TidBITS#867/19-Feb-07
=====================
  Issue link: <http://db.tidbits.com/issue/867>

  Security news leads off this issue, with Apple's release of Security
  Update 2007-002 to address more of the Month of Apple Bugs (MoAB)
  exploits, Glenn Fleishman's thoughts about what the MoAB actually
  accomplished, and Joe Kissell's look at the Microsoft Office 2004
  11.3.4 update. In other topics, Andrew Laurence examines Apple's
  Daylight Saving Time updates to both Tiger and Panther, Jeff Carlson
  relays the details of the Final Cut Pro 5.1.3 update, and Adam looks
  at the now-open Google Gmail and explains how to create permanent
  links to articles in the New York Times. Also this week, a
  single-question interview with prominent Macintosh developers about
  the most important Apple technologies!

Articles
    Security Update 2007-002 Squashes MoAB Bugs
    Early Help Desk Video
    Daylight Saving Time Saved
    Microsoft Releases Office 2004 11.3.4 Update
    Final Cut Pro 5.1.3 Update Released
    DealBITS Winners: Rogue Amoeba's Fission
    DealBITS Drawing: A Sharp's Opal
    Create Permanent Links to the New York Times
    Google Gmail Open to All
    MoAB Is My Washpot
    InterviewBITS: Key Apple Technologies
    Take Control News/19-Feb-07
    Hot Topics in TidBITS Talk/19-Feb-07


------------ This issue of TidBITS sponsored in part by: --------------

* READERS LIKE YOU! Support TidBITS with a contribution today!
  <http://www.tidbits.com/about/support/contributors.html>
  Special thanks this week to Nick Pappas, Thomas Deveikis,
  Chris Engst, and Norman Pease for their generous support!

* SMALL DOG ELECTRONICS: Featuring 4000+ Mac-friendly products.
  TidBITS exclusive for Feb 19-26: iPod nano 1 GB (2005, new) with
  the Nike+ Sport Kit and a Sensor+ Pouch to use Nike+ with any shoes!
  Order yours today for only $114 at <http://www.smalldog.com/tb/>

* FETCH SOFTWORKS: Fetch 5.2 makes FTP and SFTP easy!
  Upload, download, mirror, and manage your Web site. Dozens of
  new features to make file transfers easier and more reliable.
  Get your free trial version at <http://fetchsoftworks.com/>!

* WebCrossing Neighbors Creates Private Social Networks
  Create a complete social network with your company or group's
  own look. Scalable, extensible and extremely customizable.
  Take a guided tour today <http://www.webcrossing.com/tour>

* Bare Bones Software's BBEdit 8.6 -- Latest version offers a
  major interface overhaul, new prefs, text clippings, improved
  JavaScript, new Ruby/SQL/YAML/Markdown support, code folding.
  Over 160 new features in all! <http://www.barebones.com/>.

* MARK/SPACE, INC: Connecting the coolest gadgets from Dell,
  Garmin, HP, HTC, Motorola, Palm, Samsung, Sony and others to
  Mac OS X. Address Book, iCal, iPhoto, iTunes and more. See
  what you've been missing! <http://www.markspace.com/bits>

* CheckIt System Performance Suite bundles three top Mac utilities!
  TechTool Platinum diagnoses and repairs your disk, Spring Cleaning
  organizes your files and Retrospect Express backs up your data.
  Buy today for only $79.99! <http://www.allume.com/tidbits/>

* Microsoft: Supporting professional Mac users with Office 2004.
  Supporting the Mac community through tech support newsgroups,
  user group appearances, our new team blog, and more!
  Save up to 25%! <http://www.microsoft.com/mac/go/promotions/>

* ROGUE AMOEBA SOFTWARE: With a Name Like Rogue Amoeba,
  It's Gotta Be Good. Good software with a bad attitude,
  only for Mac OS X. Free downloads from
  <http://www.rogueamoeba.com/ad/tb/>

* DealBITS: Get the word out about your product AND generate sales!
  It's simple: give away a few copies and offer a discount to entrants.
  A DealBITS drawing is quick to set up and can easily pay for itself.
  For more info and rates, visit <http://www.tidbits.com/dealbits/>.

---------- Help support TidBITS by supporting our sponsors ------------


Security Update 2007-002 Squashes MoAB Bugs
-------------------------------------------
  by Adam C. Engst <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8860>

  Apple has released Security Update 2007-002, the second security
  update of the year that addresses bugs identified by the Month of
  Apple Bugs (MoAB) project. None of the bugs offered any chance for
  user action other than standard Internet precautions, so it's good
  to see Apple solving these problems in the Finder, iChat, and the
  UserNotificationCenter process. It's a bit more important than it
  normally is to install this security update because of the MoAB's
  publication of the exploits before informing Apple. As always, the
  update is available via Software Update most easily, though
  stand-alone downloads are available for PowerPC- (3.8 MB download)
  and Intel-based Macs (6.6 MB download) running Mac OS X 10.4.8
  (Client or Server) and for anyone running Mac OS X 10.3.9 (1.4 MB
  download). (For more thoughts on this situation, see Glenn
  Fleishman's "MoAB Is My Washpot" later in this issue.)

