TidBITS#726/12-Apr-04
=====================
The first Mac OS X Trojan horse was spotted last week - or was it?
Adam looks at Intego's announcement of the MP3Concept Trojan, and
how it affects the Mac going forward. Also in this issue, Andrew
Laurence reviews the Slim Devices Squeezebox streaming audio
player, and we note the releases of Eudora 6.1, DragThing 5.1,
and NoteBook 1.2 v180. Lastly, we're taking a short break,
so look for your next issue of TidBITS on 26-Apr-04!
Topics:
MailBITS/12-Apr-04
Mac OS X Trojan Technique: Beware Geeks Bearing Gifts
Good Vibrations from the Squeezebox
Hot Topics in TidBITS Talk/12-Apr-04
<http://www.tidbits.com/tb-issues/TidBITS-726.html>
<ftp://ftp.tidbits.com/issues/2004/TidBITS#726_12-Apr-04.etx>
Copyright 2004 TidBITS: Reuse governed by Creative Commons license
<http://www.tidbits.com/terms/> Contact: <[EMAIL PROTECTED]>
---------------------------------------------------------------
This issue of TidBITS sponsored in part by:
* Make friends and influence people by sponsoring TidBITS!
Put your company and products in front of tens of thousands of
savvy, committed Macintosh users who actually buy stuff.
For more information and rates, email <[EMAIL PROTECTED]>.
* READERS LIKE YOU! Help keep TidBITS great via our voluntary <------ NEW!
contribution program. Special thanks this week to Shady Kanfi,
Robin Armstrong, and Lilajane Frascarelli for their support!
<http://www.tidbits.com/about/support/contributors.html>
* SMALL DOG ELECTRONICS: PowerBooks On Sale! <----------------------- NEW!
PB 15" G4/1 GHz 512 MB RAM, SuperDrive Only $1839! 15" G4/1 GHz
with Combo drive $1669! PowerBook 12" G4/867 SuperDrive $1329!
Visit: <http://www.smalldog.com/tb/> 802-496-7171
* GET FETCH FOR FREE! Fetch Softworks makes Fetch, the original <---- NEW!
Macintosh FTP client, free for educational and charitable use.
Apply today at <http://fetchsoftworks.com/edapply>!
* Dr. Bott, LLC: We got into this business because we love
computer stuff. We now have the chance - the DUTY - to sit and
geek out with technology every day under the guise of "work."
And if it's cool enough, we sell it. <http://www.drbott.com/>
* Web Crossing: Free _Web Crossing Express_ now adds discussions &
plug-ins (low-volume) to the unlimited Web/FTP/email server.
Plug-ins add blogs, wikis, RSS, & more. Perfect for small biz,
families or clubs. Try it! <http://www.webcrossing.com/tb-304>
* Treat yourself to something better! Matias brings you: <----------- NEW!
Tactile Pro Keyboard: <http://tactilepro.com/>
Laptop Armor cases: <http://laptoparmor.com/>
iPod Armor case: <http://ipodarmor.com/>
* Bare Bones Software TextWrangler 1.5 -- General-purpose tool for <- NEW!
composing, modifying, and transforming text. Now with full
AppleScript support! US$49. For more info, to download a demo,
or to purchase a copy, visit <http://www.barebones.com/>.
---------------------------------------------------------------
MailBITS/12-Apr-04
------------------
**No TidBITS 19-Apr-04** -- We're taking the next issue of TidBITS
off for a little hard-earned rest and recuperation in Hawaii at my
sister Jennifer's wedding. Those who have been with us from the
beginning may remember that back in 1992, Jennifer converted our
first 99 issues from HyperCard format into setext, which was an
essential step in allowing us to provide a complete archive
containing every TidBITS issue. Aside from the wedding
festivities, Tonya and I are looking forward to downtime and
extra sleep to make up for what we've lost in the last week
while dealing with Tristan's cold-exacerbated asthma troubles.
