The tech media this week reported a vulnerability in OS X security. It exists and while this exploit can work malicious deeds, a simple setting will prevent it from working.
The offensive item at hand is not a virus or Trojan, but a process. If you surf to a Web page while vulnerable and click on a link, Safari will download the file, which is a Terminal script. Terminal (the OS X command line interface) will open automatically and run the script. Somebody can do a lot of damage to your files and/or hard drive that way.
There are two easy ways to prevent the file from running automatically. You can run Firefox, which won’t automatically open files unless you ask it to. Don’t do that. In Safari, you need to check the setting of the “Open ‘safe’ files after downloading” box. Open your Safari preferences and make sure that box is not checked:
You can read discussion at Slashdot for more opinions.
A second development that interests me as a teacher of HTML and online publication is the new Google Pages. Google has come out with an online Web design app and is willing to host any pages you create for free, up to 100 MB worth. It doesn’t get better than that. You can work on your pages in a WYSIWYG interface or in straight code. It doesn’t work with Safari, but you can use the latest Firefox in OS X and Google Pages will work fine. Here’s a small sample page I just mocked up.
If you look at the code, you’ll note that Google Pages relies heavily on CSS. Unfortunately, when you use the code edit feature of Google Pages, you can see the code for the entire page. You can only work div by div. That will limit the usefulness of Google Pages in my classes. I’m not sure whether or not you can upload previously coded pages for Google Pages to host. You can upload files, so perhaps you can. I’ll have to test that. If you try, please let me know with a comment.