<http://docs.info.apple.com/article.html?artnum=305102>
<http://www.apple.com/support/downloads/securityupdate2007002ppc.html>
<http://www.apple.com/support/downloads/securityupdate2007002universal.html>
<http://www.apple.com/support/downloads/securityupdate2007002panther.html>
<http://db.tidbits.com/article/8869>


Early Help Desk Video
---------------------
  by Adam C. Engst <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8861>

  Anyone who has helped a complete novice learn how to use a Mac,
  especially during a stint in a help desk environment, simply must
  watch this hilarious video, which demonstrates well that all
  interfaces must be learned. The audio is reportedly in Norwegian,
  with English and Danish subtitles.

<http://www.youtube.com/watch?v=eRjVeRbhtRU>


Daylight Saving Time Saved
--------------------------
  by Andrew Laurence <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8862>

  Apple last week released a set of updates which reflect the changes
  in Daylight Saving Time that go into effect this year in the United
  States and elsewhere (for additional information, see my article
  "Daylight Saving Time May Bite the Out-of-Date," 2007-01-29). The
  very welcome update for Mac OS X 10.3.9, Daylight Saving Time Update
  (Panther), updates the time zone and ICU data files, such that the
  system now correctly handles the new Daylight Saving time rules for
  2007. The update for Mac OS X 10.4.8, Daylight Saving Time Update
  (Tiger), likewise contains a complete set of time zone and ICU
  files; it adds several new cities and various world-wide changes to
  the time zone information included with the previous Mac OS X 10.4.5
  and 10.4.6 updates.

<http://docs.info.apple.com/article.html?artnum=305056>
<http://db.tidbits.com/article/8832>
<http://www.apple.com/support/downloads/daylightsavingtimeupdatepanther.html>
<http://www.apple.com/support/downloads/daylightsavingtimeupdatetiger.html>

  I'm pleased to see Apple do right by their customers who are running
  Panther. There was some discussion online of the "Y2K7" problem in
  late January, with Ian Ward Comfort's patch appearing on 28-Jan-07
  at AFP548.com; a variety of other patches and methods have appeared
  in blogs and mailing lists. (I hope the authors of those patches
  will vet their solutions against Apple's updates, and indicate
  whether folks who have installed the former have any cause to worry
  from the latter.)

<http://www.afp548.com/article.php?story=20070128143720897>

  People still running Mac OS X 10.2 Jaguar are out of luck in terms
  of an official Apple patch. However, a modified patch for those
  users is also available at the AFP548 Web site.

<http://www.afp548.com/article.php?story=20070128143720897>

  At the same time, Apple released Java for Mac OS X 10.4, Release 5,
  which updates J2SE 5.0 to version 1.5.0_07, and Java 1.4 to version
  1.4.2_12. The update primarily fixes handling of Daylight Saving
  Time in Java, but also delivers improved reliability and
  compatibility. For Panther users, Java for Mac OS X 10.3 Update 5
  brings Java 1.4.2 to version 1.4.2_12, includes Java Advanced
  Imaging and Java 3D support, and also fixes a problem where some
  Java applications wouldn't open after installing QuickTime 7.0.4 or
  later.

<http://docs.info.apple.com/article.html?artnum=304586>
<http://docs.info.apple.com/article.html?artnum=304585>

  It's impossible to draw a causal relationship between my original
  article and the appearance of these updates, now two weeks later,
  but I'd like to think I played a small role in their appearance.


Microsoft Releases Office 2004 11.3.4 Update
--------------------------------------------
  by Joe Kissell <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8863>

  Microsoft last week released the Office 2004 for Mac 11.3.4 Update.
  In addition to providing improved spam detection in Entourage, this
  update "fixes vulnerabilities in Office 2004 that an attacker can
  use to overwrite the contents of your computer's memory with
  malicious code."

<http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/Office2004/Office2004_1134.xml>

  This update requires that you have already installed the Microsoft
  Office 2004 for Mac 11.3.3 Update, released last month. This latest
  update is a 12.3 MB download, available either as a stand-alone
  updater or by using the Help > Check for Updates command in any
  Office application.

