Basic Filtering for Normal People…

Earlier I posted about my “tanstaafl” related issues in getting filtering and proxy services set up.

Good news: I finally got it all to start reliably. It’s still a bit quirky about restarts for log turnovers though.

Nevertheless, I stumbled into something else incredibly useful, and after a few weeks of trying it out I will be shutting down my own filtering.

The service is called openDNS. Their purpose is to replace the sometimes flaky DNS service that comes with your ISP (Hi, Comcast!) and provide an alternate means to look up addresses on the internet. This means that every time you try to look up www.apple.com, their computer takes the web address and sends back the numerical address, much like looking up phone numbers in a phonebook by name.

The side benefit of this is that you can also specify corrections of typos, define what kind of websites you don’t want visited from your household or office, and specify what exceptions you want to allow, because they control what computer you connect to when you ask for a website.

Specifying what you want to block follows the same categories used in DansGuardian, and the logs give you a nice list of sites that have been denied. What it doesn’t do is let you know who in your network made the request, give you a weight for how strict to be within a category, or let you see what sites have been visited that were not blocked.

I can deal with those weaknesses, as it simplifies my computer setup and makes it a little more difficult for the kids to work around the restraints (I still make sure I eyeball their activity and computers on a regular basis). It has one other “plus” – the instructions. They have excellent documentation that should go a long way in helping you set up your router or computer to use their DNS servers as well as tracking changes in the IP address your ISP hands you.

Best of all, it’s “free.”

Well, not completely. They make money by sending mistyped or flat-out wrong domain names to their own search and ad results. 

A Neat Feature in Stacks

Yes, I loathe the ever-changing stacks icons, and the workarounds needed to make a stack a consistently identifiable target.

That said, there are a few features that you look at and wonder how you lived without it.

For example.  A new file gets downloaded to your inbox. You click on the stack and the stack pops open. Click on the disk image file and the disk mounts. Then you install your software. Now it’s time to clean up.

Now, my past practice has been to open up my inbox and drag the image file from the inbox into the trash. Unthinking, I clicked on the stack again since my selection arrow was nearby,  clicked on the image file, and stopped.

I didn’t want to reopen it. So still holding down the mouse button while kicking myself mentally and expecting to see a new “disk” pop up on my desktop, I instead see the file move with the arrow. Before I realize what I’m doing I drag it into the trash.

Not quite believing what I just saw, I open up the trash, and sure enough, the file is there.

Wow.

UPDATE: As of OSX 10.5.2 Apple fixed the stack issue. You can now have the icon in your dock show up as the containing folder, and keep a nice, easy to identify target. They’ve added some more improvements too.

Virus Scams

 

A client of mine recently received an email purporting to be from the Department of Justice (and another one from “the IRS” ) relating to claims made against their business. It had some official-looking language about case numbers and claims filed by so-and-so, and noted that a copy of the complaint was included “in the pdf below.” They were suspicious for several reasons, and asked me to check it out.

Even if you expect the IRS or DOJ to email you out of the blue with this kind of thing, addressing the recipient by the wrong gender is a big red flag. The other thing that made me immediately suspicious was the “pdf” file was zipped.

The ZIP format is an incredibly useful compression and archiving standard that was even more important back when internet access was typically via modem. The downside is that if the package is really a virus installer it will not only unpack the virus files but execute them, infecting your system. For this reason any decent virus scanner will search through .zip files as they come in, but some viruses still slip through, especially in email. Also, PDF files are already compressed so there is little benefit from further compressing them (technically speaking – the graphics are already compressed. You may save some space by compressing the text more). Someone legitimately sending a PDF – or any document small enough to reasonably email (a word DOC file, etc.) – will almost never go out of their way to zip it up. Laziness, if nothing else, practically guarantees this.

As a matter of nettiquette, never email someone a .zip file without warning them ahead of time, and if you receive one without a prior heads up from a known, trusted source, be very suspicious. One of the nastiest infections I cleaned out looked like it came from a trusted source so the client opened it up without checking with the sender.

