Monday, July 20, 2009

Time Capsule's nearly Fatal Flaw

Apple customers need more spine. This fanboy isn't nearly ballistic enough (emphases mine)...
Mac 301: Time Machine backups after your Mac's brain surgery

... Replacing the logic board is essentially like getting a whole new Mac; though all the data on the hard drive is identical, the new logic board will have different hardware identifiers (specifically, the MAC address) that will tell your Time Capsule, "This is a new Mac that's never been backed up before. Please treat it as such." The Time Capsule, doing as it's told, will fumble along and create a new Time Machine backup while ignoring the old backups completely.

Your options then are these:

1. Scrap your old Time Machine backups and start fresh. There may be an allure to this, but it's almost certainly unnecessary, and you can lose months of perfectly good backups. Plus, you then have to deal with the incredibly long first Time Machine backup all over again.

2. Hack your Time Machine backup using the following procedure, which will allow you to resume Time Machine backups as though your logic board was never replaced.
So you send your machine to Apple to get fixed, confident that you're fully backed up with Time Capsule.

Your machine returns in great shape with a wiped drive. No problem, you think, you've got Time Capsule ...

Oops. Your backup is worthless unless you can hack the backup image...

Excuse me, I need to breathe into a paper bag now.

Ok, I'm back.

Apple's forums have lots of threads on the topic, like this one. It seems poorly documented, but if you have the Time Machine icon in the menu bar (set via Time Machine preferences) and you option-click on it you get a "Browse Other Time Machine Disks" option.

I found one kb article with some information for Time Machine and another for Time Capsule ...
Restoring an existing Time Capsule backup to a new Mac
When your new Mac starts up for the first time, you are asked if you want to transfer information from another Mac or volume (in the "Do You Already Own a Mac?" window).
Click "From a Time Machine backup or other disk."...
... Time Capsule appears as a Backup Volume. Select it, then click Continue to proceed.
Enter the password for your Time Capsule...
Except that doesn't make sense. What if there are multiple machine backups on the Time Capsule?

I suspect there are workarounds, but it confirms my feeling that Time Capsule is half-baked.

BTW, there are interesting issues with FileVault such as ...
Note: If you use FileVault, your Home folder is backed up only when you are logged out.... If you use FileVault, you cannot browse for individual items in your Home folder. However, you can restore all files and folders by using the Restore System from Backup feature of the Mac OS X Installer
at No comments:
Labels: , , ,

iPhone encryption is 3GS only – and how the data disappears

I read of iPhone 3 encryption at launch time, then heard no more of it.

I wondered where it had gone.

Turns out it's 3GS only dedicated hardware encryption, and it's invisible to the user ...
TidBITS Safe Computing: iPhone 3GS Offers Enterprise-Class Security for Everyone:
... According to Apple, all data on the iPhone 3GS is encrypted by default...
Great feature, though I'd like to see the ability of 3rd party apps to use it app-specific longer pass-phrases.

Update 7/21/09: I think Gruber pointed out that remote wiping doesn't require removing all the data, just the unique decryption key. So the data is still there, but it might as well be on the far side of the moon (unless there's a backdoor or a big math breakthrough ...). A NYT article on ‘vanishing’ data is relevant – the way to make data “vanish” is to require access to a centralized decryption key that can itself disappear. See also – DRM and the case of the vanishing Orwell.
at No comments:
Labels: , ,

Friday, July 17, 2009

MobileMe (.mac) and the OS X Console - bug and the console dock bounce

I've been trying to track down an odd 10.5.7 software bug.

Every 1-3 days, my user session browsers hang. I can ping the net and browse the LAN, but Safari and Firefox are unable to get secure sessions or access the net (I need next time to check if email works).

Weird.

Anyway, to investigate this I launched the OS X Console app (called ... "Console) and studied the output. I didn't see that much about the browsers, but I saw a series of recurrent ".mac" sync requests that were failing. I looked into my MobileMe PreferencePane (new name for .mac) and I still had the credentials of a MobileMe account I was trying. I'd canceled the trial account, but the OS was still trying to sync it. I clicked 'log out' (or equivalent) and the problem went away.

