Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Springy Dock Tricks

If you drag a file and hover over Dock icons, various useful things happen which are similar to Finder springing. If it's a window, the window un-minimizes from the Dock. If it's a stack, the corresponding folder in the Finder opens. If it's the Finder, it brings the Finder to the foreground and opens a window if one doesn't exist already. But the coolest (and most hidden) springing trick is if you hover over an application and press the Space bar, the application comes to the foreground. This is great for things like grabbing a file from somewhere to drop into a Mail composition window that's otherwise hidden. Grab the file you want, hover over the Mail icon, press the Space bar, and Mail comes to the front for you to drop the file into the compose window. Be sure that Spring-Loaded Folders and Windows is enabled in the Finder Preferences window.

Visit plucky tree

Submitted by
cricket

 
 

OT Tuner 1.0 Combats Possible Net Abuse of Macs

Send Article to a Friend

Apple Computer has released OT Tuner 1.0, a tiny patch which disables an option in Open Transport that could enable Macs connected to the Internet to be used as traffic amplifiers (see below) in a distributed denial-of-service attack. The update is for any computer running Mac OS 9, or Power Mac G4s, iBooks, or current slot-loading iMacs (like the iMac DV) running Mac OS 8.6. OT Tuner 1.0 is a 175K download, although the patch itself is less than 2K.

<http://asu.info.apple.com/swupdates.nsf/artnum/ n11559>

[05-Jan-00: Apple has withdrawn OT Tuner 1.0 in favor of Open Transport 2.6 which purports to offer the same abuse prevention without the problems some users experienced with OT Tuner 1.0. -Geoff]

<http://asu.info.apple.com/swupdates.nsf/artnum/ n11560>

OT Tuner 1.0 is a direct response to a behavior in Open Transport publicized by John Copeland at the Georgia Institute of Technology. The basic premise is that Open Transport will sometimes send a 1,500-byte response to certain small data packets sent from a remote machine elsewhere on the Internet. (This behavior is part of a standard called Path MTU Discovery detailed over nine years ago in RFC 1191.) The problem is that the small data packets could be forged to look like they came from a third computer elsewhere on the Internet; in that case, Open Transport would send its 1,500-byte response to that third computer. According to Copeland, the forged packet might be as short as 29 bytes, so Open Transport effectively enables a malicious third party to send 1,500 bytes to a remote computer by transmitting a mere 29 bytes - a traffic amplification of over 5000 percent.

<http://www.csc.gatech.edu/~copeland/macattack/ index.htm>
<http://www.faqs.org/rfcs/rfc1191.html>

These data packets aren't enormous, but they can be generated quickly and the behavior could be exploited in several Macs to launch a distributed denial-of-service attack. In theory, a targeted computer's Internet connection could be flooded with thousands of 1,500-byte packets per second, and the computer would probably be brought to its knees trying to process all the inbound data. Distributed denial-of-service attacks are a relatively new phenomenon - see CERT Advisory CA-99-17 - and so far no tools are known to take advantage of Open Transport's potential vulnerability. In any case, only Macs running Mac OS 9 (or the models above running Mac OS 8.6) that are continuously connected to the Internet would be in any danger of exploitation.

<http://www.cert.org/advisories/CA-99-17-denial- of-service-tools.html>

Although many folks are using Apple's OT Tuner 1.0 without trouble, there are persistent reports of the patch causing problems for users with AirPort networks as well as some cable modem and DSL connections. Some users also report difficulty switching TCP/IP configurations with the patch installed. It's probably safest to err on the side of caution and give Apple's OT Tuner a try, but disable it using the Extensions Manager if you find it causes problems with your connectivity.

 

Automatic turns almost any car into a connected car. By pairing
Automatic’s connected car adapter with iPhone apps on
Automatic’s platform, drivers are able to drive safer and smarter.
TidBITS readers get 20% off all orders at <http://automatic.com/tb>