Rixstep
 About | ACP | Buy | Free | Industry Watch | Learning Curve | News | Search | Test
Home » Industry Watch

'I'm Forever Licking Windows'

CLIX doesn't like to take prisoners.


Get It

Try It

So nice to have something positive to write about for once.

Ever since we announced the definitive cure for Apple's concentration camp, aka their 'walled garden', there's been a complete blackout in the media. Disclosing the cheap trick Apple used to mollify the record companies was one thing, but this latest revelation threatened revenues in the tens of billions.

Even comparatively innocent applications of ours got hit. No updates were published anywhere. It was one thing that infamous MacUpdate, which removed all software revealing the cost in human life to the 2003 US invasion of Iraq was removed after the fact, but Softpedia? We wrote to both sites and asked questions. We never got a reply.

But, lo and behold, venerable Softpedia did get around to updating their listing. As of 17 May this year. Break out the Bubbly Lite.

https://mac.softpedia.com/get/Utilities/CLIX.shtml

The blurb on CLIX doesn't appear to be our own. We repost it here in its entirety. Typos have been corrected, but nothing else - it's actually rather well written.

Free and user-friendly application designed to make it simple for anyone to understand and take advantage of versatile Unix commands

CLIX is an app designed to bridge the gap between intuitive GUIs and Unix commands that seem intimidating to many users. It makes it easy for you to run powerful and versatile commands that, for regular users, are normally accessible only via applications that hide the actual syntax.

The goal is to let you take advantage of these commands while also helping you learn the syntax, which will help you greatly in the future. It comes with an extensive starter database that can get you going on the right track, and you will be able to create new ones and save them to .clix files.

After loading a .clix file, all the commands will be visible in the main window, with their title, category, and description. If you double-click one of them, you will be able to see and edit the syntax before running it. Then the output will be displayed in the integrated terminal.

Check the 'CLIX_cmds' folder in the downloaded archive for a collection of command files that let you tweak your system and perform a range of other operations with Unix commands. Just double-click these files to open them in a new CLIX window.

To note: CLIX doesn't have an 'integrated terminal'. That's a good guess for an outsider, but what you see is not a 'terminal'. 'Terminal' is something very specific in this world, and the CLIX output window is not a 'terminal'. FWIW.

What's missing in the description

What's missing in the otherwise excellent description is that CLIX takes your security seriously - to an extreme. CLIX is a lot safer than anything from Apple. This is something we proved over ten years ago. Apple's code-signing can be routinely dismantled. We've never taken the time to create software to do it, and, frankly, we can't be bothered, as the platform is pretty hopeless and not worth saving, but yes, the method for creating such an app is straightforward in the extreme. Remove mention of a code-sign section in the binary headers and the software is liberated. Just like that.

But CLIX is another matter. CLIX is not an attempt to hoodwink millions of Mac window-lickers into punting out 70+ billion extra USD for software every year. It's merely an attempt to give people the truth. And truth, even in the nerdy world of IT, is a rare commodity, what with snake oil salesman lurking around every WWW corner.



CLIX has to be secure because CLIX deals with your system. CLIX will at times need your admin password (yes it can be a passphrase today with space chars and all) and that password has to be communicated in a secure fashion, and that password must never ever fall into the wrong hands.

There are so many levels to this security scenario, so many twists and turns, so many passages all alike yet different, that it's not funny. Apple tout that their Terminal.app can use 'Secure Keyboard Entry', but what does that mean exactly? Ask Apple - don't get tired waiting.

If a request from a subprocess asks for your password, how do you - how does CLIX - know it's a legit request? Easy. You get the ID of the process and follow it up the hierarchy. The granddaddy should be CLIX - but if it's not, you shut down the application.

How about the integrity of the CLIX bundle, the CLIX binary? Ah. This is the crucial point. Whilst it is possible to corrupt code-signed Apple apps and make them appear squeaky clean, this must not - and today cannot - happen to CLIX.

CLIX is locked from the inside with a lock placed on the outside. Does that make sense? Probably not. But that's the truth. OK, moving on: what does CLIX lock?

CLIX knows the size of the binary. In the days of universal binaries, CLIX knew the sizes of each part of the file. Today CLIX only has to worry about one architecture.

CLIX has pre-calculated over half a dozen checksums on its own binary. IT KNOWS THE SCORE. In a fraction of a nanosecond, CLIX will know if it's been tampered with. And then it will shut down.

If CLIX is not valid at launch time, then CLIX will simply not launch. If CLIX is tampered with after launch, then all vital functions are shut down.

Even exposed (and hidden) password data is removed. Both what may be visible on screen (the password dialog) or in memory (which is shredded).

CLIX doesn't like to take prisoners. Yes, CLIX is safer than Apple's Terminal.app. (You can still tinker with Terminal.app and get away with it. But not CLIX.)

Anyway. CLIX 2.4.0.0 (freeware non-ACP) is available. For the taking and making.

See the links in the menu bar.

'I'm forever licking windows.'
 - JW Kellette
'That's a double-entendre, dude.'
 - G Kawasaki



You've obviously heard of us, otherwise you wouldn't be here.
We're known for telling the truth even if it's not in our interest.
We're now telling you to beware Apple's walled garden. Don't get locked in.
What you've seen so far may be only the beginning of something far far worse.
Download our Test Drive and at least check out our free Keymaster Solo.
That's the first step to regaining your freedom. See here.

CONTACT INFO:
John Cattelin
Media Contact
contact@rixstep.com
PURCHASE INFO:
ACP/Xfile licences
User/Family/Business
http://rixstep.com/buy
About | ACP | Buy | Free | Industry Watch | Learning Curve | News | Search | Substack | Test
Copyright © Rixstep. All rights reserved.