Monday, May 30, 2005

Gmail: 42/50 messages are spam

Gmail - Inbox

My Gmail inbox continues to drown in spam. Now at 84%. The same mail stream filtered by my ISP delivers only about 5% spam. Gmail can't be doing much in the way of filtering.

iMac G5 Developer Note - hardware

iMac G5 Developer Note

Via Macintouch. These notes have far more detail on the new G5s than Apple's marketing materials. The SuperDrive supports DVD+R double layer format, for example. Power supply is 180W.

Note the memory specs:
Additional DIMMs can be installed. The combined memory of all of the DIMMs installed is configured as a contiguous array of memory. The throughput of the 400 MHz memory bus is dependent on the DIMMs installed. If only one DIMM is installed, the memory bus is 64-bit. If two non-identical DIMMs are installed, there are two 64–bit memory buses. If two identical DIMMs are installed, the memory bus is 128-bit. Identical DIMM pairs have the same size and composition and provide the fastest and most efficient throughput.
On PCs at least paired DIMMS have to be purchased together. So when you buy a G5 with 512MB of DRAM, you've got to sell that somehow to get the fastest memory -- or donate it to a friend!

Saturday, May 28, 2005

Shoebox: yet another OS X media management package

Shoebox
Like several others it claims iPhoto "import and export", but what they describe seems pretty simplistic. Perhaps they do more than it seems, but true iPhoto integration is not a trivial task. I'm still hoping for an 'iPhoto Pro' replacement for iPhoto build atop Tiger's infrastructure.

iMac essential: a thermal monitoring program

Macintouch: iMac G5 (Part 9)
Scott Richardson

Anyone that is suspecting fan or thermal problems with a newer Macintosh should get hold of the free program called Temperature Monitor or, for more detailed sensor information, the $9 shareware Hardware Monitor by the same author, and
run it in record history mode. Hardware Monitor will give you very detailed sensor data, and a plot recording of exactly what is going on within your system - temperature sensors, fan speeds, current, and voltage readings, plus you will have hard copy proof to show Apple Support if there is a warranty issue with your machine, especially if it is highly intermittent thermal problem you are trying to record on paper (like a fan that quits, or a power supply that goes out of spec). Couple this sensor data with the Console Log time stamp, and you have a very detailed record of any intermittent problems. Without the sensor data, you are really in the dark.

Thursday, May 26, 2005

iMac 2nd generation: temperature data

Macintouch: iMac G5 (Part 9)

There have been 3 possible inter-related problems with the first generation iMacs:

1. Cooling problems.
2. Inadequate power supply.
3. Leaking capacitors.

So this temperature data on 2nd generation iMacs is interesting:
Scott McDonald

I'm wondering if there's a compilation of CPU temperatures that users are seeing on the new iMac G5's - I have a 2nd generation 2GHz 17" iMac, I'm seeing CPU temperature of 132 - 140 F when it's running mail only - when I'm actively using it to do Photo editing, web surfing, etc., the temperature is usually around 150-160 F.

If I turn the processor performance from 'automatic' to 'highest' I instantly see a jump in temperature on the CPU - I'm wondering what temperatures others with the new iMacs are seeing.

These are my current readings from a session that I'm VNCed into, the Mac is only running Mail.app at the moment:

125.6 F <-- Hard Drive
141.5 F <-- CPU
122.0 F <-- Smart Disk ST3160023AS

I'm using Temperature Monitor 2.5 from Marcel Bresink Software-Systeme. [You could try Jeremy Kezer's ThermographX. It includes periodically updated graphs of user-submitted temperature records. -MacInTouch]

Chris Perardi

Just thought I'd report in on the CPU temperatures of my new 2.0 GHz iMac G5 with 512 megabytes of RAM and 250 gigabyte hard drive. The temperature under a fairly mild load (listening to iTunes, browsing in Camino) stays a pretty constant 65¼C. The room temperature is around ~21¼C. During a fairly heavy load (watching XViD encoded video with VLC in the background while working on GoLive CS in the foreground) the temperature has spiked up to 80¼C, which is the highest I've been able to achieve.

The fan noise seem to be pretty constant. It's not a "whoosh" sound I'm used to in previous Macs; it's more of a higher-pitched whine. Slightly annoying, but I'm usually playing music anyway, which drowns it out completely. The machine almost always stays cool to the touch, except, somewhat oddly in my opinion, after waking up the system in the morning. Overall, I've been quite happy. The iMac has been very fast, the Migration Assistant was awesomely useful, and it's nice to have a Core Graphics capable graphics card.
If Apple is indeed talking to Intel about anything, I suspect it's because they can't get the G5 into a laptop. Intel has done incredibly well at producing relatively cool and energy efficient chips that that still perform quite well.

If one is torn between the 17" and 20" iMacs, a possible justification for the 20" is that there may be more room for the G5 to dissipate heat into.

Audiocorder for OS X: handy for general office use

Audiocorder 4.3.2 records audio to the hard disk of a Mac and includes timed recording, VOX (voice-controlled) recording, iTunes integration, and other features.... Audiocorder is $19.99 for Mac OS X and Mac OS 9.

