Making an incomplete SuperDuper! clone on Purpose

Here’s a tip for those of you who use SuperDuper! (which most of you know: I swear by.)

WARNING: what follows are instructions on how to make your SD cloned drive NOT a true clone! Use only if you understand what I’m talking about!!!

If you have files that frequently change, and you don’t really care if they are backed up, or you have a separate backup of them, you can tell SD to ignore them during a cloning operation.

What? Why on earth would I want to do that?

Here’s my own example: I have VMWare Fusion, and two different VM (Virtual Machine) files: Ubuntu and Vista.

Now, every time I use one of those, or update Fusion, the files are marked as changed, and SD backs them up. Fine, except that’s some 30-ish gigabytes on each cloning operation. That stretches out my backup time a bit. Not so bad on my main Mac, but on my Old, Tired MacBook, that adds 25 minutes to the backup time.

So, since I don’t really change those files that much, I’ve chosen to back those files up individually, and don’t want them always backed up each time I run a quickie SD backup.

(Other such things are caches; frequently updated RSS feeds and so on.)

Now, with the caveat that you are >defeating the purpose< of an instant, drop-in clone by eliminating some files from the backup, here's how to proceed to eliminate files from a SD clone. Again: my advice is to just leave SD set to back up everything, and ignore what follows! If you're still reading, and aware of what I'm saying, then, here's how to eliminate chosen files from a clone operation and hence from the clone itself. When you run SD, you'll notice the popup right under the source & destination volume buttons... it usually says "backup - all files" and that's what you want for a drop-in cloned drive. To eliminate some files from that, however, go to that same popup and choose "New Copy Script." In the Description tab, enter a nice clear explanation to yourself what this script will do. Then click on the Included Scripts tab, and the + button in the lower left. That should open up to a folder called "Copy Scripts" and show you an alias to "Standard Scripts." (The actual path is ~/library/application support/superduper!/copy scripts.) Click on Standard Scripts, and from the resulting list choose "Backup - all files.dset" This will create a "backup everything" starting point. (You can, of course choose -with care- any of the others, but be sure you know what you're doing...) Now that's been added, click on the "Script Commands" tab, and look at the three panes in the lower part of the window. That's like a finder column view. What you're going to do is point that at the files you want -excluded- from the backup; in this case, all the virtual machines. Go to the first pane, and select "users"; then in the next, your home folder; then next "Documents"; then finally "Virtual Machines.localized." (Of course, you can substitute your own path here, if you're trying to eliminate something else.) With "Virtual Machines.localized" still highlighted, choose the "Add Item" button in the lower left corner. When you do, you'll see it added to the list in the upper pane. Make sure "ignore" is selected in the "Command" column, and that your full path is properly listed in the "Item Specification" column. Then click the "Close" button. That will bring up a dialog for you to save the new script with a meaningful name. You're done. Now you can select that script you just made from the pop up on the mail SD screen. When you do a clone using it, it will copy everything the full clone copies, but will not copy the huge virtual machine files. Just to repeat, however, that means that your cloned drive WILL NOT HAVE the VM files on it. If you want them, you'll have to have them backed up elsewhere, or on a drive that you cloned not using your new script, but the "backup - all files" default script.

How to update the system

Generally speaking, the update process I use and recommend is this:

a) visit and get the correct “combo” updater. There will be several, so pay attention: it’s a big download, so you want the correct one the first time. Set it aside.

b) run disk utility or DiskWarrior or Drive Genius or whatever your favorite drive utility is, and verify that the drive directory structure is OK. If not, fix it.

c) run disk utility and repair permissions

d) clone (preferably) or otherwise backup your drive.

e) some people say to disconnect everything except keyboard, mouse and monitor. (I don’t usually do that, but it won’t hurt if you do.)

f) quit any running programs (except the finder)

g) now run the combo updater.

h) let it do its thing. If it takes longer than you think is should… wait longer. If it auto reboots a couple of times, that’s just fine. Remember “42” and Don’t Panic!

disk utilities

… you know: DiskWarrior, Drive Genius 2; TechTool Pro and so on.

Over the past few days, I’ve had the “joy” of cloning and updating about a dozen drives several times each. Here’s what I’ve learned.

1) don’t have spaces in your volume names. “My_Volume” is OK; “My Volume” is not.

2) if your just-cloned destination drive shows up corrupted when you test it with a drive utility, you have a 99.999% chance that your source drive is corrupted as well.

3) You cannot do more than 3 or 4 (OK: “a few”) drive tests without restarting the disk utility in order to continue successfully.

4) Drive Genius is good, and fast, especially for a quick verify. Knowing I was going to doing all this cloning etc in advance of starting it, I decided to test Drive Genius against the venerable DiskWarrior. What I found was that if DG “verify” said the drive was OK, it was, in fact, OK. If it said it was bad, DW said so too. If DG said it fixed it, DW said it was fixed… and vice-versa. The two programs corroborated each other.

That’s nice because it’s much faster to run Drive Genius Verify than it is to run DiskWarrior.

My confidence in Drive Genius after these repeated tests is high.

As usual, however, YMMV.

Make the UserAgent in Safari stick between launches

In order to make the UserAgent “stick” between launches in Safari, one has to edit the plist which is at ~/library/preferences/ .

Find CustomUserAgent, and edit the value string.

(Find the string by hovering above the menu item in the develop/user agent menu.)

To return to plain old Safari, just delete the value string (so that it’s blank) and save the file again.

Winclone Cautionary Tale

If you use BootCamp, then you’ve probably heard of or are using Winclone, which will make a full drive backup of your BootCamp partition. Not merely handy when Windows wipes itself out, but also if you need to change drives.

Having a Winclone backup is very reassuring. (Lord knows I’d love to have something so simple for “real” PCs!)

That said, you may easily be lulled into a sense of false security: Winclone will back up your BootCamp partition -as is.-

What that means is that even if your partition isn’t really 100% right, Winclone will happily back it up.

What it -won’t do- with such images is -restore- them… the whole purpose in the first place.

So, here’s what you need to do (and if you didn’t do this the last time you used Winclone, you should probably do it now):

Do this from a BootCamp boot (not from Fusion; not from Parallels):

Boot directly into your Bootcamp OS (XP, Vista, whatever).
Run chkdsk on the partition. (There are several ways to do this for each OSen. Command Line; Properties and others. Check online or check your manual.)
Run chkdsk again.

(Yes: run it twice… or until it shows a properly working drive.)

Then boot into the bootcamp partition.
Once fully booted, choose “shutdown” from the OS.
and then do that again (Boot/shutdown.)

NOW do the Winclone backup.

And once you do a successful restore, boot into it a couple of times so that everything “settles down.”



Security: I told you so…

The Java vulnerability which is a drive-by (just visit the site, no need to click on anything) attack was stopped by my copy of VirusBarrier from Intego.

The only way you could have prevented the attack would be to run your browsers with Java disabled.

So, once again: to those who insist “we’re safe because we’re running Macs” – you are just flat out plain wrong. Pull your head out, lest your machine become a happy zombie and worsen the internet for the rest of us.

On Mac Security, April, 2009

I’ve read many of the “botnet debunking” reports on the web, usually from the die-hard “Macs are totally secure” crowd. (I used to be a member, but am no longer.)

The “debunk” always includes the line “the only place you can get this trojan is from illegal downloads of iWork ’09 or Photoshop CS4…[and] it’s hard to feel sorry for those who download illegal software.”

Ummm…. I can agree with the latter contention, but -so what?- Is that somehow the equivalent of “it’s not spreading because it’s illegal?” I don’t feel sorry for the folks who have it, because 1) they usually don’t know they have it, so it’s no problem for them, and 2) it’s ME I feel sorry for. Me and all the other internet users whose use of the internet is crippled by whatever those botnets are doing.

You know, if people wouldn’t drink and drive, there wouldn’t be so many deaths due to drunk drivers. So, what? Having said that, can we now ignore the problem? Let’s not argue about who set the fire as we watch the house burn down.

And vis-a-vis this : “the only place you can get this trojan is from illegal downloads of iWork ’09 or Photoshop CS4…” Talk about wishful thinking! At first it was “”the only place you can get this trojan is from and illegal downloads of iWork ’09 …” and then Photoshop CS4 was added. Do you -really- think that the crooks (and make no mistake, this is a money-making enterprise run by seriously bad people – the days of mostly ‘script kiddies’ are long over) will say “oops: we’ve been discovered. I guess we’ll give up now?”

Of course not: they are going to find more and more delivery mechanisms.

In fact, I personally know of one that doesn’t involve either of those two programs ( a fake Flash updater.)

