Big news story: Apple Mac have had a skirmish with some malware.

The doom and gloom people (Translation: The people who sell anti-virus software) have been predicting that the Mac platform will drown under a tsunami of malware any day now, and this is just start.

Well they have been saying that for ten years and I am still waiting.
Truth is that a Mac malware is so rare that it makes headline news.
A Windows attack is so common no one notices.

There has been one attack per year since OS X was launched, so that about 12 items.
Windows runs at 12 Million and counting.

Draw your own conclusions.

Meanwhile Apple have patched the problem so it’s business as usual.

So I installed the update. It really hacks me off that several of the sites I maintain will not do automatic updates. The manual process is tedious on a slow connection.

But we are all up to date. All NINE sites!

NINE – WTF! How did I get to be webmaster of nine sites.

The interesting feature is that she got infected while searching for a recipe for couscous. Pretty innocuous search. So it just goes to show you can get caught looking for the most innocent stuff.

What I find annoying is that she has McAfee installed, all up to date and protecting her from malware. NOT.

This particular infection wrote three entries into the registry, subverted downloads to 127.0.0.1, changed the home page on IE and made IE the default browser. It also stopped McAfee from running and blocked my attempts to install Spy Bot.

I thought Windows Seven was good at stopping this type on nonsense? It asks permission to do almost anything on the PC, boxes pop up if you try to install new software – “are you sure you want to do this?” But somehow all this protection was completely bypassed.

I am very disappointed Microsoft, and livid at McAfee.

You know the answer to the problem by now I am sure.

I took a screen grab of the hit counter earlier today, and I’ll check it out again in a day or so.

It could just be that instead of talking to myself on here I might get some actual followers.

WooHoo!

(Don’t get caught!)

Late 2006 Model Apple iMac
24 inch screen
230 gig HD
4 gig Crucial DDR 2 667Mhz RAM
Tiger OS X 10.4

In the box with all the bits. Mouse, keyboard and remote control. Restore discs for OS X and iLife.

We are open to offers or it will be on eBay this weekend.

The auction was just about to close, five minutes to go or thereabouts. I received an email stating that the item had sold. Here is the email:

Hello seller,

I will like to inform you that am the winner of your item on eBay and will want you to please get back to me with your email address so as for me to be able to make payment via PayPal.

Thanks

Dora.

-dora.smith3232.32

The scam is that the seller thinks it’s sold, sends the ‘buyer’ the PayPal info. The then seller gets a spoof email from PayPal that looks like the item is paid for.

The sting comes with the seller sending off the item thinking it’s paid for when it’s not. The double sting is the possibility of following a spoof link to PayPal and revealing the users password.

It could be very easy to get caught on this if the seller did not check directly on eBay but took the spoof email as proof of the sale. As I was logged into both PayPal and eBay as the auction closed I spotted immediately that I was being scammed.

This is interesting as I was discussing passwords with some friends only a few days ago. I was amazed that one person uses ‘vvvvvvv’ as his office password; that IT department needs to check their procedures!

Password strength has always been an issue. If you have ever worked in an environment where the office system forces a password change at regular intervals and does not let you reuse previous passwords, or indeed some of the characters from previous passwords, you will know what I am talking about.

BUT, if the user falls for a phishing scam, that user can have a 64 character UPPER and lower case, numerical and symbol password but it may as well be ‘fred12345′ (Look at your keyboard for the significance of FRED) or even ‘password’ because the user is giving away the password to the bad guys.

If you get an email and it looks like it’s from your ISP, email supplier, Paypal, bank, credit card or ANYTHING secure DO NOT click on the link. Go to a saved bookmark or type the address in manually.

I checked the emails my own bank and credit card company send out and they don’t have links in them. They just ask me to login to my account.

Strong passwords are good, but education of the user is even better.

I took my trusty Apple MacBook Pro and used my 3G MiFi device that I acquired from the Three network recently. I had never used it in anger before as the ’3′ network is poor in Bricket Wood.

It works really well. No need for drivers, no need for wires. It connects wirelessly to the notebook. Connection speed was good, I streamed video from the net, chatted on Twitter and surfed all at the same time.

With this device wireless broadband has come of age. The MiFi put’s a ‘bubble’ of your own personal wireless internet around you, use a laptop, iPod or iPhone or indeed all three at the same time to connect to the web.

It makes an iPod Touch running Skype very close to an iPhone but without the costly monthly subscription.

So far the wireless USB dongles have been less that inspiring, but this raises the game. True wireless for ANY WiFi enabled device.

As if that was not enough those veterans of all things Mac and geeky Dave Hamilton and John F Braun over at the ‘Mac Observers Mac Geek Gab‘ used an audio clip of mine in the show broadcast on 14 September 2009 – show number 218.

These things usually come in threes, (in a strictly secular way of course) so I am waiting the next item on the list…

There are a number of ways he could have proved he had the numbers correct.

Do the show in front of a live audience.
Get an independent adjudicator.
Buy a ticket!

But he did none of these things. Clever trick, but it was just that, a trick. It has got him a lot of publicity which I am sure will help his show business career.

I have yet to see an illusion or magic trick which leaves me totally baffled, I can usually work out how they are done. I suspect Darren used a camera trick to hide the balls being put in place by an accomplice, hence the lack of live audience or adjudicator. But it takes courage to do it live, it all had to work exactly or Darren would have looked a fool.

5/10 for the illusion.
10/10 for courage.
10/10 for generating publicity.
0/10 for bullshit explanation.

“NEXT…. ”