Wednesday, May 13, 2009
Apple’s TextEdit application has a massive design flaw that could potentially erase other files on your computer. Weird, right? Ironically, it’s TextEdit’s safeguard against loss of data that is the culprit of the defect. And the corruption of files isn’t a randomly occurring glitch either — it is caused by a shortcoming of the algorithm used in the Autosave feature.
The Autosave Flaw
When editing a document in TextEdit, a copy of your work is automatically saved every 30 seconds to the hard drive*. This behavior is common in software as it provides a convenient means to recover some of your work should the application unexpectedly quit or crash.
Unfortunately, the means by which TextEdit saves a copy of your work is awfully rudimentary. It simply writes your data to a regular file and gives it the same name as your TextEdit document but with “ (Autosaved)” appended as a suffix (without an extension). And since no verification is performed to see if a file with that particular name already exists, it will overwrite anything that gets in its way with no confirmation or warning!
Example
To better illustrate this flaw, take the following scenario. Suppose, for whatever reason, that I have a file named Craziness (Autosaved) and I create a text document called Craziness.txt in the same directory. In the screenshot below Craziness (Autosaved) is an image file (with the extension removed in order to illustrate my point):
When I start editing my Craziness.txt file in TextEdit, the application autosaves my work (as it should), but since my image document has the same name as what TextEdit would call its autosaved file, my image file is overwritten:
When I’m done editing my Craziness.txt document, TextEdit removes the autosaved copy (as one would expect). However, now my original image file is gone with no real way to recover it (since it’s not moved to the Trash but actually overwritten):
Solutions
Accounting for this file naming issue is so programmatically simple that it’s astounding the defect even exists. The simplest improvement would be to prefix the filename with a period (as in .Craziness (Autosaved)) in order to hide it from the Finder since the chances of having a naming conflict with a hidden file are greatly reduced.
But hiding the file from the user still allows for potential name collisions and as Mac OS X’s default text editor, TextEdit’s naming convention should be even more robust. To start, TextEdit could include either a timestamp or a sequence of random numbers to help make its autosaved filename unique. Most importantly, however, should be to verify if a file would be overwritten and if so, generate a different random number or append an incremental counter. Heck, even my Page Capture widget won’t overwrite files since it uses the same naming convention as Apple’s screencapturing application (File 1, File 2, File 3, etc.)
The Rant
One might argue that the possibility of having a file end with “ (Autosaved)” and not have an extension is pretty slim. So what? My argument is that the possibility of an application deleting other files blindly is a completely unacceptable use case scenario, no matter how rarely it may occur. I think it is more reasonable to expect that a corporation as large as Apple Inc. would produce software that doesn’t delete unrelated files from my hard drive without my knowledge. Especially since OS X is — as Apple claims — the “most advanced operating system in the world.”
*30 seconds is the default. The time interval is configurable and the user is allowed to disable the Autosave feature entirely.
Labels: apple inc., development, intuitive, nit pick, security, software, ui, user interface
Saturday, April 25, 2009
I’ve created a new widget that will generate a screenshot of an entire web page — no matter how long it scrolls! The Page Capture widget is the easiest and fastest way to generate these normally tedious screenshots. No longer will we have to puzzle together multiple screenshots manually!
Don’t forget to donate!
What You Get For Free:
- Multiple instances allowed (each with their saved preferences restored).
- Choose how much to resize the image (default is 50%).
- Easy to use: type or paste a URL —  hit <Return> or click the logo.
- Uses Safari’s powerful and fast WebKit rendering engine.
- Check for new versions by clicking the version displayed on the back.
- Operation can be canceled by clicking the spinner.
Labels: apple inc., convenience, dashboard, development, page capture, widget
Friday, April 03, 2009
My file-synchronization widget (Data Vu) is now officially released (1.4b). It allows you to synchronize the contents of two folders extremely quickly by copying only the differences between the two.
Imagine you are sharing files with a colleague via a USB thumb drive with over 1000 files and over 8GB. After giving the thumb drive to your partner, he only changes 2 of the files and returns the entire external drive back to you. Rather than re-copying the entire drive to your local folder and inefficiently replacing every file, you can use my Data Vu widget which is smart enough to realize that only 2 files needs to actually be copied.
It can save you a lot of time! Find out more...
Labels: apple inc., convenience, dashboard, data vu, software, widget
Monday, January 19, 2009
As in any engineering profession, ethics is a key component of Software Engineering. In fact my college software development courses at Cal Poly emphasized engineering ethics as much as any of the other topics because although developers need to know about many technical disciplines (such as versioning, the software life cycle, software prototyping, etc.), they also have expectations to meet and responsibilities towards those who use their software — and their ethical foundation is what will define how they face up to these responsibilities.
Knowing that ethics is such an essential and basic rule of engineering, I’m disappointed when I encounter software products (large or small) that don’t adhere to software engineering ethics. Or that companies even hire software developers when they don’t enforce an ethical background. I’ve stumbled upon some recent examples that have bothered me enough to write about.
Forcing By Confusion
When customizing the installation of Mac OS X 10.5 (Leopard), I am given a list of optional applications to install. Some options expand to reveal dependent sub-items, who’s relationship is clearly indicated by the grouping of which they are a part.
