OS X Mavericks Update and Security Fixes

I recently wrote about the major security whole in the latest version of OS X – read my last post. It appears Apple has released the fix finally. Although the ‘fix’ comes not in a simple ‘patch’ but in an entire Operating System upgrade!

After several months of testing, Apple has released OS X version 10.9.2. The MAJOR (and very dangerous) SSL bug isn't mentioned in the release notes that appear in Software Update, but the bug is mentioned on Apple's security page for the update. Seems Apple is being their usual shity selves when it comes to security - hide or lie about it, sort of hiding the fact that this is so important.

To be a 'little' fair, this update does add some features but over all is really a bug fix of many major issues with the new Operating System. In Windows terms it would be called a full Service Pack.

As with any large Operating System upgrade/update you should of course back up your system – Use Time Machine or any other method I’ve described in previous posts.

Run the Software Update to update your system to 10.9.2 and if any other software shows updates available, select them too. If you’d like you can grab the full Combo update here.

If you have Mountain Lion it too has an update available - run Software Update to get it.

Please make sure if you run an Apple desktop or laptop computer that you update as soon as possible.

Be safe, Peace.

Another Flashback Variant - 2nd in two days!

Hey Mac users who still haven't taken the hint and update your systems' security there's yet another version of the Flashback Trojan for you to enjoy.

It infects unprotected Macs in the same way Flashback.K did, through a Java applet exploit, and installs itself without the need of your password.
And, just as its predecessor, Flashback.K erases its footprints by deleting the Java cache and ensures its propagation by installing into the Java Update folder. You can read more here.

Apple released a Java patch in early April, as well as a Flashback removal tool, but clearly not all Mac users patched.

But many Mac users don't even qualify for the patch—it was only available to systems running OS X 10.6 (from 2009) and later. Mac users running OS X v.10.5 and earlier were advised to disable Java altogether. WTF!! However, it's quite possible that many users of these older systems just didn't get the memo and are still running insecure software.

Here is F-Secure’s site that has the checker and removal tool. Check that out too. And please update your systems folks.

Spring Data Backups and Recovery

So it’s spring. Time for some cleaning and maintenance for many around that house. It’s also a good time to check your backup plans and procedures for your digital data too. Or if you don’t have any make and apply some sort of plan.

You know those stupid commercials about not knowing when you will lose your data. Well THEIR TRUE. It is not a matter of ‘IF’ but when. There are many factors and events that can cause a loss of your important data: Things such as fire, flood, earthquake and other natural disasters. Power surges or outages. Theft of your primary system(s) failure of part or all of your system(s) and of course malicious software such as extortionware or virus’. Remember electronics like everything else WILL fail. And of course usually when you need it most or expect it least.

So please design and USE some sort of plan. I recommend a solution that utilizes technology to it fullest. And for that I recommend backing up you data locally to external/removable hard disk drive(s) (that can and should then be stored in a fire safe or safe deposit box!) along with a combination of some form of ‘cloud’ type of service. I’ll discuss both here.

Cloud Storage solutions such as Mozy, Carbonite etc. and other ‘Synchronization’ type of services such as; Dropbox, Box.net, iCloud, SkyDrive and many others offer a wonderful addition to ANY backup plan. And I use many of them and recommend them as an addition or supplemental solution. You can read my previous article here.

There are a number of things to consider with ‘Cloud’ services, things like:

Bandwidth and storage size - you will be backing your data up to the cloud, and it’s your Internet connection you’ll be using. You need to evaluate your internet connection (and ISP rules and limits regarding that bandwidth – some ISPs severely restrict the amount of data you can use per month!), and whether or not you need to increase your bandwidth speed and/or allotment.

Backup and Restore times – If you are backing up (or synchronizing) a lot of data, how long will it take for the backup and more importantly the ‘restore’ to occur? There are two methods for moving the data back and forth – one is to backup the ‘entire’ file(s) each and every time they are modified. The second is to just synchronize/backup the changed data (called delta or diffing).

Will the company be there when you need it?! -  Startups sometimes offer amazing prices for cloud storage but require a leap of faith on behalf of users that they'll still be around next year. It's possible that even established services could disappear overnight, but more likely the owners will tell you if the service is to terminate, and give you a chance to make other arrangements or retrieve data. Make sure to choose one with a LONG track of ‘being there’.

