Sunday, April 29, 2007

Reaching for Nerdvana: Integrating family and work calendars

Can I reach nerdvana? Can I manage calendars for every family member, keeping them all as private as digital can be, and also integrate my work calendar while allowing each calendar to be viewed and edited on a PDA?

Not yet, but we're getting close. The secret sauce so far is Google Apps for our family, Spanning Sync, SyncMyCal, Outlook 2003 at home and office, iCal, my wife's beloved but aging Samsung (PalmOS) i500, Missing Sync for Palm OS, and my battered and broken Palm Tungsten E|2. My demon-spawned Motorola RAZR is not invited, there's a seat waiting for the iPhone.

Here's the situation so far:
  • Google Calendar on our family domain. The domain means I can easily share calendars internally without exposing them.
  • In Google Calendar: a work and home calendar for me, a home calendar for my wife, child calendars to come. My calendar view includes my two calendars and my wifes.
  • iCal is a natural fit to Google Calendar (gCal), so I create corresponding calendars on iCal for my wife and I on our shared home desktop. For example, my iCal desktop my personal, my work, my wife's personal, etc.
  • Spanning Sync allows me to sync each of my iCal calenders to the corresponding gCal calendars, so we're in great shape on the Macs. gCal is the source of truth, but we can view the composite calendars on my MacBook as well.
  • My personal Palm syncs to XP Outlook, so I need an Outlook to Palm solution. I'm testing SyncMyCal. So far, it's ok. Even handled some calendar name changes I threw at it. I need it because I want control over sync direction, only SyncMyCal offers that. Outlook is a weak match to gCal and SyncMyCal is not as sophisticated as Spanning Sync -- so I sync only my Personal calendar to gCal Personal and and to my Palm.
  • The last step will be to instal SyncMyCal at work, so my work calendar will sync unidirectionally to gCal, bidirectionally to Exchange Server, and unidirectionally to another kludgy app I run on the Palm. [My work calendar uses every advanced feature of Outlook and Exchange server, I don't dare enable bidirectional sync to the much simpler gCal data model.]
If the last step works, I'll have achieved 90% of nerdvana ...

Update 4/30/07: I ran into a roadblock on my journey to nerdvana [1] while testing SyncMyCal. The problem sounds a bit like this one, but I don't use ActiveSync. I do use Palm's Outlook sync conduits (HotSync Manager) and I also use a no-longer-supported .NET-requiring Outlook plug-in called Lookout for Outlook.

In my case I had two problems occur around the same time:
  1. HotSync Manager stopped responding. This happens every week or two anyway, so I don't give it enormous weight. I killed the stuck process in XP's process list and restarted it and it worked.

  2. After #1 the SyncMyCal toolbar vanished from Outlook and a restart didn't bring it back.
This won't be easy to debug -- I wonder about one of those infamous .NET-version conflict problems. I'll contact the SyncMyCal authors and see if they're interested in tackling this with me. If not I'll contact the gSyncIt folks and see if they're interested in supporting unidirectional sync (a mandatory requirement for me).

I'll update this post if/when I make substantial progress.

F
ootnotes

[1] Hardly surprising. When one creates a dependency chain of unreliable software components the probability that everything will work starts to get pretty low.

Update 5/7/07: SyncMyCal flopped for me. The install on my home machine was troubled, but I followed the vendor's FAQ directions and I was able to enable the plug-in. It worked at home for a week, so I tried it at work (Outlook Pro 2003 w/ Exchange environment). It crashed Outlook 2003 on startup. I tried a few times w/ rebooting etc, but it crashed every time.

I have sympathy for the vendor -- installing this type of functionality into Outlook 2003 is, I wager, a nightmare. I use 'Lookout for Outlook' at work and at home, and that's an unsupported plug-in now -- but I deeply depend on it. Outlook 2007 is incompatible with Lookout, so when we switch to 2007 I might try SyncMyCal again.

In the meantime, I'll try gSyncIt at home ...

Update 9/8/07: A blog dedicated to calendar interoperability ...

Update 9/6/09: I did eventually get this all sorted out! Actually, several times, since it changes every few months. There are some hints in this 2009 post. I have a unified work/home/family calendar now on both my iPhone and Google. I don't use OS X desktop iCal at all any more.

