#338 Time Machine, Blindfolded, Photography and the Mac, Quit All Apps, 3 in 1 Camera Lens, Apple Sandboxing

Time Machine review, Blindfolded accessibility update, Photography and the Mac Podcast Promo find it in iTunes. In Dumb Question Corner Professor Albert joins us again asking how to quit all running applications and gets a surprising answer. 3 in 1 Camera Lens review from Rod Simmons. George from Tulsa says some nice things about Podfeet.com and explains that you have to turn off Ad Block to see my Amazon Affiliate link, and then throws down the gauntlet about a lively discussion he and Bart had about Apple’s move towards Sandboxing. Bart comes back with a full Chit Chat Across the Pond explaining Sandboxing and why it’s a good, not scary thing.

Hi this is Allison Sheridan of the NosillaCast Mac Podcast, hosted at Podfeet.com, a technology geek podcast with an EVER so slight Macintosh bias. Today is Sunday November 13th, 2011 and this is show number 338.

Time Machine Success

Kyle traded laptops with me, choosing my 15″ Macbook Pro over his 13″ Macbook (when I got my new one). Mostly he wanted it because of the improved graphics for driving games on his secondary display. This weekend he came home and suggested we make a trip to the Apple Store as he was having a couple of problems. He’s noticed recently that when he first plugs in the laptop, it says it’s not charging. Sometimes it starts charging after a little while, but other times it never starts charging. The other problem he had was that his Time Machine backup process was getting dodgy – his machine would come to a crawl while it was running. Finally his iPhone (and mine) both get stuck when syncing, the last step never finishes. His only has the problem when syncing wirelessly, mine has the problem wired and wireless.

We took a trip over to the Apple Store after setting up an appointment with a genius. The woman we got was very efficient and clearly knew what she was doing, but she was very cold and impersonal and seemed uninterested in explaining anything to us. She ran a power diagnostic on the Mac, and then on the power supply itself, and then peered very closely at every inch of the cable, after which she declared everything healthy. She made some notes in the case just in the event that things get worse later there’s a record of our visit. She told us we’d be able to buy a new power supply, rather snottily pointing out that we are 27 days outside of warranty.

Next she checked the hard drive and declared it failing. I asked her to explain why she felt this was true since the only thing we could see was that Disk Utility had found some issues and said that it repaired them. She seemed irritated that I would question her but did show me two other hardware tests that both suggested it was failing. I asked her whether we could get some leeway on the drive replacement since we were just 27 days out of warranty and she went off to check with a supervisor and came back and said no. When I thought about it, I realized it wasn’t worth pushing this one since it would probably take days to get the repair done when we could pick up a drive over at Best Buy on our way home and have it replaced within the evening.

So finally Kyle asked her about the wireless syncing problem with his iPhone – and all she said was, “yeah, mine gets stuck too”. She stared blankly at us after that. No suggestions, no help, I asked her to elaborate on what we can do and she said we’d have to make another appointment. I questioned that and she said one device per appointment. I suggested that the problem is with iTunes, not the device and she simply said no. Kyle didn’t think she was as snotty as I did but she sure rubbed me the wrong way.

But this is a story of success, and that’s the success of Time Machine.The good news of the story is that Kyle is really good about backing up his laptop with the small external drive I bought him. So when we came home with his new 7200rpm 500GB internal drive, Kyle was able to pop it into the laptop after removing just one screw, plug in the backup drive via USB, and power up the machine. The Time Machine backup drive simply mounted, and asked if he wanted to restore from backup. At first it didn’t see the new drive, but Disk Utility was available so we simply formatted the drive as HFS+, quit Disk Utility and then Time Machine could see the drive. A couple hours later, Kyle’s machine was right the way he’d left it.
I have had no end of trouble MYSELF with Time Machine but I still recommend it for everyone else because of these delightful success stories. I still have a dream that Time Machine will work for me one day.

Blindfolded Accessibility Update

It’s time for an update on my progress using VoiceOver on the Mac and iOS in preparation for my Macworld pitch Blindfolded in January. I continue to get more comfortable with the iPhone – in particular my typing skills are improving at a good rate. Originally I was in a typing mode where you’d find the right key with one finger, and have to tap the screen with another finger to select it. This worked, but it was kind of clumsy. I found out that you can toggle on a feature where you only have to lift your finger to select the key. That sped me up a LOT. I can now actually address and send a text message…most of the time.

