MidKnight Gallery

At first glance the two wouldn’t go together. I’m glad to discover I was wrong.

Eifelheim is a book in two ages. A near-future where a historian tries to puzzle out why a town site was abandoned and never resettled, and a small german town in the 1300’s where the local preist is amazed to discover the most unusual pilgrims.

In and about the story, the typical questions are asked and explored about the nature of humanity, as well a few about faith, religion, and the nature of science and research.

I can definitely say I’m glad I read it.

I’ve spent five days with leopard now, installing it four times on three different computers, the most recent one two days ago. It’s left one heck of an impression on me. Mostly favorable. If your Mac can run Leopard, you should install it. The sheer scope of the improvements is worth it. Having another computer, or a .mac account and integration with calendar and other services on a Leopard server will make it even more worthwhile.

Other people have given their short little overviews. Others have released articles in dribs and drabs on different features. Yet others have released a veritable book on the subject. As a result, this review will be heavier on my impressions and what I went through.

I got the install DVD on Friday. The packaging was, as usual, wonderful. I chose my Macbook Pro to install it on as between the three Macs that could be upgraded, it was not only backed up (as they all were), it was the machine I could suffer the most disruptions with.

So in goes the DVD. Reboot, choose “upgrade.” So far so good. I click through the initial menus and let the install procedure start as I go off to make dinner. A while later, my son wanders into the kitchen. “Dad? Is it supposed to have a blue screen?”

Uh-oh. Try the usual precautions. Safe mode boot didn’t work. Doing a file-system check in single user mode proved that the hard drive is still in good shape. I decided it was worth some time doing tinkering. I’d have to help other people out of their troubles after all, so I didn’t want to jump the gun and do an “archive and install” or “clean install”. I may be backed up but I didn’t want to spend hours rebuilding my utilities and preferences.

A little research and I dug up a thread in the Apple Discussion Boards where people were already fighting with the same issue. About halfway down someone had decided to poke around on the premise that a set of system extensions referred to as APE was at fault. APE, or Application Enhancer was a third-party system hack used by Cleardock, Shapeshifter, and other programs that modify the appearance and behavior of the OS. Needless to say this can make the system… unstable.

The official Apple page (recommending an archive and install but giving the instructions I followed) is here. Daring Fireball also has more on the subject, including how the Logitech drivers for mice and keyboards, among other things, can install APE without your knowledge.

So I reboot holding down COMMAND-S on the keyboard into the single-user command-line mode, type in the commands needed to check and mount the hard drive, delete the relevant files, and reboot. Viola! It works.

Finally I got my .mac information set up, verified I still had my mail library and signatures (Mail predictably updated the library) and started to see what changed and testing what broke.

Insofar as the kerfluffle with the stacks and the dock… I don’t mind the new dock, but I prefer to apply the default side-dock format to the dock as it’s cleaner and easier to tell what is running. I found the new stack behavior a little frustrating at first because I had several folder shortcuts that I wanted to go and open up the folder, but most of them I used by right-clicking to get a menu of the contents anyway. So, once I recalibrated my expectations and realized I was trading submenus for easier-to click targets and a slight inconvenience in actually opening up the folders (when actually needed) I was more than happy with the effect. In a roundabout way, this is a return of the “drawers” behavior of OS8 and 9, complete with spring-loaded folders that you can drag files and documents to.

I hate the icons for the stacks. I hate them for the simple fact that as an aggregation of the icons for the contacts, I’m trading a minimum of useless information about the contents of a folder for an easily identifiable target to click on. Without wasting time to hover each one, it’s almost impossible to identify which is which reliably. While I’m not a huge fan of the new dock, and less a fan of the hard-to-differentiate new folder icons, I cannot understate how much I loathe the dock. Please please make it possible to keep a stable icon there!

I discovered to my annoyance that the calendar does not keep a side drawer open with the details of the currently selected event. I can deal with this change because it also makes it clearer when I’m looking at vs. just editing an event, and minimizes screen usage when I don’t need the details. That said, I love the “current time” bar that runs across the window. It did miff me a bit to discover that all of the subscribed folders had been pulled out into their own category from the groups I had them in.

I checked out the new syncing preferences for .mac, and decided to forego the syncing of widgets and preferences. My laptop and desktop have many overlapping uses, but they are fundementally used in different environments (field vs. office) with different tools needed at my fingertips.

Parental controls now allow for remote control of other macs on your local network. Hmmm… so now if all my future computers are macs I can administer the ones my children will use centrally insofar as web access, and get rid of the proxy server I run. I can also set hours for when they can get on online. I can also run Fusion to let my kids play some W98 games like Zoo tycoon… and probably faster than the current old Win machine they have access to.

