Previous Issue | Search TidBITS | TidBITS Home Page | Next Issue
Recent news stories about stolen laptops filled with unsecured sensitive information spooked Derek Miller into applying an easy solution: he details how to create a secure disk image for your important data. Also in this issue, Brady Johnson uses a QuickerTek transceiver to boost his MacBook Pro wireless reception, Adam tracks down recalcitrant Photoshop files, and we note the releases of Interarchy 8.1, iPhoto 6.0.4, Shake 4.1, FlickrExport 2.0, Aperture 1.1.2, the Pro Application Update 2006-001, and WebCrossing Neighbors.
Copyright 2006 TidBITS: Reuse governed by Creative Commons license
<http://www.tidbits.com/terms/> Contact: <firstname.lastname@example.org>
This issue of TidBITS sponsored in part by:
READERS LIKE YOU! Support TidBITS with a contribution today!
Special thanks this week to Hedrich Michaelsen, Jerry White,
Bert Pepper, and Daniel Wolter for their generous support!
Make friends and influence people by sponsoring TidBITS!
Put your company and products in front of tens of thousands of
savvy, committed Macintosh users who actually buy stuff.
For more information and rates, email <email@example.com>.
SMALL DOG ELECTRONICS: Save on Apple refurbished
MacBook Pros! 2 GHz XP Pro bundle with 100 GB HD,
1 GB RAM, XP PRO installed, Take Control ebook - $2039
Visit: <http://www.smalldog.com/tb> -- 800-511-MACS
FETCH SOFTWORKS: With Fetch 5.1, FTP and SFTP are simpler
than ever. Use it on Mac OS X to upload, download, mirror,
and manage your Web site, eBay images, and data sets.
Download your free trial version! <http://fetchsoftworks.com/>
Web Crossing, Inc: Web Crossing offers integrated collaboration
tools with a broad spectrum of functionality, but did you know
adding discussions, blogs, podcasts, chat, polls, and calendars
is point-click easy? Try a demo! <http://www.webcrossing.com/>
Circus Ponies NoteBook: Never lose anything again. NoteBook
keeps your digital life organized. Take notes, clip content,
share information. Find anything instantly with automatic
index pages. Free 30-day demo! <http://www.circusponies.com/>
Interarchy 8.1 Adds Amazon S3 Support -- Peter Lewis and Stairways Software have released Interarchy 8.1, the latest version of their powerful file transfer software. New features in Interarchy 8.1 include support for Amazon S3 (Amazon Simple Storage Service, which provides storage to anyone for $0.15 per GB per month of storage used and $0.20 per GB of data transferred), the capability for Auto Uploads to upload to multiple remote directories, and a variety of other small fixes and improvements. Version 8.1 is a free upgrade for owners of Interarchy 8 and those who purchased Interarchy 7 after 01-Jan-06; for owners of earlier versions, it's a $20 upgrade, and new copies cost $40. [ACE]
iPhoto 6.0.4 Adds New Themes -- Apple has released iPhoto 6.0.4, an update to the popular photo-management application that fixes... well, nothing, apparently. Instead, the 36.4 MB download available directly or via Software Update adds new themes to the Greeting Card and Postcard features "including invite and thank you card designs for summer parties, weddings, birthdays, etc.," according to Apple. Unfortunately, because Apple stores iPhoto themes within the iPhoto application package (instead of separately, as with iDVD 6 for example), adding new themes means downloading the entire application. Unless Apple has snuck in some other fixes without documenting them, this hardly counts as an essential update (though if you're printing cards, the update is more appealing). [JLC]
Universal Shake 4.1 Drops in Price -- The latest Apple program to be released as a universal binary for native performance on Intel-based Macs is Shake 4.1, Apple's high-end video composition software used in many Hollywood productions. However, the more interesting news is that Apple slashed the price, from $3,000 to $500 (yes, the number of zeroes on those figures is correct). Rather than aiming solely for special-effects houses, the company is positioning Shake as an extension to Final Cut Studio. As Mike Curtis (who has extensive post-production experience) points out at his HD for Indies blog, however, Shake is not the sort of friendly application that average users are likely to pick up quickly; the price cut may indicate that Apple is moving on to Shake's successor, a possibility bolstered by the fact that Apple also announced that it is no longer selling the Apple Maintenance Program for Shake. Current owners of Shake 4 can upgrade to version 4.1 for $50. [JLC]
