Not too long ago I put together a screencast which aims to introduce Mac users who haven’t played with Terminal or command lines before and try and explain some of the initial concepts and to get doing a few things.
The first worm to infect the Apple iPhone has been discovered spreading ‘in the wild’ in Australia.
The self-propagating program changes the phone’s wallpaper to a picture of 80s singer Rick Astley with the message ‘ikee is never going to give you up’.
The worm, known as ikee, only affects ‘jail-broken’ phones, where a user has removed Apple’s protection mechanisms to allow the phone to run any software.
The news of this worm is likely to attract the attention of some anti-Apple and anti-iPhone crowds and used as an argument as to why the iPhone isn’t secure, and Apple people should no longer feel safe and so on and so on.
To those who would seek to lose a sense of perspective on this story:
This worm works only on jailbroken iPhones (an unsupported procedure), where the user did not change the default root password and left the remote login SSH service running.
This attack says nothing about the security of the iPhone software — it exploits little more than very poor configuration on the user’s part. If you choose to jailbreak your device, you have a responsibility to understand the implications that has. Which means, change the damn root password to something other than ‘alpine’. While you’re at it, also change the password for the user mobile too.
Despite having defended the iPhone thus far, I’m not in the business of assuming Apple get every aspect of security right all the time and I’m not in the business of declaring the Mac or the iPhone to be ιsecure’, or more secure than anything else. As hope I made clear in my previous post, a simplistic black-and-white approach to looking at computer security doesn’t make any sense or do anyone any favours.
I’m not complacent about security because I use a Mac*. I am confident because I feel I have grasped a good understanding of the risks and of trust.
* or Linux, or anything that I perceive as being more secure.
I’ve been busy beavering away in Xcode and I am now proud to release version 0.3 of DfontSplitter for Mac.
So, here are the release notes:
New Features and Bugfixes
- Now supports the splitting and extracting of TrueType Collection (TTC) files in addition to traditional Mac Datafork (dfont) files.
- The conversion of a .dfont will no longer fail if there is already a TTF of the same name in the same directory; it will now overwrite the existing file.
- Users of Snow Leopard on Intel Core 2 and Xeon Macs will now be running the DfontSplitter application in 64-bit mode.
- Improved error message text.
- Converting TTC files on Mac OS X Leopard (10.5) does sometimes run into problems, where the TTC splitting script can’t open the TTC file. The reason for this is currently unclear.
- Moving TTF files that have been extracted from a .dfont over to Windows — please see this workaround.
As always, go across to the DfontSplitter project page to download the new release.
If you’re already using DfontSplitter for Mac, simply go to DfontSplitter > Check for Updates within the application to upgrade to the new release.
Thanks to a great suggestion by Nick Charlton, I decided to put together a screencast demonstrating how to set up public key authentication for logging into SSH servers on the Mac.
Setting up a keypair and then using it to log in to remote systems, instead of remembering separate usernames and passwords, can be a bit of a fiddly business, but I hope that in this screencast I can show how to get it set up.
Take a look and let me know what you think!
UPDATE 2011-05-09: While some particularly stubborn fonts do require this process, users who have previously experienced difficulty with older versions of DfontSplitter should first try with DfontSplitter 0.3.1 or later, which include a possible fix for this issue.
I think I’ve finally found a solution to this annoying error message that Windows gives when you use DfontSplitter to convert some fonts and then try and use those converted fonts in Windows.
It involves using a third-party open source application called FontForge to convert the TTFs that DfontSplitter gives you from a Mac-specific TTF format into ‘regular’ TTF format.
A full tutorial on using this method is included as a YouTube video screencast below.
If you can’t or don’t want to watch the video, essentially the process is:
- Use DfontSplitter on the .dfont file as normal
- Open the resulting TTF files you want in FontForge
- Export each TTF file from FontForge with File > Generate Fonts. Make sure TrueType format is selected.
- Import the resulting TTF files into Windows fonts folder.
Please do let me know if this process works for you and give any feedback — especially if you’d previously had problems using a .dfont you had wanted to use on Windows.
