Monday, June 30

10.5.4 Review

So, after looking through the 10.5.4 update, I see a bunch of updates.  All ones that we described in the Apple Documents, but anyone that puts two and two together can see that this update is basically getting your computer ready for MobileMe functionality.  There are updates to all the software that MobileMe will have something to do with.

iCal
Mail  (Including an update to To-Do's.  Please let MobileMe have todo syncing?!)
Webdav (iDisk)
Address Book

There are also some updates that I am not sure of, like updates to the Dock, and to iChat.  (Although iChat would need to be updated with new encryption keys for .Mac IM service if Apple was going to rename .Mac.  

Also some updates to Safari, which they did tell us about in the update, but if Bookmarks are going to be synced with MobileMe (name of service again) instead of .Mac, Apple might have to change something in Safari.

So we'll see.  If the MobileMe roll out is on July 11th with the rest of the Apple News, that'd be great.  Personally I think that Apple would roll out the MobileMe upgrade sooner than July 11th since it's such a big upgrade and Apple would want everything working correctly before the new iPhone came out.  Just a theory.

 Subscribe in a reader

10.5.4 Review

So, after looking through the 10.5.4 update, I see a bunch of updates.  All ones that we described in the Apple Documents, but anyone that puts two and two together can see that this update is basically getting your computer ready for MobileMe functionality.  There are updates to all the software that MobileMe will have something to do with.

iCal
Mail  (Including an update to To-Do's.  Please let MobileMe have todo syncing?!)
Webdav (iDisk)
Address Book

There are also some updates that I am not sure of, like updates to the Dock, and to iChat.  (Although iChat would need to be updated with new encryption keys for .Mac IM service if Apple was going to rename .Mac.  

Also some updates to Safari, which they did tell us about in the update, but if Bookmarks are going to be synced with MobileMe (name of service again) instead of .Mac, Apple might have to change something in Safari.

So we'll see.  If the MobileMe roll out is on July 11th with the rest of the Apple News, that'd be great.  Personally I think that Apple would roll out the MobileMe upgrade sooner than July 11th since it's such a big upgrade and Apple would want everything working correctly before the new iPhone came out.  Just a theory.

 Subscribe in a reader

Infected tomatoes? What infection?

Infected tomatoes? What infection?

Sunday, June 29

Caption Contest


Whomever makes the best caption wins.  I don't know what you win, probably a pat on the back.  But this picture is begging for a caption.  Please leave them in the comments section.

Oh yeah, Bill Gates retired, may he enjoy his 'retirement'.  You did good things Bill, now is the chance to take all that money and do BETTER things.


 Subscribe in a reader

Caption Contest


Whomever makes the best caption wins.  I don't know what you win, probably a pat on the back.  But this picture is begging for a caption.  Please leave them in the comments section.

Oh yeah, Bill Gates retired, may he enjoy his 'retirement'.  You did good things Bill, now is the chance to take all that money and do BETTER things.


 Subscribe in a reader

Me.com is up?

I received a report of me.com email addresses working, so I decided to give my account a try (I'm a .mac user).

Turns out it works.  So if your username is username@mac.com, try sending yourself an email at username@me.com.

Cool.

 Subscribe in a reader

Me.com is up?

I received a report of me.com email addresses working, so I decided to give my account a try (I'm a .mac user).

Turns out it works.  So if your username is username@mac.com, try sending yourself an email at username@me.com.

Cool.

 Subscribe in a reader

Saturday, June 28

I ditched Mail Tags

I recently wrote a post on GTD with Mail.app and iCal and everything like that, and I mentioned that I use Mail Tags.

Well, I uninstalled it.  I noticed that it really didn't provide me any value added that I couldn't do with some Smart Folders.  So now I have two more Smart folders and no more Mail Tags.  I still keep all my email (except for listserv email) in one mailbox named Read.  

Basically instead of the traditional way of using email by putting it all into separate folders, I put everything into one folder and search it by using Smart Folders.

I created two more search folders to make stuff a bit easier, one called "Today" and one called "Yesterday" so I can look for email by day.


 Subscribe in a reader

Blog Comments

I changed how commenting works on the blog.  Comments are no longer moderated, but you must have an account.  (No Anonymous posting anymore)  However, I do allow OpenID postings, so you don't have to have a Google or Blogger account.

I originally turned on comment moderation because of the types of postings I was getting, now I changed it to not allow anonymous commenting because lots of people were trying to plug their own website or product by posting comments about articles on the blog.  

I'm half and half about this kind of thing, so instead of rejecting their comments, I'll just require them to have an ID.

 Subscribe in a reader

I ditched Mail Tags

I recently wrote a post on GTD with Mail.app and iCal and everything like that, and I mentioned that I use Mail Tags.

Well, I uninstalled it.  I noticed that it really didn't provide me any value added that I couldn't do with some Smart Folders.  So now I have two more Smart folders and no more Mail Tags.  I still keep all my email (except for listserv email) in one mailbox named Read.  

Basically instead of the traditional way of using email by putting it all into separate folders, I put everything into one folder and search it by using Smart Folders.

I created two more search folders to make stuff a bit easier, one called "Today" and one called "Yesterday" so I can look for email by day.


 Subscribe in a reader

Blog Comments

I changed how commenting works on the blog.  Comments are no longer moderated, but you must have an account.  (No Anonymous posting anymore)  However, I do allow OpenID postings, so you don't have to have a Google or Blogger account.

I originally turned on comment moderation because of the types of postings I was getting, now I changed it to not allow anonymous commenting because lots of people were trying to plug their own website or product by posting comments about articles on the blog.  

I'm half and half about this kind of thing, so instead of rejecting their comments, I'll just require them to have an ID.

 Subscribe in a reader

Thursday, June 26

Review: Dropbox

For those of you that haven't heard of DropBox, it's essentially a synced drive that is stored on DropBox's servers (in the cloud).  Any file you put here is automatically synced to all the computers that you have the Dropbox software installed on.  Sort of like push email, but for whole files.

Signup was easy (I was given a beta code number), and took about 3 minutes from signup to download of the software, to installation, to the syncing of my first file.  Files are instantly synced and are very easy to tell the status of the sync by looking at the icon on the top of the screen (on my mac) as you can see in the below example.  A small unobtrusive icon that has the two arrows syncing when a file is being transferred.

Once all your files are sync'ed and the status is good, the icon will look like this:

So it's very simple to be able to see the status of your sync at any time.  How easy is it to drop files and get them uploaded?

See the DropBox folder the software installed?  That's all there is to it.  You can also upload and manage the files via their web page.  Here's a screenshot of the webpage with a file I uploaded (the backup of my Address Book)

Dropbox has software for both Windows and the Mac.  Linux is excluded, however, I am sure you could use the web GUI to get to your files.  

Now the obvious thing for me is, since I'm a Mac user is, how is this different from iDisk?  Well, one thing that is the most different, is files are pushed to the remote systems.  So if I upload a file at home, and at work on a separate computer I have the software installed the file will be pushed down to the local machine.  iDisk at this time requires a manual sync, which of course, can be automatic, but it's a bit different than a push.  I don't know if this will change with the MobileMe roll out from Apple in the beginning of July, so we'll see.

It appears as if you get 2 Gb of storage in the beta program, I imagine with tiered pricing once they come out of beta, there will be more storage.  But that remains to be seen.  As for security  all connections with the Dropbox servers are SSL encrypted.  All file transfers take place over 443, and you can navigate to it via https.

Now, being as I am security guy, what kind of security risk does this pose?  Well, no more than any other cloud storage option, however, since all traffic takes place over https/ssl/port 443, this will easily transverse proxies and other web limiting devices.  Which is good for ease of use, not so good for people trying to keep their files on their networks without your employees opening (basically, uh, yeah) a backdoor into your network introducing files into your network.  But again, it's no different from them bringing in a thumbdrive or using some other cloud storage service.

Overall, I think it's excellent, setup was easy and intuitive, and the software was easy to use.  Cross Platform integration is great, and am glad to see that someone is doing cloud storage well.

I have 10 invites to Dropbox, so if you are interested, please leave me a message in the comments.  I'm not going to give any invites to "Anonymous" so if you are interested, you have to have a name.  :)

 Subscribe in a reader

Review: Dropbox

For those of you that haven't heard of DropBox, it's essentially a synced drive that is stored on DropBox's servers (in the cloud).  Any file you put here is automatically synced to all the computers that you have the Dropbox software installed on.  Sort of like push email, but for whole files.

Signup was easy (I was given a beta code number), and took about 3 minutes from signup to download of the software, to installation, to the syncing of my first file.  Files are instantly synced and are very easy to tell the status of the sync by looking at the icon on the top of the screen (on my mac) as you can see in the below example.  A small unobtrusive icon that has the two arrows syncing when a file is being transferred.

