Category: Macbook


Hey Everyone,

It’s been a very busy start to the new year for our shop, we have been doing a tremendous amount of iMac and Macbook Repair over the last year and we would like to let everyone know who keeps asking, we DO repair all iMac and Macbook computers and ALL Apple products including iPod (All Models) and iPad.  Ask about getting you iMac Hard Drive replaced to a Solid State Drive (SSD) and a full tune up including internal and external cleaning.  If you’ve had your mac longer then 3 years chances are its super dusty inside and will need to be cleaned internally!

We offer a complete Mac-Tune-Up Package with Sierra OS installed and your option of a 120GB, 240GB, 480GB or 1TB SSD upgrade which will make your computer  respond much faster (apps open quicker, shorters boot/reboot times) + a HUGE LIST of apps to choose from!

We hope everyone has an awesome 2017 – All the best to you and your loved ones! – Ryan

Apple Fixes “Fundamental” SSL Bug in iOS 7

Apple quietly released iOS 7.06 late Friday afternoon, fixing a problem in how iOS 7 validates SSL certificates. Attackers can exploit this issue to launch a man-in-the-middle attack and eavesdrop on all user activity, experts warned.

“An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS,” Apple said in its advisory.

Users should update immediately.

Watch Out for Eavesdroppers
As usual, Apple didn’t provide a lot of information about the issue, but security experts familiar with the vulnerability warned that attackers on the same network as the victim would be able to read secure communications. In this case, the attacker could intercept, and even modify, the messages as they pass from the user’s iOS 7 device to secured sites, such as Gmail or Facebook, or even for online banking sessions. The issue is a “fundamental bug in Apple’s SSL implementation,” said Dmitri Alperovich, CTO of CrowdStrike.

The software update is available for the current version of iOS for iPhone 4 and later, 5th generation iPod Touch, and iPad 2 and later. iOS 7.06 and iOS 6.1.6. The same flaw exists in the latest version of Mac OS X but has not yet been patched, Adam Langley, a senior engineer at Google, wrote on his ImperialViolet blog. Langley confirmed the flaw was also in iOS 7.0.4 and OS X 10.9.1

Certificate validation is critical in establishing secure sessions, as this is how a site (or a device) verifies that the information is coming from a trusted source. By validating the certificate, the bank website knows that the request is coming from the user, and is not a spoofed request by an attacker. The user’s browser also relies on the certificate to verify the response came from the bank’s servers and not from an attacker sitting in the middle and intercepting sensitive communications.

Update Devices
It appears Chrome and Firefox, which uses NSS instead of SecureTransport, aren’t affected by the vulnerability even if the underlying OS is vulnerable, Langley said. He created a test site at https://www.imperialviolet.org:1266. “If you can load an HTTPS site on port 1266 then you have this bug,” Langley said

Users should update their Apple devices as soon as possible, and when the OS X update is available, to apply that patch as well. The updates should be applied while on a trusted network, and users should really avoid accessing secure sites while on untrusted networks (especially Wi-Fi) while traveling/

“On unpatched mobile and laptop devices, set ‘Ask to Join Networks’ setting to OFF, which will prevent them from showing prompts to connect to untrusted networks,” wrote Alex Radocea, a researcher from CrowdStrike.

Considering recent concerns about the possibility of government snooping, the fact that iPhones and iPads were not validating certificates correctly can be alarming for some. “I’m not going to talk details about the Apple bug except to say the following. It is seriously exploitable and not yet under control,” Matthew Green, a cryptography professor at Johns Hopkins University, posted on Twitter.

Check out this video from News Loop:

 

Source: PC World Security Watch

Here Is How Hackers Can Spy On Your MacBook Camera

Just a few months ago, a story broke about how Samsung smart TVs were susceptible to remote spying by users that hack into the built-in camera. Now, new research demonstrates that MacBook webcams are just as susceptible to being hacked and spied-on as televisions.

Researchers at John Hopkins University discovered exactly how the hacking process is possible without signaling for the light adjacent to the camera to turn on, which is usually an indication that the camera is on.

