Skip to content
Thoughtful, detailed coverage of everything Apple for 33 years
and the TidBITS Content Network for Apple professionals
Show excerpts


The big news this week is of course the release of Mac OS X 10.6 Snow Leopard, and we have oodles of content about it here and in two Take Control ebooks. Joe Kissell excerpts a bit of his “Take Control of Upgrading to Snow Leopard” to explain what’s new about the Snow Leopard installer, and Matt Neuburg draws on his experience writing “Take Control of Exploring & Customizing Snow Leopard” to run down the major changes in Snow Leopard. Not to be left out, Glenn Fleishman and Jeff Carlson collaborate to bring you even more hidden tweaks in Snow Leopard, and Rich Mogull examines what Snow Leopard brings us from a security standpoint. In other news, Glenn explains why WPA is not broken (despite what you may have read from uninformed sources) and relays more news about NetNewsWire and NewsGator. Notable software releases this week (many of which provide Snow Leopard compatibility) include Things 1.2, WireTap Studio 1.0.12, WireTap Anywhere 1.0.5, Snapz Pro X 2.2.0, Sync’Em 1.40, TextSoap 6.3, Coda 1.5, Open XML File Format Converter for Mac 1.1.1, KeyCue 4.5, DragThing 5.9.4, and TextWrangler 3.0.

Glenn Fleishman 3 comments

NewsGator Pushes Back Date, Sets Price

NewsGator slipped out additional information about the planned shutdown of its synchronization server and the release schedule for NetNewsWire for Mac OS X and iPhone, and for FeedDemon for Windows. Some details were sent via email, while the rest were posted in an FAQ on the company’s site.

NewsGator is turning to Google Reader to provide synchronization services in its updated RSS aggregation software, and the company is eliminating its Web-based service as well as an array of other niche products. (See “NewsGator Switches Users to Google Reader for Sync, Online RSS,” 2009-08-04, for the background.)

Previously, NewsGator had set the end of its sync service at 31-Aug-09. However, release versions of its Mac, iPhone, and Windows newsreaders haven’t yet been finalized. The company expects to have such versions in a few days, and will not shut down sync services until after those versions are available. It expects a shutdown around 10-Sep-09.

The new version of NetNewsWire will include ads, and NewsGator had said that users would be able to pay to remove enticements. The company’s FAQ now says that the initial fee will be $9.95. Ads will reappear in NetNewsWire betas starting 01-Sep-09, at which point customers can pay to remove them. NetNewsWire for iPhone is currently listed as a free application.

I had previously criticized NewsGator on two fronts. First, for announcing an abrupt end to a popular service without having replacement software in hand to aid in a migration. Second, because the firm referred customers to a beta version of NetNewsWire without noting that status; the beta page was far clearer, but the warning should have been in both places.

On the first front, the company is under no obligation to continue its sync service, but unless the cost is unbearable, it seems that offering a few weeks of migration following completed releases of its three continuing newsreading applications would certainly be a way to preserve goodwill, something the company and its developers – and certainly NetNewsWire programmer Brent Simmons – have always had in large supply.

On the second front, the company’s FAQ and migration page now make it much clearer that NetNewsWire is currently in beta testing.

Glenn Fleishman 2 comments

Wi-Fi’s WPA Encryption Is Not Broken (Yet)

The headlines on many tech sites trumpet, “WPA Encryption Broken!” Hardly. A very small area of the Wi-Fi encryption method that’s part of WPA and WPA2 is exploitable under very particular circumstances that don’t reveal your network key or allow data to be intercepted and decrypted.

The problem with the coverage of this latest academic paper (PDF), written by two Japanese researchers at Hiroshima University and Kobe University, is that the work is so darned clever – but also so darned technical – that it’s easy to misinterpret the meaning unless you’ve spent years deep in the wireless mines, hacking out understanding, like yours truly.

What the researchers discovered isn’t a generic way to crack WPA encryption – in fact, they improved on a method that German researchers revealed in November 2008 that allows just short packets of data sent from a base station to a client to be deciphered only if most of the packet’s content was already known.

This exploit works only with TKIP (Temporal Key Integrity Protocol), the only encryption method approved as part of WPA, and the older and deprecated of two methods – the other is AES-CCMP – available in WPA2. (I covered the German research for TidBITS in “A Crack in Wi-Fi Security and How To Fix It,” 2008-11-08; links in that article take you to more technical explanations.)

The German and Japanese approaches don’t reveal the network’s encryption key or passphrase. You cannot use these methods to intercept data and read the contents without having the network’s key. The crack applies only to a single packet at a time, because each packet in TKIP is encrypted with a separate key. (TKIP turns a passphrase you enter into a master key, from which several kinds of keys are used to generate keys that can change regularly.)

This exploit lets an attacker replace and rebroadcast a single packet with address association information – ARP packets that connect IP addresses with Ethernet or Wi-Fi adapters. The German academics had a 12- to 15-minute timeframe for cracking the per-packet key for these sorts of packets.

The new approach from Japan adds a physical interception stage – where an attacker has to operate a Wi-Fi relay between a base station and client – but reduces the attack duration to about a minute. The attack succeeds in cracking the per-packet key about 37 percent of the time, but an attacker can discard bad results without alarming the client’s defenses.

A falsified address association packet could be used to poison DNS, which could lead clients on the network to visit malicious sites or accept invalid security certificates. Other short packets with mostly guessable contents could be used for other nefarious purposes. (For more about such malicious uses, see “Apple Fails to Patch Critical Exploited DNS Flaw,” 2008-07-24.)

Both the old and new versions of this exploit require relatively close physical proximity; the Japanese one needs to have a client far enough away from a base station to accept an attacker’s signal as a connection to the legitimate base station.

That physical requirement makes the utility of this exploit rather small. An attacker would need to develop a particular exploit for a particular network that they could get close enough to, while not being detected. In homes, someone would likely not be able to insert a signal between your base station and your computer. In corporations, additional security measures (physical and network-based) would likely spot this attempt.

