MWJ
The weekly journal for serious Macintosh™ users
november 24, 2008
hidden safari shenanigans
The laughable release notes for Safari 3.2 hide its
new features, like the Extended Validation SSL
support that Apple had shown no signs of adopting – until releasing that support. But our coverage
is in MacCyclopedia so we can explain how phishing protection really works. Apple didn’t invent this
stuff – in fact, it appears to be identical to a feature
that’s been in Firefox since version 2.0, with data
coming from the same source. Unlike the Mozilla
folks, Apple won’t explain itself, explaining why
you didn’t learn what Safari 3.2 is transmitting and
receiving, silently, on your behalf concerning the
pages you visit. We’re telling you – along with where
the data is stored, how to browse through it, how
the alert is implemented, and why Apple’s failure to
disclose this is kind of a big deal. Phishing food for
thought, page 1.
executive shuffles
When Apple chose to hire Mark Papermaster from
IBM to lead its handheld devices hardware engineering, the drama-starved press must have done a
happy dance. IBM doesn’t want to let Papermaster
go, and is suing to keep him from working at Apple
based on a non-competition agreement. For that to
work, IBM has to explain how iPods compete with
Papermaster’s former job of designing POWER architecture services – so they’re giving it a shot, even
though there’s dispute about whether such agreements can be enforced at all. The press, for its part,
immediately departed into palace drama and court
intrigue, but it says more about them than about
Apple or IBM. We have the full story in Business
News. Drama-free zone, page 23.
the rest of the news
There’s so much in this double-issue worth of MidNovember News, in every section you like, that we
can’t even begin to summarize it. You’ll have seen
most of it if you’ve been reading the free issues of
MDJ we’ve been distributing to subscribers in the
MWJ RSS feed (for non-trial subscribers only, sorry), as we’ve been doing since April while getting
both MDJ and MWJ rebooted. The product coverage
from those issues is coming once we update it this
week, so look for that, plus the foreshadowed entry
from The Weekly Attitudinal on Apple’s pathology
with release notes, this weekend. Thanks for your
patience – after two weeks back on MDJ, we’re very
tired, but still functional. Massive amounts of cool
news, page 2.
maccyclopedia™
safari 3.2
what you should know and weren’t told
Although Apple rarely pre-announces software updates, the 2008.11.13 release of Safari 3.2 still somehow caught us by surprised. Although Software
Update should offer you the right version for your
system, you can also download individual updates
for Mac OS X 10.4.11, for 10.5.5, and for Safari for
Windows.
Apple’s penchant for cryptic release notes (MDJ
2008.10.14) blooms again, as the company describes
all three versions as featuring “protection from
fraudulent phishing Web sites and better identification of online businesses.” You’d think that the
browser now spoke the name of E-commerce sites
aloud or something, but no: this is “better identification” in the eBay sense. We’ll look at that, as well
as the hidden surprise in the new “phishing protection,” in order.
28 u
2
mid-november news
business news
MWJ 2008.11.24
Pundits may relish pretending to analyze
Steve Jobs, but it’s still the financial analysts
who invent new products and then demand
that Apple create them or be punished in
the market. Barclays Capital analyst Ben
Reitzes expects Apple to sell fewer iPhones
during the holiday quarter than last quarter,
and says that if sales are soft, he wouldn’t be
surprised by a price cut in early 2009 (perhaps from US$199 to free – where does he
think this price is going to go?), or a new
low-end model in calendar Q3 of 2009.
Oh, and Reitzes, whose expertise in
designing consumer products is apparently
well-hidden on his résumé, says it “makes
complete sense” to introduce a giant iPod
Touch running Mac-style applications
for US$600, because the gap between the
US$399 iPod Touch and US$999 MacBook
“needs to be filled and we think it can be
with a premium ultra-portable device using
multi-touch technology.”
So, if you want a really big phone or a
really small Mac that won’t run much software, Ben Reitzes has a touchscreen to sell
you. It wasn’t a one-off throwaway line, either: Reitzes was pushing the same goofy
idea a week later.
What we find fascinating is that when
Apple introduced non-GAAP results last
month to show how many iPhones it had
sold, and how much revenue would have
resulted if the company didn’t use subscription accounting to spread it over a
two-year period, the normal hedging was
completely absent. One reason that iPhone
sales took off in the September quarter was
that Apple announced iPhone 3G in March
2008 and didn’t ship it until July. That
created huge pent-up demand, demonstrated by people lining up for the device
as it started to go on sale. It helped make
Apple’s handset the most purchased consumer cell phone in the September 2008
quarter, displacing the Motorola RAZR for
the first time in three years.
Normally, when pent-up demand or
other one-time events affect Apple’s sales
so strongly, the company’s executives are
all over it in the conference call, tamping
down expectations. “Well, we had this pentup demand that resulted in a sales surge,
but that won’t sustain through this quarter,”
they’d say (to paraphrase). But none of that
happened this time: no talk of the pent-up
demand, no warnings that December quarter sales might not be up by the percentage you’d expect because September quarter sales were artificially high, none of that.
And none of the analysts writing about it in
the weeks afterward seem to have said much
about it either.
Apple’s financial statements are carefully constructed because the executive
team has plenty of first-hand experience
seeing what Wall Street does to Apple when
it doesn’t meet expectations. That’s why the
company’s guidance is always so conservative – they’re numbers Apple is reasonably
confident it will meet, not what it expects to
sell. That makes the decision to talk up how
many iPhones were sold, without strongly
emphasizing the role of pent-up demand,
into a puzzling departure from the norm.
We don’t know what to make of it, but we’re
keeping an eye on it.
A ChangeWave Research consumer spending survey found that only two computer
companies saw an increase in the number of
people who intended to buy their products
in the next 90 days compared to last month’s
survey: Apple and Dell. Apple’s boost appears to come from the new MacBook computers. Dell’s driving factors seem to be
more mysterious, but we’d summarize them
as “people are being thrifty and they think
Dell delivers the cheapest options of acceptable quality.”
The word “consumer” in the story rapidly got lost: MacNN ignored that the survey didn’t include business or education
customers, downplayed that the survey
was only of buyer “intentions,” and came
up with the incorrect headline “Study: new
MacBooks likely 33% of US sales.” If you ignore all the parts where they’re not likely to
be 33% of US sales, sure. (Perhaps MacNN’s
editors, aside from redirecting such stories to the “Electronista” brand they’re still
trying to build, were thinking of Auguste
Rodin’s description of how he made his remarkable statues: “I choose a block of marble and chop off whatever I don’t need.”)
Sadly, MacNN didn’t figure it out even
when ChangeWave released a separate corporate IT survey – the site didn’t cover
this one at all. From Macsimum News, we
see that 45% of the survey’s respondents
will have lower (or no) IT spending in the
March 2009 quarter, compared to only 10%
of respondents who say they’ll spend more
than in the December 2008 quarter. The
site calls that “an accelerating collapse in
US business spending that has now reached
historic proportions – with record pullbacks
occurring both in the current fourth quarter
and going forward.” Isn’t that cheery?
Although Circuit City has made plenty of
management mistakes, it can’t be seen as
a good sign for consumer electronics that
the huge electronics big box retailer chain
has filed for bankruptcy protection (if you
purchased a Circuit City extended warranty, though, it’s still operative, as those are
handled by a third-party company); CNET
News has the FAQ about what to expect
(hint: don’t count on massive close-out sales)
Speaking of PC revenues and of IBM’s divested PC business: Lenovo posted a 78%
drop in quarterly earnings, attributed to
slower shipments and lower margins
Speaking of Dell: Dell Computer posted
income of US$1.015 billion on revenue of
US$15.162 billion for the October 2008
quarter, and earnings per share of US$0.37,
up 9% from the year-ago period, with income up 22%, even though revenue was
down 3% and Dell warned of slowing demand in “almost all” of its businesses (EPS
beat street estimates but revenue did not)
MWJ 2008.11.24
It doesn’t get more cheery. Intel, currently
Apple’s sole Mac microprocessor vendor,
warned investors this month that its previous “gloomy” forecast for the December
2008 quarter “wasn’t nearly gloomy enough,”
as Jon Fortt of Money Magazine put it, calling it “hard to articulate just how bad [the]
news is” that Intel would see unheard of
shrinking sales during the quarter compared
to year-ago numbers. In more concrete
terms, Intel’s previous guidance had a low
end of US$10.1 billion in revenue. The new
guidance from Intel is for revenue of US$9
billion. A billion here, a billion there, and
pretty soon you’re talking serious money.
We mention this because of September
2000, when the tech bubble was starting
to burst. It started when Intel warned of
lower sales, but analysts refused to see any
larger trends in technology and largely ignored the implications. That same month,
Apple warned that Power Macintosh G4
Cube sales were not meeting expectations,
and the same analysts went crazy. They said
these were entirely Apple’s problems, and
that the technology market was healthy.
3
Apple was obviously in dire straits, they
said, and in the next trading day, Wall Street
chopped 50% off Apple’s market value. The
stock price didn’t recover for four years.
We mention this often because the observers who blew this would very much like
for you to forget it. Apple had some problems, but they were related to the end of the
technology bubble – and even when investors and analysts later realized the bubble
had burst, they never went back and corrected their views on Apple. So when Intel
warns of dire results again while analysts
are wondering what Apple will do, we sit up
and take notice.
At least this time, observers like Fortt
seem to realize that Intel’s warning means
bad news for the entire market and is probably not something that can be ignored. (A
similar warning from Best Buy helped hammer that point home.) If Apple’s results were
to disappoint analysts, don’t expect that
calm and reasoned approach to last.
4 u
4
t 3
Dell’s new chief industrial designer is making his presence known with new “splashy
designs” for notebooks, but Dell still doesn’t
seem to get the point – rather than designing systems as a whole like Apple does,
Dell is still building the same kinds of systems and letting customers chooser their
own colors or case patterns, but a skin does
not make a computer’s design better (do
you remember “Flower Power” or “Blue
Dalmatian” iMacs? or wish you didn’t?)
Elsewhere at Dell, chief technology officer
Kevin Kettler is stepping down, although
“multiple sources” tell Cnet News it’s not
related to Dell’s ongoing reorganization, but
rather Kettler picking this time to retire and
focus on charitable activities
MWJ 2008.11.24
Andy Zaks, who’s gotten some attention this
year for accuracy in analyzing the predictions and results of financial analysts covering Apple, says he’s currently estimate that
Apple will earn US$1.2 billion more in the
December 2008 quarter than the consensus analyst estimate; Zaks says that analysts
are generally bearish on Apple (MWJ has
discussed those reasons many times), but
that the “uncertainty regarding the degree
of contraction in consumer spending” for
November and December has led the analysts to the point of “irrational bearish exuberance, [in] that the estimates no longer
reflect even a scintilla of financial reality”
(we would have preferred “irrational inertia,” but we’re alliterative that way)
Analyst Gene Munster of Piper Jaffray reads
NPD market research data as predicting
Apple will see 8% to 16% year-over-year
unit sales growth in Mac computers during
the December 2008 quarter, and iPod unit
sales growth of -14% to -16%, which he still
describes as better than the -16% predicted
by Wall Street’s consensus estimates (we
prefer to say that he expects Apple to sell
84% to 86% as many iPods as a year ago, because negative percentages don’t scale correctly – we’ve seen analysts use figures like
“-200%” that have no literal meaning)
As if Ben Reitzes wasn’t screwing with
Apple’s potential sales enough with unfounded speculation, he’s also telling his
clients that Apple will uncharacteristically
offer “deep discounts on a number of Mac
models” on “Black Friday,” 2008.11.28 (the
day after US Thanksgiving that’s traditionally considered the beginning of the holiday
shopping season), so how many budgetconscious consumers who read this do you
think are now delaying their purchasing decisions until one insanely busy day?
RBC Capital analyst Mike Abramsky has cut
his estimates of Apple for fiscal year 2010
(yes, that’s the one that begins nearly a year
from now), and thinks smartphone sales
growth will slow for Apple in 2009 compared to 2008 (not a hard call to make, since
iPhone sales were much lower in 2007 than
iPhone 3G sales in 2008)
Apple’s newest retail store, at Vintage Faire
in Modesto, CA, is the company’s 250th retail store worldwide
The company’s online presence continues to
grow as well, with the recent introduction of
the Apple Store (online) in the Philippines
MDJ Staff member John C. Welch writes for
Macworld.com about how Apple’s enterprise strategy hasn’t changed, which is news
in the sense that no one was aware Apple
had an enterprise strategy
Since iSuppli’s estimates of Apple component and manufacturing costs are always
ridiculously low, we see no reason to give
the firm any more credibility on its slightly
higher estimates of the cost of the T-Mobile
G1 phone (the first device to run Google’s
Android mobile phone OS)
Apple Inc. stock closed on Thursday,
2008.11.20, at US$80.49 per share, not
just a 52-week low but the lowest price
since 2006.11.06, so it’s really a two-year
low; it rebounded 2% on Friday to close at
US$82.58
legal news
5
MWJ 2008.11.24
our downtime has left us without comment
on Psystar’s ongoing attempts to profit from
Apple Inc.’s software without any of the difficult steps like developing it, licensing it, or
inventing anything. Great legal minds differ
on whether shrink-wrap software licenses
such as Apple’s are valid and enforceable,
and while we know how to read a statute as
well as anyone else, the courts that deal with
Apple continually rule on those statutes in
ways that make no sense to us. Therefore,
we’re not going to speculate on whether or
not Psystar is violating the law by installing Apple’s operating system on non-Apple
hardware, even though that (among other things) is what the license agreement
prohibits.
We suspect that issue will be at the center of any trial that may happen, if Psystar
doesn’t disappear and no settlement or summary judgment obviates the need for a jury.
Whether Apple likes it or not, Psystar could
legally purchase Mac OS X retail packages
and ship them with non-Apple hardware,
but that’s not what Psystar is doing.
Instead, Psystar is opening those packages (presuming Psystar legally purchases
an individual copy of Mac OS X for each
machine it sells), installing the software for
the customer on unauthorized hardware,
and transferring the license (and the alleged violation) to the customer. If Psystar
made its customers install Mac OS X themselves, the violation would be entirely on
those customers’ shoulders – but it’s unlikely that retail Mac OS X discs would boot
and install on non-Apple hardware without
modifications to the installation discs, and
Psystar has no license to modify and redistribute Apple’s discs, either.
When this saga started, Psystar wasn’t
even trying to avoid ripping off Apple’s intellectual property. At first, the company called
its Mac OS X-capable clones “Open Mac”
computers. That’s definitely prohibited:
even if you can install Apple’s OS on your
own hardware, you can’t use Apple’s trademarked hardware name as the name of your
computer. After a quick visit from lawyers,
Psystar changed it to “Open Computing,” a
name so nondescript that it dares you not
to yawn.
At one time, Psystar also copied Apple’s
software updates onto its own site, modified them (if necessary – most of them were
completely unchanged), and offered them
to its customers. The common term for that
is “stealing.” Those updates do not appear to
be available on Psystar’s site now.