The primary researcher, computer science professor Stephen Checkoway, published a paper in conjunction with graduate student Matthew Brocker entitled “iSeeYou: Disabling the MacBook Webcam Indicator LED” that contains the detailed process of remotely spying on others’ laptops. Although the researchers could only prove their methods worked with MacBooks created before 2008, they suggest that the process could be successfully repeated with newer computers.

The Washington Post recently ran an article detailing the story of Miss Teen USA Cassidy Wolf, who received nude photographs of herself via email. After an FBI investigation, the authorities discovered that Wolf’s former high school classmate Jared Abrahams had hacked into her computer, as well as the computers of several other women, and had been spying on them via their webcam.

The case of Wolf as well as the new research from John Hopkins raises several issues about privacy and security in the modern world. While Apple’s light was intended as a security feature to alert users when their camera was on, it appears that hackers have found an easily solution to disable that feature. According to The Washington Post, the FBI has been using similar hacking technology for years.

Source: PRPick.com

Wi-Fi-Connected Laptop Hurts Sperm, Study Suggests

A computer with a wireless Internet connection hurts sperm, but not because the machine can heat up your lap, a new study suggests.

The findings showed that sperm cells collected in lab dishes and placed beneath a laptop with a wireless Internet connection for four hours had less motility and more DNA damage than sperm placed in another room, away from electronic devices but kept at the same temperature.

“It is well-known that increased temperature may decrease sperm quality, and the use of portable computers on the lap increases scrotal temperature,” the researchers wrote in their study.

But the findings suggested it wasn’t the temperature beneath the laptop that was affecting sperm; instead, the radiation from the laptop was slowing the swimmers, according to the study.

Laptops emit radiation

The researchers in Argentina and Virginia used semen samples from 29 healthy men, whose average age was 34. The laptop was set to download and upload information over the course of the experiment, so the wireless connection was actively being used. The temperature under the laptop was held constant at 77 degrees Fahrenheit by an air-conditioning system.

Wireless Internet connections use radio-frequency electromagnetic waves. When the researchers measured the radiation coming from a laptop wirelessly connected to the Internet, they found it was at least three times higher than an unconnected laptop, and seven to 15 times higher than radiation in a general setting, according to the study, though the levels varied over the course of the experiment, depending on the flow of information coming to or from the computer.

There was no difference between the sperm samples held under the laptop and those kept away from it in terms of the percentage of sperm that were dead at the end of the experiment, according to the study.

Still, sperm motility and having undamaged DNA are important for fertilizing an egg.

“We speculate that keeping a laptop connected wirelessly to the Internet on the lap near the testes may result in decreased male fertility,” the researchers wrote in their conclusion.

Why sperm cells are vulnerable

Sperm cells are different from other cells in the body — their DNA is highly condensed into a small area, the researchers noted. This could make them more vulnerable to the effects of such radiation.

It’s plausible that the magnetic and electromagnetic fields produced by the radio waves damage molecules in sperm called phospholipids, which are a needed to keep membranes within a sperm cell intact, the study researchers wrote.

It is not known whether all laptop computers might have the same effects as those seen in this study, nor is it known what other factors might heighten or lessen the damage, the researchers wrote in their conclusion.

“However, we cannot discard the possibility that damage to sperm is caused by the low radiation produced by the computer without Internet connection,” they wrote, and this possibility should be studied further.

The study was published online Nov. 23 in the journal Fertility and Sterility.

Pass it on: Radiation from wireless internet connections might damage sperm cells.

Source: Yahoo! News

Acer’s MacBook Air-cloning Aspire 3951 Ultrabook Leaks Out

A hinted-at Acer ultrabook may have had its first public sighting through leaked renders and details in Vietnam. The 13.3-inch Aspire 3951 would borrow more than a few cues from the MacBook Air Intel’s ultrabook spec is meant to imitate and would have a supposedly 0.51-inch thick, aluminum, 3.09-pound shell. In a nod to the Dell Adamo, however, Sohoa‘s look showed that most of the ports would be moved to the back, where the hinge design would make sure they stayed available.

