Monthly Archives: April 2010

iPhone

ePub and iPad

As an author, I’m pretty interested in the changing face of the publishing industry. Tim O’Reilly was on the cover of Inc magazine this month and I’ve been following his musings about publishing for some time. But this whole digital publishing thing has to make an author think about what it means for us. But as a geek, I’m stuck in the technical, wondering if I were to self-publish something straight to the iPad, what would it look like? Not the content, but the files.

ePub seems to be the main focus of e-book devices and where the industry is going to go. ePub is a format ratified by the International Digital Publishing Forum (PDPF) and based on XHTML. ePub support will be built into the upcoming version of a couple of different software packages, most notably Scrivener. For software that has ePub support, you can export out of the software easily as an ePub file. These files can then be viewed from iBooks on the iPad, i2Reader on the iPhone, Calibre on Mac OS X/Windows/Linux and Aldiko for Android.

Now how to reach the masses and get them to buy, download and read your content is another story. Currently, Amazon allows you to submit content to the Kindle store and Aldiko allows you to copy ePub files directly to an Android through the use of an SD card. Lulu should allow content to go directly to the iBookstore, but for those of us with an eye to publish to the iPad will need to wait for a few more details to unfold. In the meantime, read up on ePub if you’re interested in self-publishing (especially on the DRM capabilities) and I’ll post something here when I’m ready to announce any projects I have in the poker going that direction. Also, in the meantime feel free to pick up the 1st edition of the Mac OS X security book I did on Kindle. :)
Name Your Link

sites

No More Mingling

I’m just not that social. Therefore, I have removed Mingle, the social networking aspect of Krypted.com. I may reintroduce something like this in the future, but for now it seems that it’s just a source of frustration…

Get MacTech

Mac Security Network Infrastructure

Symantec Acquires PGP & GuardianEdge

Today Symantec announced that it is acquiring PGP. I certainly hope they treat the Mac PGP client better than they’ve treated some of their other Mac clients. This move brings Symantec squarely into the encryption space. They encrypt full disks (including the boot volume of Mac OS X), portables, file servers, jump drives, Blackberry and PDFs. They have a mature centralized key management solution (after all, all encryptions seems to be key based these days) and even recently added application control to their portfolio, to block malware. Perhaps the last is why Symantec went ahead and picked them up. Or perhaps it’s because they just like buying things at Symantec. Shiny IT things that do something cool… Well, this is perhaps one of my favorite companies that they’ve bought.

I’ve liked the PGP brand since watching Zimmerman fight to keep PGP going in the early 1990s, when PGP met the standards of a non-exportable weapon. That is, until Zimmerman published a physical book with the source code in OCR-friendly font and ended up with PGP covered under the first ammendment. All of that is such old history though. Zimmerman has been gone since 2001, after a merger and then an acquisition by Network Associates. The company then ended up getting dumped by Network Associates and refounded (with assets bought back from Network Associates) with a little VC. It’s been a weird journey to get to where they are today. I hate to watch it go away (again) as a company though. Hopefully this acquisition will go better than things went when they were part of Network Associates.

Symantec is also acquiring GuardianEdge. GuardianEdge products already integrate nicely alongside the Symantec portfolio. You can even deploy GuardianEdge with a special Altiris Connector into Altiris Notification Server, which alerts you when systems “present risk to protected information”. Overall, either PGP or GuardianEdge seem like great adds to the Symantec lineup. Both from the outside seem a bit superfluous but I have to guess someone has a great strategy for integrating the two brands into one. I look forward to watching it unfold.

Xsan

InnerPool Video from Active Storage

VMware

Checking Free Space in vSphere

Most of us will be familiar with the df command. But in ESX, you use the vdf command, located in /usr/sbin. Running the vdf command will net you similar output to what you see with df. Simply run the following to see free space on each of your disks:

vdf -h

You can also list all of your data stores to correlate the vdf output with esxcfg:

/usr/sbin/esxcfg-scsidevs -c

Or to list LUNs:

/usr/sbin/esxcfg-mpath -L

BTW, if you’re running out of free space, in my experience, first look to your snapshots and check how much space they’re consuming…

Articles and Books

Status of Books

Recently I have been getting a lot of questions about what the status of some of the projects that I’m working on is. So I figure I’d just post it here and hopefully proactively deal with that. Many of these stem from the fact that a couple of my books were made available on the Apress Alpha site. The Alpha site is meant to provide access to works as they’re in progress and allow a bit of crowdsourcing for an extra layer of tech review (the books are posted to Alpha before they go to tech review).

I am not currently ready to announce any of the titles that will be coming up after the iPhone book, but there are a couple in the works. Or I might just drop the whole writing thing (or so I keep telling myself)…

Mac OS X Mac Security

HellRaiser

A new variant of HellRaiser is now out there. It is being called OSX/HellRTS.D and in order to get infected you would have to run a server daemon, shown below.

HellRaiser is a RealBasic-based trojan horse that gives control of a Mac OS X system to an attacker. This can include searching through the file system and then transferring files, viewing the clipboard, sending audio, sending chats, viewing the screen, showing pictures, viewing spotlight indexes, controlling mail and rebooting (see the tabs below).

A number of products will detect the OSX/HellRTS.D. trojan horse when using the latest definition updates, including the following (which links to the HellRaiser entry for each vendor):

HellRaiser is not widely distributed and so most users have a pretty low risk of being infected. However, be wary of files you get from untrusted sources (especially the ones called HEYI’MATROJANPLEASEDOWNLOADME from BitTorrent;) and run some form of anti-virus on your systems. It’s pretty easy to take the HellRaiser application, customize it to your liking and then distribute it (let’s just say as part of a bundle of iChat Smileys or a fake iLife download). If you find yourself infected (again, a low risk that this will happen) and don’t have any anti-virus, just kill the launchd item that’s invoking it, but first do me a favor and enable ipfw and then ipfw logging for the port that it’s attempting to connect over (by default it’s 24745). Then let me know the address… If you’re not sure whether you’ve been infected, just look for an item running that has a broken File menu (I guess it’s hard to program menus… not) and greyed out preferences. It would need to be recompiled if it was going to have a different quit menu, so you might even see Quit HellRaiser (followed by the version number).

Overall, this isn’t nearly as dangerous as having an SSH server or a client/server remote screen sharing tool that you don’t know about running on your machine. If anything is dangerous it’s the idea that there’s a GUI toolkit for this type of stuff floating around for Mac OS X (and has been since 2004) and that a small 0-day (happens all the time for platforms) could turn into a mass infection fairly easily…

sites

Forums on Joomla

There are tons of plug-ins that you can install with Joomla to get a good, integrated forum. I would recommend that you experiment around with a few on a test site that runs the same version of Joomla as your production site before you go into full production. As a general rule, if it’s a forum, look for something that is included in Joomla rather than a bridge between Joomla and a stand-alone forum package, such as phpBB or something like that.

My favorite two forums for Joomla are probably Kunena:

http://extensions.joomla.org/extensions/communication/forum/7256

Or Agora:

http://extensions.joomla.org/extensions/communication/forum/1891

Whatever forum package that you choose, don’t forget you’ll have to match up the template/theme with that of your forum software (especially if it’s phpBB or something like that). And if you can, lock your forum down with captcha or emailing links to users that are signing up to get them to activate their account. This will help to keep the pesky bots from turning your forum into a den of spam.

Xsan

Dot Hill with Xsan

The Promise Vtrak is the only officially supported platform that can be used to provide LUNs to an Xsan. Having said that, there are a number of other storage vendors that are supplying LUNs at this point. And while I don’t really want to speak to that it is worth noting that it brings me joy to watch the ever-expanding number of vendors testing their products for and then marketing to the Xsan community. One that I came across recently is Dot Hill, who did a video showcasing their speedy 2U product at NAB.

Home Automation Mac OS X

Running SSH on AppleTV

Sometimes it can be really useful to have an SSH connection into your AppleTV. If I need to explain why then you probably won’t want to do it. Unless of course, you’re just after getting something like Boxee running, which we’ll look at as well. Before we get into doing anything to your AppleTV, when we’re done I do not know how Apple will feel about your warranty moving forward, so do this stuff at your own risk (but that’s pretty much true for many articles on this site)…

So first up, let’s install SSH. To get started, plug in a jump drive you don’t mind reformatting. Then run the df command and look at which filesystem that the jump drive was mounted as. In most cases this should be /dev/disk1s1 or /dev/disk2s1 or something like that. Note this location and while you’re at it, double-check that the data is trivial to you and that you really don’t mind reformatting the jump drive.