I just pushed out an update for DfontSplitter for Mac. The application now features:
- Automatic software update support via Sparkle
- New preferences window
- You can choose whether a Finder window is opened after conversion from the Preferences window
- New progress indicator while the Convert button is pressed and fondu is working
You can download the release from the (newly prettified) DfontSplitter project page. Enjoy!
Tweetie for Mac was released today, to much fanfare. Its interface on the iPhone is absolutely top notch (I happily paid the £1.79 for my iPod Touch) and the Mac interface also looks interesting as well.
I’m not going to go into a full review, because I really haven’t used it much yet. What I don’t want this post to come across as, however, is a rejection of it totally. There are just a couple of issues relating to privacy I have with this initial release.
UPDATE: As of Tweetie 1.0.1, which was released minutes ago, this issue is fixed. Consider this paragraph obsolete.
For some reason, Tweetie for Mac does not send your Twitter username and password over a secure HTTPS connection. Quite frankly, I’ve come to expect this in any Twitter client. It surely takes no extra effort to implement this, it has a minimal performance overhead and even if you don’t really need it, does it really hurt to encrypt your password?
This really bugs me. I don’t really want to be throwing my credentials across the network in plain text every few minutes. It’s like shouting out your Twitter username and password to everyone in the street. Sure, probably no-one cares, but why do it if you don’t have to?
UPDATE: I contacted Fusion Ads on this subject recently and as of this morning, 2009-04-23, the Tweetie for Mac page has been updated with a brief, but better-than-nothing privacy statement. I’m still interested in seeing something a bit more substantial, but this is a good step forward.
Tweetie for Mac costs $14.95 at the moment, going up to $19.95 later on. To get people to try it, there’s a free ad supported version, using ads provided by a company called Fusion Ads.
It concerns me quite a lot that in a desktop application, where an advertising system can get a lot more information about you than it can within the constraints of a web browser environment, nothing is said about what is going on.
For me, these two issues stop me from using the client right now. I’m sure the SSL issue will be addressed in a future release if enough people ask for it, as I can’t imagine it being difficult to implement at all. It would also be nice to have a little bit of transparency in how the free model works as well, and hopefully this will come with time as well.
For the time being, however, I’m not entirely satisfied that I can use the app comfortably, so I am holding off for now.
Yesterday my brand new MacBook Pro 15″ arrived.
I got my original white MacBook over two years ago and it quickly became my primary machine. The seamlessness of the Apple hardware-software connection, its increased performance over my existing Linux PC and the desire to learn about OS X motivated this. Since then it has been, for the most part, my primary computer.
The MacBook still is an excellent machine for what it does, but being a full-time desktop as well as a portable computer, I began to desire a larger screen for when I’m using it at the desk and to get away from the limitation of the rather pathetic Intel GMA 950 integrated graphics.
So to address these issues and erm… continue my investment into computing (nothing to do with the fact that the new Pros are just, really, nice) I went out and bought the new 15″ MacBook Pro.
I got the middle model, with a 2.66 GHz Intel Core 2 Duo, 4GB RAM and the dual GPU Nvidia GeForce 9400M (for battery life) and Nvidia GeForce 9600M GT 512 MB (for performance).
I’ve had it just hours, but I love this machine!
NOTE: for the latest release of DfontSplitter, please link to https://peter.upfold.org.uk/projects/dfontsplitter.
The software development wheel has been turning again and I can now announce DfontSplitter 0.2 for Mac OS X.
DfontSplitter is a program which allows you to convert, or split, a Mac OS X .dfont font file into one or more TrueType font files (.ttf). TTF files are much more portable than this Mac-specific format.
This new release sports an entirely new interface built in Cocoa. It is a great improvement over the previous AppleScript interface which required a lot of unnecessary clicking and was generally quite horrible. The new interface also supports batch converting; you can drag several dfonts into the sources list and convert them all at once.
To download, please go to the DfontSplitter project page.
I got a new printer today. Actually, it’s a printer and scanner and copier, All-in-One sort of device. It is the HP DeskJet F2180, found for Â£30.
It’s replacing my ageing and rather incompatible Lexmark Z45. The Z45 was bought a very long time ago, back even before I started using Linux. Back then, compatibility with alternative operating systems wasn’t a priority and ever since I have been dogged with issues printing from my own machine.