<?xml version="1.0" encoding="UTF-8"?>
 <rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://web.resource.org/cc/" xmlns:syn="http://purl.org/rss/1.0/modules/syndication/" xmlns:admin="http://webns.net/mvcb/">
  <channel rdf:about="http://pinboard.in">
    <title>Pinboard (guardiantech)</title>
    <link>https://pinboard.in/u:guardiantech/public/</link>
    <description>recent bookmarks from guardiantech</description>
    <items>
      <rdf:Seq>	<rdf:li rdf:resource="http://www.cindori.org/trim-enabler-and-yosemite/"/>
	<rdf:li rdf:resource="http://www.extremetech.com/computing/168476-macphone-air-mark-shuttleworth-predicts-apple-will-merge-mac-and-iphone"/>
	<rdf:li rdf:resource="http://grahamcluley.com/2013/09/photo-kissing-couple-mac-malware-attack/"/>
	<rdf:li rdf:resource="http://arstechnica.com/apple/2013/06/how-os-x-mavericks-works-its-power-saving-magic/"/>
	<rdf:li rdf:resource="http://www.dailydot.com/society/china-uyghur-minority-mac-malware/"/>
	<rdf:li rdf:resource="https://www.npd.com/wps/portal/npd/us/news/press-releases/black-friday-and-cyber-monday-weeks-gain-share-of-2012-us-ce-holiday-sales-according-to-npd/"/>
	<rdf:li rdf:resource="http://www.securelist.com/en/blog/208193616/New_MacOS_X_backdoor_variant_used_in_APT_attacks"/>
	<rdf:li rdf:resource="http://www.quora.com/Apple-Inc-2/How-does-Apple-keep-secrets-so-well/answer/Kim-Scheinberg?srid=i1"/>
	<rdf:li rdf:resource="http://www.red-sweater.com/blog/2448/permanently-unhide-library"/>
	<rdf:li rdf:resource="http://blogs.technet.com/b/mmpc/archive/2012/04/30/an-interesting-case-of-mac-osx-malware.aspx"/>
	<rdf:li rdf:resource="http://www.forbes.com/sites/andygreenberg/2012/05/01/apple-targeting-flashback-botnet-still-kicking-but-shrinking-by-100000-macs-per-week/"/>
	<rdf:li rdf:resource="http://news.drweb.com/show/?c=5&amp;i=2386&amp;lng=en"/>
	<rdf:li rdf:resource="http://www.intego.com/mac-security-blog/new-flashback-variant-continues-java-attack-installs-without-password/"/>
	<rdf:li rdf:resource="https://www.securelist.com/en/analysis/204792227/The_anatomy_of_Flashfake_Part_1"/>
	<rdf:li rdf:resource="http://nakedsecurity.sophos.com/2012/04/16/sabpab-trojan-mac-word/"/>
	<rdf:li rdf:resource="http://blog.intego.com/flashback-mac-trojan-horse-infections-increasing-with-new-variant/"/>
	<rdf:li rdf:resource="http://www.panic.com/blog/2012/02/about-gatekeeper/"/>
	<rdf:li rdf:resource="http://blogs.forrester.com/frank_gillett/12-01-26-apple_infiltrates_the_enterprise_15_of_global_info_workers_use_apple_products_for_work_0"/>
	<rdf:li rdf:resource="http://www.bazingajournal.com/2011/06/why-macs-cost-more.html"/>
	<rdf:li rdf:resource="http://seattletimes.nwsource.com/html/businesstechnology/2015198201_ptmacc04.html"/>
	<rdf:li rdf:resource="http://www.zdnet.com/blog/bott/apple-to-support-reps-do-not-attempt-to-remove-malware/3362"/>
	<rdf:li rdf:resource="http://www.macworld.com/article/159921/2011/05/appswitcher.html"/>
	<rdf:li rdf:resource="http://blog.hunch.com/?p=45344"/>
      </rdf:Seq>
    </items>
  </channel><item rdf:about="http://www.cindori.org/trim-enabler-and-yosemite/">
    <title>Trim Enabler and Yosemite &gt;&gt; Cindori</title>
    <dc:date>2014-10-22T17:45:34+00:00</dc:date>
    <link>http://www.cindori.org/trim-enabler-and-yosemite/</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[Trim Enabler was a useful app to enable third-party SSDs on Macs using older versions of Mac OS X. But: <blockquote class="quoted">In OS X 10.10 (Yosemite), Apple has introduced a new security requirement called kext signing. (A kext is a kernel extension, or a driver, in Mac OS X)

