One of the reasons we looked forward to upgrading our Mac labs to OS X was the increased control we’d have over the systems in our multimedia lab. We carefully set up the lab machines with specific user-level capabilities — users can run this but not that, open this preference panel but not that one, and so on.

And then we installed Digidesign Pro Tools 6.0. Guess what? It wouldn’t run under the normal user account that every other piece of software on the machine ran under. A dialog (a DigiDesign dialog, not Apple) appears, reading the equivalent of: “You must have administrative access to run Pro Tools.”

A closer read of the documentation confirmed that this is true. Requiring admin access to install software is one thing, but requiring it to run software is totally unacceptable. For one thing, Apple (and Unix history) have carefully created a system that would allow administrators to lock things down, so that users can run applications without danger of causing system-level harm. For this system to function requires a basic level of conformance to the platform’s application model, to the understanding that users should be able to run the applications the administrators say they can run. And can do so without causing damage. Standards matter.

When an app vendor requires admin access to run a program, the sysadmin has a few choices:

1. Not allow the program on the computer at all (not an option here)
2. Give the user account admin access, thus subverting all the careful work the sysadmin has done to secure the system
3. Create a separate account with admin privileges but minimal capabilities.

At first blush, option #3 seems like the ideal solution. But as we discovered, when you give an acct admin access, the “Edit Capabilities” button is grayed out. In other words, admin privs are an all or nothing affair. So it looks like #2 is where we’re going to land - giving god-like privileges to all our unprivileged users just so they can run ProTools (an activity which consumes about 3% of the attention of the entire Multimedia Skills program).

And why exactly is it so damned important that Pro Tools be run with admin access? There’s not a single other Mac OS X app I know of that requires this. Why is Digi special in this regard? I found this in Digi’s knowledge base:

Does Pro Tools 6.0 require that Users have Administrator access?

Yes. Pro Tools is capable of creating and deleting huge files on a system, and if a user with no Administrator privileges isn’t normally allowed to delete these files then Pro Tools shouldn’t let him/her delete them either.

I’m shaking my head here. Final Cut Pro is creating files just as huge or huger, and it doesn’t require admin access. And what exactly is it about deleting large files that is supposedly admin-specific? Since when can’t normal users delete huge files? The simple truth is, no other user-level app on the platform requires admin access. This is just Digi making up their own rules, and getting away with it because of their position in the industry.

Security-wise, we’re right back where we were with OS 9. Thanks for being such excellent platform citizens, Digi.

Am I missing something? Is there another way to deal with this problem, or is Digi being as obnoxious as I think they are?

When the news broke a few weeks ago about the G5 supercluster project at Virginia Tech, we thought that the O’Reilly Mac OS X Conference would be the perfect setting for a special presentation about this endeavor. Fortunately the folks at Virginia Tech thought so too.

With facilitation by Alan Graham, a frequent contributor to the Mac DevCenter, and Lynn Nystorm, News Director at the College of Engineering, the Project Director, Dr. Srinidhi Varadarajan, has agreed to speak at the conference on Tuesday evening, Oct. 28, 7:30 pm. (I have to really tip my hat to Dr. Varadarajan for taking the time at this critical point in the project to correspond with me about this event.)

Dr. Varadarajan will take you inside the G5
supercluster to show you the challenges, opportunities, and rewards
resulting from building the world’s most impressive Mac cluster.

Just between you and me, I can’t wait!

Even as a kid I hated handwriting. It was the only subject in which I received a “D.” Teachers used to tease me that I should become a doctor because my script was so illegible. I preferred to “print” my letters instead. It looked much neater to me, but it did take longer. Letting me use a typewriter was the real answer, but that wasn’t allowed in the fourth grade.

These days I can barely complete a grocery list without my hand cramping up. In my mind this demonstrates what an unnatural act pen writing is because I can type all day without a problem. Occasionally, I use my Palm stylus to input a new address or jot a quick note. It’s fine for odds and ends like that. But once when I tried to take class notes at a seminar with my PDA, I gave up in agony after only 20 minutes.

I realize that these examples are different situations than using a Tablet PC. But for me, the result would eventually be the same. Sooner or later I’d screw up because I scribbled some notation wrong. Ironic that Tablet PCs are being touted for healthcare. Don’t doctors have the worse handwriting of all?

To be honest, I don’t want a Tablet PC anymore than I want a headache. I could be totally “out to lunch” here and underestimating the “next big thing.” But what I really think is that Steve Jobs was correct when he said, “It turns out people want keyboards.”

I’m not wishing ill on Tablet PCs. But unless there’s a potential for them to flourish outside of niche markets such as healthcare, I’d just as soon Apple not waste its time on them.

I’m much more interested in the evolution of smart phones, the iPod, wearable computers, and yes, the laptop. If I want to draw a picture on my computer, I’ll buy a Wacom tablet for $99. But even then, chances are that my sketch of the neighbor’s dog will look more like a cow, or an antelope or something different all together.

Related link: https://www.mobilemag.com/content/100/340/C2079/

Nokia has new camera-phone that once again pushes the design envelope. MobileMag reviews the new Nokia 7600 camera phone which has a very unusual look and touchpad. The dialing pad is divided into two vertical rows of numbers: One row on each side of the color screen. These departures from the usual DTMF 3×4 matrix layout is interesting. But, are they practical? Or does it even matter?

What do you think of radical keypad designs on phones?

Related link: https://www.forum.nokia.com/games

Business Wire reports that

Nokia announced the ConnectCoder, N-Gage(TM) Mobile Game Deck Game Battle 2003. The top three winners will divide 30,000 Euros (US$34,515 at the moment) and invited to present their ideas to Nokia at the 2004 Game Developers Conference.

Game-phone ideas folks?

According to one of the rumor sites last week, Apple’s ad agency (TBWA\Chiat\Day) is already working on a commercial to mark the 20th anniversary of the famous “1984″ Superbowl spot.

A bunch of the Mac faithful here at O’Reilly were commenting on this last week, and I was postulating whether Ridley Scott would reprise his role as the commercial’s director. But I’ve since had a better thought. I’m thinking that the 20th anniversary spot won’t be done by Ridley Scott, but instead by John Lassiter. You know. The top director at Pixar.

Now all we need is some music for the background…

It’s just too bad that Apple and The Beatles are in a legal battle right now. If it weren’t for that, Apple could try to license the use of “Sgt. Pepper’s Lonely Hearts’ Club Band”. Ah, but wait…Michael Jackson owns the rights…so it is possible….

So, like a scene from Wayne’s World, my mind quickly flashes into creative mode…

[key in music: “Sergeant Pepper’s Lonely Heart’s Club Band” by The Beatles]
[flash through various Mac OS logos and Apple logos]

“It was 20 years ago today.
Sergeant Pepper taught the band to play…”

[flash kid rockin’ out to an iPod, then flash ITMS]

“They’ve been going in and out of style.
But they’re guaranteed to raise the smile…”

[fade to the Happy Mac startup symbol]

 

[fade to black]

“So may I introduce to you…”

[fast flash through hardware]

“The act you’ve known for all these years…”

[fade out Sgt. Pepper]
[fade to black]

 

[key in guitar riff from “Back in Black” by AC/DC]
[zoom in Panther logo]

“Well I’m back in bla-ack!”

All hail the King of Pop.

Chuck

What would you like to see Apple do for the 20th anniversary of the 1984 Superbowl commercial?

I wasn’t surprised when my dad’s laptop died on him - for months he’d been getting error messages at startup, and getting all the way to the Windows laptop was a dicey proposition. So when it finally seized up and the display died, the third of my family’s WinTel laptops to die a horrid hardware death over five years, it was great that he decided to go down the road to his local Mac dealer (indeed, the only one in northern Michigan) and get a new iMac. I figured that all the support calls I’d been getting would soon be a thing of the past.

Uh… no. Not yet, anyways.

Getting up and running with Mail and IE was easy enough (no, it didn’t have Safari pre-installed), but we kept getting dropped by Earthlink’s dial-up. I was out of my element here, since I haven’t relied on dial-up for years. Unfortunately, in remote Torch Lake, Michigan, the cable company is in no hurry to offer cable-modem service, and DSL is almost certainly impossible. Still, a few hours of phone help from Earthlink and Apple seemed to clear things up.

But then he called me to say that when he sent a big (1.5 MB) PDF file as an e-mail attachment, he’d constantly get a server failure part-way through and the file would go back to his out-box.

This is where having a supportive Apple community helps out. I posted a message to Apple’s support boards, which quickly generated a response suggesting I look into resetting the MTU (Maximum Transmission Unit) value, a low-level networking config. Researching this, I found an article on Mac OS X Hints that described a one-line call to ifconfig to reset the value, and in the feedback, someone posted a good tip for using different packet sizes for ping to find an optimal value.

Ordinarily, investigating this over the phone would be a nightmare, but that’s where the Unixness of Mac OS X pays off. I had my dad create a user for me on his iMac, dial-in, start an ssh server, and tell me his IP address. That allowed me to ssh into his iMac and get a command-line. Pinging with common MTU values (576, 1452), I found we were getting massive packet loss, up to 70% at higher MTU values. I guess that’s what happens when you’re out in the woods and can only get 24Kbps dial-up.

I finally found that I could eliminate packet loss with an MTU of 200, so I set that temporarily with ifconfig and had him send his attachments. Everything started working.

Granted, now I have to find a way to make that MTU value permanent, and maybe I can find a slightly more optimal value, but the process went a lot faster by allowing me to get in with a command-line.

I also wonder why Mac OS X fails so badly off the shelf - does Apple not test a low-bandwidth dial-up configuration? And why can’t a proper MTU be auto-determined at the time a dial-up connection is established? And why is any end-user ever responsible for this value - that’s like expecting me to calculate torque ratios for my car’s gearbox before driving to work. I think I’ll file it as a bug.

