Meeting Notes - Nov 19, 2003

By: Mikio Moriyasu - Revised: 2006-10-05 devin


What's New by Mikio Moriyasu

New Apple Software
Darwin 7.0 - Apple's Darwin team has released the source code corresponding to Mac OS X 10.3. In addition, the CVS repository has been updated for gcc, gdb, cups, efax, gimp-print, tcl, Rendezvous, StreamingServer, and HeaderDoc.

Final Cut Pro QT Render Plug-In 1.0 is a new QuickTime rendering plug-in for Final Cut Pro that fixes a compatibility issue between FCP and QuickTime 6.4.

iChat AV (2.0) is the final version of Apple's iChat AV software. (iChat AV is included with Panther, or available for purchase for Jaguar.)

iTunes 4.1 - iTunes is already the best jukebox software in the world, with the best music store inside — and it keeps getting better.

Final Cut Pro 4.1 Get the latest updates for Final Cut Pro 4.1 and its suite of applications: Soundtrack, LiveType, Cinema Tools and Compressor.

Mac OS X 10.3 - The latest version of Mac OS X.

Mac OS X Server 10.3 - The latest version of Mac OS X for Servers.

Mac OS X 10.3.1 - Delivers enhanced functionality and improved reliability for the following applications, services and technologies: FileVault, Printing, WebDav, and FireWire 800 drives. This update also includes the latest Security Updates.

Mac OS X Server 10.3.1 - Delivers enhanced functionality, improved reliability and security.

QuickTime 6.4 - Apple’s award-winning software for creating, playing, and streaming high-quality audio and video over the Internet.

Security Update 2003-10-28 1.0 - Addresses a potential vulnerability in the implementation of QuickTime Java in Mac OS X v10.3 and Mac OS X Server v10.3.

Security Update 2003-11-04 - Addresses a potential vulnerability with the Terminal application in Mac OS X v10.3 and Mac OS X Server v10.3 that could allow unauthorized access to a system."

Software Notes
The QuickTime 6.4 upgrade contains a serious bug for users of Final Cut Pro 4. It appears that any timeline in Final Cut Pro that mixes media codecs (for instance, DV media and LiveType titles) will not play, and the program will freeze requiring a force quit. Apple has now posted "QuickTime Reinstaller 6.3," which will bring the QuickTime software back to 6.3, eliminating this and other problems.

According to an Apple Knowledge Base article, QuickTime 6.4 does not include QuickTime Java support; installing it on OS X 10.2 will actually remove support provided by QuickTime 6.3. If you need this support, you can reinstall QuickTime 6.3 using the special reinstaller that Apple has made available.

According to Alsoft, an annoyance in DiskWarrior 3.x will be repaired in the next release. DiskWarrior 3.x delivers a message like "37 files occupy portions of the disk already occupied by another file. The files will be relocated to unique portions of the disk after replacing the directory. You must inspect these files to determine which of them had been overwritten and damaged. The detailed view of this report lists the files that overlap." After rebuilding the drive directory, and attempting to inspect the detailed report, however, users find that there actually is no "detailed" information.

The long awaited OS X version of Tech Tool Pro, previously scheduled release sometime in October, is now slated for a November debut. Read More.

Hardware News
G5 Model Restructuring
  • 1.8 GHz Power Mac G5 $2,499 (US).
  • Dual 1.8 GHz PowerPC processors, each with an independent 900 MHz frontside bus; 512MB 400 MHz 128-bit DDR SDRAM (8GB maximum); 160GB Serial ATA 7200 rpm hard drive; AGP 8X Pro graphics slot; NVIDIA GeForce FX 5200 Ultra with 64MB DDR SDRAM 3 PCI-X slots (one 64-bit, 133 MHz, two 64-bit 100 MHz); 4x SuperDrive (DVD-R/CD-RW).
  • Apple has lowered the price of the single processor 1.6 GHz Power Mac G5 model to $1,799 (US)
New iMac
  • 20-inch widescreen flat-panel iMac $2,199 (US)
  • 1.25 GHz PowerPC G4 processor; 256MB of 333 MHz DDR SDRAM;4x SuperDrive (DVD-R/CD-RW) optical drive; NVIDIA GeForce FX 5200 Ultra graphics processor with 64MB video memory; Pixel resolution of up to 1680-by-1050; Two FireWire 400 and three USB 2.0 ports; Internal support for AirPort Extreme wireless networking and Bluetooth; 80GB Ultra ATA/100 hard drive running at 7200 rpm; Apple Pro Speakers.
New iBook G4
  • 800 MHz PowerPC G4 $1,099 (US)
  • 4.9 pounds; 12.1-inch display; 256MB DDR SDRAM; 30GB Ultra ATA hard drive; two USB 2.0 ports, FireWire 400, VGA video out, S-video and composite video out support; a slot-load Combo (DVD-ROM/CD-RW) drive.
  • 933 MHz PowerPC G4 $1,299 (US)
  • 5.9 pounds; and includes: 14.1-inch (diagonal) display; 256MB DDR SDRAM; 40GB Ultra ATA hard drive; two USB 2.0 ports, FireWire 400, VGA video out, S-video and composite video out support; a slot-load Combo (DVD-ROM/CD-RW) drive.
  • 1.0 GHz PowerPC G4 $1,499 (US)
  • 5.9 pounds; 14.1-inch display; 256MB DDR SDRAM; 60GB Ultra ATA hard drive; two USB 2.0 ports, FireWire 400, VGA video out, S-video and composite video out support; a slot-load Combo (DVD-ROM/CD-RW) drive.
  • Apple purports all models to have up to six hours of battery capacity. Every model also includes both Bluetooth and AirPort Extreme capabilities, and ships with Mac OS X 10.3 (Panther).
LaCie has issued a recall on their new Porsche-designed FireWire drives. The recall affects one early-production batch of 2 models, the FireWire 80GB and the FireWire 160GB, a minor bug has been detected which can reduce the performance, below the manufacturer's expectation. Read More.

Problems
Apple has identified an issue with external FireWire hard drives using the Oxford 922 bridge chip-set with firmware version 1.02 that can result in the loss of data stored on the disk drive. Apple and Oxford Semiconductor have confirmed that firmware version 1.05 resolves the data loss issue experienced by some FW800 users. The following FireWire disk drive manufacturers have begun posting firmware updates:
Century Global, Ezquest, Firewire Depot, Firewire Direct, Glyph, Lacie, Macpower, Other World Computing, TransIntl, Wiebetech
Only use the updater provided by the maker of your drive and follow the installation instructions carefully. If your drive manufacturer is not listed, contact them for more information.

Make sure to re-check the serial number on your LaCie FireWire hard drive to determine whether or not it is included in LaCie's official warning regarding Panther. The drives officially affected are:
  • d2 USB 2.0 and FireWire 800 Hard Drives and Big Disk products: serial numbers 1312xxxxx to 1339xxxxx and; serial numbers 0312xxxxx to 0339xxxxx; shipped from April 2003 to September 30, 2003
  • However, some users report that there is an extra "0" at the beginning of the number. For instance, if you have a drive marked 01336xxxx, it is within the affected serial number range.
For those with subscriptions, MacFixIt.com has published the Mac OS X 10.3 Special Report, covering a number of issues including:
  • Upgrade Procedure Recommendations
  • The FireWire debacle
  • The dangers of case-sensitive HFS+
  • Problems with installation: Stuck on Disc 2; bad discs; disconnecting devices
  • Virtual memory use
  • FileVault and losing data
  • Compatibility: Quicken; DiskWarrior; StuffIt; Virtual PC; g4port; CopyPaste; PhotoPaint; Palm; more.
Mac OS X in Brief
Apple has posted a Panther support page with some basic Mac OS X guides for topics like "Getting Online; Using Mac OS X Mail; and Printing and Faxing."

Peter Kirn, Editor-in-Chief of MacMusic, has compiled a repository of music and audio application troubleshooting issues with Mac OS X 10.3 (Panther). The report includes "links to all the software updates we've posted in the last two weeks adding Panther compatibility to everything from little utilities to major audio software, plus reports on incompatibility and improvements for audio users in the new OS we've found so far.

The publishers of the well-known Mac newsletter TidBITS have announced a new ebook, Take Control of Upgrading to Panther , by Joe Kissell, that provides a much more comprehensive look at upgrading to Panther, including a discussion of the many different options offered by the Panther installer. Read More.

Cool Stuff
iSkin offers precisely molded Keyboard protectors for the Apple iBooks, G4 PowerBooks, and Pro Keyboards. They are designed to fit and protect the keyboard by creating a protective barrier without restricting the use of the keyboard. It requires no adhesives and grips the surface of the keyboard without slipping allowing for easy removal and application. iSkin also offers iPod Protectors. This flexible, durable high-grade silicone skin slips over your iPod creating a protective barrier against scratches, dirt and oils caused by everyday use. Read More.

Mikio's entire presentation including a complete list of new Apple and third-party software since October, new Apple hardware releases, Apple retail news, and other Apple related topics can be found on the main Mac Managers web site at: http://www.macos.utah.edu or select from the options listed below:

[View Web Page] [Download PDF] [View Movie]

USB Keyboard init Crash - Root Access by Richard Glaser

A vulnerability has been discovered, that with access to a USB Keyboard connected to the computer running on OS's Mac OS X 10.2.8 or earlier; a person can hold down Control + c during startup and be given access to a root shell prompt due to init crashing. Then they can easily compromise the Mac.

Richard's presentation is based on his ongoing work he is conducting for the Student Computing Labs Mac Support Group. His complete presentation is available for viewing on the Mac Managers web site at: http://www.macos.utah.edu in the "Documentation" section. You can also select from the options listed below:

[View Web Page] [Download PDF] [View Movie]

Monitoring Lab Computers With Nmap by James Reynolds

What do you get when you mix fast computers, large hard disks, lots of RAM, fast internet connections, a UNIX OS, public access to the CPU, and no monitoring? A really nice public computer lab. However, add one really smart cracker, and soon you have a really nice public lab of unauthorized internet servers.

While Mac OS X is secure, it isn't impenetrable, and it is gold mine. Someday, across University campuses everywhere, really smart crackers are going to realize that cracking into convenience store safes aren't as profitable as cracking into bank vaults. When they finally realize this, it would be nice if lab admins already have security systems ready to stop them.

nMap is a tool that scans a computer's network ports. Make sure that your computers don't have network ports open that shouldn't be open by using a script and cron to automate nmap scans.

James's presentation is based on his ongoing work he is conducting for the Student Computing Labs Mac Support Group. His complete presentation is available for viewing on the Mac Managers web site at: http://www.macos.utah.edu in the "Documentation" section. You can also select from the options listed below:

[View Web Page] [Download PDF] [View Movie]

Andromeda Streaming MP3 Server by Holly Christmas

Background
U of U School of Music Jazz Studies Group approached College of Fine Arts Tech Support about setting up a what they termed a "Music Database" that would meet the following requirements:
  • A digital library of music files that is accessible only by students currently enrolled in the Jazz Studies Program.
  • A digital library accessible only in Music Department Library in Music Building.
  • A digital library populated with music files possessing large sizes for good quality playback.
  • digital library that is searchable via artist, title, or genre/type
The Jazz Studies Program had envisioned a FireWire drive loaded with iTunes, and music files attached to an iBook sitting in the Music Library.

Options Examing & Rejected
  • QuickTme Streaming Server - This was one option that was examined. The problem is that it won't build playlists on the fly. This was of real importance as students would essentially be building building lists from the results of their database searches.
  • Flash - Another option that was examined was developing something in Flash so that the whole project would be more encapsulated. The problem here was time. It would take too long to build a workable solution in the time available.
Solution
Andromeda - http://www.turnstyle.com/andromeda/

Andromeda is a php script that runs on the Apache Webserver. It will look in directories and conduct searches based on the ID3 tags of the files in the directories. As a result, users can search against the tags and use the results to build an iTunes playlist on the fly.

Future maintenance by Fine Arts Tech Support is also minimal. Maintenance on the part of the Jazz Studies Program would be reduced to simply uploading new pieces to the server via AFP. Andromeda will automatically add it to the collection. No additional page creation is needed.

One other factor in favor of Andromeda was the preliminary work done by Jazz Studies. They had already burned to CDs some 80 GB of MP3s. To use QuickTime would have necessitated re-encoding all of this music.

Implementation
Software
Andromeda (Business Version) at a cost of $130
NOTE: Personal Version costs $30. All functionality is identical to the Business version so the details are in the licensing.
Hardware
Two serial ATA cards, two serial ATA 200 GB drives (mirrored), PowerMac G3 400Mhz
Setup
All of the work was done using a Mac OS X client rather than server to keep costs down.

They created a "User of music" folder housing all of the Andromeda php files. The music is on a separate volume (Andromeda can be configured to search in a folder other than the folder it is stored in). There are two important reasons to do this:
  • You can have this huge volume where you can store all of the music data.
  • It provides one more level of security preventing someone from entering a song name in the url and accessing it. Because all of the music is stored on another volume, it is not directly accessible by the web server. It's not even known by the web server as all user requests and playback are all handled by Andromeda
Access is restricted to the Fine Arts and Music domains.

User access is password protected through Andromeda. The system stores passwords as clear text. While not extremely secure, any attempt to secure using htaccess breaks the app. It allowed users to go to the folders where the music was stored but it would not put the selection into iTunes and it would not stream.

he software is highly configurable. It can be set up so that it "tells" the user, "This is what I have, you can play it but you can't have it" or "This is what I have, you can see it but you can't have it and you can't play it." The music download option has been disabled.
Other Issues
The School of Music contact in charge of this project did all of the footwork and legal research with regards to copyright & intellectual property rights compliance. Andromeda has little buttons that take users to other sites to look up music or go to the Andromeda product site. The School of Music wanted these disabled and/or removed because of concerns about introducing possible conflicts with the educational use of the application and the website.

The Future
Looking into the future, if access is ever to be extended past on-campus listening, we will need a different authentication system, perhaps making use of webCT to confirm that the user is a music student.

There is room to increase the music libraries to encompass other areas of study in the School of Music (i.e. classical, pop, R&B, ethnic, etc.) It is also set it up so that the system can be expanded to allow other subnets or other forms of authentication.

[View Web Page] [Download PDF] [View Movie]

Other Issues

Open Discussion
Is Apple dumping support for older versions OF Mac OS forcing users to buy the latest version. This is important because departments will have to either start budgeting for a new operating system ever year or plan on not staying current. From a user's perspective, it looks as if Apple is dumping development and/or support of older operating systems rather than keep support for say about five years.

It would be nice if there was an "official" statement from Apple that says yes or no regarding this kind of support. Their current stand is that future support is on a case by case basis. For example, if there is a security issue that people are complaining about, they will construct and distribute a security update.

O'Reilly Article on Scripting Mac OS X
Written by SCL Mac Support's own James Reynolds.

Click here to see the article.

Upcoming Events
Scripting Primer Webcast
  • Location: http://www.macosxlabs.org
  • Presenters: John Tomeny, Sassafras; Denis Devlin, Sassafras; Ethan Benatan, Reed College
  • Click here for session information
  • Click here for to download the webcast
Mac OS X Help Desk Essentials v.10.3 & Mac OS X Server Essentials v.10.3
  • Location: Alpine School District Training Center
    490 North State St. Lindon, UT 84042
  • Dates:
    Mac OS X Help Desk Essentials: December 9 - 11, 2003 (9:00 am - 5:00 pm)
    Mac OS X Server Essentials: January 19 - 22, 2003 (9:00 am - 5:00 pm)
  • Type: Training
  • Fee:Your Apple Sales Team is proud to bring you a unique opportunity to complete these courses at a dramatically reduced rate.

    Option 1 -
    Sign up for the Mac OS X Help Desk Essentials v.10.3 course for $1350 per attendee. This is a $150 savings versus attending the very same course at an Apple facility.

    Option 2 -
    Sign up for the Mac OS X Server Essentials v.10.3 course for $1650 per attendee. This is a $350 savings versus attending the very same course at an Apple facility.

    Option 3 -
    Sign up for both the Mac OS Help Desk Essentials v.10.3 course and the Mac OS X Server Essentials v.10.3 course for $2590 per attendee. This is a saving of $410 versus attending the courses separately and a $910 savings versus attending the same courses at an Apple facility.
  • Registration:
    To enroll or if you have any questions, please call Justin Flemer at 800-848-6398 (hit option 1 and then option 2) or email flemer@apple.com

    To learn how this class will prepare you for the Apple Certified Help Desk Specialist Certification as well as the Apple Certified Technical Coordinator Certification, please click on the following link:

    http://train.apple.com/cert/roadmap.html.
If there is a topic you would like to see discussed at a future Mac Managers Meeting, please let us know here.