eXtra Notes

Blue Apple

Graham K. Rogers

Unpublished ideas that are not going to make it into print

Previous note (1) can be found here.
Previous note (2) can be found here.
Previous note (3) can be found here.
Previous note (4) can be found here.
Previous note (5) can be found here.
Previous note (6) can be found here.

ADSL again
In general terms
I am content with the ADSL link I have. The line works, although I am not too sure about the speeds that data is being sent and received: TRUE's information has a caveat about times when transmissions may slow. My own connection is not slowing but always seems about the same mid-range speed. Before putting anything on paper, I will have to check and compare speeds. It is, most certainly, considerably faster than the 56k modems I have been used to -- does anyone remember the excuciatingly slow 2400bps modems? Most of the software I download, and updates to this site by FTP, have been accomplished in good time; and a friend who called by, who also has a Mac, was quite surprised when he saw the speeds that pages uploaded. We have seen better, but it will do as a start.

We can do better than this

With some time to spare in the middle of the week, I was fiddling with the modem/router as I had noticed that the log entries were all, apart from the first, dated 1/1/70. That first entry took its time from a server on the Internet (and it was not using Thai time). The log then skipped a heart beat and everything else jumped back to zero time. This is not really a problem although it could be if you were trying to isolate a problem that stemmed from a break-in. With the right times in the configuration file logs and double-checking with other logs (internally and externally on the Mac), it is possible to learn a great deal about the "who" and the "where" as far as this type of security is concerned.

I found nothing in the installed configuration files about the times so, took advantage of being online all the time and used Google to check for the local supplier, PCi. I was reasonably impressed with what I found, particularly the online access to technical information. The company makes several devices for computer users including routers, wireless network equipment and plenty of others. It dawned on me that this was the same group that produced the Bluetooth USB module that I have had so much success with. To find this information, though, you have to use the Search facility.

While I was nosing my way round the site, I came across information about firmware updates for the modem/router I (and several other I know) are using. A few minutes later, they were on my desktop and unpacked into .exe files. After the recent Windows-centric nonsense I have found at TRUE (and other places), I wrote a quick note to ask about these Windows updates and Mac ones, and about the time resettting problem. Local users will know that there are three normal reactions: nothing, a response about three days later which totally misses the point, or a reply that suggests that the user is mistaken and there is nothing wrong with the wonderful service/software/hardware.

There is a possible fourth response; and I was pleased to have an initial reply within an hour or so of my e-mail telling me that it was in hand and that a techie would be dealing with it. By the time I had surfaced from the morning cup of coffee, there was a detailed reply in my mailbox. The gist of the message was that, oops, we did forget the Mac users but we have already contacted the main company and as soon as the firmware updates (Mac flavour) arrive, we will let you know. There was a brief discussion of the time anomaly (this may be in a firmware fix) and then a look at ADSL in general.

It is nice to go to the office with a warm feeling; the thought that someone does care and does know exactly what you have written about and that they also are thinking along the same lines.

An aside that I found a little amusing this week came from an Apple Knowledge Base article concerning the use of USB modems, "Mac OS X: A USB modem might prevent startup". In an article of few words, somewhat tongue in cheek too, Apple's cure for the problem on a non-starting computer with USB modem, is to detach the modem, restart, then re-attach the device. Good, eh? And people wonder why I would rather not use the free USB modem.

I have heard four or five stories which suggest that, although certain parts of the operation do work, a lot of the TRUE Corporation could do with considerable sharpening. The paucity of information about Macs (of course) concerns me, as well as the number of Mac users who have been in touch over their contacts with TRUE: if people are contacting me, they should have got their answers from the company but didn't. I had mentioned before about the way the TRUE website could do with some better organisation and that, if customers ask questions on line, it might be part of a service-oriented company's job to answer those queries. This weakness struck another friend and Mac user this week who took the brave step of trying to order the ADSL service via the online site. After a number of days of zero information and contradictions, the link was cancelled and a second order placed in a real TRUE store with real people.

I contrast this with several examples I have experienced this week: the queries with PCi (above); ordering from the New York Museum of Modern Art (MoMA); and London's Tate Gallery. Not so good was the Guggenheim Museum, whose shop is run from a Yahoo! website. I cancelled an order as they insist on using UPS, with no alternatives, and I have been unhappy with UPS service in Thailand in the past. Also a disappointment was the Museo Nacional del Prado in Madrid where customer-oriented web design does not seem to be a strong point, and an online shop is nowhere to be found: a real shame considering what the Prado has. This may, of course, be a conscious decision. I admit to knowing nothing about Spanish law on online sales.

The above problem of an online presence goes back to a point I made a couple of xnotes ago: complacency is not the way to build business or keep customers: both the Guggenheim and the Prado did not get their hand on my cash this wekend as they fail to cater to this customer's needs. The same applies (and will apply) to other sites/companies/organisations that I deal with (excluding monopolies of course -- by definition there is no choice).

An odd thing about all the galleries (above) is that not one of them has a decent logo that I could have borrowed to highlight their online attractions

updateOn Saturday morning (6 November) I awoke to find that Apple had sneakily provided the 10.3.6 update to OSX while I had been sleeping. For me, the download of 14.3MB was over so fast that I had not finished the "repair permissions" task I do before and after installations. Although Software Update will do the job for you, I prefer to download the package to the desktop and install when I am ready. That also allows me to archive the update should it be needed again.

There are several other downloads of this update currently available. If you use Software Update, the installer will select the optimum package for your computer. There are also Combo updates available on the relevant Apple pages and these include all the earlier updates. I will also download this and keep it. The downloads available are:

From the looks of the downloads, I got off fairly lightly. Thus far: zero problems.

In the last day or so, Pixar, one of the success stories in animation movies of late (and headed by Steve Jobs -- another feather in his cap) put a teaser online for a new animated feature called, Cars. As we are flush with the succcess of the ADSL connection I decided to indulge myself (it was Sunday morning after all) and try the "big" download. Amusing, particularly the little trucks that make up the pit crew, and I loved when they give themselves "high fives" after the pit-stop.

cars As well as the three normal sizes for QuickTime trailers, there is also one with the heading, "SUV". When that is activated, iTunes opens and the whole screen is taken up. The download took a few minutes but the larger size is much nicer than the postage stamp views I have been used to with a 56k modem. The film has the voices of Paul Newman, Bonnie Hunt, Owen Wilson, Richard Petty and several others, but is not due for release until November 2005. Another smash?

Some technical information
There has been concern in some quarters about what the fear-mongers have dubbed the first Mac "virus". "Renepo", which is Opener backwards is not a virus or worm (according to Apple). It seems to be based on a Unix tool named "John the Ripper", and the only way it can be on your computer is if you help it install itself; and you would have to download it first. Do not install anything unless you know what it is you are installing and you know it is from a reliable source.

One of the advantages of OSX is that "root" is not directly accessible by a user. Only you should know your admin password. Opinion seems to suggest that the unfortunate finding this "Renepo" was the victim of an intrusion scheme and may not have applied all the security updates. Another thing that is being suggested is not to run the computer on a day-to-day basis from the Admin account. I must admit that I do this for my home machine, but not in the office. With ADSL maybe I should rethink this.

Renepo/Opener is a "rootkit" -- tools that will take over the installation -- but you need Admin privileges and would have to enter the password (just like installing any piece of legitimate software). If you do not know what you are installing, then the solution would be not to install, eh?

Anyone concerned can run a couple of quick checks. First, open Terminal and, at the command line, type sudo ls -l /Users/*/Public/.info (you will be asked for your password). You should see this: ls: /Users/*/Public/.info: No such file or directory but if not, find the directory /Library/StartupItems and see what is in there. I have three (I have substituted X and x for the real names):

XXXXXX:/Library/StartupItems xxxxx$ ls -l
total 0
drwxr-xr-x 5 root admin 170 31 Oct 09:21 LittleSnitch
drwxr-xr-x 8 root admin 272 6 Aug 14:28 Macaroni
drwxrwxr-x 6 root admin 204 24 Sep 18:07 Tablet

I know exactly where each of these came from and what is inside.

There is no need to be overly worried about this threat, but if you want more information Macintouch website has a dialogue on this. Also on that page is a link to some information about a system monitor utility called Tripwire. I have installed this, but would not suggest it unless you are really comfortable working at the command line in Terminal. This is one that screams out for a GUI version.

As well as putting it on my home machine a colleague at work put a version on his Linux computer and is very happy with the way it reports on the Linux installation. Following his suggestions, I had another run through and followed to the letter the instructions on the Mac Guru "Tripwire" pages. I managed to update the database and get a text file of the report. That came to about 152 pages, so I will not be printing it out. As I receive more help and update the installation, I will share what I have.

As an additional comforting note, Tom Harrington of Atomic Bird who wrote "Macaroni", has much to say about about this non-threat. Tom has the same quote I borrowed from the forums (on Sunday 31 Oct) and have in the previous eXtra note: with the amount of trouble involved in getting this worm to work, it would be easier to steal the computer from my desk.

All materials ©copyright G.K. Rogers. Free for individual use.

Other links:

Bangkok Post, Database
Mac Center: Thailand
OSX Faq Mac Dr Smoke's X Lab Site George Mann
Applelinks MacNightOwl MacNightOwl

Phuket Mac User Group

For further information, e-mail to Graham K. Rogers.

To eXtensions, Current items

To eXtensions, Year Two

To eXtensions, Book Reviews

To Education Page

To Motorcycles Page

Back to homepage