When the entirely predictable lawsuit from Apple arrived, Psystar chose the
Chewbacca Defense, and countered by suing Apple for antitrust violations. Psystar’s
idea was that Apple had a market monopoly
on Mac OS computers, and therefore any license agreements or contracts that prohibited competition in that market could not be
enforced. It’s equivalent to saying that since
you’re the only person who writes your weblog, you hold a monopoly on the market
of “your weblog,” so Psystar should be able
to use all your content at reasonable rates or
you’re a market-hating information robber
baron. It’s attempting to define a “market”
so narrowly that any given brand is a “monopoly,” so someone can steal that brand’s
assets and use them without permission.
MacNN reported that one Psystar employee (apparently Psystar had more than
one employee at the time) supposedly said,
“What if Microsoft said you could only
install Windows on Dell computers?” If
you forget that Microsoft has always sold
Windows as an OS for any compatible computer; and forget that Apple has never done
the same for Mac OS X, always treating it
only as the OS for Apple’s own hardware,
then the comment is only mildly laughable.
The courts tend to frown on the idea
that a monopoly market can be declared
around one company’s product, instead of
the normal view that a company’s product
must defeat competition in a broad area to
be recognized as a monopoly. Therefore,
it was also entirely unsurprising this week
when Psystar’s countersuit against Apple
was provisionally dismissed, meaning that
the judge said (to paraphrase), “If this is the
best argument you have, we’re done here.”
Psystar can amend its suit with new argu-
6 u
6
t 5
ments and refile it within 20 business days,
so the cloner firm has about a month to see
if it can come up with a legal reason why
Apple shouldn’t be entitled to license its
own products. It won’t be easy.
MWJ 2008.11.24
If you like keeping up with Apple patents,
and are tired of the endless “OMG APPLE
PATENTED THIS THAT MEANS IT’S
COMING THIS WEEK” reporting that often characterizes the genre, give Macsimum
News a try. Dennis Sellers keeps a watch out
for Apple’s patent filings and describes them
(often directly quoting them) without the
fruitless speculation that a company with a
vast intellectual property portfolio has immediate plans to use all of it.
Recently, Sellers has mentioned new
Apple patents for vector processing improvements (think of what we used to call
AltiVec, but in Intel-world we usually just
hear it described as SIMD), allowing external administrators to create bundles of
E-commerce products, remote control systems that distinguish and ignore stray light
sources, and (somewhat opaquely) adjusting chroma and luminance for video signals
via matrix math.
To get the difference, consider Apple
patent number 20080284696, “secondary
backlight indicator for portable media devices.” The idea is to have more than one
backlight on a portable device, so that while
the main backlight is turned off to save energy, a secondary (dimmer) one could be
illuminated through transparent parts of the
main display, allowing you to see status indicators (like the current time, or “slide to
unlock.”
Macsimum News covered this with
lots of verbatim quotes from the patent, after Sellers’ summary: “In other words, it’s
for always-on status indicators for devices
such as the iPhone.” MacNN’s article had
more diagrams, more hypothetical uses, and
warned that the patent “isn’t necessarily an
indication of any future products from the
company.” It also had a misleading headline:
“Apple files patent for iPod background display.” If you’d rather read the facts than amped-up speculation designed to make you
click through, you want Macsimum News’s
patent coverage.
The Industry Standard notes that the Psystar
lawsuit reveals that Apple Inc. has no corporate-wide E-mail retention policy, a potential problem for future lawsuits (and Apple
attracts lawsuits like TV cameras attract
politicians)
It’s hard to see exactly how people could be
at work, and clocked in, but “not getting
paid” for time spent booting their computers (which MacNN happily turns into
“wait[ing] for their Vista PCs to boot up,”
although the original source article mentions no operating system by name) in
quantities sufficient to go to court, unless
a startup item on their computers is what
“clocks them in” and therefore they don’t get
credit until the whole thing is started – but
it still sounds odd to us
More documents come to light in the lawsuit over Microsoft’s “Vista Capable” labeling program, in which plaintiffs allege
Microsoft lowered its standards for PCs
with a “Vista Capable” sticker ahead of
Vista’s release to benefit Intel’s sales of lesscapable graphics chips – in one of them,
Microsoft’s Jim Allchin says, “I believe we
are going to be misleading customers with
the Capable program”
More of those E-mails from Microsoft disclosed in the “Vista Capable” lawsuit reveal
that when Walt Mossberg told his readers to
consider a Mac instead of worrying about
Vista, Microsoft managers expressed concern that the “Vista Ready” labeling program would not provide the “premium” experience for customers that Mossberg was
recommending
press watch
we were originally quite happy to ignore
Adam Lashinsky’s article in a recent issue of
Fortune magazine because on first reading,
it looks like exactly the kind of Steve Jobsfocused drama that the press can’t help cre-
7
Of course, we’re not sure what we
should have suspected. In a 2002 column
noted in MWJ 2002.06.23, Lashinsky said he
thought Microsoft’s meager US$150 million
investment in Apple in 1997 “bailed out”
the company, called Apple a “quasi-private”
company that couldn’t be run by anyone but
Steve Jobs, and allowed that Apple “[didn’t]
suffer too badly for being a market share
also-ran.” So, alas, to get to the useful stuff,
you’ll have to wade through the Mythical
Apple that people like Lashinsky and ElmerDeWitt construct so they can pretend to be
experts on it. If you can do that, the parts
just about Tim Cook aren’t so bad.
Dan Lyons is discovering that it’s not nearly
as fun or profitable to act like a spoiled ass
when he has to do it under his own name
instead of pretending to be Steve Jobs. After
two years of grabbing attention by saying
nasty and profane things as “Fake Steve Jobs,”
Lyons cashed in earlier this year by writing
a book, jumping from Fortune to Newsweek,
and writing as “Real Dan Lyons.”
We are far from humor impaired, but
we rarely found Lyons’ schtick to be funny.
Half the problem with press coverage of
Apple is that reporters don’t want to write
about facts – they want to imagine a regal
court drama, with Steve Jobs as the love
child of Henry II and Lisa Simpson (yes,
ewwww), and other executives cast in the
rotating roles of Richard, Geoffrey, John,
Eleanor, and Thomas Becket.
If you recognize this as the conflation
of several semi-factual historical dramas,
then congratulations: you’ve got the essence
of most “analysis” of Apple Inc. The closer
writers get to drama and the farther from
fact, the more they seem to be rewarded
and (prepare to groan) lionized. Then came
Lyons, combining the worst of these stereotypes with profanity-filled references to
current events, pushing this narrative even
further.
But part of the fun people seem to have
had from Lyons’ writings were in trying to
figure out who had “nailed Steve Jobs’s personality so perfectly,” as averred by dozens
of people who didn’t work with Jobs (or
MWJ 2008.11.24
ating. The takeaway line: Tim Cook “could
be in line to replace Steve Jobs.” That would
be a scoop if it were in a mid-November
2001 issue of Fortune, but unfortunately,
Lashinsky writes as if he’s just figured it out,
and assumes no one else has, either.
However, if you can get past the opening page of useless Steve Jobs speculation,
and ignore fourth-page errors (Tim Cook
does Apple’s quarterly financial conference calls, not because “Jobs has seen to it
that Cook is getting public exposure,” but
because Jobs has always delegated that responsibility to the CFO, joined several years
ago by Tim Cook in his role as head of operations and manufacturing), Lashinsky
has other people saying interesting things
about Cook, his work habits, and his
compensation.
The interesting part is less than half of
the article and is hard to find – even if you
pick the “print” option from the Web page,
it only prints the current Web-divided page,
not the entire article. The rest is the typical mass media echo chamber, reinforcing (without evidence) old stories of Steve
Jobs as a “global brand” that’s consumers
are really choosing. (In Lashinsky’s world,
people obviously aren’t just buying Apple
products.)
In just one example of the Jobs-focus,
Lashinsky mentions that Jonathan Ive’s appearance in last month’s MacBook production video was “a signal dissected in the
same manner Kremlinologists once used to
analyze the placement of Politburo officials
at May Day parades.” Lashinsky failed to
note that most of this “dissection” occurred
in places that didn’t know that Ive has appeared in most of Apple’s new product videos when those products had entirely new
industrial designs.
Nor does he note that one of the most
prominent people engaging in this speculation is Fortune’s own Philip Elmer-DeWitt,
who “handicapped Apple’s back bench”
back in June, and who nearly a year ago
speculated that Ive could replace Steve Jobs.
It’s not surprising, therefore, that ElmerDeWitt was hyping Lashinsky’s article a day
or so later on his Fortune blog.
8 u
MWJ 2008.11.24
8
t 7
hadn’t in decades). When it was revealed
that Lyons did not work at Apple and had
not met Jobs – was no insider – the praise
only intensified to reduce the cognitive dissonance from everyone who’d been thoroughly had.
Last week, Lyons learned that saying
vicious things about people while throwing
in profanity isn’t quite as easy when people know who you are. On Monday, when
Jerry Yang resigned as CEO at Yahoo, Lyons
was outraged – while working on a story
for Newsweek in October, Yahoo chairman
Roy Bostock, according to Lyons, “swore up
and down to me that Jerry Yang wasn’t going anywhere because he was absolutely the
greatest leader the world has ever known.”
Lyons also wrote:
post – as well as other potentially offensive
entries – to avoid trouble with his new employer (he started writing for Newsweek in
September).”
Lyons didn’t stop groveling there: he’s
giving up blogging altogether rather than
face the music, telling the AP in E-mail, “I
don’t want to jeopardize a job I like (and
which feeds my hungry 3-year-old twins)
over some blog that’s just a funny little
thing I’m doing in my spare time. Or, to
translate this into Fake Steve speak: I’m a
coward and a whore who has totally sold
out to The Man.”
The sad thing is that Lyons was doing the right thing for publicly calling out
sources that lied to him, either on the record or off the record if they asked for that
confidentiality to be “honest.” And had he
built up a portfolio like this writing for a
Web site with a more aggressive tone, he
might have parlayed it into a job where he’s
free to call Yahoo’s PR people “lying sacks
of shit,” especially if he can back up his implication that they knew they were lying at
the time. Anyone can be wrong about how a
deal will go.
But it’s easy to be foul-mouthed and
nasty when you’re hiding your identity.
When your name is on it, people know who
your bosses are – as Lyons learned the hard
way. You can have it both ways, as occasional MWJ contributor John C. Welch demonstrates at his personal blog (soon to be
moving to “adobe-eats-poo.com,” or so
we imagine) and in mainstream articles like
this one for Macworld.com on “Setting Up
and Using SNMPv3 on Mac OS X.”
You just have to work at it. It’s easy to
be the smart-ass when you don’t have to be
responsible for your words. It’s harder – and
more interesting – to do it in the open.
I’d never dealt much with Yahoo
before, and I was stunned by their
PR operators – they’re really an unsavory bunch. During that same reporting this crack team of lying sacks
of shit put one of Yahoo’s attorneys
in Washington on the phone to tell
me, over and over, the true “inside
story” of what was going on with the
Google deal, which was, he informed
me, that the deal with Google was a
sure thing, definitely going to happen, no way in hell is the deal not
going to happen, there are no real
objections from the regulators,
they’re fine with it, the objections
from advertisers are not an issue,
blah blah blah. Then that deal fell
apart. And now Jerry Yang is out on
his ass. The take-away: Do not believe a word that Yahoo says. Ever.
You may have difficulty imagining this, but
Yahoo objected to having its press relations
team called “lying sacks of shit.” And unlike the days of “Fake Steve Jobs,” they knew
where to register their complaints – with
Newsweek, owned by The Washington Post
Co. According to AP, “After Yahoo complained, [Lyons’] bosses agreed his language
wasn’t appropriate for a blog connected to
Newsweek. … Lyons decided to remove the
Brian Caulfield, writing for Forbes, thinks
that if OS X 10.6 Snow Leopard is fast and
stable that it will “endanger” Vista – it’s nice
to see that the computer press’s inability
to imagine a market with more than one
player extends both ways, for after years of
implications that Apple would disappear if
it didn’t dominate the market, Caulfield is
now suggesting Windows will disappear under the mighty crush of Apple’s less-than10%-worldwide market share
Dan Moren had been working with
VoodooPad files on his iDisk for a long time
when a sync error wiped them out – and he
was dismayed to find that neither MobileMe
nor Time Machine had any archives of
older versions, and also surprised that the
MobileMe support representative recommended against using files that you “actively
manipulate, such as a database,” from your
iDisk (we admit that Apple’s iDisk sales
pitch does not exactly say “it’s just like any
other disk,” but it doesn’t discourage the
idea, either)
It’s hard to take any story about Apple’s security policy seriously, even on a site named
“MacNewsWorld,” when it quotes both Rob
Enderle and Roger Kay, names that reliably
indicate the absence of factuality
Given its long-time disinterest in factual
Apple reporting, we’d say the same thing
about The Register, but this perspective on
the Mac’s upcoming 25th anniversary has
credibility because it’s by former MacUser
and MacAddict editor Rik Myslewski – smart
move on The Register’s part, because its
breathless and largely inaccurate rumormongering in the early Mac OS X days made sure
the site has no Mac credibility on its own
Another long-time Mac writer, David
Blatner, shares the lessons he learned a few
days after having his laptop, with “virtually
[his] whole business and personal life” stolen, advising how you can protect yourself
against such an event
At Macsimum News, Dennis Sellers cops
to being wrong that Apple would announce
new consumer Mac products after holiday buying season orders had already been
placed, but isn’t let that dampen his enthusiasm for predicting next quarter’s products
and release dates
The Mac Observer, in a strange move,
is touting its upcoming “Editors Choice
Awards” for the best products of 2008 by
telling developers that they should submit
their products and explain why the editors
Kirk McElhearn, a recent fixture on the
MacJournals-Talk mailing list, explains for
Macworld.com how you can add network
attached storage (NAS) devices to your
home network if you need more shared
storage, noting the drawbacks (“Copying
to and from an NAS device is not lightning
fast; generally, these devices work well with
large files, but copying lots of small files can
be a drag”)
DigiTimes, the Taiwanese newspaper that
covers the electronics contract manufacturing business and is regularly a source of
speculation about Apple’s intentions from
its passing on unsourced rumors from companies that may or may not be building
Apple’s products, says that another Chineselanguage newspaper says that Apple’s “main
OEM partners” report that Apple has reduced its outsourcing for building notebooks in the current quarter by 20% to 30%;
despite the multiple levels of indirection and
lack of any concrete sourcing or verification,
this has already gained traction from people
who would like to make it into more drama
that sells papers, but giving DigiTimes’ record and the sourcing, we see no reason to
take it seriously
Shawn King, host and executive producer
of Your Mac Life, was “at sea” this month,
but this description is apparently about the
MacMania 8 cruise and not the more colloquial definition of the term (which could
also apply)
Now writing weekly for the MacUser blog
(which today transitions to part of the main
Macworld.com site), The Macalope this
week looks at frenzied reporting about the
Mac Mini, whose death knell was started
because Gizmodo knew a guy who knew a
guy who says he heard something about it
(sadly, that’s not really much of an exaggeration), plus MobileMe melodrama and the
analyst follies
9
MWJ 2008.11.24
10 u
10
t 9
MWJ 2008.11.24
Expos is running it, but “Appleworld” isn’t
gonna happen – Apple already has a trademarked name for “Apple”-related trade
shows, last seen in the early 1990s for the
Apple II: “AppleFest”)
should choose them (have they not been
reading the coverage on their own site?)