When waking from sleep, I get to the password prompt consistently faster. The wiki feature in the dictionary is cool, and makes a program I already use regularly vice pulling down my volumes even more useful. I also trashed a “refresh finder” script I had available because Apple finally, finally made it update in a consistently timely manner when new files are added.

Spaces took some time to wrap myself around. The biggest problem was me – trying to figure out a separation of work modes that would allow me to maintain different virtual desktops. That said – if you use it as a clutter remover it works great, because unlike many variants I’d seen, you still have access to all of your apps through the Dock or COMMAND-Tab – which instantly switches you over to the correct screen. After I figured this out I don’t do any manual desktop switching – which is easy enough to do. The one hitch I’ve had is I often use CNTRL-Arrow in text editing, so I have to find another default key to switch my spaces.

Screen sharing is easily turned on if you want to use the “Back to my Mac” .mac feature or just access your desktop from across the house using Chicken of the VNC or the built-in Screen Sharing app. Like all of the network services it’s off by default. The only thing that threw me was that turning on file sharing automatically allowed guest access to the public folders – though the guest account was otherwise disabled. While it’s easy enough to stop sharing out public folders or turn off ALL guest access, it did throw me.

Actually, I like how they implemented guest access in general. You can log in as “guest” and get a temporary, restricted workspace that erases itself when you are done. The next “guest” again gets a pristine, sandboxed space to access the web. This is a great way to give my kids access to my main desktop when they’re online…

Back to screen sharing for a minute. This has a few other implications. First, those of us in tech support and consulting can now easily access the computer of any client that we can iChat with. This feature also reduces the future need to install the more flexible VINE server on many client desktops, though the jury is still out on servers, depending on security needs. This is yet another way that a user-friendly feature will also be a big help for IT folk. it alsomeans that those of us with .mac accounts have less need for a service like GoToMyPC or LogMeIn.

Speaking of big help – Time Machine. This is possibly the biggest single reason to get Leopard – so that you can have effortless, consistent backups. I’ve lost count of how many clients do a poor job in maintaining backups. While it won’t help with keeping copies offsite, this feature will save a lot of headaches where it comes to “oops I deleted my file” or “oops, my hard drive died” in shops where we don’t have our hands on Retrospect enough to make sure that the users files are regularly backed up. Time machine makes this process almost effortless. One thing to beware of – If you have any Paralells or Fusion windows images, you may want to make them exceptions or back them up separately unless you’ve got a much, much bigger backup drive than your main drive. Aperture also has some issues with Time Machine

When installing this on my desktop, I noted a few other things. First of all, while the Sharepoints prefpane was still available, all of the SMB and Appletalk share configuration data had been wiped out. instead, those share points now were in the Apple sharing preference pane. Also, after opening Cronnix, I noticed that ALL of my scheduling CRON scripts were gone that I used for mounting my backup disks. Not much of a loss since I’ll be using time machine anyways, but you may want to back up your Crontabs if you’re geeky enough to use them. (I was using CRON to schedule applescripts and other scripts that I only wanted to run on my desktop instead of through iCal).

Insofar as most of my programs, here’s the rundown:

Mail improvements. Here’s where I got hurt the worst. While I don’t mind saying good bye to mail.appetizer (it can be obtrusive), Mailtags and Mail act-on effectively don’t work. The good news is that the creator is already making it Leopard-compatible, and the “Leopard” beta of mailtags is available. I’ll just hold off for the final version. That said, the note-taking ability is useful, the contact-data sensing is just phenomenal, and it can now indent without quoting! The templates are fluff, but slick fluff, and very well implemented. mail has always been great about letting you pick an alternate outbound server if you can’t reach your default, but now you can also choose a different outgoing server as you compose your email.

Inquisitor, an app that gives me instant search results as I type in Safari doesn’t work. It may never be updated as it relied on access to parts of the Safari WebKit code that Apple has severely restricted access to. I will miss it.

Transmit and Quicksilver seem to work fine overall (with updates) though the “open all files with this tag” feature of the tagging module needs updating. The growl notifications are working just great.

Chax has disappeared, but most of the features it provided were rolled into iChat anyway. As it is I’ll still be using Adium except when I need the new “theater” and “screen sharing” modes.

I haven’t run mine yet, but apparently Photoshop works, though may “crash” upon closing out the program. I know Adobe has posted some other issues but apparently the main graphics programs all work OK.

As noted previously, APE is (very) broken.

LiteIcon, an App that allows you to change the default system icons is broken. We’ll have to wait for an update on that or Candybar (from the iconfactory).

Desklickr doesn’t change the desktop out.

