TidBITS#1125/07-May-2012 ======================== Issue link: What would you do if your Apple ID-backed accounts became inaccessible? That’s what Chris Owen ran into when Apple seemingly corrupted his account — read on for his entire story and think about how you’d work around such a problem. Also this week, Jeff Carlson covers iOS 5.1.1’s fixes quickly, and Glenn Fleishman looks at both Amazon’s weak Cloud Drive desktop app and the new connection between Tweetbot and Storify. Finally, Adam points to a new worldwide photography project that everyone can contribute to and describes a new internal tool that’s possible only because of Mac OS X’s inter-application communication. Notable software releases this week include Alfred 1.2, Transmit 4.1.9, SpamSieve 2.9.1, and Hazel 3.0.5. Articles iOS 5.1.1 Addresses Bugs Contribute Photos from May 15th to Aday.org Amazon Releases Cloud Drive Desktop App Capture Twitter Conversations with Tweetbot and Storify PodBOT Improves TidBITS Audio Apple ID Horror Story TidBITS Watchlist: Notable Software Updates for 7 May 2012 ExtraBITS for 7 May 2012 ------------ This issue of TidBITS sponsored in part by: -------------- * READERS LIKE YOU! Support TidBITS by becoming a member today! Check out the perks at Special thanks this week to Peter Tuft, John Howland, Brent Schmitz, and Andre Peternell for their generous support! * Dragon speech recognition software for Macintosh, iPhone, and iPad! Get the all-new Dragon Dictate for Mac from Nuance Communications and experience Simply Smarter Speech Recognition. Learn more about Dragon Dictate: * CrashPlan is easy, secure backup that works everywhere. Back up to your own drives, computers, and online with unlimited storage. With unlimited online backup, this is one resolution you can keep. Back Up Your Life Today! * New from Smile: PDFpen for iPad. Sign contracts, make changes, fill out applications and more. With iCloud storage, you get seamless PDF editing on your Mac and iPad. Take control of your PDFs wherever you are. Get it on the App Store: * Intego: Washing Machine cleans up files created by Web browsers and other programs that access the Internet. Get rid of caches, cookies, download histories, browsing histories and more. Download a free trial. * Noteboom Video Tutorials for Apple Software: Learn how to use iMovie, iPhoto, Lion, Bento, and more with our highly rated video tutorials available on the Mac App Store and the App Store on your iPad. * Having trouble hearing sound from your Mac? Global Delight’s Boom volume booster and system-wide equalizer can raise the volume in iChat conversations, iTunes music, Netflix movies, and more. Try the free trial of Boom today! * Doxie makes it easy to go paperless and scan anywhere — no computer required. Doxie scans paper and receipts, creates searchable PDFs, then syncs up to your Mac. With smart design and great software, Doxie just works. * Discover Fujitsu ScanSnap Scanners — Featuring state-of-the-art scanning solutions for companies of any size. Make your life more productive, mobile, paperless, and efficient with a ScanSnap scanner. To learn more, visit: ---------- Help support TidBITS by supporting our sponsors ------------ iOS 5.1.1 Addresses Bugs ------------------------ by Jeff Carlson article link: Apple today released iOS 5.1.1, a bug-fix update that addresses a handful of disclosed issues for all iOS 5-compatible devices. From Apple’s tech note, iOS 5.1.1: * Improves reliability of using HDR option for photos taken using the Lock Screen shortcut * Addresses bugs that could prevent the third-generation iPad from switching between 2G and 3G networks * Fixes bugs that affected AirPlay video playback in some circumstances * Improves reliability for syncing Safari bookmarks and Reading List * Fixes an issue where an “Unable to purchase” alert could be displayed after successful purchase Apple has not yet released information about the security content of the update on the Web, but the Apple Product Security mailing list reports that security fixes address a Safari vulnerability that enabled a malicious Web site to spoof the address in the location bar, multiple cross-site scripting vulnerabilities in WebKit, and a memory corruption vulnerability in WebKit. To get iOS 5.1.1, do one of the following: * In iTunes, select the iOS device in the sidebar and click Check for Update on the Summary screen. The download in iTunes will be very large — up to 1 GB in size — so don’t use this option if you’re in a hurry or low on disk space on your Mac. * On the device itself, go to Settings > General > Software Update. The direct-to-device update is much smaller — in the 40 MB to 50 MB range, and will thus be a much faster download. ---- read/post comments: tweet this article: Contribute Photos from May 15th to Aday.org ------------------------------------------- by Adam C. Engst article link: On 15 May 2012, the Swedish non-profit foundation Expressions of Humankind is organizing one of those events — aday.org — that makes sense only in the Internet age. On that day, they’re asking everyone who wants to participate to pick up a camera and take digital photos of your daily life. Once you’ve uploaded them — up to 10 per person — the group will be connecting your images to others from around the world and displaying them all online for everyone to explore. Photos will also be donated to historical institutions around the world for preservation and, if selected and if the individual photographers agree, included in a book, “A Day in the World,” and in digital exhibitions. None will be used for commercial purposes. Adding a level of interest to the project is the categorization and keywording that participants will apply to their photos. There are three main categories — Home, Work, and Connections (anything that connects us to one another) — and each main category has a number of subcategories. Finally, aday.org has pre-defined some keywords within most of the subcategories, and you can add your own keywords as well — the more specific your keywords, the more your photos can be grouped with others that have been defined similarly. Aday.org is backed by some big names — including Archbishop Desmond Tutu and Sir Richard Branson, among a collection of scientists and former European heads of state — and was co-founded by Jeppe Wikström, a well-known Swedish photographer who initiated a similar photographic project called “A Day in the Life of Sweden” (he sounds like a Swedish version of Rick Smolan, who has coordinated a number of massive photography projects). A number of major companies have also signed on to provide financial and technical assistance, including Ericsson, Snapfish, PricewaterhouseCoopers, and more. Here’s hoping the technical infrastructure manages to hold up on May 15th, though aday.org will be accepting photos shot on that day for another few days afterwards. The uploading tool won’t be available until then, though you can sign up now to speed the process, and I’m told that early registrants will also receive ideas of what to shoot, feedback, and other information. ---- read/post comments: tweet this article: Amazon Releases Cloud Drive Desktop App --------------------------------------- by Glenn Fleishman article link: Playing catch-up, but still lagging behind, Amazon has released the Amazon Cloud Drive desktop app for Mac OS X 10.7 Lion and 10.6 Snow Leopard (as well as Windows Vista and 7). The software provides Finder-based uploads to the company’s Cloud Drive service, but doesn’t provide synchronization or true Desktop integration as a folder or drive. Nor can you use the app to download files. Amazon’s Cloud Drive service is an amalgam of a music-storage locker and file storage, but it has lacked a desktop component until now. Or rather, it still does — the desktop app is a half measure that doesn’t compare to even the worst of the file synchronization and storage services from competitors like Dropbox, Google, and Microsoft (see “Google Drive and SkyDrive Take Aim at Dropbox,” 24 April 2012). Apple is the only company with which there’s no comparison, because after iDisk goes to its watery grave on 30 June 2012, Apple will no longer have any desktop file synchronization at all. After installing the Cloud Drive desktop app, a generic cloud icon (good choice, guys) appears in the system menu bar. To upload files, you drag an item to the cloud icon until a green plus sign in a circle appears. You can also Control-click any file or folder in the Finder and choose Upload to Cloud Drive from the contextual menu. (You may need to restart your computer to see this menu. It didn’t show up on my Mac initially, and even relaunching the Finder wasn’t sufficient.) The Cloud Drive app’s page promotes downloads: “Easy download of one or more files and folders from Cloud Drive.” But this isn’t the case. The program’s tour, which you can view after installation or from its Help menu, says you must use the Web to download files. In my book, that’s not “easy.” Amazon offers 5 GB of storage for free accounts, although storage of Amazon-purchased music doesn’t reduce that amount. Paid storage starts at $20 per year for 20 GB of storage, and paid accounts don’t count any Amazon-purchased or uploaded music files towards storage limits. (For more details about Amazon’s very decent Web-based media access, see “Amazon Beats Apple at Ease of Media Access,” 17 November 2011.) I was asked a few days ago where Amazon had positioned itself after Google launched Google Drive and Microsoft overhauled SkyDrive. The answer? Well behind the curve. ---- read/post comments: tweet this article: Capture Twitter Conversations with Tweetbot and Storify ------------------------------------------------------- by Glenn Fleishman article link: It’s no surprise to anyone who knows me that I live on Twitter, where I enjoy many interesting conversations, some rapid and some languorous. Twitter has the concept of threading built in, and good Twitter clients correctly create a conversation you can view. Storify is one of several services that lets you build plain or annotated narratives from a variety of publicly available sources, including Twitter, Facebook, and Flickr. The site has an interactive drag-and-drop approach to finding messages or posts and putting them into the construct of a story. A few weeks ago, some Twitter buddies and I constructed an impromptu and silly Apple-themed parody of “2001: A Space Odyssey” that I captured in Storify. Without Storify, that nonsense would have been lost forever. (Some might think that a good thing.) It’s not just for nonsense. Storify allows the ephemeral to be captured if it’s worthwhile. While Twitter may seem a hive of triviality, and Facebook only for personal chit-chat about babies and political rants, an enormous amount of communication happens. Nearly all of it may deserve to hit the bit bucket. But for those cases in which something more than idle chatter emerges, Storify enables you to preserve and structure a discussion. You can write connective material to explain how the narrative you’re presenting holds together, share it in a way that anyone can read, and allow comments on it. For me, this becomes useful when I have an informative discussion in which the back and forth leads me to new knowledge. For others, capturing a conversation among participants in an issue, whether reporters discussing a story, public figures arguing a point, or activists planning their next move, keeps that moment fixed for review and citation. My go-to Twitter client of choice in iOS is Tweetbot ($2.99, separate iPhone/iPod touch and iPad versions), whose approach to Twitter flow and conversations matches my conception of such interaction. You can swipe right on any tweet, and Tweetbot reveals any associated threaded discussion. (A version of Tweetbot for Mac OS X is apparently coming, but it’s not yet in public beta.) Now two great tastes have come together: Tweetbot’s latest update, version 2.3, has direct support for publishing to Storify. View any conversation, tap the action button (the arrow in a box) in the upper-right corner of the screen, and choose to email or tweet a link. The conversation is stored in Storify, even if you don’t ultimately send the email or post the tweet. You can then log in to Storify with your Twitter account, and edit and frame the conversation. If you have an existing Storify account linked to your Twitter account, the post will also be linked to your collection of stories. You may post messages to Twitter that you’d like to sink to the bottom of the sea of bits forever. But I find increasingly that smart ideas are captured in the ad hoc banter there. Tweetbot’s connection with Storify should make it simpler to archive dialectics for later dissection. ---- read/post comments: tweet this article: PodBOT Improves TidBITS Audio ----------------------------- by Adam C. Engst article link: Did you know that you can listen to an audio version of every TidBITS article we publish? A loyal TidBITS reader at the MacTech Boot Camp conference was telling me how much he enjoyed our staff podcast appearances on MacBreak Weekly, MacVoices, the Tech Night Owl Live, and more. But when I asked if he listened to the audio versions of our articles, he pleaded ignorance. So, for the record, if you want to listen to TidBITS on your iPhone, iPod, iPad, or Mac, you can. For a single article, look for a Listen link in the metadata line on headline pages and at the very top of articles. And for a podcast that can be automatically synced to your preferred listening device, the easiest way to subscribe is via iTunes (the link is in the upper left of the TidBITS site, in the “Get TidBITS via...” box). We generally record articles on Monday, just before the email issue goes out, so the audio versions are best for those who don’t want to keep up with our coverage on a daily basis. What I wanted to share with you was not the mere fact of our audio editions, but how we just improved their quality, thanks to help from a friend. One of the problems we’ve had is that we generally each record our own articles, and it’s nearly impossible to ensure identical input volume settings. So one person might be acceptably loud and the next rather quiet, necessitating much fiddling with volume controls. Not ideal while driving! The solution to this problem is The Levelator, free software developed by The Conversations Network, a California non-profit. Through some advanced magic, The Levelator makes audio files use a consistent loudness. It was designed to automate the post-production work of making multiple people in an interview sound equally loud, as well as to eliminate loudness variations from one podcast to another. Although The Levelator runs on Mac OS X, calling it a Mac program is a stretch. It has no settings, next to no interface (you simply drop a WAV or AIFF file on it), and it’s not scriptable, which makes it difficult to integrate into an automated workflow. And workflow is extremely important to us, since our dirty little secret is that we’re recording these audio versions not because we want to make the best possible podcast, but because we’re already reading our articles out loud as a final proofing pass. (It’s an effective way of catching subtle typos and other infelicities.) So we need the process to be as simple and streamlined as possible, and adding The Levelator into the mix was going to cause headaches. Previously, our standard workflow involved recording directly in Rogue Amoeba’s Audio Hijack Pro, where the recording, encoding, file naming, and metadata assignment could all take place in a single