Wednesday, May 25, 2005

Obscure OS X Tiger upgrade bug: runaway process related to automated file defragmentation?

MacInTouch Home Page

This may occur specifically with upgrades from older systems that may date back to 10.1. Some OS crashes may also trigger it. Sounds complex:
Several people followed up on a strange problem with "runaway" processes in Mac OS X:

[MacInTouch Reader] I had the same problem with the unkillable "update" process regularly hijacking the entire processor on my iMac G3 400MHz after upgrading to Tiger over a Panther installation. It would occur every 12 hours or so and could only be stopped with a forced reboot. This discussion at Apple put me on the right track to solving the problem. Specifically, checking the system log in Console revealed repeated errors such as:

"hotfiles_evict: err 28 relocating file 27611"

suggesting that the system was getting "stuck" while relocating a certain file. The discusion also suggested using hfsdebug to identify the file and delete it manually.

Unfortunately on my iMac, hfsdebug was unable to identify the file while the "update" process was running, so I had to record the file number from the error message, then run hfsdebug in the Terminal after force-rebooting the iMac. I was then able to locate and manually trash the offending file in the Finder.

This went on for a few days, with the "update" process reappearing every 12 hours or so, getting stuck on a new file. I noticed that the stuck file identification numbers were increasing (about a dozen files between 14931 and 112976), and that all of the files were quite old, created around 2001 or 2002. (I had not performed a clean install since the Public Beta days.)

Well after a few days of catching the "update" process in the act and manually deleting the problem files, I can happily report that the problem has disappeared and my ageing iMac is good as new!

["Xratchy"] The "update" problem has nothing to do with "System Update". The update program will have added lines to your system.log. Check them out for

hotfiles_evict: err 28 relocating file 20

The meaning for the error number can be found in

/System/Library/Frameworks/Kernel.framework/Versions/A/Headers/sys/errno.h
#define ENOSPC 28
/* No space left on device */

It's a bug in the kernel in the disk optimizing (defragment-hotfiles) code, where the opitomizing process doesn't find a free contiguous-block of disk space.

It's triggered in this case when there is no more continuous free block available, where the process needs/expect one, then it will just retry the search and brings your system to a halt.
The optimizing process is also triggered by opening a file, not only on reading/writing.

Try to make sure to have 10% disk space free at all times (if it's error 28). (Virtual memory can eat a lot of disk space.) Check your disk for errors after the crash (with your Tiger disk - Panther doesn't find/fix them all).

OS X esoterica: roots in NeXTStep and the Installer

The following as a comment in a discussion thread on the location of OS X applications. In general OS X applications, once installed, should not be relocated. This is similar to Windows, but in addition many OS X applications have very rigid requirements for installation paths. This is more restrictive than Windows.

It's also very strange for MacOS veterans. The original MacOS maintained a superb level of indirection between an applications physical storage and its unique indentifier. This level of indirection was broken with OS X, a result of the UNIX roots of NeXTStep and thus of OS X.

Alex Blewitt describes this in some detail. For OS X geeks his discussion is quite revealing. Emphases mine. Note the nasty bug -- in general I avoid symlinks.
# Alex Blewitt wrote on May 25th, 2005 at 1:09 am:

The applications can’t easily be moved and then referenced with a symbolic link. It might stand a better chance with an HFS Alias, but that’s no good if it’s on a different partition, since HFS Aliases only work on the same HFS partition (IIRC).

The problem is that the Mac OS X Installer program (which dates back to NeXT days, by the way, not Mac OS proper) packages its applications up in a compressed format called PAX; which is rather like the Unix TAR but just different. Unfortunately, the un-PAXer engine (pax -r) will overwrite symlink’d directories and replace them with real directories instead. This has been a known bug since time began; it may have been fixed in 10.4 but I’m not expecting it to have been.

Although most apps can be moved, there are a few ‘gotchas’. Unlike comment 3 indicates, most apps don’t write into /bin or /usr/bin (the only ones really being stuff like X.app and XCode.app which include command-line-compilery things). However, they can install private frameworks into /System/Library/PrivateFrameworks/ (which is a kind of Mac OS X dynamic link library, if you’re interested). The iLife apps are an example of this, as are the Apple Pro tools (which use Pro Application Support, or some arrangement of those words). [jf: these framworks have resources which remind me of old MacOS apps]

Since the app in a few cases is a shell to the underlying framework (e.g. Safari is a set of widgets around the WebCore framework, QuicktimePlayer is a set of widgets around the Quicktime framework etc.) it’s not safe to just move the app elsewhere, as it will rely on the framework versions too. This is one reason why they are all bodged to install only on / [jf: / is root] in case you’re interested; they have to write the app, and the framework in the OS partition there as well [jf: the path to the framework is a relative path]. For example, you can’t (easily) set up iPhoto.app on a networked share, because you also need the framework set up as well. (However, you can set the framework up on a networked share too …)

It’s also worth noting that ‘Applications’ is the well-known name for putting apps in, which is why if you create a user account and put a directory called ‘Applications’ in, it turns into the specific icon for an Applications directory. Ditto for Library, and Mac OS X will go through a search path for finding apps:
~/Applications /Applications /Network/Applications (/Developer/Applications)
as well as libraries:
~/Library /Library /System/Library /Network/Library (/Developer/Library ?)

