Continued

Transcription

Continued
Nov Dec Jan ‘08 Edition
Articles
•Apple Opens Flood
Gates on Fall Releases
Cover
Apple Opens Flood Gates on
Fall Releases
by Monte
T
Ferguson
HERE’S ONE THING YOU CAN SAY
about Apple, it’s rarely a dull moment.
But lately it
had been looking pretty
•Product Review
quiet over in
Apple Pro Training Series: Cupertino.
Aperture 1.5
There hadn’t
Page 3
been a flashy
announce•Securing Communications ment or one
with SSL/TLS: A High-Level last thing in
Overview
months. It was
Page 3
starting to look
like Fall 2007
•Scroll Wheel Tips
was going to be
Page 7
a ho hum season for Apple
•1Passwd Eases Password
fans. But then
Pain
a special press
Page 9
event was announced. The wait was finally
over.
•New iMacs Debut and Mac
Mini Sees a Refresh
This one event held enough announcePage 10
ments to last us the entire quarter!
•GRAMUG Meeting
Highlights
Page 2
•iWork ‘08 by the Numbers
Page 19
• .Mac Gets an Upgrade
Page 23
Get Info is a publication of
the Grand Rapids Area
Microcomputer Users
Group.
iLife ‘08
At long last Apple announced the next
version of the iLife suite. The name was
bumped from ‘06 to ‘08. But there is more
to this update than some cosmetic changes.
iPhoto ‘08
iPhoto just keeps getting better. This years
release is an evolutionary upgrade. Its main
new feature is that it organizes photo’s by
“events”. The idea is that many photos are
taken at a particular event,
say Christmas. Events in
iPhoto ‘08 are created automatically and contain photos
taken on a particular day.
This contrasts with the old
way of organizing photos
which worked with the idea
of film rolls, ie all photos
imported from a memory
card were all grouped together. Events can be split or
merged as needed. You can
therefore browse by event.
The photos for an event are
all stacked together in the
interface. You can move your
mouse over an event’s icon
and skim through the photos contained. It
reminds me a bit of the animated menus
in iDVD. iPhoto adds a feature to suppress
displaying photos you don’t want to delete.
This could come in handy for folks who
have thousands of photos some of which
might be multiples of the same scene.
Searching in iPhoto has received a boost.
There is now a single interface for searching by date, text, or keyword. iPhoto’s editing features also get some improvements.
Added are a shadow and hilight tools that
work on bringing out details in under and
over exposed areas of a photo.
Continued on Page 4
GRAMUG Meeting Highlights
by Monte
M
Ferguson
any folks think that user group meetings are for
computer wizards and geeks. That the conversation will
be way over their heads. While others have no idea what
such meetings have to offer. I have showcased several
recent gatherings below. As you can tell from these excerpts, a user group has something to offer nearly everyone no matter what their skill level.
June
Our June Meeting focused on the phenomenon called RSS,
Really Simple Syndication. Katie found a blog entry that
has a video which does a really great job of explaining
what RSS is and what it is good for. You can check it out
at:
Wikipedia describes it as:
RSS (which, in its latest format, stands for “Really Simple
Syndication”) is a family of web feed formats used to publish frequently updated content such as blog entries, news
headlines or podcasts. An RSS document, which is called
a “feed”, “web feed”, or “channel”, contains either a summary of content from an associated web site or the full
text. RSS makes it possible for people to keep up with their
favorite web sites in an automated manner that’s easier
than checking them manually.
RSS content can be read using software called a “feed
reader” or an “aggregator.” The user subscribes to a feed
by entering the feed’s link into the reader or by clicking
an RSS icon in a browser that initiates the subscription
process. The reader checks the user’s subscribed feeds
regularly for new content, downloading any updates that
it finds.
One of our April giveaway winners, Mr. Thomas
Johnston, is shown with his prize, a pack of CDR
disks.
One of our April giveaway winners, Ms. Juliet
Kauffman, is shown with her prize, iWork ‘07
RSS Tools
You already have one tool that you can use to subscribe
and view RSS feeds. It’s your browser. Both Firefox and
Safari can be used to view and subscribe to feeds. The
benefit is you already have the software and it’s free. The
downside is they don’t offer much in the way of features
or customization. And you have to be online to read the
summaries.
You can also set up web sites like Google Reader,
NetVibes, and Yahoo to subscribe and display your RSS
feeds. The benefit being you can read up on your feeds
from any computer. The downside is they’re rather limited
on features and require that you use a browser to access
them. (There is an extension for Firefox, or Google Gears,
which allow to do your reading offline. Otherwise you
have to be online to view your feeds.)
A third category is a dedicated news reader. It’s a standalone program that handles RSS. The benefit is all kinds of
features and customization. There are free edtiions but if
you want all of the bells and whistles you have to pay. For
instance Shrook, the news reader, is free. But it requires
a shrook.com membership, 2.50 by the month or 19.95
a year, to enable syncing. NetNewsWire, $30, requires
a NewsGator, account. (There is a free NetNewsWire
Lite but it doesn’t feature syncing, but doesn’t require a
NewsGator account.) Another contender is a NewsFire,
$20.00, it brings a streamlined interface, much like iTunes.
There are a wide range of choices on how you get, organize, and read your feeds. With prices ranging from free to
pay for, there is bound to be a tool that will fit your needs.
Katie did a great job talking about the technology as well
as showcasing the various ways you can tap into it.
Continued on Page 18
2
Product Review:
so it is not that easy to jump around in
the book. In fact that was my only beef
with this book: this book is not a reference book, this book is a written college
course... if that makes sense!?!
Apple Pro Training
Series: Aperture
1.5
This book was great for understanding
and learning how to set up my work
environment to use Aperture. It helps
by Terry Johnston
explain how Aperture works. This can
be a time saver as Aperture is quite
PERTURE IS APPLE’S PROFESSIONAL
different from an image editor like
program that creates a workflow for
Photoshop. Aperture has certain condigital images. Think of it as the proventions that seem limiting until you
fessional version of iPhoto or, as I like to say,
understand how it all fits together.
iPhoto on steroids. It’s designed to handle
Authors: Orlando Luna, Ben Long
RAW images which most professional dSLR Publisher: PeachPit Press
The book starts with calibrating
cameras shoot.
Price: $39.99
your display and covers the basics.
Aperture has many nondestructive editPublisher URL: http://www.
It has 12 lessons that cover exploring
ing features built into it. Aperture is not a
peachpit.com/store/product.
the Aperture workflow: Importing
substitute an external image editor such as
aspx?isbn=0321502108
images in Aperture; Organizing and
Photoshop, Photoshop Elements or other
rating images; Image adjustment
photo editing programs if you are interested in more crebasics; Creating web output, Evaluating images; Finishing,
ative editing.
Delivering, and Archiving images; Advanced organiza-
A
From what I can tell this book is geared towards the intermediate user. The reader needs to have a good understanding of OS X. You also need to use the images provided in conjunction with the enclosed DVD. The book was
useful when I followed the exercise instead of just reading
the book and I found the book to have that college text
book feel. It tended to be dry and uses an exercise type
format. Each chapter tends to build on the next chapter
In closing this book is very well written and organized.
I’m positive that if you read it all, and did all the exercises
, anyone would have a good understanding of Aperture.
You just need to stick with it.
Securing Communications with SSL/TLS: A
High-Level Overview
byChris Pepper
S
tion and rating; Advanced editing; Advanced output;
Advanced file structure and archiving; and Aperture automation.
SL (Secure Sockets Layer) and
TLS (Transport Layer Security)
are systems for providing security to Internet communications, particularly Web browsing. Specifically,
they use encryption to provide confidentiality (privacy) and authentication
(authorization).
There are three major versions of
SSL; the fourth version was renamed,
becoming TLS version 1. SSL and TLS
are based upon public key encryption
and decryption, simple identifying
information, and trust relationships.
In combination, these three elements
make SSL/TLS suitable for protecting
a broad range of Internet communications.
<http://en.wikipedia.org/wiki/
Public_key>
If you are concerned about phishing
scams and identity theft (and everybody should be, to some degree), this
article should help you understand
one of the more important protections
from online criminals. For those who
manage Web sites, information about
working with SSL/TLS and certificates may be helpful, both for providing privacy and security, and also for
deciding whether it is appropriate or
worthwhile to purchase your own
digital certificate. The certificate is, in
essence, an electronic guarantee from
a trusted authority that your site is
legitimate, and under the control of a
legitimate organization.
To establish an SSL/TLS connection, one or both parties must have a
certificate, which includes start and
end dates for validity, the name of the
entity certified, and a digital “signature” attesting to its validity. In
addition to this identification function,
certificates are also tied to a “private
key” used for encryption (see below).
In HTTPS communications (encrypted
Web browsing, signified by URLs that
start with “https”), the server always
provides a certificate; the client may
as well, although client certificates are
not yet common.
Public Key Encryption: The
Short Version
Regular (symmetric) encryption
works by using a key (a password)
to transform text mathematically into
gibberish. Only the same password
can be used to reverse the process and
recreate the original text. However,
symmetric encryption requires both
parties to know both the password
Continued on Page 5
3
Cover Story Continued
From Page 1
A
VMware Posts Fusion Release
Candidate, Announces Final Pricing
VMware last week posted the first release
candidate for Fusion, their software for
running Windows on Intel-based Macs.
This version includes improvements to
Unity, a mode in which Windows applications can run side-by-side with Mac applications, rather than in a separate Windows
window. Unity now supports drag-anddrop, offers a menu of Windows applications in the Fusion Dock icon, works with
more versions of Windows, and features
several other improvements. Release
Candidate 1 also provides better keyboard support, including the option to use
Control-click with a one-button mouse to
produce a right click in Windows. Other
improvements include better performance
for Boot Camp-based virtual machines,
new memory optimization options, and a
variety of bug fixes. Fusion RC 1 is a
160 MB download.
<http://www.vmware.com/beta/fusion/>
cropping tool that helps you follow the “rule of thirds”. Also added are tools
for noise reduction, edge sharpening, and white balance. You can even copy
and paste a combination of adjustments from one photo to other photos that
need similar fixes. iPhoto includes tighter support for .Mac. The newly named
.Mac Web Gallery can be easily published to and it features one button photo
sharing. The .Mac galleries can be viewed as a: grid, in a slideshow, in a mosaic
or in a Cover Flow inspired carousel. .Mac galleries also sport print quality downloads, uploads via email, and easy uploading of photos taken by an
iPhone (in essence it’s upload via email from an iPhone. You can set permissions for who can view or contribute to the gallery, as well as sync back down
to iPhoto for photos contributed by others.
VMware has announced that Fusion will
retail for $79.99 when it ships by the end
of August. Customers who pre-order it
before the final release get a 50 percent
discount.
<http://www.tidbits.com/about/support/
vmware-fusion.html>
MacBook Pro Software Update 1.0
Released
Apple has released MacBook Pro Software
Update 1.0, which fixes a number of
unspecified problems with 2.2 GHz and
2.4 GHz MacBook Pro models. According
to a post at MacFixIt, the update appears
to patch several issues with the Nvidia
graphics cards and may solve an issue with
“shimmering” display issues. The update is
available via Software Update on the
affected machines, or as a 14.7 MB download.
<http://www.apple.com/support/downloads/macbookprosoftwareupdate10.html>
Adobe Ships Rest of Creative Suite
3
Adobe Systems has broken with tradition
Continued on Page 5
iMovie ‘08
iMovie ‘08 rather than being an incremental update is a totally new application. It sports a totally different interface than it’s predecessor. Steve Jobs said
that the total rewrite was inspired by one of the lead engineers frustrations trying to make a quick video.
Taking it’s cues from iPhoto, iMovie tracks all of your video in a library. It
uses events to make finding clips easier. Besides supporting standard DV and
high-definition HDV video formats, iMovie now supports editing AVCHD
(Advanced Video Codec High Definition), a compressed format intro
Continued on Page 6
4
SSL Cont’d from Page 3
Continued
by releasing products promised for third quarter
of 2007 on the second day of that quarter. A
quarter-based release typically means “as close
to the last day of the quarter as possible so we
can book the revenue in that quarter.”
In April, Adobe released 9 of the 13 main
applications that form Creative Suite 3 (CS3)
as both individual programs and 6 editions (see
“Adobe Announces Creative Suite 3 Plans, Pricing,
Dates,” 2007-04-02, and “Adobe Ships Creative
Suite 3, Offers Video Betas,” 2007-04-16). The
released programs spanned their entire print
and online range, including Photoshop (in two
versions, no less), InDesign, and Dreamweaver.
The company then promised four video and
audio tools and support applications by the third
quarter of this year.
<http://www.adobe.com/products/creativesuite/>
Today, Adobe shipped After Effects, Premiere
Pro, Soundbooth, and Encore for Intel-based
Macs and Windows XP and Vista, along with
two Windows-only applications, OnLocation
and Ultra. OnLocation, a direct-to-disk recording tool, works with Boot Camp, Adobe says.
