Bart Busschots from the Let’s Talk podcasts guest-hosts this week’s show. Bart starts with a short tribute to a co-worker and friend who passed away unexpectedly last weekend, Liam Burbridge. Next we have a review of the RadioShack Bluetooth Cassette Adapter submitted by Steve Davidson, then Bart answers a Dumb Question about Whole Disk Encryption which Steve also sent in. After that Konrad Dwojak gives us some tips for composing interesting landscape photos, before Allison briefly interrupts with the good news that Clarify 2 has been released. Bart then returns with a review of the fun but utterly silly Monty Python’s Ministry of Silly Walks app for iOS & Android, before Allison makes another guest appearance to share her love of Doodle with us. Finally Bart is joined by Mark Pouley of Twin Lakes Images for a Chit Chat Across the Pond segment all about capturing the lovely light at dusk (or dawn).
Hi this is Bart Busschots from the Let’s Talk podcasts guest-hosting the NosillaCast podcast hosted at podfeet.com, a technology geek podcast with an eeeeeever so slight Macintosh bias. Today is Saturday the 26th of July and this is show number 481 – Allison has the week off!
While I love hosting this show, the timing has unexpectedly turned out to be poor. I’ve been very much distracted this week because of the sudden death of one of my work colleagues – Liam Burbridge. I want to dedicate this show to his memory. Allison never met Liam, or interacted with him, but, I’m pretty sure that if she had she’d have classified him as ‘our people’. Like the Nosillacastaways, he was driven by a desire to understand how things work. He had an insatiable appetite for learning, combined with apparently boundless energy. I don’t think I ever saw him walking sedately, he always seemed to be rushing from here to there to meet someone or to install something or to fix something. Despite the fact that he was always in a hurry, he always made time for anyone in need of help. I’m really going to miss him, and my heart goes out to his family, whom he simply adored.
RadioShack Bluetooth Cassette Adapter
This is Steve Davidson with a short review of the RadioShack Bluetooth Cassette Adapter.
Let’s start with the problem to be solved. I drive a 20 year old Honda Accord to and from work every day. No, that’s not a problem. The car is great. Great acceleration, handles well, is comfortable, and still gets 30 miles per gallon (just under 13 km per liter, for those of you who use “petrol”). There is absolutely nothing wrong with the car — except for its lack of tech. Now it does have a cassette tape player but the AM/FM radio’s tuner stopped working a long time ago — and I don’t care because I don’t listen to it — I prefer to listen to podcasts and audiobooks. So the problem to be solved is getting the sound from my iPod into the audio system so I can listen to my podcasts (always double-speed) comfortably.
I used to have a wired cassette adapter. You plug into the iPod’s phono connector, the signal runs down the wire, and is impressed on magnetic transducers that convey the sound to the cassette player’s read head. The only problem with that arrangement is that the cord gets caught on things, sometimes entangled with the 5-speed gear shift lever.
Now I travel a lot for work, and I’ve been getting spoiled by cars with built-in Bluetooth audio, so when the always-getting-tangled wire developed a break, I decided it was time to upgrade.
Bluetooth cassette adapters do just what you would expect: Instead of the wire connecting to an earphone jack, it uses Bluetooth to send the (digitized) audio signal to the cassette head. It avoids the wire, and allows the iPod to be anywhere in Bluetooth range.
I selected this particular model because of the specs: It claims 8 hours on a battery charge, and uses Bluetooth v4.0 +EDR.
So, how does it work?
The audio quality is just fine for me. I don’t listen to music, so I can’t tell you what an audiophile would say. For playing podcasts and audiobooks, it works well. And the Bluetooth range is quite good.
But it is far from perfect. For one thing, I wish it had an auto-shutoff so that, if there is no Bluetooth connection or (even better) no audio content for a while, it should turn itself off to save battery power.
Battery life can be an issue. With a wired adapter, it would go forever without a recharging care. The Bluetooth Cassette Adapter has to be recharged — and since there is no indicator of how much juice is left in it, I find myself recharging it every three days or so.
Since it is sitting in a motorized cassette player, with a spindle constantly being wound, how hard would it have been for them to attach a small generator to the sprocket so that it could self-recharge — if only to prolong battery life. That’s a missed opportunity.
It recharges via USB cable, which is good. But instead of the now-ubiquitous microUSB interface, it has the throwback miniUSB interface — so I need to use a different cable for that than I do for most of my other USB-recharged devices.