So, although we'll try to keep TidBITS Talk flowing, we won't be
reading or replying to other email on a regular basis. Our next
issue will be released on 26-Apr-04. [ACE]
**Matias Sponsoring TidBITS** -- We're pleased to announce our
latest long-term sponsor, Matias Corporation, makers of the
Tactile Pro Keyboard, and the Laptop Armor and iPod Armor
hardshell cases. Matias first caught our attention back in 2001
with their Half Keyboard, an unusual halved QWERTY keyboard that
used the spacebar as a modifier key to access the missing keys.
Although neat enough to warrant mention in consecutive Macworld
Superlatives articles, the Half Keyboard was attractive primarily
in very specific situations (such as when portable data entry to
a Palm OS handheld was necessary), and it's great to see Matias
devoting their design sensibility to more mainstream products like
the Tactile Pro Keyboard and the two hardshell cases. We've been
impressed both with Matias's products and the company itself, so
we couldn't be happier to include Matias among our select group
of sponsors. [ACE]
<http://halfkeyboard.com/>
<http://db.tidbits.com/getbits.acgi?tbart=06287>
<http://db.tidbits.com/getbits.acgi?tbart=06508>
<http://db.tidbits.com/getbits.acgi?tbart=07607>
**Eudora 6.1 Adds Google Searching** -- Qualcomm has released
Eudora 6.1, the latest version of their venerable email client.
New in Eudora 6.1 is a toolbar-based Search Bar that enables you
to search either within Eudora or in Google via your Web browser;
you can also Control- or right-click a word and choose it from the
contextual menu that appears to search for it in Google. Another
new feature (though a more-limited version appeared in Eudora 6.0;
see "Eudora 6.0 Slams Spam, Concentrates Content" in TidBITS-696_
for more on that release) is Transfer to Selection, which enables
you to Control- or right-click a word in Eudora and choose a
similarly named mailbox into which the message will be
transferred. IMAP synchronization has been improved with the
capability to synchronize specific IMAP mailboxes on mail checks
and easier resynchronization of entire mail folders. Eudora 6.1
provides more control over content concentration, which it uses
to hide quoted and other less relevant text appearing in the
preview pane. Lastly, and perhaps the most welcome (if depressing)
feature is the addition of Junk mail statistics to the Statistics
window. It's harsh being shown that 61 percent of my mail is spam
overall, and that the percentage is more like 75 to 78 percent
for the day or week.
<http://www.eudora.com/email/>
<http://www.eudora.com/download/eudora/mac/6.1/Release_Notes.txt>
<http://db.tidbits.com/getbits.acgi?tbart=07342>
Eudora 6.1 is available in Paid mode for $50; Sponsored (with ads
and no support) and Light (reduced features and no support) modes
are free. If you've purchased or upgraded Eudora within the last
12 months, the upgrade is free; if you purchased or upgraded more
than 12 months ago, but less than 24 months ago, the upgrade costs
$40; and if you last paid for it more than 24 months ago, you have
to pay the full $50 again. Eudora 6.1 is a 6 MB download for
either Mac OS X or Mac OS 9. [ACE]
<http://www.eudora.com/download/>
**Version 5.1: A DragThing of Beauty** -- TLA Systems's DragThing,
a launcher and Dock replacement that we've been covering since its
inception, has been upgraded to version 5.1. The big change here
is that DragThing's docks are now documents: you can now open and
close them individually, and they can be exported completely as
XML. This makes things much easier when you develop a one-off or
specialized dock that needn't be present all the time. You can
also have "workspaces" (dock sets), read-only docks, and
stationery docks. The Desktop Trash feature is also much more
flexible, and there are many cosmetic and functional improvements
and bug fixes. DragThing 5.1 requires Mac OS X 10.2 Jaguar or
better and is a 3.2 MB download. It costs $30; this is a free
upgrade for DragThing 5 users. [MAN]
<http://db.tidbits.com/getbits.acgi?tbart=07402>
<http://db.tidbits.com/getbits.acgi?tbart=01488>
<http://db.tidbits.com/getbits.acgi?tbart=06939>
<http://www.dragthing.com/english/whatsnew.shtml>
<http://www.dragthing.com/english/download.html>
**NoteBook 1.2 v180 Beefs up HTML Export** -- Circus Ponies
Software has released NoteBook 1.2 v180, a minor upgrade to their
elegant snippet keeper and information manager, which I've found
handy for maintaining to do lists and taking notes on complex
procedures. This version adds an option to export only changed
pages to HTML, preserves text styling in HTML, and automatically
converts a series of multiple spaces to a non-breaking space
character. You can also now choose the format for images pasted
into Notebook. Circus Ponies also fixed a number of bugs,
including an annoying one with the licensing system that could
cause a crash on the first launch after restarting your Mac.
