exFAT vs exFAT!

No exFATThe interoperable file system that is nearly impossible to interoperate.  Introduced in 2006 by Microsoft, it eventually gained compatibility from XP to Windows 10.  Apple introduced support in 10.6.5.  Even Linux got to play thanks to Fuse.  It turns out that any reasonable sized drive prepared in windows will not be compatible with Mac and unable to mount. This is because Apple’s implementation of exFAT requires less then 1048576 bytes per cluster, where as Windows varies it’s cluster size depending on the capacity of the volume.  Best advise for mac people is to format it on windows, but set the block size to 1024. Can we get a new file system now please?

My dad and his Performa 6500!

My dad and his Apple Performa 6500 This priceless gem I found only recently.  My father with his Apple Performa 6500.  Not sure exactly when this was taken, but I love the Sherlock shirt he’s got on.  This was half a dozen towers towers ago for him.  Dad’s always loved technology.  He got me started in all this.  Thanks dad.

 

Apple’s goto fail bug and what it means to you?

Apple goto fail SSL bugThe security community went into a frenzy this weekend over Apple’s latest iOS security update. On Friday, Apple quietly released iOS 7.0.6 and 6.1.6 to patch a bug in its SSL implementation. This particular bug nicknamed “goto fail” for the actual contents of its source code behind the error.  Basically, one too many goto fail causes the fail not to be conditional, but absolute.  This failure allows Apple’s SSL framework (the technology that secures web transmissions) to be easily bypassed.  In other words, Safari, Mail, Calendar, Software Update, as well as any 3rd party applications who take advantage of Apple’s SSL libraries could potentially have their communications intercepted by an unscrupulous individual.  Apple claims that it is a type-o, but many wonder if this might be a deliberate backdoor (one that has lasted over a year).

The real tragedy of this issue is that it effects Mavericks (Mac OS 10.9.x) as well as iOS, but there is yet no official fix for Apple Computers.  Update Published by Apple!  Apple desktops, laptops, and iMacs are now were left in a very dangerous position: unprotected to a known threat.  I am sure that the bad guys are already configuring their sslstip, sslsniff, or similar tools.  Accounts will be compromised, communications will be intercepted or manipulated, or in the case of software updates, malware could even be introduced.

What can we do?  First off, run the 7.0.6 update on any iOS devices not yet up to date.  Do this from a trusted wifi, not a public one.  With your mac, avoid public wifi until this is resolved.  Avoid Apple Mail except when absolutely necessary and only from trusted networks.  Only use Google Chrome for secure web browsing (it uses its own SSL framework).  Optional:  Install @i0n1c’s binary patch.  @i0n1c’s patch fixes the bug, but may break other things.  Run Apple 10.9.2 update!

links:
Test your system:  https://gotofail.com/
Great Writeup:  https://www.imperialviolet.org/2014/02/22/applebug.html
Quick & Dirty Patch:  http://www.sektioneins.de/en/blog/14-02-22-Apple-SSL-BUG.html
Official Apple Fix  http://support.apple.com/kb/HT6150