Next, let’s download atvusb-creator, a little utility that will generate a new patchstick based on that jump drive (a patchstick being the term applied to usb sticks that will hax0r an AppleTV). Once downloaded, run the tool. Select ATV-Patchstick in the Choose an Installation dialog, and then select the version of the AppleTV OS you have (if you’re fully software updated then as of the date of this writing that would be 3.x). Next, choose ssh tools from the 3rd field in the Installation Options section, making sure that the box is checked. If you are just trying to get XBMC or Boxee running then you can check the boxes for those as well at this point.

ATV USB Creator Screenshot

ATV USB Creator

Next, set the USB Target Device field to be the filesystem you selected earlier and then click the Create Using button and wait for the process to finish. Once the patchstick has been created, plug it into your AppleTV and reboot the unit. You’ll see a bunch of code, similar to starting Mac OS X into verbose mode. When the screen tells you that you’re done, unplug the patchstick and reboot the device. Upon reboot it will be running SSH with a username and password of frontrow. If you’re not using a static IP address then if you open iTunes and connect to the device you’ll have an entry in your arp table for it. You can run arp and find the IP fairly easily. Once found, use the SSH command to connect to the device. For example, if mine is on an IP address of 10.0.0.100 then I would use the following command to connect to it:

ssh frontrow@10.0.0.100

Now you have an AppleTV running SSH. Even though this article isn’t meant to be about Boxee or XBMC, you can then install those by going to the new Launcher menu and then to Downloads and downloading those applications (otherwise if you try to access them you’ll get an error that the .app bundle can’t be found). Once those are in place it should open pretty easily.

Now that you’re running SSH, let’s look at one of the uses. I want a web browser on the AppleTV (even though typing a URL in it is pretty painful unless you install a keyboard too). For this instance, I’m going to use CouchServer, ’cause I like the way the keyboard works and because there’s a silverlight that kinda’ sorta’ works with it. First, download the files for CouchSurfer here. Then copy the files that were downloaded up to the device (assuming the filename is CouchSurfer-Lite.tar) from your client computer:

scp ~/Desktop/CouchSurfer-Lite.tar frontrow@10.0.0.100:~

Next, SSH into the AppleTV and extract the tar file:

tar -xvpf CouchSurfer-Lite.tar

Then move the extracted data into the PlugIns directory (which will display the appliance similar to how Launcher would be displayed at this point:

sudo mv CouchSurfer.frappliance /System/Library/CoreServices/Finder.app/Contents/PlugIns/

(your password will be frontrow in case you have hard core add and have forgotten it already)

We’re gonna’ give ownership to wheel:

sudo chown -R root:wheel /System/Library/CoreServices/Finder.app/Contents/PlugIns/CouchSurfer.frappliance

Then reboot the AppleTV. Upon reboot, you will then have a shiny new web browser making your AppleTV even more like a full fledged Mac with Front Row. Now you’re in pretty good shape. You’ve pretty much put more stuff on your AppleTV than you can possibly use, but you still probably just want NetFlix to work on it. For that, you’ll need to get Silverlight working with CouchSurfer and just browse to the movies in the web browser at Netflix.com as the Boxee implementation for AppleTV doesn’t yet work with NetFlix and there aren’t any native Plug-Ins that work with it yet either (that I’m aware of). Also, if you’re going to use any of the 3rd party media browsers, keep in mind that they’re sitting on top of the OS layer and that their resource utilization seems pretty poor compared to the native media browser on the device (given the abstraction there, it seems logical it would be so no complaints).

BTW, another fun little app (to help make your AppleTV more like your iPad):

http://code.google.com/p/weatherfront

And the most intriguing one that I haven’t actually gotten to work yet (haven’t had time to get past the second or third step – busy) is:
http://www.appletvhacks.net/2007/04/02/install-asterisk-on-apple-tv/#more-41

What I’d like to see – the ability to run my AppleTV as a Zwave controller… Or iPad… Or Newton… :)