Previous Issue | Search TidBITS | TidBITS Home Page | Next Issue
Deception, fraud, and theft form the core of this week's sordid tale of Gadget Software, a Mac shareware developer that apparently stole its products. Also this week, we look at just what sort of devices you can and cannot safely plug into your Mac while it's on, plus cover the releases of Palm's HotSync 2.6.1 for fixing synchronizing under Mac OS 9.0.4, Web Confidential 2.0 with Palm support, and FileMaker's security hole-fixing Web Companion 5.0v4.
Copyright 2000 TidBITS Electronic Publishing. All rights reserved.
Information: <email@example.com> Comments: <firstname.lastname@example.org>
This issue of TidBITS sponsored in part by:
READERS LIKE YOU! You can help support TidBITS via our voluntary
contribution program. Special thanks this week to Kasma Clark,
Irving Alan Sparks, and Stephen Kolek for their support!
An APS Tech tape drive is only as good as its software, which is
why every APS Tech tape drive comes with both Mac AND Windows
versions of Dantz's Retrospect! <http://www.apstech.com/>
WinStar Northwest Nexus. Visit us at <http://www.nwnexus.com/>.
Internet business solutions throughout the Pacific Northwest.
Small Dog Electronics: LaCie 8x/20x CDR Burner with Toast: $189!
PowerMac G4/350 MT 64/10gb/DVD/56K (AGP) refurbished: $1,299!
PowerLogix PowerForce G3 ZIF Upgrade 466 MHz: $289!
For Details: <http://www.smalldog.com/> -- 802/496-7171
Aladdin Systems: STUFFIT DELUXE 5.5 GETS 4 MICE FROM MACWORLD
Read the review at macworld.com and see why StuffIt is still
the best way to send/receive files over the Internet! UPGRADE
NOW AT: <http://www.aladdinsys.com/deluxe/>
YOUR WEB SERVER DESERVES A GOOD HOME! At digital.forest we run
the largest Mac data center in the world featuring a new OC-12
connection to the Net! Since 1994 digital.forest has provided
Internet service to clients worldwide. <http://www.forest.net/>
Customized ON-SITE TRAINING Available! Let MacAcademy come to
your location and train your group. Choose from Hands-On or
Lecture format. Training designed to meet your needs. Visit us
at: <http://www.macacademy.com/tidbits.html> 800/527-1914
HotSync 2.6.1 Fixes Palm Sync Problems -- Palm, Inc. has released HotSync 2.6.1, which solves a Palm handheld synchronization problem introduced by Apple's recent Mac OS 9.0.4 update. Changes in the Mac's USB software caused HotSync operations to time out, especially when using HotSync conduits for AvantGo and Outlook Express; the free HotSync 2.6.1 release fixes these problems. Existing Palm Desktop 2.5 users can install just the HotSync 2.6.1 software, a 1.8 MB download. New users or users of earlier versions of Palm Desktop need to download the free 6.6 MB Palm Desktop 2.6.1 package. This release comes on the heels of Handspring's Palm Desktop 2.6, which appears to be the same software on the surface, though Handspring's release presumably includes additional software for using its USB-only HotSync cradles with the Visor handheld. [JLC]
Web Confidential 2.0 Syncs with Palm Devices -- Alco Blom has released Web Confidential 2.0, a major update to his $20 shareware Macintosh storage and organization utility for sensitive information (see "Web Confidential: Securing Information of All Sorts" in TidBITS-441). Foremost among Web Confidential's new features is support for synchronizing your Web Confidential data with Rene Laterveer's Web Confidential for Palm 1.0, a separate $20 shareware version that runs on Palm OS-based handheld devices and offers the same strong encryption to your sensitive information on the Palm. You can download and try the Palm version for 30 days, but the Web Confidential synchronization conduit is sent only to registered users. Web Confidential 2.0 also adds a few new features, including support for filling in Web forms in Netscape Communicator, a Last Modified attribute on cards, a cross-platform file format (though only unencrypted files are cross-platform at the moment), and minor changes to the program's categories. Web Confidential 2.0 is a free upgrade for registered users and is a 540K download; the Palm version is a 105K download. [ACE]