NoteBook 1.2 v180 is a 7.7 MB download that's free to registered
users; new copies cost $50. [ACE]
<http://www.circusponies.com/pages.aspx?page=products>
<http://www.circusponies.com/help/11.whats_new/1.releasenotes.htm>
<http://www.circusponies.com/pages.aspx?page=downloads>
Mac OS X Trojan Technique: Beware Geeks Bearing Gifts
-----------------------------------------------------
by Adam C. Engst <[EMAIL PROTECTED]>
By now, assuming you pay any attention to the Macintosh media in
between your weekly doses of TidBITS, you've undoubtedly heard of
the hubbub brewing around the announcement last Thursday of the
first Trojan horse to target Mac OS X. The news came from Intego,
the developers of a variety of security software, including the
anti-virus program VirusBarrier, which Intego updated to detect
hypothetical malicious software using this new technique.
Should we laud Intego's integrity in alerting the Macintosh
community to this possible pestilence, or should we revile the
company for a self-serving PR move that has the potential to cause
untold headaches for the entire Macintosh world? I'll reveal my
hand here - if Intego wants to do public service announcements,
they shouldn't use a press release to submit their findings, and
they should stop selling a product that stands to benefit directly
from both the increased paranoia they've caused and a potential
plague of copycat Trojans.
**Just the Facts, Ma'am** -- Toward the end of March 2004,
a discussion took place on the Usenet group comp.sys.mac.-
programmer.misc about the potential for embedding malicious
code inside an MP3 file. After some back and forth, programmer
Bo Lindbergh posted a proof-of-concept file that is an MP3
and plays in iTunes, but is actually also an application. Bo's
proof-of-concept merely popped up a dialog box, but it obviously
could execute any sort of code. It's a clever hack that takes
advantage of both the way Carbon applications work and the ID3
tag portion of the MP3 file format to run executable code from
within a legitimate MP3 file. It's worth noting that all of the
programming techniques used by Bo's proof-of-concept are perfectly
legitimate, and the only vulnerability this exposes is the ability
of a programmer to disguise an application as a document. Nothing
new there, and it's well worth reading the technical commentary
posted on BoingBoing by Miro Jurisic (a top-tier Macintosh
programmer known for winning the MacHax Group's Best Hack
Contest at MacHack on multiple occasions).
<http://groups.google.com/groups?th=631707378ffe9292&seekm=
blgl-5D750C.02150821032004%40news.bahnhof.se>
<http://www.boingboing.net/2004/04/08/first_malware_for_os.html>
On 20-Mar-04, Intego said that an unnamed person reported this
proof-of-concept Trojan to Intego, Symantec, Network Associates,
and Apple. Intego evaluated the code and added some code to
VirusBarrier to detect it. So far so good. But then, despite some
"initial hesitation," Intego decided to put out a press release
trumpeting how the update to VirusBarrier detects "the first
Trojan horse for Mac OS X." Open bottle, extract genie.
<http://www.intego.com/news/pr40.html>
Needless to say, the press release was immediately covered by a
variety of news sites (I've included a selection of links below;
it's amusing to compare them, and be sure to see the hilarious
Joy of Tech cartoon at the end). As usual, that means a few sites
confirmed the story, investigated the technical claims, and
queried security experts, whereas many others merely reprinted
or pointed to Intego's press release. The massive coverage
instantly generated a ton of confusion and misunderstandings.
