warning

Two More Problems

Another problem, or as we call it, a challenge! John Carter steps up with some enlightenment. "Another program that doesn't work is Smallimage2. It will not launch in Snow Leopard. So if you need to resize an image or lower the compression of a JPG file, use Preview. There are two kinds of Preview applications: the one that comes with the OS and the one that comes with PathFinder. Either one gets the same results. What you don't get is the ability to batch process a bunch of images unless you know how to write a script.

"If anyone knows of an application that will batch process images to resize them and that works in Snow Leopard, please post."

Then, in another email John tells us, "I just updated to OpenOffice 3.1.1. It has a major problem in Snow Leopard (reported by me). In Finder or PathFinder, right click on a document (any type, it seems) and open with OpenOffice. Crash!

"However, if I first launch OpenOffice and then start a blank text document, then close it without making any entries, I can then open any type document in OpenOffice. There is no other way to open an existing document with OpenOffice that I know of. This problem does not exist with NeoOffice!"

,

Warning About Facebook

,

A stunning problem is brought to our attention by Bill Williamson. Facebook can use your photo in ads. Today's article, http://www.komando.com/tips/ reveals some troubling information. By using third-party applications offered on Facebook you give their developers access to your profile. That includes your photos. Social ads on Facebook have some access to your data. To avoid some scary problems read the whole article. Kim Komando tells you how to opt out and protect yourself.

A Warning Alert

Member John Carter forwards to us the following warning from http://blogs.siliconvalley.com/gmsv/2008/12/hackers-create-secure-sockets-liar.html

"Hackers create Secure Sockets Liar: You know that comforting little padlock icon at the bottom of the browser that lets you know you're on a secure, encrypted connection to a bank, merchant or whatever? It's been picked. An international team of security researchers announced today that, with the help of 200 PlayStation 3 consoles strapped together into a poor man's supercomputer, they had exploited a known weakness in a cryptographic algorithm called MD5 and created a rogue Certification Authority able to forge the certificates used to authenticate Secure Sockets Layer connections (the padlock thingie). In theory, similarly skilled evildoers could steer users to phishing sites that not only looked legit but also appeared to be properly secured. In practice, the evildoers still have some tech work to do to catch up with the white-hat guys, and the exposure of the vulnerability should be enough to encourage the remaining real Certification Authorities using the MD5 function to switch to something a little sturdier. So no need to panic, but also no time to relax. Said cryptography expert Bruce Schneier, 'This is good work, great cryptography. I love the research, but this doesn't matter a whit. There are half a dozen ways to forge certificates and nobody checks them anyway.'"

Cautious, Careful

PMUG members already know to be cautious and careful with email. This morning’s example just came from commspeed.net and in the list of today’s mail it looked official. With asterisks setting off capital letters of IMPORTANT, the title said "Upgrade Notification."

Without opening the suspicious thing I went to Safari and then to commspeed.net. Here in the long list of mail I could click to view it without opening it on my computer. Misspelled words and poor use of English was another warning (“canceling insolent accounts” and “all data’s will be loss”).

Going to View Full Header revealed the spammers info. I did a Grab (screen shot) of this page and the email letter screen, copied both to an email which I sent to spam.commspeed.net with my own notation, “Go after these bums!”