Just when I was starting to feel a little secure...

Nice, eh?

=-=-=-=-=

MacLockPick delivers passwords
by M. Sharp, Insanely Great Mac
http://www.insanely-great.com/news.php?id=7174
April 28th 2007

SubRosaSoft has just released a new product called the MacLockPick,
which does just what the name implies�extracts user passwords, logins
for different Apple applications, website history and passwords to
different visited sites and more.

MacLockPick is a valuable tool for law enforcement professionals to
perform live forensics on Mac OS X systems. The solution is based on a
USB Flash drive that can be inserted into a suspect's Mac OS X computer
that is running (or sleeping). Once the software is run it will extract
data from the Apple Keychain and system settings in order to provide
the examiner fast access to the suspect's critical information with as
little interaction or trace as possible.

 This device extracts 24 different points of data from the OS X system,
including OS login for the current user to recently used applications,
drive mounts, email and instant messaging info, WiFi connections, the
iPods you own, and all your internet browsing history.

 MacLockPick sells for $500 (civilians), or for $450 (state / local
police) and $400 (feds) when purchasing in bulk.

geefive wrote:
> Just when I was starting to feel a little secure...
> 
> Nice, eh?
> 
> =-=-=-=-=
> 
> MacLockPick delivers passwords
> by M. Sharp, Insanely Great Mac
> http://www.insanely-great.com/news.php?id=7174
> April 28th 2007

It does, of course, require physical access to the machine.  You can get 
into any machine if you can open it up.

Chu

-- 
chuenginsberg at mac dot com
VISTA = Virus Inside - Switch To Apple

In article <280420072116535414%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> Just when I was starting to feel a little secure...
> 
> Nice, eh?

a) This doesn't really have anything to do with what the OS vendor or 
any other application author may be sending over the wire, which seemed 
to be a fairly large aspect of your concern.

b) It requires physical access to the machine.

c) If you look carefully, you might notice that the comment about being 
$500 for 'civilians' doesn't mean any random person can pick it up on a 
whim.

"MacLockPick is not for sale to the general public. Purchasers will be 
required to provide proof that they are a licensed law enforcement 
professional. Users are required to ensure that the use of this 
technology is legal on federal, state, and local level."

And on the product page is enough of a summary of what it looks for that 
a person who actually cares about dealing with what it might find can do 
so.

G

geefive <geefive@geefive.com> wrote:

> Just when I was starting to feel a little secure...

Um, if someone is using your computer and, therefore, in a position to
run this software, you have a much bigger problem...

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

Gregory Weston wrote:
> In article <280420072116535414%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
>> Just when I was starting to feel a little secure...
>>
>> Nice, eh?
> 
> a) This doesn't really have anything to do with what the OS vendor or 
> any other application author may be sending over the wire, which seemed 
> to be a fairly large aspect of your concern.
> 
> b) It requires physical access to the machine.
> 
> c) If you look carefully, you might notice that the comment about being 
> $500 for 'civilians' doesn't mean any random person can pick it up on a 
> whim.
> 
> "MacLockPick is not for sale to the general public. Purchasers will be 
> required to provide proof that they are a licensed law enforcement 
> professional. Users are required to ensure that the use of this 
> technology is legal on federal, state, and local level."
> 
> And on the product page is enough of a summary of what it looks for that 
> a person who actually cares about dealing with what it might find can do 
> so.

GW-

Please stop your anti-FUD posting. It' much more fun to live in fear 
that your Mac is about to be picked apart by some random goon.

-- 
John McWilliams
<s>

In article <1hxbtxz.1v1ddyn1dq7qszN%mikePOST@TOGROUPmacconsult.com>,
Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> geefive <geefive@geefive.com> wrote:
> 
> > Just when I was starting to feel a little secure...
> 
> Um, if someone is using your computer and, therefore, in a position to
> run this software, you have a much bigger problem...

You can't be too careful these days.  No matter who you are.  Do you
think that the definition of law enforcement means just governmental
agencies, or do you think it also includes corporate security
personnel?  Faith-based organizations?  The media?  Airport security
morons?  Your neighborhood association?  Your landlord?  A hotel/motel
you stay at?  Your child's school?

So, I guess it might be interesting to know if Apple Computer made it
possible for this intrusive device to be invented.  If that's the case,
then they have been telling lies for a long time about security.  I'd
rather think that Apple is as shocked as I am about this and that
they'll issue some updates to negate this new development.

geefive <geefive@geefive.com> wrote:

> > Um, if someone is using your computer and, therefore, in a position to
> > run this software, you have a much bigger problem...
> 
> You can't be too careful these days.  No matter who you are.  Do you
> think that the definition of law enforcement means just governmental
> agencies, or do you think it also includes corporate security
> personnel?  Faith-based organizations?  The media?  Airport security
> morons?  Your neighborhood association?  Your landlord?  A hotel/motel
> you stay at?  Your child's school?

Um, you completely missed my point.  Of course anyone can use that
software.  To do so, however, they have to be sitting right there at
your computer.  If someone is in that position against your will, you
have a much bigger problem than just computer security.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <1hxc2d1.1xk4ugl1irnga3N%mikePOST@TOGROUPmacconsult.com>,
Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> geefive <geefive@geefive.com> wrote:
> 
> > > Um, if someone is using your computer and, therefore, in a position to
> > > run this software, you have a much bigger problem...
> > 
> > You can't be too careful these days.  No matter who you are.  Do you
> > think that the definition of law enforcement means just governmental
> > agencies, or do you think it also includes corporate security
> > personnel?  Faith-based organizations?  The media?  Airport security
> > morons?  Your neighborhood association?  Your landlord?  A hotel/motel
> > you stay at?  Your child's school?
> 
> Um, you completely missed my point.  Of course anyone can use that
> software.  To do so, however, they have to be sitting right there at
> your computer.  If someone is in that position against your will, you
> have a much bigger problem than just computer security.

I got the point.  There are many reasons for someone to use my computer
without my permission.  Say if I take it through airport security and
they decide to take it to another room for a quick look.  Is it a
stretch to think that they might make a copy of my drive to look at it
later?  Later on, maybe, when an employee or even the janitor makes a
copy for himself and then contacts my competitor to sell my new product
ideas/plans or my customer lists?  Or keeps me off a flight because I
read Drudge Report and sometimes link through that site to a website
they think is liberal or is a foreign source (which would make anyone a
suspect these days)?  Or if my kid takes my home computer to school and
it's his day to have his locker searched?

"Will," as in "against your will," counts for nothing these days.  Our
will, collective or individual, does not exist anymore.  It's assumed
that you are doing something wrong if you say you don't want to be
searched because you're a person who would like to enjoy the
traditional benefits of the Bill Of Rights, without regard to being a
person who has something to hide or not.  And what if you _have_
something to hide?  Like my medical records and personal ID data?

> So, I guess it might be interesting to know if Apple Computer made it
> possible for this intrusive device to be invented.  If that's the case,
> then they have been telling lies for a long time about security.  I'd
> rather think that Apple is as shocked as I am about this and that
> they'll issue some updates to negate this new development.

You didn't comment on Apple's participation in this.  It might be more
important to know if Apple approves/cooperates than to know of the
existence of the intrusion device.  I can't imagine the development of
it violates an Apple patent or copyright.  And what happens to Apple's
reputation for security when everyone with a "connection" or a
dreamt-up security "need" has a device?  Is Apple Computer going to
deny involvement in this under some sort of "gag order?"  Listen to
their response (if any), like, "We're not allowed to say if we had
anything to do with this."  And why were there no rumors about this
device before it was put on the market?  So many questions, so few
answers.

geefive <geefive@geefive.com> wrote:

> I got the point.  There are many reasons for someone to use my computer
> without my permission.

There certainly are, and if they're doing that, you have a much bigger
problem.

> Say if I take it through airport security and
> they decide to take it to another room for a quick look.

You're going to carry a G5 through airport security?

> Is it a stretch to think that they might make a copy of my drive to look
> at it later?

If you believe this, who cares about this security software?  You're
screwed whether they have it or not.

> Later on, maybe, when an employee or even the janitor makes a
> copy for himself and then contacts my competitor to sell my new product
> ideas/plans or my customer lists?  Or keeps me off a flight because I
> read Drudge Report and sometimes link through that site to a website
> they think is liberal or is a foreign source (which would make anyone a
> suspect these days)?  Or if my kid takes my home computer to school and
> it's his day to have his locker searched?

If you're genuinely worried about all this, you shouldn't be using a
computer.

> > So, I guess it might be interesting to know if Apple Computer made it
> > possible for this intrusive device to be invented.  If that's the case,
> > then they have been telling lies for a long time about security.  I'd
> > rather think that Apple is as shocked as I am about this and that
> > they'll issue some updates to negate this new development.

You quoted this as if it's something I wrote.  I did not and would not.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <1hxc51e.mqurgf10jf2fvN%mikePOST@TOGROUPmacconsult.com>,
Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

geefive wrote:
I got the point.  There are many reasons for someone to use my computer
without my permission.

Mike Rosenberg wrote:
There certainly are, and if they're doing that, you have a much bigger
problem.

geefive writes:
Why do you keep on saying that?  The fact that this is a problem does
not have to be restated.  It's obvious.  Quite a few people have this
problem, most everyone who has a computer, especially if they buy Macs
because the OS is supposed to be intrusion resistant.

geefive wrote:
Say if I take it through airport security and
they decide to take it to another room for a quick look.

Mike Rosenberg wrote:
You're going to carry a G5 through airport security?

geefive writes:
The G5 is not my only computer, but it's the one I like best.  And a
Mac doesn't have to be a G5 to be subject to this new device.  It's
OSX-specific.

geefive wrote:
Is it a stretch to think that they might make a copy of my drive to look
at it later?

Mike Rosenberg wrote:
If you believe this, who cares about this security software?  You're
screwed whether they have it or not.

geefive writes:
This new device makes it easier for an intrusive event to take place. 
And consideration has to be given to the notion that I am not a tekkie,
just an ordinary bloke like many others who might give pause when the
extent of the capabilities and uses of this device filter down to the
broad base of home or small-business users.

Mike Rosenberg wrote:
If you're genuinely worried about all this, you shouldn't be using a
computer.

geefive writes:
How can you say that?  If you don't use a computer these days, you're
dead in the water.  Especially where you try to compete with people who
have computers -- for instance, you would need ten bookkeepers to do on
paper what one bookkeeper does on the computer.  Not having a computer
is not an option.  

geefive wrote:
So, I guess it might be interesting to know if Apple Computer made it
possible for this intrusive device to be invented.  If that's the case,
then they have been telling lies for a long time about security.  I'd
rather think that Apple is as shocked as I am about this and that
they'll issue some updates to negate this new development.

Mike Rosenberg wrote:
You quoted this as if it's something I wrote.  I did not and would not.

geefive writes:
But not intentionally.  And saying so shifts attention away from the
real problem.  I know you didn't write it, you know you didn't write
it, but what is the answer to it?

geefive <geefive@geefive.com> wrote:

> Mike Rosenberg wrote:
> If you're genuinely worried about all this, you shouldn't be using a
> computer.
> 
> geefive writes:
> How can you say that?  If you don't use a computer these days, you're
> dead in the water.

I meant if _YOU_ specifically are genuinely worried, YOU specificially
shouldn't use a computer.  You're far too paranoid.  In all my years
reading the comp.sys.mac newsgroups, I've come across two people I would
say that about, and you're one of them.  Search for posts by someone
calling himself "Phantasy" to see the other.

> Especially where you try to compete with people who
> have computers -- for instance, you would need ten bookkeepers to do on
> paper what one bookkeeper does on the computer.  Not having a computer
> is not an option. 

Well, then, you had better do something about your irrational fears.  I
mean, come on, being worried about airport janitors?

> Mike Rosenberg wrote:
> You quoted this as if it's something I wrote.  I did not and would not.
> 
> geefive writes:
> But not intentionally.  And saying so shifts attention away from the
> real problem.  I know you didn't write it, you know you didn't write
> it, but what is the answer to it?

The answer to _what_?  You didn't ask a question.  You wrote:

> So, I guess it might be interesting to know if Apple Computer made it
> possible for this intrusive device to be invented.  If that's the case,
> then they have been telling lies for a long time about security.  I'd
> rather think that Apple is as shocked as I am about this and that
> they'll issue some updates to negate this new development.

Okay, so you're interested to know.  Fine.  I'm not interested to know.
I'm not worried about anyone reading what's on my Mac.  You can worry
for all the rest of us if that's what floats your boat.  I have more
immediate things to be concerned about.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <290420071216104660%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> This new device makes it easier for an intrusive event to take place. 
> And consideration has to be given to the notion that I am not a tekkie,
> just an ordinary bloke like many others who might give pause when the
> extent of the capabilities and uses of this device filter down to the
> broad base of home or small-business users.

If it really bothers you, why not just unload the kext that mounts USB 
drives.  If you're really paranoid, you could move it to a different 
location where it must be loaded explicitly loaded by a user with root 
access, or you could delete it altogether.

-- 
Tom Stiller

PGP fingerprint =  5108 DDB2 9761 EDE5 E7E3 
                   7BDA 71ED 6496 99C0 C7CF

Tom Stiller <tomstiller@comcast.net> wrote:

> If it really bothers you, why not just unload the kext that mounts USB
> drives.  If you're really paranoid, you could move it to a different 
> location where it must be loaded explicitly loaded by a user with root
> access, or you could delete it altogether

Yes, but none of that would protect him from time traveling industrial
rockers, since they could just do it prior to when he made that change.
Face it, he's screwed.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> Tom Stiller <tomstiller@comcast.net> wrote:
> 
> > If it really bothers you, why not just unload the kext that mounts USB
> > drives.  If you're really paranoid, you could move it to a different
> > location where it must be loaded explicitly loaded by a user with root
> > access, or you could delete it altogether
> 
> Yes, but none of that would protect him from time traveling industrial
> rockers, since they could just do it prior to when he made that change.
> Face it, he's screwed.

http://eclectech.co.uk/mindcontrol.php
Simply.
-- 
/Jon
For contact info, run the following in Terminal: 
Mail: echo 36199371860304980107073482417748002696458P|dc
Skype: echo 139576319600233690471689738P|dc

In article <1hxc7wn.1x9qhfv1v1oua9N%mikePOST@TOGROUPmacconsult.com>,
 mikePOST@TOGROUPmacconsult.com (Mike Rosenberg) wrote:

> In all my years reading the comp.sys.mac newsgroups, I've come across 
> two people I would say that about, and you're one of them.  Search 
> for posts by someone calling himself "Phantasy" to see the other.

Think that it's possible that they're the same person?  Sometimes I 
wonder whether New Guy is also the same person.

-- 
Support the troops:  Bring them home ASAP.

Michelle Steiner <michelle@michelle.org> wrote:

> Think that it's possible that they're the same person?

Frankly, I don't.  I don't see anything in common other than the
paranoia.

> Sometimes I wonder whether New Guy is also the same person.

My impression is that we're dealing with three people.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

geefive <geefive@geefive.com> writes:

> In article <1hxbtxz.1v1ddyn1dq7qszN%mikePOST@TOGROUPmacconsult.com>,
> Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:
> 
> > geefive <geefive@geefive.com> wrote:
> > 
> > > Just when I was starting to feel a little secure...
> > 
> > Um, if someone is using your computer and, therefore, in a position to
> > run this software, you have a much bigger problem...
> 
> You can't be too careful these days.  No matter who you are.  Do you
> think that the definition of law enforcement means just governmental
> agencies, or do you think it also includes corporate security
> personnel?  Faith-based organizations?  The media?  Airport security
> morons?  Your neighborhood association?  Your landlord?  A hotel/motel
> you stay at?  Your child's school?
> 
> So, I guess it might be interesting to know if Apple Computer made it
> possible for this intrusive device to be invented.  If that's the case,
> then they have been telling lies for a long time about security.  I'd
> rather think that Apple is as shocked as I am about this and that
> they'll issue some updates to negate this new development.

If you're worried about this, then make sure the keychains are locked
when those who you are worried about have access to the computer.
And make sure that you require a password in order to wake the
computer from sleep - from the description, it seems likely that alone
would stop this thing.

It works when the computer is on, you are logged in, and the computer
is either running or asleep so that it can be wakened.  It then has
access to unlocked keychains.  It doesn't do anything that couldn't be
done by anyone who just opened the laptop and typed - it just does it
quicker and less obtrusively.

-- 
    Bill Mitchell
    Dept of Mathematics,        The University of Florida
    PO Box 118105, Gainesville, FL 32611--8105
    mitchell@math.ufl.edu	(352) 392-0281 x284

Gregory Weston <uce@splook.com> writes:

> 
> c) If you look carefully, you might notice that the comment about being 
> $500 for 'civilians' doesn't mean any random person can pick it up on a 
> whim.
> 
> "MacLockPick is not for sale to the general public. Purchasers will be 
> required to provide proof that they are a licensed law enforcement 
> professional. Users are required to ensure that the use of this 
> technology is legal on federal, state, and local level."
> 

If I _were_ worried, then this wouldn't do much to reassure me.

-- 
    Bill Mitchell
    Dept of Mathematics,        The University of Florida
    PO Box 118105, Gainesville, FL 32611--8105
    mitchell@math.ufl.edu	(352) 392-0281 x284

In article <tomstiller-C92CC3.15332229042007@comcast.dca.giganews.com>,
Tom Stiller <tomstiller@comcast.net> wrote:
> In article <290420071216104660%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > This new device makes it easier for an intrusive event to take place. 
> > And consideration has to be given to the notion that I am not a tekkie,
> > just an ordinary bloke like many others who might give pause when the
> > extent of the capabilities and uses of this device filter down to the
> > broad base of home or small-business users.
> 
> If it really bothers you, why not just unload the kext that mounts USB 
> drives.  If you're really paranoid, you could move it to a different 
> location where it must be loaded explicitly loaded by a user with root 
> access, or you could delete it altogether.

I have no idea how to do those things.  I wouldn't take the time to
find out.  I shouldn't have to do so because OSX and the Mac have a
reputation of being as secure as can be.  Now, apparently, the bar has
been lowered.  When people who use Macs because of better security find
out about this, then one has to wonder how many will throw in the
towel, or maybe sell the stock.

=-=-=-=-=

In article <1hxc7wn.1x9qhfv1v1oua9N%mikePOST@TOGROUPmacconsult.com>,
Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> geefive <geefive@geefive.com> wrote:
> > So, I guess it might be interesting to know if Apple Computer made it
> > possible for this intrusive device to be invented.
> 
> Okay, so you're interested to know.  Fine.  I'm not interested to know.

"I'm not interested to know" is your way of saying you know nothing
about this matter?  You're responding to minutiae and compositional
faux pas while ignoring the main question - what does Apple know about
this, and what sort of discussion is appropriate about it?  

Does someone else in this group know if Apple aided in the development
of this device?  I was originally concerned about caching and logging,
but this is a much bigger thing.  Certainly the software agreement
disallows the use of it to defeat itself or to reverse-engineer for
security cracks.  Is it lawful without Apple's permission?

geefive <geefive@geefive.com> wrote:

> > > So, I guess it might be interesting to know if Apple Computer made it
> > > possible for this intrusive device to be invented.
> > 
> > Okay, so you're interested to know.  Fine.  I'm not interested to know.
> 
> "I'm not interested to know" is your way of saying you know nothing
> about this matter?

My initial lack of response the first time you posted it sums up all I
really care to say about it.  Period, end of story.  Has it completely
escaped your attention that NO ONE has responded to that?  If anyone who
has already read it cared to, they would have done so.

> You're responding to minutiae and compositional
> faux pas while ignoring the main question - what does Apple know about
> this, and what sort of discussion is appropriate about it? 

You're very confused.  My response was and continues to be that you're a
paranoid nutcase.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <y9dlkgbq6ek.fsf@hotel.math.ufl.edu>, William Mitchell
<mitchell@math.ufl.edu> wrote:

> It works when the computer is on, you are logged in, and the computer
> is either running or asleep so that it can be wakened.  It then has
> access to unlocked keychains.  It doesn't do anything that couldn't be
> done by anyone who just opened the laptop and typed - it just does it
> quicker and less obtrusively.

The following comments are not directed at you, Mr. Mitchell.  I'm just
using your comments as a springboard to more discussion, and to try
again to determine Apple's role in the development of this tool.
 
It looks more cunning to me.  Here's the description again:

"...it will extract data from the Apple Keychain and system settings in
order to provide the examiner fast access to the suspect's critical
information with as little interaction or trace as possible. This
device extracts 24 different points of data from the OS X system,
including OS login for the current user to recently used applications,
drive mounts, email and instant messaging info, WiFi connections, the
iPods you own, and all your internet browsing history."

So my concerns about caching and logging were valid, even though
several people in mac.apps and mac.system told me they were baseless,
don't worry, nothing can possibly go wrong... go wrong... go wrong... 

Perhaps I'm overreacting because of my interest in caching and logging
being followed immediately by this new phenom.  I'd still like Apple to
come out and say that they didn't have anything to do with this, that
it violates the software agreement for whatever version of the OS they
were using, and that it's illegal and anti-competitive if it turns out
that customers lose confidence in the Mac and the OS as a result of
this device.

I would think that this group is the right place to discuss this and
not to have people push it aside as if it doesn't affect them. 
Anything that affects one Mac user affects us all.

Once in a while at the grocery store I'll walk over next to a woman and
tell her that she's turned her back on her purse in the cart.  Nine
times out of ten she'll say "Oh, well, there's nothing valuable in
there."  Now it seems as if people who might be experts brush this
matter aside as if "Well, I have nothing to hide" (so who cares if your
computer or mine is mined by someone with one of these devices?).  It's
a crazy notion.

I'm reminded of the red-light changer that's popping up all over the
place.  Have you ever started through a light that's just turned green
and it turns red within seconds?  Chances are the next car through the
intersection has one of these devices.  They're not for public use. 
But, just like this new security device, once it's out there, everyone
who wants one will find a way to get it.  You know it, I know it, and I
think a thief with one of these devices would quickly realize that real
value of it lies in the personal data, contacts, product plans, lists
of vendors and contacts.  Heck, someone could start a business with my
data - it's all right there.  And I bought into the Mac because of an
aura of security that no longer exists.

I don't want to know that don't care, and what they're not afraid of. 
I want to know what those of us who believed in Mac security are
supposed to think or do now in light of this development.

In article <y9dhcqzq6bh.fsf@hotel.math.ufl.edu>,
 William Mitchell <mitchell@math.ufl.edu> wrote:

> Gregory Weston <uce@splook.com> writes:
> 
> > 
> > c) If you look carefully, you might notice that the comment about being 
> > $500 for 'civilians' doesn't mean any random person can pick it up on a 
> > whim.
> > 
> > "MacLockPick is not for sale to the general public. Purchasers will be 
> > required to provide proof that they are a licensed law enforcement 
> > professional. Users are required to ensure that the use of this 
> > technology is legal on federal, state, and local level."
> > 
> 
> If I _were_ worried, then this wouldn't do much to reassure me.

How about the bit where the investigator needs physical access to the 
machine and the user being investigated already needs to be logged in 
with the machine not locked?

In article <1hxcbvh.cq6v0w1jj0vavN%mikePOST@TOGROUPmacconsult.com>,
Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> You're very confused.  My response was and continues to be that you're a
> paranoid nutcase.

Oh, okay, now I'm a nutcase.  Is that what you say to people for whom
you have no answer?  I'm a nutcase because you don't know?

When I see it posted in Insanely Great Mac, I think it's an issue or it
soon will be.  It's a serious issue, and I don't consider it to be
unimportant because it's not responded to here, or it's responded to
negatively.

How long before this becomes a web app?  Do you think that the hackers
are ignoring it?  Whatever software is in the new device might be
implemented in Javascript (for all I know).  It's because I don't know
that I'm asking about it here.

And I still want to know if Apple helped develop the device and, if
they didn't, what they are going to do about protecting my computer,
maybe with a security update.

geefive <geefive@geefive.com> wrote:

> I would think that this group is the right place to discuss this and
> not to have people push it aside as if it doesn't affect them. 
> Anything that affects one Mac user affects us all.

The way this works is you post, people respond OR NOT, as they see fit.

> I don't want to know that don't care, and what they're not afraid of.

And you would NOT know any of that about me if you hadn't browbeaten me
with that paragraph I didn't respond to.  I ignored it, you repeated it
in your response to me while making it look as if *I* had written it.
Now THAT is something I care very much about, and I responded lest
anyone reading your post got the wrong impression about what I had
written.

> I want to know what those of us who believed in Mac security are
> supposed to think or do now in light of this development.

And yet it appears that you only want to know what we think as long as
we're of the same mind as you.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

geefive <geefive@geefive.com> wrote:

> Oh, okay, now I'm a nutcase.

That's my opinion, yes.

> Is that what you say to people for whom you have no answer?

No.

> I'm a nutcase because you don't know?

No.

I think you're a nutcase because I think you have irrational fears.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <uce-12B300.17031129042007@comcast.dca.giganews.com>,
Gregory Weston <uce@splook.com> wrote:

> In article <y9dhcqzq6bh.fsf@hotel.math.ufl.edu>,
>  William Mitchell <mitchell@math.ufl.edu> wrote:
> 
> > Gregory Weston <uce@splook.com> writes:
> > 
> > > 
> > > c) If you look carefully, you might notice that the comment about being 
> > > $500 for 'civilians' doesn't mean any random person can pick it up on a 
> > > whim.
> > > 
> > > "MacLockPick is not for sale to the general public. Purchasers will be 
> > > required to provide proof that they are a licensed law enforcement 
> > > professional. Users are required to ensure that the use of this 
> > > technology is legal on federal, state, and local level."
> > > 
> > 
> > If I _were_ worried, then this wouldn't do much to reassure me.
> 
> How about the bit where the investigator needs physical access to the 
> machine and the user being investigated already needs to be logged in 
> with the machine not locked?

I don't know.  It's beyond my level of competence to address this. 
Somehow I don't feel like this is a barrier.  Will the thief be stopped
by it?  Can it be worked around?

This reminds me of a time long ago when I need a combination license. 
The local DMV license office told me (blah, blah, blah, forms, forms,
forms, mostly involving the blessing/training by an employer).  But a
friend of mine told me that what they don't say is all you need to tell
them is "I'm self employed), in which case they give you a written and
cut you the license on the spot.

See, sometimes things are said that obfuscate the truth or only tell a
half truth.  Like the machine needing to be up and running for this
device to work.  What they're not saying is, while that's true, they
have this _other_ device or procedure that starts the computer and
bypasses the security in that process.

I'm not reassured by the need for the computer to be running (or
asleep).

geefive <geefive@geefive.com> wrote:

> > How about the bit where the investigator needs physical access to the
> > machine and the user being investigated already needs to be logged in
> > with the machine not locked?
> 
> I don't know.  It's beyond my level of competence to address this. 

However, it's _not_ beyond the level of competence of the people who
have been responding to your posts.  What's the point of asking
questions if you're going to dismiss the responses you get?  You want to
run around like Chicken Little saying the sky is falling?  Go right
ahead!  Just please do it somewhere else.  You have already been told
here, over and over, that your concerns are unwarranted.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <1hxcd0f.10tidl8r1kysN%mikePOST@TOGROUPmacconsult.com>, Mike
Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> And you would NOT know any of that about me if you hadn't browbeaten me
> with that paragraph I didn't respond to.  I ignored it, you repeated it
> in your response to me while making it look as if *I* had written it.
> Now THAT is something I care very much about, and I responded lest
> anyone reading your post got the wrong impression about what I had
> written.

I had absolutely _zero_ intention of doing that.  It's easy to make
mistakes with the little </> thingies when cutting and pasting.  Like I
said, it was a faux pas, and not an egregious one.  Anyone who had been
following the thread up to then could see what I was writing and what
you had responded with.

> And yet it appears that you only want to know what we think as long as
> we're of the same mind as you.

Not necessarily, although it's perfectly normal for someone to want
people to empathize with them, don't you think?

It seems like you turned on me because you didn't have an answer, or
didn't want to say it, or didn't like my asking of it, and now you're
poking me because... because why?  Because you're upset because I
pressed the issue instead of putting my mind at ease with your
assurances that my concern doesn't matter?

And, look, there's nothing in your message or this reply about the
issue.  Stop taking umbrage at my writing style or my concerns because
you don't or won't answer.  It's peripheral to the issue.

geefive <geefive@geefive.com> quoted:

> MacLockPick is a valuable tool for law enforcement professionals to
> perform live forensics on Mac OS X systems. The solution is based on a
> USB Flash drive that can be inserted into a suspect's Mac OS X computer
> that is running (or sleeping). Once the software is run it will extract
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> data from the Apple Keychain and system settings in order to provide
> the examiner fast access to the suspect's critical information with as
> little interaction or trace as possible.
> 
>  This device extracts 24 different points of data from the OS X system,
> including OS login for the current user to recently used applications,
                     ^^^^^^^^^^^^^^^^^^^^ 
> drive mounts, email and instant messaging info, WiFi connections, the
> iPods you own, and all your internet browsing history.
                            
So it doesn't really "crack" much of anything; it just automates data
collection about a currently logged in user who isn't very careful. 

From a glance at the product info page
<http://www.subrosasoft.com/OSXSoftware/index.php?main_page=product_info
&cPath=200&products_id=195>, it looks like this is designed as a
*starting point* in gathering the kind of information that real law
enforcement officers would need to support the warrant needed for this
kind of snooping. Without permission, they couldn't do this without a
warrant. With a warrant, they'd seize the drive and take it back to lab
for full data recovery. This product is really aimed at bosses who want
to find out what their employees are doing with the company Macs. 

In article <1hxcdh8.e6rgx81nlebvwN%mikePOST@TOGROUPmacconsult.com>,
Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> geefive <geefive@geefive.com> wrote:
> 
> > Oh, okay, now I'm a nutcase.
> 
> That's my opinion, yes.
> 
> > Is that what you say to people for whom you have no answer?
> 
> No.
> 
> > I'm a nutcase because you don't know?
> 
> No.
> 
> I think you're a nutcase because I think you have irrational fears.

Alright, I'm a nutcase with irrational fears (wink to everyone but Mike
Rosenberg), so let it go.  It doesn't address the issue, does it?

I don't see anyone here offering reassuring comments about this device. 
Besides, I don't think that concern about a device like this one is
irrational.  You _know_ that it will be more widely available and
abused than the initial promo says.  Will Apple admit now that their OS
security assurances are bogus?  Will they mark on the box that the OS
is no longer secure and that buying one for security of information is
not advised?  Given the aura of security Apple has built over the
years, this sudden turn of events seems to negate it.

It's just like the red-light tripper.  It's illegal, and not supposed
to be in the hands of civilians, but it's here and being used.  So will
this device be after some time.

geefive <geefive@geefive.com> wrote:

> > And you would NOT know any of that about me if you hadn't browbeaten me
> > with that paragraph I didn't respond to.  I ignored it, you repeated it
> > in your response to me while making it look as if *I* had written it.
> > Now THAT is something I care very much about, and I responded lest
> > anyone reading your post got the wrong impression about what I had
> > written.
> 
> I had absolutely _zero_ intention of doing that.  It's easy to make
> mistakes with the little </> thingies when cutting and pasting.  Like I
> said, it was a faux pas, and not an egregious one.

What purpose did it serve by repeating it at all?  That's what I meant
by "if you hadn't browbeaten me with that paragraph I didn't respond
to."

> Anyone who had been following the thread up to then could see what I was
> writing and what you had responded with.

Anyone who had read your post immediately prior to reading mine would
have known that, but everyone else would have thought I had written it.
If I'm quoted as saying something I did not, I'm going to point that
out.

> It seems like you turned on me because you didn't have an answer, or
> didn't want to say it, or didn't like my asking of it, and now you're
> poking me because... because why?

I don't know how it seems like that to you because I didn't even respond
to that paragraph in the first place.

> Because you're upset because I pressed the issue instead of putting my
> mind at ease with your assurances that my concern doesn't matter?

I'm not upset.  I'm simply responding to your posts.  You appear to be
upset.

> And, look, there's nothing in your message or this reply about the
> issue.  Stop taking umbrage at my writing style or my concerns because
> you don't or won't answer.  It's peripheral to the issue.

I have already told you precisely how I feel about the issue.  Why do
you keep pressing me on it?  My initial response, completely ignoring it
and not quoting it in my follow-up, stands.  You can keep bringing it up
if you think I'm going to respond differently, but you'll be wasting
your time and effort.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

On Sun, 29 Apr 2007 14:09:57 -0400, geefive wrote
(in article <290420071109575641%geefive@geefive.com>):

> In article <1hxc2d1.1xk4ugl1irnga3N%mikePOST@TOGROUPmacconsult.com>,
> Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:
> 
>> geefive <geefive@geefive.com> wrote:
>> 
>>>> Um, if someone is using your computer and, therefore, in a position to
>>>> run this software, you have a much bigger problem...
>>> 
>>> You can't be too careful these days.  No matter who you are.  Do you
>>> think that the definition of law enforcement means just governmental
>>> agencies, or do you think it also includes corporate security
>>> personnel?  Faith-based organizations?  The media?  Airport security
>>> morons?  Your neighborhood association?  Your landlord?  A hotel/motel
>>> you stay at?  Your child's school?
>> 
>> Um, you completely missed my point.  Of course anyone can use that
>> software.  To do so, however, they have to be sitting right there at
>> your computer.  If someone is in that position against your will, you
>> have a much bigger problem than just computer security.
> 
> I got the point.  There are many reasons for someone to use my computer
> without my permission.

If it's _my_ personal computer, there are none... unless it comes with a 
warrant. In which case my lawyer will do my talking for me.

>  Say if I take it through airport security and
> they decide to take it to another room for a quick look.

They don't go into a different room with _my_ machine without _me_, not 
without a warrant, anyway.

Turning the machine on in my presence is, of course, different.

If they have a warrant, you have problems other than them looking at your 
stuff...


>  Is it a
> stretch to think that they might make a copy of my drive to look at it
> later?

It'd take rather a while to do that. It takes literal hours to copy large 
amounts of data. Besides, there's ways around that. My main Mac desktop at 
home does not have anything other than the OS, the installed apps, and 
anything which might be in the Library, such as fonts. The contents of my 
home directory is on another drive entirely. (Several other drives, actually, 
certain of which are accessed over the network.) Stuff I gotta take with me 
is encrypted, and on a 120 GB USB travel drive... which ain't kept in the 
same bag as the laptop. The laptop's got the OS, and apps, and maybe an ebook 
or something like that to read while; my data is elsewhere. And, no, it's not 
because I fear the Feds, it's 'cause I fear laptop thieves. If the Feds want, 
they can search that laptop to their heart's content, there ain't nothing on 
it and there never was anything on it that they could show the least interest 
in. Ditto my desktops. Search away, little Feddies... while I get a lawsuit 
aimed at your sorry asses.

>  Later on, maybe, when an employee or even the janitor makes a
> copy for himself and then contacts my competitor to sell my new product
> ideas/plans or my customer lists?

Kiddo, if I have physical access to the machine and a few hours to work with, 
I don't _need_ your keychain. I could, for instance, carry in another Mac, 
and boot your Mac up in FireWire Target Disk Mode... and copy every damn 
thing off it. (Yes, even if you turn on FileVault. FileVault just makes 
things harder, not impossible.) The advent of this tool makes no difference. 
For one thing, FileVault will make it near impossible for that tool to work 
unless, as other have said, the intruder is already logged in as you.

Now, if you put your stuff elsewhere, when I boot into Target Disk Mode it's 
kinda hard to get your stuff 'cause _it ain't there_. And if your stuff is 
encrypted, then even if I find where you put it, I'm gonna have a problem 
reading it 'cause it's... encrypted. And not with something that uses 
KeyChain.

>  Or keeps me off a flight because I
> read Drudge Report and sometimes link through that site to a website
> they think is liberal or is a foreign source (which would make anyone a
> suspect these days)?  Or if my kid takes my home computer to school and
> it's his day to have his locker searched?

FileVault, a good password, and a good lawyer are your friends.

> 
> "Will," as in "against your will," counts for nothing these days.  Our
> will, collective or individual, does not exist anymore.  It's assumed
> that you are doing something wrong if you say you don't want to be
> searched because you're a person who would like to enjoy the
> traditional benefits of the Bill Of Rights,

One place I worked at once started a policy of searching employee vehicles as 
they left the premies. I started a policy of parking my car outside the gate. 
I was joined in that policy by several dozen people, including my manager.

> without regard to being a
> person who has something to hide or not.  And what if you _have_
> something to hide?  Like my medical records and personal ID data?

Encrypt it and put it on another drive. Problem done.

> 
>> So, I guess it might be interesting to know if Apple Computer made it
>> possible for this intrusive device to be invented.  If that's the case,
>> then they have been telling lies for a long time about security.  I'd
>> rather think that Apple is as shocked as I am about this and that
>> they'll issue some updates to negate this new development.
> 
> You didn't comment on Apple's participation in this.  It might be more
> important to know if Apple approves/cooperates than to know of the
> existence of the intrusion device.  I can't imagine the development of
> it violates an Apple patent or copyright.  And what happens to Apple's
> reputation for security when everyone with a "connection" or a
> dreamt-up security "need" has a device?  Is Apple Computer going to
> deny involvement in this under some sort of "gag order?"  Listen to
> their response (if any), like, "We're not allowed to say if we had
> anything to do with this."  And why were there no rumors about this
> device before it was put on the market?  So many questions, so few
> answers.



-- 
email to oshea dot j dot j at gmail dot com.

geefive <geefive@geefive.com> wrote:

> > I think you're a nutcase because I think you have irrational fears.
> 
> Alright, I'm a nutcase with irrational fears (wink to everyone but Mike
> Rosenberg), so let it go.

Yeah, right, everyone but me.  Michelle wonders if you're the same
person as "Phantasy", Jon posted the Tinfoil hat song for you.  That
makes the current score three people thinking you're bonkers, no one at
all saying you're not.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <1hxc3zq.1mkyio019u8s00N%massello@newsguy.com>, Neill
Massello <massello@newsguy.com> wrote:

> From a glance at the product info page
> <http://www.subrosasoft.com/OSXSoftware/index.php?main_page=product_info
> &cPath=200&products_id=195>, it looks like this is designed as a
> *starting point* in gathering the kind of information that real law
> enforcement officers would need to support the warrant needed for this
> kind of snooping. Without permission, they couldn't do this without a
> warrant. With a warrant, they'd seize the drive and take it back to lab
> for full data recovery. This product is really aimed at bosses who want
> to find out what their employees are doing with the company Macs. 