As I clicked on several of the check boxes I noticed that the Office 2004 Test Drive option enabled itself automatically (without me having directly clicked on it). This behavior is not what is expected of a checkbox. A check box is suppose to toggle a single option. Only when an obvious dependancy to another item exists should it also change the state of another option.
In this scenario, there is obviously no dependency between choosing to install Office 2004 Test Drive and any other option. If there were, it would be indicated by a hierarchy as it is done with iWeb, GarageBand and iDVD. Bypassing this expected behavior and thus tricking the user is unethical.
Forcing By Deception
After installing iWork ’08 I was, not surprisingly, presented with an option to register* my use of the product with Apple. Unlike in most registration dialogs, I was not given an option to Never Register or Cancel. Rather, I was only allowed to register or postpone my decision.
I thought: “Man, am I really gonna have to click on Register Later for all of eternity?”
Well, it turns out that I am stubborn enough so that is exactly what I decided to do even if it meant dealing with the dialog every time I wanted to use the software that I purchased.
But once I launched the product a third time, the Register Later button turned into a Never Register button, which is exactly what I had wanted in the first place. Why couldn’t that option have been offered initially? Why did they try to deceive me to register before giving me the option to not do so? They could at least have informed me from the get-go that the option would change down the line.
To change the options available to a user without any evident reason to do so is deceptive. It makes the user think that those initial options are the only ones available. I for one, could have easily been convinced to just go ahead and register if I wasn’t as stubborn as I am. Deceiving people with an artificial mandate is unethical because you influence their ultimate decision by omitting valid options.
Forcing By…Forcing
I encountered a similar registration dialog upon installing Aperture and this time the fields contained even more personal information — all of which was pre-filled with data from my address book:
As in my previous example, I clicked on the Register Later button hoping that eventually I would be given the option to Cancel or Never Register. Well, I’ve been clicking on the same button for more than six months now so I think it’s safe to assume that it will never come up. I guess persistence isn’t always a solution.
Even though I’m not forced to register, eventually I might click the Register Now button accidentally. In reality, I have very little control over the situation since all my information is automatically filled in and my options are limited. Always having an option to postpone my registration is a clear indication that it isn’t a necessary step and I should therefore be given an option to forgo it permanently†.
If one considers how some viruses work, this conduct doesn’t sound so innocent anymore. While a virus would obtain and send my information without my knowledge or approval, the behavior in use here waits for me to make a mistake and click on the Register Now button by accident. It should be my choice whether to have all my contact information sent to God knows where and in this scenario, I’m not really being given the control that I deserve.
The Rant
So who’s to decide what is ethical or not? Well…we are. Corporations only get away with this crap because users of their products put up with it. The majority of the population would rather “just move on” even if it means complying with an imposed action. I feel differently. I find it annoying and I refuse to conform simply because “it’s more convenient.”
Who knows, maybe the manipulative intentions in the examples above weren’t premeditated or will change in future releases. But it’s important for developers and product managers to realize that little things such as these can damage a company’s image and the trust that users have in their products. If you’re manipulating me in this way, how am I to trust that you’re not doing it in other, dare I say worse ways without my knowledge?
Users need to be aware of when they’re being pushed around unnecessarily and should definitely be mindful of what they click on. After all, we can’t expect corporations to have the user’s best interest in mind since their ultimate concerns are to their stock holders and their profit margins. However, we can expect them to behave ethically and we should hold them accountable for just that.
* Registering is different from activating a product with a serial number and should be optional. The information normally requested is not at all necessary for the operation of the software.
† I never register because 99% of the time there is no need or benefit to release the kind of personal information requested.
Labels: annoying, apple inc., development, engineering, ethics, software
Friday, December 12, 2008
I have released a private beta version for my Data Vu widget and it is undergoing testing. Expect the first public release in early 2009!
The Data Vu widget is a file synchronization utility that allows you to make incredibly quick mirrors of any folder on your hard drive.
Labels: dashboard, data vu, widget
Monday, December 01, 2008
“Hello, I’m a Mac…but I’m also a PC.”
The use of the terms PC and Mac to differentiate computers that run the Microsoft Windows operating system between those that run Apple OS X is technically incorrect. A few years back, Mac was simply an abbreviation for Macintosh (the brand of computers made by Apple Inc.) and PC was an acronym for Personal Computer (those used in the home/office, etc.). Recently, however, these words have changed their connotations and this transformation hasn’t been accidental.
Before I speculate how or why, let’s cover some basics. Both and Microsoft and Apple Inc. are software/hardware companies:
Microsoft develops the popular operating system “Windows” but they don’t actually manufacture the computers that it runs on. They leave it up to other companies such as Lenovo, HP, Dell, Gateway and even Apple (after the transition from the PowerPC line of processors to the Intel chip) to make hardware that is compatible with their OS. Then these individual companies give their computers their own names (i.e. the HP Pavillion or the Gateway LT Series). So for example, as a consumer you can own a Dell Inspiron that runs Microsoft Windows (God forbid that actually be the case).