Many people thought Mac OS X was immune from such malevolent code
(false, and the proof-of-concept works equally well in Mac OS 9),
which led to the conclusion that Intego was promulgating a hoax
(equally false). Other misapprehensions that quickly resulted were
that this was a virus (false, Trojans don't self-replicate) and
that it was in some way related to Apple's success in the music
world (inane, and at best a non-sequitur). Intego itself generated
other confusions, such as the implication that what was being
identified was an actual Trojan horse (false) rather than just
a method by which a Trojan horse could be created. Intego is also
culpable for classic FUD (Fear, Uncertainty, and Doubt) tactics
by advertising that the same technique could be used with GIF and
JPEG files, and QuickTime movies (true, but irrelevant).
<http://maccentral.macworld.com/news/2004/04/08/trojan/>
<http://maccentral.macworld.com/news/2004/04/09/appletrojan/>
<http://apple.slashdot.org/article.pl?sid=04/04/08/1922237&;
mode=thread&tid=126&tid=172>
<http://www.wired.com/news/mac/0,2125,63000,00.html>
<http://us.cnn.com/2004/TECH/Internet/04/09/apple.trojan/index.html>
<http://joyoftech.com/joyoftech/joyarchives/548.html>
**Clear and Present Terminology** -- Let's step back and look at
what the terms for the various types of malicious software really
mean. Viruses are pieces of executable code that that can't stand
alone, but must be inserted into and operate within a "host file,"
usually an application. Most importantly, viruses self-replicate,
inserting their code into other files as a way of moving from one
file to another, and one computer to another. Although worms also
replicate themselves, they don't require a host file and exist as
standalone files.
<http://service1.symantec.com/SUPPORT/nav.nsf/docid/1999041209131106>
A Trojan is a horse of a different color. Like worms, Trojans
are standalone programs, but they don't self-replicate. Instead,
they're designed to deceive an unwary user into downloading them
and launching; as a rule, they can be identified precisely (which
allows warnings of "If you see a file called 'Trojan Horses' that
purports to provide a directory of farriers in the Middle East,
don't run it or it will delete all the files on your hard disk!").
Without detracting from the clever technique that Bo Lindbergh
came up with, Trojans are trivially easy to write. That's because
all they have to do is deceive you long enough for a double-click.
Once you double-click, the Greeks leap from the horse and it's all
over for Troy and your computer. (In case you're not up on your
Homer, we can thank Odysseus for the original Trojan Horse.)
Bo's proof-of-concept was primarily interesting for what it did
after it was double-clicked: it acted like a normal MP3 document.
Also interesting was the fact that it could be dragged into iTunes
and played like any other MP3 file. But despite having the data
fork of a legitimate MP3 file, it was in fact an application, and
the Finder's Get Info window properly identified it as such. In
essence, the proof-of-concept was more deceptive after the fact,
which, had it been an actual Trojan horse, might have made it
somewhat harder to detect. But as it was neither malicious nor
deceptive, the proof-of-concept simply was not a Trojan horse.
That said, it was a questionable move to post such a proof-of-
concept in public.
**Think Like Intego** -- So why did Intego decide to issue a press
release about what the company dubbed the MP3Concept Trojan?
Obviously, I wasn't privy to the discussions (or I would have
told them in no uncertain terms what a terrible idea this was),
but it seems likely that the decision was in the end based on the
positive benefits it would have for Intego. After all, promoting
corporate interests is what PR is all about.
The reasoning is easy to follow. With just a little effort in
the press release, Intego could both catapult the company into
the spotlight of the Macintosh media and engender a sense of
paranoia in the Macintosh community that would result in sales
of VirusBarrier. For examples of how the wording of the press
release supports this goal, consider this: "While the first
versions of this Trojan horse that Intego has isolated are
benign, this technique opens the door to more serious risks."
The sentence manages to imply that Intego discovered the Trojan
(it was actually reported to them by a user) and at the same
time states that there are multiple versions of the Trojan.
As far as I've been able to determine, and Intego did not
answer my direct question to this point, at the time when
this press release was sent out, there was only Bo Lindbergh's
proof-of-concept.
Then there's this section: "Due to the use of this technique,
users can no longer safely double-click MP3 files in Mac OS X.
