Tag Archives: mac_utilities

Pathfinder 4.7 Released

Pathfinder, one of my favorite Mac apps, has been upgraded to version 4.7. The update was announced and installed through the built-in auto-update feature. I didn’t have any problems with the upgrade although it’s necessary to restart Pathfinder after the upgrade and I was prompted to approve or postpone the restart.

The change log lists six new features.

  • Redesigned Get Info window which allows get summary info (Cmd-Option-I)
  • New Subversion plugin (experimental – use with caution) that provides basic svn functionality (status, update, commit, diff, add)
  • Redesigned Applications Launcher – press F8 or see the Go menu
  • Updated the Terminal to the latest iTerm code: new interface; drag reorder tabs in terminal; drag tab out of window to create new window; many other new features. Terminal preferences have been moved and can be now found in the terminal window (“Settings” toolbar button).
  • Added the ability to preview Safari .webarchive files
  • You can now preview and play media files as well as preview PDF thumbnails in the last column of column view

Even though labeled as new features I’d classify them more as improvements to existing features with the exception of the Subversion plugin which is labeled as experimental. There are 21 additional improvements listed along with over two dozen bug fixes (including one called Improved compatibility with OS X 10.5 (“Leopard”)).

It’s subjective, but I liked the menu structure of the app launder rather than the new icon layout. But I use Quicksilver for app launching anyway. The GetInfo improvements are nice along with the ability to edit permissions using the numerical equivelents. The upgrade kept most of my settings but the drawer panel on right was changed from what I had picked (info). This was easy enough to change back.

Free Disk Space Utilities for Mac

In my previous post about my problems with Superduper! I mentioned I used two free utilities to try and find out where all the space went.

Disk Inventory X

The disk warrior main screenThe first utility is Disk Warrior Inventory X which provides a graphical representation of your files. When the program starts you’re asked to pick a drive or folder which is then scanned and the main screen is shown. Click the picture to see it full size. The left pane shows the typical expanding tree view where you can scroll through looking for specific files or directories.

Next to that is the graphical representation. To find the large files just look for the biggest boxes and click on them to get the file name.

The fly-out window on the right lists the files by type and how much space that type of file uses. Right-clicking a file type and selecting “Show Files in Selection List” displays the files of that type in the fly-out window at the bottom. The window can also be displayed by selecting “Windows” -> “Show Selection List” from the menu.

The properties displayWhen you select a file in any of the views, a properties screen is displayed that shows information about the file. Click the picture to the left for a full size view of the properties screen. This specific file shown is a Parallels virtual machine and was the largest block in the display, making it easy to find.

The selection window allows you to show the file in finder or move it to the trash directly from Disk Warrior Inventory X.

The Universal version of Disk Warrior Inventory X is labeled “beta” buts it’s the version I use and I haven’t had any problems.

WhatSize

The second disk space utility is WhatSize by ID-Design. WhatSize’s interface lacks the graphics of Disk Warrior Inventory X but it’s interface is easier to use in some cases. All the available drives are listed in the left column. By default the columns to the right function similar to column view in finder. As you select a directory it’s contents appear in a new column to the right. This can be changed to “Outline View” where you expand and collapse directories as you do with Finder’s list view. Like Disk Warrior Inventory X you can right-click a file or directory an show it in Finder or move it to the trash.

The FlatView window The real strength of WhatSize reveals itself when you double-click a directory and the “FlatView” screen is revealed. This lists all the files in the directory tree you double-clicked. The filters at the top of the screen allow you to filter files by size or type. The entire drive can be listed this way in what’s called “Table View”.

Both Disk Warrior Inventory X and WhatSize are on my Mac Software – Utilities page. You can check there for any significant updates in the future.

graphic for the Backup - File and System Recovery category

Data Rescue II – File Recovery For The Mac

Data Rescue BoxData Rescue II is a file recovery utility for the Mac by ProSoft Engineering. Even if you don’t need it now, what’s worth knowing is that if you need it to recover files you can download the trial version and see if it will work. The download will read your hard disk and list the files that are available for recovery. You can recover one file up to 5MB in demo mode. This review is based on the evaluation copy. You need to provide an e-mail address to get the eval copy. They’ll send the download link to the e-mail address you provide.

The philosophy of Data Rescue II is to focus on data recovery and not hard drive repair. Analyzing the data on the disk for recovery can often be more effective than trying to fix the hard disk itself. Data Rescue II never writes to the hard disk that contains the files to be recovered in order to prevent further corrupting the data. But if your hard disk has a hardware problem, such as a head crash, simply operating the drive may cause further damage.

The download is a 12.4MB disk image (.dmg) file. Installation is done by simply dragging the Data Rescue II icon to the Applications folder. The download also includes a 59 page User Guide as a PDF.

When Data Rescue II is started for the first time I’m prompted by OS X to enter the admin password so Data Rescue II can set itself up. I’m prompted for my name and serial number but to run in demo mode all I need to do is tick the box to accept the license and click the demo button.

