Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Open a Finder Window with the App Switcher

If you don't have any Finder windows open and want to switch to the Finder and open a window in one fell swoop, bring up the app switcher with Command-Tab and tab over to the Finder icon. While still holding down Command, press the Option key, and then release the Command key. You're switched to the Finder, with a new default window open for you.

Submitted by
trailgirl

 
 

OT Tuner 1.0 Combats Possible Net Abuse of Macs

Send Article to a Friend

Apple Computer has released OT Tuner 1.0, a tiny patch which disables an option in Open Transport that could enable Macs connected to the Internet to be used as traffic amplifiers (see below) in a distributed denial-of-service attack. The update is for any computer running Mac OS 9, or Power Mac G4s, iBooks, or current slot-loading iMacs (like the iMac DV) running Mac OS 8.6. OT Tuner 1.0 is a 175K download, although the patch itself is less than 2K.

<http://asu.info.apple.com/swupdates.nsf/artnum/ n11559>

[05-Jan-00: Apple has withdrawn OT Tuner 1.0 in favor of Open Transport 2.6 which purports to offer the same abuse prevention without the problems some users experienced with OT Tuner 1.0. -Geoff]

<http://asu.info.apple.com/swupdates.nsf/artnum/ n11560>

OT Tuner 1.0 is a direct response to a behavior in Open Transport publicized by John Copeland at the Georgia Institute of Technology. The basic premise is that Open Transport will sometimes send a 1,500-byte response to certain small data packets sent from a remote machine elsewhere on the Internet. (This behavior is part of a standard called Path MTU Discovery detailed over nine years ago in RFC 1191.) The problem is that the small data packets could be forged to look like they came from a third computer elsewhere on the Internet; in that case, Open Transport would send its 1,500-byte response to that third computer. According to Copeland, the forged packet might be as short as 29 bytes, so Open Transport effectively enables a malicious third party to send 1,500 bytes to a remote computer by transmitting a mere 29 bytes - a traffic amplification of over 5000 percent.

<http://www.csc.gatech.edu/~copeland/macattack/ index.htm>
<http://www.faqs.org/rfcs/rfc1191.html>

These data packets aren't enormous, but they can be generated quickly and the behavior could be exploited in several Macs to launch a distributed denial-of-service attack. In theory, a targeted computer's Internet connection could be flooded with thousands of 1,500-byte packets per second, and the computer would probably be brought to its knees trying to process all the inbound data. Distributed denial-of-service attacks are a relatively new phenomenon - see CERT Advisory CA-99-17 - and so far no tools are known to take advantage of Open Transport's potential vulnerability. In any case, only Macs running Mac OS 9 (or the models above running Mac OS 8.6) that are continuously connected to the Internet would be in any danger of exploitation.

<http://www.cert.org/advisories/CA-99-17-denial- of-service-tools.html>

Although many folks are using Apple's OT Tuner 1.0 without trouble, there are persistent reports of the patch causing problems for users with AirPort networks as well as some cable modem and DSL connections. Some users also report difficulty switching TCP/IP configurations with the patch installed. It's probably safest to err on the side of caution and give Apple's OT Tuner a try, but disable it using the Extensions Manager if you find it causes problems with your connectivity.

 

An extra display for just ten bucks!
Air Display 2 lets you use your iPad, iPhone, or nearby Mac as
extra screen real estate for your main computer. Now smarter,
better, and 50 percent faster. <http://avatron.com/tidbits>