step. Since The Levelator works on uncompressed WAV and AIFF files and creates a new file in the process, names and metadata have to be assigned after the fact. It’s not hard to do that, but it’s tedious and repetitive, especially late on a Monday night when all I want to do is make dinner. While searching for a solution to this problem, I ran across a few relevant scripts on the excellent Doug’s AppleScripts for iTunes site, which collects a vast number of utility scripts for controlling iTunes, managing music, converting files, and more. None were quite what I needed though, and my AppleScript skills are minimal, so I decided to ask Doug Adams himself if he might be able to help out. He’s a long-time TidBITS reader, and was enthusiastic about helping to build a tool that would give us a streamlined interface for our audio versions. Our tool, which came to be known as PodBOT, needed to do four basic things, in this order: 1. Open a WAV or AIFF file (recorded with Audio Hijack Pro or GarageBand) with The Levelator to get the consistent loudness we wanted. 2. Convert The Levelator’s output file (which has a predictable name and location) to a much smaller 48 Kbps AAC file. PodBOT does this via the command-line program afconvert. 3. Collect metadata about the audio file — file name, title, author, issue number, article text, and more — and embed it into the audio file so it looks good in iTunes (for instance, the article text appear in the Lyrics field in iTunes). For this, PodBOT leans on iTunes, since Doug knew how to get iTunes to assign such metadata without leaving a copy of the file cluttering the library. 4. Optionally, upload the file to our server via SFTP and tickle the TidBITS Publishing System into linking the file to its article. We chose to use either Transmit or Fetch, both of which are easily scriptable in such a way that PodBOT could rely on an existing bookmark that already contained the necessary credentials. Doug ended up writing PodBOT as a simple Cocoa application that encapsulates a lot of AppleScript, and it’s finely honed to our exact needs, looking up data for each recording from the TidBITS Publishing System automatically when possible. Much of the rest of the metadata it assigns never changes or is programmatic (like the date), and PodBOT doesn’t even offer fields for those items. For the few fields that require personalized input, like Voiced By, PodBOT remembers the previous setting so it doesn’t have to be entered each time. And simple options like whether or not to trash the original and final files after successful upload let each of our editors decide how much data they want to keep locally. Even better, since PodBOT is happy to create the final file without uploading, we can give it and some simple instructions to outside authors who want to record their own articles, without worrying about needing to get their audio settings to match ours or telling them exactly how to find and format the metadata, since it’s all looked up automatically. I feel a little weird writing this article, since PodBOT is an internal tool, and not something that would be useful to anyone outside TidBITS. But the more general lesson that developing PodBOT has hammered home is that one of the key benefits Mac OS X has over iOS is its capability to tie multiple applications together, rather than requiring a single app to do absolutely everything. I love iOS for what it can do, but it can’t always hold a candle to what Mac OS X makes possible. Similarly, although there’s no question that sandboxing in Mac OS X provides some security and reliability advantages, the loss of being able to integrate multiple applications into a single workflow would be devastating to many industries (see “The Sandbox Conundrum: Security vs. Innovation,” 28 February 2012). AppleScript itself was saved from the chopping block when Steve Jobs first returned to Apple because it was such a necessary workflow component in the publishing industry; Apple may be a very different company now, but that doesn’t mean that any less work gets done on Macs. In the end, thanks to Doug Adams for his highly capable and enthusiastic development efforts, thanks to The Conversations Network for The Levelator, and thanks to Apple for continuing to make an operating system that enables multiple applications to work together to create something that’s far easier to use than the individual parts. Let’s hope future versions of Mac OS X don’t make highly specific utilities like PodBOT impossible by confining most apps to a sandbox and reducing support for inter-application communication technologies. ---- read/post comments: tweet this article: Apple ID Horror Story --------------------- by Chris Owen article link: 24 comments [Adam here. Chris Owen sent me this tale of woe as evidence that there are issues with the iTunes account security changes that I wrote about in “Apple Extends iTunes Account Security, Confuses Users” (26 April 2012). What I find more perturbing, though, is that Apple IDs have become far more important than in the past, thanks to iCloud’s deep integration with Mac OS X for essential data like email, events, and contacts. Obviously, Apple has a vested interest in making