Watching folders – 1 for users

A quick tour through Folder Actions (AppleScript), Hazel (System Preferences pane, commercial), and fswatch and their potential uses.

Under spam attack again: commenting requires login (temporary measure)

I am afraid that this blog has once again been under a spam attack all day, in which […]

Adobe has fixed a Flash Player vulnerability which is already being exploited

Adobe has released an updated version of its Flash Player, bringing it to version 28.0.0.161. This fixes a […]

Last Week on My Mac: Don’t trust update aggregators

Have you used an online update service in the past? After last week’s security breach at MacUpdate, now is the time to stop. For your own protection.

New Mac malware, OSX.CreativeUpdate, distributed by MacUpdate site

Did you download and install any Mac software from the MacUpdate site on the first or second of […]

Biometric security and AI: dangerous partners

We can quantitate the risks of cracking conventional passwords. AI-based systems using biometrics are known to be brittle, and to have exploitable blind spots. Can we trust them in security systems?

iCloud Drive has user modes, and tags transferred apps

How the two user modes differ, what iCloud Drive does to files transferred between two different clients, and an apparently unique tag it applies to apps which pass through.

Last Week on My Mac: Apple still loves us

More mitigation for Meltdown and Spectre, EFI updates, and steady progress in High Sierra are all very promising. So where does that put macOS 10.14?

macOS code signing and Gatekeeper ignore extended attributes

Gatekeeper doesn’t seem interested in extended attributes attached to the contents of signed apps – the signature remains valid. Could this be exploited?

When an app or its installer won’t run after download

An odd problem: you try running an old installer and it crashes. There’s nothing actually wrong with the installer, it’s just that the rules have changed.