<div id="popup_box_thanks" style="display:none" onClick="close_popup_thanks('popup_box_thanks', 'ts')"><br>Thanks for submitting your tip! All submissions are moderated by an editor before appearing online. We've reset the form so you can enter another tip. Or you can close the tip submission box. <div class="x_close" id="thanks_upper_right"><a href="javascript:void(0)" onmousedown="close_popup_thanks('popup_box_thanks', 'ts'); return true;">Close</a></div></div>
<div class="tbf_row"><div class="tbf_wide_extra_top not_bold">Please submit only technical tips that will help other TidBITS readers better use their Macs, iPhones, and related software and hardware. All product announcements should be sent to <a href="mailto:releases@tidbits.com">releases@tidbits.com</a>.</div></div>
<div class="tbf_left">URL</div><div class="tbf_right"><input type="text" value="" name="tip_link_url" tabindex="3"><span class="tip_description"><br>Enter the URL to a Web page that supports your tip.</span></div>
</div>
<div class="spacer"></div>
<div class="tbf_row">
<div class="tbf_left">Linked text</div><div class="tbf_right"><input type="text" value="" name="tip_link_label" tabindex="4"><span class="tip_description"><br>Enter the name of the page linked above.</span></div>
<div class="tbf_wide"><input type="submit" value="Preview Your Tip" name="preview_tip" onClick="fill_preview('tipbits_enclosure_preview', 'ts', this.form); return false;" tabindex="7"> <input type="submit" value="Send Us Your Tip!" name="submit_this_tip" onClick="handle_tip_submission('ts', '', this.form, 'tip'); return false;" tabindex="8"></div>
</div>
<div class="spacer"></div>
<div class="tbf_row">
<div class="tbf_wide"><span class="fine_print">When you submit a tip, you give us permission to use it. Read <a href="javascript:void(0)" onClick="generic_show_hide('tip_terms')">our terms</a> for more details. All submissions are reviewed before publication.</span></div>
<div class="tbf_wide"><span class="fine_print">Our terms: By submitting a tip, you agree to assign TidBITS Publishing Inc., a non-exclusive, worldwide, perpetual license to reproduce, publish, and distribute your tip in connection with the TidBITS Web site and associated products in any media. You agree that you created the content you submitted, and that you have the right to assign us this license. You give us permission to use your name, but your email address won't be publicly displayed or shared. We review all submissions before publication, and reserve the right to select which submissions we feel are appropriate for our readers and to edit those we publish.</span></div>
<div id="comment_thanks" style="display:none" onClick="close_popup_thanks('comment_thanks', 'comm')"><br>Thanks for submitting a comment! Please check your email for a link that, when clicked, will verify that you're a real person and cause your comment to appear immediately. <div class="x_close" id="comment_upper_right"><a href="javascript:void(0)" onmousedown="close_popup_thanks('comment_thanks', 'comm'); return true;">Close</a></div></div>
<div class="tbf_wide"><span class="fine_print">Our terms: We reserve the right to edit or delete any comment, so please post thoughtfully. We use your email address <i>only</i> to send you a one-time verification message confirming that you posted this comment. We also store your address to allow you to verify using other Web browsers in the future. For more info, see our <a href="http://db.tidbits.com/privacy.html">privacy policy</a>.</span></div>
<li><a href="/feeds/tidbits.rss" title="Subscribe via RSS" class="gettb">RSS <img src="/images/feed-icon-12x12.gif" width="12" height="12" border="0" class="nav_img" alt="Subscribe via RSS"></a></li>
<li><a href="http://itunes.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=276986548" title="Subscribe to the podcast" class="gettb">Podcast <img src="/images/feed-icon-12x12_podcast.gif" width="12" height="12" border="0" class="nav_img" alt="Subscribe to the postcast"></a></li>
