Hack This Mac

My Mac’s security is being compromised by .Mac

Published on 17 Nov 2007 at 9:19 pm. 7 Comments.
Filed under apple, mac, mac os, security.

I’m not a security expert by any means, so it is with great consideration that I bring up anything security related. While a feature I don’t understand may not necessarily be a security problem, one part of Leopard behaves in such an unexpected way that I can only call it a security problem – .Mac is at the center of it.

As you may have already read here, I won’t be renewing my .Mac membership. To get a jump on not relying on it any longer I was sure not to add my .Mac account to the .Mac preference pane. I do however need the email a bit longer so I did add my .Mac account to Mail.app on my iMac and new MacBook. This had the side effect of filling in my account details in the .Mac preference pane, something I didn’t want. Incidentally, clearing the fields in the .Mac preference pane disables my .Mac account in Mail.app

At least I’m not signed in, right?

Now, here’s the problem. File sharing no longer asks me for my machine password. When I click on my iMac from my MacBook I’m signed in using my .Mac account. Note that both machine are on my local network, this is not happening from a remote location.

Upon signing in to .Mac I confirm on both machines that “Back to My Mac” is not turned on.

Not only is this completely unexpected (that adding an email account to two machines would allow this sort of open access to my computer), it’s ostensibly disabled.

I disagree with John Gruber of Daring Fireball that the intended behavior of Back to My Mac is not security issue. But how can anyone not consider the behavior I’ve shown here to be a major lapse in security? I do not want anyone in my house who happens to open my MacBook (usually left laying around) to have full unrestricted access to my iMac (in a locked office).

Apple has a knowledge base article about Back to My Mac security. In the article Apple says:

To prevent a computer from being part of your Back to My Mac network at any time, you may click the “Stop” button on the Back to My Mac tab of the .Mac preferences in System Preferences. Additionally, you may click on “Sign Out” in the .Mac “Account” tab to log out of the .Mac service completely on that computer.

Apparently this isn’t the case since I’m not signed in, and, Back to My Mac is disabled, but my machine is still open. It’s completely unexpected that using my .Mac email will open me up to this. I wonder if using a .Mac sign-in for iChat behaves the same way.

The basic security I have in place on my iMac is a password. By using .Mac mail I’ve opened my iMac to anyone who has access to my MacBook. My Mac’s security is being compromised by .Mac.

Managing 10.4 Servers from 10.5

Published on 14 Nov 2007 at 11:50 pm. 1 Comment.
Filed under apple, mac os, server, software update.

Finally! The release of Mac OS X Server 10.4.11 update finally makes it possible for me to manage my Xserves from my Leopard client. I think Apple did a excellent job with the new server overview.

One caveat is that you cannot manage DNS on 10.4 servers using the 10.5 server admin tools. This doesn’t effect me since I’ve always written my zone files “by hand,” but this is going to be an inconvenience for some people.

Apple pushes out 12 updates today – servers still unmanageable

Published on 14 Nov 2007 at 1:52 pm. No Comments.
Filed under apple, mac, mac os, server, software update.

Apple has released 12 software updates today, including the overdue Mac OS X 10.4.11 update and a security update for 10.3.

I have several 10.4 servers in need of the .11 update. When I upgraded my iMac to 10.5 I could no longer use the 10.4 server admin tools. The 10.5 server admin tools told me to upgrade my server to 10.4.11, which has not been available until now.

For all the updates visit Apple Support Downloads or run software update.

Update: none of the four 10.4.11 updates released today is for Mac OS X Server. It looks like I’ll have to keep waiting to be able to manage my servers again.

Second update: a few hours later Apple did release the much needed 10.4.11 Server update.

New MacBook Reviewed

Published on 12 Nov 2007 at 8:25 am. 12 Comments.
Filed under apple, macbook, review.

I bought my first MacBook at about 10:00 AM on the morning they were announced. And for better or worse, I’ve had nearly each revision of the MacBook (the exception being the speed bumped models just prior to the current revision).

The second revision (MacBook late 2006) was significant in that it sported a new processor from Intel – the Core 2 Duo – and an 801.11 draft N Airport card (although this functionality was not initially enabled and required buying a $2 driver from Apple).

This time around Apple has updated the MacBook with a new chipset from Intel (often incorrectly referred to as Santa Rosa) that includes improved integrated graphics and slightly faster processors. This new chipset runs the CPU on an 800MHz bus and supports up to 4GB of memory (up from the official 2GB on all prior MacBooks). Although the bus is running at 800MHz the memory is still running at 667MHz.

