Thursday, April 8, 2004  [!]
Perspectives on what's going on in Iraq by Iraqis. Read it, follow the links.

And read Zayed at Healing Iraq. The most recent post recalls Iraqi history from the 1920s.

4/8/04; 7:48:45 PM | Iraq | Discuss (1 response) | # | |


Damn! All this time I thought the Mac was safe. Now those virus writers are coming after (the rest of) us. It's a MacOS X virus. It's a paradigm shift for me, this malicious virus business on the Mac.

A company called Intego has released a security alert:

Paris, France: 4:15pm, April 8, 2004 � Intego, the Macintosh security specialist, has just released updated virus definitions for Intego VirusBarrier to protect Mac users against the first Trojan horse that affects Mac OS X. This Trojan horse, MP3Concept (MP3Virus.Gen), exploits a weakness in Mac OS X where applications can appear to be other types of files.

The Trojan horse's code is encapsulated in the ID3 tag of an MP3 (digital music) file. This code is in reality a hidden application that can run on any Macintosh computer running Mac OS X.

Mac OS X displays the icon of the MP3 file, with an .mp3 extension, rather than showing the file as an application, leading users to believe that they can double-click the file to listen to it. But double clicking the file launches the hidden code, which can damage or delete files on computers running Mac OS X, then iTunes to play the music contained in the file, to make users think that it is really an MP3 file . While the first versions of this Trojan horse that Intego has isolated are benign, this technique opens the door to more serious risks.

This Trojan horse has the potential to do any of the following:

  • Delete all of a user's personal files
  • Send an e-mail message containing a copy of itself to other users
  • Infect other MP3, JPEG, GIF or QuickTime files

Due to the use of this technique, users can no longer safely double-click MP3 files in Mac OS X. This same technique could be used with JPEG and GIF files, though no such cases of infected graphic files have yet been seen. [Read More]

Computerworld, MacObserver and TechTV also are reporting the news.

Update: Thanks to Dori for this link to a discussion about how there might be security vulnerabilities in MP3 files, and lo, someone created a proof-of-concept trojan horse as part of the discussion. (Ding! lightbulb goes on: So that is why this Trojan Horse is called "Concept"!) Someone came up with the concept, demonstrated it. But the virus isn't released to the general world. Yet.

4/8/04; 5:14:05 PM | GeekTech | Discuss | # | |

Gee, was it two years ago I registered these domain names? No, it was three.

The domain names expire this week. I don't know if I'll renew them.

BackWhen, I was all hot to trot to write a how-to book on weblogging. It got bogged down. I even was approached about the domain names, but at the time, I thought naaaaah, I gots plans with 'em. Only Other Stuff Happened. (bootstrapping projects with scant cash flow is Very Tough)

I got part way on writing a user guide for Manila. Not too interested in continuing it, but am thinking about how to make what I've done available somehow.

Anyway, I figured I'd just post these thoughts here, in case anyone thinks one way or the other about them. --want one of the domain names? --think I should do a how-to blog book? --wanna talk about the Manila stuff I've written so far?

4/8/04; 11:23:49 AM | Weblog Software | Discuss | # | |