MobileMe calendar upgrade - how to amend email address?
MobileMe asked me recently to upgrade to the new calendar version, which I reluctantly did. Now if I set up a Calendar entry via iCal and invite others, the invitation is sent from my me.com email address, rather than the one I usually use. I can't see anything obvious, how do I override this setting and have iCal send invitations from an email address other than me.com ? I only have my me.com address in order to have a MobileMe account, so I don't want to use it publicly. Cheers, Steven -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Certificate Hijacking
Hello WAMUGers, Recently there was announced 'certificate hijacking' when using the web to access SSL (Secure Sockets Layer) sites. I checked my Keychain to see what was the ‘Default’ setting; to find that OCSP is not enabled by Default. It is OFF. To Enable it: 1. Open Keychain Access from Applications Utilities. Choose Keychain Access Preferences. 2. Click on the Certificates tab. Set the first two options, for OCSP and CRL, to Best Attempt, and leave priority set to OCSP This will tell Safari, or any other program that uses the built-in certificates on Mac OS X, to check these servers before accepting any SSL certificate on a web site. Definitions: “Online Certificate Status Protocol (OCSP)” “Certificate Revocation List (CRL)” Cheers, Ronni 17 MacBook Pro Intel Core i7 2.66GHz / 8GB / 1067 MHz DDR3 / 500GB Serial ATA Drive @ 7200rpm OS X 10.6.6 Snow Leopard Windows 7 Ultimate (under sufferance) -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: Certificate Hijacking
Ronni Thanks for the advice which I have followed. But I don't understand what 'certificate hijacking' is. It sounds bad. Can you explain it briefly? David Nicholas On 25/03/2011, at 3:13 PM, Ronda Brown wrote: Hello WAMUGers, Recently there was announced 'certificate hijacking' when using the web to access SSL (Secure Sockets Layer) sites. I checked my Keychain to see what was the ‘Default’ setting; to find that OCSP is not enabled by Default. It is OFF. To Enable it: 1. Open Keychain Access from Applications Utilities. Choose Keychain Access Preferences. 2. Click on the Certificates tab. Set the first two options, for OCSP and CRL, to Best Attempt, and leave priority set to OCSP This will tell Safari, or any other program that uses the built-in certificates on Mac OS X, to check these servers before accepting any SSL certificate on a web site. Definitions: “Online Certificate Status Protocol (OCSP)” “Certificate Revocation List (CRL)” Cheers, Ronni 17 MacBook Pro Intel Core i7 2.66GHz / 8GB / 1067 MHz DDR3 / 500GB Serial ATA Drive @ 7200rpm OS X 10.6.6 Snow Leopard Windows 7 Ultimate (under sufferance) -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Telephone scam - your computer has viruses etc.
-- One of our friends was recently taken in by a telephone scam, and handed over her credit card details. -- Now just this afternoon I received two calls from the same scammer. The first was from a foreign-accent woman saying she was calling from the Computer Maintaining Department of Windows Operating Systems. (Incidentally this was at exactly 3.30 pm to my home phone, 9381 7341, don't know if this can be traced now). -- The caller asked whether I had realized that my computer had numerous viruses, was I finding it was running more slowly? When I asked for further details of who she was ringing for, she rang off. -- The second call was 10 minutes later, from 'Rachael, of the Technical Department of ?TechMajini? (also with foreign accent). I asked her for her phone number, she read back my own number, and rang off. -- I'm not sure what 'service' our friend enrolled for, but she ended up cancelling her credit card. -- A copy of this email is going to wascamnet as below. Cheers -- David Noel 2011 Mar 25 Email To send any suspicious emails for view and monitoring write to:wascam...@commerce.wa.gov.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: Certificate Hijacking
Hi David, On 25/03/2011, at 3:29 PM, David Nicholas wrote: Ronni Thanks for the advice which I have followed. But I don't understand what 'certificate hijacking' is. It sounds bad. It is! Can you explain it briefly? Not really briefly, as I don’t know how much you understand about Secure sites and Security. I’ll try to give a brief explanation. The Security Part: When you surf the web, you trust certain web sites where you provide confidential information, such as credit card numbers, or where you access and send e-mail. Certain applications that connect to remote servers also depend on this type of trust. A broad system based on the SSL (Secure Sockets Layer) protocol ensures that when you visit a web site, such as Apple.com, Amazon.com or Google’s Gmail, that the site is indeed what it pretends to be. Example: Google’s Mail: The HTTPS Communication Process Basically works out as follows: 1. The client browser connects to http://mail.google.com on port 80 using HTTP. 2. The server redirects the client HTTPS version of this site using an HTTP code 302 redirect. 3. The client connects to https://mail.google.com on port 443. 4. The server provides a certificate to the client containing its digital signature. This certificate is used to verify the identity of the site. 5. The client takes this certificate and verifies it against its list of trusted certificate authorities. 6. Encrypted communication ensues. If the certificate validation process fails then that means the website has failed to verify its identity. At that point the user is typically presented with a certificate validation error and they can choose to proceed at their own risk, because they may or may not actually be communicating with the website they think they are talking to. Now the Hijacking part: There are a limited number of companies authorised, and recognised, who issue such certificates. One of these, Comodo, was recently hacked, and certain individuals were able to buy nine digital certificates for major web sites, including mail.google.com, login.yahoo.com, login.skype.com and addons.mozilla.org. This means that the malicious users who obtained these certificates will be able to set up web sites that can spoof users who check for the visual signs of trust shown above. They may be able to use these for phishing attacks as well; when you click on a link, and go to a site, if you see these signs indicating security, you’re likely to trust them. In addition, this goes beyond just web usage. The same system is used when you log into Gmail using an e-mail program, or when you log into Skype via their application. When using public wifi networks, it’s possible that a man-in-the-middle attack may be able to spoof local DNS resources and lead you to a booby-trapped server. Now Preventing a Hijacking Attack: Is to make sure that OCSP the settings I mentioned below are ON to ensure that your Mac is protected. This affects not just Safari, but Mac OS X in general; certificate validation is a system-wide API. However, not all applications use this system Note: Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. Hope that helps explain a bit for you. Cheers, Ronni On 25/03/2011, at 3:13 PM, Ronda Brown wrote: Hello WAMUGers, Recently there was announced 'certificate hijacking' when using the web to access SSL (Secure Sockets Layer) sites. I checked my Keychain to see what was the ‘Default’ setting; to find that OCSP is not enabled by Default. It is OFF. To Enable it: 1. Open Keychain Access from Applications Utilities. Choose Keychain Access Preferences. 2. Click on the Certificates tab. Set the first two options, for OCSP and CRL, to Best Attempt, and leave priority set to OCSP This will tell Safari, or any other program that uses the built-in certificates on Mac OS X, to check these servers before accepting any SSL certificate on a web site. Definitions: “Online Certificate Status Protocol (OCSP)” “Certificate Revocation List (CRL)” Cheers, Ronni 17 MacBook Pro Intel Core i7 2.66GHz / 8GB / 1067 MHz DDR3 / 500GB Serial ATA Drive @ 7200rpm OS X 10.6.6 Snow Leopard Windows 7 Ultimate (under sufferance) -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Telephone scam - your computer has viruses etc.
