d00dism

After a little hiatus this weekend, I’m back. So is Apple with exciting news. They’ve updated their Powerbook line of computers. Don’t get too excited though, they’re still G4s. However, it’s a nice solid revision. The bus speed is the same, but there’s a whole host of new statistics.

For the 17″:

• 1.67 GHz G4
• 512 MB RAM
• 100 GB hard drive
• 8x SuperDrive
• ATI Mobility Radeon 9700 (128 MB) dual-link DVI
• $2,699

For the 15″:

• 1.67 or 1.5 GHz G4
• 512 MB RAM
• 80 GB hard drive
• 8X SuperDrive or Combo drive
• ATI Mobility Radeon 9700 (64 MB)
• $2,299 or $1,999 respectively

Finally, the 12″:

• 1.5 GHz G4
• 512 MB RAM
• 60 or 80 GB hard drive
• 8X SuperDrive or Combo drive
• Nvidia GeForce FX GO 5200 (64 MB)
• $1,699 or $1,499 respectively

More detailed stats are available at Apple’s website as always.

With the only real change being a price drop and a little faster CPU from the former model, I can still be proud of the 1.33 GHz G4 Powerbook I type this on. But what about the increased RAM? Why did I ignore that in comparing to my Powerbook?

It’s worthy to note all the Powerbooks come with at least 512 MB of RAM. This is a good thing. However, I still can’t take that into effect. Little publicized as of yet is the fact that the 12″ still has a single accessible slot and the soldered RAM is still only 256 MB. That means your single slot is taken up with a fairly puny 256 MB stick no matter what. Should you choose to upgrade the RAM on your own (for example, by putting in a 1 GB stick), that stick becomes completely useless. That’s a rather big waste.

However, the addition of Bluetooth 2.0 bodes well for these new Powerbooks and opens the way for all kinds of new peripherals. Only time will tell what they will be.

Update: Some clarification of my comments regarding the RAM have been requested. When you upgrade the RAM on a Powerbook 12″, you have to put whatever you buy into the one accessible slot. The standard configuration currently places a 256 MB stick into that slot by default. You must remove it to insert the new RAM. The new amount of RAM (256 MB plus whatever the size of the stick you choose) will definitely be useful. However, that 256 MB you removed is now destined for a shelf, or maybe if you’re enterprising, eBay. In my case, my Powerbook came with only the soldered 256 MB of RAM. I bought a 1 GB stick and brought the machine up to 1.25 GB. Now, if I were to get one of today’s Powerbook 12″ models, it would come with 512 MB of RAM. I’d have to remove 256 MB in order to add the 1 GB and still end up with only 1.25 GB of RAM and a stick that I essentially couldn’t do anything with. It would have been far better if Apple had made the soldered amount 512 MB and left the only slot free. However, more starting RAM is a step in the right direction and they should be commended for at least that.

The Mac mini has spurred large amounts of interest in the PC community. With the mini’s lack of a bundled keyboard and mouse, the natural question becomes “Can I use my existing mouse and keyboard with the Mac mini?” Given that they are USB, the answer is yes. For mice, this is largely trivial. Just plug it in and use it. Optionally install drivers if it’s a Logitech or Microsoft product.

Keyboards are a whole other can of worms because of a single section, the bottom row. On a Mac keyboard, the keys along the bottom, in order, are control, option, command, space bar, command, option, control. The topic of this article is USB keyboards, so custom layouts such as laptop keyboards are ignored. On a PC keyboard, the keys are generally control, Windows, alt, space bar, alt, Windows, context, control. It’s pretty similar save the context key.

The fact is that despite different labeling, these are essentially the same keys, serving very similar functions in that, except for the space bar, they are modifier keys. You hold the key and press another to perform some function. As such, it should come as no surprise that these keys will work. One can invoke all the available hotkeys on a Mac with a PC keyboard that one could using a Mac one.

There is a large caveat. Although one would expect that the placement of these keys would indicate equivalent function on a Mac keyboard, this isn’t true. Control is control, Windows is command, and alt is option. The last two are the difference. Ignoring the labeling on the physical keys, when a PC keyboard is attached to a Mac, the functional order of the keys is control, command, option, space bar, option, command, nothing, control. The order of option and command are reversed.

PC users unfamiliar with this traditional layout won’t be bothered by this. They will still have to know what the keys do without correct labeling. Users familiar with Macs will be bothered by this. There is a quick, easy, and cheap (free) solution. DoubleCommand is a key remapper, allowing one to effectively swap the two keys. With that, you can have a PC keyboard work perfectly on a Mac.

Apple has released the 2005-001 Security Update for Mac OS X. This update fixes several important vulnerabilities.

at Commands

The at commands (at, atrm, batch, atq, and atrun) allow a user to specify commands be run at a later time. That’s not the inherint bad thing. Being able to schedule things on a whim without using cron is good because it’s a one time deal. Want to run permissions repair in an hour while you’re on lunch, but afraid you’ll forget to initiate it later? Use the at command.

Anyway, the problem was that the commands scheduled with at didn’t run with the initating user’s permissions. For example, a malicious user can’t delete your home directory because it’s owned by you. The rm command will fail due to lack of permissions. Using the unpatched version of at, that malicious user could schedule that rm command and it would complete successfully. That’s not good.

Thankfully, outside of server and large multi-user environments, this isn’t a large concern. It first requires that a malicious person has successfully logged into your machine, which shouldn’t happen unless you’ve given them an account.

Colorsync

ICC (color) profiles that are malformed could run arbitrary code, which means that a program doing anything could be run and wreak havoc on your machine.

libxml2 Library

Programs linking against this library could take advantage of some buffer overflow problems, again, allowing pretty much any code to be executed, resulting in complete compromise of the machine.

Tracing Mail(.app)

This security problem is interesting. One of the RFC-822 required email headers is a unique identifier (GUUID). That ID is associated with the ethernet component of the computer. That means that your email messages could be traced back to your particular computer. This is naturally undesirable. That ID is now hashed and concatenated with a random number to complete obscure any data associating your computer with that piece of mail.

PHP

The exploit that was used a little while ago to make a web worm (many websites suddenly had “you are pwned” web pages up instead of their regular content) was present in the default version of PHP included with OS X. They’ve updated it to 4.3.10.

Safari

This isn’t so much a technology exploit as a social engineering exploit. If pop-up window blocking isn’t enabled, aribitrary web pages can display pop ups. They can also do it when in the background (in a different window or tab). If a web page opens up another actually trusted web page (say your bank’s site or a e-commerce site), uses a timer while waiting in the background, and then pops up a window prompting for information while you’re at the trusted site, you might mistakenly think it’s from the trusted site and give out sensitive information. The real problem is that people will assume that the trusted site popped that window up without proof. They happily type out their social security number, mother’s maiden name, login ID and password into the bank site. It’s fixed anyway.

Now you can’t. I read this out of CNN:

During the committee hearings, Boxer said the Bush administration had changed its rationale for the Iraq war from eradicating weapons of mass destruction after no such weapons were found.

In response, Rice asked Boxer to “refrain from impugning my integrity.”

That sounds pretty damning for Rice. It also seems very clear cut that she was avoiding a question. However, it doesn’t seem so when we examine the actual question posed (or at least what appears to be what Rice was responding to).

When Senator Voinovich mentioned the issue of tsunami relief, you said — your first words were The tsunami was a wonderful opportunity for us. Now, the tsunami was one of the worst tragedies of our lifetime, one of the worst, and it’s going to have a 10-year impact on rebuilding that area. I was very disappointed in your statement. I think you blew the opportunity. You mentioned it as part of one sentence. And I would hope to work with you on this, because children are suffering; we’re worried they’re going to get in the sex trade. This thing is a disaster — a true natural disaster and a human disaster of great proportions.

Note, according to the transcript, Rice said no such thing. Also worthy of note is that Boxer didn’t so much as interview Rice as lecture her for untold minutes. According to Word, the speech leading up to Rice’s initial response was 2,109 words long. My application essay to U-Mass was capped at a fourth of that. Rice’s response wasn’t limited to that simple phrase either. It was 626 words long.

If CNN’s misleading, oversimplified version of Boxer and Rice’s extended exchange isn’t bias, I don’t know what is. Before you make any decisions about Rice’s answers, read the transcript. It paints quite a different picture than the one that Boxer has been trotting in front of the media.

I’ve been thinking about replacing my Microsoft Intellimouse Explorer for some time now. It’s a great mouse and has always served me well. However, considering it was a gift from my ex, it carries some emotional discomfort with it. Besides, it only has five buttons and is wired. Wired peripherals are soo 2003.

I’ve done so well with Microsoft mice thus I thought I’d continue to throw business their way. I looked at the Wireless Intellimouse Explorer 2.0 in the “Night Vision” color. I found it listed at Buy.com for less than $20. Kick in a mail-in rebate and a store coupon and the price was $12. I couldn’t afford to not get this mouse. Sadly, it seems that the mouse has been discontinued by Microsoft, catching nearly every retailer carrying the mouse off guard. Nearly every retailer I visited showed the mouse as in stock, but in the several days following my order, all of them marked the mouse as discontinued.

So much for that.

I expanded my search. I included Microsoft’s main competition in the mouse market, Logitech. The unfortunate lack of Mac support of their Bluetooth MX 900 mouse immediately ruled it out. This isn’t a problem localized to Logitech. Microsoft also doesn’t support their Bluetooth Intellimouse Explorer on Macs either. The laser using MX 1000 mouse really caught my eye. Marketed (and verified through several review sites) as the most accurately tracking mouse ever, I was drawn in. It featured a laser instead of an LED for tracking and a tilt-wheel (one of the features on the Microsoft mouse that seemed really enticing).

I had to have it. Dana heard me go on and on about it in my typical geeky awe. However, at a suggested retail price of $80, it’s not only considered the best mice out there, it’s also the most expensive. The price started dipping down to $70 at many retailers. Just recently it’s hovered a little above $60. When Staples offered it for $60, I pounced. I combined that price with a $15 off $75 purchase and $15 worth of DVD-Rs and cases to get the mouse plus $15 of stuff for $60. I pulled the trigger on the sale.

So now I wait for the mouse to arrive. Staples is telling me that it should arrive today via UPS. You can expect a review shortly thereafter if it does.