Ars Investigates Recent Mac Malware

Ars Investigates Recent Mac Malware

MAC Defender has changed everything,” one Apple Store Genius, who requested to remain anonymous (we’ll call him Lenny) told Ars. “We probably get 3 or 4 people with this per day. Most of them only got as far as installing the program and haven’t entered their credit card details.”

Lenny went on. “This always sparks a debate at the bar on whether antivirus software is necessary on the Mac. This is difficult, as the store sells several antivirus products implying that Apple supports the idea, but as many customers point out, the sales guys aren’t shy in making the claims for Mac OS X’s security. Internally, Apple’s [IT] department mandates the use of Norton Antivirus on company machines.

Following the controversy that sparkled after the large diffusion of MAC Defender (covered here) that rose (again) the inevitable question as to whether being scared of malware on a Mac is nothing but crying wolf, Ars Technica takes a step back and tries to analyze the situation interviewing Apple employees, Geniuses, and various representatives of antivirus / security companies. Whilst it’s kind of obvious that antivirus makers will always recommend their products because you have to keep your machine secure, the takeaway from support specialists is interesting: there’s no need to panic, but people are undoubtedly coming over asking for help with this recent malware.

Of course, the peculiar nature of Mac Defender (it’s a “scanning software” that asks for your credit card details, and it’s downloaded through a malicious script from certain websites and Google Image Search) raises another issue: users are installing the software by manually going through an installer and giving it their passwords – this shouldn’t happen. Anyone who’s a little skilled in computing should know that stuff you didn’t want to download shouldn’t be granted permission to run in the first place. And MAC Defender comes as a whole installer. On the other hand, I don’t think it’s really about crying wolf (though some people like to run overly sensationalistic headlines), as much as it’s about the fact that this malware ultimately exists. Fact.

Ars has an interesting read, and our friends at TUAW have a pretty handy guide detailing the removal of MAC Defender. The best tip, however, is still the same: don’t execute programs and documents you don’t know.

Permalink

DropDAV 2.0 Launches, Goes Paid at $5 Per Month

If you’re a heavy user of the iWork suite for iPad or the recently released OmniOutliner and have been looking for a way to easily keep documents in “sync” across machines, you’ve probably already heard of DropDAV. By providing a WebDAV interface to your existing Dropbox account, DropDAV allows you to export documents using iOS apps’ “save to WebDAV” function, and have your docs conveniently saved on the desktop. Because DropDAV simply gives Dropbox the capability of becoming a WeDAV server, you’re not really “syncing” documents when you use Pages or Number for iPad –rather, as these apps already use WebDAV, you’re given the option to at least save to Dropbox. That’s something.

The first version of DropDAV, launched a few months ago, became so popular that the developers had to rethink the service from the ground-up and rewrite the whole engine to support the latest WebDAV standards, offer more speed and reliability, and find a pricing model that would keep operations going. DropDAV 1.0, in fact, was free if you were connecting to a free 2 GB Dropbox account, and asked you to pay only if you had a paid Dropbox account. With version 2.0, officially announced two days ago, gone is the freemium model and the differentiation between free and paid Dropbox accounts: DropDAV now has a 14-day free trial, and after that it’s $5 per month. Simple. The developers explain they’ve completely rebuilt DropDAV to be faster, more compliant to standards and less prone to server-side errors; by integrating with the powerful Dropbox API, DropDAV still allows you to virtually export to WebDAV from any app that supports the protocol, and have documents actually offloaded to Dropbox. It works really, really well and, from what I can tell after a quick test (I’m a subscriber), it’s seriously faster and improved. From a technical standpoint, the devs write:

We identified inconsistencies in the way PHP and the OAuth Pear plugin worked with UTF-8 strings. We created a taxonomy of WebDAV clients, sorting out which ones behaved similarly. We integrated in support for WebDAV locking to comply with the Class 2 specifications.

In the end, we bridged our legacy implementations of WebDAV’s hairier functions (written in PHP) with the native UTF-8 support and better Dropbox client in Python. We settled on an implementation that includes extensible request parsing in PHP, communication with Dropbox in Python, then extensible response formatting back in PHP. It’s a lot cleaner than it sounds, and it works really, really well for the entire UTF-8 character set and XML Special characters.

Class 2 support is still a work in progress. In truth, it’s somewhat of a hack in that Dropbox doesn’t support locking, so we could only create the illusion of locking for our WebDAV clients. We think we’ve done that well enough to roll out and will continue improving it to eventually pass the Litmus test in the coming weeks.

If you haven’t checked out DropDAV already, here’s your chance to start a free trial and connect the service to your Dropbox. It works great with the iWork suite, The Omni Group’s apps and a variety of file managers for OS X and iOS (such as iFiles), and it’s probably the best shot you have if you don’t want to go insane with Pages and exporting files in iTunes.

Apple “iTV” Prototype Shows Up on eBay

As noted by MacRumors, a prototype “iTV” of the device that eventually shipped as the first-generation Apple TV is now available on eBay for a “Buy Now” price of $350. The device, resembling the original Apple TV with only an Apple logo on top but lacking the “TV” branding, is still functional and also managed to receive Apple TV software updates throughout the years, in spite of its internal and not-for-release nature that would suggest the device is not capable of running the latest software. However, the iTV is apparently working correctly and showing the 3.0 software update from 2007. The seller on eBay claims the pictures are the best description he can provide, and admittedly the device seems in good conditions.

The photos also show the device booted up and displaying the stock photo screensaver, although it is not connected to the Internet and the item’s description indicates that it has not been fully tested for functionality.

The iTV also has a couple of labels on its back, depicting the DVT (device verification test) status and the “Apple Development Team” that originally owned it and somehow gave it to someone else. Overall, the device looks like a genuine hardware verification unit that eventually shipped with a different logo, but still retains all the functionalities of the original Apple TV. Check it out here before it’s too late.

Dual-Mode Verizon iPhone 4S to be Released With AT&T Version

Verizon has been a leaky faucet lately, with our first real bit of insight into Apple’s strategy coming in April where CFO Fran Shammo spoke about a global iPhone hitting shelves at the same time as their competitors. The idea of a dual-mode phone was “reiterated” again by Shammo at Reteurs’ technology summits: to be clear, the idea that Verizon would launch a dual-mode, GSM/CDMA capable model alongside AT&T would give it equal footing when customers decide on a carrier. Shammo offered further clarity that the iPhone probably won’t be an LTE device, noting, “It’s a bigger issue for Apple than it is for us.” Apple is focused on providing an iPhone that works globally at the moment, rather than focusing on LTE technologies. Verizon themselves aren’t concerned about the lack of LTE on the next iPhone, given that they already have a slew of Android devices that offer their functionality if consumers desire it.

Along with iPhone plans, Shammo also said family plans would get shared data plans after the switch to tiered pricing. An end to unlimited on-device data plans was still on track for the summer, but he said it was sure Verizon would have “mega-plans” where a certain number of devices had a larger pool of data.

If you’re planning on getting an unlimited plan under Verizon, your switch from AT&T to the big red may not matter once Verizon adopts tiered pricing. Likely to be competitive with AT&T who’re currently offering 2GB of data for $25 a month, Verizon may also offer customers buying multiple phones a discount, and that mega-plans may offer incentives such as the ability to ‘borrow’ plans from other 3G devices (read: free tethering).

The next iPhone is rumored to be on track for an improved camera, bigger display, and an A5 processor. Apple should currently be in the process of ramping down iPhone 4 shipments (expecting to ship 2 million less in Q2) as the new batch of next generation iPhones are scheduled to begin production in August. The next iPhone will also likely feature an 8 MP Sony camera, as well as sporting a new design with relocated flash. All of us are going to be incredibly anxious as it’s unlikely Apple will launch a new iPhone in June or July, but I’m guessing September is looking like it’ll be bigger than we expected.

[Reuters via Electronista]

Could Aperture Be Coming to iOS?

This would be a photographers dream come true wouldn’t it? Even if you prefer Adobe’s Lightroom to Apple’s Aperture, I’d love to have the iPad play a larger role in field editing for photographers. The Photos app included on the iPad isn’t exactly prime for professional work (it’s great for displaying and browsing the end result), but Aperture on the iPad would give photographers an intuitive touch interface to edit photos in a library that’s perhaps separate from Photo’s library. Patently Apple reports that Aperture could well be on its way towards touchscreen devices such as the iPad (and maybe that touchscreen iMac we’ve heard about).

It’s the latter that’s interesting in light of Apple’s latest patent revelation that Aperture is coming to touch displays including handhelds like the iPad. It may even come to future desktops and laptops that offer touch displays, according to Apple. An advanced graphics pen would be great for fast photo touch-ups and appreciated by photographers using Aperture on-the-go.