-- The message to wascamnet had this automatic response of relevance David / Mar 25 -- Forwarded message -- From: WA Scamnet wascam...@commerce.wa.gov.au Date: 25 March 2011 16:11 Subject: Thank you for contacting WA Scam Net - October - December 2010 To: David Noel lis...@aoi.com.au Scam Query Auto Response Subject: Thank you for contacting WA ScamNet October - December 2010 Thank you for contacting Scam Query. Due to the large amount of information we receive from the public it may be a few days before we are able to respond to your email but rest assured one of our officers will contact you as soon as possible. You can report scam mail directly to WAScamNet by forwarding emails to wascam...@commerce.wa.gov.au or by clicking here mailto:wascam...@commerce.wa.gov.au . Please note this is an automated response and no response is required. WA ScamNet News - Fourth Quarter 2010 Otep Prizes and Lotteries Consumers all over Western Australia have recently reported receiving letters from a company called Otep. The letter contained official sounding jargon congratulating the consumer of being chosen to win $1,463,590. The surprise correspondence encourages consumers to send $30 to a PO Box number in Florida to claim the prize. There are probably thousands of others who have also been chosen to receive the unallocated funds. Similar scams include: ACP AustroCanadian Lottery. Phone scammers pose as Microsoft. Several Western Australians have paid out hundreds of dollars to over-the-phone scammers posing as Microsoft computer technicians. They have put themselves at risk of identity theft by allowing the cold-callers to remotely access their PCs. You may be asked to log onto a website which allows the cold caller to gain remote access to your computer. You can see this as the curser moves when you are not using the mouse. The scammer can alter security or anti-virus software settings, or add a keystroke recorder to your PC. This means that your secure personal details may be fraudulently used when using banking or trading online. WA Scamnet advises: * Never let unknown third parties access your computer. * Regularly scan PC's with an up to date virus detection program. * Do not be fooled by legitimate sounding organisation names like Windows Security or Windows Service Centre Website Warning -cheaper-flights.com.au A flights website was wrongly claiming to be based in Australia, falsely used an ABN number belonging to a licensed WA travel agency and was selling tickets for an airline it was not authorised to represent. The site was operating out of Europe and the emails which they sent to customers emanated from the United States. The site offered airfares at lower than market-rate prices and advertised via social media. The prices offered were said to be 50% or less than market rates and the tickets were issued 7 days before departure. In addition to cheaper-flights.com.au, the Queensland Police outed 3 other dodgy flight websites, cheapflightsonly.net, onlycheapflights.net and flisave.com. In general when making travel bookings online, be alert to unusually cheap fares, contact us to check the details and remember if you deal with a licensed travel agent in Australia you have a higher level of protection through the Travel Compensation Fund. International students devastated by accommodation scam. Several international students have been conned out of thousands of dollars in an accommodation scam. The students were tricked into paying rent and bond money for rooms in Perth to someone pretending to own the already occupied properties. The scammers advertise rooms to rent via Gumtree and Shared-Accommodation. Usually it is an exceptionally good deal which may include scans of fake documents to verify the landlord's identity and ownership of the rental property. A wire transfer or bank deposit is then requested for the first months rent and the bond. Consumers in doubt about an online transaction should check out the detailed advice on the WA ScamNet website www.commerce.wa.gov.au/wascamnet. WA ScamNet Alerts - Sign up Now! Subscribe now to receive the latest information from the WA ScamNet team. To receive an email about the latest scams named on our website click here http://www.commerce.wa.gov.au/ConsumerProtection/scamnet/default.html and click on 'subscribe today'. Reduce Spam in your inbox! If you have been a target of spam emails, we recommend that you report these directly to the Australian Communications and Media Authority (ACMA). For further information about Australia's Anti-Spam legislation or to report spam please visit www.spam.acma.gov.au/. The WAScamNet team thanks you for reporting suspicious emails, letters and faxes to us. Your efforts have helped WA ScamNet become a vital force in the fight against scams, with consumers using the information on the website to protect themselves and their families.
Re: MobileMe calendar upgrade - how to amend email address?
On 25/03/2011, at 2:03 PM, Steven Knowles wrote: MobileMe asked me recently to upgrade to the new calendar version, which I reluctantly did. Now if I set up a Calendar entry via iCal and invite others, the invitation is sent from my me.com email address, rather than the one I usually use. I can't see anything obvious, how do I override this setting and have iCal send invitations from an email address other than me.com ? I only have my me.com address in order to have a MobileMe account, so I don't want to use it publicly. Hi Steven I don’t have an answer for you, other than send feedback to Apple. This is what Apple Support had to say: I do understand your concerns and see how this issue can be frustrating. Unfortunately at this time The new MobileMe calendar does not support inviting people to calendar events with personal emails. I do encourage you to leave feedback about this feature as our engineers do look at customer feedback to help make our features to customers better.” http://discussions.info.apple.com/thread.jspa?threadID=2790250tstart=0 Cheers, Ronni 17 MacBook Pro Intel Core i7 2.66GHz / 8GB / 1067 MHz DDR3 / 500GB Serial ATA Drive @ 7200rpm OS X 10.6.6 Snow Leopard Windows 7 Ultimate (under sufferance) -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: For those hoping to rush out Friday MORNING to get an iPad 2
I hope that there is no delay with the 5.00pm delivery time for IPad 2 as there are over 50 people camped on the street outside the Apple shop in Hay Street at 2.00pm today Graeme On 24/03/2011, at 12:45 PM, Daniel Kerr wrote: If you don't want to explain it for a while feel free to get it delivered to me. I'll look after it for you then you wont need to explain it :) Not til later :) Or get those iPad covers that look like real books. (see tryandbyte.com.au and iPad twelve south cover I think it is) :) Kind regards Daniel Sent from my iPhone --- Daniel Kerr MacWizardry Phone: 0414 795 960 Email: dan...@macwizardry.com.au Web:http://www.macwizardry.com.au **For Everything Macintosh** On 24/03/2011, at 12:26 PM, Pedro pfow...@iinet.net.au wrote: Thank you Daniel I think I can stay up till 10:00pm tonight. I will have to explain to Ali when it arrives and she says what is this ha Cheers Pedro Another iPhone production On 24/03/2011, at 12:16, Daniel Kerr dan...@macwizardry.com.au wrote: I believe yes it is EST 1am that you can order it online. Though 5pm pickup will be rolling time zones I'm sure :) Kind regards Daniel Sent from my iPhone --- Daniel Kerr MacWizardry Phone: 0414 795 960 Email: dan...@macwizardry.com.au Web:http://www.macwizardry.com.au **For Everything Macintosh** On 24/03/2011, at 11:35 AM, Pedro pfow...@iinet.net.au wrote: Morning all Is that 1:00 am EST Cheers Pedro Another iPhone production On 22/03/2011, at 21:38, Daniel Kerr wa...@macwizardry.com.au wrote: Hi All For those hoping to rush out bright and early Friday morning to get an iPad v2, according to the rumour sites, they may not go on sale until 5pm. http://www.macrumors.com/2011/03/22/apple-officially-confirms-ipad-2-launch es-in-25-countries-on-friday/ /quote pple today officially confirmed that it will launch sales of the iPad in 25 new countries on Friday: Australia, Austria, Belgium, Canada, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Luxembourg, Mexico, Netherlands, New Zealand, Norway, Poland, Portugal, Spain, Sweden, Switzerland and the UK. As with the U.S. launch, online sales will begin at 1:00 AM Friday in each country, with in-store availability set for 5:00 PM at Apple retail stores and select resellers. /end quote I would also think it will be very very limited. And according to a post on Whirlpool, these are meant to be the prices:- Pricing MC769X/A iPad 2 Black 16GB – Wi-Fi $579.00 MC773X/A iPad 2 Black 16GB – Wi-Fi + 3G $729.00 MC770X/A iPad 2 Black 32GB – Wi-Fi $689.00 MC774X/A iPad 2 Black 32GB – Wi-Fi + 3G $839.00 MC916X/A iPad 2 Black 64GB – Wi-Fi $799.00 MC775X/A iPad 2 Black 64GB – Wi-Fi + 3G $949.00 Just posting for speculation purposes :) Kind Regards Daniel /shakes head in wonder, --- Daniel Kerr MacWizardry Phone: 0414 795 960 Email: daniel @ macwizardry . com . au Web: http://www.macwizardry.com.au **For everything Macintosh** -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au iMac 27 Intel Core 2 Duo 3.06GHz 4GB 1067MHz RAM / 1TB Running OS X v 10.6.4 Windows XP for MYOB -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
updating ipod software
Hi Everyone I have an ipod touch (4th gen) that I intend using for our family get together in April for some music. Each time I link it to itunes on my MBPro, it asks me if I would like to update its software to 4.3. I would like to and have tried many times, only to find it was going to take more than 6 hrs (and up to a day or 2)!!! Im not sure if this usual for this model. Can someone please advise if it is and I wont be impatient any more!! Best regards to all Chris -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: MobileMe calendar upgrade - how to amend email address?
