macOS

Trust me, they won’t even notice…

May 5 '06Mar 3 '17
macOS Apps, macOS Rants, Technology

So let's assume you're a big, powerful, corporation, generally viewed as "customer centric" with very cool and useful products. Sometimes, though, you have the occasional 'what we're they thinking?' moment with a product. Let's further assume your name is, oh, I don't know, how about...Apple? Here's yet another of those moments they seem to have with some regularity:

That, in case you're not familiar with it, is the button in iPhoto toolbar that lets you publish a selection of images to your .Mac homepage. Click it, and a wizard comes up that helps you select the theme, layout options, and other features for your photo page. You then click Publish, and presto, your images are published on your .Mac homepage, complete with a very nice slideshow feature. Presto, bango, simple!

So what's the problem? Well, that button (and the wizard it launched) has simply vanished in iPhoto6. There's no discussion about it in the manual, nor in Help, nor in the Read Me, nor in the Knowledge Base. It has simply disappeared into the ether.

Instead of using the handy wizard, you're now supposed to send all your images through iWeb, which will then force you to create an actual site, just to contain what should be a simple slideshow page. Yech. There is a workaround, which I'll write up in detail for macosxhints next week. (Short version: export and resize to 800x600, upload the folder to your iDisk, then use the .Mac homepage to create the photo page.) But the workaround is a far cry from the ease of use of the old wizard.

Now personally, I never used this feature, as I don't use .Mac for my photo pages. However, after recommending the iLife upgrade to my mother, I definitely got an earful about this "new and improved" iPhoto when she found her single most used feature missing in action! Since I feel responsible for the problem she now faces, it's the least I can do to try to help spread the word about this, and hope Apple can see fit to return a basic feature to the application.

I'll probably be writing about why this is a Really Bad Thing on macworld.com next week, but I wanted to get something up about it now, while it was fresh on my mind. Of course, based on Apple's treatment of the discussion I linked to above, I don't have a positive feeling about the chances of this feature's return...

Perhaps, though, if enough people make enough noise about it, they can bring back what was a powerful and easy-to-use feature.

Living in a Parallels universe

Apr 20 '06Mar 3 '17
macOS Apps, Macworld, Technology

Macworld logo Having succesfully navigated the Windows on Mac world via both the unofficial hack as well as Apple's Boot Camp, I once again put on the Windows hat for a first look at Parallels Workstation. Parallels lets you run Windows (nearly any variant), as well as various versions of Linux and Unix, and I tested multiple OSes on the Core Duo mini.

Don’t try this at home…or do!

Apr 16 '06Mar 3 '17
macOS Raves, Technology

tiger image I'm working on an article for Macworld that requires installing and removing a number of programs on my Mac--programs that include kernel extensions, frameworks, etc. Since I prefer to keep my core OS X install relatively clean, I created a new 10.4.6 installation on a FireWire drive, and I've been using that for all the software testing.

To make things even easier on myself, I did this all on the PowerBook, so I could continue working on the G5 while the PowerBook was involved in the testing process. When I put the PowerBook to sleep, the FireWire drive stays powered up--since the FirewWire port gets power even when the PowerBook is sleeping. Since the drive makes a bit of noise, and leaving it powered up bothers me, I've taken to unplugging it when the PowerBook is sleeping.

This morning, I woke the PowerBook as usual...but completely forgot it was booted off the FireWire drive, which was peacefully resting next to the PowerBook, unplugged. Uh oh. As soon as I realized what I'd done, I was ready for instant death in OS X. But no such thing happened. Of course, nothing much else happened, either--mouse clicks seemed to be ignored, Command-Tab didn't work, etc. In short, the machine was effectively locked up, though I could move the cursor. This makes sense, given that the system was sitting there without any way to access its operating system.

Since I was sure I was in deep trouble at this point already, I did the only logical thing--I plugged in the FireWire drive and crossed my fingers. Amazingly, it just worked--even the mouse clicks I'd made were 'remembered' and all activated as soon as the drive came back online, and everything was fine from then on.

This may be old news to many of you, but I was pretty impressed that I didn't immediately kill my PowerBook when I woke it up without a boot drive attached.

Smoothing things over

Feb 23 '06Mar 3 '17
macOS System, Macworld

Macworld logo Ever wondered about the various settings in the Font smoothing style pop-up of the Appearance System Preferences panel? Thanks to a recent crash, I was forced to revisit the font smoothing settings, which I literally hadn't looked at in years.

I found the results of my tests somehwat interesting, so I wrote them up for macworld.com.

More on Leap-A/Oompa Loompa

Feb 17 '06Apr 7 '14
macOS Security

I was frustrated after writing my Leap-A Q&A for Macworld yesterday, as I couldn't get Oompa Loompa to do what it was supposed to do--it wasn't infecting my files, and it wasn't sending itself out over iChat. So today, my friend and coworker Kirk McElhearn and I spent the better part of the day testing Oompa Loompa on a couple of controlled Macs. We wanted to figure out exactly what it did, or did not, do, and what to do about it if you found it on your machine.