The patent covers various means of interacting with Aperture, from touch input to pen input, and the descriptions of various GUI elements that can provide authors with an easy toolset at the ready for image editing. The authors are intrigued with the idea that Apple may be moving towards various forms of alternate input, such a smart light pen, that could aid future Apple device owners in precision editing.

[via Patently Apple]

PhotoForge 2 Released, Brings Powerful Image Editing to iOS

Announced last week as a successor to the popular lightweight image editing software for iPhone and iPad PhotoForge (which we reviewed here), PhotoForge 2 is a complete rewrite of the original app, sporting a completely new UI, more image editing features, new export options and a faster engine to bring semi-professional editing to the iPhone. In spite of the iPad version being advertised in the launch promo video, PhotoForge 2 is available today at $0.99 on the iPhone, with the iPad version coming in the next weeks as a Universal update. The GhostBird Software developers have decided to make PhotoForge 2 a standalone app, as the App Store doesn’t come with an upgrade policy and they felt that version 2.0 was worth paying a separate price. Indeed, the app sports several new functionalities and paying $0.99 now with the promise of an iPad update for free relatively soon sounds like a great deal. Plus, once the iPad update comes out the app will be priced at $2.99 for the remainder of May, although the full retail price is $4.99. That means you can get the app now and save $4, or wait for the iPad update and still save $2. The app has started propagating this morning in iTunes and is available here.

PhotoForge 2 is a full-featured image editing app for iOS, perhaps the most powerful available on the App Store. Whilst I can’t go through all the features now as I’ve played with the iPhone app for less than an hour (but we’ll make sure to have a full review once the iPad app is released), I can say there’s a notable difference when using the PhotoForge 1 and this 2.0 update. PhotoForge 2.0 has got a whole new interface revolving around the concept of “docks” (like the standard OS X one) that are basically a list of icons and buttons to navigate through the various image editing functions. Once you load a photo from your Camera Roll and start a new project,  you can tap on the FX button in the bottom toolbar to scroll through a series of effects to apply to your photo in real-time, most of them being similar to the ones offered in apps like Instagram and Camera+. In PhotoForge 2.0, photos fit to screen by default, but you can double-tap them to edit them at full resolution looking at all pixels on screen. As I said effects are applied in real-time, with a loading bar at the top showing progress – on the iPhone 4, everything is quite smooth and responsive, though I expect the iPad 2 version to be a little snappier given the A5 processor. There’s lot of stuff to play with in PhotoForge 2.0, including layers, exposure control, brightness and contrast, or standard RGB levels. It feels like a mini Photoshop version, ported to a smaller screen with controls rewritten for multi-touch. Of course, you can’t expect all the functionalities of Photoshop to be available in PhotoForge 2.0, but this thing does undoubtedly have more options and settings than the average iOS photo editor. You can tweak opacity and blend modes, create and duplicate layers or fill a new one with color, copy and paste masks or apply sharpening and noise reduction.

Because the feature list is huge and I’ve only been playing with the app this morning, here’s a list of functionalities for comparison’s sake:

  • Curves & Levels with RGB, CMYK and LAB colorspaces.
  • Sharpening & Noise Reduction
  • HSL & Channel Mixer controls
  • Brightness & Contrast, Exposure, Vibrance
  • White Balance, Shadows & Highlights
  • Auto Exposure & Auto White Balance
  • Precise Image Cropping and Resizing
  • Customize your film, lens, flash and much more to create amazing looking photographs with the Pop! Cam add-on
  • Great Black & White and Sepia filters
  • Lomo, Gothic, Dreamy and 3D
  • Crystallize, Pointallize and Impressionist.
  • Bulge, Pinch & Twirl

PhotoForge 2.0 is meant for both for professional and casual users (thanks to an intuitive interface), and I have a feeling the iPad counterpart, with larger real screen estate, will make image editing even better as I’ve noticed editing on the iPhone can be sometimes a little frustrating because of the smaller screen – meaning, when applying some effects or setting other options there’s a chance you won’t see the full image in front of you, and the iPad should fix this issue. However, I was impressed by the sharing functionalities of PhotoForge 2.0, which include Flickr, Tumblr, Facebook and Twitter sharing, FTP and Dropbox uploading, or standard emailing and saving to the Camera Roll. The selection of services is really impressive and the Dropbox addition quite welcome, though I’d like to see direct CloudApp integration as well.

