Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Beware Country-Specific iTunes Stores

If you buy an iPhone, iPod touch, or iPad, and you happen to be a user of the iTunes Store in more than one country, take note which country's store you're viewing in iTunes when you plug in the device for the first time. This will be the country the device will register with, and you will be forever barred from purchasing or even updating free apps from anywhere else. The only way out is to delete everything on the device and do a full restore.

Visit Eolake's Blog

Submitted by
Eolake Stobblehouse

 
 

OT Tuner 1.0 Combats Possible Net Abuse of Macs

Send Article to a Friend

Apple Computer has released OT Tuner 1.0, a tiny patch which disables an option in Open Transport that could enable Macs connected to the Internet to be used as traffic amplifiers (see below) in a distributed denial-of-service attack. The update is for any computer running Mac OS 9, or Power Mac G4s, iBooks, or current slot-loading iMacs (like the iMac DV) running Mac OS 8.6. OT Tuner 1.0 is a 175K download, although the patch itself is less than 2K.

<http://asu.info.apple.com/swupdates.nsf/artnum/ n11559>

[05-Jan-00: Apple has withdrawn OT Tuner 1.0 in favor of Open Transport 2.6 which purports to offer the same abuse prevention without the problems some users experienced with OT Tuner 1.0. -Geoff]

<http://asu.info.apple.com/swupdates.nsf/artnum/ n11560>

OT Tuner 1.0 is a direct response to a behavior in Open Transport publicized by John Copeland at the Georgia Institute of Technology. The basic premise is that Open Transport will sometimes send a 1,500-byte response to certain small data packets sent from a remote machine elsewhere on the Internet. (This behavior is part of a standard called Path MTU Discovery detailed over nine years ago in RFC 1191.) The problem is that the small data packets could be forged to look like they came from a third computer elsewhere on the Internet; in that case, Open Transport would send its 1,500-byte response to that third computer. According to Copeland, the forged packet might be as short as 29 bytes, so Open Transport effectively enables a malicious third party to send 1,500 bytes to a remote computer by transmitting a mere 29 bytes - a traffic amplification of over 5000 percent.

<http://www.csc.gatech.edu/~copeland/macattack/ index.htm>
<http://www.faqs.org/rfcs/rfc1191.html>

These data packets aren't enormous, but they can be generated quickly and the behavior could be exploited in several Macs to launch a distributed denial-of-service attack. In theory, a targeted computer's Internet connection could be flooded with thousands of 1,500-byte packets per second, and the computer would probably be brought to its knees trying to process all the inbound data. Distributed denial-of-service attacks are a relatively new phenomenon - see CERT Advisory CA-99-17 - and so far no tools are known to take advantage of Open Transport's potential vulnerability. In any case, only Macs running Mac OS 9 (or the models above running Mac OS 8.6) that are continuously connected to the Internet would be in any danger of exploitation.

<http://www.cert.org/advisories/CA-99-17-denial- of-service-tools.html>

Although many folks are using Apple's OT Tuner 1.0 without trouble, there are persistent reports of the patch causing problems for users with AirPort networks as well as some cable modem and DSL connections. Some users also report difficulty switching TCP/IP configurations with the patch installed. It's probably safest to err on the side of caution and give Apple's OT Tuner a try, but disable it using the Extensions Manager if you find it causes problems with your connectivity.

 

Updated! PDFpen for iPad 1.7: Designed for iOS 7, faster, and
better-looking. Edit your PDFs anywhere. Sign contracts, make
changes, fill forms, and more. All while you’re on the move.
Syncs via iCloud and Dropbox. <http://smle.us/tbpdfpen-ipad>