That's an interesting and plausible case to make.  

If law enforcement officers need a warrant to get the information they
need in order to get the warrant, isn't that a circular argument?

But that's not my concern.  I'm thinking of the thief who wants my
identity (maybe even compromising my business in the process).  Or
maybe a friend of my kids who sits down at my computer with mayhem in
mind.  I don't think it's necessary to develop a list of possibilities
because the consequences of data ripoff vary widely and are of
individual importance.

I still contend that the device will be more widely available than just
the responsible ones that are mentioned.  So what will (should) Apple
do about it?  I propose if they had a hand in its development that they
will say or do nothing.  As a matter of fact, they may have a warrant
of some kind that prohibits them from discussing it.  This, then, is
something the community will have to deal with without Apple's help.

On Sun, 29 Apr 2007 17:47:36 -0400, Neill Massello wrote
(in article <1hxc3zq.1mkyio019u8s00N%massello@newsguy.com>):

> geefive <geefive@geefive.com> quoted:
> 
>> MacLockPick is a valuable tool for law enforcement professionals to
>> perform live forensics on Mac OS X systems. The solution is based on a
>> USB Flash drive that can be inserted into a suspect's Mac OS X computer
>> that is running (or sleeping). Once the software is run it will extract
>   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> data from the Apple Keychain and system settings in order to provide
>> the examiner fast access to the suspect's critical information with as
>> little interaction or trace as possible.
>> 
>> This device extracts 24 different points of data from the OS X system,
>> including OS login for the current user to recently used applications,
>                      ^^^^^^^^^^^^^^^^^^^^ 
>> drive mounts, email and instant messaging info, WiFi connections, the
>> iPods you own, and all your internet browsing history.
>                             
> So it doesn't really "crack" much of anything; it just automates data
> collection about a currently logged in user who isn't very careful. 
> 
> From a glance at the product info page
> <http://www.subrosasoft.com/OSXSoftware/index.php?main_page=product_info
> &cPath=200&products_id=195>, it looks like this is designed as a
> *starting point* in gathering the kind of information that real law
> enforcement officers would need to support the warrant needed for this
> kind of snooping. Without permission, they couldn't do this without a
> warrant. With a warrant, they'd seize the drive and take it back to lab
> for full data recovery. This product is really aimed at bosses who want
> to find out what their employees are doing with the company Macs. 
> 

And it won't do much if the employee in question puts whatever on an external 
drive and then removes the external drive.

-- 
email to oshea dot j dot j at gmail dot com.

On Sun, 29 Apr 2007 17:54:21 -0400, geefive wrote
(in article <290420071454211317%geefive@geefive.com>):

> In article <1hxcdh8.e6rgx81nlebvwN%mikePOST@TOGROUPmacconsult.com>,
> Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:
> 
>> geefive <geefive@geefive.com> wrote:
>> 
>>> Oh, okay, now I'm a nutcase.
>> 
>> That's my opinion, yes.
>> 
>>> Is that what you say to people for whom you have no answer?
>> 
>> No.
>> 
>>> I'm a nutcase because you don't know?
>> 
>> No.
>> 
>> I think you're a nutcase because I think you have irrational fears.
> 
> Alright, I'm a nutcase with irrational fears

Yeppers.

> (wink to everyone but Mike
> Rosenberg),

Several other people, including me, think you're a nutcase, too.

> so let it go.  It doesn't address the issue, does it?
> 
> I don't see anyone here offering reassuring comments about this device. 

It can't be used unless the user has physical access to the machine. IF I 
HAVE PHYSICAL ACCESS TO YOUR MACHINE I CAN DO WHATEVER I DAMN WELL PLEASE TO 
IT. I don't _need_ no stinking USB key. Please see 
<http://www.microsoft.com/technet/archive/community/columns/security/essays/10
imlaws.mspx?mfr=true> and pay particular attention to law #3. (What, doesn't 
everyone read MickeySoft TechNet for fun?)

> Besides, I don't think that concern about a device like this one is
> irrational.  You _know_ that it will be more widely available and
> abused than the initial promo says.

Hoo-rah. As in order for it to be used, the user MUST HAVE PHYSICAL ACCESS TO 
MY MACHINE, this is not a problem. My machines at work are secured in a 
limited-access room. (Magnetic-card reader _and_ PIN-code entry.) My machines 
at home are fairly secure... and the hard drives which have sensitive data 
are unmounted, turned off, and parked in a locked filing cabinet except when 
in use. 

>  Will Apple admit now that their OS
> security assurances are bogus?

Doubt it, as the security is as good as it ever was.

>  Will they mark on the box that the OS
> is no longer secure and that buying one for security of information is
> not advised?  Given the aura of security Apple has built over the
> years, this sudden turn of events seems to negate it.

Only if you're a nutcase.

> 
> It's just like the red-light tripper.  It's illegal, and not supposed
> to be in the hands of civilians, but it's here and being used.  So will
> this device be after some time.

If it's in use right now it makes no difference.

-- 
email to oshea dot j dot j at gmail dot com.

On Sun, 29 Apr 2007 18:02:41 -0400, Mike Rosenberg wrote
(in article <1hxcfaw.c6knyw48m2lbN%mikePOST@TOGROUPmacconsult.com>):

> geefive <geefive@geefive.com> wrote:
> 
>>> I think you're a nutcase because I think you have irrational fears.
>> 
>> Alright, I'm a nutcase with irrational fears (wink to everyone but Mike
>> Rosenberg), so let it go.
> 
> Yeah, right, everyone but me.  Michelle wonders if you're the same
> person as "Phantasy", Jon posted the Tinfoil hat song for you.  That
> makes the current score three

Four.

> people thinking you're bonkers, no one at
> all saying you're not.
> 
> 



-- 
email to oshea dot j dot j at gmail dot com.

In article <1hxcenc.1w6ad6t13rcb8yN%mikePOST@TOGROUPmacconsult.com>,
Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> geefive <geefive@geefive.com> wrote:
> 
> > > And you would NOT know any of that about me if you hadn't browbeaten me
> > > with that paragraph I didn't respond to.  I ignored it, you repeated it
> > > in your response to me while making it look as if *I* had written it.
> > > Now THAT is something I care very much about, and I responded lest
> > > anyone reading your post got the wrong impression about what I had
> > > written.
> > 
> > I had absolutely _zero_ intention of doing that.  It's easy to make
> > mistakes with the little </> thingies when cutting and pasting.  Like I
> > said, it was a faux pas, and not an egregious one.
> 
> What purpose did it serve by repeating it at all?  That's what I meant
> by "if you hadn't browbeaten me with that paragraph I didn't respond
> to."

Please scroll down to to the next answer.
 
> > Anyone who had been following the thread up to then could see what I was
> > writing and what you had responded with.
> 
> Anyone who had read your post immediately prior to reading mine would
> have known that, but everyone else would have thought I had written it.
> If I'm quoted as saying something I did not, I'm going to point that
> out.

I repeated it all, with the unfortunate mixup in identity, which I
think I've apologized for, because people do not always check back
through a thread to read everything, so repeating establishes an entry
point for subsequent comments.
 
> > It seems like you turned on me because you didn't have an answer, or
> > didn't want to say it, or didn't like my asking of it, and now you're
> > poking me because... because why?
> 
> I don't know how it seems like that to you because I didn't even respond
> to that paragraph in the first place.

Exactly.  You abandoned commenting on the issue in favor of discussing
my mental state (which is always a bogus tactic).

> > Because you're upset because I pressed the issue instead of putting my
> > mind at ease with your assurances that my concern doesn't matter?

> I'm not upset.  I'm simply responding to your posts.  You appear to be
> upset.

I _am_ upset.  It's a serious matter.  It's serious for Apple and the
users of its hardware and OS.  Maybe not today, but there's an element
of future shock in this that you or others may not realize, and someone
has to bring it up first.  Ohhhhhh, waaaaaait a miiiiiinute, is that
what it is?  The fact that you heard it from one of the great unwashed
and it wasn't invented here?  Okay, what will your answer be about what
Apple has done or will do in this regard when someone else in the group
asks the same questions?
 
> > And, look, there's nothing in your message or this reply about the
> > issue.  Stop taking umbrage at my writing style or my concerns because
> > you don't or won't answer.  It's peripheral to the issue.
> 
> I have already told you precisely how I feel about the issue.  Why do
> you keep pressing me on it?  My initial response, completely ignoring it
> and not quoting it in my follow-up, stands.  You can keep bringing it up
> if you think I'm going to respond differently, but you'll be wasting
> your time and effort.

Yah, but mostly I see you commenting on me and not on the issue as if
the issue is of no importance because it's of concern to me first and
nobody else has weighed in on it as if it's something that needs to be
seen with a critical eye.

geefive wrote:

> geefive wrote:
> So, I guess it might be interesting to know if Apple Computer made it
> possible for this intrusive device to be invented.  If that's the case,
> then they have been telling lies for a long time about security.  I'd
> rather think that Apple is as shocked as I am about this and that
> they'll issue some updates to negate this new development.

Apple haven't done anyhting to 'enable' this, all it does is access
stuff that is stored on your HD in order for your machine to poerate as
it does, things like your password file, your keychain and so on. It
doesn't explicitly say that it can crack your passwords, but it isn't
much use if it can't. Security isn't an on or off thing, it has
gradations and gets harder to achieve the more resourceful your
adversary is.

I'd love to get a hold of a copy of this to see what it actually can do,
but it looks like they won't sell it to the plebs. Oh well. I'll have to
abandon all my criminal hacking plans!

If you want to increase your security there are ways, but you need to
learn an awful lot, and this isn't really the right place to be asking.
FileVault is about the only easy step you could use, on os x, but then
you have to trust apple.

There isn't a lot of detail on the page, but it does say the machine has
to be on, so a very simple way of thwarting it would be to make sure you
switch off whenever you leave. But I think. like me, you are more
concerned about the implications of this software rather than the
software itself. I'd love to know how it gets its info. HOw does it get
your password? Is it stored in RAM somewhere, and if so, is it stored
indefinitely? Many programs will keep data like that for a
user-configurable time period, like pgp for example, and then dump it,
requiring you to re-enter it. I can see how this would be unacceptable
to most normal users.

A few things I notice:
Email Account Details - login names and server addresses used.
-so they can't get those passwords. In fact, apart from the user
password there isn't really much that would make the price worthwhile
(with the password you could get everything else anyway). MacForensicLab
is much more interesting. But none of it is enabled by apple, it's all
part of normal system working. Once someone has access to the machine,
unless you have strong encryption on everything and didn't leave it on,
that's it, you're compromised.

Andy

In article <0001HW.C25A8E290044A22AF0284648@newsgroups.comcast.net>,
J.J. O'Shea <try.not.to@but.see.sig> wrote:

> On Sun, 29 Apr 2007 14:09:57 -0400, geefive wrote
> (in article <290420071109575641%geefive@geefive.com>):
> 
> > In article <1hxc2d1.1xk4ugl1irnga3N%mikePOST@TOGROUPmacconsult.com>,
> > Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:
> > 
> >> geefive <geefive@geefive.com> wrote:
> >> 
> >>>> Um, if someone is using your computer and, therefore, in a position to
> >>>> run this software, you have a much bigger problem...
> >>> 
> >>> You can't be too careful these days.  No matter who you are.  Do you
> >>> think that the definition of law enforcement means just governmental
> >>> agencies, or do you think it also includes corporate security
> >>> personnel?  Faith-based organizations?  The media?  Airport security
> >>> morons?  Your neighborhood association?  Your landlord?  A hotel/motel
> >>> you stay at?  Your child's school?
> >> 
> >> Um, you completely missed my point.  Of course anyone can use that
> >> software.  To do so, however, they have to be sitting right there at
> >> your computer.  If someone is in that position against your will, you
> >> have a much bigger problem than just computer security.
> > 
> > I got the point.  There are many reasons for someone to use my computer
> > without my permission.
> 
> If it's _my_ personal computer, there are none... unless it comes with a 
> warrant. In which case my lawyer will do my talking for me.

There's theft.  And there's stealth.  And law enforcement has many
tactics and options we rarely hear about.  If you invite them into your
home, you invite them into your computer, and I believe it's a felony
to refuse to boot up, unless you want to talk to your lawyer when you
are in jail and your computer is in the property/evidence room.  Geeze,
there have to be hundreds of scenarios where your computer is in
jeopardy of being used without your permission.  Like if you go away
for the evening or weekend and your kids have a party.  How many
mothers in law will want one of these devices?  Heh heh.  Think about
that one.
 
> >  Say if I take it through airport security and
> > they decide to take it to another room for a quick look.
> 
> They don't go into a different room with _my_ machine without _me_, not 
> without a warrant, anyway.
> 
> Turning the machine on in my presence is, of course, different.
> 
> If they have a warrant, you have problems other than them looking at your 
> stuff...

They don't need warrants anymore.  If you enter an airport and buy a
ticket, you have established a contract permitting a search with or
without your consent.  Refusing to boot up is a felony.

> >  Is it a
> > stretch to think that they might make a copy of my drive to look at it
> > later?
> 
> It'd take rather a while to do that. It takes literal hours to copy large 
> amounts of data. Besides, there's ways around that. My main Mac desktop at 
> home does not have anything other than the OS, the installed apps, and 
> anything which might be in the Library, such as fonts. The contents of my 
> home directory is on another drive entirely. (Several other drives, actually, 
> certain of which are accessed over the network.) Stuff I gotta take with me 
> is encrypted, and on a 120 GB USB travel drive... which ain't kept in the 
> same bag as the laptop. The laptop's got the OS, and apps, and maybe an ebook 
> or something like that to read while; my data is elsewhere. And, no, it's not 
> because I fear the Feds, it's 'cause I fear laptop thieves. If the Feds want, 
> they can search that laptop to their heart's content, there ain't nothing on 
> it and there never was anything on it that they could show the least interest 
> in. Ditto my desktops. Search away, little Feddies... while I get a lawsuit 
> aimed at your sorry asses.

That sounds fine on the surface of it, but my understanding is
different.  I won't go into it, but you'd better not rely on some
sequence of events that includes your lawyer later rather than sooner,
and refusing to boot won't help because it's against the law, same as
it's against the law now to refuse to open the trunk of your car.
 
> >  Later on, maybe, when an employee or even the janitor makes a
> > copy for himself and then contacts my competitor to sell my new product
> > ideas/plans or my customer lists?
> 
> Kiddo, if I have physical access to the machine and a few hours to work with, 
> I don't _need_ your keychain. I could, for instance, carry in another Mac, 
> and boot your Mac up in FireWire Target Disk Mode... and copy every damn 
> thing off it. (Yes, even if you turn on FileVault. FileVault just makes 
> things harder, not impossible.) The advent of this tool makes no difference. 
> For one thing, FileVault will make it near impossible for that tool to work 
> unless, as other have said, the intruder is already logged in as you.

Exactly.  I was going to run down some process involving hard drives
and utilities, blah, blah, blah, but I'm writing a lot today and have
concentrated on fending off Mr. Rosenberg's claims that I'm an
irrational nutcase as well as repeatedly asking the question about what
Apple did to implement this new product or will they allow it to be
sold without challenge if they did nothing.  Oh, and how will they deal
with people who might feel like this product compromises their personal
data.
> 
> Now, if you put your stuff elsewhere, when I boot into Target Disk Mode it's 
> kinda hard to get your stuff 'cause _it ain't there_. And if your stuff is 
> encrypted, then even if I find where you put it, I'm gonna have a problem 
> reading it 'cause it's... encrypted. And not with something that uses 
> KeyChain.

Yes, I understand that now.  It wasn't a concern to me before, so I
haven't put a lot of thought into what I'm going to do now.
> 
> >  Or keeps me off a flight because I
> > read Drudge Report and sometimes link through that site to a website
> > they think is liberal or is a foreign source (which would make anyone a
> > suspect these days)?  Or if my kid takes my home computer to school and
> > it's his day to have his locker searched?
> 
> FileVault, a good password, and a good lawyer are your friends.

If only it were that simple.  But I see what you mean.

> > "Will," as in "against your will," counts for nothing these days.  Our
> > will, collective or individual, does not exist anymore.  It's assumed
> > that you are doing something wrong if you say you don't want to be
> > searched because you're a person who would like to enjoy the
> > traditional benefits of the Bill Of Rights,
> 
> One place I worked at once started a policy of searching employee vehicles as 
> they left the premies. I started a policy of parking my car outside the gate. 
> I was joined in that policy by several dozen people, including my manager.

Have you been to an FAA regional office lately?  Geezo peezo!  Search
the car on the way in, needing to make an appointment before showing
up. Scanning your driver's license, fill out a questionnaire, the FAA
employee you need to see is called down and must accompany you
throughout your visit (even to the rest room), and he has to escort you
down to turn in your temporary badge and a security officer escorts you
out (not to, but out) the door.  And Mr. Rosenberg thinks _I'm_
paranoid.

> > without regard to being a
> > person who has something to hide or not.  And what if you _have_
> > something to hide?  Like my medical records and personal ID data?
> 
> Encrypt it and put it on another drive. Problem done.

Well, to tell you the truth, these matters were not of much concern to
me prior to this morning when I saw the story I posted at the top of
this thread.  The fact that they have this device in responsible hands
is not going to bother me much, either, except that once it's out
everyone who really wants one will have it.

> >> So, I guess it might be interesting to know if Apple Computer made it
> >> possible for this intrusive device to be invented.  If that's the case,
> >> then they have been telling lies for a long time about security.  I'd
> >> rather think that Apple is as shocked as I am about this and that
> >> they'll issue some updates to negate this new development.
> > 
> > You didn't comment on Apple's participation in this.  It might be more
> > important to know if Apple approves/cooperates than to know of the
> > existence of the intrusion device.  I can't imagine the development of
> > it violates an Apple patent or copyright.  And what happens to Apple's
> > reputation for security when everyone with a "connection" or a
> > dreamt-up security "need" has a device?  Is Apple Computer going to
> > deny involvement in this under some sort of "gag order?"  Listen to
> > their response (if any), like, "We're not allowed to say if we had
> > anything to do with this."  And why were there no rumors about this
> > device before it was put on the market?  So many questions, so few
> > answers.

I meant to say "I can't imagine the development of it doesn't violate
an Apple patent or copyright."

geefive <geefive@geefive.com> wrote:

> > I don't know how it seems like that to you because I didn't even respond
> > to that paragraph in the first place.
> 
> Exactly.  You abandoned commenting on the issue in favor of discussing
> my mental state...

That's not how it transpired.  My initial response in its entirety was:

> geefive <geefive@geefive.com> wrote:
> 
> > Just when I was starting to feel a little secure...
> 
> Um, if someone is using your computer and, therefore, in a position to
> run this software, you have a much bigger problem...

That is EVERYTHING that appeared in that post, except for my signature
(which is outside the body of the post and has nothing to do with you
anyway).  I did NOT write anything at all about your mental state.  If
someone is in a position to do something to anyone's computer that
involves inserting a device into a USB port in that computer, the owner
of that computer does, in fact, have a much bigger problem to be
concerned with.  There's so much that this person is in a position to do
without this device that I don't care whether he has the device or not.

Yes, I did comment on your mental state later.

> Okay, what will your answer be about what
> Apple has done or will do in this regard when someone else in the group
> asks the same questions?

Only someone who works for Apple could possibly know that and would in
all likelihood not be in a position to respond here due to
non-disclosure agreements.

> > > And, look, there's nothing in your message or this reply about the
> > > issue.  Stop taking umbrage at my writing style or my concerns because
> > > you don't or won't answer.  It's peripheral to the issue.
> > 
> > I have already told you precisely how I feel about the issue.  Why do
> > you keep pressing me on it?  My initial response, completely ignoring it
> > and not quoting it in my follow-up, stands.  You can keep bringing it up
> > if you think I'm going to respond differently, but you'll be wasting
> > your time and effort.
> 
> Yah, but mostly I see you commenting on me and not on the issue as if
> the issue is of no importance because it's of concern to me first and
> nobody else has weighed in on it as if it's something that needs to be
> seen with a critical eye.

As someone has already pointed out, you haven't simply asked questions,
you've made statements.  You don't appear as if you're seeking
knowledge, you appear to have arrived at conclusions already and to be
challenging people to disagree with them.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <1hxcfaw.c6knyw48m2lbN%mikePOST@TOGROUPmacconsult.com>, Mike
Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> geefive <geefive@geefive.com> wrote:
> 
> > > I think you're a nutcase because I think you have irrational fears.
> > 
> > Alright, I'm a nutcase with irrational fears (wink to everyone but Mike
> > Rosenberg), so let it go.
> 
> Yeah, right, everyone but me.  Michelle wonders if you're the same
> person as "Phantasy", Jon posted the Tinfoil hat song for you.  That
> makes the current score three people thinking you're bonkers, no one at
> all saying you're not.

I admitted that I was a nutcase.  Now I'm bonkers?  Okay, let's go with
that.  How about addressing the issue?

geefive <geefive@geefive.com> wrote:

> They don't need warrants anymore.  If you enter an airport and buy a
> ticket, you have established a contract permitting a search with or
> without your consent.  Refusing to boot up is a felony.

Then why in the world would you be carrying a computer with you if
that's something you're worried about?  Again, you should be worried
about _this_ if you're going to be worried about anything at all.  Once
they have your computer, they don't need no stinkin' device!

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

geefive wrote:
> In article <tomstiller-C92CC3.15332229042007@comcast.dca.giganews.com>,
> Tom Stiller <tomstiller@comcast.net> wrote:
>> In article <290420071216104660%geefive@geefive.com>,
>>  geefive <geefive@geefive.com> wrote:
>>
>>> This new device makes it easier for an intrusive event to take place. 
>>> And consideration has to be given to the notion that I am not a tekkie,
>>> just an ordinary bloke like many others who might give pause when the
>>> extent of the capabilities and uses of this device filter down to the
>>> broad base of home or small-business users.
>> If it really bothers you, why not just unload the kext that mounts USB 
>> drives.  If you're really paranoid, you could move it to a different 
>> location where it must be loaded explicitly loaded by a user with root 
>> access, or you could delete it altogether.
> 
> I have no idea how to do those things.  I wouldn't take the time to
> find out.  I shouldn't have to do so because OSX and the Mac have a
> reputation of being as secure as can be.  Now, apparently, the bar has
> been lowered.  When people who use Macs because of better security find
> out about this, then one has to wonder how many will throw in the
> towel, or maybe sell the stock.

Now you are being stupid. nothing has been lowered, and there is nothing
this program can do which a skilled operator couldn't do already. Like
in the real world we (allegedly) trade security for freedom (which in
this case translates to usability). If you had a completely secure mac
you wouldn't be able to use it. From the way you have ignored what
people have said here I think you'd be better off in csma - or is that
where you came from?

And if you wouldn't take the time to find out, then you shouldn't be
worrying about security, because that is something you and you alone can
do, nobody can do it for you.

Andy

geefive <geefive@geefive.com> wrote:

> How about addressing the issue?

How many times do you have to get the same response before you accept
that it is, in fact, my response?  I do not care one iota what Apple has
to do with this device.  I don't care if the device even exists.  If
someone is in a position to use it on a Mac I own I have a bigger
problem, and _THAT_ is what I care about.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <0001HW.C25A8E290044A22AF0284648@newsgroups.comcast.net>,
J.J. O'Shea <try.not.to@but.see.sig> wrote:

> >  Say if I take it through airport security and
> > they decide to take it to another room for a quick look.
> 
> They don't go into a different room with _my_ machine without _me_, not 
> without a warrant, anyway.

a warrant is not needed at an airport security checkpoint nor when
going through customs.  by going through airport security, you give
consent to be searched.  

i'm not sure about domestic airport security, but customs *can* search
your laptop (or other items) without you watching.  they might detain
you while that occurs, or they might keep the laptop or hard drives and
have them delivered to your house or hotel when they're done.

Mike Rosenberg wrote:
> geefive <geefive@geefive.com> wrote:
> 
>>>> So, I guess it might be interesting to know if Apple Computer made it
>>>> possible for this intrusive device to be invented.
>>> Okay, so you're interested to know.  Fine.  I'm not interested to know.
>> "I'm not interested to know" is your way of saying you know nothing
>> about this matter?
> 
> My initial lack of response the first time you posted it sums up all I
> really care to say about it.  Period, end of story.  Has it completely
> escaped your attention that NO ONE has responded to that?  If anyone who
> has already read it cared to, they would have done so.
> 
>> You're responding to minutiae and compositional
>> faux pas while ignoring the main question - what does Apple know about
>> this, and what sort of discussion is appropriate about it? 

Apple must know about it, and how is all done. They put the OS together.
They are the ones who, for example, designed the parts of the system
that store your password so that you don't have to keep typing it in for
each operation you perform. If they locked that up totally your computer
wouldn't work.

Andy

In article <0001HW.C25A8EF10044D103F058A648@newsgroups.comcast.net>,
J.J. O'Shea <try.not.to@but.see.sig> wrote:

> And it won't do much if the employee in question puts whatever on an external 
> drive and then removes the external drive.

True enough.

So, are you in favor of this device, discount the notion that it will
hurt the aura of Mac security Apple has cultivated over the years?  Is
it irrelevant if Apple cooperated in the implementation of this device? 
If they didn't, then does it violate a patent or copyright involving
the OS?  And will this discussion be revived when we find out that a
warehouse where these are stored has been robbed and you can buy one on
a website or through USENET spamers?  Or that the definition of law
enforcement includes corporate security, hotel security, airline
security, building security, and the security guard at your bank (i.e.,
just about everyone).

In article <1hxchmc.sne9befr7dyjN%mikePOST@TOGROUPmacconsult.com>, Mike
Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> As someone has already pointed out, you haven't simply asked questions,
> you've made statements.  You don't appear as if you're seeking
> knowledge, you appear to have arrived at conclusions already and to be
> challenging people to disagree with them.

I make a lot of statements to lead into my query about whether this is
good for the community (in terms of the security aura) and what part
Apple plays in this device, or in their opposition to it backed by
patent and copyright law.  Implicit in that is the idea that I am
ignorant of the topic beyond the original post at Insanely Great Mac,
and that I quickly reach my level of incompetence (which I have stated)
in regard to security or technical matters.  I bought Macs over the
years so I wouldn't have to be a tekkie like my friends are who own
windoze machines (or have a tekkie close by).

In article <1hxcifj.cpxp7rhaowuaN%mikePOST@TOGROUPmacconsult.com>, Mike
Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> geefive <geefive@geefive.com> wrote:
> 
> > They don't need warrants anymore.  If you enter an airport and buy a
> > ticket, you have established a contract permitting a search with or
> > without your consent.  Refusing to boot up is a felony.
> 
> Then why in the world would you be carrying a computer with you if
> that's something you're worried about?  Again, you should be worried
> about _this_ if you're going to be worried about anything at all.  Once
> they have your computer, they don't need no stinkin' device!

I wasn't talking about me.  I don't fly.

geefive <geefive@geefive.com> wrote:

> I make a lot of statements to lead into my query about whether this is
> good for the community (in terms of the security aura) and what part
> Apple plays in this device, or in their opposition to it backed by
> patent and copyright law.  Implicit in that is the idea that I am
> ignorant of the topic beyond the original post at Insanely Great Mac,
> and that I quickly reach my level of incompetence (which I have stated)
> in regard to security or technical matters.

And then when people with the technical knowledge you lack tell you your
concerns are groundless, you argue with them, browbeat them, or outright
dismiss them.  Perhaps your approach could use some modification.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

geefive wrote:

> The following comments are not directed at you, Mr. Mitchell.  I'm just
> using your comments as a springboard to more discussion, and to try
> again to determine Apple's role in the development of this tool.
>  
> It looks more cunning to me.  Here's the description again:
> 
> "...it will extract data from the Apple Keychain and system settings in
> order to provide the examiner fast access to the suspect's critical
> information with as little interaction or trace as possible. This
> device extracts 24 different points of data from the OS X system,
> including OS login for the current user to recently used applications,
> drive mounts, email and instant messaging info, WiFi connections, the
> iPods you own, and all your internet browsing history."

How else do all the 'handy features' like recognising and automatically
syncing your iPod when you plug it in work? If the system can access
these things, then so can an attacker.

> So my concerns about caching and logging were valid, even though
> several people in mac.apps and mac.system told me they were baseless,
> don't worry, nothing can possibly go wrong... go wrong... go wrong... 

If you want to keep totally on top of everyhting that is happening in
your system try linux. A consumer OS with loads of 'usability' features
designed for non-technical people is not a good tool for anyone with
data they want maximum security for. Macs are the most secure consuer
platform, that doesn't mean they are totally secure. Nothing is.

> Perhaps I'm overreacting because of my interest in caching and logging
> being followed immediately by this new phenom.  I'd still like Apple to
> come out and say that they didn't have anything to do with this, that
> it violates the software agreement for whatever version of the OS they
> were using, and that it's illegal and anti-competitive if it turns out
> that customers lose confidence in the Mac and the OS as a result of
> this device.

But the attacker never signed any agreement with apple, so they are not
violating anyhting. Would you like your machine never to cache or log
anything? Then it will stop working.

> I would think that this group is the right place to discuss this and
> not to have people push it aside as if it doesn't affect them. 
> Anything that affects one Mac user affects us all.

This is valid, but the way you are talking about it is over the top. I
too would be interested to know how it gets the user password. The rest
follows easily from that.

> Once in a while at the grocery store I'll walk over next to a woman and
> tell her that she's turned her back on her purse in the cart.  Nine
> times out of ten she'll say "Oh, well, there's nothing valuable in
> there."  Now it seems as if people who might be experts brush this
> matter aside as if "Well, I have nothing to hide" (so who cares if your
> computer or mine is mined by someone with one of these devices?).  It's
> a crazy notion.

A good lock on the door of your computer room would be far less effort
and far more of a security enhancement against this kind of thing. Think
outside the box as well.

> I'm reminded of the red-light changer that's popping up all over the
> place.  Have you ever started through a light that's just turned green
> and it turns red within seconds?  Chances are the next car through the
> intersection has one of these devices.  They're not for public use. 
> But, just like this new security device, once it's out there, everyone
> who wants one will find a way to get it.  You know it, I know it, and I
> think a thief with one of these devices would quickly realize that real
> value of it lies in the personal data, contacts, product plans, lists
> of vendors and contacts.  Heck, someone could start a business with my
> data - it's all right there.  And I bought into the Mac because of an
> aura of security that no longer exists.

Your machine is far more likely to get stolen completely than to be
subjected to this. If it is really important to you, start reading about
security a lot. Read everything you can find. If this tool makes you
unhappy, then Macs and windows machines are not for you and you have a
long learning curve ahead.

But as you said before, you wouldn't spend the time to find out, does it
surprise you that people don't take you seriously?

> I don't want to know that don't care, and what they're not afraid of. 
> I want to know what those of us who believed in Mac security are
> supposed to think or do now in light of this development.

I for one never believed in the kind of security you seem to be alloting
to apple's systems. They have never claimed anything of the sort. In any
case, security is not a matter of trust, but one of knowledge, and that
is not something you get easily.

Andy

geefive <geefive@geefive.com> wrote:

> > Then why in the world would you be carrying a computer with you if
> > that's something you're worried about?  Again, you should be worried
> > about _this_ if you're going to be worried about anything at all.  Once
> > they have your computer, they don't need no stinkin' device!
> 
> I wasn't talking about me.  I don't fly.

Oh good lord...

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <f138ol$r4e$1@aioe.org>, nospam <nospamatall@iol.ie> wrote:

> geefive wrote:
> > In article <tomstiller-C92CC3.15332229042007@comcast.dca.giganews.com>,
> > Tom Stiller <tomstiller@comcast.net> wrote:
> >> In article <290420071216104660%geefive@geefive.com>,
> >>  geefive <geefive@geefive.com> wrote:
> >>
> >>> This new device makes it easier for an intrusive event to take place. 
> >>> And consideration has to be given to the notion that I am not a tekkie,
> >>> just an ordinary bloke like many others who might give pause when the
> >>> extent of the capabilities and uses of this device filter down to the
> >>> broad base of home or small-business users.
> >> If it really bothers you, why not just unload the kext that mounts USB 
> >> drives.  If you're really paranoid, you could move it to a different 
> >> location where it must be loaded explicitly loaded by a user with root 
> >> access, or you could delete it altogether.
> > 
> > I have no idea how to do those things.  I wouldn't take the time to
> > find out.  I shouldn't have to do so because OSX and the Mac have a
> > reputation of being as secure as can be.  Now, apparently, the bar has
> > been lowered.  When people who use Macs because of better security find
> > out about this, then one has to wonder how many will throw in the
> > towel, or maybe sell the stock.
> 
> Now you are being stupid. nothing has been lowered, and there is nothing
> this program can do which a skilled operator couldn't do already. Like
> in the real world we (allegedly) trade security for freedom (which in
> this case translates to usability). If you had a completely secure mac
> you wouldn't be able to use it. From the way you have ignored what
> people have said here I think you'd be better off in csma - or is that
> where you came from?
> 
> And if you wouldn't take the time to find out, then you shouldn't be
> worrying about security, because that is something you and you alone can
> do, nobody can do it for you.
> 
> Andy

Okay, aside from calling me stupid, which might be better said as
unknowledgeable, to which I'll admit, and naive, which is likely a good
observation, for having swallowed Apple's claims of security over the
years when it really wasn't there.

I'm starting to develop a plan, but it will take hours and hours of
work I'll have to take from something else, you know how that goes.  I
lost a good day today here, but if I hadn't done this I would have
wasted it watching the NFL draft.  I thank everyone who gave me
well-intentioned security tips.

So nobody here is concerned about this but me, and maybe one other
person (you know who you are).  Who else would take the drubbing I got
here today.  Oh, well, kill the messenger.  If other people who have a
belief in the Apple "security" myth finally get it, maybe through the
announcement of this device, maybe it will get talked about and Apple
will make an appropriate announcement... NAH!  Never happen.

geefive wrote:
> In article <1hxcbvh.cq6v0w1jj0vavN%mikePOST@TOGROUPmacconsult.com>,
> Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:
> 
>> You're very confused.  My response was and continues to be that you're a
>> paranoid nutcase.
> 
> Oh, okay, now I'm a nutcase.  Is that what you say to people for whom
> you have no answer?  I'm a nutcase because you don't know?
> 
> When I see it posted in Insanely Great Mac, I think it's an issue or it
> soon will be.  It's a serious issue, and I don't consider it to be
> unimportant because it's not responded to here, or it's responded to
> negatively.
> 
> How long before this becomes a web app?  Do you think that the hackers
> are ignoring it?  Whatever software is in the new device might be
> implemented in Javascript (for all I know).  It's because I don't know
> that I'm asking about it here.

If there is an application, and presumably there is something that runs
on the logged-in account which it depends on, the user will get a dialog
from the OS because this will be the first time the app has run. If
implemeted as a web based attack, your browser will ask for permission.
Yes it is always possible that holes will appear that can be exploited,
but when evaluating a system you don't abandon it because something
/might/ happen. The time to abandon it is when things /do/ happen, and
happen frequently, or when you hear of many such things from other
users. Then you might consider another platform, having checked to see
if it is actually any more secure. Otherwise, as someone else said,
you're better off not using computers.

If you're a drug baron, you can afford some of the best brains in the
business, and the best equipment. But even then you are not 'secure'.

Andy

In article <1hxcikv.ek33sybicinsN%mikePOST@TOGROUPmacconsult.com>, Mike
Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> geefive <geefive@geefive.com> wrote:
> 
> > How about addressing the issue?
> 
> How many times do you have to get the same response before you accept
> that it is, in fact, my response?  I do not care one iota what Apple has
> to do with this device.  I don't care if the device even exists.  If
> someone is in a position to use it on a Mac I own I have a bigger
> problem, and _THAT_ is what I care about.

_OKAY!_

geefive wrote:

> See, sometimes things are said that obfuscate the truth or only tell a
> half truth.  Like the machine needing to be up and running for this
> device to work.  What they're not saying is, while that's true, they
> have this _other_ device or procedure that starts the computer and
> bypasses the security in that process.

Without your password they can't start your computer. That's why it
needs to be on. I think you have been misinformed about what security
is. It takes time to find out stuff, and if you don't have the time,
then just forget about it and enjoy. Worrying about this is no use
unless you do something about it. That requires time, so either make
time or stop...

In article <f138u1$r4e$2@aioe.org>, nospam <nospamatall@iol.ie> wrote:

> Apple must know about it, and how is all done. They put the OS together.
> They are the ones who, for example, designed the parts of the system
> that store your password so that you don't have to keep typing it in for
> each operation you perform. If they locked that up totally your computer
> wouldn't work.
> 
> Andy

Will they now issue a security update that fixes this or, if their
participation was not willing or forced, will they or should they make
use of their patent and copyright prerogatives?

I hoped that this would've been the discussion.

In article <290420071425287111%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <uce-12B300.17031129042007@comcast.dca.giganews.com>,
> Gregory Weston <uce@splook.com> wrote:
> 
> > How about the bit where the investigator needs physical access to the 
> > machine and the user being investigated already needs to be logged in 
> > with the machine not locked?
> 
> I don't know.  It's beyond my level of competence to address this. 
> Somehow I don't feel like this is a barrier.  Will the thief be stopped
> by it?  Can it be worked around?
> 
> ...
> 
> I'm not reassured by the need for the computer to be running (or
> asleep).

The point is that this product doesn't have any real decryption 
capabilities, nor does it self-elevate its permissions. It's just an app 
that runs as the current user and extracts information that's already 
readable to absolutely every other app you run under your account should 
it choose to do so.

Read that again: It doesn't break any security that's in place. It 
simply harvests information which is already insecure.

In article <1hxcje3.1guwirg1qam79vN%mikePOST@TOGROUPmacconsult.com>,
Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> geefive <geefive@geefive.com> wrote:
> 
> > I make a lot of statements to lead into my query about whether this is
> > good for the community (in terms of the security aura) and what part
> > Apple plays in this device, or in their opposition to it backed by
> > patent and copyright law.  Implicit in that is the idea that I am
> > ignorant of the topic beyond the original post at Insanely Great Mac,
> > and that I quickly reach my level of incompetence (which I have stated)
> > in regard to security or technical matters.
> 
> And then when people with the technical knowledge you lack tell you your
> concerns are groundless, you argue with them, browbeat them, or outright
> dismiss them.  Perhaps your approach could use some modification.

