The Mac – or “Macintosh” if we’re going back to 1984 – is the first computer to effectively market a graphical computer to the masses, all delivered by Apple (or, at the time, Apple Computer).

The Mac has gone through several stages of evolution and iteration since 1984, including the MacBook Air, MacBook Pro, Mac mini, iMac, iMac Pro, Mac Pro, Performa, Power Mac (including the G4 Cube!), iBook, and more. It remains one of the most popular computers you’ll see in business, schools, and homes today.

Password Manager Bitwarden Adds Touch ID to Browser Extension

· Andrew Orr · Link

Mac Touch ID

Password manager Bitwarden announced the addition of a couple of new features. One feature adds support for Touch ID and Windows Hello to its browser extensions.

Browser extensions will now be able to access this authentication inside the Desktop application. This allows a more streamlined integration with hardware that does not require a unique browser-level integration. Biometric authentication requires macOS users to download the Mac App Store version.

Buffer Overflow Bug Found in SUDO Dubbed ‘Baron Samedit’

· Andrew Orr · Link

macOS terminal icon

Tracked as CVE-2021-3156, a heap overflow bug found in sudo and dubbed “Baron Samedit” has been found recently. It allows an unprivileged user to gain root privileges on a vulnerable machine using a default sudo configuration.

The vulnerability itself has been hiding in plain sight for nearly 10 years. It was introduced in July 2011 (commit 8255ed69) and affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1 in their default configuration.

2020-02-03: Looks like macOS is affected after all.

MindNode Update Adds Editable Outlines

· Andrew Orr · Cool Stuff Found

MindNode updated its mind mapping app recently with a feature many users have wanted. Along with editing maps, outlines can also be edited. Nodes can be added, removed, indented/outdented, and reorganized directly. Other features include: Improved color pickers in the Inspector; Improved support for files from other apps that use Markdown; Fixed an issue where the Inspector would close when the icon of the open section was clicked. The update is currently available for the Mac app, but updates to MindNode for iOS/iPadOS are sure to follow.

MindNode Update Adds Editable Outlines

Rumor: Apple Plans iMac Redesign for 2021

· Andrew Orr ·

Pro Display XDR black background

A report on Friday suggests that Apple may be planning to redesign its iMac desktop computer. This would be the first major change since 2012.

Apple Apps No Longer Bypass macOS Big Sur Firewalls

· Andrew Orr · Link

In macOS Big Sur, Apple deprecated third-party kernel extensions including Network Kernel Extensions (NKEs). NKEs are used by apps like firewalls to monitor network traffic. Apple’s new user-mode Network Extension Framework had a side-effect: Apple’s own apps wouldn’t be routed through it and thus could bypass third-party firewalls. But now that has changed.

I of course also wondered if malware could abuse these “excluded” items to generate network traffic that could surreptitiously bypass any socket filter firewall.  Unfortunately the answer was yes! It was (unsurprisingly) trivial to find a way to abuse these items, and generate undetected network traffic.

Mozilla VPN Arrives on macOS and Linux

· Andrew Orr · Link

Image of mozilla VPN showing features you can get with the service

After rolling out on platforms like Windows, Android, and iOS, the Mozilla VPN arrives on macOS and Linux for US$5/month.

The Mozilla VPN isn’t the cheapest option on the market. However, Mozilla has said that, because it uses fewer lines of code than other VPNs, the service is faster than many rival ones. You can connect to more than 280 servers in more than 30 countries via the VPN without any bandwidth restrictions.

I think US$5/mo is definitely one of the cheapest VPNs on the market.

‘ElectroRAT’ is the First Mac Malware Spotted in 2021

· Andrew Orr · Link

Mac malware ElectroRAT code

We’re barely a week into 2021 and a piece of Mac malware has already been spotted. Dubbed “ElectroRAT” its primary goal is to steal personal information from cryptocurrency users.

These [malicous] applications were promoted in cryptocurrency and blockchain-related forums such as bitcointalk and SteemCoinPan. The promotional posts, published by fake users, tempted readers to browse the applications’ web pages, where they could download the application without knowing they were actually installing malware.

Tips and Tricks for the macOS Screenshot Utility

· Andrew Orr · Cool Stuff Found

macOS screenshot app icon

Alison Sheridan discovered some tips and tricks for the macOS Screenshot Utility which Apple introduced with macOS Catalina. There are options to change the save location, setting a timer, showing/hiding the floating thumbnail and show pointer, remembering the last selection, and taking screenshots with the keyboard.