World Computer Exchange
Donate selected computers. I've got a few to go here.
PS. Blogger was thrashed today -- status.blogger.com has an extensive apology. They've been staggering for weeks.
Friday, November 05, 2004
Thursday, November 04, 2004
iPod Technoporn -- iPod lounge buyer's guide
iPodlounge | All Things iPod
Gizmodo loves it.
As promised several weeks ago, iPodlounge is proud to announce the immediate availability of the iPodlounge Buyers’ Guide 2004 for free download from the links and locations below. It contains the world's first review of Apple's new iPod Photo.
For the unfamiliar, iPodlounge's Buyers’ Guide is a complete, magazine-style guide to everything iPod and iPodlounge, with trustworthy previews and reviews of the very best iPod accessories, guides to getting free iPod software and support, and much, much more. We've designed the Guide so you can print only the pages you want, and give them to your family and friends as very specific holiday "gimme iPod" reminders.
By reader demand, the Guide contains a complete report card of the over 200 iPod-related products that have been reviewed by iPodlounge, and features the incredible art and photography of iPodlounge readers from around the world.
Gizmodo loves it.
OS X Tiger: VoiceOver
MacOSX v10.4 Tiger: Developer Overview
How hard will it be to develop applications for children with reading disorders? Awesome.
The Universal Access capabilities of Mac OS X are enhanced in Tiger to include VoiceOver, a new spoken interface. Designed for those with visual and learning disabilities, it reads aloud the contents of documents such as web pages, Mail messages, and word processing files. As an integrated part of Tiger, Apple is providing a set of programming guidelines so that you will be able to make sure that your application can deliver the best VoiceOver experience.
How hard will it be to develop applications for children with reading disorders? Awesome.
OSX v10.4 Tiger: Core Data
MacOSX v10.4 Tiger: Developer Overview
I wonder if thi s is the database used by the Spotlight metadata engine. If this datbase were to be used by iPhoto and iTunes ...
An OS supplied set of object-SQL services. Big.
Sigh. Apple is good at marketing to geeks. I'm ready to send them money now ...
Core Data gives you the ability to create a description of your data objects. Once defined, Core Data handles most of the heavy work of managing your data objects, both in-memory and on-disk. This allows you to focus on application logic and avoid the infrastructure work. In short, Core Data is a model-driven object management graph and persistence framework....
In Tiger, Core Data will support three different kinds of files for storage of data:
* A text-based XML file format
* A better performing binary file format
* A high-performance, SQLite-based database file format
Each of these file formats has its strengths. The XML file format is a good choice during the development of an application as it allows you to peek inside the file and see what is going on. The SQLite format will often be the best choice for desktop applications because of its performance characteristics.
I wonder if thi s is the database used by the Spotlight metadata engine. If this datbase were to be used by iPhoto and iTunes ...
An OS supplied set of object-SQL services. Big.
Sigh. Apple is good at marketing to geeks. I'm ready to send them money now ...
OS X Tiger: Automator and other themes
10.4 Tiger: Developer Overview
Tiger's themes seem to be search (Spotlight), metadata (Spotlight database) and end-user extensibility (Automator and Dashboard).
I'm persuaded Tiger should deliver real value to me. I doubt it will work well on my G3 iBook of course, so the real cost is much higher than a $130 upgrade price. It should work well on the new G5 iMacs.
AppleScript has long allowed users to combine the abilities of multiple applications in new and unexpected ways. Automator takes AppleScript's application integration technologies a huge step further. With Automator, end-users can drag-and-drop actions from various applications into a single, saveable workflow. It's similar to writing shell scripts and piping the output of one command-line tool to another with pipes, but with a visual interface.
Tiger's themes seem to be search (Spotlight), metadata (Spotlight database) and end-user extensibility (Automator and Dashboard).
I'm persuaded Tiger should deliver real value to me. I doubt it will work well on my G3 iBook of course, so the real cost is much higher than a $130 upgrade price. It should work well on the new G5 iMacs.
Wednesday, November 03, 2004
S5: CSS/XHTML Slide Show Package
Slashdot | Standards-Based CSS/XHTML Slide Show
I did a for more modest slide show tool years ago. One this site recovers from the Slashdot hits it'll be interesting to read.
I did a for more modest slide show tool years ago. One this site recovers from the Slashdot hits it'll be interesting to read.
Good OS X security practices
"Opener" Malware
This came out of the opener malware discussions. Some of this I won't bother with, but others I will. I'm especially interested in disabling root (esp. if I can reverse that!).