System Resource Usage – Some applications can cause your system to dramatically slow down while others are ‘lighter’ on systems resources and synchronize or back up when you are not using your system or at scheduled times. The best way to find out which works for you is try a few of them.

And of Course Security – This is not a small thing. You must make sure your account is protected by a very secure username and password AND that the service you use is very reputable. Also for backup services (vs just the synching type) do they offer ‘full file encryption’? How are your files AND passwords stored on that system – are they themselves encrypted? Are files encrypted before they are sent to the cloud storage provider and are they transmitted via a secure connection (https, sftp etc.)?

On a personal note I don’t put ANYTHING in the ‘Cloud’ that contains any truly sensitive information. I simply synchronize documents, photos and other files that I may not really want to have someone access but that I would still not be ‘harmed’ if they were somehow compromised and accessed. For these purposes – easy access to my documents and files from anywhere, and also collaboration with individuals or teams, the cloud reigns supreme; I can place working documents into many locations, access them from just about anywhere and even share them if I need to. I can also restore ‘lost’ or previous versions of documents and files fairly quickly and easily with these ‘cloud services’. Like I’ve mentioned many times previously, I am extremely careful about my personal security so I use cloud services as an ‘adjunct’ to my ‘real’ back/disaster plan.

I back up ALL my data using disk imaging. It is the only method that can reproduce, to an exact point in time, your existing system; Operating System, Applications AND files quickly and easily. Usually within less than a couple hours depending on the size of your image(s).

With disk imaging (or cloning) I have the ability to be up and running extremely fast. I can restore an entire system or individual files. No need to re-install an operating system and applications and then update them just to be able to access my files. External Hard Disk Drives (and spare internal ones too!) are still inexpensive and getting cheaper all the time!

I have written many times previously [read here and here and for Macs here ]about the prudence and wisdom of having backups of your digital data. And by backup I mean that your data exists in TWO places at once and is able to be accessed or recreated from either source quickly and easily. For this I believe the best solution is to use Disk Images for both Windows PC’s and Mac OS X systems.

Please read my other articles (linked above) and get and work a backup plan. For my Windows operating systems I use and recommend Acronis and for Apple OS X systems I recommend Carbon Copy Cloner. Both provide a superior solution to those built into either OS.

Peace, and good luck.

OK Mac guys here we go again!

There’s Another Mac Trojan Spreading Via Microsoft Office documents and email attachments. The Trojan apparently spreads through infected Office documents, and it's in "active stage", which means that it searches through documents on infected machines.

Please note that this is a very sophisticated and malicious attack that not only 'infects' your machine but also installs a 'bot' to control it, scan through your system, and take what ever it wants to! ALL WITHOUT YOUR INTERACTION AFTER THE FIRST INFECTION!

The attack vector utilizes several vulnerabilities. The Java whole that Apple finally just fixed last week. And a Microsoft vulnerability that MS patched 3 years ago. (but they may update that patch too).

Please folks keep your Operating System, Applications and security software up to date and don't be one of those poor naive bastards that thinks this cannot happen to you.
You can read more here and here

Mac Fanboys and Girls let the terror start

OK now the terror starts for you fanboys (and girls). My last article told you of this Mac Trojan. Now it's apparently infected at least 600,000 users so far (read here) and it's terrifying everyone! It's written in an unknown language, doesn't even need your password to compromise you!

It's written in an unknown language, and doesn't even need your password to compromise you, and.

For instructions on how to check for and remove you can AND SHOULD go here

NO system that is connected to a network is EVER safe. It can only be made more secure. Don’t ever think you Operating System is your security; it’s not – YOU ARE!

Be safe out there people!

[side note: I wonder how many calls I’ll get about this and how to repair the damage? The compromised system I can fix – your emptied bank account I cannot. Just saying.]

New Flashback Trojan Infecting Macs NOW

A new Mac Trojan that can now infect your computer from little more than a visit to a website AND requires NO PASSWORD TO INSTALL is making it's rounds and promises some scary things!

The exploit was patched in February for MS Windows systems, however Apple has yet to release one for OSX.
Read more about it here.

F-Secure has a method for checking for and removing the infection here.

So once again folks please do not be naive and think you are immune to attack simply because your Operating System is not MS Windows.

Be safe out there.

