Forwarding Address: OS X

Monday, March 31, 2003

I'm about to make my return to the world of "Cafe Coding". I'll be hauling a laptop to Tequila Bookworm -- a quirky neighbourhood cafe near my house -- and spending at least part of my working day there (I'll have to charm the manager into letting me access the AirPort perched atop the air conditioner unit -- it's not open). For the work-from-the-home-office kind of person, having a cafe where one can go to do and do work is almost necessary, especially if your home doesn't have a separate room designated as "the office". Having somewhere else to go helps keep me motivated, prevents me from goofing off (you can't take naps in a cafe) and keeps me from being isolated from the rest of humanity.

("Get to the Mac-related part," I can already hear you saying.)

One of my projects is a PHP/MySQL thingy that will eventually be deployed on a server running TEH LUNIX. For this project, I'll be using my trusty 500MHz dual USB iBook (a machine that also happens to be Aaron Swartz's weapon of choice). I will also be "sharpening my saws" on Python, Java and C# (I'm running Rotor). It's proven to be a very handly little machine in the four months I've owned it.

Much higher up on the portable Mac product line is the 12" AlBook, which has roughly the same footprint as my iBook. Of course, its specs are much nicer, what with the 867MHz G4 processor, GeForce4 video card and pretty-much-full-size keyboard. It sounds as though it would be a pretty nice machine for the Cafe Coder, and in the O'Reilly MacDevCenter article A Developer's Perspective on Apple's 12-inch PowerBook, author Wei Meng Lee is inclined to agree.

Sunday, March 30, 2003

.

Friday, March 28, 2003

iCal issue update: it appears that the loss of iCal data on my machine is not due to any issue with the security update but rather due to the catastrophic hard drive failure my laptop has suffered. Fortunatelly there's online ordering and FedEx to remedy such situations. Humble apologies to Apple for blaming them (that ol' iTunes installer issue is still fresh in mind).

Monday, March 24, 2003

Apple Security Update - 2003-03-24

I just appied the update, restarted, launched iCal and now there's no data in there. Not a single appointment or event. All my calendars list, but they're empty. This is, as you might expect, a bit distressing. Anyone know what might have happened or what I might do to get them back?

Discuss

Apple Security Update - 2003-03-24

No KB article number yet See KB 120199...fire up Software Update (or use the command line version)

Security Update 2002-03-24 addresses a Samba vulnerability which could allow unauthorized remote access to the host system. The built-in Windows file sharing is based on the open source technology called Samba and is off by default in Mac OS X.

OpenSSL is also updated to address an issue in which RSA private keys can be compromised when communicating over LANs, Internet2/Abilene, and interprocess communication on local machine.

It is recommended that all users install this Security Update.

Friday, March 21, 2003

This just in from Apple:
We wanted you to be among the first to know that Apple has rescheduled WWDC 2003 in order to provide attendees with a preview CD and in-depth session coverage of the next major release of Mac OS X, codenamed "Panther." WWDC will take place June 23-27 at Moscone West in San Francisco, California.
Cool.

Thursday, March 20, 2003

The Gore Unit has joined the Apple Board of Directors!

Alsoft has announced DiskWarrior 3, the first OS X native version of that app. A lot of migrators from OS 9 ask me nervously about what kind of disk utilities they should be running. I usually tell them not to worry about it -- the stability of the OS effectively eliminates those mid-write crashes that cause so much of the disk corruption under OS 9; the system automatically checks the disk on startup if it detects anything amiss; and for that feeling of extra protection you can always enable journaling. Anyway, despite my extreme anti-fuss stance I believe DiskWarrior is an excellent product, even if OS X has reduced my need for it to a mostly psychological, don't-tempt-fate sort of thing. If I were responsible for taking care of other folks' machines I would certainly have a copy handy always. The only fault I can find with this version at first look is that it doesn't support UFS. Discuss