From this, it’s relatively easy to create a share and mount a directory into the /Network/Applications and /Network/Library which are part of the known search path. Whilst it doesn’t matter too much about the applications, it’s really handy having the frameworks available in /Network/Library as well. To achieve this, you’ll need a server capable of hosting shares (I use NFS; I’ve found AFP to be problematic at best of times, but it’s getting better) and then mount them into /Network/Applications and /Network/Library.

For example, if you have a FireWire drive that you want to put stuff in, stick them in /Volumes/MyBigDrive/Applications (and ../Libraries as well). Then, set up an NFS export (see Mac OS X hints for how :-) for /Volumes/MyBigDrive/Applications and then re-mount it as /Network/Applications; ditto for Libraries. You should then see them in the /Network tab in your drawer.

When updates come out, you can install them onto a different ‘target’, although (to my knowledge) not via the Installer app itself. Download the package (Download and Keep from Software Update), then run it with ‘installer -target /Volumes/MyBigDrive -pkg SecUpd_1023.pkg’. (If you want to get rid of excess languages, you can also add -lang en to only install English)

A few of the apps (mostly the iLife ones) will attempt to complain if the drive isn’t / — but that can be fixed. There’s a file called something like preinstall in the SecUpd_1023.pkg/Contents/Resources directory; there’s usually something like ‘if [ $drive = ‘/’ ]; echo “You must install this on /”; exit 1′ in there. Removing this line, or getting rid of the exit will allow you to install it anywhere you want.

The other approach (and the one that Apple wants people to do) is to image a virgin Mac with the disk image utility, and then make the image available via NetBoot. That way, all macs have exactly the same image at all times; when an update comes in, you can test it on your ‘virgin’ mac, and then push the image everywhere. I’m not sure if these imaging tools are only part of Mac OS X Server, but given that they are just DiskUtility type ‘make an image of this hard drive’ it’s not entirely impossible to do it outside of a Server environment.

Of course, I’ve not had time to go into the /Library/Receipts folder for what you’ve installed where, but you might want to move the receipts into the shared /Network/Library/Receipts for the packages that you have installed on the shared drive in the past…

The Robservatory � My favorite browser

The Robservatory � My favorite browser

Monday, May 23, 2005

iPod esoterica: manually putting iPod into Disk Mode

Putting iPod into Disk Mode

The page has directions for newer and older iPods. These are for the older non-click wheel iPods:

1. Before manually placing the iPod into Disk Mode you should verify that it has a charge, if not you need to either charge iPod before continuing or connect it to power. You can either connect it to a high-powered USB port, or plug the iPod Power Adapter into an electrical outlet and connect iPod to the power adapter.
2. Toggle the Hold switch on and off. (Set it to Hold, then turn it off again.)
3. Press and hold the Play/Pause and Menu buttons until the Apple/iPod logo appears, then release them. This resets iPod. When you reset iPod all your music and data files are saved, but some customized settings may be lost.
4. When the Apple logo appears, immediately press and hold the Previous and Next buttons until the Disk Mode screen appears. (For iPod Software 1.0 through 1.1, a FireWire logo appears on the screen.)
5. Disconnect iPod from the power adapter and connect it to your computer.

Sunday, May 22, 2005

Definition of a blogger post: date and subjet

Note the structure of the 'persistent url' used by Blogger:

http://jfaughnan.blogspot.com/2005/05/derivatives-for-small-investor.html

It contains the year/month/date and text taken from the subject. In database terms, it is the date (YMD) and subject text that uniquely defines a posting. Change either and any links to the prior posting will break.

I would have much preferred a level of indirection with a unique ID for a blog posting. This design, if deliberate, says quite a bit about how the Blogger engineers think about blogs and blog postings. Heaven forbid one should have a typo in subject line! It can never be fixed, or the links to the posting will fail. Likewise, if one wishes to update a posting and draw attention to it, one must edit locally and not revise the date, then create a new posting pointing to it.

These are fundamental design decisions, but they will be invisible to most users. Much software is this way; the mechanics of identity (in this case blog identity -- foreign keys in other words) are the invisible 'deep themes' of the software.

Saturday, May 21, 2005

All IDE ATA drives are not the same

[Update 6/5: The Maxtor has been fine after being relocated and reformatted. Then I received a note from Vantec, who've been serious about looking into this, that they'd bought a Seagate 200 and it worked quite well. That was the final clue. What could be affect two different drives in slightly different ways, get worse over time, cause drive corruption and seek errors, not affect the older lower performance drive, and be better in some settings than others?

Heat.

So I checked out the cooling fan on the Vantec case. It is immobile. With some compressed air I can 'kickstart' it, but it has basically seized up. The higher performance drivers either produced more heat or were less tolerate of overheating; without the fan they were cooked.

I need to do some more testing, including asking Vantec for a replacement fan, but my guess is that heat was indeed the culprit.