Google Earth needed me to reinstall/download the latest version on my laptop.

My Cisco VPN settings were wiped out. I am not sure yet if simply reinstalling will fix this. I WILL get a Time Machine backup first….

Tinkertool says that it is not fully compatible, but shouldn’t break anything, even if some effects are unexpected.

The Wacom drivers needed to be replaced with a new version.

Internet Explorer 5 (OSX version) still works as well as it ever did, for what it’s worth.

Other things that apparently still work:

• Bonjour Browser
• MagiCal
• Aleph One
• MythII
• MS Office
• FlickrUploader
• Synk (with an update)
• Canoscan drivers

Stuff I still need to test:

• Blender
• Emulators
• Freeciv
• Handbrake
• Lingon
• NeoOffice
• nethack
• Pic2Icon
• Picasa Web Albums

That’s it in a nutshell.

I am about this close to canceling my account with Comcast. After all, I don’t really watch TV and my life would be much more peaceful if I didn’t have to listen to anything else on the Disney channel for a while either. I’ve already been less than exceptionally happy with their response time for connection issues due to cabling (several days to a week), and level of knowledge. What really takes the cake is the experience that a neighbor just had.

Cue up Gilligans Island: “Sit right back and we’ll tell a tale…”

Four days ago my neighbor called and complained that her computer couldn’t get online. I had her check her cable modem and sure enough, the lights weren’t right, and we reset the modem. It worked. For a short while.

The next day the problems came up again. I went over to look, and sure enough, the cable modem was flaking out and not consistently showing a connection light. I had her call Comcast, and amazingly, they were able to get someone out the next day.

The technician came out yesterday, and angered my neighbor to no end. She felt she was being bossed around. She was also suspicious of how often he called in to HQ, though I can’t say how necessary or unnecessary that was. What really got my goat was that after replacing her old Motorola “surfboard” modem with a different modem, he didn’t get it registered. Apparently the system was down at HQ, or possibly Comcast still uses IE5 for their config utility (which of course won’t work on an Intel Mac), or he didn’t know enough about Macs to get them setup, or something, but he couldn’t get the modem registered and activated, and left it that way with her confused about what to do. Note – this can easily be done by calling in the serial number. He also told her that she couldn’t have her cable modem split off the same wall point as one of her TV’s, and that he’d have to come back to run a separate line.

The last tweaked my antennas, because I’ve seen competent cable installers before. I know perfectly well that with decent splitter fittings and filters and tight connections that you can split the signal all sorts of ways and still have it work. Since there is only one cable coming up to the house the biggest practical advantage to splitting the cable indoors is that it’s not exposed to the weather. From previous experience weather can make a big difference. The fittings don’t like to have water in them.

Either way, I went over this morning to get the modem registered, and immediately had problems. It took a long time to get a valid address, and I couldn’t resolve the download site for the software (incidentally this is why I don’t know if they still use IE 5 for mac configuration). I called it in to tech support, and they registered the modem serial number, and I got an address. I thanked them and switched back to the wireless router.

More trouble. Mail started coming in but I couldn’t get to any web sites reliably or get a full page to load. Ping checks were showing 30-60% packet drops – meaning about half of the data was randomly wandering off into the wastelands never to be seen again. So I reset the modem and called tech support. While on hold for “slow connection” I realized I had not yet gotten an address but finally managed to pull up a valid public address as the phone flunky answered.

I refuse to give out this name, because the following help desk idiot is a perfect example of how not to ever talk to a client, even though he started out pleasantly enough.

We went through the script, resetting the modem and rebooting the computer (I actually rebooted in addition to the DHCP renew which would do the trick most times. I also tried disabling/enabling the ethernet port). I slowly received a new address. I even managed to ping the router. What I couldn’t do was resolve names. I tried to point this out to the helpdesk but he insisted that a) I had a valid IP and b) he could communicate with the modem so c) there was no problem and I’d have to take any other issues up with my manufacturer, i.e. Apple.

Here’s where he really proved he earned idiot, and then some. I patiently explained to him that yes, I had an IP address, and I was apparently getting some proper comms as I could ping known IP addresses (at least the router) but I could not resolve names and until I could I couldn’t get a website.

“Well try to open a webpage.”

I stopped for about thirty seconds, and told him “Okay, I’ll humor you.” Of course, no response and no web page. Again, I was told “Call Apple.”

We went through several rounds of this with me explaining that a) I make my living at this, b) I was using my own laptop from across the street and also on Comcast so I bloody well know the computer was fine, and c) I knew for a fact that the network wasn’t, and until they fixed the problem on their end so I could resolve names I never would get online.