Kext signing basically works by checking if all the drivers in the system are unaltered by a third party, or approved by Apple. If they have been modified, Yosemite will no longer load the driver. This is a means of enforcing security, but also a way for Apple to control what hardware that third party developers can release OS X support for.

Since Trim Enabler works by unlocking the Trim driver for 3rd party SSD’s, this security setting prevents Trim Enabler to enable Trim on Yosemite.</blockquote>

Not good news if you've got a third-party SSD drive - which has for years been one of the best ways to "refresh" an older machine. Beware.]]></description>
<dc:subject>mac trim yosemite</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:3758207ee4e1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:trim"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:yosemite"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.extremetech.com/computing/168476-macphone-air-mark-shuttleworth-predicts-apple-will-merge-mac-and-iphone">
    <title>MacPhone Air: Mark Shuttleworth predicts Apple will merge Mac and iPhone &gt;&gt; ExtremeTech</title>
    <dc:date>2013-10-13T21:15:33+00:00</dc:date>
    <link>http://www.extremetech.com/computing/168476-macphone-air-mark-shuttleworth-predicts-apple-will-merge-mac-and-iphone</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[<blockquote>Anyone that has been paying attention to the evolution of OS X and iOS will have at some point noticed that the two operating systems are slowly acting more like each other. Mark Shuttleworth, founder of Canonical who recently attempted to crowdfund the Ubuntu Edge phone that would double as a desktop PC, has certainly noticed Apple’s seemingly slow merger of its desktop and mobile OS. He predicts Apple will merge Mac and iPhone hardware one day soon, creating a device similar to the Ubuntu Edge.</blockquote>

Then again, he reckoned people would crowdfund the Ubuntu Edge project to the tune of $32m.]]></description>
<dc:subject>mac iphone</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:fa17efc3c202/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:iphone"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://grahamcluley.com/2013/09/photo-kissing-couple-mac-malware-attack/">
    <title>Photo of kissing TV couple leads to new Mac malware attack &gt;&gt; Graham Cluley's blog</title>
    <dc:date>2013-09-18T21:55:27+00:00</dc:date>
    <link>http://grahamcluley.com/2013/09/photo-kissing-couple-mac-malware-attack/</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[<blockquote>The Trojan application is disguised as a digital photograph of a man and a woman kissing. Because Mac OS X does not show file extensions by default (something you should change in both Mac OS X and Windows to avoid precisely this kind of trick!), victims may not realise that they are not viewing an image but running a program instead.<p>

And don’t think that checking your OS X dock or switching between apps using Cmd-Tab will reveal that a program is being run. The Trojan deliberately hides itself from appearing in those places.</blockquote>

Mac malware? It's been a while.]]></description>
<dc:subject>mac malware</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:10b0943a90d6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arstechnica.com/apple/2013/06/how-os-x-mavericks-works-its-power-saving-magic/">
    <title>How OS X “Mavericks” works its power-saving magic &gt;&gt; Ars Technica</title>
    <dc:date>2013-06-11T23:11:32+00:00</dc:date>
    <link>http://arstechnica.com/apple/2013/06/how-os-x-mavericks-works-its-power-saving-magic/</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[Nate Anderson: <blockquote>Timer Coalescing attempts to enforce some order on all this chaos. While on battery power, Mavericks will routinely scan all upcoming timers that apps have set and then apply a gentle nudge to line up any timers that will fire close to each other in time. This "coalescing" behavior means that the disk and CPU can awaken, perform timer-related tasks for multiple apps at once, and then return to sleep or idle for a longer period of time before the next round of timers fire.<p>

