Why does this admin authorization which is not root authorization let the installer run scripts as root, as Adam proved by a test package? Isn’t that a serious bug and security hole, as he claims?
Well, yes and no. The answer lies in a file called /etc/authorization. This is an XML file in property list format which defines the various rights a process can ask for when using the Authorization Framework, and defines a set of rules that are applied when this happens.
“Rainer Brockerhoff”:http://brockerhoff.net/bb/viewtopic.php?p=1973

Well, yes, but there’s a problem with that. As I noted in the article, I altered the /etc/authorization file to try and change the behavior and it did not change it. In fact, the authorization file says the user should be prompted and the user still isn’t. Installer is doing something inside itself to get around that, and that’s the problem. Apple actively went against their own security practices to make the product easier on novices at the expense of security, a very Microsoftian practice.

Translating this into a slightly less geeky form, this is the autorization right requested by the AuthorizationExecuteWithPrivileges() call, which is the one used by the Installer. It can be granted to users of the “admin” group, is granted automatically to the root user, and times out in 5 minutes. AuthorizationExecuteWithPrivileges(), in turn, is the system call to run a script as root; which is allowed for administrators, as we’ve seen.
“Rainer Brockerhoff”:http://brockerhoff.net/bb/viewtopic.php?p=1973

I don’t believe they’re even calling that function to gain root, honestly, because it follows the authorization file. It can’t not. They’re doing something else and I believe that’s a red herring here. There’s no way to call that function and have it not consult the database, so they’re doing something internal to get around it. Be that a SUID program somewhere or some private call, they’re getting around the clause in authorization that says the user needs a password.

This one’s priceless. This goes to show the level of stupidity at Apple Defects, that he intends to harm Apple’s image without concern for accuracy, and that he’s trying desperately to find things to “report” on.

More Electrical News…

A user on YouTube has posted a video of his MagSafe Power Adapter issuing electrical discharges from around the rubber base. The MagSafe is a great invention however it is not without problems, in the past users have reported their MagSafe adapters igniting into flame and melting, amongst other issues. One would assume this particular MagSafe adapter is slowly beginning to fray and the protective rubber shield is no longer functioning problem.

It’s hard to look at any website without seeing one more monkey screaming bloody murder over a problem they’ve had with their computer. Moreso, Mac users are going to scream and get heard because the overwhelming majority of us can compose complete and legible English sentences as opposed to our PC compatriots, who are at this point evolving just past IM-speak in their online communications.

Thus, in matters not relating to Macs, you’ll find that the majority of good writers on the web today are actually using a Mac behind the scenes. It’s not a direct correlation, but it’s notable enough to mention because those known writers, those good writers, will do what they do best when they run into a problem with their computers: write about it. You and I, ever the loyal readers, will be tempted to do what we do best when we read those writings: believe it.

I questioned Apple Defect’s lack of accountability in reporting any claimed problem as an across-the-board truth any and every possible problem with MacBooks and MacBook Pros. The site owner’s response? Bannation.

Apple Computer plans to announce Monday that it’s scrapping its partnership with IBM and switching its computers to Intel’s microprocessors, CNET News.com has learned.

Changing the chips would require programmers to rewrite their software to take full advantage of the new processor.

Apple to ditch IBM, switch to Intel chips | Tech News on ZDNet,

I will post pictures of me naked on top of my car in broad daylight if Apple moves to x86 chips. Seriously.

I really don’t get it. I mean, in light of articles about how we don’t trust journalists anymore someone on the order of Cnet, which most already call a techno-rag, goes and calls it fact and truth that Apple will commodify the Mac by moving to Intel chips.

Unless, and here the brain starts actually working, the move to Intel isn’t what everyone is thinking. Perhaps such a move is more to Intel’s processing and production plants, but they would still make the PowerPC chips? Perhaps these talks are adding Intel to the PowerPC patent group (CHRP and co.) so that Apple can get a “real” chip maker in town to get the G5 to 3GHz and beyond.

