Categories
OS Quest Trail Log

The OS Quest Trail Log #12: Leopard

This week on the quest was almost all about Leopard. Certainly this weekend was all Leopard.

I chose to do a complete erase and rebuild, installing all my apps one by one. While time consuming I like this method for any OS upgrade. With Windows it was almost a requirement.

One reason I like it is there’s little risk while installing the OS, especially for OS X with all peripherals disconnected. If Apple (or anyone) can’t install a OS on hardware they also designed it would be a slam dunk to go back to the old OS and wait for the fixes, or move to another OS.

A second reason is I like to see the OS as intended by the developers (or the marketing department). By not doing a migration I get fresh settings. Of course, the downside here is it’s all new and I either have to change my ways for awhile or manually tweak the settings back to where I wanted them. But it’s all fun.

The third reason is that all the app settings get wiped out. Most apps have been upgraded since I first installed them and this give me an opportunity to revisit them and see if there are better ways. Also, there may have been some minor corruption in the settings that I didn’t notice and this cleans it all out before it has a chance to bite me. But in cases where I did want to save the settings it was so much easier than with Windows. All I had to do is restore the apps ~/Library/Application Support subdirectory and I was good to go.

It was also a bit of an eye opener about how much of my data had moved to the net. Mail has always been a concern for me since it’s usually a complex file system and tied to one app. I’m using GMail now so it was immediately available without risk of data loss (although I still need to do something to prepare for when Google loses it). My Firefox bookmarks and settings are also synced so were ready to pull down. .Mac synced my Safari bookmarks, Transmit favorites, contacts, calendars and all my Yojimbo data.

The only serious problem I had was trying to set up my Boot Camp partition in Parallels. A little research shows this problem pre-dates Leopard. Between the time to install and troubleshoot the problem I put it aside for later. I just don’t need the functionality. Other than that there’s just minor annoyances. I’ve been listing them on my Leopard page.

First Impressions

I like it. Like I suspected, it’s the sum of the improvements that make it worthwhile. Some of them are minor like in the print driver for my Epson R340. Previously if a pre-set came up as the default but I wanted to print just some of the pages I lost the preset when I picked the pages to print and had to reselect it. Now I can change the pages to print without losing the preset. Minor, but annoying when I forgot. I also like the improvements to the DVD player since I frequently watch DVD’s while working on my iMac (like now – Tom Petty Gainsville concert). There’s a setting to keep it above other windows and they’ve added a time slider at the bottom of the viewer window.

Spaces – I’m liking it so far. Applications can be assigned to certain spaces or they can just be allowed to stay in the space that they’re open in. Switching between spaces is intuitive and windows can be dragged from one Space to another. This last one is important for apps such as Firefox or Safari where I might want windows in multiple space. When selecting a running app from task switcher Leopard switches to the Space it’s running in. This is both beneficial and annoying. As many apps will only run one instance of themselves I sometimes want them in two Spaces. I need to drag the new window to the new Space.

Time Machine – The jury is still out for me, but it does appear to be more than eye candy. The interface may be flashy, but it’s functional. It was easy to set up for everything to be backed up. While the restore screen does take over when activated it does seem intuitive. I’ve set it up for both my iMac and MacBook. I’ll be using it until SuperDuper! gets officially updated for Leopard. I’m also impressed that I haven’t noticed a performance hit when the backup runs. (Other than the first backup which I let run overnight. [Updated Oct 29th] So much for no performance issues. I had a problem when Time Machine got around to backing up my large VM file.]

The .Mac enhancements seem to make it even more functional. The preferences sync seems to take most of the preferences folder (~/Library/Preferences) so even third party app sync. Maybe I shouldn’t have been but I was surprised to see apps getting the settings when I installed them on my MacBook which was a huge time saver. It also opens up some interesting system restore possibilities.

I haven’t used Apple Mail.app since I had some problems with it. But I’ll probably give the new version a try later this week. I left Safari as my default browser to give it a try. But I still end up going to Firefox on the strength of the add-ons. I have used Safari a bit without any problems.

I’m one of the people that puts the dock on the left side and also auto-hides it, rarely using it. With the last minute changes that Apple made a side dock looks much like the old dock so I don’t have much to complain about there. The translucence is annoying at times, like when I can read background text in a dialog that I’m trying to read text in the dialog itself. Hopefully they’ll add the ability to turn it off in a future update.

Haven’t come across much more that I can complain about. I’m a happy Leopard user.

Software Upgrades

Haven’t really kept track of upgrades this week. With the Leopard upgrade all my apps were re-installed with the latest versions and patches.

WordPress 2.3.1 was released a couple of days ago, hopefully I’ll get around to upgrading it this week.

News & Links

FastCompany.com: Magic Shop – Reporter as front-line employee at several retail stores. Says Apple gets it right. My favorite line: “When employees become sharers of information, instead of sellers of products, customers respond.” Still take too long to get service sometimes.

