TUAW on SlingPlayer Mobile for iPhone:

So, here we are, more than three weeks after SlingPlayer Mobile was submitted to the app store, and there’s still nothing. Nada. Bupkis. Zlich. In the meantime, Sling Media has alienated many Slingbox owners by intimating that a lot of their older gear won’t work with the iPhone app when (or if) it is released.

Disappointed with the slow rate of progress and the constant stream of rumors, I checked with Sling Media today to get the official word on what was up. Cathy Cook, a spokesperson for the company, says the app was submitted, and that Sling Media and Apple are in regular touch with each other. She says anything else people hear is rumor and conjecture. She added that Sling Media thinks the app is ‘solid and a great experience’ and they’d like nothing better than to have it in the App Store.

I dashed off another quick email to Ms. Cook asking if Apple had communicated any concerns about the app in the three weeks that it has been in limbo, but I haven’t receive a response to that question so far. She did mention in the first email that “We’ve been told that a two-to-three week wait is common. Some apps may take less time, but it’s important to remember that SlingPlayer is far more complex than a typical iPhone app. It makes sense it would take a little extra time to go through this process.”

So far, the release of this app has been a nightmare. If it does surface on the App Store, I’m sure it will do well, but Sling Media’s name has been damaged by this thing – and a single app may not be worth all the headache.

MacJournals has posted the text shown on the new “Legal Copy” ad from Apple:

Please note: trying to remove registry items on your own is not recommended. It is often difficult to determine which items correspond to which applications, and by attempting to remove items yourself, you might accidentally remove a valid registry item, causing software crashes and errors. If a system registry becomes corrupt because you made a mistake when cleaning out the registry, follow these steps: back up data, back up registry, purchase, download, and install Registry Repair program, quit all programs, scan registry, determine safe registry items to repair/delete/remove, then select ok and repeat if necessary. Also, easy to use PCs can experience difficulty if malware, viruses, or spyware infect your PC’s system. There are 1.5 million signature-based malware detections with 20,000 new ones discovered everyday (based on 2008 reporting). Although some viruses are unavoidable, there are some preventative measures that you can take. When you first get your PC, configure your security settings (including things like Internet firewall, automatic updating, anti-virus, anti-spyware and other malware protection, other Internet security settings, and user account control). Eventually you may have to download and install security patches for your operating system and then as security updates become available download and install again. If your PC does get infected with malware talk to your IT professional first about the risks and benefits of treating the problem on your own. Do not try to remove a virus unless your IT professional has taught you and you understand everything. Ask them if you have any questions. Please see accompanying important information about virus protection on your hardware and software manufacturer’s website. Anyone can sit down and edit photos on their PC as long as their computer is running properly. Please note that proper maintenance, specifically disk defragmentation can take anywhere from minutes to hours to run depending on the size of your hard drive and how fragmented it is. Therefore, editing photos might be postponed if you chose to run maintenance on your computer prior to this act. Please note: your camera driver must be installed on your PC in order to review and edit your photos. Your camera will not work with your PC if the software/drivers are not downloaded first. Editing photos on a PC may be difficult for children under a certain age, or for people who are unfamiliar with how a PC works and how to download camera software and drivers. Also, no PC connected to the Internet is one hundred percent immune to viruses, spyware, adware, and other forms of malware. Once a year, PC users should back up a year’s worth of photos and files to a CD or DVD. Power PC users should start fresh and back up all their files and applications on an external hard drive, then use your original system installer disks to erase, rebuild, and reinstall your operating system from scratch. Therefore, if your PC is not one hundred percent trouble free at least you won’t lose all of your files. PC does not claim ownership of problems that occur from materials or software that you downloaded off the Internet. If your warranty has expired, and your PC is not one hundred percent trouble free, you are not eligible for a refund or replacement under the terms of the warranty. In addition, we cannot help you with software or hardware obtained without a warranty, such as software provided “as is “ or for free. Again, if problems continue, please contact your IT professional.

Background on OSX.Trojan.iServices.A & .B:

Back in January, it was discovered that a trojan horse was running around on the Internet affecting OS X.

There have been a handful of these things in the last few years, but this was the biggest one to date.

The trojan horse was bundled inside an iWork 09 (which has just been released) installer available on several bit torrent sites.

The iWork trojan horse piggy-backed on the legitimate iWork Installer (this getting an administrator password to install itself) and installed a package named iWorkServices.pkg in the /System/Library/StartupItems folder with read-write-execute root privileges – meaning that these packages were started as boot with admin privileges, meaning any future actions could be completed without user intervention. Anything in the System/Library/StartupItems folder is a big deal because is affects all users on the system. Thus, even trashing a user and creating a new one, doesn’t kill the iWorkService package.