Ziff-Davis, fresh out of Chapter 11 bankruptcy protection, is ending the printed version of PC Magazine with the January 2009
issue; the title becomes all-digital with PC
Magazine Digital (which we imagine to be
some combination of PDF and Flash, but
copy-protected and less friendly), and of
course pcmag.com continues at full strength
Arik Hesseldahl of BusinessWeek’s “Byte of
the Apple” blog finds himself beset by critics after he says that HP’s Touchsmart tx2
notebook beat Apple to the market with
a multi-touch device, defending himself
against criticism he won’t name (it’s from
MacDailyNews, and they’re right, it’s easy to
contact them) that Apple added multi-touch
trackpads to its notebooks earlier in the
year; Hesseldahl argues that HP’s notebook
counts because it’s a multi-touch display,
not a multi-touch input device
Over at Macworld Labs, James Galbraith
obtains a build-to-order 2.8GHz 15-inch
MacBook Pro and puts it through the
benchmark tests, finding “one lively laptop”
that compares very slightly favorable to an
eight-core 2.8GHz Mac Pro on three of nine
tests but loses on the other six, still turning
in quite respectable scores – 26% faster than
the top-of-the-line build-to-order MacBook
Pro of June 2007
PC World, not content with those benchmarks, uses Boot Camp and tests the
new MacBook Pro (Late 2008) running
Windows XP (and Vista) playing 2008-level
games – and while the system wasn’t knockyour-socks-off gamer fast, it was “comfortable” and, compared to the MacBook Pro
(2.4/2.2GHz) models, “a performance leap
that’s certainly worth crowing about”
Ted Landau wonders if it’s time to change
the name of the annual trade show away
from “Macworld” since it’s becoming more
and more about non-Mac products from
Apple (probably not as long as IDG World
Philip Elmer-DeWitt of Fortune admits to
being fascinated by shifting circles in the
New York Times
internet news
We’re all used to the idea that the vast majority of spam comes from botnets – millions of hijacked computers on the Internet
(usually, but not always, running versions of
Windows with unpatched security holes or
insufficient virus protection), silently doing
malicious things in the background without
the user’s knowledge. If these infected machines are not rooting around for personal
information to send back to the infector,
they’re sitting as zombies waiting to receive
a command, such as a message to send as
E-mail using a spam-sending program provided by the botnet owner.
The benefit of a botnet is that the infected computers are hard to trace to the
botnet owner: they’re distributed all over
the world, in corporations and in homes, on
cable modems and on big university pipes,
with no specific pattern. Only one machine
on your residence’s block, or in your workplace, may be infected – but if that’s replicated on every block or in every workplace,
that’s millions of vicious puppets.
Yet the command and control centers
of these botnets are more centrally located
than you might have believed. Since the IP
addresses of the individual bots may change
over time, the attacker loses contact with
them unless the infected programs check
in with the botnet’s command and control
center. Therefore, much like the root DNS
servers, those controlling computers have
to be at fixed domain names, or at one of a
fixed list of IP addresses. (You’d think that
the infection programs would have a facility to obtain new command-and-control IP
addresses, but to get them, they’d have to
check in with the existing command-and-
In other news on the spam front, the Adium
X developers have released an optional
Challenge-Response plug-in that hides messages from people who aren’t on your contact list until they answer a simple question
that you provide (with the answer that you
also provide)
Researchers have found a slim exploitable
vector in part of WPA, the standard that encrypts 802.11 wireless networking transmission; Glenn Fleishman has all of the details
you could possibly want in this piece at Ars
Technica, but there’s not much to do – it’s
not a big attack, you should use AES encryption instead of TKIP if you can, you
should use long random network keys, and
not worry too much about it
WebMonkey’s article about how OpenID is
suffering because “users can’t figure out how
it works” is good, and worth reading, but
it suffers from a bit of irony when you read
the Web page’s title and URL, where the period in the article title is spelled as “DOT”
Ted Landau, writing for The Mac Observer,
explains what unites Rick Warren, Hillary
Clinton, and Dolly Parton in opposition to
using unlicensed frequency for wireless data
transfer: the devices would interfere with
wireless microphones
Of course Steve Ballmer said Microsoft
would look at open-source HTML rendering engines like WebKit when asked about
it – the alternative would have been dismissing it altogether, which would have
driven the press even crazier than not dismissing it did
More interesting news via Ars Technica:
Google says that 0.238% of all Google users worldwide have IPv6 enabled and prefer it to IPv4, thanks largely to increased
market share for IPv6-capable Mac OS X,
especially in the US: “In fact, no less than
2.44% of Mac OS [X] users are IPv6capable, compared to 0.93% for Linux and
0.32% for Vista”
Adam Engst explains one of the deep mysteries in the interaction between HTML
rendering and VoiceOver after finding that
the Take Control site did not correctly read
the “Download E-book” button on the final
screen for purchasers using screen readers
11
MWJ 2008.11.24
control computers. Like DNS, if your first
server is down and you don’t have others,
you’re not getting anywhere.)
A single firm allegedly was hosting a
huge number of botnet command and control centers, as well as Web sites for other
illicit activity. The McColo Corporation, located in San Jose, CA, was cut off from the
Internet two weeks ago by both of its major
Internet service providers, as reported by
TG Daily, the daily news component of the
Tom’s Hardware site. The Register reports
on the names of the providers who cut off
McColo when presented with evidence of
the activities at the company’s servers, and a
few of the domain names that were no longer resolvable after McColo’s connection
was severed.
How big a difference could this
make? According to SpamCop.net, pulling
McColo’s plug resulted in an instant drop
in measured Internet spam of anywhere
from 10 to 40 fewer messages per second.
SpamCop’s graph of the past month shows
a steep decline in detected spam at the time
McColo was taken off the Internet.
Two weeks later, TG Daily reports, spam
levels still haven’t recovered. Ars Technica
said that McColo tried to use its previously negotiated backup provider (Sweden’s
TeliaSonera) to get back up and running on
Saturday – during the weekend, when security forces would be less likely to react quickly. But they did react quickly, and “that window slammed shut much more quickly than
the Russian thieves anticipated.”
Phil Hay of Marshal8e6 (a security
firm) estimated that shutting down McColo
eliminated 70% of the spam on the Internet.
As Hay told TG Daily, “Only time will tell if
these botnets recover. The key thing is that
the IT security and law enforcement communities learn from [these] events as well.”
12 u
MWJ 2008.11.24
12
t 11
For assistance in deciphering the deep
mysteries of HTML and CSS, explore
NewsGator’s list of “Incredibly Useful
Bookmarklets for [Web] Developers"
Google decided to use a custom browser
plug-in (the supported, content-area kind,
not the euphemistic “Input Manager” kind)
rather than Adobe Flash to add video and
audio conferencing to its free Gmail service, and while the features are a bit limited
at present, it’s still a new line in the sand for
free Web-based communications: competitors need to understand that if they want
to challenge Gmail, they have to provide at
least this level of functionality, and not just
on Windows
We collected this several days ago, but for
an example of the kinds of things people are
doing with Flash, check out Sprint’s Now
Dashboard – this is Adobe’s line in the sand,
saying to everyone, “If your browser platform can’t easily do this, you should be using
Flash” (but can you even imagine how awful
this would be on an iPhone, if Sprint cared
since it doesn’t carry the iPhone in the US?)
A very good reason to have installed this
Security Update 2008-005 or later updates
including it: IDG News says that according a worldwide survey of public DNS servers, more than 10% of them are still “trivially vulnerable” to DNS cache poisoning
attacks fixed (on the server side) by that
update (remember that the client-side resolver cache was not updated until Security
Update 2008-006 or Mac OS X 10.5.5, MDJ
2008.10.14)
If you had “MGM” in your office pool about
which movie studio would be the first to
take advantage of YouTube’s decision to allow full-length theatrical movies, you win
own installer that downloads its malicious
payloads. Intego found it on a porn site that
presented an alert saying the browser encountered a “Video ActiveX Object Error”
and that the user needed to “download and
install missing Video ActiveX Object” to
play the video. The firm (makers of antivirus software, so sometimes we find their
threat warnings to be overstated) classified
the risk as “medium.”
The next day, Intego said that “reports … circulating about a new Mac
‘malware’ or ‘Trojan horse’” are not a serious threat, with a risk level of “very low.”
The “OSX.TrojanKit.Malez” tool, also
known as “OSX.Lamzev.A,” does install a
backdoor in an application that can give a
hacker remote control of the computer –
but the tool does not provide a way to get
the infected application onto the computer.
Or, as Intego phrased it, “Unlike true malware and Trojan horses, OSX.TrojanKit.
Malez requires that a hacker already have
access to a Mac in order to install the code.”
At Webmonkey, Scott Gilbertson
wrote, “Yes, that’s right, there’s a new Mac
virus lurking out there in the wild, but unless you’re incredibly stupid there’s no need
to worry.” In Wired’s RSS feed, his article
showed up with the title, “New Mac Virus
Threatens Only the Weak-Minded.” It’s
funny, particularly since the article conflates both of Intego’s memos, describing the
name of the second one but the attack vector of the first one. Oops. (MacNN’s headline for the former threat was, “New Trojan
threatens Macs with installer.” We can just
picture that: “Stand back! I have an installer
and I’ll open it! I swear I will!”)
The folks at Open Door Software, publishers
of Internet Security for your Macintosh, call
Macworld’s new Mac Security Superguide
“a well-done, thorough guide to general
Macintosh security” that’s “more complementary than competitive” with Open
Door’s own book
Cnet News found that Microsoft’s latest
“Patch Tuesday” update includes a fix for
a Windows NT LAN Manager reflection
security news
Intego released news of two new threats last
week, where by “two,” we (and they) mean
“one.” On 2008.11.18, Intego noted a variant
of the “RSPlug” Trojan horse that has its
If under-aggressively fixing problems is an
issue, being too protective can have its costs
also: a flawed signature on a mid-November update to AVG Technologies’ anti-virus
software accidentally marked Windows
XP’s user32.dll file as a Trojan horse and
quarantined or “healed” it, rendering the
computer non-bootable (although it’s not an
exact analogue, imagine a Mac OS X antivirus program removing or “healing” the
loginwindow program and you’ve got a
similar idea, except without loginwindow
you could still boot into single-user mode)
tips and tricks
Would you like to use a Drobo for Time
Machine backups? Data Robotics’ little box
is still making waves: add your own SATA
drives to the US$499 Drobo and have instant “BeyondRaid” storage with data pro-
MWJ 2008.11.24
We’ve noted before (most recently in a
tweet) that MWJ doesn’t normally author
“tips and tricks” because they don’t quite
compute with us the way they do with normal people. A tip is basically an easier way
to do something, but we never know that
other people are doing things the hard way
until we see it happen or we’re told about
it. Something you already know is “basic
knowledge,” while something you didn’t
know is a “tip.” It’s not that they’re not useful – we’re just bad at predicting what people do and don’t know, and therefore we
come off a bit pedantic at times. It takes the
fun out of it for everyone involved.
We were therefore surprised and delighted when we actually knew more about
Cyrus Farivar’s Thursday Tip at MacUser
two weeks ago. Echoing a post from
Lifehacker, Farivar listed a series of “hitherto unknown-to-me” keyboard shortcuts using the Control key. Control, you say? That’s
right – Farivar left out the magic word from
the Lifehacker post (where it wasn’t emphasized greatly): Emacs.
The classic Unix text editor, half of the
eternal “vi vs. Emacs” wars of the 1980s,
used Control-key equivalents for all its
13
commands, as did all computer editors of
the time. (It’s only in fairly recent history
that non-ASCII keys on a keyboard generate there own unique values – in terminal
emulation and Apple II days, Left Arrow
generated Control-H, Return generated
Control-M, among others.)
Since Mac OS X is based on OpenStep,
which was based on nextstep, which was
openly built upon Unix, the original authors
brought in the default Emacs keyboard
commands as well, and they work in all
Cocoa-provided text fields. Those include
the fields in Safari, for example, but not in
iTunes (as of 8.0.2).
If you don’t know about these, it’s because you never used Emacs and never
thought to try them. A seven-year-old entry at Mac OS X Hints explains how to add
Emacs meta key bindings to Mac OS X, referring you to a sample Key Bindings file
you can install, and pointing you to gnufoo.org for more information. In his book
Mac OS X Power Tools, Farivar’s colleague
Dan Frakes noted that you can see all of
those Emacs-style key commands by typing the command “bindkey” on the command line.
Again, they may not be a big deal
to you if you weren’t weaned on Emacs,
but a few of them are reasonably useful. Control-K for “cut” and Control-Y for
“paste” use a scrap that’s completely separate
from the clipboard, so they don’t replace
what’s on the clipboard when you use them.
Also, Control-T to transpose the two characters on either side of the insertion point
and reposition it one character forward (or
transpose the last two characters, if the insertion point is at the end of a line) can be
quite useful – if you remember it, and if
you happen to be in a Cocoa text field. We
eagerly await angry demands for a Control
key on the iPhone keyboard so people can
use these shortcuts there as well.
vulnerability in SMB that was first discovered in 2000 – “That means a known security vulnerability related to a Microsoft authentication protocol sat on your Windows
box for more than seven years, waiting for
Microsoft to get around to fixing it”
14 u
MWJ 2008.11.24
14
t 13
tection, striping, quick recovery, and all that
fun stuff – with minimal setup and capabilities that do-it-yourself RAID implementations often lack, such as the ability to use
drives of different sizes.
While there’s absolutely no problem using a Drobo as a directly connected backup
drive for Time Machine, you might want to
get a little bit creative. Drobo lets you add
more drives to a running device and, when
it can integrate them, it makes the size of
the drive “bigger.” You might want your
Time Machine backup to get bigger, too,
and it will – as long as you’re using all of the
Drobo as your Time Machine backup volume, as Apple normally recommends (and
Time Machine implements by default).
If you partition a Drobo so that part
of it is always reserved for Time Machine
and the rest is free for other use, then adding storage to the Drobo later won’t increase
the storage available to Time Machine. Eric
Barzeski explored the issue this month,
sharing his findings that in many cases, using Disk Utility to perform live resizing of a
Drobo Time Machine partition worked just
fine. That would let you partition a Drobo,
then later add storage, and then afterwards
increase the Time Machine partition size.
Naturally, he shared this find.
And what a fuss it started! First, what
Barzeski described is explicitly not supported by Data Robotics. A Drobo is not a
“simple” RAID implementation: the firmware on the device splits your virtual “volume” across all available drives, much like
ZFS does (MWJ 2007.06.11), so not all of
the drives’ capacity is available for data storage. Yet, as noted in that ZFS examination
last year, most operating systems don’t have
a built-in capacity for a volume to change
size: Mac OS X really does not expect a 1TB
hard disk to be anything other than 1TB as
long as it’s mounted.
