Apple Releases Safari 4.0.1 Update

Posted by:
Date: Thursday, June 18th, 2009, 18:03
Category: Software

safari_icon

On Wednesday, amid the iPhone 3.0 release craziness, Apple released an update to the Safari 4 browser.

The Safari 4.0.1 Update (a 43.8 megabyte download) is reported by Apple to address incompatibilities between Safari 4.0 and certain features in iPhoto ’09, including Places and Facebook publishing.

It can be downloaded via the Software Update control panel on your Mac. At the time of this posting, there was no stand-alone updater at the Apple website.

Apple Releases Safari 4.0 Web Browser

Posted by:
Date: Tuesday, June 9th, 2009, 09:27
Category: Software

safarilogo.jpg
Amidst yesterday’s Worldwide Developers Conference announcements, Apple finally released Safari 4.0, the newest version of its web browser. The new version, available here, is reported to run JavaScript up to 4.5 times faster than Safari 3.
Other new features include Top Sites, Full History Search and Cover Flow, and support for modern web standards like HTML 5 and advanced CSS Effects.
Safari 4.0 requires Mac OS X 10.4 or later to install and run.

Intego Warns of Unrepaired Security Vulnerability in Mac OS X

Posted by:
Date: Thursday, May 21st, 2009, 08:48
Category: Software

applelogo1.jpg
Security firm Intego has warned that a critical security vulnerability within the current version of Java has gone unrepaired for months and may place Mac OS X users at risk.
According to the company’s web site, the current version of Java incorporates a serious flaw that could allow local code on a user’s Mac to be executed remotely.
“This can lead to ‘drive-by attacks,’ where users are attacked simply by visiting a malicious web site and loading a web page,” the firm said.
The exploit could allow a third-party to execute code, access or delete files, or run applications on the compromised machine. Combined with other exploits, outside parties could even potentially run system-level processes and gain total access over the affected Mac.
Given that the vulnerability relies solely on Java, no native code is required to execute the flaw, which theoretically exists in all browsers on all platforms that have not been patched. This is the case with Mac OS X 10.5.7 and earlier, meaning the vulnerability affects even the update released just a week ago.
The firm claims that Apple has been aware of the exploit for at least five months, when it was publicly disclosed and fixed by Sun, but has yet to issue a security patch. The exploit was first discovered by Landon Fuller, who has released a proof of concept via his blog that outlines the security hole.
Intego has stated that it has not found any malicious applets in the wild thus far, but the publicity around this vulnerability may entice hackers to target the exploit before Apple issues a security update. The firm’s VirusBarrier X5 already blocks potential malware but unless users are sure they trust the site they’re viewing, simply disabling Java in the browser may provide the best protection while Apple works on a fix.
To disable Java, launch Safari, choose Safari > Preferences, click the Security tab, and uncheck “Enable Java” if it is checked. In Firefox, this setting is found on the Content tab of the program’s preferences. It is safe to leave JavaScript activated, since the vulnerability only affects Java applets.

Adium X Updated to 1.3.4

Posted by:
Date: Monday, May 18th, 2009, 07:39
Category: Software

adiumducky.gif
Adium, the open source instant message chat client with support for multiple programs (including AOL Instant Messenger, ICQ, Jabber, MSN, Yahoo! Google Talk, Bonjour, etc.) has been updated to version 1.3.4.
The new version, a 21.2 megabyte download, adds the following fixes and changes:

  • Facebook fixes:
    Updated to pidgin-facebook 1.5.0, fixing a major bug in which massive amounts of data could be continuously sent and received under certain situations as well as several minor bugs.
    Fixed a bug in which the Facebook numeric ID rather than name could be shown in the contact list (#11676).
    Improved proxy support.
  • Fixed a crash when loading Jabber/XMPP account preferences when the computer’s host name is not set (#11246).
  • Fixed a display issue in message windows when running Safari 4.
  • Updated to libpurple 2.5.6.
  • Adium X is available for free and requires Mac OS X 10.4 or later to run. The program functions as a Universal Binary and runs at native speeds on both PowerPC and Intel-based hardware.