Still, for such an obscure problem, this wasn’t too bad to work through. Apple community, unix toolset. Nice combination.

Surely someone has something important and useful to say about this hideous little MTU config. Let’s have it.

I realize that in the grand scheme of things, this is inconsequential. But one of my favorite nicknames of all time was just added to the endangered species list: the TiBook.

That’s right, the sleek, sexy (paint-chipped) Titanium notebook is no more. In Paris Apple announced the new 15″ PowerBook G4 (which must be odd for the French since they are metric) that’s made of aluminum alloy. Aluminum?

Don’t get me wrong here. The new PowerBook is absolutely beautiful. It includes the coveted backlit keyboard, Bluetooth, AirPort Extreme, FireWire 800, USB 2.0, speed bumps, the works. A dream machine it is indeed.

But aluminum? Coke cans are made of aluminum, not the world’s sexiest notebook. And what am I going to call it? The AiBook? Ack!

OK, so I’m having a little metallurgy fun here at Apple’s expense. And honestly, I’m pleased as punch about today’s announcements. We just have to get to work and come up with a new nickname. I’m sure as heck not going to write, 15″ PowerBook G4 every time I refer to the laptop formerly known as the TiBook.

Do you have any suggestions?

Related link: https://www.gamesindustry.biz/content_page.php?section_name=new&aid=2233

GameIndustry.biz reviews the soon-to-be-released Nokia N-Gage game-phone (found the link on Slashdot). It is based on the same Nokia N60 platform used in the Nokia 3650 camera-phone (Click here to see my review of the Nokia 3650).

A friend just showed me a game (written in Java) for his Nokia 6800. It has a tendency to freeze in mid-action every now and then (memory clean-up?). The review notes a slow load time. But, my quick read of the review didn’t turn up comments suggesting the N-Gage shares this mid-action freeze behavior.

Camera-Phone? PDA-Phone? Game-Phone?

I have to deal with many more .doc files than I care to. I have Microsoft Office X, and I use it when I need to work in revisions mode for a shared document. But to be honest, Word is hard on my computer. And when I’m using it, I feel like I’m hiking up a hill and someone just slipped a 10 pound boulder in my backpack.

The vast majority of Word docs I have to contend with don’t need revisions. They are articles from contributing writers, memos, and general correspondence from my photo customers. I could use AppleWorks to handle these, but I have to be honest about this too: I don’t like AppleWorks very much either. (Yes, there’s Open Office also… but it’s not there yet for me.)

I had been a fan of Nisus software for many years and loved using their word processor on OS 9. But they were slow to port to Mac OS X, and I had to move on to native tools.

When I read that Nisus finally had a Cocoa version of their Writer application, my hopes were that it would handle .doc files with ease. After using Nisus Writer Express for a couple weeks now, I’m happy to report that it opens, edits, and saves to the .doc format with virtual transparency. I’ve sent a number of these files to friends and coworkers, and they assumed that they were created natively in Word.

Originally Nisus tried to rewrite their popular word processor themselves, but in the end they decided to buy the Okito Composer and make it a Nisus product. Adam Engst has published a very informative interview with Jerzy Lewak if you’d like to know more about the evolution of this product.

As for me, I like using a word processor again. The Nisus writer has that clean OS X look, beautiful Cocoa functionality, lots of features, and it’s easy on my Mac. I opened the Terminal app and ran top. I can have Nisus open in the background and it uses no CPU resource. When I start to work in the application, it only takes what it needs at the moment, then goes back to 0 percent as soon as the task is complete. Microsoft Word, on the other hand, used an average of 10 percent CPU just sitting there open on my dock.

Nisus plays nice with the other text formats. In addition to the .doc, I can save files to AbiWord, .txt, and .rtf. It supports multiple clipboards, macro, and a host of other valuable word processing features. I love the side-opening tools drawer that shows my word count as I type and puts a number of handy controls right there at my fingertips.

If you want to see for yourself, you can download a fully functional demo and use it for 30 days.

I still use Microsoft Word when I have to, but when it’s my choice, I’m enjoying Nisus Writer.

Related link: https://www.sun.com/smi/Press/sunflash/2003-09/sunflash.20030909.1.html

Here’s Sun’s press release on the departure of co-founder Bill Joy after 21 years. Every time I heard him speak I thought, “we’re still catching up to where he was five years ago.”

I wonder how much RealNetworks paid to have the exclusive Rolling Stones deal for two weeks? Hopefully not a lot. Because right now you can log on to the iTunes Music Store and choose from a catalog of 18 albums by Sir Mic and company.

Of course the real news isn’t who landed the Stones first. What’s exciting is that they’re online at all. Originally they were cool to the downloadable music idea and reluctant to sign a deal. Regardless of what you think of the Stones, having one of rock’s venerable groups withhold its blessing sends a message.

And having them join the online party sends another. I guess you could say they were fashionably late.

For purely selfish reasons, I’m happy to see them in the iTunes Store. I’ve been meaning to replace my defunct cassette tape of Exile on Main Street for years. Looks like I can download it tonight.