Thanks Ronni. Subsequently found same quote at the support forums also. As I alluded to at the forums, the move is either sneaky, or stupid, and has put a dent in my respect for Apple. On 25/03/2011, at 6:43 PM, Ronda Brown wrote: On 25/03/2011, at 2:03 PM, Steven Knowles wrote: MobileMe asked me recently to upgrade to the new calendar version, which I reluctantly did. Now if I set up a Calendar entry via iCal and invite others, the invitation is sent from my me.com email address, rather than the one I usually use. I can't see anything obvious, how do I override this setting and have iCal send invitations from an email address other than me.com ? I only have my me.com address in order to have a MobileMe account, so I don't want to use it publicly. Hi Steven I don’t have an answer for you, other than send feedback to Apple. This is what Apple Support had to say: I do understand your concerns and see how this issue can be frustrating. Unfortunately at this time The new MobileMe calendar does not support inviting people to calendar events with personal emails. I do encourage you to leave feedback about this feature as our engineers do look at customer feedback to help make our features to customers better.” http://discussions.info.apple.com/thread.jspa?threadID=2790250tstart=0 Cheers, Ronni -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: Telephone scam - your computer has viruses etc.
On 25 Mar 2011, at 4:17 PM, David Noel wrote: -- The message to wascamnet had this automatic response of relevance David / Mar 25 David I have had number of similar calls in recent months. As soon as I say that I am a Macintosh user the caller hangs up. Ian -- Forwarded message -- From: WA Scamnet wascam...@commerce.wa.gov.au Date: 25 March 2011 16:11 Subject: Thank you for contacting WA Scam Net - October - December 2010 To: David Noel lis...@aoi.com.au Scam Query Auto Response Subject: Thank you for contacting WA ScamNet October - December 2010 Thank you for contacting Scam Query. Due to the large amount of information we receive from the public it may be a few days before we are able to respond to your email but rest assured one of our officers will contact you as soon as possible. You can report scam mail directly to WAScamNet by forwarding emails to wascam...@commerce.wa.gov.au or by clicking here mailto:wascam...@commerce.wa.gov.au . Please note this is an automated response and no response is required. WA ScamNet News - Fourth Quarter 2010 Otep Prizes and Lotteries Consumers all over Western Australia have recently reported receiving letters from a company called Otep. The letter contained official sounding jargon congratulating the consumer of being chosen to win $1,463,590. The surprise correspondence encourages consumers to send $30 to a PO Box number in Florida to claim the prize. There are probably thousands of others who have also been chosen to receive the unallocated funds.Similar scams include: ACP AustroCanadian Lottery. Phone scammers pose as Microsoft. Several Western Australians have paid out hundreds of dollars to over-the-phone scammers posing as Microsoft computer technicians. They have put themselves at risk of identity theft by allowing the cold-callers to remotely access their PCs. You may be asked to log onto a website which allows the cold caller to gain remote access to your computer.You can see this as the curser moves when you are not using the mouse. The scammer can alter security or anti-virus software settings, or add a keystroke recorder to your PC. This means that your secure personal details may be fraudulently used when using banking or trading online. WA Scamnet advises: * Never let unknown third parties access your computer. * Regularly scan PC's with an up to date virus detection program. * Do not be fooled by legitimate sounding organisation names like Windows Security or Windows Service Centre Website Warning -cheaper-flights.com.au A flights website was wrongly claiming to be based in Australia, falsely used an ABN number belonging to a licensed WA travel agency and was selling tickets for an airline it was not authorised to represent. The site was operating out of Europe and the emails which they sent to customers emanated from the United States. The site offered airfares at lower than market-rate prices and advertised via social media. The prices offered were said to be 50% or less than market rates and the tickets were issued 7 days before departure. In addition to cheaper-flights.com.au, the Queensland Police outed 3 other dodgy flight websites, cheapflightsonly.net, onlycheapflights.net and flisave.com. In general when making travel bookings online, be alert to unusually cheap fares, contact us to check the details and remember if you deal with a licensed travel agent in Australia you have a higher level of protection through the Travel Compensation Fund. International students devastated by accommodation scam. Several international students have been conned out of thousands of dollars in an accommodation scam. The students were tricked into paying rent and bond money for rooms in Perth to someone pretending to own the already occupied properties. The scammers advertise rooms to rent via Gumtree and Shared-Accommodation. Usually it is an exceptionally good deal which may include scans of fake documents to verify the landlord's identity and ownership of the rental property. A wire transfer or bank deposit is then requested for the first months rent and the bond. Consumers in doubt about an online transaction should check out the detailed advice on the WA ScamNet website www.commerce.wa.gov.au/wascamnet. WA ScamNet Alerts - Sign up Now! Subscribe now to receive the latest information from the WA ScamNet team. To receive an email about the latest scams named on our website click here http://www.commerce.wa.gov.au/ConsumerProtection/scamnet/default.html and click on 'subscribe today'. Reduce Spam in your inbox! If you have been a target of spam emails, we recommend that you report these directly to the Australian Communications and Media Authority (ACMA). For further information about Australia's Anti-Spam legislation or to report spam please visit www.spam.acma.gov.au/. The WAScamNet team thanks you for reporting suspicious emails, letters and faxes to us.
Re: updating ipod software
On 25/03/2011, at 7:57 PM, Chris Burton wrote: Each time I link it to itunes on my MBPro, it asks me if I would like to update its software to 4.3. I would like to and have tried many times, only to find it was going to take more than 6 hrs (and up to a day or 2)!!! Im not sure if this usual for this model. Can someone please advise if it is and I wont be impatient any more!! It's not based on the model of iPod (nor iPhone or iPad)... this update seems to be generally slow in downloading... it is around 600MB, if you can believe that!!! I updated an iPhone 4 and iPod touch 3rd Gen last night... one took nearly 3 hours and the other mere 2 hours... when I did my own iPhone 4 the day the update was released, it took three attempts... and ultimately eight hours to download. These were all on an iiNet connection, with lots of other uploads and downloads happening at the same time. Also, the time indicator will change over time as network traffic changes... he 3 hour one last night originally said it'd take 18 hours, quickly changed to 10 hours and then wavered about between 1 and 10 hours as it downloaded -- Nicholas Pyers (nicho...@appleusers.org) Founder Publisher, AppleUsers.org http://www.appleusers.org/ -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: Certificate Hijacking