Web Companion 5.0v4 Plugs FileMaker Holes -- FileMaker Inc. has released Web Companion 5.0v4 to address the substantial Internet security holes in FileMaker Pro 5 and FileMaker Pro 5 Unlimited. (See "FileMaker 5 Internet Security Holes" in TidBITS-529.) Web Companion 5.0v4 honors field-level security settings, preventing miscreants from retrieving the contents of any field in a Web-published database using FileMaker 5's XML publishing capabilities or via email. The update also prevents FileMaker Pro 5 from being used to send anonymous email by disabling some of FileMaker 5's new email capabilities. The update is 573K and is recommended for all users of FileMaker Pro 5 and FileMaker Pro 5 Unlimited who use Web Companion. [GD]
Poll Preview: Paying Your Fair Share -- Matt Deatherage's article this week about Gadget Software's misappropriation of shareware utilities from other developers highlights an unusual case of using software without paying for it. But what about the more common situation of not paying for the shareware programs we all use? Is creating shareware a financially viable business, or do too few people pay for shareware to make it worthwhile? This week's poll question, then, is: "Of the shareware programs you use regularly on your Macintosh, for approximately what percentage have you paid?" Please be truthful when you vote on our home page - our polls are anonymous. [ACE]
by Adam C. Engst <email@example.com>
In last week's quiz, we asked: "Into which of the following ports should you never plug a device while the Macintosh is turned on." Of the over 2,200 responses, 64 percent chose the correct answer, which is SCSI, with 29 percent being fooled by the so-close-it-hurts wrong answer of ADB. A few percent guessed incorrectly at the serial port and Ethernet, but we're pleased very few people guessed at USB and FireWire. Let's look at the answers, along with a few possibilities we kept out of the possible answer set to avoid confusion. Keep in mind that details vary between specific Macintosh models, so check your owner's manual for the final word (Apple makes all old manuals available online, in case you've lost yours). TidBITS Talk also covered additional details of interest.
One brief aside: The question has come up as to whether or not a PowerBook is "turned off" when it's in sleep mode. Apple seems to consider a sleeping PowerBook sufficiently turned off most of the time, but SCSI devices are a notable exception, particularly with older PowerBooks.
SCSI -- You can plug all sorts of things into a Mac, but SCSI is the only quiz answer we offered that we can guarantee is not safe to plug in or unplug while your Mac is running. There is a difference between "safe" and "possible," of course, and we're not denying that it's possible to plug or unplug SCSI devices without powering down. According to Apple, "always turn off the Macintosh and all peripherals before attaching or detaching any cables or devices or changing SCSI ID numbers."
Here are the problems - special thanks for these details goes to Sentient Software's David Shayer, who has developed several disk recovery programs. SCSI connectors weren't designed to prevent pins from touching anything other than the matching pin, so it wouldn't be hard to connect the wrong data lines or cause a short. If you're adding a device to a SCSI chain, it will probably go on the end of the chain, which means you'd have leave the SCSI chain without termination while providing termination to the new last device. Next, every SCSI device must have a unique ID number on the chain from 0 to 7. If two devices are assigned the same ID number, a SCSI ID conflict results and the Mac may refuse to boot or display other problems. However, if the Mac is on and you attached a hard disk that caused a SCSI conflict, it's possible that the Mac OS would write out the master directory block to the wrong device, trashing the correct one and causing data loss. Finally, unlike USB and FireWire, SCSI doesn't automatically load drivers for new devices, though you can get around this using utilities like Robert Polic's free SCSIProbe.
If you're really interested in plugging and unplugging SCSI devices more safely, TidBITS sponsor APS Technologies sells the APS SCSI PowerPlug for precisely this purpose. It provides a switch that electronically isolates the device you're adding or removing from the SCSI bus and interrupts the term power line inside the PowerPlug so termination remains active. Two versions are available, the SCSI PowerPlug II with active termination for use at the end of the SCSI chain, and the SCSI PowerPlug NT without termination for use anywhere in the chain other than the end. Both cost $50 and are available from APS's catalog (call 800/374-5688 or 816/483-6100), though not their Web site.
