Home » Learning Curve » Red Hat Diaries
This App Should Be FreeNot the only change in Mojave, in case you were wondering.
渋谷区 (Rixstep) — Darth Mode is cool. The verdict is out on whether it causes eyestrain, but suddenly seeing an ordinary 'Aqua' window on screen is, to say the least, startling.
Darth Mode wasn't the only change in Mojave, in case you were wondering. In case you trusted the media to tell you.
The option of hiding a file extension in a 'Save As' dialog is gone. This is a bit annoying, as it's not easy to figure out what a file's extension should be. (They're simply not seen.)
Terminal is funky too. It's now against the law to try to influence Terminal by sending 'events'. But there are of course ways around everything.
Xcode is a bit funky as well. Where all previous versions of this monster understood 'tilded' paths, this one does not, prompting us long ago to waste the preview copy of version 10.
Legacy issues with Xcode can still haunt. Time was not long ago when Xcode couldn't grasp external frameworks. They had to be copied into project areas, then replaced by symlinks. And now, when they've corrected the code at last, they again can't find the frameworks. One sort of understands why ISVs begged Apple to make the tools open source back in the 1990s - so they could iron out the bugs.
Xcode is a monster today. All told it's easily half a million files. There was a time when people wrote to us, aghast at this thing called 'Unix', and honestly and openly wondered why things couldn't be simpler, a single program file, and a single folder to put it in.
Project Builder and Interface Builder were, by comparison, minimalistic, and scaled better for different tasks. Project Builder was also very elegant, sporting a vertical tab bar in Aqua blue. Ah the Good Old Days™.
And Interface Builder was designed for building interfaces for desktop machines, as opposed to Xcode of today, which is stridently geared to iPhone development.
Switching from 'Aqua' to 'Dark Aqua' on a per-application basis is no big deal, and not at all difficult. The techies at the WWDC advised trying to run apps 'as is', but that rarely works. And it's not just the colours that get screwed up either. But if you can make it work, it's eminently simple.
<key>NSRequiresAquaSystemAppearance</key>
<false/>
Put that in your Info.plist and go for it.
Which makes one wonder why monster application behemoths are needed (or accepted) to do the same thing.
Here's one such Shrek, weighing in at an impressive 11 MB. (Name not given, but you may be able to figure out anyway.)
34 items. 11,577,089 bytes. 22,728 blocks. 0 bytes in extended attributes.
The bulk of that junk is for fifteen Swift library files.
15 items. 11,085,104 bytes. 21,720 blocks. 0 bytes in extended attributes.
libswiftAppKit.dylib
libswiftCore.dylib
libswiftCoreData.dylib
libswiftCoreFoundation.dylib
libswiftCoreGraphics.dylib
libswiftCoreImage.dylib
libswiftDarwin.dylib
libswiftDispatch.dylib
libswiftFoundation.dylib
libswiftIOKit.dylib
libswiftMetal.dylib
libswiftObjectiveC.dylib
libswiftos.dylib
libswiftQuartzCore.dylib
libswiftXPC.dylib
If that's the state of Swift evolution today (and it seems to be) then it was a fortuitous move to not get too involved. As every noob on the planet is currently embedding all of that in each and every download. Ostensibly helping Apple with sales of new SSDs.
It should otherwise be easy to engineer a simple app, something like this, but for every executable bundle on the system (or at least in the user area). (RxDefaults takes 120 KB on disk, still a lot but 1/100th the size of the blob above.)
(Also a word to the noobs out there: running a 'strings' app on your binaries is a dead giveaway you don't even know how to create release builds. Do check that out, OK?)
000000000001f7e0 /Users/.../ContentViewController.swift
000000000001fdb0 /Users/.../ApplicationTableView.swift
0000000000020b30 /Users/.../ModeToggleView.swift
00000000000210f0 /Users/.../ContentFooterView.swift
54 Apps
We had over 50 apps to curate after 9/24. Most indies have one, two, three... We have 70+ dating back to 2001. All of which were built to run flawlessly, perfectly. No errors of course, but also no warnings either.
(Warnings can be ignored in some command line environments - hi Bill - but shouldn't be ignored when it comes to event-driven programming where Murphy's Law applies in spades.)
We also spent more than half of 2014 rooting out memory leaks caused not by our own code but by Apple code. And finding ways to work around those leaks.
Today everything is firmly in the 64-bit camp, where some modifications are necessary. As always, the old C rule applies.
short <= int <= long
And Unix has its own types such as off_t, and you have to at times dig to find how things like this resolve. And Cocoa today has its NSInteger and NSUInteger, both defined as 64-bit.
Worse are the deprecations. Earlier this year, Ali announced more macros would be deprecated! This is, for example, redefining NSSomeSillyAndFunkyMacro as NSSomeFunkyAndSillyMacro. Intentions are good to start with, but then someone realises the nomenclature isn't what one wants. So they deprecate.
And that means they're going to 'outlaw' a single line of header code.
They had no issue shipping entire systems for years with hundreds of megabytes of useless designable.nib files, but a macro definition taking perhaps 50 bytes at most - that gives them wedgies?
Mojave is riddled with traps. Exception traps. As if they want to stop you from seeing what's really going on under the bonnet. They stop you before you get there. Avoiding this code is something of a black art. Some of it has to do with knowing what thread you're running on. And that's not always easy to know. And sometimes the system code seems to fool you. It's almost like writing drivers again.
Most apps run far better on Mojave, and, using Darth Mode, they almost invariably look better as well. The graphics people have really done a job here. The subtle piping, the silky feel of it all - Darth Mode is here to stay. At least for now.
(Anyone remember how, more than 20 years ago, MSFT offered different appearances for Windows? Asking for a friend.)
This Should Be Free
Long long ago, so far back in time that no one remembers exactly when, we created an app called 'CLI'. For 'command line interface'. (We changed the title to 'CLIX' within a week but MacUpdate never caught on.) As many utilities, it was born out of a frustration (some would say a wrath) about how ordinary users were getting ripped off by half-baked 'fake' apps only invoking resident system apps behind the curtains (and, to make matters even more obscene, often by using AppleScript to do so.) One culmination was, as many perhaps remember, when one such 'Wizard of OS X' pulled a cute 'bait 'n' switch' on people, giving them an update they thought was free like all previous versions, only to find they'd been timed out after a fortnight or so.
Clearly something had to be done, and we often take on such tasks.
The deal with CLIX was that the 'boss' said it was OK to make a 'free' utility as long as it didn't take more than one working day. That we could afford that time and loss of income.
Said and done. OK, that was a 14-hour working day, but still and all. And yes, CLIX has taken a f--- of a lot of work since then, including the 'Houdini' security system. (Apple's code-signing is too easily defeated on macOS.) But the principle, as we argued, was that people were getting ripped off because they didn't know about what they already had on their computers. And knowledge should be free and shared.
Tracker's another one that should be free. Not because it's the same type of utility. But because it's something that everyone on a desktop or laptop Mac should have.
The principle is easy to grasp.
Prior to OS X 10.4 Tiger, there was a gaping security hole in Apple's system. File timestamps could be programmatically modified where they shouldn't have been. In particular, it's the 'inode' or 'metadata' changed stamp that must be inviolable above kernel mode.
Dicking with timestamps has long been a trick pulled on Windows. The bad guys get in there, replace your precious system modules with bespoke variations of their own, even get the file sizes to match, sprinkle on the exact same 'version info' ('Copyright © Microsoft Corporation') then revert the time stamps as well. How's anyone to know a system's been tampered with?
You can't. Welcome to the World of Windows™.
But Unix is different. Legacy Unix has three stamps for every critter in the system, including the items in /dev. They're called atime, ctime, and mtime, and that stands for 'accessed time', 'changed time', and 'modified time'.
- The accessed time is when last the item was open for reading. (This applies to directories too.)
- The changed time is when last the item's inode data (its metadata) was changed. (We'll get back to this.)
- The modified time is when last the item was written to.
Now add the following to the mix:
- Unix APIs allow programmatically setting the atime and mtime fields.
- But Apple's old APIs essentially allowed programmatically setting them all.
Meaning that, up to OS X 10.4 Tiger, Apple filesystem security was no better than Windows.
But OS X 10.4 Tiger changed all that. Meaning the bad guys could no longer hide their tracks.
Bottom line?
No matter what the 'black hats' try, no matter they want to wipe their tracks, any changes they make to filesystem metadata will show up in the ctime field, and that's now beyond their reach.
And that's where Tracker comes in. To get a better idea of what Tracker does, check your man pages. (That's right, open a Terminal window and look - type in 'man find'.)
OK, this is a monster app. And the documentation is monster too. (This is so typical of the type of utilities they developed in Murray Hill. It's a powerhouse.)
This is what you want:
-newer file
True if the current file has a more recent last modification time than file.
So if you want to see how an unknown program destroys your system, you simply download it, run it as is, then do a system-wide 'find' search for '-newer file', where 'file' is the file you just downloaded.
Note that the above applies only to mtime, and mtime may have been modified by really bad dudes, but there are variations on the '-newer' switch that cover the other timestamps as well.