I was told effectively “I don’t care,” “I don’t care how many computers you use there and who makes them you have a valid IP so you need to call the manufacturer,” “If it was our problem we’d have other people complaining,” and finally “I don’t know what all this stuff is about names.”

Oh yeah. And “I can’t help you, call Apple.”

After a couple more rounds trying to explain to him that a name lookup was needed to get a website and being told “I can’t help you,” I finally asked him to “please bump me up to someone who can help.”

For anyone paying attention who ever, ever has to manage or work in customer service, yes, this was a mildly open-ended question. I didn’t specify “your supervisor.” Yes, by now I’d told him quite bluntly that he was ignorant of networking, though only after I’d already explained to him for the umpteenth time that name resolution was needed for web browsers to work and that both computers in question worked fine elsewhere so the problem was their network (and I didn’t yell). Nevertheless what happened next left me speechless. This is filed under “Let’s see what we can do to piss our customers off.” It’s also filed under “never ever ever ever ever do this.”

He transferred me to Apple.

That’s right. The next thing I heard on the phone was the automated prompting system at Apple Inc.. Not a supervisor. Not someone who actually understood how networks worked or would listen to me when I told him I wasn’t getting all of the required network data or consistently getting a valid IP address.

He transferred me to Apple.

Wow.

For what it’s worth, there is a tech who at least listens over there. Tom, here’s to you. I called back five minutes alter after I’d regained my composure, explained to you that I still had problems getting an address and that even with an address I couldn’t look up names, and you listened. I also told you I tried several machines including known working ones from other households, and you listened. You also checked the data on the modem, and realized the signal levels (despite the visit the other day) were still not quite right by enough to cause problems.

They had two trucks there the next day replacing cables. Everything there works fine now.

I guess calling Apple wouldn’t have solved the problem after all.

I will be pricing out the local Bellsouth (wups, AT&T) service though. Even with the hassle of getting new internal lines installed so I can have the DSL modem where I need it and the outbound mail policies at Bellsouth, this experience coupled with past unreliability in my own house left such a bad taste in my mouth I’m inclined to never pay a dime to Comcast again.

Panic software, makes my overall-favorite FTP app, Transmit. Typical of their small line of programs, it shows a degree of polish that is only possible when you fanatically pay attention to the little details, and just get how people like to work.

This is relevant, because over the weekend, with little fanfare, they have released a new program called Coda. I’d call it an all-n-one web dev package, but then you’d think that I’m talking about GoLive or Dreamweaver, or such ilk. It’s not – it’s almost, almost purely text-oriented.

What Coda seeks to do is eliminate the need to keep switching between multiple programs to do web development work. My current kit involves:

• Transmit – for FTP
• TextMate – for text editing
• Terminal – for those rare occasions I need to ssh directly into a web server
• Safari, firefox, etc., plus IE/Win running under a VMware virtual machine to check how the pages render.
• Xyle Scope – for troubleshooting CSS

Coda replaces 90-95% of what I use Transmit for at all, and 95% of the web-related work I use it for. It replaces 95% of what I use TextMate for (I’ll get into it’s shortcomings there later), it has a built-in terminal that can be set up for SSH sessions, and it has a built in preview using the webkit engine that powers Safari, as well as easy access to opening up your other available browers when your .css editing gets to that point.

It does all that, does it seamlessly, and like an infomercial, wait, there’s more!

There’s a GUI-based .css editor that’s, to me, still a bit complicated (because css has so many options…) but allows you to make and define css styling with relative ease. You can open up a style sheet in a split view and watch the GUI change your text code, or vice versa.

There is also a built-in reference for php, javascript, and HTML. Common functions get hinted even as you’re typing, and basic syntax for common functions can be seen at the bottom of the screen as you type (two features I’d love to have elsewhere). Like BBEdit/TextWrangler/Textmate, the find features can do regular expressions.

The text editor is almost as smooth as TextMate, and easier to learn since it doesn’t try to be all things to all coders. I haven’t had a chance to try the subEthaEdit-based code collaboration, but it’s there. The method for adding code snippets and triggering automatic expansion off of tags is truly slick – but only has global and site scopes. This means if you need to have different snippets based on whether you are working in javascript, php, or HTML, you better have different trigger text, which can get really annoying when working with several languages on the same page that handle if, while, for , functions, and foreach syntax differently. I’d really love the text editor to properly expand “if” based on the language I’m using, and not on a global list of snippets.

My biggest headaches with it, in order, were trying to work with it using my previous work flow – which went away as soon as I figured out how Coda did it, and a few features that need more depth.