The system would also make the solid-state drive optional. Buyers could pick the likely Intel-made 160GB SSD or opt for more traditional 250GB and 500GB hard drives. Not much is known about the choice of processor other than using a 2011 Core chip, although the Aspire would follow Apple into including Bluetooth 4.0 while swapping out the Thunderbolt for a plainer HDMI output. A card reader is in view on the right-hand side.

Acer is believed to be focusing on longevity, offering a competent though shorter six hours of battery use as well as 30 days of standby; the long idle time might only be true for the SSD option. Moving from sleep to wake should take 1.7 seconds.

Earlier rumors have had Acer’s ultrabook shipping at the very end of the year. The 3951 might undercut the MacBook Air with estimated prices of between $769 to $961 depending on the model, although it’s not clear what a base model would involve. Any lower pricing is likely to entail a slower rotating hard drive and might go below the 1.7GHz Core i5 Apple uses in its own system.

Intel devised the ultrabook spec as a way of sustaining notebook sales in the face of tablets through taking a cue from the Air. The decision may have triggered a pushback from Windows PC builders who have been fighting to lower the price after they were worried they would have no choice but to match Apple’s price after Intel set similar quality and performance goals.

Source: Electronista

Fake FlashPlayer for Mac OS X leads to site redirection attacks

Researchers at F-Secure have intercepted a new malicious threat for Apple’s Mac OS X — a Trojan that redirects users to fake Google web sites.

The Trojan is currently being delivered via fake a Adobe Flash Player (FlashPlayer.pkg) update, F-Secure said in a blog post.

Once installed, the trojan adds entries to the hosts file to hijack users visiting various Google sites (e.g., Google.com.tw, Google.com.tl, et cetera) to the IP address 91.224.160.26, which is located in Netherlands.

The server at the IP address displays a fake webpage designed to appear similar to the legitimate Google site.

“Even though the [Google] page looks fairly realistic, clicking on any of the links does not take the user to any other sites. Clicking on the links does however open new pop-up pages, which are all pulled from a separate remote server,” F-Secure said, nothing that this attack may be aimed at serving ads to infected Mac OS X machines.

Apple has struggled recently with scareware attacks on its platform and the latest sighting is further proof that the increase in Mac OS X market share has attracted the attention of malware writers.

Source: ZDNet

Intel has big plans for Ultrabooks

In an era of smartphones and tablets, Intel is banking on the Ultrabook to breathe new life into the PC. Intel execs have said this new class of powerful, affordable ultra-thin notebooks could represent as much as 40 percent of consumer laptops by the end of next year.

But what exactly makes the Ultrabook different from, say an Apple MacBook Air, hasn’t been clear. Part of this is because the Ultrabook will take several years to fully evolve. The first Ultrabooks from the likes of Asus, HP, Lenovo and LG Electronics are due in time for the holidays. But from the start Intel has said that it will require several generations of new silicon, and hardware and software engineering, to realize the concept.

Now Intel is providing more details on how the Ultrabook will evolve. In a blog post this week, Becky Emmett, a media relations manager at Intel, wrote about the “substantial changes to the way Intel and its partners design, produce and market devices and their components” to enable the Ultrabook.

The first Ultrabooks, based on ultra-low voltage version of the second-generation Core processor (better-known as Sandy Bridge) will arrive in time of the holidays. The basic features of these Ultrabooks are already well-known:

  • Less than 0.8 inches thick
  • Fast start-up from hibernation with Intel’s Rapid Start technology
  • Five to eight hours of battery life
  • Enhanced security features to secure laptops and prevent identity theft

The Asus UX21, an 11.6-inch laptop, is expected to be the first when it ships this fall, followed by the Lenovo IdeaPad U300s and LG P220. But lately there have been rumors that computer makers are having trouble putting these together for less than $1,000 so the ramp of these first-generation Ultrabook may be slower than anticipated.

The second wave of Ultrabooks, due in the first half of next year, will be based on Intel’s first 22nm processors, known as Ivy Bridge. Intel claims these will have longer battery life, better performance, beefier security and high-speed data transfers with USB 3.0 and Thunderbolt, the I/O technology in several Apple Macs and the Sony VAIO Z Series.