    Apple Releases Updated Mac OS X 10.5.7 Developer Beta, Build 9J56

    Posted by:
    Date: Thursday, April 23rd, 2009, 14:48
    Category: News, Software

    applelogo1.jpg
    The Mac OS X 10.5.7 update, which appears to be close to release, went through yet another pre-release build late last week with developers working out additional tweaks for the operating system.
    According to AppleInsider, build 9J56 focuses on “Bluetooth compatibility and stability fixes” per sources familiar with the software.
    A number of recent Mac mini purchasers have complained about intermittent Bluetooth connection problems on their new systems, though similar problems are believed to be plaguing a variety of Macs.
    Another fix in the latest build targets an issue with Personal File Sharing and AFP volumes not being properly recognized as Time Machine shares. However, the other three fixes were relatively minor, two of which add once-missing descriptive information to certain crash logs.
    The Mac OS X 10.5.7 update is expected to offer more than 110 code corrections spanning over two dozen areas of the operating system. Earlier this month, Apple added Help Viewer to the list of key software components where beta testers should focus their testing efforts.
    Though its believed that Mac OS X 10.5.7 remains close to release, Apple still notes that the software is incompatible with the public beta of Safari 4 — the OS update’s lone known issue.

    Additional Perks, Features Emerge in iPhone OS 3.0 Firmware Betas

    Posted by:
    Date: Monday, April 20th, 2009, 08:00
    Category: iPhone, iPod shuffle, Rumor, Software

    applelogo1.jpg
    Developers working with recent betas of Apple’s iPhone OS 3.0 software have uncovered some impressive new features such as changes to Safari’s user interface, new battery status indicators and notification preferences, as well as the advent of data detectors in certain apps.
    According to AppleInsider, the following changes have been the most prominent:
    Safari:
    Safari now allows the user to close out and clear all your open browser windows without having to first create a new blank page to get rid of the contents of the last active window.
    The iPhone OS 3.0 beta apparently allows the user to close out the lone remaining page. Once the “x” icon is triggered, the page disappears and a new blank page quickly slides into view.
    Battery Indicators:
    Improvements have apparently been made to the battery indicators, showing the remaining battery life left on your iPhone or iPod touch as a numerical percentage.
    Resource files contained within the new version of the device’s Springboard application include 22 new PNG files to facilitate this option. Half are numerical characters (and a “%” sign) in black typeface for representing healthy battery level percentages while the other half are in red typeface for when battery life falls bellow a certain threshold.
    Though this has yet to be confirmed, users will have the option of selecting how their battery status indicator appears in the menubar — such as an icon-only view (per current versions of the software), an icon + numerical view, or a numerical-view only.
    Push Notification preferences:
    A new Push Notifications preference pane allows users to enable or disable any of the three types of notifications that third party applications can push to your handset: Sounds, Alerts and Badges. Alternatively, notifications can be disabled as a whole.
    Data Detectors:
    Apple has enabled Data Detectors for several new applications. Data Detectors automatically detect text fragments like email addresses, phone numbers, and street addresses and allow users to execute actions on those fragments via touch selections — like dialing a phone number automatically by clicking on it or adding it to your address book.
    Finally, the iPhone OS 3.0 beta firmware apparently also allows users to change scrubbing speeds in the iPod application.
    “You press and hold on the little dot to scrub and slide your finger down the screen to get finer scrubbing speeds,” a person familiar with the software said. “There are four options: Hi-Speed Scrubbing (normal slide position), Half Speed Scrubbing, Quarter Speed Scrubbing and Fine Scrubbing (furthest down the screen).”

    (more…)

    Mac Hacker Charlie Miller Locations Additional Security Hole in iPhone

    Posted by:
    Date: Friday, April 17th, 2009, 07:33
    Category: iPod, security

    3giphone.jpg
    Mac hacker Charlie Miller, a principal security analyst at Independent Security Evaluators and the winner of the the CanSecWest security conference hacking contest two years straight, has detailed his latest find wherein he was able to run shellcode on an iPhone.
    According to Macworld UK, it was widely believed by many security researchers that it wasn’t possible to run shellcode on an iPhone. Shellcode is code that can run from a command line, but the iPhone was thought not to allow it for security reasons.
    If pulled off correctly, shellcode allows users to perform malicious actions such as gaining access to a users text messages or call history from a remote location.
    Earlier versions of the iPhone OS firmware didn’t have many protections to prevent people from tampering with its memory to run other commands, Miller said. But the latest version of the iPhone’s software strengthened the overall security of the phone, Miller said.
    In his report, Miller detailed how he was able to trick the iPhone into running code which then enabled shellcode. To pull this off, Miller said he needed to have a working exploit for an iPhone and a means of targeting a vulnerability in the software such as the Safari web browser or the iPhone’s operating system.
    Miller said he doesn’t have one now but stated that if someone did, “this would allow you to run whatever code you want,” Miller said in an interview after his presentation.
    In 2007 Miller and some of his colleagues did find a vulnerability in mobile Safari that would allow an attacker to control the iPhone. Apple was immediately notified and later issued a patch for the problem.
    Miller said he isn’t sure if Apple is aware of the latest issue and stopped short of calling the problem a vulnerability, saying instead that Apple engineers may have overlooked the issue. Apple also has never come out publicly and said it is impossible to run shellcode on an iPhone, he said.

