Tag Archive

Tag Archives for " Mac "

The new Mac App Store is online

It’s simple way to find, install, and manage your favorite software. To see the Mac App Store at all, you’ll need to run your Software Updates (under the Apple menu) and get Mac OS X 10.6.6 System Update, or run the combo update you can download here.

After you reboot, you’ll see a new icon in your dock, right after the Finder icon. Click that to launch the app store. Most apps cost less than you may have seen them at retail, but some, like Things, are priced higher than we’ve seen them in bundles.

  • 01/06/2011
  • IT

Guard yourself from Firesheep and Wi-Fi snooping

The abundance of free/cheap and open Wi-Fi networks in restaurants, airports, offices and hotels is a great perk to the traveling user; it makes connectivity and remote access much easier than it used to be. But you need to be informed and understand the risks.

Unfortunately, most of those “Open” networks don’t employ WEP or WPA passwords to secure the connection between device and hotspot, every byte and packet that’s transmitted back and forth is visible to all the computers on the wireless LAN, all the time. While certain sites and services use full-time browser encryption (the ones that have URLs beginning with https:// and that show a lock in the browser status bar), many only encrypt the login session to hide your username and password from prying eyes. This, as it turns out, is the digital equivalent of locking the door but leaving the windows wide open.

Firesheep is a Firefox extension which makes it trivially easy to impersonate someone to the websites they log in to while on the same open Wi-Fi network. It kicks in when you login to a website (usually in a secure fashion, via HTTPS) and then the site redirects you to a non-secured page after login. Most sites that operate this way will save your login information in a browser cookie, which can be ‘sniffed’ by someone on the same network segment; that’s what Firesheep does automatically. With the cookie in hand, it’s simple to present it to the remote site and proceed to do bad things with the logged-in account. Bad things could range from sending fake Twitter or Facebook messages all the way up to, potentially, buying things on ecommerce sites.

The solution

USE SSL/HTTPS only if the website supports it — is quite simple: after you connect, the site should keep your session secure using SSL or https. Some sites, including most banking sites, already do this. However, encryption requires more overhead and more server muscle, so many sites (Facebook, Twitter, etc.) only use it for the actual login. Gmail has an option to require https and has made it the default setting, but you should make sure that it’s enabled if you use Gmail (Google Apps has a similar feature). This also doesn’t necessarily help if you’re using an embedded browser in an iPhone or iPad app, where the URL is hard-coded.

Protecting yourself from Firesheep if you use Firefox or Chrome is possible with extensions like the EFF’s HTTPS Everywhere, Secure Sites or Force-TLS. These work by forcing a redirect to the secure version of a site, if it exists. The obvious problems with these solutions are: a) you have to install one for each browser (and we have not yet found one for Safari), and b) it only works if a secure version of the site exists.

Even better.

A) Don’t use open networks.
B) Use a SOCKS proxy and SSH tunnel.
C) Use a VPN.

adapted via tuaw.com

  • 10/26/2010
  • IT

How to: Properly Coil Your MacBook’s Power Cord

Apple’s white power brick is pretty handy, what with the attached hooks for coiling it up and packing it away. If you do it wrong, though, you’ll likely stress the cord and break it (or worse, create a fire hazard).

Instead of just coiling it up, make a loop so the joint between the brick and the wire isn’t bent. It’s simple, see video below.

via tested.com

  • 08/20/2010
  • IT

Secure password without having to remember anything complex

If you want a secure password without having to remember anything complex, try shifting your fingers one set of keys to the right. It will make your password look like gibberish, will often add in punctuation marks, and is quick and simple.

Let’s take a look at how a few of those popular passwords fare when run through this method: * password => [sddeptf * letmein => ;ry,rom * money => .pmru * love => ;pbr

via LifeHacker

  • 04/15/2010
  • IT

Choose Which App Opens for Each Camera in Snow Leopard

Previous to 10.6, when you plugged a camera in, it would launch iPhoto or Aperture or whatever program you’d set up as your default.

Image Capture 6.0, in 10.6 takes care of this with a little preference portion in the lower left corner of the app. For each camera you can set a preference as to which program, if any, will launch when that device is plugged in.

  • 09/15/2009
  • IT