Get iTunes 4.5 from Apple and see my playlist! Check out the cool album cover they generated based off albums in my playlist.

I’ve posted some pictures from MacCamp!

I had a great time, met a lot of neat people and really enjoyed the jam sessions by other MacCampers!

I picked up my Phone Valet from the Mac Store today. This thing is cool!

It speaks the name of my incoming calls, logs all incoming and outgoing calls (just by using the phone), sets iChat to “I’m on the phone” when I use the phone, and you can voice dial too. I have not tried this due to not having a mic that works well with Speech Recognition.

You can dial from Address book, or from Phone Valet’s application. You can also script the phone valet dialing assistant to dial as well.

First IE, now according to this story, Norton has ceased work on SystemWorks and Norton Utilities for the Mac.

This says several things to me:

• Mac OS X is much more stable and thus less people needed these applications
• The word finally got around that people should have DiskWarrior in their arsenal, nor Norton Disk Mutilator (known to some as Doctor)

When I was having my issues with iPhoto 4.0.1 I ran DW on my G5, the first since I got the machine (and four OS updates, 1 kernel panic later) and it found zero problems with my disk. Awesome.

I’d much rather live in a world where I don’t rely on buggy software because my OS is stable. Yay!

If you know about the joke, you need to see this, if you don’t know about the joke, you really need to see this.

Remix of the President Bush WMD joke

Sad.

MadOnion posted a review of SUSE Linux 9.1 (site down, slashdotted) and while I skimmed over it, curious about what is going on in the Linux world, some quotes in the summary caught my eye…

“SUSE LINUX 9.1 is an excellent Linux distribution for the price. At $89.95 USD, you would be hard pressed to find a better package. Sure, you can download Linux all day long from the Internet for free, but in no way does that give anything back to the developers who innovate. You are showing support for them by running and promoting their software to others, but nothing helps keep development flowing like cold hard cash. SUSE is worth the price. For the 90 days of installation support, online and email support, as well as the plethora of packages that are included, you simply can’t go wrong”

“So many distros these days have apps that are just ‘broken’, not working, and trouble to work with. I visited as many apps as possible during my review and everything worked. This to me is a huge selling point.”

“While I love the power that Linux gives me to compile my own software from source and configure it to my liking, I am starting to realize that the time it takes to get everything running the way I like it is at a premium. I could spend this time doing other things like playing hide and seek or reading story books with my daughter. SUSE gives me these opportunities. They have built a desktop system that works very well out of the box. Almost everything is configured the way I need it to be, hardware is simple to manage, and while software management can come a long way with online updates I can live with it. Within a minimal amount of time I can have a SUSE system running with all the applications I could need, all working, and still have the power to compile and configure my own software exactly as I see fit. Gone are the days of fighting with 3D drivers. nVIDIA drivers installed easily through YOU (or from nVIDIA’s site). Everything simply worked.”

Kind of sounds like Mac OS X, doesn’t it?

Alright, so Mac OS X only runs on Macs, and not any old PC, but come on, that is one of the reasons our Macs “just work” That to me is a selling point.

In what I hope to be my last piece on this Mac “Trojan” horse issue, I’d like to settle the score. The Mac community has jumped on this issue with intellect and quickness and have showed, as I did, that this appears to be nothing more than a media grab for Intego, which seems to have worked. For that, Intego gets 10 points. The Mac community gets 1000 for being quick to analyze and criticize this company.

In the FAQ posted by Intego, they claim to be “Macintosh Security experts” who, as their FAQ stated, “We protect your world.” Ok, let’s think about this for a second.

You are a Macintosh user, who wants a safe computer. We all do. So along comes Intego, who reports about this trojan, which is nothing more than a proof of concept, but they want you to be safe because they are the “experts” for “more than 6 years” in the Macintosh security business.

Alright. So reading further in the FAQ, they noted that they were told about this “Trojan” on “April 6, 2004 at 11:16 am” Folks, this trojan is nothing more than a Macintosh application with a geeky way to hide the virus code. This company, who has been around for so long, whom are experts, had to have someone tell them this could be done before they did anything about it?

Is that the kind of “expert” you want developing your security software? Not me.

Yes, this “trick” can be used to trick you into running a trojan that erases your files. This “trick” has been around since the dawn of Macintosh and is nothing new.

Intego would not be getting so much flak if they had just released a version of their software that helps block these kinds of tricks. That would have been cool. But instead they chose to prey on the unsuspecting Mac user, the Mac user who has been told to not worry about viruses and trojan horses, the Mac user who really doesn’t care about how computers work, the Mac user who just wants to use their Mac. They preyed on Mac user’s fears and concerns for their Macintosh as a way to drum up business for their Virus protection software.

Ya know, Intego says this is not the case, but just look at their press release, look at the articles I and others have written about how this is not a new issue, and draw your own conclusions.

I want Mac developers who treat me with respect, not like a fool.

Other articles

• MacMerc - Intego puts the ‘con’ in the MP3Concept trojan
• Wired - OS X Trojan Horse is a nag
• Boing Boing - First Malware for OS X?
• More details on Trojan Horse for Mac OS X - Go Dave, who came up with the same idea as me - “The only way for Apple to “fix” this would be to universally visually identify executable applications in some fashion.”
• Ars: Immediacy of Mac OS X Trojan horse threat exaggerated

Ok ok so all this hoohaa about a Macintosh trojan. “Oh my God, don’t click those MP3s, someone has finally hacked the Mac!” is what I hear.

Not really, folks. Calm down, and here is what is happening.

First off, you might have heard this is a new exploit. No. This “trick” could have been done in 1984. Simply put, this trojan horse is a normal “original” style macintosh application, with code in the code resource and data (in this case, the mp3 tune) in the data fork.