FlickrExport 2.0 Enables Easy iPhoto Uploading -- Connected Flow has released version 2.0 of FlickrExport, a plug-in for iPhoto 4.0 or later that makes it easy to upload images to the Flickr photo-sharing service. The new version can now add images to existing Flickr photosets and group pools, provides a list of tags that you've previously used to categorize photos, and more. The shareware FlickrExport 2.0 is a universal binary, requires Mac OS X 10.3 or later, and costs 12 euros; it's a 1.4 MB download. [JLC]
Apple Updates Aperture, Pro Applications Frameworks -- The high end of Apple's application line saw bug-fix updates last week. Aperture 1.1.2 "addresses issues related to overall reliability and performance," and is a 13.6 MB download. The more expansive Pro Application Update 2006-001 provides updates to several underlying frameworks that are used by Final Cut Studio (which includes Final Cut Pro 5.1, Motion 2.1, Soundtrack Pro 1.1, DVD Studio Pro 4.1, Compressor 2.1, and Apple Qmaster 2.1), Shake 4.1, and Final Cut Express HD 3.5 (which also includes LiveType 2.1). [JLC]
Web Crossing Neighbors Creates Private Social Networks -- Web Crossing, Inc. last week announced the public availability of WebCrossing Neighbors, a hosted service that businesses and other organizations can use to create customized online social networks for customers, employees, or interested users. WebCrossing Neighbors provides interest groups, personal user spaces, profiles, blogs with comments, discussions, photo and file sharing, access controls, system-wide searching, email services, and more. Each user has a space for personal content and for automatically updated links to new content from friends. Users can also create shared interest groups distributed via a Web-based forum or email, all managed with access lists. The first site using WebCrossing Neighbors is CarSpace from Edmunds.com, which is using it to create a private sandbox for car fans - a rather popular sandbox, to judge from the hundreds or even thousands of posts in some of the discussion groups. Prices for WebCrossing Neighbors start at $200 per month and depend on storage and bandwidth used. [ACE]
by Brady Johnson <firstname.lastname@example.org>
I'm one of those people who considers Internet access to be a basic function of any computer. My laptop is not always near my home network, but the AirPort card is advertised work only with a 150-foot (50m) range, and I often find myself farther from a network than that. So I began the search for ways to boost the range of my new 15-inch MacBook Pro.
I briefly considered the "cantenna," which is an antenna made from a tin can. From what I've read, it can significantly improve wireless reception range (though it's rather directional, and would need to be adjusted constantly to point at the desired network). I will probably build one of these at home just for fun, but as I will mostly be using my MacBook for work, the cantenna looks a bit too funky.
Enter QuickerTek, a small company that specializes in "wireless performance products," according to its Web site. In addition to antennas, it sells transceivers that can boost your Mac's wireless range by a factor of two or better. My first question was, what's the difference between an antenna and a transceiver? The basic difference is this: Antennas are passive devices that concentrate the signal in specific directions, both when sending and receiving. Transceivers are active devices that provide a high-power transmitter and a receiver that amplifies the incoming signal.
QuickerTek makes transceivers for the MacBook Pro, 17-inch iMac, Power Mac G3 and G4, and other models. I called QuickerTek to learn more and asked whether I should buy the transceiver or an antenna. I was connected to a human being without spending endless time on hold or having to navigate a labyrinthine menu system. The fellow I spoke with was very knowledgeable and spoke candidly with me about the pros and cons of their offerings. One thing he stressed was that the MacBook Pro transceiver requires you to open the laptop to attach a lead to the internal AirPort card. QuickerTek can do this for you if you aren't comfortable opening your laptop.
I ordered the MacBook Pro model, the $200 27dBm MacBook Pro Transceiver. Four days later, my heart all a-flutter, I tore open the box. I was delighted to discover that it included all necessary tools, including a real size 0 Phillips screwdriver instead of one of those cheap, handle-less things that come with so many "do it yourself" kits. It also contained a good set of detailed instructions, including readable photos with arrows pointing accurately to the items I would soon be working with. I should add that while the pictures were an invaluable guide, the text was less so. Most of the description was fairly accurate, but some was just plain vague. The pictures were the lifesaver.