The question is what you're going to do with all that information once you assemble it? Working from egregiously long text files and scurrying around your file system - even if you hopefully have something better than hopeless Finder - is not the ideal way to spend an afternoon.
And that's where Tracker comes in. (Tracker is not based on Unix find, but the similarities so far are undeniable.)
Tracker also functions as a 'cleaning tool'. You can interact with other file management utilities, you can poke deeper into the file data - it's a file manager in its own right. Most importantly, it can both export its search results and also store them for 'playback' at a later time. And it can also set the 'cutoff' time-wise for timestamp comparisons, so other things you do afterwards don't affect your search results.
There was a time when, as with the so-called 'web revolution' some 20+ years earlier, that it was only the avant-garde, the erudite, who made the move, in this case to the space-age NeXT/Apple OS X. (There were quite a few snotty fanboys hanging around, but they were more amusement than irritation.)
After a while, Joe Blogs took the plunge as well. We saw this both on Windows in the late 1990s and closer to today on what is now known as 'macOS'.
And, in both cases, that latter group moved on after a while, this time to 'tap' devices where ignorance is bliss and cushy.
And that leaves only a few of the avant-garde behind. People who prefer a laptop to a mobile device, for example. Because you can tinker with them (as opposed to mobile devices). Because you can interact with them. Because you can actually do shit with them. And to them. Because tinkering is a human right.
Tim might not know what a computer is - his ads say so - but a lot of people still do. And they know that Tim needs computers to build his mobile software. The iPhone is not a bootstrap system.
You can't seal off a Mac as you can an iPhone. That being said, users can protect themselves better. It's never comfortable outsourcing your safety. (Remember when Apple shipped the first three versions of iOS with everything running as root? When Gruber said there had to be a good reason for it all? How could you protect yourself back then? You couldn't.)
Given that, and keeping in mind that macOS - or any Unix or 'non-Windows' system for that matter - is safer by an order of magnitude, you still have to be careful. A gold depository isn't secure if the guard's sleeping at his post. So yes, you have to be careful - no bonus points for stupidity - but you can also recover if something bad happens to you.
And that's a damned given, and that's why our Tracker should be free.
Free Tracker?
Amazingly, despite Tracker being around for almost fifteen years now, no one's come up with a similar (competitive) utility. People don't have to like the way Tracker's designed - we like it, but others don't have to. The conundrum is that no one seems to take their safety seriously!
Users instead rely on cute graphics-laden do-dads that show them activity in the filesystem events driver? Whilst knowing the buffer to this driver can overflow? Meaning their results are worthless?
Or perhaps they downloaded the latest App-This or App-That which promises to remove all the files they don't want? And one of them was touted as 'the app Apple forgot'? Don't users know even today about this snake oil?
But one - just one - competitor to Tracker would show that at least some lonely soul out there wasn't completely round the twist like everyone else. Your 'Mac' is a computer like any other computer. You may like it more. But it can't percolate your coffee, wipe your backside, find an Internet provider, or keep you safe just because it's a 'Mac'.
To make a free Tracker available, we need to accomplish two things.
- Contact and work with our payment processors.
- Reengineer Tracker as a 'standalone application'.
(The latter of those two probably takes less time, but - for starters - we're going to reduce prices on our two commercial packages. The lesser 'Xfile' package will go for $39 (which should make it very competitive) and the full ACP will be yours for a facile $59.
But this hasn't been accomplished yet. But it will be 'REAL SOON NOW'. So stay tuned.
And the free Tracker should pop up soon after.
There's two ways of looking at this. Either it's like before, where 'Mac' (Justin Long) is smart and 'PC' is a fool, or it's like today, where everybody's just a dumb drooling window-licker.
You decide.
About RixstepStockholm/London-based Rixstep are a constellation of programmers and support staff from Radsoft Laboratories who tired of Windows vulnerabilities, Linux driver issues, and cursing x86 hardware all day long. Rixstep have many years of experience behind their efforts, with teaching and consulting credentials from the likes of British Aerospace, General Electric, Lockheed Martin, Lloyds TSB, SAAB Defence Systems, British Broadcasting Corporation, Barclays Bank, IBM, Microsoft, and Sony/Ericsson.
Rixstep and Radsoft products are or have been in use by Sweden's Royal Mail, Sony/Ericsson, the US Department of Defense, the offices of the US Supreme Court, the Government of Western Australia, the German Federal Police, Verizon Wireless, Los Alamos National Laboratory, Microsoft Corporation, the New York Times, Apple Inc, Oxford University, and hundreds of research institutes around the globe. See here.
All Content and Software Copyright © Rixstep. All Rights Reserved.
|