[Previous Article | Next Article | Index of Articles]
This article first appeared in the June 1998 issue of the Louisville Computer News. It was written by Lee Larson.
Perhaps it's a sign of getting older and set in my ways, but a couple of happenings in the Macintosh universe really invaded my personal space last month.
The first of these was the announcement that the familiar rainbow-colored Apple logo is losing its stripes. Steve Jobs is widely quoted as saying "The stripes just felt like the '70s or early '80s." He says the apple will have only one color from now on, and will be known by its shape alone, like the Nike swoosh.
Jobs doesn't paraphrase Henry Ford by saying the apple can be any color as long as it's black, but he's well-known for favoring black clothes and some of us remember his all-black computers from NeXT. Several pieces of Apple correspondence I've recently received have had black apples on them. A black apple with a bite out of it brings to mind Sleeping Beauty, or Adam and Eve.
What does it say about our times when a corporate logo can't be a bit whimsical? Please, Steve, don't put a black apple in our menu bar!
The second event was the appearance of the first Mac-specific virus in almost three years.
It was first noticed during late April in Hong Kong and quickly began to spread around the city. The Macintosh anti-virus community quickly named it Autostart-9805. So far, anti-virus experts don't believe AutoStart-9805 has spread much beyond the desktop publishing community in Hong Kong, so it should be possible to keep it from spreading much farther.
To be more precise, Autostart-9805 is not actually a virus; it is the very first Macintosh worm. Autostart-9805 takes advantage of a feature in QuickTime 2.0 and later that enables CD-ROMs to start a program immediately upon insertion. (In QuickTime 2.5 and later, the QuickTime Settings control panel lets the user disable this feature.) The worm only operates on a PowerPC system running the Mac OS, and will only infect a computer that's running QuickTime 2.0 or later with the CD-ROM AutoPlay feature enabled.
Autostart-9805 is definitely malicious. About every thirty minutes, it searches mounted volumes for files whose names end with "data", "cod", or "csa" and whose data forks are larger than 100 bytes, or files ending with "dat" that are larger than about 2 MB. When it finds such a file, the worm overwrites approximately the first 1 MB of the data fork with garbage.
Since 1989, many of us have relied upon a wonderful free program called Disinfectant to protect us from viruses. It was written by John Norstad of Northwestern University, and was usually the first to be updated when a new virus appeared.
After Autostart-9805 was confirmed, I began waiting for a new version of Disinfectant to appear. Instead, the following announcement came from John Norstad. "I regret to announce that I am officially retiring Disinfectant, our free anti-viral utility for the Macintosh. The current version 3.7.1 is the last version. Disinfectant will not be updated for the new Autostart-9805 worm or for any future viruses, worms, or other Macintosh malware I made this decision not because of the new Autostart-9805 worm, but rather because of the widespread and dangerous Microsoft macro virus problem. I believe that there are now well over 1000 of these viruses, and many new ones are discovered every month. They are now a much more serious problem for Mac users than are the classic Mac system viruses. I simply do not have the resources to combat a problem which is this huge in scope and complexity."
We should all be grateful to John Norstad for the decade of selfless work he has performed to make our lives easier. He's certainly done more than anyone else to prevent viruses from becoming a major problem on Mac OS. We understand his decision, and are sorry to see Disinfectant reach the end of its run. It's ironic that a virus problem originating mostly from Windows 95 is the demise of one of the best anti-virus programs on the Mac.
This leaves open the problem of what software to use instead of Disinfectant. There is a free program, called Eradicator 1.01, which stops and prevents the Autostart-9805 worm. It can be downloaded from http://www.uptown.com/.
At this time, several of the commercial programs have been updated to deal with the Autostart-9805 worm. They include the following.
Dr. Solomon's Software publishes two anti-virus programs for the Macintosh: Virex and Dr. Solomon's Anti Virus Toolkit. They have already published an update for Virex to handle the new worm.
Symantec has been publishing SAM, short for Symantec AntiVirus for Macintosh. There is an Autostart-9805 upgrade available. Note that Symantec has recently also announced a major upgrade to SUM, called NUM, or Norton AntiVirus for Macintosh. This new program will be released very soon, and will also be aware of Autostart-9805.
Intego, publishers of Rival, are now promising an upgrade "in a few days" to handle Autostart-9805. That upgrade should certainly be available by the time this is published.
McAfee VirusScan has not yet announced an upgrade, but they have promised one will certainly be coming shortly.
Problems With Zip Plus Drives
Iomega recently introduced the Zip Plus drive as an upgrade to its wildly successful Zip drives. Iomega's publicity calls the Zip Plus "a faster and more reliable version of the original Zip." But, they dropped the ball on their SCSI version.
The problem is that Zip Plus drives have what Iomega tech support calls a "hardware anomaly" that prevents its use with a SCSI daisy chain and adaptors such as those needed to connect them to PowerBooks. This hardware problem will not be fixed. All future drives will have packaging warning about these SCSI problems. The drives work as well as the original Zip, when not connected to a SCSI daisy chain.
If you have one of these new drives, call Iomega at (801)779-6100 and ask for Extension 1810. This connects you to a special quality assurance program for Zip Plus owners. They will exchange your Zip Plus for a regular Zip Drive plus six additional cartridges.
Quicken 98 Falls and Rises Again
In a confusing series of events, Intuit announced on April 17 that it was "ending development of the Macintosh version of Quicken 98." The reason cited was "low sales of the product." Steve Jobs immediately promised to explore possibilities with Intuit for continuing development. On May 5, Intuit said in a press release "having seen what Apple is planning for consumer products, we're thrilled to announce renewed support for the Macintosh."
What makes this all so confusing is that Bill Campbell, President of Intuit, is a former President of Claris and sits on Apple's board of Directors. Why was a member of Apple's own Board of Directors unaware of what Apple is planning in the consumer marketplace? Or, was he unaware of what his own company planned?
Louisville Computer Society
The June 22 meeting of the Louisville Computer Society will feature Bob Smaracko and Greg Willmore of Apple Computer. Topics they have promised to discuss include: Apple the company-an update; product reviews, including the newest desktop and laptop CPUs; and, software updates, including QuickTime and Rhapsody. The Louisville Computer Society meets on the fourth Wednesday evening of every month at 7:00 PM in the East Government Center on Juneau Drive in Middletown. For more information, see their web site at http://www.aye.net/~lcs, or e-mail lcs@aye.net.
[Previous Article
| Next Article | Index
of Articles]
/home2/lee/www/cgi-bin/textcounterdata/ [TextCounter Fatal Error: Could Not Write to File __lee_macwritings_LCN9806_shtml]