    (more…)

    Recent Mac OS X 10.5.7 Beta Focuses on 100+ Fixes, Second Security Update for 2009

    Posted by:
    Date: Wednesday, April 8th, 2009, 07:44
    Category: Software

    applelogo1.jpg
    A recent Mac OS X 10.5.7 beta has made its way among Apple developer with Apple apparently also beta testingits second security update of the year for certain Mac OS X distributions.
    According to AppleInsider, build 9J44 of Mac OS X 10.5.7 was released to developers. The new beta arrives a little more than a week after the company issued build 9J39 and, per sources close to the story, offers a fix for a PDF font render along with four other fixes, thus bringing the number of documented code corrections to 104.
    Similarly, the lone issue affecting the last several builds has been the inability to install Apple’s Safari 4 beta, which hasn’t been tweaked to run on the new system update.
    Mac OS X 10.5.7, code-named Juno, is expected for a release sometime this month and reportedly weighs in at approximately 442MB. A combo updater capable of updating versions of Leopard prior to 10.5.6 and bundling earlier security improvements is currently about 730MB.
    Where the second security update is concerned, Apple has reportedly tasked security experts with evaluating its second security update to Mac OS X of the 2009 calendar year. The release is said to be in testing for versions of Apple’s Mac OS X 10.4 operating system and a version for Mac OS X 10.5 has yet to be reported.
    People familiar with the situation say Apple doesn’t brief its security testers on the improvements it bundles into beta security updates and instead asks them probe for holes blindly. As such, it’s not entirely clear what components of Tiger it targets, though the rumor is that it addresses a networking vulnerability.
    Apple is expected to recommend the update “for all users” saying it “improves the security of Mac OS X.” Four different distributions are currently being evaluated: Tiger client (PPC), Tiger server (PPC), Tiger client (Intel), and Tiger server (Intel).
    The latest known builds are reportedly 8S410 (PPC) and 8S2410 (Intel).

    (more…)

    Apple Releases iPhone OS 3.0 Beta 2 to Developer Community

    Posted by:
    Date: Wednesday, April 1st, 2009, 08:13
    Category: iPhone, Software

    3giphone.jpg
    Late Tuesday, Apple officially released iPhone OS 3.0 beta to to its developer community. According to Engadget, the new beta includes push notifications and in-app purchasing, giving developers a chance to play with these features. The report also cites significant stability improvements within the new build.
    While MMS and tethering are also included within beta 2, Apple has apparently asked developers not to try these features as of yet.
    Per the Apple Core, Apple has also made the following changes in beta 2:

  • B2 killed a lot of the typing lag, and scrolling problems.
  • Some speed improvements.
  • Some stereo bluetooth controls are working (play and pause). Others (rewind and fast forward) are not.
  • There’s a new Store option under Settings, but it’s empty.
  • New icon in the left side of the menu bar to indicate when call forwarding has been enabled.
  • Despite Apple’s warning against MMS and tethering, they can be enabled by modifying the ipcc file (the carrier settings). They both work in b2 in the U.S. although some countries have trouble getting them to work at the same time, but they work, regardless of the firmware.
  • The exchange email bug that prevented you from syncing to your corporate email was fixed.
  • New way to open a new page in Safari: Tap and hold on a link and a menu pops up allowing you to open, open in new page or copy the link (or cancel).
  • The iPhone OS beta 2 build can be downloaded from here upon signing up for an ADC account.
    If you’ve tried the new build, please let us know what you think of it in the comments or forums.

    (more…)

    Apple Begins Testing Mac OS X 10.5.7 Update

    Posted by:
    Date: Thursday, February 26th, 2009, 10:20
    Category: Software

    applelogo1.jpg
    No matter what you think of Mac OS X 10.5.6, Apple is cited as having tapped its developer community this week to begin testing its Mac OS X 10.5.7 update, a maintenance and security update to the company’s Leopard operating system with a particular focus on syncing improvements.
    According to AppleInsider, sources close to the story have stated that the update will include a plethora of bug fixes, six code corrections and currently weighs in at 440 megabytes in its simplest form.
    Apple is currently said to be focusing on syncing issues found in applications such as Mail, Address Book and system preferences. A problem with Safari not accepting certain types of cookies will also reportedly be addressed.
    Among the nearly two dozen other components receiving attention in beta of Mac OS X 10.5.7 are graphics drivers, Time Machine, printing services, screen sharing services, MobileMe syncing, AirPort services, text services, and iCal, those familiar with the software claim.
    Stay tuned for additional details as they become available and if you’ve gotten your hands on a 10.5.7 build, please let us know what you think of it in the comments or forums.

    (more…)