Data Rescue 2 activation screen

Clicking demo brings the message that I can scan my media but only recover a single 5MB file. After acknowledging the message Data Rescue II scans my hard drive which is quick.

There are two modes. “Assistant”, which is wizard based and “Expert Mode”

Continue reading

MacLockPick: Mac Hack Tool (not such a hack)

I first read about the MacLock Pick a little over a week ago. It was described as a USB thumbdrive that could be plugged into a Mac to extract passwords from a keychain along with other system information. The keychain is an app that holds passwords so a user doesn’t have to enter them all the time. While encrypted and password protected the keychain usually automatically opens and loads when a user logs on, although this behavior can be changed. The MacLockPick is sold by SubRosaSoft.

SubRosaSoft makes a big deal on their website that they’ll only sell it to licensed investigators and law enforcement officers. It sells for $500 with a 10% discount to law enforcement. This just didn’t seem right, and if it was right it was eventually going to be a big problem since it would only be a matter of time before the technique fell into the wrong hands. It’s a USB key so physical access is needed. But there must be more to it.

The SubRosaSoft website has this information…

MacLockPick takes advantage of the fact that the default state of the Apple Keychain is open, even if the system has been put to sleep.It also makes use of the openly readable settings files used to keep track of your suspect’s contacts, activities and history. These data sources even include items that your suspect may have previously deleted or has migrated from previous Mac OS X computers.

and it adds

Recovers files from sleeping computers – Once awakened a Mac will return it’s keychain access levels to the default state found when it was initially put to sleep. Suspects often (and usually) transport portable systems in this sleeping state.

and the usage instructions begin

  • Insert the MacLockPick flash drive into your suspect’s computer
  • Double Click on the MacLockPick Application

So if we break this down:

Yes, the default state of the Apple keychain is open. For true security this can be changed so it closes after 30 minutes of non-use or even close after each access. Those settings can be annoying so it’s likely that the default of “open” would be used unless the person was truly security conscious. And, yes, if you have physical access to the computer you can read various log files and the unemptied trash. OS X does have a secure delete which overwrites files that are deleted. It doesn’t seem like MacLockPick deals with secure delete. It’s also unclear if the software actual tries to read the physical sectors of the hard disk to get the contents of the files. It sounds like it just reads the history of files used and deleted. All this will give is the file names.

But then we hit the real weakness of the product. All you need to do to stop anyone from using this product is enable the option

The require password option

or enable the two lock options.

Keychain options screen

Any of these will require a password before giving access to the Mac so at this point there no way to double-click that icon until a password is entered. Oh wait, one more way to thwart the MacLockPick – turn off the Mac. Unless autologon is enabled the tool can’t be used. (And if autologon is enabled the tool isn’t needed.)

The program does the usual forensic stuff like not writing to the hard disk when it does it’s thing. It also automatically does everything so no OS X knowledge is needed. But is that worth $500? What their really seem to be promoting is a way to bypass security, just look at the name. They aren’t cracking any passwords or doing any magic. A non-security professional can get the same info under the same conditions.They just need to know how to start the keychain app and where files are located. Sure they automate it, but $500?

Sure, if the “suspect” isn’t security conscious at all you’ll be able to collect the information, but enabling any of these options makes the Mac more secure that that door you have to break through to secretly get to the Mac. Oh wait, maybe the door key is under the mat. I’m heading back to their website to see if they sell a tool to crack a doormat.

Mac Mozy Online Backup Update

I’ve still been using the Mac client for Mozy backup and it’s a good time for an update. To recap, the Mac client is still a early limited beta. In this case limited means it was offered to anyone who asked to be notified when the Mac client was available. There’s no Mac documentation yet so I’m kind of winging it.

Mozy sends files to the server in an intelligent manner. If you have multiple copies of the exact same file it only sends the file once, although it is in all locations when you look at the restore window. For example, I have three programs from the same software publisher and they all use a file called “MyTime.jpg” in all three programs (this was the first time any of those programs were backed up). Mozy sent one to the server and didn’t send the other two but did list them in their proper locations in the restore window.

Screenshot of the three files.

Screenshot showing only one file going to the server

Actually the second screen shot shows one file going to the server, one flagged as already on the server and no status for the third one (more on that later). All three files were in fact available for restore from the server. I also have several other directory trees where most of the files are identical among them. I these cases only one file was sent to the server. It’s nice to see that the files aren’t going out over my internet connection when they don’t have to. Saves both time and bandwidth.

The quota is based upon the size of the files on the local disk, so even though Mozy saves space and performance by only sending one copy of the file all the copies count against the quota. Since the quota only applies to the free service, and it’s a logical calculation that you can verify, it makes sense to do it this way.

There’s three processes that show in Activity Monitor for Mozy (although not all three run all the time) and all are native Intel programs. There’s one called “Mozy Backup” which is what actually does the backups. There’s one called “Mozy” which appears when “Configure Mozy…” is selected. There’s another called “Mozy Status” which displays the Mozy icon in the menu bar. When clicked, the icon displays the following options:

Continue reading