First of all, the DOM inspection option is nice, and having a breadcrumb “lock” in to show you exactly where in the document an item is makes it easier to figure out what styles should apply, and is extremely helpful in coding DOM-based javascript. What it doesn’t do is tell me what Safari/webkit sees and what parts of what styles are actually being applied to any given element. I’ll still be using Xyle Scope on a regular basis.

Secondly – perhaps because I haven’t taken the time to run it on deliberately buggy javascript yet, but the javascript debugging seems a bit light and missed various “warning” level issues like missing semicolons in cases it wouldn’t bring the script to a halt – at least compared to the Javascript Tools bundle that I’ve added to Textmate – so I’ll still be using TextMate to help out with the debugging on occasion, as well as for more general programing, etc. when I’m not doing web development.

Tagging/marking places in code to flip back and forth easily textmate-style would be nice, but with the split screening, isn’t vital. Neither is code block folding, but it would be helpful at times in simplifying the view of the code.
What is nearly a showstopper though is I still haven’t figured out how to easily copy files from the FTP server “remote” location to the local directory – the publishing features (which work great) seem to only work from your local directory to the remote server. When I shift work to my laptop, I like to refresh my laptop’s local directory from what’s currently on the server before publishing changes back out of it. While I can work on the “live” code at the FTP server – I prefer not to when doing anything more than a minor tweak. Looks like I’ll still be using Transmit for that before I roll up my elbows and really get to work

All in all this is excellent little program that I can highly recommend, and I’m considering buying it for how well it does what it does. For people who have become proficient in or heavily customized their BBEdit or Textmate environments, who work from multiple computers, or need to do more thorough CSS troubleshooting, you may miss a few features.

One thing that I’ve had underscored recently is a hint I repeatedly give my clients that can be put across in four words. Back Up Your Stuff

Nevertheless, despite repeated warnings, many people don’t. Some just flat out don’t believe that they will be the one whose hard drive ends up making strange and scary klunking noises. Others are well-intentioned, but just don’t manage to because, frankly, backup software is still more difficult to run than it should be. Nevermind the hassle of adding and removing drives, etc. for laptops, and you start getting some real headaches that explain why those of us who are a bit confused and even scared around computers wouldn’t want to spend the time.

The surprising thing is not that it happens in the business world as well, but that among those who do back up, it’s all too common to only back up the server and not track down laptop and other users who may keep files on their local hard drive.

When you’re dealing with a machine like a tablet PC, and the hard drive or other component fails that will result in it getting sent to the shop, you’re staring at losing a lot of critical data. You know: Family photos, your CD collection for iTunes, copies of tax returns, your email.

So. Do what you have to. Get an external drive. Archive stuff off to CD or DVD. use another computer in the house as a place to duplicate your critical information. Whatever. Just please, keep extra copies.

A home cable/DSL router may be the second best improvement you can make to your home computer and network as far as making your broadband connection usable, and keeping your home computer safe. For a very little bit of time and effort (and roughly $40 American) you can prevent all sorts of headaches.

First of all, what is a router? According to my Techno Babble page it is:

A piece of hardware that connects two separate networks together and routes information between them…

The two networks we are talking about are the internet, and one that likely didn’t exist until you installed the router – your home network. The second you plug your computer into the port marked “LAN”, or one of the numbered ports (if the router has a built-in switch), you have an instant, if very small network made up of your computer and the router. The second you attach the router to the cable modem or DSL modem, you have added the router to the network we call the internet.

How to tell if you need a router:

Some DSL modems provided by companies like Bellsouth already act as routers. If this is the case, then you do not need to add a router, though you may want to add a switch and/or a wireless access point to allow more computers onto the internet, or to free yourself up from being tethered to the desk. In order to tell if you are behind a router:

If you have a Windows machine, click on “Start”, then “Run”. In the box provided type:

cmd

…and click OK (If you’re still using windows Me or Windows 98 you will have to type in the full word “command” instead of “cmd”). When the black box with the “>” prompt appears, type the following:

ipconfig

… and hit the enter key. You will get a short list of numbers.

For Macintoshes running OS X, open up the system preferences and look at the network preferences. For older versions of OS X you may have to specify “built-in-ethernet” in a drop-down menu.

What you are looking for is a line that starts with “IP Address.” Following it will be a series of four numbers separated by periods. If the first number is a 192, a 172, a 169, or a 10, and you are able to get online, then you can stop worrying. You’re good to go. If not, your standard mail-order place like CDW, newegg, or PC zone can help you, as well as any local Staples, Radio Shack, or electronics store that sells computer equipment.

Setting Up The Router

Hook it up between your modem and your computer as shown in the diagram below:

You will likely have to do one or more of the following three things: First, if you have a cable modem, unplug your cable modem completely for a few minutes. Don’t just turn it off. The reason for this is that it whatever computer or router it first sees is the only piece of equipment the modem will talk to. Unplugging the modem clears this memory and allows it to start talking to your router.