This same technique could be used with JPEG and GIF files, though
no such cases of infected graphic files have yet been seen."
That's classic FUD aimed at scaring less-sophisticated users into
believing that they cannot so much as double-click an MP3, JPEG,
or GIF file without risking untold digital horrors. Unless, that
is, they're running Intego's VirusBarrier.
So Intego gains massive press coverage, and even if it turned
negative, there's always the aphorism, "I don't care what you
say about me as long you spell my name right." Intego also sees
increased sales of VirusBarrier, lending a direct financial bonus
to the announcement. If nothing else, Intego's behavior was crass,
very much along the lines of the anti-virus companies whose
software identifies worm-generated email but, instead of deleting
it, wastes even more time and resources by bouncing it back to the
forged address with an advertisement for the anti-virus software.
Although those companies haven't yet been taken to task for such
tactics, Intego may suffer a significantly damaged reputation from
this decision.
Intego calls itself an "i-security company" and talks on its About
page about how it is committed to "protecting your computer from
security threats of all kinds." Ignoring the utterly cynical
thought that Intego would wish ill upon those who were not its
customers, by releasing the announcement of MP3Concept, Intego
violated that basic goal of protecting computers from security
threats of all kinds. That's because the publicity that surrounded
both the initial press release and Intego's followup Q&A document
about MP3Concept significantly lowers the bar for creating Trojan
horses using the MP3Concept approach. I would be surprised if
actual MP3Concept Trojans hadn't been released into the wild now,
given that most people writing malicious software generally just
modify techniques and code from others. So by providing details
about how MP3Concept works, how it could affect GIF and JPEG
files, and more, Intego almost ensured that some disaffected
programmer would implement it. Do you feel that Intego's
announcement has helped protect your Mac from security threats?
<http://www.intego.com/intego/>
<http://www.intego.com/news/pr41.html>
Intego would certainly argue that the information would have
gotten out anyway. That may be true, since the information about
the proof-of-concept was protected only by obscurity. But the
Internet is an awfully big place these days, and just because
some piece of information is available doesn't mean it will
automatically be introduced to hundreds of thousands of Macintosh
users. Lots of programmers discover ways of abusing operating
systems that they either don't act on or don't publicize. Intego
chose to go public.
**What Should Intego Have Done?** It's said that hindsight is
always 20/20, but in this case, I think it's clear how Intego
should have responded. First, I think Intego should absolutely
have updated the virus definitions for VirusBarrier to identify
and delete any Trojan horses using the MP3Concept technique.
That's entirely in line with the mission of protecting computers
from security threats of all kinds, and I have nothing against
Intego using this information to improve its products.
However, Intego should next have verified that the right people
at Apple had received the information, assuming that a Macintosh
developer like Intego would have better contacts within Apple than
a random user. Intego said the reporting user had also alerted
Apple, but we all know that Apple is a very large company, and
sending an email message to a general feedback address is a lot
different from making sure Apple's security team was aware of the
problem. The Apple Product Security page provides a email address
to which such security vulnerabilities should be reported.
<http://www.apple.com/support/security/>
Intego could also have alerted an independent security
organization like the CERT Coordination Center to the
vulnerability. That would have allowed CERT to verify the
vulnerability, alert Apple again, and publish the information
in a controlled fashion. Then, had the information become public,
Intego wouldn't have been tainted by a blatant conflict of
interest and could still have announced that VirusBarrier had
been updated to deal with the problem.
<http://www.cert.org/>
**What Should You Do?** The cat's out of the bag, and thanks
to Intego's self-serving behavior, the Macintosh world is a
less trusting place than it was this time last week. So what's
your actual vulnerability to Trojans (or worms, because self-
replicating code could be added) using the MP3Concept technique?
I hope that, apart from a few quick copycats from programmers
without the skill or creativity to produce anything worthwhile,
we won't see many implementations, which means that most people
won't have to worry about anything most of the time. Also
reassuring is the fact that downloading a raw MP3, JPEG, or
GIF file from an FTP or Web site (or one of the file sharing
networks) is unlikely to expose you to an MP3Concept Trojan horse
because Macintosh resource forks aren't transmitted when such
files are downloaded unless the file is first encoded in a StuffIt
archive, MacBinary file, BinHex file, or on a disk image.