As it stands now, I think PhotoForge 2.0 is the most powerful and beautiful image editor for iPhone. The iPad version is something I’m really looking forward to, and while you wait you should get the app here at $0.99. It’s simply a great update.

Internal AppleCare Document Directs Employees Not To Help With Malware Removal

An internal AppleCare document posted earlier this week reveals that Apple is investigating ‘Mac Defender’ – a recently unleashed malicious application that pretends to be an anti-virus application when users download it. The document, which Apple clearly notes is for internal use only, tells its employees not to confirm or deny whether the application has been installed on a users computer, not to attempt to remove it or escalate the issue.

The bizarre document, which is posted in full after the break, seems to be instructing Apple employees to take no part in resolving malware issues on a users computer.

AppleCare does not provide support for removal of the malware. You should not confirm or deny whether the customer’s Mac is infected or not.

However, the document does tell employees to instruct customers that if the Mac Defender installer pops up on their screen, to cancel the installer and delete the installer immediately. Whilst if the application is already installed they are told to tell the customer to make sure all security updates have been installed with Software Update and then direct them to the “What is Malware?” document. But the document is clear in saying that Apple doesn’t deal with malware – even recommending anti-virus software in the Mac App Store.

Explain that Apple does not make recommendations for specific software to assist in removing malware. The customer can be directed to the Apple Online Store and the Mac App Store for antivirus software options.

[Via ZDNet]

Read more

DropIn Enhances Dropbox with Menubar Drag & Drop, Filters, Previews

I rely on Dropbox on a daily basis to sync files between computers, my iTunes music library and have access to folders shared with the MacStories team or my friends. In fact, Dropbox is the first app I install on every new Mac or fresh installation of OS X, being the service that stores my most important data, app libraries, and more. But for as much as I love Dropbox and couldn’t work without it anymore, I loathe the desktop Mac app. Not the syncing service that displays a badge next to my files or folders, or the preference panel that (in the latest version) allows me to set up selective sync: I can’t stand the menubar utility, which is an icon that does nothing but displaying my available space on Dropbox and changing its looks depending on whether Dropbox is syncing or not. It doesn’t do anything else, and more importantly it sits in the menubar but it doesn’t let me drag files onto it for quick uploading.

Meet DropIn, a $1.99 utility from the Mac App Store that enhances your local Dropbox installation by letting you drag files in the menubar, browse recent files, set up notifications and filters. Sure, it’s another icon in the menubar, but at least it lets me do a bunch of things the official app can’t. DropIn has two main functionalities: it displays a preview of recently changed files and enables you to create filters for the files you want to see in there; it comes with a Droplet feature that allows you to move files to Dropbox by dragging them onto the menubar, avoiding the Finder altogether. In DropIn’s preferences I told the app to simply copy files into my Dropbox main directory, but you can choose sub-folders as well or enter your account ID to upload files to the public folder and get a link in your clipboard automatically. This one’s a feature I’ve been looking forward to have on my Mac because I dislike stacks in my dock, and I’d rather have an icon in my menubar instead of having to open a new Finder window every time. And it works great in DropIn.

As for recently changed files and notifications, this is something you can do with the official Dropbox app and Growl, but DropIn lets you set up the number of updated files to display in the dropdown menu and it’s also got inline previews and a button to reveal a file in the Finder. Furthermore, you can set up advanced rules in the Filters section to show / hide specific files and make sure you’re only being notified about things you care about, and not those info.plist files from iTunes.

At $1.99, DropIn is a great addition to Dropbox, if only for the drag & drop functionality that makes it incredibly easy to move anything to your personal cloud. You can get the app from the Mac App Store here. Check out more screenshots below. Read more

ForeverSave 2 Review: Universal Auto-Save And Versioning On Your Mac

Everybody dreads it, the moment you realize that the document you had been working on for an hour is lost, all because you hadn’t saved it and there had been a power outage or the program crashed! It seems absurd that, in 2011, so few apps have implemented an auto-save feature that saves your document periodically as you work on it. A few apps do have an auto-save feature, including the Microsoft Office suite (saving me more than a few times) – but the vast majority don’t.

For those applications that don’t feature auto-saving there may be a reasonable solution that requires very little hassle from you. Tool Force bills their recently released version 2 of ForeverSave as enabling “universal auto-save and backup versioning for all documents”. I gave the application a go for the past week so jump the break for a full review and see whether it pans out as a feasible solution.

Read more