Further, Apple recommends that you don't turn SCSI devices on or off while other devices in the SCSI chain are running, and some SCSI devices must be powered up before you turn on the Mac. Despite this recommendation, people with SCSI-based scanners, for instance, are used to turning their scanners on only if they plan to use them to preserve the light bulb and reduce power consumption. Damage is unlikely from toggling power to a SCSI device while the Mac is on, though doing so could confuse the Mac and potentially require a restart. Remember that if you want to shut off an external hard disk while the Mac is turned on, it's extremely important to dismount the disk by dragging it to the Trash before cutting power. Otherwise, you risk significant data corruption.
ADB -- Okay, we're sorry: this was our trick answer. Many long-time Macintosh users know ADB devices shouldn't be plugged in or unplugged while the Macintosh is running because you risk blowing out the ADB controller if you cross pins that carry power - and the only official way to fix that is to get an expensive new motherboard. However, although this advice is generally true and certainly bears heeding, it's not always true. Apple's PowerBook G3 Series - one of the last machines to ship with ADB ports - enabled hot-swapping of ADB devices, as noted in the developer documentation linked below. (The manuals that came with those machines also imply swapping ADB devices was not a problem.) Also, some machines like the PowerBook 5300 included circuitry which would protect the PowerBook by shutting down ADB if devices drew too much power.
Despite recommendations against plugging or unplugging ADB, it is something that many people do at least occasionally. If you're in that category, be very careful with the plugs so as not to cross any pins.
Serial -- Serial devices (including LocalTalk networks) can be plugged in or unplugged at any time. However, even though there's no physical danger to your Mac, some software might expect a particular device to be available at all times - such as a fax modem that's set up to receive faxes automatically, or a serial printer shared on a local network. And, of course, if you unplug a LocalTalk network, no services on that network will be available, which might cause the Mac to complain, or running applications to complain or even crash, depending on what you were doing.
The GeoPort serial interface on some Macs has a ninth pin which is powered, and there was some question about whether or not plugging or unplugging a device could damage the Mac or the device. However, Apple notes that if the GeoPort Telecom Adapter starts emitting a clicking noise, you could "unplug the adapter for a few seconds" to resolve the problem, which certainly implies that it's acceptable to plug and unplug that specific GeoPort device.
Ethernet -- All flavors of Ethernet from 10Base-T and 100Base-T to the older thin Ethernet (10Base-2), thick Ethernet (10Base-5), and Apple's proprietary AAUI built-in Ethernet can be safely plugged in or unplugged at any time - although, of course, you will interrupt any services using Ethernet. Also, some old-style Ethernet networks set up in a daisy-chain topology might stop working temporarily, experience noise, or display other problems if you suddenly disconnect machines from them. However, there's no physical danger to the Mac or the network. As with LocalTalk networks, the loss of services on an Ethernet network may confuse or even crash applications on the Mac.
USB -- USB devices are designed to be hot-swappable, both with regard to their connectors and the way USB drivers can load automatically. That's one of the reasons Apple switched to USB from ADB for things like mice and keyboards - and they even brag about it. As with SCSI, if you're disconnecting a USB-based hard disk from your Mac, make sure to dismount it first or risk data corruption.
FireWire -- Like USB, it's safe to connect and disconnect FireWire devices from your Mac at any time - it's one of the features of the technology which Apple promotes aggressively, and both the design of the connector and the way that FireWire drivers can load automatically support this. However, at the risk of sounding like a broken record (now there's an analogy that isn't long for this world), if you want to disconnect a FireWire-based hard disk, make sure to dismount it first.
Audio Input/Output -- Although Apple recommends turning off all equipment when connecting audio input or output devices, there's little danger from plugging in or unplugging audio devices from microphone jacks, audio inputs, or speaker jacks on your Mac. The main thing to remember is to turn down the levels on all equipment before making connections, so you don't inadvertently overdrive or blow out a speaker. It is possible to damage these ports by connecting inappropriate equipment - we know a bassist who blew out audio inputs on a Power Mac 8500 by connecting the ampl output from his 300 watt amp. However, these instances aren't the Macintosh's fault: we're sure most ports don't like to be hooked up to household electrical current either.