Apple fixes suicidal batteries?

I wonder if this is related to the peculiar phenomenon of perfectly healthy MacBook batteries abruptly showing the "Dead X" icon, possibly in association with use of Parallels ...
Apple releases MacBook battery update | Reg Hardware

Apple is recommending an update be installed on all MacBook and MacBook Pro computers and extra batteries purchased between February 2006 and April 2007...

...According to Apple, there are factors causing performance issues in the batteries which do not present a safety risk....

After you've installed the update, if your battery still has the following symptoms, contact Apple for a free replacement:

* Battery is not recognized causing an "X" to appear in the battery icon in the Finder menu bar.
* Battery will not charge when computer is plugged into AC power.
* Battery exhibits low charge capacity/runtime when using a fully charged battery with a battery cycle count (as shown in System Profiler) of less than 300.
* Battery pack is visibly deformed [Reporter's note: Somehow I doubt a software update will fix this guy.]

Apple is also extending the repair coverage program for MacBook and MacBook Pro systems batteries with Intel Core Duo processors for up to two years from the date of purchase.
The warrantee extension suggests that some behavior was prematurely aging batteries.

Google Apps for our family

If Apple had decided they wanted our business, we'd have built our family portal solution around .Mac (dotMac). Alas, Apple decided they needed to focus on other projects; .Mac has languished for years.

The next best option is Google Apps. Email that integrates seamlessly with desktop email (no imap yet), Page Creator, Docs and Spreadsheets (soon presentation), Chat, Control panel - it's a persuasive suite backed the most powerful and fastest thinking megacorp in history. I assume they'll integrate Picasa web albums into their emergent family solution and it will be a small step towards their personal health record solution.

The cost is low -- basically $10 a year for their eNom managed integrated domain. I have the faughnan.com domain, but it's awkward to switch over. I decided for now to create a new family domain.

Now I'll see how well various outlook and iCal sync to Google Calendar solutions really work. There is still the nerdvana of an integrated family and work/home calendar solution in my dreams ....

PS. Privacy? Surely you joke. That battle was lost in America 15 years ago. If you want privacy, use paper.

Friday, April 27, 2007

Dina Dai Zovi: how to secure your OS X machine

DF has a terrific interview online with Dino Dai Zovi. Mr. Dai Zovi demonstrated that he could create a serious exploit on an OS X machine within 12 hours of being invited to do so. That's more than a bit impressive. It is, of course, supremely unlikely that he's located the only such vulnerability. It's possible that OS X is just incredibly vulnerable, but I think few believe that. The take home message for me is that most computers on public networks are quite vulnerable. I hope Schneier will write his own comment.

In the course of the interview Dai Zovi also provided some handy security advice for users and free advice to Apple. I was reassured to learn that I already follow some of it, but I will move some passwords to a new keychain with a timeout. Emphases mine:
Daring Fireball: Interview: Dino Dai Zovi

... I take some extra security precautions such as always running as a non-admin account, using separate encrypted disk images and keychains for different purposes, and isolating data on different machines. I also take some extra precautions that I’m not going to advertise publicly :). I do not, however, run any commercial anti-virus packages.

Gruber: Are there any precautions you think typical Mac users should take that they aren’t now?

Dai Zovi: I would recommend they make their primary user account a non-admin user, I think that is a reasonable compromise between usability and security. I would also recommend that more security-conscious users create a separate keychain with a 5 minute timeout for important passwords. Even if the user is using FileVault, a separate encrypted disk image for sensitive financial or personal documents is another simple and prudent measure to protect your personal information.

Gruber: Do you use FileVault? I don’t. I do store financial and private information on encrypted disk images, but I’m wary of storing my entire home directory on one. I feel like I’m far more likely to run into problems with my disk than I am to run into a security problem, and FileVault can make it harder to recover files if things go south with the drive.

Dai Zovi: I had previously used FileVault on my laptops without much incident when I was traveling and doing consulting. These days, I am no longer doing consulting and traveling less, so I am not using it. I do still use separate encrypted disk images for different types of data.

