Security
DevilRobber now "improved", still nasty malware threat
We previously told you about DevilRobber and what sort of unsavory things it can do to (and with) your Mac. (In case you don't click over to read the article, here's the scoop: it's bad. Real bad.) Back in the day (November 1st), it was a ...
Core Security Technologies identifies Mac OS X sandbox hole
Although Apple plans to require sandboxing in all third-party Mac App Store apps as of March 2012, it sounds as though Apple needs to get its own sandbox in order first. Researchers at Core Security Technologies have found a way to circumvent ...
Smart Cover unlock bug may lead to iPad 2 data exposure
The folks at 9to5 Mac have noticed that Apple's iPad 2 Smart Cover lets you bypass a passcode lock on a device running iOS 5, albeit with limited access to the iPad's applications. Here's how the bug/exploit works. First, make sure your ...
Proof of concept: iPhone captures keystrokes via 'thump phreaking'
Researchers at Georgia Tech have worked up a proof-of-concept demonstration of using an iPhone 4's accelerometer as a keylogger. After setting the iPhone near a computer keyboard, the device's built-in accelerometer and gyroscope were able to ...
Trojan variation disables Mac malware protection
Researchers from F-Secure warn that a variant on a trojan discovered in September, which masquerades as an Adobe Flash Player installer, now exists and is capable of disabling OS X's built-in malware protection. OSX/Flashback.C disables the ...
Apple updates malware definitions to address PDF trojan
According to MacRumors, Apple has updated its malware definitions to address a PDF trojan that gained widespread attention last week. While reports indicated that the trojan's damage was limited to installing a backdoor in users' systems, Apple ...
Security firm extracts Mac OS user login passwords over FireWire
OMG. Lock up your Mac now! Security firm Passware sent out a PR blast this morning noting that their $995 application Passware Kit Forensic v11 can retrieve Mac OS user login passwords, and they're saying that this "proves Mac OS Lion ...
Mac malware 'explosion' missing in action
The appearance of the MacDefender trojan back in May provoked a lot of back-and-forth between various tech writers (including your humble correspondent). Was this a sign that the good times were ending? That the Mac platform would come under ...
Dropbox security bug temporarily allowed logins without authentication
Earlier today, a code update to Dropbox introduced a bug that temporarily allowed access to users' accounts and files without authentication via the company's web interface. For approximately four hours, from the time that Dropbox made the ...
iTunes fraud surge hits gift card balances, PayPal accounts
The frustration and questions surrounding iTunes App Store purchase fraud are (unfortunately) continuing. Over the past three weeks, we've received several first-hand reports of accounts with positive gift card balances being unexpectedly drained; ...
In a MacDefender world, practice constant vigilance
A week ago, I did my public service duties and linked the MacDefender protection and removal guide that Steve Sande wrote to my Facebook wall. Then I braced for the comments. Luckily, none of the taunts I expected about Macs now being subject to ...
MacDefender malware protection and removal guide
Screenshot thanks to @jaythenerd The MacDefender malware has been causing trouble for Mac users all over the world; people are calling Apple Support in a panic, spending time visiting their local Apple Store Genius, and getting all stressed ...
Malware, Macs, and crying wolf: Doing the math
Love Apple gear? Like math? TUAW's Doing the Math series examines the numbers and the science that lie behind the hardware. The contentious subject of Mac security has been back in the news in recent weeks following the emergence of a fake ...
Skype pushes update to Mac client for security flaw
As we mentioned Saturday, a critical vulnerability in the Skype 5 client for Mac could have exposed your machine to attack from malicious contacts (the vector for attack is an instant message, which you only can receive by default from people ...
Firmware password security improved on new MacBook Air & Pro
ZDNet spotted a new Apple support document which states that only "Apple retail stores or Apple Authorized Service Providers" can unlock a new MacBook Air (late 2010) or Pro (early 2011) protected by a firmware password. If your firmware password ...
Adobe's Wallaby hints at cracks in Flash armor
The standoff between Adobe and Apple has been the stuff of legends. Neither Adobe, which rightfully maintained that it could not be ignored because a serious chunk of web content was delivered by its proprietary Flash format, nor Apple, which ...
Hot Apps on TUAW
Deals of the Day
more deals- Altec Lansing Octiv Duo iDock for $48 + free shipping
- Used Apple iMac 17" Core Duo 1.83GHz for $430 + $28 s&h
- Lounge Deluxe Stand for iPhone / iPod touch for $28 + $8 s&h
- Brookstone Surround-Sound Earbuds for $14 + $7 s&h
- Refurbished Skullcandy Tokidoki Smokin' Buds Mic'd Headset for $5 + $2 s&h
- Stitchway Backup Battery for iPod / iPhone for $5 + free shipping
Software Updates
more updates- EFI Firmware Update brings Lion Internet Recovery to 2010-model Macs
- OS X Lion 10.7.3 released with Safari 5.1.3, Wi-Fi bug fix
- Aperture updated to 3.2.2, addresses Photo Stream issue
- Apple updates Keynote to address Lion issues
- Google Search app gets new look on iPad
- Apple releases Apple TV Software Update 4.4.3