Video -- Video is a tricky issue, which is why we didn't include it in the quiz. Although Apple's documentation always recommends connecting monitors and video equipment with the power off, the manuals don't warn of any potential damage (as they do with SCSI, for instance). Some Macs won't boot without a monitor or video adapter connected, and Timbuktu Pro (which is commonly used to control headless Macs) requires that there be at least a video adapter present so the Mac knows what resolution to provide. Plus, although we're not willing to try this, it would seem that unplugging one monitor and plugging in could cause problems if the two operate at different refresh rates or resolutions. It's easier to shut down, and those of us who run headless Macs as servers are accustomed to pressing the Power key, then the Return key to shut the Mac off from the keyboard.
If you want to connect an external monitor to a PowerBook, either shut the PowerBook down or put it to sleep first, or else it won't recognize the presence of the other monitor.
PC Cards -- PC Cards, the credit-card-sized expansion cards generally used with PowerBooks, can be inserted and removed while the Mac is turned on, although the Mac may not be able to recognize the card if the necessary drivers haven't been loaded at startup. To eject a card, drag its desktop icon to the Trash or choose Put Away from the Special menu to eject it gracefully (on some models you may also have to press an eject button on the case).
Backup, Backup, Backup -- We've tried to pass along the recommended approaches to working here, but as we implied with the comment about the difference between "safe" and "possible," even we don't always follow our own advice here. On TidBITS Talk, Alex Hoffman jokingly accused me of being wimpy for recommending that people not hot-swap devices, but the fact is that I hot-swap ADB devices all the time, plus turn SCSI devices on and off while the Mac is turned on. I ignore my own advice in this regard because much of my old hardware has essentially no value, and I back up religiously. Sure, I'd be sad if I blew the motherboard on my SE/30 by fiddling with an ADB connector, but I could restore its entire set of services to another machine within 15 minutes based on the previous night's backup.
So if you want to take the risk of frying some hardware, at least make sure you have a current backup first. You'll still be sorry if you lose a motherboard, but at least your data won't be jeopardy as well.
by Matt Deatherage <firstname.lastname@example.org>
Software development is rarely easy. Programmers face technical challenges, bugs, and tight schedules - on top of thinking of a useful product, bringing it to market quickly at a good price, and distancing that product from its competition. Computer users reserve some of their highest praise for the programmers who negotiate this obstacle course, and every day brings new developers trying to make their mark on the Macintosh.
But if you want the rewards, you must do the work. One of this year's new shareware developers, Gadget Software, turned to outright theft and deception, redistributing existing utilities under its own name with the barest of cosmetic changes. The "company" has come under increasing pressure since MWJ first exposed one of the thefts two weeks ago; now it seems that "Gadget Software" has disappeared into thin air. No matter what, it's a story of piracy, deceit, fraud, and arrogance rarely seen in the Macintosh shareware world.
Faster Follies -- The problems started a few months ago with a $20 utility called Faster from Gadget Software that promised to make your Macintosh up to three times faster. Most experienced Macintosh users should have been instantly skeptical of such an assertion. If there was a simple software trick that would make the computer three times faster than before, you'd think Apple would have built it into the Mac OS or that a major software company would have purchased it .
Software can't make hardware faster. If your iMac has a 266 MHz PowerPC G3 microprocessor in it, software can't change it into a 400 MHz model. The closest option is overclocking, a hardware trick that runs microprocessors faster than their rated speed.
In reality, Faster was far more pathetic. The software didn't involve any acceleration techniques at all - it simply removed the Mac OS's built-in delay routines that keep simple tasks that older Macs could perform sufficiently quickly - like scrolling - usable on today's blindingly fast Macs. Faster 1.x works by patching these routines so there is no delay. Suddenly things look faster - rectangles zoom faster, scrolling is quicker, animations zip right along - but no important tasks are performed any faster.
Stealing Respect -- The only real way for a software product to squeeze more performance out of your hardware (not make it faster, mind you, but more efficient) is to reallocate how the microprocessor spends its available cycles. Ideally, you don't want the computer wasting much, if any time on unimportant tasks when an important task is in progress. This is what utilities like Orchard Software's CPU Doubler and Clarkwood Software's Peek-A-Boo do - they let you override how the Mac OS chooses which program receives the most processor time.