<http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/Office2004/Office2004_1133.xml>


Final Cut Pro 5.1.3 Update Released
-----------------------------------
  by Jeff Carlson <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8864>

  Apple has released Final Cut Pro 5.1.3, a maintenance release that
  adds some missing commands to the default keyboard layout, makes
  render files work properly on PowerPC-based and Intel-based Macs,
  and fixes an issue where cross dissolves in nested sequences would
  not appear correctly. The update is a 42 MB download, requires Final
  Cut Pro 5.1 or later under Mac OS X 10.4.8, and is also available
  via Software Update.

<http://www.apple.com/support/downloads/finalcutpro513.html>


DealBITS Winners: Rogue Amoeba's Fission
----------------------------------------
  by Adam C. Engst <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8865>

  Congratulations to Ron Gillmore of victoria.tc.ca, Lorne Chapman of
  shaw.ca, and Ben Maiden of hawaii.rr.com, whose entries were chosen
  randomly in last week's DealBITS drawing and who received a copy of
  Rogue Amoeba's Fission, worth $32. But don't fret if you didn't win,
  since Rogue Amoeba is offering TidBITS readers a $5-off discount on
  Fission, dropping the price to $27. To take advantage of this offer,
  which is good through 28-Feb-07, use coupon code FISSIONDEALBITS
  when ordering. Thanks again for entering this DealBITS drawing, and
  we hope you'll continue to participate in the future. Thanks to the
  1,333 people who entered, and keep an eye out for future DealBITS
  drawings!

<http://db.tidbits.com/article/8855>
<http://www.rogueamoeba.com/fission/>
<http://www.rogueamoeba.com/store/>


DealBITS Drawing: A Sharp's Opal
--------------------------------
  by Adam C. Engst <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8866>

  I introduced last week's DealBITS drawing for Rogue Amoeba's Fission
  audio editing program by talking about how good it was to see
  simple, focused programs returning to a field after the major
  applications had become more complex than was desired by many early
  users. The same is true of A Sharp's Opal, the successor to the
  popular Acta outliner of yesteryear. While many outliners now
  feature multiple columns, style sheets, notes, and a wide variety of
  other fancy features, Opal remains focused on just one thing:
  outlining. It's small, friendly, and for many people, I suspect, all
  that an outliner should be (for more details, see Matt Neuburg's
  "Acta Reborn as Opal," 2006-10-23).

<http://a-sharp.com/opal/>
<http://db.tidbits.com/article/8717>

  In this week's DealBITS drawing, you can enter to win one of three
  copies of Opal, each worth $32. Entrants who aren't among our lucky
  winners will receive a discount on Opal, so be sure to enter at the
  DealBITS page linked below. All information gathered is covered by
  our comprehensive privacy policy. Be careful with your spam filters
  and challenge-response systems, since you must be able to receive
  email from my address to learn if you've won. Remember too, that if
  someone you refer to this drawing wins, you'll receive the same
  prize as a reward for spreading the word.

<http://www.tidbits.com/dealbits/opal/>
<http://www.tidbits.com/about/privacy.html>


Create Permanent Links to the New York Times
--------------------------------------------
  by Adam C. Engst <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8867>

  In TidBITS, when we link to pages elsewhere on the Web, we hope
  they'll remain accessible indefinitely, much as we've taken pains to
  do with all of our articles from the very beginning. Alas, not all
  links will survive forever, but I've learned a trick for ensuring
  that links to articles in the New York Times do remain accessible
  for free, even after the articles themselves have moved into the NYT
  Archive. At that point, reading an article normally costs $5, or you
  can subscribe to the TimesSelect service for $8 per month or $50 per
  year and have access to 100 articles per month. (TimesSelect also
  provides access to Op-Ed pieces and certain columnists whose
  articles are never available for free online.)

<http://www.nytimes.com/products/timesselect/whatis.html>

  However, because the New York Times considers itself as the
  newspaper of record, it worked out a deal in 2003 with Dave Winer of
  UserLand Software to provide permanent free links in RSS feeds
  generated through the Radio UserLand RSS aggregator. But the New
  York Times is apparently running its own RSS feeds now, so there's
  no obvious way to find a permanent link to an article you're reading
  on the New York Times Web site. There is a Permalink feature, but
  after an article has migrated into the NYT Archive, its permalink
  points to a TimesSelect abstract from which you can purchase the
  full text, rather than to the full text of the article.

<http://davenet.smallpicture.com/2003/06/06/newYorkTimesArchiveAndWebl.html>

  So although neither the problem nor the solution is new, they're new
  to me (and apparently to plenty of other people, to judge from the
  number of no-longer-free links to New York Times articles that I see
  on the Web). The trick - to which I was alerted by occasional
  TidBITS contributor Derek Miller - is to use the New York Times Link
  Generator, written by Aaron Swartz of the social bookmarking site
  Reddit. Just feed it a link to a New York Times article and it
  returns a version of the link that will remain free for the
  foreseeable future, though of course the Times could always change
  their policy. There's also a bookmarklet you can use to generate a
  permanent link from the current page when you're on the New York
  Times Web site.