Thanks Ronni for the sound advice and the clear explanation! Cheers, Carlo On 2011-03-25, at 16:16, Ronda Brown wrote: Hi David, On 25/03/2011, at 3:29 PM, David Nicholas wrote: Ronni Thanks for the advice which I have followed. But I don't understand what 'certificate hijacking' is. It sounds bad. It is! Can you explain it briefly? Not really briefly, as I don’t know how much you understand about Secure sites and Security. I’ll try to give a brief explanation. The Security Part: When you surf the web, you trust certain web sites where you provide confidential information, such as credit card numbers, or where you access and send e-mail. Certain applications that connect to remote servers also depend on this type of trust. A broad system based on the SSL (Secure Sockets Layer) protocol ensures that when you visit a web site, such as Apple.com, Amazon.com or Google’s Gmail, that the site is indeed what it pretends to be. Example: Google’s Mail: The HTTPS Communication Process Basically works out as follows: 1. The client browser connects to http://mail.google.com on port 80 using HTTP. 2. The server redirects the client HTTPS version of this site using an HTTP code 302 redirect. 3. The client connects to https://mail.google.com on port 443. 4. The server provides a certificate to the client containing its digital signature. This certificate is used to verify the identity of the site. 5. The client takes this certificate and verifies it against its list of trusted certificate authorities. 6. Encrypted communication ensues. If the certificate validation process fails then that means the website has failed to verify its identity. At that point the user is typically presented with a certificate validation error and they can choose to proceed at their own risk, because they may or may not actually be communicating with the website they think they are talking to. Now the Hijacking part: There are a limited number of companies authorised, and recognised, who issue such certificates. One of these, Comodo, was recently hacked, and certain individuals were able to buy nine digital certificates for major web sites, including mail.google.com, login.yahoo.com, login.skype.com and addons.mozilla.org. This means that the malicious users who obtained these certificates will be able to set up web sites that can spoof users who check for the visual signs of trust shown above. They may be able to use these for phishing attacks as well; when you click on a link, and go to a site, if you see these signs indicating security, you’re likely to trust them. In addition, this goes beyond just web usage. The same system is used when you log into Gmail using an e-mail program, or when you log into Skype via their application. When using public wifi networks, it’s possible that a man-in-the-middle attack may be able to spoof local DNS resources and lead you to a booby-trapped server. Now Preventing a Hijacking Attack: Is to make sure that OCSP the settings I mentioned below are ON to ensure that your Mac is protected. This affects not just Safari, but Mac OS X in general; certificate validation is a system-wide API. However, not all applications use this system Note: Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. Hope that helps explain a bit for you. Cheers, Ronni On 25/03/2011, at 3:13 PM, Ronda Brown wrote: Hello WAMUGers, Recently there was announced 'certificate hijacking' when using the web to access SSL (Secure Sockets Layer) sites. I checked my Keychain to see what was the ‘Default’ setting; to find that OCSP is not enabled by Default. It is OFF. To Enable it: 1. Open Keychain Access from Applications Utilities. Choose Keychain Access Preferences. 2. Click on the Certificates tab. Set the first two options, for OCSP and CRL, to Best Attempt, and leave priority set to OCSP This will tell Safari, or any other program that uses the built-in certificates on Mac OS X, to check these servers before accepting any SSL certificate on a web site. Definitions: “Online Certificate Status Protocol (OCSP)” “Certificate Revocation List (CRL)” Cheers, Ronni 17 MacBook Pro Intel Core i7 2.66GHz / 8GB / 1067 MHz DDR3 / 500GB Serial ATA Drive @ 7200rpm OS X 10.6.6 Snow Leopard Windows 7 Ultimate (under sufferance) -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group
Re: updating ipod software
Hi Chris and Nicholas, I don't think the problem is with the iOS 4.3 update in particular. I updated some weeks back and it is usually a matter of minutes for the download. I think the problem may be a general slowdown of the Apple servers related to the international release of iPad 2. I downloaded a three hour video from iTunes University last night and had to leave it to run overnight. It took about 5 hours to download whereas normally it would have taken the order of 15 minutes. Cheers, Carlo On 2011-03-25, at 17:18, Nicholas Pyers wrote: On 25/03/2011, at 7:57 PM, Chris Burton wrote: Each time I link it to itunes on my MBPro, it asks me if I would like to update its software to 4.3. I would like to and have tried many times, only to find it was going to take more than 6 hrs (and up to a day or 2)!!! Im not sure if this usual for this model. Can someone please advise if it is and I wont be impatient any more!! It's not based on the model of iPod (nor iPhone or iPad)... this update seems to be generally slow in downloading... it is around 600MB, if you can believe that!!! I updated an iPhone 4 and iPod touch 3rd Gen last night... one took nearly 3 hours and the other mere 2 hours... when I did my own iPhone 4 the day the update was released, it took three attempts... and ultimately eight hours to download. These were all on an iiNet connection, with lots of other uploads and downloads happening at the same time. Also, the time indicator will change over time as network traffic changes... he 3 hour one last night originally said it'd take 18 hours, quickly changed to 10 hours and then wavered about between 1 and 10 hours as it downloaded -- Nicholas Pyers (nicho...@appleusers.org) Founder Publisher, AppleUsers.org http://www.appleusers.org/ -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: MobileMe calendar upgrade - how to amend email address?
Hi Steven, Such a negative knee jerk reaction does make me less likely to respond. Apple's objective in serving the majority of its customers may not always align with your personal objectives. In any case I have just tested a work around that may or may not be useful in your case. One can create a calendar that is not part of Mobile Me by selecting in iCal File = New Calendar = On My Mac. An invitation sent from this calendar will then originate from your local Mail application rather than from the Mobile Me server. If that meets your requirements you can then transfer your appointments to this calendar with an export from the old calendar and an import to the new. The drawback of this workaround is that the calendar on your Mac will no longer be synchronised with Mobile Me. Another work around which likely does not apply in your case but may apply to some other members of WAMUG is that one can register one's own domain name with your Mobile Me account. I believe that then the mobile me email would then appear to come from your own domain name. Cheers, Carlo On 2011-03-25, at 17:05, Steven Knowles wrote: Thanks Ronni. Subsequently found same quote at the support forums also. As I alluded to at the forums, the move is either sneaky, or stupid, and has put a dent in my respect for Apple. On 25/03/2011, at 6:43 PM, Ronda Brown wrote: On 25/03/2011, at 2:03 PM, Steven Knowles wrote: MobileMe asked me recently to upgrade to the new calendar version, which I reluctantly did. Now if I set up a Calendar entry via iCal and invite others, the invitation is sent from my me.com email address, rather than the one I usually use. I can't see anything obvious, how do I override this setting and have iCal send invitations from an email address other than me.com ? I only have my me.com address in order to have a MobileMe account, so I don't want to use it publicly. Hi Steven I don’t have an answer for you, other than send feedback to Apple. This is what Apple Support had to say: I do understand your concerns and see how this issue can be frustrating. Unfortunately at this time The new MobileMe calendar does not support inviting people to calendar events with personal emails. I do encourage you to leave feedback about this feature as our engineers do look at customer feedback to help make our features to customers better.” http://discussions.info.apple.com/thread.jspa?threadID=2790250tstart=0 Cheers, Ronni -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: MobileMe calendar upgrade - how to amend email address?