Once all your files are sync'ed and the status is good, the icon will look like this:

So it's very simple to be able to see the status of your sync at any time.  How easy is it to drop files and get them uploaded?

See the DropBox folder the software installed?  That's all there is to it.  You can also upload and manage the files via their web page.  Here's a screenshot of the webpage with a file I uploaded (the backup of my Address Book)

Dropbox has software for both Windows and the Mac.  Linux is excluded, however, I am sure you could use the web GUI to get to your files.  

Now the obvious thing for me is, since I'm a Mac user is, how is this different from iDisk?  Well, one thing that is the most different, is files are pushed to the remote systems.  So if I upload a file at home, and at work on a separate computer I have the software installed the file will be pushed down to the local machine.  iDisk at this time requires a manual sync, which of course, can be automatic, but it's a bit different than a push.  I don't know if this will change with the MobileMe roll out from Apple in the beginning of July, so we'll see.

It appears as if you get 2 Gb of storage in the beta program, I imagine with tiered pricing once they come out of beta, there will be more storage.  But that remains to be seen.  As for security  all connections with the Dropbox servers are SSL encrypted.  All file transfers take place over 443, and you can navigate to it via https.

Now, being as I am security guy, what kind of security risk does this pose?  Well, no more than any other cloud storage option, however, since all traffic takes place over https/ssl/port 443, this will easily transverse proxies and other web limiting devices.  Which is good for ease of use, not so good for people trying to keep their files on their networks without your employees opening (basically, uh, yeah) a backdoor into your network introducing files into your network.  But again, it's no different from them bringing in a thumbdrive or using some other cloud storage service.

Overall, I think it's excellent, setup was easy and intuitive, and the software was easy to use.  Cross Platform integration is great, and am glad to see that someone is doing cloud storage well.

I have 10 invites to Dropbox, so if you are interested, please leave me a message in the comments.  I'm not going to give any invites to "Anonymous" so if you are interested, you have to have a name.  :)

 Subscribe in a reader

Wednesday, June 25

My Theory: Apple is making a huge push for Enterprise

I've said it before a couple times, and especially recently in the SC Magazine Podcast and the ISC Podcast that I did last night, I believe Apple is making a big push for the Enterprise.  I also believe that Microsoft's focus is changing.  I can't really explain what I mean by that yet, but I definitely think they are taking the emphasis off of the fact that they are a desktop operating system for everyone.  Anyway, back to Apple.

Let's look at a few examples.  
1)  iPhone / Exchange compatibility -- Apple is finally going to have the ability to natively communicate with Microsoft Exchange on the iPhone.  This alleviates the need, like RIM, to have a separate server on your network that you have to maintain in order to have email functionality on your phone.  Plus, and the less noticed thing is, this is really the first big time, and certainly the big time that a major competitor to Microsoft has had native functionality with Exchange.   I think Microsoft is going to concede a bit of ground with the Desktop in order to stay with their core market, and that's running the big business infrastructure.  But still, this is huge.
2)  Snow Leopard will have native Exchange functionality.  Address Book will be your GAL, Mail will have native functionality with Exchange email, and iCal will function via the Exchange Calendar.  While you have been able to do with with OSX Server for a bit now, vastly more companies already have Exchange/AD within their enterprise.
3)  Things like this. A seminar to teach business users how to use a Mac within your enterprise.  Worth a quick watch if you are thinking about switching to the Mac.

Just a quick theory, but I may have something here.

 Subscribe in a reader

My Theory: Apple is making a huge push for Enterprise

I've said it before a couple times, and especially recently in the SC Magazine Podcast and the ISC Podcast that I did last night, I believe Apple is making a big push for the Enterprise.  I also believe that Microsoft's focus is changing.  I can't really explain what I mean by that yet, but I definitely think they are taking the emphasis off of the fact that they are a desktop operating system for everyone.  Anyway, back to Apple.

Let's look at a few examples.  
1)  iPhone / Exchange compatibility -- Apple is finally going to have the ability to natively communicate with Microsoft Exchange on the iPhone.  This alleviates the need, like RIM, to have a separate server on your network that you have to maintain in order to have email functionality on your phone.  Plus, and the less noticed thing is, this is really the first big time, and certainly the big time that a major competitor to Microsoft has had native functionality with Exchange.   I think Microsoft is going to concede a bit of ground with the Desktop in order to stay with their core market, and that's running the big business infrastructure.  But still, this is huge.
2)  Snow Leopard will have native Exchange functionality.  Address Book will be your GAL, Mail will have native functionality with Exchange email, and iCal will function via the Exchange Calendar.  While you have been able to do with with OSX Server for a bit now, vastly more companies already have Exchange/AD within their enterprise.
3)  Things like this. A seminar to teach business users how to use a Mac within your enterprise.  Worth a quick watch if you are thinking about switching to the Mac.

