Apple makes late entry into whack-a-mole game

Posted on by

From Good Morning Silicon Valley.

After weeks of dodging the issue of a recent widespread malware outbreak, Apple has changed course and is addressing affected customers’ concerns.

On Tuesday, Apple finally posted instructions on its support site on how to avoid or remove the malicious program, and said an Mac OS X update in the coming days will remove it or block it from installing in the first place.

The MacDefender malware, one of the few to actually target Mac operating systems, is a phishing program that fools users into thinking they are downloading anti-virus protection when it’s actually going after credit-card information. ZDNet estimates between 60,000 and 125,000 Mac users have been affected in the past month, and in an eyebrow-raising report quoted an Apple tech support insider who said they were expressly forbidden from helping callers remove the malicious program. That supported leaked internal documents that Gizmodo published last week which, among other things, told customer service reps: “AppleCare does not provide support for removal of the malware. You should not confirm or deny whether the customer’s Mac is infected or not.”

While support from Apple is a welcome development, the company’s initial reaction is disturbing from a customer-service standpoint. Just as disturbing to many Mac users is the realization that their OS’s, so long considered safe from most Internet viruses, are not immune after all.

This is beginning to look like a pattern. Remember the clueless way Apple handled the problem with the iPhone 4 antenna and then the controversy about the ‘bug’ which enabled iPhones to accumulate and store unencrypted location data on the devices? The problem Apple has is that its reputation for effortless design superiority now leads to corporate paralysis whenever events threaten to undermine the image.

And of course there is the problem that as the Mac becomes more and more successful, the juicier a target it presents for malware.

UPDATE: The Apple advisory note is already out of date.

Ed Bott says “File that memo under, ‘Too little, too late.'”

Within 12 hours of Apple’s announcement, the author of the original Mac Defender program had a new variant available that renders key portions of the current Mac Defender prevention plan obsolete.

A security researcher for Intego, the Mac-centric security company that identified the original Mac Defender, found the first example of this new code via a poisoned Google search very early this morning.

Several factors make this specimen different. For starters, it has a new name: MacGuard. That’s not surprising, given that the original program already had at least three names. But this one is divided into two separate parts.

The first part is a downloader. In the original version, this asked the user to enter his or her administrator password. The new version works on the assumption (generally correct) that most Macs are single-user machines –which means that the user has the requisite privileges and so the malware bypasses the admin-password dialogue. The software then installs an application named avRunner, which launches automatically and installs the second part, which is similar to the original Mac Defender. The installer then deletes itself from the user’s Mac, so no traces of the original installer are left behind.

So Apple is now embarked on the same game of whack-a-mole that Microsoft has had to play for years. The evidence so far suggests that Steve Jobs & Co aren’t experienced players. Maybe they need help from Redmond, where they know more about this than anybody else.

Lies, damn lies and laptop dimensions

Posted on by

I spotted Dell’s claim on a piece of junk mail that came through our letterbox the other day but thought that life is too short to go checking ads. Fortunately, the eagle-eyed chaps at the Guardian checked out the small print.

Noted in passing: advert for the Dell XPS-15, containing the phrase

“Finally, the power you crave in the thinnest 15″ PC on the planet*.”

Wow, the thinnest? But wait, what’s the asterisk?

Small print time: “Based on Dell internal analysis as at February 2011. Based on a thickness comparison (front and rear measurements) of other 15″ laptop PCs manufactured by HP, Acer, Toshiba, Asus, Lenovo, Samsung, Sony, MSI. No comparison made with Apple or other manufacturers not listed.”

From Engadget’s review of the XPS-15: “it’s actually a few hairs thicker than a 15-inch MacBook Pro, wider, and at 5.54 pounds, it weighs practically the same.”

So that would make the XPS-15 the world’s thinnest… apart from any thinner 15-inch laptops it wasn’t compared against. This seems an interesting way to proceed with future advertising: the most powerful in the world* (apart from others that are more powerful). And so on.

Well spotted, guys.

Expensive revelations

Posted on by

If you’re a Leica user, this is a distressing picture. Why? Because the Tri-Elmar retails in the UK for an eye-watering £3198.

I came on it via a tweet by @jwcgraves pointing to Cory Doctorow’s post on BoingBoing, in which he observed:

Hefting and peering through a high-end camera lens, you get a sense of the craft, the precision engineering, and the thoughtful design that went into it. But look at it in cross-section, as with this photo a neatly bisected Leica Tri-Elmar-M 28-35-50mm lens and the hellish, gorgeous complexity is revealed in a visceral way: “These were actually made by Leica students as a graduation project and boxed as a ‘cutaway model’ of the lens.”

The costs of futility: a footballer’s guide to Twitter

Posted on by

My Observer colleague Peter Preston had terrific piece about the lawyers-vs-Twitter controversy in yesterday’s paper in which he highlighted an aspect of all this that has not received the attention it deserves. This is the fact that the motive force behind the growth in privacy injunctions is not just the intrusiveness of the British tabloid media, but the enterprising greed of London’s leading law firms. As he puts it,

The other defining change of the last 12 years has gradually seen the essential big earner for England’s small but richly endowed libel bar sliding away. English libel law, offering heavy damages, huge fees and real advantages to a prospective litigant, has slowly become another victim of the digital revolution. Our courts have traditionally welcomed cases from all over the globe, however vestigial publication to a UK audience may have been. In that sense, the internet seemed to offer still plumper pickings. But American administrations, first at a state then a national level, became disgusted by the justice they saw meted out to their citizens by the Strand. They have decided that no English ruling that infringes the right to free speech can be enforced across the Atlantic. Our own politicians, spurred into action, are seeking to reform the gross imbalances of English libel.

And this decline in libel rewards is fundamentally connected to the rise in privacy speculation since 1998. Max Mosley could have chosen libel, but opted for privacy. Lawyers, naturally, have moved into this fresh, potentially lush area of litigation. Sweeping injunctions – nobody has quite counted them yet – have become the weapon of first resort. Sometimes (as with Trafigura’s attempt to gag the Guardian) the case has been too outrageous to endure. More typically, though, the queue of celebrities at the court door has succeeded in buying expensive secrecy for marital misdeeds – even if some, such as Andrew Marr, eventually repented of going to court.

(Emphasis added).

What’s going on, I suspect, is that law firms are encouraging clients to splash out on what they (the lawyers, that is) must know is futile expenditure. In the case of footballers earning anything up to £200k a week, the fees probably look like small beer, so there’s clearly room for business expansion here — for lawyers.

In the interests of helping innocent footballers I’ve built a simple DIY calculator which will enable the average footballer to work out how much it will cost him to fail to get a US court to force Twitter to reveal the identify of Twitterers. It assumes that a US law firm will also be needed to do the business on the American side. On the assumptions I started with, it looks like the minimum cost would be about two days’ wages.

Copyright, copywrongs and Professor Hargreaves

Posted on by

Today’s Observer column.

Watching British politicians engage with technology companies is a bit like listening to maiden aunts wondering if they would look better in thongs. Tony Blair and Gordon Brown, to name just two such aunts, fantasised that Microsoft was cool, and spent years trying to associate themselves (and New Labour) with Bill Gates – even going to the lengths of making the Microsoft boss an honorary knight. Then we had the equally ludicrous spectacle of Cameron and co believing that Google is cool, which is why its CEO, Eric Schmidt – who for these purposes is the Google Guys’ representative on Earth – was an honoured guest at Cameron’s first party conference as leader. Given that, it’s only a matter of time before Ed Miliband discovers that Facebook is the new cool. And so it will go on.

Cameron’s worship of Google did, however, have one tangible result. Mortified by the Google Guys' assertion that the UK’s intellectual property regime would have made it impossible to launch their company in the UK, he decided to commission an inquiry into said regime under the chairmanship of Professor Ian Hargreaves.

iPad cuisine

Posted on by

The problem, for those who read recipes on their iPads, is how to keep the precious device safe from the various fluids and other hazards likely to be found in kitchens. The solution (apparently) comes from Chef Sleeve. The triangular box in which the disposable bags come doubles as a stand.

Just thought you’d like to know.