In late April, Gadget Software released Faster 2.0, adding similar features to the otherwise-worthless product. This caught our eye at MWJ, for the interface Gadget "chose" was nearly identical to that of the $79 CPU Doubler. Both products assigned applications "priority" numbers between 1 and 64 with a default of 32. The Faster 2.0 interface also copied CPU Doubler's method of excluding applications, of picking keys that avoid loading the extension at startup, and of turning the whole thing on and off.
So we took a closer look under the hood and were appalled. Faster 2.0 is a direct rip-off of CPU Doubler. Gadget Software just replaced the human interface and copyright notices with its own, and left the actual code intact. The cdev resource still contained the routine names from CPU Doubler, such as InitCPUDoubler and CloseCPUDoubler. And Gadget had no legal right to the code: Orchard Software president Mike Jonas told MWJ, "We have not in any way given Gadget Software permission in any form to use any of our software in their applications."
This is plagiarism of the worst kind.
When Orchard Software informed Gadget that its deception had been noted, Gadget posted on its Web site that it would soon release a version of Faster 2.0 "without the CPU Doubler technology." The site read, "We will tell you the whole story, and prepare to laugh. I hope the author will accept us to publish the stupid joke we played on him." As Gadget posted this, the company also released Faster 2.1, which merely hid the CPU Doubler code better. In Faster 2.1, the main interface is a REALbasic application provided by Gadget Software that makes sure you've paid your shareware fee - that's right, Gadget added code to make sure you paid them for someone else's work. Gadget may have portrayed the plagiarism as a "joke," but as we'll see, the company's own conduct clearly shows that theft of software was the rule, not the exception.
Since MWJ broke the story that Faster 2.0 contains stolen CPU Doubler code, Gadget Software released two new programs. Upon further scrutiny, both are even worse than Faster 2.0 - one is a byte-for-byte copy of pre-existing software, and one is nearly so.
WindowApp 1.0 -- In early May, Gadget released WindowApp 1.0. This freeware utility makes your application menu hierarchical - instead of just an item for each application, WindowApp changes it so that each application's entry has a sub-menu that lists each window open in that application.
Sound familiar? Hiro Yamamoto released his freeware ApplWindows to do the same task in 1993. Over the next four years, ApplWindows evolved into a control panel with modifiable settings, but 1.0 was a simple extension - just like WindowApp 1.0. (ApplWindows is no longer actively maintained, and is unreliable under Mac OS 8.5 and later.)
This is no coincidence. In a letter to MWJ, Hiro Yamamoto confirmed that WindowApp 1.0 is a byte-for-byte copy of ApplWindows 1.0. Gadget Software merely replaced the icon and version resources with their own - Yamamoto's actual code in the INIT resource, as well as the Finder balloon help resource and the FREF resource, are identical to the ApplWindows original.
Yamamoto wrote to Gadget Software and asked them to stop distributing WindowApp and to stop claiming copyright on his work. He shared Gadget's response, which we print here in its entirety: "Hello, We made it. WE MADE IT! Heh heh...Anyway, WindowApp is removed. Also, it was free. Cheers, GS." The company is unapologetic for its outright theft of someone else's work, and insists that they "made it." This could well be true - but they made it out of ApplWindows, and that's simply unacceptable.
Magnet Menu 2.3 -- Just last week, Gadget Software released Magnet Menu 2.3, a $20 utility that opens menus without clicking. The new release promised better compatibility and lots of bug fixes. Unfortunately, so did AutoMenus Pro 3.5.1, a $15 shareware menu utility last revised in 1997 by the seemingly defunct Night Light Software. The list of changes in Magnet Menu 2.3 looks a lot like AutoMenus 3.5.1's release notes, with observations added to make it seem like more bug fixes.
When we took a look, Gadget's chicanery again failed to withstand scrutiny. All the human interface elements are different between the two programs - icons, pictures, some text, some cursors, and dialog boxes. But all other resources are identical, almost byte for byte.
Especially damning are the TEXT resources that provide online help - they are unchanged from AutoMenus Pro, still refer to AutoMenus Pro, and contain the AutoMenus Pro registration telephone numbers and E-mail addresses! Gadget Software was not as good at resource editing and stealing software as they might have thought.