Finally the third phase will be based on a new microarchitecture, Haswell, which Intel should release in 2014. With Haswell, Intel plans to change the basic design of its processors so that they use around half the power of today’s CPUs. In other words, you’ll get the performance (and price) of a mainstream processor combined with the battery life of today’s low-voltage versions. They should also be able to fit into even thinner and lighter systems that require less cooling.

PCs are always getting thinner, lighter, faster and cheaper. Intel is promising something bigger here comparing the Ultrabook with major shifts of the past such as the introduction of the Pentium processor in 1995 and the Centrino mobile platform in 2003. Intel says that eventually he Ultrabook will become “a tablet when you want it, a PC when you need it.” As someone who has spent a lot of time using convertible tablets, with mixed success, I can tell you that would be “an historic change” if Intel and the rest of the industry can pull it off.

Source: ZDNet

Apple Laptops Vulnerable To Hack That Kills Or Corrupts Batteries

Your laptop’s battery is smarter than it looks. And if a hacker like security researcher Charlie Miller gets his digital hands on it, it could become more evil than it appears, too.

At the Black Hat security conference in August, Miller plans to expose and provide a fix for a new breed of attack on Apple laptops that takes advantage of a little-studied weak point in their security: the chips that control their batteries.

Modern laptop batteries contain a microcontroller that monitors the power level of the unit, allowing the operating system and the charger to check on the battery’s charge and respond accordingly. That embedded chip means the lithium ion batteries can know when to stop charging even when the computer is powered off, and can regulate their own heat for safety purposes.

When Miller examined those batteries in several Macbooks, Macbook Pros and Macbook Airs, however, he found a disturbing vulnerability. The batteries’ chips are shipped with default passwords, such that anyone who discovers that password and learns to control the chips’ firmware can potentially hijack them to do anything the hacker wants. That includes permanently ruining batteries at will, and may enable nastier tricks like implanting them with hidden malware that infects the computer no matter how many times software is reinstalled or even potentially causing the batteries to heat up, catch fire or explode. “These batteries just aren’t designed with the idea that people will mess with them,” Miller says. “What I’m showing is that it’s possible to use them to do something really bad.”

Miller discovered the two passwords used to access and alter Apple batteries by pulling apart and analyzing a 2009 software update that Apple instituted to fix a problem with Macbook batteries. Using those keys, he was soon able to reverse engineer the chip’s firmware and cause it to give whatever readings he wanted to the operating system and charger, or even rewrite the firmware completely to do his bidding.

From there, zapping the battery such that it’s no longer recognized by the computer becomes trivial: In fact, Miller permanently “bricked” seven batteries just in the course of his tinkering. (They cost about $130 to replace.) More interesting from a criminal perspective, he suggests, might be installing persistent malware on the chip that infects the rest of the computer to steal data, control its functions, or cause it to crash. Few IT administrators would think to check a battery’s firmware for the source of that infection, and if undiscovered the chip could re-infect the computer again and again.

“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery.” says Miller.

That attack would require finding another vulnerability in the interface between the chip and the operating system. But Miller says that’s not much of a barrier. “Presumably Apple has never considered that as an attack vector, so it’s very possible it’s vulnerable.”

And the truly disturbing prospect of a hacker remotely blowing up a battery on command? Miller didn’t attempt that violent trick, but believes it might be possible. “I work out of my home, so I wasn’t super inclined to cause an explosion there,” he says.

In fact, the batteries he examined have other safeguards against explosions: fuses that contain an alloy that melts at high temperatures to break the circuit and prevent further charging. But Miller, who has worked for the National Security Agency and subsequently hacked everything from the iPhone to virtual worlds, believes it might still be possible. “You read stories about batteries in electronic devices that blow up without any interference,” he says. “If you have all this control, you can probably do it.”

Miller, currently a researcher with the consultancy Accuvant, isn’t the first to explore the danger of explosive batteries triggered by hackers. Barnaby Jack, a researcher for with antivirus giant McAfee, says he worked on the problem in 2009, but he says he ”benched the research when I didn’t succeed in causing any lithium ion fires. Charlie has taken it a lot further and surpassed where I was at the time.”