Knology and some other providers may ask you to provide the “MAC” address of your computer. As opposed to “Mac” computers from Apple, the MAC is a unique ID number given to every network card. Your router will have this number on the outside of its’ casing.

Finally, there is a percentage of internet companies like Time Warner that require your computer or router to log in. In this case you will also have to follow your setup instructions for configuring the router and find the option (often on the main page), to have the router connect to the internet using “PPPOE.” You will also have to type in a user name and a password that your ISP gives you. This can unfortunately be problematical and confusing, made worse because most ISP’s don’t support home routers, even though it is unsafe to put your computer directly on the internet without one.

When this is all set up, the router decides if any information it sees on the internet needs to be forwarded to your home computers, and if anything your computer is asking for needs to be sent out to the internet in order to download a web page or file. Without any further configuration or setup, you already have the following benefits:

1. Because of a firewall technology called NAT that is built into nearly all home routers, your computer and home network is now one step removed from the internet. By creating a separate network it just became significantly harder to crack into. More importantly, it is almost impossible for most “worms” (a type of virus that scans nearby networks every few minutes) to get into your computer.
2. On some ISP networks, it’s fairly easy to browse and find computers in your neighborhood. While this is less common these days, having a router prevents anyone else your neighborhood from seeing what computers you have running and from looking into any files you may accidentally share out.

Also, if your router has a built-in switch, or if you are using an separate switch, you can now connect more than one computer to the internet without paying up for more than one internet account. Finally, if you bought a wireless router or add a wireless access point, you can also access the internet from any wireless computers in your household.

Unfortunately computer geeks like me have come up with a confusing plethora of babble-speak in relation to computer use and security. While most of these terms have been created to exactly and specifically label computer parts, programs, and how they interact, the sheer number, and the sense of whimsy with which many were created can make it difficult to learn their meanings. Hopefully these help sort out the confusion a bit. If there is anything you’d like defined or better explained, feel free to contact me. You may also want to take a look at the jargon file for the full range of weirdness in a hacker’s vocabulary (the most recent copy of the Jargon File is here).

Definitions:

Attachment: A file (word document, picture, PDF) included with an email message.

Beta: A computer program that is still in development but far enough along to be reasonably reliable.

Bulletin Boards: Online message boards where people post messages on a topic and reply, not in real time. Along with comments, is a common “fan” element of many sites.

Cable Modem: Turns the broadband in your cable line into a network signal your computer can use. Not actually a “modem” but the marketing name stuck.

Driver: A small piece of software that tells your operating system how to communicate with a specific component inside of or attached to your computer and what features it has.

DSL Modem: Turns the broadband in your phone line into a network signal your computer can use. Most DSL modems provided by Bellsouth here in the Charleston, SC act as basic firewalls and routers. Also not actually a “modem.”

Firewall: A piece of hardware or software that accepts or declines certain types of internet messages and determines what can speak to your computer. Think of it as a guarded gate. Most home routers also act as fairly effective low-end firewalls for your home network.

Hub: A piece of hardware that allows you to connect more than one computer, switch, hub or router together into a single network. Difficult to find in stores as they have been replaced by the ready availability of cheap, faster, more reliable switches. Switches are also commonly referred to as hubs.

Malware: A type of spyware that changes how your computer works. Usually an active program constantly running in the background.

Operating System: The software that runs your computer. It allows you to copy files, run other programs, and allows programs to work with the computer hardware.

Repeater: A special feature of some Wireless Access Points (or WAPs) that can act as a base for your wireless network, or relay the signal from your base WAP to let your wireless network cover a larger area or portion of the house. Network performance may slow down a bit because a lot of information gets duplicated, but the effect should not be noticeable for only a handful of users. Most repeaters do not deal with encryption schemes well and recommend running on open networks. The only one in my experience which does work with encryption is the Apple Airport series, and those have only been stable when using the more secure WPA encryption.

Router: A piece of hardware that connects two separate networks together and routes information between them. At home, it is commonly used to connect your computer(s) to your cable or DSL network, and thus the internet. Many also contain a built-in switch or wi-fi to allow more than one computer to connect to the same internet connection without buying additional switches or Wireless Access Points.

Spam: The internet term for junk e-mail. The name is taken from a Monty Python routine where everything on the menu has spam, even though the customer doesn’t want spam.

Spyware: Software that monitors what websites you go to. Also called Adware and Malware. Spyware can reset your home page and your search page, slow up your computer, pop up extra windows, and pop up ads when you are not browsing. In extreme cases it changes how you get online, and is effectively unremoveable without reinstalling Windows.

