moab
Latest
Jeep is showing off its first three plug-in hybrids at CES this week
This week, CES attendees can check out Jeep's first three plug-in hybrid models: the Jeep Wrangler 4xe, the Jeep Compass 4xe and the Jeep Renegade 4xe. All three are scheduled to debut in 2020, but they aren't quite ready yet, so Jeep is offering a VR-based test drive. The Jeep 4x4 Adventure VR Experience simulates a ride in the Jeep Wrangler 4xe on Hell's Revenge trail in Moab, Utah, and CES attendees can take it for a spin.
Pivothead review: video recording eyewear for (reasonably) discreet POV clips
We won't mince words -- the Pivothead Durango have a decidedly "sporty" style that probably won't win it too many fans. But, if you're in the market for some POV video action, chances are style isn't particularly high on your list of must-have features. They have the appearance of low-key, but bulky Oakley knockoffs. But again, if you're hurtling yourself down a hill on a snowboard, how cool your specs look is probably secondary to recording high-quality video and absorbing a beating. So, we promise, this is the last you'll hear about how unsightly these things are. (And they are just that -- ugly.) Once you head past the break we'll have video samples, photo samples and field tests, but nary a word about how embarrassing it is to walk around in public with these on. Promise. So, join us below as we put Pivothead's video sunglasses through their paces.
Pivothead video glasses offer impressive quality, we go hands-on (sample video)
There's a new adventure video capture company in town, and both Zeyez and GoPro would have good reason to be afraid. You may not have heard of Pivothead -- the company has had a remarkably quiet push to market over the last few months -- but the video recording eyewear startup could very well become a household name after its first products hit the market this April for $349. Aurora, Durango, Moab and Recon may offer distinct exterior designs, but they're virtually identical under the hood. Each model includes an eight-megapixel Sony sensor (that reportedly captures higher quality images than the iPhone 4S cam), a four-element glass lens, 8GB of built-in storage, a 440mAh battery (with about an hour of shooting time) and three video modes: 1080/30p, 720/60p and 720/30p. We had a chance to go hands-on with Pivothead earlier today, and took the glasses for a spin on the streets of New York City. You'll find that sample video, along with our impressions, just past the break.
Celio's Redfly smartphone dock gets real enough for a demo reel
You know, it's sort of crazy to look back at what companies did and didn't survive the Great Recession of 2009. Ugobe, Veoh, SGI, TZero and Circuit City all folded within the last year, yet Celio -- of all firms -- is still alive and well kicking. If you'll recall, we spotted a "proof of concept" smartphone dock from the outfit 13 months ago, and apparently that very device has shifted out of the R&D lab and into a working product. Now sporting the codename "Moab," the dock essentially brings a keyboard and mouse of your choosing to your smartphone, and it channels the video on your mobile's display onto a bona fide external monitor. The best use of this doohickey is when you need to bang out a long email on your phone, and reaching for a spare LCD, keyboard and mouse is easier than just plugging away on that miniaturized QWERTY. Which happens... when? Anywho, video of the completely and utterly thrilling action is just past the break.
CERT lists vulnerabilities addressed in 10.4.9/SecUpd003
Your tax dollars at work: the crack team at US-CERT (United States Computer Emergency Readiness Team) has posted a tech alert & vulnerability list for Apple's most recent security update and the 10.4.9 release, which both provide patches for a slew of flaws. Interestingly, some of the patches address problems in Apple-provided third party tools such as Adobe Flash Player and MySQL. Apple's security review page for the 2007-003 update and 10.4.9 was updated on Monday with additional details as well.
Four MOAB bugs swatted by Security Update 2007-002
As Erica just noted, Security Update 2007-02 is out, and four of the open security issues raised by the Month of Apple Bugs project are now history. These problems have been addressed by the ongoing patch efforts of Landon Fuller, but his fixes should defer automatically to the new official versions. Finder -- Mounting a maliciously-crafted disk image may lead to an application crash or arbitrary code execution iChat (2 flaws) -- attackers on the local network may be able to cause iChat to crash, & visiting malicious websites/AIM URLs may lead to an application crash or arbitrary code execution UserNotificationCenter -- local users may be able to escalate to system-wide privileges Install with caution.