Sunday, March 16, 2003

When working with an external monitor attached to laptop I find I often lose my cursor briefly (that is, it's still there, I just don't know where I've put it - I think it's a sign I'm getting old). Part of the problem is that I tend to use keyboard shortcuts a lot and so often just stop paying attention to the cursor. Thanks to Youpi Key keyboard shortcuts are now also the solution: in it I've defined a universal short-cut (control-option-k) that bumps the cursor to the centre of my main screen. Pretty damned handy. Discuss

Saturday, March 15, 2003

Reading over the release notes for recent Eudora betas I noticed a lot of negative comments about OS X. Some may merely be factual -- I don't have the expertise to say. But there's an undercurrent of bitterness that is undeniable: "...[A]pple's broken OSX network reachability call ... OSX control manager bug ... broken Jaguar Unicode converter ... [A]pple no longer believes in colored [menu] text ..." and the most bitter, "OS SUX doesn't allow dragging by window edges..."

I've always appreciated the candor in Qualcomm's update notes. Unlike Apple, they don't say "improved functionality of feature X" when they really mean "fixed stupid bug in feature X." But I'm wondering if there is some larger significance to these comments. Does Qualcomm have insufficient luv for OS X to keep Eudora competitive long-term? How common are these sentiments among old-school Mac developers? Would it all be better in Cocoa? Any developers with comments, I'm all ears. Discuss

Friday, March 14, 2003

O'Reilly just posted a new article on using X11 under OS X, which seems to be the first in a series. If you haven't taken the X11 plunge yet, but are interested, check it out.

A new software update is available:
The Java 1.4.1 update adds the following enhancements :

• Improved Java applet support for Safari and other web browsers that support the Java Internet Plug-In.
• Up-to-date with the latest Java release from Sun, with hundreds of new features, including built-in support for XML-based web services, enhanced client functionality, and improved performance and reliability.
• Java applications take better advantage of Aqua and Quartz Extreme.
• Java applications now fully leverage the built-in Universal Access features of Mac OS X v10.2.
• Java applications can now be controlled through AppleScript, via the new UI Scripting technology.

For more details on this update, please visit: http://www.apple.com/java/

Check your Software Update control panel for details.

Wednesday, March 12, 2003

I'd like to add some more information on the Ximian Evolution on Mac OS X idea. If you are connecting to a Microsoft Exchange™ server you will only be able to talk POP or IMAP to the server. There is Ximian Connector™ for Microsoft Exchange™, which will let you utilize the most useful features of Exchange (office calendaring, resource scheduling, etc...). Alas it is only for the supported (read: linux) distributions. Ximian supports Yellow Dog, but I can't find any information about PPC support for Connector.

So, for those of you tied to Outlook, you should first find out if Outlook is tied to Exchange. If it is, Evolution on Mac OS X isn't the solution for you. In fact, I don't think Evolution on Mac OS X is the solution to anything right now as there are a number of very capable e-mail clients available. But if you need to talk to Exchange you will need to wait until Microsoft Entourage supports Exchange. Of course, the rumors are that only Exchange 2000 will be supported and not 5.5. Personally I doubt that. True it would be a very Microsoft thing to do, ensuring more people going down the upgrade path. But in reality the number of mac users in an organization probably wouldn't be able to squeak enough to get the grease that would be an upgrade to Exchange 2000. Plus, Outlook 2001 for Mac already talks to Exchange 5.5.

It's all just speculation and rumors at this point though, especially since Exchange 2003 is getting ready to be rolled out. Boy, I can't really express how happy I am not to be an Exchange admin right now. Discuss

Tuesday, March 11, 2003

Because it lacks automatic update notification, it's easy to miss new versions of LaunchBar. So, if you're a Launchbar user, consider this a public service announcement: Version 3.2.9 is out. Notable changes since 3.2.7 include faster scanning, better localization support, and some new presets for scanning developer docs. If you only recently arrived on Planet OS X and are a keyboard-oriented sort, check it out. For me, LaunchBar is an essential tool that sidesteps many of OS X's persistent (and perhaps permanent) UI deficiencies. Discuss

Speaking of Camino...If you are thinking about grabbing the 20030310 build of Camino, don't. It's crash-a-rific and I'm almost positive it has to do with the flash plug-in. I've already sent in 5 talkback reports today. Just stick with .7 for now. I only mention this because the nightly builds from .6 to .7 were almost always as stable as the point release and the dev guys even advocated grabbing a nightly build in the time between .6 and .7 to fix (among other things) a flash issue. Yes, I'm fully aware that nightly builds are meant for testing purposes only, they might shred your data, people can and do lose money! I'm just sayin'...