Therefore, as Barzeski put it, “the
Drobo, like virtually all expandable massstorage devices, ‘lies’ to the computer about
its disk size.” You can have the Drobo tell
the computer that it’s a 16TB drive even if
you only have 500GB of storage in it, because Drobo expects you to add more drives
if you run out of space. It reports the capacity you tell it to report, and starts slowing
down and returning errors if you exceed
your actual storage.
This left him unsatisfied with its use in
Time Machine. Apple’s backup solution automatically removes older files from backups when the disk is full, but Drobo doesn’t
know that, and starts blinking its yellow
lights when the disks get full, wanting a bigger drive or an extra drive. Barzeski wanted
to avoid that by partitioning Drobo so that
Time Machine would never fill it up.
That works fine. It’s the “live resizing”
that doesn’t work – Data Robotics does not
support it, and warns that resizing a Drobo
partition may result in erasing the partition even when Disk Utility says it will not.
Therefore, if you ever increase the storage
in the Drobo, you can’t necessarily increase
your Time Machine partition to grow with
it – and if you try, you may lose all your
backups.
To his great credit, Barzeski got massive
feedback against this idea after posting it,
and went back and “drastically changed the
content” of his article to reflect better ways
to accomplish the same goal – including
creating a sparse disk image on the Drobo
that Time Machine can use automatically,
the exact strategy used on Time Capsule
(which is really just an AFP server in an
AirPort Base Station). He points both to
Automator scripts and command-line instructions for doing it yourself, and it’s safe,
supported, and easy to do.
Since the Drobo is a plug-and-play device, the OS knows nothing about how it
manages all the drives it contains. It just
looks like a block device to the operating
system, and the file systems are managed by
the normal file system code (meaning HFS
Plus for Leopard). When Barzeski resized
his partitions, the OS rewrote the partition
map to include more space for the partition,
and then started adjusting the fixed volume
structures (like the volume bitmap) to accommodate the new size.
There aren’t many of these fixed-sizeper-volume structures in HFS Plus, but
there are a few, and they have to be in a cer-
You won’t find a simpler explanation of the
difference between “Quartz Extreme” and
“Quartz GL” than this one from Apple DTS
engineer David Duncan, slightly modified:
15
“Quartz GL causes window contents to be
rendered using OpenGL rather than the
window being composited in software and
then uploaded as a texture (which is what
Quartz Extreme does).”
Apple’s KnowledgeBase article explaining
how to keep your hard disk data confidential
when getting your computer repaired ignores one problem – if the disk is too damaged, you can’t back it up or securely erase
the drive, perhaps leaving “removing it” as
your only way to retain control of the data
Mac OS X Hints explains how to replace a
file attached to an iCal event with an alias to
the original file, so that any changes made
to the original file show up in the iCal attachment (but if iCal ever starts syncing
those attachments to other computers, the
alias file copied to other machines won’t do
you any good)
Adobe Fireworks CS3 and CS4 have different vector rendering engines, but the newer
product includes for compatibility’s sake,
and Fireworks engineer Sarthak Singhal
provides scripts to toggle between the two
renderers for selected objects, noting that
the major difference would be “a one-pixel
anti-aliasing added to vector objects for
some objects”
At Macworld, Chris Breen recommends the
€15 HoudahSpot 2 utility as a replacement
for “smart folders” in Mac OS X 10.5 when
you want to search in some places but not
others, since Leopard removed this capability from Smart Folders
Breen also explains how to use lots of signatures in Mail, and have Mail alternate between all you’ve chosen, either in sequence
or at random
Elsewhere at Macworld, Rob Griffiths finds
new keyboard shortcuts for setting the sizes
of thumbnails in iPhoto ’08
Don’t like the Data Detectors in Mac OS X
10.5’s Mail application? Rob Griffiths shows
MWJ 2008.11.24
tain place on the disk. If the blocks needed
to grow those structures are already in use,
Disk Utility has to relocate their data to a
new spot on the disk, and update the extent
records for the files that own those extents.
If it can’t do that, it can’t “live resize” the
partition: it can only erase the partition and
write the new structures where they’re supposed to go.
All the OS does is request the right
block from the hard drive. The Drobo responds to that by figuring out which drives,
of all those installed in the device, actually
contains that logical block of data. Since the
Drobo is not necessarily telling the truth
about the device’s capacity, there’s a possibility that the live resizing code will try to
use what it thinks is “free” disk space when
that space doesn’t actually exist (for example, you’ve told Drobo to say it’s a 2TB
volume when you only have 1TB of drives
installed).
In those cases, it appears that Drobo
tries to do its best to shuffle everything
around and fulfill all requests for disk space,
but it may not be able to do that. That’s
when you get unpredictable results, like
what Barzeski calls “slows to a crawl” mode
(when Drobo runs low on space), or perhaps erased partitions from Disk Utility due
to unexpected errors.
So while it’s all an interesting exercise
and everyone learned a lot, it’s not the best
idea: live resizing a Drobo partition will
probably work, but not definitely, and you
can’t exactly predict when it will fail. If you
need resizable volumes on a Drobo, use
sparse disk images – Barzeski has all the
details you need not just to make one, but
to make one that Time Machine will use.
Sparse disk images can grow to use available disk space, so adding more space to
Drobo increases the disk space available to
Time Machine, but within the limits you
specify when you create the disk image.
Everybody wins!
16 u
16
t 15
MWJ 2008.11.24
requires an Intel chip, so the modifier may
have been superfluous)
how to turn them off via a hidden preference, changeable on the command line
At Macworld-owned Mac OS X Hints,
Griffiths reminds readers that adding the
hidden “Debug” menu to Mac OS X 10.5’s
version of iCal provides you with a “New
Calendar Window” item that does exactly
what it says – meaning that you can have
multiple events open for editing at the same
time, one in each window
If you’re having AirPort connection trouble
after installing AirPort Update 2008-004,
MacFixIt suggests using AirPort Admin
Utility to choose a new wireless channel for
the Base Station
Although it probably wouldn’t have crossed
our minds to try to run a MacBook or
MacBook Pro without the battery installed,
except for brief periods while changing
said battery, GearLog reports that doing
so drops the performance by about 37% –
not really surprising for a system designed
around said battery and keeping it charged,
but still useful to know
MacCyclopedia wants to delve into WideArea Bonjour at some point, but until
then, The Apple Blog discusses the US$30
ShareTool, a utility that you use at both
ends of a long-distance (non-LAN) connection to have access to all the Bonjour services you want from anywhere on the Internet,
even having automatic Bonjour service discovery work over VPN
And in a story involving toddlers and hugtackles with an unfortunate PowerBookto-ground incident, Griffiths discovers that
a kernel panic upon boot, and the error
“ALLOC-MEM request too big!” in
Open Firmware, really means “Your AirPort
card has become loose”
It’s not an all-Griffiths show: Friday at
Mac OS X Hints, Kirk McElhearn finds that
you can use the Keyboard Shortcuts tab in
the Keyboard & Mouse preference pane to
apply keyboard shortcuts to Mail’s dropdown menus, including outgoing mail account, outbound server, and signature
At “The Apple Blog,” which is neither “the”
blog about Apple nor a blog from Apple
(how can you adopt a three-word name and
get two of them wrong?), Tom Reetsman
points to Apple’s wealth of free resources
for its products and services, including free
online seminars for most of the company’s
professional products
In case you missed the drama earlier this
year, this brief Apple KnowledgeBase article
explicitly states that Time Machine does
not support backing up to an AirPort Disk
(a USB hard drive attached to an AirPort
Extreme Base Station), but does support
backing up to hard drives inside of or connected to a Time Capsule device
In Apple’s annals of “not supported”
things that we didn’t know: “Boot Camp
is not supported for use on Intel-equipped
Xserves” (it’s not supported on PowerPCbased Xserve units either, since Boot Camp
what a deal!
the third edition of the Give Good Food to
Your Mac promotion is currently underway. The “kitchen” opened on 2008.11.17
and remains so for three weeks. Organized
by Aquafadas, makers of PulpMotion and
BannerZest, the promotional idea is simple
and flexible: build your own bundle from a
list that currently includes more than five
dozen applications. When you add three
applications to your cart, you get a 20% discount on all of them. Make it four and it
jumps to 30%, and for five or more applications, you get 50% off the total. Applications
we note on the list include DEVONagent
and DEVONthink Personal Edition (though
we say DEVONthink Pro Office is the version you need for real shot at a paperless office), DiscLabel, the aforementioned
HoudahSpot, MacPilot 3, RapidWeaver,
the aforementioned ShareTool, SyncMate,
You Control: Desktops, and even Toon
Boom Studio (priced, before discounts,
at US$400 – so if you’re in the market for
Toon Boom Studio, it only makes sense to
get it at Give Good Food to Your Mac and
a few other utilities and still save about
US$100). Other promotions shall certainly
arrive as the holiday season begins, but this
one’s here now and is worth a look.
Our friends at TidBITS Electronic
Publishing are offering their only cookbook, Joe Kissell’s US$10 Take Control
of Thanksgiving Dinner, free through
2008.11.27 (US Thanksgiving Day) with the
purchase of any other Take Control electronic book
Other World Computing is offering rebates
of US$20 to US$120 on some bundles featuring Hitachi hard drives, including everything
from bare drives to rackmount 4TB RAID 0
arrays with FireWire 800 and USB 2.0
OWC also offers Prosoft’s Drive Genius
2.1, normally US$99, for US$50 when
purchased with US$100 with of OWC
or NewerTech hard drives, US$30 if on a
US$100 to US$200 order, and for US$20 if
you buy more than US$200 worth of eligible
products
Microsoft is offering the Microsoft Office
2008 for Mac Special Media Edition (that’s
the one that includes Microsoft Expression
Media, the digital asset organizer formerly known as iView) for “up to 50% off ”
through 2009.01.10, but prices at outlets like
Amazon.com have the package for US$180
(suggested retail price: US$500) and the
upgrade from previous Office versions for
US$110 (suggested retail price: US$300)
Rob Griffiths (that guy is everywhere!)
shares his experiences purchasing a refurbished computer from Apple’s Special Deals
online Web store, finding real deals on refurbished equipment that came in plain
brown packaging but in perfect condition,
with Apple’s standard warranty but at significant savings – he went there to find a
other macintosh news
Ars Technica seems to have the lead on the
story that the new MacBook Pro (Late 2008)
models with DisplayPort 1.2 (an as-yetunreleased standard) include DisplayPort
Content Protection as well, and iTunes uses
it. DPCP is the DisplayPort superset of
HDCP, and transmits protected content in
encrypted form over the cables to the display or other viewing device. The point is to
disallow you adding an unauthorized digital
or analog device into the mix and making
an unauthorized copy of the content – especially a pixel-perfect high-definition copy.
Devices that support DHCP (and now,
DPCP) usually refuse to play protected content on any device that doesn’t support the
same protection protocol. You’re not limited to a given number of DHCP or DPCP
devices, and you don’t have to “authorize”
them to make them work like computers for
iTunes purchased content: they just all have
to support the standard in question so that
the content is encrypted and can’t be intercepted for other purposes.
The first catch, among many, is that
iTunes has apparently been selling video
marked with a tag to require DHCP or
DPCP on systems that have those capabilities, and Apple didn’t bother to tell anyone.
This has led to unpleasant surprises for new
MacBook owners, who suddenly find that
even their expensive 30-inch Cinema HD
displays from Apple can’t play their legally
purchased high-definition content from the
iTunes Store.
With echoes of the secret Safari 3.2
transmissions (see elsewhere in this issue),
Cnet News notes a forum posting alleging a familiar problem: Apple did not update the iTunes Store Terms of Service to
tell customers that their legally purchased
content would no longer play on their legally purchased displays. Those terms were
last updated on 2008.11.12, but the relevant
MWJ 2008.11.24
17
matte-screen MacBook Pro, now that glossy
is the one and only way, but he notes several
other deals (and the rapidly changing nature
of the store’s offerings)
18 u
18
t 17
(xv) HDMI. An HDCP connection
is required in order to view movies
(purchased or rented) and TV shows
transmitted over HDMI.
MWJ 2008.11.24
works fine for a company that’s on the rise,
but when something breaks the wrong way
and Apple needs a sympathetic hearing
from press and customers, you have to wonder if the company will get it this time.
section appears to be the “Usage Rules” in
section 9(b). Even back in the 2008.02.06
version of the Terms of Service, the same
clause was present in a different location:
In the current terms, the same section is
numbered “(xvi),” because Apple inserted a
new section “(xiv)” explaining that you may
manually sync purchased or rented movies to “at least one” device that has manual
sync mode, replacing and expanding on
a rule about syncing movies to iPods. The
part that Apple apparently believes it had
disclosed, and that customers think was not
disclosed, is that DisplayPort counts as an
HDMI interface, so any DisplayPort connection requires the DPCP for purchased
or rented movies (even though some people
have found some older movies that play
over displays without DPCP or HDCP).
The second catch is that since you can
drag windows across monitors while they
play movies, iTunes does not allow you to
play these protected movies at all if a nonDHCP or non-DPCP display is even connected to the system. If you purchased a new
MacBook or MacBook Pro with the intent
of using it solely with an external display,
you’re hosed with iTunes Store content protected in this fashion: it will not play at all
until you disconnect all older displays (like
the aforementioned 30-inch Cinema HD).
This is the same kind of problem we’ve
been noting with Apple: not telling customers what may be bad news and hoping no
one notices – or, that when the news breaks,
it’s contained enough to avoid uncomfortable questions. So far, the company’s policy
on dealing with it remains the same: put the
fingers in the ears and shout, “la la la, we
can’t hear you!” (Or, as Cnet’s Elinor Mills
more politely put it, “What does Apple have
to say for itself? We don’t know and likely
won’t. Apple representatives did not return
repeated phone calls and e-mails seeking
comment over two days.”) Such a strategy
The 1394 Trade Association (that’s the
FireWire industry group, named after
FireWire’s standard name, IEEE 1394b)
says that FireWire is alive and well, despite
Apple’s decision to omit FireWire ports
from the MacBook (13-inch, Aluminum,
Late 2008) models. This created a lot of
Sturm und Drang in the community, because it’s the first consumer notebook since
the original iBook not to offer FireWire.
That naturally led to lots of “FireWire is
dead” speculation – not that the press objected, since any drama about Apple is
money in their pockets.
As with the 2005 decision to omit
FireWire from iPods (MWJ 2005.12.17), we
think this is overblown, and said so on the
subscribers-only MacJournals-Talk mailing list. Apple had already signaled during
its July conference call with analysts that it
would be introducing a new product with
significantly lower margins, and while it
didn’t land in the September quarter, we
now know that product to be the new “unibody” MacBook line. We know these machines are more expensive to produce at
their sales prices than previous models.
On notebooks, peripheral expansion
buses like USB are typically handled by
the chipset – the supporting chips working
with the microprocessor to make a complete computer. It’s not like it was 10 or 20
years ago, where every connection required
its own separate controller. Today, the system controller is responsible for most of the
work – not just moving memory in and out
of RAM, but also providing PCI, USB, audio, and more.
The key engineering decision in the
MacBook (13-inch, Aluminum, Late 2008)
line was to use the Nvidia GeForce 9400M
chip, because it’s both a GPU and a system
controller in a single package. We find it extremely unlikely that this chip, designed to
provide lots of power at low cost, includes
19
the theoretical performance of the specification: 5Gb per second. In fact, real world
rates may be on par with FireWire 1600,
even though that’s rated at only 1.6Gbps.