Lifehacker.com: Featured Mac Download: Keep Mail.app at a Glance With Mail.appetizer – Seems like a cool add-on for handling mail in mail.app.

ap.google.com: Comcast Blocks Some Internet Traffic – The AP is reporting about Comcast’s blocking of internet traffic. They stop the transfer by silently sending a false message to stop downloading. The message appears to come from the other computer. Which, as others point out, is just plan wrong.

arstechnica.com: Comcast traffic blocking: even more apps, groupware clients affected – Ars Technica has more info on Comcast blocking of network traffic. It apparently extends to enterprise software such as Lotus Notes.

dailyapps.net: Hack Attack : Install Leopard on your PC in 3 easy steps! – Installing Leopard on a PC. Hacked iPhones and now Leopard on non-Apple hardware. Oh my.

news.com: Congressman to Comcast: Stop interfering with BitTorrent | Tech news blog – CNET News.com – net neutrality is back on the agenda.

Categories
Mac OS X

Leopard Upgrade: Executing the Plan – Part 2

I got Leopard installed and running in good time and without any problems. So it was time to start installing the apps. So far the app installations have gone fine although a few minor Leopard problems have cropped up.

The first thing I installed was Yojimbo because I keep all my configuration info, serial numbers and passwords in it. Yojimbo syncs with .Mac so after installation I reconfigured it to sync with .Mac and did a manual sync. When prompted I told .Mac to replace everything on the computer (Yojimbo data only). All my data was quickly restored and I moved on.

Next up was Firefox. While it doesn’t sync with .Mac I do use the Google Browser Sync plugin to save configuration and other info. So I re-installed that and did a sync. All my bookmarks, cookies and configuration were restored.

Other programs, such as DVDPedia keep their data in ~/Library/Application Support/AppDir. I didn’t want to take the settings for every app since I wanted a clean start, but if the app also kept it’s data there I dragged the directory from my backup to Leopard after installing the app.

I installed all the Apple apps (iLife, iWork, Aperture) from DVD then ran Software Update to get all the updates for them. While there were updates for just about everything it was nice to only have to get one set of updates and not have to return to get the updates for the updates. For other apps I used their own update check after installing the software.

For iTunes I started it before any restore then I shut it down and moved my iTunes library from my backup to the newly created library directory and overwrote everything. I was happy to see it remembered all my podcast subscriptions and history. I had to authorize the computer with the iTunes store and I also went through the preferences and set things up again.

For iPhoto I copied my libraries to the Pictures directory. Since I don’t use the standard library name I held down the option key when I started iPhoto and picked one of my libraries and all was fine. I was able to use iPhoto Library Manager to switch between libraries although I’m avoiding any other iPLM options until there’s an update.

I was able to install the following apps: Aperture 1.5.6, ChronoSync 3.3.5, CSS Edit 2.6, DVDPedia 4.0.7, Fetch 5.2.1, Firefox 2.0.0.8, Growl 1.1.1, iLife ’08, iWork ’08, Mailplane 1.53, QuickSilver B52 (3813), Skype 2.6.0.151, SnapZ Pro X 2.1.1, and Transmit 3.6.1 among others. All used similar methods, either restore data from .Mac or restore the data from my backup.

SnapZ Pro X is one app I had a problem with. When I picked the option to license it to all users on the computer it would prompt me for my admin password but not do anything after I entered it. I had no problem licensing it for me. This isn’t a big deal since I’m the only user.

The Quicksilver website (quicksilver.blacktree.com) has been down so I’m been unable to download plugins but I’ve been using it as an application launcher. Can’t blame Leopard for this one.

That takes care of most of the software. I still need to setup Boot Camp, install Parallels and configure Time Machine but those will be more involved. I have read about people who are doing an upgrade in place having problems (and many other success stories) so I’m glad I went the re-install route. It takes longer but not unexpectedly long and I end up with a pristine installation.

Categories
Mac OS X

Leopard Upgrade: Executing the Plan – Part 1

The Leopard DVD was waiting at more door when I got home tonight, left by Fedex 10 hours earlier (damn work!). My memory upgrade had arrived earlier than expected and was waiting with the DVD. So I set about executing my upgrade plan, which is to do a full erase and install.

I synced my iPod with iTunes to get the latest updates, refreshed my iTunes library backup on my Airport connected drive then deauthorized iTunes. Then I did one more .Mac sync and set syncing to manual. Then I started Superduper! to do a smart update to both my external drives and went to put on a pot of coffee. The smart updates for my 500GB drive (240GB used) took about 15 minutes each. I then verified Mozy had backed up during the day while I was at work.

Then I booted off of each clone to make sure they worked. So I had two bootable full disk clones and a third backup of all data (Mozy offsite for everything except iTunes, and iTunes on another external drive). Once each clone booted I shut down and disconnected it from my iMac to avoid any accidents. Not that I’m paranoid or anything.