Apple has never guaranteed developers that timers will run at exact times, either, so this isn't necessarily a break with convention. Apple currently tells developers that "because of the various input sources a typical run loop manages, the effective resolution of the time interval for a timer is limited to on the order of 50-100 milliseconds," and it notes that busy apps may have their timers affected even more.</blockquote>

Isn't that going to mess with music apps, which rely on timing precision that's more granular than that? (Thanks @rquick for the link.)]]></description>
<dc:subject>apple mac osx power</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:15dbd782cfb4/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:osx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:power"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.dailydot.com/society/china-uyghur-minority-mac-malware/">
    <title>Daily Dot | China's Uyghur minority targeted by Mac malware attacks</title>
    <dc:date>2013-02-17T20:41:41+00:00</dc:date>
    <link>http://www.dailydot.com/society/china-uyghur-minority-mac-malware/</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[<blockquote>“During the past months,” Raiu wrote, “we’ve monitored a series of targeted attacks against Uyghur supporters, most notably against the World Uyghur Congress... Although some of these attacks were observed during 2012, we’ve noticed a significant spike in the number of attacks during Jan 2013 and Feb 2013, indicating the attackers are extremely active at the moment.“<p>


The attacks apparently use poisioned Microsoft Word documents to exploit a Microsoft Office vulnerability.<p>

Victims are targeted via email, with messages that appear to include a relevant attachment, sometimes a Word document entitled “Concerns Over Uyghur People’s Fundamental Rights Under The New Chinese Leadership,” other times masquerading as a white paper.</blockquote>]]></description>
<dc:subject>malware mac</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:d631bae3056a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.npd.com/wps/portal/npd/us/news/press-releases/black-friday-and-cyber-monday-weeks-gain-share-of-2012-us-ce-holiday-sales-according-to-npd/">
    <title>Black Friday and Cyber Monday weeks gain share of 2012 US consumer elecrtonics holiday sales &gt;&gt; NPD.com</title>
    <dc:date>2013-01-06T00:32:42+00:00</dc:date>
    <link>https://www.npd.com/wps/portal/npd/us/news/press-releases/black-friday-and-cyber-monday-weeks-gain-share-of-2012-us-ce-holiday-sales-according-to-npd/</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[<blockquote>Despite the hype, and hope, around the launch of Windows 8, the new operating system did little to boost holiday sales or improve the year-long Windows notebook sales decline. Windows notebook holiday unit sales dropped 11%, on par with Black Friday, and similar to the yearly trend, but revenue trends weakened since Black Friday to end the holiday period down 10.5%. ASPs [average selling prices] rose only $2 to $420. Touchscreen notebooks were 4.5% of Windows 8 sales with ASPs around $700. Sales of Windows notebooks under $500 fell by 16% while notebooks priced above $500 increased 4%. Macbook sales dropped 6% while the ASPs rose almost $100 to $1419.</blockquote>

On that basis, Macbook revenue actually rose year-on-year, despite the volume falling (less rapidly than Windows, which udges Apple's share up infinitesimally again): it looks like a number of people were buying the retina model. And those "Windows notebooks under $500" are the beasts formerly known as netbooks. They're dead, Jim.]]></description>
<dc:subject>pc windows8 mac notebook</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:5368f112b816/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:pc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:windows8"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:notebook"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.securelist.com/en/blog/208193616/New_MacOS_X_backdoor_variant_used_in_APT_attacks">
    <title>New MacOS X backdoor variant used in APT attacks &gt;&gt; Securelist</title>
    <dc:date>2012-07-03T22:02:27+00:00</dc:date>
    <link>http://www.securelist.com/en/blog/208193616/New_MacOS_X_backdoor_variant_used_in_APT_attacks</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[<blockquote>Two days ago we intercepted a new APT campaign using a new MacOS X backdoor variant targeted at Uyghur activists.<p>

