Forwarding Address: OS X

Wednesday, May 26, 2004

Some questions I have for Apple.
  • In Tiger, will the maximum size of a process move past 4GB? Will it move to be 64-bit or 42-bit?
  • When will the L1/L2 cache size on the G5 increase? I'm cool with having to buy an Xserve to get that.
  • Will you please improve the public API for NSStatusItem? There's some stuff I want to DO with that sucker.
  • Will all of Tiger be firmly based on FreeBSD 5.1 or will it be a 4.8/5.0 split like it is now?
  • Somebody noted recently that non-threadsafe libraries from FreeBSD 4.8 are expected to play nice in the threaded XNU kernel. Is this true?
  • When will Apple's SOAP support be updated to conform to the WS-I Basic Profile 1.0? Some of us are using the document/literal form of SOAP and it's really nice.
  • Hey, can I have some better tools for managing my processes? Specifially, I'd like to see Solaris' priocntl and dispadmin ported. I think I can see process scheduling classes when using the ThreadViewer, I want more!
Thanks for rocking,

Monday, May 24, 2004

John Gruber continues to post informative updates on the security hole situation. [And he promises that this post will be his definitive one, updated in the future as needed.] His opinion is that a sufficient fix at the moment is:
  • Install Apple's "Security update 2004-05-24" (confusingly, this update was actually released on 2004-05-21)
  • disable "disk:", "disks:" and "afp:" URI handlers (this does not stop you from, e.g. mounting AppleShare volumes normally)
  • set the "ftp:" URI handler to anything except the Finder (e.g., Interarchy)
I expect we'll see another fix from Apple within a day or two.

Thursday, May 20, 2004

Update on the security hole: John Gruber of Daring Fireball has a nice clear post about how to disable unsafe URI handlers using an application which, for reasons he explains well, is better suited to this situation than MisFox or MoreInternet -- RCDefaultApp.

(By the way, for the curious, Simon Willison has posted a sample AppleScript snippet showing how distressingly simple this exploit is. Also, if you're interested, read Peter da Silva's sage comment on the architectural reasons this hole exists.)

So where's that fix from Apple, anyway?

Tuesday, May 18, 2004

Well, this is historic, if bothersome -- looks like OS X finally has a real live "extremely critical" browser-based exploit. You can read about it via the original notice or in this more detailed advisory from The gist is that an evil cr/\kz0r could place a malicious AppleScript file on your computer via the "disk:" URI handler, then execute it via a hook in the "help:" URI handler. It reportedly has been tested on Safari 1.2.1 and IE 5.2 and is suspected to work on other browsers. Preventive advice boils down to: "Rename all URI handlers which are not required. Do not surf the Internet as a privileged user." Update: Never mind that; you just want to fix it? Use MoreInternet or MisFox to make the "help:" protocol launch something other than I used Chess! (I've been advised to alter the "disk:" protocol as well, but that wasn't listed on my machine.) More info and alternate fix methods to be found at Macintouch's Notes and Tips section.

Don't believe me? Try this exploit demo yourself. (Disclaimer: This was a harmless demo when I tried it, but I cannot be held responsible if it emails the contents of ~/Pictures/Me/Nude/*.* to your entire address book...)

It will be interesting to see how this plays out.

Monday, May 17, 2004

Its been trivial for years to run Windows on a Mac, thanks to Connectix (now Microsoft's) Virtual PC. Now Leander Kahney reports that a couple of German comp-sci students have gotten the Mac OS to run in emulation under Windows via their PearPC project: OS X Makes Slow Debut on PC
Developed by Sebastian Biallas and Stefan Weyergraf, a pair of 23-year-old computer students from Aachen, Germany, PearPC re-creates in software the PowerPC architecture, the hardware used in Apple's Macs. The free, open-source software allows Intel- and AMD-based PCs to run several operating systems compatible with the PowerPC, including Mandrake Linux, BSD, Darwin and, most importantly, Apple's Mac OS X. Users can download and install a copy of PearPC, and then install a boxed copy of OS X, which can be purchased from Apple for $130.
Be warned that they're at v0.1 but for the truly adventurous: I like this convergence of operating systems. Just this very morning I installed Microsoft's Remote Desktop Connection Client to be able to admin some machines at work via my Mac from home (far easier than actually taking the time to pull my PC out from under the desk where it's been serving as a mid-priced footstool for the last three months). RDCC isn't speedy either but it certainly does work nicely.