Thanks Carlo. I appreciate you taking the time to take a look at the problem, it's a good suggestion. It won't work for me due to the sync issue, but may work for others. Yes, my response may be negative, but no apology there. Apple's move is negative. I don't consider it negative on the basis of my personal objectives not being aligned with Apple's wider objectives. My ego falls short of me thinking I'm the most important Mac user and therefore all users should think and use their Apple equipment like me. However Apple has: Encouraged paying MobileMe users to upgrade to the new Calendar without giving prior warning of this important issue. What about business users who, for privacy reasons, don't want his or her personal email address divulged to all? By the time it's discovered, it's too late. I can think of plenty of scenarios in which this could prove embarrassing for those who prefer to, or even need to, have clear demarcation between personal and business communications. Unintended disclosure of a personal email address can lead to the uncovering of all kinds of additional details of an individual. Removed choice in terms of how a user's calendar works, again with no advanced notice. knee-jerk - adjective. automatic and unthinking (Apple dictionary). My reaction is neither automatic nor unthinking. I've been an advocate for Apple since 1994, and I remain so, but after thinking about it, albeit it didn't take me long to decide, I stand by my view that the move is either sneaky or stupid, mainly because of the wider ramifications it will have for quite a few, and the nature of those ramifications, ie. potential breach of privacy. I don't need to align my view with those who don't think the move is neither sneaky nor stupid. We're not living in a police state. As terrific as most members of this group, including me, think Apple and its products generally are, Apple shouldn't be protected from the critical voice of its users, minority or otherwise, when an arguably dud decision is made. Any organisation which takes that view has a short life expectancy. Sure, some users will think the me.com only is a fine decision, others won't, and others won't give a hoot either way. But I'd be prepared to bet a large sum of money that I'm not a tiny minority of iCal /MobileMe users who don't want calendar invitations to come from an email address which invitees have never heard of. Especially when the user, a paying user mind you, finds out only after the event. No hard feelings Carlo, just healthy debate and me getting my back up momentarily about what may be well a knee-jerk comment from your side. Cheers, Steven On 25/03/2011, at 8:06 PM, cm wrote: Hi Steven, Such a negative knee jerk reaction does make me less likely to respond. Apple's objective in serving the majority of its customers may not always align with your personal objectives. In any case I have just tested a work around that may or may not be useful in your case. One can create a calendar that is not part of Mobile Me by selecting in iCal File = New Calendar = On My Mac. An invitation sent from this calendar will then originate from your local Mail application rather than from the Mobile Me server. If that meets your requirements you can then transfer your appointments to this calendar with an export from the old calendar and an import to the new. The drawback of this workaround is that the calendar on your Mac will no longer be synchronised with Mobile Me. Another work around which likely does not apply in your case but may apply to some other members of WAMUG is that one can register one's own domain name with your Mobile Me account. I believe that then the mobile me email would then appear to come from your own domain name. Cheers, Carlo On 2011-03-25, at 17:05, Steven Knowles wrote: Thanks Ronni. Subsequently found same quote at the support forums also. As I alluded to at the forums, the move is either sneaky, or stupid, and has put a dent in my respect for Apple. On 25/03/2011, at 6:43 PM, Ronda Brown wrote: On 25/03/2011, at 2:03 PM, Steven Knowles wrote: MobileMe asked me recently to upgrade to the new calendar version, which I reluctantly did. Now if I set up a Calendar entry via iCal and invite others, the invitation is sent from my me.com email address, rather than the one I usually use. I can't see anything obvious, how do I override this setting and have iCal send invitations from an email address other than me.com ? I only have my me.com address in order to have a MobileMe account, so I don't want to use it publicly. Hi Steven I don’t have an answer for you, other than send feedback to Apple. This is what Apple Support had to say: I do understand your concerns and see how this issue can be frustrating. Unfortunately at this time The new MobileMe calendar does not support inviting people
Re: Certificate Hijacking
Thanks Ronni. I now have a fairly good idea of what it is about. I didn't notice any stories about the hijacking. David On 25/03/2011, at 4:16 PM, Ronda Brown wrote: Hi David, On 25/03/2011, at 3:29 PM, David Nicholas wrote: Ronni Thanks for the advice which I have followed. But I don't understand what 'certificate hijacking' is. It sounds bad. It is! Can you explain it briefly? Not really briefly, as I don’t know how much you understand about Secure sites and Security. I’ll try to give a brief explanation. The Security Part: When you surf the web, you trust certain web sites where you provide confidential information, such as credit card numbers, or where you access and send e-mail. Certain applications that connect to remote servers also depend on this type of trust. A broad system based on the SSL (Secure Sockets Layer) protocol ensures that when you visit a web site, such as Apple.com, Amazon.com or Google’s Gmail, that the site is indeed what it pretends to be. Example: Google’s Mail: The HTTPS Communication Process Basically works out as follows: 1. The client browser connects to http://mail.google.com on port 80 using HTTP. 2. The server redirects the client HTTPS version of this site using an HTTP code 302 redirect. 3. The client connects to https://mail.google.com on port 443. 4. The server provides a certificate to the client containing its digital signature. This certificate is used to verify the identity of the site. 5. The client takes this certificate and verifies it against its list of trusted certificate authorities. 6. Encrypted communication ensues. If the certificate validation process fails then that means the website has failed to verify its identity. At that point the user is typically presented with a certificate validation error and they can choose to proceed at their own risk, because they may or may not actually be communicating with the website they think they are talking to. Now the Hijacking part: There are a limited number of companies authorised, and recognised, who issue such certificates. One of these, Comodo, was recently hacked, and certain individuals were able to buy nine digital certificates for major web sites, including mail.google.com, login.yahoo.com, login.skype.com and addons.mozilla.org. This means that the malicious users who obtained these certificates will be able to set up web sites that can spoof users who check for the visual signs of trust shown above. They may be able to use these for phishing attacks as well; when you click on a link, and go to a site, if you see these signs indicating security, you’re likely to trust them. In addition, this goes beyond just web usage. The same system is used when you log into Gmail using an e-mail program, or when you log into Skype via their application. When using public wifi networks, it’s possible that a man-in-the-middle attack may be able to spoof local DNS resources and lead you to a booby-trapped server. Now Preventing a Hijacking Attack: Is to make sure that OCSP the settings I mentioned below are ON to ensure that your Mac is protected. This affects not just Safari, but Mac OS X in general; certificate validation is a system-wide API. However, not all applications use this system Note: Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. Hope that helps explain a bit for you. Cheers, Ronni On 25/03/2011, at 3:13 PM, Ronda Brown wrote: Hello WAMUGers, Recently there was announced 'certificate hijacking' when using the web to access SSL (Secure Sockets Layer) sites. I checked my Keychain to see what was the ‘Default’ setting; to find that OCSP is not enabled by Default. It is OFF. To Enable it: 1. Open Keychain Access from Applications Utilities. Choose Keychain Access Preferences. 2. Click on the Certificates tab. Set the first two options, for OCSP and CRL, to Best Attempt, and leave priority set to OCSP This will tell Safari, or any other program that uses the built-in certificates on Mac OS X, to check these servers before accepting any SSL certificate on a web site. Definitions: “Online Certificate Status Protocol (OCSP)” “Certificate Revocation List (CRL)” Cheers, Ronni 17 MacBook Pro Intel Core i7 2.66GHz / 8GB / 1067 MHz DDR3 / 500GB Serial ATA Drive @ 7200rpm OS X 10.6.6 Snow Leopard Windows 7 Ultimate (under sufferance) -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe -
Re: MobileMe calendar upgrade - how to amend email address?
Hi Steven, I harbour no hard feelings at all for holding a rational debate. I know that it is annoying when an application or service does not meet our needs, particularly when it is a paid service and in your position I may feel the way you do. I do, however, want to put forward the case for a third motive (other than sneaky or stupid) for the design choices made in Mobile Me. It is the technical reason that the new Mobile Me service operates the way it does. Mobile Me is Apple's attempt to provide, for personal use, a low cost functional equivalent to Microsoft's Exchange Server. The features in particular that they wish to replicate are the sharing of calendars and of appointments -- no mean feat. Microsoft's solution is to charge a small business a large sum of money for a dedicated Exchange Server and computer (one small 100 person company that I worked for, paid $25,000 for their Exchange Server hardware and license). Running an Exchange Server is quite an experience and seems to use a good portion of the system admin's time. Mobile Me cannot match the experience provided by a personal dedicated Exchange Server but aims to deliver a subset of the features that Apple thinks users will find most useful. In the previous version of Mobile Me the calendar was local to your computer. Any invites were sent from your local computer and accepted back to your local computer. This made it easy to send the email from your local account. The new version of Mobile Me (previously in beta) allows one to share calendars with friends or to publish a calendar to a group. It also allows one to send invitations that require RSVPs. If you put an event on a shared calendar the event becomes visible to all those who are subscribing to your shared calendar. The shared event will also display the list of invitees and those who have accepted. The architecture Apple chose to solve this problem is to host all the shared calendars on a (presumable huge) Mobile Me server. Thus invites are sent from the shared server via the only SMTP service that the shared server is guaranteed to have access to -- namely Apple's own Mobile Me SMTP server. With extra work, Apple could associate an originating email address with each calendar, but this would have to be one email address per subscriber of each shared calendar, since if I subscribe to a calendar I want my invitation to come from me, whereas if you subscribe to a calendar you want the invitation to come from you. Note that this not even a feature of Exchange Server. So all the above is the third rationale that I mentioned. Namely that Apple has rolled out a fairly amazing service, but it will take a future iteration to add a feature that allows invitations to appear to come from a non Mobile Me registered email address. Cheers, Carlo On 2011-03-25, at 19:10, Steven Knowles wrote: Thanks Carlo. I appreciate you taking the time to take a look at the problem, it's a good suggestion. It won't work for me due to the sync issue, but may work for others. Yes, my response may be negative, but no apology there. Apple's move is negative. I don't consider it negative on the basis of my personal objectives not being aligned with Apple's wider objectives. My ego falls short of me thinking I'm the most important Mac user and therefore all users should think and use their Apple equipment like me. However Apple has: Encouraged paying MobileMe users to upgrade to the new Calendar without giving prior warning of this important issue. What about business users who, for privacy reasons, don't want his or her personal email address divulged to all? By the time it's discovered, it's too late. I can think of plenty of scenarios in which this could prove embarrassing for those who prefer to, or even need to, have clear demarcation between personal and business communications. Unintended disclosure of a personal email address can lead to the uncovering of all kinds of additional details of an individual. Removed choice in terms of how a user's calendar works, again with no advanced notice. knee-jerk - adjective. automatic and unthinking (Apple dictionary). My reaction is neither automatic nor unthinking. I've been an advocate for Apple since 1994, and I remain so, but after thinking about it, albeit it didn't take me long to decide, I stand by my view that the move is either sneaky or stupid, mainly because of the wider ramifications it will have for quite a few, and the nature of those ramifications, ie. potential breach of privacy. I don't need to align my view with those who don't think the move is neither sneaky nor stupid. We're not living in a police state. As terrific as most members of this group, including me, think Apple and its products generally are, Apple shouldn't be protected from the critical voice of its users, minority or otherwise, when an arguably dud decision is made. Any
Re: MobileMe calendar upgrade - how to amend email address?
