#542 Brother Laser Printer, HTC RE Camera, Manfrotto Tripod, XcodeGhost, iGadgitz Armband, Damson Headbones

Steve and me relaxing in the mountains with TeslaSince Steve and I took a little vacation, Steven Goetz from stevengoetz.ca jumped in to give me a hand with a review of his new Brother multi-function laser printer. I’ll tell you the story of how the magic of Apple Photos helped me have fun with the wine pourer at Fess Parker Winery. George from Tulsa also jumped in to fill the gap as I lazied about on vacation with a review of the fun little wide-angle HTC RE Camera. I explain why I had to keep getting new tripods and finally purchased the Manfrotto Compact Action Tripod (in Red). In Chit Chat Across the Pond Bart gives us a deep dive on this XcodeGhost story that let a huge number of infected apps into the iOS App Store and as usual tells us whether or not we should light our hair on fire about it. After that he tells us about two really good accessories for his iPhone while cycling. First he tries (and mostly succeeds) at convincing me that the iGadgitz Reflective Anti-Slip Neoprene Sports Gym Jogging Armband is the first armband I might actually like, and the Damson Headbones – bone conducting Bluetooth headphones that I’m sure I would like.


itunes
mp3 download


Hi this is Allison Sheridan of the NosillaCast Mac Podcast, hosted at Podfeet.com, a technology geek podcast with an EVER so slight Macintosh bias. Today is Sunday September 27, 2015 and this is show number 542. As it turns out, being retired is awfully hard work, so Steve and I have been forced to take vacations to get away from our hectic life of getting up late, drinking coffee, and fooling around on the Internet. Last week we went wine tasting for a few days and then up into the mountains, where we got up late, drank coffee, and fooled around on the Internet…while looking at and smelling pretty pine trees.

I put out a plea for some help with the show, and both Steven Goetz and George from Tulsa came through for me with great reviews. I did a LITTLE bit of work for the show so you’ll get to hear from me too. Let’s start off with Steven’s review:

Blog Posts

Have You Considered a Brother Laser Printer? by Steven Goetz

The Magic of Apple Photos

Fun Little Camera: HTC RE Review from George from Tulsa

When Your Husband Steals Your Tripod

Armband You Might Actually Like from iGadgitz & Bone Conducting Headphones from Damson

Clarify

In Chit Chat Across the Pond you’ll hear Bart tell us about a new set of Bluetooth headphones he just purchased, and in our discussion he mentioned that using iOS 9, you can actually see the battery status of Bluetooth connected devices under the Today widget. I thought this sounded pretty slick since I never know when my headphones are going to die! I worked out how to turn this feature on and tested with my $17 Biena headphones, my Apple Watch, and then repeated it on my iPad with the Jawbone Jambox.

It’s not a super obvious thing to set up, so I decided to make a Clarify tutorial on how to do it. I took a half dozen screenshots on my iPhone, and then exported them from Photos on my Mac and dragged them into Clarify. It’s easy to reorder steps in Clarify by just dragging them up and down in the left sidebar. I put in some annotations, like an arrow to show scrolling, a box around a button to be pushed and some text on screen. It’s fun to mess around a bit with the colors and transparency, and how roundy you like the boxes too. I noticed something a teeny bit personal on one of the screenshots so I dropped in a blur rectangle to obscure it.

Now for some text to explain what we’re doing. I pushed the button to post it as a tutorial on podfeet.com in draft mode and then went over to see how it looked. Here’s the best part, I saw a few things I’d missed and some things I wanted to change, so back over to Clarify, make a few quick edits and push the WordPress button again. Clarify very quickly assesses what’s changed and only uploads the changes and boom, I was done.

After that I hit the Save to Evernote button and I knew I had it safely stored both locally and in the cloud and so accessible from all of my devices should I ever need to edit the document.

I just love making these tutorials for people. If you want to be a hero too, or just help remember things for yourself, go get yourself a free trial of Clarify from clarify-it.com and be sure to tell them Allison sent you!

Chit Chat Across the Pond

Security Medium – XcodeGhost

This week we have seen the first dramatic security issue on the iOS app store. It’s not a catastrophe, but it’s not a non-story either. Attackers did not actually compromise the App Store, but they did manage to sneak malware into apps available through the app store.

The attack worked by tricking developers in China to use a counterfeit version of Xcode to develop their apps. Because of the Great Firewall of China, downloads of the official Xcode from Apple’s servers is slow. Xcode is a big package, so that slowness is very annoying. To get around this, some Chinese developers download Xcode from unofficial mirrors within China.

The counterfeit version of Xcode did not have a valid digital signature, so GateKeeper blocked it, so clearly, some Chinese developers run their Macs with GateKeeper disabled.

The counterfeit version of Xcode injected botnet code into all apps compiled with it.

The exact number of apps compromised is unclear – depending on which reports your read, it’s somewhere between 40 and 4,000. What is certain is that the epicentre of this attack was China. The affected apps were all written by Chinese developers, and most Chinese apps do not have much popularity outside of China – with one very notable exception – WeChat.

Initial reports suggested that the malware could be used to steal credentials, but both the security researchers at Appthority, and Apple say that is not true, and the malware has only very limited capabilities.

Apple have removed the affected apps from the store, and are working with affected developers to get their machines cleaned of the malware, and updated versions of the apps uploaded to the app store. Apple have also added the counterfeit version of Xcode to the XProtect anti-malware service built into OS X. Apple are also going to host official Xcode mirrors in China to help developers get the official Xcode more quickly.

Links:

Security Light

Important Security Updates:

Important Security News:

Noteable Breaches:

Suggested Reading:

2 thoughts on “#542 Brother Laser Printer, HTC RE Camera, Manfrotto Tripod, XcodeGhost, iGadgitz Armband, Damson Headbones

  1. MacLurker - September 28, 2015

    Regarding bug in AirDrop that allows connecting devices to silently install apps: I found this advice in the Apple Support page for configuring AirDrop: “Tap the name of a nearby AirDrop user or the Apple device. If you’re sharing Contacts Only and can’t find a nearby user, check that both of you are signed in to an iCloud account. If you still can’t find a nearby user, consider setting AirDrop to Everyone. “. They really should add “And remember to turn if off when you are done”.

  2. podfeet - September 28, 2015

    Geez, that’s not too bright of them! I wonder what they mean by “signed into an iCloud account”? Where would one do that? Mail? iTunes? Photos?

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top