Friday, March 07, 2003

The browser formerly known as Chimera is now Camino. The first re-badged build was posted Wednesday, and a new version (0.7) showed up yesterday. Changes and new features (many of which have been seen in the nightlies, of course) are listed here. Update compulsive Caministas might want to consider the also just-updated CaminoKnight, which automates downloading and installing (and reverting from, if necessary) nightly builds. Discuss

Tuesday, March 04, 2003

Apple plans to debut an on-line music service for iPod users:
The new service, developed by Apple Computer, offers Macintosh users many of the same capabilities that are already available from services previously endorsed by the labels. But the Apple offering won over music executives because it makes buying and downloading music as simple and nontechnical as buying a book from Amazon.com, one source said.

``This is exactly what the music industry has been waiting for,'' said one person familiar with the negotiations between the Cupertino computer maker and the labels. ``It's hip. It's quick. It's easy. If people on the Internet are actually interested in buying music, not just stealing it, this is the answer.''

Cool.
Link (Via BoingBoing)

This posting, mostly about rsync, is aimed at people like me -- web developers who migrated to OS X with little experience in actually running web servers. I did it almost two years ago and am still learning.

I quickly came to enjoy, and rely on, having a local Apache/MySQL/PHP environment for development, but found that once a site went live I became more tied to the production server than I wanted. It was slowing me down, too, because of the workarounds needed to 1) keep work in progress isolated from live code and 2) integrate that work when testing was complete.

To remedy that situation I've been using rsync, with great success. I set up offline mirrors of live sites I'm working on, complete with their own MySQL databases and local-only virtual domains (e.g. "bigfancyclient.dev"). I tweak code with abandon and then, when it's all working perfectly (ahem), I upload the changes to the production server in one step -- using a shell script containing a couple long-ass rsync commandlines.

For those new to rsync, basically my rsync commands say: "here's the development mirror A; here's the live server B; take every file in the following directories on A that's newer than its counterpart on B and upload it, saving the old one as a backup."

Sometimes even a "simple" change involves interdependent changes to half a dozen files in different directories. I don't have to keep track. rsync finds them all. I also have a "dry run" version that has the same commands with the addition of the "-n" option that does everything except actually transfer the files -- for a last-minute sanity check.

(Note 1: In theory you could accomplish the same thing by just uploading everything, but in practice this doesn't work except with very small sites. And if you get around this by selecting which directories or files to upload, well, then you are manually doing the work that rsync can do faster and more accurately.)

(Note 2: This is clearly best suited to smaller operations. With many developers working at once, you want something like CVS. Though rsync can of course sync in either direction, so I can update my mirrors when other developers or HTML coders make changes to the live server.)

rsync has a jillion options, so if this sounds at all appealing I encourage you to curl up with the manpage.

I have used lots of other methods for making code changes to live sites; for efficiency, ease, and safety this beats them all hands down.

Any related tricks or methods to share? Discuss

Monday, March 03, 2003

Kip Knight of Prism Research has responded to my criticism of Perfect Encryption, his software encryption suite (see a couple of posts below). As promised, his response verbatim:
Hit me hard and heavy! Yes, I do have the credentials and knowledge of encryption (Ph.D. candidate). Yes, I realize I'm stepping on 90 year-old theories. Yes, I realize I'm putting the cart before the horse. I'm trying to balance the Catch-22 problem of not trusting a hidden algorithm while hiding a very powerful algorithm from all those terrorist groups floating the Internet. Let me explain some of the properties of my Many-Time Pad (MTP) algorithm.

