Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.



Pick an apple! 
Copy Before Submitting Web Forms

Filling in Web forms (like the one used to submit this tip) can be a bit of a gamble - you put in your pearls of wisdom, perhaps only to lose them all if the Web page flakes out or the browser crashes. Instead of losing all your text, "save" it by pressing Command-A to select all and then Command-C to copy the selected text to the clipboard. Do this periodically as you type and before you click Submit, and you may "save" yourself from a lot of frustration. It takes just a second to do, and the first time you need to rely on it to paste back in lost text, you'll feel smart.

Submitted by
Larry Leveen


Beware Trojans Bearing Ads

Send Article to a Friend

According to Russian security firm Doctor Web, there are an increasing number of Mac-focused Trojans that install extensions for Safari, Chrome, and Firefox. These extensions are designed to embed third-party ad code into otherwise unrelated Web pages, funneling the clickthrough revenue back to the malware authors. The Trojans use a variety of techniques to fool users into installation, including masquerading as video plug-ins, media players, download accelerators, and more. To be safe, avoid installing software from sites that prompt you to do so — always get software from trusted sources.favicon follow link


Comments about Beware Trojans Bearing Ads
(Comments are closed.)

Re:"To be safe, avoid installing software from sites that prompt you to do so — always get software from trusted sources."
Does this mean one should turn off AutoUpdate or use it strictly as a notice that one should go the original vendor's web site to get the latest update?
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-26 06:56
No, automatic update features within programs are probably the absolute safest, since I would think they would be the hardest to spoof. The vendor's Web site is second safest.

The main thing is, if a Web page pops up a dialog saying "You need the IMGOINGTOSTEALYOURFACE plugin to view this content." click Cancel and close the page as quickly as possible. And even if a site says, "You need the Microsoft Silverlight plugin to view this content." go to the Microsoft site manually to download and install it, rather than getting it from the prompt.
Jesse the K  An apple icon for a TidBITS Contributor 2013-03-25 18:41
And as far as "trusted sources" go: I assume that Safari extensions available through "Safari Extensions…" in the app menu are OK.

Does this mean extensions from other sources are suspect? How does one go about determining their safety? (Crap, and I thought Mac users didn't have to fuss about this stuff.)
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-26 06:58
Yes, you should get Safari Extensions only through the the Safari Extensions Gallery available from Safari > Safari Extensions.

This is actually a big deal, and I believe Google has changed Chrome so that you can download Chrome extensions only from the Chrome Web Store rather than from developer sites for just the same reason.
SteveD  2013-03-26 11:47
Since these are browser extensions, will they show in the respective browser's extension mechanism? Thus a weekly (or so) perusal/scan through those lists may help to detect? Also, have any of the anti-malware vendors announced support for detection & prevention?
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-26 12:02
It certainly wouldn't hurt to look through the installed extensions to make sure you recognize everything there, but if you're careful about installing software properly, it shouldn't be a problem. I imagine the antivirus vendors have updated to detect these, since they're likely quite obvious.