<http://db.tidbits.com/author/Derek+Miller>
<http://nytimes.blogspace.com/genlink>
<http://reddit.com/>


Google Gmail Open to All
------------------------
  by Adam C. Engst <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8868>

  Google has at last opened up its well-regarded Gmail email service
  to all comers, eliminating the need to receive an invitation from an
  existing user before signing up. It's been two years since the
  service launched, and it's still branded beta. The primarily
  Web-based Gmail remains free to use and currently offers over 2.5 GB
  of storage for each user, an amount that grows every day as Google
  brings more storage online.

<http://www.gmail.com/>
<http://mail.google.com/mail/help/intl/en/about.html>

  Gmail provides POP3 access for people who prefer using traditional
  email clients over the Gmail Web interface, but still lacks IMAP, a
  popular alternative to POP3. The service has good spam filtering
  that accepts reports from its users, attachment viewing within the
  Web interface, and support for mobile phone email - you can read and
  reply to messages. Google Talk, the company's instant messaging and
  voice chat program, can be used within the Web interface, too.

  Gmail can also forward incoming mail to another email address, send
  messages and replies using another return address, and fetch mail
  from up to five other non-Gmail accounts via POP.

  What sets Gmail apart from other email services and clients is how
  rapid-response searches sit at the core of message archiving and
  organizing. Instead of filing messages in a folder, you apply one or
  more labels to incoming messages that exist in a general archive.
  The labels are the search equivalent of folders, and show up in a
  list in the left navigation bar. It's very much like the Smart
  Mailboxes feature in Apple Mail, only faster. You can also search
  quickly through your entire message archive; Gmail provides a list
  of matches with search terms highlighted, and messages threaded
  across an entire set of conversations so you can easily follow what
  was said and by whom.

<http://mail.google.com/mail/help/intl/en/why_gmail.html>

  Gmail funds itself through what text ads that are theoretically
  relevant to the content of the message you're reading - a behavior
  that can be a little disconcerting. The ads are never inserted into
  the body text of either incoming or outgoing mail, however, unlike
  free mail from other firms.

  Since I run my own mail server, I have only dabbled with Gmail. But
  reports from friends and colleagues who rely entirely on the service
  are highly positive, with them experiencing minimal downtime and
  speedy access. The main reason I haven't looked more seriously at
  Gmail is that I already have 2.3 GB of stored email, and I don't
  want to lose access to that archive. Gmail does enable import of
  contacts to provide access to laboriously created address books.

  (The only way to import mail into Gmail that I can see is to
  redirect to the Gmail account, which isn't practical with hundreds
  of thousands of messages. Although utilities like Mark Lyon's free
  Google GMail Loader and Cheah Chu Yeow's free gExodus exist to
  automate the process, date stamps are lost in the transfer,
  rendering them useless for an email archive that spans 15 years.)

<http://www.marklyon.org/gmail/>
<http://blog.codefront.net/archives/2004/06/21/gexodus-a-graphical-gmail-import-tool>

  Because Gmail is an extremely interactive Web application, it works
  only in a subset of common Web browsers, including (all version
  numbers are the earliest supported version) Safari 1.2.1, Firefox
  0.8, Mozilla 1.4, and Netscape 7.1. Web-based chat requires Firefox
  1.0 or later. Gmail does offer a basic HTML view for other browsers,
  but, honestly, there's not much point in using Gmail if you can't
  take advantage of the full interactive interface.

  If you've been looking for another email service, it's worth giving
  Gmail a try. You can even set up multiple addresses using your own
  domain using the Google Apps for Your Domain service. In particular,
  if you've been having trouble receiving TidBITS due to overactive
  spam filtering or other delivery problems, Gmail could be a good
  alternative. (Our new bounce processing code sends you warnings when
  your account has bounced too many messages, and you can manage your
  subscriptions and addresses with our new Manage Mailing List
  Subscriptions interface.)

<http://www.google.com/a/help/intl/en/admins/overview.html>
<http://www.tidbits.com/list/>


MoAB Is My Washpot
------------------
  by Glenn Fleishman <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8869>

  Two hackers wanted to show the world that Apple's much-vaunted
  operating system wasn't as secure as it was cracked up to be. The
  Month of Apple Bugs (MoAB) ran from 01-Jan-07 to 31-Jan-07, with the
  final day promising a future serious bug. Instead, they may have
  turned the Mac smugness dial up a notch.

