Sunday, February 26, 2006
Aperture 1.1 due in March
Aperture 1.1 is what I've been waiting for. Actually, I want Aperture 1.11, but if reports are good I'll go for 1.1 in May.
XP on MacTel: via Linux and VMware
The initial enthusiasm for booting XP on a MacTel machine has waned. The problem may be intractable without risky hardware hacks.
So attention has moved to an odd alternative: Boot Linux, then run VMWare on Linux, then XP on VMWare: Mac OS X Internals: XP (VMware) on the Intel-based Macintosh.
It sure sounds odd, but it plays to the vast strength of Linux -- the ability to port to new platforms. It's easy to imagine a stripped down distro that would package just enough Linux to support VMWare. So one would reboot a MacTel machine to Linux/VMWare/XP ...
So attention has moved to an odd alternative: Boot Linux, then run VMWare on Linux, then XP on VMWare: Mac OS X Internals: XP (VMware) on the Intel-based Macintosh.
It sure sounds odd, but it plays to the vast strength of Linux -- the ability to port to new platforms. It's easy to imagine a stripped down distro that would package just enough Linux to support VMWare. So one would reboot a MacTel machine to Linux/VMWare/XP ...
Saturday, February 25, 2006
Magical Mac stuff
I'm browsing the collection of images that I use to index our attic. (Hierarchical data structures are most easily represented using the native folder system.)
I open one in the OS X image viewer app. I rename it in the folder while it's open. The application handles it, changing the name on the fly.
Windows doesn't do that.
Sweet.
PS. The OS X 10.4.x TextEdit application is such a reasonable lightweight substitute for Word, that after some reflection the best way to get a decent RTF file format word processor on the G3 iBook is to buy Tiger for the iBook! (My research suggests it runs quite well on a G3 with 640MB DRAM and I get the educational price.)
I open one in the OS X image viewer app. I rename it in the folder while it's open. The application handles it, changing the name on the fly.
Windows doesn't do that.
Sweet.
PS. The OS X 10.4.x TextEdit application is such a reasonable lightweight substitute for Word, that after some reflection the best way to get a decent RTF file format word processor on the G3 iBook is to buy Tiger for the iBook! (My research suggests it runs quite well on a G3 with 640MB DRAM and I get the educational price.)
Friday, February 24, 2006
The security flaw in OS X: bad
Macintouch has the first decent and clear analysis of what Apple did wrong. The way OS X "identifies" a file is a hack, a kludged compromise between Mac Classic, UNIX, BeOS, Windows, and NeXTStep. The results include some fundamental contradictions which can be easily exploited.
It will be amusing if it turns out that the primary security feature of OS X was that malicious hackers couldn't afford the hardware to allow them to develop attacks. Now they can. If so, there will be a lot of others coming.
Apple is being characteristically silent. They've known this would happen, it's a bad sign that they haven't fixed the problem long ago ...
Update 3/6/06: Matt Neuberg has a very good summary of this problem. Fundamentally he agrees with me, but he knows more.
MacInTouch: timely news and tips about the Apple MacintoshI've long suspected that the kludged history of OS X would make it very vulnerable to attacks. That's why I've never boasted of the fundamental security of O X. I suspect security experts felt likewise. So why now? I wonder if this had anything to do with the hacked betas of OS X/Intel that are circulating. A whole new audience may be playing with OS X ...
[MacInTouch Reader] The initial press coverage of the (misnamed) Safari/Terminal vulnerability has a number of folks barking up the wrong tree.
This vulnerability has nothing to do with Safari, other than Apple's design mistake of having Safari by default open "safe files" making the exploit far easier.
This vulnerability has nothing to do with Terminal, other than Terminal being a convenient way to run arbitrary scripts. There are other bundled apps that handle provided scripts. For example, compiled applescripts in 10.3 can be run despite being renamed as a jpg or the like via a metadata reference to Script Runner.
This vulnerability is not specific to zip files. Any archive file type that can contain metadata in an OS-X-standard way can be used. Examples are zip, tar, ...
This vulnerability is two mistakes together, involving the application and use of improper metadata.
The first mistake is in the OS routines and example code that allow writing usro or other resources which are inconsistent with a file's extension. The applications that take advantage of these routines/examples, and which can consequently be used to extract exploits, include at minimum the default BOMArchiveHelper (OS X 10.3 or newer), and StuffIt Expander 10.
The second mistake is in the OS routines that have the Finder, Mail, and likely many others displaying the file type branding (icon) based on the extension (.jpg, .mov, etc.), while then opening the file based on the non-matching type and owner in the usro metadata.
The second is more critical to fix, across the board, as malicious files can potentially be written to disk by an attacker without using traditional archivers like BOMArchiveHelper or StuffIt Expander.