So there's a 10.5.7 bug with discontinued MobileMe accounts. If you discontinue your MobileMe account, be sure to "log out" of the old account in the MobileMe PreferencePane

The Console's an interesting place to look for odd problems, in much the same way as in XP one checks the admin event monitors. It does, however, have issues of its own. It transiently uses 100% of my G5 CPU, and it has a very obnoxious bounce behavior. Every time a line is written to the Console it bounces in the dock to get my attention. I admit, I can't ignore the bounce.

I'm sure there's a way to kill the Console dock bounce, but a Google search didn't turn it up. (You can, however, toggle all bounces via the terminal).

Now back to that networking/browser/http bug ...

Update: I have to laugh. There's a Console.app preference for "when an open log is updated" that toggles the bounce. My expectations were too low; I didn't even look.

Update 7/20/09: The weird bug struck again. I tried to hit an https resource and both Firefox and Safari couldn't get a secure session -
Safari can’t establish a secure connection to the server...
In the past the next step is losing all http access. It's as though something were consuming a finite http related resource ...

I switch users and there's no problem, so it's a resource in my user session.

Then I check Console and find this ...
7/20/09 1:56:21 PM DashboardClient[23283] (ca.aquabox.widget.twidget) file:///Users/jfaughnan/Library/Widgets/Twidget.wdgt/Scripts/prototype.js: SyntaxError: Badly formed JSON string ... Twitter is over capacity
Huh?!

Yes, sure enough, I once installed a Twitter Dashboard client, Twidget, -- then forgot about it. It's making http requests in the background - constantly.

I wonder if it's consuming some resource ...

I've deleted it. Never occurred to me that the Dashboard client was sucking cycles -- I rarely run the db.

Update 7/25/09: Fixed. Turns out it was a Parental Controls bug.
at No comments:
Labels: , ,

Wednesday, July 15, 2009

Firefox 3.5 slow startup: It's a big bug

Firefox 3.5 can take up to 15 seconds to launch the first time each day I use it at home, but at work it can take, literally, minutes.

Disabling update checking seems to fix the problem. It's in Tools:Options:Advanced:Updates.

I disabled all update checking. Of course this is not optimal, I'm hoping FF comes out with a fix shortly (I'll have to manually request the fix update though!).

(Credit to a work colleague for this fix.)

Update 7/24/09: After a few days I realized removing update checking didn't really fix things. Another colleague spotted the bug report. Wow.

It's remarkable how long it took the Firefox team to admit there was a serious problem, and how egregiously bad the original security related design decision was. Per my colleague:
Apparently the issue is that the Firefox 3.5 NSS (Network Security System) reads all the files in the IE cache and the Windows Temp folder to generate a seed for its PRNG. Not only is that expensive in and of itself but it also might (!) cause your AV scanners to re-scan every one of the touched files. Apparently clearing your IE cache and Windows temp files may or may not help.
This should be a wake-up call for Firefox. How did this design make it into production? Why was there so much resistance to admitting something was badly wrong?

Update 7/24/09b: The newest release may have a fix.

Update 7/24/09c: It was a bad design flaw, but I now see why I was so affected by it. Some IE install glitch had given me a HUGE IE cache -- one that was above the IE 8 1GB limit! I only discovered this when trying to reset it, and discovering IE shrunk it to 1GB. I set it to 50MB and deleted what was in there. As usual my Windows Temp folder also held quite a bit of junk, but it was the IE cache that was huge.
at No comments:
Labels:

The five incomplete ways to search a Google Blogger blog

There are several ways to search a Blogger blog, including the search box gadget, Google Custom Search, Google Blog Search, and and the Blogger editor search.

I'm just starting to use the search box gadget, but I suspect it's similar to Google Custom Search -- it turns out to use the very mediocre Google Blog Search indexing.

Google Custom search coverage of my blogs varies from very good to fair. It all depends on how Google feels about my blogs on a particular day. Sometimes it's keen, sometimes not so interested. When it's keen the material is well indexed, when I'm out of favor the indexing is shallow. It's never comprehensive however. (Google's variable affections reminds me of my 7yo daughter, but that's another story.)