<http://projects.info-pull.com/moab/>

  MoAB backers "lmh" (who does not reveal his or her real name) and
  Kevin Finisterre appeared to want to tweak Mac users, who often
  revel in the so-far absence of attacks on Mac OS X that are
  plausible, persistent (not quickly patched), and spreadable. In
  particular, the pair appear to take issue with the zealots and
  "fanboys" who, when presented with credible information that shows
  Apple or Mac OS X in a bad light, reject it out of hand. But lmh and
  Finisterre also seemed to have a chip on their shoulders before,
  during, and after MoAB.

  The coincidence of the abbreviation MoAB and the biblical figure of
  the same name led me to Jeremiah 48:29-30: "We have heard of the
  pride of Moab, pride beyond bounds: His loftiness, his pride, his
  scorn, his insolence of heart. I know, says the Lord, his arrogance;
  liar in boast, liar in deed." (More famously, the poetry of Psalms
  disses the people of Moab by stating, "Moab is my washpot," Psalm
  108:9, indicating a thing of low esteem, fit only for holding water
  that has cleaned one's feet - it's also the title of Stephen Fry's
  excellent autobiography.)

<http://www.amazon.com/exec/obidos/ASIN/1569472025/tidbitselectro00A/ref=nosim>

  Now that seems a little harsh. The original Moab was a problem, no
  doubt, but this MoAB wanted to shake the Apple tree a bit, perhaps
  with too high an aim. I suspect the developers had a set of exploits
  up their sleeves, but hoped that other folks would come forward with
  goodies they'd been saving up, and no such luck emerged.

  The zealots and fanboys that lmh and Finisterre railed against
  aren't strawmen. They exist. In fact, we at TidBITS occasionally get
  email from them, too. But it's clear that the vast majority of Mac
  users have better things to do than violently defend the platform
  and company against legitimate criticism. If anything, the average
  Mac user may have perhaps too great a belief that Mac OS X is
  completely secure, especially in contrast with Windows XP.

<http://www.crazyapplerumors.com/?p=664>

  However, it seems that MoAB may have unintentionally given more
  ammunition to the extremists in the Mac faith, while making the
  larger community even more blase. None of the bugs released had any
  real potential of a vector - spreading from computer to computer as
  a worm through an Internet- or LAN-exploitable flaw - and as far as
  I have seen, no in-the-wild exploit was released for any of the
  bugs, despite the fact that MoAB refused to notify Apple or
  third-party developers before releasing the bug details to the
  public.

  As of last week, Apple and the other developers who had exploits
  posted against their products had updated all but one matter.
  Timothy Luoma posted a rundown of his disappointment with the
  outcome of MoAB. The Macalope weighs in with his own, slightly
  surprised discomfiture at not seeing more serious attacks released.
  (The remaining Apple flaw relates to Software Update, which could be
  exploited by a local user or a malicious Web site visited via Safari
  with default download options checked.)

<http://tj.tntluoma.com/mac/moab>
<http://www.macalope.com/?p=158>

  In fact, MoAB revealed one of the best aspects of the larger Mac
  developer community: generosity. Landon Fuller took it on himself to
  release patches to the vulnerabilities revealed at MoAB and
  ultimately received help from many others. While he couldn't fix
  every problem completely, nor do so on the same day the exploit was
  released, he and his colleagues had a remarkable track record.

<http://landonf.bikemonkey.org/code/macosx>

  MoAB received the most criticism about its disclosure policy - the
  authors said that typically no notice was given to Apple or affected
  companies before they posted the details of their exploit. They
  wrote, "'Responsible disclosure' exists when the vendor doesn't
  deploy any harmful tactics against the source of the vulnerability
  reports, and requires confidence by all parties involved. At the
  moment, we don't trust Apple on these matters due to the track [sic]
  of incidents and unpleasant situations surrounding their policy on
  product vulnerability handling."

  (Oddly, they offered to give only Fuller a heads-up each day in
  advance of the public; he declined, in a transcript the MoAB backers
  posted, to avoid the "appearance of collusion," since he enjoyed
  demonstrating that exploits could be fixed without any insider or
  advance knowledge about them.)

  Apple has, at times, been criticized for its lackluster response to
  serious exploit reports, or its long delays in responding to known
  problems. But I haven't heard that criticism lately, with one
  exception. The MoAB project is clearly referring to how Apple
  allegedly treated David Maynor and Jon Ellch, two researchers who
  seem to have gotten stuck in a trap partly of their own devising.
  (We covered this in a series of articles we dubbed "To the Maynor
  Born: Cache and Crash" from August 2006 to January 2007.)