That said, I encourage you to be cautious about files you receive
in email, since email programs will use the AppleDouble or BinHex
encodings to ensure that a file's resource fork is protected.
Luckily, good email programs like Eudora and Mail refuse to let
you launch an application attached to a message without prompting
you first; if you ever see a query from your email program about
executing an attachment, cancel the launch and investigate the
source of the attachment.
If you regularly receive files in email and download files from
Web sites of unknown reputation, I recommend that you run and
regularly update an anti-virus application. On a technical basis,
I don't know of any particular differences between Symantec's
Norton AntiVirus, McAfee's Virex, and Intego's VirusBarrier,
but I can't encourage supporting Intego after this incident.
Symantec's Norton AntiVirus costs $70 from Symantec, though I
instead generally recommend the $130 Norton SystemWorks bundle
(which also includes Norton Utilities, Dantz's Retrospect Express,
and Aladdin's Spring Cleaning). McAfee's Virex doesn't seem
to be as readily available as Norton AntiVirus, but remember
that you get it for free with a $100 .Mac membership, which
is a good deal.
<http://www.symantec.com/nav/nav_mac/>
<http://www.symantec.com/sabu/sysworks/mac/>
<http://www.nai.com/us/products/mcafee/antivirus/desktop/virex.htm>
<http://www.mac.com/>
I don't currently know what methods Norton AntiVirus and Virex
use to identify potential MP3Concept Trojans, but according to
some Usenet discussions, VirusBarrier merely looks for any CFM
executable whose name ends with a common filename extension. As
a result, it apparently incorrectly identifies some plug-ins for
Adobe Photoshop Elements and Adobe InDesign CS as being Trojan
horses. Oops.
One final point to drive home: regular backups (and not just
duplicates) can protect you from a multitude of evils ranging from
an overeager anti-virus application to a malicious Trojan horse.
**What Happens Next?** Intego's media maelstrom elicited
a statement from Apple, which is unusual for security
vulnerabilities. As the Apple Product Security page states,
"For the protection of our customers, Apple does not disclose,
discuss or confirm security issues until a full investigation
has occurred and any necessary patches or releases are available."
In response to our query, an Apple representative said, "We are
aware of the potential issue identified by Intego and are working
proactively to investigate it. While no operating system can
be completely secure from all threats, Apple has an excellent
track record of identifying and rapidly correcting potential
vulnerabilities."
I'd be a little surprised if Apple actually had been working
on this issue before Intego's announcement, since the proof-of-
concept doesn't do anything illegal. Had it not been described
in the Usenet posting, it would have been deceptive, sure, but a
custom icon and a misleading name are also deceptive, and there's
nothing Apple can do to prevent them. I've seen a number of ideas
for ways Apple could modify the Mac OS to reduce the likelihood of
a user launching a Trojan, including putting a subtle halo around
the icons of applications (thus reducing the deceptive nature of
Trojans masquerading as documents) and requiring user assent to
the first launch of any newly downloaded application. Neither
of these approaches would be complete protection, but they might
lower the likelihood of someone running a Trojan without warning.
Whether or not Apple was working on this issue ahead of time, I'm
sure Apple programmers are evaluating it now, and it's entirely
likely that Apple will release a security update in the near
future to address MP3Concept's method of deceiving users.
In the end, the only real solution to the overall problem of
malicious code would likely be a major rearchitecting of Mac OS X
in such a way that prevents applications from causing damage.
I doubt Apple would go to such lengths because of the cost of
such a wholesale change, particularly given the minimal actual
damage to Macs caused by malicious software so far.
Good Vibrations from the Squeezebox
-----------------------------------
by Andrew Laurence <[EMAIL PROTECTED]>
(When last we left our intrepid music junkie, he was annoyed that
the Slim Devices SLIMP3 streamed MP3 music, rather than being a
disk-based storage and playback device like his beloved TiVo.