Once that was done I decided to take advantage of my backups and see what it was like to remove a Boot Camp partition. That went extremely well and was quick. (I’ll be adding Boot Camp back but with Windows XP and not Vista.)

Then I shut down, disconnected all peripherals and did the memory upgrade to bring it to the 3GB maximum, and booted to make sure the old OS saw the memory and everything seemed fine. I’ll do the upgrade with only the keyboard and mouse connected.

It was time to pop in the Leopard DVD, power off and reboot while holding down the <C> key to boot from the DVD. I did an Erase and Install which went very much as described by Apple. I picked a custom install and deselected the Language translations to save 1.9GB. The install was about 9.5GB.

The install took about an hour, including the setup wizard. There’s a DVD verification scan that can be skipped. I let it run this first time but will skip if for the other Macs. This took 22 minutes. The setup wizard runs after the first reboot and was just like setting up a new Mac. I did not use the Wizard to import the old settings. I want to do fresh installs for everything.

Immediately after my first logon there was an update through Software Update titled “Remote Desktop Client 3.2.1”. It was a 5.8MB download which downloaded quickly. I had expected Software Update to be buried so I was pleasantly surprised.

Then I connected one of my cloned drives and clicked cancel when asked if Time machine should use it. I then started copying the User directory to the local disk in a spare location. My plan is to disconnect the clone and start moving data from that spare location to my current directories. I’ll clean things up as I go and by doing a move I’ll be able to keep track of what I haven’t touched.

I made a few quick configuration changes – moved the dock to the left side and set it to auto-hide and reconfigured mighty mouse so I can right-click. I also set it to bring up the app switcher by pressing the trackball.

Then I started installing software which I’ll cover in Part 2. (To jump ahead a bit – Software Update is feeding updates to my Apple apps just fine.)

My Leopard page will be kept updated with any problems as I find them.

Categories
Random Access

Security Quest #7 – New Leopard Security Features

Now’s a good time to review the new security features Apple is adding to Leopard. Besides, between the site upgrade and Leopard prep I didn’t have time to put together another security topic.

Apple has 11 new security features listed on their “300+ New Features” page. Some of the non-security features seem to be padding for the list, such as an “empty trash button”. How lame are the security features and which ones are padding?

The 11 from Apple’s list are:

1. Tagging Downloaded Applications:It all depends upon implementation but this sounds like a really good feature that contributes to security. When an application is downloaded to the Mac it is tagged as a downloaded app. Before it runs for the first time your prompted for your consent and are told it was downloaded, what application downloaded it and if possible what URL it came from. This one is definitely a useful feature.

2. Signed Applications: All apps shipped with Leopard are digitally signed and third-party developers can sign their applications. This one is probably more beneficial to sysadmins and all small segment of users, but most users probably won’t care. I’d still put this in the useful feature category.

3. Application-Based Firewall: In addition to port blocking you can also configure individual applications to allow or block incoming connections. OK, this is new for Leopard, but an evolutionary improvement that’s already in the Windows XP firewall and most third-party firewalls.

4. Stronger Encryption for Disk Images:OK, stronger is better, but this is borderline “new button” territory. It’s 256-bit AES instead of 128-bit AES. 128 bit is still an option. It’s an improvement, not a new feature and I suspect one most Mac users don’t care about. Governments and enterprises will probably welcome it.

5. Enhanced VPN Connection Compatibility: Like encryption, this is an improvement. A welcome improvement for people who need VPN. This could include people forced to use a public Wi-Fi network and wanting VPN for extra security.

6. Sharing and Collaboration Configuration: You can now share any folder on your Mac the same as Windows. I can see sysadmins cringe now. I’m not sure I’d call this a security improvement since users are often the weak link in security. It all depends upon implementation but it’s easier to share a directory to everyone rather than have to manage access and it’s easier to share an entire drive than folders. (I speak from experience.) I guess I’d agree this is new to OS X but I don’t think I’d put it in the security category unless it’s really well implemented.

7. Sandboxing: This one really depends upon the implementation but it’s a new feature and has the potential to significantly improve security. Applications can have their file access, network access, and ability to launch other apps limited. Apple has sandboxed Bonjour, Quick Look and the Spotlight indexer. A good security improvement but it depends upon the application and developers. This does deserve the “new feature” designation.

8. Multipe User Certificates: Allows you to maintain different digital certificates for different email addresses. Keychain can be used to associate certificates with email addresses. Signing email is becoming more common and anything that helps implement it is welcome. Another one that deserves the new feature moniker.

9. Enhanced Smart Card Capabilities: This is a welcome improvement targeted towards government and business.

10. Library Randomization: This loads system libraries to randomly assigned addresses which makes it harder for hackers. Vista has this too but it’s new to OS X and welcome.

11. Windows SMB packet Signing: Even the description makes this sound like something thrown in to pump up the numbers: “Enjoy improved compatibility and security with Windows-based servers.” So improved security is a good thing but it should hardly be on a new features list.