<li><a href="http://www.twitter.com/TidBITS" title="Get Article Updates via Twitter" class="gettb">Twitter <img src="/images/feed_icon_12x12_twitter.png" width="12" height="12" border="0" class="nav_img" alt="Get Article Updates via Twitter"></a></li>
<li><a href="http://www.facebook.com/pages/TidBITS/195314925519" title="Go to the TidBITS Page at Facebook" class="gettb">Facebook <img src="/images/feed_icon_12x12_facebook.gif" width="12" height="12" border="0" class="nav_img" alt="Go to the TidBITS Page at Facebook"></a></li>
<li><a href="javascript:void(0)" title="Sections" class="tabhead" onClick="return showhide('articleslist')">Sections <span id="articleslist_triangle"><img src="/images/nav_triangle_open.gif" width="9" height="9" border="0" class="navtriangle" id="articleslist_tri_image" alt="Click to show or hide the contents of this section."></span></a></li>
<li><a href="javascript:void(0)" onClick="return showhide('stafflist')" title="Staff" class="tabhead">Staff <span id="stafflist_triangle"><img src="/images/nav_triangle_closed.gif" width="9" height="9" border="0" class="navtriangle" id="stafflist_tri_image" alt="Click to show or hide the contents of this section."></span></a></li>
<li><a href="javascript:void(0)" title="Issues" class="tabhead" onClick="return showhide('issuelist')">Weekly Issues <span id="issuelist_triangle"><img src="/images/nav_triangle_closed.gif" width="9" height="9" border="0" class="navtriangle" id="issuelist_tri_image" alt="Click to show or hide the contents of this section."></span></a></li>
<li><a href="javascript:void(0)" onClick="return showhide('abouttidbits')" title="About TidBITS" class="tabhead">About TidBITS <span id="abouttidbits_triangle"><img src="/images/nav_triangle_closed.gif" width="9" height="9" border="0" class="navtriangle" id="abouttidbits_tri_image" alt="Click to show or hide the contents of this section."></span></a></li>
<div class="center_top">Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling <a href="http://www.takecontrolbooks.com/?pt=TB-TAGLINE" style="color:yellow">Take Control</a> ebooks.</div>
<!-- begin centercolumn -->
<div id="centercolumn">
<!-- begin rightcolumn_container -->
<div id="rightcolumn_container">
<!-- begin rightcolumn -->
<!-- rightcolumn is embedded within centercolumn so featured text wraps around it -->
</div><!-- end tearoffbox_wide_container for watchlist items -->
<!-- begin tearoff box wide -->
<div class="tearoffbox_wide_container">
<div class="tearoffbox_wide_tips">
<div class="tip_display">
<div class="tips_sponsor_logo">
</div>
<h6>Highlight Groups in Address Book</h6>
<p><p>Want to see which groups one or more contacts belong to? Select them and then press the Option key. Address Book highlights the groups of which the selected contacts are members.</p></p>
</div>
<div class="tearoffbox_wide_bottom_tips">
<div style="padding-bottom:35px"><div class="tip_display" style="float:left"><p><br><a href="/tipbits/157">Link to this tip</a></p></div><div class="tip_display" style="float:right; width:150px">
<p class="credit">Written by<br><a href="/author/Adam%20C.%20Engst">Adam C. Engst</a></p></div></div>
<div class="tbf_wide_80" id="hc_rc_5038">To help us avoid automated posts and misuse of our site, please enter the words below.</div><div class="x_close_row" id="hc_upper_right2_5038"><a href="javascript:void(0)" onmousedown="HidePopupContent('hc_5038', 'hc', '5038'); return true;">Close</a></div>
<div class="featured_meta"><div class="meta_article">07 May 2001 | <a href="/article/6421?print_version=1">Print <span class="shift_up"><img src="/images/printer_icon.gif" alt="Printer-Friendly Version of This Article" border="0" width="9" height="10"></span></a></div></div>