The fact is that millions of point-of-sale (cash registers) and other systems are protected by WEP, the original 802.11 encryption system that can now be broken in as little as a few seconds. And by broken, I mean the key extracted and data intercepted. This low-hanging fruit makes it unlikely that anyone will focus on TKIP cracks unless a much broader exploit is found.

TKIP was meant just as a backwards-compatible transition option, and nearly every piece of gear introduced starting in late 2002 – including all Apple products – can use a better alternative: AES-CCMP. This method, often incorrectly and generically called WPA2, was designed to avoid WEP problems, whereas TKIP was an overlay that replaced WEP on older gear that lacked the processing power or flexibility to be upgraded to AES-CCMP. (AES-CCMP stands for Advanced Encryption Standard Counter Mode with CBC-MAC (Cipher Block Chaining Message Authentication Code) Protocol, in case you wanted to know. Didn’t think so.)

(You can avoid all TKIP weaknesses by switching to AES-CCMP. I provide detailed instructions for making this change in “A Crack in Wi-Fi Security and How To Fix It,” referenced above.)

I know that it’s eye-grabbing and click-worthy to write headlines that suggest some major security element is broken. And there certainly are days in which some ordinary Internet component we all rely on turns out to have a fatal flaw – like DNS last year. However, Wi-Fi’s current encryption system remains a reasonable choice.

TKIP should have already been on its way out as a safe way to protect your network from interception; this latest research just moves TKIP even further away from being a reasonable choice.

Matt Neuburg 17 comments

What’s New in Snow Leopard

In order to write “Take Control of Exploring & Customizing Snow Leopard,” I’ve had to live fairly intimately with Snow Leopard, and naturally I’m brimming with impressions of what’s new, what’s not, and what it all means.

Snow Leopard’s very name, and its low upgrade price (urged and predicted with startling accuracy by TidBITS Swami-in-Chief Adam Engst in “Why Snow Leopard Should Be (Almost) Free,” 2009-04-21), suggest that its primary purpose is to enhance Leopard with bug fixes and tweaks. What you should expect, then, isn’t a startling “whizzy” release, but a better Leopard. On the whole, a better Leopard is exactly what you get. Take Control Editor-in-Chief Tonya Engst commented while editing my book that Snow Leopard felt “familiar but faster.” That’s extremely apt.

For me, one reason why Snow Leopard feels so familiar is that my pet peeves were not addressed. (See my “Six Things I Hate About Leopard” (2007-10-26), as modified by “Leopard 10.5.2: TidBITS Complains, Apple Listens, Sort Of,” 2008-02-12.) Translucent menus, the floating online Help window, the shiny Dock, the annoying Stacks behavior, the tiny Finder sidebar type size, the indistinguishable dull grey special-folder icons – they’re all still with us.

So much for my jealousy that Apple appears to do what Adam suggests but not what I suggest! (What is his secret, I wonder?) Let’s look at what has changed in Snow Leopard.

A Lot of the Good Is under the Hood — Snow Leopard feels speedier than Leopard, and some things (such as Spotlight searches) feel a lot speedier. It’s hard to know exactly why (and of course some of it could be due to my running a very clean system; new systems are always faster). Macworld Lab has been gauging Snow Leopard speed boosts with 16 speed tests of real-world tasks. They found speed improvements with half the tests, but little change with the other half.

To most users the technical reasons behind any speed increases won’t matter. The term “64-bit” has been much bandied about, but I’m skeptical of assigning too much credit to applications running in 64-bit mode. Bitness is really a developer-level feature; along with Grand Central Dispatch and OpenCL, it will probably matter more on future machines and in future software.

(Grand Central Dispatch makes it easier to write applications that take deliberate advantage of multi-core CPUs. OpenCL helps developers harness the processing power of modern graphics chips.)

The Finder has at long last been rewritten in Cocoa, and is a 64-bit application, but on the whole this won’t register with users beyond possible performance improvements. It still looks and behaves as it did in Leopard. (I was hoping Apple might incorporate some of the enhancements demonstrated by Path Finder; see “Path Finder 5 Beats the Finder’s Pants Off,” 2009-06-29).

Snow News Is Good News — Another thing you won’t see, by and large, is older applications not working. Backward compatibility is always a worry, but in general the news here is good.

Of course there will be exceptions, and one can’t prove a negative; but during the writing of my book I used a lot of applications and preference panes that predate Snow Leopard, and they all ran just fine. In fact, I’ve deliberately tested Snow Leopard against some of the oldest, most worrisome software I use (including a system extension for my Tascam USB sound device), and it all works as it did in Leopard. You may be able to find Snow Leopard compatibility information about your third-party applications on Macworld’s Snow Leopard Compatibility page.

If there’s going to be trouble, it’s more likely to strike from within Apple’s own repertory of upgraded applications. Apple had a kind of user mandate for Snow Leopard to fix bugs and make the interface clearer and cleaner, and where it has stuck to that strategy the results have generally been good. It is when Apple has varied from its mandate that the results feel premature and ill-advised.

My chief example is Preview, which has several new bugs that we noticed particularly because it’s the primary medium for Take Control readers. We’ll cover these elsewhere, but basically, Apple tried to play some cute games under the hood with “intelligent” URL recognition and “intelligent” copying, only it wasn’t so intelligent after all. Oh, and Preview now shows a PDF’s table of contents in the sidebar at a type size that is vanishingly tiny; perhaps Apple needs some older interface designers without such good vision.

Of course, it’s entirely likely that you’ll run into some older piece of software that doesn’t work properly in Snow Leopard, but developers are pushing out new releases as quickly as they can (they had no more advance notice of Snow Leopard’s early release date than the rest of us). So, if something doesn’t work, check for an update.

We Three Things — The changes you will see can be placed in two categories: a few large architectural changes, and a whole bunch of tiny tweaks. Let’s start with the former. There are three.

