Windows Phone 7 Connector for Mac released in beta

October 25th, 2010 at 8:17 PM  2 Comments

Microsoft has delivered on a promise to allow Mac OS X users to sync their Windows Phone 7 devices today by releasing the beta of the Windows Phone 7 Connector for Mac. This software will sync your WP7 device with your iTunes and iPhoto library, using Apple’s public APIs. According to Tom Warren at Winrumors, Microsoft did not need to consult with Apple in order to implement the connector. Here’s to hoping Apple doesn’t find a way to break it just because. Hopefully Microsoft will deliver a full blown Zune client for Mac users in the future.

The connector requires at least OS X 10.5. You can download the beta, weighing in at a light 1.5MB, directly from Microsoft’s website.


Snow Leopard lacks security features present in Windows Vista/7

September 17th, 2009 at 10:23 PM  2 Comments

Random_Access_MemoryNoted Apple security analyst Charlie Miller, author of The Mac Hackers Handbook and two-time winner of the Pwn2Own hacking contest has said, in an interview with TechWorld, that the latest version of Apple OS X (10.6 AKA Snow Leopard) lacks full and proper implementation of memory address space layout randomization (ASLR). ALSR is a technology, present in Windows Vista and Windows 7, that randomly assigns data to memory to make it difficult for attackers to determine the address of critical operating system functions being stored in memory, and therefore making it harder for them to create exploits.

“It’s the exact same ASLR as in Leopard, which means it’s not very good,” Miller said, “Apple didn’t change anything. I don’t understand why they didn’t. But Apple missed an opportunity with Snow Leopard.”

When OS X 10.5 (Leopard) was released, Miller and others were critical of Apple not fully implementing ASLR. While there is ASLR present in both Leopard and Snow Leopard, they fail to the heap, the stack and the dynamic linker, the parts of the operating system that are most open to attack. Linux also has what many consider a weak implementation of ASLR since kernel version 2.6.12, although some distributions include better ASLR then the stock kernel based on third party code.

Miller did say that there are elements of Snow Leopard that show Apple did do some things to improve security, most notably the inclusion of data execution prevention or DEP, which utilizes both processor-hardware and software based security programming to help prevent buffer overflow attacks by blocking code from running in memory spaces that’s supposed to contain only data.

However, Apple may be late to the game with implementation of DEP, as it has been present in Windows operating systems since Windows XP Service Pack 2, with further refinements made in Windows Vista and Windows 7.

By incorporating both technologies, Miller says it becomes extremely difficult to craft memory attack exploits. “If you don’t have either, or just one of the two [ASLR or DEP], you can still exploit bugs, but with both, it’s much, much harder. Snow Leopard’s more secure than Leopard, but it’s not as secure as Vista or Windows 7.”

Apple Snow Leopard, Exchange (in)capable?

September 1st, 2009 at 10:54 AM  No Comments

MC223With the recent launch of Apple’s latest OS iteration, Snow Leopard, many users were anxiously anticipating a more feature rich and integrated experience in corporate networks that employ a Microsoft Exchange server, or as Apple puts it, Out-of-the-box support for Microsoft Exchange. While that may technically be true, it’s not as cut and dry as Apple claims it to be.

Freelance technology journalist Tim Anderson digs into the Exchange capabilities of Snow Leopard in its out-of-the-box state, and reveals that it’s not a full featured Exchange experience, but may be more reminiscent of Mail support pre-Snow Leopard. While previously Apple OS versions only supported basic e-mail connections to an Exchange server via IMAP, Snow Leopard offers support for Exchange Web Services. However, EWS is not a feature complete service, and is only available to those connecting to an Exchange Server 2007  with Service Pack 1, Update Rollup 4. Even then, some features, such as public folder support will require an Exchange Server 2007 with Service Pack 2.

As Tim points out, there are many Snow Leopard users experiencing a myriad of difficulties in connecting their systems to Exchange servers. The saving grace looks like it will come from Microsoft, who in it’s next version of Microsoft Office for Mac, will be replacing Entourage with Outlook for Mac, which promises to deliver a more complete Exchange experience for Mac users.

Mac OS X 10.6 released today

August 28th, 2009 at 9:56 AM  1 Comment

MC223Apple has released the latest version of their OS X operating system, version 10.6 or “Snow Leopard” for both desktops and servers. Current 10.5 users can upgrade to 10.6 for $29 per machine for the desktop or $499 for the server. 10.6 is only supported on Intel based Macs.

The desktop version features enhanced Exchange support, enabling programs like Mail, iCal and Address Book to communicate directly with our Microsoft Exchange 2007 servers. Both versions also feature enhanced support for x64 based computing, and have a x64 based kernel.

As we reported earlier in the week, 10.6 also includes built in malware scanning, something not mentioned anywhere on the Apple website.

The server version also includes a new SSL based VPN service, as well as new versions of iCal server and Address Book server, as well as updates to the built in Mail server.

Order: ClientServer

Update: Be sure to check the recently published 10.6 application incompatibility chart before upgrading. A few popular anti-virus programs as well as versions of Parallels Desktop are listed as restricted during install. Aperture 2.1.1. is also listed as unable to load after installing.

Apple OS X 10.6 to include anti-malware scanning

August 26th, 2009 at 12:43 PM  2 Comments

According to a report from The Mac Security Blog, a previously undocumented feature of Apple OS X 10.6 “Snow Leopard” is that it includes a built-in anti-malware scanner. While there are few details on exactly how this works, ZDNet seems to think that it has entered into some type of agreement with a commercial anti-virus company, as they have confirmed that it is not using the open-source ClamAV engine.

Currently the Security page on the Apple website makes no mention of the feature directly, but it does highlight some of the other security measures in place for Snow Leopard, and anti-phishing technologies built into Safari. At the bottom of the page Apple does acknowledge that “since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.”


OS X 10.6 will be shipping this Friday, August 28.