|Home » ACP » Tracker
TrackerWhy chance it?
[Purchase your Xfile here. ] [Purchase the ACP here. ] [Download the Xfile Test Drive for OS X 10.4-10.12 here. ]
Don't give control to strangers. Or unknown untested software. Keep track of file activity. Know who's touching what. Don't let untested programs plant junk wherever they please and hide it from you. Don't let them spy on you either. Take control of your computer.
Got new software?
There is - quite literally - no way to protect your computer without this tool. No way. There are no comparable products anywhere - at any price. And ask anyone who uses it: there is simply no way to live without it. Tracker sees everything.
There's a funny thing about computer code: it's almost impossible to know what it's going to do before it does it. Post mortem analysis might be all you have: finding out what's been done after it's done. It's all you ever have and you need it.
Give your password to an unknown application and it's 'lights out': how can you find out where an application went and what it did with 20,000+ directories in your file system? What it changed, what it added, what it read and sent on somewhere?
They're getting nastier, the third party products (and nasty exploits). And even the benign ones are getting sloppier. And stupider. And meaner. Use of third party software is today ripe with hazards - even on OS X. Giving an installer your admin password is asking for it.
There are two things that happen every time people running OS X get hit by crapware or malware.
- The zealots come out of the woodwork. If the attack is first described as a virus, they'll claim it was a worm. If the attack's described as a worm, they'll claim it was a virus. Then they'll all retreat back into the woodwork and go on as before.
- Apple will issue the worn-out blanket statement 'never run unknown or untrusted software' and recede before anyone can ask them just how they expect that to happen.
That's why you need Tracker. Even if it's theoretically possible for a major shop to assign software testing to a seasoned admin and a dedicated machine, the admin needs an adequate tool with which to perform the testing. And Tracker's the only available tool for OS X.
Take it for a test drive
Fire up Tracker. Click the 'Track' button. Go about your business for a while. Navigate into a few folders. Open a few files. Surf to a few sites on the Internet. And then come back to Tracker, click the 'Refresh' button and watch Tracker work. It's really fast.
Tracker lists all targets of all file operations, whether they be a mere access, a modification, or a change in inode data. Files accessed are listed in a regular font; files that have been modified and files whose inode data has been modified are listed in bold, as these operations are more serious.
And this includes directories too: simply navigating to a folder gets noticed by Tracker.
They can't wipe their tracks
Tracker will even show you when your 'untrusted' application is trying to rig your file system data on you: that all-important 'changed' field will show up in Tracker and make 'MacNasty.app' stick out like a sore thumb.
The info sheets
In addition to the standard ACP info sheet Tracker has a special tracking sheet that shows you just what fields have caught Tracker's eye.
Are you really sure?
Some malware tries to trick you by disguising itself as one type of file but opening as a different type of file. Even Finder can be fooled. But not Tracker.
Tracker sidesteps the classic 'Oompa-Loompa', 'Safari', and other 'exploit holes' by showing you before you launch your application (or what you're being duped into thinking is an 'innocent' file) exactly what program will in fact run. If things are not as you think they should be, you can nip it all in the bud.
You decide what to run - and you get all information up front before you run it.
Oompa Loompa came disguised as a zip file. Double-click it and be owned. Tracker caught it. Did you have Tracker?
Wanna go again?
Once a tracking session's begun you can at any time refresh your listing, choose additional tracking areas of your disk - anything you want. You can even share tracking sessions between Tracker windows.
Everywhere at once
Tracker lets you track as many areas as you want all at once. And it automatically eliminates redundancy amongst your chosen target areas so fast scans stay fast.
Save it for later
Some really cheeky installers don't bother asking you to close all your other applications - they go ahead and close them for you whether you like it or not. Tracker's OK with that - you've already saved the stamp to disk. And when the install is through - and whether or not the installer forced a reboot - you simply run Tracker again, fetch the stamp, and track. Piece of cake.
Check it out later
As soon as you hit that 'Refresh' button you can go on doing what you were doing before and let Tracker finish its work. Times are capped at when you start the scan session. If you need to update later - just hit 'Refresh' again.
Play it back later
Save your current Tracker listing for later playback. Load the archive and take over precisely where you left off - with the same files, the same time stamps, the same search paths.
Tracker can export results in text format with start time, stop time, target, areas scanned, files accessed, inodes changed, and files modified all listed.
You don't need no steekin' target!
As use of a target is optional, Tracker can obviously be used to track anything from a software installer to a complete Internet session to even a complete login session. Whatever it is you're after, Tracker can find it.
Tracker vs Spotlight
Spotlight and its corresponding driver fsevents can't help you track software and disk activities. fsevents misses out on the all important file accesses and Spotlight can be easily overloaded and lose all its data. Which isn't such a big deal if you're just crunching through an entire hard drive to build up Spotlight indexes again. But it is a big deal if you're trying to track unknown or untested software and you lose all your data.
Tracker doesn't lose data. An increasing number of software reviews at Rixstep are performed with the use of Tracker. Google Desktop was tracked in a matter of minutes - full system recovery may have been impossible without it.
Why chance it when it comes to unknown or untrusted software? Use Tracker.