If you are running OS X you need to update your software. There aren't any reports of this exploit in the wild, but a rather severe security hole has been discovered that leaves you vulnerable to very bad things from a maliciously crafted link on the web (like: click on the evil link and have all your data erased bad!) It has already been patched by Apple, but you need to update your OS to the most recent version and apply all security patches (in 'software update' in your system preferences.) For Jaguar that is 10.2.8 and for Panther that means 10.3.4.

Let me know if you have any questions or problems.
- jim 6-10-2004 9:47 pm

My sister recently purchased and installed panther 10.3.3 (I'm house-sitting and using her computer now) Will I have to back up and re-install all her files and apps if I install 10.3.4?
Good thing when my friend asked the other day if he could borrow the original 10.3.3 disks to dupe and install on ALL of the computers at the arts center where he works I refused on the grounds that it would be illegal.
Groan.
- steve 6-11-2004 6:17 pm


No, you don't have to do a total backup and re-install. Just run software update (in system preferences.) You don't have to do all the updates (like you can uncheck an iCal update if you don't use that program.) But do the 10.3.4 update and any Security Updates. It will go over the top of your present system, and then you'll just have to reboot.

Of course things always *can* go wrong. But this update has been out for almost a week (I was waiting to make sure) and no widespread bad things have been reported. Still, backing up is always the safe thing to do. And not just when updating your OS. So maybe if you can burn her documents directory to CD or something that wouldn't be a bad idea.

I also like to unmount and disconnect any external hard drives before doing an upgrade.

There is probably a new Safari (worth it) and definitely a new iTunes. The new iTunes will fuck with you if you've bought iTunes music store tracks and then stripped the DRM with hymn, so if that's the case you should probably wait on 4.6 (iTunes) until hymn comes out with a fix.
- jim 6-11-2004 7:23 pm


That didn't take long. Looks like the fix is out for the iTunes 4.6 deDRM issue. I don't have any iTunes music store purchases so I can't verify this. It doesn't look like it does anything nasty to me though. Still, you probably want to wait for confirmation which I'll try to post to this thread before using. In case the linked page gets nuked, here's the command line kung fu:

find ~/Music -iname '*.m4[a,p]' -exec perl -pi -e 'BEGIN{$b=0}if(!$b){if(s/geID\x00\x00/DIeg\x00\x00/){$b=1}}' {} ";"
- jim 6-11-2004 8:18 pm





add a comment to this page:

Your post will be captioned "posted by anonymous,"
or you may enter a guest username below:


Line breaks work. HTML tags will be stripped.