Oh, I don't know.  Geeze.  How much technical knowledge does it take to
wonder or speculate about Apple's participation in this matter and what
their responses will be to the Mac community, and/or to the company
that developed the product?  I mean, I think I'm prevented by law or
software agreement from reverse engineering or monkeying with the OS as
well as the development of hacking devices.

In article <uce-299C07.19483729042007@comcast.dca.giganews.com>,
Gregory Weston <uce@splook.com> wrote:

> In article <290420071425287111%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > In article <uce-12B300.17031129042007@comcast.dca.giganews.com>,
> > Gregory Weston <uce@splook.com> wrote:
> > 
> > > How about the bit where the investigator needs physical access to the 
> > > machine and the user being investigated already needs to be logged in 
> > > with the machine not locked?
> > 
> > I don't know.  It's beyond my level of competence to address this. 
> > Somehow I don't feel like this is a barrier.  Will the thief be stopped
> > by it?  Can it be worked around?
> > 
> > ...
> > 
> > I'm not reassured by the need for the computer to be running (or
> > asleep).
> 
> The point is that this product doesn't have any real decryption 
> capabilities, nor does it self-elevate its permissions. It's just an app 
> that runs as the current user and extracts information that's already 
> readable to absolutely every other app you run under your account should 
> it choose to do so.
> 
> Read that again: It doesn't break any security that's in place. It 
> simply harvests information which is already insecure.

That's what it looks like to me.

And considering anyone with physical access to my Mac can reset my
password easily, this software looks to me like a tool for lazy cops,
not a security threat in itself.

-- 
I am extraordinarily patient, provided I get my own way in the end.
- Margaret Thatcher

In article <290420071408104687%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> When I see it posted in Insanely Great Mac, I think it's an issue or it
> soon will be.  It's a serious issue, and I don't consider it to be
> unimportant because it's not responded to here, or it's responded to
> negatively.

IGM is fucking FAMOUS for trying to blow non-issues into advertising
hits on their site. If you think IGM is a trust-worthy source for
security news, you're sadly mistaken.

-- 
I am extraordinarily patient, provided I get my own way in the end.
- Margaret Thatcher

In article <290420071408104687%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> And I still want to know if Apple helped develop the device and, if
> they didn't, what they are going to do about protecting my computer,
> maybe with a security update.

So ask them.

-- 
"Let's just admit that public education is mediocre at best." -- Frank Zappa

In article <1hxcfaw.c6knyw48m2lbN%mikePOST@TOGROUPmacconsult.com>, Mike
Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> geefive <geefive@geefive.com> wrote:
> 
> > > I think you're a nutcase because I think you have irrational fears.
> > 
> > Alright, I'm a nutcase with irrational fears (wink to everyone but Mike
> > Rosenberg), so let it go.
> 
> Yeah, right, everyone but me.  Michelle wonders if you're the same
> person as "Phantasy", Jon posted the Tinfoil hat song for you.  That
> makes the current score three people thinking you're bonkers, no one at
> all saying you're not.

I think he may be a nutter, too. But then, I think I'm you, or you're
me, or something.

-- 
September 19 is International Talk Like A Pirate Day.
Just Do It.
Arrrr.

Dave Balderstone <dave@N_O_T_T_H_I_S.balderstone.ca> wrote:

> But then, I think I'm you, or you're me, or something.

I didn't take good notes, but I seem to recall that we're both actually
figment's of Sue Rogers's imagination.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <f139rf$u17$1@aioe.org>, nospam <nospamatall@iol.ie> wrote:

> How else do all the 'handy features' like recognising and automatically
> syncing your iPod when you plug it in work? If the system can access
> these things, then so can an attacker.

Something I guess I'll have to reckon with, I suppose.  I don't pay
attention to the inner workings of the Mac.  I thought by using Macs I
wouldn't have to be concerned about tech matters.  And I never gave a
thought to getting an iPod.

> If you want to keep totally on top of everyhting that is happening in
> your system try linux. A consumer OS with loads of 'usability' features
> designed for non-technical people is not a good tool for anyone with
> data they want maximum security for. Macs are the most secure consuer
> platform, that doesn't mean they are totally secure. Nothing is.

Thanks for the suggestion.  I think I'll take a pass on Linux.  I'm up
to my eyeballs as it is with the Mac.  OSX has been a challenge. 
There's so much going on and so much it can do that I've become
discouraged.  Most of the time I use Classic (like now with
YA-Newswatcher 4.1.1, which is almost older than I am :-).  I find
AppleWorks to be useful as the spreadsheets and word processing is just
right for me to understand.  Linux is not the answer for me because it
would be a lot of work.

> > Perhaps I'm overreacting because of my interest in caching and logging
> > being followed immediately by this new phenom.  I'd still like Apple to
> > come out and say that they didn't have anything to do with this, that
> > it violates the software agreement for whatever version of the OS they
> > were using, and that it's illegal and anti-competitive if it turns out
> > that customers lose confidence in the Mac and the OS as a result of
> > this device.
> 
> But the attacker never signed any agreement with apple, so they are not
> violating anyhting. Would you like your machine never to cache or log
> anything? Then it will stop working.

How do you figure?  It may need to do something immediately necessary,
like a cookie that goes away after a session, but I see data kept and
it makes me wonder who gets to use it if I don't?  I don't use plists
or log files that I know of, so who does?  I don't use crash logs, so
who does and how do they get the data?  Through some kind of mining, I
reckon, which someone said is not the case, with software update.  Or
with Javascript, which I now have turned off, BTW.

> > I would think that this group is the right place to discuss this and
> > not to have people push it aside as if it doesn't affect them. 
> > Anything that affects one Mac user affects us all.
> 
> This is valid, but the way you are talking about it is over the top. I
> too would be interested to know how it gets the user password. The rest
> follows easily from that.

It may be over the top because it feels like I'm under attack, called
names, my questions aren't answered so I have to repeat them, then get
called for browbeating...  hokey smokes, this thread has been a real
challenge.

> > Once in a while at the grocery store I'll walk over next to a woman and
> > tell her that she's turned her back on her purse in the cart.  Nine
> > times out of ten she'll say "Oh, well, there's nothing valuable in
> > there."  Now it seems as if people who might be experts brush this
> > matter aside as if "Well, I have nothing to hide" (so who cares if your
> > computer or mine is mined by someone with one of these devices?).  It's
> > a crazy notion.
> 
> A good lock on the door of your computer room would be far less effort
> and far more of a security enhancement against this kind of thing. Think
> outside the box as well.

I'm close to retiring, which means I might be able to live without a
computer.  That may be the ultimate answer for me.  I'm thinking about
all of the things I do and try to think of computerless ways of doing
them, or if all of this computing and connectivity and databanking and
security are really what I want for my golden years.
 
> > I'm reminded of the red-light changer that's popping up all over the
> > place.  Have you ever started through a light that's just turned green
> > and it turns red within seconds?  Chances are the next car through the
> > intersection has one of these devices.  They're not for public use. 
> > But, just like this new security device, once it's out there, everyone
> > who wants one will find a way to get it.  You know it, I know it, and I
> > think a thief with one of these devices would quickly realize that real
> > value of it lies in the personal data, contacts, product plans, lists
> > of vendors and contacts.  Heck, someone could start a business with my
> > data - it's all right there.  And I bought into the Mac because of an
> > aura of security that no longer exists.
> 
> Your machine is far more likely to get stolen completely than to be
> subjected to this. If it is really important to you, start reading about
> security a lot. Read everything you can find. If this tool makes you
> unhappy, then Macs and windows machines are not for you and you have a
> long learning curve ahead.

Yes, sadly, maybe I could simply ditch the whole computer thing and go
back to hang gliding.  Or go full-time RV'ing/fishing and give a smile
and a snurk when I see the busybodies rushing around with their
notebooks.  This could be one of those epiphany things.  I had one of
those in Vietnam, so maybe it's time for another.

> But as you said before, you wouldn't spend the time to find out, does it
> surprise you that people don't take you seriously?

I'm never surprised when people don't take me seriously.

> > I want to know what those of us who believed in Mac security are
> > supposed to think or do now in light of this development.
> 
> I for one never believed in the kind of security you seem to be alloting
> to apple's systems. They have never claimed anything of the sort. In any
> case, security is not a matter of trust, but one of knowledge, and that
> is not something you get easily.

Makes sense.  I appreciate your comments.

In article <1hxcm2d.6hg2ra1a6wivkN%mikePOST@TOGROUPmacconsult.com>,
Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:

> Dave Balderstone <dave@N_O_T_T_H_I_S.balderstone.ca> wrote:
> 
> > But then, I think I'm you, or you're me, or something.
> 
> I didn't take good notes, but I seem to recall that we're both actually
> figment's of Sue Rogers's imagination.

Ah, yes.

Good times, gooooood times.

;-)

-- 
I am extraordinarily patient, provided I get my own way in the end.
- Margaret Thatcher

In article <f13aak$v37$1@aioe.org>, nospam <nospamatall@iol.ie> wrote:

> 
> If there is an application, and presumably there is something that runs
> on the logged-in account which it depends on, the user will get a dialog
> from the OS because this will be the first time the app has run. If
> implemeted as a web based attack, your browser will ask for permission.

My concern since discovering so much logging and caching in OSX was who
uses it if I don't.  I don't really go for the notion that it's
necessary for the system to run, although that might be caused by my
level of computer savvy.  Maybe THIS system needs it, but they must
have known when they designed it that someone might be a little
concerned about intrusion.  I have lost some confidence in my Mac
lately, and the discussion I've been a part of here today has not
really boosted it much.

> Yes it is always possible that holes will appear that can be exploited,
> but when evaluating a system you don't abandon it because something
> /might/ happen. The time to abandon it is when things /do/ happen, and
> happen frequently, or when you hear of many such things from other
> users. Then you might consider another platform, having checked to see
> if it is actually any more secure. Otherwise, as someone else said,
> you're better off not using computers.

There's a point that's been made a couple of times today.

 > If you're a drug baron, you can afford some of the best brains in the
> business, and the best equipment. But even then you are not 'secure'.

A criminal who owns a computer for his dirty work is not very smart, eh?

In article <uce-299C07.19483729042007@comcast.dca.giganews.com>,
Gregory Weston <uce@splook.com> wrote:

> The point is that this product doesn't have any real decryption 
> capabilities, nor does it self-elevate its permissions. It's just an app 
> that runs as the current user and extracts information that's already 
> readable to absolutely every other app you run under your account should 
> it choose to do so.
> 
> Read that again: It doesn't break any security that's in place. It 
> simply harvests information which is already insecure.

It says:

"Once the software is run it will extract
data from the Apple Keychain and system settings in order to provide
the examiner fast access to the suspect's critical information with as
little interaction or trace as possible."

Aren't keys encrypted?

In article <290420071813061022%dave@N_O_T_T_H_I_Sbalderstone.ca>, Dave
Balderstone <dave@N_O_T_T_H_I_Sbalderstone.ca> wrote:

> And considering anyone with physical access to my Mac can reset my
> password easily, this software looks to me like a tool for lazy cops,
> not a security threat in itself.

Cops aren't the only ones who will have this.  I'll bet it could be a
very popular thing to have for anyone who likes to snoop, or anyone who
fancies himself as a security agent.

In article <290420071814306055%dave@N_O_T_T_H_I_Sbalderstone.ca>, Dave
Balderstone <dave@N_O_T_T_H_I_Sbalderstone.ca> wrote:

> In article <290420071408104687%geefive@geefive.com>, geefive
> <geefive@geefive.com> wrote:
> 
> > When I see it posted in Insanely Great Mac, I think it's an issue or it
> > soon will be.  It's a serious issue, and I don't consider it to be
> > unimportant because it's not responded to here, or it's responded to
> > negatively.
> 
> IGM is fucking FAMOUS for trying to blow non-issues into advertising
> hits on their site. If you think IGM is a trust-worthy source for
> security news, you're sadly mistaken.

They have some of the same stuff I see on some other sites.  The reason
I like it is because I don't have to register to make comments like has
to be done with other websites.

In article <290420071815017927%dave***@balderstone.ca>, Dave
Balderstone <dave***@balderstone.ca> wrote:

> In article <290420071408104687%geefive@geefive.com>, geefive
> <geefive@geefive.com> wrote:
> 
> > And I still want to know if Apple helped develop the device and, if
> > they didn't, what they are going to do about protecting my computer,
> > maybe with a security update.
> 
> So ask them.

My thinking is they have someone look at these groups for discussions
they might be interested in knowing about.  Otherwise, I wouldn't know
how to ta;lk to anyone there but pretty low-level operatives.  What can
they say?

On Sun, 29 Apr 2007 19:13:22 -0400, nospam wrote
(in article <290420071613223092%nospam@nospam.invalid>):

> In article <0001HW.C25A8E290044A22AF0284648@newsgroups.comcast.net>,
> J.J. O'Shea <try.not.to@but.see.sig> wrote:
> 
>>> Say if I take it through airport security and
>>> they decide to take it to another room for a quick look.
>> 
>> They don't go into a different room with _my_ machine without _me_, not 
>> without a warrant, anyway.
> 
> a warrant is not needed at an airport security checkpoint nor when
> going through customs.  by going through airport security, you give
> consent to be searched.  

I haven't had any problems in an airport recently.

> 
> i'm not sure about domestic airport security, but customs *can* search
> your laptop (or other items) without you watching.  they might detain
> you while that occurs, or they might keep the laptop or hard drives and
> have them delivered to your house or hotel when they're done.

Given that my travel hard drive is usually in my suit coat pocket and all 
that's in my home directory are encrypted files and aliases pointed 
elsewhere, they can search the laptop all they like. There's nothing there.



-- 
email to oshea dot j dot j at gmail dot com.

In article <290420071327036272%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <tomstiller-C92CC3.15332229042007@comcast.dca.giganews.com>,
> Tom Stiller <tomstiller@comcast.net> wrote:
> > In article <290420071216104660%geefive@geefive.com>,
> >  geefive <geefive@geefive.com> wrote:
> > 
> > > This new device makes it easier for an intrusive event to take place. 
> > > And consideration has to be given to the notion that I am not a tekkie,
> > > just an ordinary bloke like many others who might give pause when the
> > > extent of the capabilities and uses of this device filter down to the
> > > broad base of home or small-business users.
> > 
> > If it really bothers you, why not just unload the kext that mounts USB 
> > drives.  If you're really paranoid, you could move it to a different 
> > location where it must be loaded explicitly loaded by a user with root 
> > access, or you could delete it altogether.
> 
> I have no idea how to do those things.  I wouldn't take the time to
> find out.  I shouldn't have to do so because OSX and the Mac have a
> reputation of being as secure as can be.  Now, apparently, the bar has
> been lowered.  When people who use Macs because of better security find
> out about this, then one has to wonder how many will throw in the
> towel, or maybe sell the stock.

SubRosaSoftware specialise in security software, and have for a 
considerable time. It is a niche market where higher than average prices 
can be charged. It would seem from the list of tools that MacLockPick 
would only work on a computer on which a user is already logged in. I 
can't see any particular reason to believe that they would have needed 
information from Apple (other than what is publicly available to 
programmers)  to develop MacLockPick.

Much of the stuff mentioned can be obtained just by looking, once you 
have access to the keyboard. No special tools required that are not 
already installed. The risk is in letting someone access your computer 
keyboard while you are logged in.

Apple already supply sufficient facilities to block many of the 
utilities mentioned. The real problem is that running any computer in 
really secure modes makes the computer harder to use.

Obvious precautions for concerned users would be password lock the 
firmware, do not run normal activity using an admin account, password 
lock wake from sleep, have an specific account for any risky activity 
and have that FileVaulted, and use a different password on each of 
these, and use secure delete on everything. Enable secure virtual memory 
and all other security settings in Preferences. Do not use any browser 
or Keychain to hold external passwords (memorise them all). Use touch 
(or similar) to change the dates of all downloaded and recently accessed 
files to obscure when they were obtained or used. Never accept cookies, 
disable autofill,  and do not retain browser history using Private 
Browsing.

Never leave the computer on when unattended or when travelling. Turn the 
computer off whenever it is outside your securely bolted room. Ensure it 
will take longer than the shutdown time for someone to break into the 
computer room.

Unless my government gets a whole lot worse, I certainly wouldn't be 
bothered doing all that. On the other hand, if I were working at a 
university again, and leaving my laptop briefly in lecture rooms with 
comp science or engineering students, I might do a lot of passwording. 
If leaving it for longer periods, I'd want to be sure they couldn't boot 
from an external drive as well, hence passwording the firmware. Removing 
and copying the hard drive is then needed for an attack.

You could have a look at the freely available (but obsolete - Panther) 
NSA text on securing OS X. http://www.nsa.gov/snac/downloads_macX.cfm It 
covers all the obvious (and many not so obvious) precautions. Tiger is 
better as these reviews indicate http://blogs.zdnet.com/BTL/?p=4706 and 
http://www.applelinks.com/index.php/more/national_security_agency_gives_o
s_x_104_tiger_thumbs_up_os_x_odyssey_862/ and the Tiger security manual 
(second edition) is here 
http://www.nsa.gov/snac/os/applemac/I731-006R-2007.pdf (caution over 2 
MB PDF). If you are seriously interested in security, this last 
reference makes a great starting point.

However if a major government has physical access to your computer, and 
wants to extract information from it, they will probably manage to do so.

-- 
http://www.ericlindsay.com

On Sun, 29 Apr 2007 20:42:44 -0400, Dave Balderstone wrote
(in article <290420071842447665%dave@N_O_T_T_H_I_Sbalderstone.ca>):

> In article <1hxcm2d.6hg2ra1a6wivkN%mikePOST@TOGROUPmacconsult.com>,
> Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:
> 
>> Dave Balderstone <dave@N_O_T_T_H_I_S.balderstone.ca> wrote:
>> 
>>> But then, I think I'm you, or you're me, or something.
>> 
>> I didn't take good notes, but I seem to recall that we're both actually
>> figment's of Sue Rogers's imagination.
> 
> Ah, yes.
> 
> Good times, gooooood times.
> 
> ;-)
> 
> 

Wasn't I a member of some gang or another? IIRC there was supposed to be a 
party... in Saskatoon. In December.

Ah, well, it could have been Winnipeg in February.

-- 
email to oshea dot j dot j at gmail dot com.

geefive wrote:
> 
> I _am_ upset.  It's a serious matter.  It's serious for Apple and the
> users of its hardware and OS.  Maybe not today, but there's an element
> of future shock in this that you or others may not realize, and someone
> has to bring it up first.  Ohhhhhh, waaaaaait a miiiiiinute, is that
> what it is?  The fact that you heard it from one of the great unwashed
> and it wasn't invented here?  Okay, what will your answer be about what
> Apple has done or will do in this regard when someone else in the group
> asks the same questions?
>  

You're a fucking nut job.  Anybody could write this utility without 
Apple's help.  Gimme a break.

Greg
-- 
The ticketbastard Tax Tracker:
http://www.ticketmastersucks.org/tracker.html

Dethink to survive - Mclusky

On Sun, 29 Apr 2007 19:16:35 -0400, geefive wrote
(in article <290420071616358130%geefive@geefive.com>):

> In article <0001HW.C25A8EF10044D103F058A648@newsgroups.comcast.net>,
> J.J. O'Shea <try.not.to@but.see.sig> wrote:
> 
>> And it won't do much if the employee in question puts whatever on an 
>> external 
>> drive and then removes the external drive.
> 
> True enough.
> 
> So, are you in favor of this device, discount the notion that it will
> hurt the aura of Mac security Apple has cultivated over the years?

For the umpteenth time:

If I have physical access to your machine (Mac, Windows, Linux, whatever) I 
can do whatever I damn well please. This device works only if I have physical 
access. I don't need it, I can get onto your machine without it. It might 
make getting to certain parts of your system easier, but its presence or 
absence will not prevent me from being able to access your system.

If you put your sensitive files onto another, external, hard drive, and then 
lock away that drive then I can't access those files. If you encrypt your 
sensitive files then I must know how to decrypt them. There are a multitude 
of ways to encrypt files, singly or in bunches. Apple provides FileVault, 
which can encrypt your entire home folder. There are other encryption 
systems. Some don't use KeyChain, so this particular item simply cannot be 
used against them, you have to decrypt those items the old-fashioned way. 
Yes, it can be done. No, it is not easy.

>  Is
> it irrelevant if Apple cooperated in the implementation of this device? 

Yes. Though I doubt they did. Hint: in order for 3rd parties to use the 
KeyChain to store stuff, they have to know something about it... and how to 
read data from it. So a really good way to start a project like this would be 
to go to ADC and look up 'KeyChain', same as for any other software project. 
(Something like, oh, this: 
<http://developer.apple.com/cgi-
bin/search.pl?q=keychain&num=10&site=default_collection>.) And that, I 
suspect, would be the limit of Apple's 'cooperation'.

> If they didn't, then does it violate a patent or copyright involving
> the OS?

No. It doesn't, from the description given, do anything that can't be done by 
those who know what they're doing. In particular, it will not, or so it 
seems, get past FileVault, so if your machine is turned off it is _useless_.

>  And will this discussion be revived when we find out that a
> warehouse where these are stored has been robbed and you can buy one on
> a website or through USENET spamers?

Who cares? They have to have physical access to the machine to use them. And 
the can't get past encryption. Turn on FileVault or use some other means of 
encryption, then shut down your machine when you're not in the house, and 
even if someone with one of 'em breaks into your house they can't read your 
stuff. Not that it matters, people who break into your house looking for 
computers are usually after a machine they can sell, not what's on the 
machine.

>  Or that the definition of law
> enforcement includes corporate security,

Anything on a work machine is by definition subject to work rules. Don't put 
anything on a work machine that isn't allowed under work rules and you'll be 
fine.

> hotel security,

Do you _really_ think that hotel security gives a flying fuck at a rolling 
donut on the deck of a tanker in a thundering typhoon _what_ might be on the 
hard drive of a random guest?!

> airline
> security,

Airline security cares only that the machine turns on and is a laptop. Other 
than that, see above.

> building security,

See hotel security.

> and the security guard at your bank

You really are completely insane.

> (i.e.,
> just about everyone).



-- 
email to oshea dot j dot j at gmail dot com.

On 2007-04-29 19:43:48 -0500, geefive <geefive@geefive.com> said:

> In article <f13aak$v37$1@aioe.org>, nospam <nospamatall@iol.ie> wrote:
> 
>> If there is an application, and presumably there is something that runs
>> on the logged-in account which it depends on, the user will get a dialog
>> from the OS because this will be the first time the app has run. If
>> implemeted as a web based attack, your browser will ask for permission.
> 
> My concern since discovering so much logging and caching in OSX was who
> uses it if I don't.

Caching: You use it each time you do anything with your computer. It 
speeds performance, plain and simple.

Logging: Nobody uses it if you don't. It's there just in case you need 
it. Your notion that if you aren't using it *someone else* must be 
using it is just plain wrong, and is really unfounded.  After all, if 
someone has access to your logs, then you have a bigger problem on your 
hands - namely, that someone was able to break into your computer, and 
that has nothing to do with whether log files exist or not.

> I don't really go for the notion that it's
> necessary for the system to run,

Logging is necessary only for whoever happens to be diagnosing problems 
with the software that created the log (you, or someone you have 
allowed access to your system, in most circumstances).

> they must
> have known when they designed it that someone might be a little
> concerned about intrusion.

Again, the fact that log files exist on your computer has absolutely 
zilch to do with whether or not someone can break into your computer.

Your assertion that Apple must be transferring log/cache data to a 
server someone is a load of crap. There are plenty of ways to sniff 
packets going over a network. All you have to do is watch. I've never 
seen any such data going out of my computer, and I'm pretty sure the 
minute someone did find something like this going on, it would be all 
over the Mac web like a shit storm.

> I have lost some confidence in my Mac lately

Why is that?

> and the discussion I've been a part of here today has not
> really boosted it much.

Oh well.

-- 
JR

In article <0001HW.C25AC31B00510B49F058A648@newsgroups.comcast.net>,
J.J. O'Shea <try.not.to@but.see.sig> wrote:

> On Sun, 29 Apr 2007 20:42:44 -0400, Dave Balderstone wrote
> (in article <290420071842447665%dave@N_O_T_T_H_I_Sbalderstone.ca>):
> 
> > In article <1hxcm2d.6hg2ra1a6wivkN%mikePOST@TOGROUPmacconsult.com>,
> > Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:
> > 
> >> Dave Balderstone <dave@N_O_T_T_H_I_S.balderstone.ca> wrote:
> >> 
> >>> But then, I think I'm you, or you're me, or something.
> >> 
> >> I didn't take good notes, but I seem to recall that we're both actually
> >> figment's of Sue Rogers's imagination.
> > 
> > Ah, yes.
> > 
> > Good times, gooooood times.
> > 
> > ;-)
> > 
> > 
> 
> Wasn't I a member of some gang or another? IIRC there was supposed to be a 
> party... in Saskatoon. In December.
> 
> Ah, well, it could have been Winnipeg in February.

Considering I live in Toontown but grew up in the 'Peg, yes. Yes, it
could have been.

-- 
"The thing about saying the wrong words is that A, I don't notice it, and B,
sometimes orange water gibbon bucket and plastic." -- Mr. Burrows

In article <290420071750025394%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> In article <uce-299C07.19483729042007@comcast.dca.giganews.com>,
> Gregory Weston <uce@splook.com> wrote:
> 
> > The point is that this product doesn't have any real decryption 
> > capabilities, nor does it self-elevate its permissions. It's just an app 
> > that runs as the current user and extracts information that's already 
> > readable to absolutely every other app you run under your account should 
> > it choose to do so.
> > 
> > Read that again: It doesn't break any security that's in place. It 
> > simply harvests information which is already insecure.
> 
> It says:
> 
> "Once the software is run it will extract
> data from the Apple Keychain and system settings in order to provide
> the examiner fast access to the suspect's critical information with as
> little interaction or trace as possible."
> 
> Aren't keys encrypted?

No. They are password protected. Unless you've encrypted them, of
course.

-- 
I am extraordinarily patient, provided I get my own way in the end.
- Margaret Thatcher

In article <290420071754522837%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> In article <290420071813061022%dave@N_O_T_T_H_I_Sbalderstone.ca>, Dave
> Balderstone <dave@N_O_T_T_H_I_Sbalderstone.ca> wrote:
> 
> > And considering anyone with physical access to my Mac can reset my
> > password easily, this software looks to me like a tool for lazy cops,
> > not a security threat in itself.
> 
> Cops aren't the only ones who will have this.  I'll bet it could be a
> very popular thing to have for anyone who likes to snoop, or anyone who
> fancies himself as a security agent.

And they'll have to have access to your Mac.

Give me you Mac for a couple of hours and I'll have everything on it.
With or without this particular software tool.

-- 
"If you wind up with a boring, miserable life because you listened to your mom,
your dad, your teacher, your priest or some guy on TV telling you how to do
your shit, then YOU DESERVE IT." -- From the Real Frank Zappa book

In article <290420071759108336%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> In article <290420071814306055%dave@N_O_T_T_H_I_Sbalderstone.ca>, Dave
> Balderstone <dave@N_O_T_T_H_I_Sbalderstone.ca> wrote:
> 
> > In article <290420071408104687%geefive@geefive.com>, geefive
> > <geefive@geefive.com> wrote:
> > 
> > > When I see it posted in Insanely Great Mac, I think it's an issue or it
> > > soon will be.  It's a serious issue, and I don't consider it to be
> > > unimportant because it's not responded to here, or it's responded to
> > > negatively.
> > 
> > IGM is fucking FAMOUS for trying to blow non-issues into advertising
> > hits on their site. If you think IGM is a trust-worthy source for
> > security news, you're sadly mistaken.
> 
> They have some of the same stuff I see on some other sites.  The reason
> I like it is because I don't have to register to make comments like has
> to be done with other websites.

You're one of the IGM commentors... Thanks for the heads up.

-- 
I am extraordinarily patient, provided I get my own way in the end.
- Margaret Thatcher

In article <290420071801155786%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> In article <290420071815017927%dave***@balderstone.ca>, Dave
> Balderstone <dave***@balderstone.ca> wrote:
> 
> > In article <290420071408104687%geefive@geefive.com>, geefive
> > <geefive@geefive.com> wrote:
> > 
> > > And I still want to know if Apple helped develop the device and, if
> > > they didn't, what they are going to do about protecting my computer,
> > > maybe with a security update.
> > 
> > So ask them.
> 
> My thinking is they have someone look at these groups for discussions
> they might be interested in knowing about.

Your thinking has already been demonstrated to be seriously flawed.

> Otherwise, I wouldn't know
> how to ta;lk to anyone there but pretty low-level operatives.

Too bad for you. It's not really difficult to talk to people at Apple.
Except Steve.

> What can they say?

If you don't ask, you'll never know.

-- 
I am extraordinarily patient, provided I get my own way in the end.
- Margaret Thatcher

In article <290420071729019497%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

>  Most of the time I use Classic (like now with
> YA-Newswatcher 4.1.1, which is almost older than I am :-). 

Using Classic can not be recommended to anyone concerned with security. 
You will find details on how to remove Classic in the NSA Security 
Manual to which I referred you. However the sad truth about security is 
that it depends a whole lot more on how much you know than on what 
applications you remove. Security is a state of mind, not a set of 
tools. Pretty much any of Bruce Schneier's articles or books point to 
this, however the most accessible would probably be Secrets and Lies 
http://www.schneier.com/book-sandl.html

> I don't use plists
> or log files that I know of, so who does?  I don't use crash logs, so
> who does and how do they get the data?

Some of the crash logs can be used by applications that ask you to send 
problems to the programmer (Safari and several other applications will 
ask for permission to do so after some types of problems). In other 
cases, when people have computer problems, you will find people in these 
newsgroups asking for certain details from the crash logs. It is often 
the easiest way to find what is causing a problem.  It is possible to 
remove crash logs, but there is little point as they are intended to 
help (serious) users when there is a problem.

You may want to invest in Little Snitch, to check whether applications 
are attempting to send material outside your computer. I can guarantee 
that if there were widespread abuse of logs or anything else by any 
common application you would not have any problem hearing about it in 
groups like this.

-- 
http://www.ericlindsay.com

In article <290420071505261331%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> I still contend that the device will be more widely available than just
> the responsible ones that are mentioned.  So what will (should) Apple
> do about it?  I propose if they had a hand in its development that they
> will say or do nothing.  As a matter of fact, they may have a warrant
> of some kind that prohibits them from discussing it.  This, then, is
> something the community will have to deal with without Apple's help.

There seems nothing in the list of abilities of the product that 
couldn't be worked out from regular programmers guides on the Apple 
Developers site. Except for obtaining the current user password, there 
seems little in the list you couldn't obtain using regular utilities on 
a Macintosh. It is just intended to make life easier for people who 
think they need that sort of information. I suspect that there are 
people reading this thread who could within a day produce an script to 
obtain most of the same information.

Only obtaining the current user password worries me a little (mainly 
because I can't see a quick and dirty way of doing that at the moment). 
Running strings and grep the swapfile doesn't help (and you need root 
access to read the swap file anyhow). 

If you run as a standard account (as anyone concerned with security 
would), and don't enable that account for sudo you get  "xxx is not in 
the sudoers file.  This incident will be reported." Then the Console log 
will show "Apr 30 18:18:48 XXXg5 sudo:   XXX : user NOT in sudoers ; 
TTY=ttyp2 ; PWD=/private/var/vm ; USER=root ; COMMAND=/usr/bin/strings 
-8 /var/vm/swapfile0", which is the sort of stuff log files are intended 
to contain (even if hardly anyone checks them). You might notice you 
can't read the logs from other users.

-- 
http://www.ericlindsay.com

On Apr 29, 6:21 pm, mikeP...@TOGROUPmacconsult.com (Mike Rosenberg)
wrote:
> geefive <geef...@geefive.com> wrote:
> > > Um, if someone is using your computer and, therefore, in a position to
> > > run this software, you have a much bigger problem...
>
> > You can't be too careful these days.  No matter who you are.  Do you
> > think that the definition of law enforcement means just governmental
> > agencies, or do you think it also includes corporate security
> > personnel?  Faith-based organizations?  The media?  Airport security
> > morons?  Your neighborhood association?  Your landlord?  A hotel/motel
> > you stay at?  Your child's school?
>
> Um, you completely missed my point.  Of course anyone can use that
> software.  To do so, however, they have to be sitting right there at
> your computer.  If someone is in that position against your will, you
> have a much bigger problem than just computer security.
>
i dont agree,, in the past it would require a search warrant for
snoopers to take away your computer from you and have the boys at the
lab search it for whatever they search for down at the labs,,

Now they only need to take it out of your sight for a minute - on some
pretext  - and your machine is owned,

They take it out of your sight for 5 minutes, power it on and stick in
the USB pen drive, hoover up all your stuff and then hand it back to
you,

They will use a ruse like:

"Excuse me sir we want to have a quick look at your laptop to make
sure you havent concealed any illegal drugs in the battery compartment
(i know someone who does that regularly)."

In article <290420071750025394%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <uce-299C07.19483729042007@comcast.dca.giganews.com>,
> Gregory Weston <uce@splook.com> wrote:
> 
> > The point is that this product doesn't have any real decryption 
> > capabilities, nor does it self-elevate its permissions. It's just an app 
> > that runs as the current user and extracts information that's already 
> > readable to absolutely every other app you run under your account should 
> > it choose to do so.
> > 
> > Read that again: It doesn't break any security that's in place. It 
> > simply harvests information which is already insecure.
> 
> It says:
> 
> "Once the software is run it will extract
> data from the Apple Keychain and system settings in order to provide
> the examiner fast access to the suspect's critical information with as
> little interaction or trace as possible."
> 
> Aren't keys encrypted?

The default behavior of the user's primary keychain is to unlock when 
you log in to your account. This can be changed via the Keychain Access 
application, but most people don't. The product we're talking about 
relies on that reality to get at (some of) the information it gathers.

On Mon, 30 Apr 2007 07:04:56 -0400, planb wrote
(in article <1177931096.767953.210260@p77g2000hsh.googlegroups.com>):

> On Apr 29, 6:21 pm, mikeP...@TOGROUPmacconsult.com (Mike Rosenberg)
> wrote:
>> geefive <geef...@geefive.com> wrote:
>>>> Um, if someone is using your computer and, therefore, in a position to
>>>> run this software, you have a much bigger problem...
>> 
>>> You can't be too careful these days.  No matter who you are.  Do you
>>> think that the definition of law enforcement means just governmental
>>> agencies, or do you think it also includes corporate security
>>> personnel?  Faith-based organizations?  The media?  Airport security
>>> morons?  Your neighborhood association?  Your landlord?  A hotel/motel
>>> you stay at?  Your child's school?
>> 
>> Um, you completely missed my point.  Of course anyone can use that
>> software.  To do so, however, they have to be sitting right there at
>> your computer.  If someone is in that position against your will, you
>> have a much bigger problem than just computer security.
>> 
> i dont agree,, in the past it would require a search warrant for
> snoopers to take away your computer from you and have the boys at the
> lab search it for whatever they search for down at the labs,,
> 
> Now they only need to take it out of your sight for a minute - on some
> pretext  - and your machine is owned,

Not if you have an adequate password and your stuff is encrypted and 
FileVaulted, it's not.

> 
> They take it out of your sight for 5 minutes, power it on and stick in
> the USB pen drive, hoover up all your stuff and then hand it back to
> you,

They can use that pen drive all they like, it won't do 'em a bit of good if 
your stuff is either in FileVault or encrypted or h.

> 
> They will use a ruse like:
> 
> "Excuse me sir we want to have a quick look at your laptop to make
> sure you havent concealed any illegal drugs in the battery compartment
> (i know someone who does that regularly)."

Answer: "No. If you want to look at the battery compartment" flip machine 
over, pull out battery "here you are. But no, you're not going anywhere with 
my machine without either me or a warrant."



-- 
email to oshea dot j dot j at gmail dot com.

planb <sammac1967@gmail.com> wrote:

> > Um, you completely missed my point.  Of course anyone can use that
> > software.  To do so, however, they have to be sitting right there at
> > your computer.  If someone is in that position against your will, you
> > have a much bigger problem than just computer security.
> >
> i dont agree,, in the past it would require a search warrant for
> snoopers to take away your computer from you and have the boys at the
> lab search it for whatever they search for down at the labs,,

You don't agree with _WHAT_?  I said that if someone else has physical
access to your computer you have a bigger problem that just computer
security, and you go on to say how easy it is for them to get that
physical access.  And that is part of exactly what I'm talking about.
If they can just confiscate my computer just like that, the security of
that computer is the least of my concerns.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

On 30 Apr, 13:17, mikeP...@TOGROUPmacconsult.com (Mike Rosenberg)
wrote:
> planb <sammac1...@gmail.com> wrote:
> > > Um, you completely missed my point.  Of course anyone can use that
> > > software.  To do so, however, they have to be sitting right there at
> > > your computer.  If someone is in that position against your will, you
> > > have a much bigger problem than just computer security.
>
> > i dont agree,, in the past it would require a search warrant for
> > snoopers to take away your computer from you and have the boys at the
> > lab search it for whatever they search for down at the labs,,
>
> You don't agree with _WHAT_?  I said that if someone else has physical
> access to your computer you have a bigger problem that just computer
> security, and you go on to say how easy it is for them to get that
> physical access.  And that is part of exactly what I'm talking about.
> If they can just confiscate my computer just like that, the security of
> that computer is the least of my concerns.
>

ok , what if you leave your mac unattended for 5 minutes and someone
runs this without you knowing. some geek did this on my windows
machine with a custom USB stick which autoruns the applications to
steal your data. i wasnt happy.

for the pc this setup costs about 30 of your us dollars. im sure it
wont be long before the guys over at hak5 cook something similar up
for the mac.

what about some software to require a password to access the USB ports
(similar sw exists for windows) ?

Dave Balderstone <dave@N_O_T_T_H_I_Sbalderstone.ca> writes:

> In article <290420071750025394%geefive@geefive.com>, geefive
> <geefive@geefive.com> wrote:
> 
> > Aren't keys encrypted?
> 
> No. They are password protected. Unless you've encrypted them, of
> course.

I don't understand this.  I thought that the passwords in my keychain
(or in any of my keychains) was inaccessible without the password for
that keychain.  I had assumed that this meant that they were
encrypted, and the password served as the key.  How else are they
protected, if not by encryption?