The two delayed editions are now shipping, too:
Production Premium
($1,700) and Master Suite ($2,500). Master Suite
contains the entire CS3 line of products.
Final Cut Studio 2 Applications,
SuperDrive Firmware Updated
Apple has released updates for the Final Cut
Studio 2 suite of video production applications
via Software Update and as stand-alone installers; the latter require that you sign in using your
Apple ID and your Final Cut Studio 2 serial
number. Most of the updates cover bug fixes
and improve stability, but a few items are notable.
Pro Applications Update 2007-01 (an 8.1 MB
download) patches the underlying frameworks
and shared components of Final Cut Studio 2
(the package also seems to be specific to those
applications).
<http://www.apple.com/finalcutstudio/>
Final Cut Pro 6.0.1 (a 37.5 MB download) adds
support for importing AVCHD (Advanced Video
Codec High Definition) footage, a video format
introduced last year that is designed to be saved
to random-access storage devices such as hard
disks, solid-state memory, and MiniDVD discs
Continued on Page 6
and the encryption/decryption
algorithms, and to keep the password secret from everybody else.
This clearly doesn’t scale well - it
wouldn’t be possible to visit every
person or organization with whom
you communicate, create a new
secret password, and use that password to communicate with just
that party. Establishing and tracking a unique and secret password
for each bank, online vendor, and
community site in this way would
be extremely difficult.
In contrast, public key encryption (also called “private key
cryptography”) uses pairs of keys
(called “private” and “public”),
each of which can reverse the other.
In other words, data encrypted
with a public key can be decrypted
only with the corresponding private key, and data encrypted with a
private key can only be decrypted
with the paired public key. This is
a strange concept to those who are
familiar with symmetric encryption, but it proves extremely useful,
because paired keys solve several
problems of privacy and identification.
Possession of a private key can
“prove” identity: As a rule, only a
private key’s creator can encrypt
and decrypt with that private key
(private keys are never shared).
For an over-simplified example,
imagine a Citibank customer uses
her private key to encrypt her
account number, and sends it to
www.citibank.com. If Citibank has
her public key on file and linked
to an account, successful decryption provides strong assurance that
the party who sent the encrypted
account number is the right customer - private keys are much
harder to steal or forge than ink
signatures on paper. As a bonus,
digital signatures work instantaneously across the Internet.
Digital signatures have one
highly unusual characteristic. Most
secrets tend to leak out if they’re
used too frequently, but digital signatures (and private keys in general) become more valuable as they
are used, building up credibility.
In public key terms, this is called
“trust.” Private keys start out with
no trust, since no one knows that
a given private key actually does
correspond to a particular person,
and can gain trust in a number of
ways:
* Blind faith: “Nobody would
bother to break into my personal
webmail
server.”
* Assurance: If I vouch for your
key, then people may trust either
me or you to identify other
people’s keys (this “web of trust”
is the basis for PGP). People normally exchange key “fingerprints”
rather than full keys because public
keys are long numbers and hard
to transcribe exactly; fingerprints
are shorter and easier to use, and
identify their corresponding keys
effectively.
* Out-of-band verification: A bank
could put its public key fingerprint
on ATM cards or checks, or provide
an 800 number that simply reads a
recording of the fingerprint.
* Experience: If I have performed
successful money transfers through
my bank’s Web site, the experience
builds confidence in that Web site.
* Personal verification: If you give
me your key fingerprint in person,
I gain a great deal of confidence in
that key. Each such key exchange
event adds value to the keys
exchanged. Personal
verification is really a special case
of out-of-band verification. It can
get tricky in primarily electronic
communities, where people
may not even recognize each other
on sight.
In reality, sending account numbers is not a good use of encryption, because if an attacker knows
both the encrypted “ciphertext”
(which we have to assume could
be intercepted - if we knew nobody
could tap our communications, we
wouldn’t need encryption!) and
the unencrypted “plaintext,” it
might help them find a correlation
between the two to help break the
encryption. Real encryption tends
to use lots of random numbers and
disposable keys, to defend against
“known plaintext” attacks.
Unfortunately, the actual
Continued on Page 13
5
Cover Story Cont’d
from Page 4
Continued
(versus MiniDV tapes, the media of choice
for many consumer camcorders as well as
cameras that record to the high-definition
HDV format). Although a few AVCHD camcorders are currently available, editing the
footage has been limited under Windows
and nonexistent on the Mac. Apple’s release
notes indicate a few caveats with AVCHD
footage, namely that as it’s imported, the
video is transcoded into
either Apple ProRes 422 or Apple
Intermediate Codec; that could require up to
10 times the size of the native AVCHD file
of available hard disk space. (The inclusion of
AVCHD also potentially
means the format could be supported in the
next version of iMovie HD.)
<http://www.apple.com/support/releasenotes/
en/Final_Cut_Pro_6.0_rn/>
Motion 3.0.1 (a 19.4 MB download) fixes
a number of known issues with 32-bit
float projects and rendering of intersecting 3D groups, and improves performance.
Soundtrack Pro 2.0.1 (a 74.5 MB download)
improves stability and performance and
updates the Delay Designer surround effect
plug-in. Compressor 3.0.1 (a 93.3 MB download) adds the capability to export music in
the 256 Kbps AAC format used by iTunes
Plus, can now set poster frames, and applies
other fixes. Color 1.0.1 (an 8.3 MB download) improves stability, metadata support
from Final Cut Pro, and single-display mode,
as well as floating-point processing on Macs
with Nvidia graphics cards.
Lastly, unrelated to Final Cut Studio 2,
Apple released SuperDrive Firmware Update
2.1 (a 12 MB download), which provides
unspecified fixes but notes improved readability of certain CD media. The installer puts
an application called SuperDrive Update
2.1 into your Utilities folder that must be
run separately, which is unusual. Note that
the application starts the update process at
launch, which is bad form; it should behave
like most updaters, where the user initiates
the process (for example, to make sure
the drive isn’t in use, I would imagine). The
updater also requires a restart of the Mac to
take effect.
Continued on Page 7
duced last
year that’s
designed
to be saved
onto random-access
storage
devices
such as SD
memory
cards, hard
disks, and
MiniDVD
discs.
iMovie
strengthens
its sharing
capabilities
by offering
option for
encoding
and sending video
to YouTube, an iPhone, via iTunes,
and to the enhanced .Mac service.
iMovie ‘08 has inspired a love/
hate reaction from first adopters.
Those that can’t stand it bemoan the
loss of third party plug in support,
such as extra effects and transitions.
They also cite the lack of features
present in the previous edition:
DVD chapter markers, bookmarks,
and themes. Also troublesome is the
fact that iMovie ‘08 can only import
(not open) projects created in earlier
versions, and even then the process
only acquires the raw video; transitions and effects don’t move over.
Those that love it point out that
the new interface makes working
on video a snap. They also say that
the program is very responsive and
that it’s easier to use than the older
versions. It also provides a greater
control over color and exposure.
Lastly some people also rave about
the way the Ken Burns effect works
in iMovie ‘08.
For those who need the features
found in iMovie HD 6 there is some
good news. Upgrading from the
previous version of iLife leaves
iMovie HD intact. It’s put in a sub
folder. Apple has now made iMovie
HD 6 available free for owners of
iMovie ‘08, say those who bought a
new Mac. The installer checks to see
if iLife ‘08 is installed, so it’s not a
gift to owners of earlier versions of
iMovie. iMovie HD 6 is a 154.6 MB
download.
iDVD ‘08
iDVD gains features that subtly
enhance the program. There are no
flashy new interface changes. But
under the hood there are some welcome additions and improvements.
iDVD ‘08 feels snappier and is
faster throughout than previous versions. A new professional quality
encoding ensures that the highest
possible quality settings are used for
your projects, even if they are near
or at the capacity of the disk. A built
in quality capacity meter allows you
to see which quality setting works
with the content you want to include
on your finished DVD. Slideshows
now allow you to use higher quality
images. You can also combine video
clips and photos in slideshows. The
new drop zone editor allows you to
see your project and the drop zone
editor at the same time. iDVD ‘08
also comes with 10 new animated
themes, and an expanded button
library.
iWeb ‘08
Apple’s easy Web-page creation soft
Continued on Page 16
6
by Adam
Continued
<http://www.apple.com/support/downloads/
superdrivefirmwareupdate21.html>
iTunes 7.3 Adds iPhone, Apple TV
Features
Apple has released iTunes 7.3, which enables
support for the iPhone. iTunes acts as the hub
between the computer and the iPhone (much as
it does with the iPod), handling synchronization
of contacts, calendars, music, and movies. iTunes
is also the interface for activating the iPhone’s
phone and data service plans; a video at Apple’s
site demonstrates the activation process. iTunes
7.3 is available via Software Update or as standalone downloads for Mac (a 33.8 MB download)
and Windows (a 47.4 MB download). Note that
iTunes 7.3 updates your iTunes library, so it’s a
good idea to have a current backup before you
apply the update.
<http://www.apple.com/iphone/usingiphone/
activation.html>
iTunes 7.3 also adds a requested feature to the
Apple TV: photo streaming. Previously, photos
could only be synchronized (copied to) the
Apple TV.
Mac OS X 10.4.10 Released
Boldly marching into double-digit version
number territory, Apple has released Mac OS
X 10.4.10, a maintenance update that adds
more RAW image support, fixes issues with
Bluetooth and USB, and addresses a few other
issues. The delta update from 10.4.9 is available
via Software Update or it can be downloaded
for Intel-based Macs (a 72 MB download) and
PowerPC-based Macs (a 25 MB download). A
combo update (weighing in at a 293 MB for Intel
Macs and 165 MB for PowerPC Macs) updates
any version of Mac OS X 10.4.
<http://docs.info.apple.com/article.
html?artnum=305533>
T
Scroll Wheel Tips
C. Engst
HANKS TO OUR BUDDY
Bill Rabel in Seattle for the
impetus to write this article.
After Mark Anbinder wrote in “Call
Me ‘Two Finger’ Mark” (2007-0521) about how he was surprised to
find himself addicted to two-finger
scrolling on his MacBook (which is
equivalent to using a scroll wheel
or Mighty Mouse scroll ball), Bill
went spelunking and found a trick
I hadn’t previously known, causing
me to look for other scroll wheel
tips. (And if you’re interested in the
history of the scroll wheel, check
out “The Evolution of Scrolling:
Reinventing the Wheel,” 2004-12-13.)
Scroll Horizontally
Many applications, such as word
processors, are oriented vertically,
so scrolling up and down with the
scroll wheel is intuitive. But what
about applications like Microsoft
Excel and ProVUE Development’s
Panorama database, which often
require scrolling horizontally? Just
hold down the Shift key and your
scroll wheel switches to controlling
the horizontal scroll bar instead of
the vertical scroll bar. Applications
must support this Mac OS X feature
explicitly, so it may not be universal
to all applications with a horizontal
scroll bar.
Zoom In, Zoom Out
Hold down the Control key while
you scroll with the scroll wheel and
Mac OS X 10.4.8 or later will zoom
the screen smoothly. Mac OS X has
long provided screen zooming (see
the Universal Access preference
pane), but it required keyboard
shortcuts that were awkward and
jerky. Screen zooming isn’t just for
This new version of Tiger fixes a problem where those who have trouble reading
a Bluetooth headset may not be correctly
too-small text or for presenters who
removed from Bluetooth preferences, improves
want to focus on a particular part
reliability when using the Apple Remote after
of the screen, though; it’s also great
waking from sleep and when mounting exterfor zooming tiny Internet videos up
nal USB drives, and resolves an issue with the
to full-screen size. Of course, they
TomTom GO 910 GPS navigation device on Intel- pixelate more at larger sizes, but
based Macs. It also fixes distortion and discolor
that’s fine if you’re sitting further
back from the screen anyway. The
Continued on Page 8
only downside is that it’s hard to get
the mouse pointer out of the picture
when you’re zoomed in on a video;
normally you want the pointer to
stay in the zoomed screen.
A further tip: if you take a selection screenshot with CommandShift-4 or Snapz Pro X while
zoomed in, the screenshot reflects
your zoom level properly (trying to
take a screenshot of an entire window while zoomed doesn’t work,
though).
Scroll to Switch Applications
I’m not sure if this is any easier or
not, but if you press Command-Tab,
let up on the Tab key, and then use
your scroll wheel, Mac OS X will
scroll the selection in the application
switcher. Of course, you can also just
keep pressing Tab, which seems easier, or hover the mouse pointer over
an application’s icon to select it.
Per-Frame Advance in QuickTime
Player and iMovie HD 6
Want to see if animators hid secret
messages in individual frames
of a film? If you can open it in
QuickTime Player, using the scroll
wheel pauses playback and then
either advances or rewinds a frame
at a time. It’s probably a little easier
to do with a real scroll wheel that
has little detents as you scroll. Alas,
this trick doesn’t work in iTunes,
DVD Player, or VLC, though you can
play .m4v files from the iTunes Store
in QuickTime Player.