And my final complaint: The single-button design: Press and hold for three seconds to pair, and press-and-hold for four seconds to turn on. That ambiguity, coupled with the fact that the button is right next to the LED that tells you its state — and gets covered by one’s finger when the button is being pressed — means that I frequently find it looking to pair when it should be synced with my iPod. Separate on/off and pairing buttons would have been preferable.
So, would I buy this again? I’m not sure. On the one hand, I enjoy the absence of the cable. But on the other hand, it sure takes a lot more care and feeding.
So, I can’t quite recommend it — unless you know what you are getting into.
Dumb Question Corner
Also from Steve Davidson:
I know I’ve read that until a computer is completely shut down, the whole disk encryption (WDE) key is kept in memory so the disk can operate properly. And because of this, a computer that is merely asleep is vulnerable to the possibility of someone plugging something into the Firewire or Thunderbolt port and doing a direct memory read — thereby capturing the WDE key, and rendering it moot.
I’ve also read that there is a command that tells the computer NOT to retain the key when sleeping:
sudo pmset -a destroyfvkeyonstandby 1
My Dumb Questions are: Is any of this true, and if the first part is true (the key can be slurped out of the Firewire or Thunderbolt port), is the second part (that command) safe and effective?
Whole disk encryption works by using a big long encryption key to encrypt each block of data before it gets written to the hard drive. In order to read that data back, you need the encryption key.
While your computer is running you want this low-level encryption to be transparent, the OS needs to access the disk all the time, so it would be utterly impractical for it to prompt you each time you need the key. For this reason, a computer with whole drive encryption will ask you to authenticate once at boot-time, and then store the key in memory so it can read and write to the encrypted disk without your further assistance.
This means that an encrypted disk is only truly protected while the key is not in RAM. This is definitely always the case when the computer is powered off – RAM is volatile, so, after a few seconds have passed (or a few minutes of you freeze the RAM), all data that was in RAM while the computer was on is lost.
Today, we very rarely power down out computers, so an obvious question to ask is, what happens while the computer is asleep rather than powered off? A computer that’s asleep keeps RAM powered up so it remembers everything, and can continue from where it left off when the computer is woken up. Depending on your encryption solution, the key could or could not be purged from RAM before sleep, but, that would mean you’d need to re-enter your password the instance the computer work, because otherwise it couldn’t read from or write to the encrypted disk. For convenience reasons, OS X’s default behaviour is to keep the key in RAM while a Mac is asleep.
You might well imagine this would be a safe enough thing to do since you surely can’t just read the RAM of a sleeping computer without waking it up without doing something drastic like opening the case and connecting wires directly to the motherboard or something equally James Bondish! This would be true if it were not for a technology called DMA – Direct Memory Access.
As the wikipedia page says:
“Direct memory access (DMA) is a feature of computers that allows certain hardware subsystems within the computer to access system memory independently of the central processing unit (CPU).”
Both FireWire and Thunderbolt chips use DMA – it’s one of the reasons they are so spectacularly fast! BUT – that means that a device connected to a sleeping computer via a FireWire or Thunderbolt port can read the contents of RAM without waking the computer up! This means there is no need for any fancy James Bond antics to get an encryption key out of a sleeping computer that has FireWire or Thunderbolt – i.e., just about every Mac (but not iPhones or iPads). All you need is a computer at the other end of the FireWire or Thunderbolt cable and some software.
So, does the pmset command Steve gave in his question work? Yes! It tells OS X to nuke the encryption key from RAM before entering sleep mode. This means your encrypted disk is as safe while the computer is asleep as it is while the computer is powered down. But, it means you have to enter your password to wake the computer fully from sleep.
BTW – the pmset command can do a lot more than just alter the handling of FileVault keys when the computer sleeps. The command is for managing ‘power management settings’ on a Mac. If you want to know more you can read the man page, or, read the command’s wikipedia page.
With whole disk encryption, a disk is only readable by the OS while the OS has a copy of the key. No key, no disk access, no ability to be an operating system! So, at all times while an OS is running, it has to have the encryption key for the disk in RAM. If you lock the screen, the key stays in memory. By default, if you put the machine to sleep, the key stays in memory so that when you wake the machine up it can continue to run.
Logically you’d imagine that this shouldn’t be much of a problem because it should be hard to access the RAM of a sleeping computer. You’d imagine you’d need to take the case off and connect some electrodes to a small solder point somewhere to read out the RAM. Unfortunately, if you have a FireWire or Thunderbolt port on your computer, that’s not the case. Both of these connection technologies use a technology called DMA, which stands for ‘Direct Memory Access’. This gives these connectors a great speed boost, but at a price, those ports can access RAM directly, without the need for the OS to get involved. Even while the OS is asleep, a device connected over FireWire or Thunderbolt can read the contents of a computer’s RAM.