<http://db.tidbits.com/series/1268>

  The short story is that Maynor and Ellch appeared to have said that
  they had a successful root exploit for Mac OS X, relying on a flaw
  in Wi-Fi handling that required a proximate user to launch the
  attack. Maynor and Ellch were apparently never allowed to release
  their proof directly, and Apple patched flaws similar to those
  described, but which Apple claimed were not based on any specific
  information provided by the two. In the security note accompanying
  the Wi-Fi fixes, Maynor and Ellch weren't acknowledged.

  It's unclear whether the facts will ever be untangled in that case,
  and it appears that few people outside of Maynor, his employer,
  Apple, and Ellch have all the facts to make a judgment. Thus it's
  always frustrating to me to see unrelated parties make the
  assumption that Apple "deploy[ed] harmful tactics" when what
  happened is rather ambiguous.

  In contrast to the Maynor/Ellch situation, even with no disclosure,
  Apple apparently decided lmh and Finisterre played by the rules, and
  MoAB and the two were credited in the several bugs that Apple has
  patched (see related story, "Security Update 2007-002 Squashes MoAB
  Bugs").

<http://db.tidbits.com/article/8860>

  What did the "pride of MoAB" lead to? Not much. I, for one, am fully
  aware that the possibility of a true, widespread, system remote
  exploit of Mac OS X remains. And almost all MoAB's exploits required
  either (or both) an attacker with local access or a computer owner
  who engaged in unusual behavior, such as downloading and opening an
  unknown file.

  It's a testament to the Mac community as a whole that MoAB's
  irresponsible disclosure, coupled with childish taunts and tactics,
  was met with quick, civil responses by Apple and the other Macintosh
  developers. Generosity and cooperation will provide far more overall
  security than a bunch of ill-mannered hackers.


InterviewBITS: Key Apple Technologies
-------------------------------------
  by Adam C. Engst <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8870>

  The pool of Macintosh software has become incredibly deep over the
  years, containing a vast number of applications for nearly every
  imaginable purpose. I was pondering that fact the other day when I
  started wondering just which of Apple's many technologies were the
  most important to the developers who create the programs we use on a
  regular basis. Rather than mull over this question in a theoretical
  fashion, I decided to ask a select set of developers: Which Apple
  technologies had proven the most important for your business, and
  why? (Some of these developers are current or past TidBITS sponsors;
  I chose them not because of that fact, but because I knew them well
  enough to ask them to respond on short notice.)

  I wasn't looking for what someone might think was particularly cool.
  Instead, with this one question I hoped to find the technologies
  that have actually enabled the creation of new tools, new ways of
  working, or even new ways of thinking about what's possible. You may
  not recognize the names of all of these people, but I'm certain
  you'll recognize their products.


**Paul Kafasis** -- CEO/Lackey, Rogue Amoeba Software (Products: Audio
  Hijack Pro, Fission, Airfoil, Nicecast)

<http://www.rogueamoeba.com/>

  Although it's perhaps too obvious, Cocoa has had a big impact on our
  work, and the Mac world in general. All of Rogue Amoeba's products
  are built with it, and it has worked quite well for us. Cocoa has
  made it an order of magnitude (or more) easier to create software
  for Mac OS X, which has led to rapid development of new products and
  updates. That's very important for a small company with limited
  resources.

<http://developer.apple.com/cocoa/>

  But more interestingly, I'd like to nominate the iPod. We don't make
  any software that works specifically with the iPod, nor iPod
  hardware, so how can it be so important to us? The trick is that the
  iPod has brought music to the masses and turned everyone into an
  audio user. The more people use audio, the more relevant our
  products become to them. If a user has an iPod and he wants new
  content, he can use Audio Hijack Pro to record just about anything.
  Fission will let him edit that audio before it goes on his iPod. And
  if he's playing audio around his house, Airfoil will be useful for
  enabling playback through the AirPort Express. As audio use becomes
  a bigger part of users' lives due to the iPod, our products gain
  potential users.

<http://www.apple.com/itunes/>


**Julian Miller** -- President, Script Software (Products: ChatFX,
  CopyPaste, iKey, iClock, iWatermark, KnowledgeMiner)

<http://www.scriptsoftware.com/>

  Cocoa is essential, but the most entertaining and useful technology
  from Apple for us at the moment is Quartz Composer, which is
  included for free with Apple's Developer Tools. It is a visual
  programming language for video, and deserves to be better known.
  Quartz Composer is embedded deep within Mac OS X, and it relies on
  OpenGL, Core Image, Core Video, and other core Apple technologies.
  With it anyone can create various Quartz Compositions that can
  perform magic on various types of video input. We use it in ChatFX,
  our video special effects software for iChat (and soon for Skype,
  Yahoo Messenger, MSN Messenger, iMovie, etc.), to add bluescreen,
  Photo Booth-type effects, 3D, and more to video conferencing. It is
  powerful, useful, and whole lot of fun even if you're not a
  developer. In fact our next fun application (unannounced) will also
  use Quartz Composer extensively.

