OX 10.5 Leopard: the Ars Technica review

Mandatory reading for Apple geeks, all of whom will mentally underline one paragraph

Mac OS X 10.5 Leopard: the Ars Technica review: Page 4

...Why, Apple? Why!? Was there something horribly wrong with the existing menu bar—something that could only be fixed by injuring its legibility? Like the folder icons and the Dock, it's not so much a fatal flaw in and of itself. It's what it implies about the situation at Apple that is so troubling. What in the holy hell has to happen in a meeting for this idea to get the green light? Is this the dark side of Steve Jobs's iron-fisted rule—that there's always a risk that an obviously ridiculous and horrible idea will be expressed in his presence and he'll (inexplicably) latch onto it and make it happen? Ugh, I don't even want to think about it...

Jobs gets the blame for most of the horde of bizarre UI decisions. We can only hope, like the last minute Dock overhaul, that they'll be fixed -- maybe by 10.5.3.

Meanwhile even Apple enthusiast sites are suggesting anyone with a life should wait for 10.5.1. My friend Andrew, who is usually blessed by the OS gods, spent the weekend rebuilding his laptop post a 10.5.0 update and he grudgingly admits his core apps are significantly less stable under 10.5.0 than they were under 10.4.10.

Personally, I'm thinking more of 10.5.2 -- and I like 10.5.

Update: this is part of why I like 10.5:

...In the screenshot above, I've scaled the remote computer (a Mac running Tiger and Apple Remote Desktop) to an extreme degree, but it's still fully functional and surprisingly usable even at this tiny size. The preferences dialog in the front belongs to the Screen Sharing application, as does the toolbar with handy "Send to/from Clipboard" buttons on it.

The Screen Sharing application is hidden in /System/Library/CoreServices, but can be launched manually and used to connect to another computer if you know the IP address. You'll be prompted for a username and password, with the option to explicitly request permission to share the screen...

I was disappointed to read that 10.5 screen sharing was VNC based. This scaling stuff is not part of any VNC client I've tried (and none of them worked well on OS X anyway). Sounds like there's more to it.

WiTopia personalVPN

We all know that it's trivial to intercept unencrypted 802.11 wireless communications.

Happily most cafe net sessions are too boring to interest the average hacker, but there are always kids with too much time on their hands. So I'd been thinking for a while I needed a personal VPN solution.

Personal VPN also comes in handy if you ever have to deal with an overly aggressive "webwasher" type environment -- the encrypted communications goes through a remote proxy, so if the proxy isn't blocked (big if), and if the right ports are open (bigger if) then you can bypass the "washing".

I decided to do a 30 day trial of WiTopia personalVPN. I paid the $40 for the one year subscription, I have 30 days to get my money back. I picked them because Tidbits recommended them as an OS X friendly solution. Their web site is improving quickly, a week ago it was pretty confusing. There are basically two products you get when you sign up for the personal VPN:

• PPTP VPN: This is built into OS X, though in 10.4 it works through the peculiar "Internet Connect" application rather than the network preferences (where I looked for it). Easy to use, requires no additional software. This style of VPN is disdained by experts for some security issues, but of course it only has to be better than nothing -- which is what everyone else at the Hotspot is using. It's the old "park next to the better bicycle" theory.
• SSL VPN: This requires a client installation.

The SSL VPN is their core product, the PPTP is a bit of a freebie. This is what they say about it (the writing could use some work, they are confusing IPsec and SSL VPNs, I think they left out a sentence somewhere):

... With the widely praised openVPN™ software at its core, our service deploys a 128 bit encrypted SSL VPN using the powerful and efficient Blowfish™ cipher. Depending on other factors, higher levels of encryption may simply bog down your processor without providing the security you might think. Versus an SSL VPN, PPTP based VPNs have their limitations and have been shown to have vulnerabilities. IPsec VPNs are superior to PPTP but suffer from tremendous complexity that can affect reliability and security. [jf - this is where they need to say they took a 3rd approach -- SSL VPN]... 

Lastly, we set up our own Secure Certificate Authority and "sign" your unique public key during setup. The private key is never released and resides on our secure systems. These must match before the service will activate and no one can ever see your data without possessing both keys This adds a step in the setup process, and was additional work on our part, but is superior to static or shared key approaches. Beware of any VPN service that skips it. [jf: The certificate security means WiTopia has to create a custom install for each customer. So if you want to use SSL VPN on OS X and XP you have a problem.] ... 

personalVPN™ is not just a VPN service. It's an Internet privacy solution. Beyond encrypting all your data to our gateway, we exchange your IP address for one of ours. To everyone on the Internet you are an anonymous user whose traffic originates in our data center....