It might be closer to the just-approved
FireWire 3200, though. It’s hard to tell without real devices in actual tests. USB 3.0
controllers won’t ship until the second half
of 2009, and consumer products probably
won’t appear until 2010, according to the
USB Implementers Forum.
Until then, everyone’s touting speeds
from a Microsoft Windows hardware developer conference (WinHEC) presentation
earlier this month – not a live test, mind
you, but a slide – that said copying a 25GB
HD movie took 9.3 hours under USB 1.0,
13.9 minutes under USB 2.0, and 70 seconds under USB 3.0.
That’s nearly a twelvefold improvement,
but it’s due in part to eliminating some USB
2.0 inefficiencies. If you multiply USB 2.0’s
theoretical top speed of 480Mbps by that
twelvefold factor, you get over 5.7Gbps –
faster than USB 3.0’s theoretical top speed.
Either the new protocols are making better
use of the wires, or the USB 2.0 bus wasn’t
as optimized as the USB 3.0 bus was during
the test.
Nonetheless, the absence of FireWire on
low-end models doesn’t mean it’s going anywhere in general, but the addition of USB
3.0 in the next year and a half definitely adds
pressure to PC makers to justify including
FireWire when USB 3.0 will outpace both
FireWire 400 and 800 at lower cost. Either
FireWire costs come down, or FireWire 1600
and 3200 become “professional” features –
but FireWire is not going away.
Apple’s Jordan Hubbard presented on the
evolution of Mac OS X at LISA ’08, the
Large Installation System Administration
conference, and his sixth slide (publicly
available) about release dates said that OS X
10.6 Snow Leopard has a release date of
“Q1 2009”
The Onion, America’s Finest News Source,
offers an Infographic comparing OS X 10.6
Snow Leopard to Windows 7
MWJ 2008.11.24
FireWire capabilities because most low-end
PCs don’t offer FireWire, and haven’t ever
since Intel kneecapped the idea ten years
ago in favor of the USB standard that Intel
could make totally free.
If FireWire isn’t built into the chipset, Apple would have to add a FireWire
controller and physical layer to the logic
board, at extra cost. It took that step for the
MacBook Pro line, providing a FireWire
800 port (but no FireWire 400 ports, since
all you need is an adapter cable to use any
FireWire device on any FireWire bus). For
the lower-end MacBook models, not intended for professional or “prosumer” use,
they left it out.
It creates real problems for people using
MacBooks more seriously, as USB’s requirement of one device at the root of the tree
means that there is no “USB Target Disk
Mode” on the new machines. It also leaves
people with camcorders out in the cold, because most DV camcorders have FireWire
connections (usually only FireWire 100,
believe it or not, because that’s all you need
for real-time DV streaming) but only newer
ones have USB 2.0 connections.
We would imagine that if costs come
down and Apple can provide the extra features at the same margins later, you’ll see
FireWire returning to the MacBook. On the
other hand, if Apple has the opportunity to
create a great new consumer desktop machine using similar techniques, we wouldn’t
be shocked (surprised, but not shocked) to
see FireWire missing from a future iMac or
equivalent model.
It’s all about cost, and Intel’s relentless
drive to make USB the standard means USB
is cheaper and omnipresent. That’s unlikely
to change with this month’s release of the
USB 3.0, or “SuperSpeed USB,” specification.
One thing conspicuous by its absence in the
specification’s press release: speed claims,
other than “significant … performance enhancements.” The bus protocol overhead,
and the signal degradation problems inherent in backwards compatibility (USB 3.0 is
essentially “SuperSpeed” and USB 2.0 running in parallel, at the same time, over the
same cable) mean that consumers won’t see
20 u
MWJ 2008.11.24
20
t 19
The Apple Blog notes that Apple’s Mini
DisplayPort to Dual-Link DVI adapter,
necessary for the new MacBook (13-inch,
Aluminum, Late 2008) models to drive 30inch Cinema HD displays, is listed as shipping in “4-5 weeks” from the Apple Store
At the SC08 conference in Austin, TX, last
week, attendees celebrated the completion
of the OpenCL specification for the C-like
programming language, scheduled for OS X
10.6 Snow Leopard, which allows programs
to run either on a CPU or on a compatible
GPU at the discretion of the implementation, letting you take full advantage of both
multiple CPU cores and untapped GPU
power (this is just the specification, but it’s
extremely rare for such a spec to be done so
fast, and before the first implementation is
released in a pre-emptive attempt to define
it – and eyebrows shall certainly raise upon
news that Apple is attempting to trademark
the name OpenCL)
“Macsimum iPhone Video” (an odd name,
since as Flash video, it’s not actually playable on an iPhone – yes, we tried) explains
how to disassemble the MacBook Pro (Late
2008) and install new RAM in about 15
minutes
In another one of those technology breakthroughs that makes you wonder about
electronics in a few years, South Korean
researchers have replaced graphite in the
negative electrode of lithium-ion batteries
with porous silicon particles (because nonporous silicon expands when it contacts
lithium), extending the battery life as much
as eight times what it is in today’s lithiumion batteries
developer news
We don’t want to let the iPhone take over
this publication like it seems to do everywhere else, but we think the recent discussion about whether or not Google is using undocumented APIs in its iPhone application deserves some clarification. John
Gruber started the ball rolling by pointing
out that Google’s new voice-enabled search
disables the touch-sensitive screen when
you lift the phone to your ear, just like the
Phone application does when you’re, you
know, using it like a phone.
The proximity sensor that makes this
work is not a public API, and section 3.3.1
of the current iPhone SDK Agreement says,
“Applications may only use Published APIs
in the manner prescribed by Apple and
must not use or call any unpublished or private APIs.”
At Ars Technica, iPhone guru Erica
Sadun responds that, as with Mac OS X,
there are different levels of “private” APIs.
Linking to private frameworks is a very bad
idea on “OS X,” no matter whether it’s on
the iPhone or on a Mac. They’re for Apple’s
use, and they’re not guaranteed to remain
the same or even exist in the very next software update. What Google is doing, Sadun
says, is calling an undocumented public
API – a routine that’s in a public framework
but not documented by Apple.
This is a lot more common than you’d
think. As Sadun phrases it, “The App Store
is absolutely littered with unpublished
APIs.” So is the “/Applications” folder
on your computer – developers who decide
they need (or sometimes, just want) access
to an undocumented system feature often
roll the dice and use undocumented APIs.
The question, however, should not be
whether Google’s use of the proximity sensor is “Sauron” level evil or “a minor jaywalking.” The issue is consistency, and hypocrisy. Apple has blocked more than one
application in the App Store for “violating
the iPhone SDK Agreement.” And yet when
Google made a big press splash about its
new voice-activated iPhone application,
Apple let it through the App Store.
Apple is free to offer Google separate
SDK terms than it does to everyone else,
and that may have happened, since the two
companies are close partners in a wide variety of initiatives. Apple is free to poach features from its third-party developers, as it
always has, and as it appears to have done in
denying sales of Podcaster so it could incorporate the same download-podcasts-now
feature in the iPhone and iPod Touch 2.2
software, available today. And other applications that use unpublished APIs are in the
store: we can name another iPhone application that uses the proximity sensor, but we
won’t, because we don’t want anyone vindictive at Apple to remove the application out
of spite.
But developers are also trying to earn
money and make a living. If Apple is going
to block their work from being sold at all
for nebulous “violations” of the iPhone SDK
Agreement, the company owes all developers
clear explanations of exactly what does and
does not violate those terms. If Google can
do it, why can’t anyone else? If more companies than Google can do it, why were some
developers blocked after their applications
were finished, prohibiting them from selling
their work in the only allowed method?
As noted elsewhere in this issue, a company on the rise can get away with hubris
like this (at times) without difficulty. When
times get tougher, those companies rely on
the goodwill of customers and developers
who are highly invested in the company’s
products. Apple is burning through that
goodwill like it was heating oil at the South
Pole, and like heating oil, there really isn’t
an endless supply. Customers often forgive;
developers have long, accurate memories.
21
MWJ 2008.11.24
Open Radar is the latest third-party attempt
to settle another long-time developer problem with Apple: the company’s bug reporting system, Radar, is closed to anyone outside the company. The old “Roach Motel”
slogan comes to mind: bugs check in, but
they don’t check out. Developers can submit
bugs, and get limited information back on
the status of the bugs they file, but that’s it.
Isn’t that enough? Often not: developers want to know if Apple already knows
about the bug, because that way they could
simply add their information (and urgency)
to it, rather than file a completely separate
bug report and wait for someone at Apple
to merge them together. Bugs get “closed”
without explanation, so developers don’t
know what happened to their problems,
especially when the status is “works correct-
ly.” The bug gets fixed or it doesn’t, but either way, you’re unlikely to ever know what
happened.
Developer Tim Burks put Open Radar
together using Google App Engine in an
attempt to let developers build their own
parallel version of Radar. Apple often tells
developers, truthfully, that Radar can’t be
opened to the public because the bug reports contain confidential information. If
you’re reporting a bug in Snow Leopard
for a new and unannounced program you
hope to debut at Macworld Expo to huge
surprise, you don’t want it to show up on
AppleInsider three months ahead of time
because someone figured out that reading
the bug database was a good idea.
Burks writes, “OK, but if there were a
way for me to check a box to allow public
disclosure of my submissions, I’d almost always be willing to do that.” So would other
developers – but that’s only half the problem. The Radar information they don’t see
includes Apple engineers diagnosing and
trying to fix the problem.
We haven’t seen an actual Radar bug
from the inside in about 15 years, but the
discussions were open and freewheeling.
They include explicit references to proprietary techniques and sometimes the code
itself, talk about other Apple projects that
may not be announced (or that may never
see the light of day in the form described
in the bug report), and insulting references
to other Apple engineers and especially to
developers.
Yes. Sorry, developers, but some of your
bugs are stupid, and you all know it – you
just hope that the stupid ones come from
other people, but you know there are some
stupid bug reports. Resolutions of these
bugs in Radar, at least a long time ago, used
to include such recognition. It also wasn’t
uncommon for engineers to note that they
weren’t going to take very complicated and
rare bugs seriously when they came from
developers with a history of breaking the
rules and hoping everything worked out the
right way.
A favorite example from the Apple IIgs
days came from a developer that had prob-
22 u
MWJ 2008.11.24
22
t 21
lems with the desktop computer’s graphical toolbox – the human interface routines
weren’t working correctly. They had to be
started in a particular order, and he wasn’t
doing that. Apple corrected his code and
sent it back to him. The developer replied,
“Thanks, but I don’t want to start them in
that order. I want to start them in this order, and the system crashes when I do, and
that’s a bug.”
Well … no, it’s not. If you want to back
a car out of a driveway, you have to do a
few things: start the car, put your foot on
the brake, put the car in reverse, release the
brake so the car moves, put your foot back
on the brake, put the car in drive, release the
brake, and step on the gas.
You can rearrange some of these steps
if you like (such as putting your foot on the
brake before starting the car), but if you try
to rearrange too many of them, you won’t
go anywhere – or if you put the car in gear
before you have your foot on the brake,
you’re going to do just what this developer’s
code did: crash. That’s not a mistake in the
implementation of the car.
The question is not just what information developers are willing to share, but also
what information Apple is willing to release,
and how much effort the company is willing to take to sanitize its own implementation discussions at every level so that if
AppleInsider reads them, there won’t be any
disasters. That’s all aside from Apple’s other psychosis of pretending there aren’t any
bugs so it doesn’t have to document when
they’re fixed, but it’s not as simple as developers willing to disclose their own bugs.
Programmer Peter Hosey, who’s written
parts of Adium and Growl, attempts to explain the public but undocumented OSAKit
framework for accessing the Open Scripting
Architecture from Cocoa
Macworld explains how developers exhibiting at Macworld Expo San Francisco 2009
can submit their products for consideration
for the “Best of Show” awards
Bill Bumgarner notes that Apple has released the source code to AutoZone, the
Objective-C garbage collector in Mac OS X
10.5, part of the Objective-C 2.0 specification, but says it is “actually a fairly generic
scanning, conservative, generational, multithreaded, language agnostic collector” that’s
also used by MacRuby
Programmer Matt Gallagher demonstrates
a technique for using NSDictionary to
eliminate state-based conditionals from
your code by keeping an array of objects to
maintain that state instead
Gallagher also explains how to use singletons, application delegates, and top-level data instead of the traditional “global
variables” in your well-written Cocoa
application
Tim Wood of OmniGroup shows how to
create a superclass of CALayer in case
you want Core Animation to animate layers whose content changes during the
animation
Brent Simmons’ advice to would-be independent developers is short and effective,
but after we got restarted, we’d forgotten
that the time it takes to read his advice is
approximately how much sleep indie developers get each night, too
Brandon Walkin has released BWToolkit,
an Interface Builder 3 plug-in (under the
BSD license) that allows drag-and-drop implementation of common modern UI elements such as tabbed sheets, transparent
controls, preferences windows, button bars,
“and more”
Michael Tsai’s comments on Cathy Shive’s
KTUIKit with a basic layout manager class
seems as smart as anything we’d say about it,
so read it and the comments (and chime in
if you like)
Nick Bradbury, author of FeedDemon (the
Windows analogue to NetNewsWire) says
that after adding automatic error reporting to the application, he discovered that
“the top three most common problems were
23
never reported in our support forums,” adding, “If I [hadn’t] add[ed] error-reporting to
FeedDemon, it’s possible that I’d never have
known about these bugs”
business news
the papermaster chase
ibm and apple tangle over executives
Nothing sells papers (or Web page impressions) like
drama, and Apple Inc. has unexpectedly created some
with a shakeup in the executive ranks that doesn’t
involve Steve Jobs or rumors about his health, clothing, parking spot, dietary habits, or vocabulary. While
the saga provides interesting peeks into the executive
suites in East Fishkill and Cupertino, there’s not as
much drama as the papers would like you to believe.
the story so far
On November 3, 2008, Tony Fadell, Senior
Vice President, iPod Division of the Company
became Special Advisor to the Company’s
Chief Executive Officer. In this new position, Mr. Fadell no longer will be an executive officer of the Company. In connection
therewith, Mr. Fadell and the Company have
entered into a Transition Agreement and
a Settlement Agreement and Release (the
“Transition Agreement” and the “Settlement
Agreement,” respectively), under which Mr.
Fadell will receive a salary of three hundred
thousand dollars annually, and will be entitled to bonus and other health and welfare
benefits generally available to other senior
managers for the duration of the Transition
Agreement, which remains in effect until
March 24, 2010. The Transition Agreement
also provides for the cancellation of outstanding and unvested 155,000 restricted
stock units held by Mr. Fadell. Upon approval by the Compensation Committee
of the Company’s Board of Directors, Mr.