Google Blog search has extremely poor coverage of my blogs. It seems to largely index the popular blogs.

The search function that's displayed in Blogger's NavBar is sometimes better than Google Custom Search, but it's shallower -- biased to newer stuff.

Finally there's the search function that's part of the Blogger editing environment. I thought that one was really comprehensive. I'd never known it to fail -- until today.

Google Custom Search found one of my very old (2003) posts in Gordon's Notes, but the Blogger editing search couldn't find it. I did some probing and it looks like I'm indexed from 2004 on, but it fails in 2003.

So from Google alone I count five different ways to search my Blogger posts, but none of them is perfect. The Blogger editor search is most comprehensive, but the Google Custom Search will sometimes turn up posts it misses.

Of course if this material were all on my hard drive Spotlight would index it all. The Cloud is not always your friend.
at No comments:
Labels: ,

Stack Overflow now has global computer question site (beta)

First Stack Overflow came for the coders. Then they came for the Sysops. Now the dynamic duo of “Joel on Software” Spolsky and “Coding Horror” Atwood are going for all the rest of the geeks. I’ve joined the Super User beta (how did they get that url?!)…

… Super User is a collaboratively edited question and answer site for computer enthusiasts – on any platform. It's 100% free, no registration required….

Stack Overflow’s children are the heirs to the pre-spam usenet. Experts-exchange is finished.

Fantastic work, and very much appreciated. I very much hope there’s a fortune in it for them somewhere – I suspect there is.

I love these guys.

at 4 comments:
Labels: , , , ,

Monday, July 13, 2009

DIY video baby monitor and video broadcast review

I've had limited success with low cost broadcast video (ustream.tv) , iChat, and Google Video Chat. So I was impressed by the tips and lessons in this do it yourself baby monitor project (emphases mine) ...
The mighty mini, take two: DIY video baby monitor

... In response to Dave Caolo's recent ode to the Mac mini, I figured it was time to step up. I had two things gathering dust: my old standalone iSight, a gorgeous example of Apple design sadly idle since the advent of built-in iSights, and a lovely new Intel Mac Mini that was recently scored on sale at MicroCenter with plans to set it up for my older two kids once I could get my hands on a small LCD monitor.

I figured in the meantime it would serve nicely as a baby monitor, since I couldn't find a matching transmitter/receiver pair among the various baby monitors I had accumulated over the years. My idea was that it would live discreetly, headless and tailless (monitor, keyboard, and mouse-free) in the baby's room, and broadcast both locally on my network and also wide-area so grandparents could tune in remotely.

For the initial setup, I needed a monitor, but fortunately my TV has a PC (VGA) port, which I used to configure the mini. I set it to login automatically to the main account and join my Airport network. In System Preferences, I enabled screen sharing and added iChat as a login item.
In iChat, I enabled Bonjour and instant messaging, added myself as a buddy, and restricted chats to preapproved users under security preferences. Because I didn't want to connect via screen sharing every time I wanted to initiate a chat, I typed the following into Terminal so that it would auto-accept any incoming video chats:
defaults write com.apple.ichat AutoAcceptVCInvitations 1
... While this worked great for my own local use, it had some inherent restrictions: remote users (aka "grandparents who love to watch sleeping grandsons") couldn't join the chat easily. Spouses at work had issues with company restrictions on AIM. Plus, it was iPhone-unfriendly; the holy grail for me was turning the iPhone into a video terminal that followed me around.

I went through a few different ideas: private channel on Justin.tv (great for multiple viewers, but awash in advertising, restricted at work, and unavailable on iPhone), Skype (great video, automatic call acceptance and limited iPhone capabilities, but terrible for multiple viewers), and complicated setups involving QuickTime Broadcaster.
Not wanting to reinvent the wheel (well, no more than I already was doing), I hit upon SJKM's iCam software, which is an iPhone application & accompanying cross-platform video streaming tool specifically designed for video monitoring, available in the iTunes store for $4.99....
at No comments:
Labels: ,
Subscribe to: Posts (Atom)