I wont' be changing permissions until I learn more about the consequences.
This came out of the opener malware discussions. Some of this I won't bother with, but others I will. I'm especially interested in disabling root (esp. if I can reverse that!).
I wont' be changing permissions until I learn more about the consequences.
After sifting through the various responses from readers this problem seems to boil down to a few simple things. Openr.sh has to be deliberately downloaded or copied to a Mac through direct access to the machine. 'Direct access' means physical access to the machine with sufficient privileges to copy files to appropriate directories or access via remote log-in with the same privilege levels and a method to execute the script. Basic (paranoid) security needs to be exercised in order to prevent/mitigate the unsophisticated type of attack that Opener.sh represents.
Servers should be isolated from casual access (all the system level security in the world won't help if someone gets to your box with a boot CD) and never left unattended with admin/owner or root logged-in. Remote log-ins (ssh) to servers should be allowed only with the root user and interactive log-ins disabled combined with an ACL (access control list). Restrict admin/root access to a limited number of people. Unused/unneeded services should be disabled and their ports closed.
Workstations in an office setting should have the screen saver enabled with a short time-out and password required to unlock/wake up. Automatic log-in to workstations should be disabled. Inactivity log-out should be enabled. No users other than designated admins should have admin level privileges or access to an admin level account on these machines.
Use "strong" passwords. Passwords like 'guyvlv*&%*%@KJBb039' are harder to guess or crack than 'a12345'. Change passwords often, especially admin level passwords.
Users are logged into their machines, by default, as the owner of the machine who is a member of the admin group. For your own personal account on your own machine create a standard/no limits account for everyday use. Enable 'fast user switching' so you can change to to the owner account for admin level tasks that you may need to perform on a day-to-day basis.
Disable the root account. First enable the root account, give it a different password from the owner account, then disable the root account. You can do just about everything the root user can do as the owner/admin user of the machine without root access. This won't affect how the root(system) user processes run. See this Apple KB article on how to enable/disable the root user: http://docs.info.apple.com/article.html?artnum=106290.
Reduce your 'attack surface' by turning off unneeded services. Securing and turning off services on workstations is first accomplished by selecting the 'Security' System Preferences item and check the 'Require password to unlock each secure system preference'. Then under Sharing in System Preferences, select the Services tab and turn off (uncheck) all unnecessary services. The same goes for the Firewall and Internet tabs. Then click the lock icon to prevent tampering.
Permissions on certain directories, particularly /System/Library/StartUpItems, are incorrect and there seems to be some confusion as to what they should be. Incorrect permissions combined with elevated access privileges can lead to unfortunate incidents with inexperienced/malicious users. Permissions on system level files and directories should not be changed without a full understanding of the implications of such changes. Problems with incorrect permissions can range from applications unexpectedly quitting to kernel panics, so users should tread carefully.
In particular the permissions on /System/Library/StartUpItems should not be set to root:admin as owner and group but root:wheel. Directories and binaries in /System/Library/StartUpItems should be set with permissions of 755, while .plist and .strings files in these directories should be 744. These are the default permissions that are set after installation or a permissions repair are done. Recursive changing of access permissions with 'chmod -R' or owner:group ownership with 'chown -R' should be used with caution.
If you feel that something is amiss with your Mac you can get a good sense of what is going on 'under the hood' by using the terminal and the 'ps' command. Typing:
ps -aeux
in a terminal window will give you a quick snapshot of what's happening; including commands, paths, and user processes running on your Mac.
For a 'live' view of what's going on you can use the 'top' command. The 'top' command has several options to allow absolute, cumulative, or delta display of system resource usage. To terminate top while it is running simply press 'q' on the keyboard and you will be returned to the prompt. To see more options for 'top' type:
man top | more
in a terminal window to view the man page for top.
Monday, November 01, 2004
Amazon.com: website info: faughnan.com .... and google.com
Amazon.com: website info: faughnan.com/
Amazon's A9 toolbar has an "about button" (Alexa of course). I tried it on my personal page (faughnan.com) and it took me to an Amazon.com listing for my web site! So I have an ASIN ID, just like a book: B00006E3JP. One can now use Amazon to write reviews on web sites. Mine had not been reviewed, so I couldn't resist contributing the first entry:
Amazon's A9 toolbar has an "about button" (Alexa of course). I tried it on my personal page (faughnan.com) and it took me to an Amazon.com listing for my web site! So I have an ASIN ID, just like a book: B00006E3JP. One can now use Amazon to write reviews on web sites. Mine had not been reviewed, so I couldn't resist contributing the first entry:
Ok, so it's my web site. The astounding part was playing with the (Firefox!) A9 toolbar and following the link -- to discover that my personal hobby/obsession web site has an ASIN number (B00006E3JP). So am I an author now?It does look like Amazon is going to leverage their review technologies to rate web pages and augment their search. Here's the page for Google! This page lists Larry Page's (Google founder, now worth billions) contact info
This is really a fascinating development.
