Kibbles & Bytes Blog

In last week’s issue, we published an article detailing the release of Mac OS X v10.6.7, which was made available Monday, March 21 for all Snow Leopard users. Following the update’s release, issues began to surface surrounding the operating system’s handling of OpenType PostScript fonts and PDF files. For users with a myriad–pardon the font pun–of OTFs installed as well as heavy Adobe users, the update has been particularly problematic.

Though the majority of OS X’s included system fonts are TrueType, a few OpenType PostScript fonts are also included. For this reason, we recommend holding off on v10.6.7 if you have not already updated. Apple has not commented on whether or not they plan to issue a fix for the bug. However, as the affected number of users is sizable, it is likely a patch of some kind will be issued before the formal release of v10.6.8. Our apologies if last week’s article led you to update your OS and you have since been affected by the bug. When the article was published, we hadn’t yet realized the full scope of the issue.

Transferring documents between your iPad/iPhone/iPod touch and Mac/PC is a very simple and straightforward process. Apple has made it easy to do by implementing the functionality directly in iTunes.

Though the process may be simple, the interface to do so may not be immediately apparent to most users. The capability to transfer files to your device REQUIRES an application capable of having files transferred to it, such as Pages, Numbers, Goodreader, etc.

To open the interface for transferring files:

1. Connect your iPad/iPhone/iPod touch to your computer.

2. Open iTunes, if it didn’t open automatically when you connected your device.

3. Select your device in the left pane of iTunes, and select the Applications tab in the main window.

4. Scroll down to the bottom of the Applications tab, where you will see a list of applications capable of receiving documents on the left and an interface to transfer files on the right.

To transfer files from an application, simply select the application with the files you want and drag the files out of the right pane to wherever you would like them on your computer.

To transfer files to an application, click the add button in the right pane, navigate to the file you wish to transfer, and click open. Alternatively, you can drag and drop the file into the right pane. The file should now show up in the application on your device.

Last week, Apple released Mac OS X v10.6.7 Supplemental Update for 13″ MacBook Air. The update–released exclusively for the 2010 model of 13″ MacBook Air–focuses solely on an issue causing machines to freeze while running iTunes. The support document accompanying the update states:

This update addresses an issue that makes the system unresponsive when using iTunes.

It is recommended for all 13″ MacBook Air (Late 2010) users running Mac OS X v10.6.7.

The update requires a mere 461 KB of disk space and a late-2010 model 13″ MacBook Air running Mac OS X v10.6.7. The update is available through Software Update or via direct download “*here.*”:http://support.apple.com/kb/DL1370 As always, we recommend you back up your machine prior to installing any updates.

Back in February, the Apple world was rocked by the announcement of a Trojan called BlackHole RAT (Remote Access Trojan) that could allow someone to access a machine remotely, without the knowledge or permission of the user. (Okay, so maybe “rocked” is an exaggeration; more likely a couple of people yawned and clicked through to the next article.) A report came out today that BlackHole RAT has been updated to 2.0. In addition to the standard backdoor type access, now it can allow remote commands and put up a fake password prompt, which then sends your administrator password to the hacker. Most of the time, the announcement of a Trojan on Mac OS X doesn’t upset anyone because, unlike a virus that spreads on its own, a Trojan has to be installed by the user, and who would do something like that?

The term “Trojan” comes from the tale of the Trojan Horse: During the Trojan War, Greek soldiers left a giant wooden horse outside the gates of Troy, which the people brought into the city as a victory trophy. That night, Greek soldiers hidden inside the horse opened the city gates to allow the rest of the Greek army inside. This is in essence how a Trojan works on your computer: you install an application that appears to be one thing, but it carries hidden code (called a “payload”) that does something unexpected and usually harmful. Trojan Horse programs tend to make more news on Windows systems, since larger percentage of computer users are running Microsoft’s OS. Most hackers go for the largest return on their time, which is always Windows users. On a Mac, it’s harder to infect the operating system, but it is still possible if you don’t practice “safe surfing.” (I know the term sounds silly, but really, it’s true.) Key point–watch what you install.

While viruses often come in various forms (as e-mail attachments or through unsecured ports), Trojans come packaged with another program. More often than not, Trojans are attached to “pirated” software. Here is a typical scenario: you find a copy of Microsoft Office:mac 2011 on the Internet, and it comes with a “serial crack” (which allows you to activate the software without paying for it). You run the serial number generator, it prompts you for a password, and then it gives you a fake serial number, which you enter into Office. Wow, you just got a $190 program for free!

A few days later, your friends tell you that they are receiving spam from your e-mail address. You try to log into your mail to check, but your password doesn’t work. Frustrated, you go to Facebook to post about it, except you can’t log into your page anymore, and all your pictures are gone. Later, you try to buy groceries, but your credit card is overdrawn. Checking your statement online, you find that someone bought a widescreen television and several iPads from Best Buy in some state you’ve never been to. Then the realization hits–you’ve been hacked. That serial number generator you installed had a program attached that allowed someone to grab all your personal information, so now everything you had on your computer–including your passwords and bank account information–is being used by someone else. You might think, “But I have a Mac, this can’t happen!” Remember that any program that attaches to the OS requires a password to install, and when the serial number generator asked for it, you happily provided it.

This is not intended to be a sermon reminiscent of “don’t copy that floppy.” It does, however, illustrate how even a computer as secure as a Mac can still be “hacked.” It’s akin to giving a stranger your keys and then wondering what happened to your car. Best way to prevent this? Watch what you install. As I have said in previous articles, don’t install “warez” –a generic term for commercial software that you did not pay for. If you see programs claiming to remove copy protection or fake “serialz” or “cracks,” avoid them. Most of the time they do what they claim, but there is no way to know what else they do until it’s too late. Sophos has a free scanner that can watch out for these things, but really, the best protection is to just not go there. If you don’t want to get mugged, don’t go down a dark alley at night. If you don’t want your data to get mugged, stay out of the dark alleys of the Internet.