First, the new QuickTime Player, although acquiring some useful new capabilities such as recording screen activity, saves only in a few fixed formats and (aside from rudimentary trimming) can’t edit movies at all. (And the interface for playing movies, without the traditional “controller” below the movie frame, is atrocious.) QuickTime Pro still exists, and its subscribers can keep using the older version of QuickTime Player, which is an optional install. So now there’s a split three ways: the new QuickTime Player, the old QuickTime Player, and the old QuickTime Player with QuickTime Pro. This is not what I was hoping for; I’d heard a rumor that QuickTime Pro would be abandoned, so I thought we’d finally all be on one level
playing field.

The second large architectural change is in the handling of services. Services let one application supply its powers to another; for example, a Grab service helps TextEdit paste a screenshot into a document. Most users either don’t know that Services exist, because they’re in an obscure hierarchical menu (ApplicationName > Services), or they mostly don’t use them because there are so many of them, some with keyboard shortcuts (possibly conflicting, usually forgettable).

In Snow Leopard, there won’t be so many Services menu items at once, because only services appropriate to the current context will appear. And in addition to the hierarchical menu, services will be discoverable as custom contextual menu items – Control-click in a TextEdit document to access the Grab service, for instance.

The downside of Services appearing as contextual menu items is that the existing form of custom contextual menu plug-in – such as Nudge or Symbolic Linker, or anything else that lived in your ~/Library/Contextual Menu Items folder – won’t work in Snow Leopard.

In addition, the revamped Keyboard preference pane lets you manage services for the first time ever. You can enable and disable them, and even change their keyboard shortcuts. Previously, this required trickery from an independent utility, like Service Scrubber (see “Service Scrubber Cleans Services Menu,” 2008-06-06). Unfortunately, Apple’s interface doesn’t tell you which application supplies each service, as does Service Scrubber, so you might find yourself wondering what certain services actually do.

Third and finally, there’s Expose, which is brilliantly redone. Windows are more neatly arranged, and labelled (though not, alas, with the owning application’s name). Minimized windows are shown, and (in Application Windows mode) windows in other spaces.

There are new, easier ways to enter Application Windows mode – click-and-hold on a Dock icon, for example (though this may confuse users initially). With these and many other improvements I detail in my book, Expose actually helps you find a desired window. The proof: previously I never used it, but in Snow Leopard I use it all the time.

All Features Great and Small — In listing some of my favorite smaller Snow Leopard changes, let me remind you: sometimes small is the new big. It isn’t just that lots of small things can sum to a big one; it’s that a tiny tweak that takes only a few words to say can make in practice all the difference between frustration and happiness.

  • Snow Leopard’s text engine now implements things like smart quotes, smart copy-and-paste, and data detectors, along with user-configurable text substitutions – like a built-in version of Typinator, TextExpander, or TypeIt4Me (see “You Type, It Typinates,” 2005-06-27) – and spelling corrected as you type. These are available system-wide, but an existing application might need recompiling to access them. (The independent typing utilities, which work in all applications and have additional features
    and built-in word lists, will thus remain useful, especially if users want to go beyond Snow Leopard’s capabilities.)
  • Similar to the Command-Tab application switcher, there’s now a keyboard layout switcher. For those of us who switch keyboard layouts (like me, when I’m alternating between typing English and Ancient Greek), this is way better than the Input menu.
  • The date can be shown in the menu bar.
  • In Time Machine, the previously obscure Action menu commands for pruning backups (I wrote about them in “Prune Your Time Machine Backups Selectively,” 2008-05-01) now appear as contextual menus.
  • In the Finder’s Icon view, the icons can page through a multi-page PDF or play a sound or movie file, without opening a Quick Look or preview pane.
  • The Finder Spotlight search window is configurable; your choice of view and customizations of that view (such as what columns appear in List view) are remembered the next time you search.
  • Open and Save dialogs in List view are configurable: you can add and rearrange columns – and sort on them, of course. (To me, this is huge.)

There are lots more tiny changes, many of which I mention in the book, and others of which we’re discovering as we go (see “More Hidden Refinements in Snow Leopard,” 2009-08-27). From rewritten checkbox text to cool new preference tweaks, it all goes to make Snow Leopard a more pleasant experience.

Conclusions — A couple of days ago, TidBITS Managing Editor Jeff Carlson mentioned in passing that he had already installed Snow Leopard as the working system on his primary computer (a somewhat aged MacBook Pro). It wasn’t even officially out yet, and Jeff was living in a Snow Leopard world. It’s a measure of Snow Leopard’s solid, reliable feel that I wasn’t surprised at all.

The litmus test for Snow Leopard, indeed, is whether you’ll install it and make it your primary system. In my case, the answer is clear: You bet! Snow Leopard really is a better Leopard, and that’s just what I wanted. And I don’t think Jeff and I are the only ones. I confidently predict that there’s going to be a whole lot of upgrading going on.

Joe Kissell 8 comments

Examining Snow Leopard Installer Changes

[This is an excerpt from Joe Kissell’s “Take Control of Upgrading to Snow Leopard,” now available to help you prepare for your Snow Leopard installation.]

With each major release of Mac OS X, Apple makes improvements and changes to the installer. Usually these are relatively minor and self-explanatory, but the Snow Leopard installer is different in profound ways that may significantly change your approach to upgrading. Even if you’re intimately familiar with the process for installing Leopard, you should be aware of the ways in which Snow Leopard differs. And, if you’re not familiar with the Leopard installer, you should still read this article to get an idea of what to expect.

Single Installation Method — The biggest news about the Snow Leopard installer, which some may find utterly shocking, is that it does away with both the Erase and Install installation method and the Archive and Install method. This change does make the installer much simpler and more user-friendly, but it also removes capabilities that many people once relied on to avoid or solve upgrading problems – and it means the advice I provide in “Take Control of Upgrading to Snow Leopard” is significantly different from what I offered in the past.

It’s still possible to perform what amounts to an Erase and Install upgrade; it’s just not a feature built into the installer itself. (An Erase and Install upgrade is one where you give yourself a fresh start by erasing your disk before installing a new version of the operating system.)

As for Archive and Install, some of its capabilities have found their way into the default automatic upgrade process (though without leaving all the clutter on your disk that Archive and Install did). In addition, the automatic upgrade is now much smarter than in previous versions of Mac OS X about avoiding incompatibilities, so I feel more comfortable recommending it for most people.

Even more interesting, the Snow Leopard installer benefits from changes to Snow Leopard itself, in that the operating system can now download and install several software components on demand – if and when they’re needed. That means some of the decisions you make while running the installer are less crucial than they would have been under Leopard: if you leave out something you later need, Snow Leopard can most likely fetch and install it for you on the fly.

Printer Drivers — One prominent example of on-demand installation is printer drivers. In the past, the default option was to install a whole boatload of printer drivers, though you could deselect one or more brands of printer that you didn’t expect to use.

Now, by default, the installer copies to your disk only the drivers for printers you’ve previously used and those it can see attached to your computer or on your local network, plus drivers for a modest selection of popular printers. (This change is the biggest reason Snow Leopard uses less disk space than Leopard, although the actual space savings depends on how many printer drivers you had installed previously.)

If you later encounter a new printer, Mac OS X downloads and installs the correct driver as needed. You can, of course, change this behavior if it’s not to your liking.

Rosetta — Rosetta, the software Mac OS X uses to run older, PowerPC-native programs on Intel-based Macs, is now an optional install – and is deselected by default. I was put off by this decision at first, because I know there are still plenty of applications out there that haven’t been updated to run natively on Intel processors.

But this turns out to be a trivial matter because, as with printer drivers, Snow Leopard can automatically download and install Rosetta later if the need arises. You don’t even need to have your Snow Leopard installer DVD handy.

QuickTime — Changes to QuickTime are sure to be among the most heavily discussed and debated developments in Snow Leopard:

  • First the good news: QuickTime X, the new version of QuickTime that comes with Snow Leopard, has greatly improved performance, and the new QuickTime Player application is slick, beautiful, and unobtrusive. It even gains some capabilities once reserved for owners of QuickTime Pro, a $29.99 purchase.
  • Now the bad news: QuickTime X actually loses some features offered by QuickTime 7 in Leopard. For example, QuickTime Player X can no longer play Quartz Composer (.qtz) files nor display QuickTime VR’s interactive, panoramic images. What’s more, there’s currently no Pro version of the new QuickTime Player, so if you purchased a license and rely on QuickTime Pro capabilities (such as detailed control over encoding options), your path forward may be unclear.

Luckily, Apple offers a workaround for these QuickTime 7 compatibility problems. You can optionally install QuickTime Player 7 (which does support the older media formats) alongside QuickTime X, and if you have a QuickTime Pro license, it applies to QuickTime Player 7 running under Snow Leopard as well. So you don’t exactly lose any features, but you have to use QuickTime Player 7 to get them.

By the way, as with printer drivers and Rosetta, QuickTime Player 7 is available via install-on-demand. If you leave it deselected during your upgrade to Snow Leopard and later try to play QuickTime content that’s no longer supported, Mac OS X offers to download and install QuickTime Player 7 on the spot.

Safe Install — Suppose you’re halfway through an upgrade and something goes terribly wrong – you have a power outage, your cat knocks the FireWire cable out of your external drive, or for some other reason your disk (or your entire Mac) goes offline.

Previously, you might have worried that your disk is in an indeterminate and possibly irreparable state, but that’s not a problem with the Snow Leopard installer. Once your Mac is up and running again, you can simply restart from the installer DVD, reselect your destination volume and any options you prefer, and the upgrade picks up right where it left off as if nothing ever happened.

Laying Down the Law — Apple has long discouraged programmers from certain practices that could potentially lead to crashes, destabilize Mac OS X, or introduce security risks. You know the kinds of things I’m talking about: input managers, menu extras, application enhancers (“haxies”), and other sorts of software that messes with Mac OS X in some undocumented or unauthorized way. And in the past, the company has made half-hearted efforts to enforce these rules, although circumventing them was usually pretty easy.

Well, in Snow Leopard, Apple is considerably more aggressive about disallowing software that doesn’t play by the rules. Some of the doohickeys you’ve installed to tweak the behavior of Mac OS X in one way or another may be suddenly unavailable. Your menu bar will have fewer icons, some Mail plug-ins won’t work, Safari add-ons that depend on input managers will cease functioning, and more.

Some of these changes can still be worked around with a click here or a Terminal command there; others will require software developers to create new versions of their programs that abide by Apple’s guidelines, which may mean different user interfaces and in some cases fewer features.

I don’t mean to scare you – I know for certain that the developers of many nonstandard add-ons I depend on daily are hard at work creating new versions of their products that will work just fine in Snow Leopard. I suspect that for the first few weeks or so after Snow Leopard’s release, there will be a lot of frustrated power users. I provide more advice on dealing with software that no longer works in “Take Control of Upgrading to Snow Leopard.”

Other Changes — And that’s not all! Other Snow Leopard installer changes include these:

  • The installer no longer restarts your Mac at the beginning of the installation process. (It does restart midway, however.)
  • The Snow Leopard Install DVD contains Boot Camp 3.0, including updated Windows drivers (but not support for Windows 7).
  • And, of course, the installer, like the rest of Snow Leopard, runs only on Intel-based Macs, which (whatever you may think of that change) narrows the range of choices you must make during installation.

From One Cat to Another — You can buy the Snow Leopard upgrade for $29 (for a single user) or $49 (for a five-user Snow Leopard Family Pack). The discounted prices at Amazon via these links are actually $25 and $44, and TidBITS gets a few extra pennies if you order Snow Leopard this way, though we hear Amazon will ship these products only within the United States.

According to Apple, these prices apply only for users who already have Leopard installed; for those still running Tiger, Apple would like you to obtain Snow Leopard as part of the Mac Box Set, which also includes iLife ’09 and iWork ’09 ($169 for a single user, or $229 for a five-user Mac Box Set Family Pack; the discounted Amazon prices are $150 and $200).