Just a quick theory, but I may have something here.

 Subscribe in a reader

Podcast Episode Seven has been posted

The publishment (like that word don't you) of Podcast Episode Seven of the Internet Storm Center Podcast.

I'd like to thank all the viewers that were live on the show while broadcasting, it was great having you, maybe next time we'll be able to get more?  We had about 20 I believe (I didn't count) at one point.  It would be great if we could increase this count, as I'd like to do a live Q&A via the listeners.  (Couple new segments I'm working on)

We had Paul Asadoorian of PaulDotCom Security Weekly as a guest, and it's probably our best podcast yet!

Go grab it through iTunes, and for those of you that are not listeners of PaulDotCom, please subscribe to that one too!

 Subscribe in a reader

Podcast Episode Seven has been posted

The publishment (like that word don't you) of Podcast Episode Seven of the Internet Storm Center Podcast.

I'd like to thank all the viewers that were live on the show while broadcasting, it was great having you, maybe next time we'll be able to get more?  We had about 20 I believe (I didn't count) at one point.  It would be great if we could increase this count, as I'd like to do a live Q&A via the listeners.  (Couple new segments I'm working on)

We had Paul Asadoorian of PaulDotCom Security Weekly as a guest, and it's probably our best podcast yet!

Go grab it through iTunes, and for those of you that are not listeners of PaulDotCom, please subscribe to that one too!

 Subscribe in a reader

Tuesday, June 24

Podcast Episode Seven Record Notice

Hey all, just to let you all know Johannes, Paul Asadoorian, (Of PaulDotCom Security Weekly fame) and I will be recording the Internet Storm Center Podcast (Episode 7) tonight at 7:30 pm EDT. 

I'll be broadcasting it live on Stickam (Ustream seems to be having issues today):


See you there if you can make it!

 Subscribe in a reader

Podcast Episode Seven Record Notice

Hey all, just to let you all know Johannes, Paul Asadoorian, (Of PaulDotCom Security Weekly fame) and I will be recording the Internet Storm Center Podcast (Episode 7) tonight at 7:30 pm EDT. 

I'll be broadcasting it live on Stickam (Ustream seems to be having issues today):


See you there if you can make it!

 Subscribe in a reader

Monday, June 23

SC Magazine Podcast

I did a 15 minute Podcast with Dan Kaplan, Senior Reporter for SC Magazine today.  Here's the link to the Podcast.

Description: "Mac expert Joel Esler discusses a number of security issues that affected Apple last week, including a fix for the Safari for Windows "carpet bomb" vulnerability, in addition to a new Mac OS X priviledge flaw that gave rise to a rare but in-the-wild trojan."

Thanks Dan!

 Subscribe in a reader

SC Magazine Podcast

I did a 15 minute Podcast with Dan Kaplan, Senior Reporter for SC Magazine today.  Here's the link to the Podcast.

Description: "Mac expert Joel Esler discusses a number of security issues that affected Apple last week, including a fix for the Safari for Windows "carpet bomb" vulnerability, in addition to a new Mac OS X priviledge flaw that gave rise to a rare but in-the-wild trojan."

Thanks Dan!

 Subscribe in a reader

What's wrong with this picture?

My adventures with Microsoft Vista

Where I am currently working, I am being forced to not only use a Thick Client, but also using Microsoft Vista with Office 2007.  So, when I left Friday I was using XP, and Office 2003.  So you can imagine my transition.  I've never used Vista before, so I'll be posting a few experiences. 

That all being said.  I want to at least give Vista a fair assessment.  So I am going to try and be unbiased.

Oh, and Outlook already crashed (2 minutes into using the thing).

 Subscribe in a reader

George Carlin died

For those of you that have not heard, George Carlin died this past weekend.  So passes a genius.

 Subscribe in a reader

What's wrong with this picture?

My adventures with Microsoft Vista

Where I am currently working, I am being forced to not only use a Thick Client, but also using Microsoft Vista with Office 2007.  So, when I left Friday I was using XP, and Office 2003.  So you can imagine my transition.  I've never used Vista before, so I'll be posting a few experiences. 