Miller says he’s received messages from several other researchers asking him not proceed with the battery work because it could be too dangerous. But Miller has worked to fix the problems he’s exposing. At Black Hat he plans to release a tool for Apple users called “Caulkgun” that changes their battery firmware’s passwords to a random string, preventing the default password attack he used. Miller also sent Apple and Texas Instruments his research to make them aware of the vulnerability. I contacted Apple for comment but haven’t yet heard back from the company.

Implementing Miller’s “Caulkgun” prevents any other hacker from using the vulnerabilities he’s found. But it would also prevent Apple from using the battery’s default passwords to implement their own upgrades and fixes. Those who fear the possibilities of a hijacked chunk of charged chemicals in their laps might want to consider the tradeoff.

“No one has ever thought of this as a security boundary,” says Miller. “It’s hard to know for sure everything someone could do with this.”

Source: Forbes

Fake security software takes aim at Mac users

Scammers are distributing fake security software aimed at the Mac by taking advantage of the news that al-Qaeda leader Osama Bin Laden has been killed by U.S. forces, a security researcher said today.

A security firm that specializes in Mac software called the move “a very big step forward” for malware makers targeting Apple’s users.

Phony antivirus software, dubbed “rogueware” by security experts, has long plagued people running Microsoft Windows, but this is the first time scammers have targeted the Mac with a sophisticated, professional-looking security application, said Peter James, a spokesman for Intego, a Mac-only antivirus company headquartered in France.

“This is indeed a very big step forward for Mac malware,” said James.

The program, dubbed MAC Defender, is similar to existing “rogueware,” the term for bogus security software that claims a personal computer is heavily infected with malware. Once installed, such software nags users with pervasive pop-ups and fake alerts until they fork over a fee to purchase the worthless program.

Until now, rogueware has been exclusively targeting Windows PCs.

That’s changed, according to Kurt Baumgartner, a senior malware researcher with Moscow-based Kaspersky Lab, who today said that one group distributing MAC Defender has also been actively spreading Windows rogueware.

“They have been revving up for this for months,” said Baumgartner of the work to prep MAC Defender.

Last month, Baumgartner had reported that “.co.cc” domains — which are often used to spread malware and host attack code-infected Web sites — had begun to host fake security sites and deliver the “Best AntiVirus 2011” rogueware.

During his early-April sweep through the .co.cc domains, Baumgartner found a URL explicitly aimed at Macs: “antispyware-macbook(dot)co(dot)cc”.

“It is very odd that this group is marketing ‘Fast Windows Antivirus 2011’ from ‘macbook’ domains,” Baumgartner said at the time in a blog post.

Today, Baumgartner said that a group using .co.cc domains was serving up fake security software for Macs as part of a broader campaign to trick Windows users into downloading and installing phony programs.

That campaign is currently exploiting the hot news topic of Bin Laden’s death to get people to click on links that redirect their browsers to the rogueware downloads. The scammers have used “black hat” SEO (search engine optimization) tactics to push links to rogueware higher on Google Images’ search results.

But that’s not the only way Mac owners have been duped into installing MAC Defender.

On Saturday — the day before President Obama announced the killing of Bin Laden — messages from infected users began appearing on Apple’s support forums.

“What is macdefender and why is it trying to install itself on my computer?” asked someone identified as “wamabahama” on April 30.

“FYI, my daughter said the program started after clicking on a ‘hair style photo,'” added “Mr. Fix It Home Services” on the same support thread. Others reported stumbling upon MAC Defender after searching for images of prom tuxedos or for pictures of a character in the movie “Princess Bride.”

On Monday, Intego published a detailed advisory about MAC Defender, noting that that it was “very well designed, and looks professional.”

Intego spotted MAC Defender and acquired samples on Saturday, said James, who pointed out that users must enter their administrative password to install the program. “So there’s still a social engineering angle here,” he said.