That said, I am unaware of any functional differences between the two DVDs; there should be no technological barrier that would prevent someone from installing the less-expensive “upgrade” version of Snow Leopard on a Mac running Tiger (or, indeed, on a completely blank hard disk). But to do so would violate Apple’s license agreement, which states:

"If you have purchased an Upgrade for Mac OS X Leopard license, then subject to the terms and conditions of this License, you are granted a limited non-exclusive license to install, use and run one (1) copy of the Apple Software on a single Apple-branded computer as long as that computer has a properly licensed copy of Mac OS X Leopard already installed on it."

Jeff Carlson Glenn Fleishman 32 comments

More Hidden Refinements in Snow Leopard

Mac OS X 10.6 Snow Leopard doesn’t feature many major new features (see “What’s New in Snow Leopard,” 2009-08-27), but it does incorporate hundreds of tiny changes that can affect how you use your Mac on a daily basis. Here, we note some refinements that we feel are noteworthy beyond what Matt already covered.

Time for Password — A subtle change in the Security preference pane can affect laptop users. The first option under the General preferences now lets you set an amount of time before the Mac requires a password after going to sleep or engaging the screen saver. In Leopard, the option was simply to require the password or not. Choose among several increments between 5 seconds and 4 hours. [JLC]

Smart Eject — Two of the most irritating long-term problems in Mac OS X have finally been eradicated in Snow Leopard: knowing when the system has ejected a hard drive, thumb drive, disk image, or network drive; and knowing why it sometimes refuses to eject a disk.

Snow Leopard adds a visual cue to let you know an eject is in process: it dims the disk’s icon. This lets you know that something is happening. When ejection is complete, the disk icon disappears from the Desktop.

If Snow Leopard cannot eject the disk because an application or process is accessing or has open a document on the mounted volume, it displays a dialog that tells you which program or system component is in use. Previously, you’d have to use the lsof command via Terminal and learn to understand the results.

And even better, a Force Eject button lets you override Mac OS X when you believe it’s in error or you really need that disk off the Desktop. (Warning! Ejecting disks that are truly in use can corrupt open documents.) [GF]

Bigger iChat Theater — We’ve always liked iChat Theater, a way to push a presentation, pictures, or other Quick Look-supported media to a remote party – we use this for presentations with user groups, among other purposes. In Snow Leopard, Apple says you can now push iChat Theater – and any iChat video – at up to 640 by 480 pixels while using as little as 300 Kbps upstream, about a third of the previous requirement for a lower resolution.

Jeff Carlson shared a PDF with me via iChat Theater, and the text was clearly readable. Pages instantly refreshed as he flipped through the PDF on his end. [GF]

Location via Wi-Fi — Apple can now set your time zone via Wi-Fi, most likely using the Skyhook Wireless positioning system that’s also part of the iPhone OS. Bring up the Date & Time preference pane, click the Time Zone view, and check the Set Time Zone Automatically box.

A progress spinner shows up while Snow Leopard sends information off about Wi-Fi signals in your vicinity and receives data back. I’ve seen this both fail and succeed, but usually Mac OS X quickly tells me I’m in Seattle (whew). [GF]

Wake on Demand — Putting your Mac to sleep saves power, but it also disrupts using your Mac as a file server, among other purposes. Wake on Demand in Snow Leopard works in conjunction with an Apple base station to continue announcing Bonjour services that the sleeping computer offers.

The requirements are complex. You must have firmware release 7.4.2 installed on either an AirPort Extreme Base Station or Time Capsule. If WPA or WPA2 encryption is turned on, the base station can’t be in bridge mode. Only newer computers – every 2009 model and at least several 2008 models – can be woken over Wi-Fi; all Macs can be woken via Ethernet. Apple provides more details in a support note, and our Glenn Fleishman wrote a long article with the ins and outs for Macworld.

You toggle this feature in the Energy Saver preference pane. It’s labeled Wake on Network Access for computers that can be roused either via Wi-Fi or Ethernet; Wake on Ethernet Network Access or Wake on AirPort Network Access for wired or wireless only machines, respectively. Uncheck the box to disable this feature. [JLC]

Expose Shortcuts — As one of the few feature changes in Snow Leopard, you’ve probably seen how Expose now works from the Dock, arranges windows in an easier-to-read layout, and enables you to move content between applications. Here are a few shortcuts that will make Expose even more useful:

  • With all windows visible (press F9 or the Expose key [F3] on recent Mac laptops), press Command-1 to arrange the windows by name.
  • Also with all windows visible, press Command-2 to arrange them by application.
  • Press the Tab key to view all windows belonging to one application (equivalent to pressing F10 or Control-F3 on recent laptops). Press Tab again to switch between applications while remaining in Expose. You can also click an icon in the dock.
  • Hover your mouse pointer over a window and press the spacebar to view a larger Quick Look version of that window. [JLC]

iCal’s New Inspector — Admittedly, this new feature feels more like a workaround hack than a solution, but we’ll take it. The Leopard version of iCal made editing events more difficult than in the Tiger version. To view details about an event, for example, you must double-click the event to reveal only some information in a pop-up box; you then need to click the Edit button (or know to press Command-E) to edit an item’s information. In contrast, iCal in Tiger provided an optional drawer to reveal and edit those details. In Snow Leopard, choose Edit > Show Inspector (or press Command-Option-I) to bring up a floating Inspector that provides an editable view of any items selected in your calendar.

Screenshots Named Better — Gone are the inscrutable “Picture 1” files on your Desktop. Snow Leopard instead names screenshots taken with the built-in screenshot feature along these lines: “Screen shot 2009-08-31 at 12.57.39 PM.” Wordy, but it gives you a slightly better sense of what might be inside. [GF]

240 Pages of Snow Leopard Details — Available the day that Snow Leopard was released, Jeff Carlson’s latest book, “The Mac OS X 10.6 Snow Leopard Pocket Guide,” includes details like these as well as a great overview of Mac OS X, all in just 240 pages of clear text and screenshots. The book retails for $14.99, and is available in bookstores and at (currently discounted to just $10.19). (A downloadable excerpt should be available from by the time you read this.)