Hi Carlo You have a deeper understanding than me of the underlying technologies involved, and thanks again for taking the time to explain extensively, it's appreciated. It's interesting, though pushes the limits of my technical capacity. Without wanting to be argumentative, I still think that regardless of technical considerations and limitations, a move like this by Apple has failed to do the right thing by that subset of customers who use MobileMe by virtue of its failure to inform, basic Change Management 101 stuff. The ramifications are quite tangible. Fortunately in my case I generated only one calendar invitation, to four invitees, before I figiured what was happening, but even then the flow on effects have wasted at least an hour of my time, as well as creating confusion and wasted the time of others. Multiply that a few million times, that's a potentially far reaching impact. Whether or not the transition is justified overall, the implementation has been botched by limiting the ability for layman consumers to make an informed decision, or plan for any impact it may have. It wouldn't surprise me if Apple finds itself on the receiving end of a legal action or two for failure to warn against a foreseeable consequence. Maybe the effect was buried in the fine print somewhere, but even if it was, this should have been a warning in BIG CAPS. Anyway, hoping for that future iteration soon! Surely there'll be plenty of call for it. Personally I've gotta put calendar invitations on hold, and no doubt it means I've gotta stop accepting invitations as well since the acknowledgment will no doubt issue from me.com. Lots of manual input :-( Cheers, Steven On 25/03/2011, at 10:15 PM, cm wrote: Hi Steven, I harbour no hard feelings at all for holding a rational debate. I know that it is annoying when an application or service does not meet our needs, particularly when it is a paid service and in your position I may feel the way you do. I do, however, want to put forward the case for a third motive (other than sneaky or stupid) for the design choices made in Mobile Me. It is the technical reason that the new Mobile Me service operates the way it does. Mobile Me is Apple's attempt to provide, for personal use, a low cost functional equivalent to Microsoft's Exchange Server. The features in particular that they wish to replicate are the sharing of calendars and of appointments -- no mean feat. Microsoft's solution is to charge a small business a large sum of money for a dedicated Exchange Server and computer (one small 100 person company that I worked for, paid $25,000 for their Exchange Server hardware and license). Running an Exchange Server is quite an experience and seems to use a good portion of the system admin's time. Mobile Me cannot match the experience provided by a personal dedicated Exchange Server but aims to deliver a subset of the features that Apple thinks users will find most useful. In the previous version of Mobile Me the calendar was local to your computer. Any invites were sent from your local computer and accepted back to your local computer. This made it easy to send the email from your local account. The new version of Mobile Me (previously in beta) allows one to share calendars with friends or to publish a calendar to a group. It also allows one to send invitations that require RSVPs. If you put an event on a shared calendar the event becomes visible to all those who are subscribing to your shared calendar. The shared event will also display the list of invitees and those who have accepted. The architecture Apple chose to solve this problem is to host all the shared calendars on a (presumable huge) Mobile Me server. Thus invites are sent from the shared server via the only SMTP service that the shared server is guaranteed to have access to -- namely Apple's own Mobile Me SMTP server. With extra work, Apple could associate an originating email address with each calendar, but this would have to be one email address per subscriber of each shared calendar, since if I subscribe to a calendar I want my invitation to come from me, whereas if you subscribe to a calendar you want the invitation to come from you. Note that this not even a feature of Exchange Server. So all the above is the third rationale that I mentioned. Namely that Apple has rolled out a fairly amazing service, but it will take a future iteration to add a feature that allows invitations to appear to come from a non Mobile Me registered email address. Cheers, Carlo On 2011-03-25, at 19:10, Steven Knowles wrote: Thanks Carlo. I appreciate you taking the time to take a look at the problem, it's a good suggestion. It won't work for me due to the sync issue, but may work for others. Yes, my response may be negative, but no apology there. Apple's move is negative. I don't consider it negative on the basis of
Re: MobileMe calendar upgrade - how to amend email address?
Hi Steven, I forgot to mention that the wait for the next iteration of Mobile Me may not be all that long, but unfortunately I don't think it will hold any good news about the invitation snafu. Rumours are rife that a major overhaul is in the works. The most persistent rumour is that the service will become free and will allow you to share data files between your home computer and your mobile devices, or that there will be some sort of information safe storage access -- it is all quite vague. If the service does become free and changes significantly, we paid members may have access to some services only until they are retired at the end of our contract, nevertheless I am curious to see what's coming. Cheers, Carlo On 2011-03-25, at 21:56, Steven Knowles wrote: Hi Carlo You have a deeper understanding than me of the underlying technologies involved, and thanks again for taking the time to explain extensively, it's appreciated. It's interesting, though pushes the limits of my technical capacity. Without wanting to be argumentative, I still think that regardless of technical considerations and limitations, a move like this by Apple has failed to do the right thing by that subset of customers who use MobileMe by virtue of its failure to inform, basic Change Management 101 stuff. The ramifications are quite tangible. Fortunately in my case I generated only one calendar invitation, to four invitees, before I figiured what was happening, but even then the flow on effects have wasted at least an hour of my time, as well as creating confusion and wasted the time of others. Multiply that a few million times, that's a potentially far reaching impact. Whether or not the transition is justified overall, the implementation has been botched by limiting the ability for layman consumers to make an informed decision, or plan for any impact it may have. It wouldn't surprise me if Apple finds itself on the receiving end of a legal action or two for failure to warn against a foreseeable consequence. Maybe the effect was buried in the fine print somewhere, but even if it was, this should have been a warning in BIG CAPS. Anyway, hoping for that future iteration soon! Surely there'll be plenty of call for it. Personally I've gotta put calendar invitations on hold, and no doubt it means I've gotta stop accepting invitations as well since the acknowledgment will no doubt issue from me.com. Lots of manual input :-( Cheers, Steven -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: Telephone scam - your computer has viruses etc.
