About | Buy the Software | Forum | Industry Watch | Learning Curve | Newsletters | Products
Home » Learning Curve » Red Hat Diaries

20070623,00 — Script Kiddies

All has been and everything returns again.
 - Jaan Patterson


Get It

Try It

YOUR ACCEPTANCE OF THIS LICENSE REPRESENTS YOUR AGREEMENT THAT YOU WILL NOT SHARE SERIAL NUMBERS FOR THIS PRODUCT, PROVIDED TO YOU BY THE COPYRIGHT HOLDER, WITH ANY OTHER PERSON OR ORGANIZATION, AND YOU WIL NOT RENT, LEASE, OR SUBLICENSE THIS PRODUCT.
 - COCKTAIL EULA

Just when you think they're all gone they pop up again. No, not garbage flies at your compost picnic - the system optimisers. They're great, they're grand, and they make it easy to maintain your Mac at the click of the mouse.

And if something still goes wrong - and it will - then you can turn your box over to a system mechanic who will boot into SUM and run AppleJack for you and charge you $200. And your Mac will be like new again.

Those system mechanics don't know something you can't. And they don't possess a cerebral wherewithal you cannot attain to. But they've taken the time to learn and you haven't. And that's why the $200 is now in their pocket instead of yours.

Ever had to change a flat tyre on a country dirt road? When your cellphone battery was dead so you couldn't reach the Automobile Association? You made it home, didn't you?

Carpetbaggers

The advent of OS X and the concomitant Watership Down from MacOS and Windows meant a lot of people were out there with minimal or nonexistent chops in the new OS X Unix API and the close to 1,000 programs installed on every disk. These are the type of programs little old lady secretaries used to run in the days before the graphical interface. They're the same programs people are too lame to run today. What the little old ladies could do today's drooler demographic cannot.

There were those - quite a few - who didn't even understand they were getting had. There were people flocking to utilities like OnyX, Term's Little Helper, and that king of the trash heap Cocktail. And that latter program played a cute game on its users: like most of the others it was initially free; and then the author introduced shareware technology with an update, mentioned this only in the fine print, and watched as people blasted away their previous free copies and overwrote them with crippleware. That was very popular.

Cocktail is a breed apart in many other ways. All downloads are filtered through Apple's site or MacUpdate to bump up the statistics for the product. If the others - if CLIX - did this they'd have achieved zillions upon gajillions of downloads.

The 'first' Cocktail download link goes here.

http://www.maintain.se/downloads/tiger.html

That page has a meta refresh tag.

<meta http-equiv="Refresh" content="1;url=http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=05806&cat=15&platform=osx&method=sa/CocktailTE.dmg">

But Apple don't host software for downloads - they only bump it back to the author's site. No: that resolves immediately into the following URL.

http://mirror-maintain.com/downloads/CocktailTE.dmg

Now the author could have just referred you to the DMG's URL to start with; but by hooking through Apple's 'side car' he gives Apple the impression his app is more popular than it really is.

And he does the same for MacUpdate. [Evidently Version Tracker are wise to the trick and shut him off.]

TinkerTool

There's a case for saying it was Marcel Bresink's TinkerTool that started it all off. Long a favourite of David Pogue and mentioned in each of the latter's books TinkerTool is a real program - Marcel's been doing NeXTSTEP and subsequently OS X for a long time, has written several books about that technology in his home country, and implemented the innards of TinkerTool in 'real code'. At the end of the day it wasn't necessary as OS X has the powerful 'defaults' command, but at least it was honest.

TinkerTool's been mostly free as well, and although there was a period when Marcel got flak for invasive code things have been ironed out today. Or read what his site says online about the product.

'TinkerTool is an application that gives you access to additional preference settings Apple has built into Mac OS X. This allows to activate hidden features in the operating system and in some of the applications delivered with the system.'

'The tool makes sure that preference changes can only affect the current user. You don't need administrative privileges to use the tool. With this design, it is no problem to use TinkerTool in professional networks where users have restricted permissions. The program will never change any component of the operating system, so the integrity of your system is not put at risk, and there will be no negative effect on system updates.'

'All preference settings changed by TinkerTool can be reset to Apple's defaults, or to the state that existed before using the tool. No dangerous background processes are used for TinkerTool's operation.'

And that's about as user friendly and system friendly as you can get. And everything he says about the product is 100% spot on: the first thing he does is collect all your current configuration settings so he can revert. That's polite and considerate - how products like this should be written (if written at all).