Gruber: I’ve heard claims that there exist a handful of known Mac OS X exploits amongst security experts. Do you believe – or know – this to be the case?

Dai Zovi: Security experts quite often have exploits for vulnerabilities that they have discovered and the vendor is in the progress of addressing. Some others choose not to report the vulnerabilities that they find. So I would not be surprised if there were a number of OS X exploits floating around, I have already seen evidence of this in the past (i.e. the mach exception ports exploit)...

... Gruber: You had nice things to say in your interview with Ryan Naraine about your experience reporting findings to Apple. Do you think there’s anything Apple should do different with Mac OS X itself that would improve security? (E.g. do you think Apple should change the first-run configuration UI so as to encourage users to create non-admin accounts?)

Dai Zovi: I think Apple is to be commended for proactively releasing updates for internally identified security vulnerabilities, which is a stance that few other software vendors take. Apple should implement some of the security defenses that other operating systems have adopted [jf: I think this includes Vista] such as Address Space Layout Randomization and other stack and heap protections. I think Apple should provide the option to create both admin and non-admin accounts in the first run as well as make it easier to store passwords in non-login keychains.

Wednesday, April 25, 2007

Automated defrag in XP out of the box

Nice to know XP can auto-defrag without any add-ons: Mozy Blog: Defrag the Mozy Way

Joel on VBA for Macintosh and the Office alternatives

Another example of Microsoft on the skids: VBA for Macintosh goes away (Joel on Software).

Joel wrote the spec for VBA. It was a lock-in strategy from start, which is no surprise of course. The loss of VBA on the Mac won't have much impact on most users of Office/Mac, but Joel's story is interesting for several reasons:
1. It's a story about Microsoft's only great product - Excel.
2. Joel's a longtime supporter of Microsoft as a company (he grew up there) and even he's advising friends to avoid Vista at this time.
3. He gets fed up with Office 2007.
Most Mac users who really need Office are going to run Office Pro/Windows in emulation under Windows 2000 or XP. I don't care so much about VBA, but I need Microsoft Access.

Mac users who want a quality word processor should probably use Nisus Writer Express (Pro is in beta). Every other product that works well on the Mac uses a lock-in proprietary file format or an (unfortunately) little supported open alternative. NWE uses RTF.

For presentations, if you can escape PowerPoint (few can) I hear Keynote is good. For an end-user non-pro database you're limited to Filemaker (kind of hurting really). For a spreadsheet you can, err, uhhh, hmmm. That' s a problem, isn't it? When I started writing this post I didn't know of any. I decided to research the question first ...

I was able to find 6 alternatives, not counting OpenOffice since it still requires an X Window front-end:
  1. AppleWorks if you can find a copy (runs in cpu emulation on intel macs)
  2. MarinerCalc 5.5.1
  3. Google Apps with Firefox/Camino (not Safari)
  4. Tables
  5. Mesa (NextStep originally) is still around and is a universal binary
  6. NeoOffice: (update 5/29/07: I tried the spreadsheet with a modestly large data series. It died trying to create a chart. It's not a real contender.)

Tuesday, April 24, 2007

Spanning Sync on multiple macs

This description of Spanning Sync makes me wonder again if we can use it for a family calendar. I still need a good solution for synchronizing Google Calendar with Outlook ...
Spanning Sync Blog: Using Spanning Sync with Multiple Macs:

...To set up Spanning Sync on multiple Macs, first download and install it on one machine, login using your Google account, pair your iCal and Google calendars, and perform a sync. At this point, Google Calendar will have a copy of all of your events.

Then on each of your other Macs, create an empty iCal calendar for each calendar you're syncing. Install Spanning Sync and login with the same Google account, then pair the appropriate Google calendars with the empty iCal calendars and sync. From this point on, changes you make in iCal on any of your computers will be synchronized with Google Calendar and with your other Macs.

Remember that since Spanning Sync is licensed per-person and not per-Mac, you can install it on as many Macs as you like—just login using the same Google account on each one...
I will test this at home first ...

Update: I created a family domain for Google Apps and added both my wife and I to the domain. I've tested spanning sync and am now trying SyncMyCal and gSyncit. Gsyncit is bidirectional, which I don't want for work, so I'll try SyncMyCal first.