apple-safariOuch. It took Baltimore security researcher Charlie Miller 10 seconds to hack & gain control of a fully patched MacBook using a pre-written exploit during the PWN2OWN hacking contest at this years CanSecWest Conference in Vancouver. He loaded the exploit into a web URL which was clicked by a user, imitating a common tactic of infecting users with malware at malicious sites (Windows users, you know what we’re talking about…).

The whole process was part of a competition held every year at CanSecWest. Miller won $5k & the MacBook he hacked. Rights for the exploit were sold to TippingPoint, CanSecWest’s sponsor, and Apple was notified of the exploit. Not bad for 10 seconds work…

I’m not trying to be alarmist, but it strikes me that we might be starting to see a a pattern forming here. It seems that Apple’s much-vaunted ‘virus-free’ bragging rights are eroding slowly but surely. And as their market share increases, these kinds of sightings are going to occur more & more frequently.

& while I’m certainly hesitant to tell everyone to run out & buy anti-virus for their macs, it certainly wouldn’t hurt to review some security best-practices for the internet, so…

  1. If you’re unsure about the source of a link, DON’T CLICK IT.
    • Just because a flashing icon/window begs you to click it, doesn’t mean you should (in fact, a flashing window should be a pretty good indicator that this ISN’T a link you should be clicking!!!).
  2. Enable Pop-Up Blockers.
    • Bit of a pain, sometimes, I know. But they typically do more good than harm.
  3. Unless there’s a good reason to, keep you’re browsers security settings enabled.
    • That includes warnings for suspected phishing, forgery, attack sites, & others.
  4. [Safari] Disable the “Open ‘Safe’ files after downloading” open in the Preferences.
    • Don’t let a web browser tell you if a file is safe. Again, if you’re unsure about the source, don’t open it (or at least scan it first!).
  5. Be careful when you’re downloading torrents or file from peer-to-peer applications – traditionally these are some of the biggest sources of infection for malware and viruses.
  6. Don’t use Internet Explorer. If the above Charlie Miller incident teaches us anything, we probably shouldn’t use Safari, either.
    • Firefox is a good choice, Opera is another – both are free.

entourage_mac_2008_iconWhen Entourage runs its Send & Receive routine, it copies data from the Exchange server to the local workstation. It’s not uncommon for this local cache to get corrupted, which typically results in erratic synchronization. The end result is users that don’t receive new emails or the emails they send never reach the recipient. Even more frustrating for users is that the problems are usually random – some mail comes & goes fine, some doesn’t. A critical clue is that when using the OWA web interface, there aren’t any problems sending or receiving mail.

Fortunately there’s an easy fix – clear the cache in Entourage. You can clear caches on specific folders, or for the entire account. The process deletes all the data that’s stored on the local workstation, then connects to the Exchange server & downloads everything from scratch. Think of it as a kind of reset button for the user’s Entourage account. Instructions for clearing the Entourage cache are below. If you’re interested in a little more info on the subject, check out this post. For instructions, read on.

Reseting the Exchange cache in Entourage

  • Right-click on the exchange identity (or sub-folder) & select Folder Properties


  • Under the General¬†tab, click the Empty¬†button in the section titled Empty Cache. NOTE: Any local items (calendar events, etc) that have NOT been synced with the Exchange server will be lost.


  • It may take some time to download all of the users data from the Exchange server. Be patient.