Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

 

 

TidBITS Watchlist
 
iMovie '09: Speed Clips up to 2,000%

iMovie '09 brings back the capability to speed up or slow down clips, which went missing in iMovie '08. Select a clip and bring up the Clip Inspector by double-clicking the clip, clicking the Inspector button on the toolbar, or pressing the I key. Just as with its last appearance in iMovie HD 6, you can move a slider to make the video play back slower or faster (indicated by a turtle or hare icon).

You can also enter a value into the text field to the right of the slider, and this is where things get interesting. You're not limited to the tick mark values on the slider, so you can set the speed to be 118% of normal if you want. The field below that tells you the clip's changed duration.

But you can also exceed the boundaries of the speed slider. Enter any number between 5% and 2000%, then click Done.

Visit iMovie '09 Visual QuickStart Guide

Share your own tip! | Search TipBITS

 

 

Related Articles

 

 

Published in TidBITS 441.
Subscribe to our weekly email edition.

 

 
03 Aug 1998 | Print Printer-Friendly Version of This Article

Security Issue with Email Attachments

by Geoff Duncan Send Email to Author

Send Article to a Friend

A recent CIAC security advisory identifies a potentially dangerous flaw involving email clients processing MIME attachments with unusually long file names (more than 200 characters). The problem, primarily affecting Windows versions of Microsoft Outlook, Outlook Express, and Netscape Messenger, could cause a buffer overflow that could crash the email client or potentially cause code to execute on the client's system, even if the user does not attempt to open the message or the attachment. Microsoft and Netscape have issued security advisories for their products, along with patches for the Windows versions of their software.

<http://www.ciac.org/ciac/bulletins/i-077a.shtml>
<http://www.microsoft.com/ie/security/oelong.htm>
<http://home.netscape.com/products/security/ resources/bugs/longfile.html>

Historically, the way to take advantage of a buffer overflow is to craft the precise binary data that will get past the target program's bounds checking, then somehow cause that data to be executed as if it were code. If an email program were susceptible to this problem and encountered a message designed to exploit it, the most likely result would be a crash. (There's nothing new about email programs crashing while processing badly formatted messages.) To execute malicious code, the extraneous data must be designed to target a particular email program running on a particular operating system, so a Mac running Eudora would be immune to a message designed to execute code on a Pentium-based system running Windows 98 and Outlook Express.

To date, there are no known instances of this code-execution vulnerability being exploited. The general alarm about this problem stems from the wide deployment of potentially vulnerable Windows-based clients from Microsoft and Netscape. In addition, even if the code-execution vulnerability turns out to be purely theoretical, the discovery of a reproducible way of crashing numerous copies of heavily used email programs is concerning. Even though patches to those programs are available now, it will take several months for a substantial portion of the user base to upgrade, and for commercial products to ship with corrected versions.

Users of Microsoft Outlook Express for the Mac version 4.0, and version 4.0.1 with build numbers less than 297 (choose About Outlook Express from the Apple menu to see the build number of your copy) can download a 2.2 MB update from Microsoft to correct any potential vulnerability. Qualcomm confirms that current versions of Eudora Pro and Light for Macintosh and Windows are not susceptible to this problem; according to Netscape, no Macintosh versions of Netscape mail software are compromised. Bare Bones Software's Mailsmith also does not suffer a security risk from this problem. We don't have any information about Emailer, but, again, the potential vulnerability is extremely low.

<http://www.microsoft.com/msdownload/iebuild/ oebuff_mac/en/oebuff_mac.htm>
<http://www.eudora.com/>
<http://www.barebones.com/>

 

Intego: Stay up to date with the latest Mac security news on the
Mac Security Blog. Get info about essential security updates, the
latest Mac threats, and security tips to help keep your Mac safe
from the dangers of the Internet. <http://www.intego.com/btb>