OnyX

Joel Barriere's OnyX too has always been free but it's gone through some unfortunate incarnations. Today it's looking better than ever but it is a monster to download and have on disk: it's almost five times as big as TinkerTool for about the same functionality.

The difference is OnyX isn't code - it's script kiddie stuff. AppleScript code. An oxymoron if ever.

The Sudo Piggyback Scandal

And then someone posted an advisory at BugTraq. These 'system optimisers' for OS X were sending your admin passwords in the clear through to sudo. That didn't exactly make people happy. A few of these script kiddies wrote to Rixstep complaining about the bad publicity. 'What do you want us to do? Write real programs?' they asked. QED.

OnyX was involved; CCC was involved; Cocktail was involved. All were giving the farm away and not even telling you about it. Leaving you wide open and you didn't even know it.

sudo will namely accept your super secret password from the command line.

'The -S (stdin) option causes sudo to read the password from the standard input instead of the terminal device.'

The proof of concept showed how a rogue process could simply lurk and continue to enumerate the process table until the password popped up. After that the machine was '0WNed'.

Apple systematically refuse to find a hack for these script kiddies so they can interact in a safe way with sudo. For the one they're probably of a mind that it's too much work; for another they're probably of a mind that crucial work shouldn't be done through AppleScript anyway.

So the script kiddies kept getting turned away by Apple. And so decided the best policy was to just keep their mouths shut about it. And it worked fine for years - until the 'bug' turned up online.

Some lamers are going to say it doesn't matter; some of them are going to say even if their systems get compromised by black hats there's not going to be much damage anyway, those black hats are actually nice people and don't try to hurt you.

Those same lamers once insisted the system optimisers were doing things no one else could. When CLIX and other utilities and when Rixstep and other sites proved them wrong they changed their tack - suddenly this wasn't about those shysters doing things no one else could do - oh no! Now it was about 'WE PREFER THE POINT AND CLICK INTERFACE'.

And then the sudo piggyback scandal broke and they were silent. But they come back. They always come back. They come back like garbage flies to a picnic on a compost.

The latest is a real winner of an app called 'ultimateTask'. And it's a real winner. A related app by the same 'programmer' is featured at this site. And the criticism throughout the user base is loud - aside from the astroturf accounts the author uses to praise his own products. People wail in misery: 'oh no not again!'

To which the author replies:

'All has been and everything returns again.'

Classic.

The Myth of 'User Friendly'

The original Macintosh released 24 February 1984 was as hermetically sealed as the iPod. It had two programs - MacPaint and MacWrite. It cost $2495 - more than an MBP costs today.

Then because of unforeseen circumstances world traveler Steve Jobs was summoned by way of the Gulag to nearby Redwood City California where he proceeded to get himself another 'user friendly' box. And in the years ahead the Macintosh stagnated - and took successive turns for the worse. And the 'user friendly' was nowhere to be seen.

Conflict catchers; kernel extensions; configuring RAM for each application: no Windows user ever had to do so much to achieve so little - by the time Steve Jobs and Avie Tevanian gutted the sorry thing some fifteen years later it was such a mess it couldn't even idle overnight without crashing.

Bottom line? There are two.

  1. There was no 'user friendly'.
  2. MacOS users worked significantly harder than anyone on any other platform just to get their 'user friendly' apps to perform - only to finally succumb to a system crash anyway.

Any beige box graybeard who says 'Unix is too difficult' is blowing smoke - through his gray beard.

The Heritage of the Printing Press

The printing press was invented by Johann Gutenberg five hundred fifty seven years ago. It caused a real revolution. Prior to the printing press there were plenty of people who wanted to learn to read and write but surprise surprise the powers that were didn't like the idea. Knowledge is power and even five hundred fifty seven years ago that was a well established fact.

People would approach their vicars and ask to be taught to read and write. No way, the vicars would say. What do you want to learn to read and write for?

So we can learn things, the people would say.

What exactly do you want to learn? the powers that were would ask coyly.

Anything at all, the people would submit.

Oh that's no problem, the vicars would tell them. Anything you want to know - just ask and we'll tell you!

So people were (deliberately) kept in the dark. Until 1450.

Today Mac graybeards and Windows switchers are flocking to OS X at three times the rate of the rest of the personal computer industry. And some at least are asking 'can you please teach us to read and write' - and sites such as this are attempting to teach them. And products such as CLIX are attempting to give them the tools to learn.

The world wouldn't be where it is today were it not for the printing press. But the printing press alone could not cause a revolution. The revolution needed people willing to learn.

Thanks to our ancestors over five hundred years ago we are where we are today. But if it were left up to some users of OS X we'd get no further.

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.