Another nice touch was the piece of paper with circles on it, neatly labelled to keep track of each of the seven sets of screws I would be removing. This saved me the trouble of having to find seven bowls and either label them or try to remember which screws went where.
Following the directions, it took me all of about 10 minutes to remove the keyboard cover and expose the guts of the MacBook Pro. I disconnected one of the AirPort leads and replaced it with the lead from the QuickerTek transceiver, then closed up the MacBook Pro. Total elapsed time: under 20 minutes!
A small wire now protrudes from the laptop and connects to another small cable that in turn connects to the transceiver itself, which snaps onto the top of the screen.
The transceiver can take power from either the MacBook Pro's USB port or wall current. I planned to wander around the house with it for a bit and test reception, so I used the USB connector. When I powered up, the little green lights flicked on, and lo! My network's signal strength numbers in iStumbler jumped from a fairly weak (but stable) 14 to a robust 38. In graphic terms, the signal level in Internet Connect went from about half to fully filled, and the AirPort signal icon in the menu bar went from three bars to completely full.
Before installing the transceiver, I could see only our home network. Occasionally, if I wandered way over to one side of the house, I could see a neighbor's network. With the transceiver, I could pull in the neighbor's network from anywhere in the house, as well as three others I had never seen before. Then I took my newly augmented MacBook Pro to work in downtown Seattle, where plenty of wireless networks overlap. Without the transceiver, I could see about 10 networks from my office. With the transceiver I can routinely pull in about 25, with much stronger signals than before.
I would offer only one caution: the two cables running between the transceiver and the AirPort card are slender and probably fragile. A nice metal connector with solid construction joins the cables, and I don't expect that to break. The length of cable from the transceiver is easy to care for, since when I travel I remove the transceiver and stow it securely. But the short length of cable running from the AirPort card and exiting the side of the MacBook Pro can't be removed. It is important to store that securely so that it does not wiggle or pull loose from the AirPort card inside. I have taken to using a piece of tape to secure it to the side of the laptop.
Other than this single, fairly minor storage issue I can recommend the QuickerTek transceiver for anyone needing a more robust wireless signal. It was easy to install (given that I am not afraid to open up my Mac) and works at least as well as advertised.
[Brady Johnson is a Seattle-area Mac user who loves any excuse to open the Mac and poke around.]
by Adam C. Engst <email@example.com>
[Cue film noir music and fade in on a 1950's-style office, the illumination from twin LCDs reflected in the perspiration of a man's brow. When he speaks, his voice is rough with fatigue and frustration.]
On Sunday, everything was working fine. On Monday - I hate Mondays - double-clicking a Photoshop file in the Finder would launch Photoshop, but wouldn't open the file. Dragging the file to Photoshop's Dock icon or Finder icon had equally little effect. But opening files from within Photoshop continued to work properly. Peeved by Photoshop's hesitation to open files from the Finder, I stuffed my iPod in my pocket and set out to investigate.
First I turned to "Ted Landau's Mac OS X Help Line, Tiger Edition", a 1,200-page tome that has answers to most Macintosh troubleshooting problems. The hard part is asking the beefy book the right question. I was lucky. My first query struck paydirt. I knew the Finder relied on Launch Services to connect documents with their applications. Pressed, the fat volume produced the info I needed - the whereabouts of the Launch Services plist and easily corrupted cache file.
I found them, one lounging in my user's Preferences folder, the other hiding out in the shadows of the Library's Cache folder. Neither would divulge the information I was looking for, even after I explained just how unnecessary they were to my continued happiness. So I drove them to the city dump and told them disappear. I knew there would be another plist and cache file ready to take over as soon as I returned to the city. Perhaps I could lean on the new guys.
Unfortunately, the lowlifes who took over Launch Services were clueless. I was back to square one, and the Photoshop documents still weren't opening from the Finder. It was time to hit the streets and talk to my informants. A few days and a lot of beers later, I finally found a mole inside Adobe willing to talk... for a price. A high price. I bought him another beer and described my visit to the city dump. He talked. The problem was a missing person - the Adobe Unit Types file. It belonged in the Library's ScriptingAdditions folder, but it was AWOL.