<http://developer.apple.com/documentation/GraphicsImaging/Conceptual/QuartzComposer/qc_intro/chapter_1_section_1.html>


**Jayson Adams** -- VP of Technology, Circus Ponies Software (Product:
  Circus Ponies NoteBook)

<http://www.circusponies.com/>

  For us, the most important technology is definitely Apple's Cocoa
  Frameworks. The Cocoa Frameworks are collections of objects -
  everything from numbers and lists to buttons and windows - that
  application writers can use to build their Macintosh software
  products. These objects are so well written and well designed that
  one person can write an application that would take 10 programmers
  to cobble together on another platform. This leverage also means
  that in the end, developers have more time to focus on the code that
  makes their applications unique.

<http://developer.apple.com/documentation/Cocoa/Conceptual/CocoaFundamentals/WhatIsCocoa/chapter_2_section_5.html#//apple_ref/doc/uid/TP40002974-CH3-SW10>


**Jim Matthews** -- President, Fetch Softworks (Product: Fetch)

<http://fetchsoftworks.com/>

  Fetch wouldn't be the same program without any of at least a dozen
  Apple technologies, from AppleScript to Open GL (for the animated
  progress donut). But if I had to pick one essential technology it
  would be the Core OS networking services, from the AirPort and
  Ethernet drivers up through the TCP/IP stack and CFNetwork. All of
  our user interface work is aimed at making it easier to move data
  from one computer to another, and that effort is wasted without a
  robust networking infrastructure to put the bits on the wire (or
  radio waves). Apple was the first personal computer maker to build
  networking into their systems, and the first to have a standardized
  TCP/IP programming interface for accessing the Internet. In Mac OS X
  the networking infrastructure is more efficient, reliable, and
  flexible than ever before, and that's critical for applications like
  Fetch.

<http://developer.apple.com/documentation/MacOSX/Conceptual/OSX_Technology_Overview/SystemTechnology/chapter_4_section_2.html#//apple_ref/doc/uid/TP40001067-CH207-BBCDJGCJ>


**Greg Scown** -- Founder, SmileOnMyMac (Products: PDFpen/Pro,
  PageSender, DiscLabel, TextExpander, BrowseBack)

<http://www.smileonmymac.com/>

  Apple's adoption of PDF as the standard imaging model for Mac OS X
  has been the most important technology for our business. Enabling
  users to create a PDF of anything they can print makes it possible
  to share documents across platforms with great ease. It also creates
  a market for PDF manipulation and markup tools, such as PDFpen.
  Recently, we were even able to stretch the limits of the PDF's
  nature as a read-only format to offer our new Correct Text feature,
  which lets users actually replace existing text within a PDF.

<http://www.apple.com/macosx/features/pdf/>


**Rich Siegel** -- Founder and CEO, Bare Bones Software (Products:
  BBEdit, Yojimbo, Mailsmith, TextWrangler)

<http://www.barebones.com/>

  Our products are more illustrative of your "deep and vast" premise,
  rather than a demonstration of using a single "most important"
  technology. We select from the system API sets (Carbon, Cocoa, or
  POSIX) that allow us to address our customers' needs most
  effectively (based on our assessment of a performance/scalability
  need or specific user-experience goal).

<http://developer.apple.com/carbon/>
<http://developer.apple.com/cocoa/>
<http://developer.apple.com/documentation/Cocoa/Conceptual/Multithreading/articles/ThreadPackages.html#//apple_ref/doc/uid/TP40001474-110124>

  Cocoa's Core Data subsystem provides the crucial data storage
  reliability for Yojimbo, our information organizer. Yojimbo also
  uses various Cocoa UI services to create its effortless user
  experience, and Sync Services to implement synchronization of data
  across multiple computers (through the use of .Mac or Mark/Space's
  new SyncTogether).

<http://developer.apple.com/macosx/coredata.html>
<http://developer.apple.com/macosx/syncservices.html>

  BBEdit and TextWrangler rely on ATSUI (Apple Type Services for
  Unicode Imaging) to put the text on the screen - where the rubber
  meets the road, so to speak. Both products' performance and
  scalability didn't originate with Apple-provided technology, but we
  used Core Foundation and the Multiprocessing API (basically, a
  wrapper on the POSIX threads API) to improve the user experience.

