Skip to content
Thoughtful, detailed coverage of everything Apple for 29 years
and the TidBITS Content Network for Apple professionals

Category: Security

Glenn Fleishman No comments

Sidejack Attack Jimmies Open Gmail, Other Services

"Sidejacking" has entered the lexicon of network attacks. This newly defined term refers to a method of hijacking an in-progress Web session with a remote service - like Gmail - by intercepting and re-using the credentials that identify you to that server. Protecting against sidejacking may take a rethink on the part of Web site operators, users, and browser makers.

Joe Kissell No comments

Safe Sleep Revisited

Joe Kissell returns to the topic of Safe Sleep with a better script for managing it, corrections to his previous article, and reasons why you might still want to leave Safe Sleep enabled.

Glenn Fleishman No comments

German Laws Kill KisMAC,Threaten Privacy

The Mac OS X Wi-Fi sniffing software KisMAC has reached the end of its lifespan due to a change in German law, where its developers live, that criminalizes software such as it.

Chris Pepper No comments

Securing Communications with SSL/TLS: A High-Level Overview

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are systems for providing security to Internet communications, particularly Web browsing

Adam Engst No comments

A Pair of Updates Fix Safari 2 and 3

Late last week, Apple released Security Update 2007-006 to address bugs in the WebCore and WebKit code upon which Safari and many other Web-savvy Macintosh applications rely

Glenn Fleishman No comments

Apple Updates Windows Safari Beta with Security Fixes

Within three days of Apple's release of the Safari Web browser for Windows XP and Vista in beta testing versions, several significant security flaws were discovered, some of which were reported to Apple

Joe Kissell No comments

1Passwd Eases Password Pain

When I was writing "Take Control of Passwords in Mac OS X," I thought long and hard about what sorts of strategies I could recommend for creating strong yet memorable passwords

Adam Engst No comments

Two Small Security Updates

Apple last week released two security updates, version 1.1 of Security Update 2007-005 (see "Security Update 2007-005 Released," 2007-05-28) and Security Update (QuickTime 7.1.6)

Jeff Carlson No comments

Security Update 2007-005 Released

Apple has released its fifth Mac OS X security update of 2007 to patch a number of potential vulnerabilities. Security Update 2007-005 makes changes to CoreGraphics, iChat, VPN, BIND, crontabs, PPP, and other components, in most cases correcting problems that require either local user access or access to the Mac via a local network

Adam Engst No comments

Steve Jobs Talks Green

Steve Jobs has done it again, posting an open letter on the Apple Web site. The previous "Thoughts on Music" letter generated much discussion and coverage of Apple (see "Steve Jobs Blasts DRM," 2007-02-12), and foreshadowed the Apple/EMI deal to drop DRM that followed shortly afterwards (which we covered in "Apple and EMI Offer DRM-Free Music via iTunes," 2007-04-02)

Jeff Carlson No comments

QuickTime, AirPort, Security Updates Released

Responding to a security flaw discovered two weeks ago (see "Money Meets Mouth on Mac Exploits," 2007-04-23), Apple has released QuickTime 7.1.6 for Mac (43.6 MB) and Windows (19.1 MB), available as stand-alone downloads or via Software Update

Adam Engst No comments

DealBITS Winners: Open Door Networks’ DoorStop X Security Suite

Congratulations to Michael Weyman of sympatico.ca and Stuart Munro of assumption.edu, whose entries were chosen randomly in last week's DealBITS drawing and who received a copy of Open Door Networks' DoorStop X Security Suite, worth $79

Jeff Carlson No comments

Battery Update 1.2 Issued for MacBook and MacBook Pro

Apple has released Battery Update 1.2 for MacBook and MacBook Pro models, and batteries for them, sold between February 2006 and April 2007. The update fixes some unspecified performance issues

Glenn Fleishman No comments

Money Meets Mouth on Mac Exploits

Two hackers were able to meet a challenge at CanSecWest by gaining access to one of two fully patched MacBook Pros (one 15-inch, one 17-inch). The computers were updated with the latest security release from Apple (Security Update 2007-004, released 2007-04-19)

Adam Engst No comments

Security Update 2007-004 Released

Apple has released Security Update 2007-004, which fixes a wide variety of obscure security holes and includes new versions of several open source components of Mac OS X, including fetchmail and ftpd