The same trick works in iMovie
HD 6, too, but with a caveat. The
scrolling seems to work only as a
per-frame preview; if you press the
left or right arrow keys, which also
rewind or advance per frame, the
video jumps back to the point where
you started scrolling.
Tab History Navigation in Mozillabased Browsers
Here’s the tip Bill found. If you
use Firefox or Camino with tabbed
browsing, hold down the Option
Continued on Page 8
7
Scroll Wheel Cont’d
from Page 7
Continued
ation of DNG images, and adds support for RAW
images created by the following cameras: Panasonic
DMC-LX1, Panasonic DMC-LX2, Leica M8, Leica
D-LUX 2, Leica D-LUX 3, Fuji S5 Pro, Nikon D40x,
and Canon EOS 1D Mk III. The release notes also
claim improved compatibility with Mathematica 6
on 64-bit Macs and a fix for a specific issue with
dropped frames while importing video from a DV
camera, among other changes.
Mac OS X Server 10.4.10 has also been
released as a delta update for PowerPC-based Macs
(a 58 MB download), and as a combo update in universal (391 MB download) and PowerPC (218 MB
download) versions.
<http://www.apple.com/support/downloads/macosxs
erver10410updateppc.html>
YouTube Comes to iPhone and Apple TV
As the iPhone nears release, Apple has unveiled
another previously unannounced feature: a YouTube
application that will download and play back
YouTube videos directly on the iPhone. (Earlier, the
company revealed that the iPhone would sport
improved battery life and a glass - not plastic
- screen; see “Apple Announces iPhone Changes,”
2007-06-18.) Apple also released a promised
update for the Apple TV that enables YouTube
video playback (see “Apple TV Gains 160 GB Drive,
YouTube Downloads,” 2007-06-04).
<http://www.apple.com/pr/library/2007/06/
20youtube.html>
YouTube (which is owned by Google) has been
encoding its video library into H.264 format, so
I’m assuming that the Apple TV and the iPhone
are somehow tapping directly into the H.264 feeds,
since normally YouTube delivers its content using
Flash.
At one point, Apple’s press release talks about
H.264 video in the context of the iPhone’s Wi-Fi
capability, suggesting perhaps that YouTube downloads could be quite sizable. Using Wi-Fi, that’s not a
problem, but downloading over a cell data connection could be costly. Neither Apple nor AT&T have
announced pricing for the iPhone’s phone and data
services.
The Apple TV 1.1 update also patches a potential security vulnerability in UPnP IGD (Internet
Gateway Device Standardized Device Control
Protocol) where a remote party could cause a
denial-of-service attack. The update is available via
Continued on Page 9
key and turn the scroll wheel to
scroll backward and forward in
the tab’s history. These browsers navigate back or forward one
page for every scroll detent. It’s
a fast way to move back through
a lot of pages in a tab, though it’s
easy to overshoot your target.
Oddly, Netscape and Mozilla use
Shift as the modifier key to navigate through a tab’s history, and
Safari and OmniWeb don’t have
the feature at all.
Change Font Size in Firefox and
Camino
It’s all too common to run across
a Web page with text that’s too
small to read (Geoff Duncan
explained this in “Why Windows
Web Pages Have Tiny Text,” 199902-15). All Web browsers make
it easy to expand or shrink text,
usually with Command-+ and
Command--, but you can also
use the scroll wheel to do this in
Firefox and Camino. Just hold
down Command-Control and
scroll to adjust text size.
can zoom in and out with the
scroll wheel. In Word, hold down
Command-Control and scroll
to change the zoom level by 10
percent increments per detent. In
Excel, hold down Control-Option
to zoom in and out by 15 percent
increments. If you’re using twofinger scrolling on a trackpad,
zooming in and out in this fashion may be hard to control.
Control Time with iCal
In iCal’s Day and Week view, you
normally see the hours from 8 AM
to 6 PM, or whatever you’ve set
in iCal’s General preference pane.
But by holding down Option and
rolling your scroll wheel, you can
increase or decrease the number
of hours that appear in Day or
Week views without opening the
preferences window. Note that the
changes are persistent, but they
aren’t reflected in the preferences
window.
Slow Down Text Scrolling in
Firefox
Normally, if you’re scrolling
through a long Web page, the
speed accelerates as you turn the
wheel. That’s good, since it means
you can get to the bottom of a
page quickly if you want. But at
times you might want a slower
scrolling speed so you don’t
accidentally scroll past where
you’re reading. Hold down the
Command key while scrolling in
Firefox and scrolling will slow to
what seems to be an almost fixed
rate. It might be useful if you prefer to keep your eyes in one spot
on the page and scroll the text
past that spot.
Scroll Through the Years in
iPhoto
In iPhoto 6’s Calendar pane,
Apple gave us funny little up and
down arrows on either side of the
pane’s title for scrolling through
the years. An easier way to scroll
forward and backward in time
in that pane is to use the scroll
wheel - just make sure the mouse
pointer is over that portion of the
screen first.
There is one notable place
where the scroll wheel doesn’t
match up to dragging the scroller
in the scroll bar. In iPhoto 6,
when you scroll by dragging the
scroller, iPhoto pops up a translucent display containing the
name and date of the current film
roll, updating it smoothly as you
drag. Alas, that doesn’t work if
you scroll with a scroll wheel, so
here’s hoping that iPhoto 7 rectifies that situation.
Zoom In and Out in Word and
Excel
Speaking of small text... In
Microsoft Word and Excel, if you
find yourself squinting to read
text at the default font size, you
This article orginally appeared
in Tidbits Magazine issue
#881, published 5/28/07. It is
reprinted with the permission
of the Author.
8
1Passwd Eases Password Pain
Continued
the Apple TV itself, not as a standalone download.
From the device’s main screen, choose Settings,
and then choose Update Software. It’s unclear at
this time whether other enhancements are included in the update.
<http://docs.info.apple.com/article.
html?artnum=305631>
A Pair of Updates Fix Safari 2 and 3
Late last week, Apple released Security Update
2007-006 to address bugs in the WebCore and
WebKit code upon which Safari and many other
Web-savvy Macintosh applications rely. The details
are unimportant, but both exploits required the
user to be enticed into visiting a maliciously crafted
Web page, emphasizing the advice to be aware
of what sort of Web sites you’re reading. Security
Update 2007-006 is available via Software Update
and as standalone downloads for Mac OS X 10.3.9
(2.2 MB) and for Mac OS X 10.4.9 or later in both
PowerPC (2.7 MB) and universal (4.5 MB) versions.
Note that if you’ve installed the Safari 3 beta, you
won’t see Security Update 2007-006 in Software
Update.
<http://www.apple.com/downloads/macosx/apple/
security_updates/securityupdate20070061039.
html>
That’s because Safari 3 Beta Update 3.0.2 includes
the fixes in Security Update 2007-006 and addresses two other security problems, one that’s specific
to the Windows version of Safari 3 and another
that can affect both Macintosh and Windows users
of the beta-release Web browser. Apple also claims
that Safari 3.0.2 features improved stability and
provides better WebKit support for Mail, iChat,
and Dashboard (several TidBITS staff members
had to uninstall the initial beta of Safari 3 because
of annoying interactions with iChat). The 9.5 MB
Safari 3 Beta Update 3.0.2 is available only through
Software Update, although down loading a new
copy of the Safari beta also gets you the fixes.
<http://www.apple.com/safari/download/>
Snapz Pro X 2.1 Goes Universal
Ambrosia Software has released Snapz Pro X 2.1,
making the popular still image and video screen
capture utility a universal binary for native performance on Intel-based Macs. Other changes
provide generally improved performance, support
for QuickTime compression sessions, compatibility
with the Mac OS X 10.5 Leopard beta from
Continued on Page 10
by
Joe Kissell
W
HEN I WAS WRITING
“Take Control of Passwords
in Mac OS X,” I thought long
and hard about what sorts of
strategies I could recommend for
creating strong yet memorable
passwords. Security experts will
tell you that, all things being
equal, longer passwords are
safer than shorter ones; random
passwords are better than those
that contain words or follow
other patterns; good passwords
should include a mix of lowercase
and uppercase letters, numbers,
and special characters; and you
should not reuse a password in
more than one context. From a
security point of view, that’s all
true, but all those practices also
make passwords harder to create
and harder to remember. So I outlined some ways to lighten one’s
password workload without seriously compromising security, but
I also recommended that readers
save themselves some mental
effort and simply let their computers do all that work for them.
And, of all the tools available for
doing this sort of thing on the
Mac, I mentioned that my current
favorite is 1Passwd from Agile
Web Solutions. For anyone who
has struggled with passwords,
1Passwd is the best $30 you can
spend. (It’s only $25 if you use
the coupon at the back of “Take
Control of Passwords in Mac OS
X,” which is of course the best $10
you can spend!)
<http://1passwd.com/>
The first time I heard about
1Passwd, though, I was completely mystified as to why anyone
would need it. It was described as
a password manager that stores
items in the Mac OS X Keychain
and fills forms (particularly user
names and passwords) in Web
browsers automatically. And I
was thinking: Safari can do that.
Almost every browser can do
something like that. Why exactly
do I need something else to do
the same thing? But I decided to
try it anyway, and I’m glad I did.
It’s become indispensable to me
in a subtle but important way,
and it performs a whole list of
password management tricks that
make my day-to-day Web browsing much easier.
Plug It In
1Passwd consists of an application in which you can browse
and edit passwords and adjust
settings, and a set of browserspecific plug-ins. For Firefox and
Flock, the plug-in is a conventional extension; for other browsers,
1Passwd relies on SIMBL-based
Input Manager plug-ins (see “Are
Input Managers the Work of the
Devil?,” 2006-02-20). If you object
to the use of Input Managers on
philosophical grounds, turn away
now. However, I think the utility,
in this case, outweighs the potential risk - and it’s a method that
enables 1Passwd to do its magic
not only in Safari, Firefox, and
Flock but also Camino, OmniWeb,
NetNewsWire, and DEVONagent.
<http://culater.net/software/
SIMBL/SIMBL.php>
The browser plug-ins enable
1Passwd to record user names,
passwords, and other form data
when you enter them (either
automatically or on request); fill
in form data when needed (only
at your request); and generate
strong new passwords. It can
even generate, fill in, and store a
new password with as few as two
clicks. Like Safari, 1Passwd uses
the Keychain to store its data,
but it uses its own keychain - not
your default keychain - giving
you an extra layer of security, at
least if you choose a different
Continued on Page 11
9
New iMacs Debut and Mac Mini
Sees a Refresh
Continued
WWDC, the (restored) capability to
use “Save Later” when post-processing movie captures, and various bug
fixes. The update is free to registered
users; it’s an 11.8 MB download. New
copies of Snapz Pro X cost $30 for
still image capture only, or $70 if you
want to add movie capture capabilities.
<http://www.ambrosiasw.com/utilities/
snapzprox/>
Apple Updates Windows Safari
Beta with Security Fixes
Within three days of Apple’s release
of the Safari Web browser for
Windows XP and Vista in beta testing
versions, several significant security
flaws were discovered, some of which
were reported to Apple. The company responded quickly, issuing a bug
fix release last week for three potential problems that involved specially
crafted content at malicious Web
sites that must be visited to trigger
the vulnerabilities.
<http://www.apple.com/safari/>
The bugs were discovered - at least
in the descriptions provided by the
coders who found them - through
the use of fuzzing, a technique that
throws piles of crud at targeted areas
of a system or application to see
what breaks. Fuzzing is a brute force
method, but it has to be paired with
more refined technical knowledge to
understand how to take advantage of
a flaw.
A non-programmer could potentially use fuzzing to figure out how to
crash a piece of software or even an
operating system, but they used to
have a harder time making use of that
crash to tailor an attack that would
allow them some sort of access.
Programs like Metasploit provide a
bridge between fuzzing and exploitation, however, and as they become
increasingly powerful, “script kiddies”
- relatively unsophisticated users who
use prefabricated attacks - may have
Continued on Page 11
I
N A SPECIAL PRESENTATION
for the press Steve Jobs unveiled
redesigned iMacs and updated
Mac Minis. Unlike most such events
Jobs seemed to hurry through the presentation. (Perhaps because the most
striking features were already hot
news on rumor web sites.)
The big news for the iMac was its
new industrial design. The previous
design was inspired by the iPod. The
new design takes its cues from the
iPhone. the outer shell is now made
of aluminum. The display sports real
glass rather than plastic. Jobs called
attention to the fact that the two materials are highly recyclable. The display has the glossy finish, rather than
matte finish, like the MacBooks. It’s
also thinner than the previous models.
Gone from the line up is the 17
inch model. You now have a choice
between a 20 inch or 24 inch iMac. As
with the previous iMac models, the
new iMac includes a built-in iSight
video camera and microphone, an
infrared port (with an Apple Remote
for talking to it), and a slot-loading
SuperDrive (with dual-layer support).
