Wednesday, October 17, 2007

Tech Pulse 20070906: Drobo Review, iPhone Price Cuts, iPod Touch, HandBrake, and more!

Listen to this episode! Subscribe to the MP3 feed via iTunes

A guest review of Drobo, plus tons of iPhone- and iPod-related news, details about recent Monster.com and Mobipocket server hacks, Josh offers security tips, Josh picks the multi-OS free DVD ripper HandBrake, Kyle discusses iWork and iLife 08, and more!

Notes and links related to this episode:

Tech News
  • New Apple stuff:
    • iPod Touch, 160 GB iPod Classic, new iPod nano with video, new colors (no more white iPods of any kind, which along with the no-longer-white iMac makes Kyle wonder if Apple will drop the white MacBook design soon)
    • $200 iPhone price cut, which led to Steve Jobs' open letter to all iPhone customers and a $100 store credit for early purchasers
    • You can now purchase iPhone ringtones via the iTunes Music Store for 99 cents—but only after you purchase the full-length song for another 99 cents first
      • While it's annoying to have to pay for it twice, it's still cheaper than most ringtones for other phones, plus iTMS allows you to select the specific part of the song that you want to use as your ringtone
    • iTunes Wi-Fi Music Store for iPod Touch and iPhone
    • Apple and Starbucks are beginning to roll out a system to allow consumers to purchase the currently-playing song in Starbucks from their iPod Touch or iPhone
  • Follow-up on last episode's "Monster.com Hacked" story
    • From an e-mail sent to Monster users: "As you may be aware, the Monster resume database was recently the target of malicious activity that involved the illegal downloading of information such as names, addresses, phone numbers, and email addresses for some of our job seekers with resumes posted on Monster sites. Monster responded to this specific incident by conducting a comprehensive review of internal processes and procedures, notified those job seekers that their contact records had been downloaded illegally, and shut down a rogue server that was hosting these records. The Company has determined that this incident is not the first time Monster's database has been the target of criminal activity. Due to the significant amount of uncertainty in determining which individual job seekers may have been impacted, Monster felt that it was in your best interest to take the precautionary steps of reaching out to you and all Monster job seekers regarding this issue. Monster believes illegally downloaded contact information may be used to lure job seekers into opening a "phishing" email that attempts to acquire financial information or lure job seekers into fraudulent financial transactions. This has been the case in similar attacks on other websites"
      • Apparently, no passwords were stolen in this heist, although this is not specifically stated one way or another
    • More related problems have cropped up since, including Monster.com servers hosting malware
  • Mobipocket Account Passwords Possibly Stolen
    • Mobipocket is a very popular document reader application for Palm and Windows Mobile PDAs
    • From an e-mail send to Mobipocket.com customers: "We reset your password because we recently learned of an attempt to gain access to a Mobipocket server. Files containing name, account name, password, address and e-mail address for some Mobipocket customers were kept on this server. Although we have no evidence that these files were accessed, we changed your password and are notifying you out of abundance of caution."
    • This is a very good reason to use unique passwords for each of your Web site accounts! Ideally, use an encrypted password database unless you're skilled enough to memorize all your passwords
      • Palm OS: Strip (freeware, open-source) is an excellent encrypted password vault
      • Mac OS X: you can create an encrypted disk image using Disk Utility and store passwords in a file on that disk image, or use 1Passwd (shareware, U.S. $29.95)
      • Windows XP Professional: if you're using a secure password for your Windows account and you don't share the account with others, and if your file system is NTFS, you can encrypt a file containing passwords from the file's Properties screen (Windows Vista users must have the Business, Enterprise, or Ultimate edition to encrypt files)
  • Impressive new technology: content-aware image resizing using "seam carving" technology
    • stretch out or compact an image on-the-fly while preserving important parts of the photograph
    • it can be used to edit people out of photographs!
    • watch a video demonstration on YouTube
Special Segment
  • Review of Drobo by Ken Leslie
    • Drobo is a "data storage robot," basically a very intelligent, incredibly easy alternative to RAID
    • Overall Ken had very positive experience; Data Robotics provided great tech support, and the Drobo product works great as long as long as you make sure to test your hard drives before initially setting it up
    • (Listen to the podcast for the full review, including an explanation of what Drobo is, what it does, why it's useful, and more)
Tech Tips
Josh's
  • Show all file extensions, even for known file types
    • Glaring security hole in Mac OS and Windows: you can give anything a custom icon, and by default "known" file types do not show their filename extensions. Example of why this is a problem: a file that appears to be an innocuous plain-text file may actually be a Trojan horse application with a custom icon
    • You can know what type of file it really is by manually enabling a feature in Mac OS X or Windows
      • Mac OS X: Click on the desktop, click on the Finder menu, click on Preferences..., click on Advanced, put a check next to "Show all file extensions"
      • Windows: Click on Start, Control Panel (or in some cases Start, Settings, Control Panel), then open the Folder Options panel, remove the check next to "Hide file extensions for known file types" (or "Hide MS-DOS file extensions for file types that are registered"), then click OK
    • Mac OS 9.2.2 and earlier doesn't necessarily use filename extensions, and instead uses four-character "type" and "creator" codes to determine what kind of file it is and how to open it. Thus, leaving a file without a filename extension (or by adding a false extension), it's even easier for malicious users to spoof file types. I'm unaware of any workaround that prevents file type spoofing in Mac OS 9.2.2 or earlier
Software/Hardware/Site etc. Picks
Josh's
  • HandBrake - Simple yet powerful DVD ripping software for Mac, Windows, and Linux, with presets for iPod, iPhone, Apple TV, PSP, etc.
    • Oh, and did I mention it's free (as in both money and source code)?
    • It does NOT convert files from one video format to another. iTunes can do this for some file types, but not all. If you, dear reader, know of any good video converter apps for Mac or Windows, please e-mail us at josh at techpulsepodcast dot com, or bookmark the application's homepage on del.icio.us with the tag "techpulseideas"
Kyle's
  • iWork '08
    • Keynote is pretty much the same
    • Numbers rocks by being an attractive alternative to Excel
    • Pages got some much-needed upgrades
  • iLife '08
    • GarageBand - seems like the wave of coolness is over for it; the new features didn't impress me
    • iDVD - is it really needed anymore?
    • iMovie - bleh... I wasn't impressed by the overhauled design and loss of certain functionality, but certain new things like the cursor-rollover previews are cool
    • iPhoto - finally decent Web albums (requires .Mac, though - thumbs down)
    • iWeb - Google AdSense and maps, Web snippet widget thingys, usable with my own domain name! (FINALLY!)
      • Josh discusses the possibility of unethical people creating illegitimate Apple Web Widgets for use in phishing scams
  • New Apple keyboard
  • Zune!!! (just kidding)
Log Out

No comments: