Defence in Depth is an information security blog which aims to consolidate security news, resources, tutorials, research and information.

Patrick Dunstan
BCompInfSc, GPEN, GAWN

Brian Krebs is reporting on yet another social engineering trick to compromise OS X machines. The antivirus cottage industry players are out en masse again. Brian says you still don't need their products.

You're right - all of you. It doesn't work! So don't use it.

What's happened here we don't k

JA/WL

(Julian Assange/WikiLeaks.)

You need a few tools open to begin hacking away.

It's still possible. On a Mac. You can still enjoy discovery.

How good are the app uninstallers?
It's the app that Apple forgot, goes the tagline: the uninstaller. They pop up like mushrooms and there's always a new one waiting around the corner. How effective are they?

How good are the app uninstallers?

Part nine. Apple's Achilles heel.

Mari Boine Idjagiedas Music can touch on strings you might not know you had. It can provide meaning, but it can also create moments which cant be defined. Moments which go to your core, that touch some sort of primal instinct, and that put you in a trancelike condition.

This is a browser for the reference document of Cocoa API. You need to install Apple's developer tools.

An heuristic approach. Revised and augmented from the original by Auntie Sydney and Uncle Rick.

Never run unknown and untrusted software, goes the Apple mantra. Yet that seems to be an impossible proposition. For how can you ever get to know and trust something if you never run it?

Uninstalling applications in Mac OS X is very different than uninstalling in a Microsoft Windows environment because Mac OS X has nothing like the Windows Registry. While most Windows programs include an uninstaller that can be run through using the Add/Remove Programs control panel, no such feature exists in Mac OS X and so most users simply move application bundles (see below) to the Trash. However, often times there is more to uninstalling than a simple drag-and-drop to the trash. This article will guide you on how to fully uninstall applications.

This is an attempt to create a 'do it yourself' course in Unix and CLIX. The course will use CLIX rather than the command line (Terminal.app).

jobs demo - I finally got to watch the NeXTSTEP 3 Release Demo the other night. People have been pointing me to the link for ages. I couldn't get this equipment to work and so had to forego it. I told everyone 'been there done that' as NeXT Software about the same time had given me the complete kit with NS for 486, NeXTSTEP the Movie, the Garfinkel book, the works. We'd all seen what this blazing platform could do, so no one expected much new from the clip.

BEIJING (Rixstep) — A young man died after falling from the seventh floor of a Foxconn worker's dormitory in southern China, making this the iPhone manufacturer's ninth case of fatality or injury since January 2010.

The Taiwan-owned company otherwise can boast a total of eight suicide attempts, six of which have been 'successful' (fatal).

There's no app for that.

A vulnerability reported by Chris Evans of Google to Apple last year has been fixed in the final release of Safari 4. The vulnerability was in Apple's WebKit. A second vulnerability was reported right before the final release and Apple managed to roll out a fix in time.

CVE is a list of information security vulnerabilities and exposures that aims to provide common names for publicly known problems. The goal of CVE is to make it easier to share data across separate vulnerability capabilities (tools, repositories, and services) with this "common enumeration."

'Never run unknown and untrusted software', goes the Apple mantra and as defensible as it seems it's not particularly logical. Not superficially. Bad software can at any time wreak havoc on a computer; if you've never run a program before there's very little you can do to prevent mishaps and deliberate destruction.

The graphics in this one are alone worth the price of admission (chump change). But don't kid yourself for a moment that AppZapper is going to do anything more than a peremptory search for possibly related files. It's not tracking things and so it's not going to find them either.

The Internet should be a quiet place. It really should. There should be a lot of activity - hopefully - but people shouldn't be constantly distracted by talk of dangers and exploits and rifled accounts and so forth. People should have the opportunity to relax and see for themselves what opportunities are out there.

Up to now they've never had it. Not once. Not a single day.

The Good - The Bad - The Very Ugly - Untried, Untested

Twitterrific comes in first place, Tweetie a close second, the open source Canary a somewhat distant third, and market leader TweetDeck has difficulties crossing the finish line.

So which to choose? They're all good in their own ways. Try them all. Just keep track of what ends up where. At the end of the day you'll still be using the web interface anyway.

And it targets Apple's OS X. Time for a heads-up.
multi platform binary trojan, multi nefarious IPs in different countries
informative rixstep deconstruction