Tip of the Iceberg — As we mentioned above, these changes are merely the hidden refinements that jumped out at us right away and demanded to be trumpeted to our readers. To learn more about other tweaky changes straight from the cat’s mouth (some of which are useful; others of which are merely marketing points), check out Apple’s Snow Leopard Enhancements and Refinements page. We’ll be keeping an eye out for additional refinements in the coming weeks – stay tuned!

Rich Mogull 14 comments

Peering Inside Snow Leopard Security

From the beginning, Apple made it clear that Mac OS X 10.6 Snow Leopard was focused on improving the performance of the operating system and providing developers with new tools for harnessing the power of modern hardware and multiprocessor systems. The included security-related changes are no different, and for the most part are completely invisible to the user.

These changes provide new tools to assist programmers in producing more secure applications and harden the core operating system, which will result in a safer computing experience for most Mac users.

Despite these improvements, Apple missed a major opportunity to include a key operating system feature that could nearly wipe out a entire category of attack.

Securing Memory and the Power of 64-Bit Security — The changes I describe here are fairly subtle and technical, so those of you who don’t care about things like stack versus heap memory might want to skip to the next section.

The most significant single improvement is that the operating system has now been compiled with stack memory protection by default. Essentially, this places what’s known as “canaries” in stack memory: fixed values in fixed locations that are pushed around if an attacker uses a buffer overflow attack, enabling the operating system or program to detect attacks.

(Buffer overflows happen when input values to a program – something as simple as a URL entered in the location field of a browser – is larger than expected. The data that overflows can be used to crash software or a system, or gain privileged access.)

Stack memory protection makes an entire class of buffer overflow attacks much more difficult to exploit, even when a software vulnerability is present. Developers will need to enable it for their own applications, but by default, Apple uses this feature everywhere it can to limit attacks.

A second overarching improvement is the migration to 64-bit applications and components throughout Snow Leopard. While Apple touts 64-bit support largely for its speed boosts and to enable memory-hungry applications to address more memory, the Intel CPU architecture offers substantial hardware security capabilities that generally aren’t available in 32-bit environments.

While Snow Leopard includes both 32-bit and 64-bit kernels, it’s possible for a 64-bit capable Mac to boot with the 64-bit kernel only under Mac OS X Server 10.6 – Snow Leopard Server. When running Snow Leopard Server, the 2008 and 2009 Xserves and Mac Pros boot the 64-bit kernel by default; the 2008 and 2009 iMacs are capable of booting the 64-bit kernel in Snow Leopard Server, but must be placed in that mode by holding down the 6 and 4 keys at startup. Apple posted a Knowledge Base article with details about accessing the 64-bit kernel in Snow Leopard Server, but it has offered nothing yet for the regular version of Snow Leopard.

Wherever possible, Apple appears to try to use new security technologies for Snow Leopard on 32-bit systems, but most of the real security advantages are possible only when running 64-bit software on 64-bit hardware.

One of the key areas in which this prevents trouble is in the heap memory, where Apple uses a combination of technologies: one leverages 64-bit hardware, while the others are software enhancements. (The heap is a pool of free memory that applications can dynamically use on a temporary basis, as opposed to the more-structured and static stack memory.)

When programming an application, heap memory locations that should only accept data can be marked as non-executable, and this will be enforced by a 64-bit processor (similar hardware protection has been used since Mac OS X 10.4 Tiger for stack memory on 32-bit processors). This, again, increases the difficulty of heap-based memory exploits, which are a common form of attack.

Apple further hardened the heap through use of stronger heap checksums to detect when someone has tried to modify a portion of memory. Combined with a related feature that terminates processes if it detects double null bytes where they shouldn’t be, this approach doesn’t eliminate all heap based memory attacks, but makes the life of the attacker much more difficult.

A final advantage of the move to 64-bit code is that applications now move data around more securely, skipping the stack completely. Function arguments are passed via registers, which, again, complicates the life of an attacker trying to attack your Mac using memory corruption techniques.

Sandboxing and Safari Enhancements — Sandboxing is the process of restricting what kinds of activities an application can perform. For example, you can sandbox an application so it can read files, but not write them, or restrict it from accessing the network. It’s a great way to limit the damage if an attacker is able to exploit an application on your Mac, since they’ll be stuck in the sandbox.

Apple provides sandboxing services that any developer can use, and has slowly been increasing the number of Apple applications that implement sandboxing through software updates. Apple continued this trend with Snow Leopard, sandboxing a number of new applications and features. One example is the x264 codec for handling H.264 video, which will make it harder for attackers to build malicious video files designed to corrupt your video player and allow them to exploit your Mac (a not-uncommon attack vector).

There’s been discussion over increased sandboxing in Safari, but that’s not quite how Apple improved browser security and stability. Instead of trying to sandbox browser plug-ins within Safari, Snow Leopard now runs them as separate processes. That way if a plug-in crashes, it doesn’t crash your entire browser. (In fact, Apple told us that browser plug-ins are the number one cause of crashes in Mac OS X, so making them independent processes should increase general reliability as well.)

Running browser plug-ins as separate processes improves security more than just increasing sandboxing, because Safari includes support for a legacy requirement that allows the use of a somewhat less-secure version of a common programming function called malloc that’s important for memory management. These plug-ins now run using the more-secure version of malloc used by the rest of Snow Leopard. By separating plug-ins into separate processes, developers potentially have more opportunities to add sandboxing to their plug-ins.

Some WebKit-based plug-ins still run within the main Safari process, but most of the major plug-ins have migrated to this new architecture, improving security and stability.

A New Firewall Setting — With Leopard, Apple introduced a new firewall capable of restricting inbound access to specific applications, not just network ports and protocols (see “Leopard Firewall Takes One Step Forward, Three Steps Back,” 2007-11-05). In Snow Leopard, Apple implemented a minor default usability change some users will want to disable.