Switch: A piece of hardware that allows you to connect more than one computer, switch, hub or router together into a single network. Many home routers also contain a built in switch. Switches do the same thing as hubs, but far faster and more reliably. Often referred to incorrectly as “hubs.”

Trackpad: Pointing device most commonly found on laptops, used to move a cursor or pointer on the screen. Consists of a flat, touch-sensitive surface with a button or buttons “below” the pad. Due to it’s small size, it often requires lifting and repeatedly sliding a fingertip in the desired direction.

Trackball: Pointing device most commonly bought seperately to be used with desktops to move a cursor or pointer on the screen. Consists of a base with a ball socketed into the top of it, where rolling the ball moves the on-screen pointer.Requires less space than a mouse. Until the arrival of the trackpad this was the most common pointing device for laptops.

Virus: Program that reproduces itself, and causes damage to computer systems. Most commonly distributed through email. Most modern viruses randomly choose names from your address book for both “To:” and “From:” addresses, making it more difficult to trace the source when you receive one.

Wi-Fi: The general term to cover wireless networking technologies for desktops and laptops. This includes “wireless-B” and “wireless-G.” All “centrino” branded laptops have wi-fi built in, and Apple Computer uses the term “Airport.”

Wireless Access Point: Also known as a “WAP.” A box with a radio and antenna that connects computers wirelessly to a wired network using Wi-Fi technology. Can be just an access point, or built into a home router.

Worm: Generally lumped under viruses, worms actively hunt local networks for computers to load themselves into.

Zombie: Computer taken over or “owned” by a virus or worm. Most often used to send Spam.

Most people at all active in the computer and Apple communities already know that in about two weeks, the latest and greatest version of OSX, code named “tiger,” is arriving on store shelves near (or often enough, not so near) you.

What does this mean to me?

As one of a scant handful of Mac operators and troubleshooters not associated with a local university in Charleston, SC, that means I have to take an in depth look at it as several of my clients are already asking about its features. that means I’ll be buying it sooner, rather than later.

So what about the 200+ features we’ve heard Apple declare?

On spotlight and dashboard. I suspect that like expose, these will quietly sneak up on me and mug me, leaving me rolling in a gutter wondering what happened when I suddenly discover that using a Mac without them is a painful experience. All I can say is that many of the seemingly too-mundane for words features that Jobs has turned on his reality distortion field and hyped beyond belief have really been the cats meow. In the meantime, I’m tired of hearing of it.

Before I go into another area of the OS that I think is getting too little attention, I will say that if the search engine does for my file system what iTunes search did for my MP3 collection, it will rock.

I also am not even going to reopen the controversy over Dashboard. Yet, anyway.

What I really want to touch on that impressed me is some of the family and user administration features in the OS.

What’s Old

OSX has long had a multi-user environment. Like Windows XP and 2000, and unlike Windows 95, 98, and Me, these user accounts are restricted as to exactly what on the computer they can access. These restrictions most specifically apply to whether or not you can access other people’s files.

Even if you went in through the command line, OSX and Unixes in general don’t quite have the same level of control over types of file access, permissions, and nesting of groups that the Win2K/XP OS’s do. Nevertheless, what they do have is very powerful. From a home user’s standpoint, the GUI tools allowed you to not only keep your files and your kid’s files separate, but allowed you to specify exactly which programs they could and could not run.

While you could do this in Windows (I’ll skip specifying XP/2K from now on), it’s not as straightforward to specify what programs can be run by individual users, and there are many common programs that require at a minimum “power user” permissions or modifying permissions on multiple folders and registry keys well beyond the typical home user to make the computer useable for a non-administrative user.

You also had some control over access to basic functions like the system control panel,modifying the dock, burning CD’s, etc.

Combined with the fast user switching (that still needs some improvements) the basic multi-user system is well thought out, and allows files, desktops, and personal preferences for how things should “work” to be personalized for everyone.

What’s New

First, OSX seems to have built in some proxy services. “Proxy” servers are computers or software that monitor the traffic going through them and pass along requests for web pages, mail, chat sessions, etc. after analyzing them, approving them, and/or logging them. They do more, but for what I’m talking about this is the part that applies.

Mail uses this in combination with a “white list” of email addresses that the user is allowed to communicate with to keep tabs on email communication. If the user sends or receives email from someone not on this list, the mail gets forwarded to you first for approval and possible addition to the white list.

For a corporation, there are far more efficient ways of doing things. For a household….

You can also decide who your children can talk to online using iChat, the built-in chat program that also works on AOL’s instant messaging network. If the person sending or being sent the message is not on the allowed list, the message will not go through.