Fadell will be granted 77,500 restricted stock
units that will vest in full on March 24, 2010,
subject to his continued employment with
the Company through the vesting date and
MWJ 2008.11.24
Earlier this year, Apple thought about hiring
Mark Papermaster, IBM’s VP of Blade [Server]
Development. Papermaster was a college classmate of Bob Mansfield, who used to work at IBM
but is now Apple’s senior VP of Mac hardware development. Papermaster is, according to IBM, the
company’s top expert in the POWER architecture
that, nearly two decades ago, became the basis for
the PowerPC architecture shared between Apple,
IBM, and Motorola. (That part of Motorola is now
Freescale Semiconductor, in case you didn’t update
your scorecards.)
According to Philip Elmer-DeWitt’s chronology
(and he’s so excited by the drama), Apple was interested in hiring Papermaster for “an unnamed ‘senior
leadership position’ involving product development
in consumer electronics.” Such a position would have
had nothing at all to do with his work at IBM, so
there would have been no problem with trade secrets
or working for competitors or any of that. But “a few
weeks” after Papermaster met with Steve Jobs, the
company told Papermaster that the job was no longer
open. He was offered a lower-level executive position,
but Papermaster, who at that time had been with IBM
for over a quarter of a century, declined such a move.
In September (or so it seemed), Tony Fadell told
Apple that he and his wife (a VP of human resources at Apple) were stepping back to spend more time
with their family. This became public knowledge on
2008.11.04 (when most of the US was distracted by
this little election thing) when Apple filed its annual
10-K report with the US Securities and Exchange
Commission. Item 9B on page 91 says, in its entirety:
24 u
MWJ 2008.11.24
24
t 23
further subject to accelerated vesting if the
Company terminates his employment without cause. The restricted stock units are payable upon vesting in shares of the Company’s
common stock on a one-for-one basis. The
Settlement Agreement includes Mr. Fadell’s
release of claims against the Company and
agreement not to solicit the Company’s employees for one year following the termination of his employment.
Some of you know that MDJ’s founders and early testers were among those who helped turn out the lights
on the Apple II division at Apple back in the early
1990s. Back then, Tony Fadell was a college student
enthusiastically working on Apple II hardware and
software projects (MWJ 2004.05.26). If you’ve read
the biographical articles about how his turbulent
times at Philips, you would call this the “before he
was sane” period.
We’re not going to pretend that we’ve been in
contact with Fadell in years, but everything we know
about the younger Fadell, and everything we know
about watching Apple’s executive movements for well
over a decade, combined to give us absolutely no reason to doubt the story of his departure. The agreement keeps him from competing with Apple for a
year and a half (and rewards him for not competing),
and prohibits him from soliciting Apple employees
for a year after that. Apple is making the kinds of
products Fadell has always championed, and they’re
doing it with market-crushing aplomb.
If Fadell really is restless, then what he has in
mind simply wouldn’t fit within Apple’s strategy at
all, but he also wouldn’t accept a salary to “advise”
Steve Jobs if he intended to pursue other projects.
But more importantly, after the insanity of the past
decade, the man deserves some time off with his
family. It’s been seven years since Apple released the
first iPod. It’s hard to even imagine the kind of effort
that division has pulled off in that timeframe, from
“it’s too expensive and no one will buy it” to dominating the world music player market and reinventing the product at least three times.
Fadell’s employment agreement ends on
2010.03.24, and we originally suspected that date was
a year and a half after he told Steve Jobs he wanted to
step down. Apple had to find a new executive to lead
the iPod and iPhone division, and that person had
to fit in with Apple, be extremely talented, and know
enough about hardware engineering to understand
the problems and solutions of building powerful
handheld battery-powered devices.
Apple thought of Papermaster again, despite
his work with servers over the years. Papermaster
interviewed with Jobs and with the iPod team in
Cupertino, and on 2008.10.10 (a Friday), Jobs made
Papermaster a “once in a lifetime” offer to head
Apple’s iPod and iPhone division – a title whose significance we originally missed (more on that later).
On the following Monday, Papermaster told his
bosses at IBM that he intended to take the job in
Cupertino.
There was, however, a small complication since
Papermaster’s February experience with Jobs. In
April, Apple purchased PA Semi, a maker of custom
PowerPC chips. You may recall the speculation at
the time that Apple was going to build its own chips
for the iPhone, or the iPod, or for a new no-Intel line
of Macs, or whatever else someone thought would
make people read a story. Later in the year, Steve
Jobs offhandedly said that the acquisition was to help
create low-power chips for Apple’s handheld devices. Since Apple already has extensive experience in
building, debugging, and shipping PowerPC-based
operating systems and applications, this makes a lot
of sense.
However, the part of Apple that designs
PowerPC-compatible chips is directly in competition
with the part of IBM that designs POWER-based
servers and microprocessors. This led IBM to try
to get Papermaster to reconsider – first by offering
him a large raise, and then by reminding him that he
signed a non-competition agreement that bars him
from working for an IBM competitor for one year after leaving IBM. The company offered Papermaster
a year’s salary if he would honor it – that is,
Papermaster would quit IBM, do nothing for a year,
draw full salary, and then get to work for Apple in
November 2009. Papermaster declined.
And IBM responded by suing to enforce the
non-competition agreement. To make the “competition” work, IBM says in its suit that Apple is going to start selling its own microprocessors, as well
as servers using those new chips. That would make
Papermaster an addition to a direct competitor of
his old division, the very thing that the agreement
Papermaster signed would prohibit.
When the SEC filing became public, Apple similarly publicly announced Papermaster’s new job and
Fadell’s transition. The lawsuit was already public record by that point, but the press really noticed it on
2008.11.07, when Judge Kenneth M. Karas of the US
District Court of Southern New York granted IBM’s
request for preliminary injunctive relief, ordering
that Papermaster “immediately cease his employment
with Apple Inc. until further order of this court.”
Papermaster did not accept this silently: he
counter-sued IBM to invalidate his non-competition
agreement with IBM as “unreasonably broad in that
it purports to impose an unreasonably lengthy time
limitation.” IBM was ordered to post a US$3 million bond to compensate Papermaster for his lost
employment time in case IBM’s lawsuit to stop him
from working for Apple does not ultimately prevail
in court, and IBM has now done so.
or, maybe not.
[K]eep in mind that when Apple introduced
the video playback features on the iPod, the
company was quite clear that they didn’t
know if there was a market for handheld
video playback or not. No other device has
succeeded in that market. But as Steve Jobs
put it, “Because millions of people around
the world will buy this new iPod to play music, it will quickly become the most popular
portable video player in history.”
Jobs elaborated for CNBC, noting that
Apple would sell millions of iPods this quarter whether or not they had video playback
MWJ 2008.11.24
we would have been happy to stop thinking about
the matter there, but that became difficult when we
learned that John Gruber disagreed with our view.
Gruber, who obviously has good sources within Apple
Inc., as demonstrated by his September-October
scoop on the MacBook (13-inch, Aluminum, Late
2008) announcements that stared a minor speculative
furor, says he heard a different story.
First, Gruber points out that Papermaster’s job
title (until enjoined by a New York federal court
from working for Apple) was higher than Fadell’s:
Papermaster was (or is) to be Apple’s “senior vicepresident of devices hardware engineering,” where
Fadell was “senior vice-president of the iPod division.” Since the iPod is now but one of Apple’s “devices,” the presumption (echoed by Gruber’s sources
and common sense, but not officially confirmed
by Apple) is that had both men stayed at the company, Papermaster would have been Fadell’s boss, or
similar.
If Papermaster were to be in charge of all of
Apple’s device hardware engineering, there wouldn’t
be room for Fadell, overseeing just one part of it, to
report directly to CEO Steve Jobs. Gruber writes,
“The word on the street in Cupertino is not that
Fadell was pushed out the door, but that he was never offered a role like Papermaster’s, encompassing all
of Apple’s handheld hardware engineering. The iPhone has eclipsed the iPod as the A-Team at Apple,
and Tony Fadell does not sound like a B-Team sort
of guy.”
To support this theory, Gruber offers a story
that when Apple first decided to do a phone, Fadell
(and, “according to one source, former Apple ex-
25
ecutive Steve Sakoman, a NeXT veteran) wanted to
build a device more like a traditional iPod using a
Linux operating system, where Scott Forstall (#18 on
the 2005-2006 MDJ Power 25, MWJ 2006.07.02) and
Bertrand Serlet (#7) wanted to use a stripped-down
version of Mac OS X on the phone. When the latter
team won, and the iPhone became what it is today,
Fadell’s star was fading in Cupertino – not because
he “lost,” but because Apple had chosen to build devices down a path that didn’t interest Fadell as much.
We can see that happening. We have long believed that Apple did not set out to build a phone
running some version of OS X, but rather that once
the company decided the phone needed to have
wide-ranging capabilities, it went with OS X because
that’s the OS it happened to own. A decade ago,
Apple or any similar company would have written its
own operating system for such a new device (think
“Newton” or “Palm”), and it would have taken two or
three additional years to get to market. Apple chose
an existing OS because that’s what would get the
phone on sale in 2007.
“Linux” doesn’t mean a command-line phone.
Lots of consumer devices use Linux behind the
scenes, including the TiVo digital video recorders –
they’re so popular that the company’s name has all
but become a verb for “record on a DVR.” (We had
to abandon a TiVo-powered DVR at GCSF World
Headquarters to get HDTV from our satellite provider, and we miss it terribly.) But it also doesn’t necessarily mean “application platform” – Linux is the core
of a lot of embedded devices that don’t accept thirdparty applications at all.
So you can gauge our own track record, here’s
something from MWJ 2005.11.16 about what Apple
and Steve Jobs actually said about the iPod with
Video when it was introduced that year:
26 u
MWJ 2008.11.24
26
t 25
features. Now that they do, suddenly there
will be millions of handheld video players
in the world. He said, “Let’s see what happens.” If handheld video takes off, great. If it
doesn’t, Apple still sold millions of iPods. The
iPod with Video is smaller, lighter, and more
powerful than the model it succeeded even
without video playback features. Apple essentially found a way to add video playback
for free. If no one uses it, Apple hasn’t lost
anything – and imagining that the company
is realigning itself around some imagined
video strategy is farcical on its face.
We believe that when video worked out reasonably
well, Apple started making more video products to
test the waters, starting with Apple TV. That product hasn’t taken off (Apple executives still call it a
“hobby” when asked about it), but Jobs reportedly
told employees at a company meeting that Apple TV
was supposed to be the fourth leg of Apple’s revenue
stool, with the first three legs being the Mac, iPod,
and iPhone. Even though that hasn’t worked out,
Apple is in good shape precisely because its executives did not bet the company on it succeeding. They
put it out there at an affordable price with reasonable
margins to “see what happens.” So far? Not much.
The iPhone appears to have been conceived and
executed the same way. Other than the massive R&D
effort, Apple protected itself with the device’s introduction. With a US$599 retail price and an exclusive
carrier partner that agreed to pay monthly revenue
for the phone, Apple protected its margins – if the
iPhone had failed, the company wouldn’t have been
in financial trouble. When it succeeded wildly, Apple
got aggressive on pricing and international sales.
We believe this same philosophy guided the
iPhone’s operating system. Functions for a phone,
video playback, and iPod controls were a given.
However, once the company decided to add Wi-Fi
and Internet access (perhaps, originally, just to offer
the option of purchasing from the iTunes Store), it
made a lot more sense to go with the OS and applications it already had than to try to build something
new from Linux. Using its own tools (like Cocoa)
would accelerate development and make it easier to
write new applications in the future, if that became
warranted.
The idea of third-party development became an
option, but it didn’t require planning an SDK from
the start. If the phone succeeded, Apple’s engineers
could canonify the APIs available outside the company and allow third-party development. If not, they
needn’t have worried about it.
However, once Apple started allowing third-party software, the iPhone stopped being a device and
started being a platform. That was new. The older iPods allowed some games from a few carefully selected developers, but general third-party software could
not run on iPods. Not so with the iPhone, powered
by a largely familiar OS. Once you’re making a platform, you have to keep it compatible with existing
software. (The iPod games didn’t have this issue –
Apple sold them as compatible only with the iPod for
which you purchased them. Since new iPods often
had completely different processors or operating systems, the games couldn’t be transferred to newer iPods, nor were they ever intended to be.)
Platform engineering is a lot different than device engineering. Consider the next iPhone, whatever features it may have. We don’t know what
processor it will have, or what hardware it will use,
but we know what operating system it will have, what
minimum features, and so on. People like Fadell had
their biggest successes starting with blank slates and
putting components together to build new things.
Now that Apple’s device path is cemented with
OS X iPhone, there’s no more of that. Papermaster,
if he gets to assume his job, will get to consult on
hardware and integration and stuff, but the OS is predetermined.
Apple’s devices hardware engineering is now
the same as Mac hardware engineering: making new
hardware for one OS. They are their own clone makers. It’s easy to see Fadell not wanting that job, or
Apple not thinking he would succeed in it. It’s also
easy to imagine him really wanting to step back,
spend time with his family, and rest after a whirlwind seven years that Gruber describes as, “without
question … an enormous success,” whose iPod idea
“turned into one of the biggest hits in consumer electronics history” and “reshaped the music industry.”
So while we had no reason to disbelieve Fadell’s
stated reasons for departing, we have no reason to
disbelieve Gruber’s sources, either, since he (and
they) have earned credibility. With that credibility comes scrutiny, though, and this video of Jobs
“deleting” Fadell at the iPhone introduction is just
silly. Even if Gruber means this as a lark, which
seems likely, he’s now getting attention from mainstream reporters who aren’t quite as hip to the irony.
With things like this on one of the most popular
Macintosh commentary sites, is it any wonder that
writers like Fortune’s Adam Lashinsky try to find
hidden meaning in every gesture that Steve Jobs
makes in public? Yeesh. (See “Press Watch” in “MidNovember News,” this issue.)
(We do learn something useful from Gruber’s
post, though: if you append the anchor “#5m15s” to
a YouTube video URL, YouTube starts buffering and
playing the video at the 5 minute, 15 second mark. It
works for any time in the video, although times under one minute must be expressed as “#0m30s” or
similar. Don’t be surprised if you didn’t know this –
the feature apparently only went live a few weeks
ago, and does not seem to be documented by Google
itself.)
full-court press
27
MWJ 2008.11.24
The press loves this drama because it gives pundits
license to engage in one of their favorite effort-free
activities: speculating that Apple is lying about everything it says and secretly has plans to build every
product in the world and crush all markets with unstoppable design while Microsoft holds bake sales.
There is simply no evidence, anywhere, to suggest
that Papermaster – who was interviewed for what
appears to be a job unrelated to PA Semi months before Apple bought PA Semi – is going to work on
POWER-related products except as they relate to
using those processors in handheld devices. IBM
makes neither handheld devices that compete with
the iPod nor phones of any kind.
We should note that London’s Times Online reports that IBM claims to have invented a new kind of
memory that stores bits based on electron spin, that
can run “weeks” on a single charge with a “fraction”
of the power requirements. It’s relevant, and now public, only because IBM says Mark Papermaster knows
this new, unreleased technology and might take it
to Apple with him. (We learned about this from
MacNN, although shame on the site for not linking to
the source article.) But that might actually be interesting, so your pundit corps has no use for that.
Mark Stephens, still writing as “Robert X.