In a row along the back, the new iMac
offers audio input and output jacks,
three USB 2.0 ports, one FireWire
400 and one FireWire 800 port, gigabit
Ethernet, and DVI video out (a separate adaptor required which costs $20,
if you want to use it). 1 GB of RAM
is standard, upgradable to 4 GB (by
removing just one screw, the only one
that’s visible), and 802.11n wireless networking and Bluetooth 2.0 are built-in.
Base models are accompanied by a keyboard and Mighty Mouse.
The 20-inch iMac at $1,199 includes a
2.0 GHz Intel Core 2 Duo processor
and a 250 GB hard drive with an ATI
Radeon HD 2400 XT graphics card with
128 MB of GDDR3 memory; switching to a 2.4 Ghz Intel Core 2 Duo,
a 320 GB drive, and an ATI Radeon
HD 2600 Pro with 256 MB of GDDR3
memory increases the price to $1,499.
The 24-inch iMac drops in price by
$200 to $1,799 and includes the same
2.4 Ghz Core 2 Duo processor, 320 GB
hard drive, and ATI Radeon card as the
mid-level model. A souped-up version
of that model with a 2.8 Ghz Core 2
Extreme processor, 500 GB hard drive,
and 2 GB of RAM costs $2,299. You can
also purchase the base 24-inch model
with a 2.8 Ghz Core2 Extreme for an
additional $250. All the new models
are currently available, and include the
just-released iLife ‘08.
Mac Mini
The Mac Mini was also refreshed.
Though Apple barely mentioned it.
The Mini went from 1.66 or 1.83 GHz
Core Duo processors to 1.83 GHz or
2.0 GHz Core 2 Duo processors. Which
means it jumped an entire processor
generation, and is therefore around
20% faster than the previous models
at equivalent speeds. The base model
includes 1 GB of memory, up from 512
MB and expandable to 2 GB. Other features remain unchanged, including only
802.11g Wi-Fi, and four USB 2.0 ports.
Although it is a modest update it provides good value. Apple has kept the
price on the Mac Mini the same while
delivering a more capable entry level
Continued on Page 24
10
iPasswd Cont’d
from Page 9
Continued
more disruptive power.
<http://framework.metasploit.com/>
It’s disturbing that Apple isn’t stress-testing its public beta software with the
same kind of readily available tools for
fuzzing used by both researchers and the
nefarious. Many of the Month of Apple
Bugs flaws (see “MoAB Is My Washpot,”
2007-02-19), as well as many recent
AirPort and AirPort Extreme problems,
were discovered through fuzzing.
Apple’s security update notice, which
I cannot find archived online, notes, “This
beta software is for trial purposes and
intended togather feedback prior to a
full release.” That is, “Bite us: This is beta
software.” The flip side, of course, is
when Steve Jobs says, hey, go download
the beta, it’s hard to argue that serious
security flaws aren’t just as serious as
they are in released software.
Apple also said, “As with all our
products, we encourage security
researchers to report issues to productsecurity@apple.com.” No researchers
were credited for the three fixed bugs.
Apple iPhone Won’t Be Barred
Under Ruling
Apple should be breathing a sigh of relief
right now that they didn’t include thirdgeneration (3G) cellular data networking
technology in the iPhone. A highly unusual U.S. International Trade Commission
(ITC) ruling last week prevents the
importation of any new 3G phone
that uses silicon chips from Qualcomm.
Bloomberg News confirmed that the
iPhone doesn’t use any Qualcomm chips.
<http://www.usitc.gov/ext_relations/news_
release/2007/er0607ee1.htm>
The ITC ruled in October 2006 that
Qualcomm had infringed patents owned
by Broadcom, a rival maker of cellular
chips as well as a major Wi-Fi chip maker.
However, until last week’s ruling, it was
unclear what action might be taken.
The ban affects all 3G chips sold by
Qualcomm; most handsets are manufac-
Continued on Page 16
password for your 1Passwd keychain.
Here’s a typical example of how
I might use 1Passwd: A site asks me
to come up with a user name and
password. I type in my standard
user name and then choose Generate
Strong Password from the 1Passwd
pop-up menu. In the dialog that
appears, I can select password length
and how many numbers and special
characters to include. 1Passwd immediately displays the password it has
generated; changing any setting produces a new password choice. Usually
I leave those sliders set at my default
preferences and simply click Fill.
1Passwd then enters the newly generated password in the appropriate field
(repeating it in a confirmation field, if
necessary) and saves all the data from
that form (including my user name) in
its keychain. My work is done: I never
had to give any thought to creating a
password, and I don’t have to remember it, either. The next time I return to
that login page, I can choose a menu
command or press a keystroke to fill
in the form and log me in.
Form Factor
To explain why 1Passwd is useful
beyond merely generating and storing
passwords, let me describe a couple
of the problems it’s designed to solve,
both of which involve Web-based
forms.
One problem is any domain for
which you have multiple sets of user
names and passwords. In my case,
google.com is such a domain: I have
one user name/password combination
for Gmail, another for AdSense, and a
third for Google Docs & Spreadsheets.
If I were to let Safari (or any other
browser) remember my passwords,
it would be unable to distinguish
between different URLs in the google.
com domain. So, if I’ve saved three
sets of credentials and I go to log in
to, say, Gmail, Safari may not fill in
my Gmail user name and password
- instead, it’ll use whichever set of credentials I saved most recently.
1Passwd solves this problem by
enabling you to save, and restore, any
number of forms for a given domain
- you can choose the one you want
to use, when it’s time to fill out a
form, using a pop-up menu or keyboard shortcuts. This means that, by
default, form fields won’t be pre-filled
when the form loads (though you
can re-enable this feature in Safari
or OmniWeb if you prefer), but in
exchange for perhaps one additional
click or keystroke, you avoid the
hassle of having to enter your credentials manually if your browser chooses
the wrong ones. You can also store
multiple identities - sets of information about yourself, including address,
phone number, and even credit card
information - and fill in data from any
identity when a site asks you for your
information (even when a password is
not actually required).
A second problem I’ve frequently
encountered is that passwords saved
in one browser aren’t available in
another. For example, I always have
both Firefox and Safari running - I
generally prefer Safari, but there are
certain sites I can access only using a
Mozilla-based browser, and I’m also
fond of several useful Firefox extensions. So, if I happen to log in to a
certain site in Firefox, and allow it to
save my user name and password,
they’re stored in Firefox’s internal
list. When I later visit the same site
in Safari, it knows nothing about my
credentials, which I then have to type
in manually (or, if I’ve forgotten them,
go fishing for them in Firefox’s preferences window).
Because 1Passwd uses a single
keychain, accessible via all supported Web browsers, one need store
a given set of credentials only once.
It can then be accessed as easily in
one browser as in another. It can
even import your existing passwords
from just about any browser, so crossbrowser compatibility issues disappear almost instantly.
Further Tricks
Another thing I’ve appreciated about
1Passwd is that it can often fill in
passwords even on pages where autofill is otherwise disabled. Bank Web
sites, in particular, typically disable
the use of autofill as a security measure, the rationale being that if your
Continued on Page 12
11
iPasswd Cont’d from
Page 11
computer falls into the wrong hands,
an unscrupulous person could log
into your bank account and do considerable damage without ever knowing
your user name or password. Because
I can (and do) take other security
measures to prevent that problem, I
bristle at the inconvenience of having
to remember, and manually type, my
passwords for such sites. In general,
1Passwd can transparently handle
sites where conventional autofill is
disabled, though I do have an account
at one bank where the password
mechanism is so hyper-secure (and
so novel) that not even 1Passwd can
penetrate it.
1Passwd claims to have an “antiphishing” feature, which prevents you
from entering your credentials on an
illegitimate site pretending to be your
bank, PayPal, eBay, or some other
such institution frequently appearing in spam email. In reality, all this
means is that if you click a link in an
email message that purports to take
you to your bank site, and 1Passwd
sees that the domain name in the URL
doesn’t match the one in its keychain
for your bank, your credentials won’t
appear as an autofill option. So
1Passwd doesn’t explicitly alert you in
any way that a site may be fraudulent,
nor does it prevent you from manually typing in your login information,
but it does at least provide a minimal
level of protection.
Among the numerous other interesting features in 1Passwd is the
capability to lock just your 1Passwd
keychain when you quit the 1Passwd
application; you can also (as for any
keychain) set it to lock automatically
after a user-defined period of inactivity or when your computer sleeps, as
well as sync it using .Mac. Agile also
offers an optional ($13) application
you can buy to read (but not edit or
add) passwords from your 1Passwd
keychain on your Palm or Treo.
What’s Not to Like
As much as I like 1Passwd - and I
truly do like it a great deal - it has a
few irritating rough edges. One is the
way it handles multiple identities: it
seems like the wrong way to remem-
ber the wrong combination of data.
For instance, suppose I want to use
a single set of personal data - name,
address, phone number, email address
- on many different Web sites, but I
want to store details about six different credit cards. In 1Passwd, that
means creating six different identities,
which will all be the same except for
the page of credit card information.
Not that this is hard - yes, there’s a
Duplicate button - but credit card
information strikes me as the sort of
thing that should be handled separately from other data. For that matter,
the same could be true of other items:
my name will always be the same, but
I might use different email addresses
on different forms. I’d like to see some
mechanism for storing any given
piece of data in just one place, which
would entail slicing up the Identity
feature in a different way. (Even so, I
consider the Identity part of 1Passwd
a relatively minor feature; you can
ignore it completely and still get tremendous value from letting it handle
user names and passwords.)
Speaking of credit cards, 1Passwd
often has trouble filling in credit card
data in forms it has never seen before.
I suspect the reason for this is that it’s
looking for form fields with specific
names, and Web sites vary too much
for 1Passwd to be able to perceive a
match in many cases. You can still
copy and paste your card number
from 1Passwd, but that’s barely easier
than manually entering the data manually.
Although 1Passwd can store
multiple sets of credentials per
domain, what I’d really like to see
is an even finer level of granularity
in the use of autofill. For example,
even though the URL for Gmail and
the URL for AdSense both start with
“http://www.google.com/”, what
comes after that is sufficiently different in the two cases that 1Passwd
should be able to determine which
user name and password I want on
a given occasion, rather than making me choose one or the other from
a menu manually. I’d also like to see
customizable keyboard shortcuts for
absolutely everything (shortcuts are
present, but limited, currently) and
a way to access its password generator within the 1Passwd application
itself (since sometimes I want to create new passwords for uses other
than Web pages). And finally, I’d
prefer that the documentation be provided locally; the other day, when I
chose Help > 1Passwd Help, Safari
attempted to open the help pages on
1Passwd’s Web site, but as the site
wasn’t responding at that moment for
whatever reason, I was unable to get a
quick answer to my question.
Nevertheless, I can’t pretend
that these are anything other than
quibbles. 1Passwd is a fine example of
intelligent and helpful programming
at a reasonable price, and I recommend it heartily. The program is a 4.7
MB download; until it’s registered, it
functions as a free demonstration version that limits users to a single identity and 12 stored Web forms.
This article orginally appeared in
Tidbits Magazine issue #884, published 6/18/07. It is reprinted with
the permission of the Author.
12
SSL Cont’d from
Page 5
process of private/public key encryption and decryption is slow - it’s
much more difficult to compute than
conventional single-key algorithms,
due to the exotic mathematics underpinning asymmetric algorithms of
public-key cryptography. Most public-key cryptography systems (including SSL/TLS) actually encrypt the
data to be exchanged with symmetric
encryption, which is fast and efficient.
Asymmetric encryption is reserved for
exchange of the short-lived symmetric
keys. As a bonus, this combination
frustrates cryptanalysis by not providing large amounts of data encrypted
with any single key to analyze.
Symmetric keys are used only for a
short time and then discarded, while
asymmetric keys are only used for the
exchange of symmetric keys, rather
than for user data.
Imagine an idealized and simplified example:
1. Citibank and I each separately create our own private/public key pairs,
which we can use with each other and
also to communicate with others.
2. I create a new bank account, and
Citibank and I exchange _public_keys
(in addition to, or instead of, my
handwritten signature). Note that we
never give our _private_ keys to anyone else; having a private key could
be considered a limited power-ofattorney.
3. I visit www.citibank.com with my
Web browser.
4. Citibank’s Web server randomly
generates a very large number
between 0 and 2^1024-1 (“a 1024-bit
number”), which we will call “randomServerKey.”
5. Citibank encrypts randomServerKey with my public key, and sends it
to my browser.
6. My browser decrypts randomServerKey with my private key.
7. My browser generates another
1024-bit random number, encrypts it
with Citibank’s public key, and sends
it to Citibank (call this “randomClientKey”).
8. Now that Citibank’s Web server
and my browser both know two
secret numbers (and nobody else can,
because they don’t have our private
keys to decrypt and discover the
secrets, even if they are eavesdropping on our communications), we can
combine randomServerKey and randomClientKey and some additional
random data to create a “sessionKey”
that will be good only for a short time.
9. Each time either of us wants
to send information to the other whether a URL, account number,
dollar amount, or a whole Web page
- we use symmetric encryption such
as AES-128 (the Advanced Encryption
Standard with 128-bit blocks) to
encrypt it with sessionKey before
sending; the recipient decrypts using
AES-128 with the sessionKey.
<http://en.wikipedia.org/wiki/
Advanced_Encryption_Standard>
10. Every two minutes, my browser
and Citibank’s Web server automatically repeat the key exchange procedure to generate a brand-new session
key. This counters decryption attacks
based on analyzing large amounts of
ciphertext, by ensuring that a cryptanalyst never has much encrypted data
from any one sessionKey to analyze.
It’s important to keep in mind that
I can safely use the same procedure
with any number of different Web
sites, discarding the session keys after
use, reusing the same private key for
all my communications.
As I noted, this is an idealized
example of how online bank account
creation could work. Banks and customers don’t actually exchange their
public keys when creating new bank
accounts, but instead still rely on passwords and sometimes other methods
such as scratch-off password sheets
and physical password generators,
called “hard tokens” (an example
would be a SecurID key fob). In the
future, public key exchanges as part
of opening accounts could provide
strong cryptographic identification
and secure communications. Banks
do some of this today with each other,
but generally not for their customers.
<http://en.wikipedia.org/wiki/
SecurID>
How does having a public and private key pair identify me, though?
Anyone could generate a set of keys
and claim any identity they wanted.
Certificates are one way of answering
this question. A certificate combines
three elements: 1) identification, 2) a
public key, and 3) external assurance.
Let’s look at how these elements can
be combined to make keys useful in
the real world.
Who Do You Trust?
Keeping in mind that public keys are
really just large numbers, how can we
connect a public key with a human
being or corporate entity? I could create a certificate and claim it belongs
to the Pope, so there needs to be some
cross-checking. SSL/TLS handles this
with trusted certificate authorities,
where a trusted party vouches for a
given certificate. Every Web browser
includes its own bundle of trusted
“root” SSL/TLS certificates, and every
certificate signed by any of those root
certificates is trusted by the browser.
Additionally, the entities that own
these certificates (called “certificate
authorities”, or “CAs”) may delegate
their trust to additional companies,
signing “intermediate” certificates
which are then also trusted to sign
further certificates; this hierarchy of
trust is called a “certificate chain.” So
long as you visit only Web sites certified (directly or indirectly) by CAs
trusted by your browsers, you need
not worry about this. If you want to
step outside the lines, however, things
become more complicated.
CAs are not the only way to establish
trust, of course. In particular, PGP/
GPG (Pretty Good Privacy/GNU
Privacy Guard, popular tools for public key cryptography) uses a “web of
trust” concept, eschewing commercial
authorities in favor of people signing
each other’s public keys.
SSL for Surfers
In real-world terms, people use SSL/
TLS for two reasons: privacy and
identity assurance. First, the encryption helps prevent criminals from
prying into electronic communications, and particularly from capturing
passwords that could provide access
to email, PayPal, bank accounts, and
the like. Second, SSL/TLS certificates
provide a fairly good guarantee that a
Web site branded with the browser’s
lock icon is legitimate and trustworthy.
Continued on Page 14
13
SSL Cont’d from
Page 13
Anyone who ever enters sensitive
information at a Web site, whether it’s
a credit card number, phone number,
home address, or supposedly anonymous rant, should check for “https” in
the URL, and consider seriously any
warnings about expired, misnamed,
or otherwise untrusted certificates.
If your browser warns you about a
site, **please** consider the warning
carefully, and decide if it means you
should go elsewhere or proceed with
your eyes open.
Unfortunately, there are easier
ways to attack SSL/TLS-protected
Web sites than actually breaking the
encryption, including creating new
sites with names confusingly similar to legitimate popular sites (with
foreign alphabets, they may even be
visually indistinguishable from the
legitimate name), or putting a lock
icon into the Web page. The browser
is supposed to show the lock outside
the HTML display area, so a lock
_inside_ the HTML area of the page
is a design element by someone who
wants you to trust this site, rather
than an assurance from your browser
that it is in fact trustworthy. People
sometimes do not notice that the lock
is in the wrong place, and blindly
trust the site. They are often unhappy
soon afterwards.
To see a Web site’s SSL/TLS certificate details, visit the site in a Web
browser (URLs of SSL/TLS Web sites
start with “https://”), and click the
lock icon (Safari shows it in the upperright corner; Firefox and Internet
Explorer use the lower-right corner).
As an example, Apple’s https://store.
apple.com/ certificate was issued
by the “VeriSign Trust Network”
and signed by “VeriSign, Inc.” That
VeriSign certificate was in turn signed
by VeriSign’s “Class 3 Public Primary
Certification Authority”. The “Class
3” root certificate is trusted by most
browsers in use today. In Mac OS X,
you can see this certificate in Keychain
Access, in the “X509Anchors”
keychain (SSL/TLS certificates are
based on the X.509 digital certificate
standard); Firefox stores its bundle of
X.509 root certificates in its application
package, because Firefox doesn’t use
the Apple Keychain. Because the Class
3 certificate is built in, Safari and
Firefox users see a lock icon instead of
scary warnings when using SSL/TLS
sites authorized by that Class 3
certificate, such as https://store.apple.
com/.
<http://en.wikipedia.org/wiki/
X.509>
SSL/TLS isn’t limited to securing Web
sites. To be secure, email communications can also use encryption, and
SSL/TLS is one of the easier ways to
accomplish this. Unfortunately, support for SSL/TLS varies widely, and
server-to-server SMTP connections are
rarely encrypted. On the other hand,
Apple Mail, Apple’s .Mac mail service, and Mac OS X Server all support
SSL/TLS for secure IMAP, although
unfortunately .Mac does not support
SSL/TLS for webmail. To configure
a Mail account to use SSL/TLS for
checking email, open Preferences,
click Accounts, select the desired
account, and click the Advanced tab;
there check “Use SSL”. If your mail
server runs on a dedicated IMAP/SSL
or POP/SSL port (like Mac.com),
enter the appropriate port number
(993 for IMAP/SSL; 995 for POP/
SSL). To encrypt sending mail, click
the Account Information tab, then
the Server Settings button at the bottom under “Outgoing Mail Server
(SMTP)”; check “Use Secure Sockets
Layer (SSL).” If you need a special
port for SMTP, it’s probably 587 (this
works for Mac.com).
Getting a Certificate for Your
Site
To set up a secure Web site, you must
first create a public/private key pair.
Keep your private key secret and
never share it with anyone. Next,
combine the public key with your
identifying information, including
the site’s domain name and owner, to
create a “certificate signing request”
(CSR). CSRs themselves aren’t useable
for encryption, but the process of signing a CSR creates an X.509 certificate,
which identifies a site and its claim to
trustworthiness (the signature), and
ties the site’s public key to its private
key (normally kept in a separate file).
When a CA (typically a commercial
security company) receives a CSR, it is
reviewed to determine if the request
is acceptable. Is it properly formatted?
Was the request made by a customer
with authorization to make requests
for that domain name, in good finan-
cial standing? If the request passes all
the CA’s checks, which vary broadly
between organizations, the CA folds
in additional information, such as
dates of issue and expiration (which
ensure that old certificates don’t last,
and also that CAs keep getting paid),
and signs the whole thing (CSR data,
CA data, and customer-provided
public key), producing the certificate,
which it then returns to the customer,
formatted for the particular software
used by the requester. Components
of Mac OS X Server (specifically the
included Apache Web server, Cyrus
and Postfix mail servers, and Jabber
chat server) all use the same certificate
formats, and can share certificates. Of
course, a certificate is useless without
its matching private key (created with
the CSR), since the certificate
is based upon a particular public key.
Because CAs vouch for the identity
of the certificate’s owner, they tend
to be picky about the details of the
certificate request. Misspelling a name
can delay certificate issuance, and
requests for certificates under different business names can be even more
troublesome.
Since people trust signed certificates to identify Web sites and protect
their confidentiality, SSL/TLS keys
(the secret part) must be kept secret
and safe. In the best case, if your key
is destroyed, you could be out a few
hundred dollars and offline while
processing a brand-new CSR, private
key, and certificate. In the worst case,
if a hostile party (a cracker, an FBI
agent, or your ex) gets a copy of your
SSL/TLS certificate and private key,
they could either impersonate the real
site, or decrypt all supposedly secure
communications sent to that site - a
phisher’s dream. There is a U.S. federal standard (FIPS 140) dealing with
how to secure such confidential data,
and it describes tamper-proof hardware and multi-party authorization,
but most people secure their private
keys either with a password that
must be entered to start the SSL/TLS
service after a reboot, or simply by
protecting the computer containing
the unencrypted key, which enables
rebooted computers to resume serving
SSL/TLS services (including HTTPS
Web sites) without human intervention. This is important to think about
when first venturing into SSL/TLS,
Continued on Page 15
14
SSL Cont’d from Page 14
and much more so for certificate authorities.
<http://en.wikipedia.org/wiki/FIPS_140-2>
Theft of a private key gets very complicated. If you lose
your car or house keys it’s a nuisance, but changing locks
is straightforward. For SSL/TLS the equivalent is certificate revocation, identifying a key pair as compromised and
informing others not to use it. Unfortunately, revocation
is an extremely difficult problem for several reasons. For
one, revocations must be managed as carefully as certificate signatures - it would be unacceptable if a competitor
could revoke Amazon’s SSL/TLS certificate. Additionally,
since private keys are tightly restricted, what if the computer containing the only copy of the key is stolen? Finally,
the SSL/TLS design doesn’t make any assumptions or
demands about timeliness, but if a certificate has been
compromised, the revocation should happen before anyone is able to commit fraud with the stolen certificate and
key. As a result, although there are many revocation systems, they are largely unused.
All about Certificate Authorities
A certificate authority is responsible for verifying that each
request comes from the party
described in the certificate, that this organization has
legitimate ownership of the domain, and that the requester
is authorized to make the request. The details of what is
required and how it is verified vary widely between CAs.
There are many CAs, but working with a new CA is
problematic compared to using a better established authority. In this case “better established” means bundled into
more browsers, because when a browser connects to a
site with an unknown certificate, it presents a deliberately
scary warning that security cannot be assured, and nobody
wants that to be the first user experience of their Web site especially when selling online. This applies equally to selfsigned certificates, those signed by private CAs (such as
universities and corporations for internal use), and certificates signed by upstart commercial CAs not yet bundled in
the user’s particular browser.
<http://news.netcraft.com/SSL-survey>
With Internet Explorer 7, Microsoft introduced “Extended
Validation” (EV) for “High Assurance” SSL/TLS certificates, stipulating additional checks on all EV CSRs and
Web sites in an attempt to bring some consistency to the
somewhat chaotic range of CAs and CA policies. Mozilla
has stated that Firefox will support EV certificates, and
Safari is expected to as well. These certificates are of course
more expensive. EV certificates are particularly welcomed
by CAs, as they provide an opportunity to re-raise certificate prices, which had been trending downward with
competition.
<http://en.wikipedia.org/wiki/Extended_Validation_
Certificate>
Prices vary widely among the different certificate authorities. VeriSign is one of the largest and most expensive,
charging $1,000 for a 128-bit certificate lasting a year,
or $1,500 with EV. When Thawte undercut VeriSign’s
prices and threatened their market share, VeriSign bought
Thawte, retaining the brand for cheaper certificates.
Thawte charges $700 or $900 (with or without EV) for a
1-year 128-bit certificate, but the process of installing a
Thawte certificate is more difficult, because an intermediate certificate must also be installed; this appears to be
an attempt by VeriSign to prevent the cheaper Thawte
certificates from being as functional as VeriSign-branded
certificates. Recently, when GeoTrust threatened VeriSign’s
popularity and pricing with 1-year 128-bit certificates
for $180, VeriSign repeated the performance and bought
GeoTrust, preventing them from seriously undercutting
VeriSign EV certificates. Cheaper options do exist, though,
such as RapidSSL, which charges only $62.
<http://www.verisign.com/ssl/buy-ssl-certificates/
secure-site-services/>
<http://www.thawte.com/ssl-digital-certificates/buy-sslcertificates/>
<http://www.geotrust.com/buy/geotrust_ssl_certs.asp>
<http://simplessl.com/rapid_ssl.shtml>
Because certificates are so expensive, CAs offer various
discounts for longer-lasting certificates or multiple purchases, and renewals typically cost less than new certificates. Most CAs are conscientious about reminding their
users to renew certificates before they expire (and pay for
the privilege), but they are also generally good about carrying any unused time onto renewed certificates so there
is no penalty for early renewal. A late renewal can be quite
embarrassing, as Web site visitors are asked if they trust
the expired certificate; putting certificate expirations into a
calendar can help avoid these problems.
