Week in review: Hacking away at Apple

Apple has traditionally been regarded as partially immune to the exploits of hackers and virus writers thanks to its low market share, but those days may be over.

Apple Computer has traditionally been regarded as partially immune to the exploits of hackers and virus writers, thanks to its low market share--but those days may be over.

This week, Apple closed a security hole that had allowed an underground program to tap into its iTunes Music Store and purchase songs stripped of antipiracy protections. The PyMusique software, created by a trio of independent programmers, emerged last week. One of its creators was Jon Johansen, the Norwegian programmer responsible for releasing DVD-copying software in 1999.

After Apple closed the hole on Monday, the group posted new code that it said will reopen the backdoor for Linux users.

The programmers' work has been one of the most persistent projects targeting Apple, whose iPod and iTunes store have drawn consistent attacks and experiments by people eager to extend the capability of the products or simply disarm copy protection.

Meanwhile, Apple's Mac OS X operating system may become a target for hackers and authors of malicious software, a security software company warns. In a new report, Symantec said that in the past year, security researchers had discovered at least 37 serious vulnerabilities in Mac OS X. The company also said that as Apple increases its market share with new low-cost products such as the Mac Mini, its user base is likely to come under increasing attack.

The Symantec report also said there's been evidence of growth in vulnerability research on the OS X platform.

That report came as Apple released nearly a dozen fixes for flaws in the Mac OS, including a script for preventing phishers from fooling users of its Safari browser. The loophole could allow an attacker to use certain characters from different languages to create legitimate-looking Web addresses that actually send victims to malicious Web sites.

The newly released patches take care of flaws in the Apple Filing Protocol server and the Samba filing-sharing server, as well as multiple issues with the Cyrus authentication software, the Cyrus mail software, Mailman and SquirrelMail.

The big game
Sony's new PlayStation Portable arrived in North America this week with a bang.

Hundreds of dedicated consumers camped Wednesday outside the Metreon in San Francisco--one of a handful of locations to stay open past midnight to begin selling PSPs the minute that Thursday's North American retail date arrived. And these PSP enthusiasts were convinced it was worth whatever discomfort they had to endure to snag one of the gadgets.

The PSP could be one of the first limited-scale victories for "convergence," the oft-touted notion of combining numerous media functions into a single device. While convergence in the home is still an idea looking for a market, the concept has a better chance with portable gadgets, where a multifunction approach can save valuable pocket space.

The PSP takes a new path in the quest for an all-in-one gadget. It's being sold primarily as a portable game machine, a market where it can capitalize on the huge PlayStation brand, yet it can also play movies and music, display digital photos and potentially perform a host of Internet tasks through its built-in wireless networking. The result, analysts and industry observers say, isn't the "iPod killer" many have imagined, but a device that could give Sony a head start in the next phase of the digital-media era.

It's most certainly a game player, too. GameSpot, one of CNET News.com's sister sites, has a complete guide to games for the PSP, from "Tiger Woods PGA Tour" to "Metal Gear Acid."

Tech at the wheel
Whether you are interested in hybrid vehicles, hooking up an iPod to your car stereo, or just want to avoid hitting that car in front of you, the New York International Auto Show was the place to be this week.

New York Auto Show gallery

Among the topics on tap there: hybrids and alternative-fuel vehicles.

Toyota's Lexus division unveiled a gas-electric hybrid luxury sedan, the GS 450h, at the show. The model is being touted as a car that pairs relatively miserly fuel consumption with luxury and performance.

Ford showed off a diesel-electric hybrid concept called the Mercury Meta One. The car sports a technology called "collision mitigation by braking," which uses a camera, radar and onboard computer to sense other vehicles and determine, based on their location, speed and direction, whether a collision is imminent. Additionally, Ford's Escape SUV is available with a hybrid drive train.

GM's Sequel concept car is meant to show off GM's vision for fuel cell vehicles of the future. The Sequel can travel up to 300 miles on a tank full of hydrogen and accelerates to 60mph in less than 10 seconds.

On the entertainment side, Jaguar and Mercedes-Benz are plugging Sirius satellite radio into their dashboards. Four 2005 Jaguar models will have Sirius radio as a dealer-installed option. In addition, the receiver will be offered as a port-installed accessory in the 2006 editions of all four models.

Mercedes-Benz, which has a partnership with Sirius, said the satellite radio will be a factory-installed option in its 2006 M-Class sport utility vehicle. The receiver will come with a six-month subscription to the service and is expected to have a suggested retail price of $500.

Meanwhile, Hyundai Motor plans to offer XM Satellite Radio as standard equipment on all U.S. models by 2007. The automaker will include the service on three models for 2006: the Sonata, the Alantra and the Santa Fe. In the 2007 model year, the service will be standard in all Hyundai cars.

Tech trends
On the other side of the country, Silicon Valley executives, venture capitalists and government nabobs gathered at PC Forum in the Arizona desert to sort out the latest trends in tech. (PC Forum is owned by CNET Networks, publisher of News.com.)

Among the news from the show:
• Send Word Now promoted software that lets an individual phone several--or several thousand--people at once. A person types a message on a PC, and the company's communication application then transforms it into a phone call to multiple people. The service is designed mostly for those moments when other forms of communication may not work.

• A decade from now, small, energy-efficient planes will crisscross the skies, taking people directly to their destinations faster than today's jets can, according to a new breed of aviation start-ups. But there are a lot of regulatory hurdles, technical issues and financial problems to be ironed out first.

Still, Pogo Jet, founded by People Express founder Donald Burr, hopes to start flying four-seater jets soon. Passengers will pay about $1 to $6 per mile and have to buy all the seats, so a 200-mile jaunt will run from $800 to $4,800. Pogo is aiming to have a few jets in service by next fall.

• Perhaps you have set your sites a little higher, like famed physicist Freeman Dyson.

Dyson, professor emeritus at the Princeton University Institute for Advanced Study, said humans must continue to explore space, if simply for entertainment. Dyson sketched out a possible future in which humans colonize asteroids and genetically engineer potatoes that can grow on Mars.

The motives for going into space will include the need for more room on Earth and for an unpolluted environment, he said. There will be more mundane motives, as well. Getting there, however, will require some technological breakthroughs in propulsion. "What you need is a launch system that stays on the ground," he said.

Also of note
The Net's top standards body is getting closer to speeding up XML-based software, a move that could benefit everyone from cell phone carriers to television broadcasters to the military...Yahoo plans to once again boost its free e-mail storage limit--this time to 1GB, the same amount offered by archrival Google...A popular new extension for Firefox lets people customize Web pages they visit without the knowledge or cooperation of Web publishers...Yahoo's free instant-messaging service is being targeted by phishers attempting to steal usernames, passwords and other personal information.

Close
Drag
Autoplay: ON Autoplay: OFF