CCleaner for OSX out of Beta

I written previously about a great tool I regularly use for Windows PCs now being available to OSX called CCleaner here. The application is now out of beta and adds a full set of features! Yay!

With the full version CCleaner adds cleaning capabilities for Safari, Google Chrome, Opera  and Firefox. This final release for Mac offers cookie management – you can always keep all or some cookies for persistent logins where by default cleaning tool clears all cookies. It also features and improvements include: Repair permissions, Wipe free space,  stability fixes on 0.5  and 10.7.2, cleaning of Chrome’s omnibox and other minor  fixes. You can get it here or from the link in my previous post.

Jailbreak for iOS 5.01 now available

Looks like the Jailbreak for iOS 5.01 - the operating system on the iPhone 4S and iPad2 is Here now!! The tool is OS X only for now. But a Windows and Linux version are on their way very shortly. The tool works on the iPhone 4S running iOS 5.0 and 5.0.1 and the iPad 2 running iOS 5.0.1. But not any new Beta releases (most of you wouldn't have that anyways!).

You can read about it here.

A better How-To is here [note the part about the VPN connection at the end!]

What exactly is jailbreaking? Jailbreaking is a hack, or exploit, that brings added functions and features that were not imagined by Apple or restricted. Under recent revisions to the Digital Millennium Copyright Act last summer, the process has been legalized in the U.S. on smartphones and tablets.

Jailbreaking allows you to install apps through Cydia (which is, cleverly, Latin for a kind of worm that eats away at apples), which automatically gets installed when you jailbreak your iPhone. Cydia app store is really where all the real action is when you jailbreak. The simplest way to describe it is to call it an app store for jailbroken devices. Like Apple’s App Store, you will find some free and some paid programs.

Some questions often asked:
Q. Does jailbreaking affect the iCloud Backup?
A. No, it's still a legit iphone tied to a legit icloud account.

Q. What happens if I DO update from the wireless update?
A. Your jailbreak will go bye bye and you'll have to wait for them to update absinthe to re-do it. [We're talking about carier Over The Air updates here.]

About the 'Bricking your device' warnings many may read or hear: Without some very heavy-handed screwing up, you will not brick an iOS device. If something screws up along the way, chances are it will just be indefinitely detected as being "in restore mode" and you'll be prompted to restore your phone through iTunes. The only way you could really brick one of these devices is by flashing the device to the point where iTunes won't even recognize the device as an iOS device. You would have to try really hard to make that happen.

And if you want any more reasons than those I’ve given previously in my blog posts why you might want to Jailbreak you iPhoneiDevice you can check here.

Another OS X tool updated for Lion

The folks at Titanium’S Software have a new version of a great tool out for the latest version of OS X - Lion. The tool is called 'Deeper'. It gives you quick access to a number of Mac OS system options and tools that are normally buried in different utilities and menus. You can find the Lion version and versions that work on older OS X systems here along with Onyx for all versions of OS X.

As I have written about before, Titanium makes some great software. I put Onyx, a multifunction utility for Mac OS X, on every Mac I work on or own.  [Read more here]

The guys at Addictive tips have a super run down on how to use Deeper. You can read and should read about that here.

Also, all their software is FREEWARE!

Backups, system failures and peace of mind

Another week in the trenches. I had a primary server at our organization have a major failure. The SAS controller (which provides access to SAS type HDDs) died OR the motherboard to the server itself has an issue. Either way without another ‘like’ system that I can put the SAS card into to see if the issues is just the card or the motherboard I cannot access my drives – and they too may be very corrupted. The only machine I have capable of putting the card into is in production. And the cost of a replacement Dell Perc5i SAS card is nearly $200.00 US and could take days to get here. Plus I needed to have this system back up and running very quickly – the server in question runs all or our company financial, shipping and reporting software applications!

Since I have all my ‘data’ backed up to a server drive every night I was secure in the knowledge that we at least had the financial databases and ‘files’ available. But how to get a system back into production? Disk Imaging to the rescue!! I had a fairly recent full system image, created with my favorite backup software – Acronis, available. Yay! Just need a place to restore it to.

Since my organization now has a VMware ESXi/vSphere SAN and cluster running I was easily able to create/import a new ‘Virtual Machine’ from the Acronis disk image very quickly and then just copy over the backed up data files from the night/early morning before. WORKED LIKE A CHARM! If I’d had an available server (Hardware wise) I could also have restored that image to it too.