You can read the results of our efforts in the article titled Digging deeper into the Leap-A malware. It took quite a while, but we think we finally figured out exactly how it works (and doesn't work), and offer some advice on removal. Among the more surprising findings was that it will not attempt to send itself out over Internet iChat, only Bonjour iChat. It also won't affect applications that are system-owned, only those that have been installed by a user (and are therefore user-owned). Both of these are why I wasn't seeing the behavior I expected to see yesterday. My test machine had only Apple's stock Tiger applications on it, and Kirk and I were testing with an Internet iChat.

I am now officially very sick of Leap-A, having spent probably 18 hours on it over the last two days. The short summary is that it's a bad piece of malware that could have been worse...but it's far from the self-propagating internet-spreading virus/worm that's been described on other sites. At the end of the day, it's really just a good reminder to be very careful about what you download and install on your Mac.

Have a nice weekend everyone!

-rob.

I’m local, and I’m malicious!

Feb 16 '06Mar 3 '17
macOS Security

[Note: The following isn't a slam on Apple's security policies, nor am I chiding them for fixing a security hole. I merely found the description of one particular hole and its related fix somewhat funny, so I thought I'd have a bit of fun with it. Read the following as nothing more than a poor attempt at humor after a long day spent writing about security issues...]

Given the relative seriousness of the Leap-A malware/trojan (I put together a pretty straightforward Q&A page for Macworld, too), I thought the following look at the lighter side of security was worth sharing today!

One of the things included in the recent 10.4.5 update (and yes, I've already updated the OS X release dates chart) was a security update for the kernel. Specifically, this update fixed the following exploit:

A malicious local user may trigger a system crash by invoking an undocumented system call. This update addresses the issue by removing the system call from the kernel.

Now don't get me wrong, I think patching security holes is a Very Good Thing. However, in this case, I have to question both the danger of the hole as well as the quality of the related fix. Let's look at the 'hole' and 'fix' in more detail. First, consider malicious, which derives from the word malice. According to Merriam-Webster, malice is the "intent to commit an unlawful act or cause harm without legal justification or excuse." So whomever this person is, they're not around to help you out.

Next, local user. This means the person is directly connected to your Mac. They may be seated directly in front of it, or perhaps they have connected remotely via ssh or telnet. Either way, they've successfully logged into your Mac. This means that they're either someone you trust (you need better friends!) who has an account on your machine, or they're a hacker who has figured out a valid username and password and used that info to log in. So now we have a malicious local user, with some level of access to your Mac.

So just what is this malicious local user going to do now? According to the security notice, they're going to trigger a system crash. That's right. They've gone through all this trouble to gain access to your machine, and now they're going to invoke an undocumented system call and bring the machine down. (If they're physically local, pulling the power cord would do the same thing, and probably cause more damage in the process.) Granted, a crash is never a good thing, but consider this malicious individual again. They're here to cause harm. Probably as much harm as they possibly can. And given that they're logged into your machine, they can probably cause a lot more harm than a simple reboot. File deletion, creating evil symbolic links, installing a keystroke logger, etc. There are a lot of things they could do that are much farther up the 'cause harm' scale than a simple crash.

But nonetheless, we don't need to worry about this particular security issue any longer. Why not? Because Apple fixed it! Yes indeed, they sure did. They fixed it by removing the system call from the kernel. "Hey Doc, my arm hurts!" 'No problem, I'll have that arm off of there in a jiffy!' I'll certainly sleep more soundly tonight, knowing that some malicious local user won't be able to use an undocumented system call to crash my machine!

Security issues are important. They really are; I think today's dialog about Leap-A was good for the Mac community. And I think closing security holes quickly and effectively is also a Very Good Thing, as I stated above. But still, I couldn't resist having a bit of fun with the nature of this particular hole and the related fix.

Give Camino a test browse…

Feb 15 '06Mar 3 '17
macOS Apps, Macworld

Macworld logo As noted on numerous sites yesterday, the Camino browser has officially reached version 1.0. This is great news, as Camino has long been one of the fastest, best looking browsers available for OS X. I've used it off and on over the years, but now, with 1.0 out, I'm giving it a test run as my main browser for a week. Why? I'm a bit tired of Firefox's non-Mac-like interface, and Safari seems to get slower each day I use it. Plus I like some of the features it offers.

Over on macworld.com, you can read my Editor's Notes entry to learn why I'm giving Camino a test run. While it's not a full review (or even a preview), it does cover some of the features you'll find in Camino, as well as a couple of essential plug-ins.