Cringely,” produced a big steaming pile of glyphs
saying that that Fadell was forced out due to the
personality conflicts that Stephens constantly imagines are the entire contents of the business days at 1
Infinite Loop, based (once again) on exactly zero evidence, and then again jumps into Steve Jobs’s mind
and tells you what Steve Jobs really wants, which is
for Papermaster to produce products that compete
with IBM, because Steve Jobs is always lying about
everything.
For Stephens, the great thing about being a pundit is that, to him and apparently to his bosses, a 0%
accuracy record in Steve Jobs analysis in no way disqualifies him from making up new stories. Stephens’
view of Jobs was set in stone in the early 1980s, and
it’s never, ever going to change. People who pay attention to Stephens’ rantings about Jobs and his motivations do nothing but waste their own time.
It’s not just Stephens and his eternal Steve
Jobs-didn’t-mature-past-1984 fixation that can’t
resist trying to create more drama than exists.
InformationWeek’s Paul McDougall cherry-picked a
quote from Papermaster’s court response: “I do not
recall a single instance of Apple being described as a
competitor of IBM during my entire tenure at IBM.”
The full statement was, “Aside from the divested IBM
personal computer business and a single sale several
years ago of Apple’s Xserve product to a university,
I do not recall a single instance of Apple being described as a competitor of IBM during my entire tenure at IBM.”
When the truncation that made Papermaster
look daft was exposed, McDougall revised the article with the missing context and added a note
that he updated the story on 2008.11.09 “to expand
Papermaster’s comments on the competitive relationship between IBM and Apple in order to provide greater context.” It would have been nicer if
InformationWeek had admitted to removing this
context in the first place, and not tried to grant itself extra credit for “providing greater context” when
caught at it.
Similarly, we’re unimpressed by the revelations (in MacNN’s earlier story, among others) that
Apple considered hiring people other than Mark
Papermaster for the job. By everyone’s description, Papermaster is not a perfect fit for the position
Apple’s trying to fill. Executive positions at Fortune
100 companies are hard to fill. (Remember how well
Apple’s search for a CEO to replace interim CEO
Steve Jobs worked out?) The only mildly intriguing
part about it is the long list of people Apple had under consideration (ten seems to be a lot for a position
of this importance), and how surprised the technology press seemed to be that Apple acted like a large
corporation filling a senior executive position.
The more interesting aspect is whether or not
this case, filed in Federal court because IBM’s chip-
28 u
28
t 27
MWJ 2008.11.24
t 1
designing business is in New York and Apple’s headquarters is in California, will have any lasting effect
on non-competition agreements (NCAs) in general.
Earlier this year, California’s Supreme Court ruled
that California state law “prohibits virtually all contractual provisions that purport to limit a former employee’s ability to compete with a former employer.”
That summary comes from the law firm of Nixon
Peabody, which recently had its own victory in having certain New York NCAs declared unenforceable.
The opinion of law firms on the Internet is that
you should hire a law firm to tell you if your NCA is
enforceable or not. This page says that NCA enforcement in New York is “quite limited,” while this page
says that in Ohio and New York, NCAs “are routinely enforced.” This page cites a New York case that
the magic green bar
eBay, along with other companies that have big
money, have offered their own solution to avoiding
phishing sites: spending big money. eBay is a leading proponent of Extended Validation SSL certificates, a special kind of SSL certificate only issued to
companies that pass extensive vetting from certificate
authorities, including an independent audit and possibly a physical inspection by the CA of the server
being secured.
Since these certificates validate more than the
domain name of the responding server, browsers
that support them display more prominent security verification. Because of the vetting required, EV
SSL certificates start at around US$500 per year, and
from top-name CAs like VeriSign, can cost as much
as US$1500 per year. Domain-name only SSL certificates cost US$20 per year, or less. eBay believes that
phishers can’t pass the vetting, and crooks that could
pass the vetting won’t want to spend the money on a
certificate that would get blacklisted as soon as illegal
activity became evident.
That’s why you’ve heard noise in the past year
about eBay requiring all browsers to support EV SSL
certificates, and prominently display the green bar of
security that proves eBay paid for its expensive EV
SSL certificate, or eBay will not allow those browsers to conduct transactions on eBay (and maybe on
its PayPal subsidiary, too). Internet Explorer 7 and
later on Windows do this, as does Firefox 3.0, as you
can see on DigiCert’s test page. Safari 3.1 creates a secure connection to that page without difficulty, but it
threw out an NCA because the duration of one year
was considered too long when measured against the
needs of the employee, an IT professional; the court
found that in IT, a one-year hiatus “is a relative eternity as technology progresses so quickly in this field.”
Another firm thinks you should attend its teleconference on 2008.12.11 to learn more about it.
We’re fairly sure this isn’t as dramatic as storystarved editors will try to make it, but it should at
least be interesting. Courts appear to be leaning towards narrowly interpreting NCAs or throwing them
out altogether, and there’s at least disagreement about
how far New York courts will go in enforcing such
agreements. Plus, as long as people with ink get to
imagine they’re explaining Steve Jobs to you, they’ll
never tire of it.
doesn’t show you the Green Bar of Security that eBay
paid for.
Apple had not announced any plans for Safari to
add this important green bar. Therefore, eBay kept
making noises about “banning” Safari in hopes of
forcing Apple to play along – and then backing down
when people heard about it and raised hell. Apple
still has not announced any plans to support EV SSL
certificates.
Safari 3.2 simply does it, without even telling
you. Once you’ve installed the update, visit DigiCert’s
aforementioned test page (make sure it’s the secure,
https version) and look at Safari’s padlock in the
upper-right corner of the window. Well, look next to
it – you’ll see the name of the owner of the EV SSL
certificate in green, similar to the magic Green Bar of
Security displayed in Internet Explorer 7 or later, or
Firefox 3 and later.
Keep in mind that the encryption level is the
same as in previous versions – you can see that for
yourself in an older Safari by clicking on the padlock
on the same page and seeing that everything is encrypted perfectly well without EV SSL recognition.
An extended validation certificate is just an SSL certificate at heart, and all SSL technology works with
it. (One difference: Safari 3.2 contains the DigiCert
High Assurance EV Root CA as a root certificate,
where Safari 3.1.2 recognized that certificate because
it was signed by another root CA, the Entrust.net
Secure Server Certification Authority, but that makes
no functional difference.)
Those companies that have paid the bigger bucks
for the EV SSL certificates will now see their names
29
(RSS syndication) frameworks. The version of
WebKit enclosed with Safari 3.2 is behind the version
you can get in nightly builds from the open-source
Web Kit project that Apple founded and still shepherds, and Safari 3.2 does not appear to have many of
WebKit’s latest enhancements. It’s missing the redesigned Web Inspector, it does not pass the Acid3 test
(it scores 75/100, just like Safari 3.1.2), and it doesn’t
seem to have the faster SquirrelFish JavaScript engine, much less the newer SquirrelFish Extreme
version.
If you’d like to dig around the changes yourself,
we’ve posted an OPML-formatted hierarchical list
of all the files in the Leopard version of Safari 3.2.
Because the update changes both Safari and WebKit,
you can expect that Input Managers and other patches to Safari’s code will break after installing the update – perhaps preventing launch, or perhaps not
functioning correctly. If you’re lucky, the patch simply won’t load if it finds a new version of Safari, so
you lose the features of unauthorized Input Manager
patches but can still use the browser. You can expect
a parade of updates from Safari-patching utilities
over the next week.
phishing protection
At first, we thought the “protection from fraudulent
phishing Web sites” promised in the three-sentence
release notes referred to the browser’s new and unexpected support for Extended Validation SSL certificates. That was not correct. There is an entirely
new anti-phishing feature, enabled by default in the
“Security” pane of Safari’s preferences. When you
try to visit a site that’s “known” to try to attack you,
Safari stops and warns you with a pseudo-dialog box
(in a Web page window or tab) about it.
If the site is suspected of phishing for your personal or financial information, the text reads:
MWJ 2008.11.24
displayed next to the padlock, in green. Again, this
is really only anti-phishing technology if you know
to look for the green indicator, and you don’t panic
when you reach secure sites (like MWJ’s own subscription page) secured with a far less expensive “domain-only” certificate.
If we’re very lucky, this will force the mushy
middle of the SSL market to either offer EV certificates less expensively, or offer domain-only certificates competitively. It’s somewhat ridiculous in 2008
that VeriSign (and its Thawte) division would charge
US$300 for an SSL certificate with validation that
doesn’t show up in a browser, where companies like
DigiCert can provide EV SSL certificates with visual
indicators for only slightly higher prices. Now that
all the major browsers display signs of EV SSL validation (excepting Opera, which has had partial nonvisible support since 9.5b1 and has announced plans
for full support), there shouldn’t be much of a market
for expensive certificates that don’t have enough validation to trigger the Green Bar of Security.
The only other documented changes are security
fixes, and most of those apply to the Windows version. The ones that don’t concern cached auto-completed form data that may be submitted even when
you don’t see it, a boundary error in JavaScript, and a
memory corruption problem in CSS handling. Over
at TidBITS, Glenn Fleishman points out that several
of the Windows fixes were due to Safari’s inclusion
of zlib 1.2.2, a version that became outdated in July
2005. Mac OS X contains zlib as part of the system,
and it got updated there through normal security
and system updates over time, though we can’t tell
you exactly when.
Once again, you’ll notice that Cnet News implies that the list of security fixes are all the changes
in Safari 3.2, not even bothering to mention EV SSL
support – although, we admit, more people might
have mentioned it if Apple itself had mentioned EV
SSL support instead of using weasel words about
“identifying businesses.” None of the articles we
read on release day mentioned “extended validation” or “EV SSL,” save for the comments section at
Ars Technica. (Jacqui Cheng’s write-up correctly described that eBay, or its PayPal subsidiary, had been
pushing for the change, but only called it “phishing
protection.”)
The update requires you to restart because
it’s not just a new version of the Safari application
(though it contains that). It also contains new versions of the WebKit, JavaScript Core, and PubSub
The website you are visiting has been reported
as a “phishing” website. These websites are
designed to trick you into disclosing personal
or financial information, usually by creating
a copy of a legitimate website, such as a bank.
On the other hand, if the page you’re visiting is a
“known” distribution point for malware (viruses,
trojan horses, other programs that can control your
computer), the text reads:
30 u
MWJ 2008.11.24
30
t 29
The website you are visiting appears to contain malware. Malware is malicious software that may harm your computer or otherwise operate without your consent. Your
computer can be infected just by browsing to
a site with malware, without any further action on your part.
We are unaware of any current method for an attacker to actually download and run code on your system
by visiting a Web page “without any further action
on your part,” but that’s always the goal of attackers,
so it seems sensible to err on the side of caution.
This is far more active and pervasive “protection” than we had found in our first look. Quite
frankly, we didn’t go looking through the preferences
or testing malware sites because nothing in Apple’s
ridiculously minimal release notes suggested there
was anything to find. The company couldn’t even
bother to use the phrase “extended validation SSL
certificates” even though eBay had been making a
huge fuss about them for the past year, so once we
figured that out, we thought that was the end of new
features. We were wrong – once again, Apple’s refusal
to disclose led us to incorrect decisions.
But this time, the company’s intransigence in
telling you what it has changed in the software you
use may have further consequences. How Safari
could “know” about these phishing and malware sites
raises all kinds of interesting questions, so we spent
last weekend in the office researching them (which is
why this is a double-sized issue of MWJ). Now we can
tell you with reasonable confidence how it all works –
but because Apple has not done the same thing, we
cannot say with certainty that it is completely private,
or that Safari is not sending information about the
pages you visit to a third party.
We believe that Safari 3.2 is not doing that, but
only Apple can say so – and you get one guess about
whether the company has bothered to do so or not.
Let’s begin with how these sites are “known.”
the basic problem
Phishing sites are designed to fool people into thinking they’re the real thing, so your computer doesn’t
have much of a shot – on its own – of figuring out if
a site that looks like eBay really is eBay. Remember,
the people who designed the Internet (incorrectly)
assumed that all computers on the network would be
trustworthy, so the rules are pretty loose. There’s no
rule that says an eBay Web page URL can’t start with
a raw IP address. Even if eBay had a written policy
that all of its URLs will be in an “ebay.com” domain
name, your computer has no way of knowing that.
Google’s computers, however, have a better shot
at deciphering such attacks. As the world’s leading
search engine, Google has figured out where eBay is,
and knows that a single IP address in China is probably not one of eBay’s servers. Google knows what
banks, credit card providers, insurance companies,
and other firms people try to find, and it therefore
has a reasonable idea that if their images show up in
a page in the wrong part of the world, it may be bogus. It also helps that Google has something like six
umpteen-gazillion times the computing power of the
entire Apollo space program. You may have eight
cores, but Google is still slightly ahead of you.
About three years ago, Google Labs released the
first test version of Google Safe Browsing for Firefox,
an attempt to take advantage of some of this accumulated knowledge. The extension for the Firefox
browser (which had then recently seen its 1.5 release)
examined URLs as you visited them in Firefox, and
warned you if any of them were on one of two lists
that Google maintained: one for suspected phishing sites, and one for sites suspected of distributing
malware.
Google and the Mozilla Foundation have long
been partners, so it was no surprise when Firefox 2.0
included Google’s “Safe Browsing” technology directly in the browser. To no one’s surprise, Chrome
includes it as well. We were surprised that Safari
3.2 includes the same technology, especially since
Apple’s minuscule release notes did not mention the
word “Google” once. MWJ’s investigation convinces us that Safari 3.2’s “protection from fraudulent
phishing websites” is, in fact, Google’s Safe Browsing
technology.
how it works
Even if Google has a list of malicious sites, your
browser can’t check in with Google every time you
visit a new page. On the technical side, it would be a
drag on slow connections, and some decent percentage of the world still uses dial-up Internet access. On
the personal side, it’s somewhat unconscionable to
imagine that your Web browser would report every
page you visit to a central authority, whether it’s one
as well-known as Google or not.
31
Anyway. Before hashing the URL, both Google
and the client must convert it into a canonical form
to make sure that all minor variations (such as using “~” instead of “%7E” are treated the same way,
because otherwise hash values for the “same” URL
would not match.)
When you first launch Safari 3.2, it connects to
safebrowsing.clients.google.com and requests information on the two main blacklists that
Google maintains: a list of known phishing sites,
and a list of known malware sites. Google returns
the list of hashed URLs to your computer in chunks.
The company’s first attempts at implementing this as
an API for Firefox and other browsers required clients to begin by downloading a massive list of all the
sites on the list (as of 2008.11.14, there were nearly
200,000 sites on the two lists combined). Clients
would then have to ask periodically for updates to
the list, removing those items that had expired and
adding new ones.
That’s still what Google’s Safe Browsing API
Developer’s Guide describes, but there’s another
protocol, listed as “experimental,” that more closely
matches what Safari 3.2 is doing. You can read all the
gory details for yourself, but the more important part
is that Google sends the list to Safari 3.2 in chunks,
not all at once, starting with the freshest information
first and gradually filling in older information. The
updates are in a more compact format that avoids
having to send the hashes over the network again,
and the hashes are just prefixes of longer numbers to
avoid sending huge amounts of data over the wire.