It will be amusing if it turns out that the primary security feature of OS X was that malicious hackers couldn't afford the hardware to allow them to develop attacks. Now they can. If so, there will be a lot of others coming.
Apple is being characteristically silent. They've known this would happen, it's a bad sign that they haven't fixed the problem long ago ...
Update 3/6/06: Matt Neuberg has a very good summary of this problem. Fundamentally he agrees with me, but he knows more.
Griffin Technology: A fine company going down
Griffin Technologies was one of my favorite companies. Alas, they're going downhill fast.
I bought their AirClick iPod RF remote and discovered, as have others, that the range is very limited. It's less useful than an IR remote. I thought the problem might be RF interference with the home security system, but changing location didn't help. Their FAQ suggested changing the battery, but when I opened the device I found the battery was epoxied in place. I tried calling tech support, but got a message saying they were in an "all day meeting". Then I tried emailing tech support and got this message:
Update 9/29/06: Well, they did end up doing better. Once I got a human being on the phone they were quite happy to have me send in the unit, which they were sure was defective. I didn't want to spend too much time on this, so I just tossed in the component I was sure was broken. Wrong one! I was ok with that and forgot about it. Today, out of the blue, Griffin sent me their current AirClick. Now, it's not at all suited to what I wanted to do (control iPod output to my stereo) -- it plugs into dock connector and prevents charging, but it was quite nice of them. I'll see if I can figure out a use for it and if I can't I'll give it away. I think it's intended for an iPod in a backpack, but it's kind of a silly device.
I bought their AirClick iPod RF remote and discovered, as have others, that the range is very limited. It's less useful than an IR remote. I thought the problem might be RF interference with the home security system, but changing location didn't help. Their FAQ suggested changing the battery, but when I opened the device I found the battery was epoxied in place. I tried calling tech support, but got a message saying they were in an "all day meeting". Then I tried emailing tech support and got this message:
502 Proxy Error:This doesn't look good.
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /contact/email.php.
Reason: Could not connect to remote machine: Connection refused
Update 9/29/06: Well, they did end up doing better. Once I got a human being on the phone they were quite happy to have me send in the unit, which they were sure was defective. I didn't want to spend too much time on this, so I just tossed in the component I was sure was broken. Wrong one! I was ok with that and forgot about it. Today, out of the blue, Griffin sent me their current AirClick. Now, it's not at all suited to what I wanted to do (control iPod output to my stereo) -- it plugs into dock connector and prevents charging, but it was quite nice of them. I'll see if I can figure out a use for it and if I can't I'll give it away. I think it's intended for an iPod in a backpack, but it's kind of a silly device.
Thursday, February 23, 2006
Google Dashboard Widgets
I'll try these on OS X 10.3 using Amnesty to run the widgets ...
Google Macintosh Dashboard Widgets
... The Blogger Widget enables quick and easy posting to your blog. Checking your Gmail inbox becomes a matter of pressing F12 with the Gmail Widget. And the Search History Widget allows you find that website you saw last week while searching Google.
Google launches an AJAX web authoring and hosting application
Alas, it's toast right now:
I guess this is what will replace FrontPage for most users ...
Update: I got it working. Both this site and Gmail are up and down however, must be one heck of a load! You can upload files, such as PDFs, from the page manager and then link to them from the pages.
At the moment it appears to be a single user service linked to a single account. However, I found out that they've implemented page locks, which can be broken. So it's designed to be multi-user.
I wonder if they'll eventually allow site content to migrate between Gmail accounts? The URLs won't migrate, they include the account owner name. There's a 100MB site size limit at the moment.
Google is going to "own" our digital identities. This makes me wonder when the Google word processor will come out.
Google Page Creator is having a little trouble right now.Very interesting if it will allow me to host images, PDFs, etc. Great for small organizations. A significant problem, however, is likely to be moving data from one account to another -- something that's important for small organizations, volunteer groups, etc. Bloglines has the same problem.
This is not because of anything you did; it's just a little hiccup in our system that will hopefully go away soon. We apologize for the inconvenience, and recommend you try reloading this page.
I guess this is what will replace FrontPage for most users ...
Update: I got it working. Both this site and Gmail are up and down however, must be one heck of a load! You can upload files, such as PDFs, from the page manager and then link to them from the pages.
At the moment it appears to be a single user service linked to a single account. However, I found out that they've implemented page locks, which can be broken. So it's designed to be multi-user.
I wonder if they'll eventually allow site content to migrate between Gmail accounts? The URLs won't migrate, they include the account owner name. There's a 100MB site size limit at the moment.
Google is going to "own" our digital identities. This makes me wonder when the Google word processor will come out.
Subscribe to:
Posts (Atom)