I get these calls a lot, and a friend suggested the following, which I tried too. Keep them talking for a while then, as if you have had time to trace the call, tell them you are really mr whatsisname from the online fraud department of the rest doesn't matter as they hang up really quickly. My friend hasn't had a call since - but I have, so it's not infallible, though quite fun regards alastair On 25/03/2011, at 9:07 AM, Ian Reid wrote: On 25 Mar 2011, at 4:17 PM, David Noel wrote: -- The message to wascamnet had this automatic response of relevance David / Mar 25 David I have had number of similar calls in recent months. As soon as I say that I am a Macintosh user the caller hangs up. Ian -- Forwarded message -- From: WA Scamnet wascam...@commerce.wa.gov.au Date: 25 March 2011 16:11 Subject: Thank you for contacting WA Scam Net - October - December 2010 To: David Noel lis...@aoi.com.au Scam Query Auto Response Subject: Thank you for contacting WA ScamNet October - December 2010 Thank you for contacting Scam Query. Due to the large amount of information we receive from the public it may be a few days before we are able to respond to your email but rest assured one of our officers will contact you as soon as possible. You can report scam mail directly to WAScamNet by forwarding emails to wascam...@commerce.wa.gov.au or by clicking here mailto:wascam...@commerce.wa.gov.au . Please note this is an automated response and no response is required. WA ScamNet News - Fourth Quarter 2010 Otep Prizes and Lotteries Consumers all over Western Australia have recently reported receiving letters from a company called Otep. The letter contained official sounding jargon congratulating the consumer of being chosen to win $1,463,590. The surprise correspondence encourages consumers to send $30 to a PO Box number in Florida to claim the prize. There are probably thousands of others who have also been chosen to receive the unallocated funds.Similar scams include: ACP AustroCanadian Lottery. Phone scammers pose as Microsoft. Several Western Australians have paid out hundreds of dollars to over-the-phone scammers posing as Microsoft computer technicians. They have put themselves at risk of identity theft by allowing the cold-callers to remotely access their PCs. You may be asked to log onto a website which allows the cold caller to gain remote access to your computer.You can see this as the curser moves when you are not using the mouse. The scammer can alter security or anti-virus software settings, or add a keystroke recorder to your PC. This means that your secure personal details may be fraudulently used when using banking or trading online. WA Scamnet advises: * Never let unknown third parties access your computer. * Regularly scan PC's with an up to date virus detection program. * Do not be fooled by legitimate sounding organisation names like Windows Security or Windows Service Centre Website Warning -cheaper-flights.com.au A flights website was wrongly claiming to be based in Australia, falsely used an ABN number belonging to a licensed WA travel agency and was selling tickets for an airline it was not authorised to represent. The site was operating out of Europe and the emails which they sent to customers emanated from the United States. The site offered airfares at lower than market-rate prices and advertised via social media. The prices offered were said to be 50% or less than market rates and the tickets were issued 7 days before departure. In addition to cheaper-flights.com.au, the Queensland Police outed 3 other dodgy flight websites, cheapflightsonly.net, onlycheapflights.net and flisave.com. In general when making travel bookings online, be alert to unusually cheap fares, contact us to check the details and remember if you deal with a licensed travel agent in Australia you have a higher level of protection through the Travel Compensation Fund. International students devastated by accommodation scam. Several international students have been conned out of thousands of dollars in an accommodation scam. The students were tricked into paying rent and bond money for rooms in Perth to someone pretending to own the already occupied properties. The scammers advertise rooms to rent via Gumtree and Shared-Accommodation. Usually it is an exceptionally good deal which may include scans of fake documents to verify the landlord's identity and ownership of the rental property. A wire transfer or bank deposit is then requested for the first months rent and the bond. Consumers in doubt about an online transaction should check out the detailed advice on the WA ScamNet website www.commerce.wa.gov.au/wascamnet. WA ScamNet Alerts - Sign up Now! Subscribe now to receive the latest information from the WA ScamNet team. To receive an email about the latest scams named on our
Re: Membership
Hi Laura. Without letting too much of the cat out of the bag, I have tried to answer your questions as below. It is planned to let the whole cat out just after the next monthly meeting! (Bet that intrigues a few people!!) Oh, and it's got nothing to do with 'Lion', just that common saying. Regards, Pete Smith On 25/03/2011, at 11:26 AM, Laura Webb wrote: Good morning all Could someone please clarify questions about membership. From my reading of information on the WAMUG web page, the List is free to all, but those wishing to attend monthly meetings, should pay a membership of $30 per year. I presume such membership also gives a right to vote as and when necessary. I have also understood that membership is due per calendar year and generally payable around the time of the AGM. 1. You are right in that membership does give the right to vote when necessary. Unfortunately, the constitution puts the subscription year 12 months from each member's initial joining. We are hoping to have that changed very soon. By implication are all those attending monthly meetings presumed to be financial members? 2. Non-financial members are not actually banned from the meetings. We encourage prospective members to come along and have a look before they join. (I did for a couple of meetings which is why I joined.) We are also looking at ways of being able to introduce some 'members only extras' that would add value to being a member and, hopefully, encourage others to join. Not just at meetings but on the website too. We regularly see reminders about forthcoming meetings. Why do we never see a reminder that membership is due? Could this not be included with the reminder about the AGM? 3. Hopefully, point 1 will fix this up and then annual reminders will definitely be posted. Unable to attend the AGM, I posted a cheque on 3rd March for $30 to the following address as shown on the web page:- WAMUG Treasurer, PO Box 514, WEMBLEY 6913. 4. I have received the new address today and the website was actually updated about an hour ago. http://www.wamug.org.au/join/ My cheque has just been returned, the envelope endorsed opened in error. It is good to know that someone was kind enough to return it. I note that it is now possible to pay by bank transfer, an option that I don't remember being available last year. I shall now use that method but do feel concerned that an incorrect address is being shown on the web page. 5. The electronic option is indeed a recent addition to the Join page and you may have also noticed that we no longer use PayPal/PayMate. From memory, it occurred at the end of January this year. I wont say any more until after the April meeting. All the info will be on the website and there will also be a posting about it on the List. There are still a few tweaks to be done on the 'cat' but they'll be done by then. Regards Laura -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: MobileMe calendar upgrade - how to amend email address?
Hi Carlo, Like you, I'm not sure I'm going to like where Apple is heading with MobileMe. I've been a member from when Dot.Mac was first introduced. /Begin Quote: Apple plans major MobileMe revamp for April launch; prior version to be phased out in a year! Apple is set to announce a new, free version of MobileMe next month, according to a trusted iLounge source. The source, who works for a major educational institution, claims the school’s supplier has said the current version of MobileMe is no longer available, and that Apple is suggesting new students sign up for the 60-day trial to cover the gap between the final MobileMe shipment and the launch of the new version. In addition, the source was told that Apple will be supporting the existing version of MobileMe for the next year, suggesting that the new version will be quite different from the existing service; the extra year of support would likely cover those who recently paid for a full year of MobileMe, prior to Apple removing any method through which a user could pay for the service. Recent reports have suggested that the revamped service will position it as a free online, cloud-based “locker” for content such as photos, videos, and music. http://www.ilounge.com/index.php/news/comments/apple-plans-major-mobileme-revamp-for-april-launch-prior-version-to-be-phas/ By Charles Starrett Senior Editor, iLounge Published: Friday, March 18, 2011 News Category: Apple, Digital Media /End Quote Cheers, Ronni Sent from Ronni's iPad On 25/03/2011, at 10:25 PM, cm cm200...@gmail.com wrote: Hi Steven, I forgot to mention that the wait for the next iteration of Mobile Me may not be all that long, but unfortunately I don't think it will hold any good news about the invitation snafu. Rumours are rife that a major overhaul is in the works. The most persistent rumour is that the service will become free and will allow you to share data files between your home computer and your mobile devices, or that there will be some sort of information safe storage access -- it is all quite vague. If the service does become free and changes significantly, we paid members may have access to some services only until they are retired at the end of our contract, nevertheless I am curious to see what's coming. Cheers, Carlo On 2011-03-25, at 21:56, Steven Knowles wrote: Hi Carlo You have a deeper understanding than me of the underlying technologies involved, and thanks again for taking the time to explain extensively, it's appreciated. It's interesting, though pushes the limits of my technical capacity. Without wanting to be argumentative, I still think that regardless of technical considerations and limitations, a move like this by Apple has failed to do the right thing by that subset of customers who use MobileMe by virtue of its failure to inform, basic Change Management 101 stuff. The ramifications are quite tangible. Fortunately in my case I generated only one calendar invitation, to four invitees, before I figiured what was happening, but even then the flow on effects have wasted at least an hour of my time, as well as creating confusion and wasted the time of others. Multiply that a few million times, that's a potentially far reaching impact. Whether or not the transition is justified overall, the implementation has been botched by limiting the ability for layman consumers to make an informed decision, or plan for any impact it may have. It wouldn't surprise me if Apple finds itself on the receiving end of a legal action or two for failure to warn against a foreseeable consequence. Maybe the effect was buried in the fine print somewhere, but even if it was, this should have been a warning in BIG CAPS. Anyway, hoping for that future iteration soon! Surely there'll be plenty of call for it. Personally I've gotta put calendar invitations on hold, and no doubt it means I've gotta stop accepting invitations as well since the acknowledgment will no doubt issue from me.com. Lots of manual input :-( Cheers, Steven -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: Telephone scam - your computer has viruses etc.