<div id="article_box_5038"><P><STRONG>Mac OS X 10.0.2 and iTunes 1.1.1. Add CD Burning</STRONG> -- Apple last week released its second free update for Mac OS X via the Software Update control panel, improving overall application stability and adding the capability to burn custom music CDs. For a more complete list of changes, see Apple's Tech Info Library article on the update. (As always, it's a good idea to back up your data before upgrading your system software.)</P><P><<A HREF="http://www.apple.com/macosx/">http://www.apple.com/macosx/</A>><BR><<A HREF="http://til.info.apple.com/techinfo.nsf/artnum/n106293/">http://til.info.apple.com/techinfo.nsf/artnum/ n106293/</A>></P><P>At the same time, the company released a free update to iTunes for Mac OS X that enables the audio CD burning feature. The new iTunes 1.1.1 also enables the full-screen graphics display feature that previously worked only in Mac OS 9. Burning audio CDs in iTunes 1.1.1 isn't without its quirks - iTunes should be set to only 2x burn speeds when using USB CD-RW drives, and burning audio CDs can fail if your Mac or even just the display goes to sleep while iTunes is burning, so set the sleep time to Never in the Energy Saver control panel and make sure "Separate timing for display sleep" is not selected.</P><P><<A HREF="http://til.info.apple.com/techinfo.nsf/artnum/n60841">http://til.info.apple.com/techinfo.nsf/artnum/ n60841</A>><BR><<A HREF="http://til.info.apple.com/techinfo.nsf/artnum/n60842">http://til.info.apple.com/techinfo.nsf/artnum/ n60842</A>></P><P>One odd side effect of installing the Mac OS X 10.0.2 update is that on at least some systems (including my PowerBook G3/250), it enables the internal speaker even when external speakers are plugged in. The software volume controls affect only the internal speaker; the external speakers can be controlled only if they have an independent volume control. Although some might appreciate the stereo-plus-one sound, in many public situations, it's inappropriate to send sound out the internal speaker when headphones are plugged in. [ACE]</P><P><<A HREF="http://db.tidbits.com/getbits.acgi?tlkthrd=1381">http://db.tidbits.com/getbits.acgi?tlkthrd=1381</A>></P><P><STRONG>Mac OS X 10.0.2 Fixes FTP Vulnerability</STRONG> -- Apple says Mac OS X 10.0.2 also features a newer version of the ftpd FTP server. Does this fix the FTP vulnerability identified by CERT several weeks back (see "TenBITS/23-Apr-01" in <A HREF="http://www.tidbits.com/tb-issues/TidBITS-577.html">TidBITS-577</A> for more information)? Our repeated requests for additional information from Apple have gone unanswered; all Apple has posted in public is that Mac OS X 10.0.2 has "a new version of Internet file sharing (ftpd), which features important security improvements." Luckily, Larry Rosenstein <<A HREF="mailto:lsr@alum.mit.edu">lsr@alum.mit.edu</A>> verified on TidBITS Talk that the version of the Mac OS X 10.0.2 ftpd server was the same as the most recently updated version of the ftpd server in the Darwin open source repository. It's probably safe to assume that Apple (or someone else working on the Darwin open source) has effectively closed the FTP security hole, and it's great to see Apple distributing a fix so quickly. Still, at the risk of sounding like a broken record (an analogy which undoubtedly shows my age), Apple needs to be more forthcoming with acknowledgments of problems to security groups like CERT. [ACE]</P><P><<A HREF="http://db.tidbits.com/getbits.acgi?tlkthrd=1372">http://db.tidbits.com/getbits.acgi?tlkthrd=1372</A>></P><P><STRONG>Sudo Security Hole</STRONG> -- The Stepwise site (which also had early information about some of the Apple Mac OS X installer bugs we reported on last week) has posted information about a security issue in the sudo command line program that enables Mac OS X users to execute Unix commands as the root user without logging into or even enabling the root user. Unfortunately, as with so many other security lapses, it turns out that the version of sudo shipped with Mac OS X is vulnerable to a buffer overflow that could enable an authenticated user (either in front of the machine or connecting via SSH or Telnet) to gain increased