Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Mac OS X Services in Snow Leopard

Mac OS X Services let one application supply its powers to another; for example, a Grab service helps TextEdit paste a screenshot into a document. Most users either don't know that Services exist, because they're in an obscure hierarchical menu (ApplicationName > Services), or they mostly don't use them because there are so many of them.

Snow Leopard makes it easier for the uninitiated to utilize this feature; only services appropriate to the current context appear. And in addition to the hierarchical menu, services are discoverable as custom contextual menu items - Control-click in a TextEdit document to access the Grab service, for instance.

In addition, the revamped Keyboard preference pane lets you manage services for the first time ever. You can enable and disable them, and even change their keyboard shortcuts.

Submitted by
Doug McLean

 

 

Related Articles

 

 

Security Update 2006-001 Validates Downloads

Send Article to a Friend

Responding with reasonable alacrity to the recent Leap-A and shell script exploits, Apple released Security Update 2006-001 last week, fixing a slew of problems. Most notably, an update to Safari and LaunchServices performs additional download validation when the "Open 'safe' files after downloading" option is on to warn the user (in Mac OS X 10.4.5) or to avoid opening the download entirely (in 10.3.9). A similar update to Mail makes sure Download Validation can better detect unsafe or unknown file types in attachments. Also, an update to iChat in Mac OS X 10.4.5 now uses Download Validation to warn users of unknown or unsafe file types during file transfers.

<http://docs.info.apple.com/article.html? artnum=303382>

In general, increased warnings are a good thing unless they become so commonplace that users automatically agree to actions without considering the specifics. Plus, despite these changes, Apple still encourages all users to be careful about handling email attachments and opening downloaded files; see Apple's safety tips if you're not sure how to evaluate a given attachment or file. Even still, we'd like to see Apple going further to prevent the kind of deceptions that allow a malicious application to masquerade as a harmless document. Matt Neuburg's suggestion last week (see "Of Files, Forks, and FUD" in TidBITS-818) of badging all executables in some obvious way would be a step in the right direction, although deception (such as a malicious application mimicking a well-known legitimate one) remains possible.

<http://docs.info.apple.com/article.html? artnum=108009>
<http://db.tidbits.com/article/08437>

Also important in Security Update 2006-001 is an update to apache_mod_php that includes PHP 4.4.1, a security update to the PHP scripting language. Holes in PHP - specifically in Web forms that are being exploited by spammers - are the largest security issue in the Web server world right now, and PHP 4.4.1 does not fix all of these problems. PHP is disabled by default in Mac OS X, so only people who have explicitly turned it on need worry about these concerns; see the link below for more information.

<http://www.forest.net/support/archives/2005/12/ 000668.php#000668>

Other updated components of Mac OS X include automount, BOM (Mac OS X's archive unpacking code), Directory Services, FileVault, IPsec, LibSystem, perl, rsync, Safari (in more ways than just increased download validation), and Syndication (Safari RSS). While some of Apple's security updates feel like fixes to issues that few people would ever encounter, a number of the problems addressed by Security Update 2006-001 are quite concerning, and we encourage everyone to install it right away. Security Update 2006-001 comes in versions for Mac OS X 10.4.5 for PowerPC (12.5 MB download) and Intel (22.5 MB), and Mac OS X 10.3.9 Client (25.3 MB) and Server (38.6 MB); all sizes are for the stand-alone version and may be somewhat different for Software Update, which provides the right version for your Mac.

<http://www.apple.com/support/downloads/ securityupdate2006001macosx1045ppc.html>
<http://www.apple.com/support/downloads/ securityupdate2006001macosx1045clientintel.html>
<http://www.apple.com/support/downloads/ securityupdate20060011039client.html>
<http://www.apple.com/support/downloads/ securityupdate20060011039server.html>

 

Fujitsu ScanSnap Scanners — Save your business time and money
with our easy-to-use small ScanSnap Scanner line. Eliminate
paper piles by scanning documents, business cards, and receipts.
Visit us at: <http://www.ez.com/sstb>