Flashback Trojan targets Macs

Ars Technica is reporting on a new piece of Macintosh malware spreading on the Internet. The Flashback trojan has actually been seen over the past few months, but apparently it’s managed to infect a sizable number of systems.

Apple recently released a patch for Java that fixes the vulnerability, but you should also check if your Mac was infected before the update was applied. F-secure has complete instructions for manually checking your mac, but I’ve included abridged instructions below.

From Terminal.app run:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

You want to see an error stating that:

The domain/default pair of (...) does not exist

If both of the above commands give the same sort of error, your system should be clean.

MacFusion

FTP has been a large part of the on-going server migration.  While I used to use Fetch on the mac, for the last 5 years I’ve just been using scp when I needed to transfer files.

Unfortunately, the new hosting company doesn’t support ssh, so I’ve been forced to get back into the FTP business.  This time around I’m using the FUSE/MacFusion combination to handle FTP (and SFTP) access.  The client seems pretty slow, but the Finder integration is very welcome. Since MacFusion actually mounts the volumes in the OS, I can use a wider variety of tools with the FTP server, like rsync.

There are other products around that do the same thing – for instance, Expandrive.  But unlike MacFusion it’s not free, and my testing didn’t show a significant performance difference between the two products.

If I really need a faster client, I’d just use Transmit.  Maybe I will use my copious free time to benchmark the three programs.

Web Browsing and Privacy

So as a follow-up to my change in attitude towards Google, I’m taking a greater interest my privacy in general. There’s a news on the Net these days of growing support for “Do Not Track” headers. I use Safari by default, and I was pleased to see that the latest versions have implemented it.

To turn it on, you need to have the “Develop” menu active in Safari (Safari → Preferences → Advanced → Show Develop menu in menu bar). The you merely need to select: Develop → Send Do Not Track HTTP Header.

I also took the time to add a couple of extensions to Safari while I was at it. Ghostery (Safari → Safari Extensions → Security) can detect and block the breadcrumbs websites use to track your usage. Finally, Incognito blocks Google, Twitter and Facebook tracking.

Sierra, again.

OK, there are other things I meant to post, but I ran across the latest update on the Sierra language Kickstarter, and I really need to comment. First the update:

Update #1: Sierra to Objective C
Posted 5 days ago
I have decided that the project will first translate into Objective C
rather than having Sierra translating into C
so that software development for the iPhone and iPad can
be accelerated by 10X for each programmer and it will reduce bugs
by at least 50%.
So the funding for this project will focus on having Sierra translating
into Objective C.
Please everyone who currently codes in Objective C add your input
to the design of the Sierra language.
Blake

<rant>
Oh my fracking lord! I don’t even have words for this.

I think it’s basically programming 101 that any superset of C allows for the inclusion of C. Any C-preprocessor that generates C will perforce work with any superset of C. That’s the bit that anyone with a passing familiarity with C/C-front/C++/Obj-C/Turbo-C/Tiny-C/etc. would know.

But to compound the idiocy (and that’s what we have here), the idea that Obj-C programmers would be 10x faster because of SYNTAX improvement is absurd. The majority of ideas in Sierra don’t even really make sense in the context of Objective-C.

Additionally, Sierra doesn’t even begin to address any aspect of iOS programming. Objective-C might be the language, but all the heavy lifting (and therefore the bugs) stem from the iOS frameworks. Creating new/better frameworks might be a worthy goal, but is thisthe project, or the person to undertake that task? If someone came up with a DWIM-framwork, that might make us 10x faster, maybe. I’d be skeptical even then. Heck, most iOS/MacOS programmers would be more efficient if all the existing frameworks actually worked exactly as documented.

Finally, will someone tell this guy that declaring yourself associated with the iPhone/iPad does not automatically make your idea better? This needs to go away. Now.
</rant>

You can see my previous posts on Sierra: here and here.

Boxer & Pro Pinball: Big Race

I’ve been getting some older games working again courtesy of Boxer. Boxer allows modern Macs to run games from the DOS era with a minimum of fuss. I happen to have a few programs left over from that era since some mac games included the DOS versions, and some I just bought for my (infrequent) DOS systems.

Mostly, I’ve moved over some adventure games from Legend Entertainment and Infocom, and the Pro Pinball series from Cunning Development. Timeshock and the Web both worked flawlessly, but Pro Pinball: Big Race USA needed a little tweaking. Specifically, the DOSBOX configuration needed to have the abstract volume name set and the amount of memory had to be raised. Here’s what the DOSBox Preferences.conf file looks like:


[cpu]
core=dynamic

[dosbox]
memsize=31

[autoexec]
ABSTRACT Pro_Pinball_3

Updated my TeX install

TeX
Just updated my BasicTeX-2008 install to the 2011 edition. Pretty simple really.

I deleted the old installation using:

tlmgr uninstall

then downloaded the latest incarnation from http://www.tug.org/mactex/2011/morepackages.html, then installed it.

I had to update the path in my .tcshrc to point to the new bin directory, and voila! Latest and greatest TeX install.

I then went ahead and ran the post installation steps from my previous post.

Portable Programming Rig

I’ve been using a Macbook Air as my main computer for a couple of years now, and I’ve generally been happy with the setup. The only real shortcoming of the Air was attempting to program while on away from my home office (and the external monitor). There just isn’t enough screen real estate on a Macbook Air for source code editor, test applications, and documentation simultaneously. While using Spaces can ameliorate the problem, it’s not a solution that works well for me.

The real “aha!” moment came with the introduction of Air Display for the iPad. For the low cost of $10, my iPad becomes a second (or third) monitor for my Mac and PC. I had a chance to test out the viability of mobile programming while at DevHouseDC-1. I did a little iPhone programming using the combination of the Macbook Air and iPad. Most of the main action stayed on the Air, but Apple iOS docs and a iPhone test instance both ran wirelessly on the iPad as external monitor. The results were fantastic, since the iPad support portrait and landscape use (dynamically), it was the perfect screen for documentation pages. Weird side effect, Air Display supports touchscreen input on the iPad, so I was testing my app in the emulator using touch input. I didn’t even notice what I was doing at the time, until someone pointed it out. Pretty surreal moment realizing you’re running touchscreen emulation on a touchscreen.

The combination of my Macbook Air (2010), iPad, and Air Display gets me more resolution than a 15″ Macbook Pro (even with the high resolution screen), and reasonably close to the pixel count of a 17″ Macbook pro (2.08M pixels vs. 2.30M pixels). The additional benefits of choosing the orientation of the screen and touch input probably even make up for most of the difference there. The whole package even comes in lighter than a 15″ Macbook pro, and I have the flexibility to leave either part at home if I don’t plan on doing any coding. Overall, I can highly recommend this setup to anyone who wants to do Mac/iOS development on the road, and it’s worth considering for any mobile coder.