sure iCloud services work properly, but since they’re largely provided for free (with payments only for iTunes Match and additional storage), Apple isn’t offering easily accessed technical support. After you read Chris’s story, think about how you might be affected if your iCloud account information were to be corrupted or deleted.] I had heard anecdotally that some people had been having issues with Apple’s recent security upgrade for iTunes accounts, but it’s hard to know what to make of such reports until you experience the problems yourself. And, sadly, I can now understand what others have gone through. One morning last week, I went to my Mac to find two separate email messages, both sent at 2:00 AM, saying that changes had been made to my Apple ID. Keep in mind that these came out of the blue — I had not been asked the new security questions or had to provide a secondary email address. The first message said that my billing address and credit card had been changed. The second said my Apple ID and email address had been changed. Needless to say (or I wouldn’t be writing this report), I had made no changes to my billing address and credit card information, as the first message claimed. The second message was even more confusing, since as far as I’m aware, it’s impossible to change an Apple ID, much as it would be nice if Apple would allow us to merge them. It was 8:00 AM when I saw these messages, meaning that there had been at least 6 hours in between the time the messages were triggered and when I sat down at my Mac. Fearing that my account had been compromised, I tried to log in to my iTunes account, and was unable to do so. After resetting my password, I was finally able to log in successfully, and while I was still somewhat concerned about my account having been compromised, I figured that changing the password would at least prevent any more problems from occurring. Little did I know… At 8:00 PM that same night, I received another email message from the iTunes Store, this time a receipt for a $40 iTunes gift certificate that I had supposedly purchased. Again, I had done no such thing, and oddly, the address (my address) on the receipt was in San Diego, even though I live in Wichita, Kansas, and have a billing address of Garden City, KS. But this wasn’t a simple matter of someone trying to buy an iTunes gift certificate with my credit card, since the receipt said the order was charged to my American Express card. I haven’t had an American Express card in years. Strangest of all was the description of the gift certificate itself, which read: “Gift certificate for foobar” (where “foobar” was actually my former Apple ID password). That’s right, Apple had somehow inserted my former password into the description field. Cue the Twilight Zone music. Before logging in to my iTunes account, I checked a few other Apple services and couldn’t get into any of them. So I once again reset my password and logged in to iTunes. This time it appeared that I had a brand new account — it knew my email address was owenc@hubris.net, but everything else acted as though I’d never logged in before. My iTunes Store history was empty. Although iTunes said I had iOS app updates pending, when I tried to get them, I was told “You can’t update this app because you’ve never purchased it,” and the same thing happened when I tried to use the App Store app on my iPhone to download updates. I hopped over to the Web and tried to log in to my Apple developer account, only to find that I could no longer access any of the developer-specific iOS resources, and worse, all my iOS app provisioning data was missing. Lastly, I checked for updates to apps I had purchased in the Mac App Store, and received the same error as in the iOS App Store. But it also said something to the effect of “These apps are in your owenc1@hubris.net account. Log in there to update them.” I’ve never had such an account with Apple, and owenc1@hubris.net isn’t even a valid email address. Despite these cascading failures, the one thing that continued to work was iCloud on my iPhone. When I checked into why, I saw that my iCloud settings had somehow been changed to use that phantom owenc1@hubris.net address — at no point did I ever update my iCloud settings on the iPhone or enter owenc1@hubris.net anywhere. Nor had I entered a new password for iCloud on the iPhone, even though I’d changed my Apple ID password twice in the past 12 hours. Even now, I have no idea how Apple could have changed iCloud settings on my iPhone remotely. Luckily, I don’t rely on iCloud for calendaring or email; there’s no telling what havoc would have been played with my day if my events or email had become confused. Clearly, it was time to get help, but that was much easier said than done. As far as I can tell, there is no way to contact Apple about an Apple ID problem. After a few hours, I figured out that I could use Apple’s Express Lane service to open an iTunes Store-related trouble ticket. Unfortunately, this ultimately led me to a blank page, and only after several unsuccessful attempts did I think of using a Web browser other than Safari, and doing that — ironically — enabled me to file a report at about 9:30 PM. At 2:00 PM the