Safari has added parental controls. You can specify what websites your children are allowed to visit. They won’t be able to access anything else either through clicked links or directly typing in the URL. If a page or site is restricted, there is an option to override it with parental permission that looks fairly painless. While the concept of restriction lists for browsers is not new (IIRC, Internet explorer 5 had it in Windows), most operate on a blacklist concept. I can say that yes, it will be a pain in the ass to specify each and every web site my children are allowed to visit. I can also say that, given the creativity of names on pornography sites, that it is far, far easier than blocking all of the bad sites.

I am interested in getting my hands on this to see if it is truly a proxy or built into safari and safari only.

We also have new features to track activity. Safari will log web sites accessed, and you can keep copies of the iChat transcripts.

What’s Up?

Remember, simple is relative.

I said that from what I’ve seen these new features are simple. Simple enough that my wife, who is smart but not a “Mac User,” or even a hardcore computer use, could figure out how to set them up, simply by knowing the features are there in the first place. I suspect that any reasonably intelligent, motivated parent who wants to could set things up so they can breathe easier about their children online when not being closely supervised. I say closely because as I noted earlier, I am a big believer in education being the best prevention, and parental concern and attention being the best filter not in between your child’s ears.

Update: Added the word “features” that I somehow overlooked in a paragraph above.

I recently gave a presentation to the parents at a local elementary school on online safety and computer security. We covered a number of topics over the course of the hour.

One of the things we handed out was a tip-sheet that gave some basic information about different types of threats, family issues, and protecting your personal PC. It’s short (two sides of one sheet), and as a result neither thorough or deep, as it intended to help parents who know little about computers without drowning them in technobabble.

You’re welcome to a copy of it here. Safety.pdf

Just remember, please properly attribute it.

Via Sound Politics, I learned of this , where a high school student in Spokane was suspended after he created a Web site bypassing the school’s internet content filter.

There may be longer rants on this later, but the long and the short of it is that these filters are just another crutch to be used by uninvolved parents and officialdom, to give the appearance of being concerned and “safeguarding our children”, while leaving them unsupervised with an electronic babysitter that doesn’t truly work.

Let me rephrase that. They “work.” Getting them to work the way you as a parent want them to is difficult at the very best.

Why is that?

The first set of problems involves what is blocked. There are several basic ways that these “nanny” programs decide what web sites to block. There is a “blacklist” of blocked websites provided by the makers of the software. The person setting up the software can decide to block specific sites, or allow specific sites. Last but not least, the software can look for specific key words, and block any page that has those.

The second problem is the question of whether or not the software really can successfully prevent access to sites that it has been told to block.

Many critics of the software like to concentrate on the canned blocklists. Supposedly, the company automatically combs through all of the available webpages, and marks the ones with questionable content. They then review them to see if these sites are truly inappropriate, and, if so, put the site on the blocklist.

Given the number of sites in these blocklists, it truly is questionable as to how thoroughly these sites are actually independently reviewed, because blocked sites include or have included organizations such as Amnesty International, congressional representatives, and Banned Books Online. Some in truly paranoid fringe sometimes wonder if there is a conspiracy to block certain political views. Given the odd choices it is a valid question as to what degree the mores of the creators and perceived desires of the clients/parents bias the terms used to generate these blocklists.

Key words have their own problem. While it may not be an issue when the user is a five year old, teens at least will legitimately need access to websites on biology, etc. that may contain blocked key words. Both the “key word” method and the canned blocklists tend toward a significant false positives, sometimes over 50 percent.

A privately generated block list created by the parent or administrator is the only method that blocks exactly what the person buying the software wants (you can go everywhere but here), or conversely, allows access only to the places allowed (these are the only places you can go). The only problem is that setting up and maintaining these block lists can be very time consuming.

Maintaining these programs can be time consuming in general. If a site you want to allow access to, either for yourself, or generally, is blocked. you have to take the time to add it to an “allowed” list, or bypass it that one time.

All this aside, it still leaves open the question of whether or not this vast overkill prevents access to pornography and unwanted information in general, as well as whether or not the software can be bypassed for specific sites.

As the article I referenced above shows, the answer is a resounding “no.”

Face it. Just like books, TV, and anything else in life, the only way to make sure your kids stay safe online is to keep an eye on what they do, and teach them how to handle themselves.

I’ll leave you with a quote from Lars Kongshem:

Equally important, many educators say, is..(teaching) students…to use the filter that lies between their ears…this analogy offered in the National Research Council report is…apt: “Swimming pools can be dangerous for children….one can install locks,..fences, and…pool alarms….but by far the most important thing….is to teach them to swim.”