But before we go into details, let’s start with a quiz:The Dalai Lama walks into an Apple Store. Why?</blockquote>

It does make sense, honest. More to the point: it seems that Mac-using activists are being targeted by Chinese-written malware.]]></description>
<dc:subject>mac malware china dalai</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:19cf677c1be3/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:china"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:dalai"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.quora.com/Apple-Inc-2/How-does-Apple-keep-secrets-so-well/answer/Kim-Scheinberg?srid=i1">
    <title>Kim Scheinberg's answer to: Apple Inc.: How does Apple keep secrets so well? &gt;&gt; Quora</title>
    <dc:date>2012-06-11T07:38:32+00:00</dc:date>
    <link>http://www.quora.com/Apple-Inc-2/How-does-Apple-keep-secrets-so-well/answer/Kim-Scheinberg?srid=i1</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[Amazing story. The finish: <blockquote>I've lost track of the many reasons that have been given for the switch to Intel, but this I know for sure:<p>

No one has ever reported that, for 18 months, Project Marklar existed only because a self-demoted engineer wanted his son Max to be able to live closer to Max's grandparents.</blockquote>

Quora, proving its worth.]]></description>
<dc:subject>apple history intel mac</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:8f9524754e3f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:history"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:intel"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.red-sweater.com/blog/2448/permanently-unhide-library">
    <title>Permanently unhide Library &gt;&gt; Red Sweater blog</title>
    <dc:date>2012-05-23T20:51:22+00:00</dc:date>
    <link>http://www.red-sweater.com/blog/2448/permanently-unhide-library</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[<blockquote>When Apple shipped Mac OS X Lion 10.7, the “Library” folder located within every user’s home folder, which had previously been visible to users in the Finder, was made invisible. To access the Library folder, users must now hold down the option key while selecting the “Go” menu in the Finder.<p>

This is probably a good move for the vast majority of Mac users, but for folks with even a small amount of interest in tinkering with the configuration files and caches of various applications, it’s an outright nuisance.</blockquote>

A quick trip to the Terminal can fix it, or he has an app for that.]]></description>
<dc:subject>apple mac osx</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:3b636e9efcca/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:osx"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blogs.technet.com/b/mmpc/archive/2012/04/30/an-interesting-case-of-mac-osx-malware.aspx">
    <title>An interesting case of Mac OSX malware &gt;&gt; Microsoft Malware Protection Center</title>
    <dc:date>2012-05-15T20:55:56+00:00</dc:date>
    <link>http://blogs.technet.com/b/mmpc/archive/2012/04/30/an-interesting-case-of-mac-osx-malware.aspx</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[<blockquote>In June 2009, Microsoft issued security update MS09-027, which fixed a remote code execution vulnerability in the Mac version of Microsoft Office. Despite the availability of the bulletin (and the passage of time), not every machine is up to date yet – which is how nearly three years later, malware has emerged that exploits the issue on machines running Office on Mac OS X. Fortunately, our data indicates that this malware is not widespread, but during our investigation we found a few interesting facts we’d like to share with you.</blockquote>

It's pretty sophisticated.]]></description>
<dc:subject>malware mac</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:f730b613b2bc/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.forbes.com/sites/andygreenberg/2012/05/01/apple-targeting-flashback-botnet-still-kicking-but-shrinking-by-100000-macs-per-week/">
    <title>Apple-targeting Flashback botnet still kicking, but shrinking by 100,000 Macs per week &gt;&gt; Forbes</title>
    <dc:date>2012-05-02T15:48:34+00:00</dc:date>
    <link>http://www.forbes.com/sites/andygreenberg/2012/05/01/apple-targeting-flashback-botnet-still-kicking-but-shrinking-by-100000-macs-per-week/</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[<blockquote>Dr. Web, the Russian security firm that firm discovered the massive Flashback botnet last month, has provided new data on the number of Macs still infected with the software. The results show that while close to 460,000 machines remain infected, the botnet is shrinking at a rate of close to a hundred thousand machines a week as Mac users get around to downloading Apple’s tool for disinfecting their machines or installing antivirus.</p><p>

“It’s going very slowly, and there’s still a ways to go, but I think in a month it will be over,” says Boris Sharov, Dr. Web’s chief executive.</blockquote>

They were reckoned to be making about $10,000 per week at the peak. Wonder if that's better than they could do off a Windows botnet. And of course: what's next?]]></description>
<dc:subject>mac apple malware</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:e005d4e284e7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://news.drweb.com/show/?c=5&amp;i=2386&amp;lng=en">
    <title>Mac botnet still very big &gt;&gt; Dr Web</title>
    <dc:date>2012-04-26T05:35:55+00:00</dc:date>
    <link>http://news.drweb.com/show/?c=5&amp;i=2386&amp;lng=en</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[<blockquote>Doctor Web's virus analysts continue to monitor the largest to date Mac botnet discovered by Doctor Web on April 4, 2012. The botnet statistics acquired by Doctor Web contradicts recently published reports indicating a decrease in the number of Macs infected by BackDoor.Flashback.39 The number is still around 650,000.</blockquote>

Hard to know how to verify who's right. Dr Web first spotted the Java variant of the Flashback malware.]]></description>
<dc:subject>mac malware</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:9b73a34c9e13/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.intego.com/mac-security-blog/new-flashback-variant-continues-java-attack-installs-without-password/">
    <title>New Flashback variant continues Java attack, installs without password &gt;&gt; Mac Security Blog</title>
    <dc:date>2012-04-23T22:56:47+00:00</dc:date>
    <link>http://www.intego.com/mac-security-blog/new-flashback-variant-continues-java-attack-installs-without-password/</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[<blockquote>Intego has discovered a new variant of the Flashback malware, Flashback.S, which continues to use a Java vulnerability that Apple has patched. No password is required for this variant to install, and it places its files in the user’s home folder, at the following locations:</p><p>

~/Library/LaunchAgents/com.java.update.plist<br />
~/.jupdate<br />
It then deletes all files and folders in ~/Library/Caches/Java/cache in order to delete the applet from the infected Mac, and avoid detection or sample recovery.</blockquote>

The no-password thing is just more drive-by fun. Unclear: prevalence. (Thanks @rquick for the link.)]]></description>
<dc:subject>malware mac</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:9c82cf799a22/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.securelist.com/en/analysis/204792227/The_anatomy_of_Flashfake_Part_1">
    <title>The anatomy of Flashfake. Part 1 &gt;&gt; Securelist</title>
    <dc:date>2012-04-19T21:22:58+00:00</dc:date>
    <link>https://www.securelist.com/en/analysis/204792227/The_anatomy_of_Flashfake_Part_1</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[How all those Macs got infected: <blockquote>The partner program was based on script redirects from huge numbers of legitimate websites all over the world. Around the end of February/early March 2012, tens of thousands of sites powered by WordPress were compromised. How this happened is unclear. The main theories are that bloggers were using vulnerable versions of WordPress or they had installed the ToolsPack plugin. Websense put the number of affected sites at 30,000 , while other companies say the figure could be as high as 100,000. Approximately 85% of the compromised blogs are located in the US.</p><p>

Code was injected into the main pages when the blogs were hacked. As a result, when any of the compromised sites were visited, a partner program TDS was contacted. Depending on the operating system and browser version, the browser then performed a hidden redirect to sites in the rr.nu domain zone that had the appropriate set of exploits installed on them to carry out an infection.</blockquote>]]></description>
<dc:subject>malware mac security charlesarthur</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:54195e5a3269/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:charlesarthur"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://nakedsecurity.sophos.com/2012/04/16/sabpab-trojan-mac-word/">
    <title>New version of Sabpab Mac Trojan emerges, spread via Word documents &gt;&gt; Naked Security</title>
    <dc:date>2012-04-16T20:41:39+00:00</dc:date>
    <link>http://nakedsecurity.sophos.com/2012/04/16/sabpab-trojan-mac-word/</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[Oh joy: </blockquote>A new version of the Mac OS X Sabpab Trojan horse has come to light, and rather than relying upon a Java vulnerability - it appears to be exploiting malformed Word documents instead.</blockquote>