Of course by default your keychain has the same password as the user
account, and is opened whenever you log in.  I'm assuming that this is
not what you're refering to

-- 
    Bill Mitchell
    Dept of Mathematics,        The University of Florida
    PO Box 118105, Gainesville, FL 32611--8105
    mitchell@math.ufl.edu	(352) 392-0281 x284

In article <133akdaoui4o00a@corp.supernews.com>, G.T.
<getnews1@dslextreme.com> wrote:

> You're a f______g nut job.  

Good morning to you, Greg.  What a nice morning, sun's out, tomato
plants blossoming, the cat is snoozing in the morning sunshine waiting
for his feeding, and I feel very good today.  I hope your day is going
well.

> Anybody could write this utility without 
> Apple's help.  

One of my questions about the product we're talking about has to do
with what's allowed under the software license.  I tried to look it up
under "license," but the Apple OS license is not among the results
(probably called something else).  I wanted to read what's permissible,
but just offhand I would say that writing a program that rips off the
OS would not be permissible since it involves reverse engineering. 
They would need Apple's permission, wouldn't they, to mimic the OS with
the intent of writing a utility that rips off another user of the OS? 
Of course, I'm just guessing.  Apple may very well have cooperated in
the effort for all I know (which seems to be about as much as anyone
else here knows or wants us to know about Apple's role in the effort).

> Gimme a break.

Anytime you need a break, I'll be happy to do what I can for you...
consistent with God's Earth OS License (subsection: Golden Rule).

Thank you very much for taking the time to write the following.

BTW, I recently looked into trading in my G5 and the company that does
the deal says they take the hard drive and do a "root erase" before
selling it to anyone else.  Is there a (freeware?) utility I can use
that does this?  Nothing I have mentions being able to do a root erase.


Thanks again.

In article
<NOwebmasterSPAM-B85C3D.11475430042007@freenews.iinet.net.au>, Eric
Lindsay <NOwebmasterSPAM@ericlindsay.com> wrote:

> In article <290420071327036272%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > In article <tomstiller-C92CC3.15332229042007@comcast.dca.giganews.com>,
> > Tom Stiller <tomstiller@comcast.net> wrote:
> > > In article <290420071216104660%geefive@geefive.com>,
> > >  geefive <geefive@geefive.com> wrote:
> > > 
> > > > This new device makes it easier for an intrusive event to take place. 
> > > > And consideration has to be given to the notion that I am not a tekkie,
> > > > just an ordinary bloke like many others who might give pause when the
> > > > extent of the capabilities and uses of this device filter down to the
> > > > broad base of home or small-business users.
> > > 
> > > If it really bothers you, why not just unload the kext that mounts USB 
> > > drives.  If you're really paranoid, you could move it to a different 
> > > location where it must be loaded explicitly loaded by a user with root 
> > > access, or you could delete it altogether.
> > 
> > I have no idea how to do those things.  I wouldn't take the time to
> > find out.  I shouldn't have to do so because OSX and the Mac have a
> > reputation of being as secure as can be.  Now, apparently, the bar has
> > been lowered.  When people who use Macs because of better security find
> > out about this, then one has to wonder how many will throw in the
> > towel, or maybe sell the stock.
> 
> SubRosaSoftware specialise in security software, and have for a 
> considerable time. It is a niche market where higher than average prices 
> can be charged. It would seem from the list of tools that MacLockPick 
> would only work on a computer on which a user is already logged in. I 
> can't see any particular reason to believe that they would have needed 
> information from Apple (other than what is publicly available to 
> programmers)  to develop MacLockPick.
> 
> Much of the stuff mentioned can be obtained just by looking, once you 
> have access to the keyboard. No special tools required that are not 
> already installed. The risk is in letting someone access your computer 
> keyboard while you are logged in.
> 
> Apple already supply sufficient facilities to block many of the 
> utilities mentioned. The real problem is that running any computer in 
> really secure modes makes the computer harder to use.
> 
> Obvious precautions for concerned users would be password lock the 
> firmware, do not run normal activity using an admin account, password 
> lock wake from sleep, have an specific account for any risky activity 
> and have that FileVaulted, and use a different password on each of 
> these, and use secure delete on everything. Enable secure virtual memory 
> and all other security settings in Preferences. Do not use any browser 
> or Keychain to hold external passwords (memorise them all). Use touch 
> (or similar) to change the dates of all downloaded and recently accessed 
> files to obscure when they were obtained or used. Never accept cookies, 
> disable autofill,  and do not retain browser history using Private 
> Browsing.
> 
> Never leave the computer on when unattended or when travelling. Turn the 
> computer off whenever it is outside your securely bolted room. Ensure it 
> will take longer than the shutdown time for someone to break into the 
> computer room.
> 
> Unless my government gets a whole lot worse, I certainly wouldn't be 
> bothered doing all that. On the other hand, if I were working at a 
> university again, and leaving my laptop briefly in lecture rooms with 
> comp science or engineering students, I might do a lot of passwording. 
> If leaving it for longer periods, I'd want to be sure they couldn't boot 
> from an external drive as well, hence passwording the firmware. Removing 
> and copying the hard drive is then needed for an attack.
> 
> You could have a look at the freely available (but obsolete - Panther) 
> NSA text on securing OS X. http://www.nsa.gov/snac/downloads_macX.cfm It 
> covers all the obvious (and many not so obvious) precautions. Tiger is 
> better as these reviews indicate http://blogs.zdnet.com/BTL/?p=4706 and 
> http://www.applelinks.com/index.php/more/national_security_agency_gives_o
> s_x_104_tiger_thumbs_up_os_x_odyssey_862/ and the Tiger security manual 
> (second edition) is here 
> http://www.nsa.gov/snac/os/applemac/I731-006R-2007.pdf (caution over 2 
> MB PDF). If you are seriously interested in security, this last 
> reference makes a great starting point.
> 
> However if a major government has physical access to your computer, and 
> wants to extract information from it, they will probably manage to do so.

geefive <geefive@geefive.com> writes:

> They would need Apple's permission, wouldn't they, to mimic the OS with
> the intent of writing a utility that rips off another user of the OS? 

Unlikely, but irrelevant in any case.   This gadget doesn't mimic the OS.

-- 
    Bill Mitchell
    Dept of Mathematics,        The University of Florida
    PO Box 118105, Gainesville, FL 32611--8105
    mitchell@math.ufl.edu	(352) 392-0281 x284

On 2007-04-30 11:23:56 -0500, geefive <geefive@geefive.com> said:

> BTW, I recently looked into trading in my G5 and the company that does
> the deal says they take the hard drive and do a "root erase" before
> selling it to anyone else.  Is there a (freeware?) utility I can use
> that does this?  Nothing I have mentions being able to do a root erase.

That depends - what is a "root erase"?  That's not an industry-standard 
term I've ever heard before. If you want to securely erase a hard 
drive, so that all data is overwritten, Disk Utility has a few options 
for you:

1. Run Disk Utility.
2. From the list on the left side of the Disk Utility window, select 
(highlight) the hard drive.
3. Click the "Erase" tab.
4. Click "Security Options".
5. Click "Zero Out Data" or "7-Pass Erase" or "35-Pass Erase".
6. Click OK.
7. Click "Erase".

Depending on the option you choose and the size of the hard drive, 
erasing the data can take anywhere from minutes to days.

Note: If you are formatting the startup drive on a system you will need 
to boot on the Mac OS X installation CD/DVD and access Disk Utility 
from the menu bar.

Personally, I find it much easier and comforting to physically 
dismantle my hard drives and destroy the disk platters inside of them 
when I am ready to throw them out. Also, the magnets inside hard drives 
are quite strong and make most excellent fridge clips.   : D

-- 
JR

In article <1177940078.702400.122770@u30g2000hsc.googlegroups.com>,
 pokhara <sam1967paypal@googlemail.com> wrote:

> ok , what if you leave your mac unattended for 5 minutes and someone 
> runs this without you knowing. 

In what environment?  If it's not your home or office (or the home or 
office of someone you trust), you're lucky that the computer wasn't 
stolen.  If it's your home, you have a big problem.  If it's your 
office, why are you working in such an environment?

-- 
Support the troops:  Bring them home ASAP.

In article <2007042921352821622-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> On 2007-04-29 19:43:48 -0500, geefive <geefive@geefive.com> said:

> > My concern since discovering so much logging and caching in OSX was who
> > uses it if I don't.

> Caching: You use it each time you do anything with your computer. It 
> speeds performance, plain and simple.

Makes sense, but I notice little difference between going directly to a
website and seeing the cached version of it.  Broadband likely makes
this possible, right?  Personally, it's a waste of time because the
cached page is not the latest version and getting it requires a reload
that takes more time.
 
> Logging: Nobody uses it if you don't. It's there just in case you need 
> it. Your notion that if you aren't using it *someone else* must be 
> using it is just plain wrong, and is really unfounded.  After all, if 
> someone has access to your logs, then you have a bigger problem on your 
> hands - namely, that someone was able to break into your computer, and 
> that has nothing to do with whether log files exist or not.

If I open a Quicktime file, I get a prompt to upgrade to a version that
has the capability to open the it.  I don't know if that comes from the
program on my HD or over the web.  If it's over the web, then the
server is reading the version of my software.  What else do they read?

When I did TurboTax this year, they make you download an update before
the program will run.  When I allowed that, there was a lot of
activity.  How much of it involved checking log files, maybe even
returns from previous years?  And what happens to this data?  I don't
know if they share it with "selected trustworthy partners" or whomever. 
In the past year or two, I have been notified by the VA that my data
was compromised in thefts.  How much better is Intuit at protecting my
data versus the VA?  Maybe I'm too nervous about this, but to me it's a
little like being on death row and not being told if I'm attending a
hanging or an electrocution.

> > I don't really go for the notion that it's
> > necessary for the system to run,
> 
> Logging is necessary only for whoever happens to be diagnosing problems 
> with the software that created the log (you, or someone you have 
> allowed access to your system, in most circumstances).

What happens if I replace those files with little GIF's that can't be
written to?  Would the OS balk at that?  If not, then why wouldn't this
speed things up while eliminating some bloat?

> > they must
> > have known when they designed it that someone might be a little
> > concerned about intrusion.
> 
> Again, the fact that log files exist on your computer has absolutely 
> zilch to do with whether or not someone can break into your computer.

That's true, except if a thief has it then he has the log files.
 
> Your assertion that Apple must be transferring log/cache data to a 
> server someone is a load of crap. There are plenty of ways to sniff 
> packets going over a network. All you have to do is watch. I've never 
> seen any such data going out of my computer, and I'm pretty sure the 
> minute someone did find something like this going on, it would be all 
> over the Mac web like a shit storm.

Happy to hear it.  Thanks.

> > I have lost some confidence in my Mac lately

> Why is that?

It's hard to put into words.  I guess I could say that I felt like I
could get my arms around OS 7 & 8.  I just don't have the same feeling
about OSX.  It's alien to me and I have no hope of understanding more
than a small bit of it.  My inclination is to go in and throw away a
lot of it and just leave what I want to use.  And with all of the
capabilities of OSX, the latest versions do not allow me to run Classic
apps.  Half of my use is Classic.

Problem is, if I don't understand it, I have to make assumptions. 
Should I assume that it's secure or not?  Security concerns have been
more frequent since the Intel shift, so my confidence level is low. 
Maybe it's because I'm older.  Change is harder to digest, I suppose.

Thanks for your comments.

In article <0001HW.C25AC2930050EB37F058A648@newsgroups.comcast.net>,
J.J. O'Shea <try.not.to@but.see.sig> wrote:

> >>> Say if I take it through airport security and
> >>> they decide to take it to another room for a quick look.
> >> 
> >> They don't go into a different room with _my_ machine without _me_, not 
> >> without a warrant, anyway.
> > 
> > a warrant is not needed at an airport security checkpoint nor when
> > going through customs.  by going through airport security, you give
> > consent to be searched.  
> 
> I haven't had any problems in an airport recently.

i never said that you did.  however, at an airport, if they want to
search something, they will search it, and they don't need a warrant. 

> > i'm not sure about domestic airport security, but customs *can* search
> > your laptop (or other items) without you watching.  they might detain
> > you while that occurs, or they might keep the laptop or hard drives and
> > have them delivered to your house or hotel when they're done.
> 
> Given that my travel hard drive is usually in my suit coat pocket and all 
> that's in my home directory are encrypted files and aliases pointed 
> elsewhere, they can search the laptop all they like. There's nothing there.

what makes you think they won't inspect the hard drive too?  and,
depending on what they're looking for and how motivated they are to
find it, they might demand the passwords for the encrypted files.

if you think i'm fabricating this, peruse the forums on flyertalk.com. 
it happens.

Dave
> Balderstone wrote:
> You're one of the IGM commentors... Thanks for the heads up.

I'll never go there again.

> Your thinking has already been demonstrated to be seriously flawed.

Everyone has serious flaws in their thinking because humans have the
basic OS of a chimpanzee.

In article
<NOwebmasterSPAM-9F7B7D.16475830042007@freenews.iinet.net.au>, Eric
Lindsay <NOwebmasterSPAM@ericlindsay.com> wrote:

> Using Classic can not be recommended to anyone concerned with security. 
> You will find details on how to remove Classic in the NSA Security 
> Manual to which I referred you. However the sad truth about security is 
> that it depends a whole lot more on how much you know than on what 
> applications you remove. Security is a state of mind, not a set of 
> tools. Pretty much any of Bruce Schneier's articles or books point to 
> this, however the most accessible would probably be Secrets and Lies 
> http://www.schneier.com/book-sandl.html

I'll add these comments to a file I'm keeping on security. 

> You may want to invest in Little Snitch, to check whether applications 
> are attempting to send material outside your computer. I can guarantee 
> that if there were widespread abuse of logs or anything else by any 
> common application you would not have any problem hearing about it in 
> groups like this.

That's reassuring.  Thanks.

geefive wrote:
> In article <133akdaoui4o00a@corp.supernews.com>, G.T.
> <getnews1@dslextreme.com> wrote:
> 
>> You're a f______g nut job.  
> 
> Good morning to you, Greg.  What a nice morning, sun's out, tomato
> plants blossoming, the cat is snoozing in the morning sunshine waiting
> for his feeding, and I feel very good today.  I hope your day is going
> well.
> 
>> Anybody could write this utility without 
>> Apple's help.  
> 
> One of my questions about the product we're talking about has to do
> with what's allowed under the software license.  I tried to look it up
> under "license," but the Apple OS license is not among the results
> (probably called something else).  I wanted to read what's permissible,
> but just offhand I would say that writing a program that rips off the
> OS would not be permissible since it involves reverse engineering. 
> They would need Apple's permission, wouldn't they, to mimic the OS with
> the intent of writing a utility that rips off another user of the OS? 
> Of course, I'm just guessing.  Apple may very well have cooperated in
> the effort for all I know (which seems to be about as much as anyone
> else here knows or wants us to know about Apple's role in the effort).
> 

It has nothing to do with reverse engineering.  Just stop, please, no 
one needs Apple's permission to write a freakin' utility, it doesn't 
mimic the OS, it's just an overpriced utility that collects things that 
anyone could collect if they were sitting at the computer.

Greg

-- 
The ticketbastard Tax Tracker:
http://www.ticketmastersucks.org/tracker.html

Dethink to survive - Mclusky

In article
<NOwebmasterSPAM-53A5A6.18331830042007@freenews.iinet.net.au>, Eric
Lindsay <NOwebmasterSPAM@ericlindsay.com> wrote:

> If you run as a standard account (as anyone concerned with security 
> would), and don't enable that account for sudo...

You've lost me.  Sudo is not in my book.  And standard account is not
in my Panther book either.  By that do you mean an account other than
the admin account?

On 30 Apr, 17:58, Michelle Steiner <miche...@michelle.org> wrote:
> In article <1177940078.702400.122...@u30g2000hsc.googlegroups.com>,
>
>  pokhara <sam1967pay...@googlemail.com> wrote:
> > ok , what if you leave your mac unattended for 5 minutes and someone
> > runs this without you knowing.
>
> In what environment?  If it's not your home or office (or the home or
> office of someone you trust), you're lucky that the computer wasn't
> stolen.  If it's your home, you have a big problem.  If it's your
> office, why are you working in such an environment?

There are many ways someone could get access to your computer. Maybe
you are a contractor working on a client's site
or maybe you could be distracted by a criminal gang in a hotspot long
enough for them to steal your data.

These devices can suck up a lot of data in under a minute on a PC I am
led to believe.

The device is advertised in a very Orwellian fashion as allowing
investigators to access data on a suspect's computer.

It also allows criminals to  steal data from a victim's computer.

If you are fine with that Michelle then thats OK. I am not.

I am very new to the Mac but I am very impressed by the way it
controls access to software - applications and installers - by
prompting for a password and think it would be a great idea if someone
wrote an application to do the same for hardware such as USB and
Firewire ports.

For the PC there is such software.

Pretty scary.  My concern is anyone can do this with the device we're
talking about.  I often leave my computer on sleep, which I will not do
anymore.

-=-=-=-=-=

In article <1177931096.767953.210260@p77g2000hsh.googlegroups.com>,
planb <sammac1967@gmail.com> wrote:

> Now they only need to take it out of your sight for a minute - on some
> pretext  - and your machine is owned,
> 
> They take it out of your sight for 5 minutes, power it on and stick in
> the USB pen drive, hoover up all your stuff and then hand it back to
> you,
> 
> They will use a ruse like:
> 
> "Excuse me sir we want to have a quick look at your laptop to make
> sure you havent concealed any illegal drugs in the battery compartment
> (i know someone who does that regularly)."

On 2007-04-30 12:16:28 -0500, geefive <geefive@geefive.com> said:

>>> My concern since discovering so much logging and caching in OSX was who
>>> uses it if I don't.
> 
>> Caching: You use it each time you do anything with your computer. It
>> speeds performance, plain and simple.
> 
> Makes sense, but I notice little difference between going directly to a
> website and seeing the cached version of it.  Broadband likely makes
> this possible, right?  Personally, it's a waste of time because the
> cached page is not the latest version and getting it requires a reload
> that takes more time.

Umm...I wasn't talking about web browser caches.  I'm talking about the 
caches maintained by the kernel and the rest of the operating system 
and applications.  Take those away and watch your entire machine slow 
to a crawl (until they are created again, that is).

-- 
JR

On 30 Apr, 19:04, geefive <geef...@geefive.com> wrote:
> Pretty scary.  My concern is anyone can do this with the device we're
> talking about.  I often leave my computer on sleep, which I will not do
> anymore.
>
> -=-=-=-=-=
>
> In article <1177931096.767953.210...@p77g2000hsh.googlegroups.com>,
>
> planb <sammac1...@gmail.com> wrote:
> > Now they only need to take it out of your sight for a minute - on some
> > pretext  - and your machine is owned,
>
> > They take it out of your sight for 5 minutes, power it on and stick in
> > the USB pen drive, hoover up all your stuff and then hand it back to
> > you,
>
> > They will use a ruse like:
>
> > "Excuse me sir we want to have a quick look at your laptop to make
> > sure you havent concealed any illegal drugs in the battery compartment
> > (i know someone who does that regularly)."

G5

This hack has been extant for several years on Windows.

On windows the hardware to perform the hack costs 30-50 dollars and
the software is free.

Go to hak5.org to see what nefarious uses these USB drives can be put
to.

geefive wrote:
> Pretty scary.  My concern is anyone can do this with the device we're
> talking about.  I often leave my computer on sleep, which I will not do
> anymore.

If you double wrap it in heavy guage aluminum foil also, that'll prevent 
bogeymen from activating it when it looks like it's shutdown, but is 
secretly complying with hackers by booting and sending all sensitive 
data to those black vans you see every once in a while.

-- 
lsmft

In additon to it's, we can have hi's, her's and their's!!!

Help stamp out repetition, gratuitous apostrophe's, and NEEDLESS', 
redundant, and WHOLLY UNNECESSARY CAPITALIZATION, **AND**superflous 
*EMPHASIS*. And tautological statements which waste space and can be 
repetitive or even wordy in and of temselves', thus taking more time to 
read, or even think about; it's tedious and enervating.

These are  *THE* internet *SCOURGES'*, along with exclamation points!!!

On 2007-04-30 12:16:28 -0500, geefive <geefive@geefive.com> said:

>> Logging: Nobody uses it if you don't. It's there just in case you need
>> it. Your notion that if you aren't using it *someone else* must be
>> using it is just plain wrong, and is really unfounded.  After all, if
>> someone has access to your logs, then you have a bigger problem on your
>> hands - namely, that someone was able to break into your computer, and
>> that has nothing to do with whether log files exist or not.
> 
> If I open a Quicktime file, I get a prompt to upgrade to a version that
> has the capability to open the it.  I don't know if that comes from the
> program on my HD or over the web.  If it's over the web, then the
> server is reading the version of my software.  What else do they read?

QuickTime Player checks files on your system to see if it is registered 
/ licensed for "Pro" functionality. No network checking is needed.

> When I did TurboTax this year, they make you download an update before
> the program will run.  When I allowed that, there was a lot of
> activity.

Downloading files over networks cause network activity.  Software 
updates cause lots of hard disk activity.  Are you saying there was 
some other activity that was not expected?

> How much of it involved checking log files, maybe even
> returns from previous years?  And what happens to this data?

Software installers / updaters don't typically read log files. As I've 
said before, log files are meant for human beings to read. The mount of 
code it would take to write a piece of software that would parse and 
understand a log file would almost certainly be more effort than it's 
worth to do the task at hand for a software installer / updater.

Regarding previous years returns, TurboTax's updater may have needed to 
convert its databases to a newer format or something - but I think that 
would be the extent of it.

Of course if you want real answers, contact the makers of TurboTax and 
ask - I'm sure they'd be willing to answer your questions:

<http://support.turbotax.intuit.com/cgi-bin/turbotax.cfg/php/enduser/contact_us.php>

I 

> don't
> know if they share it with "selected trustworthy partners" or whomever.

You mean you didn't read their privacy policy?

> In the past year or two, I have been notified by the VA that my data
> was compromised in thefts.  How much better is Intuit at protecting my
> data versus the VA?

The data stored in any companies own systems is *always* at risk.

Don't make the flawed assumption that just because you don't get 
notified about it, their systems haven't been penetrated. Historically, 
the overwhelming majority of companies whose systems are compromised 
disclose the event only when it is certain that people are going to 
find out anyway. And a lot of companies simply never find out they've 
been compromised to begin with.

Anyway, if you really want to make sure software on your computer 
doesn't send any personal information outside your network, then 
purchase Little Snitch:

<http://www.macupdate.com/info.php/id/10426/little-snitch>

And learn how to use tcpdump and tcpflow:

<http://www.circlemud.org/~jelson/software/tcpflow/>

-- 
JR

On 2007-04-30 12:16:28 -0500, geefive <geefive@geefive.com> said:

>>> I don't really go for the notion that it's
>>> necessary for the system to run,
>> 
>> Logging is necessary only for whoever happens to be diagnosing problems
>> with the software that created the log (you, or someone you have
>> allowed access to your system, in most circumstances).
> 
> What happens if I replace those files with little GIF's that can't be
> written to?  Would the OS balk at that?

How the software writing to the log file handles something like that is 
really up to how the software is written. Keep in mind that various 
pieces of software write to various log files on your computer. Not all 
software is written the same way.

>  If not, then why wouldn't this
> speed things up while eliminating some bloat?

I would think most software that writes to log files would either 
generate an error condition upon encountering a GIF file or would 
simply overwrite the file with a log file.  In the former case, an 
error condition, the software would almost certainly perform slower 
than simply writing to the log file to begin with.

-- 
JR

On 30 Apr, 19:15, John McWilliams <j...@comcast.net> wrote:
> geefive wrote:
> > Pretty scary.  My concern is anyone can do this with the device we're
> > talking about.  I often leave my computer on sleep, which I will not do
> > anymore.
>
> If you double wrap it in heavy guage aluminum foil also, that'll prevent
> bogeymen from activating it when it looks like it's shutdown, but is
> secretly complying with hackers by booting and sending all sensitive
> data to those black vans you see every once in a while.
>
OMG the old tinfoil gag. Did you get that from the remaindered book
"101 achingly obvious insults for use on Usenet"

In article <1177957445.277227.316040@o5g2000hsb.googlegroups.com>,
 pokhara <sam1967paypal@googlemail.com> wrote:

> On 30 Apr, 19:15, John McWilliams <j...@comcast.net> wrote:
> > geefive wrote:
> > > Pretty scary.  My concern is anyone can do this with the device we're
> > > talking about.  I often leave my computer on sleep, which I will not do
> > > anymore.
> >
> > If you double wrap it in heavy guage aluminum foil also, that'll prevent
> > bogeymen from activating it when it looks like it's shutdown, but is
> > secretly complying with hackers by booting and sending all sensitive
> > data to those black vans you see every once in a while.
> >
> OMG the old tinfoil gag. Did you get that from the remaindered book
> "101 achingly obvious insults for use on Usenet"

    There was supposedly a study floating around from MIT showing that, 
at the frequencies usually used by governmental agencies, aluminium foil 
my actually CONCENTRATE the signals.
       Did not put this through snopes because I did not want to know 
(g).

On 2007-04-30 12:16:28 -0500, geefive <geefive@geefive.com> said:

>>> I have lost some confidence in my Mac lately
> 
>> Why is that?
> 
> It's hard to put into words.  I guess I could say that I felt like I
> could get my arms around OS 7 & 8.  I just don't have the same feeling
> about OSX.  It's alien to me and I have no hope of understanding more
> than a small bit of it.

That can be fixed with simple learning and time, though.

> My inclination is to go in and throw away a
> lot of it and just leave what I want to use.

Careful with that.  ; )  You may thrown something away you actually need.

> And with all of the
> capabilities of OSX, the latest versions do not allow me to run Classic
> apps.  Half of my use is Classic.

Mac OS X 10.4.9 runs Classic fine.  You must mean that Intel Macs don't 
run Classic.  That's true, but then for Intel Macs, there's 
SheepShaver, which works fine for the most part:

<http://www.macupdate.com/info.php/id/20615>

> Problem is, if I don't understand it, I have to make assumptions.
> Should I assume that it's secure or not?

Always assume it is not secure until you have heard otherwise from 
those more knowledgeable than yourself - that way you won't be caught 
off-guard.

> Security concerns have been more frequent since the Intel shift, so my 
> confidence level is low.

Have they?  I hadn't noticed an increase in frequency.

Regardless, the shift to Intel has not had an effect one way or the 
other on the level of security in Mac OS X. Anyone who posits that 
because Macs now have Intel processors they are somehow open to 
Intel-based exploits for Windows or other operating systems is ignorant 
and lacks a basic understanding of the way computers work internally.

> Maybe it's because I'm older.  Change is harder to digest, I suppose.

True.  But just have a little patience and take time to learn your new 
surroundings and you'll be fine.

-- 
JR

In article <133casb4nqmhrd6@corp.supernews.com>, G.T.
<getnews1@dslextreme.com> wrote:

> It has nothing to do with reverse engineering.  Just stop, please, no 
> one needs Apple's permission to write a freakin' utility, it doesn't 
> mimic the OS, it's just an overpriced utility that collects things that 
> anyone could collect if they were sitting at the computer.

Very well, then.  I'll go with that.

In article <WeydnQaZbum1r6vbnZ2dnUVZ_q7inZ2d@comcast.com>, John
McWilliams <jpmcw@comcast.net> wrote:

> geefive wrote:
> > Pretty scary.  My concern is anyone can do this with the device we're
> > talking about.  I often leave my computer on sleep, which I will not do
> > anymore.
> 
> If you double wrap it in heavy guage aluminum foil also, that'll prevent 
> bogeymen from activating it when it looks like it's shutdown, but is 
> secretly complying with hackers by booting and sending all sensitive 
> data to those black vans you see every once in a while.

I'd do this, but I used the last of my foil to make the tinfoil hat
someone here suggested that I wear.  Strange, that's when the black van
left.

On Mon, 30 Apr 2007 13:20:21 -0400, nospam wrote
(in article <300420071020217303%nospam@nospam.invalid>):

> In article <0001HW.C25AC2930050EB37F058A648@newsgroups.comcast.net>,
> J.J. O'Shea <try.not.to@but.see.sig> wrote:
> 
>>>>> Say if I take it through airport security and
>>>>> they decide to take it to another room for a quick look.
>>>> 
>>>> They don't go into a different room with _my_ machine without _me_, not 
>>>> without a warrant, anyway.
>>> 
>>> a warrant is not needed at an airport security checkpoint nor when
>>> going through customs.  by going through airport security, you give
>>> consent to be searched.  
>> 
>> I haven't had any problems in an airport recently.
> 
> i never said that you did.  however, at an airport, if they want to
> search something, they will search it, and they don't need a warrant. 

They can search on. There ain't nothing to find.

> 
>>> i'm not sure about domestic airport security, but customs *can* search
>>> your laptop (or other items) without you watching.  they might detain
>>> you while that occurs, or they might keep the laptop or hard drives and
>>> have them delivered to your house or hotel when they're done.
>> 
>> Given that my travel hard drive is usually in my suit coat pocket and all 
>> that's in my home directory are encrypted files and aliases pointed 
>> elsewhere, they can search the laptop all they like. There's nothing there.
> 
> what makes you think they won't inspect the hard drive too?

They'd have to know it exists. _I_ certainly wouldn't tell them, and I don't 
carry it in the same place as the laptop.

>  and,
> depending on what they're looking for and how motivated they are to
> find it, they might demand the passwords for the encrypted files.

They can demand away. They've not getting them. Arrest me. They're _still_ 
not getting them without a warrant.

> 
> if you think i'm fabricating this, peruse the forums on flyertalk.com. 
> it happens.

Oh, I don't doubt it happens.


-- 
email to oshea dot j dot j at gmail dot com.

On 2007-04-30 12:57:08 -0500, geefive <geefive@geefive.com> said:

> In article
> <NOwebmasterSPAM-53A5A6.18331830042007@freenews.iinet.net.au>, Eric
> Lindsay <NOwebmasterSPAM@ericlindsay.com> wrote:
> 
>> If you run as a standard account (as anyone concerned with security
>> would), and don't enable that account for sudo...
> 
> You've lost me.  Sudo is not in my book.

sudo is a command-line tool that allows a user to run commands as root. 
Mac OS X user accounts with administrator privileges are automatically 
allowed access to sudo - all *normal* (non-admin) user accounts are not 
allowed sudo access.

> And standard account is not
> in my Panther book either.

Standard account equals non-admin account.

> By that do you mean an account other than
> the admin account?

Yep.

-- 
JR

On Mon, 30 Apr 2007 13:59:33 -0400, pokhara wrote
(in article <1177955973.667460.39860@n76g2000hsh.googlegroups.com>):

> On 30 Apr, 17:58, Michelle Steiner <miche...@michelle.org> wrote:
>> In article <1177940078.702400.122...@u30g2000hsc.googlegroups.com>,
>> 
>> pokhara <sam1967pay...@googlemail.com> wrote:
>>> ok , what if you leave your mac unattended for 5 minutes and someone
>>> runs this without you knowing.
>> 
>> In what environment?  If it's not your home or office (or the home or
>> office of someone you trust), you're lucky that the computer wasn't
>> stolen.  If it's your home, you have a big problem.  If it's your
>> office, why are you working in such an environment?
> 
> There are many ways someone could get access to your computer. Maybe
> you are a contractor working on a client's site

If you're working, then you have your machine with you, and you're on it and 
will _see_ if anyone tries to stick a USB key into your machine. If you're 
not using it, then the machine is shut down... and the USB key in question 
can't access your stuff.

> or maybe you could be distracted by a criminal gang in a hotspot long
> enough for them to steal your data.

This device will not work over a wireless connection. It needs to be inserted 
into a USB port.

> 
> These devices can suck up a lot of data in under a minute on a PC I am
> led to believe.

Sigh. It depends on what you want to get, and how you define 'a lot of data'. 
And, again, if your stuff is encrypted, it doesn't matter if they 'suck up' 
your data... they can't read it, unless they can break the encryption. 
Commercial encryption software tends to be 3DES or AES or some such. That's 
hard to break even if you're the NSA.

> 
> The device is advertised in a very Orwellian fashion as allowing
> investigators to access data on a suspect's computer.

It's called 'marketing'.

> 
> It also allows criminals to  steal data from a victim's computer.

If the criminal has physical access to the machine.

> 
> If you are fine with that Michelle then thats OK. I am not.
> 
> I am very new to the Mac but I am very impressed by the way it
> controls access to software - applications and installers - by
> prompting for a password and think it would be a great idea if someone
> wrote an application to do the same for hardware such as USB and
> Firewire ports.
> 
> For the PC there is such software.
> 

Someone else has already pointed out how to do exactly that.



-- 
email to oshea dot j dot j at gmail dot com.

In article <2007043013193724250-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> Anyway, if you really want to make sure software on your computer 
> doesn't send any personal information outside your network, then 
> purchase Little Snitch:
> 
> <http://www.macupdate.com/info.php/id/10426/little-snitch>
> 
> And learn how to use tcpdump and tcpflow:
> 
> <http://www.circlemud.org/~jelson/software/tcpflow/>

Thanks.

My router has a file on it that logs stuff.  I say stuff because I
don't understand it.  Maybe I should take a look at that again and try
to figure it out.  I don't look at it because I have javascript
disabled and that's the only way it will show.

On 2007-04-30 14:19:09 -0500, geefive <geefive@geefive.com> said:

> In article <2007043013193724250-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
>> Anyway, if you really want to make sure software on your computer
>> doesn't send any personal information outside your network, then
>> purchase Little Snitch:
>> 
>> <http://www.macupdate.com/info.php/id/10426/little-snitch>
>> 
>> And learn how to use tcpdump and tcpflow:
>> 
>> <http://www.circlemud.org/~jelson/software/tcpflow/>
> 
> Thanks.
> 
> My router has a file on it that logs stuff.  I say stuff because I
> don't understand it.  Maybe I should take a look at that again and try
> to figure it out.  I don't look at it because I have javascript
> disabled and that's the only way it will show.

Post some of it here and we'll explain it to you if you want.

-- 
JR

geefive wrote:
> In article <f138u1$r4e$2@aioe.org>, nospam <nospamatall@iol.ie> wrote:
> 
>> Apple must know about it, and how is all done. They put the OS together.
>> They are the ones who, for example, designed the parts of the system
>> that store your password so that you don't have to keep typing it in for
>> each operation you perform. If they locked that up totally your computer
>> wouldn't work.
>>
>> Andy
> 
> Will they now issue a security update that fixes this or, if their
> participation was not willing or forced, will they or should they make
> use of their patent and copyright prerogatives?
> 
> I hoped that this would've been the discussion.

I would be very surprised if they did. They might alter the way the
system stores the password, if that turns out to be improvable without
screwing up lots of other things. This is not like a virus or suchlike,
as others have said, if your attacker has access to the machine you're
screwed anyway.

I suppose you could say that there are 'works of art' on your computer,
which are protected by copyright. You were using your user password to
protect that material and by hacking your password the law enforcement
officials contravened the DMCA.

Andy

geefive wrote:

> Oh, I don't know.  Geeze.  How much technical knowledge does it take to
> wonder or speculate about Apple's participation in this matter and what
> their responses will be to the Mac community, and/or to the company
> that developed the product?  I mean, I think I'm prevented by law or
> software agreement from reverse engineering or monkeying with the OS as
> well as the development of hacking devices.

That's probably why they can't sell it generally. The police at the
airport have Uzis. I can't buy an Uzi legally. Well they don't all have
uzis.

Andy

In article <2007043013293487644-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> On 2007-04-30 12:16:28 -0500, geefive <geefive@geefive.com> said:
> 
> >>> I have lost some confidence in my Mac lately
> > 
> >> Why is that?
> > 
> > It's hard to put into words.  I guess I could say that I felt like I
> > could get my arms around OS 7 & 8.  I just don't have the same feeling
> > about OSX.  It's alien to me and I have no hope of understanding more
> > than a small bit of it.
> 
> That can be fixed with simple learning and time, though.

It's a lot like the cable system to me.  I pay for a lot of channels I
don't use.  For instance, the upgrade from basic cable to expanded
included a lot of useless channels, then the upgrade to digital brought
me only one channel I wanted to see - NFL Network.

The Mac OS is the same way.  They should market a basic version of it
that's stripped down, and then let me buy the apps I want if I don't
want the other 90% currently available.

> > My inclination is to go in and throw away a
> > lot of it and just leave what I want to use.
> 
> Careful with that.  ; )  You may thrown something away you actually need.

Now, that would be an interesting experiment.  Put a copy of the OS on
a partition and throw away stuff to see how far you can go and still
have it work.  Hmmm.  Let's see, now, throw away a lot of apps.  Maybe
use an uninstaller program.  If it could be made small enough, then
maybe make a duplicate of the stripped-down OS on another partition
with Silverkeeper and browse with a new version of the OS installed
every day.  That is, use Silverkeeper to replace the OS used to browse
the web every day, meaning all new cache and log files. 
 
> > And with all of the
> > capabilities of OSX, the latest versions do not allow me to run Classic
> > apps.  Half of my use is Classic.
> 
> Mac OS X 10.4.9 runs Classic fine.  You must mean that Intel Macs don't 
> run Classic.  That's true, but then for Intel Macs, there's 
> SheepShaver, which works fine for the most part:
> 
> <http://www.macupdate.com/info.php/id/20615>

Classic has worked flawlessly for me.  I don't know why Apple does not
continue to support my old apps.  If they can make the Mac use apps
from the evil empire, then why not Classic apps?  It's the main reason
I haven't upgraded from 10.3.9.  I think it's a reason why a lot of
people haven't upgraded.  A third-party app as a substitute for Classic
isn't what I want to do.  I want it done by Apple, that way I know it
will be done right.  Especially since they've already don it.
> 
> > Problem is, if I don't understand it, I have to make assumptions.
> > Should I assume that it's secure or not?
> 
> Always assume it is not secure until you have heard otherwise from 
> those more knowledgeable than yourself - that way you won't be caught 
> off-guard.

Good advice.
> 
> > Security concerns have been more frequent since the Intel shift, so my 
> > confidence level is low.
> 
> Have they?  I hadn't noticed an increase in frequency.

You haven't?  Seems like a new security update is issued every few
weeks.  I didn't see that with OS-7. -8. & -9.
> 
> Regardless, the shift to Intel has not had an effect one way or the 
> other on the level of security in Mac OS X. Anyone who posits that 
> because Macs now have Intel processors they are somehow open to 
> Intel-based exploits for Windows or other operating systems is ignorant 
> and lacks a basic understanding of the way computers work internally.