I’m telling this to you to remind you - I believe in Images(Clones) for my backups, alone with periodic ‘file backups’. That way I’m protected against full drive failures/loses AND stupidity – accidentally erasing or overwriting files.
[Imaging or cloning is the procedure by which you create a backup that is identical to a bootable system either to another internal or external drive. This is the ultimate backup! Should your drive fail you can just ‘pop in’ your cloned drive or ‘restore’ that clone to a new drive and your are up and running.]

If you are not regularly creating full image backups you WILL be sorry! I have written numerous articles about cloning and back up.

PLEASE read here if you any kind of concern for you data.

For Mac images and cloning go here.

So of course this weekend I created two new images on separate drives for my home system(s). I can’t tell you the peace of mind you will get from knowing that the worst that could happen to your system is that you might lose a couple of days or a weeks worth of information. If your drive gets corrupted or fails or you get trashed by some virus, you could be back up and running within a very short period of time! No re-installing your Operating System and programs and ‘trying’ to find you data files. Just restore the image and BAM, you up!

What prompted me to start on this rant is that Apple has finally acknowledged it is having some major issues with some of the hard drives in some of their newer systems they have been selling. Looks like some of the drives just ‘fail’. OUCH! You can read about that here.

And although you can have your drive replaced – YOU WILL LOSE YOUR DATA! The Apple folk and/or kids the the ‘Genius’ bar will NOT re-install your system software or clone your drive for you!! Unless you have an image to restore you will have to re-install you System and applications. And unless you had at least some kind of backup to another drive (Time Machine type) your data (read pictures and music!) will be gone!

So folks, backup, backup and then backup again.

The cost of a couple of extra external drives and a little program setup is minuscule to the cost of losing you ‘digital life’. Right now Acronis has a special – only $29.00 US for their home product!! With Apple’s you can even get a way with out purchasing any software!

Be safe, be secure and gain some peace of mind.

Apple Security news end of June 2011

Apple has released Mac OS X v10.6.8 and Security Update 2011-004 addressing a total of 39 vulnerabilities in OS X 10.5.x and 10.6.x.

Many are critical errors which could allow an attacker to take control of the system!

Please use the System Update. You can read the notice here:

And get the direct download here:

As usual I would remind you to also make sure you also update your Web Browser(s) and plug ins - ESPECIALLY Adobe Flash and Adobe Acrobat!

More OS X utilities

While this is an early Beta, I am very happy to see one of my favorite tools now available on OS X - CCleaner.

I have been using this for some time on ALL of my Windows machines. In fact I have it scripted for all my users - every time they login CCleaner is run. This helps keep any lurking nasty's in temp folders from being able to be run – since they are removed.

This early Mac version does not of course have as many features as the Windows version yet but looks real promising. Have a try. I hope you find it useful.

You can get it here

You should also have (if you don’t already from my previous posts – Onyx

You can get that here

Apple releases fix for MacDefender Trojan

Ok OS X folks. Looks like Apple finally is releasing a 'fix/update' for the MacDefender Trojan.

The update provides a File Quarantine definition for the "OSX.MacDefender.A" malware and Mac OS X 10.6.7 will now automatically update the definitions on a daily basis. The update will also search for and remove MacDefender and its known variants.

The knowledge base article is here 

and the actual download is here

Please update your systems.

My previous article is here.

MacDefender Trojoan Strikes Again!

Apple and Mac folks I'd like to welcome you to the Windows world of malicious and pernicious attacks - even 'drive bys'. For over two decades I and the rest of the security world have been trying to inform people that NO networked system is safe from attack. Because of the sheer number and percentage of Windows machines vs. Mac and Linux machines, they have been the most easily targeted and exploited target. But that is changing! With the spread of OSX on the desktop and the realization by the malicious software vendors that Mac people are VERY EASILY duped and exploited because of their false sense of security, they are coming on strong and fast!

I recently wrote about the new Mac Trojan out and how to defend against it and remove it – read here. After 25 days Apple finally did put a notice and instructions on how to remove it. BUT only after telling their technicians AND users that 1st it didn't exist and then that they would not provide help!