There’s one they put under the Network category that could help with security: New Airport Menu, now we’ll be able to identify secure WiFi networks. Sounds like they took it from Windows, but no shame in taking something that works.

Leopard Security Enhancement Summary

It’s actually not too bad. Only two shouldn’t be on the new feature list (6 and 11) and three are more along the lines of small enhancements (3, 4, 5) but the other six are worth identifying as new.

It’s nice to see Apple continue to address and improve security despite their reputation as a secure OS. I’d have to agree they aren’t paying lip service to security and made significant improvements.

Security Vulnerabilities

Real has released updates to several Windows versions of RealPlayer to address a security vulnerability. Mac and Linux versions are not affected.

Firefox 2.0.0.8 was released to address eight security vulnerabilities and add Leopard support.

WordPress 2.3 has a vulnerability that allows a blogroll to be spammed. This thread describes the vulnerability and has a link to download an updated link.php file to plug it.

Security Software

AVG Anti-Virus Free Edition has been update to version 7.5.503 has been released.

Links & News

ArsTechnica.com: Comcast’s law enforcement handbook leaked, could teach telecoms a thing or two – Comcast document leaked. Makes them look good compared to telcos.

Macworld.com: I will behave cautiously online – Some tips for safe browsing. Even Mac users are vulnerable in this area since the operating system is irrelevant.

Macworld.com: I will keep my Mac safe from other users – Some tips on securing a Mac. Can’t say I do all these things

Macworld.com: I will use good passwords – Some tips for using passwords

 

Categories
OS Quest Trail Log

The OS Quest Trail Log #11: WordPress Upgrade & Website Redesign

Broken external links have been removed from this obsolete post.

This weeks quest was almost all WordPress and website updates. It was a pretty complete makeover, from the foundation to the window dressing. As I previously mentioned, I wanted to explore WordPress and web theme design. I really liked my previous theme, Redoable by Dean Robinson, but it needed to be changed to handle WordPress 2.3, mainly due to the changes to categories and tagging. My choices were to either stay at WordPress 2.2, modify Redoable myself, or go in another direction. My experience with Redoable taught me a couple of lessons about WordPress themes and now seemed to be a good time to start practicing what I learned.

There’s some great free WordPress themes out there. Most of them are done by people for the fun of it. WordPress will change, the theme being used may not change with it. In my case I had Redoable which was a powerful, complex, well designed theme. It was built on K2 and was modified to incorporate various plugins. And that was a problem.

In this case a change to the way categories are handled and the addition of tagging was a significant change that broke Redoable.. Not everyone’s priorities coincide with the WordPress release schedule (shocking!). K2 (the foundation of Redoable) is nearing completion of version 1 which is WP 2.3 compatible so it makes sense for Dean to wait for the final release. Even so, he may have other priorities once it’s released.

If I tweak a theme I then need to manually incorporate my tweaks into a new version of the theme when the designer releases it. This isn’t a big deal for the minor changes I made to Redoable. But this could be a daunting task if more changes are made. A lot of changes would be needed for WP 2.3 compatibility. Even if I updated Redoable Dean would probably release a better update down the road (he recently posted about the update plans) and I’d want to upgrade (sidegrade?) again. I’d either have to figure out how to incorporate my changes into his new theme (not likely worth the effort) or modify my site again to accommodate his new theme. That just seemed like a bunch of work I didn’t want to do since there really wasn’t a benefit to anyone.

K2, along with the modifications to integrate plugins makes for a complicated theme to learn on. Even if I fought my way through the changes necessary I probably wouldn’t have a good foundation of knowledge in CSS and PHP. I’d pick up bits and pieces depending on what needed to be changed.

I had planned to use the Sandbox theme and design the CSS from the ground up as a learning experience. But I dumped that idea because it would take too much of my time before I saw results and could upgrade to WordPress 2.3. Plus, I’m not much of a designer. I stayed with Sandbox but took an existing design called Shades of Gray from the Sandbox Design Competition as my foundation. This lets me concentrate on learning CSS rather than CSS and PHP and theme design.

The Sandbox theme is currently a theme available on WordPress.org (although an older version) so it’s likely to be supported for awhile. In addition, Sandbox was created by multiple people and has pretty good community support. It’s not a one-man show.

I also took the opportunity to trim back WordPress plugins I no longer used and to stop using ones that didn’t really add value. I added a couple new plugins and upgraded all the others if they needed it. And on top of all that I rolled in the first security fix for WordPress 2.3.

If you’re interested you can read more about the WordPress theme and plugins used on my credits page.

 

On the content end of things I re-did the pages. The main sections are along the top or all the pages are listed to the right. I mashed the existing content into them so the info pretty much appears where you’d expect but I may have missed a redirect or some links to old pages.