If you're presently not entirely satisfied with your browser of choice, give Camino a shot. It's lacking in a few areas, but overall, it's a very capable browser with a very standard OS X interface and a great feature set. I must admit, I love the 'browser wars'--they're clearly giving us not only more choices, but more better choices than we've ever had before...

An annoying Address Book glitch

Feb 12 '06Mar 3 '17
macOS Apps, macOS Rants

Tiger box Given my background with it, and its role in leading to an unexpected but welcomed career change, I'm clearly a fan of OS X. But sometimes, I really question the quality assurance (QA) testing that goes into the OS and its associated applications. Consider the following glitch I ran into yesterday with Address Book.

Now granted, I don't run Address Book directly all that often--I usually just use it via Mail and the other programs to which its connected. But yesterday, I was trying to do something with my nearly my full contact list when I ran into a problem (not fatal to the task, but highly annoying). Here's the problem: Address Book fails to save the scroll thumb location when unselecting entries from the Names list--but only when you're unselecting entries from anywhere other than the first or last screenful of the list.

That actually sounds quite confusing, so I thought I'd demonstrate with a short movie. Click the image at left for a small version (182x174, 188KB) of the problem demonstration, or you can view the full-size version (364x548, 976KB) if you prefer. The clip first shows how unselects should work, by positioning the thumb at the top and the bottom of the list of names. It then shows what happens when the thumb is elsewhere.

To recreate the problem on your Mac, just follow these simple steps:

Launch Address Book, click on any entry in the Names column, then hit Command-A to select all the names.
Move the scroll thumb somewhere towards the middle of the list.
Hold down Command and click any one name. Watch the scroll thumb leap back to the top of the list.
Repeat ad infinitum.

As I noted, this isn't a fatal bug--it just makes it much tougher to deselect a number of names after selecting all. The bug also doesn't occur if you're simply selecting names from the middle of the list; it's only when you're deselecting (though it doesn't have to be from a Select All).

The bigger question is why do we see these types of glitches in many OS X programs? I probably launch Address Book about once a month, and yet it took only one relatively simple task to reveal a fairly obvious problem--how come a QA team didn't spot it long before the program ever left the development lab?

How I back up my websites

Jan 8 '06Mar 3 '17
macOS Apps, macOS System, Technology

I’ll start off with an admission: I’m a relatively clueluess user of the command line in OS X. Sure, I know my way around the basics such as ls, cp, mv, and I have a working knowledge of vi, and a basic understanding of some of the more advanced programs. But that’s about it—minimal shell scriping skills, no knowledge of regular expressions, and only the most basic understanding of pipes, redirection, combining commands, etc. So I find myself regularly amazed by the power of what (for a Unix wizard) would be an amazingly simple task.

Such was the case yesterday. Earlier in the day, I’d had a bit of a scare with our family blog site (like robservatory, it runs on WordPress). Due to a mix-up on the administrative end, the WordPress database for the site was deleted. Historically, I’ve been very paranoid about backing up the macosxhints’ sites. But for whatever, reason, that same paranoia didn’t extend to my two personal sites. Hence, I had no backup to help with the problem. Thankfully, the ISP did, and the family blog was soon back online without any loss of data. But I resolved to not let this happen again without a local backup of my own.

[continue reading…]

On the strangeness of electrons…

Dec 24 '05Dec 24 '05
macOS Apps, Technology

Happy Holidays!

As you may know, I'm in Colorado for the holidays this year, visiting with the family. If you've never been here, the air is extremely dry, especially in the winter. And dry air makes a great breeding ground for static electricity. Coming from humid Oregon, I'd pretty much forgotten about that fact. Until this morning, when I touched the trackpad on my 12" PowerBook G4 and watched a very large, very bright spark travel between my finger and the pad. Zotttt!

Immediately, the trackpad was rendered next to useless. The cursor was generally restricted to a square area of about 200 pixels in the top left corner of the screen--though I could occasionally coerce it into other locations. Knowing what little I know about electricity (stay away from it!), I thought for sure I'd fried some key electronic part that controlled the track pad.

Nonetheless, I tried my usual first troubleshooting step--a restart. While things changed a bit, the trackpad was still basically unusable. I could drag it all over the screen, but only in huge jumps. When I lifted my finger, the cursor would jump to some other spot on the screen. I was now pretty convinced I had a hardware issue.

Then I remembered that I had SideTrack, the replacement trackpad driver, installed. SideTrack is such an essential piece of software for me that I had totally forgotten I had it installed. In the 'why not try' category, I downloaded the newest version and installed it. One restart later, and...presto...I once again had a fully-functional trackpad.

So the question of the day for any of you technical types is: How could a jolt of static electricity permanently affect a software application? It seems very odd to me, especially given that SideTrack isn't the kind of thing (I wouldn't think) that would be writing anything permanent to disk (which might get scrambled by a shock). Any ideas?