While we were away, another Mac security scare blew up.

In a nutshell, someone apparently got fed up with waiting for Apple to distribute a fix for a vulnerability they reported to the company eight months ago, and publicly released a proof of concept exploit.

While the PoC only causes a crash via a memory access error, such buffer overflows can sometimes be exploited to run arbitrary code. Most people's accounts have administrator rights, so there's potential for serious intrusions.

While I haven't heard of any real exploits for this vulnerability, the irritating thing is that this seems to be another example of Apple dragging its feet when it comes to distributing fixes that have been applied to open source software that's used in Mac OS X.

This particular vulnerability is in a routine that converts double-precision values to ASCII strings, but it's already been fixed in other operating systems and applications that use the same code.

The problem with such situations is that the vulnerability is exposed for any malicious coders to investigate. I'd feel more secure if I knew that the vulnerability had been actually fixed rather than having to assume that Apple's experts have looked closely at the problem and determined that it cannot be exploited (for whatever reason) under Mac OS X.

I have spent the last few weeks converting the original paper-based AusCam magazine into the new, all-singing, all dancing online one (at www.auscamonline.com- pay me a visit while it's still free!).

Has my eyesight gone? I hear you ask. Did Hague say "online" not "paper". Has the world stopped spinning?

Yes I did. And here is why. Last year, the global scare tactics of I don't know whom that came after the what-the-hell-is-a-sub-prime crisis caused advertising to allegedly dry up. A magazine cannot exist without advertising full stop, so it was either take AusCam online or die. I've tried the last option before in another life and it isn't very nice so the choice was pretty easy really.

The tool I ended up using is PressPublisher and after some initial teething problems, mainly as there is no documentation and getting support over Christmas and New Year - sorry, the Happy Holidays period (ugh) - was a bit difficult understandably, there was lots of trial and error and experimentation. If I am completely honest, there still is, but it's getting there.

And when it is factored in that all the functionality you get including blogs, close ties in with PayPal for subscriptions, online shopping, Google Ads and Analytics, newsletters, classifieds and lots more, for US$19/month there are no complaints.

The only real criticism, apart from the lack of any docos, is the rigidity of the thing. As the name suggests, Press Publisher, it is intended to mimic the publication of a magazine or newspaper, and this it does very well. A colleague who has worked on newspapers says it is actually better than some he has used. But if say you want a stand alone link to, in my case, my online forums, that is a major drama that the support bods have to do for you. So far at no charge. So it is not a web development package per se.

Let me know what you think. It has allowed the expansion of AusCam into areas a paper bound magazine cannot go and this is good. The learning curve was steep and harsh, although not difficult if you know what I mean, and as a first attempt I am pretty pleased. There is still more to do though.

Oh and Happy New Year everyone. From my perspective at least, it has to be better than the last shemozzle.

This time of year it’s traditional to sharpen a pencil and jot down a ‘must do’ list for the 12 months ahead. So, what’s made it onto yours?

Throughout the economic gloom of the past 12 months, most organisations kept a laser-like focus on cutting costs and improving efficiencies. For the IT department this meant battening down the hatches and extracting more out of existing resources.

Now that the worst of the GFC storm appears to have passed, hopefully attention can now shift to more forward-looking activities. In many cases this will involve assessing existing infrastructures and figuring out how they can be improved.

For this reason, I’m thinking many lists could include:

* Cloud computing: figure how much (or how little) to embrace the hottest trend in computing

* Virtualisation: save some more money by reducing server numbers and boosting the usage levels of those that remain

* Standardisation: finally get away from multiple operating systems and bewildering numbers of applications

* Mobile security: take control of the growing number of mobile devices in the organisation and make sure they’re not creating new avenues for fraud and attack

Sure, they’re big areas, but they also represent the most effective way to have a dramatic impact on your business or organisation.

What else has made it onto your first list of the year?

myTVR lets you watch your free-to-air TV recordings anywhere, anytime.

Cloud computing is set to revolutionise many aspects of technology, but I can't say that I saw it as a rival to PVRs like TiVo. Then along comes myTVR, an online service that lets Australians schedule television recordings and then stream them to their computer or a mobile device such as an iPhone, iPod touch or high-end Nokia. You don't need to buy any hardware or do anything in your lounge room, myTVR just records the show on its servers and then streams it to you when you're ready to watch it.

There's a free trial version that lets you store 30 minutes worth of recordings, plus a $5.85 p/m Silver plan that holds 3 hours worth of recordings and a $7.85 p/m Gold plan that holds 12 hours. It's initially launching in the Melbourne, with plans to roll out in Sydney next year - although I don't see what's stopping you using it anywhere in the country as long as you're happy to watch Melbourne television. It might even work from overseas, I haven't renewed my Witopia subscription yet so I can't test it from the US.

myTVR sounds too good to be true, but I've had a play with it and it seems to deliver on its promises. What's really impressive is that it works on the iPhone over 3G as well as wifi. The resolution on the iPhone obviously isn't as sharp as content downloaded from the iTunes store, but it's still very watchable.

MyTVR estimates that a 30 minute recording streamed to a Nokia smartphone is 30MB, for an iPhone or Android device it's 40MB. That makes it feasible to watch TV on the train a few times a week if you've got a 1GB mobile data allowance. The biggest frustration with myTVR is that it doesn't seem to offer a Season Pass option, so you can't tell it to automatically record your favourite show each week. If they add such a feature it would certainly make myTVR an attractive option for commuters, or for Aussies abroad.

It's hard to believe that the TV networks won't unleash their lawyers on a service like myTVR, but it's backed by Michael Carew - the founder of Freshtel - so I guess he's done his homework. If he hasn't, I'm sure the crew over at IceTV can explain to him what he's in for. Actually, a tie-in between myTVR and IceTV would be briliant.

If myTVR can survive the legal onslaught that probably awaits it, I'd say it's a service to watch in 2010. On that note, Hydrapinion is signing off for a three week break and we'll catch you in the new year.

This is the last Mac posting at Hydrapinion for the year. I'm not proposing a full-blown wrap-up or look forward, just one observation from each category.

The Psystar case is pretty much over, with the cloner being banned from (among other things) selling derivative works of Mac OS X, aiding others to infringe on Apple's copyrights with regard to Mac OS X, or having any involvement in products intended to overcome the technological protection measures in Mac OS X.

That seems to rule out Psystar's Rebel EFI product too, although the judge did not specifically include it in his ruling.

The decision will probably dissuade other would-be cloners in the US, but Apple may need to repeat the process in other jurisdictions - assuming local laws are as favourable as those in the company's homeland.

Looking ahead, the iTunes Store seems likely to become increasingly important to Apple. It's still the market leader in the US, accounting for around two-thirds of paid music downloads and a quarter of music unit sales overall.

Those figures don't include subscription services, but the recent acquisition of Lala suggests Apple may be moving in that direction after all.

And whether or not the oft-predicted Apple tablet actually arrives in 2010, I wouldn't be at all surprised to see an Apple e-book reader app for the iPhone and iPod touch (and possibly for Macs and PCs as well, but that would, I'd suggest, be more likely to take the form of a new iTunes feature) with standalone books for sale at the iTunes Store/App Store.

There's clearly a lot of interest in this area among readers and publishers. Readers like the idea of cheap books with almost instant delivery, and it seems that publishers are looking for a bigger slice of the pie than Amazon (with its Kindle) is prepared to concede - and there are indications that Apple will oblige.

Anyway, enjoy whatever summer break is coming your way, and Hydrapinion Mac will be back in mid January.