[Update 5/21: ... the Maxtor in the Vantec cartridge has been malfunctioning and now will not format. I wonder if the drive has been damaged! I've updated my table.]

If you think of standard ATA IDE drivers at all, you probably think they're pretty much an interchangeable commodity with some modest performance differences, some variations in rarely used diagnostic and configuration software, and unpredictable quality problems.

That's what I thought. I was wrong.

I tested 3 drives from three vendors (Seagate, Maxtor and Western Digital) in 4 different settings. All were fine in a routine IDE setup, but there were problems with a firewire enclosure and a removeable drive bay catridge.


Maxtor Diamondmax Seagate Barracuda Western Digital WD 800

200 GB 200 GB 80 GB
PC MB IDE controller Yes Yes Yes
PC Paradise IDE controller Yes [2]
Yes [2]
Yes [2]
OWC Firewire Drive w/ iBook Partial [1] Yes not tested
Vantec EZ-Swap MRK 103F in PC No
No Yes

[1] Works as long as the iBook doesn't go to sleep.
[2] This Paradise IDE controller emulates a SCSI drive. It supports 200 GB drives and works well with everything - except Retrospect 6.0. Retrospect, a notoriously difficult pile of software, has to be forced to use "NT Passthrough" when writing to a drive attached to this controller. This secret preference is enabled with the magic keystroke: Ctrl-Alt-PP. No, I'm not making this up. With the WD 80 GB drive Retrospect would stop after at some magic limit (I forget what it was), with the Maxtor it wouldn't even start -- but it would lock up my XP machine with an unkillable process that demanded a hard reset. With "NT Passthrough" enabled this problem goes away. This bug may be fixed in Retrospect 6.5, though I suspect others take its place.
So, not all drives are the same -- by any means!

The Maxtor worked initially in the Vantec PC cartridge, but then failed and may be damaged. The Seagate never worked. The Seagate works much better than the Maxtor in the iBook attacked OWC external firewire case. The Western Digital works in the Vantec PC cartridge, I haven't tried it in the firewire drive (too much trouble for now).

Most surprising. The lessons I draw for now are:
1. Before purchasing an even slightly non-standard container for an ATA IDE drive check with the vendor what drives are known to work. If they say "all drives" then don't trust them. (SATA may be better).

2. Of the 3 vendors tested, only Wetern Digital MIGHT work in all configurations, but more testing is needed.

3. Not all bad behaviors come from one problem. In the course of managing this very aggravating situation I ran into three: the Seagate incompatiblity, a bent pin, and the Paradise/Retrospect incompatibility. And some people have to resort to television to explain increasing IQs!

Friday, May 20, 2005

Google accelerator bug: Webmail incompatible

Faughnan's Notes: Google Web Accelerator for XP and Firefox (ok, for IE too)

I was working on webmail access to a user account in my domain and the Horde and Squirrel web clients seemed both to be failing. Perhaps this is coincidence, but after disabling Google Accelerator they worked again.

Thursday, May 19, 2005

Macintouch spotlight review

Spotlight (Tiger Review)

The best overview I've seen of Spotlight thus far. The bottom line -- it works well enough to be useful, but it has at least two more revisions to go before it will be a solid tool. I'd guess 10.4.4. (10.4.1 is out, 10.4.2 will focus on bug fixes, 10.4.3 will start to address functional issues).

Using Spotlight with application controlled data stores is the interesting question (Entourage, FileMaker, etc). This is much more ambitious than merely indexing documents. I dimly recall old issues of BYTE referring to a 1970s era OS that had a true database as its file store -- it could manage this trick.

O'Reilly: Build a Simple MP3 Player for Your Site

O'Reilly: Build a Simple MP3 Player for Your Site

Embed tag and JavaScript. I've seen bits of this in many places, but never in one article.

TAGBAG Dashboard Widget: spotlight metadata management

TAGBAG Dashboard Widget
...One of the proposals for getting things done via Dashboard and Spotlight is to tag your files via the built-in Spotlight-Comment option. This allows to set several tags for every important file you have, and later on you can search for these tags, or simply created searchable folders which consist out of all those files containing special tags...

Tagbag helps you to keep track of which tags you used. It always shows a list of all tags you have been using so far. This makes it easier for you to just use a small but sorted set of tags, without forgetting about which tags you used where. In addition to that it allows you to see a list of all files having a certain tag by simply clicking on the tags name...
Similar to the way labels work in Gmail.

Moving about images in iPhoto 5 and prior

ExtraBITS

"In versions of iPhoto before 5, when you zoomed in on a photo in edit mode, you could hold down the Command key to drag the image around; it was a lot easier than using the scrollbars to move around within the image. In iPhoto 5, though, Apple made Command-clicking while in edit mode set a white point for the image (it works only if you click on an appropriately white part of the image), and as far as I knew, eliminated entirely the Command-dragging approach to moving around while zoomed in. Kudos to Markus Silpala, then for discovering that you can in fact still drag a photo in edit mode to move around - the trick in iPhoto 5 is that you must hold down the Spacebar while doing so."

Wednesday, May 18, 2005

Disabling the obnoxious Symantec Norton Antivirus security alerts when auto-protect is off

MCSE World Forums - Symantec Security Alert - How do I stop them?

