Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Springy Dock Tricks

If you drag a file and hover over Dock icons, various useful things happen which are similar to Finder springing. If it's a window, the window un-minimizes from the Dock. If it's a stack, the corresponding folder in the Finder opens. If it's the Finder, it brings the Finder to the foreground and opens a window if one doesn't exist already. But the coolest (and most hidden) springing trick is if you hover over an application and press the Space bar, the application comes to the foreground. This is great for things like grabbing a file from somewhere to drop into a Mail composition window that's otherwise hidden. Grab the file you want, hover over the Mail icon, press the Space bar, and Mail comes to the front for you to drop the file into the compose window. Be sure that Spring-Loaded Folders and Windows is enabled in the Finder Preferences window.

Visit plucky tree

Submitted by
cricket

 
 

AirPort Updates Stop Wi-Fi Exploit

Send Article to a Friend

Apple last week released a pair of updates, Security Update 2006-005 and AirPort Update 2006-001, which resolve a trio of related potential exploits in which a local attacker could inject a maliciously crafted frame into a wireless network. In theory, such an attack could cause system crashes, execute arbitrary code, or elevate privileges, though Apple took pains to note that there are no known instances of these exploits. Although you can download the individual updates from the Apple Downloads page (only one is necessary), you must pick the correct one for your machine.

Since AirPort Update 2006-001 covers only two specific builds of Mac OS X 10.4.7 - whereas Security Update 2006-005 handles Mac OS X 10.3.9 and other specific builds of Mac OS X 10.4.7 (with different downloads for 10.3.9 and for PowerPC- and Intel-based Macs running 10.4.7) - we encourage you to let Software Update download the correct version for your system. If you're running Mac OS X 10.3.9 and Software Update doesn't show Security Update 2006-005, you must first install AirPort 4.2 and AirPort Extreme Driver Update 2005-001 (I suspect Software Update will provide them as well).

Although Apple's release notes are terse as usual, these updates undoubtedly come in response to the Wi-Fi exploit demonstrated by David Maynor and Jon Ellch at the Black Hat 2006 conference. Apple did not credit Maynor nor Ellch for these fixes, however, which is an implicit statement that Apple refuses to acknowledge that the two researchers contributed to uncovering the flaws. An Apple spokesperson denied that SecureWorks, the firm for which Maynor works, provided information that led to these patches. Rather, the spokesperson told several media outlets and TidBITS that news of the SecureWorks demonstration prompted Apple to conduct an in-depth code audit that led to identifying these vulnerabilities. (See "Wireless Driver Hack Could Target Macs and Windows," 07-Aug-06 and "Apple Issues Careful Wi-Fi Exploit Denial," 28-Aug-06.) SecureWorks has not responded to any media outlet with additional clarification at press time; the company is also in the middle of a merger, which could be why they're not commenting. What's most important is that Mac users who apply the patches are no longer vulnerable to these particular exploits.

 

Fujitsu ScanSnap Scanners — Save your business time and money
with our easy-to-use small ScanSnap Scanner line. Eliminate
paper piles by scanning documents, business cards, and receipts.
Visit us at: <http://www.ez.com/sstb>