I slid a few more bucks to my stool pigeon, who told me where to find the pasty-faced Adobe Unit Types file. A case surrounding a panicking Mac OS X 10.4.6 had blown up in my face a few weeks earlier, and I'd had to call in some reinforcements to smooth things over with an Archive & Install. My assistants are normally thorough, but Adobe Unit Types had managed to avoid their sweep and was sitting pretty, drinking whiskey by the pool in the Previous System/Library/ScriptingAdditions folder. I paid him a call, and my suave manner, backed up by the bulge in my jacket pocket, convinced him to return to his post. He wasn't happy about it, but when I next double-clicked a Photoshop file, it opened as it should in Photoshop.
The week was almost over, the mystery was solved, the case was closed, and I could finally get back to editing my graphics.
by Derek K. Miller <firstname.lastname@example.org>
I'm getting tired of reading frequent news stories about laptop computers lost, stolen, or left in the back seats of cabs by company or government employees, supposedly exposing untold thousands of social security numbers, insurance records, or other sensitive, private information to identity thieves and other miscreants. What those news reports usually fail to mention is whether the missing data files were securely encrypted.
Making Your Private Data Useless (Except to You) -- Encryption is a mathematical method of scrambling information - one the United States government once tried to classify as a non-exportable munition - so that it can only be unscrambled with the correct password. The best encryption methods make it essentially impossible to decrypt data without that password, no matter what trickery or brute-force methods are applied.
If your Mac stores files you'd rather keep from prying eyes - and chances are it does contain financial or medical records, credit card information, highly personal email, and so on - it's not hard to encrypt that data to protect it when you're logged out or away from your computer. Without the right password, encrypted data is unintelligible digital garbage, so even if someone were to remove your hard disk or copy all your files elsewhere, your protected information would be useless to them.
Better a Safe than a Vault -- Apple includes a feature built into Mac OS X 10.3 and later, known as FileVault, that encrypts your entire home folder. But most experts agree that FileVault is overkill, because of performance issues, the risk of data loss, backup problems, and other reasons that Adam explained in his recent appearance on the MacNotables podcast:
If Apple's tool won't do, what's the alternative? It turns out you can easily use Disk Utility to create an encrypted disk image that behaves just like - and, importantly, can be backed up just like - a regular Mac folder. You can even set it to open automatically (with a password) whenever you restart or log in to your Mac. Then you can protect only those files you really need to, while leaving your iTunes and iPhoto libraries, browser cache files, and less sensitive documents as they are.
Ten Steps to Scramble Your Stuff -- I've posted a step-by-step screenshot tutorial in the form of a photoset and slideshow on the popular photo sharing site Flickr, if you'd like to follow along:
Figure out which files you want to protect, and consolidate them in a single folder. Subfolders are fine, but you want to make sure not only that you have everything you want to protect in one place, but also that you don't miss anything.
Launch Disk Utility (in your /Applications/Utilities folder) and click the New Image button in the toolbar to create a disk image. (You could also choose Images > New > Image from Folder if you want to avoid the manual copying in step 4 below.)
From the Format pop-up menu, choose the Sparse Image format (which is only as big as the data inside, so it doesn't waste any space); under Encryption, choose AES-128 encryption (the only encrypted option); and choose a maximum size from the Size pop-up menu that makes sense - I chose 4.7 GB, so even if I fill the image up, I can burn it to a single DVD-R.
Name your encrypted disk image in the Save As field and choose a location where it will be stored on the hard disk; I saved mine to ~/Documents/. Click the Create button.
When the Authenticate dialog appears, choose a password. Apple's Password Assistant (press the key button) can help you generate a good password, which is strong, secure, and unguessable, and which you will never, ever forget.
I know those two criteria are a bit contradictory, but anyone who can guess your password will have access to your files; on the other hand, if you forget it, chances are that neither you nor anyone else will be able to decrypt them. (I suggest storing a paper copy of your password in your safety deposit box, in case anything ever happens to you and your family needs to access it.)
I also recommend leaving the Remember Password checkbox unchecked, because if you allow your decryption password in your Keychain, anyone who knows your login or Keychain password, or who gets at your computer while you're logged in, may also be able to access your encrypted files.