I don't like the 50% performance hit induced by NAV scanning. I'm inclined to take a chance on leaving it off much of the time (I have pretty excessive backup tendencies); I'll still run my nightly full system scan and the mail scans should still work.

Problem is, Norton produces an obnoxious alert every five minutes if one disables the auto-protect feature. Thank heavens, this works:
Take the path C:\Program Files\Common Files\Symantec Shared\Security Center\ to locate two files; symwsc.exe and symwscno.exe. Create a new folder in the same directory and place the two files in it rather than delete them (just in case...). You shouldn't get the alerts after this.
Thanks shingirai kanyemba.

Monday, May 16, 2005

Remove DRM from iTunes music: JHymm

JHymn Info and Help

If I've paid for music and I will be using it in a way consistent with fair use, I have no personal issues removing DRM protection. Here's how.

Thursday, May 12, 2005

Print graph paper of every variety - on demand

Free Online Graph Paper / Grid Paper PDFs

A very clever idea. How subversive. Using PDF and the web, two advanced technologies, to create graph paper for use with pen and pencil.

iPhoto 5.02 crashing fix: reinstall

ExtraBITS

A very methodical dissection of a fairly common bug with Tiger and iPhoto 5.02: failure to start up. This fix was most unusual, remove the pre-installed iPhoto app and reinstall.

Test for corrupt plist files in OS X

Via - The Unofficial Apple Weblog (TUAW)

I was surprised to only learn this maintenance tip now, especially because pref file corruption is a relatively common cause of OS X problems. I don't recall this being a part of any of the usual maintenance utilities, yet it's a shell utility that's present in 10.3.9 (at least).

Like all sudo commands you must run it from an administrator account (sudo gives admin users transient superuser/root like powers)
sudo plutil ~/Library/Preferences/*.plist -s
Plutil checks all the preferences inside your User folder for any corruption. The -s handle in the command suppresses any reporting of preferences that check out, so only ones with errors show up.

I would usually delete any pref file that failed this test.

-36 error when syncing iPod in iTunes

-36 error when syncing iPod in iTunes

via Macintouch. This is the iPods "something's wrong but I don't know what" error. The kb article suggests how to investigate.

Wednesday, May 11, 2005

Tiger: fixing Spotlight gone bad

Macintouch- Mac OS X 10.4 Tiger (Part 12)

Spotlight may malfunction with future-creation-dates and if interrupted during initial index building. See note below. I've now decided 10.4.2 is a better bet than 10.4.1.
Jeff Hirsch

I can confirm that there are issues with Spotlight hogging the CPU under certain circumstances. In particular, the mds (metadata) process and mdimport process can eat up a huge chunk of available CPU and RAM. Upwards of 80% at times, causing a very noticeable slowdown on even the fastest of machines.

A quick search for "mds cpu" in the 10.4 Discussions over at Apple shows that a number of users are dealing with the same issue. Here is what I did to fix the problem and some thoughts on possible causes. First the fix:

1) Using the mdutil command-line utility in Terminal, turn off indexing for each of your drives. example:

$ sudo mdutil -i off /Volumes/your_hard_drive_name_1
$ sudo mdutil -i off /Volumes/your_hard_drive_name_2

2) Then use mdutil to remove the indexes from each drive

$ sudo mdutil -E /Volumes/your_hard_drive_name_1
$ sudo mdutil -E /Volumes/your_hard_drive_name_2

3) Physically remove the .Spotlight directories from the root of each drive.

$ cd /
$ sudo rm -fr .Spotlight-V100

(do the same for your second or third drive) BE CAREFUL WITH THAT RM COMMAND! One typo could ruin your day.

4) Use mdutil again to turn indexing back on for each drive

$ sudo mdutil -i on /Volumes/your_hard_drive_name_1
$ sudo mdutil -i on /Volumes/your_hard_drive_name_2

5) Spotlight will now re-index all drives and should behave in a normal fashion. (No longer uses 60%-80% of your CPU)

Finally a couple of quick thoughts on possible causes:

1. My initial indexing process after installing Tiger was interrupted by a couple of reboots I had to do while installing third-party apps. This may have left me with a funky index when Spotlight tried to pick up where it had left off. I suggest letting it fully index your drives before rebooting the machine at all.

2. A few users in the Discussions over at Apple noticed that they had files on their hard drive with modification dates AFTER the current date. i.e. days/months/weeks into the future. These files may have been causing Spotlight to choke as it tried to make sense of a date that hadn't happened yet.

I did a quick search for files modified "after" today and found a handful of them on my hard drive. (A few were dated 2031!) I used the touch command in Terminal to give these proper dates. If you have a lot of these files, you might want to create and Automator script to touch them all for you.

Hope this saves some of you a headache or two.

Tuesday, May 10, 2005

Saft - increasingly essential for Safari

The Unofficial Apple Weblog (TUAW)

Saft is pretty amazing. I'm afarid I'm going to have to buy a copy.
Saft, the must-have plug-in for Safari, has just been updated to version 8.0.1 and the long list of features just keeps getting longer.