Other Products -- To prove that a given piece of software is plagiarized, we must compare it to the original version. That's difficult with the rest of Gadget Software's products - we suspect they may be "borrowed," but we do not know from where they may be borrowed, so we're left only with suspicions.
SuperSherlock purports to be a faster and more convenient file finding utility than Apple's Sherlock. Ready Software, a company that now allegedly owns the Gadget Software domain name (more on Ready Software below), maintains that the $15 SuperSherlock is a rip-off of a utility called Arriba.
SuperSelect is typical of a kind of utility popular in the late 1980s and early 1990s. It provides keyboard access to buttons in dialog boxes and alert boxes. Gadget's $15 utility includes 1.1 MB REALbasic applications to nag you about registration, but the actual work is done by the 96K "SuperSelect 3 Demo" control panel, which contains only 68K code. It almost defies belief that people who could write a 96K control panel for adding keystrokes to dialog boxes would add 2 MB to its distribution for registration nags.
Loaded 1.6 is a series of three applications, masquerading as extensions, plus another REALbasic application controlling them (just like a REALbasic application controls Faster 2.1 even though the real code is in a separate file). The $20 utility purports to load extensions after startup and defragment RAM, among other functions. It sounds like an old utility we've heard of called INIT Runner, but we haven't been able to locate a copy for comparison. We don't know Loaded's provenance, but the same signs are there: the actual work done by 68K code though the controlling program is a PowerPC-native REALbasic application.
After our discoveries in the past two weeks, anything Gadget Software says is suspect, and this is no exception. We've already seen that Ready Software can't possibly own Faster 2.x, since it contains Orchard Software's code; Orchard Software president Mike Jonas told MWJ on 12-May-00 that discussions with Gadget Software over reparations are now stalled due to Ready Software's apparent assimilation of Gadget. Ready Software may own Faster 1.x or Loaded, but we've also seen that those products can't live up to their billing, and versions 1.x of Faster and Loaded can't possibly work as advertised.
Ted Landau of MacFixIt shared with MWJ a letter he received from the new company on 12-May-00, that answers few questions. In the letter, "John" of Ready Software (no last name, though subsequent correspondence with MacFixIt identifies the sender as John Vollet, in Seillans, France) says that his company actually owns Loaded (which is really called FormulaOne) and Faster (really called Hare). Gadget Software was supposed to be beta-testing the products, says John, and instead stole them and published them on the Web under the Gadget name. John also says that Gadget stole Magnet Menu 2.1 before pirated AutoMenus Pro code was included.
Even if Ready Software did write Faster and Loaded, the programs don't seem useful. Ready says it's as much a victim of Gadget Software as Orchard Software or Night Light Software. But Ready's product line looks a lot like Gadget's did before Gadget got ambitious; Ready Software is in the same small town in France as Gadget Software was, and Ready Software has no Web site (they've written to MWJ through a Hotmail address). Plus, if Gadget Software stole Faster back in March, why did Ready Software only act when Gadget's outright theft of other products was exposed? It's all still quite murky.
We sincerely hope that the end of Gadget Software marks the end of stolen software with removed copyright notices, resource-edited to appear new and original. If Ready Software turns out to be an attempt to perpetuate the same tricks while dumping the tainted Gadget name, they'll be under heavy scrutiny from the Macintosh community. If Ready Software truly is a victim of piracy, they deserve another chance - hopefully marketing utilities that can live up to their advertising. Either way, let's hope the spirit of Gadget is long gone.
[Matt Deatherage is the publisher of MWJ, the Weekly Journal for Serious Macintosh Users, and is busily preparing the reintroduction of the daily MDJ and the monthly MMJ. Next week's issue of MWJ will include thorough coverage live from WWDC 2000. You can learn more about MWJ and check out a free three-issue trial subscription at the URL below.]
Non-profit, non-commercial publications and Web sites may reprint or link to articles if full credit is given. Others please contact us. We do not guarantee accuracy of articles. Caveat lector. Publication, product, and company names may be registered trademarks of their companies. TidBITS ISSN 1090-7017.
Previous Issue | Search TidBITS | TidBITS Home Page | Next Issue