Let's see how things have progressed.)
Since I reviewed the SLIMP3 last year (see "SLIMP3: MP3, Get Thee
to the Hi-Fi" in TidBITS-676_), disk-based media players have
either vanished or morphed into the "home theater PC," but media-
streaming devices have flourished. As just a few examples, Alex
Hoffman reviewed TiVo's Home Media Option ("TiVo Series2 Improves
on Original" in TidBITS-698_); Gateway introduced their Connected
DVD Player; Turtle Beach soldiers on with their venerable
AudioTron AT-100; and MacSense is finally shipping the HomePod.
The market has spoken: streaming it is.
<http://db.tidbits.com/getbits.acgi?tbart=07150>
<http://db.tidbits.com/getbits.acgi?tbart=07366>
<http://www.gateway.com/home/ce/dvd.shtml>
<http://www.turtlebeach.com/site/products/audiotron/>
<http://www.macsense.com/product/homepod/>
**Enter the Squeezebox** -- Slim Devices introduced the Squeezebox
in November 2003. With a new look and a slew of new features, it
replaces the SLIMP3 as Slim Devices' flagship hardware product.
Where the SLIMP3 felt like an exercise in home-brew hardware, the
Squeezebox looks and feels like high-quality consumer electronics.
It retains the SLIMP3's excellent vacuum fluorescent display (VFD)
but is packaged in a slimmer, more attractive case. The SLIMP3's
stark black metal is replaced with a rubberized exterior. The
display is no longer angled upward, but faces directly outward
just like the rest of your hi-fi components. The unit is much
more at home in the entertainment center, or on a desk or dresser.
Inside, the Squeezebox plants itself directly at the demographic
intersection between computer and audio enthusiasts. A wired
version connects to a 10/100/1000Base-T wired Ethernet network;
a wireless version adds the capability to connect to an 802.11b
wireless network. Your streaming audio is delivered to the stereo
via either analog RCA or digital optical or coaxial jacks.
<http://www.slimdevices.com/>
The Squeezebox's setup is remarkably intuitive. After a series
of questions guides you through setup for your network, the box
is off and running. In a nice improvement over the SLIMP3, the
Squeezebox automatically detects if a new firmware version is
on the server, and prompts the user to upgrade.
Where the SLIMP3's digital-to-analog converter only handled MP3
audio, the Squeezebox supports most popular formats: AAC (on Mac
or Windows), AIFF, FLAC, MP3, Ogg Vorbis, WAV or WMA (Windows
only). AAC, FLAC, Ogg Vorbis and WMA files are supported through
server-side conversion into uncompressed audio; the conversion
is only available for files that aren't protected by digital
rights management, as are those purchased from the iTunes Music
Store. In other words, the songs you rip into AAC or WMA are
playable, but purchased (and protected) songs are not playable.
(AAC playback requires QuickTime and is therefore only available
on Mac and Windows servers. The Ogg and FLAC formats require
that those programs be already installed on the server.)
The Squeezebox's interface is exactly the same as the SLIMP3, and
you control its functions via either the included remote control
or the server's Web interface. See my earlier review for
descriptions of its operation.
**SlimServer** -- The SlimServer software, which is installed on
the Mac hosting your music files, remains an impressively robust
and flexible music platform. Where most players lock you into
iTunes's predefined constructs of songs, albums and playlists,
the SlimServer incorporates an "internal playlist" concept that
opens the door to ad-hoc playlists. You can build a playlist
for the moment, intermixing any number of songs, albums or
pre-defined playlists; any unit of music available to iTunes
can be a component of an ad-hoc playlist. I've always dreamed
of an unending stream of music, limited only by my mood and
imagination. With SlimServer, that dream has arrived (and yes,
I know full well that I sound like I'm spouting advertising copy).
As testament to the strength of the SlimServer platform,
competitor Roku Labs has adopted the GPL-licensed open-source
SlimServer software for their not-yet-shipping Roku SoundBridge.
