Macking 124

Sony Malware Affects Macs
You have probably been reading about the firestorm that resulted from Sony incorporating malware on many of the music CDs they distribute. Although the real victims are, as usual, Windows users, there is a Mac hack as well. A little application called "start.app" is on the CD and it will, if allowed, install two files: PhoenixNub1.kext and PhoenixNub2.kext. The clue is that your Mac will ask for a username and administrative password shortly after inserting the disk.
It is not known how much damage these do to a Mac, nor how they even work. It became somewhat moot because Sony, after receiving a major fling of feces from half the planet, has backed down and removed the malware from the CDs. That is not stopping a couple of major class-action suits from brewing, nor will it get back the extreme loss of face Sony now enjoys. I would soon expect to read about firings of the idiots who came up with this scheme, followed by some quiet harakiri.
It also does not affect the fact that there are several million of these disks floating about the marketplace, waiting to affect computers again and again. The lawsuits demand that Sony recall affected CDs and refund money to every owner of them, but so far Sony has not voluntarily offered to do so.
Personally, I will no longer buy any Sony products until this is resolved to everyone's satisfaction, and any time I buy a competitor's product I will send an email to Sony to inform them of that fact. Every little bit helps.

Where Should You Stop?
I have been counseling people for some time now to avoid automatically upgrading or updating their Macs just because Software Update says you should. Over time, however, people can get lost and not know what they should and should not do.
Last month I covered iTunes, but there is so much more to deal with. How about the OSX updates, and the paid upgrades? Okay, here we go.
OS8.6: If you are using a beige G3, take it up to 9.1. You could go to 9.2, but most everything you do will be available to 9.1. Most of the changes in 9.2 are there to make it more compatible with OSX in Classic mode. If you have an iMac or old iBook, there is a Firmware Update on the CD that you should run before upgrading. This is especially important if you ever plan to boot it into OSX, even from a CD, because I have seen OSX fry an un-updated logic board!
Macs older than the beige G3 cannot be upgraded beyond 9.1 in most cases, nor do they need to be. A 7200, for instance, is almost as obsolete as can be, but it can still handle a DSL connection and run IE 5.1.7, Netscape 7.0.2, Eudora 6.1.1 and the final Outlook Express (but shouldn't).
Others that should stop at 9.1 are the first Bondi Blue iMac, the clamshell iBook and the G3 PowerBooks before the Pismo.
OSX 10.0.4: Nobody. If you have this, go back to 9.1. It's too primitive to use.
OSX 10.1: End of the line here is 10.1.5. Software Update will take you here but it is really too primitive to use very well. No Safari, AppleMail is a joke. Still a work in progress, but not completely useless. It will run on any Mac from the 1st generation iMac, iBook, last two black PowerBooks, G4 "Yikes" (generation 1 PCI Graphics), up to the Macs that shipped with a version of 10.2 installed.
OSX 10.2.8 (Jaguar): Finally OSX becomes stable and useful. Runs on any Mac with a G3 processor except, I believe, the original G3 PowerBook with a passive-matrix 800x600 screen (which was really just a modified PB 3400). Software Update (SU) will take any previous version of 10.2 to 10.2.8. Use the Download Only command in SU and install it manually after Repairing Permissions with Disk Utility. Then repair them again after restart. It's better to use the Combo Update rather than the one that is chosen by SU if you are updating from 10.2.7. You can find the Combo updater at Apple's web site.
OSX 10.3.x (Panther): The kittycats march on with an upgrade so good it was worth installing on the day of release, even though many people found that it killed their older FireWire drives as soon as they were plugged in. The thing that made it so good was Exposé, which zoomed all of your open windows down in size and laid them out flat on the desktop. Move your mouse over each one and the title is revealed. Click on it and that window zooms to the front. Amazingly, many people running 10.3 don't know about this feature, usually invoked with the F9 key, or another feature invoked with the F11 key that zooms all your windows out to the edge so you can access something sitting on the desktop. Tap it again to bring them all back.
Another improvement was a sidebar on every Finder window that showed a shortcut to the Home folder, any mounted disks or volumes, the Documents folder, and others. Those shortcuts could be removed by dragging them off to the left of the window, and new ones could be added by just dragging them into the sidebar area. Files dropped onto these folder shortcuts were put in that folder, even if the main part of the window was showing the contents of a different drive volume. These shortcuts are also available in any Open or Save dialog box.
Also improved was the search field in every Finder window. Typing in that field initiated an automatic search of your entire hard drive or drives mounted on the desktop. On faster Macs, that meant that your file was isolated before you even finished typing the name. Sadly, this extremely useful feature was removed in 10.4, replaced by a horrible mess. Panther runs on any Mac with a G3 or later processor with built-in USB, which excludes the beige G3 models and includes only the last two black PowerBooks, the Wall Street (which had USB and SCSI) and the Pismo, which had USB and FireWire but no SCSI. It barely works on the first Bondi Blue iMac because that model cannot address more than 160 megs RAM, which is barely enough to run 10.2.8.
Warning: Never boot one of the older iMacs, iBooks or the G4 Cube using an OSX disk until you have checked to make sure that a needed Firmware Update has been run. That update is available in the Extras folder on any OS9.1 or 9.2 CD, or from Apple's Downloads area. I have seen a logic board burned out by simply booting a copy of Disk Warrior 3, after the dealer recommended it for that model. The OSX Installer CD runs a test at startup and stops loading with an error message if the firmware update is needed.
Finally, I recommend stopping at 10.3.8 and forgoing the final version 10.3.9 because it installs a newer version of Safari (1.3) that introduces new bugs and incompatibilities not found in 10.2.x, and also because there have been many reports, some of which I have been called out to repair personally, of systems going down for good right after the upgrade was run.
It's a small percentage overall, but since there is no noticeable improvement gained by running the update, it was best avoided completely unless you wanted to use one of the few programs that required it. I still hold that position. In fact, 10.3.5 was a stable version of Panther, which weakened with the 10.3.6 update, rapidly replaced by the barely-improved 10.3.7. I recommend stopping at 10.3.5 unless you buy new software that requires the later version.
I carry both updaters with me for those clients who need updating because Apple no longer makes them available; you have to go to 10.3.9 if you depend on them. Most User Groups also archive the older installers so if you need it, ask around.

