Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Create Rules Based on Entourage Messages

When creating rules in Entourage 2008, you can save some time by selecting a message like those you want the rule to work on before defining the rule. That way, when you add criteria to your rule, Entourage fills in the data based on the data in the selected message. So if you wanted to filter messages containing TidBITS, you could select an issue and add a new "From Contains" criterion to a rule. Entourage will automatically fill in the editors@tidbits.com address in the criterion.

Visit Mactopia - Entourage 2008 for Mac

 

 

Published in TidBITS 14.
Subscribe to our weekly email edition.

 

 

PostScript Trojan

Send Article to a Friend

There has been discussion on Usenet recently of a new trojan horse that is a bit different from the usual sort. Most trojan horses are fairly simple minded in that they try to erase files or entire hard disks, which has become tediously obnoxious. This new trojan, which has yet to be named, lives in certain PICT files and if you print these PICT files on a PostScript printer, the trojan is downloaded to the printer and executed. It changes the PostScript password in the laser printer to a random number, thus preventing you from using the printer. This is normally disastrous, because there are 65,536 possible passwords (it's an integer) and you might have to try each one of them to set the password back to the default of 0. This is because you have to know the old password to set a new one. The PostScript language can do this automatically, of course, but rough estimates forecast the time it would take to be over three weeks of continuous checking. Not my idea of a fun month.

Luckily, someone came up with an ingenious PostScript program which resets the password to 0. You must have a program such as SendPS (free from Adobe) to send the code to the printer.

If you're wondering why PostScript bothers with passwords at all when it defaults to 0, you do so justly. Adobe's Red Book says that the password is included so system administrators can keep unauthorized people from changing any other (pseudo) permanent states of the laser. For this to work with the Mac, you have to change all versions of the LaserWriter (or possibly LaserPrep) file that are used with the printer to recognize the new password, which is a hassle. Don't do this unless you consider yourself a minor PostScript deity and like using ResEdit as well. It might be best not to have a password at all if it is set to a default in most printers. Unused passwords lead to trouble, as it has done here.

Are you wondering what the alternative is if you can't afford a month of downtime for your Mac and printer or can't get a copy of the code to reset the password? One person said that his EEPROMs were somehow reset during a ferocious lightning storm, but it's hard to fly a laser printer on a kite like Benjamin Franklin's famous key. Remaining dry and on the ground, you can either reset the password by taking out one of the EEPROMs in the printer (our source didn't know exactly which one) and risk destroying things or you can go to your friendly local dealer and purchase new EEPROMs for about $150. Neither is a good option. However, the code to reset the password and the SendPS program should be readily available for anonymous FTP on the nets at sumex-aim.stanford.edu and rascal.ics.utexas.edu, and if not, I will personally make sure they are on the Memory Alpha BBS (607/257-5822) in Ithaca, NY. Memory Alpha sports a full line of anti-virus tools and all are welcome. We'll include an update next week in TidBITS if we find out which PICTs carry the evil code and what the trojan will be called.

In light of all the safe sex campaigning, wouldn't it be ironic if even ogling a few lewd PICTs required that you protect yourself? Ah, cruel, cruel world.

Information from:
Doug Davenport -- SNAP Technologies, Ithaca, NY
Adam C. Engst -- TidBITS Editor
Chris Johnson -- chrisj@emx.utexas.edu
Werner Uhrig -- werner@cs.utexas.edu
Michael Newbery -- newbery@rata.vuw.ac.nz
Casper H.S. Dik -- casper@fwi.uva.nl
Mike Blackwell -- mkb@rover.ri.cmu.edu
Steve Liget -- stevel@eleazar.dartmouth.edu

 

CrashPlan is easy, secure backup that works everywhere. Back up
to your own drives, friends, and online with unlimited storage.
With 30 days free, backing up is one resolution you can keep.
Your life is digital; back it up! <http://tid.bl.it/code42-tb>