Disabled Java.. Flash.. Word.. web..]]></description>
<dc:subject>mac malware security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:d4017cd7f518/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blog.intego.com/flashback-mac-trojan-horse-infections-increasing-with-new-variant/">
    <title>Flashback Mac Trojan Horse infections increasing with new variant &gt;&gt; The Mac Security Blog</title>
    <dc:date>2012-02-27T06:26:48+00:00</dc:date>
    <link>http://blog.intego.com/flashback-mac-trojan-horse-infections-increasing-with-new-variant/</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[Intego: <blockquote>We recently <a href="http://blog.intego.com/new-flashback-trojan-horse-variant-uses-novel-delivery-method-to-infect-macs/">reported about a new variant of the Flashback Trojan horse</a> which is using novel techniques to infect Macs. Since then, we have discovered a number of samples of this latest variant, Flashback.G, and have seen evidence that many Mac users have been infected by this malware.</blockquote>

What's not explained is what "many" is (even compared to Intego's client base) or what this novel infection method is. Flashback is a password-stealing program. Presently easy to detect: 
• open Terminal.app
• type cd /Users/Shared
• type ls -l
• look for any file ending ".so". If you're infected, you've then got a problem. (Thanks @rquick for the link.)]]></description>
<dc:subject>mac malware osx security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:84cea505fd21/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:osx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.panic.com/blog/2012/02/about-gatekeeper/">
    <title>About Gatekeeper &gt;&gt; Panic Blog</title>
    <dc:date>2012-02-17T08:10:40+00:00</dc:date>
    <link>http://www.panic.com/blog/2012/02/about-gatekeeper/</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[Why the new Gatekeeper feature on the new version of the Mac operating system matters to all users.]]></description>
<dc:subject>Mac osx gatekeeper security joshhalliday</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:f6954e138915/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:Mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:osx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:gatekeeper"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:joshhalliday"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blogs.forrester.com/frank_gillett/12-01-26-apple_infiltrates_the_enterprise_15_of_global_info_workers_use_apple_products_for_work_0">
    <title>Apple infiltrates the enterprise: one-fifth of global info workers use Apple products for work! &gt;&gt; Forrester Blogs</title>
    <dc:date>2012-01-31T06:33:05+00:00</dc:date>
    <link>http://blogs.forrester.com/frank_gillett/12-01-26-apple_infiltrates_the_enterprise_15_of_global_info_workers_use_apple_products_for_work_0</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[This may explain how Apple's share of the computer market keeps growing: <blockquote>Have you noticed an increased presence of Apple products in public spaces and workspaces in the last few years? Turns out that 21% of information workers are using one or more Apple products for work. Almost half of enterprises (1000 employees or more) are issuing Macs to at least some employees – and they plan a 52% increase in the number of Macs they issue in 2012.</blockquote>]]></description>
<dc:subject>apple charlesarthur mac iphone ipad</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:guardiantech/b:69e911217519/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:charlesarthur"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:iphone"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:ipad"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.bazingajournal.com/2011/06/why-macs-cost-more.html">
    <title>Why Macs Cost More &gt;&gt; Bazinga Journal</title>
    <dc:date>2011-06-25T13:31:19+00:00</dc:date>
    <link>http://www.bazingajournal.com/2011/06/why-macs-cost-more.html</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA["If the average selling price of a Mac runs about $710 more than a PC (ASP of a Mac - ASP of an HP machine), and about $320 of that is profit, then the remaining $390 must be those higher costs. Apple’s computing hardware, and the software development behind OS X, actually cost more to manufacture. Given the volume their manufacturing partners are turning out and the squeeze to contain costs put on them by Apple, one has to wonder why.<br />