Mac malware authors have released a new, much more dangerous version of MacDefender trojan variant:

"Unlike the previous variants of this fake antivirus, no administrator’s password is required to install this program. Since any user with an administrator’s account – the default if there is just one user on a Mac – can install software in the Applications folder, a password is not needed. This package installs an application – the downloader – named avRunner, which then launches automatically. At the same time, the installation package deletes itself from the user’s Mac, so no traces of the original installer are left behind."
Please read this from ZDnet

Apple is promising an update to OS X "in the coming days" that will detect the malware and its known variants, remove it, and remain in order to warn the user if they download it again. But don’t hold your breath!

I've spent years worth of time dealing with people who have been 'sold' on the false idea that "Macs don't get viruses or hacked". Wrong wrong wrong! OS X is built on a '*nix' core - one of the oldest operating system architectures in the world. How could you NOT think that there are exploits around that are just waiting to be ported to the newest derivatives? What type of systems do you think the hackers/crackers where getting into in the 70's and 80's?
I fault Apple a great deal for this. They have been literally selling the LIE that Macs are not susceptible to hacks for years. AND people believe them!

Again welcome to the world of Windows PC responsible computing. Be careful or get burned.

Please practice safe computing folks.

MacDefender trojan/malware is currently spreading on Mac systems - let’s kill it!

MacDefender, is the rogue antimalware trojan currently spreading on Mac systems. This malware is known by a variety of names, including "Mac Defender", "MacProtector", "Mac Security", "Apple Security", and "Apple Security Center".  It is a great example of how ‘social engineering’ can be used to trick people into harming themselves. Below are clear and easy procedures for removing it, read the quick summary or follow the links at the end for walk-throughs with loads of screen shots

I have written recently about this here, but it appears more people are being ‘snagged’.

Apple support is being of absolutely NO help either! In fact they are telling their people,"Do not attempt to remove malware.." Read about that BS here if you wish. So I thought I'd again provide some tips.

Here is the simple summary of what to do:

1. In Safari under "Preferences", at the bottom of the "General" tab (the first tab), uncheck "Open safe files". This will prevent Safari from starting threats like MacDefender automatically after downloading them.
2. Open up "Activity Monitor" (this is in your Utilities folder within Applications)
3. Find "MacDefender" (or whatever the malware is being called, MacProtector, Mac Security, etc)
4. Highlight it then click "Quit Process" which looks like a big red stop sign at the top right of the Activity Monitor screen.
5. Next, open System Preferences, and go to "Accounts". When it appears click on the "Login Items" button, select the program, and then click the "minus" button to remove it from Login Items.
6. Next, navigate to your Applications folder, find the program, drag it to the trashcan, and then empty the trashcan. Yes. It's really that simple to remove.

Here are the two best links I could find for simple walk-throughs. I would rather not repeat the tutorials they have already taken the time to do.
Their work is much appreciated.

Now the super links with detailed screen shots and some additional tips:
The HowToGeek.com site has a great walk through here.

VRT-blog has some good information on this also, read that here.

Folks, if you use a Mac and you connect it to any systems – especially the internet, please realize that you are vulnerable to attacks and hacks. NO system is immune to attack! Although Mac’s and Linux systems have benefited by a more secure file system/OS structure (for the most part) than previous Windows systems AND the fact that their numbers were small - about 8% of all network connected desktop machines and presented a ‘low volume’ target they are now increasingly being attacked. This is especially true since many Apple uses have been lied to and told they are invulnerable to attacks.

BE SAFE FOLKS!

How to create a VPN Connection on MAC OS X 10.5 Leopard

How to create a VPN Connection on MAC OS X 10.5 Leopard

This is a step-by-step guide on how to create a VPN Connection on a MAC OS X 10.5 Leopard System.

I recently had to do this again for some of our remote staff, so I thought I’d post it as a reminder to me and maybe help others who have asked in the past.

1. Go to ‘Apple’ –> ‘System Preferences’

2. Select ‘Network‘ from system preferences

3. In ‘Network‘ system preferences, click the ‘+‘ icon on the bottom left cover of window to make a new VPN Conection.

4. As shown in the image below, a new window appears. Click on the ‘Interface’ menu and see the list of choices and select ‘VPN’.