All CAs offer the same basic service of signing CSRs to
produce trusted certificates, but there are many variables
including CA reputation, complexity of the certification
process, ease of installation and use for certificates, user
convenience in accessing certified sites, and CA policies. In
an attempt to justify their prices, many CAs offer guarantees of integrity for the certificates (and thus the associated
Web sites) that they certify, such as VeriSign’s Secured Seal
program.
What kind of certificates should you use? Public ecommerce sites, and those dealing with other highly sensitive
information, should be using 128-bit commercial certificates. The details of which certificate you should buy
depend on the site itself, but it’s worth keeping in mind
that the main differentiators revolve around visitor confidence (EV certificates, well-established root keys, etc.) and
ease of use for administrators, while the actual signing process is cryptographically equivalent for all CAs. Remember
that you provide the private and public keys yourself; the
certification authority vouches for the certificate’s owner,
but isn’t involved at the encryption level. All 128-bit SSL/
TLS certificates are cryptographically equivalent, although
browsers treat EV sites differently.
Alternatives to Commercial CAs
There are alternatives to paying a CA up to $1,500 per year
to sign your certificate. First, you create a new CSR and
use it to sign itself; such a “self-signed certificate” lacks a
third party’s assurance of authenticity but provides exactly
the same encryption as a “real” certificate with a proper sig
Continued on Page 17
15
Cover Story
Continued from Page 6
Continued
tured overseas and then imported. Any handset
model imported by 07-Jun-07 can continue to
be imported in future shipments, according to
the ruling.
The iPhone uses Wi-Fi for local networks and
EDGE for cell networks. EDGE fits into the 2.5G
cell technology category, a peculiar name - “second and a half generation” - assigned to interim
standards released mostly in the United States
to bridge the gap between 2G (slow modem
speed) and 3G (low-end broadband speed)
offerings during a long period that 3G wasn’t
ready to deploy. EDGE offers as much as three
times the bandwidth of a dial-up analog modem, or
roughly 150Kbps in ideal cases.
Many pundits and journalists opined that by
charging $500 or $600 for the iPhone (depending on
capacity) and by including a slower-than-3G cell data
connection, Apple had missed the boat -forgetting, of
course, that smartphones are only gradually adding
3G networking, that few offer 3G and Wi-Fi in a single
offering (and none allow seamless network handoffs),
and that other smartphones cost in the hundreds
of dollars. With new Qualcomm-based 3G phones
banned, Apple may get the last laugh.
The decision went into effect immediately, and
Qualcomm, Verizon, and others are already attempting
to have the ruling reversed. The ruling becomes final
within 60 days unless overturned by the U.S. president; the White House said that it would delegate
the decision to the U.S. Trade Representative, as it
has since 2005. If there’s no decision from U.S. Trade
Representative Susan Schwab, Qualcomm can file an
appeal in federal court.
Apple Improves MacBook Pro
Apple revamped its MacBook Pro line of portables
last week with faster processors, better graphics capabilities, 802.11n wireless networking (removing the
need to run an enabler), and screens that are backlit
using LED technology. I need to remind myself that
the MacBook Pro I bought last November is still a
perfectly fine machine for my needs, and not allow
techno-lust to overpower me (see “More Bang, Less
Bucks for My MacBook Pro,” 2006-11-20). That won’t
be easy, however.
<http://www.apple.com/macbookpro/>
ware, iWeb ‘08, gained support for widgets that can be embedded in
web pages. Using a widget you can add things like a Google map or a
custom html snippet. You can also add Google Adsense adds to your
site, registering directly from within iWeb ‘08. iWeb provides media
index pages and enhanced photo gallery pages (requires .Mac). New
in this release is support for personal domains. iWeb also gains support for multiple web sites, though there are some issues with publishing for those not hosting their sites at .Mac.
GarageBand ‘08
The major new feature in Apple’s consumer music-editing application is Magic GarageBand. Magic Garage Band is a feature that lets
you play music in a “virtual band”: choose a genre, assign some
instruments on the faux stage, and then pick an instrument for you
to play along with a pre-loaded track. GarageBand ‘085 also supports
multi-track recording and 24-bit audio. It adds a new arrangements
feature that allows you to select sections of a song, such as a chorus,
and move it around easily in the song timeline. A visual equalizer
lets you change EQ bands by dragging a wave form. Professionally
designed EQ presets are also available. It also allows you to automate
tempo effects and instruments to give your compositions a fresh
sound throughout.
Conclusion
Overall there is a lot to like with this iLife suite. The major stand outs
are iPhoto and iMovie. For some iMovie ‘08 is just not up to par. But
the good news you can still use iMovie HD 6, you can even transfer
projects from iMovie ‘08 to iMovie HD 6 to work with some of the features missing in the new iMovie. With iWeb and GarageBand gaining
some well thought out, and powerful, new features. Of the mix iDVD
has changed the least but its gains are mainly under the hood.
Editors Note: Considering the number of new products released
at the same time, it was decided that one long article was not
The new 15-inch and 17-inch models are powered by appropriate. Therefore each product has it’s own article. See
Page 10 for the new iMacs and Mac Mini’s. See page 19 for covIntel Core 2 Duo processors running at 2.2 GHz or
2.4 GHz. The new chips belong to the recently
erage of iWork ‘08. See Page 23 for coverage of .Mac.
16
Cont’d on Page 19
Continued on Page 17
SSL Cont’d
from Page 15
Continued
announced Intel “Santa Rosa” family, which
offer improvements in power consumption
and bus speed (800 MHz versus 667MHz
for the Core 2 Duo processors used in
the previous MacBook Pro revision). The
chips also enable the use of up to 4 GB of
RAM, up from a maximum of 3 GB. The
base configurations include 2 GB of memory. For graphics, the MacBook Pros use
the Nvidia GeForce 8600MGT processor
with either 128 MB or 256 MB of memory.
That memory comes in handy not only
for graphics-intensive applications such as
Final Cut Studio but also for powering the
17-inch model’s optional (for $100 more)
display with a resolution of 1920 by 1200
pixels, large enough to view and edit 1080i
high-definition video at native resolution.
The default configuration remains the same
as before, with a native resolution of 1680
by 1050 pixels.
The MacBook Pro is also the first Mac
to use energy-efficient LED (light-emitting
diode) backlighting for its display, though
only on the 15-inch model for now. Steve
Jobs alluded to LED-backlit displays in his
“A Greener Apple” open letter posted at
the Apple Web site in May (see “Steve
Jobs Talks Green,” 2007-05-07) because
replacing fluorescent backlighting with
LEDs reduces the amount of toxic mercury used in computers. According to
comments by Apple, the LED backlighting
can also add 30 to 60 minutes of time to a
battery charge.
<http://www.apple.com/hotnews/agreenerapple/>
Storage has been increased, offering 120
GB or 160 GB hard drives running at
5400 rpm for the 15-inch model, with an
optional 160 GB drive at 7200 rpm or a
200 GB drive at 4200 rpm. The 17-inch
model comes with a 160 GB drive, but can
be outfitted instead with the 7200-rpm
160 GB drive or a 250 GB 4200-rpm drive.
Note that drives spinning at faster rates
will not necessarily perform more quickly
in real-world usage.
In most other respects, the configurations are similar to the previous generation, including one FireWire 400 port, one
Cont’d on Page 20
nature. For one or two host names
(since certificates are tied to host
names) and for sites where consumer
confidence isn’t important, using selfsigned certificates is a good option.
It’s perfect for personal sites, where a
few hundred dollars could be a waste
of money. Even for sites which do not
provide SSL/TLS access
for visitors, securing administrative
access (updating blogs, checking statistics online, etc.) is a perfect use for
self-signed certificates.
If you have many sites, such as
might be true at a university or corporation, it may make more sense to
create your own CA, and use that to
sign individual certificates, avoiding
all CA fees. The downside is that visitors to your site must both deal with
legitimate security warnings from
their browsers, and manually trust
your private CA certificate. The procedures for dealing with private CAs
vary across browsers, and because
criminals can be CAs as easily as
anyone else, some browsers make it
deliberately difficult to trust a new
private CA. However, users must
trust your CA only once, and never
again have to deal with untrusted certificate warnings (unless they switch
computers or browsers, in which case
the process must be repeated).
If you opt to follow this path, you
should first think seriously about
both electronic and physical security
of your root certificate’s key, including backups and staff turnover.
Fortunately, being a CA is not technically much more complicated than
self-signing a certificate, although
assisting users with installing root
certificates is deliberately more complicated than simply trusting a selfsigned certificate in some browsers.
Establishing your own private CA
costs nothing - the free OpenSSL can
do it all. It just takes an investment
of time to learn the procedures and
a security commitment to protect
the root key, which is the security
linchpin for all child certificates. The
details are outside the scope of this
article, but there are several online
resources to get started, and the procedure can be automated and streamlined quite effectively.
OpenSSL includes CA.pl, a Perl
script to automate these tasks; it’s
effective but not perfect. Dissatisfied
with CA.pl and manual procedures,
I have produced two simple scripts,
cert.command to create and sign
new certificates, and sign.command
to sign existing certificates. Using
either of these scripts, I provide the
host name twice, enter the root key’s
passphrase, and hit Return a bunch of
times; the rest is automated.
<http://www.openssl.org/>
Secure in My Conclusions
SSL/TLS is by no means the only
way to secure Web and email communications on the Internet, but it
does yeoman service every day for
millions of people, protecting credit
card numbers, online banking sessions, email, and more. For normal
users, seeing the lock icon and
“https” in URLs provides confidence
that SSL/TLS is keeping us safe. For
admins, although the technology
behind SSL/TLS definitely falls into
the realm of cryptography (the software equivalent of rocket science),
the cost and effort of implementation
are well within the means of anyone
capable of
running a Web server.
[Chris Pepper is a Unix System
Administrator in New York City.
He’s still amused that Mac OS X has
turned out to be such a great management workstation for the Unix systems he works with. Chris’s invisible
signature block reads “Editing the
Web, one page at a time.” After banging his head against the issues discussed in this article, Chris has written an additional article on how to
use OpenSSL’s CA.pl script (included
with Mac OS X) to manage SSL/TLS
certificates. He has also developed
a pair of double-clickable scripts to
help run a private CA.]
<http://www.reppep.com/~pepper/
ssl/>
.
This article orginally appeared in
Tidbits Magazine issue #885, published 6/25/07. It is reprinted with
the permission of the Author.
17
GRAMUG News Continued from Page 2
July
Our July Meeting encompassed two topics: World Wide
Developers Conference and the iPhone. Guess which one
got more attention?
First up was a hilight of announcements from WWDC.
To be honest this years WWDC wasn’t as dramatic as
many had hoped. Leopard took center stage. The big
news was a redesigned Finder that borrows it’s looks from
iTunes. There are some new interface tweaks, like translucent menu bars,the Dock goes sort of 3D, and Apple has
added Stacks as a way to help you organize your files.
It still seems like Apple is holding back on some “secret
features”. The only surprise was when Apple announced
a Safari 3 beta program and that for the first time Safari
would be released for Windows.
We then launched into the iPhone part of the meeting.
Our own Terry Johnston risked life and credit card to snag
an iPhone. The first thing Terry mentioned was that buying an iPhone was a snap. You don’t do any conifguring
or activation in the store. You go home and do it through
iTunes. (PC folks who didn’t have iTunes had to download
it before activating their phones as there is no install cd
with the iPhone. ) The box the iPhone comes in is really
quite small. It contains the iPhone, dock, cables, and headphones.
Terry reported some problems activating his phone
mainly due to Verizon taking their own sweet time porting
his number. By now this snag has been worked out and
people are reporting activation just takes a few minutes.
The iPhone is smaller, thinner than the 5G iPod. But it
is longer. Terry recommended watching the tutorial videos
on Apple.
com to
get up
to speed
with some
of the
features
of the
iPhone.
One
caveat
with the
iPhone is
that currently you
can not
mount it
like a hard
drive.
Which
means
you can’t
drag
Shown abovie is Andy Dragt holding his
and
prize, a Belkin USB 2.0 4 port hub
drop
files on
it. You HAVE to use iTunes to sync and move files onto the
iPhone for now. Similarly music syncing is limited to playlists. You can sync contact groups from the Address Book.
And certain calendars can be synced. Another limitation
is that you can’t use the internet features while you’re on
AT&T’s EDGE network. But if you’re near a WIFI hotspot
they work great.
Terry
reports
getting
6-8 hours
of very
intense
use, especially
of the
internet
features,
before his
battery
conked
out. He
said he
recharges
it every
other
day. The
mapping
feature
Shown abovie is another lucky winner holdworks
great. It ing his price, an iGrip iPod Sticky Pad.
must use
cell towers to triangulate your position. The coverage and quality
of cell phone calls are great and very reliable. The built in
camera takes great shots, much better than it’s 2 megapixel
rating would seem to suggest.
Terry says he’s so happy with it he rarely feels the need to
take a laptop with him when he’s out and about. He says
most of the things he used to use a laptop for he can do on
the iPhone.