So, if you have full disk encryption enabled the key will be in RAM, and, if you have FireWire or Thunderbolt, RAM is directly accessible via those ports – a bad mix!
The command Steve gives in his question instructs OS X to nuke the FileVault key in memory before entering sleep. This has the advantage of securing your disk while the computer is asleep, but the price you pay for that extra security is the need to type your password as soon as you wake the computer, because it cannot access the hard disk until it has access to the key
Konrad Dwojak’s Photography Tip
Konrad sent in a segment where he gives some tips on composing landscape shots.
*insert Konrad’s Audio here*
The music behind Konrad’s segment was James Brown d’funk (Lets go, Bounce), and is by texasradiofish (featuring ElRon XChile, KCentric, panu moon, fourstones (victor), ccMixter Star, slumberlords, FORENSIC, J.Lang, Bigbonobo, Brian Eno, David Byrne, Frank Moreno). It is released as Creative Commons.
I’m really excited to tell you that Clarify 2 has finally been released! You have so many options on how to order Clarify 2 via clarify-it.com:
- Upgrade from Screensteps
- Upgrade from Clarify 1 for Mac
- Upgrade from Clarify 1 for Windows
- Upgrade from Clarify 1 Cross-Platform license
- Buy a whole new license
And the best part is we have a coupon code just for NosillaCastaways! It will get you 25% off, and it’s good till September 1st! You have to listen to the show to get the code though because people steal coupon codes if I type them on the blog. Oh! and remember if you bought Clarify 1 directly from them (not the Mac App Store version) after April 1, 2013, you are eligible for a free upgrade to Clarify 2. That’s a crazy long time to honor that agreement but they’re as good as their word. Heck – if you got Clarify 1 through the MacHeist bundle, they even have a path for a free upgrade for you too! I’ve never heard of a developer giving that kind of free upgrade.
You can also get Clarify 2 from the Mac App Store. Remember Apple doesn’t let the developers do discount codes or upgrade pricing so you’ll pay full price but it’s great to have it on all of your Macs and future installs are so much easier. The good news is that the guys over at BlueMango Learning have given you every option possible to buy the way you want to buy.
Don let me be a guest screencaster over on ScreenCasts Online this week so I seized the opportunity to do a tutorial on Clarify 2. I’ve been planning that one for so long, I was thrilled that we actually nailed the delivery date exactly on the day that Clarify 2 was released. If you want to become a member, head on over to screencastsonline.com to subscribe. He’s also going to include it in the next issue of SCO Mag on the iOS store for iPad, which is a fun way to consume his videos and read a lot of great articles too. I couldn’t be more excited about a product launch!!!
Monty Python’s Ministry of Silly Walks
And now for something completely different!
I’m a huge Monty Python fan. I love their original Flying Circus sketch shows, and their movies, particularly The Life of Brian, which was so brilliant. It was banned in Ireland while I was a child, so it was great fun to watch it on the UK station Chanel 4 whose radio waves utterly ignored the Irish border and flooded into Irish TV sets regardless of censorship! In many ways the Pythons are to surrealist comedy what the Beatles are to pop music. If you’re not familiar with their work yet, I’d recommend their feature-length show, Monty Python Live at the Hollywood Bowl as a good starter.
Anyway, they performed a big farewell series of stage shows recently and, as part of the publicity for that show, they released a game for iOS and Android – Monty Python’s Ministry of Silly Walks. The iOS version costs €0.99 and is a universal app. The game is based on a sketch from the Flying Circus sketch show in which John Cleese portrays a civil servant in the absolutely farcical (and fictitious) ministry of silly walks. It’s almost impossible to explain the Ministry of Silly Walks – so here’s a YouTube link to watch it in all it’s surrealist glory: https://www.youtube.com/watch?v=iV2ViNJFZC8
The game is spectacularly simple – you play Cleese’s character who walks along a continuously scrolling landscape and has obstacles to either jump over or slide under. It’s utterly trivial, but surprisingly addictive. The longer you play the faster the character moves, and the quicker your reflexes have to be. As well as not running into an obstacle, you can also collect coins with which you can buy new suits for the character to wear, and there are special bubbles you can collect to temporarily make you invincible, slow down time, or turn you into a coin magnet.
An utterly daft game that’s none the less surprisingly addictive and fun!
Chit Chat Across the Pond
Show Notes: http://www.bartbusschots.ie/blog/?p=6007
Mark’s Dawn Tulip Images: