After days and and days of glowing reviews, you had to expect that someone, somewhere, would criticize Tiger as something you should avoid. It all started with reports that Tiger had problems with VPN, the technique used by employees of larger firms to connect to their corporate networks. Not Apple’s own tools, but third party software, which will apparently have to be modified to be compatible, due to deep down changes in 10.4.

All right, no big deal. After all, new operating systems are wild beasts that have to be tamed, and no Mac OS X release has been free of problems that required a fast update. I have no inside information to offer, but I’m sure you’ll see a 10.4.1 before long, followed by a 10.4.2 a few weeks later and so on and so forth. That’s to be expected, and if the perfect operating system ever comes along, it’ll be time to grab it and never upgrade again.

But it doesn’t end there. Now there are reports that something is fundamentally wrong with Tiger, that maybe you should avoid it altogether. One technology commentator has gotten so carried away with his concerns that even I became to feel, if only for a second or two, that I should have waited. But as I said, only for a second, until reality set in.

The commentator’s first complaint revolves around that alleged vulnerability involving Dashboard, that feature that delivers mini applications, or widgets, by pressing a single key, F12. Right now, it appears a cottage industry has developed around Dashboard, as more and more widgets appear. The choices are growing rapidly. There are widgets that will check package delivery status, compute lottery numbers, locate Wi-Fi hot spots, and even find the location of your neighborhood Pizza Hut. That is, assuming there is a Pizza Hut in your neighborhood of course.

In addition to the interface problems I mentioned in my last commentary on the subject, there are reports of potential vulnerabilities, that Dashboard creates an environment where malware may prowl. How so? Well, widgets are applications that, like a Sherlock channel, provides Web services by communicating with one or more sites to retrieve information. What if that widget recorded all your keystrokes, including passwords, and sent them to some unsavory characters with identity theft on their evil little minds? Is the Mac universe going to be inundated with our own version of the infamous spyware problem that has now overwhelmed the Windows world? Ah, paranoia strikes deep.

But it all calls for a little reality check. I mean, there could, in theory, be a security leak exploited by a downloadable Sherlock channel, one that masquerades as something useful. You could even download a file that appears to be a perfectly normal system utility that really has a mischievous or evil intent, give your user password at the start of the installation, and suffer the consequences.

The potential problem with Dashboard, and I emphasize potential, since it hasn’t happened in the real world, is exacerbated by a convenience feature in Safari. Under General preferences, an option labeled “Open ‘safe’ files after downloading” is activated by default. Clearly Safari is designed to regard a Dashboard widget as safe and will install the file automatically after it’s retrieved. At the very least, maybe you want to disable that “safe” file preference in Safari until the dust settles and it can be demonstrated once and for all whether this is truly a potential security leak that Apple must fix.

That online commentator also quotes a report from InfoWorld’s Tom Yager about an “ugly” Tiger installation. If you read the fine print rather than just a few paragraphs, you learn that Yager’s installation scenario was decidedly different from the norm. In this case, he attempted to install Tiger on a PowerBook with a bad SuperDrive. He set up an external optical drive for the installation, and entered a world of frustration. He ended up running the PowerBook in “target disk mode,” which sets up the laptop as an external FireWire drive, and installing Tiger from another Mac. Here he achieved an apparently successful installation, but ran into startup troubles that he later traced to a mangled NetInfo database, which is a repository of user and network-related information.

As you might expect, NetInfo is the tool of IT people, and not something for mortal folks to mess with. I won’t call Yager a fool, but it’s clear that he is someone you might expect to probe the guts of power user tools of this sort. In the end, it’s less Tiger’s fault than Yager’s installation strategy. I presume he, like any systems administrator, made a full backup of his files before attempting this installation, particularly knowing he had to use a somewhat exotic technique to put a Tiger in his PowerBook’s tank. That being the case, he could have just as easily wiped the PowerBook’s drive, installed 10.4 and confirmed that it was working properly before he restored the rest of his files.

In fact, I did just that Wednesday night, not because I had a problem, but I thought it was time to clean house on my first generation dual 2GHz Power Mac G5. In my case, I first ran a shareware backup application, SuperDuper, which cloned my startup drive. Being the ultra cautious type, I actually made two identical backups on separate FireWire drives. Tiger’s Erase and Install application has a clever wrinkle, and that’s Migration Assistant, which can be used as part of the installation process to restore your data from a backup all in a single, seamless process. How can you miss?

The entire process took a little less than two hours from start to finish, most of which was spent enjoying dinner and catching the latest episode of Alias. That’s the one where fetching series star Jennifer Garner does an impressive turn as director. In any case, everything ran uneventfully without any intervention on my part after the initial setup process.

In fact, every single installation of Tiger I have performed on my own computers has been 100% successful. Ditto for the installations I performed or supervised for friends and clients. My suggestion is to just ignore the fear mongers and show the usual care with a system installation. Before putting Tiger on your Mac, double check the online reports of potential conflicts with your favorite applications, just to see if you should wait for updates to arrive. And always have a recent backup in case something does go wrong. But that’s all standard operating procedure, nothing to generate unnecessary fears over.

This article was posted on Saturday, May 14th, 2005 at 11:25 PM and is filed under News and tagged with: Corporate Networks, Dashboard, Mac Os X, Os X, Third Party Software, Vulnerabilities, Vulnerability, Widgets.