Mac Malware Spreads via Topless Photos of Supermodel

from cio.com

If you should "come across" an image of sexy Russian supermodel Irina Shayk, beware. Bad Guys are using R-rated photos of Ms. Shayk to spread Mac malware.

Didn't your mom tell you not to download pictures of naked ladies? But you didn't listen, did you?

It turns out that a group of hackers is taking advantage of that common mistake and snaring Mac users in a malware trap baited with pictures of a topless Sports Illustrated swimsuit model.

The lady in question is Russian model Irina Shayk; the malware is OSX/Imuler-B, a Trojan horse, according to Graham Cluley, who blogs for Sophos , a security vendor. If you yield to temptation and click the tainted photo of Ms. Shayk, the malware launches an application that opens a backdoor to your computer and uploads private information to a remote Web server, he says. It can also take screenshots and send them to the server, another security firm found.

Although malware that targets Macs isn't as common as Windows malware, Mac users who think they are immune are simply wrong. The Mac OS is not immune to attack, and one of the main reasons it isn't targeted more often is that hackers prefer to attack the platform with the most users. And that's Windows.

The increasing popularity of Macs and mobile devices running Apple's iOS has led to an increase in iOS and Mac attacks. And like attacks directed at Windows, attacks against Macs often use social engineering to snare victims. By social engineering, I mean a ploy that tricks a user into thinking he or she is clicking on a file from a business or person they know, or a trick that plays upon greed (You've won $1 million!) or curiosity, or in this case, lust--or at least a desire to see unclothed females.

It appears that the malware was first discovered by researchers from Intego, a company that specializes in Mac security. "Two samples were found, both in zip archives: 'Pictures and the Article of Renzin Dorjee.zip' and 'FHM Feb Cover Girl Irina Shayk H-Res Pics.zip.' In both cases, an application was included among the various files, with an icon making it look like an image," Intego reported in its security blog. 

The hackers are taking advantage of a default setting in the Mac OS X Finder, whereby file extensions are not displayed. "Users double-click on the application to launch the malware, which quickly deletes itself, replacing the original application with a real JPEG image corresponding to the one that was an application, and displays this image in the user’s default image viewer. There is no visible trace of the application after this point," according to Intego's website.

In addition to the usual advice not to click on stuff from people you don't know, Intego had a very specific tip for Mac users: Go into the Finder's advanced settings and check the box that allows you to view filename extensions.

If you're curious, you can find out all about Irina Shayk with a simple Google search, but do be careful if you come across a site that promises nude photos of the model.

Consumer Reports Finds New iPad Gets Warm, Can't Charge Under Heavy Loads

from macrumors.com
Following up on reports from earlier today that the outer shell of the iPad 3 gets warmer than the iPad 2, Consumer Reports found that their iPad 3 reached temperatures up to 116 degrees after running Infinity Blade II for 45 minutes. 

The piece did note that the iPad felt "very warm but not especially uncomfortable if held for a brief period" during the testing process. In a statement earlier today, Apple said that the iPad was "operating well within our thermal specifications." 

We ran our test while the new iPad was propped on the iPad Smart Cover, plugged in, and after it had run Infinity Blade II uninterrupted for about 45 minutes. The device's 4G connection was not turned on, though its Wi-fi link was. The ambient room temperature was about 72 degrees. (Apple recommends not using the iPad in environments over 95 degrees.)

When unplugged, the back of the new iPad reached temperatures as high as 113 degrees Fahrenheit. It was only when plugged in that it hit 116 degrees. The hottest areas weren't evenly distributed throughout the iPad's back, but were concentrated near one corner of the display as shown in the images taken from the rear of the device above.

Potentially more interesting is Consumer Reports' note that their new iPad didn't charge at all when the game was running. In fact, the battery continued to drain slightly under the extremely heavy CPU and GPU load from Infinity Blade II. 

It's seems that under extremely heavy processor usage, the iPad is unable to draw sufficient power from its USB connection to both power the device and charge the battery simultaneously. 

Apple's big lie about job creation, and other bogus claims

from InfoWorld.com

Just look at these statistics!

Suspicious stats are a staple of tech marketing that deserve to be exposed for the flimflammery they are



Apple has created or supported more than 500,000 jobs. Phishing attacks cost the economy $234 billion a year. And giving social and mobile CRM tools to salespeople makes them 26.4 percent more productive. All these preposterous numbers are floating around the Web these days, peddled by PR people who count on easy hooks to sell their products, burnish their clients' images, or advance an agenda.

Apple's attempt at statistical flimflammery is the most offensive because it's a transparent attempt to change the public conversation about Apple from the question of atrocious labor practices in the Chinese factories that make iPhones and iPads to job creation. (Of course, yesterday's announcement of "the new iPad" will help in the diversion as well.)

Apple's bogus labor study
Here's what Apple posted on its website last week: "Throughout our history, Apple has created entirely new products -- and entirely new industries -- by focusing on innovation. As a result, we've created or supported more than 500,000 jobs for U.S. workers: from the engineer who helped invent the iPad to the delivery person who brings it to your door."

Breaking down those stats, Apple says it is responsible for 304,000 current jobs across a wide array of industries, including engineering, manufacturing, and transportation, as well as another 210,000 in the "app economy."

Apple actually employs 47,000 people in the United States, so where did the other 450,000 come from? Multipliers, a standard statistical tool that economists use to derive the effects of spending (or not spending) on the economy. But as you learned a long time ago, garbage in equals garbage out.

Take, for example, this statement: "This figure [the jobs number] also includes workers in Texas who manufacture processors for iOS products, Corning employees in Kentucky and New York who create the majority of the glass for iPhone, and FedEx and UPS employees."

Wow. Sure, delivery companies derive revenue when its drivers drop off your new iPad. But -- duh! -- they'd be working anyway delivering books from Amazon.com and towels from Bed, Bath and Beyond. Do Corning employees do nothing but make glass for the iPhone, and do those folks in the bunny suits in Texas only work to make CPUs for Apple? Obviously not. But those are the kind of assumptions built into that projection. Speaking of projections, Apple assumes that its new headquarters in Cupertino, Calif., will create 7,000 jobs.

Similarly, it assumes that "the 248,000 registered iOS developers in the U.S." develop only for Apple. I seriously doubt that. What's more, the success of iOS has obviously had a very negative effect on developers of other operating systems, such as BlackBerry, and those folks are out of work or now developing for Apple. How big is the actual gain? We can't tell, though I'm sure there is one.

I could go on at some length, but I'm sure you see my point. What's more, the timing of this release makes it all the clearer that Apple is desperately trying to clean up its badly tarnished corporate image.

Apple does create lots of jobs and makes real contributions to our economy. Inflating those numbers for the sake of favorable PR simply makes the company look petty, dishonest, and -- maybe worst of all -- contemptuous of the smarts of its customers. Likewise, security companies make products that are needed, but as their products have become more commoditized, they increasingly rely on scare tactics and bogus studies to sell their services.

If it sounds too good to be true ...
Generally, bogus numbers dazzle us with their sheer size. But there's another tactic to watch out for: amazingly exact numbers.

Witness Nucleus Research, which claims that mobile CRM makes salespeople more productive. It doesn't give just a ballpark estimate; it presents a precise number: 26.4 percent.

I read through the study and saw lots of anecdotal evidence that mobile and social CRM is helpful to salespeople. I believe it -- but how it derived that number is something we simply don't know, nor can we tell who paid for the study. One could guess.

Don't be fooled by the axis of fakery.