You can find the settings in the Security system preference pane in the Firewall view, which now provides just a Start or Stop button. If you click the Advanced button, the settings are nearly identical to those in Leopard – but with one minor change: a new checkbox allows signed software to receive incoming connections automatically.

This setting allows applications signed by a valid certificate authority – the same authorities that sign Web pages for secure SSL/TLS sessions – to receive incoming connections with no additional steps. Previously, you would have had to add the application or approve a firewall exception when Leopard noted the application trying to set up the incoming connection.

This bypass was likely included to reduce the number of dialog boxes users need to click when installing software from known companies. Don’t worry: even if a program is allowed by default you can still manually change the setting to block access.

Users who want more control over their security should disable this setting, since anyone willing to pay the money can purchase a code signing certificate. Just because a program is signed doesn’t necessarily mean you want it to accept incoming connections.

New Malicious Software Protection — Back in Mac OS X 10.4 Tiger, Apple introduced a new File Quarantine feature. Enhanced again in Leopard, it displays a warning the first time you run any file that was downloaded using common Internet programs like Mail, Safari, and iChat.

In Snow Leopard, File Quarantine now checks these programs to see if they contain certain malicious software, which is sometimes hidden in downloads to trick users into installing it. If the file is infected, you’ll see a new warning that explicitly warns you the file is dangerous.

Right now, according to reports on the Internet, the feature only checks for two known types of malicious software. Apple has stated that additional checks can be added using the normal Software Update approach if needed.

This doesn’t mean that Apple has added antivirus software to your Mac. Using File Quarantine will protect you from running a few specific instances of malware downloaded using standard programs, but won’t catch other malicious files, such as any transferred via USB drive. The feature also won’t necessarily protect you if an attacker exploits your Mac, such as through a Web browser vulnerability, and then uses that toehold to install additional malicious software. And it can’t remove the infection from compromised files.

The initial version offers Apple a great capability to push out protection to users in case a larger infection starts to propagate. (For detailed information on how the enhanced File Quarantine feature works, we recommend Dan Moren’s excellent article at Macworld.

A Missed Opportunity — One major disappointment in the midst of all these security enhancements is that Apple did not improve the Library Randomization feature introduced in Leopard. Also known as ASLR, and found in Windows Vista and Windows 7, it’s a powerful operating system security technology that nearly eliminates the memory-based attacks we’ve spent so much time talking about.

Library Randomization picks different memory locations for key operating system components each time the system starts up. Even if an attacker exploits a vulnerability on your system, it is nearly impossible for them to tie into the operating system and actually do anything malicious (or otherwise) because they can’t rely on where the hook can be found.

Library Randomization in Leopard and Snow Leopard does shift around some important pieces of the operating system, but leaves the memory location of one key component static across all Macs (dyld, the dynamic loader). With dyld in place, an attacker has a roadmap to continue their exploitation and potentially take over your system.

Randomizing the location of dyld is no small task, but Apple had a perfect opportunity to make the change with Snow Leopard, since so many other important parts of the operating system were being updated. Combined with the 64-bit enhancements, it would make memory exploitation of any type extremely difficult and provide years of worry-free Mac computing.

Continually Improving Security — Snow Leopard also includes a few other small changes. Users concerned with privacy can disable location services in the Security preference pane (in the General view, check Disable Location Services). As on the iPhone and iPod touch, location services allow your current coordinates – derived via Wi-Fi signals as well as future GPS hardware – to be used by system components and third-party software. Date & Time, for instance, now uses Wi-Fi signal snapshots to set your time zone automatically.

Apple also increasingly phased out the use of the setuid function in the operating system, which reduces security by running processes under administrative or other user accounts.

It’s important to remember that Apple has gradually been enhancing security, sometimes with major enhancements, through Software Update long before the release of Snow Leopard. Sandboxing, increased stack memory protection, reducing use of setuid, adding anti-phishing to Safari, and a series of other changes have found their way onto our Macs outside of major operating system version updates.

Overall, Snow Leopard is more secure than Leopard, although Mac users on 32-bit processors won’t see all the benefits.

Still, I am extremely disappointed that Apple failed to complete Library Randomization. Microsoft has experienced significant real-world security benefits with their adoption of ASLR, and had Apple taken this step they would have practically eliminated memory-based attacks like buffer overflows.

Although most of the security enhancements in Snow Leopard are hidden deep within the operating system, they should provide practical benefits to all Mac users on 64-bit architectures. While the only true test of security is how effective it is in the real world, on paper it looks like life is now at least a little harder for any potential Mac attackers.

Doug McLean No comments

TidBITS Watchlist: Notable Software Updates for 31-Aug-09

Things 1.2 from Cultured Code is a maintenance update to the Getting Things Done-inspired task manager. Changes include added compatibility with Snow Leopard, a Quick Entry dialog autofill feature, a slew of new keyboard shortcuts, support for Spotlight searches and Quick Look, enhanced performance speeds for recurring maintenance tasks, and new localizations for French, Spanish, and Russian. Full release notes are available via Cultured Code’s Web site. ($49.95 new, free update, 8.0 MB).

