• Explore the magic and the mystery!


  • Listen to The Tech Night Owl LIVE

    Last Episode — August 24: Gene presents a regular, tech podcaster and commentator Kirk McElhearn , who comes aboard to talk about the impact of the outbreak of data hacks and ways to protect your stuff with strong passwords. He’ll also provide a common sense if unsuspected tip in setting one up. Also on the agenda, rumors about the next Mac mini from Apple. Will it, as rumored, be a visual clone of the Apple TV, and what are he limitations of such a form factor? As a sci-fi and fantasy fan, Kirk will also talk about some of his favorite stories and more. In is regular life, Kirk is a lapsed New Yorker living in Shakespeare’s home town, Stratford-upon-Avon, in the United Kingdom. He writes about things, records podcasts, makes photos, practices zen, and cohabits with cats. He’s an amateur photographer, and shoots with Leica cameras and iPhones. His writings include regular contributions to The Mac Security Blog , The Literature & Latte Blog, and TidBITS, and he has written for Popular Photography, MusicWeb International, as well as several other web sites and magazines. Kirk has also written more than two dozen books and documentation for dozens of popular Mac apps, as well as press releases, web content, reports, white papers, and more.

    For more episodes, click here to visit the show’s home page.

    Newsletter Issue #744: The Growing Stature of Apple TV

    March 3rd, 2014

    As some wonder just what new product categories Apple plans to enter in the coming year, assuming CEO Tim Cook keeps his oft-repeated promises, you wonder whether one of those products may already be there. But it is sort of flying below the radar, because Apple consigned it to hobby status.

    But how can a gadget, with annual sales now hitting one billion dollars, be considered a hobby? A number of companies would only be delighted to receive that much revenue from most any product, and would praise the results to the skies.

    Now Apple TV has surely become more mainstream in recent days, and now has a featured place on Apple’s online store, rather than being relegated to the accessory department. Based on the figures produced by Cook at last week’s Apple shareholders meeting, it’s been estimated that Apple sold 10 million units. I wonder, in passing, how many units Roku sold in the same year, or all years.

    Continue Reading…


    The Possible Consequences of A Rushed Software Release?

    March 1st, 2014

    As we approached the weekend, there were some published reports of early-release bugs with OS 10.9.2. It’s typical of any software pushed by Apple, but I suppose there is reason to think this particular update was rushed because of the immediate threat of the notorious SSL verification bug. Had that not happened, is it possible Apple might have left 10.9.2 to stew in the Q&A labs a little longer just to make sure there were no lingering problems?

    To be clear, using 10.9.2 on a late 2009 27-inch iMac and a 2010 17-inch MacBook Pro, I have not encountered any problems. But I haven’t put my computers through a full set of tests to verify that everything is working properly, except for Apple Mail.

    Mail for Mavericks shipped with loads of bugs, some of which involved Google Gmail. I don’t use Gmail all that much, so it didn’t bother me, and some of the issues related to the peculiarly unique approach Google takes to their email system. Translating that to an IMAP account you access with an email client has always been a tad troublesome, but Mavericks merely made it worse, because it appeared Apple’s OS X developers attempted to fix things that maybe shouldn’t have been fixed.

    Sometimes it’s better to leave well enough alone.

    My personal problem with Mail was inaccurate unread counts. This particular bug meant that I couldn’t just look at the Mail badge icon and know how many unread messages awaited me. That’s the sort of feature one takes for granted so, again, I wondered how Apple let it get away from them.

    To be fair, Mail is not a new app. It dates back to the days of NeXT, and was ported to OS X from the very early days. Then it was a bare-bones email app, but has slowly grown in features and no doubt bloat, although it has almost always been far snappier than Microsoft’s Mac email clients.

    I came to Mail from Microsoft Entourage, which was sort of descended from Apple’s Claris Emailer, largely because a number of members of the Emailer team went to Microsoft’s Mac Business Unit after Apple’s email app was discontinued.

    So in developing Mavericks, maybe Apple tried to clean out the years-old cruft in the code and rewrite certain functions. I wouldn’t presume to have the nasty details. It’s not new for Apple to rebuild old apps and end up with flawed releases. The most blatant example is Final Cut Pro X, but certainly the newest iWork has come in for its share of well deserved criticisms.

    To be fair, Apple is not known to ignore such legitimate criticisms and will, over time, fix serious bugs and, if need be, restore lost features. I don’t presume to know what happened with Mail, but things aren’t broken unless software engineers are doing work that involves those functions. It may just be a case of the best of intentions turning bad.

    So Mail appears to be mostly fixed, but there are reports of problems with the AirPlay feature, which lets you stream content from Macs and iOS devices to an Apple TV. Some are reporting reduced or non-functionality, though it doesn’t appear to impact all Macs that support the feature. But if it’s a problem that can be traced to OS 10.9.2, perhaps there will be an update soon, since it wouldn’t be the first time a software update has broken something that should not have been broken.