Roku's literature proudly lists the device's support for multiple
audio formats, the Web server interface, iTunes support, and
compatibility with multiple operating systems. Interestingly,
the SoundBridge appears to also use a VFD display. If imitation
is the sincerest form of flattery, adoption must point to sheer
adoration.
<http://www.rokulabs.com/products/soundbridge/>
**Costs and Benefits** -- Streaming music devices all seem to be
priced around $200. However, just as Macs cost more than PCs, the
Squeezebox costs a bit more; enough to make you say "hmmm." The
wired version costs $250; adding wireless bumps the price to $300.
Although the Squeezebox is full-featured and rightfully claims a
spot in the consumer electronics milieu, the price feels a bit
high to me. Otherwise, the Squeezebox is a heck of a nice product.
While I was writing the SLIMP3 review, my wife and I noticed
that we played music more often, and more easily. The seamless
access to the music heightened our use and enjoyment a great
deal, similar to the yield one gets from TiVo. After I sent
the demonstration unit back to Slim Devices, we noticed its
absence. Forced to once again shuffle CDs, we lapsed into old
habits of leaving the same set of discs in the player and
suffering through commercial radio. Now that we've gotten
our hands on the Squeezebox, I just might have to buy one
for the entertainment center.
[Andrew Laurence has almost figured out how to store all his
CDs in the living room. Almost.]
PayBITS: If this article helped you, consider contributing
a few bucks so Andrew can buy a Squeezebox of his own.
<https://www.paypal.com/xclick/business=atlauren%40uci.edu>
Read more about PayBITS: <http://www.tidbits.com/ paybits/>
Hot Topics in TidBITS Talk/12-Apr-04
------------------------------------
by TidBITS Staff <[EMAIL PROTECTED]>
As before, the second URL below each thread description points
to the discussion on our Web Crossing server, which will be much
faster, though it doesn't yet use our preferred design.
<http://emperor.tidbits.com/TidBITS/Talk/>
**Intego Trojan Warning** -- Readers discuss Intego's press
release about the MP3Concept Trojan horse. (7 messages)
<http://db.tidbits.com/getbits.acgi?tlkthrd=2215>
<http://emperor.tidbits.com/TidBITS/Talk/77>
**Floppy Server?** Truly, we limit April Fools topics to April 1
issues, so rest assured that this thread is a serious discussion
of how to mount remotely an old Mac that's booted from a floppy
disk. (8 messages)
<http://db.tidbits.com/getbits.acgi?tlkthrd=2214>
<http://emperor.tidbits.com/TidBITS/Talk/76>
**LaunchBar vs. Quicksilver** -- The venerable application
launcher LaunchBar is seeing competition from upstart Quicksilver.
How do the two compare? (14 messages)
<http://db.tidbits.com/getbits.acgi?tlkthrd=2212>
<http://emperor.tidbits.com/TidBITS/Talk/73>
**QWERTY and Dvorak** -- Adam's article on the Matias Tactile Pro
keyboard reignites discussion of which keyboard layout is superior
(and whether there's actually a difference). (3 messages)
<http://db.tidbits.com/getbits.acgi?tlkthrd=2210>
<http://emperor.tidbits.com/TidBITS/Talk/72>
**Recommended Laptop Bags** -- Following Jeff Carlson's article on
buying a laptop bag, readers weigh in with their own favorite
brands and essential bag criteria. (10 messages)
<http://db.tidbits.com/getbits.acgi?tlkthrd=2209>
<http://emperor.tidbits.com/TidBITS/Talk/71>
$$
Non-profit, non-commercial publications may reprint articles if
full credit is given. Others please contact us. We don't guarantee
accuracy of articles. Caveat lector. Publication, product, and
company names may be registered trademarks of their companies.
For information: how to subscribe, where to find back issues,
and more, see <http://www.tidbits.com/>. TidBITS ISSN 1090-7017.
Send comments and editorial submissions to: <[EMAIL PROTECTED]>
Back issues available at: <http://www.tidbits.com/tb-issues/>
And: <ftp://ftp.tidbits.com/issues/>
Full text searching available at: <http://www.tidbits.com/search/>
-------------------------------------------------------------------