More MOAB fixes from Landon Fuller
It was a busy weekend for Landon Fuller and his crew of white-hat hackers working to plug the holes in Mac OS X and associated applications revealed by Month of Apple Bugs. His most recent two posts detail patches for Transmit and iChat, a mount warning for disk image downloads in Safari, and a patch for a zero-day vulnerability that's not even on the MOAB hit list: a heap overflow in the Java GIF image handling code, which has been fixed in Sun's releases of the Java virtual machine but not yet in Apple's release.Landon also points to the BOM Shelter python script, written by his buddy William Carrel; the script modifies permissions on several items to avoid the vulnerabilities of MOABs 5, 8 and 15.The thanks and appreciation of the entire Mac-using community are due to these guys, who are volunteering their time and considerable expertise to keep us all a little bit safer.
VLC patched with MOAB fix
See, that didn't take long! VideoLAN's VLC media player has been revised to version 0.8.6a, which closes the vulnerability noted by Month of Apple Bugs and also makes improvements to Full Screen Mode.If you aren't already using VLC for its incredible powers of playback and streaming, now would be an ideal time to start.[via Versiontracker]
Former Apple engineer offers fixes for Month of Apple bugs silliness
Landon Fuller, programmer and former Apple BSD Technology Group engineer extraordinaire, has offered to try and provide fixes for the exploits that appear during this asinine Month of Apple Bugs. Landon has already posted workarounds for the QuickTime vulnerability, and he links a change the VLC team has already made to their codebase (which is likely to be rolled out soon). I join many others in thanking Landon for his work, but I still wish he didn't have to do it. Why should a former Apple engineer use his free time to chase after publicized exploits, when Apple themselves (and any 3rd parties) should be the ones to fix these problems at their core?Thanks Bill I
"The Month of Apple bugs" begins, rationality surrenders
Kevin Finisterre and someone we only know as "LMH" have launched the Month of Apple Bugs, a site they dub a 'project' with the supposed goal of publishing bugs, hacks and exploits they have found in Apple's software any and all Apple-related software. Already they have published a QuickTime exploit they've found which could allow remote code execution (for which Mr. Gruber's proposed solution might not cut it), and yesterday they posted a VLC exploit (and how is this an 'Apple bug?') which supposedly offers the same vulnerability.If you're the type who enjoys cliff notes, let me summarize my feelings about the decision Kevin and "LMH" have made with this site: I spent almost all of last night sketching and brainstorming ideas, but I honestly can't think of anything more pathetically ego-massaging or FUD-drudging one could do with this information outside of writing, directing and starring in a horror movie about code exploits. Thankfully, I wager such a movie wouldn't do so well at the box office.Let me be clear: if these guys have actually found enough problems with software (be it Apple's or otherwise) to fill a whole month of releases, I honestly and sincerely thank them - they can help whoever makes that software to make it better. What is so horrendously wrong with this 'project' is that they're stirring up hype and making news headlines with these exploits, instead of sticking with the traditional and ethical practices of reporting and discussing these bugs with the relevant parties.Who knows, maybe they already filled out the form (though after reading FAQ #4, I doubt it), but publishing this information and landing themselves all over digg and Yahoo! News isn't going to accomplish anything productive. They complain about slow processes and being annoyed at auto-responders to bug reports but they fail to offer any legitimate reason or positive justification for publishing code like this. Patience and civility are virtues, and while I can completely understand being annoyed at faceless bureaucratic processes that fail to tingle the 'hooray I did something good!' bone, publishing this code in this manner has absolutely no positive merit for anyone, and causes nothing but undue harm to the Mac community they so smugly feign an interest in.But I would hate to end on such a bad note. Instead, I'll promise to stomp my feet about this 'project' as little as possible, as we at TUAW would rather focus on the positive. Over the month, we'll offer context and solutions for the bugs Mr. Finisterre and "LMH" publish, in an effort to help the Mac web create something positive out of this questionable month-long bug report. Stay tuned.