    But is it true that Apple rushed out OS 10.9.2 because of the need to fix the SSL bug? That’s hard to say for sure, because Apple wouldn’t admit to any such thing. This week Apple was busy strutting its stuff in public, as CEO Tim Cook told shareholders that, among other things, Apple TV appears to no longer be a happy, having generated $1 billion in revenue last year.

    So the behind-the-scenes by-play in Apple’s developer labs will never be known. There may be all sorts of legitimate reasons why the reported AirPlay conflicts weren’t discovered and fixed. One possibility is that Apple did become aware of the issue late in the development process, but there was no time to incorporate the fix in 10.9.2. Perhaps there will be a small update soon to address that problem and others that arose because of this update. It wouldn’t be the first time Apple had to release a special update, or a version 1.1 of a maintenance release, to fix things that were broken — or left unfixed — in a software update.

    I mean, if you forget the real serious issues with Mail, which didn’t impact everyone, Mavericks is one of the better OS X upgrades in recent years. That’s one reason why there have only been two maintenance updates since October. That’s a release or two ahead of the usual OS X update schedule from Apple. So maybe, despite everything, Apple is working harder to make sure each and every software release is as clean as possible.

    We’ll see.


    The Apple “Must” Report

    February 28th, 2014

    Did you hear that Apple may descend into irrelevance real soon now if they don’t make some big changes? But how could that be? After all, wasn’t Apple just named, for the seventh year in a row the “World’s Most Admired Company” company in a Fortune magazine survey? What a disconnect.

    But that doesn’t stop some tech pundits from assuming they know more than the “World’s Most Admired Company” when it comes to products, product strategy, and product pricing.

    Forget for the moment the faux controversy over the alleged delay in producing a fix for the SSL bug. We don’t know there was any delay other than the normal time it takes to make even a simple update, and test it before being deployed around the world. It’s not as if there are reports that millions of iPhones, iPads and Macs are suddenly self-destructing as a result, so the updates appear to be successful. And it’s not been disclosed that people were actually compromised by what was clearly a very serious security leak.

    So let’s move on.

    There’s a report this week that repeats an oft-repeated meme, that Apple has lost the ability to innovate. One alleged reason is that Google is buying more companies than Apple, or at least more high-profile companies, as if you cannot innovate without a checkbook.

    I wondered, in passing, whether the writer in question ever heard of Motorola Mobility, and how Google had to sell it at fire sale prices — some $3 billion — to Lenovo — thus leaving a company with a long pedigree in the mobile handset industry in the hands of yet another owner. This came after quarter after quarter of red ink, but you wonder why the media hasn’t made a huge deal about this abject failure. Instead they quote the promise by Lenovo that Motorola handset sales are going to exceed those of Apple and Samsung. Right, sure!

    Well, there’s always the next company.

    So, among Google’s recent acquisitions, curiously for $3 billion, is Nest, a company co-founded by former Apple iPod executive Tony Fadell. Aha! He worked for Apple and was instrumental in the iPod’s unexpected success, so why doesn’t Apple want to make intelligent thermostats and smoke detectors?

    Besides, how would Apple magically become innovative from buying Nest, unless they  rejiggered the product in some major way so it took on new markets? What’s more, how many companies did Google acquire that never resulted in some trend-setting product, or set the tech world afire?

    There is Android, of course, and nobody denies the success of the number one mobile platform on the planet, but was it innovation that convinced Google to build an OS in the image of Apple’s iOS, and for licensees to build cheaper and cheaper gear to spread smartphone joy to the masses? Profits? Well, Google earns money from the targeted ads, which is what they’ve always done. Is that innovation? As far as the handset makers are concerned, only Samsung, among all Android licenses, is making good profits.

    When Apple acquires a company, it’s primarily to bring new technology in-house that will later appear in an Apple product or service. We all know about Siri, and PA Semi is one of the developers of Apple’s A-series mobile chips. The Touch ID fingerprint sensor came as the result of buying yet another company, AuthenTec. So you can see honest-to-goodness advantages in these acquisitions. But you may not see the fruits of other acquisitions until some time in the future.

    But to some, they just aren’t flashy, as if flash equates with innovation. Maybe Apple should buy out the Tesla electric car company and build $70,000 battery-powered motor cars. Sure, a Tesla is a well-reviewed product, with high safety ratings, and there will be cheaper models in the next few years. But is Apple’s next success the car business? Besides, how innovative would it be to buy out Tesla, which Apple could do quite easily if CEO Elon Musk was amenable?

    To be fair, Apple has reportedly had conversations with Tesla, though some suggest it’s about making deals about future battery technology, which would benefit both companies.

    Beyond making flashy acquisitions for some purpose or other, there is the constant demand that Apple build cheaper gear, or at least cut the prices of exciting products. The argument goes that Apple will make up the difference in high sales, not realizing that the stock market will freak if Apple sacrifices profits. And if sales don’t increase enough to make up for the difference, where does that leave Apple? It’s not as if it would be convenient to just restore prices back to where they were without any potential customer impact.