Disk Utility saves the disk image where you specified and with the name you gave (MyFiles.sparseimage, for example), and also opens it as a virtual disk (MyFiles) on your Desktop. Copy your files into the virtual disk just as you would into a regular removable drive or folder.
Add the encrypted disk image file to your login items. Choose System Preferences > Accounts and click the Login Items tab. Click the plus sign button, find the .sparseimage file, select it, and click Add (or just drag the file into the Login Items tab). Now, whenever you restart or log in to your account, your Mac will ask you for your decryption password and mount the virtual disk on your Desktop. You can eject the virtual disk to protect the files if you're putting your computer to sleep, or even just stepping away from your desk.
For extra convenience, put an alias to the virtual disk where you used to keep the unencrypted files, so it behaves just like the folder it's replacing. If you give it the same name, other programs that expect the unencrypted folder to be there should still continue to work while the volume is mounted. If your encrypted volume isn't mounted, trying to open the alias will prompt you for your password.
Check that everything works. Eject and try to remount the virtual disk. Log out and back in. Open files in the virtual disk to make sure they work properly.
Once you've confirmed your data is safe, erase the unencrypted originals. Choose Secure Empty Trash from the Finder application menu to make sure they're really gone.
Finally, make sure you have a backup strategy that includes regularly copying the encrypted disk image to other media, some of which are stored offsite.
Not for the Truly Paranoid -- This system isn't perfect. Paranoid users would point out that AES-128 encryption isn't the strongest available, would recommend other solutions such as PGP or GPG, and they probably know of other flaws in my process that could expose your secrets to truly determined, crafty, and well-equipped adversaries - maybe. For an introduction to more aggressive encryption techniques, I recommend two recent podcasts (one video, one audio) from host Leo Laporte, at MacBreak and Security Now!
Encrypt that Data -- Let's return to the back seats of those taxicabs. If the nabbed social security numbers and insurance records were encrypted, as they should be, it's not much of a news story, because thieves can't get at them. And if they aren't, the recalcitrant employees (or the IT staff who provided their laptops) should be fired. Laptops are lost and stolen, but there's no excuse for private information to live on them unencrypted.
For most Mac users, an encrypted disk image is secure enough that if you lose your new black MacBook, your despair is lessened slightly, knowing that lurking inside its stealthy case is a once-classified munition keeping your private files out of the wrong hands.
[Derek K. Miller is Communications Manager for Navarik, an Internet software company in Vancouver, Canada. By night, he wears a wig and plays drums in a classic rock cover band, and is also the co-host of the Inside Home Recording podcast. His blog, like his youngest daughter, is six years old in 2006.]
by Adam C. Engst <email@example.com>
Running Windows on a Mac Ebook Updated to Version 1.0.2 -- Keeping up with the latest techniques for running Windows on an Intel-based Mac can be challenging, but Joe Kissell makes it easy with the latest update to "Take Control of Running Windows on a Mac." Version 1.0.2 of the ebook covers the much-anticipated 1.0 release of Parallels Desktop and adds information about using Parallels Compressor to compact a virtual disk. (You might also be interested in reading the TidBITS review of Parallels Desktop.)
If you own an earlier version of the ebook, click the Check for Updates button on the first page of the PDF to access your free update. Page 4 of the ebook lists the important changes and provides links to the new content.
by TidBITS Staff <firstname.lastname@example.org>
The first link for each thread description points to the traditional
TidBITS Talk interface; the second link points to the same discussion
on our Web Crossing server, which provides a different look and which
may be faster.
Home library cataloging software -- In a fit of organization, a
reader looks to software to help him keep tabs on his books, music,
and other stuff. (8 messages)
Would resetting the PRAM fix my Video RAM error? Resetting the
parameter ram (PRAM) on a recent iMac solved a display error, much to
the surprise of the machine's owner. (8 messages)
Non-profit, non-commercial publications and Web sites may reprint or link to articles if full credit is given. Others please contact us. We do not guarantee accuracy of articles. Caveat lector. Publication, product, and company names may be registered trademarks of their companies. TidBITS ISSN 1090-7017.
Previous Issue | Search TidBITS | TidBITS Home Page | Next Issue