O'Grady's PowerPage » OS X

Researcher finds Sparkle framework vulnerability, highlights popular apps that could be exploited

Posted by:
Date: Wednesday, February 10th, 2016, 08:31
Category: News, OS X, security, Software, Yosemite

trojanhorse

Well, this is a mess.

A “huge” number of third-party Mac apps are under threat of man-in-the-middle attacks due to a recently discovered vulnerability in Sparkle, an open source framework used to facilitate software updates.

The flaw, which centered around a flawed WebKit rendering engine implementation found in certain Sparkle builds, is to blame for the newly discovered attack that allows malicious users to insert and execute JavaScript code when affected app check for software updates.

Along with a flawed Sparkle version, vulnerable apps must also be running an unencrypted HTTP channel to receive software updates from offsite servers. This can allow other users to capture network traffic and thereby run malicious code on a target computer. The exploit has been cited by a software engineer called “Radek”, who confirmed the exploit affects apps running on the latest versions of OS X 10.11 El Capitan and OS X 10.10 Yosemite.

(more…)

Mossberg weighs in on Apple’s app shortcomings of recent years

Posted by:
Date: Wednesday, February 3rd, 2016, 14:31
Category: iOS, News, Opinion, Software

about_walt

There’s a pretty interesting piece over on The Verge in which the mighty Walt Mossberg cites some apparent shortcomings in Apple’s apps in recent years.

He points out that Apple’s products are often considered the best you can buy and that this is part of the Mac and iOS user experience.

“In the last couple of years, however, I’ve noticed a gradual degradation in the quality and reliability of Apple’s core apps, on both the mobile iOS operating system and its Mac OS X platform. It’s almost as if the tech giant has taken its eye off the ball when it comes to these core software products, while it pursues big new dreams, like smartwatches and cars.”

He might be right.

(more…)

Apple acquires security firm LegbaCore

Posted by:
Date: Wednesday, February 3rd, 2016, 08:10
Category: security, Uncategorized

legbacore

When in doubt, buy one of the best security firms you can get your hands on.

Back in November of 2015, Apple quietly acquired security consultancy firm LegbaCore. The acquisition was initially revealed back in December by security researcher Trammell Hudson during a presentation at the 32C3 conference. The acquisition was further corroborated by a series of tweets from founder Xeno Kovah and the company’s website, which states that it is “not accepting any new customer engagements.”

The specific details are unclear, although Kovah and his partner Corey Kallenberg are working full-time at Apple, although their specific roles are unclear. Kovah only stated that he and Kallenbeg would be working on “low level security” at the company.

(more…)

1Password for Mac updated to 6.0

Posted by:
Date: Thursday, January 14th, 2016, 08:58
Category: News, security, Software

1passwordicon

1Password just hit version 6.0 for the Mac.

AgileBits’ password manager has just been updated to version 6.0 and the changes are pretty massive:

All Vaults View: This allows you to see all of your items in the main app and mini app without switching vaults. Vaults can also be created for families and teams, such as when business social media accounts are shared.

(more…)

Apple releases OS X 10.11.2 El Capitan update

Posted by:
Date: Tuesday, December 8th, 2015, 15:20
Category: News, OS X, Software

elcapitan

If you’ve been hankering for a heft update to OS X 10.11 El Capitan, it just came out.

On Tuesday, Apple released OS X 10.11.2, the latest update to its OS X operating system. The update, a 1.87 gigabyte download, offers the following fixes and changes:

– Improves Wi-Fi reliability

– Improves the reliability of Handoff and AirDrop

– Fixes an issue that may cause Bluetooth devices to disconnect

(more…)

Recent Tim Cook comments state that Apple won’t combine MacBook and iPad

Posted by:
Date: Monday, November 16th, 2015, 07:45
Category: Accessory, Hardware, iPad, iPad Pro, MacBook, News

ipadprowithkeyboard

The iPad Pro won’t combine a MacBook with an iPad.

So sayeth the Tim over at 1 Infinite Loop.

Last week, Apple CEO Tim Cook declared that the iPad Pro “is a replacement for a notebook or a desktop” for many users. Apple’s iPad Pro mixes together a tablet, keyboard, and stylus like Microsoft’s Surface lineup, but Cook labelled the Surface Book a “diluted” product for “trying to be a tablet and a notebook and it really succeeds at being neither.”

In a recent interview, Cook defended his comments about Apple’s new iPad Pro tablet, stating he was referring to Windows-based notebooks and desktops, not Apple’s own notebook lineup.

“We don’t regard Macs and PCs to be the same,” says Cook. “What we’ve tried to do is to recognize that people use both iOS and Mac devices.” So it appears that in the eyes of Tim Cook, an iPad Pro will replace a Windows PC, but not a Mac. Cook didn’t elaborate on the comments.

(more…)

Paragon’s NTFS for Mac updated to version 14, adds just features, fixes

Posted by:
Date: Monday, November 9th, 2015, 08:47
Category: News, Software

paragonntfs14

It doesn’t make the news every day, but it’s a useful app to have on hand.

Paragon Software’s NTFS, which allows full OS X read and write access to NTFS volumes, has just hit version 14.

The new version introduces new volume management functions for NTFS volumes, and it supports all versions of NTFS. Paragon has no limit for the file or partition sizes it can handle, and the software supports NTFS functions such as resource forks, reading and writing hardlinks, symlinks, and file permissions.

(more…)

QuickShot 2.0 app adds multiple folder support, search and sorting options

Posted by:
Date: Tuesday, November 3rd, 2015, 07:45
Category: News, Software

quickshot2

ThinkDev’s QuickShot was nifty and version 2.0.1 might be niftier still.

Per developer comments, the company has added the following new bells and whistles to its screenshot and image management application for OS X:

We’ve got a lot of feedback from users who liked our app, but simply wanted it to do more. So, with this release we’re introducing a boatload of new features. To start, QuickShot now has multiple folder support, so you can load images from any folder you want and switch between them right in your menubar. Along with that, we’ve now added custom filters, search, sorting options, and themes to make QuickShot even more customizable.

(more…)

2015 5K Retina iMac supports 10-bit screen color feature under OS X 10.11 El Capitan

Posted by:
Date: Monday, November 2nd, 2015, 06:12
Category: Hardware, iMac, News

5kimac

This could come in handy if you’re doing extensive photo and video work.

Apple’s latest 5K Retina iMac supports 10-bit screen color. This feature was discovered via new driver software in OS X El Capitan, as noted in Cinema5D and German publication Mac & I. It’s not clear whether the code might support an external 10-bit monitor.

(more…)

Apple releases OS X 10.11.1 El Capitan update

Posted by:
Date: Wednesday, October 21st, 2015, 13:22
Category: News, Software

elcapitan

If you were looking for fixes for Apple’s OS X 10.11 El Capitan operating system, they just came in.

Apple on Wednesday released OS X 10.11.1, the first major update to its OS X 10.11 El Capitan operating system.

The update, approximately a 1GB download, offers the following fixes and changes:
– Improves compatibility with Microsoft Office 2016.

– Fixes an issue where outgoing server information may be missing from Mail.

(more…)