Archive for April 25, 2016

Monday, April 25, 2016

Outsmarting the Smart Dash

Eddie Smith:

All that to say, it’s unfortunate that you can’t separately turn on/off smart dashes and quotes in System Preferences. Fortunately, though, you still can through Terminal with:

defaults write 'Apple Global Domain' NSAutomaticDashSubstitutionEnabled 0

Update (2016-04-25): Rosyna Keller notes that it’s best to avoid “Apple Global Domain”:

defaults write -g NSAutomaticDashSubstitutionEnabled 0

Towards Generic Ransomware Detection

Patrick Wardle:

I don’t claim to be an expert on ransomware, but after studying various specimens, a general (and obvious?) commonality seems to be that ransomware rapidly encrypts user files. (And after googling around, it appears that others allude to having perhaps similar ideas - at least for Windows). So to me, this rapid encryption of user files, seemed like a promising heuristic that could lead to the generic detection and prevention of ransomware.

Short URLs Considered Harmful for Cloud Services

Vitaly Shmatikov (via Bruce Schneier):

Short URLs produced by bit.ly, goo.gl, and similar services are so short that they can be scanned by brute force.  Our scan discovered a large number of Microsoft OneDrive accounts with private documents.  Many of these accounts are unlocked and allow anyone to inject malware that will be automatically downloaded to users’ devices.  We also discovered many driving directions that reveal sensitive information for identifiable individuals, including their visits to specialized medical facilities, prisons, and adult establishments.

Nick Heer:

At any rate, the owners of the services in question quickly modified their code so that short links couldn’t be brute-forced or automatically crawled, and measures were put in place to limit access rates on any particular link.

This stuff was solved years ago on services built by a single developer. This shouldn’t be an issue at large companies like Google and Microsoft.

BitTorrent Sync: for Privacy, Speed, and Control

TJ Luoma:

BTS can sync any folder, as long as you can make changes to that folder. They can be named and located anywhere.

[…]

Imagine you have a folder that you want to sync between your iMac and your MacBook. That folder can sync even if they are not on the same network, but if they are (i.e. both are on your home or work LAN) then transfers are fast.

[…]

You can disconnect a sync folder from a computer, in which case it is just like Dropbox’s selective sync. The difference is that you can easily look down the main BTS window and see which folders are disconnected.

But if you choose Selective Sync, what happens is so much cooler. Each file is represented by an empty “placeholder” file, which ends with some sort of “bts” suffix. For example, a video file would be “.btsv”. However, you can see all of the files that are in the selectively sync’d folder, and if you need one, just double-click it and it will sync to your computer and then be opened.

[…]

Files are kept for 30 days, and versioned, so that if you save a new version over an old version, that old version is also saved for 30 days.