The most talked about change is Intel’s new graphics silicon dubbed X3100. Sure, it’s an improvement, but about the only difference you’ll probably notice is that the on-board graphics now suck away more than twice as much of your memory as the previous GMA 950 chip. Benchmarks are about the only place where you’ll see an actual performance difference. For example, Windows Vista rates the GMA 950 at 3.1 and the X3100 at 3.5. That’s an improvement of about 10%. The performance is still far short of all but the worst discrete graphics chipsets, and is certainly not going to turn the MacBook into a gaming notebook.

The processor takes a jump from 2.16GHz to 2.2GHz. With today’s notebooks running at 2GHz+, a 40MHz bump is practically a rounding error. The faster bus may however provide some extra performance in CPU intensive tasks like video encoding. I haven’t run any benchmarks, but it’s suffice to say that the CPU is faster, just not much. And the same can be said of the graphics.

Support for 4GB of memory is great for one thing I use this MacBook for – running Windows. I have a constant need to use Internet Explorer 6 and 7 to test my web designs. I’ve chosen to use VMware to run Windows and avoid the constant rebooting that I’d have using Apple’s BootCamp. More memory is great for virtual machines. With 4GB of memory I can now run both Windows XP and Vista at the same time on top of Mac OS X without the system resorting to paging to disk. I wonder how I ever made due with 2GB.

Unfortunately, the good news ends here. Apple has chosen to make a few changes in this new model that leave me puzzled.

People had complained that the MacBook screen looked “sparkly.” This is not a result of the glossy screen, but that the LCD is 6-bit. The LCD does not support the “millions of colors” Apple claims. In this new revision Apple is still claiming that the MacBook can display millions of colors and has even gone as far as calling the display 32-bit. It’s far from it, it’s a total of 18-bits. Worse yet, in a likely effort to remove the so-called sparkle they have also changed how the screen dithers colors. The sparkle never bothered me much, the new dithering does.

Not to put too fine a point on it, the screen looks like crap. Like it or not, Leopard has large shadows under windows, a translucent menu bar and various other screen candy. All of it looks like crap – like an 8-bit GIF – when displayed on the new MacBook. I miss my old MacBook’s sparkly screen to be quite honest. I couldn’t use this for any graphics work, and I’d be hard pressed to recommend it for watching video, let alone editing it. The same is true for photos as well – the color and dithering make this a bad screen for editing. I hope this is something Apple can fix via a firmware update or new drivers.

You’ve probably seen Apple’s new aluminium keyboards which were obviously based on the MacBook’s keyboard. Apple chose to drop the numeric keypad from the wireless aluminium keyboard. Personally, I feel this was a mistake. Well, the MacBook now has the exact same keyboard as the wireless aluminium keyboard, complete with no numeric keypad. Numeric keypads have been a part of notebooks for as long as keyboard have. For what seems like no other reason than to make the keys look “cleaner” Apple has removed this feature. Oddly enough the arrow keys no longer have “home, end, page up, page down” printed on them, but the functionality is intact. It’s really a mystery as to why they completely dropped the numeric keypad. Is 10-key passé now? I’m sure this will disappoint people, maybe not everyone, but some people for sure.

And the non-sense continues. The Airport card goes from three antennas to two. My only guess is that this was done to reduce costs because it certainly doesn’t improve reception. Other long standing complaints, like the trackpad button feeling “mushy,” have gone unfixed.

I try to tell myself that the MacBook is an entry level notebook so that I don’t feel so bad about it’s shortcomings. But the only real evidence of that is the reduced and degraded features. The price isn’t entry level, I can get a Dell or HP with the same specs for a few hundred dollars less.

If you already have a MacBook and are thinking of upgrading – don’t. Not unless you need 4GB of memory. Even still, although you’ll suffer a little in performance, prior MacBooks do support 3GB RAM just fine.

With this model I believe Apple has focused on improving their margins and not on improving the user experience. I’ve noticed this trend from Apple and I hope it changes soon, or my next Mac is likely to be a PC.

So-long .mac!

Published on 9 Nov 2007 at 2:31 am. 6 Comments.
Filed under apple, mac.

I’ve been a .mac member for as long as I’ve been using a Mac.

Yesterday when Apple replaced my MacBook I had the chance to renew my membership at the discounted price of $69.95. In fact, every time my membership has come up for renewal, I’ve had a purchase coming up and so each year (except the first) I paid $69.95. I chose not to this year, and let me tell you why.