Visitor Stats

One of the features I removed is the poll that asked what OS visitors used. It’s replaced by the visitor stats over there on the right. For the record – there were 32 votes for OS X (60%), 14 (26%) for Windows and 7 Linux (13%).

Software Upgrades

Firefox 2.0.0.8 was released (release notes) and contained 8 security related bugfixes, two of which were rated critical. The release notes also mention it is Leopard compatible, although there are some known issues related to media plugins.

Quicksilver was also updated, although I didn’t receive anything through the programs auto update feature. This is a forum thread that discusses the update and contains a link. The update contains bug fixes, mostly related to Leopard. The update isn’t up on the main website yet. The update is available from the homepage. Ignore the version listed, the link will give you the latest version.

iPhoto Library Manager was updated to version 3.3.3 which contained a couple of minor bug fixes. This was actually released Oct 1st but I hadn’t used IPLM all month and just got the update notification.

Links & News

ArsTechnica.com: iTunes Plus DRM-free tracks expanding, dropping to 99 cents– Competition is good. Looks like Apple is dropping the price of DRM-free songs in response to Amazon.com

ArsTechnica: Windows Home Server in depth– An extensive review of Windows Home Server software.

Brewery offers lifetime supply of beer in return for stolen laptop

Download Ubuntu | Ubuntu– Ubuntu 7.10 “Gutsy Gibbon” has been released and is available for download.

Even Free Can’t Compete With Music Piracy– Even free stuff gets “pirated”. Bittorrent and other pirate sites are now the preferred delivery method for many, even when there’s no financial incentive. Ease of use trumps everything.

GoogleMac.BlogSpot.com: An Uploader Update– Google has updated their Picasa Web Albums uploader for iPhoto.

Macworld: Secrets: Great Flickr add-ons– Some Flikr add-ons summarized.

SmileOnMyMac.com: TextExpander 2.0 with Features for Organizing and Syncing– TextExpander has been updated to version 2.0. This is a link to the press release.

Tech.co.uk: Mac OS X 10.5 goes GM, launch date confirmed– Still no news on the Apple website. But this site says they’ve confirmed 10/26 as the Leopard lauch date.

Webware.com: Intuit vs. Web 2.0: Entry-level QuickBooks software is now free– Has the web made software cheaper? Quickbooks Simple Start Edition is now free, down from $100. Not completely altruistic, it servers as a gateway to their other services.

news.com: Google ups storage for Gmail, Google Apps users– Google has boosted the free disk space available for some of their services while promoting their paid add-on storage.

Categories
Random Access

Security Quest #6 – OpenDNS

OpenDNS is a standalone DNS service that anyone can use. The term “Open” in this case means open to anyone, not open source. When you switch to the OpenDNS servers for name resolution you’ll stop using your ISP’s servers and you’ll be using the OpenDNS servers. This could provide a performance benefit if your ISP’s name resolution is slowing things down.

Switching to OpenDNS is fairly simple, simply type in their DNS server addresses (208.67.222.222 and 208.67.220.220) in the appropriate spot in your network configuration. If you have a home network you should do this at the router. The OpenDNS website has instructions for many routers. If your making the changes on a computer they also have instructions for most OS’s.

All OpenDNS features are free. If you type in a bad URL they will display a search page that contains advertising.

Faster DNS is good, but the security features that OpenDNS brings are even better. You’ll need to sign up for a free account to manage these features. Anti-Phishing is on by default (no account needed to leave it on) but the others are off by default and you’ll need an account to turn them on and configure them.

Anti-Phishing

OpenDNS provides anti-phishing protection which is on by default. OpenDNS uses (and operates) PhishTank to identify phishing sites. If the URL is identified as a phishing sites it’s blocked and a block message is displayed. PhishTank is used by others such as Yahoo Mail and there’s a Firefox add-on that used it.

Domain Blocking

OpenDNS can also be used to block domains. You can also block a sub-domain. The example they use is mail.yahoo.com to block Yahoo Mail but allow the rest of Yahoo or yahoo.com to block all of Yahoo. In my case I block domains for the pop-up ads (and any ad that annoys me) that make it through the Firefox popup blocker. You could even go so far as to block doubleclick.net to block all their ads. It takes about 10 minutes for a block to take affect.

Adult Site Blocking

OpenDNS can also block several categories of adult sites. Data for this service is provided by St. Bernard’s iGuard. There are various categories of adult sites, from what some may not consider adult to one called “tasteless”. Since many adult sites may be used to spread malware this can provide some protection against typos or errant clicks.

Whitelists

While the above features block sites, there may be cases where you want to allow a site which would otherwise be blocked. You can add these sites to a whitelist which will prevent it from eve being blocked.

Additional Features

OpenDNS also includes several features that aren’t security related.

Typo correction – changes google.cmo to google.com

Shortcuts – create a keyword that goes to a URL. For example, mw can go to www.mywebsite.com

Statistics – you can view statistics about your DNS requests (optional and is off by default).

Security Software

CNet reviewed three Windows PC security packages this week. They rated McAfee VirusScan Plus 2008 – complete package a 7.0 out of 10. Panda AntiVirus 2008 was rated 6.0 out of 10. CA AntiVirus Plus AntiSpyware was also rated 6.0 out of 10. None were an editor’s choice

News & Information

ArsTechnica.com – Hackers target Finnish forum, crack logins for almost 80,000 users– Good example of why it’s a good idea to use different passwords on different sites.

ArsTechnica.com: Comcast’s law enforcement handbook leaked, could teach telecoms a thing or two– Comcast document leaked. Makes them look good compared to telcos.

ArsTechnica.com: Verizon Wireless: If you don’t opt out, we get to share your CPNI call data– Verizon Wireless will start sharing your calling data unless you opt-out

Lifehacker.com: Featured Firefox Extension: Create Strong Passwords with Password Hasher– Lifehacker brings a Firefox extension for creating strong passwords.

Macworld.com: I will be smarter about how I handle e-mail– Some tips about safe mail use. While a few product mentions are Mac specific, the tips can apply to anyone.

Macworld.com: I will behave cautiously online– Some tips for safe browsing. Even Mac users are vulnerable in this area since the operating system is irrelevant.

Macworld.com: I will keep my Mac safe from other users– Some tips on securing a Mac. Can’t say I do all these things

Macworld.com: I will use good passwords– Some tips for using passwords

Categories
OS Quest Trail Log

The OS Quest Trail Log #11

Not much time spent on the quest this week. Started doing some research to see what software I had was ready for leopard, and which wasn’t. Hopefully I’ll have enough to post sometime this week.

I spent some time in iPhoto and developed a new appreciation for it. Spent some time with the various adjustment sliders and found them easy to use once I got the hang of it. I especially like the ability to do non-destructive edits during the printing process. I still don’t like the way iPhoto hides the original in the background and only displays the edited copy. It is non-destructive, but the only way I found to get back to the original is to “revert to original” which deletes the edits. Of course, a copy can be made before doing this but it’s of both the original and edited version. This can result in lots of identical “originals”. If I have an edit I like I export it then re-import it so it’s an original. Not very efficient so I don’t do it a lot. I’m still in the habit of only working with originals and routinely “revert” all photos to the originals. I keep thinking I’m missing something. Am I?

Software Upgrades

In what seems like a rare event, none of the software I use was upgraded this week. Microsoft patch Tuesday doesn’t count because I only reason I fired up Windows was to patch it.

Links & News

Universal Music seems to be developing a business strategy called “anything but Apple”. Ars Technica has their latest plan for a music subscription service.

Daring Fireball: The ‘Un’ in ‘Unsupported’ – Lots of iPhone news this week. The only article worth reading is this one.

Hands-On Review: Pixelmator, a ‘Photoshop Lite’ for Mac Shutterbugs – Wired News has a pretty good summary of Pixelmator.

Macworld.com: Mac OS X Hints: Hand-code Smart Folders – Example of how to edit – and extend the power of – smart folders.

TheRegister.co.uk: Mandriva Linux 2008 is out and about – Mandriva Linux has been updated and is now a 4.1GB download.

ArsTechnica.com – OEM pricing for Windows Home Server comes into focus at below $200 – This seems like a well thought out product (based only on the press). I wish it was a little cheaper although the price isn’t unexpected.

LifeHacker.com – Online Storage: Free Remote File Storage Space at Who.hasfiles – Lifehacker brings another free online file storage solution. Free up to 100MB.

RoughlyDrafted.com – Rise of the iTunes Killers Myth — RoughlyDrafted Magazine – With all the news about new online music stores going after iTunes Roughly drafted has an article worth reading. I’ve been using Amazon lately but I’m not calling it a iTunes Store killer.

TUAW.com – Rumor: Aussies call Leopard date of 10/20 – Most rumors put the Leopard release date at 10/26 or so. This one says 10/20.

Categories
Random Access

Security Quest #5 – Patch Tuesday

Microsoft released five desktop security patches this month, 4 rated as critical and 1 rated important. All supported desktop OS’s get patched along with Internet Explorer and Outlook Express/Windows Mail. Even Mac users may need a patch. They also released one patch that was only for servers.

Bulletin MS07-060 is for Office 2000, Office XP and Office 2004 for Mac users. It’s rated as critical for Office 2000 and important for the others. It patches a vulnerability that could allow remote code execution.

Windows 2000 users will need MS07-055 which is a critical update to patch the Kodak Image Viewer. MS07-058 also applies to Windows 2000 but it’s rated as a low risk. On Windows 2000 the MS07-058 patch replaces MS06-061. Windows 2000 users will also get the IE and mail patches mentioned below.

Windows XP users will need MS07-055 which is a critical update to patch the Kodak Image Viewer. You’ll also need MS07-058 as an important update to patch an RPC vulnerability that could be used for a denial of service attack. Windows XP users will also get the IE and mail patches mentioned below.