Intel making PowerPC chips? Could it really be? I’m unsure of how I feel having the same company making the CPU for both major hardware platforms, but I know that both Motorola and IBM have production problems at the higher speeds that Intel just doesn’t have.

Eh, either way, I’m more than skeptical. I still remember the iWalk, and I’m still laughing at it.

I can always tell when the news machine is slowing down. It’s kind of like there’s sugar at the bottom of the Mac Web’s gas tank, really. When their news tank gets low they start to pick up the same old crap at the bottom and try to use it to fuel the fires. What I underestimated was the level at which they pick that crap up. It seems that Mac reporters are very, very easily bored.

What I mean is that there’s a good deal of news to actually cover, what with Tiger coming out to stellar reviews in spite of it being alpha-quality crap that has more bugs than the Temple of Doom. That, alone, should be decent fodder. If not that, then the sudden appearance of music videos in iTunes, or the supposed Babblecasting capabilities that 4.9 is said to bring in the future. They could bring up a whole lot of topics and keep them in the forefront with new ideas and new spin. When that runs out they could easily be useful and start talking about tips and how to get the most of the computer (which is the only reason I still have a Mac World subscription, really). No, they babble about the same crappy rumors to keep the hit counter spinning for the Ad Lords.

I mean, some of us just don’t post anything for months when there’s no news and nothing else comes to mind. It’s not hard, really; you just walk away and go do something with your life for a while. It seems that some others just can’t seem to handle that concept.

So, what crap lies at the bottom of that tank? The usual suspects, really. They are the insane ideas that spread like wildfire each time they’re brought up and cause the predictable and easily-incited hoards of Mac fundamentalists to hit the message boards and their own pathetic little blogs and write and write and write about how it will (never) come to pass and how everyone else is just not seeing the “big picture” and how this idea could easy (save|kill) Apple, and computing in general! and so on and so forth.

Poppycock.

If you ever see an article on these topics, you’re being played for a fool and should ignore it:

• Mac OS X for PCs (and the variant “Apple moves Macs to Intel”)
• PowerBook G5
• Video iPod
• Movie store
• Apple-branded PDA

Let’s just get it out into the open here and now, okay? Apple’s not doing any of them; not now, and not years ago when it was first “reported” that they were. Quit daydreaming and get back on track. Whatever Apple’s next innovation is, you won’t see it coming until it slaps you across the face like the Apple bitch you are and gives you that tell-tale “you had it all wrong, again“ look.

If it was easy to guess where Apple would steer the industry next then Sony would have long ago stolen the show from them. Sony has good designers, both aesthetic and electronic, and could easily best Apple out of the “niche computer artisan” market if they had any sense of direction at all. Well, and got rid of their NIH syndrome (ATRAC3-only in a digital Walkman? Dear God, man, what were you thinking?).

So, look, what this boils down to is that the next damn time I open MacSurfer and see a load of bullshit like any of this, I’m just going to stop reading web sites for a week. It’s not worth sorting through this much stupidity and naïveté just to find out that it was a slow news day.

If you’re a writer for the Mac Web, I urge you to listen to one piece of feedback: If there’s nothing to report, stop writing and wait until there is.

Thank you, and good night.

With every release of a cat-named OS, headline writers make sad attempts at word games based on this. Of course, there are only so many variations on a theme, and they get repeated … often. Here’s this year’s.

Tiger has been:

• unleashed (1 2 3 4 5 6 7 8 9 10 11)
• loosed/freed/let out/uncaged (1 2 3 4)
• launched (1 2 3 4)

Tiger also:

• roars (1 2 3 4 5 6)
• stalks (1)
• is poised to strike (1)

Commendable departures from repetition:

• Apple Pins April 29 Date on Tiger’s Tail
• Tiger Spotlight
• Apple to sell Tigers April 29 (cute…)

Engrish variations:

• Jobs claim Tiger is their biggest leap forward in decades (The company is Apple not Jobs though these days few could hold them responsible for that.)
• Tiger was, in one case, lunched.
  

