,” vice president Joan Marsh wrote in a company blog posted Friday entitled “Bottom Line: We Unlock Our Customers’ Devices.”

“It’s a straightforward policy, and we aim to make the unlocking process as easy as possible,” she added.

Marsh explained that the company will unlock a customer’s phone as long as the carrier can obtain the unlock code for the device and the phone’s owner has had an active account with AT&T for at least 60 days, the account is in good standing, and there’s no unpaid balance on it.

“If the conditions are met, we will unlock up to five devices per account per year,” Marsh wrote.

AT&T will not unlock devices that have been reported stolen, though.

The carrier’s unlock policy is consistent with the one aired by the White House in a response to an electronic petition criticizing last year’s ruling that phone unlocking was illegal. That petition garnered more than 100,000 signatures.

“The White House agrees with the 114,000+ of you who believe that consumers should be able to unlock their cell phones without risking criminal or other penalties,” wrote R. David Edelmen, White House senior advisor for Internet, innovation and privacy, wrote in the Obama administration’s official response to the petition.

“[I]f you have paid for your mobile device, and aren’t bound by a service agreement or other obligation, you should be able to use it on another network,” he added.

“It’s common sense,” he continued, “crucial for protecting consumer choice, and important for ensuring we continue to have the vibrant, competitive wireless market that delivers innovative products and solid service to meet consumers’ needs.”

Stay tuned for additional details as they become available.