Windows Vista users will need MS07-058 which is rated as important to fix an RPC vulnerability and prevent a denial of service attack. Windows Vista users will also get the IE and mail patches mentioned below.

Internet Explorer gets its typical cumulative update with MS07-057 which applies to all supported IE versions on all OS’s. It’s rated critical on all desktop OS’s.

Outlook Express and Windows Mail users on any version of Windows will need MS07-056. The vulnerability is rated critical for Outlook Express on a pre-Vista OS and rated important for Windows Mail on Vista.

I didn’t have any problems with the Windows XP, Windows Vista, IE and Mail patches although I don’t use the software enough where I would notice subtle problems.

Vulnerabilities

Adobe acknowledged the previously reported PDF vulnerability and offered a rather involved workaround. They expect an update to plug the vulnerability by the end of October.

Security Software

CNET looked a Norton Antivirus 2008 and rated it a 7.3 (very good). Users gave it a 3.5 so far. Even though it’s “very good” CNet’s review doesn’t make it sound like software I’d want to buy. Seems like Symantec still equals bloatware.

News & Information

 

A Notable Step in the Fight Against Phishing – Security Fix – Yahoo, eBay and PayPal get together and implement DomainKeys to fight phishing.

ArsTechica.com – Study: PEBKAC still a serious problem when it comes to PC security – Ars Technica brings a story about a study showing that the typical computer user is a security problem.

ArsTechnica.com – Ready or (mostly) not: here come more contactless payment devices – Visa is implementing contact-less payment. Ars Technica has a good summary of the security concerns. I’ll be keeping my magnetic striped card for now.

Feds shut down California’s domain name over hacker intrusion – TECH.BLORGE.com – California websites are hacked, remain hacked, so the feds started shutting them down.

Techdirt: Homeland Security Can’t Even Configure Its Mailing List Software Correctly? – Homeland Security has email problems. Not a real security problem since it was a public list, put makes you wonder.

Tech.blorge.com: French government unveils new tool to cut spam email – They have a new tool that makes reporting spam easy. Still some questions whether it will be embraced by users and ISP’s.

Categories
OS Quest Trail Log

The OS Quest Trail Log #10

Obsolete/broken external links have been removed from this post.

I decided to take the plunge and dive into learning CSS. This is in the lead-up to upgrading this site to the latest WordPress, which I decided to do as part of a complete redesign of The OS Quest.

So this week I deleted all the posts on my WordPress.org hosted blog and put up a few test posts and switched it to the Sandbox them. The Sandbox theme provides no CSS (or just a basic skin). While it will take longer I decided to start with no CSS and start building from the the ground up. There’s not much out there yet and I password protected the site, but you can follow the progress on Flikr.

I also spent a lot of time over at the Internet Duct Tape website where Engtech has a wealth of great tips and information. His article on Creating a Link Post was used to create the links in the Software Updates and Links & News sections below. In addition I used the information in his article about settings up a sandbox for the sandbox theme to set up my sandbox dev environment. There’s lot’s of other good reading there, but instead of me telling you about it just head on over and subscribe to his feed.

I went on a mini-buying spree and added the following software to my collection this week. All of it revolves around video.

Quicktime Pro from Apple ($30) – When I got my first Mac everyone said this software should be the first thing to get. I survived this long but needed to edit some video quickly and this was the quickest way to do it. Worth the money for the time and aggravation saved but not exactly a researched purchase.

CSS Edit 2.5 by MacRabbit Software ($30) – Like the name says, a CSS Editor. Helpful, especially for a beginner like me. Nice to be able to make a change and see it right away in a preview. I use the Milestone feature and like the non-destructive editing. I tried Firebug but found it hard to use and quirky since I’m new to this. Trial download available.

SnapWeb by Brain Tickling Software ($18) – I use this to capture images of web pages. I tried a couple free products but they didn’t work on one of my sites, this one does. There are also free ways to do this (print to PDF is one) but these require some setup or hacking. SnapWeb just works which saves time. I was in a “time is money” frame of mind this week so I bought it. Demo available (with watermark).

Thirty dollars seems to be my pain -point for buying software. I saw the three apps above met my immediate need and I didn’t spend much time looking for alternatives before buying them. On the other hand SnapZ Pro meets my needs for creating videos but I’ve held off buying it since it’s $65.

Software Updates

Path Finder 4.8 was released by Cocoatech as a free upgrade for Path Finder 4.x users. I upgraded immediately and like it so far. Path Finder is my main GUI interface, replacing Finder on my Macs. My favorite new feature is the “per-folder” settings for the view options. They were smart and don’t save these setting to a file in the directory, they use Core Data to save the settings in a database. The UI is also more Leopard like. Click the Path Finder 4.8 at the beginning of this paragraph for the complete change log.