<http://developer.apple.com/documentation/Carbon/Conceptual/ATSUI_Concepts/atsui_chap1/chapter_1_section_1.html>
<http://developer.apple.com/corefoundation/>

  Our pro products are known for setting the standard in automation
  support, and to achieve this they rely on the AppleScript and Apple
  Event APIs, and Automator and the POSIX programming interfaces for
  running AppleScript scripts, Unix scripts, filters, and powering
  BBEdit's Shell Worksheets. Finally, many of BBEdit's features sit
  atop Cocoa APIs for doing the heavy lifting: spell checking, the
  Font panel, and live HTML previews.

<http://www.apple.com/macosx/features/applescript/>
<http://developer.apple.com/documentation/AppleScript/Conceptual/AppleEvents/intro_aepg/chapter_1_section_1.html>
<http://www.apple.com/macosx/features/automator/>

  So, as you can tell, our technology choices cut across a wide swath
  of technology disciplines - sometimes even within a single product -
  to address an equally wide range of customer needs.


Take Control News/19-Feb-07
---------------------------
  by Adam C. Engst <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8871>

**Month of Apple Sales #3: Tame the Tiger** -- Working with big cats
  requires skill and knowledge, and Mac OS X Tiger is no exception.
  Hone your technical chops with this carefully chosen collection of
  our most in-depth ebooks about tricky Mac OS X issues. You'll find
  detailed background information and help with sending and receiving
  email in Apple Mail, fighting spam, working with fonts,
  understanding and managing permissions, and sharing files over
  networks. Buy these 6 ebooks (over 800 pages!) today for only $26,
  and you'll save 60 percent off the list price of $65!

* Take Control of Fonts in Mac OS X
* Take Control of Font Problems in Mac OS X
* Take Control of Sharing Files in Mac OS X
* Take Control of Permissions in Mac OS X
* Take Control of Apple Mail in Tiger
* Take Control of Spam with Apple Mail

  To take advantage of this discount, just purchase from the Month of
  Apple Sales #3: Tame the Tiger page.

<http://www.takecontrolbooks.com/offers/moas3.html>

  And yes, if you want the bundle but already own one of these books,
  feel free to give your extra copy to a friend. One more sale coming
  up next week! (And don't worry - there's no overlap.)


Hot Topics in TidBITS Talk/19-Feb-07
------------------------------------
  by TidBITS Staff <[EMAIL PROTECTED]>
  article link: <http://db.tidbits.com/article/8872>

**Database Syncing** -- Our Macworld Expo superlatives article
  mentioned SyncDeK for synchronizing databases, but a reader points
  out that fmSQL Synch has done similar work for years. (1 message)

<http://emperor.tidbits.com/TidBITS/Talk/1141/>


**HD movies and the Mac** -- Now that HD video capture is starting to
  trickle down to consumer-priced levels, what's available for the
  Mac? Are we stuck with MiniDV tapes still, or is there hope with the
  new hard-disk-based cameras? (4 messages)

<http://emperor.tidbits.com/TidBITS/Talk/1142/>


**The Grouch** -- Remember when your Mac's Trash had the capability to
  sing to you? You can do it under Mac OS X, using a few different
  methods. The original author even weighs in! (8 messages)

<http://emperor.tidbits.com/TidBITS/Talk/1143/>


**Daylight Saving Time May Bite the Out-of-Date** -- Could the problem
  of time synchronization with the adjusted Daylight Saving Time have
  been averted by more diligent Macintosh software engineering? (1
  message)

<http://emperor.tidbits.com/TidBITS/Talk/1144/>


**Article on carpal tunnel** -- An article about carpal tunnel
  syndrome leads to discussion of similar repetitive strain injuries
  (5 messages)

<http://emperor.tidbits.com/TidBITS/Talk/1145/>


$$

This is TidBITS, a free weekly technology newsletter providing timely
news, insightful analysis, and in-depth reviews to the Macintosh and
Internet communities. Feel free to forward to friends; better still,
please ask them to subscribe!

Non-profit, non-commercial publications and Web sites may reprint or
link to articles if full credit is given. Others please contact us. We
do not guarantee accuracy of articles. Caveat lector. Publication,
product, and company names may be registered trademarks of their
companies. TidBITS ISSN 1090-7017.

Copyright 2007 TidBITS: Reuse governed by Creative Commons license.

Contact us at:    <[EMAIL PROTECTED]>
TidBITS Web site: <http://www.tidbits.com/>
License terms:    <http://www.tidbits.com/terms/>
Full text search: <http://www.tidbits.com/search/>
Subscriptions:    <http://www.tidbits.com/about/list.html>
Account help:     <http://www.tidbits.com/about/account-help.html>


--
If you want to unsubscribe or change your address, use this link
http://emperor.tidbits.com/webx?unsub@@.3c557dc4!u=306a67f9

Reply via email to