MTP has the same key management issues as the OTP. That is, the key must be at least as big as the plaintext. The 32MB was arbitrary for the average user. A command-line tool is provided that can create a key of any size (< 4 Exabytes). In MTP's case the key must be at least 257 bytes longer than the plaintext for the math to work.

If the OTP key is reused, the plaintext is wholly compromised. If the MTP key is reused, the risk is highly diminished. The key can be used for "many times", not forever. For MTP, the probability of finding the entire key when the plaintext and the ciphertext are known equals the probability of finding the key without any a-priori knowledge. That is the only probability law the Many-Time Pad has overcome and that the OTP fails. If two sets of plaintext/ciphertext pairs are stolen, a small amount of information (as of yet undetermined) about the key is obtained. Eventually, if enough pairs are stolen, enough about the key is found to make it compromised.

So, the MTP has only one advantage over the OTP, that is reuse of the key for "many times".

I know, I haven't divulged the algorithm yet. The BIS has given me a 30 day review (took 2 months) which allows the mass market product for export under ECCN 5D992. The agreement does not allow the algorithm to be stated on the Web. The agreement does not allow me to provide source code on the Web. I'm going to take the responsible high road and comply with the spirit of the international Wassenaar agreement to not give terrorists any sensitive technology. Disclosure of the algorithm will be given to those purchasers that do not originate from terrorist labeled countries. Slam me if you must but the algorithm can be dealt with however their conscience feels when they purchase the product from me. Except for Sudan, Libya, Iraq, North Korea, ...

Kip Knight
Prism Research

That doesn't really address my concerns so I hope that when Kip feels he's able to divulge more information he will. Discuss

Speaking of security, a new Security Update appeared today -- see Software Update.
The Security Update addresses a security issue in sendmail where a remote individual could gain access and control of the system. Although sendmail is off by default in Mac OS, it is recommended that all users install this Security Update. This update also includes a newer version of OpenSSL that provides improved data confidentiality by addressing a recently-discovered security issue.

After writing that last post I got to thinking: that didn't end on a very positive note, did it? What would I recommend if you want to add some security to your Mac? That depends on what you want to do.

For securing files on your computer I suggest using Disk Copy (from Apple) to create an encrypted disk image upon which you then store your files. It basically takes a chunk of your hard drive, treats it like a separate drive and encrypts everything in that chunk.

For encrypting email the MacGPG project is coming along quite nicely. It does, however, require some comfort with the command line and the UI of some of the elements leave a lot to be desired. I'd recommend installing MacGPG and then the following email utils and then forgetting about it. There's also quite an active mailing list available.

To use GPG with Mail.app you'll want GPGMail.

To use GPG with Entourage you'll want EntourageGPG. Note that in both cases, for Mail.app and Entourage, you need to have installed and configured MacGPG first.

For securely shredding files under X... I don't know. If you've got any suggestions for an app that works well, securely and doesn't causes file system trauma let me know. Discuss

Usually I wouldn't deign to slam someone else's software publicly but in the case of Perfect Encryption 1.0 I think a load of debunking is in order. I'm going to give the developer the benefit of the doubt and just assume they've just skipped Crypto 101 rather than assume they're trying to con people purposely.

Prism Research is offering, for $20 US, "a suite of tools designed around the first algorithm to exceed the security of the One-Time Pad". Bollocks. Do not download this software. Do not use this software. I happily admit I haven't bothered to do so - testing the strength of crypto software simply by using it is akin to trying to test the structural integrity of a bridge by walking across it a couple of time.

Instead I'll dissect their claims one-by-one and offer counterpoints to support my disagreement with their claims.

1. Before they provide the algorithm you must pay for their software.
That's the hallmark of a scam to me. They claim to do this to abide by US export regulations but that's crap. If that were the case then no public crypto research would be underway. A simple submission to the Department of Commerce will get them all the permission for export they need within one to four months.