While I don’t use the software, the following updates caught my attention:

FoxitSoftware.com – Foxit Reader updated to 2.2.2129 – The free and fast PDF reader was updated. The anti-Adobe Acrobat Reader. Small and fast, for Windows. A good replacement for the ever more bloated Adobe Acrobat Reader.

TheDigitalStory.com – Photoshop Elements 6 Available Today, For Windows Only – Also mentions that the Mac version is expected in early 2008. By then I’ll be ensconced in Acorn.

Links & News

Apple – Mac OS X Leopard – Finally gets listed for as “Arriving in October” on the Apple website. No pre-orders through Apple yet.

Apple.com – Startup key combination from paired Bluetooth keyboard may not work on a PowerPC-based Mac – News to me that it would every work. Even on Intel Macs the BT keyboard wouldn’t take startup keys from me.

ArsTechnica – Sony BMG’s chief anti-piracy lawyer: “Copying” music you own is “stealing” – According to Sony BMG I’ve stolen almost my entire music collection by moving it from CDs to my iPod. Making “a copy” of a purchased song is just “a nice way of saying ‘steals just one copy’,” she (Jennifer Pariser) said.

Blogs.Technet.Com (Windows Home Server Blog) – New and Updated Windows Home Server information – Links to some tech docs about Windows Home Server.

DiveIntoMark.org – If wishes were iPhones, then beggars would call – Commentary on iPhone brouhaha. 100% on the mark in my opinion. (As a non-iPhone owner).

Lifehacker.com – Taking Puppy Linux for a WalkPuppy Linux is a small 97.6MB OS meant to run from a bootable CD or USB drive. They give it a spin.

News.BBC.co.uk – Coppola plea after computer theft – Backup people. And if it’s the only copy you have calling it a “backup” doesn’t make it one.

OldApps.com – Old Version Downloads – Get old versions of software.

TUAW.com – notMac Challenge winner declared – The Unofficial Apple Weblog (TUAW) – Winner declared in challenge to create a free alternative to most dotMac functions.

Categories
Random Access

Security Quest #4: OpenID and Weekly Update

Back in Security Quest #2 I talked about the PayPal Security Key. The PayPal Security Key can also be registered and used with OpenID through Verisign’s Personal Identity Provider (PIP) program.

OpenID is a URL that serves as an ID to establish your identity although it doesn’t establish trust. OpenID is still in it’s infancy and there’s not a lot of sites I use (read that as none – at least that promote it) that use OpenID. Still, it’s interesting to think about where OpenID fits into the authentication scheme.

Some of the benefits of OpenID:

  1. Can easily maintain multiple online personas (IDs). For example, one for forums, one for blogs you author, etc…
  2. Makes online IDs easier to manage
  3. Can be more secure if properly managed. You can have multiple OpenIDs for different levels of security. It’s also easier to change one OpenID password regularly instead of multiple online accounts.
  4. It’s decentralized with multiple providers.

There are some potential drawbacks:

  1. OpenID uses the web browser so it’s only as secure as your browser and your surfing habits. OpenID is based upon redirection so there’s the risk of phishing and redirecting you to a bad site. You just need to be aware of your URLs and be sure they’re using https. Verisign has also put out a Firefox add-in called Seatbelt which helps to manage and protect OpenID. Still, by it’s nature, the loss of a single OpenID password would allow access to multiple accounts.
  2. OpenID is a potential privacy concern. Your OpenID provider knows what sites you visit and use. But so does Google and Yahoo.
  3. OpenID is still confusing and support is limited. A number of 5,000 sites is tossed about. But a look at the OpenID page makes it apparent a typical user isn’t going to wade through all that.

OpenID’s place in my world

OpenID supports delegation so I can use my website as an OpenID (which is just a URL). So my first step will be to enable my site to do this. This makes it easier to change OpenID providers if I want to. It’s also a much shorter URL than Verisign provides.

I’ll start looking for OpenID support at various sites I used. I’m not going to use it for any sites I really want to be secure (online banking and similar sites). I already use unique IDs and passwords for them. But I’ll start using it for other sites when it’s available.

Additional Info

There’s a 50 minute video of Simon Willison’s OpenID presentation at Google about open ID available on Google Video.

Vulnerabilities

There was news of a vulnerability in GMail although the hole has now been plugged. Check your filters if you use Gmail.

Security Software

Spyware Terminator (freeware) has been updated to version 2.0.1.224.

Lavasoft Ad-Aware (freeware) has been updated to version 7.0.2.3.

News & Information

Tech.Blorge about Carnegie Mellon University developing a game to teach Anti-Phishing to web users.

TUAW brings some links with information about running a Mac on an untrusted network.

There’s a company out there that’s asking ISP to provide click-stream and personal (like location) data so they can target ads to you. AlarmClock has the details along with TechDirt.

Spammer collecting e-mail addresses or file conversion service? Their current privacy policy would mean it really is a file conversion service. But would spammers lie? Here’s the link.