I’ve been REALLY stuck on OSX, pretty much baffled by it, but I spent a half hour on the phone with Bill Holton who was tipped off about my crazy plan by Darrell Shandrow of the Blind Access Journal. Bill was easy to learn from because he’s just transitioning from Windows to the Mac right now, so it’s like learning from the kid who’s one semester ahead of you in the same class, he still remembers what’s confusing. When you get too good at something you forget what you didn’t know sometimes.

I think my favorite thing he taught me was quick nav – tapping the right and left arrows at the same time turns it on, and suddenly you have access to some easier ways to do things. I’ve had trouble wrapping my brain around the concept of interacting with an element. Let’s say you’re looking at a web page, and there’s a whole pile of text there in the center column. If you navigate to it, you can’t actually DO anything yet, like read it. You have to choose to interact with it. I think I mentioned last week the hand paralyzing gesture they taught in the Apple tutorial – command-control-option-shift right arrow – well with quick nav you can just swipe to the right with two fingers on the track pad. Bill cautioned me though that if other stuff doesn’t seem to work right with VoiceOver, it might be because quick nav is messing it up, so you get good at turning it on and off. Quick nav

I then tortured Dan Eckmeier for a while because I got really stuck on email. You know how mail.app has three columns – the list of mailboxes, then the list of messages within the selected mailbox, and then a preview pane? I’ve been getting hopelessly stuck trying to move pane to pane, I’ll be in the list of messages but for the life of me I can’t get to the list of mailboxes. When you try to go the wrong way, It also makes this bonk noise that reminds me very much of the noise the game Spectre makes when you bonk into a wall. In talking with Dan it finally came to me – that interact with element thingy is not a global toggle on or off, you can actually be buried levels deep into interacting, so you have to keep backing out until you’re not interacting with anything at all, and THEN you can get to the next element. That was a HUGE breakthrough for me.

But then left to my own devices, I dropped what they call the Curtain – a triple tap of three fingers on the trackpad darkens the screen. So now I’m taking the training wheels off, right? I start trying to read my mail, and I got confused really quickly. I pulled up the curtain to peek…and my inbox was empty. Now for you inbox zero nut balls that sounds fine, but I had 11,000 messages in there at last count! The good news is that with a little hand holding by Bart, I was able to find all the messages and put them back, but it was scary for a while there. Maybe I should try working with a less dangerous tool when I’ve got the curtain on next time!

One last comment before we move on – when I was talking to Bill, I mentioned how nice it is that VoiceOver actually shows you on screen what’s going on, and he muttered something about “you people and your photon dependency…” I loved it! I can’t tell you how much fun I’m having with this, I told Dan I feel like I’ve decided to learn Klingon, and found this group of people who all know it and are gently guiding me to help me learn Klingon too!

Photography and the Mac Podcast

There’s a new podcast created by good friend of the show Robert Lachman. I’m loving this show as it gets off the ground so I asked Robert to send in a promo for the show. Let’s hear what he has to say.
link to the Photography and the Mac podcast on the iTunes store.

Clarify

This weekend Steve and I went to visit his mom and dad because we needed to upgrade them to Snow Leopard. I know, you’re yelling at me that they should be going to Lion, but they REALLY don’t want to learn a new version of Excel. Yeah, they’re on Office 2004, which only runs under Rosetta, which means they can’t go to Lion and keep their old version. So…we did the upgrade, and both machines went well, until his dad tried to print and it didn’t work. Turns out his HP printer isn’t supported past Leopard, but his dad was cool with that, he ran out and bought a new $60 printer/fax/copier and was delighted.

