Mac@Work : The Ultimate Business Machine

The
Ultimate
Business Machine

Technology, business
and innovation.

And, not least, about
the Mac.

Weblog • Archive • Cutedge

by: Bernard Teo

Sun 05 Feb 2006

DNS Enabler Universal 2.0.5

Category : Technology/DNSEnabler205.txt

I found a stupid bug in the first Universal Binary release of DNS Enabler, version 2.0.4. It was introduced by the Forwarders field. It's stupid because, if the Forwarders field is empty, then the name server will refuse to start up.

Programming needs a lot of commitment. To do it well, you cannot do it half-heartedly. Even with all the best intention in the world, these types of bugs can still trip you up. When you put things in, you need to check if things will still work when you take them out. Neglect even one step and it'll all come back to haunt you.

That reminds me of why we couldn't grow the company, a few years back, when the jobs were all coming in. We couldn't find enough good people. How do you get them to care the same way you do?

That's how it all started - this journey to understand how we can ever build a business that will work (perfectly) even when we, the owners, are not there to do every single piece of the work. This looks like it's going to take a bit more time to solve.

Posted at 9:59AM UTC | permalink

Fri 03 Feb 2006

A Happy Chinese New Year?

Category : Commentary/HappyCNY.txt

It's been a most productive week. I got quite a lot of work done over the long Chinese New Year weekend, once I had the brilliant idea I could hand off all the boring rituals over to my wife and nudged her out of the house.

Setuid root beats family reunion dinners? How far more do I have to go before I stop being a Chinese in anything other than name?

And yet I'm the one who's been discovering a whole new wave of books about China. Here's one I found and enjoyed - Balzac and the Little Chinese Seamstress. My wife's puzzled why she can't find the Chinese original in the library. Now I know why. The author, Dai Sijie, was born in China, survived the Cultural Revolution, "then moved to France, where he learned to read, speak and write French. The book was originally written in French and then translated into English by another individual", says one of the amazon.com reviewers.

Anyway, with those red shoes setting the mood, and though I'm now one week late, having just extricated my head from all that coding, a happy Chinese new year to all my friends.

Posted at 4:30PM UTC | permalink

DNS Enabler 2.0.4 Universal

Category : Technology/DNSEnabler204.txt

I've released DNS Enabler 2.0.4, which is a Universal Binary. It includes a couple of features that have been requested - a field for specifying forwarders and support for TXT records (see below) :

Seems like there is a new spam-fighting movement involving the use of SPF records (SPF = Sender Policy Framework), which are used in conjunction with TXT records kept at the DNS Server.

I don't quite understand this at the moment, but at least I've learnt there is something new. Also, if you're running a publicly accessible DNS Server, you can go to DNS Report and check how well your DNS Server stacks up against the standards.

Posted at 3:21PM UTC | permalink

Thu 02 Feb 2006

Luca and MySQL

Category : Technology/LucaMySQL.txt

Hai Hwee's been pretty busy herself these last two weeks. She's got a Universal Binary version of her SQLite Cocoa framework, as well as one now for MySQL. With these, she's able to build a Universal Binary version of Luca Accounting, that will support both MySQL and SQLite databases.

What we're trying to do is this : the user starts off using Luca, and entering his accounting data, with the built-in SQLite database. Then when he needs a faster, more scaleable database, with multi-user, concurrent access capabilities, he can go to Luca Preferences, point Luca towards MySQL, wherever he has installed it, and give Luca the rights to create the accounting database, populating it from the SQLite database.

Hai Hwee's got the hard part done - building Universal versions of the database access frameworks, as well as an architecture that will allow us to plug in support for other databases, like PostgreSQL, when we learn how to do them.

The next thing to do is build the user interface for switching between the databases.

If we're still working with 4th Dimension, we would now be able to build our own database plug-ins for 4D. We used to pay a lot of money for things like 4D for Oracle. We've learnt a lot since moving to OS X.

Posted at 8:57AM UTC | permalink

About Authorisation Services and the Security Framework

Category : Technology/securityFramework.txt

Over the long Chinese New Year weekend just past, I've also built an experimental version of MailServe that uses Authorisation Services which, together with the Keychain, is part of Cocoa's Security Framework.

I was trying to avoid having to use sudo to change things at the system level but, instead, use a shell tool that has its uid set to root to do all the privileged operations. But a setuid root tool is a dangerous thing. And that's where Authorisation Services come in - to make sure that the user is authorised to perform each privileged operation, and to authenticate that the user is who he says he is. With the Cocoa API's, you get to do all these in an orderly way.

And there are few other benefits to doing things "the right way". If the user is using a Mac that allows him to authenticate using smart cards, finger print or retinal scanning, in place of passwords, my applications will still work without my having to do a thing.

But what I was trying to do now was to avoid holding on to the user's password, which I have to do as long as I have to pass it on to sudo.