WireTap Studio 1.0.12, WireTap Anywhere 1.0.5, and Snapz Pro X 2.2.0 from Ambrosia Software are compatibility updates to the company’s media capture utilities. The updates bring compatibility with Snow Leopard. ($69/$129/$69, 19.6/12.4/11.1 MB)

Sync’Em 1.40 from Derman Enterprises is a minor update to the multi-platform syncing utility. Changes include added compatibility with Snow Leopard, support for recurring/detached Google calendar events, and a number of minor bug fixes related to the display of incorrect status information and information sources. ($49.95 new, free update, 20.3 MB)

TextSoap 6.3 from Unmarked Software is a compatibility update to the text cleaning utility. The update brings support for Snow Leopard and its 64-bit Automator, as well as a new scripting command that enables users to convert clipboard contents to plain text. Additionally, Unmarked Software is offering a discount on the software until 09-Sep-09, bringing the price down from $39.95 to $27.95. ($27.95 new, free update, 5 MB)

Coda 1.6.5 from Panic is a minor maintenance update to the Web site development tool. Most notably, several issues with Snow Leopard, including a crashing bug that occurred when using a source code validator, have been addressed. Also, three other crashing bugs have been fixed including one that occurred when trying to generate site thumbnails with Flash 10 and Safari 4, another that occurred if SVN failed, and one that occurred when using type-to in the file list. Additionally, Coda will now attempt to recover open remote files after a crash. ($99 new, free update, 20 MB)

KeyCue 4.5 from Ergonis Software is the latest version of the keyboard shortcut documentation utility. Changes include the added capability to display QuicKeys shortcuts, compatibility with Snow Leopard, improved handling of unique cases for Java applications, and enhanced flexibility when dealing with special application requirements. The update also fixes a bug that would cause Firefox to crash, a problem that caused KeyCue to lose license information when syncing preferences with MobileMe, and an issue with Thunderbird that caused KeyCue to skip particular menus. (19.99 euros new, free update for purchases made within the last 2 years, 1.1 MB)

DragThing 5.9.4 from TLA Systems is a minor maintenance update to the highly configurable dock utility. The latest version adds compatibility with Snow Leopard, a new Marble dock theme, the capability for docks to disregard Expose, an option to highlight 32-bit applications under Snow Leopard, and a handful of minor bug fixes. DragThing now requires Mac OS X 10.4.11 or later. ($29 new, free upgrade, 7.5 MB)

TextWrangler 3.0 from Bare Bones Software is a significant update to the company’s free text editor, essentially the younger sibling of text-editing powerhouse BBEdit. Changes in TextWrangler 3.0 include a refreshed FTP/SFTP interface, improved FTP performance, new Find and Multi-Search Windows, and an enhanced Find Difference command. Also new is support for Ruby and JavaScript, language keyword support for Objective-C and Objective C++, and improved modules for the Java and Python languages. The full and lengthy list of changes is available on the Bare Bones Web site. (Free, 11.9 MB)

TidBITS Staff No comments

ExtraBITS for 31-Aug-09

Behind the Mac vs. PC Ad Campaigns — We’re familiar with Apple’s and Microsoft’s latest competing ad campaigns, and this New York Times article provides a look at the competition from the advertising standpoint. Especially interesting is the section in the middle about how Apple’s iconic “Think Different” and “Switchers” campaigns came about. (Posted 2009-08-30)

China Unicom Will Sell iPhone — The Chinese carrier will sell a version of the iPhone without Wi-Fi, as previously rumored, the Wall Street Journal reports. China Unicom will apparently pay Apple full price, with no revenue sharing. Estimates put 1.5 million iPhones in use in China currently. (Posted 2009-08-28)

Apple Posts List of Incompatible Software for 10.6 — Apple has posted a KnowledgeBase article that explains which software packages (and versions) the Mac OS X 10.6 Snow Leopard installer places in an Incompatible Software folder. The note also details how Snow Leopard will prevent incompatible software from launching to prevent disappointment. (Posted 2009-08-28)

xkcd’s Tech Support Cheat Sheet — The xkcd Web comic has a hilarious (and all too apt) comic that charts the process experts use to solve computer problems of all flavors. With regard to Adam’s recent “Post-Literate” article, note the importance of “related words” in the flowchart. (Posted 2009-08-25)

Sony Reveals Wireless Touchscreen Book Reader — Sony ended the suspense and said it would release in December a $399 electronic book reader that could download books, magazines, and newspapers over AT&T’s cellular data network, much like Amazon’s Kindle hardware does over Sprint’s network. Sony’s model, The Daily Reader, will have a 7-inch touch-sensitive screen, and will also work with libraries for ebook borrowing. (Posted 2009-08-25)

Jeff Carlson No comments

Hot Topics in TidBITS Talk for 31-Aug-09

Good “Beginning Mac for Seniors” book? Readers suggest Mac how-to books that focus on the basics. (7 messages)

Optical drive replacement — Replacing components such as optical drives can be done inexpensively if you do it yourself. (12 messages)

Crop PDF pages: Preview bug? Alternatives? When Preview crops a PDF only in the printed result, it’s actually a feature (non-destructive editing). (3 messages)

Snow Leopard pricing: Are they kidding? Readers debate the significantly higher price tag for the Mac Box Set compared to the regular update for Snow Leopard. (42 messages)

OS X 10.6 Contains AV Software! Is the improved File Quarantine feature in Snow Leopard the same as running antivirus software? (7 messages)

iLife 09 and iWork 09 in “the box” compared to out of it — Are the versions of iLife and iWork that are included in the Mac Box Set different than their standalone counterparts? We don’t think so. (3 messages)

CS3 not support in Snow Leopard — Although Adobe Creative Suite 3 isn’t supported under Snow Leopard, it still works; Adobe just isn’t offering official development on the discontinued suite. (5 messages)

What is technological literacy? (A public conversation) — Spawned from the previous week’s active discussion about living in a “post-literate” society, this thread tries to define what “technological literacy” is. (15 messages)

Snow Leopard and an External Trackpad? Do any companies still offer external trackpads for Macs, and if so, would they support Apple’s trackpad gestures? (8 messages)

New iMac 24″ — How difficult is it to install a higher-capacity hard drive into an iMac? (3 messages)

PGP incompatible with OSX 10.6 — PGP has announced that none of its products is compatible with Mac OS X 10.6 Snow Leopard. Is the company out of step with the Mac, or is waiting for a final release version the better course of action? (7 messages)

Snow Leopard Text Replacement Strings — Readers try to figure out how to add more items to Snow Leopard’s text-replacement feature without having to enter each one manually. (3 messages)

Text Replacements in OS X Snow Leopard — This is a follow-up thread that offers step-by-step instructions for importing the TidBITS Autocorrect Dictionary into Snow Leopard. (1 message)