Most Recent Posts

Index of Older Posts


Mac Antivirus: Still looking

Unfortunately we in the Mac community are no longer safe from various malware, as has been clearly demonstrated with the advent of the Flashback Trojan.  So I tried a very well respected and free anti-malware program for the Mac from Sophos.

Download and installation was no problem at all.  The software can be configured but by default automatically checks for updates, which is a good thing from a security point of view.  It runs unobtrusively in the background.

We installed it on three computers:  a Mac Pro, a Macbook Pro, and a Macbook Air.  Unfortunately, it created noticeable and unacceptable performance degradation on all platforms.  You can disable active "On-Access" scanning, but there still seems to be a performance hit, so I'm going to reinstall and attempt to see if it can be used on an "as needed" basis, but this really defeats the purpose.  I'm going to check out the other alternatives but, like Windows anti-malware software, I suspect that there will always be a performance price to pay.

Any suggestions of anti-malware for the Mac with very low overhead would be appreciated!



New Email Provider: More about email than you wanted to know!  

Email is one of those topics that seems pretty simple but every time I scratch it I seem to uncover more complexity.  I recently contacted my current email provider about increasing mailbox size and adding some very reasonable additional security measures.  The support person very nicely explained that email without full web-hosting wasn’t really in’s sweet spot and that the upgrades I was looking for would cost about $250/month!!  He thought I should either stay with what I have or maybe have a look elsewhere.  He also explained that I was being silly worrying about increasing the security of email with SSL as this “only” protected the email password and not the contents of the email.  Wow.  That’s so wrong!

There are basically three flavors of email:

POP which stands for Post Office Protocol.  This is the old email standard which works quite well.  When you check email on a client such as Apple Mail on the Mac, Outlook on the PC or Mac, or Mail on your iPhone or Android device, you download the entire message to your computer.  You can tell your email client to delete the message on the server when it’s downloaded, leave it on the server, or delete after a certain number of days.  But in any case, the email provider functions like a post office -- they receive your mail and then deliver it to one or more computers, removing it from the server.

The big problem with POP email is that when you check your email on different devices you find that all the email on the server got downloaded to each device.  That means that if I delete a message on my home computer need to delete the same message again on my laptop and my iPhone.  What a pain!  Each copy on each client is separate.  So....


IMAP is the second major way to handle email.  It stands for Internet Message Access Protocol.  The paradigm is different in that you leave all the email on the server (up to the capacity of the email account).  Instead of functioning like a post office routing email, the IMAP server serves as the “home” for all your email messages.  Copies of the messages can be downloaded to each device (home computer, laptop, iPhone) but the master copy stays on the server.  The clients sync any changes back to the server, which then sends the changes to all the other clients set up to use the IMAP email account.  This means that when I read an email on one of my devices it pretty much instantly (more precisely, at time of next sync) changes status to “read” on all the other clients, and when I delete a message from one client it is deleted on all of them.  This is much better for general use, and it’s the way Google Mail and Apple MobileMe (iCloud) email function.  You have some control of the settings, including whether you keeps local copies of the all the messages with or without attachments, how folders are handled, and a few others.  There are several slightly different flavors of IMAP which generally now work pretty well together, but you’ll notice slight differences in the way Google Mail, Apple iCloud email, and other IMAP providers work.


Exchange is short for email handled on a Microsoft Exchange Server.  Most big companies use this for their email.  It’s wonderful if you have an IT department to take care of all the settings, and they can do lots of very useful things like configuring group permissions, set up email accounts for employees, etc.  To the end user Exchange looks very much like IMAP email.  You can generally use the same email clients (thought that didn’t used to be the case).  But there are more features in a full Exchange package, including configurable sharing of calendars, contacts, resources, and group storage areas.  You can choose to host your own exchange server if you are a company with an IT staff (or very knowledgeable) or you can get Hosted Exchange from lots of providers who run the server on their equipment, give you access to the control panel on the web, and let you configure email accounts, calendars, and contacts.  It’s very nice.  Note that Exchange generally also allows access via POP and IMAP as well, if you don’t happen to use a mail program that works well with Exchange.

In my search for a new email provider I have tried several vendors of both IMAP and Hosted Exchange email.  Here are vendors and products I’m comparing:

  1. IMAP and POP email.
  2. Google Apps Email.  IMAP.
  3. NetworkSolutions NSMail.  IMAP and POP.
  4. LuxSci IMAP email
  5. Smarsh Hosted Exchange
  6. Appriver Hosted Exchange
  7. RackSpace both IMAP (RackSpace Email) and Hosted Exchange


Click to read more ...


Security information for iOS5

For those curious about how security on iOS 5 works I just ran across two things of interest in a story MacWorld: "Can Apple iOS devices gain confidence of IT security pros?"

  1. Guide to iOS 5 security published May 2012 by Apple
  2. Austrailan Department of Defense guide to hardening iOS 5

These will make great bedtime reading!

Steve Gibson also has a review of iOS security on his Security NOW! show.

Make sure that you have a good iOS password -- and no, you probably should not use the Simple Passcode (big numeric keypad) option.  It's enabled by default, but you can turn it off from Settings on the General / Passcode Lock page.




A new NAS

My ReadyNAS is full.  It's served reliably for 4 years.  Back then 2 TB was a lot of storage (about 1.4 TB in RAID 5 configuration)  We have about 300 GB of photos (most of which we really don't need, but it's too much effort to cull them properly).  We have about 1 TB of Video and Backups.  So I'm looking for another, and larger, NAS.

For those of you who might not know, NAS stands for Network Attached Storage.  Basically, it's a big disk that has an ethernet plug and plugs into your home (or work) network, and which you can access from any computer or device connected to the network.  Great for sharing, backing up to, and keeping things that are large, but might not be used frequently like footage from digital home videos and ISO images of DVD/Blue-Ray disks.  Since NAS attaches to the network the speed of moving data to and from the device depends on how fast your network is.  Most newer network hardware supports Gigabit Ethernet, meaning under optimal conditions (which are never reached) you could transfer 1 Gigabit/second.  Note that we are talking bits, not bytes, so that's 125 megabytes per second.  Actual network throughput is much slower in my experience.

So I've started the search for a new NAS -- and here are the contenders:

  1. ReadyNAS (which has been purchased by Netgear)
  2. Buffalo Technologies -- I used to own at Terastation (see previous posting)
  3. Synology
  4. QNAP

I probably won't purchase another Buffalo Terastation as I've had a somewhat frustrating experience with them in the past, though I really do believe that their policy wasn't completely unreasonable.  The ReadyNAS NV+ has been very reliable.  The web user interface leaves a lot to be desired though, and it's not particularly feature-rich as compared to the Synology and QNAP products.  I generally have to use FireFox as the browser when logging into the web console, as some options don't appear visible with Safari.

Then there's QNAP and Synology.  Comparing features suggests that QNAP tends a little more towards business, and Synology towards good user interface and features.  The Synology approach seems to be to allow the user to download and add applications -- kind of a mini server.

Ordering a Synology tonight, report to follow!




Managing Your Digital Video Library

We have a rule in our house:  every DVD that comes into the house goes on a particular corner of my desk before it's opened.  I promise to put it on our media server the same day.  If we don't do this, the half-life of a DVD is 17.5 seconds.  I've measured.

There are probably more "best" ways to handle digital media than just about any topic I can think of.  Unlike backup where you could measure "good" vs. "better" based on probability of data loss, however difficult that may be, there is no way to rate or rank the way we keep our media.  It all depends on what you want to do with it.  The way I do it has changed several times over the years with changing technology, and the "best" solution remains a moving target.

I've gone through at least three different systems for digital media viewing.  First it was on DVDs.  Then I moved to ripping the DVDs to a hard drive on my Windows PC and watching the movies on a monitor, which was cumbersome at best.  For a while we had a Windows Media Server made by Niveus.  That worked reasonably well, and had two cable-card slots.  It was a true TV tuner and DVR but, unfortunately, it was too difficult to keep working properly -- principally due to Windows.  When I switched to Macs and got sucked into the Apple "ecosystem" things got simultaneously easier and more complex: easier in the sense that I could view video on multiple Macs as well as iPhone(s), iPad(s) and the Apple TV.  More complex for the same reason.  And because optimal video encoding for each of these devices is different.  In what format and in what resolution should you keep video?  Multple copies?

Bottom line: I keep the original media (DVD or Blu-Ray Disk) so that I can always go back and re-rip in whatever new format I need.  There has to be a better way, but I haven't figured it out yet.  Anyone??  One thing that I have been doing recently is ripping the entire disk in uncompressed .mkv format and keeping that as the "digital original."  I can then create whatever I need with multiple runs of Handbrake to create versions tailored for Apple TV, iPhone, etc.  I have considered keeping .iso copies (complete copies of the entire disk preserving the disk structure, special features, etc), but this takes nearly 50 GB/disk for a Blu-ray disk!  That's 20 movies on a 1 TB drive, but maybe worth it. 

I've also gone to purchasing a significant amount of content from the Apple Store which downloads both HD (selectable 1080p or 720p) and standard definition versions to iTunes.  I guess they haven't figured out a better solution either.

Here is the current setup, which I like very much:

  1. We have Apple TVs attached to the media systems in the family room and upstairs.  It's the mainstay of our media system.
  2. Content to stream to the Apple TV is on a dedicated Mac Mini which is always on and running iTunes.  They are relatively inexpensive and you can use an old one with no problems, as the processor demands are very low.  Video is duplicated on my Mac Pro.  The Apple TVs can connect to either
  3. All DVDs and Blu-Ray Disks are converted to Apple TV 2 format using appropriate tools (Handbrake for DVDs and usually MakeMKV and then Handbrake for Blue-ray).  Note that MakeMKV has trouble with some Blu-ray disks and sometimes I use the Windows-based AnyDVD, which is the best tool for this I've found.
  4. We've been buying more content through the Apple Store.  It's DRM protected and llinked to a single Apple ID.  This turns out not to be a big issue in real life (see below), though it does irk me.
  5. We make extensive use of Netflix streaming through the Apple TV.

Once something is in my iTunes library it's easy to get it onto most of the devices that I want to use it on, principally the Apple TVs, the iPads, and the iPhones.  You can also stream and/or copy to a Mac or Windows computer running iTunes.

It's easiest if you have one Apple iTunes account and everything with DRM is purchased thorough that account.  You then turn on Home Sharing and authorize each computer and/or device for that iTunes account.  You can authorize 5 computers/account, and an unlimited number of iOS devices (including Apple TVs).

But then we ran into a problem.  I bought lots of stuff on my iTunes account.  My wife bought some things that she really wanted using her iTunes account.  Uh oh!  But it turns out not to be a problem because, although I cannot find it documented on the Apple web site, you can authorize iTunes on a Mac, an Apple TV, and an iPad for at least two different Apple IDs.  I don't know how many you can do as so far I've only tried with two.

Note that it's a little convoluted as you are able to use different Apple IDs for iCloud, iTunes purchases, and Home Sharing.  There are several good articles about how to set this up on Macworld.

Finally, I should point out that I choose not to rip and keep copyrighted material that I don't own.  I move it to the servers for the ability to view it in the way that I please and, most importantly, to protect it from the love of 5 and 8 year old boys!

Happy viewing...