following day, I finally received an email response from Apple. Alas, it was simply a canned message that gave me a long list of ways I could avoid being tricked by phishing. Since that wasn’t my problem, I responded to the message, pointing this out. An hour or so later, though, Apple sent me yet another message saying that everything had been restored, and when I logged in to the iTunes Store, the Mac App Store, and my developer account, I did indeed once again have access to all my data. Apple provided no explanation for the problem, but at least everything was working as it had before. All but one thing, that is. Remember how my iCloud account on my iPhone had been inexplicably changed to the owenc1@hubris.net address that doesn’t exist? Even after Apple restored my account data, iCloud on the iPhone retained that incorrect address and stopped working entirely. Since it apparently isn’t possible to change the Apple ID associated with iCloud on the iPhone, I was forced to delete my iCloud account entirely and set up a new one using the proper owenc@hubris.net address. Once I had done that, everything was again right in my Apple world. If there’s a moral to the story, it’s that Apple has put all our eggs into a single Apple ID basket, and while we can watch that basket all we want, if Apple messes something up behind the scenes, we’re the ones left with egg on our faces and no obvious way to get help. ---- read/post comments: tweet this article: TidBITS Watchlist: Notable Software Updates for 7 May 2012 ---------------------------------------------------------- by TidBITS Staff article link: **Alfred 1.2** -- Running with Crayons has updated its free keyboard-driven launcher Alfred to version 1.2 with a number of new features. Available from the Alfred Web site as well as the Mac App Store, this release adds two new themes, large type support for displaying text and calculations, and the capability to drag files out of Alfred search results into the Finder, Apple Mail, and other apps. Its search matching algorithm has also been overhauled with a noncontinuous word-based matching scheme to improve results. However, to take advantage of all the improvements in this release, you’ll need to download the app from the Alfred Web site (the Mac App Store version is limited due to Apple’s sandboxing rules). Plus, to unlock all the features, you would need to purchase the Alfred Powerpack for £15. With the Powerpack-enhanced Alfred 1.2, you’ll get 1Password 1Click bookmark integration, which enables you to access a list of passwords quickly and then open a selected bookmark in your default Web browser. You can also merge currently selected text with the previous item in the clipboard’s history. Finally, global hotkeys have been enhanced with the option to paste the most recent clipboard item as plain text without having to first show Alfred, as well as the capability to assign snippets for instant pasting. (Free, £15 for Powerpack, 2.5 MB, release notes) Read/post comments about Alfred 1.2. **Transmit 4.1.9** -- It has been some time since its last update, but Panic has now released Transmit 4.1.8 with a modicum of fixes and improvements for the file transfer software. The update fixes a kernel panic that occurred with Transmit Disk when using OS X 10.8 Mountain Lion as well as a possible crash when viewing a mount point folder after unmounting a drive. It also adds support for Growl 1.3, improves compatibility with AS/400 and Personal FTP Server Pro, and updates the item count when filtering in the list view file browser. Other fixes address an issue with double contextual menus and miscellaneous display issues. A quick 4.1.9 update fixes a possible issue with the Transmit Disk menu extra, addresses a keychain issue in 10.6 Snow Leopard, and improves Growl compatibility again. ($34 new, free update, 22.4 MB, release notes) Read/post comments about Transmit 4.1.8. **SpamSieve 2.9.1** -- C-Command Software has released SpamSieve 2.9.1, which primarily addresses the recent release of Microsoft Outlook 2011 SP2 (for the most recent update, see “Microsoft Office for Mac 2011 14.2.1,” 26 April 2012). If you’ve previously used Outlook 2011, the spam-filtering software will update its scripts automatically. However, if you have a new installation of Outlook 2011, you can choose Install Outlook Scripts from the SpamSieve menu to start running your rules. Additionally, SpamSieve 2.9.1 addresses some problems with its Apple Mail plug-in, detecting any damage and attempting to auto-heal the installed copy of the plug-in as well alert you to download and install a fresh copy. The release also no longer triggers Mac OS X’s “accept incoming network connections” firewall dialog, plus adds some exception guards to work around bugs in the Growl SDK. ($30 new, free update, 9.1 MB, release notes) Read/post comments about SpamSieve 2.9.1. **Hazel 3.0.5** -- Noodlesoft has released Hazel 3.0.5 with a profusion of fixes to the file cleanup utility. The update reintroduces the unintentionally removed “enclosing folder” as a destination for move/copy operations, as well as rewords condition targets to add clarity. It improves support for Growl, now allowing colon usage in Growl message