Set Password Activation Time in Snow Leopard
In Snow Leopard, you can now set an amount of time after your Mac goes to sleep or engages the screen saver before it requires a password to log back on. In Leopard, the option was simply to require the password or not. Choose among several increments, between 5 seconds and 4 hours, from System Preferences > Security.
Submitted by
Doug McLean
Recent TidBITS Talk Discussions
- Alternatives to MobileMe for syncing calendars between iPad/Mac (1 message)
- Free anti-virus for the Mac (20 messages)
- iTunes 10 syncing iPod Touch 4.1 (2 messages)
- Thoughts about Ping (16 messages)
Published in TidBITS 1040.
Subscribe to our weekly email edition.
- Wrangle Your Fonts with "Take Control of Fonts in Snow Leopard"
- Recover from Changed Wi-Fi Network Passwords in iOS
- Secured iOS Backups Reduce Security, but Not by Much
- Legacy TidBITS Issue Formats Moved
- Five Essential Safari Extensions
- Apple's iOS Security Challenges and Advantages
- TidBITS Watchlist: Notable Software Updates for 16 August 2010
- ExtraBITS for 16 August 2010
iOS Security Fixes Released for Serious Vulnerabilities
Fixes for two serious holes in iOS are now available in the form of iOS 3.2.2 for iPad and iOS 4.0.2 for 2008 and later models of iPhone and iPod touch. Attach your iOS device (or devices) to the computer with which you sync using iTunes, and use iTunes to download and install the upgrade.
One flaw lies in TrueType handling within Apple's iOS PDF display software. A PDF with fonts crafted in a particular way could allow a malicious party to run any code on an iOS device simply by getting you to view the PDF file. That flaw is paired with a second in IOSurface, a framework for buffering or holding images in memory. The IOSurface flaw allows the code to be executed in a way that gives the attack full system privileges.
At that point, an attacker could enable remote access, copy or delete all your data, or install background monitoring or call-interception software.
The flaws were revealed as part of the first successful iPhone 4 jailbreak in iOS 4, which required only that you visited a particular Web page. The escalation of privileges enabled the jailbreak software to crack Apple's protection against installing software other than that which the company allows.
Apple apparently no longer provides security upgrades for the iPhone 3.1 software branch, which is unfortunate as some iPhone 3G users were forced to revert from iOS 4 to 3.1.3 due to significant performance problems that Apple has said it is investigating.
Even with iOS 4 being a free upgrade, Apple should provide security fixes for known, significant problems in the previous widely used OS release. Further, original iPhone and iPod touch users will likely also be subject to these flaws, and cannot upgrade to iOS 4.
Sync or back up your Mac to internal or external hard drives, other
Macs, PCs, or remote network volumes you can mount on your Mac.
Learn more at <http://www.econtechnologies.com/tb.html>!
Hundreds of thousands of 3G owners are still locked into their multi-year service contracts. By signing the contracts, customers expected their 3G phones to function acceptably for the duration of the plans. Simply buying a new shiny iPhone 4 is not an option.
To rebuild their tarnished iPhone (antennagate) reputation, Apple needs to support all 3G owners by releasing this bug fix for the still-widely-used 3.1.3 release.
Apple really should address these problems since Apple broke his iPhone, not him. 3G and 2G phones aren't that ancient. Serious security flaws must also be addressed, back to the earliest iPhone models, iPod Touch too.
Adam, please look into this issue with older iPhones/iPods and let us know what you find and how to fix the iPhones that Apple broke. Thanks!