Dear All - A warm welcome to new readers of this posting! A round-up of news and items of interest. Let me know if you'd like more information about anything. I'm expecting to finish work this year on or about thursday 21 december, and to re-start on tuesday 02 january. More details late next week. 0. Firmware updates - treat with care A flurry of updates have been posted by Apple on its Support Web site. Firmware updates have been released for each of their *Intel* Macs. These updates fix several Boot Camp, start up, and wake-from-sleep issues on all Intel Macs. Other updates include X11, Digital Camera RAW Support and the Firmware Restoration CD iMac EFI Firmware Update 1.1 MacBook Pro EFI Firmware Update 1.2 MacBoook EFI Firmware Update 1.0 Mac mini EFI Firmware Update 1.1 Mac pro EFI Firmware Update 1.1 Apple also posted updates for X11 [Update 2006 1.1.3], Digital Camera RAW Support [Update 1.0.1 PPC, Update 1.0.1 Universal] and its Firmware Restoration CD for Intel-based Macs. However, these have proved to be troublesome releases and you might want to look at some of the newsgroups with respect to your Intel-based machine before updating your machine. 0.1 Latest OS versions are: System 9.2.2; OS X 10.2.8; OS X 10.3.9; and OS X 10.4.8. You should be running one of these operating systems, at these release levels. 0.2 Latest virus alert - MySpace virus - for users of www.MySpace.com only NOTE - THIS IS ONLY OF INTEREST IF YOU USE MYSPACE.COM. IF YOU DON'T, THERE IS NO PROBLEM. Websense and others cover an "amazingly virulent" QuickTime worm propagating via MySpace: MySpace XSS QuickTime Worm [WebSense] Websense Security Labs has confirmed the existence of a worm spreading on the MySpace network. This worm is exploiting the Javascript support within Apple's embedded QuickTime player (1). This is used in conjunction with a MySpace vulnerability that was announced two weeks ago on the Full-Disclosure mailing list (2). The vulnerabilities are being used to replace the legitimate links on the user's MySpace profile with links to a phishing site. Once a user's MySpace profile is infected (by viewing a malicious embedded QuickTime video), that profile is modified in two ways. The links in the user's page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user's site. Any other users who visit this newly-infected profile may have their own profile infected as well. An infected profile can be identified by the presence of an empty QuickTime video or modified links in the MySpace header section, or both. 1. http://www.gnucitizen.org/blog/backdooring-quicktime-movies/ 2. http://seclists.org/fulldisclosure/2006/Nov/0275.html 3. http://www.apple.com/quicktime/tutorials/hreftracks.html MySpace worm uses QuickTime for exploit [Computerworld] The social networking site MySpace.com is under what one computer security analyst called an "amazingly virulent" attack caused by a worm that steals log-in credentials and spreads spam that promotes adware sites. The worm is infecting MySpace profiles with such efficiency that an informal scan of 150 found that close to a third were infected, said Christopher Boyd, security research manager at FaceTime Communications Inc. MySpace, owned by News Corp., is estimated to have at least 73 million registered users. The worm works by using a cross-scripting weakness found about two weeks ago in MySpace and a feature within Apple Computer Inc.'s QuickTime multimedia player. The exploit starts with a user who visits a MySpace profile infected with an embedded QuickTime movie. The movie loads JavaScript code that overlays a row of menu options on a MySpace profile with a bogus menu. A QuickTime function, called the HREF track, can direct the player to use JavaScript commands to load Web pages into a browser frame or window. Worm uses QuickTime to spread on MySpace [Cnet] A malicious video on MySpace.com pages changes people's profiles when played, embedding itself and adding links to fraudulent Web sites, experts have warned. The video is a rigged QuickTime file that exploits a MySpace vulnerability and support for JavaScript in Apple Computer's embedded media player, Web security firm Websense said in an alert posted on Friday. When played by a MySpace user, the video adds itself to the user's MySpace page and replaces the links on the user's profile with links to phishing Web sites, Websense said. Phishing sites are fraudulent sites that attempt to trick people into giving up sensitive information such as log-in credentials. A MySpace representative on Monday said she could not immediately comment on the worm. 1.0 Software updates 1.1 Adobe Reader is at version 8 now (Intel and PPC versions available from www.adobe.com) It's big - broadband users only. 1.2 Aperture (again) Apple has released Aperture 1.5.2, an update for the post-production RAW photography workflow tool. The new release provides "overall reliability and performance" enhancements in the following areas: * Contact sheet printing * Smart Albums * Watermarks * Lift and stamp * Image export * Versions created using an external editor Aperture 1.5.2 is available as a hefty 131 MB standalone download as well as through Software Update. Apple re-iterates that Aperture users should download the Digital Camera RAW Support Update 1.0.1 [2.4 MB], which adds support for the Canon Digital Rebel XTi / 400D / Kiss X Digital, Nikon D80, Pentax *ist DS and address several stability issues. 