So, those pesky people are trying to frame you for war crimes and you don’t want to get busted? Try srm, the secure version of rm. Allows you to chose between 7 or 35 pass erasure, depending on how long they’re trying to put you away for.
It looks like the Mac OS X 10.4.9 update updates sudo such that it now no longer references “We trust you have received the usual lecture from the local System Administrator.”, probably because many people don’t have a local system administrator. Nor does it warn you that with great power comes great responsibility. Certainly there were lots of people searching on that phrase, presumably to work out what the “usual lecture” is. Now sudo gives
WARNING: Improper use of the sudo command could lead to data loss or the deletion of important system files. Please double-check your typing when using sudo. Type "man sudo" for more information. To proceed, enter your password, or type Ctrl-C to abort.
Which is probably more useful if you haven’t experienced sudo before. I also note that typing ‘help’ at the bash commandline now gives you something better than “command not found”
I was looking for the little green light that tells you you’re “on air” on the new MacBook Pro’s inbuilt iSight camera. Whilst the MacBooks and iMacs have a little black spot for the LED there’s no such LED obvious on the MacBook Pros. So I fire up iChat and sure enough, a green spot appears, apparently through the aluminium.. Sure enough, turn off the camera and there’s no sign of the LED at all, just brushed aluminium. There are photos on Nobilog. Insanely great engineering.
Just in time for Leopard, Apple and the NSA have released the second editions of their Mac OS X Security Configuration Guides. Here’s the one for Mac OS X Server.
While you’re there, don’t forget the NSA’s CryptoKids(TM) web site.
Apple have released a technote about the security content of Airport Extreme Update 2007-002 , namely that if you installed 2007-001 you should install 2007-002, but if you haven’t installed either yet you should just install 2007-002. Or at least that’s how I understand it. Otherwise someone could crash your machine remotely via the wireless network.
It started with this script to use the Mac’s inbuilt camera to grab an image when an incorrect password was used during login (presumably because someone’s stolen your Mac). But that was a bit hard for most people to install, so now there’s MacLoJack which does that, and more. Includes code for the server so you can run your own for your Mac to dial home to.
So, no sooner had boxed up the Intel Xserve and filed my bug report about Java bus erroring than Apple released a Java update (Java for Mac OS X 10.4, Release 5), a Daylight savings timezone patch, and a 2007-002 Security update, addressing several of the bugs mentioned by the Month Of Apple Bugs site (I’m not going to link there again as they’ve got an image that attempts to exploit a security hole posted on their site).
Apple have posted an introduction to Kerberos on the Apple Developer Connection site, and how it’s used in Mac OS X for single sign-on authentication.
There was mention on Slashdot of the founder and chair of the Motion Picture Experts Group (MPEG), Leonardo Chiariglione had responded to Steve Jobs “Thoughts on Music” post.
The /etc/authorization file allows you to grant rights to some users to do more than they’d otherwise be allowed. For example, here’s Apple’s article about how to allow non-admin users to change the timezone (If for example you have a mobile workforce who need to change time zones but you don’t want them to mess with anything else on their laptops).
