Category: Technology

A Valuable Lesson For Those Upgrading Servers and Clients to OS X Lion

One purpose of this blog is so readers can learn from my mistakes. If you’re planning on upgrading both client and servers to OS X Lion you should be aware of something.

First you should know that OS X Lion is a separate download from OS X Lion Server. Instead of having two versions of their operating system available for download Apple has made the server utilities available as a separate installable package. I like this option honestly but I did make a mistake that ended up costing me $29.99.

Because I didn’t want to tie up my server with a major download I initially purchased and downloaded OS X Lion from the App Store on a client computer. I tried to also purchase OS X Lion Server at the same time but the App Store wouldn’t allow me to do so from a system not already running Lion. Later I decided to download OS X Lion on my server so it would be available for install when I was ready (as OS X Lion is a 3.47GB download, I thought getting on the system early was a smart move). When I went to download OS X Lion on my server the App Store reported that I needed to also purchase OS X Lion Server. The App Store did warn me that both would be purchased and that I would be charged $79.98 but being I was in a hurry I made an assumption. My assumption was that OS X Lion was already in my purchase history and thus only OS X Lion Server would be purchased at this point. That assumption, like most, was incorrect and I am now the owner of two OS X Lion purchases.

There are three options available to those wanting to upgrade both server and client computers to OS X Lion. The first, and probably easiest option, is to purchase OS X Lion on a computer currently running OS X Snow Leopard Server. Doing this will require you purchase both OS X Lion and OS X Lion Server at the same time but they will appear as separate purchases in the App Store which will allow you to download just OS X Lion on client computers.

Option number two is to purchase OS X Lion on a client, format the server, install OS X Lion, purchase OS X Lion Server, and then restore your server specific settings. This is probably the most painful method of upgrade both server and client computers to Apple’s new operating system.

The third option is to install OS X Lion on a client, upgrade that client, and purchase OS X Lion Server after the upgrade is finished. This will put both OS X Lion and OS X Lion Server in your purchase history and you should be able to upgrade your server without having to purchase any additional downloads.

So the lesson I have for everybody reading this is making assumptions don’t make assumptions, they can be expensive.

EDIT: 2011-07-20 16:30: I contacted Apple through their App Store support page and they got back to me within a few hours and issued a refund. That’s pretty good support considering the mistake was ultimately mine for making the assumption that I wouldn’t get charged twice.

iOS 5 Supports S/MIME Encrypted Email

Here is an interesting iOS 5 feature that Apple doesn’t seem to be advertising very much (since most people probably don’t care), the ability to use S/MIME to sign and/or encrypt e-mails sent from you iOS device. This is actually a pretty killer feature for me as I like to sign e-mails I send (of course I used a self-signed certificate so it shows up as invalid unless I send my public key to recipients).

iOS 5 Beta

So I loaded iOS 5 Beta 1 onto my iPod Touch and took a look around. I haven’t had much time to fiddle with it but I’ve decided that Apple did a great job of ripping off Android’s notification system and that’s a good thing. With that said Apple did add two things that I greatly appreciate; widgets on the notification pull-down and the ability to make notifications appear on the lock screen.

I’m not sure if Apple is going to allow third parties to write widgets for the pull-down menu but they have included one for stocks and another for weather. When you pull down the notification page the weather widget will give you the current temperature which is nice. Hopefully third parties are allowed to write widgets for the notification page as I could name a few things I’d like to see there.

The other change to the notification system that Apple made was making notifications appear on the lock screen if you want them to. When you turn the phone on any notifications set to appear on the lock screen will be there and swiping across a notification will open the app that sent out the notification. Thus swiping across an e-mail notification will open Mail and take you right to the message you swiped across. Overall I really like the new notification system and feel it makes iOS a far better OS to work with.

Apple Announcements

Yesterday was Apple’s World Wide Developer Conference (WWDC). This is generally where Apple announces their new iOS and OS X related stuff and this year I must say they didn’t disappoint. I’ll just link to Engadget’s liveblog coverage as it gives the entire WWDC keynote.

First let me say I’m glad that Apple has finally decided to improve the way notifications are handled in iOS. Instead of those damned popup boxes that interrupt whatever you’re doing Apple is going to use the notification system they ripped off from Android. Basically when a notification comes in a little message will appear at the top of your screen and swiping your finger down from the top of the screen will bring down a full list of notifications. The one improvement Apple has added to Google’s system is the fact notifications will also appear on the lock screen so there is no need to unlock the phone to see what messages you have waiting for you. Overall I think this will fix the primary usability complain I’ve had with iOS for ages now.

Apple also announced iCloud, their new revision of .mac MobileMe. First Apple has finally done away with the stupid annual $99.00 fee which means I will actually try and possibly use this service (I could never justify spending money on something Google offered for free). iCloud also looks to expand greatly on MobileMe’s feature set by adding the ability for your iOS apps to store data on Apple’s servers allowing for back ups and syncing.

Speaking of things that no longer require tethering to iTunes for, Apple has also finally started work on freeing iOS devices from iTunes. Starting with iOS 5 devices will be able to sync and backup via WiFi instead of requiring you to physically plug your device into a computer running iTunes. I’m a huge fan of this as it may allow me to backup my device via WiFi remotely by using a VPN connection. Currently if you’re away from the system you use to backup your iOS device you’re kind of fucked should you need to do a backup and restore. It seems Apple is taking the best features from their competitors and integrating them into iOS and honestly it’s about damned time some of the features were added.

The last announcement that really got my attention was OS X Lion (10.7). Lion is being released next month via the Mac App Store (I’m assuming disk versions will be available as well) for $29.99 for the standard client version and $49.99 for the server version. This is big news as the server version previously costs a fuck ton of money (about ten times what Apple is now asking) and now will be affordable to most people. With a price like that I will actually upgrade my little Mac Mini server instead of letting it sit at 10.6 for the entirety of its life.

Overall I’m actually exciting about the announcements at this year’s WWDC and look forward to the release of iOS 5 and OS X Lion.

iPhone Encryption “Cracked”

One of the features I really like about the iPhone that Android appears to lack is the ability to encrypt the data on the device. Well news has been floating around that a company has found a means of cracking the iPhone’s encryption but from everything I’ve read it appears as through they are just brute forcing the password of the backups.

From the feature list it seems the program attempts to brute force the encrypted iPhone backups on your computer using the Graphics Processor Unit (GPU) to speed up the process. What I find funny is one of the listed features is “Decrypt iPhone/IPad/iPod backup (with known password).” Oh look at that if the application knows the password to decrypt the backup is can… decrypt the backup. No fucking shit. You know how I decrypt encrypted information? By using my password.

Two solutions exist to prevent this application from working on your phone; use a strong pass phrase to encrypt your backup and encrypt the hard drive of your computer for additional security. I’m not sure if the software is able to brute force the passkey on the phone but as my phone wipes all it’s data after 10 failed attempts to unlock it I feel as through I don’t have to worry about this particular problem.

Spammers Utilizing Their Own URL Shortening Services

I’ve explained my hatred for URL shortening services in the past and it seems that hatred continues to be justified. I feel that URL shortening services are a security threat as they prevent a user from knowing where a link will actually take them. This is why I have a policy on this website to delete any and all comments that continue a link to a URL shortening service. Well it appears as through spammers are now using their own shortening services:

Under this scheme, shortened links created on these fake URL-shortening sites are not included directly in spam messages. Instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites.

These shortened URLs lead to a shortened-URL on the spammer’s fake URL-shortening Web site, which in turn redirects to the spammer’s own Web site.

This shouldn’t come as a surprise to anybody. The obvious danger here is a link that appears legitimate (a known URL shortening service link) could redirect you to a spammer controlled shortening service link which could redirect you to a site that attempts to compromise your computer.

Before anybody brings this up I do realize that my Twitter feed uses a URL shortening service. I can’t do anything about that and if you don’t like it then subscribe to the RSS feed instead like normal people.

Hacking the United State’s Government Could Get You Bombed

Here is another example of a completely reasonable reaction by the United States government. In their recently released International Strategy for Cyberspace [PDF] the United States made a few statement one of which was a threat to bomb the shit out of anybody who hacks their computers:

States have an inherent right to self-defense that may be triggered by certain aggressive acts in cyberspace,” says the policy. Indeed, such aggressive acts might compel a country like the US to act even when the hacking is targeted at an allied country.

Certain hostile acts conducted through cyberspace could compel actions under the commitments we have with our military treaty partners,” says the document. “When warranted, the United States will respond to hostile acts in cyberspace as we would any other threat to our country.”

Personally I feel that may be a bit of an overreaction, especially threatening to bomb countries that hack into computers owned by allied countries. I certainly feel this is an overreaction as the paper says the United States will take these actions “when warranted” which translates roughly into “if you country has any natural resources we desire.” Yeah I’m cynical.

FBI Surveillance Spyware

It’s no secret that the Federal Bureau of Investigations (FBI) use various form of technology to perform surveillance. In this day of high tech gadgets far more information can often be gleamed from a computer than simply tapping phone lines. The Electronic Frontier Foundation (EFF) was able to use a Freedom of Information Act (FOIA) request to obtain information on the FBI’s Computer and Internet Protocol Address Verifier (CIPAV) spyware (by the way was that enough acronym soup for you?):

What is CIPAV and How Does It Work?
The documents discuss technology that, when installed on a target’s computer, allows the FBI to collect the following information:

  • IP Address
  • Media Access Control (MAC) address
  • “Browser environment variables”
  • Open communication ports
  • List of the programs running
  • Operating system type, version, and serial number
  • Browser type and version
  • Language encoding
  • The URL that the target computer was previously connected to
  • Registered computer name
  • Registered company name
  • Currently logged in user name
  • Other information that would assist with “identifying computer users, computer software installed, [and] computer hardware installed”

The documents are an interesting read and it really brings up the question of how one could defend themselves against such a tool. This depends on how the FBI installs the software. If they break into your computer remotely to install it the only option available is to ensure your system is locked down as tightly as possible. That doesn’t solve the problem of the FBI sneaking into your dwelling or place of business and installing the software remotely.

This is where full disk encryption comes into play. If you entire hard disk is encrypted there really isn’t much that can be done without the password. Not only can data on the drive not be seen but it also can’t be changed and thus you can’t install software onto the system without the decryption key. Not only does full disk encryption protect your data if your device is stolen but it also protects your from third parties installing software onto the system.

Technological Advancements

The computer field interests me because it’s moving so damned fast. If every industry advanced as quickly as the computer market we’d probably have faster than light travel by now and could live for 500 years. I love seeing demonstrations of these advancements and the fact that an iPad 2 can beat a supercomputer from the 1990s makes for an excellent expression of such advancements.

Just think about that for a moment. In the span of roughly 20 years we’re now at the point where a handheld electronic device that costs hundreds of dollars surpasses the computing power of a massive supercomputer that listed for $17 million (the Cray-2 in this case). The human race is fucking awesome!