Mostly, the only thing I use it for is email, and email is easy to find. Besides the countless websites offering free email, I also have servers co-located and I could easily host my own email (in fact, I do.) I guess I liked the @mac.com email address, but that’s hardly worth $70 a year.

.Mac also offers a few other features that may be useful to some people. There’s the iDisk, WebGallery and Mac syncing. I don’t have a need for online storage and ten gig isn’t much, honestly. I could get an 8GB thumb drive for the price of a year membership. Besides, I have virtually unlimited storage on my own servers (I realize this isn’t something that most people have.)

As an owner of several Macs the syncing could be very useful. Too bad it’s not. Syncing is hit or miss. Usually miss.

Each time I setup a new machine for .mac keychain syncing it asks me for a password to a computer I no longer own, a password I no longer use. There’s no way to change or remove that password, so I must remember that one password to do one thing — configure .mac keychain syncing.

Keychain syncing is broken. I use Apple’s Server Administration tools to manage my Mac servers. Syncing those passwords always causes corruption of the Server Admin passwords. That means I can’t actually use the keychain syncing, the one feature that might be the most useful to me. I’ve reported this bug to Apple, and it’s yet to be fixed. It’s still open after more than two years.

Preference syncing isn’t what I want. It’s one of those features that could be useful, but isn’t. I like some settings different on my MacBook from my iMac. Preference syncing doesn’t allow you to choose to sync preferences from only some applications or some system settings. It’s all or none.

Mail rules syncing is the backwards of what I’d want. It syncs the rules, but disables them! Only one copy of mail will have the rules active. I want whatever machine gets to the mail first to handle the rules.

With syncing so broken, it may as well not exist as a feature. The other major features, web hosting, groups (gotta be a .mac member to join groups — good luck finding any), iDisk, web gallery and Back to My Mac are all useless to me. The only thing to stick around for would be email, but I can do that myself, so I can’t justify $70 a year for an email address.

Can Apple fix this stuff? Maybe, but I doubt it. They could make syncing work, that’d be nice. I can’t exactly justify $70 for syncing and mail though. They could also increase storage, say to 10 TB, I still don’t need it. But one thing they could do is lower the price to something more reasonable for what is offered.
When I installed Leopard on my iMac I didn’t configure .mac. Same with the new MacBook. Oh, and my Mini. The only thing I did was add my email account to each machine. Guess what? It’s actually been easier without .mac! No constant “sync conflicts,” no keychain corruption. My contacts stay synced thanks to my iPhone and my bookmarks… I don’t use bookmarks.

So for the first time in four years I’ll be without .Mac. I’ll lose the email address in February. That means I have a little bit of work ahead changing my address at various sites, but then I’ll be free. Free of the $70-per-year email bill.

My MacBook troubles may be over

Published on 8 Nov 2007 at 12:52 pm. 8 Comments.
Filed under apple, genius bar, macbook.

You may recall reading about the many problems I’ve had with my MacBook in the past year.

Yesterday I had an appointment at the Genius bar about the disk scratching. I felt I should get a replacement machine, and I went in determined to get one, even if it meant making a scene. Of course, before shouting demands and making a ruckus, I explain the various repairs my machine has had and that I felt I should have the entire machine replaced.

The Genius looked up my serial number, then asked me to wait a minute, he needed to go in back. He came out about two minutes later and said “give me a few minutes while I call someone to bring down your new machine.” That’s right! I barely had to say anything, and they agreed to replace it.

I sure hope this new MacBook is more reliable than the last. It’s the new model released on November 1. I plan to do a review of it here shortly, but I wanted to note a few things:

1. The screen has more noticeable dithering. It’s not “sparkly” as some have described the previous MacBook screens, it’s an even dither, but it’s quite distracting.
2. It comes with a micro-fiber cleaning cloth similar to the iPhones, but as large as the MacBook itself. Very nice touch! I’m glad they brought this back (cinema displays did or do come with them). I wonder if the new iMacs include it as well.
3. It has a unique build of Mac OS X installed. I have no clue what’s different about it.
4. There is no embedded numeric keypad, even though it is advertised as having one.

My MacBook is cursed!

Published on 6 Nov 2007 at 2:16 pm. 2 Comments.
Filed under apple, applecare, macbook, repair.

You may remember yesterday when I wrote about all the problems and repairs my MacBook has had. I was really hoping that the latest round of repairs would be the last.

Today with great glee I opened up my ADC mailing and slid the the disc into my MacBook, only to hear a grinding noise and be left with this:

Scratches are a bit hard to take a photo of, especially with an iPhone, but they’re so bad you can actually see them in this picture.