I almost got there. It turns out that the postfix command needs to be performed by a superuser. But somehow a setuid root process, which should be considered as executing with the privileges of a superuser, is not considered privileged enough by the postfix command. I still need sudo to run the postfix command in the setuid process, and there's something I'm missing here. I'm so close to getting it done. The code's a lot neater, and I may be able to kill the occasional problems I have with people's passwords not working, once and for all, since I'm using the same authentication services that you use when you log in to your system or change network settings.

When you meet these Security Framework API's the first time, they look very daunting. But there's a way to understand Cocoa if you learn how to skim off the key concepts quickly. Once the concepts are clear, then the more API's you find, and the thicker the documentation, the better it is, because it just means that there are a lot more variations to exploit the power of the tool. I'm just scratching the surface of what Cocoa can do. This is one journey that I'm happy to take one step at a time.

Posted at 8:57AM UTC | permalink

MailServe Universal Binary Released

Category : Technology/MailServeUniversalReleased.txt

Here's a first Universal Binary version of MailServe (version 2.0.6). Nothing else has changed (besides fixing the user interface bug for the Mailbox Size Limit field, which didn't get anchored properly during resize). If you're using it on an Intel Mac, please let me know how it went for you.

I've left the previous PowerPC-only version (2.0.5) available for download, just in case.

PS : I'm working on an update to DNS Enabler, to put in a couple of feature requests. When this gets done, it'll be a Universal Binary, too.

Posted at 3:09AM UTC | permalink

Sun 22 Jan 2006

Who's minding the store?

Category : Commentary/manningTheStore.txt

I'm reading the following in our local Lifestyle supplement in the Sunday Times, under the headline "Big Mac - the lure of Apple products is growing, with more authorised resellers popping up, thanks in part to the iPod" :

"Last Wednesday, US-based Apple announced its first quarter results - a net quarterly profit of US$565 million, nearly double the net profit of US$295 million it posted a year ago. Although analysts had expected higher returns, Apple's chief executive Steve Jobs called it the 'best quarter in Apple's history'."

It's the phrase: "Although analysts had expected higher returns". And this follows last Friday's headline : "Apple, eBay, outlooks disappoint".

Apple had a blow-out quarter and their outlook disappoints? And what did Apple Singapore do?

"Apple Computer South Asia here, Apple's local office, declined to comment for this story."

Phrases like "asleep at the wheel" and "like sheep to the slaughter" come to mind.

Now, all we Mac-heads know that "although analysts had expected higher returns" really refer to analysts' expectations for the next quarter. Though they've been beating expectations eight quarters in a row, Apple still felt it prudent to guide expectations lower. Even I know that February has three less selling days than January or December, and I should expect correspondingly 10% less sales, all things being equal. And there are other factors for Apple, like December having been a holiday selling season and, in January, by contrast, the Mactels would have just ramped up production, resulting in supplies being contrained and fewer sales being made.

It's all about Apple being prudent, rather than Apple doing badly (disappointing no less), which would be the impression you're left with, if you'd only just scan the headlines or read the newspapers. Yet the truth is, Apple's doing fantastically well, so much so that analysts are being forced to revisit the "proprietary architecture" argument which, if the scales drop from people's eyes, may trigger a large shift in buying patterns (which would be the real story behind the story).

The point is, it may take some serious work to correct a mis-perception, intended or otherwise, in the media - e.g., making the contacts and, gently but firmly, persuading people about the validity of your point of view. But, in this game, perception is everything. You can bet that other companies like Microsoft and HP take these things seriously. It may be no accident that, in one quarter a few months back, when HP drowned in red ink, they had one little glimmer of hope in the results. Yet it was that fact that had made it to the headline. Apple's case is always the reverse. I've made it a game to predict the headlines. And, sadly, I think I'm often right. Somehow, knowing how slack and devoid of passion or belief those people at Apple's local office to be, I thought I shouldn't be surprised to see that one dark cloud picked up in something like that "Apple outlooks disappoint" headline. There's nobody exerting a countervailing influence.

Macs sell on their own, despite all that. But, then, they really should be doing twice as well. Cupertino may be too far away and Steve Jobs hates to travel. Who's watching all these guys?

Posted at 12:07PM UTC | permalink

Tue 17 Jan 2006

From Yoder the Sheepherder

Category : Commentary/Yoder.txt

I don't usually put up the nice things we get in the mail. But this one's real nice. It captures the essence of what we've been trying to do with our Macs :

On 11 Jan 2006, at 9:56 AM, Yoder the Sheepherder wrote:

Many thanks for your Postfix Enabler.

I've been running my own mail and web servers for a few years now on Linux machines running Sendmail and Cyrus or Sendmail and Dovecot, but recently I began trying different combinations to get a feel for them and most recently was running Postfix and Dovecot on Fedora. My machine went belly up with hardware failures and all I had left was an old G-3 iMacDV 400 we bought new about 6 years ago. I was in a bind, with a full schedule and simply no time to put into building a Mac server from scratch. I frantically began Googling anything I could find on building mail servers on OSX and stumbled on a message board entry that offhandedly mentioned your product and had a link to your site. Initially, I didn't want to take a chance on your Postfix Enabler:

First, because I wanted to do it myself.
And, second, because I didn't think it would work.

A day later, I paid for and downloaded your product, and in less than 5 minutes I was up and running. Now all that's left is me kicking myself for not doing it sooner. You have saved me untold hours and I'm very grateful. Postfix Enabler is a great application and well worth the $10.

I'm now looking at your DNS Enabler and am fairly certain I'll be getting that soon as well.

Macs have been our desktop machines for years, but from now on they are my servers as well.

Sincerely,
Steve Tripp
Waseca, MN, USA

Posted at 5:06PM UTC | permalink

MailServe Gets a New Icon

Category : Technology/MailServe203.txt

MailServe improves on Postfix Enabler by adding Fetchmail and Virtual Alias Domains support, IPv6 over SSL for POP and IMAP, Real-time BlackLists, alternate port numbers for SMTP, mail queue management, and allows a list of Smart Hosts to be stored, among other features.

MailServe runs only on Mac OS X Tiger.

Posted at 10:51AM UTC | permalink

Mon 16 Jan 2006

WebMon 2.0.4

Category : Technology/WebMon204.txt

WebMon is the application I use everyday, several times a day, to check my web server log, no matter where I am. It's the first thing I do, right after reading my mail, even while I was away in Bangkok (and I was surprised and happy that even loading 6000 records, which is about 12 hours of web activity in my case, didn't take too long).

It allows me to see how the web server is being accessed, which pages are being read, which applications have been downloaded. And if we have a payment coming in from PayPal, it allows me to see how our latest customer had come in to the web site - was it via a Google search or through the Macintosh Product Guide or via Version Tracker - and to track his or her progress through the site.

It's about keeping my eyes on the business.

Of course, it also has a few other features, like it helps me turn on WebDav (to allow us to share our calendars and workplans), SSL, and PHP, etc, in five minutes whenever we have to set up a new server, and that's long after I've forgotten how to do it all on the command line.

But the thing about WebMon is that it's also my experiment in using the power of Cocoa Bindings in Mac OS X. I've really tried to push the technology quite a fair bit in WebMon -- to store arrays of information about the server or servers that I'm monitoring in the WebMon preferences file in ~/Library/Preferences.

I'm amazed at the amount of things we're able to do in Cocoa Bindings, without writing any code, and the depth to the ideas we can represent : e.g., to store arrays of dictionaries (in my case, about the servers I'm monitoring) which can contain other arrays and other dictionaries. And to do that with very little coding, using a very efficient, compact notation, with the ability to write it out to persistent storage in the preferences file.

It's like, wow, Cocoa Bindings is seriously useful, and we can get a lot more things done, a lot faster, coding like this. Cocoa is Apple's true crown jewels.

But, with the power and convenience comes a little loss of control. There are things that go on in the Bindings that you've got to trust that Apple does correctly. When they don't, you could spend a whole weekend just tracing the bug.

Like I just did.

I was wondering why WebMon didn't work properly in Panther, notably in 10.3.9. I traced it, at last, to a quirk in the Cocoa Bindings/User Defaults interaction in Panther, together with one other quirk that surfaced in 10.3.9. It was hard to trace because it wasn't a programming or logic bug on my part, and it worked perfectly in Tiger. It took a long time to pin-point the exact point in the code where things went into the Twilight Zone and then to find the answer somewhere in this Tech Note, thanks to Google.

But the point is that Cocoa Bindings is super-powerful. But be prepared to have the rug pulled from under your feet now and then. At least until Apple polishes it with each subsequent release.

Anyway, WebMon 2.0.4 is now ready for download. With that, WebMon works again with every version of Panther, as well as with Tiger, of course. (And PS : we're now only one step away from making it a Universal Binary.)

Posted at 3:33PM UTC | permalink

Sun 15 Jan 2006

People are getting it

Category : Commentary/ommalik.txt

"Perhaps the 'commoditized' technology trend is being slowly replaced by 'using commoditized technology to create a compelling user experience' trend?"

Om Malik on Broadband

"... Apple never really had a dominant position in PC business, like it has in the digital music business. But that's not the only reason, why the esteemed professor might be off the mark. iPod, and Apple are part of the post 'rapid commoditization' theory proposed by the esteemed professor [italics added]. iPod is nothing but a shiny packaging for off the shelf chips, and a hard drive. At the very core, not much difference exists between a Creative Zen and an iPod. ... The difference is the software that is being used to create a 'user experience'."