When I got home this afternoon, there was a message from his dad saying that his printer icon was gone from his dock. I had no idea why he felt he needed that, but mine is not to question why. A quick Google and I knew how to do it. I could have called him on the phone and spent 45 minutes explaining it to him…or I could pop open Clarify from Bluemango Learning, take a few screenshots and pop a PDF tutorial into an email. It literally took me less than five minutes to get it done, and a while later I got an email from Steve’s dad telling me that all was good! If you think you don’t have time to make tutorials, you might be mistaken – you don’t have time NOT to do this! I saved time, his dad says I’m his hero so it’s all good. You can get Clarify from the Mac App Store for only $30 for all your machines. Check it out at bluemangolearning.com/clarify

Dumb Question Corner

Hello Allison, Dis is Professor Albert, and yes, I need your help again with a very very dumb question so dumb it makes me feel smart. Now I am alvays late, and my vife Elsa hates it so much. She has even telling her friends that I am her late husband, so now ven I run into dem dey think I am a ghost!

The reason I am alvays late is I open scores of programs all at once on my Mac computer, almost as many as you do Allison Sheridan, but I don’t feel comfortable sleeping my Mac vith all the programs open so it usually takes me 10 to 15 minutes to close down all my programs so I am always late.

Now here is da dumb question and it is dumb, Allison. It is very dumb:

Is dere a vay to close ALL my programs at once so dat I can finally be on time and come back to da land of da living?

Help me Allison, you ah so smart.

Oh dear professor, I hate to have you be late everywhere you go. I’m sure the people waiting for you must be devastated! The good news is that I found a couple of solutions to the problem. First of all, Apple actually built into OSX a utility to do this. In Apple support article ht1343 they explain that holding down control-command-eject will quit all open applications, but there’s only one problem, it also restarts the computer. Now in today’s day and age of solid state drives giving us quick reboots that might be fine…except with Lion guess what happens? When it reboots it reopens all applications you had open before it restarted! Now you might be more interested in another built in path – if you add the option key to the sequence (option-control-command-eject) it quits all open applications and shuts the computer completely down. Again when you boot up your previously open applications will be reopened, but at least you’ll make it to dinner on time, and maybe you WANT those applications reopened?

Ok, I can hear it now, you want everything quit but you don’t want to actually shut down the computer. Just about now in thinking about your problem I had that vague feeling that I’d talked about this before on the show. The great thing about having massive 5000 word blogs posts is that virtually everything I’ve ever thought about technology is recorded and searching over on podfeet.com. Back on June 21st, 2009 in show number 210, Greg Norton opened the topic of how to quit all running applications at once. He found the freware Quit Anything from Frozen Heads Software, I got intrigued and found QuitsApps from limit-point.com. Both of these are using the UNIX command kill all (which is fun to say and even more fun to type). But wait, that’s not all.

the next week on show number 211, Jason Hyde wrote in saying that the fabulous app launcher LaunchBar from obdev.at actually has quitting all applications built in as an action. Wow that must be it, right? Nope, David Hill gave us the exact instructions on how to do it using Automator! And then Shaun Peterson did a ScreenSteps tutorial showing how to do it in Automator too! I put a link in the shownotes to Shaun’s tutorial on how to quit all running applications.

So Professor Albert your question is not so dumb and clearly is a question a lot of people have and a lot of people have worked to find the best answer. You will have to find a new excuse to be late in the future, eh Albert?

3 in 1 Camera Lens Review

Rod Simmons brings us a review of the 3 in 1 Camera Lens

I think I just found a new item for my Christmas list Rod!

Smile

[read in deadpan voice] [Today I’d like to talk to you about TextExpander from Smile. It is a good product that will make you more efficient. Many famous people use it. They save time with it, and remember, time is money.]

Ok, there’s a reason my ads don’t sound like that – It’s because I don’t read something the advertiser told me to say, I tell you about MY experiences and I ONLY advertise products I actually use AND like. I live on TextExpander, it’s one of the first things I install on a new computer, and it makes me really really happy. If you get TextExpander, you’ll be typing faster and wasting less time, both of which are great things in my book. TextExpander is only $34.95 and you’ll find yourself telling strangers about it if you buy it too. Heck, there’s a free trial, why NOT give it a test drive? Check it out at smilesoftware.com, and be sure to tell them Allison sent you.

George on Amazon Affiliate and Sandboxing

Last week I was one click from ordering a Blue Yeti USB microphone on Amazon when I remembered Allison’s revived affiliate link on Podfeet.com. But when I opened Podfeet, there was no Amazon link, until I turned off Ad Blocker.