The data displayed is interesting. The domain probably dates to 1995. A9 lists the site as 'clinical systems design' because that appeared in an early domain registration (it's almost impossible to change that early registration information).
Somehow they also list my home phone number, but with an old area code. The fax number doesn't work either. The email address is a joke address that once belonged to my dog (she got too much spam, so we jointly agreed to delete the address).
I shall have to create a blog posting with this review; I do enjoy the self-referential aspect of all this.
Larry PageThere are only 135 reviews for Google, which suggests this is a rather new toy.
2400 E. Bayshore Parkway
Mountain View, CA 94043
US
+1 650 318 0200, Fax: +1 650 618 1499
info@google.com
gPhotoShow - the sad (spyware) fate of a once fine product
gPhotoShow - Slide Show Maker and Photo Screen Saver Creator
I loved gPhotoShow. It worked well on all my machines and was a pleasure to use. It was free, but I'd have paid for it. I didn't want to "pro version" -- forget why.
Recently I ran into problems installing the free version on a machine. I downloaded a new free version to see if that would work better.
On install, it mentioned it was supported by NavCell (sp?) and installation required installing the NavCell toolbar.
This is the modus operandi of spyware -- the lowest form of software (basically a self-inflicted virus).
Of course I aborted the install immediately and deleted the new version.
This is a sad end to what was once a fine piece of software.
I loved gPhotoShow. It worked well on all my machines and was a pleasure to use. It was free, but I'd have paid for it. I didn't want to "pro version" -- forget why.
Recently I ran into problems installing the free version on a machine. I downloaded a new free version to see if that would work better.
On install, it mentioned it was supported by NavCell (sp?) and installation required installing the NavCell toolbar.
This is the modus operandi of spyware -- the lowest form of software (basically a self-inflicted virus).
Of course I aborted the install immediately and deleted the new version.
This is a sad end to what was once a fine piece of software.
Mac security tips - Mac OS X Hints
macosxhints - Regarding the 'opener' malware script
Similar to the Macintouch recommendations. My main takeaway:
1. Don't run as admin.
2. Don't install s/w that requires one to run as admin (Photoshop Elements 3, for example).
Similar to the Macintouch recommendations. My main takeaway:
1. Don't run as admin.
2. Don't install s/w that requires one to run as admin (Photoshop Elements 3, for example).
Friday, October 29, 2004
Network Solutions Advanced DNS Manager
Network Solutions Advanced DNS Manager
This took a Google search to find. Network Solutions web site is pretty bad.
The traditional approach to moving a domain to a new provider is:
1. Give new provider domain name
1. go to network solutions (for example)
2. change where DNS server address from old provider to new provider.
The alternative approach is documented on this page. In this case Network Solutions takes over the DNS functions and one tells Network Solutions which machine to point to.
It feels like it comes down to who one trusts more, and to whom should one give power over a domain.
This took a Google search to find. Network Solutions web site is pretty bad.
The traditional approach to moving a domain to a new provider is:
1. Give new provider domain name
1. go to network solutions (for example)
2. change where DNS server address from old provider to new provider.
The alternative approach is documented on this page. In this case Network Solutions takes over the DNS functions and one tells Network Solutions which machine to point to.
It feels like it comes down to who one trusts more, and to whom should one give power over a domain.
US National Security Agency Systems and Network Attack Center (SNAC) has released its 100-page Security Configuration Guide for Mac OS X 10.3.x.
"Opener" Malware: "While we're talking about security, it might be worth noting that the US National Security Agency Systems and Network Attack Center (SNAC) has released its 100-page Security Configuration Guide for Mac OS X 10.3.x.
While some of the NSA's recommendations are understandably more restrictive than are required in most settings, overall, the guide represents an excellent collection of security practices, while applying tools and techniques specific to Mac OS X.
The guide is available here: applemac/osx_client_final_v.1.pdf"
While some of the NSA's recommendations are understandably more restrictive than are required in most settings, overall, the guide represents an excellent collection of security practices, while applying tools and techniques specific to Mac OS X.
The guide is available here: applemac/osx_client_final_v.1.pdf"
Subscribe to:
Posts (Atom)