It is unclear how many Mac users were affected by this trojan horse. On January 22, Intego estimated that the number was at least 20,000.

A similar trojan horse popped up in a Photoshop CS4 torrent a few days after the iWork installer was discovered. Named OSX.Trojan.iServices.B, this trojan horse affected the application that would crack Photoshop so the user didn’t need a legitimate serial number. The crack application asks for an admin password, then copies an executable to /usr/bin/DivX, then creates a startup item in /System/Library/StartupItems/DivX.

Both trojan horses listened to traffic from the Internet, and would send small bits of data to 2 IP addresses, assumedly “calling home,” but nothing ever really happened – the infected Macs have sat dormant.

What Changed This Week:

This week, Macworld reported that the trojan horses may be doing something:

Two researchers, Mario Ballano Barcena and Alfredo Pesoli, have now discovered two separate variants of the malware, each using distinct techniques to compromise users’ machines. They also conclude that the author of the malware was not the same person using it to launch the denial-of-service (DoS) attacks on Web sites including, according to the Washington Post’s Brian Krebs, a site called “dollarcardmarketing.com.” The infected package has apparently been download several thousand times, though it also needs to be installed in order to do its dirty work.

And from that Washington Post article:

I interviewed Pete Yandell, a software developer from Australia and curator of notahat.com, whose Mac was infected with this malware. Yandell informed me that as a result of his installing this modified iWork software, his Mac was ensnared in a botnet that was attacking a Web site called dollarcardmarketing.com.

In that story, I also interviewed the owner of dollarcardmarketing, who said his site was hit with a distributed denial of service (DDoS) attack that generated more than 600Gb worth of Web traffic more than the usual monthly amount, suggesting that whatever botnet hit his site was fairly sizable.

The research Macworld was referring to appears (at least by reading the Post story) to be recycled info, but that’s beside the point.

So, to review, it appears that the trojan horse was (or is) generating lots of traffic to dollarcardmarketing.com, shutting down the site. While the timeline is a bit fuzzy, the attack shows that the trojan horse proved to be at least somewhat effective.

What This Means:

So who gives? Everyone knows that torrenting software is not only stealing, but is risky. But this attack shows that the malware-building types are looking toward the Mac as a viable platform to attack.

In the past, two things have kept the Mac safe from these types of incidents.

First, OS X requires the user to enter their admin password to install software. The iWork trojan horse gets around this by simply adding another package to the payload for OS X’s Installer to process. This is probably how future trojan horses will work as well, since it is so simple and elegant. Very, very few people log at Installer’s log files during or after an installation, letting the additional files to be installed right before their eyes without them knowing.

Secondly, Apple’s market share is so low, it’s not economically viable to attack the Mac. While Apple’s market share has leveled off in the recent quarters, it is bigger  than ever before, but with more Macs in businesses, they are more worthwhile to break into. And if this attack proves anything, it shows that malware developers are seeing the Mac as a possible target for really the first time.

Security Measures:

As far as the big picture, Apple has done a good job at keeping OS X safe. I think security is in the hands of the users. While I don’t think we’re at a point where antivirus* is a necessity, common sense is.

Don’t download software from the seedy underbelly of the Internet. It’s stealing and it’s risky.

Have a good, strong password, and if your Mac asks for it, be sure you know why – especially if you’re installing something you already know to be questionable.

———-

*If you want a free, OS X antivirus program, check out ClamXav.

It seems Apple has grown tired of the “You Find It, You Keep It” ads from Microsoft. Macworld:

“Millions of people have switched to Mac because they love the security, stability and power that comes with world-class hardware and amazing software that just works, right out of the box,” Apple spokesman Bill Evans, told Macworld. “A PC is no bargain when it doesn’t do what you want. The one thing that both Apple and Microsoft can agree on is that everyone thinks the Mac is cool; with its great designs and advanced software, nothing matches it at any price.”

Feisty, but true.

Computerworld’s Windows guru, Preston Gralla, on spending two weeks on the Mac:

For PC users, Mac OS X takes some getting used to, but once I did, I found it a more elegant, polished piece of work than Windows (either XP or Vista). With so many nice little touches, it seemed as if I was finding a new one every day.

It’s a long, but good, piece. And a must-read for any new users. Most people who return their Macs and go back to Windows do so in the first two weeks.