Saturday, May 15, 2004

Pulp Fiction IconLets all give a big hello to the newest Atom/RDF/RSS reader on the block, PulpFiction 1.0 from Freshly Squeezed Software. It looks like it has a lot of native app goodness. It should be noted that it is not free or Free, since that seems to be a "hot topic" on the interweb again. You can try it for 15 days and then go back to something else, or pony up $25 if you like it.

A feature that jumps out at me right away is how each post is its own entity, and can be moved around, stored, labeled, and even deleted. I could easily see how this would make some news tracker type people very happy. It imports and exports OPML, as you might expect. Of course, the file must have a .opml extension and not .xml. I imported my bloglines subscriptions to get an idea of how it handles what I consider to be a large number of feeds, 109. To be honest, with over 1,500 unread items it seems a bit sluggish on my trusty 500MHz TiBook.

Overall, if you are in the market for a new news reader, you should certainly give Pulp Fiction a test drive.

Friday, May 14, 2004

For those that are using GPGMail with, a bug fix release has been unleashed to the world.

I never considered the GIMP, formidable as it is, to be a very serious competitor to Photoshop, but I just installed version 2.0.1 (via DarwinPorts -- I like DarwinPorts) and am quite impressed with recent progress. In case you missed it like I did, 2.0.0 was released about six weeks ago and 2.0.1 about two weeks ago.
This release is a major event, marking the end of a three year development cycle by a group of volunteers and enthusiasts who have made this the most professional release of the GIMP ever. It is the first stable release that is officially supported not only on Unix-based operating systems, but also on Microsoft Windows and Macintosh OS X.
I posted a cluttered screen shot so you can get a rough sense of the changes. Ironically, I had to leave the GIMP to do the screenshot -- the appealing File > Acquire > Screen Shot command just gave me a big black rectangle; a grab to PDF was rendered poorly when imported; and a grab to the clipboard (via cmd-shift-4, ctrl-drag) couldn't be pasted into the GIMP (perhaps Apple's X11 is to blame there, I don't know.)

In any case, I'm confident those bugs will get fixed. I suspect I won't be buying any more PhotoShop upgrades.

Has this happened to you?
You print from Mail, but the printout looks strange--backwards and upside down, that is. Instead of standing on your head and using a mirror to read it, try our helpful tips before you print.
Then this tech note is for you: Mac OS X: Mail prints emails backwards and upside down. (I remember a time when something like this could win MacHack - now it's considered a bug. Go figgur.)

Thursday, May 13, 2004

The VTBook is a PCMCIA card that has a 32M video card in it (with dvi output), allowing you to use 2 external displays on a powerbook. I'm using it right now and couldn't be happier. Works on OS 9 and Windows as well. correspondent and BeOS enthusiast Nicholas Blachford has posted a nice piece on his year with a Mac (seventeen months, actually, by the dates). Sometimes switchers have a hard time seeing a new platform except in terms of what it lacks relative to their favorite or most familiar OS. Nicholas is quite even-handed, though, and you can't argue with his bottom line: "If you really want to be Windows free, the Mac makes a good choice."

Tuesday, May 11, 2004

Crunchable has an interesting interview with Mac über-developer John Calhoun: Talking with John Calhoun, part 1. Calhoun is one of those developers who seems publicity-shy yet were you to trace his influences through the history of Mac development you'd probably find them darned near everywhere.

Sunday, May 09, 2004

As you can see, I'm done updating the site. We have comments and a new template. huzzah!

Friday, May 07, 2004

Administrivia: I'm moving on Sunday which means that this blog will be down for most of Sunday. Luckily, I have DSL at the new apartment so the downtime won't be longer than it takes DNS to propogate. We'll be back up Sunday evening with a new site design.

Monday, May 03, 2004

Fire up Software Update and grab Security Update 2004-05-03. OpenSSL, CUPS, Mail, and Mark Pilgrim's favorite xml parsing library, libxml2 all get updates.