5. Next, Change the ‘VPN type‘ from ‘L2TP over IPSec’ to  ‘PPTP‘. And then In the ‘Service Name’ field, type in ‘VPN Office’ or ‘Company Name VPN’ or make one up. Once you have done, Click on ‘Create’

6. Next, we need to make a configuration. Select the ‘Confguration’ drop menu and select ‘Add Configuration’

7. A window will pop up, asking to name your new configuration. Type you ‘Company Name VPN’ here and then click ‘create’

8. Next, enter in your company’s ‘Server Address’ example; ‘server.domain.com’ or ‘72.14.213.x’ and ‘Username’, for example ‘administrator’ or ‘LarryHolmes’ or what ever

9. Next, Select the ‘Authentication settings’ button

10. Enter in Your ‘password’ and click ‘OK’

11. Next, Click on the ‘Advanced’ Button

12. Make sure that ‘Send all traffic over VPN Connection’ is unticked. Then Click ‘OK’

14. Once you have done that, click ‘Apply’. And connect to your New Vpn Connection by clicking on ‘Connect’.

There you go…

New Mac Trojan horse and Security tips from the NSA

There is a new Mac Trojan horse masquerades as virus scanner – read about that here . This is another example of social engineering - tricking users into making security mistakes.
Users looking for legitimate protection against viruses on their Macs might be duped into downloading and installing this. Essentially this is ‘ransomware’. It requires payment to ‘stop’ the ‘infection’. AND the payment information is often then sold to other nefarious people.

Remember that NO operating system is immune to attack. And since every system is utilized by humans they remain the biggest weak link - humans that is.

Also in other security news the NSA has released some good advice and documents for better security practices with your home network, and Operating Systems (including Mac OSX).
Read about that here. [via PCMAG Security watch blog].

Nearly all of this contains information that I and other security people have been saying for years but is well worth reading.

Updating to Firefox 4

I’ve written previously of my heavy reliance on Firefox and the many add-ons I use to make my time more productive and enjoyable while using the Internet.

Read here.

Now Mozilla has release the final version of Firefox 4.

Firefox 4 provides a MUCH faster and integrated browsing experience than version 3.x. The speed improvement will be noticed more on systems that allow for ‘hardware acceleration’ (more on that later) but it is still much faster on older systems.

Here is how I went about doing the upgrade.

1^st download and install the latest version of Mozbackup here:

Download location here 

Information page here

This application is wonderful. It completely backs up your profile; bookmarks, settings and extensions.

Run Mozbackup and back up your profile(s) completely.

Download/install Add-on Compatibility Reporter. This requires a few Firefox restarts to be properly loaded.

This add-on will let extensions that are not explicitly ‘approved’ for version 4 to run.

And it will provide a nice interface to report those that don’t work correctly to Mozilla and/or the developer.

[If you use LogMeIn (and you should, if you need remote access to machines – Mac or PC!) here is the process to get the older add-on working in version 4:

Download by right-clicking and choosing to ‘save link as’ to your desktop or wherever this file: https://secure.logmein.com/activex/npRACtrl_ff3.xpi and then open the file with a zip extractor:  (this is zip-file, you can use Winzip, 7-Zip or Winrar. I use 7zip,)

extract the file:

install.rdf

modify it the part ‘3.6 – to read 4.6 here: <em:maxVersion>4.6.*</em:maxVersion>

Then save the file and ‘put it back into the xpi (zip file) overwriting the original.

In the xpi file (opened via 7zip or whatever) delete zigbert.rsa in /META-INF folder

Save all back to single xpi file.

Open Firefox then go to the menu bar on top and choose ‘File>Open File’ and select the xpi file and install it.]

OK so let’s get to it!

Download Firefox 4 here and install/upgrade.

I had very few issues with the upgrade on all my machines. So I’ll address them here.

Once installed there are a few things that may need adjusting. I had to do this on some machines and not others.

If your ‘Menu’ bar disappears it can be brought back very simply. Just right-click on free space in one of the toolbars and the selection of ‘Menu Bar’ switches back to the old layout. I also check the ‘Navigation Toolbar’, the ‘Add-on Bar’, and the ‘Bookmarks Toolbar’.

By choosing ‘Customize’ you can select more items to add to the toolbar and place them where you like.

If you have ‘blurry fonts’ you may have an issue with ‘hardware acceleration’.

Simply go to the Options section from the ‘Tools’ context menu. Then in the Advance then General tab you can ‘uncheck’ the ‘Use hardware acceleration when available’.