privileges. The problem first appeared 23-Apr-01, and although Apple didn't address it in last week's Mac OS X 10.0.2 update, the author of sudo has already issued a patch, and Scott Anguish of Stepwise has built a custom installation application (122K download) to replace Mac OS X's version of sudo. [ACE]</P><P><<A HREF="http://www.stepwise.com/Articles/Workbench/2001-05-01.01.html">http://www.stepwise.com/Articles/Workbench/2001 -05-01.01.html</A>><BR><<A HREF="http://softrak.stepwise.com/display?pkg=2046&os=20">http://softrak.stepwise.com/display?pkg=2046& amp;os=20</A>></P><P><STRONG>DragThing 4.0.2 Fixes Crashes</STRONG> -- James Thomson has released a bug-fix update to his alternative dock utility DragThing to address several crashes in Mac OS X, a problem with DragThing clearing the login items at startup (see James's explanation of this in TidBITS Talk for more details), and a few other less important bugs. The upgrade to DragThing 4.0.2 is free for DragThing 4.0 users; it's a 1 MB download. [ACE]</P><P><<A HREF="http://www.dragthing.com/">http://www.dragthing.com/</A>><BR><<A HREF="http://db.tidbits.com/getbits.acgi?tlkmsg=10707">http://db.tidbits.com/getbits.acgi?tlkmsg=10707</A>></P><P><STRONG>PowerMail 3.0.9 Supports Mac OS X</STRONG> -- The tiny Swiss company CTM Development has revved their email client PowerMail to add a few features, fix a few bugs, and most important, provide Mac OS X compatibility (specifically with Mac OS X 10.0.1 and later). As with most of the other products made compatible with Mac OS X, PowerMail 3.0.9 has a few unresolved issues such as occasional crashes related to find-by-content indexing, an error while copying and pasting, and printing problems with StyleWriters. The free update to PowerMail 3.0.9 is available in a "classic" version for Mac OS 8 and Mac OS 9 (1.9 MB download) and a Carbon version for Mac OS X (2.0 MB). [ACE]</P><P><<A HREF="http://www.ctmdev.com/powermail3.shtml">http://www.ctmdev.com/powermail3.shtml</A>><BR><<A HREF="http://www.ctmdev.com/documentation/Read_me.htm">http://www.ctmdev.com/documentation/Read_me.htm</A>></P><P><STRONG>QuickDNS Pro Eases DNS Setups on Mac OS X</STRONG> -- DNS, the Domain Name Service that maps Internet IP numbers like 216.168.32.83 to human-readable names like www.tidbits.com, is not for the faint of heart. Type one character wrong during an edit and your entire Internet domain could become inaccessible. Making DNS easier to set up and maintain has long been one of the goals of Men & Mice's QuickDNS Pro for the Mac, and now, the just-released QuickDNS Pro 3.5 for Mac OS X brings that ease of use to Mac OS X. QuickDNS Pro actually has two parts - the graphical QuickDNS Manager and the server-side utility QuickDNS Remote, which enables QuickDNS Manager to configure the Unix BIND 8.2.3 DNS server included with Mac OS X, Red Hat Linux 6.2 and 7.0, and SuSE Linux 6.3, 6.4, and 7.0. QuickDNS Pro 3.5 for Mac OS X costs $350 for a single license and $550 for two licenses; upgrades from version 2.x are $195 and volume discounts are available. [ACE]</P><P><<A HREF="http://www.menandmice.com/infobase/mennmys/vefsidur.nsf/index/2.2">http://www.menandmice.com/infobase/mennmys/ vefsidur.nsf/index/2.2</A>><BR><<A HREF="http://www.menandmice.com/download/quickdnsprodownload.html">http://www.menandmice.com/download/ quickdnsprodownload.html</A>></P><!-- TenBITS/07-May-01 TidBITS Staff --></div>
<!-- end article text -->
<!-- PayBITS -->
<p> </p><div class="sponsorbox">
<div class="sponsortext"><A HREF="http://markspace.com/bits?source=tidbits"><IMG SRC="http://db.tidbits.com/images/badges/mark-space.gif" ALT="" HEIGHT="50" WIDTH="50" BORDER="0" ALIGN="left"></A>SYNC YOUR PHONE with The Missing Sync: Sync your calendar,<br />address book, music, photos and much more between your phone<br />and Mac. Supports ANDROID, BLACKBERRY, PALM PRE and many<br />other phones. <<a href="http://markspace.com/bits?source=tidbits">http://www.markspace.com/bits</a>></div>