ExtraBITS for 7 May 2012
We have lots of extra bits for you to check out this week, starting with a warning for those who used FileVault in Snow Leopard and then upgraded to Lion, a heads-up about the FBI looking to increase wiretapping capabilities, news of an improvement to the iPad 2, a nicely presented business argument against DRM, a report about Oracle taking over Java updates for Mac OS X, and an amusing parody of Apple’s 1984 ad that Apple itself made for its sales force.
FileVault Passwords Potentially Logged in Plain Text — Although details are still appearing, Sophos is reporting that a particular combination of circumstances can result in FileVault passwords being exposed in plain-text log files. The combination is somewhat unlikely — the Mac had to be using FileVault 1 under Mac OS X 10.6 Snow Leopard, be upgraded to 10.7 Lion, and then updated to 10.7.3, all without switching to FileVault 2. Nevertheless, if this applies to you, change that password!
FBI Looking to Expand CALEA to Web Sites — Declan McCullagh at CNET is reporting that the FBI is looking to expand CALEA — the Communications Assistance for Law Enforcement Act — to apply to Web sites and services like iCloud, iChat, FaceTime, Twitter, Facebook, Skype, Gmail, and Hotmail. Passed in 1994, CALEA currently requires telecommunications companies to make their systems wiretap-friendly; CALEA was extended to broadband networks in 2004. Technology companies are generally unhappy about such expansions, and Apple is lobbying on the topic now. Mandated backdoors,
apart from being generally creepy even when used only with court orders, also pose serious security risks.
Quietly Revised iPad 2 Sports Better Battery Life — In April 2012, Apple started shipping a slight variant on the iPad 2 that remains for sale even as the third-generation iPad has become the mainstay of the line. This new version of the iPad 2 — labeled internally as “iPad 2,4” — uses a 32-nanometer version of Apple’s A5 chip that replaces the 45nm version in the previous iPad 2 model. The processing performance is the same, but AnandTech is reporting that the 32nm model has notably better battery life (and a lower manufacturing cost). Alas, there is no way to know if any
given iPad 2 uses the new chip without running an app that reports on the internals.
Analyzing the Business Case for DRM — In a chapter excerpted from a book on WordPress, Kirk Biglione offers a nice rundown of the costs of DRM, to readers, to publishers, to retailers, and to the world at large. It’s especially apropos, given that 4 May 2012 was the fourth annual “Day Against DRM.”
Oracle Takes Over Java Updates for Mac OS X — Ars Technica reports that Oracle, the company that manages the Java development environment, has taken over distribution of Java for Mac OS X 10.7 Lion (older versions are not supported). Since Apple has failed to update Java as quickly as Oracle has in the past, this should mean that Mac users will be protected from future Java vulnerabilities more quickly. Unfortunately, this 1.7.0_04 release of Java does not support the Java Plugin and Java Web Start applications, meaning that Java applets won’t be
available to Mac users who install Oracle’s code. Therefore, it’s probably best holding off on Oracle’s version of Java until those pieces are available, or until a new security vulnerability makes it unavoidable.
Apple Made 1984 Parody Ad for Sales Force — Apple made an in-house parody ad of its famous “1984” ad called “1944” that has to be seen to be believed. A long-ago Apple employee, Craig Elliott, provided the video to Network World’s Paul McNamara. Steve Jobs does an impression of FDR, among other bizarre moments. It was made to pump up Apple’s sales force, and may not have been seen since 1984.