In light of our recent discussion of the problem with widgets, it's nice to see that the new version of Saft features both the option to stop download warnings (while keeping the option to auto-unpack 'safe' downloads) and adds warnings before Safari auto-installs Dashboard widgets.

Biggest Tiger bug thus far: Sparse Images

MacInTouch Home Page

This is why I don't make major system updates until some time is passed. This bug might have cost me very dearly (ok, so I have multiple backups). Tiger is unusable for me until this is fixed.
It looks like Tiger has a serious problem with disk image data integrity:

[Dave Nanian, Shirt Pocket Software forum]
We've just reproduced a bug in Tiger's image handling that any SuperDuper! users should be aware of.

Basically, if you create a sparse image in Tiger and back up to it, everything is fine. You can unmount it, and the file size is as you'd expect.

If, however, the image is larger than about 1GB and you try to mount it, Tiger will destroy it, and set its size to 1008MB.

I cannot recommend that you rely on any application, including SuperDuper!, that uses images until this Tiger bug is fixed. Please, be careful -- and tell others to be careful too!

[Uwe Kempf] I'm experiencing serious problems with Tiger and Sparse Images:
- Create a new Sparse Image with AES128
- When it's finished, copy some JPGs onto it
- Eject the image volume
- Re-mount it
- All JPGs are broken
I could reproduce it on three machines (German Version of Tiger 8A428)

[Follow-up] I found a workaround for this problem:
- Create a new Sparse Image with AES128
- When it's finished, first UNMOUNT IT
- Re-mount it
- Then start to use it...
Don't use the image directly when it is automatically mounted after creation. First unmount it and remount it.
Repeat after me. 10.4.1.

SendStation PocketDock (TUAW)

The Unofficial Apple Weblog (TUAW)

This is probably of most interest to PC users with 3G iPods (but note they can't charge via USB):
The PocketDocks are little dongles that attach to the bottom of your iPod replacing the dock with regular USB and Firewire cables. They've had PocketDocks that support both USB and Firewire connections, and one that supports Firewire and a Line out (this is the model I own, along with the original Firewire only model), but now they have a brand new model: The PocketDock Line Out USB, which offers both a Line Out and a USB port. $29.95 USD with cables included.
The web site describes even more bennies:
The PocketDock Line Out Pack includes two 6 ft. ultralight and ultra-compact white audio cables: One with 3.5 mm (1/8") stereo plugs on both ends, one with stereo RCA and 3.5 mm plugs. They are slim enough to fit into the palm of your hand and come with detachable velcro straps for convenient storage and cable management. Their beautiful design is a perfect match for both iPod and iPod mini — just like the PocketDock itself.

What good is a PocketDock, if you don’t have it at hand when you actually need it? Well, if there’s one thing you always carry with you, it’s probably your keys. That’s why your PocketDock now comes with a free detachable keyring dock.
This is a far better deal than the bulky and ridiculous USB cables Apple shipped for the 3G iPods. NOTE, however, that 3G iPods can't charge via USB. SendStation is good enough to note this, albeit in very small print. Later iPods will charge with this cable.

Monday, May 09, 2005

The very cheap person's guide to remote Mac control including SSH tunneling

macosxhints - How to securely control another Mac over the internet

A LOT of tips in one place. One of the best I've read in a while. Includes SSH and tunneling configuration.

Ultra-rapid (rapid) prototyping in OS X

An embedded view of the Mac mini, Part 3: Rapidly prototype an embedded application

Now that's fast.

QuickTime 7 document: revolutionary

QuickTime 7 Update Guide: Changes to QuickTime Player and QuickTime Pro

What a radical concept. Actual QuickTime documentation.

Macintouch thread on Tiger OS X widgets security flaw

The disturbing thing here isn't even this particular flaw. It's that Apple's developers clearly aren't thinking seriously about security.
10:50 EDT A question we posed previously about abuse of Tiger desktop "widgets" by malware has suddenly turned into a hot topic:

[Randy B. Singer] There is a grave concern that Tiger's new Dashboard feature, combined with Tiger's auto-installation of widgets, could provide a wide open door for malware. See: http://64.70.134.217/widgets/zaptastic/ but be prepared that just visiting this site installs a fairly innocuous proof-of-concept widget.

[Jim Vonkas] This link [at Slashdot] has a description about a web page that downloads and installs a Dashboard Widget by simply going to the page with Safari. All this happens completely WITHOUT any user interference! This behavior is worse than any danger you can encounter when browsing with the latest Windows XP!
[follow-up] ... It would have been easy enough to disable automatic downloads by default - it's an unforgivable oversight, I think, and if Apple gets a bit stirred up about it, perhaps it will be more careful in the future. ...

[Dave Schroeder] When Safari is in its default state, i.e., with "Open 'safe' files after downloading", what happens is the following:

* The widget is downloaded, unpacked, and moved to ~/Library/Widgets (a website could do this automatically)
* The next time you run Dashboard, the widget is in your shelf (when you press the "+")
* You must deliberately run the widget

Mac OS X likely assumes that if you click it, you intend to run it. The only problem I see here is that a widget could be auto-downloaded (and installed) somewhat surreptitiously, and you might not notice it for a while. There probably should be some sort of prompt in Safari at download time (which it now does for applications).
In the meantime, the sure fix for this any many other past questionable download situations is to always uncheck "Open 'safe' files after downloading" in Safari's preferences. This way, the file is downloaded, but it remains in its packed/compressed form.