In fact, users see a generic Windows-oriented page when they first click a link to the rogueware. “They’re not even getting a Mac-specific page,” James said.

But unless users have Safari set not to automatically open files after downloading, MAC Defender’s installation screen opens without any user action. That’s been enough to con some into approving the install by typing their administrative password.

The program also relies on an unusual technique to make users pay up.

“Every few minutes, it opens a porn page in the browser,” said James of MAC Defender. “We think they’re doing this because most people will assume that that means they’ve got a virus on their Mac, and they need to get rid of it by paying for the program.”

MAC Defender demands $60-$80, depending on whether users select a one-year, two-year or lifetime “license.”

Ironically, there are only eight to 10 serial numbers that MAC Defender accepts, said James, and those are tucked into the binary file — unencrypted — where advanced users may be able to root them out.

James also called out the MAC Defender’s look and feel as an indicator that the criminals are serious about reaping profits from Mac users. “This was done by a very sophisticated Mac interface developer,” James said. “It’s an obvious sign that [scammers] are starting to target Macs. Earlier [scams], such as 2008’s MacSweeper just didn’t bother trying to look professional.”

Intego spotted MacSweeper, a fake Macintosh system cleaning program, in January 2008.

MAC Defender has also created some collateral damage: The rogueware uses the same name as a legitimate German company that develops Mac software.

“A new malware application named MAC Defender (MacDefender.app) for OS X surfaced a few days ago,” warned the MacDefender site. “If you see an application/installer named like this DO NOT DOWNLOAD/INSTALL it. I would never release an application named like this.”

The rogueware’s name choice was probably a twist on “PC Defender” and “Windows Defender,” phrases used in the titles of numerous Windows-based fake AV programs, said James.

Mac users running Safari can prevent MAC Defender from automatically opening after it downloads by unchecking the box marked “Open ‘safe’ files after downloading” at the bottom of the General tab in the browser’s Preferences screen.

Source: ComputerWorld

Laptops play catch up to the iPad, Xoom

Market researcher Gartner released a research note Thursday claiming that laptops are not meeting the demands of the social-networking era. So, will mobile PCs become more like the Xoom and the iPad, which are, in turn, larger versions of the smartphone? In a word, yes.

This theory–or fact, depending on how you look at it–can also be restated as the post-PC era, which is the Apple marketing-spin corollary to the Gartner argument.

But let’s stick to Gartner’s analysis about the unsuitability of laptops in the social-networking era. Here are the most significant points in the note about the average mainstream laptop:

  • Battery life: not capable of all-day “untethered computing”
  • Connections: constant and immediate connections are not possible (i.e., no standard 3G/4G)
  • Heavy: still too heavy, lack real mobility

What this means is more laptops need to be like the 11.6-inch MacBook Air: very light, very thin–just like a tablet and, by extension, like a smartphone.

Though small laptops aren’t for everybody, it does mean more people will gravitate to this style as companies like Apple upgrade to powerful silicon like Intel’s low-voltage Sandy Bridge processor (and its future Ivy Bridge chip) and upcoming power-efficient chips from Advanced Micro Devices.

And don’t count out a clamshell MacBook–or a variation on that theme–sporting a future Apple A6 processor or an HP laptop packing a Qualcomm chip.

More future laptops will be like the 11.6-inch MacBook Air--but with 3G/4G standard and longer battery life.More future laptops will be like the 11.6-inch MacBook Air–but with 3G/4G standard and longer battery life.

(Credit: Apple)

In the more immediate future, this trend stipulates that Apple seriously consider built-in 3G/4G capability in the next version of the Air, as an Apple survey about 3G in a future MacBook Air seems to indicate the company is doing. As always, battery life would need improvement too.

So, what about the Netbook, you might ask. That delivered on mobility but not–until recently–on long battery life, nor on standard 3G. Nor, most importantly, on adequate performance for a laptop that would serve as someone’s everyday machine. The Netbook was ahead of its time but has always been hampered by Intel’s too-specific ideas about what a Netbook should and should not be.