Terry wrapped up his presentation by showcasing a couple
of third party applications that have come out for the
iPhone. Such as:
Jive Talk
JiveTalkTM for iPhone brings the desktop Instant
Messaging experience to your iPhone. With JiveTalkTM,
you get a complete IM solution with real-time connectivity
to all of your IM buddies. Multiple IM networks, multiple
accounts per network: AIM®/iChat, MSN®, Yahoo!®,
GoogleTalk®, ICQ®, and Jabber
Leaflets
Leaflets are fun, useful applications designed to run fast
on your iPhone—even over AT&T’s EDGE network. Just
visit getleaflets.com on your iPhone and you’re
good to go.
18
T
iWork ‘08 by the Numbers
HE PRODUCT RELEASES
just keep rolling along. Apple
announced, on the heels of iLife
‘08, that it’s iWork suite was also getting a significant update. While Pages
and Keynote see incremental improvements, the big news is the addition
of a new program to the suite called
Numbers. It’s a spreadsheet program
that rounds out the only glaring omission in the productivity bundle.
Numbers
Numbers takes a different approach
to spreadsheets than a traditional program like Excel. Excel opens to this
huge rigid structure of columns and
rows. Numbers opens to a blank page,
Apple calls it a flexible canvas, you
drop in what it calls intelligent tables.
These tables are spreadsheets. You
control how many rows and columns
you need. If you need to add more
you can drag out the control point to
add them. You can also have multiple
intelligent tables on the same page.
Each one is formatted independently
of the others. Each table’s address
tabs contain pull-down menus that
store frequently used tools for adding,
deleting, hiding, or sorting rows and
columns. A Format Bar allows quick
formatting on the fly. A Sheets Pane
lists every sheet, table and chart as an
outline making navigating through a
complex document that much easier.
Numbers comes with 150 ready to use
functions. Just drag and drop one onto
a cell and it’s applied. Numbers is also
smart enough to realize that it looks to
the data in a header cell to determine
cell names. Cells can be formatted as
“sliders or steppers” allowing you
to run through “what if” scenarios.
Numbers works seamlessly with
Excel documents. You can import and
export into the new Microsoft Excel
2007 format, which uses Microsoft
Office’s Open XML format. Numbers
can also import OFX (Open Financial
Exchange) documents. Of course, it
can also export PDF’s.
Working well with raw data is
essential. Another necessary element is being
able to extract and
present information
in a easily understood
manner. Numbers truly
shines when it comes
to creating reports and
charts. Customizable
templates help even the
greenest novice. They
allow you to be up and
running quickly, and
assist you to create very
professional results.
As you might expect
Numbers works well
with other Apple apps.
For instance you can
use a media browser to
add images from iPhoto. Thanks to the flexible canvas metaphor
you can add or move
Cont’d on Page 22
19
News Cont’d from Page 17
FireWire 800 port, two USB 2.0 ports
(three ports on the 17-inch model), 8x
slot-loading SuperDrive, built-in iSight camera, backlit keyboard, ExpressCard/34 slot,
Bluetooth 2.0+EDR short-range wireless
networking, and gigabit Ethernet.
<http://www.apple.com/macbookpro/specs.
html>
The new MacBook Pro models are available now for the same prices as the previous generation. The 15-inch model with
the 2.2 GHz processor, 120 GB hard drive,
and Nvidia card with 128 MB of memory
costs $2,000. The 15-inch model with the
2.4 GHz processor, 160 GB hard drive, and
Nvidia card with 256 MB of memory runs
$2,500. And the 17-inch model with the
2.4 GHz processor, 160 GB hard drive and
an Nvidia card with 256 MB of memory
costs $2,800.
NetNewsWire 3.0 Speeds Up, Adds
Integration
The latest version of the popular news
reader NetNewsWire is out, sporting a
spiffier interface, improved performance,
and direct connections to several Apple
and third-party applications. NetNewsWire
3.0 lets you subscribe to RSS and Atom
syndication feeds offered by media sites,
blogs, search engines, and others, regularly
checking for updates and aggregating the
results into a compact window.
<http://www.newsgator.com/Individuals/
NetNewsWire/>
The new release, despite its major version
number change, has much the same abovethe-hood functionality as version 2.1. The
interface revision is welcome, adding quite
a bit of subtlety and shading to the previous, more quotidian look.
NewsGator, the developer, says that
under the hood, they revised some fundamental parts of how the program stored
its bits of news, making it more robust and
quicker in handling extremely large subscriptions and quantities of news items.
NetNewsWire has insinuated itself
more deeply into Mac OS X by tying
into Spotlight, Address Book, iCal, and
iPhoto. In Spotlight, searching on any word
found within any retrieved item shows a
stub within the list of Document results
with a NetNewsWire icon. Double-clicking the result opens the item within
NetNewsWire. Photos can be copied
from a feed into iPhoto, too.
The program supports micro-formats,
which are embedded structured elements
within Web pages that can be interpreted
by clever software. If a page includes a
calendar or contact entry in this format,
NetNewsWire presents you with the
opportunity to add it to iCal or Address
Book.
NetNewsWire 3.0 adds Growl notifications, Twitterific support, and the capability
to email the contents of a news item or a
link to a news item through a menu command. Also new is what NetNewsWire
calls “cover art”: a tiny screen capture of
the home page of the Web site for the
news feed you’re currently viewing. Finally,
you can now store news items as clippings,
which are synchronized with an account
you set up at NewsGator’s Web site.
<http://growl.info/>
<http://twitter.com/Twitterrific>
LogMeIn Adds Remote Control for
Mac
Mac users have a new tool for remotely
accessing other Macs regardless of whether
the remote computers have routable IP
addresses. LogMeIn released a beta last
week of their LogMeIn Free software for
Mac OS X. LogMeIn already supports
Windows and Linux operating systems,
and some handheld platforms. This version
enables a Mac running Mac OS X 10.4.9
to connect to, or be connected to by, any
LogMeIn client on their supported platforms.
<https://secure.logmein.com/products/mac/
download.asp>
Remote control software is often used
to view and control the operating system
interface of a computer elsewhere on a
local or remote network, and to retrieve
or transfer files among multiple computers
owned by one person - I have Quicken
installed only on my computer at home, for
instance, and use it remotely while I’m in
the office. Remote control software is also
widely used for technical support, enabling
a technician to view precisely what a user
is doing, and to install software remotely.
The free flavor of LogMeIn allows
unlimited computers and connections, but
doesn’t include file transfer, just remote
screen control. The company offers several
paid versions of their products, including
a premium personal release that does
include file transfers, remote printing, and a
dashboard for managing multiple machines.
The Mac version is available only in the
free edition at the moment.
LogMeIn requires a software installation (but without the need to restart) on
the computer that will be remotely controlled. The company’s Web site manages
your connection to remote computers.
Remote control is handled through a Web
browser: a Web plug-in for Safari and a
Java applet that works in Firefox provides
the interface. Just like iChat, Skype, and
other communications software, LogMeIn
can work with either routable IP address
or private, non-routable addresses typically used in home networks, hotspots, and
some business networks. (The trick is that
computers on either end of a connection
open a link to a central server which ties
each separate connection together.)
Other Buttons on the Remote
While Timbuktu Pro has long provided a
combination of remote control, file transfer,
and other communications features, the
product is priced and designed for technical support or advanced users with specific
needs, not personal use. Timbuktu Pro
can’t penetrate networks to reach private
addresses, either, since Netopia doesn’t
operate central servers that would enable
that. Timbuktu Pro can traverse NAT gateways using Skype, but I have found that
slow and sometimes unreliable in practice.
<http://www.netopia.com/software/products/tb2/>
Similarly, Apple’s Remote Desktop software
provides remote control, file transfer, and
client management, but it’s relatively expensive; has no capability for working with
private, non-routable IP addresses; and is
aimed at large installations (see “Apple
Remote Desktop 3 Released,” 2006-04-17).
<http://www.apple.com/remotedesktop/>
Fog Creek’s Copilot software can reach
routable and non-routable addresses, but is
sold on a time-used basis and is meant for
technical support (see “Fog Is My Copilot,”
2007-01-09); usage can cost 25 cents a
minute or $5 per day, or can be included
in monthly subscription plans. Likewise, Mac
HelpMate Remote can reach any computer,
but is designed for remote technical support, and is part
of a package starting at $600 per year.
<https://www.copilot.com/>
Cont’d on Page 21
20
News Cont’d from Page 20
iTunes 7.2 Enables DRM-Free Music
Apple has released iTunes 7.2, which is
notable for only one thing -the fact that it
now lets you preview and purchase “iTunes
Plus” music that is both higher in quality
and free of Apple’s FairPlay digital rights
management. As I wrote in “Apple and EMI
Offer DRM-Free Music via iTunes” (200704-02), Apple and EMI Music announced in
April 2007 that EMI’s entire digital catalog
of music would be available for purchase
in DRM-free form from the iTunes Store
worldwide. The promised start date was
May 2007, so they just squeaked in under
the wire, but that’s good enough to consider it a kept promise. iTunes 7.2 is available via Software Update and as a 29.6 MB
standalone download.
<http://www.apple.com/support/downloads/itunes72formac.html>
the iTunes Plus preferences and the
Upgrade My Library functionality in the
iTunes Store, rather than in iTunes itself.
The approach makes sense, since iTunes
is increasingly becoming a true Internet
application that’s easier to enhance without
pushing code to millions of Macs and PCs.)
iTunes Plus is certainly a good thing for
consumers who found even
FairPlay’s relatively reasonable restrictions
irritating, for those who will appreciate the
higher audio quality, and for the subset of
people who refused to purchase from the
iTunes Store because of DRM restrictions.
Even though EMI is offering DRM-free
music to other online music stores, and
eMusic has long sold DRM-free music, it’s
also a PR boon for Apple, which gets to be
seen as helping in the push to free music
from onerous DRM. EMI wins too, both in
terms of increased revenue from sales of
iTunes Plus tracks and the increased sales
that will no doubt result from EMI music
being featured on the
new iTunes Plus page in the iTunes Store.
However, Ars Technica is reporting
that Apple embeds your full name and
email address in tracks purchased from the
iTunes Store, something that has apparently been true since the beginning but
that wasn’t relevant when those tracks
couldn’t be played without authorization.
With iTunes Plus tracks, though, this hidden branding could theoretically be used
to trace shared tracks back to the original
purchaser, although without some form of
digital signature, that information could also
be spoofed as a way to frame an innocent
user. It’s not yet clear what Apple plans to
do with this information, if anything, but
such use of personally identifiable information should be included in the company’s
privacy policy. This could be an issue particularly in the EU, where privacy is treated
with significantly more importance than in
the United States.
<http://arstechnica.com/news.ars/
post/20070530-apple-hides-account-info-indrm-free-music-too.html>
Besides lacking FairPlay, iTunes Plus songs
and music videos are encoded as 256 Kbps
AAC files, up from 128 Kbps AAC. The
price for songs increases as well to $1.29,
up from $0.99. Music videos remain priced
at $1.99, and although their audio quality
increases, the video quality remains the
same.
To purchase songs and videos in iTunes
Plus format, you must enable iTunes Plus in
your account preferences, although iTunes
7.2 prompts you to do this if you try to
purchase a song that’s available in iTunes
Plus. Once enabled, you see a little + sign
next to the $1.29 price of iTunes Plus
tracks.
If you’ve purchased DRM-protected
songs already, you can upgrade them to
iTunes Plus versions for the $0.30 price
difference from the Upgrade My Library
page in the iTunes Store. You’ll have to
check back at that page over time to see
if additional songs have been released in
iTunes Plus format. Music videos cost $0.60
to upgrade, and entire albums are available
at 30 percent of the current album price.
When you upgrade a song, iTunes downloads the new one and optionally places
Audio developer Rogue Amoeba is happy
the original version in an “Original iTunes
about iTunes Plus, since the removal of
Purchases” folder so you can compare it to
DRM enables their Fission audio manipulathe iTunes Plus version
tion program to work with iTunes Plus
to see if you can hear the quality difference.
tracks to create ringtones, create sound
<http://phobos.apple.com/WebObjects/
bites, or just edit out the applause in live
MZPersonalizer.woa/wa/upgradeMyLitracks. (John Gruber of Daring Fireball
braryPage>
noted, however, that updated terms of service for iTunes 7.2 specifically disallow use
(It’s interesting to see Apple putting both
of purchased music as ringtones, not that
such a limitation is in any way enforceable.)
What I’m really looking forward to, though,
is audiobooks in iTunes Plus format, since
it bugs me that a single audiobook comes
from the iTunes Store in multiple files,
making it annoying to play. There are workarounds (see “Audio File Concatenation:
Driven to Distraction by DR,” 2005-11-14),
but they’re cumbersome, and just being
able to join unprotected AAC files would
be a boon.
<http://www.rogueamoeba.com/utm/posts/
News/Fission-loves-iTunesPlus-2007-05-3017-30.html>
<http://daringfireball.net/linked/2007/
may#wed-30-ring_tones>
The two questions that remain are how
quickly other music labels will jump on the
iTunes Plus bandwagon and whether Apple
will remove DRM from video. Stay iTuned...