So far I'm sticking with the PPTP solution. It took only a minute to setup on OS X, though I had to run Help to figure out how to do it. I haven't tried the SSL VPN because I don't like installing this type of software if I can help it. It runs too close to the hardware and is often flaky.

Apple has built Open Document support into the OS

I wonder if Nisus will now be able to import and export OASIS Open Document files -- at least on 10.5:

Matt Legend Gemmell » Blog Archive » Get rid of your code with Leopard

...The text systems deals with OASIS Open Document files and ECMA Office Open XML files, and a newer version of Word files too, so you can add a few more Import and Export options to your app for free....

Nice to see ODF support at the OS level.

It's silly to install 10.5.0: exhibit 10

Honest, I'm going to stop posting these soon.

Please read: Information on events deleted from Google Calendar - Spanning Sync | Google Groups

...upon upgrading to Leopard and syncing for the first time, Apple Sync Services sends a 'delete' command for every event in every calendar being sunc...

OS X 10.5.0 is a big update. Only hobbyists and professionals should install it. Nobody else should install anything prior to 10.5.1. The truly wise will wait for 10.5.3.

The bad habits of two of my favorite OS X applications: They use Unsanity's Application Enhancer framework

Two of my favorite OS X applications are iPhoto Library Manager and AudioHijack pro.

Alas, both, I've recently discovered, use Unsanity's Application Enhance framework (APE) hack.

I don't recall either app ever providing "informed consent" of use of this hack -- though I think AudioHijack might have.

I still shiver when I remember the history of DOS TSRs (terminate and stay resident), and APE is the same sort of thing -- a way to hack applications that are already running [1]. The inevitable result of such hackery is that the applications become less stable [2].

A less obvious result of this kind of bad habit is that a major OS update can break big time:

Unsanity urges customers to make sure APE is current before upgrading to Leopard - The Unofficial Apple Weblog (TUAW)

... has been the implication of Unsanity's Application Enhancer (APE) framework in some upgrade problems. APE has a long and sometimes controversial history, with some developers swearing BY it (Audio Hijack, for example, uses APE to enable the "Instant Hijack" functionality) and other developers swearing AT it (APE's ability to modify other applications at runtime, necessary to enable some tools, can also make app debugging more difficult)...

... Rosyna of Unsanity sent out an urgent email alert to mailing list subscribers (reproduced in whole below) recommending that APE be updated to the current version (2.03) prior to upgrading to Leopard, lest badness ensue...

The badness is that Leopard blue-screens on install. Archive and Install avoids the problem and that's what Apple is now advising blue-screen victims to do. It's what I prefer to do myself in any case.

One good thing about 10.5, even for those of us waiting for 10.5.1, is that it's going to kill APE. IPLM's author reported that he can do 99% of what he needs to do without hacking 10.5, and I think the same is true for AHP (Instant Hijack isn't essential).

I do wish they'd never used it to begin with.

[1] In the old days only one application could run at a time, so the TSR was simultaneously hacking the OS and the application. Excuse me while I try to forget.

[2] Incidentally, Microsoft's sanctioned Outlook plug-ins seems to have a rather similar effect on XP and Outlook stability!

Update 10/29/07: John Gruber has more details. Logitech's "control center" turns out to be a very bad APE offender. I still think it was a bad idea for IPLM to use an APE hack, but at least it was in a good cause -- getting around Apple's missing iPhoto functionality. Logitech had no excuse at all. Friends don't let friends buy Logitech.

Gmail won't let me email a zipped USB driver

I wanted to send someone a USB driver for an obsolete i500 phone. Gmail wouldn't let me! It said I couldn't send a zip containing an "executable file" for "security reasons".

Hmm. Maybe I really don't want to make Gmail my primary email environment!

I added an extension of .txt and Gmail let me send the email.

I don't like this.

OS X 10.5 Leopard: Cries of the Damned

Apple's Installation and Setup support forum for 10.5 (Leopard) now rings with the cries of the damned. The inevitable "wait for 10.5.1?" posts are appearing, but Apple is killing them within an hour of posting. (I tested this by commenting on one of them. It was gone an hour later).

This is not at all surprising. We see it even with only minor updates, much less a major OS transition. Apple is very secretive, and secrecy is the enemy of quality. Sure, the Vista update is much worse, but Apple controls the hardware and Microsoft doesn't. Given control of hardware Apple should have much smoother OS transitions, but the secrecy is lethal.

Most people will do fine. A number will lose all their data. They ought to scream, but I don't think Apple will change its ways.

Overall 10.5 looks to be a very promising update. Unless you're buying a new machine, an update like this is strictly for the foolish, the prepared geek (two backups, different methods, one a bootable image for quick restore), and those blessed by the Gods of Apple (Andrew).

I expect to be pretty happy with 10.5.1 and very happy with 10.5.4.

I wouldn't install 10.5.0 if you paid me.