2.0 Applications of interest 2.1 Suitcase Fusion - for designers Extensis has released a free update for Suitcase Fusion, the company's next-generation, single-user font manager. SuiteCase v12.1.3 brings improved performance for font activation and searching speeds as well as enhanced font corruption checking. This update also adds native support for Intel- and PowerPC- based Macs for FontDoctor. Morrison SoftDesign's FontDoctor is the industry standard tool for locating and eliminating hard-to-find font problems that impact a system's performance and applications. FontDoctor is free with the purchase of Suitcase Fusion. "The performance enhancements in this update offer Suitcase Fusion users even faster font activation and provide added stability which our users demand," said Halstead York, Extensis Product Marketing Manager. It requires Mac OS X v10.3.9 (PowerPC) or Mac OS X 10.4.4 (Intel) and is available as a free update to the $100 application. Note: At least one of you has had serious problems with Suitcase on his Intel-based machine. John - what are you using now? 2.2 Galerie - for photographers "A few years back, I was looking for an easy way to create online photo album pages for my family's website. After trying all the tools I could find, I started using jAlbum, which did basically everything I wanted (it was a Pick of the Week back in 2003). Recently, however, a colleague at Macworld told me about Galerie, and I'm now using it for my online photo albums. Galerie has a ton of features; to name just a few, you can: specify what text is associated with both thumbnails and larger images (comments, EXIF, date, etc.); set the horizontal and vertical spacing of thumbnails; add a watermark; add the full-sized images to the upload (optionally zipped); set the size of thumbnails and larger images; upload to your FTP server automatically; and much, much more. In addition to all the album setup features, you can choose from 18 different templates that control the appearance of your album. If that's not enough, you can download 50 more free templates. Many of the templates use CSS for styling, and can thus be easily customized. One of the main things that made it easy for me to switch from jAlbum is Galerie's integration with iPhoto. Just create a selection in iPhoto, then switch to Galerie and click the Generate button. Galerie will automatically grab the images from iPhoto and create the album. With jAlbum, I had to manually export my images first. It will also work in this manner with selections in GraphicConverter, iView MediaPro, and Extensis Portfolio 7. You can also drag and drop files or folders from the Finder. 2.3 Traktor - for musicians Native Instruments today released Traktor 3.2, an update to its DJ software that brings a wide range of functional enhancements along with native compatibility for Intel-based Macs as a Universal Binary. TRAKTOR 3.2 offers DJs improved creative functionality, reliability and ease of use across the board, according to Native Instruments, with synchronized track mirroring between decks and seamless Hot Cueing as well as stripe navigation. Traktor 3.2 also features optimized tempo detection, new WAV tag writing, an enhanced External Mixer mode, extended MIDI controller integration, an extended user manual, and a large number of optimizations/fixes. The update is available for free to registered users of Traktor 3, and costs $30 for new users. 2.4 Photoshop CS3 Beta (Intel-inside) - for image manipulators Think Secret claims that Adobe is planning to release a public beta of Adobe Photoshop CS3 in the near future. "The Photoshop CS3 public beta will be open to all registered owners of Photoshop CS2. A valid serial number will be required to download the beta, which will consist only of the 'standard' version of Photoshop CS3, not the 'premium' version." 3.0 Multiple burns to a CD Two pointers to how to burn multiple sessions to a CD http://www.apple.com/pro/tips/burnmulti.html http://freeridecoding.net/burnagain/ 4.0 MS Office 2007 (for Windows) Early news about Microsoft's Office 2007 for Windows. The new PC-based Office uses a slew of new file formats that are natively incompatible with previous editions of Office for both Mac OS X and Windows. Files sent from very up to date PCs will be unreadable by current Macs For previous Windows versions of Office, a compatibility pack has been released that allows opening and limited editing of the new document format. For previous Mac OS X versions of Office (ie what we are using now), a similar compatibility pack is on the way. 5.0 For my two New Zealand-based clients iTunes is now available in the land of the kiwi fruit. Apple has also opened an on-line store there. 6.0 More Apple Macintosh users New research suggests that the number of new users to the Mac platform is expected to continue rising. Recent research collected from 20 Apple specialist stores by research firm Piper Jaffray reveals that 25 percent of customers are purchasing Macs for the first time, and that this number is expected to continue rising as a result of the theorized iPod 'halo effect' as well as the popularity of Apple's Boot Camp software. Comparatively, Apple stated that 50 percent of customers who purchased Macs in its own chain of retail stores were 'switcher' who had never used a Mac before. The research firm also expects an increase in general Mac sales, with iPod stock in the run up to the holiday season revealing solid stock at specialist stores. 7.0 For AOL users Good news. I have found out how to collect your AOL mail to your Macintosh without using the AOL software. As the AOL software for OS X isn't paricularly good, and as AOL do not support broadband users of AOL under OS X, this might be a way to start your migration from AOL. Let me know if you'd like to set this up. 8. From the field! This is a new section, featuring small snippets written by fellow Macintosh users. Except to note that her is an iPod on the International Space Station, being visited by the NASA Shuttle Discovery at the moment (see pictures and movies at www.nasa.gov).
Any questions? Let me know! Anything you'd like me to write a note on? Let me know! thanks for being Mac users hugh