"The answer is fairly obvious to anyone coming to Macs after years of using commodity PC equipment: better design and build quality costs more."<br />
<br />
In no way going to start an argument in the comments, this one.]]></description>
<dc:subject>charlesarthur mac apple pc costs</dc:subject>
<dc:identifier>https://pinboard.in/u:guardiantech/b:8d27a948199d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:charlesarthur"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:pc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:costs"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://seattletimes.nwsource.com/html/businesstechnology/2015198201_ptmacc04.html">
    <title>Malware episode puts Mac users on notice &gt;&gt; Seattle Times</title>
    <dc:date>2011-06-05T10:47:23+00:00</dc:date>
    <link>http://seattletimes.nwsource.com/html/businesstechnology/2015198201_ptmacc04.html</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA["If you're reading this column, you are likely sophisticated enough to not fall for such nonsense, starting with clicking in the link on the Web page. You might have already turned off the Safari Open Safe Files option, or use a browser like Firefox or Chrome that requires additional steps to install this malware.<br />
"But how many of your friends, relatives, and colleagues are going to be this credulous? And Mac Defender is just the first effort to make any impact. Don't be fooled by the fact that in this release you have to enter a credit-card number to be scammed. Future Mac malware will be just like that under Windows, with the potential to install all manner of viruses, like keystroke loggers, spam email programs, and the like."<br />
<br />
Very good, well-argued piece with an unavoidable conclusion.]]></description>
<dc:subject>charlesarthur mac security malware</dc:subject>
<dc:identifier>https://pinboard.in/u:guardiantech/b:f976d28ea4db/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:charlesarthur"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.zdnet.com/blog/bott/apple-to-support-reps-do-not-attempt-to-remove-malware/3362">
    <title>Apple to support reps: &quot;Do not attempt to remove malware&quot; &gt;&gt; ZDNet</title>
    <dc:date>2011-05-19T21:27:15+00:00</dc:date>
    <link>http://www.zdnet.com/blog/bott/apple-to-support-reps-do-not-attempt-to-remove-malware/3362</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[Apple is putting its support staff in an invidious position where they "can't confirm or deny" whether any such software (as the Mac Defender scareware) has been installed. And they don't get support to remove it.<br />
<br />
Then again, it's listed as an "investigation in progress", so let's hope the support team's scripts improve radically, and soon.]]></description>
<dc:subject>apple mac malware support</dc:subject>
<dc:identifier>https://pinboard.in/u:guardiantech/b:2c1d1a2f8f16/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:malware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:support"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.macworld.com/article/159921/2011/05/appswitcher.html">
    <title>Six unexpected uses for the Mac's Application Switcher &gt;&gt; Macworld</title>
    <dc:date>2011-05-17T21:44:23+00:00</dc:date>
    <link>http://www.macworld.com/article/159921/2011/05/appswitcher.html</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[Clever - didn't know of them. What are the equivalent Windows app switcher ones?]]></description>
<dc:subject>charlesarthur mac apple</dc:subject>
<dc:identifier>https://pinboard.in/u:guardiantech/b:f3beba70e5c7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:charlesarthur"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:apple"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blog.hunch.com/?p=45344">
    <title>Mac vs. PC: A Hunch Rematch &gt;&gt; Hunch blog</title>
    <dc:date>2011-04-26T22:18:18+00:00</dc:date>
    <link>http://blog.hunch.com/?p=45344</link>
    <dc:creator>guardiantech</dc:creator><description><![CDATA[Qualities observed in people from the Hunch network. This is one that definitely wouldn't attract any comments, right?]]></description>
<dc:subject>charlesarthur mac pc statistics</dc:subject>
<dc:identifier>https://pinboard.in/u:guardiantech/b:45f6d68d54aa/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:charlesarthur"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:pc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:guardiantech/t:statistics"/>
</rdf:Bag></taxo:topics>
</item>
</rdf:RDF>