Tabs on top? The new version puts them there. I don't like that, you may. Firefox displays tabs on top by default which is a big change for Firefox 3 users. The customize menu has an option to move tabs back down. The entry Tabs on top needs to be unselected to move them below the address bar again.

On my OS X Machines there was one peculiar thing during the installation. Once the dmg was downloaded and mounted I could not copy the install to the applications directory until I trashed the existing Firefox application. Once installed, most of the above still apply.

On Linux (at least on my Ubuntu installs) Firefox 4 is real fast too!

Well I hope this help some.

SMS from GMail

I've written many times about how awesome a tool Google Apps Gmail is. Check out these links.

One

Two

Three

Four and I’m sure there are more just look.

And I've also written about how to send and SMS text to a phone via email.
Here
But that does require you know the service provider of your recipient.

BUT you can also send SMS messages directly to any telephone number from Gmail/Google Chat. A super useful tool if you are in front of a computer and the party you need to contact is not.
To do so from Gmail:

1. Enter your contact’s name in the ‘Search or invite friends’ box in Chat, and select Send SMS from the box of options that appears to the right of your contact’s name. Or, if you already have a Chat window open for this contact, just click Options, and select Send SMS.
2. In the dialog box, enter a phone number in the ‘Send SMS messages to this number’ field. For now, this feature works only on United States phone numbers. If you're outside the US, you can still use it, but you won't see the SMS option in Chat until you enable it manually in the Chat settings page. 
3. Click Save.
4. A Chat window appears. Just type your message as you would normally. When you hit Enter, the message will be sent to the phone number you entered.

If your contact replies, the text message response will appear as a reply in Chat. These conversations are stored in your Chat history just like regular chats (but keep in mind that you can’t go off the record while communicating via SMS).

Note regarding mobile phone subscribers in North America: depending on which mobile plans your contacts in North America have, they may be charged by their mobile providers for receiving text messages.
Read about more about it here:

Note that as you 'use' SMS quota you can increase the number you are allowed to send very easily.
A quota is an allocation of SMS (text messages) that you're able to send to a mobile phone:

• Initially, you're granted a quota of fifty messages.
• Every time you send a message, your quota decreases by one.
• Every time you receive an SMS message in Chat (for example when a phone user replies to one of your messages) your quota increases by five, up to a maximum of 50.

If your quota goes down to zero at any point, it will increase back up to one 24 hours later. So, you won't ever be locked out of the system

SMS in Chat Commands:
Here are some commands that might come in handy for you down the road when using SMS with Chat:

• HELP: Text this command to any Gmail SMS number and you'll get a response reminding you of some of the basics of SMS and a refresher of some of the other useful commands
• STOP: This command will block all SMS messages from Gmail
• START: Re-enables you to receive SMS messages from Gmail if you're currently blocking them
• BLOCK: Send to the code number for a particular contact to block messages from that specific person
• UNBLOCK: Allows a blocked contact to send you SMS messages in the future

Mac OS X Trojan catches Sophos' eye

Two very recent article point out what most security people know and the rest should know – NO technology, especially computers connected to any network, are completely secure!

An article here points this out:

"It appears there is a new backdoor Trojan in town and it targets users of Mac OS X. As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple's increasing market share."

And from another one here:

"More than half of Americans believe that PCs are "very" or "extremely" vulnerable to cybercrime attacks, while only 20 percent say the same about Macs, according to this ESET survey.
(Credit: ESET)"

ESET released the results of a survey in November related to awareness of cybercrime in the U.S. The survey of more than 1,000 people found that while both PC and Mac users perceive the Mac as being safer, Mac users are victims of cybercrime just as frequently as PC users.

Meanwhile, Mac users are just as vulnerable to Web-based attacks like phishing as PC users are, and Mac users who fall prey to phishing tend to lose more money on average than PC users do, the survey found. "Viruses are a diminishing percentage of what we're seeing," said Randy Adams, director of technical education at ESET. "A lot of attacks have to do with social engineering and that kind of attack is platform agnostic."

Please folks, practice safe computing practices. I’ve written extensively on that so I won’t go into that here, just search my blog(s) for security items.

For those of you that are interested in an antivirus product for Mac Eset makes a fantastic one. You can check it out here.

By the way Eset’s products are top notch! If I were to buy a security solution it would be theirs.

Keep safe folks.