That all being said.  I want to at least give Vista a fair assessment.  So I am going to try and be unbiased.

Oh, and Outlook already crashed (2 minutes into using the thing).

 Subscribe in a reader

George Carlin died

For those of you that have not heard, George Carlin died this past weekend.  So passes a genius.

 Subscribe in a reader

Saturday, June 21

Classic

I don't know who did it, but this is funny, knowing that I watch my logs, someone typed this in as a search string into Google and then came to my site with this as the referring string:

"joel esler reads his logs too much"

Sorry, just thought that was good.

 Subscribe in a reader

Classic

I don't know who did it, but this is funny, knowing that I watch my logs, someone typed this in as a search string into Google and then came to my site with this as the referring string:

"joel esler reads his logs too much"

Sorry, just thought that was good.

 Subscribe in a reader

Friday, June 20

SC Magazine Interview #2

I actually did two interviews with Dan Kaplan today.  Here is the article as a result of the second interview.  (It was one long conversation, two separate topics.)  Also looks like I am going to record a podcast on Monday with SCMagazine about various vulnerabilities.  More on that after it happens.

 Subscribe in a reader

SC Magazine Interview #2

I actually did two interviews with Dan Kaplan today.  Here is the article as a result of the second interview.  (It was one long conversation, two separate topics.)  Also looks like I am going to record a podcast on Monday with SCMagazine about various vulnerabilities.  More on that after it happens.

 Subscribe in a reader

Article in SCMagazine

Did a short interview with SCMagaineUS.com this morning with Dan Kaplan.  Article is here.

Thanks Dan!

 Subscribe in a reader

Thursday, June 19

GTD in Leopard, with Mail.app and iCal, redux, again

Okay, so, again, I've redone (refined) how I GTD with Mail.app, I've added the Inbox Zero method of Email processing from Merlin Mann.  Check out 43folders.com for more info.

The above picture is my inbox.  I've obviously removed a couple things from sight ;).  I have two add on apps for Mail.app, one is MailTags, and the other is Mail Act-On.  When email comes into the inbox, I use the thought process of "what do I need to do here", if I need to respond and it won't take but like a second, I'll just respond right then.  If I need to plan my response, or need to look something up in order to respond, i'll flag it.  Now, you can flag with the flag button in Mail, but I have a Mail Act-On rule to flag it.  Check it out.  If I need to do something with the email, or something in the email, I'll create a to-do with the built in to-do system of OSX.  I highlight what I want to "to-do" and I'll hit the "create to-do" button.  Then I file the email.

Now, let me preface the next paragraph, by saying that all the listservers I am subscribed to go to their own individual folders automatically.  I read listserver email once or twice a day.  Obviously, the email that goes to listservs doesn't get processed in the same method as the rest of my email, and each listserv has it's own individual rule.   Some listservers get read a bit more, internal corporate listservs, snort-* listservs, and the like get read a couple times a day.  Stuff like full-disclosure gets read once or twice a week.

I have one mailbox, called "Read".  All email goes in here.  Email comes into the inbox, I read it, flag it, or to-do it, or whatever I need to do, then i have a quick Mail Act-On rule (I hit "`1", look at your keyboard, i hit those two keys) and my whatever I have currently selected goes to the "Read" folder.  I don't have different folders for "Waiting" or "Action" anymore.  I have ONE folder for all non-listserver email.  Now, I do have "Smart Folders" within my email, which are essentially complex searches that are set up to look for specific things.  For Example:


This is a Smart folder called "Flagged", it's sole purpose is to look for flagged email.  You know, ones that require later action and what not.  I don't need to have a bunch of separate folders or whatever, I just dump everything in "read" and flag it.

Another example:

Now, this is a complex rule that I have set up to use MailTags.  Anything that I am waiting on:  people to get back to me, more information, information I am waiting on or something.  I flag the email with "@waiting" or "@followup", and then I have a smart folder to look for one of those two Keywords within MailTags.

My email processing is so much more efficient now.  Oh and one more thing.


I set my email to check every 15 minutes (instead of every 5), AND I turned off my Mail Sound so email doesn't DING all the time.

For those of you that HAVE NOT seen it, check out this, it's Merlin Mann explaining Inbox Zero.  It gave me many of my suggestions above.  Maybe this will help you.



 Subscribe in a reader