patterns (as well as comments), breaking Growl options out of the pattern interface and into its own popover, and enabling you to format Growl patterns like other patterns. The release also fixes an issue where Hazel didn’t trigger certain rules, primarily those that were dependent on folder size or sub-item count. Noodlesoft notes that you may find some rules “re-firing” after the upgrade due to changes in rules formatting and the internal database, but this should occur only once. ($25 new, $10 upgrade, 5.0 MB, release notes) Read/post comments about Hazel 3.0.5. ExtraBITS for 7 May 2012 ------------------------ by TidBITS Staff article link: We have lots of extra bits for you to check out this week, starting with a warning for those who used FileVault in Snow Leopard and then upgraded to Lion, a heads-up about the FBI looking to increase wiretapping capabilities, news of an improvement to the iPad 2, a nicely presented business argument against DRM, a report about Oracle taking over Java updates for Mac OS X, and an amusing parody of Apple’s 1984 ad that Apple itself made for its sales force. **FileVault Passwords Potentially Logged in Plain Text** -- Although details are still appearing, Sophos is reporting that a particular combination of circumstances can result in FileVault passwords being exposed in plain-text log files. The combination is somewhat unlikely — the Mac had to be using FileVault 1 under Mac OS X 10.6 Snow Leopard, be upgraded to 10.7 Lion, and then updated to 10.7.3, all without switching to FileVault 2. Nevertheless, if this applies to you, change that password! Read/post comments **FBI Looking to Expand CALEA to Web Sites** -- Declan McCullagh at CNET is reporting that the FBI is looking to expand CALEA — the Communications Assistance for Law Enforcement Act — to apply to Web sites and services like iCloud, iChat, FaceTime, Twitter, Facebook, Skype, Gmail, and Hotmail. Passed in 1994, CALEA currently requires telecommunications companies to make their systems wiretap-friendly; CALEA was extended to broadband networks in 2004. Technology companies are generally unhappy about such expansions, and Apple is lobbying on the topic now. Mandated backdoors, apart from being generally creepy even when used only with court orders, also pose serious security risks. Read/post comments **Quietly Revised iPad 2 Sports Better Battery Life** -- In April 2012, Apple started shipping a slight variant on the iPad 2 that remains for sale even as the third-generation iPad has become the mainstay of the line. This new version of the iPad 2 — labeled internally as “iPad 2,4” — uses a 32-nanometer version of Apple’s A5 chip that replaces the 45nm version in the previous iPad 2 model. The processing performance is the same, but AnandTech is reporting that the 32nm model has notably better battery life (and a lower manufacturing cost). Alas, there is no way to know if any given iPad 2 uses the new chip without running an app that reports on the internals. Read/post comments **Analyzing the Business Case for DRM** -- In a chapter excerpted from a book on WordPress, Kirk Biglione offers a nice rundown of the costs of DRM, to readers, to publishers, to retailers, and to the world at large. It’s especially apropos, given that 4 May 2012 was the fourth annual “Day Against DRM.” Read/post comments **Oracle Takes Over Java Updates for Mac OS X** -- Ars Technica reports that Oracle, the company that manages the Java development environment, has taken over distribution of Java for Mac OS X 10.7 Lion (older versions are not supported). Since Apple has failed to update Java as quickly as Oracle has in the past, this should mean that Mac users will be protected from future Java vulnerabilities more quickly. Unfortunately, this 1.7.0_04 release of Java does not support the Java Plugin and Java Web Start applications, meaning that Java applets won’t be available to Mac users who install Oracle’s code. Therefore, it’s probably best holding off on Oracle’s version of Java until those pieces are available, or until a new security vulnerability makes it unavoidable. Read/post comments **Apple Made 1984 Parody Ad for Sales Force** -- Apple made an in-house parody ad of its famous “1984” ad called “1944” that has to be seen to be believed. A long-ago Apple employee, Craig Elliott, provided the video to Network World’s Paul McNamara. Steve Jobs does an impression of FDR, among other bizarre moments. It was made to pump up Apple’s sales force, and may not have been seen since 1984. Read/post comments $$ This is TidBITS, a free weekly technology newsletter providing timely news, insightful analysis, and in-depth reviews to the Apple Internet community. Feel free to forward to friends; better still, please ask them to subscribe! Non-profit, non-commercial publications and Web sites may reprint or link to articles if full credit is given. Others please contact us. We do not guarantee accuracy of articles. Caveat lector. Publication, product, and company names may be registered trademarks of their companies. TidBITS ISSN 1090-7017. Copyright 2012 TidBITS: Reuse governed by Creative Commons license. Contact us at: License terms: Full text search: Subscriptions: Account help: