Author Archives: Clay

About Clay

I'm a Data Center Operations Engineer in beautiful Charleston, SC. I'm happily married to my wonderful wife Nan and we have an teenage daughter Lela. I'm a total geek. I got into electronics when I was around 9 or 10 and got hooked on computers shortly thereafter. I also love Sci-Fi, (not fantasy) particularly Star Trek. My favorite outdoor activities include rollerblading, biking and hiking. I'm also a bit of a car guy and amateur racing driver.

Apple & Security; the Java debacle

Posted on by

While I have become more of a fan of Apple’s products in recent years, I have never been a fan of their security disclosure policy.  Apple has traditionally been very secretive, sometimes out of necessity.  Back when Steve Jobs retook the company, Apple was near death.  The company had run into a brick wall with it’s legacy operating system.  The latest version, OS8 had been so long in development that it was now technologically far behind it’s competitors.  When Jobs shook things up with OS X (10) he had a reason to be secretive.  Apple had been successful with their new products, but was still fragile.  If any of their competitors could peek inside what was going on, they might be able to stop Apple’s progress before the company could become healthy again.

Today, Jobs legacy is an Apple with a $98B war chest made largely on the success of the iPod, iPhone and iPad.  These are all benefactors of the technology Jobs brought over from NEXT that helped to form what we now know as OS X.  The problem is with all that success, Apple’s share of the desktop PC market has grown.  Apple is now big enough that’s it’s clearly visible on the radar of a lot of people including potential attackers.

To Apple’s credit, OS X was designed with security in mind from day one.  Most of the vulnerabilities that have effected the OS over the years have required a social engineering element to get users to unwittingly install malware.  For a long time, Apple’s policy, (of withholding details about security flaws until a patch is available) worked for them.  However, a recent vulnerability in Java managed to scratch a large unsightly gash in that previously pristine, brushed aluminum finish.

The component that most recently exposed this weakness in Apple’s approach is ironically a third party product, Oracle’s Java platform.  It’s a little more complicated in Apple’s case because the company repackages and builds their own custom version of Java. Because of this, it always takes longer to get Java on Macs because the software has to be separately modified, tested and blessed by Apple.  The people behind the Flashback trojan saw this opportunity and modified their malware to take advantage of the Java vulnerability.  In the 2 months it took for Apple to produce their version and publicly acknowledge the flaw over 600,000 Apple computers were infected.  The fact that most Apple customers think they’re immune to viruses didn’t help the problem either.

This should be a wake-up call to Tim Cook and the OS X security team.  Apple may not agree with full disclosure, but they can’t continue to put their collective heads in the sand and think nothing will happen.  Had even limited disclosure been made to Apple customers earlier, it would have been possible to mitigate much of the threat posed by this vulnerability.  Instead, Apple customers were exposed to this vulnerability for 2 months.

“13 channels of **** on the TV to choose from…”

Posted on by

This is an article I started in the Fall of 2011, but forgot to finish and post.  Oops.. 

Lately it seems like there’s less and less good content to be had on cable. I’m sure most will agree with that sentiment, especially towards the end of the month. (ie: when the bill comes) This isn’t a rant against cable specifically. The same could be said of Satellite as well. Heck, even the selection on Netflix leaves something to be desired. It’s not a lack of creativity as I see it, but a management issue. Sure, we’re in a major recession and some of this is fallout from the economic realities of the day. I get that, but it’s not that simple. This summer was amazing in terms of movies. There was so much good content. So where are the good TV shows?  If you’re into comedy, there’s certainly no shortage of that, but what about the rest?

Star Trek:  Enterprise, Stargate Universe and AMC’s intelligence drama Rubicon are 3 of my favorites that were cancelled in recent seasons.  Of those, Rubicon is the most difficult to explain.  This was perhaps the most original new suspense thriller in some time.  The fact that it was so well written and acted also makes one wonder why it was left on the cutting room floor.  Unfortunately ratings are king and if the show doesn’t produce them in the number required by the network to justify the cost, the show is simply not going to make it.

Why are good TV shows cut?  I believe that many of these shows are the victims of poor management.  All too often, the people in charge of scheduling these shows don’t properly research the optimal viewing times for the show’s target audience.  Other times a previously unknown star outshines their show.  In either case programming managers need to be able to react quickly to put the show into a better performing timeslot.

In the case of Star Trek and Stargate, their most recent iterations were so different from what most fans had come to expect that many of them didn’t like the new versions.  That’s acceptable and if a large enough number of the potential viewers don’t want it, there’s not a lot you can do.

So what can we do to improve the situation?  The internet is one of the best things to happen to TV in a long time.  Many shows are now available essentially a la-carte.  Devices like Apple TV, Roku and even newer digital TVs make watching online content a breeze.  If you only watch a few shows, it’s probably more cost effective to just pay for a broadband connection and watch just the shows you want.  This is the way I intend to go as I just don’t see the value in a traditional cable plan any more.

TenFourFox taps disused resources of your aging PowerPC

Posted on by

Many of us geeks, especially those of us in the IT world replace our hardware almost as often as fashionistas change wardrobes. For some reason, I have a thing for old hardware. While I certainly don’t use it on a daily basis, I have a hard time parting with my favorite gear. I see it as something akin to automotive enthusiasts that like to keep that prized vintage car in their garage. They won’t drive it to work every day, but that doesn’t mean they don’t love taking it for a spin on the weekends.

I have a similar relationship with some of my favorite machines. I still use a 15″ PowerBook G4 at home on a fairly regular basis. (in fact I’m typing this post on it right now) At it’s heart is a 1.67Ghz PowerPC G4 processor. (the last model and fastest PPC Apple ever delivered in a laptop) By today’s standards, this single-core machine barely stays ahead of most netbooks. It’s battery is dead, and it gets fairly hot when you push it, but I find it to be perfectly adequate for most things.

Apple’s support of the PPC architecture ended 2 OS revisions ago (Leopard or 10.5) and even the Mozilla foundation dropped support from their Firefox browser after the 3.6.x series. (and even that will stop receiving updates soon…) Needless to say I was pleasantly surprised to find a project known as TenFourFox not only recompiling the latest Firefox from source, but actually making PPC specific improvements as well! TenFourFox is basically Firefox, but separately optimized for PowerPC G3, two flavors of G4 and the G5 CPU. That would be enough in itself, but the developers didn’t stop there. They’ve swapped out the old just-in-time JavaScript compiler with their recently completed nanojit for PPC which beats even Apple’s native Safari browser. (which until recently was the only browser with anything close to decent performance) This is all possible because there are still people in the Open Source community interested in this platform who know how to leverage resources like AltiVec. Kudos to the TenFourFox team for keeping this aging platform relevant!