Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Mac OS X Services in Snow Leopard

Mac OS X Services let one application supply its powers to another; for example, a Grab service helps TextEdit paste a screenshot into a document. Most users either don't know that Services exist, because they're in an obscure hierarchical menu (ApplicationName > Services), or they mostly don't use them because there are so many of them.

Snow Leopard makes it easier for the uninitiated to utilize this feature; only services appropriate to the current context appear. And in addition to the hierarchical menu, services are discoverable as custom contextual menu items - Control-click in a TextEdit document to access the Grab service, for instance.

In addition, the revamped Keyboard preference pane lets you manage services for the first time ever. You can enable and disable them, and even change their keyboard shortcuts.

Submitted by
Doug McLean

 
 

InterNIC Employs a Guard Dog

Send Article to a Friend

You wouldn't think the guy that John Markoff of the New York Times described as one of the greatest computer security experts in the world could have his domain name ripped off, would you?

It appears the InterNIC is not immune to many of the forces that Tsutomu Shimomura and Markoff wrote about in Takedown, their book about the tracking of hacker Kevin Mitnick. An unknown hacker used social engineering - that is, talking somebody into something rather than using cracking programs or computer tools - to convince the agency that controls the registration for all domains on the Internet that the information for the domain takedown.com had changed. The InterNIC duly updated the info, and laughs abounded as "takedown" was taken down.

The InterNIC doesn't think this is funny, and neither do the managers of the now hundreds of thousands of domain names. Although the agency says the frequency of illegitimate domain changes is low, they have introduced a method of beating social engineering by using a combination of public-key encryption and password protection. The InterNIC has proposed a Guardian Object structure in which each domain name's contact person can have associated protection information. Without a password, acknowledgment, or public-key signed message (or some combination thereof), the domain information won't be changed.

Currently, the InterNIC won't change domain name information unless the message originates from someone currently associated with the domain. However, the ease of forging email makes this method highly suspect. Coupled with "social engineering," there's little protection now from any relatively committed individual.

The Guardian model should make domain name transfers more orderly and stable, and protect the folks who own these domains. If you are having a domain name registered on your behalf, always have it registered to your company (or yourself) and your physical address; in this way, you protect the ownership of the domain itself, separate from its technical information. So, if you're the Flan Corporation, don't allow flan.com to be registered to "Bill's Internet Shack" - they should be listed as the contact for technical purposes only.

More information on the Guardian model is available online; there's no current timetable for implementation.

<ftp://rs.internic.net/policy/internic/internic -gen-1.txt>

 

READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to Phillip Hofmeister, Guy Plunkett III, Steven Heim,
and Bruce Brandt for their generous support!