So, about all this lawsuit stuff about revealing sources: it’s not about bloggers being journalists. You’re a fool if you’re looking at it from that angle. They’re suing to learn which person they trusted broke that trust; which person signed a contract and broke the terms of that contract.

In short, they’re not terrorizing the bloggers, they’re going after their own employees and/or developers to show that the NDA has teeth. As such, don’t expect negative press to shut it down. They’re going to keep going because the future of the NDA is at stake, not the future of blogging. I believe that Apple honestly couldn’t give a rat’s ass about that. You can bring free speech and journalism and sources and all that shit into this all you want, but in the end, Apple is protecting its right to hold people to contracts they sign. Don’t expect this to go away any time soon, and especially not from public opinion.

If you sign a piece of paper, you better damn well read what you signed. That’s all this comes down to. No need to lament the “death” of free speech (which was intended to mean you can’t get arrested for speaking your mind, not revealing corporate secrets that you promised, in a contract, that you wouldn’t, or conspiring with that person to reveal them); free speech isn’t dead. You can lambast the government all you want, or be the whistle-blower at a corporation all you need. What’s at stake here is Joe Blow saying he won’t say a word and then telling the world everything he heard.

Yellow journalism is something that is practiced in just about every news source in America today, albeit at under-the-radar levels. This, however, is yellow at its most blatent: 42% report 4G iPod audio problems.

What does that imply when you read the headline? That 42% of 4G iPod owners have problems with the device. What is it in reality? 42% of the poll respondents at iPodlounge claimed to have heard a chirp when changing songs. Poll respondents. Web poll respondents. Unauthenticated web poll respondents.

So not only does 42% not mean “42% of iPod 4G owners” but it means 42% of those that clicked a button without any means of showing that the problem exists for them. Yet this does nothing to impede Mac “news” sites from passing this story around like a bong in a dorm room.

iPodlounge, the popular website for owners and users of Apple’s digital music player, have been covering an issue with the 4G “click wheel” iPod. The site claims that their readers have reported problems with 42% of the latest version of the personal stereo.

No, not 42% of their readers. 42% of the people that clicked the button. I read the site and I have not clicked the button (and have a 3G and a 4G with zero problems).

The measure “42%” means 42% of the following:

• Readers of iPodlounge.
• People who followed the MacSurfer link.
• People who followed the AppleLinks link.
• People who followed the Apple Discussion Boards link.
• People who followed any random discussion board/IRC/IM/email link, which includes:
  • iPod users with a 4G and problems
  • iPod users with a 4G and no problems
  • Mac users “defending” the Apple name
  • Non-Mac users “attacking” the Apple name
  • Random web bots crawling sites and clicking buttons (I used to get this all the time…)
  • The Internet Chaos Factor (random people doing random things for random reasons generating anywhere from 5% to 95% of the results for a particular page)

So, in short: useless freaking statistic. Go back to your music.

For the love of … how do you get to be this stupid/scared? I mean, really? What breaks in the human mind that you have to see anything happening in the world that even slightly goes against what you want to happen as a grand conspiracy set out to injure your QOL?

Oh also, look at pearpc.sf.net – they have a fully working PPC emulator for x86 that can run Jaguar and Panther. It’s really slow (20% of the speed of the host comp, max) but it’s getting fast a lot quicker. Suspiciously one must add, one of the main developers got ‘hit by a train’ a few days ago. I personally think Apple paid him off – a PPC emulator that ran at 50% speed could potentially ruin Apple, so what better way to say he died and bam, no support for the gobs of code the guy wrote. It’s going to put the project behind at least 1 year. Let Stefan RIP, if true though.
Mac Forums – New iMac In September