Apple TV Gains 160 GB Drive,
YouTube Downloads
Call me a rainmaker. Just a few days
after I sent my latest book (“The Apple
TV Pocket Guide”) to be printed, Apple
announced upgrades to the Apple TV.
<http://www.amazon.com/Apple-TV-PocketGuide/dp/0321510216/tidbitselectro00/>
<http://www.apple.com/appletv/>
During last week’s D: All Things Digital conference, Apple CEO Steve Jobs and Wall
Street Journal columnist Walt Mossberg
chatted onstage about Apple’s latest
“hobby,” the Apple TV. “The reason I call it
a hobby,” said Jobs, “is a lot of people have
tried and failed to make it a business. It’s a
business that’s hundreds of thousands of
units per year but it hasn’t crested to be
millions of units per year, but I think if we
improve things we can crack that.”
<http://d5.allthingsd.com/>
<http://www.engadget.com/2007/05/30/
steve-jobs-live-from-d-2007/>
One method of cracking the business
comes in the form of a build-to-order
option, now available, to include a 160 GB
hard drive in the Apple TV instead of the
relatively small 40 GB capacity in the base
model. Apple claims the more capacious
drive will hold up to 200 hours of video
or 36,000 songs, compared to 50 hours
of video and 9,000 songs on the 40 GB
model. The 160 GB version costs $400; the
40 GB version remains priced at $300.
More intriguing is the addition of
Cont’d on Page 24
21
iWork ‘08 Cont’d from Page
19
elements on your
document’s page. That
includes 2D and 3D
charts, images, text
labels and photos.
When it comes time
to output your document you can use the
interactive print view.
It enables you to scale
and arrange items in
a print preview mode
before you print. No
more trial and error
printing to make sure a
spreadsheet doesn’t get
cut off.
Pages ‘08
Pages is the word processing application in
iWork. Quite frankly
I’ve never used it that
much. The page layout functions have always worked
well. But the word processing part was lacking features
and slow. Pages ‘08 might just change that reputation. It
now comes with a separate Layout and Word Processing
mode. Another welcome addition is a contextual format
bar, ie it only shows tools that are appropriate for the content you’re working on, for text, graphics and charts. It
now supports customizable paragraph, character and list
styles. For those writing longer documents you’ll appreciate that it now supports section, layout and page breaks
(rather than flowing text as one long story). A surprising
addition, since before now Microsoft is the only one to
have this feature in Word, is change tracking and reviewers comments. This is a welcome feature for group collaboration. Pages sports improved graphics editing tools.
It even comes with an alpha channel tool. Pages ‘08 comes
stocked with 140 templates so you can jump right in and
create some professional looking documents right away .
Pick a professionally designed template and replace text
and images with your own content. Pages has some other
less flashy features but they’re quite handy. Among them
are: Mail merge with Address Book; Automatic table of
contents; & Spellchecker and proofreader. Pages also lets
you open legacy documents, like AppleWorks word processing (but not drawing or painting) documents. It can
also function well with PC users as it can open Microsoft
Word documents.
variation. Apple designed themes and transitions, with
coordinated text, tables and charts, allow you to easily
create spectacular looking presentations. A new “instant
alpha” tool masks out portions of an image, say a background. A smart builds feature makes creating impressive
animations easy for anyone to make. You can, for example,
animate objects moving along a path or scaling objects
over time. Reviewer comments, like change tracking in
Pages, come with Keynote ‘08. Another shared feature
with Pages is the Format bar for text, tables, graphics, and
charts. Another handy feature is the ability to record a
voice over. Handy for self running presentations. You can
also create interactive slideshows for kiosks. After you
build your presentation you have to actually give your
presentation. Keynote has handy tools like a presenter
view, with notes, timer and next screen displays to aid
you. Keynote can also play well with PC’s and legacy
files. It opens AppleWorks presentation documents. It also
imports and exports Microsoft Powerpoint files.
Conclusion
Apple has been very busy with the updates for iWork. In
my opinion Numbers alone makes iWork ‘08 worth the
upgrade. The improvements to Pages are welcome and I’m
personally looking forward to trying them out. I’m really
curious to see how well the track changes and reviewers
comments feature works. Lastly Keynote just gets better and better. If you’re looking for a replacement to the
recently discontinued AppleWorks you should give iWork
‘08 a try. (Apple has provided a 30 day demo of iWorks.
You can find it at http://www.apple.com/iwork/trial. )
Keynote ‘08
Keynote is the veteran app of the iWork suite and it shows.
The changes and additions for Keynote are not as dramatic
as Pages. But there are some real gems. Keynote now supports text effects. A handy way of creating interest and
22
by Monte
I
.Mac Gets an Upgrade
Ferguson
scribers. The previous limit was 10GB,
which you could only find out by
calling or emailing .Mac support. This
puts in on par with most web hosts.
If that’s not enough storage you can
always pay more to get more. For
49.95 a year you can double your storage and bandwidth limit (20GB and
200GB respectively) or for 99.95 a year
you can triple the default storage and
bandwidth limit (30GB and 300GB
respectively.) iWeb users are going to
be pleased that .Mac now adds support for personal domains.
T’S BEEN A WHILE SINCE .MAC
has seen an upgrade. In the meantime other online services, some of
them ad supported, have come along
and duplicated (if not surpassed)
.Mac’s features. As recently as this
past summer Steve Jobs had been
questioned about .Mac and it’s relative value. At the time he had indicated it had not been getting as much
attention but would be receiving an
update with new features.
Well now the wraps
are off on the new
.Mac service. The
most talked about
new feature is the
.Mac Web Gallery. It’s
a feature for sharing
photos and movies
over the internet.
.Mac members can
share photos and
video from within
iLife ‘08. The quality
of pictures online are
“stunning”. Anyone
visiting a .Mac Web
Gallery over the web
can download high
quality pictures for
printing. Visitors can
even contribute photos using a web
browser or email.
“
.Mac Web Gallery is an
awesome way to share photos
and movies on the Internet
with friends and family.You
can share your favorite photos
and movies with anyone on a
Mac, PC or iPhone, and they
can turn them into high-quality prints as well as contribute
photos to your site using a
Web browser or email.
Steve Jobs
”
Apple
CEO
While .Mac Web Gallery is the snaz-
.Mac is available as
a subscription-based
service for US$99.95
per year for individuals and $179.95 for a
Family Pack, which
includes one master
account and four
sub accounts. Apple
said that it has 1.7
million subscribers.
Which translates into
approximately $150
Million a year in revenue (factoring in discounts on retail kits
and bundles.)
ziest new feature there is more to the
upgraded .Mac service. For one thing
Apple has increased the storage space
from 1GB to 10 GB. That storage space
is used for
you .Mac mail,
iDisk, .Mac
Web Gallery,
and any content uploaded
through old
and new iLife
tools. Jobs
also said that
.Mac users will
have 100GB
of monthly
data transfer included.
That’s the first
time Apple
has gone on
record to state
a bandwidth
amount available to its sub-
Conclusion
This is the first time
since the service went commercial, ie
paid for, that it seems like a good deal.
Cont’d on Page 24
23
iMacs Cont’d from Page 10
machine.
One Last Thing
Apple Keyboard
The last update was a surprise. Apple
has come out with an all new keyboard. It is incredibly thin. It takes
its cues from laptop keyboards. (For
instance using the F9 key for Expose
required hitting the FN key as well.)
It’s only 0.33 inches/8.3 mm tall, as
opposed to the 0.99 inch/25.1 mm
height of the previous Apple Pro keyboard. Instead of plastic for the body
of the keyboard it uses aluminum.
It gives the keyboard a very sturdy
feel. Yet its quite light. The wired
model, which retails for $49, comes
with new Macs and uses USB (it also
provides a pair of USB 2.0 ports) and
is an extended keyboard. A wireless
model, which retails for $79, is an
option for new Macs. It uses Bluetooth
for wireless connections, lacks the
USB 2.0 ports, and is not an extended
keyboard. It is basically a laptop key-
board. It runs on three AA batteries
(included), and advanced power management means you’ll get up to nine
months of battery life based on average usage patterns. Both keyboards
offer, along with all the usual keys,
dedicated keys for Mac OS X features
like Exposé and Dashboard, along
with media keys for play/pause, eject,
brightness, and volume.
Conclusion
The new iMacs look great. They’re
sleek. They’re slimmer than the previous models. They also weigh less than
previous iMacs. Budget conscious
shoppers are going to miss the 17 inch
model as it was the only model Apple
had priced below a thousand dollars.
The glossy screen is going to be a
personal call. Some will love it, others
will hate it. I’ve had a chance to see
one up close and personal and I think
it’s a winner.
The Mac Mini didn’t get much
fanfare with it’s update. True it’s not
an earth shattering update. But its a
very solid upgrade. Anyone consider-
.Mac Cont’d from Page 23
Rather than a necessary purchase, if you
wanted to use something that supported Mac
synchronization and media without any hassles. With the upgrades to the service Apple
is catching up to its nearest competitors. So far
Apple has stayed true to its subscription based
model rather than using ads like the other big
operators (namely Google, Yahoo, AOL, and
Microsoft). And, unlike the others mentioned,
who focus on mail with limited or no support
for sharing media, Apple offers a wealth of
options to allow it’s subscribers to produce and
share content. .Mac allows Apple to bring the
digital lifestyle concept full circle. It’s a good
deal these days for subscribers
ing a second Mac or who is on a budget should really consider the Mini.
My employer picked up one of the
1.83Ghz models and I can tell you it’s
a pleasure to use. Thanks to Parallels
we’ve got it running Mac and
Windows apps side by side all day. It
is a workhorse of a computer yet takes
up a tiny amount of desk space.
The new Apple keyboard takes
some getting used to. You can bang
on the keys with out having to fear
one might pop off. They keys are low
profile like a laptops. But they are so
low profile that I’ve had misfires, ie
times when i hit a key but not hard
enough or at the correct angle for it to
register. It is a beauty to look at. I get
ooohs and aaahs when people come
over to my desk. Oh, and I switched
it’s default behavior so I no longer
have to hit the FN keys to make the
function keys work. That was driving
me batty initially.
If you’re in the market for a new Mac,
or a Mac keyboard, give these products a try. You won’t be disappointed.
iMacs Cont’d from Page 21
downloadable YouTube content, something that we suspected would
appear, given that the box is already capable of downloading movie
trailers and other video content (see “Apple TV: The Real Video iPod,”
2007-03-26). A new YouTube menu item will lead to categories such
as Featured and Most Viewed, with video streamed directly to the
Apple TV. (Unofficial hacks have made it possible to view YouTube
videos - and other online content - on the Apple TV since a few
days after the device began shipping, but the process to implement
them isn’t trivial.) The capability will be available sometime in June as
a free update.
<http://wiki.awkwardtv.org/wiki/Main_Page>
Two Small Security Updates
Apple released two security updates, version 1.1 of Security Update
2007-005 (see “Security Update 2007-005 Released,” 2007-05-28)
and Security Update (QuickTime 7.1.6). As of this writing, Apple
had said nothing about what was fixed in the 1.1 version of Security
Update 2007-005, but the QuickTime security update fixes two
issues in QuickTime for Java that could result either in arbitrary code
execution or disclosure of sensitive information. That sounds similar
to the security fixes in QuickTime 7.1.6 itself from earlier this month,
but it seems to be different (see “QuickTime, AirPort, Security
Updates Released,” 2007-05-07). In either case, both updates are
likely worthwhile. Downloads for Security Update 2007-005 1.1 are
available in PowerPC (15.7 MB) and Universal (29.2 MB) forms, and
Security Update (QuickTime 7.1.6) is a 1.4 MB download. Or just
use Software Update to get the appropriate version for your Mac.
<http://docs.info.apple.com/article.html?artnum=305531>
�����������������
���������������������
��������������
���������������
�����
���������������
��������
�����
������
����� ��������������
����������������������������������
����������������������������������
����������������������������������
����������������������������������
�����������������������������������
������� ���������������������������
������� ���������������������������
���� �������������������
������� �����������������������������������������������������������������������������
��������� �����������������������������������������������������������������������������
������������������������
�����������������������������������������������������������������������������������������������
������������������������������������
����������������������������������������������������������������
���������������������������������������������������������������������������������������������
����������������������������❒���������������❒�������������������❒ ����������������������❒ �����������������
�������������������������������������������������������������������������������������������������
�����������������������������������������������������������������������������������������
������������������������������������������������������������
❒������������������ ❒������������
❒��������������������
❒���������
❒�������������
❒�������
❒�������������������
❒����������
❒���������
❒��������������������
❒�������������������
❒���������������������������
❒������������
❒�����������������
❒�����������
�������������������������������������������������������������������������������������������
�����������������������������������������������������������������������������������������
�����������������������������������������������������������������������������������������
������������������������������
������������
����������������
����������������������
��������������������
�������������������
������������������������
������������������������