[Peter da Silva] Last June [Apple] "fixed" the hole in LaunchServices by popping up an occasional warning dialog, a technique that doesn't address the real problem - the fact that they're using the same set of helper applications for trusted and untrusted references. I put up an article on it, and predicted that there would be more of these problems until they fixed the real problem.
Because popping up a dialog that's almost always answered "yes" is just getting people used to answering "yes", so by the time they need to say "no" they don't realize it until too late. Microsoft has this problem in spades, and I've had to dig viruses and spyware out of people's computers because they got used to saying "yes" one time too often. This dialog is no different.
The latest security update for Panther... what does it do? Why, it patches another example of the same problem. And it's going to happen again and again, though hopefully Apple won't take ten years to realize that they've got a deeper problem, like Microsoft has.
Dashboard. I've been worried about Dashboard. A Dashboard widget is a web page, basically, that can include native code. Native code objects for Internet Explorer - ActiveX - have been the biggest security problem there. For a while it looked like Apple had dodged the bullet... you can't run native code objects in Safari even if you're displaying a widget in Safari. No mechanism to run native code, no potential hole in Safari. I thought.
But, no, they went and decided that widgets are safe for opening and opening installs them in Dashboard. Not only that, but Dashboard doesn't have the equivalent of a popup blocker, so they can write a widget that makes your computer useless if you don't know how to remove it. So now that's TWO potential attacks. First, you can include native code in the widget and see how many punters just click "OK". Second, you can leave the native code out and they don't even get a chance to say "OK".
Bad idea all around.
First, Safari shouldn't consider Widgets "safe".
Second, it shouldn't default to opening "safe" objects anyway. Let people explicitly take an extra step, so they don't automatically get compromised when someone finds a hole in Expander (for one example).
Third, Dashboard shouldn't automatically run any widgets, it should wait until you ask it to do something with it. Oh, and it really needs some better widget management tools.
We'll see what 10.4.1 does, and in the meantime... don't let them get away with this electronic equivalent of overprescribing antibiotics. Tell them, "Don't pop up a dialog unless the user is doing something that has the immediate possibility of launching an exploit, and if you can't tell... don't do whatever it is you were about to do, let the user ask to run the application or install the widget."

[Gregory Lawhorn] Leaving the philosophical issues behind for a moment (i.e., whether Apple SHOULD allow automatic downloads or automatic installation of widgets), here's how to safeguard your system.
High Security: Disable 'Open "safe" files after downloading' in the General tab of Safari preferences. Files might be downloaded, but they will remain archived and on your desktop.
Medium Security: My preference for the moment (I happen to like having a widget automatically installed - when I know about it, that it is). Go to the ~/Library/Widgets folder. Command-click on it, and select Enable Folder Actions. Command-click on it again, and select Attach a Folder Action. Select "Add - new item alert.scpt". Repeat this for Home/Library/Widgets for each and every user account on your computer.
Now when a new widget is added, intentionally or secretly, an informative dialog box will notify you that that the folder contents have changed, and even give you the option of looking at the new item. If you didn't intentionally add the widget, trash it, and you're safe. At least I'm pretty sure you're safe.

[Mike Jackson] There is one really quick way to disable the auto install of widgets. Run the following command in terminal:

chmod 0550 ~/Library/Widgets/

This puts READ ONLY protection on the Widgets folder. Now going back out to http://64.70.134.217/widgets/zaptastic/ will put the auto downloaded widget onto the desktop. You can then use the finder to move it to the ~/Library/Widgets Folder. The finder will ask you to authenticate. Once the new widget is in place, you can double click the widget to run it in Dashboard.

Essential Tiger utility: manage dashboard widgets

MacInTouch Home Page: "Widget Manager 1.0 is a Tiger Preference Pane that makes it possible to inspect, disable, and even remove Dashboard Widgets. It also shows individual widget version numbers. Widget Manager is free (donations requested) for Mac OS X 10.4."

Add 'Find Target' to XP Right Click (Context) Menu

MSFN Forums > Add 'Find Target' to Right Click...

Once upon a time, in the first golden age of the PC, PC Magazine ran a regular "utility" column that featured ingenious solutions to the limitations of what was then DOS. This continued into the first generation of Windows 3.1 and even into Windows 95, then it died out as many of the advertising supported hobbyist magazines went under (of which the greatest loss, by far, was BYTE).

I thought of this when I went looking for a fix to an age-old annoyance -- a quick to go from a windows 'shortcut' (file/folder alias) to the original. (The usual route is RMB, then properties, then 'Find Target ...').

It turns out this is not hard to do. I found sample code in several places, and a registry hack on this page.

However, it's not "packaged" the way things were in the old days. The "hobbyist" energy that used to provide a myriad of such solutions has faded away. I'm sure this has been done a hundred times, but each solution has been lost in a mass of noise.