Further, last month at CanSecWest, a Mac was hacked in 4 seconds by merely loading a malicious web page. Nothing illegal; nothing downloaded; nothing installed by the user – just visit the page.

And the die-hard “Macs are totally secure” crowd said… (can you guess?) “Well, you need to watch what pages you visit. If you had not visited that page, there would be no infection.”

Oh good grief: talking about being in denial! Look: if you simply disconnect your Mac from the internet it will be safe. Well almost. You’d also need to lock it in a vault; rip out the power supply and put it in a block of concrete…

I’ve been sitting in front of Apple-branded computers for almost 32 years now, full-time, making my living with them, and for most of that time, Macs -were- virtually totally secure.

Things have changed.

Based on my own experience this is where things are today:

Macs were immune for a long time because of the way that memory stacks and CPU registers worked on the Motorola CPUs, vis-a-vis the state of the art in hacking at the time. That’s the actual basis of the “Macs are secure” position… and it was true.

Then the OSen and the CPU changed. Unix is largely more secure than Windows, but less secure than the old Macs… and the long-asserted “Macs are only more secure because the market is smaller” rap began to actually show some validity, instead of ignorance.

Firewalls and NAT became more common, so the black-hats quickly adopted to using psychological engineering. (Want someone’s password? Call them up and ask them. 9 times out of 10, if you say you’re with the IT department, they’ll just tell you.) Most folks try to be helpful and are generally trusting.

And because they are that, and curious, not to mention motivated by self-interest, the next evolution was to “phishing” – faking an institution you trust.

Now it’s gotten even more sophisticated, including DNS hacks and even “drive-by” hacks (such as the CanSecWest one.)

Are Mac totally secure? No.
Are they more secure than Windows XP? Yes.
Are they more secure than Vista? Probably not.

What’s the bottom line?

Simple: the biggest security loophole is the person at the keyboard.

But does saying that mean the problem of botnets (et al) has gone away? No.

Does saying “don’t download illegal copies” fix the infections? No. (Although that’s very wise advice, as is “don’t install or open things whose provenance you can’t confirm.”)

Does “don’t visit infected sites” fix the problem? No.

Honestly: I think that many of the “debunkers” are actually in denial.

We’ve reached a stage where the bad guys are using techniques what are platform independent, so being on a Mac is rapidly becoming irrelevant.

These days the Mac is becoming a more desirable target… and not the least of the reasons for that are all the deniers who proudly proclaim that they refuse to install virus protection… and therefore will (obviously) never know -if- they’ve been hacked, while their machine happily pump out spam or run DOS attacks.

Am I screaming that the sky is falling? No: those of us on Macs are relatively more safe than other platforms. Not “safe” – just “more safe.”

If you think you’re completely safe from everything just because you’re on a Macintosh, you’re a fool.

And furthermore, IMHO, the sky IS darkening.

Don’t say I didn’t warn you.


EyeTV to H.264… fastest way

Here’s the fastest way I’ve found to get good looking H.264 out of EyeTV, starting from your recorded program file.

1) save it as mpeg stream. This takes about 1 minute per hour of video.
2)load it into VisualHub. (Yes, I know it’s been abandoned. Deal with it.)
3) set optimize for (your device) under iTunes and standard quality, and check the H.264 box. (VH uses all your cores in the CPU, so it’s fastest)

You could be done, but if you think the output is too dark, do this:

4) load resulting movie from step 3 into QuickTime Pro. (Pro. Yeah: I know. Deal with this, too.)
5) Choose window/show controls and adjust the brightness to your liking
6) Choose File/save as (self-contained).

This process takes about 1/4 to 1/3 as much time as any other way I’ve found… at least on my setup.

Bonus section:

if you record HD on EyeTV, you’ll get a “squished” 640×480 image. Go ahead and do that, and export and manipulate as above…

before you start compression in VisualHub, change the image size to 640×360. Voila! 🙂

Tag Folders

Tag Folders…
…is a free, and really useful, clever way to make use of metadata (spotlight comments.)

(I’ve written this because when you install Tag Folders, it starts asking all kinds of questions you’re not prepared to answer unless you understand what it’s doing. It’s one of those “read the manual FIRST” programs.)

Consider iTunes: you drag a music file on it, and then access it via “tags” such as artist name, genre, album, style and so on. You do _not_ access it by finding it in a folder.

In iTunes you’re using “metadata” to find the files you’re interested in.

And Leopard is all set up for that too, with files and with applications… but you have to add the metadata yourself. You do a “get info” on the file, and type in the keywords you want to use in the “spotlight comments” section.

How do you find those files then, like iTunes? You use a spotlight search that looks within the spotlight comments, of course.

Even niftier, is you can save a spotlight search as a “smart folder” (which just performs the spotlight search for you, and then shows you the results as if the files were “in” that “folder.”)

This is like choosing “classical” in iTunes, and getting a list of recordings of classical music…without any reference whatsoever as to where those files are actually located.

So, why would you even consider going to all this trouble? Well, if you only have a few files, you wouldn’t… maybe.

But leaving aside how easy or difficult it is to actually “tag” the files, let’s look at using them… and that will answer the “why” part of it.

Say you have photos of Suzy, your granddaughter. You have photos of her at home, photos at her birthday party, photos of her at the lake, and photos of her with her mom, Mary.

And being a camera-nut, you have 6,234 photos of her. And you’d like to find the shots of her with her mom during a birthday party.

Seaching thru 6,234 photos is out of the question. But if you have tagged those files with “suzy” “mom” “birthday” “lake” (where some will have just “mom” and some will have just “suzy” or “birthday”) then a smart folder looking for “suzy” and “mom” and “birthday” will show you the correct photos instantly.

You see, the secret is that you can have any number of smart folders, and you can have any number of tags.

“Great” you say “but who in their right mind would want to tag 6000 photos?”


Here’s where the cleverness of Tag Folders comes into play. They are “smarter” smart folders. Instead of just being a one-way street (find these comment/tags), they serve a two-way function.

If you just open the folder, it performs like a smart folder, showing the files that meet the search criteria.

However (here’s the clever part) if you -drop- files on Tag Folders, they will -add- the spotlight search tags to the files!

So, if you have a folder full of files of the birthday party, just drag that to the “birthday” Tag Folder, and they are all tagged with “birthday”. And if in there you have 16 photos of Suzy, just drag them to the “Suzy” Tag Folder, and they are now tagged with “birthday” and “suzy” as well. (Remember, files can have any number of tags, and so can “belong” to any number of smart folders/ tag folders.)

In a nutshell: open the tag folder, and it shows you files with the chosen tag(s); drop to it, and it places those tags on the dropped file.

Finally, sort of as a bonus, there’s Tag Prompter… sort of like a no-tags tag folder: when anything goes into it, it will prompt you to apply tags. A reminder in a sense – a watch folder.

There are lots of programs out there using tags, not just iTunes. iPhoto, Aperture, Lightroom, Expression Media, Leap.. any many more.

Tag folders is just a nice, and free, way to get things done.

Finally, this has been a _very_ limited description of Tag Folders; in fact they can be quite sophisticated, including non-spotlight criteria and nesting… but for that, you’ll have to read the docs.



Print ’til you drop!

Inspired by something I read this morning, here’s my own anecdotal experience.

Epson inkjet printers: when it says “Ink Low!” (implying “your dog will DIE if you don’t replace the offending cartridge RIGHT NOW!”

…ignore it.

Modern Epsons (at least – I have no experience with other inkjets) will print merrily along for many more pages before they will finally say “OK: enough is enough – I simply refuse to print any more!” at which point, you replace the cartridge.

Again, YMMV, but with mine, even if it’s half way thru printing an image, it will pause, and present you with the cartridge tray, and let you replace the empty cart with a new one…and then happily resume printing right from where it left off. You’ll never see the difference.

However: the key to this is to NOT go into “replace-the-cartridge-mode” (meaning don’t hit cancel; don’t hit pause; don’t do a thing except replace the cartridge. If you do otherwise, you’ll lose what’s been printed so far, and will have to start over.)

And, as to laser printers, at least with my HP color one: it will start whining early on about how low the toners are. There’s two things to that:

1) there’s a menu selection (buried, of course) that you can use to tell it to quit complaining and just keep printing; and

2) once it starts complaining, (or you see the “low supplies” in the print dialog box) you probably have a ways to go.

I’m at that point now, and I printed out a report on the “remaining consumables” – and it turns out it, each of those “dangerously low” cartridges were fully capable of printing…

…wait for it..

345 -more- pages!