For better or worse, it’s going to take a company like Apple to take the lead in redefining the high-mobility laptop. With help, of course, from companies like Hewlett-Packard and Sony–the HP Pavilion dm1z and Sony Y series, respectively, are a good start.

A $999 MacBook Air with 3G/4G and monthly broadband plans similar to those of the iPad? That’s another good start. Any takers?

Source: CNET

Apple dumps Flash from Mac OS X

Apple will stop bundling Adobe’s Flash with Mac OS X, the company confirmed Friday.

The new MacBook Air, which debuted earlier in the week, is the first Flash-less system from Apple. Other systems will follow suit as the company clears out inventory of Mac desktops and notebooks that include Flash.

Mac users will still be able to install Flash themselves, and Apple has done nothing to block Flash from running.

“We’re happy to continue to support Flash on the Mac, and the best way for users to always have the most up to date and secure version is to download it directly from Adobe,” Apple spokesman Bill Evans said in reply to questions on Friday.

The move also puts an end to Apple supplying Flash security updates to Mac OS X users as part of the operating system’s patch process. Instead, users will have to know about, locate, download and install those fixes themselves.

That’s not smart, said Andrew Storms, director of security operations at nCircle Security.

“What Apple is doing is separating themselves from the security community,” said Storms, who didn’t cotton to Apple’s decision. “Users, who are likely running an outdated version, typically don’t even know when Adobe issues patches.”

“I just don’t see the upside of this. Apple’s not helping out,” Storms said.

In the absence of Apple patching Flash, Adobe said Mac users were on their own for now. “Adobe recommends that users download the most up to date version of Adobe Flash Player from Adobe.com,” a spokeswoman said.

She urged Mac users to regularly monitor Adobe’s security blog, which posts news of impending and available Flash updates, or subscribe to its RSS feed to stay atop fixes.

Adobe plans to produce an auto-update notification feature in a future release of Flash Player for the Mac, but declined to set a release date. The feature would be similar to what’s now offered to Windows users.

People running Mozilla’s Firefox or Google‘s Chrome will have an edge during the interim.

Firefox, for example, includes a plug-in checker that detects out-of-date add-ons, including Flash Player, and provides a link to Adobe’s download site. Chrome, meanwhile, automatically upgrades Flash Player in the background.

While Evans made no mention of Apple’s anti-Flash stance, Storms saw the decision as another example of the rocky relationship between Apple and Adobe over the technology.

“Apple’s trying to separate themselves even further from Flash,” Storms said. “Microsoft doesn’t update Flash either, but they seem more interested in working with vendors than Apple. Adobe is a good example.”

Microsoft last bundled Flash Player with the nine-year-old Windows XP. Windows Vista and Windows 7 do not include a pre-installed version of Adobe’s player program.

However, Microsoft and Adobe collaborate on security, Storms argued, pointing to the latter’s July announcement to join the Microsoft Active Protections Program (MAPP), which gives select security companies early warning on upcoming patches.

Adobe has also adopted a version of Microsoft’s Software Development Lifecycle (SDL), a program designed to bake security awareness into products, and picked Microsoft developers’ brains to create the “sandbox” technology, slated to show up in Reader next month.

Storms, who in the past has criticized Apple for patching Flash months after the same fixes were available for Windows, wondered why the company singled out Adobe’s software.

“If they’re going to say they’re doing it so that users have the most up-to-date versions, then they should stop issuing patches for every other third-party application in Mac OS X,” Storms said.

Apple and Adobe have been at loggerheads over Flash ever since the former refused to allow the popular technology on its iPhone. The dispute has been heated this year, as the two companies traded blows over Flash content on Apple’s iOS mobile operating system, with CEO Steve Jobs trashing Flash in an April public missive and the co-chairs of Adobe’s board of directors accusing Apple of undermining the Web in mid-May.

Today, Adobe declined to comment on why Apple pulled Flash, or whether Apple had given it advanced warning. “In terms of why Apple will no longer provide the latest updates, we need to defer to Apple,” the Adobe spokeswoman said. “Generally speaking, Adobe is eager to work with anyone who can help our users stay up to date.”

Source: ComputerWorld