Old Mac OS applications (or current Carbon applications) look like one file to you and me, but are really two. New applications, like iPhoto, are “bundles” and while they look like applications to you and me, are really folders of code and the resources needed for the application. Both serve the same purpose, but are implemented differently.

“But this file is an mp3 file!” Well yes, the data fork is mp3, but the resource fork is an application. In fact, if you select this “mp3″ and select “Get Info” you’ll be shown it is an application.

Applications can do anything to your computer (given permission) once you launch them. In essence, this trojan is tricking you to launch it by appearing to be an mp3.

How does it do it when the file extension is .mp3? Well, on the Mac, there are several ways for an application to tell MacOS that it is an application. One is by the file extension, and this is new to OS X. The older, and still used way, is some data put on the file itself called the type and creator. The type tells Mac OS what type of file it is, and if that type is ‘APPL’ then the Mac sees it as an application.

The icon for an application is embedded inside the application, thus all you need to do is write a mean application, name it with a .mp3 extension, put a iTunes icon for the application icon and wham, you have a trojan.

But I bet you heard the code is embedded inside the mp3! oh no! Well, yes, the bad code is. But unless an application like iTunes loads this and executes it as code, it is benign. Most of the Windows viruses come from poor applications like IE and Outlook actually executing this code. Nothing on the Mac does to my knowledge.

So what happens is you double click this mp3 and a resource in the application tells the mac where to find the real code, inside of the data fork. The fact that an mp3 is seems to be just a way to scare people into buying their software.

So the virus code gets executed, iTunes is launched by the virus and plays the file in the data fork while it goes off and does bad things to your machine.

The point here is folks: This is not new, this attack has been around since 1984 and just like before, trust your sources. If you get a random email with an mp3, don’t run it!

Or, have iTunes import the mp3 but don’t double click it. This will import the song and play it, but not execute the virus.

If you are in question, select the file in the Finder, choose Get Info from the File menu and at the top it will say “Application” or “mp3 file”

I stripped the resource fork off of the trojan application, which left just the mp3 data fork, and the file opened on a dummy user account with no errors nor virus activity.

Thus, as I have said, playing an mp3 or viewing a jpeg cannot hurt your system. Double clicking a file appearing to be a mp3 or a jpeg can. Double check files people send you with Get Info or with some utility like Virex, but don’t fall victim to the sky is falling mentality of a recent press release seemingly designed to stir up sales.

As reported last year, I bought a Belkin Auto Kit for my iPod. It contained a cigarette lighter adaptor and a line out from the dock connector, as well as a built-in pre-amp.

I went through two of them, both exhibited the same behavior - Because of the pre-amp, they coupled noise from the engine into the line out signal. Also, the pre-amp was lame and would often whine and hiss even with no iPod connected.

Last night I learned about the Monster iPod car kit and picked one up from the awesome Erick Laabs at The Mac Store

The Monster works perfectly. The audio connector comes off the dock connector, so it does jut out a little into my shifting space but is not bad. The sound is incredible, just clean line out quality, no amplification, pure bass, etc.

The Monster dock connector is much thicker, so I had to modify my iPod Mount by making the dock connector slot bigger. Then I could not disconnect the connector once attached to the iPod due to the space taken up by my holder, so the solution, which I like better anyway, is to push the connector up through the iPod mount and connect/disconnect it there. Then the cable rests nicely in the iPod mount when not in use.

The Monster is much lower profile and I think people will like that also.

The Monster does not pause the iPod when power is lost - This is fine by me, as it is one less capacitor in the chain to screw things up.

I have a Netgear WGR614 (version 1) router that I had upgraded to beta firmware to allow WPA encryption. I could never get my TiBook with its Linksys 802.11g card to connect however.

I also wanted to look into using my G5 as a router. So I bought an Asante PCI 10/100 card and went to town.

A day later, I gave up. Here is why:

I had two issues. I wanted WPA from the wireless and my Vonage voice over IP phone would skip and be unusable when uploading files. The solution to the first was to get Netgear to fix their router, but they never did. It might be the chipset, who knows. The solution to the latter was packet shaping, ie some software or hardware that would give the phone priority when it was in use.

The only packet shaping software I could find on the mac was throttled, but I never got it to help much, and sure not dynamically, ie only when the phone was in use.

Apple’s built in Internet Sharing never worked between the built in ethernet and Asante card, no idea why. I could use brickhouse to enable that, which worked, but I still had not DHCP server.

I thought about using an Airport Extreme card in my g5 to be a access point, but apple does not support wpa, does not let you hide the SSID nor do they do cool stuff like block access everyone except specified MAC addresses.

So, what a pain.

Solution to the WPA issue

Netgear is selling their WGR614s for $89.99 with $40 in mail in rebates. I picked up a v4 (the latest chipset). You can tell which one you get by looking at the blue side panel where it says “Package Contents” The model number will have V2-V4 next to it. No V number means it is a V1.

Anyone wanna buy a WGR614 V1?

Solution to the Vonage packet shaping issue

I have not done this yet, but all reports are good. You can call Vonage and request a swap of your cisco ATA-186 with a Motorola V-1005. This box is not only a telephony adaptor, but it also has DCHP and NAT and packet shaping. So you’d create your network like:

Cable Modem -> Motorola V-1000 -> Netgear WGR-614->Computers

You would disable DHCP on the Netgear and let the Motorola handle it, while the Netgear would be the firewall to your local area network.

To do this swap, Vonage charges you $100 for ground delivery (about $120 for 2-3 day) and they disable your phone. When you get the Motorola, you plug it in and your phone works again. You mail back the Cisco and get a $40 credit.

A little pricey, but if it works, the price to pay for being on the bleeding edge.

Whew.