Teare Software Solutions

I was talking with my brother today and he needed me to remind him how I made his Windows run "right". You see, just over a year ago I needed to clean his machine from all the malware that had attached itself over the years. Now that he has a new machine, he wants the same configuration to keep him clean. To clean the old machine, I did the usual things like setting up a firewall, removing autostart entries, installing firefox, and rebooting several times. Of course I didn't worry about the antivirus software, because it was the antivirus software that gave him a false sense of security to begin with. This (to remain nameless) piece of junk happily allowed all the spyware to infest the machine. Anyway, one year later, I needed to lend him some advice again. However, since I switched to Mac 12 months ago it took me a long time to remember how to help Windows. Poor Windows needs help to stay out of trouble ;) I decided to post my tips here so I don't forget again.

I'm a huge fan of the Creating Passionate Users blog. Having passionate users is very important, especially for small businesses. Passionate users will take the time to *tell you* how to improve your product and they will also help your product spread through word-of-mouth & blogs. In a recent blog entry they mentioned that one way to create a buzz is to pick a few things that are normally done poorly in your industry and do them extremely well. One of the items we chose to do well was customer support. In our industry, it is not uncommon to never get a response to your question. We have so many users respond to say "Thanks for replying". These poor users have likely dealt with some of the other companies that never reply (are you listening Apple?). At Agile Web Solutions, we aim to respond to **all** user emails (paying or not) within a few hours if we're awake, and within 12 hours if we are asleep. If I was a user of a product, this is what I would want, so it was only fair to give our users the same thing. Of course, this level of support is not always easy. For example, last night I received a question from a user at 11:30 PM. I was dead tired at the time and wanted to ignore it, but I choose not to. I took the time to write a quality response, and was rewarded for my effort this morning when I found this response from Jack G.: > Wow. Impressive response. I don't think I've ever received a support response quite that fast. Also, I appreciate knowing the config info you have given. I will toy around with the keychain settings to see what I prefer. > I look forwared to a great product only gettting better. It makes my life on the Mac so much easier! Sounds like Jack is a happy man, and he is **much** more likely to recommend our company, purchase our products, and make suggestions to tell us how to improve 1Passwd further. Best of all, however, is how Jack's response affects my brain chemistry. Having responses like these from passionate users helps to energize me. Because of Jack, I now have the strength to continue improving 1Passwd to be the best password manager for Mac! This is a win-win situation!

I had some great feedback on my Mac password manager today. The user terranaut provided the following kind words in a post on our forum:

I am a recent PC to Mac switcher, and have suffered without a decent form filler until now. So thank you for this program, I am also impressed with 1passwd\'s ability to take the data saved from the registration page and apply it to the login page, I never was able to get Roboform to do that.

Of course this put me in a great mood! Not only was he happy with our product, but he says it is more usable than RoboForm.

But enough patting myself on the back. It is quite easy to convince ex-windows users of the benefits of 1Passwd. The problem is convincing existing Mac users. Many times I have been told 'Mac already has the keychain' or 'AutoFill does that'; it has been a tough sell to convince them that 1Passwd is truly unique and goes beyond those built-in features.

So far, the only way I've found to convince Mac users of the benefits is by showing them our password manager in action.

After watching the movie, Mac user's agree that 1Passwd goes far beyond the default keychain and AutoFill features of OS X.

I have been using iMovie a lot today trying to make some nice demo videos of my Mac password manager.

I tested out iMovie for a few hours by making a movie out of two 20 second videos. It seemed quite nice and I decided to record 5 short videos, for a total of about 6 minutes. My plan was to splice these together with some nice transition effects between them so I could have one nice overview movie. To my horror, after I asked iMovie to import the 5 videos I was presented with this monstrosity:



2 hours to import 6 minutes of video!?! How can this be possible? The small videos are each H.264 encoded and I'm importing them into a HD project. I expect the generated movie to be a few gigabytes in size before I compress it, so I expected a delay — just not a 2 hour delay!

I'm on a laptop so I thought maybe iMovie was IO bound, but looking at the activity monitor I found it was CPU bound:



Amazingly, iMovie isn't even using all the available memory:



As for my machine configuration, I'm running a new Intel 1.8Ghz Macbook Pro Duo with 2 gigs of ram. I'm running one of the best machines available and this is how iMovie behaves? It is disgusting.

Being that this is an Apple, I expect everything to "just work", but maybe I need to tweak some settings somewhere? Does anyone have any advice, or should I shoot this dog?

Well, the phishing attacks continue! I have been getting several phishing attacks everyday. Often I get ones from Western Union and some German bank -- both of these I don't do any business with so it is very easy to filter them out as being spam.

I do, however, do lots of business with Paypal and eBay. It is therefore very hard for me to ignore emails like this one:

The email looks quite professional, and it even uses many of the exact same images that eBay uses. They also added the following FUD to get me really concerned:

No action is being taken against your account at this time. However, it is important to remember that when you bid on or buy an item you are agreeing to a contract between you and the seller. If the situation isn't resolved within 7 days of this reminder, you may receive an Unpaid Item strike ...

This sounds serious! Of course, that's the point &mdash the attacker wants me to be concerned enough that I login to his site and try to resolve the problem.

So how do I know I'm supposed to ignore this? One way is to hover your mouse over the "respond now" button and wait a few seconds. Eventually the following URL is popped up:

http://81.113.212.146/signin.ebay.com/...

I can then tell that this is a phishing scam since the domain is not eBay's and therefore it must be a phisher.

There are several problems with this approach, however. It is a manual thing that you must always remember to do. If you get tired, or read the url too fast (i.e. in the above URL the attacker included signin.ebay.com), it is easy to make a mistake. All the phisher requires is for you to make one mistake.

I always had a distaste for security measures that require me to "stay alert". I much prefer letting the computer handle these mundane things for me. This is where my Mac password manager comes in (or RoboForm for Windows). By automating the login phase, 1Passwd can protect you from phishing attacks since it will never enter your data into a site whose domain doesn't match.

To show how this works, I made a video screencast showing how 1Passwd protects you from phishing attacks. I now can worry about other things than losing my money or reputation.

Note that the video requires the latest quicktime to be installed on your machine since I used the H.264 compression algorithm. Please let me know if you have any troubles viewing it or if you have any screencast requests.

I was playing around with my hosts file today so I could test my new mac password generator website before it went live.

As always, this was a simple matter of updating the /etc/hosts file to add the following entry:

127.0.0.1 macpasswordgenerator.com

(For the uninitiated — this simply means whenever you have a request for macpasswordgenerator.com, route the request to the local machine instead of asking the DNS servers.)

But for some reason this didn't work! I restarted my browser but still no dice. I figured there had to be a cache sitting around somewhere, and indeed there was. It turns out you need to flush the lookupd cache after updating the hosts file:

sudo lookupd -flushcache

I never needed to do this before. I wonder if the 10.4.7 update changed some settings on me?

Thanks to Mike Zornek for this tip.

Keeping all your applications up-to-date with the latest security patches is critical in today's malware-infested world. Most malware exploit known vulnerabilities in operating system and installed applications. For example, the recent security update from Apple included this fix:

AppKit, ImageIO

Impact: Viewing a maliciously-crafted TIFF image may lead to an application crash or arbitrary code execution.

The phrase "arbitrary code execution" means that an attacker could do anything they wanted on your machine by simply having you view an image! This is obviously a horrible proposition for Mac users because your machine could be compromised by simply visiting a website.

This exploit reminds me of a similar issue in Windows Internet Explorer. It is sad that the Apple engineers didn't learn from Microsoft's mistakes. At least it is fixed now and Mac's have autoupdate enabled by default.