To wrap the story up, I took a snapshot of my virtual Vista installation under VMWare Fusion so I could restore to that earlier point, and looked at the zip file.  As expected, the antivirus software immediately caught it and archived it.

DAVE and Leopard

Just discovered another upgrade “gotcha” with Leopard related to Thursby Software’s “DAVE.”

DAVE has been around a long time. Before OSX it allowed Macs to access windows shares and networks with the same credentials/etc. as windows machines. Even when OSX allowed access to Windows file servers and limited Active Directory compatibility Dave and AdmitMac were a much more complete solution, especially when it came to home folders, authenticating to a domain, etc.

Of course, such an extensive system hack intercepting all of the Windows-related CIFS/SMB traffic is likely to break on a major system upgrade, and sure enough it did. If you remembered to remove this before upgrading to Leopard, or first installed the update to version 7, then all was well, and you could still access Windows servers. if you didn’t, your computer would fail to connect.

Fixing this isn’t that tricky, but is non-obvious unless you are paying for an upgrade. In all cases the best way to remove DAVE is to use the removal package (DAVE is one of the few programs on a Mac that really needs an uninstaller). The issue is that the same incompatibility that prevents DAVE from working prevents the version 6 or earlier uninstaller to shut down the services. In this case, download the trial for version 7 (don’t even bother filling out hte form, just download it), and run the uninstaller for version 7. After a restart, your Mac will get back onto SMB servers as reliably as ever.

Minor Recovery Issues.

I’ve been more a fan of the VMWare Fusion virtual windows solution than Parallels, usually because Fusion has had less stability issues (especially relating to one client’s Quickbooks needs) and was just a little more polished. Well, sometimes you find rough spots.

Apparently Fusion assumes the hard drive size never changes. After installing the new HD in my MacBook pro and recovering from backups, everything else worked great, but Fusion couldn’t run the Boot Camp parition. While the error told me it realized the partition map had changed, Fusion would not give me the option of pointing to the new drive.

It was not a difficult fix – I found where Fusion stored the virtual machine file that pointed to the Boot Camp partition and deleted it, allowing Fusion to create a new one.  Nevertheless, VMWare should not assume that people will never change disks or partition maps, and should have provided an option to reset where it should find the Boot Camp partition.

Best Feature of Leopard Yet…

… has got to be Time Machine.

Last week I was at a clients’ office and had my laptop drop off a counter just, just after I’d put it to sleep.

The good news was that the MacBooks and MacBook pros all have sensors that, upon sensing an impact can park the heads on the hard drive before they have a chance to crash into the platters and kill the drive.

The bad news is that right when you put it to sleep, the laptop writes out the contents of RAM to the HD in case the battery dies/is removed, but the sensors are not functional.

So I had one thoroughly dead hard drive.

After finagling around with Disk Utility and discovering I could create a partition big enough for all of my files that avoided the damaged areas and was thus usable, I restored the computer from my Time Machine backups and a few hours later was back to work. Most of this time was spent figuring out what parts of the drive were usable.

Then I ordered a new drive which I installed this weekend. Not ridiculously difficult (say… like a Mac Mini) but I’ll never complain about pulling apart a Toshiba or Compaq again.

Anyway. The point is that I had my computer back in full running order within hours in what was effectively a bare metal restoration. All my programs worked, and all of my settings were in place. All of this as part of the backup system that came with the OS.

Side note. I hate Torx screws. Why do manufacturers insist on using Torx screws on top of the mini-phillips (and even regular phillips) sized screws? The good news. Lowes has a nifty Kobalt-brand multi-head Torx screwdriver that includes T5 and T6 heads for about five bucks.

Double Life – Part II

It’s been over a year since Apple shifted over to using the intel chipset in their machines, and every end of the computer product line now uses them. Adobe finally got an intel-native version of their apps out (only to be delayed in making CS3 Leopard-compatible.), and I could play EVE online if I only had the time.

I said a while ago that time would tell, as it wouldn’t be easy.

Apple sure made it look that way though.