I have not had any of these calls. I read somewhere of an amusing response to take if you so wish. Allow the caller to rabbit on till they reach the point of asking you which Windows version you have. Then answer 'WIN 95'. This apparently is not included in the caller's written script and results in confusion and abrupt end of the call. . Peter Sealy Thurgoona Australia -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: Telephone scam - your computer has viruses etc.
I got lots of these calls and I got to the point at each call where I told them that I don't want what they are selling. That caused dozens of nuisance calls both on landline and VOiP phones for about a week. Seems to have stopped now. Kev -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: Membership
Hi Pete Thanks for your detailed reply. I had noted that Paypal and Paymate are no longer an option. As I remember that was the method I used last year but much prefer the electronic transfer. I certainly wasn't suggesting non financial members be banned from meetings, just rather curious as to how it all works, particularly at an AGM when voting is normally involved. I think it's good that paid membership remains optional but from a personal point of view, given the help I have received from the List, I am more than happy to pay my $30 each year and have now done so by electronic transfer. I did have a slight problem in that the full account name was too long to insert in the available box so settled for WA rather than Western Australian. With the BSB and account number that should not be a problem. Regards Laura On 25/03/2011, at 10:32 PM, Pete Smith wrote: Hi Laura. Without letting too much of the cat out of the bag, I have tried to answer your questions as below. It is planned to let the whole cat out just after the next monthly meeting! (Bet that intrigues a few people!!) Oh, and it's got nothing to do with 'Lion', just that common saying. Regards, Pete Smith On 25/03/2011, at 11:26 AM, Laura Webb wrote: Good morning all Could someone please clarify questions about membership. From my reading of information on the WAMUG web page, the List is free to all, but those wishing to attend monthly meetings, should pay a membership of $30 per year. I presume such membership also gives a right to vote as and when necessary. I have also understood that membership is due per calendar year and generally payable around the time of the AGM. 1. You are right in that membership does give the right to vote when necessary. Unfortunately, the constitution puts the subscription year 12 months from each member's initial joining. We are hoping to have that changed very soon. By implication are all those attending monthly meetings presumed to be financial members? 2. Non-financial members are not actually banned from the meetings. We encourage prospective members to come along and have a look before they join. (I did for a couple of meetings which is why I joined.) We are also looking at ways of being able to introduce some 'members only extras' that would add value to being a member and, hopefully, encourage others to join. Not just at meetings but on the website too. We regularly see reminders about forthcoming meetings. Why do we never see a reminder that membership is due? Could this not be included with the reminder about the AGM? 3. Hopefully, point 1 will fix this up and then annual reminders will definitely be posted. Unable to attend the AGM, I posted a cheque on 3rd March for $30 to the following address as shown on the web page:- WAMUG Treasurer, PO Box 514, WEMBLEY 6913. 4. I have received the new address today and the website was actually updated about an hour ago. http://www.wamug.org.au/join/ My cheque has just been returned, the envelope endorsed opened in error. It is good to know that someone was kind enough to return it. I note that it is now possible to pay by bank transfer, an option that I don't remember being available last year. I shall now use that method but do feel concerned that an incorrect address is being shown on the web page. 5. The electronic option is indeed a recent addition to the Join page and you may have also noticed that we no longer use PayPal/PayMate. From memory, it occurred at the end of January this year. I wont say any more until after the April meeting. All the info will be on the website and there will also be a posting about it on the List. There are still a few tweaks to be done on the 'cat' but they'll be done by then. Regards Laura -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Version 4.3.1
Hi All, FYI, Version 4.3.1 can be downloaded from iTunes. What’s new in Version 4.3.1: • Fixes an occasional graphics glitch on iPod touch (4th Gen) • Resolves bugs related to activating and connecting to some cellular networks • Fixes image flicker when using the Apple Digital AV Adapter with some TVs • Resolves an issue authenticating with some enterprise Web services Cheers, Peder -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: MobileMe calendar upgrade - how to amend email address?
On 25/03/2011, at 2:03 PM, Steven Knowles wrote: MobileMe asked me recently to upgrade to the new calendar version, which I reluctantly did. Now if I set up a Calendar entry via iCal and invite others, the invitation is sent from my me.com email address, rather than the one I usually use. I can't see anything obvious, how do I override this setting and have iCal send invitations from an email address other than me.com ? I only have my me.com address in order to have a MobileMe account, so I don't want to use it publicly. Hi Steven, Perhaps a work around for you until something is resolved in MobileMe. I just tried this and it works fine, you can use any email address you choose. 1. Create an Event in iCal 2. Control-Click (Right-Click) and select “Mail Event” It’s easy and it sends a standard calendar event to the recipient. With a message informing them of the event you have invited them to, and “To add it to your calendar, click the link below. Which is a standard iCal.ics I know its not what you want, but might do in the interim. Cheers, Ronni 17 MacBook Pro Intel Core i7 2.66GHz / 8GB / 1067 MHz DDR3 / 500GB Serial ATA Drive @ 7200rpm OS X 10.6.6 Snow Leopard Windows 7 Ultimate (under sufferance) -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: updating ipod software
Hi Carlo and Nicholas Thankyou both for your info on this. I will be patient with the download. It hadnt occurred to me that the zillion people with new and previous ipads, iphones and everything else 'i' might also be using itunes!! It is a pity I cant just download it to my MBPro then do the update into the ipod touch? On top of this I have a very unstable/variable and certainly not consistent Bigpond wireless connection down south here which is really really frustrating!! Kind regards Chris On 25/03/2011, at 5:38 PM, cm wrote: Hi Chris and Nicholas, I don't think the problem is with the iOS 4.3 update in particular. I updated some weeks back and it is usually a matter of minutes for the download. I think the problem may be a general slowdown of the Apple servers related to the international release of iPad 2. I downloaded a three hour video from iTunes University last night and had to leave it to run overnight. It took about 5 hours to download whereas normally it would have taken the order of 15 minutes. Cheers, Carlo On 2011-03-25, at 17:18, Nicholas Pyers wrote: On 25/03/2011, at 7:57 PM, Chris Burton wrote: Each time I link it to itunes on my MBPro, it asks me if I would like to update its software to 4.3. I would like to and have tried many times, only to find it was going to take more than 6 hrs (and up to a day or 2)!!! Im not sure if this usual for this model. Can someone please advise if it is and I wont be impatient any more!! It's not based on the model of iPod (nor iPhone or iPad)... this update seems to be generally slow in downloading... it is around 600MB, if you can believe that!!! I updated an iPhone 4 and iPod touch 3rd Gen last night... one took nearly 3 hours and the other mere 2 hours... when I did my own iPhone 4 the day the update was released, it took three attempts... and ultimately eight hours to download. These were all on an iiNet connection, with lots of other uploads and downloads happening at the same time. Also, the time indicator will change over time as network traffic changes... he 3 hour one last night originally said it'd take 18 hours, quickly changed to 10 hours and then wavered about between 1 and 10 hours as it downloaded -- Nicholas Pyers (nicho...@appleusers.org) Founder Publisher, AppleUsers.org http://www.appleusers.org/ -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
Re: Telephone scam - your computer has viruses etc.
Yes, I have personally tried this approach I use Windows 3.11 which results in the same confusion and you can't use that, it's not on my list!! Much enjoyment for me during this windup. Regards Peter. On 26/03/2011, at 5:43 AM, Peter Sealy wrote: I have not had any of these calls. I read somewhere of an amusing response to take if you so wish. Allow the caller to rabbit on till they reach the point of asking you which Windows version you have. Then answer 'WIN 95'. This apparently is not included in the caller's written script and results in confusion and abrupt end of the call. . Peter Sealy Thurgoona Australia -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au -- The WA Macintosh User Group Mailing List -- Archives - http://www.wamug.org.au/mailinglist/archives.shtml Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml Unsubscribe - mailto:wamug-unsubscr...@wamug.org.au