They also don't mention if in buying the software and thus receiving the algo if the owner is then prohibited from distributing the algo, but I suspect once they think of that they'll prohibit it. In a nutshell folks: never, ever, trust proprietary crypto algorithms. They're dangerous and I'd happily bet hard cash that they're fundamentally flawed.

2. More secure than a one-time pad.
A one-time pad (OTP) is the only cryptographic implementation that can be proven to be 100% secure. When generated properly a OPT is a perfect scheme. Don't believe me? Good. I direct you to page 15 of "Applied Cryptography" by Bruce Scheier: "Believe it or not there is a perfect encryption scheme. It's called a one-time pad". But hey, Bruce could be wrong so as further proof I direct you to pages 192-193 of "Handbook of Applied Cryptography" by Alfred Menezes et al: "If the keystream of digits are generated independently and randomly, the Vernam cipher is called a one-time pad, and is unconditionally secure".

Prism's misunderstanding of the principals of a one-time pad seem to stem from a misunderstanding of how a one-time pad is used. On their site they present the steps for use of a one-time pad: take your plaintext, mash it with your key, create the cipher text. Want to read it? Take the cipher take, mash it with the key, get your plaintext back. Done. Prism suggests that: "It basically says, if an adversary has both the plaintext and the ciphertext, he will know what the key is" and yes, that's absolutely true. But even that's not important. What Prism seems to be misunderstanding in this is that it's called a one-time pad for a reason: you only use a particular key once and then toss it.

In the case they site above your adversary now knows everything: plaintext, cipher text, key. So? You want to send another message you use a new key. That they have the old one gives them absolutely no help in deciphering the new one. They're back to square one. This is fundamental to the use of the one-time pad: never, ever use the same key twice. If knowing the key to one message helps in deciphering the key to another then you're pad is fundamentally flawed. If your adversary has your pad of keys you don't have a cryptographic issue, you have a human resources issue.

3. I have to quote this one verbatim: "the algorithm eliminates the one-time nature of the OTP. Therefore, the only possible way to crack a cipher that uses the MTP is to physically steal the key".
Those two statements make absolutely no sense together; one cannot beget the other. The one-time nature of the one-time pad is what makes it a perfect system. And theft of the key is actually the only valid attack against a one-time pad system (assuming one-time use of the keys); every other cryptographic system to date (that I'm aware of) has had at least one proposed theoretical attack levied against it, and most have had real-world practical attacks levied against them. I really doubt that Prism's system is any better.

4. Produce a 32 MB key file
My initial reaction to this was WTF? If there's one thing you take from this about cryptographic keys it should be this: size doesn't matter, much. Any algo that makes claims to its security based solely on key size should be discounted. Strength through size is a function of the algorithm used, size alone does not and cannot guarantee strength. Without knowing the alogorithm its impossible to know how the key size relates in Prism's case but know this: a key that's 32 megs is likely just a major waste of drive space.

5. Shred files 55 times
A number of fine Mac apps have provided this feature in the past, I don't have a problem with this from a cryptographic perspective but that they've included this functionality without understanding the basics of everything else worries me. I wouldn't trust these folks within 20 feet of my computer, much less with something so fundamentally sensative as doing multiple-sector wipes of my harddrive. Do you still feel confident trusting this software with the deletion of your critical files?

I think I've gone on longer than I intended to for this. I'm using Prism as a bit of a whipping boy to get a point across, a point that may best be summed up in the word of Bruce Schneier:

"Anyone who creates his or her own cryptographic primitive is either a genius or a fool. Given the genius/fool ratio for our species, the odds aren't very good." - Bruce Schneier
I invite the folks at Prism to rebuke all my claims and evidence at their leisure. I'll happily post verbatim any response they'd care to make. I also invite them to send me their algorithm so I can pass it along to smarter folks than I for some independent analysis. And if they're worried about being busted by the Feds for public disclosure I'll happily take the heat and post it for them on mine own website, free of charge.

Discuss