#361 Novatel Mifi Update, MyScript Memo, Alinof Timer, 5-0 Radio, National Geographic Today, Flashback Trojan

Insightful update on color calibration from the blind. Verizon Wireless comes out with an update to fix the Novatel Mifi that kept it from being able to charge and function at the same time. MyScript Memo brings really good handwriting recognition to iOS. Alinof Timer from alinofsoftware.ch brings a timer to OSX that we have in iOS. 5-0 Radio from Soft 32 allows you to listen to police scanner radios so you can’t sleep. On a happier note, check out National Geographic Today, a free iPad app from National Geographic. In Chit Chat Across the Pond Bart explains exactly what happened with the Flashback Trojan and explains that it was Apple’s fault they didn’t patch Java like Microsoft and Linux. He gives us a script to figure out if you’re infected at bartb.ie/flashback.

Hi this is Allison Sheridan of the NosillaCast Mac Podcast, hosted at Podfeet.com, a technology geek podcast with an EVER so slight Macintosh bias. Today is Sunday April 8th, 2012 and this is show number 361. I want to give you a little bit of guidance on how the show is going to go today. First we’re going to do some review and updates on a few things we’ve talked about before, then we’re going to have some very short reviews and then in Chit Chat Across the Pond Bart is going to give us the full background on the Flashback Trojan. At the beginning of Chit Chat we’ll promise you that after the Security Heavy section we’ll have a fun topic, but we’ll be lying to you. We ended up getting into some real depth on the trojan, and it was really interesting so we just let it go long. Don’t worry though, that won’t be lost content. We went ahead and recorded the fun part for NEXT week’s show. So instead of every other week Bart, you’re going to get three straight weeks of Bart on Chit Chat Across the Pond so it’s all good. Oh, one more thing. In the discussion of the trojan, Bart refers to the percentage of Macs infected, and sadly in the day following the recording the numbers went up so at the very end I’ll let you know how bad it really is. The GOOD news is that Bart will tell you about a script he wrote to let you figure out if you’re infected. Ok, enough instructions on how to listen to the show, let’s get started.

Color Calibration

We got a lot of great feedback on the color calibration segment with Jeff Gamet of The Mac Observer. A few people gave me more explanations of why it’s important but two of the most interesting answers were from two of the blind listeners. First up SummerH said:

i also think the colour calibration is a good idea this reminds me of the kid game telephone 🙂 where one person starts by whispering something to their neighbour and by the time it gets around the circle the phrase is very different than the original.

So that makes sense but it still supports my belief that it doesn’t matter – if everyone is going to distort the story, then why not start with a really goofy story?

Bill Holton sent in a really good explanation that speaks to my scientific brain. He wrote:

Perhaps a blind man can shed a little light on your color confusion…
Realizing it isn’t this simple and that there are more variables, let’s take it down to each pixel of color having two aspects, hue and saturation.

So you’ve color corrected your monitor and edited a single pixel. Let’s put it on Cartesian coordinates, and let’s put it dead center at zero/zero.

Now, I download your picture, and since my monitor isn’t colored corrected the color appears as -1/+.5. It isn’t quite the same as what you saw…but if you started out at -1 -1 the color I would see would be even worse, -2 -.5. And since there are an almost infinite number of ways my old CRT would take those numbers further away and take the color further away from what you meant and only a proportional few that would actually improve the color, doesn’t that make the color correction valuable on the whole?

Now that actually makes sense to me – and it explains one of the things Jeff kept saying – he kept telling me that you need a baseline, in Bill’s example the baseline is starting at 0,0 so that whatever distortion is applied by the other person’s monitor or eyes will only take you away from the baseline, not add to a problem you’ve already created. I think I finally get it – thanks Bill!

Verizon Novatel 5410L Mifi update

Remember a while back I talked about the 4G Mifi from Verizon – the Novatel model that had a problem charging and acting as a wifi hotspot at the same time? I found out that if you shorted out two of the wires you could actually make it charge and work at the same time, so I made a tutorial on how to do it, and a video illustrating what it fixed?

Well there’s good news, Verizon put out a firmware update for the Novatel Mifi that actually fixes the problem! I put a link in the shownotes to the instructions on the Verizon Wireless website where you can get the firmware update, it’s not the most obvious procedure in the world but it works if you follow them carefully.

MyScript Memo

Last week I gave you reviews of two iPad note taking apps, Trunk Notes for pure text entry and Notability for handwriting and drawing diagrams, how about an app that lets you have the best of both worlds? Enter MyScript Memo from Vision Objects. MyScript Memo actually does handwriting recognition and lets you export the notes through a bunch of different services. I have pretty dreadful handwriting since I hardly ever use that skill any more, so I figured MyScript Memo would be a complete fail for me, but MyScript Memo has AMAZING accuracy.

You know how you’re not allowed to do demo software in the iTunes app store? well the folks that wrote MyScript Memo got around that idea by giving you a free app that lets you do your handwriting, push the export button, see how great it translated it…but won’t let you actually export the text unless you fork over $2.99. I think it’s a good loophole to the no demo rule, because you’d never believe they’d be able to do such a good job of handwriting recognition. However, I think their page on the iTunes store is very misleading, it says that you can export and share your notes on the page for the free version of the app.

With MyScript Memo you can export to email, Facebook, Twitter, Evernote, or copy and paste to any application you like. They claim it recognizes 30 different languages, but since I’m an ugly American I only know one language and can’t prove that for you. MyScript Memo allows you to create a personal dictionary which is cool, so I could add NosillaCast for example and then it would recognize it. MyScript Memo has a writing guard to allow you to rest your wrist, and while it also has a left handed mode, it doesn’t seem to really change position, certainly not moving to the top like Notability.

If you’re looking for a note taking tool that allows you to write by hand but then export your notes into searchable text, I think you’d be impressed by MyScript Memo’s accuracy, and for $2.99 it’s not bad especially since you can test it out for free first to see if it can read YOUR handwriting.

Alinof Timer

One thing I’m fascinated and irritated by is when Apple leaves out something in one product that it does well in another product. For example, I use the Clock App’s timer function in the iPhone all the time. The interface with the pretty spinning grey wheels is so easy and obvious to use, why can’t I have that on the Mac? Well, in the words of my dear friend Tim Verpoorten, I’ve found an app that does one thing and does it well.

It’s called Alinof Timer from alinofsoftware.ch and it’s free in the Mac App Store. Launch Alinof Timer and you get a very simple screen much like the iPhone timer, with a spinny wheel for the hours and minutes you want for the timer. You can select from about 10 different sounds for when your timer goes off, hit start and the timer starts the countdown. When the time is up, Alinof Timer pops up a full width message saying simply, Time’s up! and you simply click to make the message go away. Now when you get to my age, one problem is that when the timer goes off, you have no idea what you set it for. A future enhancement might be for a field where I could enter the purpose of the timer, so when it went off it could tell me to take the macaroni and cheese off the burner.

You can’t complain about free though so go check out Alinof Timer at alinofsoftware.ch or in the Mac App Store.

ScreenSteps

A while ago Bart told us about a free anti-virus called ClamXav, and not only recommended running it, he gave us some guidance on how to configure it to stay safe. Since I have the memory of a 286 computer, I figured I’d better document it for myself and of course I reached for ScreenSteps to do it. I took screenshots as he explained it to me and annotated the parts of the images where I had to take action, threw in some text explanation and I was done. I figured I’d better not be selfish though, I posted it to podfeet.com as one of the numerous tutorials I have posted there.

The guys over at Bluemango Learning put in a super cool feature where you can teach ScreenSteps where your blog is, and then simply push a button to publish the content either to a blog post, or as a permanent page (which is what the tutorials are). This week after the Trojan hit, Bart explained to me that just scanning your downloads folder as he’d recommended originally would not have saved you and that scanning your home folder for changes was the way to go. No worries, I popped open ScreenSteps, changed that one screenshot, and hit publish and ScreenSteps simply updated the page for me. No hassle, no editing html, just a push of a button and the new version was up.

Whether you need to create fancy pants documentation for your software product, or you just need to make tutorials for yourself and your friends, you really do want to invest in ScreenSteps to make that job trivially easy and actually rather fun. Check out ScreenSteps at BlueMangoLearning.com and be sure to tell them you heard about it on the NosillaCast.

5-0 Radio

In the old days when we’d see helicopters circling around our building, my friend Nancy and I would call her mom at home and have her search the news for us to tell us what was going on. Sadly she passed away a few years ago so we lost that investigative reporter. I had an idea recently though, what if there was a police scanner app for the iPhone? Maybe I could hear it from the horses mouth as it were. I went to the iTunes store and found 5-0 Radio from Soft 32. I got the lite version (as in free) to try it out, but the pro version is only $1.99.

Now all I had to do was wait for something weird to happen in the neighborhood. I got my wish Thursday night – helicopters going nuts near my house. I popped open 5-0 Radio and it shows me a catalog of options. I can browse scanner feeds, look at top 100 feeds, find local feeds, add your own feeds plus some customization options. I tried local feeds first figuring that would narrow it down faster, but it didn’t find me quickly enough so I got bored. I switched over to browsing for feeds and from there I was able to go to California, then to Los Angeles and then I was able to scroll through everything in LA. I sorta wish I could have narrowed it down a bit from LA since it’s giant, but I found my local police and fire unit.

I have to tell you now though, do not get this app unless you want to completely flip yourself out! I hear the cops talking about a BOMB! And it was about a mile from my house! They’re talking about where to stage the bomb squad, having paramedics standing by, something about a scoop and run…all at my local Target store!

And of course nothing got resolved while I was listening so I had a lot of trouble getting to sleep knowing what those helicopter sounds were meaning. I think I would have rather stayed with my head in a hole and not known.

Back to the app. I read in the instructions that you can get new themes for the app, and get the ability to turn off ads if you buy the $1.99 version. You can also have the ability to listen while you switch to other applications on the iOS device. However, when I switched apps, it DID keep playing. That was kind of cool. When I finally decided to go to bed, I switched away from the app, muted my phone and turned it off with a tap of the power switch. I did all that because Steve goes to sleep before me (according to him I lollygag all morning because I don’t get up until the late our of 5:30am!) and I didn’t want to wake him up. HOWEVER, as soon as I walked into the room where he was sleeping, 5-0 Radio blared out the latest update on the bomb threat! That seems like a bug, no? Muted, shut off phone with the app not in the foreground and it can override all that and make noise? the good news is that Steve is a sound sleeper all was well anyway.

So, if you want to be able to hear terrifying things going on in your neighborhood or others, not be able to sleep at night, and wake up your partner when it decides to talk to you on mute and off, check out 5-0 Radio in the iTunes store.

National Geographic Today

How about one more iPad app? My buddy Ron turned me onto a really beautiful free app that I think you might like. It’s called National Geographic Today, and it simply shows you beautiful National Geographic-quality photos and videos, a new set every day. It’s a great way to get a small dose of their wonderful content, and all for free. Look for it in the iTunes app store or follow the link in the shownotes if you’re feeling lazy!

Chit Chat Across the Pond

Security ‘Light’

• Adobe patches Flash yet again –http://www.intego.com/mac-security-blog/adobe-releases-flash-player-11-2-with-fixes-for-critical-security-issues/

• Unfortunately their download website was pushing scareware (IMO malware) at users –http://www.zdnet.com/blog/bott/adobes-latest-critical-security-update-pushes-scareware/4681

Word Documents now being used to infect Macs with out of date versions of MS Office – http://www.intego.com/mac-security-blog/tibet-c-malware-delivered-by-poisoned-word-documents-installs-backdoors-on-macs/

• Windows malware tool automates the process of creating these malicious Office Documents – http://www.intego.com/mac-security-blog/windows-hacker-tool-creates-word-documents-that-can-infect-macs/

Security Heavy – Flashback Evolves Again

• The Flashback malware has been continuously evolving since it first appeared as a simple Trojan pretending to be a Flash installer back in September 2011. With each evolution it has become a little scarier
• As well as pretending to be a Flash installer Flashback has also pretended to be OS X System update
• Recently is started to use Java vulnerabilities to run in the background without any user interaction on computers that were not patched.
• This week it took things to a whole new level, using a different Java vulnerability, ONE FOR WHICH THERE WAS NO PATCH – i.e. a Zero Day exploit!
• This latest variant of Flashback could install itself silently in the background without any user interaction if the user browsed to a page with a hidden Java Applet containing the malware.
• Dr Web, a Russian security firm reports that their analysis of the traffic to the command and control servers for this malware shows over half a million macs are infected – http://www.intego.com/mac-security-blog/hundreds-of-thousands-of-macs-infected-by-flashback-malware/
• Apple have since released a patch for Java to address this problem, so be sure your Mac is up to date by running Software update now!
• Even diligent users who always apply updates as they come out were vulnerable, so you need to check whether or not you are infected. F-Secure have provided instructions, but people are finding them quite confusing, so I wrote a little script to automate the F-Secure checks –http://www.bartb.ie/flashback
• I have been saying for years that Apple would get bitten by their continued failure to punctually patch Java – I was right. This vulnerability was patched on other OSes back in February, but Apple were yet again behind.
• This changes everything. Simply keeping patched is not good enough. The once theoretical threats have now become real. It’s time to re-evaluate your position on AV on the Mac. The following are two nice free AV products for the Mac:

• ClamXav –http://www.clamxav.com/

• Instructions on install and configuration recommendations on ClamXav: https://www.podfeet.com/wordpress/tutorials/how-to-install-clamxav-anti-virus-for-mac/

Free Home versions of Sophos for Mac – http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

It is probably also time to disable Java in your Browser.

• Chrome: https://www.podfeet.com/wordpress/tutorials/how-to-disable-java-in-chrome/
• Safari: Safari → Preferences → Security, uncheck the box next to “Enable Java”
• FireFox: https://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets

You almost never need Java these days, but if you do, a good solution is to have two browsers, one you use all the time with Java off, and another you only use on the rare occasions when you need Java, where you leave it on. Or, you could use a plugin like NoScript to selectively enable it.

So after Bart and I got off the recording, more information came out on the calculation of what percentage of Macs have been infected. What we do know is that around 5-600,000 Macs have been infected, but how many total Macs are actually out there is up for debate. Depending on how many there are, the percentage of infected Macs could be as high as 1-2%. Bart suggested another way to think about it is to compare to the horrible Conflicker virus that plagued Windows years ago – this infection is hitting about the same percentage of Macs as Conflicker infected Windows, so it is a really serious thing.

That’s going to wind this up for this week, many thanks to our sponsor for helping to pay the bills, Blue Mango Learning at bluemangolearning.com makers of ScreenSteps and Clarify. Don’t forget to send in your Dumb Questions, comments and suggestions by emailing me at [email protected], follow me on twitter at @podfeet. I contribute a fair amount over on Google Plus nowadays so just search for me by name if you want to circle me up. If you want to join in the fun of the live show, head on over to podfeet.com/live on Sunday nights at 5pm Pacific Time and join the friendly and enthusiastic NosillaCastaways. Thanks for listening, and stay subscribed.