On the other hand, Apple develops the “X” operating system (OS X)* and manufactures the computers that run it. Furthermore (and unlike Microsoft) Apple doesn’t allow other companies to make computers that run their “ground-breaking” operating system — Apple handles it all. So as a consumer, you can’t for example, own an HP Pavillion that runs Apple OS X. If you want Apple’s OS you need to go get an Apple computer (which has a brand name of “Mac”).
In this regard, Apple is a monopoly; the control of their hardware and of the operating system that allows users to interact with it is very stringent. So in this case, there’s no need to identify both the kind of computer you have and which operating system it runs. The entire package is simply referred to as “a Mac.” This inseparable unification of hardware and software that Apple maintains is what I think has made a “Mac” represent much more than simply a brand name.
At the same time, Apple has made efforts to practically abandoned “PC” as a label for anything about them by inaccurately using the label “PC” as an umbrella phrase to encompass everything that is not a Mac (specifically referring to computers that run Windows).
Clever marketing campaigns such as the popular “Hi, I’m a Mac. And I’m a PC” ads have only aided the separation of the two terms. In fact, their tactics have been an effective way to even change the connotation of what a “PC” refers to by attaching a feeling that non-Macs (i.e. PCs) are boring and old-fashioned. The ingenuity is that they’ve been detachment from the status quo. People now state: “I’m a PC user” when they should be saying: “I’m a Windows user” to distinguish themselves from “Mac users.”
Why the hell did I write this post? I don’t have to tell you everything. Just realize that your laptop, desktop, or whatever-top is a PC, regardless of what operating system it’s running!
* Contrary to what most people think, Apple’s OS X only officially became recognized as UNIX as of version 10.5 (Leopard).
Labels: advertisement, apple inc., brain wash, cult, mac vs pc, marketing
Friday, November 07, 2008
A recent occurrence has made me think twice about Apple’s Target Disk Mode boot option. Indeed it can be a very convenient feature, but like most conveniences this one is riddled with security threats. What is most bothersome, though, is how few people realize the problems it poses — not to mention the simplicity of a solution that Apple does not provide...at least not by default.
For those of you not up to speed, most of Apple’s computers allow themselves to be temporarily turned into an external hard drive simply by pressing the corresponding hot key (‘T’) during boot up. If the computer supports this option (most do) it will enter what is called Target Disk Mode (TDM) and allow itself to become a mass storage device and be connected to another computer via an IEEE 1394 interface (aka FireWire, i.LINK, Lynx…whatever).
Yes, this feature is convenient for transferring large amounts of data or if you need a quick makeshift external hard drive (assuming you have a male-male Firewire cable). Unfortunately, the feature also inherently bypasses the OS from ever being started on your computer allowing others access to all sorts of files that you assumed were secure by the OS’s login.
How It Works
When you press the power button on your computer the first thing to come to life is the firmware (a very low level program that lives in the hardware) and it decides what happens next — whether to boot into the installed OS, boot from a CD, boot from a network drive, etc. The decision is based on multiple factors, one of which is to check for certain hot keys on the keyboard.
The Problem
The problem with this convenience is that anyone with a finger has the ability to transform your computer into a large external drive. Yeah, including that person that just walked away with your laptop while you were getting another soy latte at Star Bucks.
Some would argue that if I’m this concerned with the security of my files, that I should enable FileVault in order to encrypt every file on my hard drive. Yeah? Well, I don’t think I should have to enable something that will have incredible amounts of overhead just because a back door exists that can completely circumvent the OS’s login prompt.
Solution (but not really)
The solution is simple: eliminate the hot keys from influencing the firmware’s decision. Welding a steel plate on top of your keyboard would work I guess, but that’s not very convenient. A better idea would be to tell the firmware to not check the hot keys.
Currently, there is no way to disable these hot keys, but it turns out there is a way to password protect the firmware with some extra software. But after reading Apple documentation that states that the firmware password can be circumvented (quite easily), and that it could in fact be hazardous to your system, and that it is temperamental, I disabled it on my machine and don’t recommend it. Way to fuck us over, Apple:
“WARNING: Open Firmware settings are critical. Take great care when modifying these settings and when creating a secure Open Firmware password.”
“An Open Firmware password provides some protection, but it can be reset if a user has physical access to the machine and changes the physical memory configuration of the machine.”
“Open Firmware password protection can be bypassed if the user changes the physical memory configuration of the machine and then resets the PRAM three times (by holding down Command, Option, P, and R keys during system startup).”
The Rant
First of all, I think that the extra Firmware Password Utility (not included in a default installation…but available from the software installation disc (/Applications/Utilities/) and online) should not be necessary. I think there should be a simple check box in the System Preferences that enables/disables whether or not the keyboard is “heard” by the firmware.
I also think that the hot keys should be disabled by default. Apple is all about an ‘out of the box, ready to go’ mentality so I suspect they leave the feature enabled by default because that makes it more convenient for their users to make use of the TDM functionality. We’ve seen this same behavior before, but I think the security threat outweighs the convenience factor. Tisk, tisk Apple.
Labels: annoying, apple inc., convenience, design, irritations, security