Apple has shipped a titanic patch for Mac OS X that plugs up 40 vulnerabilities.

Security Update 2008-007 for Tiger and Leopard is a whopper:

• Apache: CVE-2007-6420, CVE-2008-1678, CVE-2008-2364) Apache is updated to version 2.2.9 to address several vulnerabilities, the most serious of which may lead to cross site request forgery. Note: Apache version 2 is bundled with Mac OS X Server v10.4.x systems, but is not active by default.
• ClamAV: (CVE-2008-1389, CVE-2008-3912, CVE-2008-3913, CVE-2008-3914) Multiple vulnerabilities exist in ClamAV 0.93.3, the most serious of which may lead to arbitrary code execution.
• ColorSync CVE-2008-3642) A buffer overflow exists in the handling of images with an embedded ICC profile. Opening a maliciously crafted image with an embedded ICC profile may lead to an unexpected application termination or arbitrary code execution.
• CUPS (CVE-2008-3641) A range checking issue exists in the Hewlett-Packard Graphics Language (HPGL) filter, which may cause arbitrary memory to be overwritten with controlled data. If Printer Sharing is enabled, a remote attacker may be able to cause arbitrary code execution with the privileges of the ‘lp’ user. If Printer Sharing is not enabled, a local user may be able to obtain elevated privileges.
• libxslt (CVE-2008-1767) A heap buffer overflow issue exists in the libxslt library. Viewing a maliciously crafted HTML page may lead to an unexpected application termination or arbitrary code execution.
• MySQL Server (CVE-2007-2691, CVE-2007-5969, CVE-2008-0226, CVE-2008-0227, CVE-2008-2079) MySQL is updated to version 5.0.67 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution.
• PHP (CVE-2007-4850, CVE-2008-0674, CVE-2008-2371) PHP is updated to version 4.4.9 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution.
• PSNormalizer (CVE-2008-3647) A buffer overflow exists in PSNormalizer’s handling of the bounding box comment in PostScript files. Viewing a maliciously crafted PostScript file may lead to an unexpected application termination or arbitrary code execution.
• QuickLook (CVE-2008-4211) A signedness issue exists in QuickLook’s handling of columns in Microsoft Excel files may result in an out-of-bounds memory access. Downloading or viewing a maliciously crafted Microsoft Excel file may lead to an unexpected application termination or arbitrary code execution.

Back in September Apple announced a recall of the Ultracompact USB power adapter for the iPhone 3G following claims that the metal prongs might break off in the power outlet an present a risk of electrical shock. Well, today is the day that Apple kicks off the exchange program.

Details here.

Even send an email after you've slammed back a few beers and then (usually the next day) wished you'd not sent it? If so, Google's Mail Goggles is for you.

To get access to Google Mail Goggles you first need a GMail account. Then you need to activate the service (from within GMail click on Settings and from the Accounts tab click on Google Account Settings. From there find Labs (you may need to click on More ... at the bottom of the page). From Labs you can activate Goggles.

The idea behind Goggles is that you have to answer math questions within a fixed period of time to send an email. You you get the questions wrong, you are free to try again until you get them right. The idea is to add some breathing space between composing an email and sending it.

By default, Mail Goggles is only active late night over the weekend as that is the time you're most likely to need protecting from yourself. This is however customizable to suit your Paris Hilton lifestyle.

I've just finished applying invisibleSHIELD scratch-proofing film to my new Nokia E71 and I have to say that I'm pretty pleased with the results.

invisibleSHIELD comes in a kit and consists of the following:

• Scratch-proof film - A durable film that's 0.3mm thick that was originally designed to protect US military helicopters rotor blades from high-speed damage
• A bottle of SHIELDspray - Application solution
• A squeegee

invisibleSHIELD is available in pre-cut sheets for a variety of devices and usually comes in two flavors - screen-protector only and whole-body protection. I chose whole-body protection for my Nokia.

I won't bore you with the install details (if you're curious, you can find instructions here) but I have to say that I'm pleased with the end results. I'm someone who never had any success fitting decals on model airplanes but I had no problems fitting the various pieces of film to my E71. In fact, the whole process took some 5 minutes. I usually try to fit screen protectors to my devices but as a rule I mess up with the adhesive kind and either fix it crooked or trap horrendous air bubbles in the process. Because you apply invisibleSHIELD wet, there's none of these problems to deal with. And even if you do mess things up, it's easy to peel off the bit and start again.

You're supposed to wait some 12 hours before switching on your device after fitting invisibleSHIELD (I guess to allow any SHIELDspray that might have entered the device to evaporate) but I'm impatient so fired it up immediately and I can't see a single air bubble or smear on the screen. I can see a few imperfections if I look REALLY closely but these don't bother me, and according to the makers should become even less apparent over the next few days. The whole device feels a lot better in the hand too as the thin film gives the cellphone some much needed grip.

Overall, I'm very pleased with the results.

Question from a reader:

A few of my friends and me, are all Mac users and in the market to look for a sub $400 NAS system (excluding actual drives) that can serve as the obvious file server, itunes server, has USB ports to connect and access data from external drives as well as perhaps use it as further space and gigabit Ethernet would also be a bonus. I am also very keen to use this drive with time machine. We were wondering if you have any suggestions or real world experience with using such an appliance.

That's a touch question because people have different ideas of what they want from a NAS (Network Attached Storage) device, although this reader has given a fair bit of information.

Before I go on with my two picks, I need to make a few things clear about NAS devices:

• They're pretty expensive for what you are getting (especially considering that you need to add up to four hard drives to the price).
• They're not all that fast - if you put a small cheap PC on the network and used it for storage, it would be probably be faster than most NAS devices.
• NAS devices can be a pain to set up - you'll probably need to mess about with firmware updates, dig through setup menus that are full of mystery meat settings and contend with very poor documentation.
• They can be noisy and hot.

There are upsides though:

• Once working, they've usually very reliable.
• They offer a pretty painless way to use RAID file system redundancy.
• Usually fitting and replacing disks is pretty easy.

So, which devices would I recommend? Well, I have two:

• D-Link DNS-343 - 4 disk NAS - $405
• Thecus N3200 - 3 disk NAS - $340

If you want the maximum storage space, go for the D-Link, but if you want performance and extra features, then I'd go for the Thecus.