Hash prefixes aren’t hashes, so if you’re visiting
a page whose URL matches a hash prefix, Safari 3.2
goes back to Google and asks for the full hash for
the prefix in question. Google responds, and if the
full hash matches the hash for the URL in question,
Safari knows that this page is on Google’s list of malicious sites.
MWJ 2008.11.24
The other alternative is for your browser to keep
a list of malicious URLs itself, so it can compare each
page you visit against the list. Such a list would need
periodic updates from Google because phishers and
other purveyors of malware often use compromised
computers for their attacks – one computer may only
be “good” for attackers for a few hours.
But that poses its own problems – if network
administrators know about some of these malicious
URLs, then transmitting them over the network
could trigger firewall problems. On top of that, many
of the URLs might have variants that also get you to
the malicious page. (You can typically append a useless parameter onto any static page and get the same
results; some phishers do that in their URLs to avoid
simple detection.)
Google solves this problem by sending the
browser a list of hashed URLs known to be phishing sites or distributors of malware. We’ve discussed
hashing in these pages before, but as Wikipedia aptly
puts it, “A hash function is any well-defined procedure or mathematical function which converts a
large, possibly variable-sized amount of data into a
small datum, usually a single integer that may serve
as an index into an array.”
More specifically, we’re talking about a cryptographic hash function. Wikipedia concisely says,
“The ideal hash function has three main properties – it is extremely easy to calculate a hash for any
given data, it is extremely difficult or almost impossible in a practical sense to calculate a text that has a
given hash, and it is extremely unlikely that two different messages, however close, will have the same
hash.” The Google Safe Browsing technology uses
MD5 cryptographic hashes of every URL on the list
so each one is of a known length and sensitive to any
changes.
Although MD5 is an older function, its nominal
replacement, the SHA-1 function, has some theoretical vulnerabilities as well. A Bruce Schneier reports
for Wired, that the National Institute of Standards
and Technology has launched a competition to replace the SHA family of functions with the next
generation of cryptographic hash algorithms. It’s
fascinating stuff, because as Schneier says, “without
cryptographic hash functions, the Internet would
simply not work.” NIST got 64 entries for its competition; Schneier reports, “Twenty-eight submissions
have been made public by the submitters, and six of
those have been broken.”
poking around
You can see some of this at work for yourself if you
want to play with the file system. Safari stores all of
the data from Google using folder names that are
difficult to decipher. If you look in the folder at “/
private/var/folders/”, you’ll see one or more
folders with two-letter names. One of those that’s not
named “zz” will contain another folder with a much
longer random name. That folder contains a folder
named “-Caches-”, and inside it, you’ll find a folder
32 u
32
t 31
named “com.apple.Safari”. The full path is “/
private/var/folders/xx/yy/-Caches-/com.
MWJ 2008.11.24
apple.Safari”, where “xx” and “yy” are unique to
your system.
Once you find that folder, you’ll see two files
within it: Cache.db and SafeBrowsing.db. The
former is indeed Safari’s cache, which used to be
located at “~/Library/Caches/com.apple.
Safari” until Safari 3.1, and is now located here.
(If you have a Cache.db file in that older location, it probably hasn’t been modified since you installed Safari 3.1, and you can safely remove it.) We
only looked at this on Mac OS X 10.5.5 systems;
Mac OS X 10.4.11 systems may store such information in a different place.
We originally thought that these databases were
created by Mac OS X’s Core Data framework, because they’re SQLite 3 databases, and that’s what
Core Data uses for non-trivial amounts of data.
Michael Tsai corrected this misimpression when it
appeared in MDJ 2008.11.17, noting that these are
pure SQLite databases, not created by Core Data. As
Tsai notes, rather simply, “It has to run on Windows,
too.” Apple did not port Core Data to Windows as
part of iTunes or Safari, so Safari does without it for
this function. We thought Core Data created the random names for the folders in which you’ll find the
databases because Mac OS X Server has a similar way
of naming folders randomly for its Software Update
Server, but it’s not Core Data. We know of no rules
that could predict how these names are formed.
As for why the cache and the new Safe Browsing
information is stored in “/var/folders” rather
than in your home directory’s cache folder (“/varî is
a link to “/private/var” on Mac OS X), we think
Tsai is right again: “I think the rationale is that this location is more likely to be fast, local storage than the
‘~/Library/Caches’ folder.” If your home folder
is on a network or using FileVault, the new location
would almost certainly be faster. (You don’t have to
publish mistakes to read smart comments from Tsai;
you can just look at his blog or buy his products.)
The SafeBrowsing.db file contains the blacklists from Google’s Safe Browsing initiative – you’ll
notice that the file was most likely created right about
the time you first launched Safari 3.2, and if you have
the browser open, the file should have been modified
within the past 30 minutes. Google’s rules do not allow
clients like Safari or Firefox to warn you that a page
may be malicious, even if its URL is on the list, unless
the list has been updated within the past 30 minutes.
Since this is just a standard SQLite 3 database,
you can go looking through either the cache or Safe
Browsing database by using an SQLite tool, such
as the free, open-source SQLite Database Browser.
(For £10, or about US$15, you can get a faster,
more Mac OS X-friendly program like Base 1.0, released the same weekend as Safari 3.2 in a happy
coincidence.)
Inside the SafeBrowsing.db file, you’ll find
all kinds of data that matches the “experimental”
2.1 specification mentioned above: hosts, lists using
Google’s “-shavar” format, “add” and “sub[tract]”
chunks, and so on. The list may be even bigger than
our earlier experiments showed: on our production
system using Safari 3.2, the Safe Browsing database
has over 650,000 “hosts” records. The hashes or hash
prefixes are stored as BLOB entries, so you can’t easily see their values. (You can use this same technique
to peruse your browser cache, if you wish, but it’s far
easier to let Spotlight search the files created for every entry just for that purpose.)
If you quit Safari 3.2, remove the
SafeBrowsing.db file (moving it to the desktop
might be safer than deleting it), and relaunch Safari,
it gets recreated, and will grow in size over the next
hour or so, per Google’s updating guidelines. On
our systems, it runs between 22MB and 26MB, so if
yours is smaller, we suspect it just hasn’t been fully
populated.
The Google Safe Browsing API includes a way
for clients to request a key from Google (over a secure, SSL connection) to use in authenticating the
responses from Google, so that a client like Safari
or Firefox can be sure that a response came from
Google – it’s computationally infeasible for an attacker to be able to guess the right key to fool you into
accepting a bogus update that might, for example, remove a real phishing site from the list. However, the
data itself is not encrypted or transmitted over SSL,
as such would be quite a load on Google’s servers for
millions of users requesting large amounts of data
that’s already hashed. Since it’s also computationally
infeasible to turn a hash back into a URL, no sensitive data gets passed around – only hashes.
We ran a network spy on Safari 3.2 while visiting
suspected phishing sites, and when we saw it sending
information to safebrowsing.clients.google.
com just before displaying the “Suspected Phishing
Site” warning, our first thought was that Safari was
sending each URL you visited to Google to check it
against a list. The developer’s guide to the 1.0 ver-
sion of Google’s Safe Browsing API had nothing to
explain this, but the “experimental” 2.1 version does:
when the site’s URL matches the first part of a hash
on the list, Safari 3.2 asks Google for the full 256-byte
hash value for that URL alone, and then compares
the two. Since the Mozilla Foundation points to this
Safe Browsing v2.1 protocol as the technical explanation for how the feature works in Firefox, it seems a
safe bet that it also works this way in Safari 3.2.
If the structure of the “Suspected Phishing
Alert” page itself intrigues you, you’ll find the source
for it in the file “/Applications/Safari.app/
Contents/Resources/PhishingAlert.html”,
presuming you haven’t tried to confuse Mac OS X by
moving the Safari application. It looks something like
a dialog box because it has default buttons, but those
are simply rendered by WebKit. You can’t select any
of the text because the body element has the WebKitspecific CSS attribute “-webkit-user-select:
none” applied to it. (You similarly can’t resize it because it has the attribute “-webkit-text-sizeadjust: none”.)
One implementation note of interest: if you run
nightly builds of WebKit using the “WebKit.app” application as your browser, you’ll find after installing
Safari 3.2 that WebKit suddenly has phishing protection as well. WebKit.app loads its code from Safari’s
application bundle, but loads the WebKit HTML and
JavaScript frameworks from the nightly builds that
you download. Since WebKit’s code is really Safari’s
code, WebKit gains all of Safari 3.2’s code changes.
why we’re telling you this
In addition, if you use Safe Browsing, when
Google warns you about a suspicious site
we may also log that site’s URL and whether
you accepted, rejected, or closed the warning
message. We will let you know when you are
enabling a feature that automatically sends
page addresses to Google, and you can turn
these features off at any time.
We know that Firefox itself does not do this because,
as you would expect, the Mozilla Foundation’s explanatory pages spell out exactly what information
gets sent to Google when you use phishing and malware protection in Firefox:
There are two times when Firefox will communicate with Mozilla’s partners while using Phishing and Malware Protection. The
first is during the regular updates to the lists
of reporting phishing and malware sites. No
information about you or the sites you visit
is communicated during list updates. The
second is in the event that you encounter a
reported phishing or malware site. Before
blocking the site, Firefox will request a double-check to ensure that the reported site has
not been removed from the list since your last
update. In both cases, existing cookies you
have from google.com, our list provider, may
also be sent.
The Mozilla Privacy Policy expressly
forbids the collection of this data by Mozilla
or its partners for any purpose other than
improvement of the Phishing and Malware
Protection feature. The Google Privacy Policy
explains how Google handles user cookies.
The Apple Customer Privacy Policy says nothing
about Safari sending any information to places other
than the Web sites you’re visiting – but as of Safari
3.2, it does exactly that: it fetches lots of information
from Google, and sends (non-identifiable) requests
back to Google when you encounter a page whose
URL is on one of Google’s blacklists.
We must point out here that the v2.1 protocol
has, indirectly, a way for Google to estimate what
pages you’re visiting. If the URL of a page you want
to visit matches the hash prefix of a known malicious
MWJ 2008.11.24
Networking must be transparent to earn your confidence. That’s the point behind EV SSL – verified
authentication that the company you’re talking to is
who they say they are. On a lower level, when you
visit a page in your Web browser, you expect your
computer to get the IP address from your DNS server, get the page from the Web server, and get all of
the assets for the page (images, movies, and so on)
from their locations as specified in the page’s source.
You do not expect your browser to also tell Google,
or even Apple itself, what you’re doing.
Safari is not the first browser with this feature,
though. Although Safe Browsing is built into Firefox
2 and later, it was a Firefox extension before that,
and later part of the Google Toolbar for Firefox as
well. The Google Toolbar Privacy Notice says that, in
33
some circumstances, Safe Browsing collects additional information from users:
34 u
34
t 33
page, Safari 3.2 appears to send that prefix to Google
and ask for the entire 256-byte hash to make sure that
this really is a malicious page (and also to verify that
the page hasn’t been removed from Google’s lists since
Safari’s last list update). Millions and millions of URLs
could produce hashes that start with the same 32 bits,
but if Google gets several requests for the same value,
the company could reasonably infer that people were
visiting the malicious page it had tracked – and since
the request from Safari to Google comes from your
IP address, Google might infer data from that as well.
Mozilla’s privacy policy would forbid use of that data
except to improve the service, but Apple’s privacy
policy does not. Neither Apple nor Google state anywhere that they would only such data to improve the
phishing and malware protection features.
We also note that the Safe Browsing v2.1 protocol mentions a third list beyond the list of phishing
sites and the list of malware sites: a whitelist, “representing sites that are known to be trusted.” The spec
continues, “Note that this list should only be used
for ‘enhanced mode’ clients that do direct lookups to
Google to determine which sites are phishy. In that
case, if a site is on the whitelist there is no need to
send the query to Google.”
Safari 3.2’s “SafeBrowsing.db” file does not
appear to contain data for Google’s whitelist, but the
specification confirms that some clients can, with
Google’s permission, use an “enhanced mode” that
looks up each page you visit rather than maintaining
the list on the client computer. This would be a serious change for Safari. If it were implemented, users
would need to be told about it and how it worked, so
they could make informed and intelligent decisions
about whether to use this feature or not.
MWJ 2008.11.24
the compulsion to hide
And yet, we cannot conclusively tell you that it’s not
implemented today, because Apple refuses to document its changes. Just a month ago in the pages of
MDJ, The Weekly Attitudinal noted the company’s
calculated-if-not-pathological avoidance of discussing flaws in its software. If you did not read that in
MDJ 2008.10.14 from the MWJ RSS feeds, we’re planning to reprint it in MWJ 2008.11.29.
This time, it should come back to haunt Apple.
Even when phrased as friendly to Apple as we can
manage, the fact remains that after installing Safari
3.2, then by default, your computer is downloading
lots of information from Google and sending informa-
tion related to sites you visit back to Google – without
telling you, without Apple disclosing the methods, and
without any privacy statement from Apple.
This is not how companies like Apple are expected to behave towards their customers, even if
Firefox already does it. Mozilla is very clear about
how Firefox does this. Apple refuses to say anything
about how Safari does this, and for no other reason
than that the company simply thinks so little of its
customers that it doesn’t feel the need to keep them
informed about data Safari transmits on their behalf.
For a Web browser to do things like this without explicit documentation is inexcusable.
It also didn’t appear elsewhere: write-ups of the
anti-phishing features in Cnet News and TidBITS,
among others, without noting that by default, Safari
3.2 sends data related to sites you visited to Google
without telling you. The question isn’t why we are
telling you how Safari’s “anti-phishing protection
works.” The question is why Apple didn’t, and you already know there is no good answer.
We sent our analysis to Apple’s privacy and press
relations folks on 2008.11.17 with questions about
the latest consequences of the company’s continued
decision to not disclose information to its customers. So far, it’s been 11 days since Apple released this
change without revealing the information disclosure
to its customers, either in release notes or in its privacy policy. Neither Apple’s public relations nor privacy departments have, as of press time, responded
to MWJ’s queries about this.
We’re not holding our breath.
In the meantime, from what we can tell, the antiphishing features in Safari 3.2 looks as innocuous as
it can be and still be reasonably effective. It does not
send data about the pages you visit to Google unless
one of the matches a hash prefix on Google’s list, and
even then, it only gets the full hash value for the hash
prefix in question – as far as we know. That alone
might be enough for Google to do interesting things
with the data, unless some unstated privacy policy
prohibits it. If you have doubts, or simply don’t want
to spend the network bandwidth on maintaining a
23MB database full of potentially malicious hosts,
you can disable the feature in the “Security” tab of
Safari 3.2’s “Preferences” window.
It would be much easier to recommend leaving
it enabled if Apple believed you had a right to know
when its Web browser was collecting and sending information on your behalf.
notes
Contact us via www.macjournals.com.
MWJ contains news, information, strong opinion,
parody, biting sarcasm, and things you need to know.
Those easily offended should seek information
elsewhere.
Publisher: Matt Deatherage
Staff:
Justin Seal, Jerry Kindall, John C. Welch
Previous issue: 2008.04.23
MWJ 2008.11.24
Copyright © 2008, GCSF, Incorporated.
All Rights Reserved.
35