After finding Allison’s link, I bought the Blue Yeti for the same $80 deep discount I would have paid without a 3% cut to support the Nosillacast. Cost me nothing, and helps Allison and Steve keep podcasting. If my Okie accent is any clearer, credit, or blame, my new microphone

Now to find Allison’s Amazon link, you’ll have to visit her blog at Podfeet.com.

If you haven’t been there before, take a look around. Allison puts an unusual amount of effort into Podfeet.com. Most of the content you hear in her podcast is available in text on the blog. If you remember hearing a tip or review and want to find it, searching the blog is a lot faster than listening back through a bunch of podcasts!

While you’re there, click open #336. Bart and I have been back and forth about the big news this week, Apple’s delay of its requirement that applications sold on the Apple Mac App store be “sandboxed.”

Bart thinks it’s great. I’m cynical, remembering when Ma Bell conducted electronic sweeps of every phone line in America, seeking anyone who dared connect third party equipment to AT&T’s network. I also remember IBM frequently changing connections to its mainframes for no reason other than to block third party disk packs.

Times have changed, business methods, sadly, have not.

I’m putting some links to third party opinions of Apple’s sandboxing plans in the shownotes. Take a look and maybe you’ll want to comment in the comments section on this week’s shownotes.

LINKS:
On November 7 Cult of Mac ran: OS X Lion Sandboxing Is A Killjoy Destined To Ruin Our Mac Experience and MacRumors on Sandboxing

If you have a sense of irony, listen to Adam Christianson’s Maccast November 2 as he’s torn between fandom and frustrated user, concluding users just have to accept and figure out how to work with the iOS sandbox It’s at 1:19 into the show: Maccast November 2, 2011

Last, but hardly least, Leo lets loose on Apple all weekend, and much of his rant is about Apple’s attempt to lock down the Mac through the App Store and its restrictive terms: TechGuyLabs #819 and TechGuyLabs #820

I decided to play George’s lovely comments about the show (I’m very flattered George) and his comments about sandboxing right before Chit Chat Across the Pond, because that will be the main topic.

Chit Chat Across the Pond

Security Light

More Cert shenanigans (http://www.entrust.net/advisories/malaysia.htm):

• A Malaysian CA (Digicert Malaysia) issued 22 certs with weak encryption using an intermediate cert from the Entrust CA.
• The weak certs could be hacked to appear to be for different sites – hence allowing ‘valid’ SSL connections to any domain
• The 22 certs have been revoked
• The parent CA will revoke the intermediate cert, invalidating all certs signed by it, soDigicert Malaysia customers will have to get new certs
• The 22 certs have been shared with browser makers to allow them issue a security update which would blacklist the certs – FF8 does this, as does FF3.6.24, Windows has also been updated – no details about other vendors

Important Software Updates:

• Apple released iOS 5.0.1 – contains security fixes, including one to address the smart cover vulnerability on iPad 2s –http://support.apple.com/kb/HT5052
• Apple patches Java on OS X 10.6 Snow Leopard, and 10.7 Lion – http://support.apple.com/kb/HT5045
• Apple release Airport Firmware version 7.6 for Time Capsules and Airport Base Stations – http://support.apple.com/kb/HT5005
• FireFox 8 & FireFox 3.6.24 released to patch multiple vulnerabilities, not just the Cert issue
• Last Tuesday was Patch Tuesday – http://technet.microsoft.com/en-us/security/bulletin/ms11-nov
• According to Microsoft’s site, the fixes from Patch Tuesday did NOT fix a serious flaw in Windows which is being actively exploited in the wild – there is a temporary workaround which can be activated and de-activated with this fixit link: http://support.microsoft.com/kb/2639658
• Adobe released a critical patch for Flash and AIR – http://www.adobe.com/support/security/bulletins/apsb11-28.html
• Adobe released an update to Shockwave Player for Windows &Mac –http://www.adobe.com/support/security/bulletins/apsb11-27.html(since almost nothing uses shockwave any more, many people won’t have it on their system at all – if you do, consider removing it)

Main Topic – Sandboxing

Sandboxing has become a topical subject because Apple have announced that all apps in the app store will need to be sandboxed from next Spring. However, many people seem to be very confused by what that means. People know that apps in iOS are sandboxed, so they assume that that means that apps on OS X will become like apps on iOS. This is a classical logical fallacy – “All dogs have four legs, my cat has four legs, therefore my cat is a dog”! (bonus points for any listener who gets that classic British comedy reference).

