Joined: DC Tech (Meetup)

Just joined Washington, D.C.’s DC Tech Meetup.

Looking forward to connecting with that scene.

As I told DC Tech co-leader Peter Corbett, I’ll be in D.C. from time to time and I would like to connect with the group’s members to build my professional network in the DC Metro area by listening and contributing. I seek to develop new development partners and clients in 2012 and D.C. is one of my targets, along with Boston and New York and San Francisco.

Also recently joined MoDevDC Meetup.

Both look to be thriving groups. I’m looking forward to participating as much as I can from out of town.

Eradicating Flashback from your Mac (CNET)

In the CNET MacFixIt blog yesterday CNET Blog Network Author Topher Kessler elaborates on F-Secure’s stepwise instructions for eradicating the virulent Flashback malware from your Mac. (He also provides clear instructions for diagnosing your Mac for Flashback infection.) He writes:

How do I remove it?

If after running the first three detection commands you find that your system does contain the modified files and you suspect it has the malware installed, then you can go about removing it using F-Secure’s manual removal instructions. These instructions are a bit in-depth, but if you follow them exactly, then you should be able to rid the system of the infection:

Open the Terminal and run the following commands (the same as above):

defaults read /Applications/ LSEnvironment
defaults read /Applications/ LSEnvironment
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

When these commands are run, make a note of the full file path that is output to the terminal window (it may be paired with the term “DYLD_INSERT_LIBRARIES”). For each of the commands that output a file path (and do not say the domain pair does not exist), copy the full file path section and the run the following command with the file path in place of FILEPATH in the command (copy and paste this command):

grep -a -o ‘__ldpath__[ -~]*’ FILEPATH

Locate the files mentioned in the output of the above commands, and delete them. If you cannot locate them in the Finder, then for each first type “sudo rm” in the terminal followed by a single space, and then use your mouse cursor to select the full file path from the first command’s output, and use Command-C followed by Command-V to copy and paste it back into the Terminal. Then press Enter to execute the command and remove this file.

See the following screenshot for an example of how this should look:

screenshot of how Flashback malware eradication commands appear in Mac OS X Terminal app.

After running the command and revealing the path to the malware file, copy the path to the "sudo rm" command on a new line as is shown here to have the system delete it. (Credit: Screenshot by Topher Kessler/CNET)

When you have deleted all the files references by the “defaults” commands above, then you have removed the malware files, but you still need to reset the altered applications and account files, so to do this run the following commands:

sudo defaults delete /Applications/ LSEnvironment
sudo chmod 644 /Applications/
sudo defaults delete /Applications/ LSEnvironment
sudo chmod 644 /Applications/
defaults delete ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
launchctl unsetenv DYLD_INSERT_LIBRARIES

In the Finder, go to the Go menu and select Library (hold the Option key in Lion to reveal this option in the menu), and then open the LaunchAgents folder, where you should see a file named something like “” Next, type the following command into the Terminal (Note: change the name of “” in the command to reflect the name of the file before its .plist suffix):

defaults read ~/Library/LaunchAgents/ ProgramArguments

When this command is completed, press Enter and note the file path that has been output to the Terminal window.

As you did previously, locate this file in the Finder and delete it, but if you cannot do so then type “sudo rm” followed by a single space, and then copy and paste the output file path into the command and press Enter.

To remove any hidden .so files found earlier, you can remove them by running the following command in the Terminal (be sure to copy and paste this command, as there should be absolutely no spaces in the last component that contains the symbols and punctuation marks):

sudo rm ~/../Shared/.*.so

After this step is complete, remove the file called “” and you should be good to go.

Read the CNET MacFixIt blog post in full:
How to remove the Flashback malware from OS X” by Topher Kessler, CNET Blog Network Author , Thursday, April 5th, 2012

Is your Mac a Flashback host? (CNET)

CNET NewsApple Talk Staff Writer, Josh Lowensohn provides succinct instructions for diagnosing your Mac for the virulent Flashback malware. He writes:

How do I tell if I have it?
Right now the easiest way to tell if your computer has been infected is to run some commands in Terminal, a piece of software you’ll find in the Utilities folder in your Mac’s Applications folder. If you want to find it without digging, just do a Spotlight search for “Terminal.”

Once there, copy and paste each one of the code strings below into the terminal window. The command will run automatically:

defaults read /Applications/ LSEnvironment
defaults read /Applications/ LSEnvironment
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

If your system is clean, the commands will tell you that those domain/default pairs “does not exist.” If you’re infected, it will spit up the patch for where that malware has installed itself on your system.

Read the CNET blog post in full:

Mac Flashback malware: What it is and how to get rid of it (FAQ)” by Josh Lowensohn, Staff Writer (@Josh), CNET News Apple Talk, Thursday, April 5th, 2012

iPad as Monitor: Avatron’s AirDisplay app (CNET)

Shiny new iPad.

Lucious new display.

Your Mac glances longingly…

This week Josh LowensohnCNET News Staff Writer reports on an iPad app that enables the new iPad to be a high resolution second monitor using Apple’s obscure new HiDPI mode.

Avatron Software‘s app Air Display allows users to “extend” their Mac desktops to an iPad, essentially turning the tablet into a second monitor. An update to the app now offers an option to enable HiDPI mode, a setting tucked away in Apple’s Mac OS that renders the user interface at four times normal resolution (twice the resolution in each dimension).

That’s well-suited for Apple’s new iPad, which as luck would have it features four times the number of pixels as the iPad 1 and 2, and a higher pixel density than any panel found on Apple’s desktop or notebook computers. At least for now, that is.

In the meantime, the $9.99 app offers a hack-free way to enable the feature and utilize it on the newest iPad’s display.

To use the feature, Air Display users need to be running Lion, the latest publicly available version of Mac OS X. …

Read in full: “Avatron Software has just added a way for users see their Mac desktops at “retina-like” resolution — via the new iPad” by Josh Lowensohn, Staff Writer, CNET News/Apple Talk, April 2nd, 2012 (@Josh)

Privly: Set your own terms of service

After reading Alexis Madrigal’s piece in The Atlantic about Sean McGregor‘s OSU Privly web privacy control project, I immediately ponied up on Kickstarter.

Privly allows people who use online services to publish and share their own words and pictures to retain ownership (read: control) of their content by withholding the files from the grasp of services’ systems.

Damn straight. As it should be.