In the OS X world, the enthusiast energy, and the general coherence of the OS, means these problems get solved and the solution is maintained and available.

Thursday, May 05, 2005

Hacking Quicktime: tips and tricks

Hacker's Guide to QuickTime

Import an imapbox into Mail

macosxhints - How to import an .imapmbox into Mail.app

I wonder if this would work with Eudora PC's IMAP file?

Keeping Classic on a disk image

macosxhints - Remove Classic cleanly

A "clean" way to keep classic around a 10.4 system
Just create a .dmg, copy all the classic stuff onto it, bless the system folder, and choose that folder in the classic system prefs.

The neat think about classic on an image is the image will automatically mount when classic is needed.

No more classic cruft hanging around, but it's there if you need it.

Usenet discussion on archiving important family videotapes

Google Groups : rec.video

Good suggestions.

Rixstep and Cocktail for OS X

Rixstep

This guy does not like Cocktail for OS X. I've used Onyx, Panther Cache Cleaner and Cocktail. I'm not that fond of any of them.

Interesting.

Wednesday, May 04, 2005

The women's petition against coffee (1674) (via Boing-Boing)

The women's petition against coffee (1674)

I assume this is a jest. At least I'm 90% sure. On the other hand, those were bawdy days.

Create Spotlight indexes for networked volumes

macosxhints - 10.4: Create Spotlight indexes for networked volumes

This procedure won't work for me, but it suggests a utility will be out soon to make this process invisible.

How to report a bug to Apple - effectively

Macintouch - Mac OS X 10.4 Tiger (Part 7)

John Baltutis writes:

"For everyone who has a problem with Tiger or any of Apple's applications, let me offer the fastest and best way, IMHO (outside of being a beta-tester/developer), to get your concerns in front of Apple's fixers and doers.

Join Apple's ADC at (it's free and also provides you an opportunity, if you wish to exercise it, to download developmental software). Then use the bug reporter (which requires an ADC membership) to submit bug reports or enhancement requests.

Once these are documented (you get a unique number when you submit them), you can track their status, append additional information, and receive feedback from engineering. This allows you to establish a two-way dialog, albeit may not be timely, with your problem/concern/shortcoming/suggestion/etc. and those in power to fix or add them."

Tuesday, May 03, 2005

Sharing folders with XP SP2 -- must create an account for remote users

Windows XP Home Page

Say you want to share a folder in XP SP2, but you don't have Windows server. As near as I can tell, you have to either enable the Guest user account or create a user account that has the same username string as the username on the remote machine.

Folder and file sharing in XP really expects to work with a proper server and domain manager.

OS X is so much nicer ...

Keyword Assistant must be updated for 10.4

Ken Ferry Software

This is one of my favorite small applications. A 10.4 bug broke it, the new version has a workaround. This is why I like to wait for 10.4.1.

A utility for creating custom shows in PowerPoint

Shyam's Toolbox for PowerPoint - Home

Add to Custom Show is a personal favorite. I find it easy to switch to slide sorter view, select the slides in the order in which they show appear in the custom show, right-click & select 'Add to Custom Show'.
It's $50 as it's really a part of a developer toolkit, not an end-user utility. A bit steep for my purposes.

OS X password creator guides

macosxhints - 10.4: Create strong and memorable passwords

but an article here mentions this was available in 10.3 - sort of.

Spotlight tips and tricks

macosxhints - 10.4: Some Spotlight tips and tricks

Also, see this Apple programmers reference for fuller syntax.

Spotlight and disk images

macosxhints - 10.4: Enable Spotlight for disk images

Plist editing and extracting editor using Pacifist from Developer Tools

macosxhints - 10.4: Convert new plist files between XML and binary

Workaround for QT 7 bug with movie properties inspector

The Unofficial Apple Weblog (TUAW)

Monday, May 02, 2005

Databases - what's next

ACM Queue - A Call to Arms - Long anticipated, the arrival of radically restructured database architectures is now finally at hand.

A mildly technical but readable overview of what's happening to the foundation of most business systems.

Review this list prior to a Tiger upgrade

Mac OS X 10.4 Tiger Incompatibilities and Workarounds

I won't upgrade before 10.4.1, but even then this is a good list to review. I'm a bit stunned that there still seem to be firewire drive problems.

Troubleshooting Safari: try deleting cookies.plist

PLISTs, caches and permissions cause an unusual number of OS X problems:

MacInTouch Home Page: "After doing an 'Archive and Install' with Tiger I was having a lot of problems visiting various websites with Safari 2.0. I kept getting an error page saying that Safari had 'Lost the network connection' and gave the following error 'NSURLErrorDomain:-1005'. One of the problem websites was in fact www.apple.com.
After a ton of troubleshooting I found the solution to the problem. I had to delete my Cookies.plist. The file is located in ~/Library/Cookies. Once this file was removed all sites could be loaded again."

Sunday, May 01, 2005

Photo management using Gallery

Gallery :: your photos on your website

A very impressive and free project. Albums have RSS feeds. Most would want to keep their albums on a local machine and mirror remotely to publish.