To stem the panic, lets start with a simple fact most people are utterly unaware of, in Lion, both Preview and TextEdit are sandboxed. Yes, those two apps you use to open and save all sorts of files with all over the file system, and from the Finder and from Mail and what not, are sandboxed. This alone shows why the sky is not falling, and makes it very clear that OS X sandboxing is not identical to iOS sandboxing!

Now that we’re done panicking, lets look at what sandboxing is, then why we want it, and finally, we’ll have a look at one possible pitfall that we should be aware of.

What?

Lets start by saying that the idea of sandboxing is not new. Not even a little bit, in IT terms it’s positively ancient! One form of sandboxing, the Unix/Linux chroot command dates back to 1979!It has been common practice for decades to use ‘chroot jails’ (i.e. sandboxes) to insulate the system from services listening on the network. A good example is the bind DNS server, which is usually run in a chroot jail because DNS has a long history of being problematic. To this day, when you set up a DNS server on RHEL you use “yum install bind-chroot” (or you should anyway).

Chroot gives is a very simply kind of sandbox that’s easy to understand, so lets start with what that does.

Unix and Linux file systems are tree-like structures with / at the root of the tree. You can move up or down the tree, but there is nothing ‘above’ /. chroot stands for “change root”, and what that command does is change where on the file system / is for a given process, hence isolating it from the rest of the file system. In the case of the BIND DNS server process on RHEL, the folder /var/named/chroot is chrooted to / for the bind process, so everything on the computer apart from that one folder and all the files and folders it contains becomes inaccessible to the chrooted process.

OS X Lion’s Sandboxing technology also does this, but the location of the chrooted file systems is in ~/Library/Containers, where you’ll see all the sandboxed apps you use listed by name in the reverse-DNS format, e.g. com.apple.TextEdit for TextEdit. Inside each of those folders you’ll find a file called Container.plist, and a folder called Data. The plist file contains the settings for the sandbox (more on this later), and the Data folder is the folder that the process will see as the root folder.

So, the idea of sandboxing is not new, but Lion takes things MUCH further than just chrooting the processes. For a start, it allows the config to request holes in the sandbox, so that some files and folders on the regular file system can in fact be accessed by the sandboxed process. This is often done in such a way that the sandboxed app can only see the files or folders if the user explicitly grants access to by either using the File->Open dialogue box (which is part of the OX not the app), or by dragging and dropping a file onto the app or it’s icon. It’s this ability to selectively punch holes in the sandbox that allows apps like TextEdit and Preview to be sandboxed without negatively affecting their usability.

You can look at this kind of leaky sandbox as being the file-system equivalent of firewall rules on your router.

Sandboxing in Lion goes well beyond the filesystem though. The sandbox also controls access to other resources like the network, so sandboxed apps can be prevented from accessing the network completely, or the can be given access in a controlled way. This is much more literally like the ACLs (access control lists) on network firewalls.

So, in short, sandboxes act as filters that only allow sandboxed apps to see the resources they need, and it blocks their access from everything else.

Before we talk about the ‘why’, I want to finish up with a short description of how sandboxes get set up in Lion.

I mentioned that each sandboxed app has a Container.plist file in it, that file defines the rules for the sandbox.

If you have Xcode installed you can open these files yourself and have a look. To give you and idea of what you’ll see here’s just some lines from the one for TextEdit:

com.apple.security.documents.user-selected.read-write = YES

com.apple.security.print = YES

This says that the app in question can read and write any file a user sends to it, and that it can print. If you look through the list of permissions the app is granted, you’ll see that it’s not given any network access. But, if you have something like 1Password installed (the MAS version is also sandboxed), and you go to the sandbox for the 1Password helper app (~/Library/Containers/com.agilebits.onepassword-osx-helper), and you look in it’s Container.plist file you’ll see that it is granted network permissions, including:

com.apple.security.network.server = YES

So, if the file Container.plist can specify the permissions, couldn’t the app just re-write those permissions? Well, no, because the file is outside the sandbox!