I hated Intel for years and now I'm reluctant to throw myself into
their arms.  Intel and the demise of Classic happened at the same time,
further reason not to switch.  That's the mileage I get, anyway.
> 
> > Maybe it's because I'm older.  Change is harder to digest, I suppose.
> 
> True.  But just have a little patience and take time to learn your new 
> surroundings and you'll be fine.

Like I said, I feel like I'm paying for a lot of stuff I don't use.  I
might use Garageband if I could figure it out, or if I had any tunes in
my head.  I have a keyboard, but dang if I know how to use it to maybe
learn to play some simple things like happy birthday, maybe some hymns
and carols.  If I plug my camera's into iPhoto, it asks me what I want
to do.  Garageband should do the same thing - plug in the keyboard and
it should give me a choice of constructing a song or else just play
notes for practice.  It's frustrating.  Not intuitive like I expected
from Apple.

On 2007-04-30 15:03:10 -0500, geefive <geefive@geefive.com> said:

> In article <2007043013293487644-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
>> On 2007-04-30 12:16:28 -0500, geefive <geefive@geefive.com> said:
>> 
>>>>> I have lost some confidence in my Mac lately
>>> 
>>>> Why is that?
>>> 
>>> It's hard to put into words.  I guess I could say that I felt like I
>>> could get my arms around OS 7 & 8.  I just don't have the same feeling
>>> about OSX.  It's alien to me and I have no hope of understanding more
>>> than a small bit of it.
>> 
>> That can be fixed with simple learning and time, though.
> 
> It's a lot like the cable system to me.  I pay for a lot of channels I
> don't use.  For instance, the upgrade from basic cable to expanded
> included a lot of useless channels, then the upgrade to digital brought
> me only one channel I wanted to see - NFL Network.
> 
> The Mac OS is the same way.  They should market a basic version of it
> that's stripped down, and then let me buy the apps I want if I don't
> want the other 90% currently available.

Well, Apple would have to spend a lot of money to do something like 
that, and they would gain little. Besides, if you don't use an 
application on your computer, nothing bad will happen.

-- 
JR

In article <0001HW.C25BB407000ABD0EF058A648@newsgroups.comcast.net>,
J.J. O'Shea <try.not.to@but.see.sig> wrote:

> > what makes you think they won't inspect the hard drive too?
> 
> They'd have to know it exists. _I_ certainly wouldn't tell them, and I don't 
> carry it in the same place as the laptop.

they'll see the hard drive or usb stick on the x-ray and when they go
through your stuff manually.  granted, they won't search the contents
of a hard drive all that often, but they *can* if they think that it is
necessary.  for example, customs might be looking for illicit porn.

On 2007-04-30 15:03:10 -0500, geefive <geefive@geefive.com> said:

>>> And with all of the
>>> capabilities of OSX, the latest versions do not allow me to run Classic
>>> apps.  Half of my use is Classic.
>> 
>> Mac OS X 10.4.9 runs Classic fine.  You must mean that Intel Macs don't
>> run Classic.  That's true, but then for Intel Macs, there's
>> SheepShaver, which works fine for the most part:
>> 
>> <http://www.macupdate.com/info.php/id/20615>
> 
> Classic has worked flawlessly for me.  I don't know why Apple does not
> continue to support my old apps.

You just said you are able to run your classic apps in Classic, right?  
I'm confused as to what you are complaining about.

> If they can make the Mac use apps
> from the evil empire, then why not Classic apps?

You just said Classic works flawlessly for you.  I don't get it.  What 
am I missing?

> It's the main reason
> I haven't upgraded from 10.3.9.  I think it's a reason why a lot of
> people haven't upgraded.

Classic is why you haven't upgraded to Mac OS X 10.4.x?  But Classic 
works *fine* in 10.4.x.  I can't think of a reason for you not to 
upgrade to 10.4 regarding Classic.

> A third-party app as a substitute for Classic
> isn't what I want to do.  I want it done by Apple, that way I know it
> will be done right.  Especially since they've already don it.

Apple stopped supporting Mac OS 9 in 2002 - that's five years ago.  All 
Mac users have had 5 years to migrate to Mac OS X-native applications.

With that said, if you have a PowerPC Macintosh, you can *still* run 
classic Mac OS applications just fine in Mac OS X 10.4.x's Classic.

Only those Mac users with **Intel** Macs have to resort to using SheepShaver.

-- 
JR

In article <2007043013563576582-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> On 2007-04-30 12:57:08 -0500, geefive <geefive@geefive.com> said:
> 
> > In article
> > <NOwebmasterSPAM-53A5A6.18331830042007@freenews.iinet.net.au>, Eric
> > Lindsay <NOwebmasterSPAM@ericlindsay.com> wrote:
> > 
> >> If you run as a standard account (as anyone concerned with security
> >> would), and don't enable that account for sudo...
> > 
> > You've lost me.  Sudo is not in my book.
> 
> sudo is a command-line tool that allows a user to run commands as root. 
> Mac OS X user accounts with administrator privileges are automatically 
> allowed access to sudo - all *normal* (non-admin) user accounts are not 
> allowed sudo access.

So how does one get from being the user of the admin account to moving
everything to another account?  A lot of times I'm prompted to use the
admin password to install things on the HD or to change prefs.  If I'm
not the admin account, how would that work if I used the non-admin
account?

A lot of this stuff is over my head, but I've been adding all of the
tips I get here about security to a text document and soon I'll get
busy trying to hatch an overall security plan.  I appreciate all of the
help.

Thanks again.

In article <300420071303102399%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> Classic has worked flawlessly for me.  I don't know why Apple does not
> continue to support my old apps.  If they can make the Mac use apps
> from the evil empire, then why not Classic apps?  It's the main reason
> I haven't upgraded from 10.3.9.  

classic works in 10.4 on powerpc macs.  since you currently are using
10.3.9, you have a powerpc mac.  thus, classic will continue to work if
you upgrade to 10.4.

classic does not work on intel macs nor will it work in leopard, so
your concern is somewhat valid, however, it is a bit premature.

On 2007-04-30 15:30:20 -0500, geefive <geefive@geefive.com> said:

> In article <2007043013563576582-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
>> On 2007-04-30 12:57:08 -0500, geefive <geefive@geefive.com> said:
>> 
>>> In article
>>> <NOwebmasterSPAM-53A5A6.18331830042007@freenews.iinet.net.au>, Eric
>>> Lindsay <NOwebmasterSPAM@ericlindsay.com> wrote:
>>> 
>>>> If you run as a standard account (as anyone concerned with security
>>>> would), and don't enable that account for sudo...
>>> 
>>> You've lost me.  Sudo is not in my book.
>> 
>> sudo is a command-line tool that allows a user to run commands as root.
>> Mac OS X user accounts with administrator privileges are automatically
>> allowed access to sudo - all *normal* (non-admin) user accounts are not
>> allowed sudo access.
> 
> So how does one get from being the user of the admin account to moving
> everything to another account?

You don't have to move anything. Here's how to do it:

First, open and unlock the System Preferences > Accounts panel.

1. Open System Preferences.
2. Click Accounts.
3. Click the lock icon to unlock the panel (if needed).

Next, create a new administrator account:

1. Click the [+] button. A new user account sheet appears.
2. In the Name text box, enter "Administrator" (without quotes).
3. In the Short Name text box, enter "admin" (without quotes).
4. In the Password text box, enter a secure password. If you need help 
creating a secure password, click the little key icon to the right of 
this text box, and an assistant will help you come up with a secure 
password.
5. In the Verify text box re-enter the secure password.
6. Check the "Allow user to administer this computer" checkbox.
7. Click Create Account.

Next, remove administrator abilities from your normal user account:

1. Open System Preferences.
2. Click Accounts.
3. Click the lock icon to unlock the panel (if needed).
4. From the account list on the left side of the System Preferences > 
Accounts panel, highlight your normal user account name.
5. Uncheck the "Allow user to administer this computer" checkbox.

That's it. Now whenever you are asked for an administrator account's 
credentials, you can enter user name "Administrator" (or "admin") and 
the associated secure password.

> A lot of times I'm prompted to use the
> admin password to install things on the HD or to change prefs.  If I'm
> not the admin account, how would that work if I used the non-admin
> account?

It works the same way. The system asks you for the user name and 
password for an administrator account. Rather than supplying your own 
user name and password, you supply an administrator user's name and 
password.

> A lot of this stuff is over my head, but I've been adding all of the
> tips I get here about security to a text document and soon I'll get
> busy trying to hatch an overall security plan.  I appreciate all of the
> help.
> 
> Thanks again.

No prob. That's why we are here.

-- 
JR

> > or maybe you could be distracted by a criminal gang in a hotspot long
> > enough for them to steal your data.
>
> This device will not work over a wireless connection. It needs to be inserted
> into a USB port.
>
you must be one stupid bastard.

what did you think i thought they did with a fucking usb stick.

stick it up their fucking arse.

they could still stick it in your fucking usb port if they distracted
you , you fucking dense oirish sack of potatoes.

that felt good.

On 2007-04-30 15:33:22 -0500, nospam <nospam@nospam.invalid> said:

> classic does not work on intel macs nor will it work in leopard, so
> your concern is somewhat valid, however, it is a bit premature.

What makes you think Classic won't work in Leopard on PowerPC Macs?

-- 
JR

On Mon, 30 Apr 2007 16:47:23 -0400, pokhara wrote
(in article <1177966043.878681.24660@o5g2000hsb.googlegroups.com>):

>>> or maybe you could be distracted by a criminal gang in a hotspot long
>>> enough for them to steal your data.
>> 
>> This device will not work over a wireless connection. It needs to be 
>> inserted
>> into a USB port.
>> 
> you must be one stupid bastard.
> 
> what did you think i thought they did with a fucking usb stick.
> 
> stick it up their fucking arse.
> 
> they could still stick it in your fucking usb port if they distracted
> you , you fucking dense oirish sack of potatoes.
> 
> that felt good.
> 
> 

So, m'man, how exactly are they going to stick the USB key into a port on my 
machine while it's in front of me? Be specific.

And, as I'd either carry the machine with me whereever I go, or shut it down 
and place it in a secure area, and this particular device requires that the 
machine be running and that someone be logged in before it can be useful, 
exactly what can they do about it?

And, as my important data is on an external drive, which when the machine is 
shut down goes into my jacket pocket, and there's nothing on the machine 
that's usable elsewhere (different passwords from my desktop systems, for 
example) even if they stole it, what do they gain, other than a laptop?

You are a frightfully silly individual.

-- 
email to oshea dot j dot j at gmail dot com.

On Mon, 30 Apr 2007 16:29:42 -0400, nospam wrote
(in article <300420071329428985%nospam@nospam.invalid>):

> In article <0001HW.C25BB407000ABD0EF058A648@newsgroups.comcast.net>,
> J.J. O'Shea <try.not.to@but.see.sig> wrote:
> 
>>> what makes you think they won't inspect the hard drive too?
>> 
>> They'd have to know it exists. _I_ certainly wouldn't tell them, and I 
>> don't 
>> carry it in the same place as the laptop.
> 
> they'll see the hard drive or usb stick on the x-ray and when they go
> through your stuff manually.

Point.

>  granted, they won't search the contents
> of a hard drive all that often, but they *can* if they think that it is
> necessary.  for example, customs might be looking for illicit porn.

Anyone who takes that kind of stuff through customs deserves what he gets.

-- 
email to oshea dot j dot j at gmail dot com.

On 30 Apr, 21:55, Jolly Roger <jollyro...@null.org> wrote:
> On 2007-04-30 15:33:22 -0500, nospam <nos...@nospam.invalid> said:
>
> > classic does not work on intel macs nor will it work in leopard, so
> > your concern is somewhat valid, however, it is a bit premature.
>
> What makes you think Classic won't work in Leopard on PowerPC Macs?
>
> --
> JR

JR

you seem to know your stuff unlike some here.

is there an application for osx which blocks access to the USB ports
unless a password is entered ?

such software exists for windows.

In article <2007043014291845162-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> On 2007-04-30 14:19:09 -0500, geefive <geefive@geefive.com> said:
> 
> > In article <2007043013193724250-jollyroger@nullorg>, Jolly Roger
> > <jollyroger@null.org> wrote:
> > 
> >> Anyway, if you really want to make sure software on your computer
> >> doesn't send any personal information outside your network, then
> >> purchase Little Snitch:
> >> 
> >> <http://www.macupdate.com/info.php/id/10426/little-snitch>
> >> 
> >> And learn how to use tcpdump and tcpflow:
> >> 
> >> <http://www.circlemud.org/~jelson/software/tcpflow/>
> > 
> > Thanks.
> > 
> > My router has a file on it that logs stuff.  I say stuff because I
> > don't understand it.  Maybe I should take a look at that again and try
> > to figure it out.  I don't look at it because I have javascript
> > disabled and that's the only way it will show.
> 
> Post some of it here and we'll explain it to you if you want.

I will when I have a busy day and the router collects some data. 
Trouble is, I turn it off at night (wipes the log) and it gets turned
off sometimes during the day and reset because it needs it when I try
to go to a website but forget to turn the modem on first.  Things get
confused and I have to turn off the modem and router then fire them
back up again to eliminate whatever confusion (maybe TCP) prevents them
from working together.

On Mon, 30 Apr 2007 17:03:09 -0400, pokhara wrote
(in article <1177966989.347334.293060@y80g2000hsf.googlegroups.com>):

> On 30 Apr, 21:55, Jolly Roger <jollyro...@null.org> wrote:
>> On 2007-04-30 15:33:22 -0500, nospam <nos...@nospam.invalid> said:
>> 
>>> classic does not work on intel macs nor will it work in leopard, so
>>> your concern is somewhat valid, however, it is a bit premature.
>> 
>> What makes you think Classic won't work in Leopard on PowerPC Macs?
>> 
>> --
>> JR
> 
> JR
> 
> you seem to know your stuff unlike some here.
> 
> is there an application for osx which blocks access to the USB ports
> unless a password is entered ?
> 
> such software exists for windows.
> 

Google is your friend, you incredibly silly individual.

-- 
email to oshea dot j dot j at gmail dot com.

In article <f15hbv$561$1@aioe.org>, nospam <nospamatall@iol.ie> wrote:

> geefive wrote:
> > In article <f138u1$r4e$2@aioe.org>, nospam <nospamatall@iol.ie> wrote:
> > 
> >> Apple must know about it, and how is all done. They put the OS together.
> >> They are the ones who, for example, designed the parts of the system
> >> that store your password so that you don't have to keep typing it in for
> >> each operation you perform. If they locked that up totally your computer
> >> wouldn't work.
> >>
> >> Andy
> > 
> > Will they now issue a security update that fixes this or, if their
> > participation was not willing or forced, will they or should they make
> > use of their patent and copyright prerogatives?
> > 
> > I hoped that this would've been the discussion.
> 
> I would be very surprised if they did. They might alter the way the
> system stores the password, if that turns out to be improvable without
> screwing up lots of other things. This is not like a virus or suchlike,
> as others have said, if your attacker has access to the machine you're
> screwed anyway.
> 
> I suppose you could say that there are 'works of art' on your computer,
> which are protected by copyright. You were using your user password to
> protect that material and by hacking your password the law enforcement
> officials contravened the DMCA.
> 
> Andy

This is supposed to be made available to certain personnel only, and
I'm not worried if that actually is the case.  But it won't be.  My
concern is someone else who gets to my computer without my knowledge. 
One the product is on the market, anyone who wants one will figure out
how to get it.  And then it will get hacked and improved, and who knows
what.  Despite what some people have said here, Apple should see if
there's something in their license that allows this kind of monkeying
around with people's OS and then either put a stop to it or update the
OS so this device doesn't work.  Of course, if Apple doesn't respond
somehow, it will be plain that they either helped develop the device or
are in favor of it, which is a significant departure from what I
thought their security policy was.  It's just my opinion.  Nobody has
to say they disagree with it.  I know a bunch of you do.  It's okay
with me.  Maybe it's time for Apple to do a sweeping security analysis
of the OS and do something else.  Or maybe it's time for me to stop
thinking that my Mac is safe behind a password.

In article <2007043015302076236-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> On 2007-04-30 15:03:10 -0500, geefive <geefive@geefive.com> said:
> 
> >>> And with all of the
> >>> capabilities of OSX, the latest versions do not allow me to run Classic
> >>> apps.  Half of my use is Classic.
> >> 
> >> Mac OS X 10.4.9 runs Classic fine.  You must mean that Intel Macs don't
> >> run Classic.  That's true, but then for Intel Macs, there's
> >> SheepShaver, which works fine for the most part:
> >> 
> >> <http://www.macupdate.com/info.php/id/20615>

As long as I can live with 10.3.9, I have Classic and don't have to buy
anything else to run the programs I have already paid for.  
> > 
> > Classic has worked flawlessly for me.  I don't know why Apple does not
> > continue to support my old apps.
> 
> You just said you are able to run your classic apps in Classic, right?  
> I'm confused as to what you are complaining about.

I haven't upgraded to 10.4 yet and now it looks like another version is
coming along and I'll be yet further behind.  Meanwhile, the magazines
are all 10.4, so I'm not buying those anymore.  I'm getting left behind
because I want to use Classic (and not some expensive and feeble
attempt to do the same thing).
> 
> > If they can make the Mac use apps
> > from the evil empire, then why not Classic apps?
> 
> You just said Classic works flawlessly for you.  I don't get it.  What 
> am I missing?

Because 10.4 drops Classic and my older apps (like this ne YA
Newswatcher 4.1.1, or Eudora 1.5.2 (and a bunch of other programs) will
have to be shelved.  Why?  So I can support the enemy Intel?
> 
> > It's the main reason
> > I haven't upgraded from 10.3.9.  I think it's a reason why a lot of
> > people haven't upgraded.
> 
> Classic is why you haven't upgraded to Mac OS X 10.4.x?  But Classic 
> works *fine* in 10.4.x.  I can't think of a reason for you not to 
> upgrade to 10.4 regarding Classic.

I'll check it out.

> Only those Mac users with **Intel** Macs have to resort to using SheepShaver.

If Sheepshaver can do it, then why can't Apple?  because they needed
programmers for iPods?  Shoot, you won't catch me supporting that,
either.  Apple should concentrate on computers and spin off phones,
pods, TV stuff, and anything else that isn't computer hardware and
software.

J.J. O'Shea <try.not.to@but.see.sig> writes:

> > 
> > is there an application for osx which blocks access to the USB ports
> > unless a password is entered ?
> > 
> > such software exists for windows.
> > 
> 
> Google is your friend, you incredibly silly individual.

I assume that this is your way of saying "I don't know".

-- 
    Bill Mitchell
    Dept of Mathematics,        The University of Florida
    PO Box 118105, Gainesville, FL 32611--8105
    mitchell@math.ufl.edu	(352) 392-0281 x284

In article <2007043015422214181-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> First, open and unlock the System Preferences > Accounts panel.
> Next, create a new administrator account:
> Next, remove administrator abilities from your normal user account:

> That's it. Now whenever you are asked for an administrator account's 
> credentials, you can enter user name "Administrator" (or "admin") and 
> the associated secure password.

Nice.  Now tell me again why I'm doing this.  It sounds good, but I'm
not clear on the benefits of it.  Is this going to keep someone from
accessing my data or just make it harder to do so?  I reckon that I'll
still be using the same account I am now and just shifting
administrator privileges to another account... which will make me more
secure how?

Sorry, these are things I just don't think about or work with, so I get
confused easily.  The procedure you outlined seems specific and
understandable, though, so I appreciate your taking the time to run it
down for me.

In article <300420071447067438%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> Because 10.4 drops Classic and my older apps

This is nonsense. Classic runs fine on PPC Macs with 10.4.x

-- 
"Let's just admit that public education is mediocre at best." -- Frank Zappa

In article <2007043015552044096-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> > classic does not work on intel macs nor will it work in leopard, so
> > your concern is somewhat valid, however, it is a bit premature.
> 
> What makes you think Classic won't work in Leopard on PowerPC Macs?

Because at some point it was said that Classic was being dropped from
the OS, but I didn't realize that PPC owners would have it in there
even though the very same OS did not have it for Intel Macs.  I thought
it was across the board.  Now I can go out and buy 10.4 now that it's
in a mature state.  Does this mean that the 10.5 pussycat will have
Classic for me?

Oh, now I remember what I was thinking.  That I wasn't going to trade
up to an Intel box because I'd have to step into a new universe without
my comfort (Classic) programs.  I didn't think to upgrade this
computer.  I should talk this over with the owner of the little Mac
shop in the Big City.  Long drive, but maybe worth it?  Then I can do
the account thing you mention.

geefive wrote:
> In article <f139rf$u17$1@aioe.org>, nospam <nospamatall@iol.ie> wrote:

>> But the attacker never signed any agreement with apple, so they are not
>> violating anyhting. Would you like your machine never to cache or log
>> anything? Then it will stop working.
> 
> How do you figure?  It may need to do something immediately necessary,
> like a cookie that goes away after a session, but I see data kept and
> it makes me wonder who gets to use it if I don't?  I don't use plists
> or log files that I know of, so who does?  I don't use crash logs, so
> who does and how do they get the data?  Through some kind of mining, I
> reckon, which someone said is not the case, with software update.  Or
> with Javascript, which I now have turned off, BTW.

You programs use plists though, to remember settings you don't want to
have to set every time you launch them, stuff like that. Crash log are
there for troubleshooting. You may not use them but if there weren't any
apple would be in a lot of trouble. Caches and log files are cleared out
periodically by the system, so it is a bit like the cookies.

Excellent thing to turn of javascript. Its rare tha there is anything
sensible it is used for. If you use google and youtube a lot, try the
noscript plugin for mozilla (firefox). it's amazing, makes everything go
a lot faster too and easy to just let one site run scripts, temp or
permanent. It blocks flash and java as well. Saves bandwidth. Speeds
things up a lot.

> It may be over the top because it feels like I'm under attack, called
> names, my questions aren't answered so I have to repeat them, then get
> called for browbeating...  hokey smokes, this thread has been a real
> challenge.

Welcome to usenet...

> 
> I'm close to retiring, which means I might be able to live without a
> computer.  That may be the ultimate answer for me.  I'm thinking about
> all of the things I do and try to think of computerless ways of doing
> them, or if all of this computing and connectivity and databanking and
> security are really what I want for my golden years.

Or just don't worry about it. There are a few things you can do to
tighten up your security that aren't too hard, or time consuming, just
pick up what you need at leisure. e.g I have made (using disk utility)
an encrypted disk image which I put everything on that I don't want
open. It uses strong encryption, but you're at the mercy of apple as to
if there's a back door or not. It's good enough for any normal use,if
you use a difficult password (and don't check the 'remember password'
box) it will keep out all but a very skilled, determined and
well-connected attacker. You can tell your mail program, news program
and most other programs to use that mounted image to store your stuff.
That's just an example. You can ask here and in other appropriate fora
if you're having difficulty doing that.

One possible leak form this is the swap files (the virtual memory the
system pages out to disk when it needs more RAM) which if I was really
bothered about, I'm sure I could figure out how to have the system purge
them when I want to, or hourly or whatever, or again, ask somewhere.

I fly off the handle at the slightest thing sometimes, I'm not being
holier-than-thou or anything. The 3rd Mac I got was a 7200. The Internet
was not so old, I had a 28k modem and for the first time had to set up
an Internet connection from my phone line. I'd used other people's till
then. I think it was OS 7.1.1 it came with. The Internet connection
software was broken. I cursed and swore at everyone for about a week as
I slowly discovered that it was not only my ignorance that was making it
difficult, but also Apple's ineptitude. I needed an update which I could
only get online or by posting off (no chequebook, friday night) to get
some floppies sent. I read stuff, and more stuff, dabbled, got it
working for a minute or so, gradually got one piece of software, then it
stayed up longer, then got another and so on. I was seriously pissed. If
I was in cupertino there would have been broken windows for sure.

But after 2 weeks I knew more about how the Internet works than I would
have learned in a 12 month course. There are good things even in the
bad. Not only had I got my connection working but I was able to keep it
working when there were problems later. And fix other people's too.

>>> think a thief with one of these devices would quickly realize that real
>>> value of it lies in the personal data, contacts, product plans, lists
>>> of vendors and contacts.  Heck, someone could start a business with my
>>> data - it's all right there.  And I bought into the Mac because of an
>>> aura of security that no longer exists.

Definitely put that on an encrypted partition with a strong passphrase.
Don't write it down anywhere, make sure you can remember it. Keep a
backup off-site somewhere. Friend's house maybe.

>> Your machine is far more likely to get stolen completely than to be
>> subjected to this. If it is really important to you, start reading about
>> security a lot. Read everything you can find. If this tool makes you
>> unhappy, then Macs and windows machines are not for you and you have a
>> long learning curve ahead.
> 
> Yes, sadly, maybe I could simply ditch the whole computer thing and go
> back to hang gliding.  Or go full-time RV'ing/fishing and give a smile
> and a snurk when I see the busybodies rushing around with their
> notebooks.  This could be one of those epiphany things.  I had one of
> those in Vietnam, so maybe it's time for another.

That does sound attractive. I had a microlight once. Much better than a
computer. Much more expensive in a crash....

>> But as you said before, you wouldn't spend the time to find out, does it
>> surprise you that people don't take you seriously?
> 
> I'm never surprised when people don't take me seriously.

But can you see why? I spose that's what I meant really.
>>> I want to know what those of us who believed in Mac security are
>>> supposed to think or do now in light of this development.

Well, you got your answer in a way... nothing to see here... move
along...  But that wasn't your real question. Security is obviously
important to you, and getting a mac was a good decision for someone
without the time to learn linux etc. Still is. There is nothing better
on the market. It could be better, but not a lot better. You can make it
a lot better with a few precautions. Turning off javascript was a good
one. It might take a little while, but most of the hard work is done for
you on these machines. Stick with it a while, give it a chance. But your
alternatives sound quite enviable.

>> I for one never believed in the kind of security you seem to be alloting
>> to apple's systems. They have never claimed anything of the sort. In any
>> case, security is not a matter of trust, but one of knowledge, and that
>> is not something you get easily.
> 
> Makes sense.  I appreciate your comments.

Glad this is getting somewhere,
Andy

In article <300420071615017946%dave***@balderstone.ca>, Dave
Balderstone <dave***@balderstone.ca> wrote:

> In article <300420071447067438%geefive@geefive.com>, geefive
> <geefive@geefive.com> wrote:
> 
> > Because 10.4 drops Classic and my older apps
> 
> This is nonsense. Classic runs fine on PPC Macs with 10.4.x

Okay, nonsense it is.  My mistake.

geefive wrote:
> In article <WeydnQaZbum1r6vbnZ2dnUVZ_q7inZ2d@comcast.com>, John
> McWilliams <jpmcw@comcast.net> wrote:
> 
>> geefive wrote:
>>> Pretty scary.  My concern is anyone can do this with the device we're
>>> talking about.  I often leave my computer on sleep, which I will not do
>>> anymore.
>> If you double wrap it in heavy guage aluminum foil also, that'll prevent 
>> bogeymen from activating it when it looks like it's shutdown, but is 
>> secretly complying with hackers by booting and sending all sensitive 
>> data to those black vans you see every once in a while.
> 
> I'd do this, but I used the last of my foil to make the tinfoil hat
> someone here suggested that I wear.  Strange, that's when the black van
> left.

Hah! Thanks for having sense of humour/indulging me, unlike the twerp 
posting under pork something.

-- 
john mcwilliams

geefive wrote:

>> Yes it is always possible that holes will appear that can be exploited,
>> but when evaluating a system you don't abandon it because something
>> /might/ happen. The time to abandon it is when things /do/ happen, and
>> happen frequently, or when you hear of many such things from other
>> users. Then you might consider another platform, having checked to see
>> if it is actually any more secure. Otherwise, as someone else said,
>> you're better off not using computers.
> 
> There's a point that's been made a couple of times today.

yeah, you seem to like that one!

geefive wrote:

> "Once the software is run it will extract
> data from the Apple Keychain and system settings in order to provide
> the examiner fast access to the suspect's critical information with as
> little interaction or trace as possible."
> 
> Aren't keys encrypted?

Yeah, that's the bit I don't like. The active user's password. How's it
get that? They puffed it up with a list of things, but really that's the
only one. the rest follows from it easily. I suppose a phone call from a
bogus cop might get their sales dept to tell you?

Andy

Eric Lindsay wrote:

> these, and use secure delete on everything. Enable secure virtual memory 
> and all other security settings in Preferences. Do not use any browser 

Thanks, that's funny, here's me imagining doing an applescript or
something to periodically dump swapfiles, and I haven't looked in
security prefpane since 10.3!

Andy

J.J. O'Shea wrote:

> If you put your sensitive files onto another, external, hard drive, and then 
> lock away that drive then I can't access those files. If you encrypt your 
> sensitive files then I must know how to decrypt them. There are a multitude 
> of ways to encrypt files, singly or in bunches. Apple provides FileVault, 
> which can encrypt your entire home folder. There are other encryption 
> systems. Some don't use KeyChain, so this particular item simply cannot be 
> used against them, you have to decrypt those items the old-fashioned way. 
> Yes, it can be done. No, it is not easy.
> 
Can you opt not to use the keychain, like with an encrypted disk image?
I'd like to know how this prog can get the user password too. Having
this automated in a device does make it a more likely attack because it
lowers the expertise threshold to anyone who can afford 500 dollars (or
whatever a k'd version costs. prob on P2P soon if not already).

Yes I know, turn the thing off or password wake from sleep. Don't log in
with admin account... Easy. Still it's interesting.

Thanks
Andy

nospam <nospamatall@iol.ie> writes:

> geefive wrote:
> 
> > "Once the software is run it will extract
> > data from the Apple Keychain and system settings in order to provide
> > the examiner fast access to the suspect's critical information with as
> > little interaction or trace as possible."
> > 
> > Aren't keys encrypted?
> 
> Yeah, that's the bit I don't like. The active user's password. How's it
> get that? They puffed it up with a list of things, but really that's the
> only one. the rest follows from it easily. I suppose a phone call from a
> bogus cop might get their sales dept to tell you?
> 

Yes, if they really do get the user password, that would seem to be a
hole that should be plugged.   To tell the truth, I'm a bit skeptical.

-- 
    Bill Mitchell
    Dept of Mathematics,        The University of Florida
    PO Box 118105, Gainesville, FL 32611--8105
    mitchell@math.ufl.edu	(352) 392-0281 x284

In article <300420071518532106%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> Because at some point it was said that Classic was being dropped from
> the OS, but I didn't realize that PPC owners would have it in there
> even though the very same OS did not have it for Intel Macs.  I thought
> it was across the board.  Now I can go out and buy 10.4 now that it's
> in a mature state.  Does this mean that the 10.5 pussycat will have
> Classic for me?

I don't think Apple has said one way or the other at this point 
regarding Classic on Mac OS X 10.5 on PowerPC. I seem to recall a few 
rumors it was being dropped, but they were from even less credible 
sources than usual. On the other hand, there seem to be some pretty big 
changes in 10.5, and it's not impossible that Classic will break somehow 
and Apple can't/won't fix it.

G.T. wrote:

> It has nothing to do with reverse engineering.  Just stop, please, no
> one needs Apple's permission to write a freakin' utility, it doesn't
> mimic the OS, it's just an overpriced utility that collects things that
> anyone could collect if they were sitting at the computer.
> 
> Greg

Well, there is a difference. With one of these, I could do that. So
could loads of other people. Without one... nope. I know all the other
stuff about not leaving it open to attack in the first place being easy.
Just a minor point.
Andy

On 2007-04-30 16:47:06 -0500, geefive <geefive@geefive.com> said:

> In article <2007043015302076236-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
>> On 2007-04-30 15:03:10 -0500, geefive <geefive@geefive.com> said:
>> 
>>>>> And with all of the
>>>>> capabilities of OSX, the latest versions do not allow me to run Classic
>>>>> apps.  Half of my use is Classic.
>>>> 
>>>> Mac OS X 10.4.9 runs Classic fine.  You must mean that Intel Macs don't
>>>> run Classic.  That's true, but then for Intel Macs, there's
>>>> SheepShaver, which works fine for the most part:
>>>> 
>>>> <http://www.macupdate.com/info.php/id/20615>
> 
> As long as I can live with 10.3.9, I have Classic and don't have to buy
> anything else to run the programs I have already paid for.

Classic is alive and well in 10.4, contrary to your assertion.  I use 
Classic almost daily in 10.4.

>>> Classic has worked flawlessly for me.  I don't know why Apple does not
>>> continue to support my old apps.
>> 
>> You just said you are able to run your classic apps in Classic, right?
>> I'm confused as to what you are complaining about.
> 
> I haven't upgraded to 10.4 yet and now it looks like another version is
> coming along and I'll be yet further behind.

That's nobody's fault but your own.

> Meanwhile, the magazines
> are all 10.4, so I'm not buying those anymore.  I'm getting left behind
> because I want to use Classic (and not some expensive and feeble
> attempt to do the same thing).

No, you're getting left behind because for some reason you seem to 
think that Classic doesn't work with 10.4, which couldn't be farther 
from the truth.

Again, I use Classic in 10.4 daily. It comes with 10.4 and works great 
- probably better than 10.3 considering all the bug fixes Apple has 
done with regards to Classic since 10.4 was initially released.

>>> If they can make the Mac use apps
>>> from the evil empire, then why not Classic apps?
>> 
>> You just said Classic works flawlessly for you.  I don't get it.  What
>> am I missing?
> 
> Because 10.4 drops Classic and my older apps (like this ne YA
> Newswatcher 4.1.1, or Eudora 1.5.2 (and a bunch of other programs) will
> have to be shelved.  Why?  So I can support the enemy Intel?

10.4 does *not* drop Classic - what ever gave you such an idea?  
Classic comes with 10.4 and works great!

BTW, the apps you named have been updated to run without Classic for 
some time - so there's really no need to run older versions in Classic:

<http://www.macupdate.com/info.php/id/7174/mt-newswatcher-x>
<http://www.macupdate.com/info.php/id/7107/eudora-x>

You're really missing out if you are hanging onto old, obsolete 
versions of these programs...

>>> It's the main reason
>>> I haven't upgraded from 10.3.9.  I think it's a reason why a lot of
>>> people haven't upgraded.
>> 
>> Classic is why you haven't upgraded to Mac OS X 10.4.x?  But Classic
>> works *fine* in 10.4.x.  I can't think of a reason for you not to
>> upgrade to 10.4 regarding Classic.
> 
> I'll check it out.

There's nothing to check out - it's the truth.

>> Only those Mac users with **Intel** Macs have to resort to using SheepShaver.
> 
> If Sheepshaver can do it, then why can't Apple?

Apple has no *interest* in writing a Classic emulator. Not when the 
overwhelming majority of Mac applications now work natively in Mac OS 
without Classic.  It's not in Apple's best interests, plain and simple.

> because they needed programmers for iPods?

No. Because Apple declared Mac OS 9 dead five years ago, and we've all 
moved on to something better - Mac OS X.

> Shoot, you won't catch me supporting that,
> either.

You won't support SheepShaver, an open source project written by Mac 
software developers that works amazingly well, all things considered, 
because it's not written by Apple?  So be it.

> Apple should concentrate on computers and spin off phones,
> pods, TV stuff, and anything else that isn't computer hardware and
> software.

Steve Jobs will certainly disagree with you. ; )  So would I and a lot 
of other die-hard Mac users.  It's easy to see Apple's doing the right 
thing right now.  Their new focus has turned the company into a 
complete success, and I like it that way, personally.

-- 
JR

On 2007-04-30 16:03:09 -0500, pokhara <sam1967paypal@googlemail.com> said:

> is there an application for osx which blocks access to the USB ports
> unless a password is entered ?

Sorry, I've never really needed such a thing, so I've never looked for 
it.  It may exist, but I would just do what anyone else would do - 
search the web and Mac software repositories like http://macupdate.com 
and http://versiontracker.com.

Why would you want to block / lock USB ports on your computer?  Oh you 
are worried about MacLockPick?  I seriously doubt MacLockPick can do 
anything at all if you aren't already logged in with the screen 
unlocked. Someone can correct me if I am wrong:  I believe ever since 
the silly Mac OS 9 Autostart-9805 virus appeared in 1998, Apple has not 
supported CD auto start (auto run, whatever) in Mac OS. I doubt 
inserting a USB device into the USB port of a Mac running Mac OS X will 
cause a program on the USB device to run.

-- 
JR

On 2007-04-30 17:18:53 -0500, geefive <geefive@geefive.com> said:

> In article <2007043015552044096-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
>>> classic does not work on intel macs nor will it work in leopard, so
>>> your concern is somewhat valid, however, it is a bit premature.
>> 
>> What makes you think Classic won't work in Leopard on PowerPC Macs?
> 
> Because at some point it was said that Classic was being dropped from
> the OS, but I didn't realize that PPC owners would have it in there
> even though the very same OS did not have it for Intel Macs.

Whoever told you that was wrong. Apple simply stated that Classic won't 
work on Intel hardware, naturally -  it would require them to rewrite 
it as an emulator, and Mac OS 9 has been declared dead for years.

> I thought it was across the board.  Now I can go out and buy 10.4 now that it's
> in a mature state.  Does this mean that the 10.5 pussycat will have
> Classic for me?

Apple has not announced that Classic is going away in 10.5, so I think 
it will still be there.

> Oh, now I remember what I was thinking.  That I wasn't going to trade
> up to an Intel box because I'd have to step into a new universe without
> my comfort (Classic) programs.  I didn't think to upgrade this
> computer.  I should talk this over with the owner of the little Mac
> shop in the Big City.  Long drive, but maybe worth it?  Then I can do
> the account thing you mention.

you can switch your account to non-admin now.  And I would advise that 
you not wait for that.

As far as upgrading your existing Mac, yeah you could probably do some 
things to speed it up a bit.  What model Mac do you have exactly?  How 
much RAM is in it?  How much hard drive capacity is free?  Note that at 
some point, upgrades will end up costing you more than a new computer 
would, and an upgraded Mac will never be as fast as a new Mac.  Also, 
you might want to consider purchasing a newer model PowerPC Mac on eBay 
or something too.

-- 
JR

On 2007-04-30 18:35:00 -0500, Steven Fisher <sdfisher@spamcop.net> said:

> In article <300420071518532106%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
>> Because at some point it was said that Classic was being dropped from
>> the OS, but I didn't realize that PPC owners would have it in there
>> even though the very same OS did not have it for Intel Macs.  I thought
>> it was across the board.  Now I can go out and buy 10.4 now that it's
>> in a mature state.  Does this mean that the 10.5 pussycat will have
>> Classic for me?
> 
> I don't think Apple has said one way or the other at this point
> regarding Classic on Mac OS X 10.5 on PowerPC. I seem to recall a few
> rumors it was being dropped, but they were from even less credible
> sources than usual. On the other hand, there seem to be some pretty big
> changes in 10.5, and it's not impossible that Classic will break somehow
> and Apple can't/won't fix it.

I think it'll be there in 10.5, but I also think you are right - the 
writing has been on the wall for some time regarding Classic. At some 
point in the near future, Apple will consider it too costly to maintain 
and will probably simply drop it altogether,

-- 
JR

pokhara wrote:
>>> or maybe you could be distracted by a criminal gang in a hotspot long
>>> enough for them to steal your data.
>> This device will not work over a wireless connection. It needs to be inserted
>> into a USB port.
>>
> you must be one stupid bastard.
> 
> what did you think i thought they did with a fucking usb stick.
> 
> stick it up their fucking arse.
> 
> they could still stick it in your fucking usb port if they distracted
> you , you fucking dense oirish sack of potatoes.
> 
> that felt good.

so by hotspot you mean, like Baghdad, or somewhere like that?

On 2007-04-30 17:04:39 -0500, geefive <geefive@geefive.com> said:

> In article <2007043015422214181-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
>> First, open and unlock the System Preferences > Accounts panel.
>> Next, create a new administrator account:
>> Next, remove administrator abilities from your normal user account:
> 
>> That's it. Now whenever you are asked for an administrator account's
>> credentials, you can enter user name "Administrator" (or "admin") and
>> the associated secure password.
> 
> Nice.  Now tell me again why I'm doing this.  It sounds good, but I'm
> not clear on the benefits of it.  Is this going to keep someone from
> accessing my data or just make it harder to do so?  I reckon that I'll
> still be using the same account I am now and just shifting
> administrator privileges to another account... which will make me more
> secure how?

It protects your system from mistakes you may make. If you do something 
that compromises the security of your user account, the integrity of 
the rest of the system is maintained, because stuff you do in a 
non-admin account can't change things in the system that an 
administrator would be able to change.

A perfect example is the most recent "mac hacked" headlines we've seen 
in the Mac press of late. The person who broke into the Mac did so with 
a specially-crafted web page. A link to the web page was sent in an 
email message to the Mac, and when the non-admin user clicked the link, 
he was compromised. But because he was using a non-admin user account, 
the attacker did not gain root privileges on the system, and was only 
able to modify files in that user's non-admin account as a result. The 
rest of the system was not compromised.

<http://www.macobserver.com/article/2007/04/23.1.shtml>

> Sorry, these are things I just don't think about or work with, so I get
> confused easily.  The procedure you outlined seems specific and
> understandable, though, so I appreciate your taking the time to run it
> down for me.

My recommendation is to go ahead and do it ASAP.  There's really no 
reason not to do it now.

-- 
JR

On Mon, 30 Apr 2007 17:48:25 -0400, William Mitchell wrote
(in article <y9d4pmxr0t2.fsf@hotel.math.ufl.edu>):

> J.J. O'Shea <try.not.to@but.see.sig> writes:
> 
>>> 
>>> is there an application for osx which blocks access to the USB ports
>>> unless a password is entered ?
>>> 
>>> such software exists for windows.
>>> 
>> 
>> Google is your friend, you incredibly silly individual.
> 
> I assume that this is your way of saying "I don't know".
> 
> 

You assume incorrectly. You have mail.

-- 
email to oshea dot j dot j at gmail dot com.

On Mon, 30 Apr 2007 19:24:14 -0400, nospam wrote
(in article <f15tr7$evm$1@aioe.org>):

> J.J. O'Shea wrote:
> 
>> If you put your sensitive files onto another, external, hard drive, and 
>> then 
>> lock away that drive then I can't access those files. If you encrypt your 
>> sensitive files then I must know how to decrypt them. There are a multitude 
>> of ways to encrypt files, singly or in bunches. Apple provides FileVault, 
>> which can encrypt your entire home folder. There are other encryption 
>> systems. Some don't use KeyChain, so this particular item simply cannot be 
>> used against them, you have to decrypt those items the old-fashioned way. 
>> Yes, it can be done. No, it is not easy.
>> 
> Can you opt not to use the keychain, like with an encrypted disk image?

<http://www.welovemacs.com/sk1101.html> is one product that does encryption 
without using the Keychain.

> I'd like to know how this prog can get the user password too.

Damn good question. I've got no idea.

> Having
> this automated in a device does make it a more likely attack because it
> lowers the expertise threshold to anyone who can afford 500 dollars (or
> whatever a k'd version costs. prob on P2P soon if not already).
> 
> Yes I know, turn the thing off or password wake from sleep. Don't log in
> with admin account... Easy. Still it's interesting.

Security is a matter of risk vs reward. If you set the security bar too high, 
no-one uses security at all. (See further Windows Vista...) If you set the 
bar too low, it's a free-for-all. (See further WEP 'security'...) Now, I'm 
confident that no-one's gonna break into my home machine, so it's on most of 
the time. I'm confident that the physical security at work is sufficient to 
keep bad guys from outside out, and that if there's a bad guy on the inside 
who can get into the admin room, we've got other problems. Most of my travel 
is relatively local, in-state mostly, so I go by car and avoid the whole 
airport thing. I haven't set foot on a plane in months. My travel kit is 
fairly secure, mostly against thieves rather than Feds.

Besides, if the Feds want in, nothing I have will stop them. That's a simple 
fact.

> 
> Thanks
> Andy



-- 
email to oshea dot j dot j at gmail dot com.

In article <300420071409402380%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <2007043014291845162-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
> > On 2007-04-30 14:19:09 -0500, geefive <geefive@geefive.com> said:
> > > My router has a file on it that logs stuff.  I say stuff because I
> > > don't understand it.  Maybe I should take a look at that again and try
> > > to figure it out.  I don't look at it because I have javascript
> > > disabled and that's the only way it will show.
> > 
> > Post some of it here and we'll explain it to you if you want.
> 
> I will when I have a busy day and the router collects some data. 
> Trouble is, I turn it off at night (wipes the log) and it gets turned
> off sometimes during the day and reset because it needs it when I try
> to go to a website but forget to turn the modem on first.  Things get
> confused and I have to turn off the modem and router then fire them
> back up again to eliminate whatever confusion (maybe TCP) prevents them
> from working together.

Most routers should be able to run for months at a time without any need 
to be reset or turned off. Naturally if you prefer to save a little 
power when you are not using it overnight, it doesn't do any harm to 
switch it off. 

If you are concerned with security, posting some of the router log in 
the newsgroup is a good way to get a few explanations. Routers can also 
be handy for blocking some advertising so the more annoying companies 
don't show up when you are surfing the web.

-- 
http://www.ericlindsay.com

In article <300420070923561158%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> BTW, I recently looked into trading in my G5 and the company that does
> the deal says they take the hard drive and do a "root erase" before
> selling it to anyone else.  Is there a (freeware?) utility I can use
> that does this?  Nothing I have mentions being able to do a root erase.

Root erase sounds like a marketing name for what you can easily do 
yourself with the Disk Utility that comes with OS X. Now DON'T 
experiment with this, but you simply boot from your OS X CD (or these 
days DVD) and run Disk Utility. If you are paranoid about security, and 
suspect the NSA are after your data, choose the 7 pass or 35 pass erase 
(may take days). Instructions on the Apple site, and also here 
http://www.udel.edu/pnpi/tools/erase/mac/erasedisk.html

You can buy commercial products like http://www.jiiva.com/superscrubber/ 
to do much the same job but I don't believe they are any more effective.

Personally, if I were updating to a new Macintosh, I would be wanting to 
take advantage of Migration Assistant to move my old files to the new 
Macintosh before getting rid of the old model. 
http://www.apple.com/pro/tips/migration.html Just one of many advantages 
to Tiger.

Perhaps the Apple dealer offers that service as well?

-- 
http://www.ericlindsay.com

In article <300420071057087498%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article
> <NOwebmasterSPAM-53A5A6.18331830042007@freenews.iinet.net.au>, Eric
> Lindsay <NOwebmasterSPAM@ericlindsay.com> wrote:
> 
> > If you run as a standard account (as anyone concerned with security 
> > would), and don't enable that account for sudo...
> 
> You've lost me.  Sudo is not in my book.  And standard account is not
> in my Panther book either.  By that do you mean an account other than
> the admin account?

Jolly Roger has answered this at least as well as anything I could write.

Just basically take our word that having both an Admin, and a Standard 
account is a good idea. Further, that using your Macintosh pretty much 
exclusively from the Standard account is safer than using the Admin 
account. Take it as accumulated wisdom of Unix users going back decades. 

Oh yes, you should also make sure the name of the Admin account is 
something very different to Admin. Use a difficult password. Apple's 
password assistant can help you pick one (using two unrelated words that 
are not in a regular dictionary, with some letters UPPER case and some 
not, plus some numerals and some characters other than A-Z is a good 
starting point). In System Preferences, Accounts, click Change Password, 
and then right next to the New Password box, click the little key. That 
brings up Apple's Password Assistant. Use the manual mode to check your 
trial passwords. http://www.apple.com/macosx/tips/password13.html

Opps, maybe Panther doesn't have Password Assistant. Might be Tiger only.

At the same time, you might want to change your account settings so that 
you don't automatically log in. The display login window should simply 
ask for a name and password, not show a list of users, and you might get 
rid of the Show Restart, Sleep and Shutdown buttons. Do not show 
password hints. Enable fast user switching, but have it show only icons, 
not names.

-- 
http://www.ericlindsay.com

On 2007-05-01 02:20:17 -0500, pokhara <sam1967paypal@googlemail.com> said:

>> From their website
> 
> http://www.subrosasoft.com/OSXSoftware/index.php?main_page=product_info&cPath=200&products_id=195

The 
> 
> investigation process is a simple 4-step procedure:
> 
>     *   Insert the MacLockPick flash drive into your suspect's
> computer
>     * Double Click on the MacLockPick Application
>     * Eject the MacLockPick flash drive from your suspect's computer
>     * Return to the Pentagon and Bomb Iran (oops I made the last step
> up ) .
> 
> So it appears the system has to be logged-in and unlocked and the
> attacker/data thief has to actually run the MacLockPick application
> from the mounted USB drive.

As I suspected all along! As others have already theorized, this is 
just a tool that automated what you might normally do manually.

-- 
JR

On 2007-05-01 02:20:17 -0500, pokhara <sam1967paypal@googlemail.com> said:

> We can all sleep easy.

I've had eight Macs on the net 24/7 for years - and I slept like a baby 
last night.

: D

-- 
JR

On 2007-04-30 21:33:01 -0500, J.J. O'Shea <try.not.to@but.see.sig> said:

>> I'd like to know how this prog can get the user password too.
> 
> Damn good question. I've got no idea.

It can only get any information if you are logged in with the screen 
unlocked when you manually launch the program.

-- 
JR

In article <f15q66$2pb$1@aioe.org>, nospam <nospamatall@iol.ie> wrote:

> Excellent thing to turn of javascript. Its rare tha there is anything
> sensible it is used for. 

I have this theory.  It first manifested itself in the form of the
"club cards" for grocery stores and such.  I think it began with a
professor or maybe a TA at UCLA or Stanford.  They had the club card
idea and began teaching it ti students, and then the students went out
into the business world and the club card became a reality all of a
sudden.  Well, Javascript is the same thing.  Something that was
invented where there are a lot of tekkies (you know where) so it became
the big next great thing.  All of these IT types get the Javascript
course and then feel like they have to use it.  But people can write
malicious scripts with it as well.  

You can't really screw people up too much with HTML 3.2 or 4.whatever. 
On my web page, you must turn Javascript off in order to get in.  And
when I go to a site and can't follow a link they have because it's a
script, I type "screwjavascript" into the address bar and enter that
about ten times so the guy looking at stats will notice it.  I would
say that I am javascript averse.  I can't tell you how many product
pages I go to where I'm enticed to click to the actual product
description and it's hidden behind a script and won't work for me
because I have Javascript disabled -- goodbye, on to the next web page.

> There are a few things you can do to
> tighten up your security that aren't too hard, or time consuming, just
> pick up what you need at leisure.

S'what I'm doing.  I have been keeping a text file with some of the
tips and procedures in it that I'm getting here -- thanks, everyone.

> One possible leak form this is the swap files (the virtual memory the
> system pages out to disk when it needs more RAM) 

2.5 GB of RAM probably takes care of it, eh?
> 
> I fly off the handle at the slightest thing sometimes, I'm not being
> holier-than-thou or anything. The 3rd Mac I got was a 7200. The Internet
> was not so old, I had a 28k modem and for the first time had to set up
> an Internet connection from my phone line. I'd used other people's till
> then. I think it was OS 7.1.1 it came with. The Internet connection
> software was broken. I cursed and swore at everyone for about a week as
> I slowly discovered that it was not only my ignorance that was making it
> difficult, but also Apple's ineptitude. I needed an update which I could
> only get online or by posting off (no chequebook, friday night) to get
> some floppies sent. I read stuff, and more stuff, dabbled, got it
> working for a minute or so, gradually got one piece of software, then it
> stayed up longer, then got another and so on. I was seriously pissed. If
> I was in cupertino there would have been broken windows for sure.

I think we all had our trials and tribulations with TCP/IP, early
modems, speeds, etc.  My big battle was with the phone company and
their noisy lines.  It killed me to see them continually upgrade some
while leaving others behind.  In town they got successive upgrades to
14.4, then 28.8, then 56k while leaving the rest of us out in the cold. 
My thought was they should upgrade when and where they want, but once
done they should upgrade everyone else before upgrading their choice
area again.  The regulators didn't agree.  I tried to make the point
that customers who get repeated upgrades are unfairly subsidized by
those who don't get any upgrades since we all pay the same.

> But after 2 weeks I knew more about how the Internet works than I would
> have learned in a 12 month course. There are good things even in the
> bad. Not only had I got my connection working but I was able to keep it
> working when there were problems later. And fix other people's too.

Since I have ever had only one friend in the beginning who used a Mac,
we could talk over our mutual concerns.  Then his kid stated building
peecees and he went that route.  Since then, I've had to do everything
myself since there are no Mac businesses in the county.  Fortunately, I
have had good luck in the Mac groups, mainly mac.apps.  Now here.
 
> Definitely put that on an encrypted partition with a strong passphrase.
> Don't write it down anywhere, make sure you can remember it. Keep a
> backup off-site somewhere. Friend's house maybe.

I'm headed to the big city today to get a new hard drive to replace the
old horse in bay one, and buy a fresh copy of 10.4.  This will let me
start over and build in some of the security tips I've picked up here
before getting fully involved with it.
> 
> >> Your machine is far more likely to get stolen completely

That's where my head is.  Where I live, there's a lot of breakins, meth
use, and like that.  But it's all on the other side of the freeway,
fortunately.  But if the economy softens a little (or a lot, like I
think it will) then my situation could change in a hurry.  I'm
beginning to see changes.  Cars I've never seen before nosing around
the neighborhood.  People coming in during the night to use our
dumpsters, more in the way of thumping music and harley davidsons.  And
now an increase in apartment construction, which sometimes brings in a
different element... in this case, one complex is rent subsidized and a
lot of families with children moved over from the other side of the
freeway.  I hope they're here to escape the other area and not to come
prey on us.

> >> surprise you that people don't take you seriously?
> > 
> > I'm never surprised when people don't take me seriously.
> 
> But can you see why? I spose that's what I meant really.

Because I'm security conscious?  Because I like Macs for not having to
worry about a lot of stuff people do who use the other platform, and
suddenly I sense that security is a bigger problem than I knew? 
Because I don't resort to profanity and/or personal attack?

> >> I for one never believed in the kind of security you seem to be allotting
> >> to apple's systems. They have never claimed anything of the sort. In any
> >> case, security is not a matter of trust, but one of knowledge, and that
> >> is not something you get easily.
> > 
> > Makes sense.  I appreciate your comments.
> 
> Glad this is getting somewhere,

I had trust, now I have (a little) knowledge.  Looks like I have lots
to do.  But first I need to find a way to get out of this thread so
everyone can go back to whatever they were doing before I came along. 
But I might stay for a while, if only to irk the ones who thing I'm a
nutcase.

TTFN

In article <f15q98$2pb$2@aioe.org>, nospam <nospamatall@iol.ie> wrote:

> geefive wrote:
> 
> >> Otherwise, as someone else said,
> >> you're better off not using computers.
> > 
> > There's a point that's been made a couple of times today.
> 
> yeah, you seem to like that one!

When I replaced my typewriter with a Brother electric (had a screen and
floppy disks), my productivity expanded 10-fold.  Then, when I got the
P-200, it expanded another to-fold.  These productivity increases were
due to being able to prepare and print documents more quickly as well
as improvements in filing (disk storage).  But, over the years, the
computer has become a tool that's made its way into virtually every
aspect of my life.  

I've been taken over.  But once I began thinking about all of the
security issues (and remedies suggested here), I thought about times
when I had no computer and did less because I was less productive.  Now
that productivity will be less and less by choice in the future, will
the computer work it's way into my leisure and continue to run my life?

So I'm at the beginning of what may become a cascade effect of
lessening computer use that could result in the setting of strict
limits leading possibly to a leap back to times when I had no computer
at all.  Maybe I'm over the top and starting down.  I don't need a
computer to see my photos, although the family will no longer have
someone scanning putting our pictures on my web page for everyone to
have.  Rather than upgrading to the Quad-Pro, maybe I could just buy
one of the printers that does this and cuts disks.  My taxes should be
simplified and I can prepare a return without TurboTax.  I won't be
able to go to these Mac groups for help... but why would I need to. 
It's a cascade effect.  If I think of ways I don't need to use a
computer, then more become apparent.

For the first time in my life I feel like undoing something major and
simplifying things.  I don't want to die and leave hundreds of gigs of
files on my computer and on backup disks for my brothers to have to
deal with after I'm gone or, heaven forbid, I become incapacitated or
incompetent.  

Methinks I'm not the only one who has these thoughts.  For once, I envy
my friends who haven't had any computer at all because they can work in
their gardens and travel instead of having to deal with gobs of data
and trying to figure out which to pass on and which to discard.  I've
already stopped making websites and I've passed along that data to the
people for whom I ceaselessly toiled helping to sell products.

Note: stop reading here if you don't want to read lot of OT stuff..

I don't know where this is going yet, really, but I feel my mortality
and some changes, some drastic, are in store for me (and for us all) in
coming years.

Right now, my biggest worry is economic stability (or lack thereof)
when I'm on a fixed income.  My worry is all of this debt that's
allowed people to use their houses as ATM machines, and debts and
deficits, and the big financial bubble that's developed, will resolve
itself in ways that don't favor the currency or economic stability. 
And there's not a dang thing I can do about it, except maybe to adjust
to a low and trending lower standard of living.

I can't imagine what Apple Computer will do when people cut back on
iPods and computers.  They may fare better with massive layoffs and
sticking to computers and the OS, but I think that many other peecee
makers will die off because their business models depend on economies
of scale and razor-thin margins.  Apple will survive a 10 percent cut
in computer sales, but a lot of businesses that depend on continual
expansion and growth will find their ponzi-scheme-like attitudes and
practices will result in crashing stock prices, defaulted debt, and
insolvency.

My dad, who passed away a few years ago, lived through the Great
Depression as a teenager.  He said that we will have quite a different
situation when the ball starts rolling downhill again because people
had stronger values in the Great Depression, and one could walk down
most streets in America then and feel safe.  Our future in a Great
Depression The Sequel will be far less palatable.

Sorry for the OT discussion.  I'll stop it here.

In article <f15qh8$40c$1@aioe.org>, nospam <nospamatall@iol.ie> wrote:

> geefive wrote:
> 
> > "Once the software is run it will extract
> > data from the Apple Keychain and system settings in order to provide
> > the examiner fast access to the suspect's critical information with as
> > little interaction or trace as possible."
> > 
> > Aren't keys encrypted?
> 
> Yeah, that's the bit I don't like. The active user's password. How's it
> get that? They puffed it up with a list of things, but really that's the
> only one. the rest follows from it easily. I suppose a phone call from a
> bogus cop might get their sales dept to tell you?
> 
> Andy

Here's a scenario.  They use the new device not to crack the password
but to substitute another.  Then when they give the computer back to
you, you'll need to buy one of the devices to change your password
back.  Nice sales plan.

In article <sdfisher-89D4E2.16345530042007@shawnews.vc.shawcable.net>,
Steven Fisher <sdfisher@spamcop.net> wrote:

> I don't think Apple has said one way or the other at this point 
> regarding Classic on Mac OS X 10.5 on PowerPC. I seem to recall a few 
> rumors it was being dropped, but they were from even less credible 
> sources than usual. On the other hand, there seem to be some pretty big 
> changes in 10.5, and it's not impossible that Classic will break somehow 
> and Apple can't/won't fix it.

Well, I hope you're wrong.  Given the mindset that resulted in the
switch to Intel, any kind of surprise is possible :-(

t fine1
> > If Sheepshaver can do it, then why can't Apple?

> Apple has no *interest* in writing a Classic emulator. Not when the 
> overwhelming majority of Mac applications now work natively in Mac OS 
> without Classic.  It's not in Apple's best interests, plain and simple.

I hear that half of the user base is still using non-Intel Macs.  And a
lot of it has to do with applications.

> Apple declared Mac OS 9 dead five years ago, and we've all 
> moved on to something better - Mac OS X.

Not all of us, apparently.  I like the way OS 9 runs flawlessly in
Classic.  I don't see any reason to stop using Classic apps and I think
it was a mistake for Apple to say, "Hey, we can make windoze work with
apps not owned by Mac users but we'll scuttle the investment people
have in our own stuff by eliminating a great app like Classic."

> You won't support SheepShaver, an open source project written by Mac 
> software developers that works amazingly well, all things considered, 
> because it's not written by Apple?  So be it.

Why should I buy an app like that when it should come with the OS?  If
Apple bundles it, then I'll change my mind.  I don't expect to have an
app that allows me to use the Apple-II stuff I have, but that would be
nice, too.  It's a computer.  It should compute Apple-II stuff just
fine, and everyprogram from every Apple computer ever made! 
 
> > Apple should concentrate on computers and spin off phones,
> > pods, TV stuff, and anything else that isn't computer hardware and
> > software.
> 
> Steve Jobs will certainly disagree with you. ; )  So would I and a lot 
> of other die-hard Mac users.  It's easy to see Apple's doing the right 
> thing right now.  Their new focus has turned the company into a 
> complete success, and I like it that way, personally.

I would rather they made their own chips for Macs instead of going into
consumer electronics.  But that's a strategic decision and it seems
that Jobs is doing the right thing - now.  When economic changes come
our way, then we'll see if the strategy was good in the long term.

In article <200704302003046636-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> What model Mac do you have exactly?  How 
> much RAM is in it?  How much hard drive capacity is free?  Note that at 
> some point, upgrades will end up costing you more than a new computer 
> would, and an upgraded Mac will never be as fast as a new Mac.  Also, 
> you might want to consider purchasing a newer model PowerPC Mac on eBay 
> or something too.

G5 Dual 2.5 with 2.5 gigs of Ram and 23" Studio.  So I think I'm set
for some time to come.  It'll make a great boat anchor someday.

In article <2007043021135632087-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> On 2007-04-30 17:04:39 -0500, geefive <geefive@geefive.com> said:
> > Nice.  Now tell me again why I'm doing this.
> 
> It protects your system from mistakes you may make. If you do something 
> that compromises the security of your user account, the integrity of 
> the rest of the system is maintained, because stuff you do in a 
> non-admin account can't change things in the system that an 
> administrator would be able to change.
> 
> A perfect example is the most recent "mac hacked" headlines we've seen 
> in the Mac press of late. The person who broke into the Mac did so with 
> a specially-crafted web page. A link to the web page was sent in an 
> email message to the Mac, and when the non-admin user clicked the link, 
> he was compromised. But because he was using a non-admin user account, 
> the attacker did not gain root privileges on the system, and was only 
> able to modify files in that user's non-admin account as a result. The 
> rest of the system was not compromised.
> 
> <http://www.macobserver.com/article/2007/04/23.1.shtml>

One question I have is can it be changed back?  I don't know why I
would do that, but it crossed my mind that I might not be able to
recover from this if I need to.

In article <010520071059265793%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> > > If Sheepshaver can do it, then why can't Apple?
> 
> > Apple has no *interest* in writing a Classic emulator. Not when the 
> > overwhelming majority of Mac applications now work natively in Mac OS 
> > without Classic.  It's not in Apple's best interests, plain and simple.
> 
> I hear that half of the user base is still using non-Intel Macs.  And a
> lot of it has to do with applications.

I'd bet it's more than half, and I'd further bet that the typical case 
is not that people are being held back by the lack of availability of 
native builds but simply don't have an urgent need to replace the 
machine they have. I went out of my way to get a MacBook because as a 
developer I need to have an Intel machine to test on. But I can't even 
estimate for you when I expect to replace my PPC desktop.

> > You won't support SheepShaver, an open source project written by Mac 
> > software developers that works amazingly well, all things considered, 
> > because it's not written by Apple?  So be it.
> 
> Why should I buy an app like that when it should come with the OS?

1. It's freeware.
2. What "should" come with the OS are the components that will by 
various means generate sufficient revenue to pay for the resources spent 
to implement them. It's not clear that as of the introduction of 
x86-based Macs about a year ago that continuing to support software that 
hadn't been updated in the prior 6 years met that criteria.

G

On Tue, 1 May 2007 13:24:04 -0400, geefive wrote
(in article <010520071024048192%geefive@geefive.com>):

> In article <f15qh8$40c$1@aioe.org>, nospam <nospamatall@iol.ie> wrote:
> 
>> geefive wrote:
>> 
>>> "Once the software is run it will extract
>>> data from the Apple Keychain and system settings in order to provide
>>> the examiner fast access to the suspect's critical information with as
>>> little interaction or trace as possible."
>>> 
>>> Aren't keys encrypted?
>> 
>> Yeah, that's the bit I don't like. The active user's password. How's it
>> get that? They puffed it up with a list of things, but really that's the
>> only one. the rest follows from it easily. I suppose a phone call from a
>> bogus cop might get their sales dept to tell you?
>> 
>> Andy
> 
> Here's a scenario.  They use the new device not to crack the password
> but to substitute another.  Then when they give the computer back to
> you, you'll need to buy one of the devices to change your password
> back.  Nice sales plan.

Sigh. You don't need to buy anything so long as you keep your system boot 
disc handy. Boot from that disc, and you can change the password to whatever 
you like, without knowing the old password. Every Mac ships with a system 
disc. If you don't have the system disc anymore, but do have a retail OS X 
install disc, boot from that instead. If you don't have a system disc or a 
retail disc but do have another Mac, attach the hacked Mac to the other one 
with a FireWire cable and boot the hacked Mac in FireWire Target Mode. The 
hard drive on the hacked Mac is treated as an external hard drive by the 
other Mac and all the (non-encrypted) files are available. Or you could take 
the drive out of the hacked Mac and put it into another Mac (or a Windows box 
which has MacDrive or something similar installed) and the drive from the 
hacked Mac _is_ a secondary drive on the other machine.

If all you want to do is get onto a machine and you don't care if it's 
obvious that you were there, and you have physical access to the machine, 
there are a multitude of ways to do it.


-- 
email to oshea dot j dot j at gmail dot com.

In article <2007050108510972213-jollyroger@nullorg>,
Jolly Roger  <jollyroger@null.org> wrote:
>On 2007-05-01 02:20:17 -0500, pokhara <sam1967paypal@googlemail.com> said:
>
>> We can all sleep easy.
>
>I've had eight Macs on the net 24/7 for years - and I slept like a baby 
>last night.

Somewhat colicy? :-)

On Tue, 1 May 2007 09:52:28 -0400, Jolly Roger wrote
(in article <2007050108522849695-jollyroger@nullorg>):

> On 2007-04-30 21:33:01 -0500, J.J. O'Shea <try.not.to@but.see.sig> said:
> 
>>> I'd like to know how this prog can get the user password too.
>> 
>> Damn good question. I've got no idea.
> 
> It can only get any information if you are logged in with the screen 
> unlocked when you manually launch the program.
> 
> 

Ah. Well, I have the system set to require a password when coming back from 
the screen saver, and I almost always set the screen saver when I'm going to 
be away from the machine but must leave it on. This device won't work on my 
machine, then.

-- 
email to oshea dot j dot j at gmail dot com.

On 2007-05-01 14:55:49 -0500, mikePOST@TOGROUPmacconsult.com (Mike 
Rosenberg) said:

> Jolly Roger <jollyroger@null.org> wrote:
> 
>> I've had eight Macs on the net 24/7 for years - and I slept like a baby
>> last night.
> 
> You woke up crying and had to be fed or changed every several hours?
> ;-)

haha  : )  Okay, okay, I slept like a rock.  : D

-- 
JR

On 2007-05-01 13:07:56 -0500, geefive <geefive@geefive.com> said:

> In article <2007043021135632087-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
>> On 2007-04-30 17:04:39 -0500, geefive <geefive@geefive.com> said:
>>> Nice.  Now tell me again why I'm doing this.
>> 
>> It protects your system from mistakes you may make. If you do something
>> that compromises the security of your user account, the integrity of
>> the rest of the system is maintained, because stuff you do in a
>> non-admin account can't change things in the system that an
>> administrator would be able to change.
>> 
>> A perfect example is the most recent "mac hacked" headlines we've seen
>> in the Mac press of late. The person who broke into the Mac did so with
>> a specially-crafted web page. A link to the web page was sent in an
>> email message to the Mac, and when the non-admin user clicked the link,
>> he was compromised. But because he was using a non-admin user account,
>> the attacker did not gain root privileges on the system, and was only
>> able to modify files in that user's non-admin account as a result. The
>> rest of the system was not compromised.
>> 
>> <http://www.macobserver.com/article/2007/04/23.1.shtml>
> 
> One question I have is can it be changed back?  I don't know why I
> would do that, but it crossed my mind that I might not be able to
> recover from this if I need to.

Yes, you can just check the checkbox again to make the account an 
administrator account again. But there's no need for that when you can 
just log into the Administrator account.

-- 
JR

In article <010520071059265793%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> > Apple has no *interest* in writing a Classic emulator. Not when the 
> > overwhelming majority of Mac applications now work natively in Mac OS 
> > without Classic.  It's not in Apple's best interests, plain and simple.
> 
> I hear that half of the user base is still using non-Intel Macs.  And a
> lot of it has to do with applications.

you heard that where?  

in any event, keep in mind that intel macs have only been for sale for
roughly 16 months (and not for all models), whereas powerpc macs that
can run os x have been for sale for roughly 8 years (g3 blue&white,
circa 1999).  if in 16 months, intel macs are indeed half of the
current user base, that suggests that people are *not* tied to powerpc
macs, and in fact, are *jumping* at the opportunity to purchase an
intel mac.  

> > Apple declared Mac OS 9 dead five years ago, and we've all 
> > moved on to something better - Mac OS X.
> 
> Not all of us, apparently.  I like the way OS 9 runs flawlessly in
> Classic.  I don't see any reason to stop using Classic apps and I think
> it was a mistake for Apple to say, "Hey, we can make windoze work with
> apps not owned by Mac users but we'll scuttle the investment people
> have in our own stuff by eliminating a great app like Classic."

apple is better off working on features that the majority of users want
instead of working on features that a dwindling minority wants.  if
they were to *also* maintain classic, leopard might be even further
delayed. 

> Why should I buy an app like that when it should come with the OS?  If
> Apple bundles it, then I'll change my mind.  I don't expect to have an
> app that allows me to use the Apple-II stuff I have, but that would be
> nice, too.  It's a computer.  It should compute Apple-II stuff just
> fine, and everyprogram from every Apple computer ever made! 

realistically, how many people want to run apple // software in 2007?

geefive wrote:
> See, sometimes things are said that obfuscate the truth or only tell a
> half truth.  Like the machine needing to be up and running for this
> device to work.  What they're not saying is, while that's true, they
> have this _other_ device or procedure that starts the computer and
> bypasses the security in that process.

If you can reach the USB slot, you can reach the power button and the
keyboard.  If you can reach the power button and the keyboard, you can
become root in single-user mode--and then you don't need a $500 device
to do whatever you want.

On my machine, they'll be slowed down by the OF password.  Which just 
means they need a two-dollar screwdriver.

-- 
Wes Groleau

   Promote multi-use trails in northeast Indiana!
   http://www.NorthwestAllenTrails.org/

In article <010520071030180674%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <sdfisher-89D4E2.16345530042007@shawnews.vc.shawcable.net>,
> Steven Fisher <sdfisher@spamcop.net> wrote:
> 
> > I don't think Apple has said one way or the other at this point 
> > regarding Classic on Mac OS X 10.5 on PowerPC. I seem to recall a few 
> > rumors it was being dropped, but they were from even less credible 
> > sources than usual. On the other hand, there seem to be some pretty big 
> > changes in 10.5, and it's not impossible that Classic will break somehow 
> > and Apple can't/won't fix it.
> 
> Well, I hope you're wrong.  Given the mindset that resulted in the
> switch to Intel, any kind of surprise is possible :-(

In order to be wrong, I'd have to make a prediction. I make none, I only 
present the tidbits I've heard. :)

I guess I'm going to have to leave this newsgroup.
I like it here, but Gee Whiz, this thread is
scaring my poor computer and keeping it awake at night.

-- 
Wes Groleau

Change is inevitable.
Conservatives should learn that "inevitable" is not a synonym for "bad."
Liberals need to learn that "inevitable" is not a synonym for "good."
                                -- WWG

geefive wrote:
> I don't see anyone here offering reassuring comments about this device. 

Of course not.  When you're irrationally paranoid, no comments
can be reassuring.

-- 
Wes Groleau

A pessimist says the glass is half empty.

An optimist says the glass is half full.

An engineer says somebody made the glass
        twice as big as it needed to be.

Jolly Roger wrote:
> Caching: You use it each time you do anything with your computer. It 
> speeds performance, plain and simple.

Unless you turn it off, which you can do if you want.

> Logging is necessary only for whoever happens to be diagnosing problems 
> with the software that created the log (you, or someone you have allowed 
> access to your system, in most circumstances).

And again, there are ways to turn it off.

-- 
Wes Groleau
   "To know what you prefer, instead of humbly saying
    Amen to what the world tells you you should prefer,
    is to have kept your soul alive."
                          -- Robert Louis Stevenson

Jolly Roger wrote:
> As I suspected all along! As others have already theorized, this is just 
> a tool that automated what you might normally do manually.

A program that at least ten percent, probably more,
of the people on this newsgroup could write.

Gee Whiz, that will depress somebody, won't it?

:-)

-- 
Wes Groleau

Expert, n.:
         Someone who comes from out of town and shows slides.

geefive wrote:
> In article <133casb4nqmhrd6@corp.supernews.com>, G.T.
> <getnews1@dslextreme.com> wrote:
> 
>> It has nothing to do with reverse engineering.  Just stop, please, no 
>> one needs Apple's permission to write a freakin' utility, it doesn't 
>> mimic the OS, it's just an overpriced utility that collects things that 
>> anyone could collect if they were sitting at the computer.
> 
> Very well, then.  I'll go with that.

Finally!  (After how many hundred posts?)


-- 
Wes Groleau

    There ain't no right wing,
    there ain't no left wing.
    There's only you and me and we just disagree.
                               (apologies to Jim Krueger)

On 2007-05-01 22:44:22 -0500, Wes Groleau <groleau+news@freeshell.org> said:

> Jolly Roger wrote:
>> Caching: You use it each time you do anything with your computer. It 
>> speeds performance, plain and simple.
> 
> Unless you turn it off, which you can do if you want.

To what type of cache are you referring?

>> Logging is necessary only for whoever happens to be diagnosing problems 
>> with the software that created the log (you, or someone you have 
>> allowed access to your system, in most circumstances).
> 
> And again, there are ways to turn it off.

Indeed, and I'd definitely go that route rather than replacing log 
files with GIF files.  ; D

-- 
JR

In article <IBTZh.4120$iR2.1488@trnddc05>,
 Wes Groleau <groleau+news@freeshell.org> wrote:

> I guess I'm going to have to leave this newsgroup.
> I like it here, but Gee Whiz, this thread is
> scaring my poor computer and keeping it awake at night.

Two things to remember:
   1). My concern isn't that I am paranoid, but rather, am I paranoid 
enough?
   2). In paranoia, as in libel, truth is an absolute defense.

Kurt Ullman <kurtullman@yahoo.com> wrote:

> Two things to remember:
>    1). My concern isn't that I am paranoid, but rather, am I paranoid
> enough?
>    2). In paranoia, as in libel, truth is an absolute defense.

Um, knowing the definition of "paranoia" would really help.

http://preview.tinyurl.com/3bstjz

If you're paranoid, your fears are, by definition, irrational.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

In article <1hxh9h0.blm88e1iawq07N%mikePOST@TOGROUPmacconsult.com>,
 mikePOST@TOGROUPmacconsult.com (Mike Rosenberg) wrote:

> If you're paranoid, your fears are, by definition, irrational.

But as Kissinger reputedly said to Nixon, just because you're paranoid 
doesn't mean that they're not out to get you.

-- 
Support the troops:  Bring them home ASAP.

Kurt Ullman <kurtullman@yahoo.com> wrote:
> Two things to remember:
>...
>    2). In paranoia, as in libel, truth is an absolute defense.

NO! Because you NEVER know what the truth is!

Things to remember:
     0). It's only paranoia if there nobody there; and there's ALWAYS 
SOMEONE there.

;)

In article <uce-9CBE2D.14080201052007@comcast.dca.giganews.com>,
Gregory Weston <uce@splook.com> wrote:

> In article <010520071059265793%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:

> > I hear that half of the user base is still using non-Intel Macs.  And a
> > lot of it has to do with applications.
> 
> I'd bet it's more than half, and I'd further bet that the typical case 
> is not that people are being held back by the lack of availability of 
> native builds but simply don't have an urgent need to replace the 
> machine they have. I went out of my way to get a MacBook because as a 
> developer I need to have an Intel machine to test on. But I can't even 
> estimate for you when I expect to replace my PPC desktop.

I guess I can only speak for myself, then.  There are a bunch of
Classic apps I like and I'm not going to spend a lot of money on a
machine with an OS that's deliberately calculated to scuttle me.  I
know nothing about Sheepshaver, but I don't see any glowing
recommendations, just comments like "It's mostly a good app."

> > > You won't support SheepShaver, an open source project written by Mac 
> > > software developers that works amazingly well, all things considered, 
> > > because it's not written by Apple?  So be it.
> > 
> > Why should I buy an app like that when it should come with the OS?
> 
> 1. It's freeware.
> 2. What "should" come with the OS are the components that will by 
> various means generate sufficient revenue to pay for the resources spent 
> to implement them. It's not clear that as of the introduction of 
> x86-based Macs about a year ago that continuing to support software that 
> hadn't been updated in the prior 6 years met that criteria.

Well, that's probably right for a lot of people.  But Apple's going to
have to shake the Classic tail awfully hard to get me to let go.  It
irks me that they would deliberately obsolete their older apps when for
years and years they claimed that a very good reason to own a Mac was
to protect one's investment in apps.  

I understand what you're saying, but it's going to take me a while to
come around.  The matter of my living long enough to do so is a
consideration.  A lot of older people use Macs, you know.  I'm also
reluctant to get rid of my 1967 VW bus after having it for well over
half of my life.  It feels comfortable to wrap myself in the old apps. 
That's my mileage, anyway.

In article <0001HW.C25CFF6A000BF2F0F060B648@newsgroups.comcast.net>,
J.J. O'Shea <try.not.to@but.see.sig> wrote:

geefive wrote
> > Here's a scenario.  They use the new device not to crack the password
> > but to substitute another.  Then when they give the computer back to
> > you, you'll need to buy one of the devices to change your password
> > back.  Nice sales plan.
> 
> Sigh. 

Sorry, that was my lame attempt at humor.

However, I appreciate the following and have added it to my file of
tips/thoughts from this thread.

> You don't need to buy anything so long as you keep your system boot 
> disc handy. Boot from that disc, and you can change the password to whatever 
> you like, without knowing the old password. Every Mac ships with a system 
> disc. If you don't have the system disc anymore, but do have a retail OS X 
> install disc, boot from that instead. If you don't have a system disc or a 
> retail disc but do have another Mac, attach the hacked Mac to the other one 
> with a FireWire cable and boot the hacked Mac in FireWire Target Mode. The 
> hard drive on the hacked Mac is treated as an external hard drive by the 
> other Mac and all the (non-encrypted) files are available. Or you could take 
> the drive out of the hacked Mac and put it into another Mac (or a Windows box 
> which has MacDrive or something similar installed) and the drive from the 
> hacked Mac _is_ a secondary drive on the other machine.
> 
> If all you want to do is get onto a machine and you don't care if it's 
> obvious that you were there, and you have physical access to the machine, 
> there are a multitude of ways to do it.

In article <2007050117215886794-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> On 2007-05-01 13:07:56 -0500, geefive <geefive@geefive.com> said:
> 
> > One question I have is can it be changed back?  I don't know why I
> > would do that, but it crossed my mind that I might not be able to
> > recover from this if I need to.
> 
> Yes, you can just check the checkbox again to make the account an 
> administrator account again. But there's no need for that when you can 
> just log into the Administrator account.

Okay.  I'm getting close to doing this.

> In article <010520071059265793%geefive@geefive.com>, geefive
> <geefive@geefive.com> wrote:

> > I hear that half of the user base is still using non-Intel Macs.  And a
> > lot of it has to do with applications.

In article <010520071601275565%nospam@nospam.invalid>, nospam
<nospam@nospam.invalid> wrote:

> you heard that where?  

I've heard it a number of times, but I don't have a specific reference
for you.

> in any event, keep in mind that intel macs have only been for sale for
> roughly 16 months (and not for all models), whereas powerpc macs that
> can run os x have been for sale for roughly 8 years (g3 blue&white,
> circa 1999).  if in 16 months, intel macs are indeed half of the
> current user base, that suggests that people are *not* tied to powerpc
> macs, and in fact, are *jumping* at the opportunity to purchase an
> intel mac.  

i.e., the glass is half full.
 
> > > Apple declared Mac OS 9 dead five years ago, and we've all 
> > > moved on to something better - Mac OS X.

I'm using it, too.  But I use a lot of "comfort" classic programs, and
Classic has worked flawlessly for me, so I don't think I'll go Intel
any time soon, unless I keep this computer instead of trading it in.

> apple is better off working on features that the majority of users want
> instead of working on features that a dwindling minority wants.  if
> they were to *also* maintain classic, leopard might be even further
> delayed. 

It's only a dwindling group because people who buy Intel Macs have has
the Classic "rug" pulled out from under them.  I wonder how dwindling
our numbers would be if Classic were still part of the OS?

> > Why should I buy an app like that when it should come with the OS?  If
> > Apple bundles it, then I'll change my mind.  I don't expect to have an
> > app that allows me to use the Apple-II stuff I have, but that would be
> > nice, too.  It's a computer.  It should compute Apple-II stuff just
> > fine, and everyprogram from every Apple computer ever made! 
> 
> realistically, how many people want to run apple // software in 2007?

Not too many.  But, hey, it's a computer.  It should compute.  It
should compute everything.  Why should they say we're stiffing the
users of programs and a system we promoted for years while embracing
what was the enemy platform?  What trick will Apple pull on us next? 
It would have been better if the OS came ready to run any program,
especially the ones I already own.  As long as they're at it, why not
offer a computer that will recognize everything?  It's a computer.  Why
would it prefer this over that?

Don't answer that last bit.  I know why.  Because Mr. (Steve) Ego
decided it should be that way and that's either a :-) or a :-(
depending on how it affects the Mac-using individual.

On 2007-05-02 12:15:42 -0500, geefive <geefive@geefive.com> said:

> In article <uce-9CBE2D.14080201052007@comcast.dca.giganews.com>,
> Gregory Weston <uce@splook.com> wrote:
> 
>> In article <010520071059265793%geefive@geefive.com>,
>> geefive <geefive@geefive.com> wrote:
> 
>>> I hear that half of the user base is still using non-Intel Macs.  And a
>>> lot of it has to do with applications.
>> 
>> I'd bet it's more than half, and I'd further bet that the typical case
>> is not that people are being held back by the lack of availability of
>> native builds but simply don't have an urgent need to replace the
>> machine they have. I went out of my way to get a MacBook because as a
>> developer I need to have an Intel machine to test on. But I can't even
>> estimate for you when I expect to replace my PPC desktop.
> 
> I guess I can only speak for myself, then.  There are a bunch of
> Classic apps I like and I'm not going to spend a lot of money on a
> machine with an OS that's deliberately calculated to scuttle me.

That's your choice, of course. But you'd do yourself a huge favor to 
get over this block you have and embrace Mac OS X - it's here to stay, 
and classic Mac OS is all-but dead now.  It's just the way things are.

> I know nothing about Sheepshaver, but I don't see any glowing
> recommendations, just comments like "It's mostly a good app."

It's great for those of us who need to run that one classic Mac 
application (for me it's FrameMaker) on Intel-based Macs! I couldn't do 
a lot of my work on my MacBook Pro without it.

>>>> You won't support SheepShaver, an open source project written by Mac
>>>> software developers that works amazingly well, all things considered,
>>>> because it's not written by Apple?  So be it.
>>> 
>>> Why should I buy an app like that when it should come with the OS?
>> 
>> 1. It's freeware.
>> 2. What "should" come with the OS are the components that will by
>> various means generate sufficient revenue to pay for the resources spent
>> to implement them. It's not clear that as of the introduction of
>> x86-based Macs about a year ago that continuing to support software that
>> hadn't been updated in the prior 6 years met that criteria.
> 
> Well, that's probably right for a lot of people.  But Apple's going to
> have to shake the Classic tail awfully hard to get me to let go.

Wait for it...

> It irks me that they would deliberately obsolete their older apps when for
> years and years they claimed that a very good reason to own a Mac was
> to protect one's investment in apps.

There are a slew of technological reasons why it was necessary to make 
old applications obsolete. I don't expect you to know or understand all 
of these reasons, but take it from an experienced Mac OS developer of 
many years, these changes were absolutely necessary for Apple to 
survive. And without Apple, you and I wouldn't be enjoying the Macs we 
use today.  That's a fact.  The changes were unavoidable, plain and 
simple.

Also, developers have had *plenty* of time to modify their applications 
so that they will run in Mac OS X *without* a Classic compatibility 
layer. You bitch that Apple made old versions of applications obsolete 
and then turn around and admit you refuse to use newer versions of 
applications that have been updated by developers and work just fine.  
That doesn't fly.

> I understand what you're saying, but it's going to take me a while to
> come around.  The matter of my living long enough to do so is a
> consideration.  A lot of older people use Macs, you know.  I'm also
> reluctant to get rid of my 1967 VW bus after having it for well over
> half of my life.  It feels comfortable to wrap myself in the old apps.
> That's my mileage, anyway.

My grandfather is over 80 and started out using Mac OS 8.5. He's using 
Mac OS X 10.4.9 daily every single day and loves it. He especially 
loves how stable his new-ish Mac mini is compared to the old iMac he 
used to have running classic Mac OS. He's living proof that people can 
adjust just fine once they open their mind and embrace change rather 
than closed-mindedly reject it.

-- 
JR

On 2007-05-02 12:32:03 -0500, geefive <geefive@geefive.com> said:

> In article <2007050117215886794-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
>> On 2007-05-01 13:07:56 -0500, geefive <geefive@geefive.com> said:
>> 
>>> One question I have is can it be changed back?  I don't know why I
>>> would do that, but it crossed my mind that I might not be able to
>>> recover from this if I need to.
>> 
>> Yes, you can just check the checkbox again to make the account an
>> administrator account again. But there's no need for that when you can
>> just log into the Administrator account.
> 
> Okay.  I'm getting close to doing this.

Let us know if you hit any snags (but it should be extremely simple).

-- 
JR

In article <2007050123120128204-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> On 2007-05-01 22:44:22 -0500, Wes Groleau <groleau+news@freeshell.org> said:
> 
> > Jolly Roger wrote:
> >> Caching: You use it each time you do anything with your computer. It 
> >> speeds performance, plain and simple.
> > 
> > Unless you turn it off, which you can do if you want.
> 
> To what type of cache are you referring?
> 
> >> Logging is necessary only for whoever happens to be diagnosing problems 
> >> with the software that created the log (you, or someone you have 
> >> allowed access to your system, in most circumstances).
> > 
> > And again, there are ways to turn it off.
> 
> Indeed, and I'd definitely go that route rather than replacing log 
> files with GIF files.  ; D

What are the ways?

In article <020520071015423213%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <uce-9CBE2D.14080201052007@comcast.dca.giganews.com>,
> Gregory Weston <uce@splook.com> wrote:
> 
> > In article <010520071059265793%geefive@geefive.com>,
> >  geefive <geefive@geefive.com> wrote:
> 
> > > I hear that half of the user base is still using non-Intel Macs.  And a
> > > lot of it has to do with applications.
> > 
> > I'd bet it's more than half, and I'd further bet that the typical case 
> > is not that people are being held back by the lack of availability of 
> > native builds but simply don't have an urgent need to replace the 
> > machine they have. I went out of my way to get a MacBook because as a 
> > developer I need to have an Intel machine to test on. But I can't even 
> > estimate for you when I expect to replace my PPC desktop.
> 
> I guess I can only speak for myself, then.  There are a bunch of
> Classic apps I like and I'm not going to spend a lot of money on a
> machine with an OS that's deliberately calculated to scuttle me.  I
> know nothing about Sheepshaver, but I don't see any glowing
> recommendations, just comments like "It's mostly a good app."

So you're rejecting a potential solution without testing its suitability 
for your needs, even though such test can be carried out at virtually no 
risk?

Given that, I wonder how much you've looked for updates or functional 
replacements for those apps.

> Well, that's probably right for a lot of people.  But Apple's going to
> have to shake the Classic tail awfully hard to get me to let go.  It
> irks me that they would deliberately obsolete their older apps ...

Careful. To say their action was deliberate could cause some people to 
infer that they took specific action to prevent those apps from being 
used going forward. The reality is that they did not take specific 
action that would allow it. And I explained the most likely reason for 
that. Apple is a publicly-traded US corporation. They exist to serve 
their stockholders. Period. If an expenditure of resources doesn't 
defensibly work toward that, those resources will be allocated elsewhere.

On 2007-05-02 12:56:34 -0500, geefive <geefive@geefive.com> said:

>>> Why should I buy an app like that when it should come with the OS?  If
>>> Apple bundles it, then I'll change my mind.  I don't expect to have an
>>> app that allows me to use the Apple-II stuff I have, but that would be
>>> nice, too.  It's a computer.  It should compute Apple-II stuff just
>>> fine, and everyprogram from every Apple computer ever made!
>> 
>> realistically, how many people want to run apple // software in 2007?
> 
> Not too many.  But, hey, it's a computer.  It should compute.  It
> should compute everything.  Why should they say we're stiffing the
> users of programs and a system we promoted for years while embracing
> what was the enemy platform?  What trick will Apple pull on us next?
> It would have been better if the OS came ready to run any program,
> especially the ones I already own.

No, then it would be Windows - living proof that backwards 
compatibility at all costs is *anything* BUT a good idea.

> As long as they're at it, why not
> offer a computer that will recognize everything?  It's a computer.  Why
> would it prefer this over that?

There are technical reasons of course, but I'm not going to try to 
explain them all to you. You can read about them on the web - if you 
want to know.

> Don't answer that last bit.  I know why.  Because Mr. (Steve) Ego
> decided it should be that way and that's either a :-) or a :-(
> depending on how it affects the Mac-using individual.

No - that couldn't be further from the truth. You'd do well to read a 
good book about the history of Mac operating systems - in particular 
Copland:

<http://www.kernelthread.com/mac/oshistory/>

Apple was in a major shit hole and going quickly out of business 
because developers had lost interest in the platform. Apple *had* to 
make sweeping changes to the operating system or die, and those changes 
meant old apps would stop working. Apple actually did an 
amazingly-well-executed thing with Carbon and Classic. They allowed old 
programs to run, unmodified for the most part, in a compatibility layer 
in the new Unix-based operating system. And they allowed developers to 
make relatively minor changes to their apps ("Carbonizing" them) to 
allow them to run natively through Carbon APIs. Even in 10.4 today old 
applications that haven't changed for a century or more still run fine 
in Classic. But this was never meant to be a *permanent* solution. 
Developers were expected to migrate their applications over to Mac OS 
X. Most have done so by now.

-- 
JR

In article <2007050212574878048-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> On 2007-05-02 12:15:42 -0500, geefive <geefive@geefive.com> said:

In article <010520071601275565%nospam@nospam.invalid>, nospam
<nospam@nospam.invalid> wrote:

> > I guess I can only speak for myself, then.  There are a bunch of
> > Classic apps I like and I'm not going to spend a lot of money on a
> > machine with an OS that's deliberately calculated to scuttle me.
> 
> That's your choice, of course. But you'd do yourself a huge favor to 
> get over this block you have and embrace Mac OS X - it's here to stay, 
> and classic Mac OS is all-but dead now.  It's just the way things are.

But I'm using it.  About 50/50 with Classic apps.

> There are a slew of technological reasons why it was necessary to make 
> old applications obsolete. I don't expect you to know or understand all 
> of these reasons, but take it from an experienced Mac OS developer of 
> many years, these changes were absolutely necessary for Apple to 
> survive. And without Apple, you and I wouldn't be enjoying the Macs we 
> use today.  That's a fact.  The changes were unavoidable, plain and 
> simple.
 
> Also, developers have had *plenty* of time to modify their applications 
> so that they will run in Mac OS X *without* a Classic compatibility 
> layer. You bitch that Apple made old versions of applications obsolete 
> and then turn around and admit you refuse to use newer versions of 
> applications that have been updated by developers and work just fine.  
> That doesn't fly.

I use Safari.  GraphicConverter.  TextWrangler.  iTunes to listen to
Bernie Ward.  DVD player for movies.  My scanner and printer are
USB/OSX.  So I have my foot in both camps (just not boot camp).

> > I understand what you're saying, but it's going to take me a while to
> > come around.  The matter of my living long enough to do so is a
> > consideration.  A lot of older people use Macs, you know.  I'm also
> > reluctant to get rid of my 1967 VW bus after having it for well over
> > half of my life.  It feels comfortable to wrap myself in the old apps.
> > That's my mileage, anyway.
> 
> My grandfather is over 80 and started out using Mac OS 8.5. He's using 
> Mac OS X 10.4.9 daily every single day and loves it. He especially 
> loves how stable his new-ish Mac mini is compared to the old iMac he 
> used to have running classic Mac OS. He's living proof that people can 
> adjust just fine once they open their mind and embrace change rather 
> than closed-mindedly reject it.

I like my G5 Dual, and especially how it looks on the 23" studio
monitor.  But I used 8.6 on my Wall Street notebook until a year ago
when the battery fizzled and took the PMU with it.  I didn't use OS 9
until it came with OSX.  OS 9 and OSX both work great for me on a G5. 
And I'm about to go 10.4.

I'm glad to hear that your grandfather is still alive. I never knew any
of my grandparents, and I have so many questions.  Don't forget to ask
before they pass on.  They take a lot with them.

In article <020520071056340669%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

>
> i.e., the glass is half full.
    A pessimist looks at the glass as half empty
     An optimist looks at the glass as half full.
     An engineer looks at the glass as being twice as big as needed.
  
I really should stop listening the voices in my head at times like 
these..

In article <uce-2319EC.14172502052007@comcast.dca.giganews.com>,
Gregory Weston <uce@splook.com> wrote:

I wonder how much you've looked for updates or functional 
> replacements for those apps.

Not very hard.  Not at all, actually.  I'm comfortable with the old
programs I use.  I find newer apps to be complicated, and I see that
I'm paying fora lot of features I don't use.
> 
> > Well, that's probably right for a lot of people.  But Apple's going to
> > have to shake the Classic tail awfully hard to get me to let go.  It
> > irks me that they would deliberately obsolete their older apps ...
> 
> Careful. To say their action was deliberate could cause some people to 
> infer that they took specific action to prevent those apps from being 
> used going forward. The reality is that they did not take specific 
> action that would allow it. And I explained the most likely reason for 
> that. Apple is a publicly-traded US corporation. They exist to serve 
> their stockholders. Period. If an expenditure of resources doesn't 
> defensibly work toward that, those resources will be allocated elsewhere.

Another case could be made.  Like an erosion of goodwill.  There's this
American Attitude that says if you don't like what I sell, then go
someplace else.  That's what I get out of the abandonment of Classic. 
It was basically like it or not.

Y'know what, there's a depression a-comin' and businesses that pushed
their customers around will suffer more severe consequences that those
that treated their customers right.  How many hi-tech businesses are
just a few percentage points in sales away from going bust?

In article <2007050213193764490-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> Apple was in a major shit hole and going quickly out of business 
> because developers had lost interest in the platform. Apple *had* to 
> make sweeping changes to the operating system or die, and those changes 
> meant old apps would stop working. 

Make the changes, Apple.  I like OSX, but why work so hard to make
windoze apps work while abandoning programs that were invented by or
for you?  Why not add functionality rather than switching to some other
functionality.  It's a computer, Apple, make it compute.  Don't say,
"We're going to stop this computing and compute that in its place." 
Why doesn't my computer compute everything?

> Apple actually did an 
> amazingly-well-executed thing with Carbon and Classic. They allowed old 
> programs to run, unmodified for the most part, in a compatibility layer 
> in the new Unix-based operating system. And they allowed developers to 
> make relatively minor changes to their apps ("Carbonizing" them) to 
> allow them to run natively through Carbon APIs. Even in 10.4 today old 
> applications that haven't changed for a century or more still run fine 
> in Classic. But this was never meant to be a *permanent* solution. 
> Developers were expected to migrate their applications over to Mac OS 
> X. Most have done so by now.

That's fine for some people, but it's made computing a zero sum game. 
In order for one user to benefit, someone else gets the rug pulled out
from under them.  Computing should benefit everyone.  I should be able
to put in any kind of disk or load any app from any platform and it
should work.  What kind of a PR coup would that be?

On 5/2/07 9:19 AM, in article
michelle-190245.07192602052007@news.east.cox.net, "Michelle Steiner"
<michelle@michelle.org> wrote:

> In article <1hxh9h0.blm88e1iawq07N%mikePOST@TOGROUPmacconsult.com>,
>  mikePOST@TOGROUPmacconsult.com (Mike Rosenberg) wrote:
> 
>> If you're paranoid, your fears are, by definition, irrational.
> 
> But as Kissinger reputedly said to Nixon, just because you're paranoid
> doesn't mean that they're not out to get you.
"As Mr. Schwarts said", you mean.


----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

In article <020520071056340669%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> > apple is better off working on features that the majority of users want
> > instead of working on features that a dwindling minority wants.  if
> > they were to *also* maintain classic, leopard might be even further
> > delayed. 
> 
> It's only a dwindling group because people who buy Intel Macs have has
> the Classic "rug" pulled out from under them.  I wonder how dwindling
> our numbers would be if Classic were still part of the OS?

the group dwindled *before* intel came along.  apple said they saw no
reason to support classic on intel because there was simply so little
demand for it.  

keep in mind that on an intel mac, you can run *windows* apps at full
native speeds, and that the selection of windows apps is far greater
than for classic mac apps.  in my situation, the few apps i use in
classic have windows versions that in most cases, are better. 

> > realistically, how many people want to run apple // software in 2007?
> 
> Not too many.  But, hey, it's a computer.  It should compute.  

it does.

> It
> should compute everything.  Why should they say we're stiffing the
> users of programs and a system we promoted for years while embracing
> what was the enemy platform?  What trick will Apple pull on us next? 
> It would have been better if the OS came ready to run any program,
> especially the ones I already own.  As long as they're at it, why not
> offer a computer that will recognize everything?  It's a computer.  Why
> would it prefer this over that?

there's the technical issue of different cpu chips.  an apple // uses a
6502 chip and the macintosh uses a 68000 series, powerpc or intel chip. 
apple could write an emulator (as many third parties have), but
realistically, how many more macs will that sell, versus spending time
on something that the majority of users actually want?  

and i'll also note that about fifteen years ago, apple had a card for a
macintosh lc that was basically an apple //, for people who wanted to
run old apple // software.  i don't know how well it sold, but it
wasn't sold for very long (i think only for one version of the lc), so
obviously, not too many people cared.  

if you want to run apple // apps out of nostalgia, that is an entirely
different matter, and there are apple // emulators for the few who
enjoy that (and at significantly faster speeds than an apple // could
ever be).

In article <020520071148418806%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> Make the changes, Apple.  I like OSX, but why work so hard to make
> windoze apps work while abandoning programs that were invented by or
> for you?  

because supporting windows is something a LOT of people want, and
supporting classic is something a FEW people want.  apple does not have
unlimited resources, and must decide whether it is worth satisfying a
large group or a small group of users.  

> Why not add functionality rather than switching to some other
> functionality.  It's a computer, Apple, make it compute.  Don't say,
> "We're going to stop this computing and compute that in its place." 
> Why doesn't my computer compute everything?

there are some limitations that preclude products (any product) from
doing 'everything.' 

> That's fine for some people, but it's made computing a zero sum game. 
> In order for one user to benefit, someone else gets the rug pulled out
> from under them.  Computing should benefit everyone.  I should be able
> to put in any kind of disk or load any app from any platform and it
> should work.  What kind of a PR coup would that be?

it would be amazing, but very very few people care about running
software for apple //, amiga, atari, commodore 64, pdp-11 and other
computers of the past.  and as stated elsewhere, third parties filled
the void for the few who do.

On 2007-05-02 13:02:26 -0500, geefive <geefive@geefive.com> said:

> In article <2007050123120128204-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
>> On 2007-05-01 22:44:22 -0500, Wes Groleau <groleau+news@freeshell.org> said:
>> 
>>> Jolly Roger wrote:
>>>> Caching: You use it each time you do anything with your computer. It
>>>> speeds performance, plain and simple.
>>> 
>>> Unless you turn it off, which you can do if you want.
>> 
>> To what type of cache are you referring?
>> 
>>>> Logging is necessary only for whoever happens to be diagnosing problems
>>>> with the software that created the log (you, or someone you have
>>>> allowed access to your system, in most circumstances).
>>> 
>>> And again, there are ways to turn it off.
>> 
>> Indeed, and I'd definitely go that route rather than replacing log
>> files with GIF files.  ; D
> 
> What are the ways?

Depends on the log file, but usually there's a setting to control 
whether or not the process writes to a log file.  Another way might be 
to change the default log rotation configuration in the operating 
system to rotate or delete log files more frequently.

-- 
JR

In article <020520071134589342%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> > I wonder how much you've looked for updates or functional 
> > replacements for those apps.
> 
> Not very hard.  Not at all, actually.  I'm comfortable with the old 
> programs I use.  I find newer apps to be complicated, and I see that 
> I'm paying fora lot of features I don't use.

The solution is clear, then; stick with the computer you now have.

> Another case could be made.  Like an erosion of goodwill.  There's 
> this American Attitude that says if you don't like what I sell, then 
> go someplace else.  That's what I get out of the abandonment of 
> Classic. It was basically like it or not.

Sorta like the abandonment of horses and buggy whips when the automobile 
was invented.

<http://www.youtube.com/watch?v=gfLD-7bCtME>

-- 
Support the troops:  Bring them home ASAP.

On 2007-05-02 13:48:41 -0500, geefive <geefive@geefive.com> said:

> In article <2007050213193764490-jollyroger@nullorg>, Jolly Roger
> <jollyroger@null.org> wrote:
> 
>> Apple was in a major shit hole and going quickly out of business
>> because developers had lost interest in the platform. Apple *had* to
>> make sweeping changes to the operating system or die, and those changes
>> meant old apps would stop working.
> 
> Make the changes, Apple.  I like OSX, but why work so hard to make
> windoze apps work while abandoning programs that were invented by or
> for you?

Are you postulating that the amount of work needed to create and 
support (a) a brand-new Classic emulator in Mac OS X is somehow 
equivalent to the mount of work needed to create and support (b) an EFI 
compatibility layer for Windows?  Or are you postulating that Apple 
would have more to gain from (a) than (b)?  You'd be wrong on both 
counts. Creating an EFI compatibility layer for Windows was an 
extremely *simple* task compared to creating a brand-new Classic 
emulator in Mac OS X. And Apple has *far* more to gain by allowing 
worried Windows users to switch to Macs knowing they have Boot Camp as 
a security blanket.

> Why not add functionality rather than switching to some other
> functionality.

There are many technical and strategic reasons into which I won't go.

> It's a computer, Apple, make it compute.  Don't say,
> "We're going to stop this computing and compute that in its place."
> Why doesn't my computer compute everything?

Because the Mac market hasn't done enough to convince Apple it would be 
worth their while to implement.

>> Apple actually did an
>> amazingly-well-executed thing with Carbon and Classic. They allowed old
>> programs to run, unmodified for the most part, in a compatibility layer
>> in the new Unix-based operating system. And they allowed developers to
>> make relatively minor changes to their apps ("Carbonizing" them) to
>> allow them to run natively through Carbon APIs. Even in 10.4 today old
>> applications that haven't changed for a century or more still run fine
>> in Classic. But this was never meant to be a *permanent* solution.
>> Developers were expected to migrate their applications over to Mac OS
>> X. Most have done so by now.
> 
> That's fine for some people, but it's made computing a zero sum game.
> In order for one user to benefit, someone else gets the rug pulled out
> from under them.  Computing should benefit everyone.  I should be able
> to put in any kind of disk or load any app from any platform and it
> should work.  What kind of a PR coup would that be?

In a fantasy world, where everything is perfect, that might be a 
reality. In this world, it's not.

-- 
JR

In article <020520071056340669%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> Don't answer that last bit.  I know why.  Because Mr. (Steve) Ego 
> decided it should be that way and that's either a :-) or a :-( 
> depending on how it affects the Mac-using individual.

Interesting how people who can't get their own way automatically blame 
someone of deliberately stymying them.  It never occurs to them that 
there may be legitimate technical reasons.  It's a vast conspiracy, 
that's what it is.

I've heard the same complaints from Apple II owners when the Mac came 
out.  I've heard it from Mac owners when Apple switch from the 680x0 
chips to the Power PC chip.  I've heard it when OS X was introduced.  I 
heard it when new models of Macs couldn't boot OS 9.  I've heard it from 
MS DOS users when Windows became standard.

-- 
Support the troops:  Bring them home ASAP.

In article <2007050213193764490-jollyroger@nullorg>,
 Jolly Roger <jollyroger@null.org> wrote:

> Even in 10.4 today old applications that haven't changed for a 
> century or more still run fine in Classic.

I trust that you mean "decade" not "century", or were you engaging in a 
bit of hyperbole?

-- 
Support the troops:  Bring them home ASAP.

On 2007-05-02 16:25:24 -0500, nospam <nospam@nospam.invalid> said:

> In article <1hxhx9j.1yioxnm17tw39xN%mikePOST@TOGROUPmacconsult.com>,
> Mike Rosenberg <mikePOST@TOGROUPmacconsult.com> wrote:
> 
>> My mom still has several old rotary telephones.  You can still use them
>> to make calls, of course, but if you have to press any buttons to get
>> through a phone maze, you're out of luck.  Caller ID doesn't work with
>> them.
> 
> caller id has nothing to do with the type of phone plugged into a wall
> jack.

I believe Mike was exercising a little sarcastic humor there...

-- 
JR

On 2007-05-02 16:20:30 -0500, Michelle Steiner <michelle@michelle.org> said:

> In article <020520071056340669%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
>> Don't answer that last bit.  I know why.  Because Mr. (Steve) Ego
>> decided it should be that way and that's either a :-) or a :-(
>> depending on how it affects the Mac-using individual.
> 
> Interesting how people who can't get their own way automatically blame
> someone of deliberately stymying them.  It never occurs to them that
> there may be legitimate technical reasons.  It's a vast conspiracy,
> that's what it is.
> 
> I've heard the same complaints from Apple II owners when the Mac came
> out.  I've heard it from Mac owners when Apple switch from the 680x0
> chips to the Power PC chip.  I've heard it when OS X was introduced.  I
> heard it when new models of Macs couldn't boot OS 9.  I've heard it from
> MS DOS users when Windows became standard.

Yeah.  Same here.  Human nature, me thinks.  We are very peculiar creatures.

-- 
JR

In article <020520071134589342%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <uce-2319EC.14172502052007@comcast.dca.giganews.com>,
> Gregory Weston <uce@splook.com> wrote:
> 
> I wonder how much you've looked for updates or functional 
> > replacements for those apps.
> 
> Not very hard.  Not at all, actually.  I'm comfortable with the old
> programs I use.  I find newer apps to be complicated, and I see that
> I'm paying fora lot of features I don't use.
> > 
> > > Well, that's probably right for a lot of people.  But Apple's going to
> > > have to shake the Classic tail awfully hard to get me to let go.  It
> > > irks me that they would deliberately obsolete their older apps ...
> > 
> > Careful. To say their action was deliberate could cause some people to 
> > infer that they took specific action to prevent those apps from being 
> > used going forward. The reality is that they did not take specific 
> > action that would allow it. And I explained the most likely reason for 
> > that. Apple is a publicly-traded US corporation. They exist to serve 
> > their stockholders. Period. If an expenditure of resources doesn't 
> > defensibly work toward that, those resources will be allocated elsewhere.
> 
> Another case could be made.  Like an erosion of goodwill.

Believe it or not, such considerations are taken into account during 
cost benefit analyses. And believe it or not, they don't always change 
the bottom line from a negative to a positive.

Resources are finite. If you have a block of resources that can be used 
for task A, which is projected to increase your customer base by 10%, or 
task B, which is projected to retain a relatively inactive 3% of your 
existing customer base who will otherwise defect, SEC regs virtually 
require you to choose task A.

In article <020520071213527268%nospam@nospam.invalid>, nospam
<nospam@nospam.invalid> wrote:

> keep in mind that on an intel mac, you can run *windows* apps at full
> native speeds, and that the selection of windows apps is far greater
> than for classic mac apps.  in my situation, the few apps i use in
> classic have windows versions that in most cases, are better. 

There won't be any widdoze programs on my computer.  

>> It should compute.  
> 
> it does.
> 
> > It
> > should compute everything. 

> how many more macs will that sell, versus spending time
> on something that the majority of users actually want? 

People should not only do as they choose, but they should be able to do
what they choose.  I don't care about Apple II in particular over
anything else, but if you're going to call yourself a grocery store you
need to have those jalapino stuffed olives on the shelf.  And how hard
would it be to emulate all of the OS's?  Memory isn't a problem.  I
think it would be a sales point to be able to say there's an adapter
you can use to plug in any hard drive (like the Apple II drives) and
run programs. 

> if you want to run apple // apps out of nostalgia, that is an entirely
> different matter, and there are apple // emulators for the few who
> enjoy that (and at significantly faster speeds than an apple // could
> ever be).

I don't really want to.  The point I'm making is it's a computer and it
should come bundled with more options than just the ones that you need
to buy due to planned obsolescence.

In article <2007050215293668066-jollyroger@nullorg>, Jolly Roger
<jollyroger@null.org> wrote:

> On 2007-05-02 13:02:26 -0500, geefive <geefive@geefive.com> said:
> 
> > In article <2007050123120128204-jollyroger@nullorg>, Jolly Roger
> > <jollyroger@null.org> wrote:
> > 
> >> On 2007-05-01 22:44:22 -0500, Wes Groleau <groleau+news@freeshell.org>
> >> said:
> >> 
> >>> Jolly Roger wrote:
> >>>> Caching: You use it each time you do anything with your computer. It
> >>>> speeds performance, plain and simple.
> >>> 
> >>> Unless you turn it off, which you can do if you want.
> >> 
> >> To what type of cache are you referring?
> >> 
> >>>> Logging is necessary only for whoever happens to be diagnosing problems
> >>>> with the software that created the log (you, or someone you have
> >>>> allowed access to your system, in most circumstances).
> >>> 
> >>> And again, there are ways to turn it off.
> >> 
> >> Indeed, and I'd definitely go that route rather than replacing log
> >> files with GIF files.  ; D
> > 
> > What are the ways?
> 
> Depends on the log file, but usually there's a setting to control 
> whether or not the process writes to a log file.  Another way might be 
> to change the default log rotation configuration in the operating 
> system to rotate or delete log files more frequently.

I wouldn't have a clue about how to do that.  It just isn't in the
cards for me because I don't "root" around in the OS.  However, I might
try the GIF trick to see if it works.  If it doesn't, then I'll do a
backup from disk 2 and I've wasted a couple of hours.

In article <michelle-6B9696.14130502052007@news.east.cox.net>, Michelle
Steiner <michelle@michelle.org> wrote:

> In article <020520071134589342%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > > I wonder how much you've looked for updates or functional 
> > > replacements for those apps.
> > 
> > Not very hard.  Not at all, actually.  I'm comfortable with the old 
> > programs I use.  I find newer apps to be complicated, and I see that 
> > I'm paying fora lot of features I don't use.
> 
> The solution is clear, then; stick with the computer you now have.
> 
> > Another case could be made.  Like an erosion of goodwill.  There's 
> > this American Attitude that says if you don't like what I sell, then 
> > go someplace else.  That's what I get out of the abandonment of 
> > Classic. It was basically like it or not.
> 
> Sorta like the abandonment of horses and buggy whips when the automobile 
> was invented.

Not like that at all.  More like automobile manufacturers coming out
with new models and then making the old ones stop running before people
were done with them

In article <020520071615257688%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> > Sorta like the abandonment of horses and buggy whips when the automobile 
> > was invented.
> 
> Not like that at all.  More like automobile manufacturers coming out
> with new models and then making the old ones stop running before people
> were done with them

you mean like automobile manufacturers discontinuing parts for older
vehicles, so when the old cars breakdown, they *can't* be fixed?

In article <michelle-F9E2CF.14203002052007@news.east.cox.net>, Michelle
Steiner <michelle@michelle.org> wrote:

> In article <020520071056340669%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > Because Mr. (Steve) Ego 
 
> It's a vast conspiracy, that's what it is.

I'm not one of those believers.  It was just a business decision I
don't agree with.  However, it would be interesting to know who first
said "We should jettison the Legacy apps," and how hard or easy it was
to sell the idea.  Just interesting, that's all.

In article <020520071603204024%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> if you're going to call yourself a grocery store you need to have 
> those jalapino stuffed olives on the shelf.

No grocery store carries every grocery item.

> And how hard would it be to emulate all of the OS's?

Quite hard, actually--and not cost effective.

> I don't really want to.  The point I'm making is it's a computer and 
> it should come bundled with more options than just the ones that you 
> need to buy due to planned obsolescence.

It is, but it's not bundled with every option.

-- 
Support the troops:  Bring them home ASAP.

In article <uce-3B7804.18331702052007@comcast.dca.giganews.com>,
Gregory Weston <uce@splook.com> wrote:

> In article <020520071134589342%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > In article <uce-2319EC.14172502052007@comcast.dca.giganews.com>,
> > Gregory Weston <uce@splook.com> wrote:
> > 
> > I wonder how much you've looked for updates or functional 
> > > replacements for those apps.
> > 
> > Not very hard.  Not at all, actually.  I'm comfortable with the old
> > programs I use.  I find newer apps to be complicated, and I see that
> > I'm paying fora lot of features I don't use.
> > > 
> > > > Well, that's probably right for a lot of people.  But Apple's going to
> > > > have to shake the Classic tail awfully hard to get me to let go.  It
> > > > irks me that they would deliberately obsolete their older apps ...
> > > 
> > > Careful. To say their action was deliberate could cause some people to 
> > > infer that they took specific action to prevent those apps from being 
> > > used going forward. The reality is that they did not take specific 
> > > action that would allow it. And I explained the most likely reason for 
> > > that. Apple is a publicly-traded US corporation. They exist to serve 
> > > their stockholders. Period. If an expenditure of resources doesn't 
> > > defensibly work toward that, those resources will be allocated elsewhere.
> > 
> > Another case could be made.  Like an erosion of goodwill.
> 
> Believe it or not, such considerations are taken into account during 
> cost benefit analyses. And believe it or not, they don't always change 
> the bottom line from a negative to a positive.
> 
> Resources are finite. If you have a block of resources that can be used 
> for task A, which is projected to increase your customer base by 10%, or 
> task B, which is projected to retain a relatively inactive 3% of your 
> existing customer base who will otherwise defect, SEC regs virtually 
> require you to choose task A.

While I agree about opportunity cost analysis, I don't agree with your
numbers.  I don't know what the actual number is, I don't think anyone
does.  But more than 3% were negatively affected by having to move on
without Classic.  A lot more.

geefive wrote:
[snip]
> People should not only do as they choose, but they should be able to do
> what they choose.

Following that logic I should be able to walk into any bank
and walk out with all the money they have because I choose to.

> I don't really want to.  The point I'm making is it's a computer and it
> should come bundled with more options than just the ones that you need
> to buy due to planned obsolescence.

As has been pointed out to you, you want what you want without
regard to the people that own the company and are choosing (your
concept) what they want to sell.

-- 
Edo ergo sum

In article <020520071622442531%nospam@nospam.invalid>, nospam
<nospam@nospam.invalid> wrote:

> In article <020520071615257688%geefive@geefive.com>, geefive
> <geefive@geefive.com> wrote:
> 
> > > Sorta like the abandonment of horses and buggy whips when the automobile 
> > > was invented.
> > 
> > Not like that at all.  More like automobile manufacturers coming out
> > with new models and then making the old ones stop running before people
> > were done with them
> 
> you mean like automobile manufacturers discontinuing parts for older
> vehicles, so when the old cars breakdown, they *can't* be fixed?

No.  Like if they were able to make previous models non-functional in
order to force people to buy a newer one.

In article <michelle-CA77FD.16410602052007@news.east.cox.net>, Michelle
Steiner <michelle@michelle.org> wrote:

> In article <020520071603204024%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > if you're going to call yourself a grocery store you need to have 
> > those jalapino stuffed olives on the shelf.
> 
> No grocery store carries every grocery item.

No, but they carry items that lose money because they can't call it a
grocery store unless it's there.  Not everything has to make money. 
It's the total product that counts.  Any Mac is incomplete as far as
I'm cncerned if I can't run my Classic apps.  It's actually undesirable
if it runs windoze apps.

> > And how hard would it be to emulate all of the OS's?

> Quite hard, actually--and not cost effective.

Money can be made by serving niche markets.  If that weren't the case,
then what has Apple been doing all these years?  It's a niche product.

In article <020520071625495229%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> > > Because Mr. (Steve) Ego 
>  
> > It's a vast conspiracy, that's what it is.
> 
> I'm not one of those believers.  It was just a business decision I 
> don't agree with.

Well, the Apple board of directors agrees with, and so do the 
overwhelming majority of Mac users (well, either they agree with it or 
don't care about it).

> However, it would be interesting to know who first said "We should 
> jettison the Legacy apps," and how hard or easy it was to sell the 
> idea.

Probably no one said it.  What was probably said is "It's too much work 
to keep Classic support to make it economically feasible.  We're better 
off devoting our resources to other parts of the project and letting 
this one go."

OS X has been around for six years; that means that meaningful 
development on OS 9 stopped somewhere around that time as well.

Starting with OS 8, you couldn't even boot the OS on a 680x0 Macintosh.

Time marches on.

-- 
Support the troops:  Bring them home ASAP.

In article <020520071615257688%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> > Sorta like the abandonment of horses and buggy whips when the 
> > automobile was invented.
> 
> Not like that at all.

Exactly like that.

> More like automobile manufacturers coming out with new models and 
> then making the old ones stop running before people were done with 
> them

No one made your computer stop running when Apple introduced the Intel 
Macs.

Another analogy for what you're asking for is an automobile manufacturer 
coming out with a Diesel engine vehicle, and people complaining that it 
won't run on gasoline in addition to Diesel.

-- 
Support the troops:  Bring them home ASAP.

In article <no-475EBB.16521702052007@west.100proofnews.com>, Jim
<no@spam.plz> wrote:

> geefive wrote:
> [snip]
> > People should not only do as they choose, but they should be able to do
> > what they choose.
> 
> Following that logic I should be able to walk into any bank
> and walk out with all the money they have because I choose to.

You can do that if you like.

> > I don't really want to.  The point I'm making is it's a computer and it
> > should come bundled with more options than just the ones that you need
> > to buy due to planned obsolescence.
> 
> As has been pointed out to you, you want what you want without
> regard to the people that own the company and are choosing (your
> concept) what they want to sell.

You mean I might be saying these things out of self interest?  Guilty
as charged.  I think there are more like me than 3% of the users.  I
think there are a bunch of us who are holding out.

In article <020520071701062486%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> > No grocery store carries every grocery item.
> 
> No, but they carry items that lose money because they can't call it a 
> grocery store unless it's there. 

Not for long they don't.  If it loses money, they'll stop carrying it.

> Any Mac is incomplete as far as I'm cncerned if I can't run my 
> Classic apps.

Well, aren't you lucky then that your current Macintosh runs Classic?

> > > And how hard would it be to emulate all of the OS's?
> 
> > Quite hard, actually--and not cost effective.
> 
> Money can be made by serving niche markets.  If that weren't the 
> case, then what has Apple been doing all these years?  It's a niche 
> product.

Not all niches are the same.

-- 
Support the troops:  Bring them home ASAP.

In article <020520071654479782%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> No.  Like if they were able to make previous models non-functional in 
> order to force people to buy a newer one.

Aren't you lucky that Apple hasn't done that?

-- 
Support the troops:  Bring them home ASAP.

In article <020520071648357376%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> But more than 3% were negatively affected by having to move on 
> without Classic.  A lot more.

Who had to move on to an Intel Mac?  We *chose* to move on to Intel Macs?

When I ordered my Intel Mac in January of last year, I hadn't run 
Classic in well over a year--maybe two years.

-- 
Support the troops:  Bring them home ASAP.

In article <020520071648357376%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> While I agree about opportunity cost analysis, I don't agree with your
> numbers.  I don't know what the actual number is, I don't think anyone
> does.  

two years ago, macrumors did a poll:
<http://www.macpolls.com/?poll_id=473>

92.68% used it occasionally or not at all; 5.74% used it regularly.  

i'm sure apple has an even more accurate assesment of how many people
really use it.

> But more than 3% were negatively affected by having to move on
> without Classic.  A lot more.

yea, maybe it is 4% now.

In article <michelle-E6D258.17034702052007@news.east.cox.net>, Michelle
Steiner <michelle@michelle.org> wrote:

> In article <020520071625495229%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > > > Because Mr. (Steve) Ego 
> >  
> > > It's a vast conspiracy, that's what it is.
> > 
> > I'm not one of those believers.  It was just a business decision I 
> > don't agree with.
> 
> Well, the Apple board of directors agrees with, and so do the 
> overwhelming majority of Mac users (well, either they agree with it or 
> don't care about it).

That's fine.  I know it's a done deal.  I just don't have to like it
and I believe that there are more of us who are holding out than they
think.

> > However, it would be interesting to know who first said "We should 
> > jettison the Legacy apps," and how hard or easy it was to sell the 
> > idea.
> 
> Probably no one said it.  What was probably said is "It's too much work 
> to keep Classic support to make it economically feasible.  We're better 
> off devoting our resources to other parts of the project and letting 
> this one go."

Like I said, I would like to know how it came down.  It would be
interesting to know the process by which a longstanding policy of
promoting backward compatibility was jettisoned, and what sort of
reactions they thought they might get.  That's all.  Be a good book. 
It's be part of somebody's book someday and then we'll know what the
inside scoop was on this.  
 
> OS X has been around for six years; that means that meaningful 
> development on OS 9 stopped somewhere around that time as well.
> 
> Starting with OS 8, you couldn't even boot the OS on a 680x0 Macintosh.
> 
> Time marches on.

Not that that march necessarily has to gore my ox, although it usually
does.

In article <020520071654479782%geefive@geefive.com>, geefive
<geefive@geefive.com> wrote:

> In article <020520071622442531%nospam@nospam.invalid>, nospam
> <nospam@nospam.invalid> wrote:
> 
> > In article <020520071615257688%geefive@geefive.com>, geefive
> > <geefive@geefive.com> wrote:
> > 
> > > > Sorta like the abandonment of horses and buggy whips when the
> > > > automobile 
> > > > was invented.
> > > 
> > > Not like that at all.  More like automobile manufacturers coming out
> > > with new models and then making the old ones stop running before people
> > > were done with them
> > 
> > you mean like automobile manufacturers discontinuing parts for older
> > vehicles, so when the old cars breakdown, they *can't* be fixed?
> 
> No.  Like if they were able to make previous models non-functional in
> order to force people to buy a newer one.

lack of replacement parts *does* make an older car non-functional.

i know someone who had to buy a new car because his older car used some
weird size tire and *nobody* made it.  when it came time to get new
tires, he had no choice.  car was in great shape too, other than bald
tires.

On 2007-05-02 18:15:25 -0500, geefive <geefive@geefive.com> said:

> In article <michelle-6B9696.14130502052007@news.east.cox.net>, Michelle
> Steiner <michelle@michelle.org> wrote:
> 
>> In article <020520071134589342%geefive@geefive.com>,
>> geefive <geefive@geefive.com> wrote:
>> 
>>>> I wonder how much you've looked for updates or functional
>>>> replacements for those apps.
>>> 
>>> Not very hard.  Not at all, actually.  I'm comfortable with the old
>>> programs I use.  I find newer apps to be complicated, and I see that
>>> I'm paying fora lot of features I don't use.
>> 
>> The solution is clear, then; stick with the computer you now have.
>> 
>>> Another case could be made.  Like an erosion of goodwill.  There's
>>> this American Attitude that says if you don't like what I sell, then
>>> go someplace else.  That's what I get out of the abandonment of
>>> Classic. It was basically like it or not.
>> 
>> Sorta like the abandonment of horses and buggy whips when the automobile
>> was invented.
> 
> Not like that at all.  More like automobile manufacturers coming out
> with new models and then making the old ones stop running before people
> were done with them

Apple didn't make your model Mac suddenly stop working.

-- 
JR

On 2007-05-02 19:19:21 -0500, geefive <geefive@geefive.com> said:

>>> However, it would be interesting to know who first said "We should
>>> jettison the Legacy apps," and how hard or easy it was to sell the
>>> idea.
>> 
>> Probably no one said it.  What was probably said is "It's too much work
>> to keep Classic support to make it economically feasible.  We're better
>> off devoting our resources to other parts of the project and letting
>> this one go."
> 
> Like I said, I would like to know how it came down.  It would be
> interesting to know the process by which a longstanding policy of
> promoting backward compatibility was jettisoned, and what sort of
> reactions they thought they might get.  That's all.  Be a good book.
> It's be part of somebody's book someday and then we'll know what the
> inside scoop was on this.

Actually, it's been in books for years now - you just have to read 
them. Here's one:

<http://tinyurl.com/2yl3cl>

-- 
JR

On 2007-05-02 18:11:48 -0500, geefive <geefive@geefive.com> said:

>>>>>> Logging is necessary only for whoever happens to be diagnosing problems
>>>>>> with the software that created the log (you, or someone you have
>>>>>> allowed access to your system, in most circumstances).
>>>>> 
>>>>> And again, there are ways to turn it off.
>>>> 
>>>> Indeed, and I'd definitely go that route rather than replacing log
>>>> files with GIF files.  ; D
>>> 
>>> What are the ways?
>> 
>> Depends on the log file, but usually there's a setting to control
>> whether or not the process writes to a log file.  Another way might be
>> to change the default log rotation configuration in the operating
>> system to rotate or delete log files more frequently.
> 
> I wouldn't have a clue about how to do that.

That's what we are here for, no?

> It just isn't in the
> cards for me because I don't "root" around in the OS.

If you say so...

> However, I might
> try the GIF trick to see if it works.  If it doesn't, then I'll do a
> backup from disk 2 and I've wasted a couple of hours.

I feel sorry for your poor Mac.

-- 
JR

In article <020520071648357376%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <uce-3B7804.18331702052007@comcast.dca.giganews.com>,
> Gregory Weston <uce@splook.com> wrote:
> 
> > In article <020520071134589342%geefive@geefive.com>,
> >  geefive <geefive@geefive.com> wrote:
> > 
> > > In article <uce-2319EC.14172502052007@comcast.dca.giganews.com>,
> > > Gregory Weston <uce@splook.com> wrote:
> > > 
> > > I wonder how much you've looked for updates or functional 
> > > > replacements for those apps.
> > > 
> > > Not very hard.  Not at all, actually.  I'm comfortable with the old
> > > programs I use.  I find newer apps to be complicated, and I see that
> > > I'm paying fora lot of features I don't use.
> > > > 
> > > > > Well, that's probably right for a lot of people.  But Apple's going 
> > > > > to
> > > > > have to shake the Classic tail awfully hard to get me to let go.  It
> > > > > irks me that they would deliberately obsolete their older apps ...
> > > > 
> > > > Careful. To say their action was deliberate could cause some people to 
> > > > infer that they took specific action to prevent those apps from being 
> > > > used going forward. The reality is that they did not take specific 
> > > > action that would allow it. And I explained the most likely reason for 
> > > > that. Apple is a publicly-traded US corporation. They exist to serve 
> > > > their stockholders. Period. If an expenditure of resources doesn't 
> > > > defensibly work toward that, those resources will be allocated 
> > > > elsewhere.
> > > 
> > > Another case could be made.  Like an erosion of goodwill.
> > 
> > Believe it or not, such considerations are taken into account during 
> > cost benefit analyses. And believe it or not, they don't always change 
> > the bottom line from a negative to a positive.
> > 
> > Resources are finite. If you have a block of resources that can be used 
> > for task A, which is projected to increase your customer base by 10%, or 
> > task B, which is projected to retain a relatively inactive 3% of your 
> > existing customer base who will otherwise defect, SEC regs virtually 
> > require you to choose task A.
> 
> While I agree about opportunity cost analysis, I don't agree with your
> numbers.  I don't know what the actual number is, I don't think anyone
> does.  But more than 3% were negatively affected by having to move on
> without Classic.  A lot more.

I didn't say those specific numbers applied to this specific situation. 
I posed a hypothetical scenario to illustrate that the goodwill of a 
minority of a vendor's customer base doesn't automatically trump every 
other concern.

I also didn't talk about a portion of the customer base being 
"negatively affected." I talked about them being so put off by the issue 
that they would be lost as customers. That's a small portion of the 
people who would be "merely" inconvenienced. A portion, btw, that 
doesn't tend to represent a good profit center for the vendor anyway. So 
the benefit of catering to them instead of spending the same resources 
attracting and retaining more active customers is ... questionable.

In article <michelle-7A66EF.17125402052007@news.east.cox.net>, Michelle
Steiner <michelle@michelle.org> wrote:

> In article <020520071648357376%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > But more than 3% were negatively affected by having to move on 
> > without Classic.  A lot more.
> 
> Who had to move on to an Intel Mac?  We *chose* to move on to Intel Macs?
> 
> When I ordered my Intel Mac in January of last year, I hadn't run 
> Classic in well over a year--maybe two years.

I had two progs I ran in Classic. One tracked my golf scores and one
tracked my wife and daughter's menstrual cycles.

They both run fine under Sheepshaver on my Intel iMac.

Everything else I used to run on OS 9 and/or Classic has either been
replaced with an OS X prog or abandoned.

-- 
I am extraordinarily patient, provided I get my own way in the end.
- Margaret Thatcher

In article <2007050219372158263-jollyroger@nullorg>,
 Jolly Roger <jollyroger@null.org> wrote:

> On 2007-05-02 18:15:25 -0500, geefive <geefive@geefive.com> said:
> 
> > Not like that at all.  More like automobile manufacturers coming out
> > with new models and then making the old ones stop running before people
> > were done with them
> 
> Apple didn't make your model Mac suddenly stop working.

I knew someone who was president of the local Amiga user group. He told 
me one day about how many of the members literally threw out their 
machines the day Commodore filed for bankruptcy.

In article <uce-ACFD34.20570702052007@comcast.dca.giganews.com>,
Gregory Weston <uce@splook.com> wrote:

> I knew someone who was president of the local Amiga user group. He told 
> me one day about how many of the members literally threw out their 
> machines the day Commodore filed for bankruptcy.

why did they wait that long? :)

On 2007-05-02 19:57:07 -0500, Gregory Weston <uce@splook.com> said:

> In article <2007050219372158263-jollyroger@nullorg>,
>  Jolly Roger <jollyroger@null.org> wrote:
> 
>> On 2007-05-02 18:15:25 -0500, geefive <geefive@geefive.com> said:
>> 
>>> Not like that at all.  More like automobile manufacturers coming out
>>> with new models and then making the old ones stop running before people
>>> were done with them
>> 
>> Apple didn't make your model Mac suddenly stop working.
> 
> I knew someone who was president of the local Amiga user group. He told
> me one day about how many of the members literally threw out their
> machines the day Commodore filed for bankruptcy.

LOL...

-- 
JR

In article <020520071722186959%nospam@nospam.invalid>,
 nospam <nospam@nospam.invalid> wrote:

> > No.  Like if they were able to make previous models non-functional 
> > in order to force people to buy a newer one.
> 
> lack of replacement parts *does* make an older car non-functional.

Nope.  It might make it non-repairable, but not nonfunctional.  And even 
if the auto maker stops making replacement parts, there are still third 
parties that might make them or recondition them--and junk yards where 
replacement parts might still be available.

A friend of mine got rear-ended in his 1969 Cougar in 1999.  He found a 
69 Cougar in a junkyard; it had been front-ended.  He bought it, signed 
the title over to the repair shop, and told them to use what they needed 
and do whatever they wished with the remainder.

-- 
Support the troops:  Bring them home ASAP.

In article <020520071719218459%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> I know it's a done deal.  I just don't have to like it and I believe 
> that there are more of us who are holding out than they think.

Why don't you believe it?

> Like I said, I would like to know how it came down.  It would be 
> interesting to know the process by which a longstanding policy of 
> promoting backward compatibility was jettisoned,

Because it wasn't in their interests to provide it in this case.

So you have four options as I see it.
1.  Keep your current computer.
2.  Keep your current computer for those Classic applications you want 
to keep running, and get an Intel Mac for everything else.
3.  Drop Classic completely and buy a new Intel Mac.
4.  Don't use a Mac any more.

-- 
Support the troops:  Bring them home ASAP.

In article <michelle-7399D4.18554702052007@news.east.cox.net>, Michelle
Steiner <michelle@michelle.org> wrote:

> In article <020520071722186959%nospam@nospam.invalid>,
>  nospam <nospam@nospam.invalid> wrote:
> 
> > > No.  Like if they were able to make previous models non-functional 
> > > in order to force people to buy a newer one.
> > 
> > lack of replacement parts *does* make an older car non-functional.
> 
> Nope.  It might make it non-repairable, but not nonfunctional.  

well if it can't be repaired, it won't function, or it will function
with some sort of limitation (i.e. transmission won't shift into
reverse). 

> And even 
> if the auto maker stops making replacement parts, there are still third 
> parties that might make them or recondition them--and junk yards where 
> replacement parts might still be available.

true, it isn't impossible to repair, but it is no longer supported by
the manufacturer.  finding parts becomes a task of luck, not simply a
phone call to the auto parts store. 

similarly, although apple isn't supporting classic on intel, nothing
stops third parties from implementing it.

In article <michelle-ED733E.19095402052007@news.east.cox.net>, Michelle
Steiner <michelle@michelle.org> wrote:

> So you have four options as I see it.
> 1.  Keep your current computer.
> 2.  Keep your current computer for those Classic applications you want 
> to keep running, and get an Intel Mac for everything else.
> 3.  Drop Classic completely and buy a new Intel Mac.
> 4.  Don't use a Mac any more.
5. find a windows application that offers the same or similar
functionality.  in some cases, it might be better (it was for me). 
6. use one of the third party emulators.

In article <020520071916318123%nospam@nospam.invalid>,
 nospam <nospam@nospam.invalid> wrote:

> > Nope.  It might make it non-repairable, but not nonfunctional.  
> 
> well if it can't be repaired, it won't function, or it will function 
> with some sort of limitation (i.e. transmission won't shift into 
> reverse). 

But if it doesn't break, it still functions.  It won't be nonfunctional 
just because there are no repair parts.

-- 
Support the troops:  Bring them home ASAP.

On 2007-04-29 18:15:02 +0100, geefive <geefive@geefive.com> said:
> So, I guess it might be interesting to know if Apple Computer made it
> possible for this intrusive device to be invented.  If that's the case,
> then they have been telling lies for a long time about security.  I'd
> rather think that Apple is as shocked as I am about this and that
> they'll issue some updates to negate this new development.

Fact: It is possible to break into someone's house by smashing the door 
down with a large axe

Fiction: Manufacturers of doors collude with manufacturers of axes by 
making it possible to invent axes.

-- 
Tony

In article <020520071816060633%nospam@nospam.invalid>,
 nospam <nospam@nospam.invalid> wrote:

> In article <uce-ACFD34.20570702052007@comcast.dca.giganews.com>,
> Gregory Weston <uce@splook.com> wrote:
> 
> > I knew someone who was president of the local Amiga user group. He told 
> > me one day about how many of the members literally threw out their 
> > machines the day Commodore filed for bankruptcy.
> 
> why did they wait that long? :)

Well, that was they day they stopped working en masse, you see.

Seriously, for the 8 years or so it was around the Amiga wasn't a 
particularly shabby machine. Its biggest shortcoming was that Commodore 
owned it.

In article <020520071718373692%nospam@nospam.invalid>, nospam
<nospam@nospam.invalid> wrote:

> In article <020520071648357376%geefive@geefive.com>, geefive
> <geefive@geefive.com> wrote:
> 
> > While I agree about opportunity cost analysis, I don't agree with your
> > numbers.  I don't know what the actual number is, I don't think anyone
> > does.  
> 
> two years ago, macrumors did a poll:
> <http://www.macpolls.com/?poll_id=473>
> 
> 92.68% used it occasionally or not at all; 5.74% used it regularly.  
> 
> i'm sure apple has an even more accurate assesment of how many people
> really use it.
> 
> > But more than 3% were negatively affected by having to move on
> > without Classic.  A lot more.
> 
> yea, maybe it is 4% now.

Looks to me like 26% and change use it.

But whom did they poll?  People who were trolling the polling blog. 
How about polling MUG's instead.  That might give a different picture.

=-=-=-=-=

Do you use Classic under Mac OS X?
�
Don't use Mac OS X
 1.58 % (103)
�
Yes, Regularly
 5.74 % (375)
�
Yes, Occasionally
 20.48 % (1337)
�
No
 72.20 % (4713)
Total votes: 6528

In article <020520071722186959%nospam@nospam.invalid>, nospam
<nospam@nospam.invalid> wrote:

> In article <020520071654479782%geefive@geefive.com>, geefive
> <geefive@geefive.com> wrote:
> 
> > In article <020520071622442531%nospam@nospam.invalid>, nospam
> > <nospam@nospam.invalid> wrote:
> > 
> > > In article <020520071615257688%geefive@geefive.com>, geefive
> > > <geefive@geefive.com> wrote:
> > > 
> > > > > Sorta like the abandonment of horses and buggy whips when the
> > > > > automobile 
> > > > > was invented.
> > > > 
> > > > Not like that at all.  More like automobile manufacturers coming out
> > > > with new models and then making the old ones stop running before people
> > > > were done with them
> > > 
> > > you mean like automobile manufacturers discontinuing parts for older
> > > vehicles, so when the old cars breakdown, they *can't* be fixed?
> > 
> > No.  Like if they were able to make previous models non-functional in
> > order to force people to buy a newer one.
> 
> lack of replacement parts *does* make an older car non-functional.
> 
> i know someone who had to buy a new car because his older car used some
> weird size tire and *nobody* made it.  when it came time to get new
> tires, he had no choice.  car was in great shape too, other than bald
> tires.

Maybe that was a bad example, although I don't agree at all that an old
car will stop running for a lack of parts, mainly because there isn't a
part for anything I know of that can't be had or a replacement made. 
Especially tires.  Geeze.  What kind of car was it?

Here's a better example.  Lets say you couldn't remove any of your
belongings from your old car because the manufacturer requires that you
buy all new stuff for the new one.  New pine tree air freshener.  New
bobble head Jusus.  New condoms in the glove compartment (and new
gloves, too).  Even your hemorrhoid cushion - won't be able to take it
with you.  Won't work in your new car.

geefive said:
> 
> > I wouldn't have a clue about how to do that.
> 

Jolly Roger wrote:

> That's what we are here for, no?

I see some of the things people were talking about in 10.4.9.  Like
private browsing.  Not available in 10.3.9.  But GraphicConverter
crashed in 10.4.9, and I needed it, so I swaped back in my old drive
with 10.3.9 and I will screw with 10,4,9 when I figure out how to get a
Seagate drive to work.  I can put files on it, but Silverkeeper won't
do a backup to it and it gives me repeated errors (backup failed).  So
I'm back to 10.3.9 until I figure out why I can't make a boot volume
backup on it. 

> > Like I said, I would like to know how it came down.  It would be
> > interesting to know the process by which a longstanding policy of
> > promoting backward compatibility was jettisoned, and what sort of
> > reactions they thought they might get.  That's all.  Be a good book.
> > It's be part of somebody's book someday and then we'll know what the
> > inside scoop was on this.
> 
> Actually, it's been in books for years now - you just have to read 
> them. Here's one:
> 
> <http://tinyurl.com/2yl3cl>

I'll keep an eye out for it.  Thanks.

In article <uce-F4164D.20522602052007@comcast.dca.giganews.com>,
Gregory Weston <uce@splook.com> wrote:

> In article <020520071648357376%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > > > Another case could be made.  Like an erosion of goodwill.
> > > 
> > > Believe it or not, such considerations are taken into account during 
> > > cost benefit analyses. And believe it or not, they don't always change 
> > > the bottom line from a negative to a positive.
> > > 
> > > Resources are finite. If you have a block of resources that can be used 
> > > for task A, which is projected to increase your customer base by 10%, or 
> > > task B, which is projected to retain a relatively inactive 3% of your 
> > > existing customer base who will otherwise defect, SEC regs virtually 
> > > require you to choose task A.
> > 
> > While I agree about opportunity cost analysis, I don't agree with your
> > numbers.  I don't know what the actual number is, I don't think anyone
> > does.  But more than 3% were negatively affected by having to move on
> > without Classic.  A lot more.
> 
> I didn't say those specific numbers applied to this specific situation. 
> I posed a hypothetical scenario to illustrate that the goodwill of a 
> minority of a vendor's customer base doesn't automatically trump every 
> other concern.

Depends on what you mean by minority.  I disagree that it's so small. 
It would be nice to have an real figure by 
> 
> I also didn't talk about a portion of the customer base being 
> "negatively affected." I talked about them being so put off by the issue 
> that they would be lost as customers. That's a small portion of the 
> people who would be "merely" inconvenienced. A portion, btw, that 
> doesn't tend to represent a good profit center for the vendor anyway. So 
> the benefit of catering to them instead of spending the same resources 
> attracting and retaining more active customers is ... questionable.

But Apple promoted backward compatibility for years.  Now it's going to
be harder to believe some claim they make.

In article <michelle-7399D4.18554702052007@news.east.cox.net>, Michelle
Steiner <michelle@michelle.org> wrote:

> In article <020520071722186959%nospam@nospam.invalid>,
>  nospam <nospam@nospam.invalid> wrote:
> 
> > > No.  Like if they were able to make previous models non-functional 
> > > in order to force people to buy a newer one.
> > 
> > lack of replacement parts *does* make an older car non-functional.
> 
> Nope.  It might make it non-repairable, but not nonfunctional.  And even 
> if the auto maker stops making replacement parts, there are still third 
> parties that might make them or recondition them--and junk yards where 
> replacement parts might still be available.
> 
> A friend of mine got rear-ended in his 1969 Cougar in 1999.  He found a 
> 69 Cougar in a junkyard; it had been front-ended.  He bought it, signed 
> the title over to the repair shop, and told them to use what they needed 
> and do whatever they wished with the remainder.

My 1967 VW bus has a Super Beetle engine in it...  Hoo wee dowgies!

In article <michelle-ED733E.19095402052007@news.east.cox.net>, Michelle
Steiner <michelle@michelle.org> wrote:

> So you have four options as I see it.
> 1.  Keep your current computer.
> 2.  Keep your current computer for those Classic applications you want 
> to keep running, and get an Intel Mac for everything else.
> 3.  Drop Classic completely and buy a new Intel Mac.
> 4.  Don't use a Mac any more.

Probably #1, maybe $2 someday.  I'm still not sure how much computing I
want to do.  My plans are changing now that I'm over the hill.  Age
will do that.

On 2007-05-03 21:36:04 -0500, geefive <geefive@geefive.com> said:

> But GraphicConverter crashed in 10.4.9

Likely because you were using an old version of GraphicConverter. 
Recent versions run fine in 10.4.

-- 
(If you send an email to this address, please notify me ahead of time 
so I can watch for it among the sea of SPAM that gets filtered out 
daily.)

JR

On 2007-05-03 21:36:04 -0500, geefive <geefive@geefive.com> said:

> I will screw with 10,4,9 when I figure out how to get a
> Seagate drive to work.  I can put files on it, but Silverkeeper won't
> do a backup to it and it gives me repeated errors (backup failed).

Try using the latest version of Silverkeeper with 10.4 instead of an 
old version.

-- 
(If you send an email to this address, please notify me ahead of time 
so I can watch for it among the sea of SPAM that gets filtered out 
daily.)

JR

In article <030520071942543056%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <uce-F4164D.20522602052007@comcast.dca.giganews.com>,
> Gregory Weston <uce@splook.com> wrote:
> 
> > I didn't say those specific numbers applied to this specific situation. 
> > I posed a hypothetical scenario to illustrate that the goodwill of a 
> > minority of a vendor's customer base doesn't automatically trump every 
> > other concern.
> 
> Depends on what you mean by minority.

No, actually it doesn't. Not without significant additional context.


> But Apple promoted backward compatibility for years.  Now it's going to
> be harder to believe some claim they make.

Can you provide any more information about that? I really don't recall 
any such marketing effort in the last decade.

In article <030520071912393890%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <020520071718373692%nospam@nospam.invalid>, nospam
> <nospam@nospam.invalid> wrote:
> 
> > In article <020520071648357376%geefive@geefive.com>, geefive
> > <geefive@geefive.com> wrote:
> > 
> > > While I agree about opportunity cost analysis, I don't agree with your
> > > numbers.  I don't know what the actual number is, I don't think anyone
> > > does.  
> > 
> > two years ago, macrumors did a poll:
> > <http://www.macpolls.com/?poll_id=473>
> > 
> > 92.68% used it occasionally or not at all; 5.74% used it regularly.  
> > 
> > i'm sure apple has an even more accurate assesment of how many people
> > really use it.
> > 
> > > But more than 3% were negatively affected by having to move on
> > > without Classic.  A lot more.
> > 
> > yea, maybe it is 4% now.
> 
> Looks to me like 26% and change use it.

1. _Did_ use it. The number is probably much smaller now.
2. Most of the people who use Classic today aren't being required to 
move to x86-based machines today.
3. Most of the people who use Classic today probably don't share your 
aversion to using free 3rd-party software to let them continue to use a 
handful of legacy programs when they do end up upgrading.

G

In article <030520071923353355%geefive@geefive.com>,
 geefive <geefive@geefive.com> wrote:

> In article <020520071722186959%nospam@nospam.invalid>, nospam
> <nospam@nospam.invalid> wrote:
> 
> > i know someone who had to buy a new car because his older car used some
> > weird size tire and *nobody* made it.  when it came time to get new
> > tires, he had no choice.  car was in great shape too, other than bald
> > tires.
> 
> Maybe that was a bad example, although I don't agree at all that an old
> car will stop running for a lack of parts, mainly because there isn't a
> part for anything I know of that can't be had or a replacement made.

A replacement made? Like by a 3rd party vendor?
 
> Especially tires.  Geeze.  What kind of car was it?
> 
> Here's a better example.  Lets say you couldn't remove any of your
> belongings from your old car because the manufacturer requires that you
> buy all new stuff for the new one.  New pine tree air freshener.  New
> bobble head Jusus.  New condoms in the glove compartment (and new
> gloves, too).  Even your hemorrhoid cushion - won't be able to take it
> with you.  Won't work in your new car.

How would the car manufacturer prevent 3rd parties from producing 
adapters that would allow you to keep using your old equipment after all?

Jolly Roger <jollyroger@pobox.com> wrote:

> Try using the latest version of Silverkeeper with 10.4 instead of an 
> old version.

What the heck is wrong with you, JR?  A computer user should never have
to update anything to make it work with newer hardware or OS version,
everything should keep on working regardless.  You just don't get it.

-- 
<http://designsbymike.biz/macconsultshop.shtml> Mac-themed T-shirts
<http://designsbymike.biz/musings.shtml> Humorous/muckraking T-shirts
<http://designsbymike.biz/prius.shtml> Prius shirts & bumper stickers
<http://cafepress.com/comedancing> Ballroom dance-themed shirts & gift

On Fri, 4 May 2007 00:33:00 -0400, Gregory Weston wrote
(in article <uce-1E3E05.00330004052007@comcast.dca.giganews.com>):

> In article <030520071912393890%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
>> In article <020520071718373692%nospam@nospam.invalid>, nospam
>> <nospam@nospam.invalid> wrote:
>> 
>>> In article <020520071648357376%geefive@geefive.com>, geefive
>>> <geefive@geefive.com> wrote:
>>> 
>>>> While I agree about opportunity cost analysis, I don't agree with your
>>>> numbers.  I don't know what the actual number is, I don't think anyone
>>>> does.  
>>> 
>>> two years ago, macrumors did a poll:
>>> <http://www.macpolls.com/?poll_id=473>
>>> 
>>> 92.68% used it occasionally or not at all; 5.74% used it regularly.  
>>> 
>>> i'm sure apple has an even more accurate assesment of how many people
>>> really use it.
>>> 
>>>> But more than 3% were negatively affected by having to move on
>>>> without Classic.  A lot more.
>>> 
>>> yea, maybe it is 4% now.
>> 
>> Looks to me like 26% and change use it.
> 
> 1. _Did_ use it. The number is probably much smaller now.

_Much_ smaller. I, for example, used to use Classic every day. Now I use it 
maybe once a month... and then only because I want to play a certain very old 
game which will never be updated to run on OS X because the vendor went bust 
in 1996.

> 2. Most of the people who use Classic today aren't being required to 
> move to x86-based machines today.

I have a fair number of Macs at home, none of which are Intel machines. (The 
office machines, now, that's different.) I'm planing on getting a new laptop 
in the very near future. It will, of course, be an Intel Mac, almost 
certainly a 15" MBP. My old PPC (and, in one case, 68040, which isn't used 
that much anymore...) machines will keep working. I might dig out the Quadra 
or the beige G3 just to play that game noted above... Probably play it more 
often if there's a machine hanging about just for that.

> 3. Most of the people who use Classic today probably don't share your 
> aversion to using free 3rd-party software to let them continue to use a 
> handful of legacy programs when they do end up upgrading.

I might run Sheepshaver on any Intel Mac... or not. Depends on many factors, 
not least whether I can get hold of an actual working version of OS 9.0.4 and 
am willing to put up with the known bugs in that version of the OS.

> 
> G



-- 
email to oshea dot j dot j at gmail dot com.

On 2007-05-04 07:51:31 -0500, mikePOST@TOGROUPmacconsult.com (Mike 
Rosenberg) said:

> Jolly Roger <jollyroger@pobox.com> wrote:
> 
>> Try using the latest version of Silverkeeper with 10.4 instead of an
>> old version.
> 
> What the heck is wrong with you, JR?  A computer user should never have
> to update anything to make it work with newer hardware or OS version,
> everything should keep on working regardless.  You just don't get it.

Oh right.  Sorry.  Stuck in my "old ways" I guess.

-- 
(If you send an email to this address, please notify me ahead of time 
so I can watch for it among the sea of SPAM that gets filtered out 
daily.)

JR

In article <2007050323224776076-jollyroger@poboxcom>, Jolly Roger
<jollyroger@pobox.com> wrote:

> On 2007-05-03 21:36:04 -0500, geefive <geefive@geefive.com> said:
> 
> > But GraphicConverter crashed in 10.4.9
> 
> Likely because you were using an old version of GraphicConverter. 
> Recent versions run fine in 10.4.

I have whatever Apple has given me in software updates.  Does
GraphicConverter come with X.4?

In article <2007050323234155681-jollyroger@poboxcom>, Jolly Roger
<jollyroger@pobox.com> wrote:

> On 2007-05-03 21:36:04 -0500, geefive <geefive@geefive.com> said:
> 
> > I will screw with 10,4,9 when I figure out how to get a
> > Seagate drive to work.  I can put files on it, but Silverkeeper won't
> > do a backup to it and it gives me repeated errors (backup failed).
> 
> Try using the latest version of Silverkeeper with 10.4 instead of an 
> old version.

We'll see.  I have a feeling it's the disk, even though it's new.  When
I'm through here, I plan to try to reinitialize the drive and and do
10.4.9 again.  

Thanks for the suggestions.

In article <uce-553693.00294204052007@comcast.dca.giganews.com>,
Gregory Weston <uce@splook.com> wrote:

> In article <030520071942543056%geefive@geefive.com>,
>  geefive <geefive@geefive.com> wrote:
> 
> > In article <uce-F4164D.20522602052007@comcast.dca.giganews.com>,
> > Gregory Weston <uce@splook.com> wrote:
> > 
> > > I didn't say those specific numbers applied to this specific situation. 
> > > I posed a hypothetical scenario to illustrate that the goodwill of a 
> > > minority of a vendor's customer base doesn't automatically trump every 
> > > other concern.
> > 
> > Depends on what you mean by minority.
> 
> No, actually it doesn't. Not without significant additional context.

How big the minirity is would give us some of that additional context.
 
> > But Apple promoted backward compatibility for years.  Now it's going to
> > be harder to believe some claim they make.
> 
> Can you provide any more information about that? I really don't recall 
> any such marketing effort in the last decade.

Apple didn't say it wasn't true or going to be true, so it encouraged
the Mac community to promote this aspect of owning a Mac.  It can't be
said anymore.