So, it’s back to the Apple Store for another round of repairs. Since I’m going to have to be dealing with them anyway, I’ll complain about the dead pixels they left me with last time.

iTunes 7.5 sports charge status

Published on 5 Nov 2007 at 6:57 pm. No Comments.
Filed under apple, ipod, itunes.

I thought this was a nice touch with the latest iTunes…

That’s my iPod classic showing fully charged. This status isn’t shown with my iPod 5.5G, iPhone (1.0.2) or iPod nano 2G. I’m going to take a wild guess that the 3G nano, and possibly iPhones with newer firmware do support this however.

My MacBook

Published on 5 Nov 2007 at 6:11 pm. 3 Comments.
Filed under apple, applecare, macbook, repair.

A few days ago I posted my trusty MacBook for sale on Craig’s List. I ended my listing by saying “personally I consider it to be one of the nicest laptops I’ve ever used,” which is ultimately true.Yesterday I ended up a site that lists many different MacBook issues. As I read the list I recognized having had many of the same problems with my MacBook. I still consider my MacBook to be one of the nicest laptops I’ve ever used - primarily because of Mac OS X.The large list of problems with MacBooks can be found at appledefects.com. Here are the ones my MacBook has suffered:

1. Random shutdowns - Oddly, the random shutdowns didn’t surface until nearly a year after I got the machine. When it first happened, the battery was replaced. It continued and in fact, this was one of the most recent repairs to my machine (this time replacing the logic board again), so I’m not sure that it’s actually been fixed.
2. Ticking Fan Noise - This one was incredibly strange, and probably not the same issue described at appledefects.com. My MacBook would tick, like a watch, after it was shutdown. It would tick even with no battery or power connected at all. It would about once per second for several minutes. Perhaps someone left their watch inside my machine during one of it’s many repairs.
3. Palmrest discoloration - I bought my MacBook at my local Apple Store on the morning it was released and within a week the palmrest was a nasty shade of yellow.
4. Destruction of Media inserted into Superdrive - my superdrive destroyed the Tech Tools Deluxe CD that I came with the AppleCare I bought for the machine. The store replaced the disk, and the superdrive.
5. Airport reception is defective or unstable - my airport connect would drop, and refuse to reconnect giving only a cryptic message about there being an error connecting to the desired network. This must have been fixed with some software update as it’s not happened in several months.
6. Poor quality display - The display has always had a very splotchy look. Topped with the fact that it’s 6-bit and dithers the image (contrary to Apple’s assertation that the MacBook can display “millions of colors”) the LCD is subpar. My display has been replaced a few times. Most recently it had developed some dark spots, and a 4″ white line across the middle of the screen. The geniuses at the genius bar tell me it’s my fault, that they’re “bruises” from me applying too much pressure to the display. They replaced the display anyway, this time with one that has two dead pixels.
7. Poor build quality of the bottom case - Loosening the screws at the back of the machine a quarter turn takes care of this.
8. Cracking cases - My palmrest cracked on the right side, as well as the bottom case plastic just below that. The topcase was replaced, once again. I didn’t complain about the crack in the bottom case because it’s barely noticeable, doesn’t bother me, and I didn’t want to overwhelm the geniuses.
9. Display failure - Another issue my display has had is that it will shut off, usually before the machine is even completely booted. A new logic board seems to have fixed this.
10. Improperly sealed case - This is perhaps the most annoying issue, because it seems to be laziness on Apple’s part. Inevitably after coming back from repair there is a noticeable gap between the topcase and bottom case.
11. Inappropriately low speaker volume - Even at top volume I can barely hear the sound coming from my MacBook. The geniuses have told me that this is normal, and I guess it could be. The speakers are pretty much useless though. I’ve never asked for that to be repaired because I almost always have the sound muted.
12. Bad trackpad button - I absolutely hate the feel of my MacBook’s trackpad button. Since my topcase was recently replaced, the button is “stiff” again. However, it will become mushy to the point where it can’t be clicked on either side. Very annoying.
13. Battery failure - I had this as well as the random shutdowns. The replacement battery did the trick on this. The quickest repair of them all, about 5 minutes at the genius bar to get a new battery.

My MacBook has been repaired more than a dozen times now, and in one stretch it was gone for a month! I plan to replace it soon, which is why I was selling it.My MacBook never sold on Craig’s List and I’m not sure what I’ll do with it instead. I may put it on eBay or just hang on to it for a while longer. After reminiscing about all these problems, I’m not sure I can in good conscience sell it to someone else.It does have AppleCare, at least.

Next Entries »

Sponsored Link