Also, all apps in the MacAppStore are digitally signed, and that signature covers the configuration of the sandbox, so those permissions cannot be changed without breaking the digital signature, in which case, OS X will refuse to run the app at all.

Why?

This all leads to the obvious question of why we want to go to all the trouble of creating this chrooted file system, punching holes in it, and controlling access to printers and the network and so on? This system puts a little extra work on developers because they now have to specify the list of permissions their apps will need as part of their app, and they may get asked questions about why they have chosen the things they have chosen as part of the app review process for the MAS.

The answer is security.

It is a fact of life that all apps have bugs in them. Every app ever written is buggy, and ever app we ever write in the future will be buggy too!

What makes all this so much worse is that so many of those bugs allow “arbitrary code execution”. What that means is that the bug allows the app to be hijacked and effectively turned into a zombie that does the attacker’s bidding. Instead of the app doing what the developers programmed it to do, it does what the attacker program it to do!

When an app is ‘zombified’ (exploited), it can do anything you can do, so it can read all your files, access the network, stand and stop processed, delete or modify all your files, sniff your key strokes, monitor your mouse movements, take screenshots, and open a back-door to give the attacker direct access into your machine.

Without sandboxes, our only line of defence is to hope there are no bugs, and when there inevitably are, to patch them quickly, and hope users update promptly. It also means that users are only as strong as the weakest apps they use!

Obviously we still want to try to write code that is as bug-free as possible from scratch, and we also want to continue patching problems as soon as we find them, but we should really take some other precautions to protect us from the bugs that we KNOW must exist somewhere in all the code we run on our machines.

Lion protects us from rogue apps at an OS-wide level in a number of ways already:

1. DEP (Data Execution Protection)
2. ASLR (Address Space Layout Randomisation)
3. Digital Signatures

Sandboxes are another part of this puzzle, providing us with another very powerful defence against zombified apps. In effect, sandboxes cage zombies! They limit the access a compromised app has to your system, exposing the only they stuff that really needs to be exposed to attack.

What Apple are trying to do is add as much protection to our stuff as they can, without crippling our apps. We, as users can still see all our files, but our apps can only see what we let them see, and no more. Apple clearly want to prevent OS X users ever having to go through the dark days Windows users did before the Windows 7 days. iOS is a very popular mobile platform, no one can argue that it is not a target, because it unlike the Mac it has a large market share, and yet, thanks to security features like sandboxing, iOS is proving very resilient to attack. Apple are bringing that tried and tested security to our Mac, but in a Mac-like way, not an iOS-like way.

Finally – something to keep an eye on

From a technical level, there is nothing at all to fear from sandboxing, the potential danger lies elsewhere, in the App Store review process.

The way it works is that developed write their apps, and they write the permissions they think they need into the apps as they develop them.

Then, when it’s time to sell their app they submit the app, complete with it’s Container.plist file, to Apple for review, and Apple then have to decide whether or not to sign the app and add it to the store. Apple could decide that no one will be given permission to start a network service, or that no one will be let open any files, but there is zero evidence of that so far. As I write this, there is only one app that use that is sandboxed and not written by Apple, that’s 1password. That app can, and does, start a network service, read and write to my DropBox, and read and write files to and from my hard drive. As a user, the sandbox is invisible to me, and does not curtail what I can do in any way.

If the 1Password, Preview, and TextEdit experiences are anything to go by, then I’m not worried by the sandboxing requirement.

The only worry is about how Apple manage the MAS, and lets face it, that worry existed before sandboxing, and would continue to exist without it.

Bart contacted me after we recorded – it turns out 5.0.1 solves the charlie miller hack

That’s going to wind this up for this week, many thanks to our sponsors for helping to pay the bills: ScreenSteps, and Smile. Don’t forget to send in your Dumb Questions, comments and suggestions by emailing me at [email protected], follow me on twitter at twitter.com/podfeet. I contribute a fair amount over on Google Plus nowadays so just search for me by name if you want to circle me up. If you want to join in the fun of the live show, head on over to podfeet.com/live on Sunday nights at 5pm Pacific Time and join the friendly and enthusiastic NosillaCastaways. Thanks for listening, and stay subscribed.