This is an interesting addition to the new OS X release.  Although no one really knows what it does exactly, it does add an interesting glimpse on how things are changing for Apple.  Here is a short write up i found:

We’ve gotten reports about an interesting feature in Snow Leopard, the new version of Mac OS X due for release this Friday. According to reports we’ve seen – and the screen shot below – Snow Leopard contains an antimalware feature.

We’re not sure yet exactly how this works, but the above screen shot shows this feature working with a download made via Safari, detecting a version of the RSPlug Trojan horse in a downloaded disk image.

We’re naturally curious about this feature, and about how thorough it is. As soon as we can find out more, we’ll post an article here. We wonder just how serious Apple thinks the malware threat is, especially since their latest Get a Mac ads highlight the fact that PCs running Windows suffer from viruses…

There are several things that I can see this stemming from. Probably the most notorious was the iWork 09, that came with a nice trojan. While it is a horrible reality that companies are having to take extra steps to protect their product form illegally downloaded torrents, I applaud them for taking the first step at least.

(Via Mac Security Blog)

Here is a great write up by the guys over at Offensive Security. They managed to work the iTunes OS X exploit around and got it to work in Windows too. And for all of those wanting to use it, they did post the exploit at the bottom. Here is a little about how they got there.

Our new AWE course is about to go live for the first time, in BlackHat Vegas. We chose the most interesting exploitation cases we’ve encountered, and dove really deep into them. We had many exploits to choose from, some were too easy, and believe it or not, some were just too hard. This blog post is going to be a multipart post, describing our exploitation process of the recent iTunes overflow described here. This is possibly one of our most involved and interesting exploits to date.

An exploit for OSX was released and discussed here. Being naturally inquisitive, we checked to see if this exception would occur in Windows too, and indeed it was!

After attaching a debugger to the iTunes process, we noticed it was getting terminated after around 30 seconds. It looked like iTunes had anti-debugging features implemented. Fortunately, Immunity Debugger offers anti-debugging scripts which are useful for situations just like this. Invoking the !hidedebug command within ID allowed the debugger to continue running in hidden mode, bypassing our first hurdle.

Using the OSX exploit as a template, we attempted to crash iTunes several times, however the process would keep terminating with no opportunity for code redirection. After inspecting the call stack in one of the crash cases, we saw that one function was calling ZwTerminateProcess.

We assumed this was a stack protection mechanism. We placed a breakpoint there. This would halt ID just before the stack cookie check, allowing us to examine the vulnerable function in greater depth, and also to confirm our “stack protection” theory.

We soon realised that trying to approach the stack canary head on would be difficult. We attempted to increase the buffer length we were sending in order to get a SEH overflow, which would effectively bypass the canary protection. The Gods of buffer overflows were in our favour – and an SEH overwrite was achieved!

From here on, we expected things to get easier. Little did we know….

(Via Offensive Security)

I have to admit that I have an obsession with Underworld on the iPhone. And the ability to be notified of drug deals is exciting. But this thing just has disaster all over it. The only way I can see the push system working, is sadly if they make it only available on non-free apps.

With WWDC and presumably the release of iPhone OS 3.0 just around the corner, Apple has deemed it time to begin stress-testing their Push Notification servers. We just received a letter from a (very) trusted source, in which Apple invited them to download a pre-release version of the Associated Press iPhone application, specifically tuned to make a high number of background push requests.

Upon adding the application, an iPhone-wide “Notifications” toggle is added to the iPhone OS 3.0 Settings screen, along with the option to toggle Notifications on an app-by-app basis.

Problem is that every notification pushed to your phone goes through the Apple servers. Thousands Millions of Twitter notifications will surely bring the system to a grinding halt within hours.

(Via MobileCrunch)

What? BitTorrents are used for downloading pirated content?  Say it isn’t so! Now I suppose you’re going to tell me that the Nigerian guy that I gave my life savings to is some sort of scam artist. 

Citing copyright infringement concerns, Apple won’t include a BitTorrent client in the App Store.

The Cupertino-based electronics company rejected Maza Digital’s Drivetrain, saying “this category of applications is often used for the purpose of infringing third-party rights. We have chosen to not publish this type of application to the App Store.”

(Via Wired)

Q: New thoughts on the Netbook at this point?

A: For us it’s about doing great products. When I’m looking at what’s sold in the Netbook market, I see cramped keyboards, junky hardware, very small screen, bad software. Not a consumer experience that we would put the Mac brand on. As it exists today, we’re not interested in nor would it be something customers would be interested in the long term. We are looking at the space. For those who want a small computer that does browsing/email, they might want an iPhone or iPod Touch. If we find a way to deliver an innovative product that really makes a contribution, we’ll do that. We have some interesting ideas. The product pipeline is fantastic for the Mac. We’ve historically exceeded the market rate of growth, especially given this economy is an extraordinary achievement. These netbook sales are propping up the unit numbers for the industry. We are very pleased with our performance.

I have been looking for a netbook, after I decided that I needed one this week. I want something that will sync up well with my MacBook, and has the same standby mode, allowing it to be ready to go 3 seconds after I open the screen. I am afraid it won’t work out, mostly because when I think netbook, I think sub $300 range. And we all know that product + Apple Tax will not be under $300. Maybe linux is the best way to go, I haven’t installed Gentoo on a netbook yet, and a nice metasploit machine would be handy!

(Via MacRumors.)

Underworld has finally entered the Apple App Store. Originally based off the classic Dope Wars games, Underworld was a great location aware game that allowed you to buy and sell drugs with other local dealers and junkies. Unfortunately Apple did not approve of the game, because of the adult nature, so the developers had to make a change. Now instead of drugs we have sweets and pastries, but we could keep the drugs in Cydia right? In the first app I am aware of to have the new policy apply to it, a decision had to be made, you can only put it in the app store if you take down the version for the jail broken devices. Hope may be on the way though, with installable skins that will be the flow of narcotics back to our veins.

Developers Site

Apple App Store: Underworld