    If you think some might be upset Apple’s prices are too high, what if they cut those prices and then changed them back to what they were? Talk about destroying customer goodwill.

    Today, you know where Apple stands. Well, many do, if not some members of the tech and business media who believe that Apple is losing credibility because of not buying as many companies as Google, or because there are no $200 unlocked iPhones to be had.

    Yes, if Apple sales really and truly suffered, rather than flatten, you can bet the company would find it necessary to take appropriate measures. But record sales and continued high profits don’t define a company that’s in trouble, except for those who wish otherwise.


    The SSL Bug: The Conspiracy Theories

    February 27th, 2014

    As you might expect, Apple is getting a lot of grief from some critics over the alleged failure to deliver a fix to the notorious SSL/TLS bug in a timely fashion, particularly for OS X. The iOS updates came out last Friday; the OS X update, folded in with 10.9.2, was released on Tuesday.

    But it didn’t come soon enough for some.

    One security writer, who doesn’t earn a link, states, “I have been waiting, these last several days, for the Mac update to come out, because we knew from early on that OS X 10.9 was vulnerable.”

    So does “early on” mean when OS X Mavericks was released last October? And if that was indeed the case, why wasn’t he lobbying for the fix then, or at least quietly deliver the evidence to Apple, rather than deliver a case of sour grapes because the update didn’t arrive as fast as he would have liked?

    His conclusion is that, since the defect involved a single line of mistakenly duplicated code, it was trivial to repair. The fix? Remove the line of code and recompile.

    In theory that seems to make perfect sense, but making even simple updates to a sprawling OS, such as OS 10.9, may seem simple. In the real world it’s decidedly less so. Even if the fix seems ultra simple, it has to be tested on all the installers Apple uses for those updates — and the full installation — and checked to determine there are no other problems, and that the fix itself doesn’t create other possibilities of mischief.

    The implication here is that Apple deliberately held off this fix until the pressure of media attention forced them into it.

    Clearly that doesn’t make a lick of sense. After all, a bug such as this makes everyone vulnerable, even Apple employees. Yes, Apple employees also faced the risk of having their bank accounts and other secure accounts hacked. They also faced the risk of possibly losing money as a result, so why would they deliberately put off a fix of this sort? To salvage someone’s damaged ego?

    Hardly, because OS X and iOS updates routinely contain a number of security fixes. This is par for the course in this business, and it’s very possible a security leak can remain undetected for months or years until it is discovered, often by an independent party. That’s true even for something that, on the surface, appears to be as simple as the SSL/TLS or “gotofail” issue. Indeed, sometimes the simple becomes complicated by being overlooked.

    Understand I do not presume to know whether Apple was aware about this bug for months, weeks, or days. Indeed the first word of it came from — Apple — when they released the iOS 7.0.6 and iOS 6.1.6 updates, and it was announced that OS X was similarly impacted. The revelation didn’t come from disgruntled security columnists, or those who otherwise wanted to use the occasion as a means to attack Apple.

    True, Apple hasn’t always been as forthcoming as they should be about security bugs, and some suggest that they take too long to release critical fixes, often waiting to roll them into a larger release of one sort or another.

    Consider the “Flashback Trojan,” discovered in 2011 by Dr. Web, a Russia-based antivirus company. Although as many as 600,000 Macs were allegedly infected in the ensuing months, Apple didn’t address the bug until April 3, 2012.

    At the end of the day, however, it wasn’t Apple’s bug. It was the result of an exploit discovered in Oracle’s Java, which Apple maintained on the Mac platform. However, a lot of things happened in the wake of the Flashback debacle. First and foremost, Apple turned off the Java Applet, by default, to protect you against the Trojan. Oracle has also begun to distribute a Mac version of Java, which contains the latest and greatest code and is regularly updated.

    However, some apps still require Java, and OS X will deliver a link to an installer of an Apple version on first launch. One of the Java apps I use regularly, CrashPlan, an online backup tool, is now bundled with Java, so this step is no longer needed.

    But if you want to complain, let me give you a genuine example: Although this fact is presented as a new development in yet another lurid headline about Mac security, it dates back to last year, when Apple quietly stopped releasing security updates for OS X Snow Leopard.

    In theory that would seem to be a sensible move, since Snow Leopard, or 10.6, was released in 2009, which is positively ancient in OS X terms. However, close to 20% of Mac users still run it, largely for two basic reasons. First is that their Macs aren’t compatible with latest OS X versions. Just as important is the fact that Apple ditched the Rosetta utility as of OS 10.7 Lion, meaning you can no longer run PowerPC apps. That is a deal breaker, particularly for those who still need to use apps that will never be upgraded for Intel.

    So I suppose it makes sense to argue that Apple should dedicate some resources to supporting Snow Leopard, since most of the existing user base are stuck with it. The real question, however, is whether any of the unpatched security bugs are near as serious as the SSL bug that impacted OS 10.9. Probably not, but there’s still potential for abuse regardless.

    Meantime, some members of the media will continue to fear monger about Apple’s response for the SSL/TLS bug. What they forget, however, is the motive.