Which Leads To
OSX 10.4 (Tiger). I have been called a reactionary, a Luddite and worse for recommending against this upgrade for everyone who is running any version of OSX 10.2 or 10.3. I base my contempt on the spate of problems people reported on the Mac blogs, along with my own experience with it.
My biggest problem with it is the new search feature called Spotlight (and many call Stoplight) that is touted as the final answer for perfect searches everywhere, inside documents, Mail databases, PDFs and others. Unfortunately it falls down bigtime if all you want to do is search for files and folders.
Start typing in the Finder's search field in any window and by the time you hit the second letter it stops cold. It is busy searching the entire Spotlight database for anything containing those two letters and it gets so busy it forgets to let you narrow the search by adding more letters! Only on a G5 does it react with enough speed that this problem becomes less annoying.
Finally, when it does finish searching, it gives you a large list of applications, text documents, Mail messages, PDFs and the like that match your search string, way down at the bottom of the list is the file or folder you seek - and many times it isn't there at all! In the early days I couldn't force Stoplight to successfully find a particular file until I opened the Finder window displaying it and then typed the name in! After that, future searches were able to find the file.
A partial fix came along by 10.4.2 that let you reorder the Search Results list so files and folders came first, but it still works as poorly as ever. Furthermore, it will not even search the Trashes or System Library folders.
There is an unreal number of options you can search on, from Audiences, City of the item, Encoding software and finally, whether or not the file is invisible. To amaze yourself, go to the Finder, type Command-F and drop the first popup menu on the left (usually "Kind") and choose Other to see all the options available. If your goal is complex and unusual searches, Stoplight is for you, but the simple Find that would locate any file or folder, visible or invisible, with a single click is gone. (Yes, I know that Sherlock had to be set to More Options to locate invisible files.) Apple will probably never fix it because they think the new way is better.
The first hack to come along to fix one of the Stoplight problems is called LaserLight. Install this into the Dock and type the filename you are looking for, either whole or in part. Click Search and it launches Stoplight. While this isn't the full answer, it does bypass the pause you get when Stoplight won't let you finish typing before you start searching. It's free under the GNU public license and you can Google it or find it on VersionTracker. I won't be happy until someone releases a hack that takes over the Command-F instruction and brings up a window that searches for files and folders only, everywhere on the drive, and lets me finish typing before it starts. There are other hacks appearing, so stop by versiontracker.com now and then and look for "Spotlight hacks."

10.4.3
I looked forward to this update with a mixture of anticipation and fear. It incorporated over 500 bug fixes (none for Stoplight) and all previous Security Updates, many of which also caused problems for people who installed them just because SU said to. I was busy the week it came out so it wasn't until the next Monday that I was able to block out enough time to risk the updater destroying my system and my having to do a Full Restore to remove it and get back to the reasonably functional 10.4.2.
I am happy to report that it went perfectly. Smooth as silk. It ran quickly and so did the Repair Permissions I did immediately afterwards. I had made sure that I was current on my favorite 3rd-party hacks (WindowShade, ClearDock, PithHelmet and others) before running it and everything ran like clockwork. I got the rest of the day off and am using it now with no glitches.
Note that I did not let SU do the update; I chose Download Only from the Update menu and then ran it right from my hard drive. That seems to work for most people who otherwise have had trouble; SU can have problems downloading and installing a bunch of updates at once. There were people on the blogs reporting problems and still are, but the frequency is not as intense as in the past. If you want to read them yourself, go to http://www.macfixit.com/ and http://www.macintouch.com/. There are also discussion groups on Apple's site, but those lists are tightly moderated and sometimes not everything you need to know is on them. Best to stick with the independents.

Who should run Tiger?
Any G4 or G5 with at least 512Mb RAM, preferably a gig or more, but only the last and most powerful of the G3 iMacs and iBooks, 500 MHz or more can handle it. Some of those do not have DVD drives and since Tiger ships only on DVD, you must fill out a form on Apple's web site and return the DVD for a set of CDs. Everything made with a G4 or later processor includes a DVD reader except the Yikes, on which it was optional. You should not have less than 512Mb RAM and 640 or more would be better. Some Macs top out at 512 but if you have less you will wind up spending a lot of time paging data in and out of virtual memory, which means you will spend a lot of time staring at the Spinning Pizza of Patience.
You also need to keep your hard drive relatively clear. Back in the OS9 days a drive was considered full by the time it reached 90% but it could be forced to 95% and not die. Now, due to the way UNIX handles its virtual memory scheme you should consider 75% to be the top. On a 40 gig drive (really 37.7 after formatting) you start having problems with less than ten gigs remaining. On a 250 gig drive, fifty gigs free is reaching critical mass and it's time to buy an external drive. External drives, or second internal drives, can be used to within 95% of their capacity as long as they do not have OSX installed on them. At that point you need to think about making a backup of your backup, or archiving as much as possible to DVD-R disks. Compulsive collector? You can now buy drives up to and beyond a terabyte (one million megabytes) for around $2300.

No Microsoft products were used in the production of this column.

email mp at moonmac dot com. (I took out the mailto link because that's how the spammers find me.)