Fog Creek Software
Discussion Board




Question for i/PowerBook Users

Where's the insert key? :)

Specifically if you're using IDEA on OS X, the Generate... method has a quick-key of ctrl+ins. Maybe it's an EAP issue, but selecting the menu with the mouse pops up a dialog for a second, and then it disappears before I can select what I need. I was hoping the key shortcut might work.

Walter Rumsby
Tuesday, November 11, 2003

I can't find it either. I use the Code > Generate menu option while on the go. Otherwise I have an external keyboard hooked in.

Rhys Keepence
Tuesday, November 11, 2003

There is no insert. It sucks, doesn't it! Also, check it out -- one button mouse. What is this, the middle ages?

Sympathist
Tuesday, November 11, 2003

To reply to the flame-bait, there are a gazillion two-button (or more) mice available for the Mac. Hardly anyone I know uses the one-button mouse that comes standard with the Mac, although you can get by just fine with a one-button mouse by control-clicking to get contextual menus.

Brad
Tuesday, November 11, 2003

I believe the person who mentioned the one-button mouse was refferring to the track pad on the iBook and PowerBook laptops that the thread is about.

  --Josh

JWA
Tuesday, November 11, 2003

Right, one button track pad, what is this the middle ages. Sorry for the confusion.

Sympathist
Tuesday, November 11, 2003

And while I'm at it, the 17" model doesn't have a numerical keypad. If you're making the world's largest and nearly most expensive laptop, the least you could do is have a decent keyboard instead of a small keyboard in the middle of a huge flat featureless area.

Sympathist
Tuesday, November 11, 2003

yes, numerical keypad. i bought a powerbook to do sums for my accounting class.

accountant
Tuesday, November 11, 2003

These new fangled mac things dont have viruses or security vulnerabilities either. And you don't have to worry about spyware, or the OS going to shit after the installation of a few applications.

How middle ages indeed.

Rhys Keepence
Tuesday, November 11, 2003

If you don't think there's spyware on your shiney Mac, you seriously need to immediately download and register the great shareware "Little Snitch". That should correct your misperceptions. Mac has just as much spyware as the other platforms.

Sympathist
Tuesday, November 11, 2003

Um, as someone whose OS is going to shit even as we speak, very possibly because of some software I installed to tweak the way the (single-button, which actually doesn't bother me that much) trackpad works, I can say that Macs have their fair share of problems.

However, the hardware is tres sexy, and having sleep/wake as easy as closing/opening the lid makes it quite convenient for whipping out when you want to Google something or just take notes in class.

Haven't bothered trying to develop on it, though.

Sam Livingston-Gray
Wednesday, November 12, 2003

Wow, the Mac has no security vulnerabilities!

John Topley (www.johntopley.com)
Wednesday, November 12, 2003

Uhoh :-(

  2003-11-08:  OpenSSL ASN.1 Parsing Vulnerabilities
  2003-11-07:  OpenSSL Bad Version Oracle Side Channel Attack Vulnerability
  2003-11-06:  Sendmail Prescan() Variant Remote Buffer Overrun Vulnerability
  2003-11-05:  Apple MacOS X Terminal Unspecified Unauthorized Access Vulnerability
  2003-11-03:  OpenSSL CBC Error Information Leakage Weakness
  2003-10-31:  MacOS X Local Root Privilege Elevation Vulnerability
  2003-10-31:  BSD Kernel ARP Cache Flooding Denial of Service Vulnerability
  2003-10-30:  Unix Shell Redirection Race Condition Vulnerability
  2003-10-29:  Apple Mac OS X Multiple Vulnerabilities
  2003-10-29:  Apple Mac OS X 10.3 Unspecified Apple Quicktime Java Vulnerability
  2003-10-28:  Apple Mac OS X Insecure File Permissions Vulnerabilities
  2003-10-28:  Apple Mac OS X Core File Symbolic Link Vulnerability
  2003-10-28:  MacOS X Long Argv Value Kernel Buffer Overrun Vulnerability
  2003-10-28:  Apple Mac OS X Panther Screen Effects Locking Latency Vulnerability
  2003-10-04:  Multiple Vendor C Library realpath() Off-By-One Buffer Overflow Vulnerability
  2003-09-27:  Sendmail Address Prescan Memory Corruption Vulnerability
  2003-09-23:  Ntpd Remote Buffer Overflow Vulnerability
  2003-09-10:  Samba 'call_trans2open' Remote Buffer Overflow Vulnerability
  2003-09-04:  Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
  2003-07-28:  MacOS X Third Party Application Screen Effects Password Protection Bypass Vulnerability
  2003-07-24:  Apple QuickTime/Darwin Streaming Server Script Source Disclosure Vulnerability
  2003-07-24:  Apple QuickTime/Darwin Streaming Server Directory Traversal Vulnerability
  2003-07-24:  Apple QuickTime/Darwin Streaming Server view_broadcast.cgi Denial of Service Vulnerability
  2003-07-24:  Apple QuickTime/Darwin Streaming Server parse_xml.cgi Source Disclosure Vulnerability
  2003-07-24:  Apple Mac OS X Server Workgroup Manager Undisclosed Insecure Account Creation Vulnerability
  2003-07-22:  CUPS File Descriptor Leakage Denial Of Service Vulnerability
  2003-07-22:  CUPS Image Filter Zero Width GIF Memory Corruption Vulnerability
  2003-07-22:  CUPS strncat() Function Call Buffer Overflow Vulnerability
  2003-07-22:  CUPS Negative Length HTTP Header Vulnerability
  2003-07-22:  CUPS Remote Printer Addition Vulnerability
  2003-07-22:  CUPS Insecure Temporary File Creation Vulnerability
  2003-07-22:  CUPS lp Image Handler Integer Overflow Vulnerabilities
  2003-07-22:  CUPS HTTP Interface Integer Overflow Vulnerability
  2003-07-15:  Apple Mac OS X Screen Effects Password Prompt Buffer Overflow Vulnerability
  2003-06-29:  Multiple Vendor Sun RPC xdr_array Buffer Overflow Vulnerability
  2003-06-25:  Eric S. Raymond Fetchmail Multidrop Mode Email Header Parsing Heap Overflow Vulnerability
  2003-06-25:  Eric S. Raymond Fetchmail Multidrop Mode Denial Of Service Vulnerability
  2003-06-25:  Eric S. Raymond Fetchmail Email Header Parsing Buffer Overflow Vulnerability
  2003-06-13:  Apple Mac OS X DSIMPORTEXPORT Information Disclosure Weakness
  2003-06-10:  BSD TCP/IP Broadcast Connection Check Vulnerability
  2003-06-09:  Apple AFP Server Arbitrary File Corruption Vulnerability
  2003-06-09:  Apple Mac OS X Server LDAP Authentication Clear Text Passwords Vulnerability
  2003-05-23:  Apple QuickTime/Darwin Streaming Server QTSSReflector Module Integer Overflow Vulnerability
  2003-05-22:  Apple QuickTime/Darwin Streaming MP3Broadcaster ID3 Tag Handling Vulnerability
  2003-05-19:  Apple MacOS X IPSec Policy By Port Bypass Vulnerability
  2003-05-17:  Apple Safari Common Name Certificate Validation Vulnerability
  2003-05-15:  Sudo Password Prompt Heap Overflow Vulnerability
  2003-05-12:  Apple AirPort Administrative Password Encryption Weakness
  2003-05-06:  OpenSSL ASN.1 Parsing Error Denial Of Service Vulnerability
  2003-05-06:  OpenSSL ASCII Representation Of Integers Buffer Overflow Vulnerability
  2003-05-06:  OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability
  2003-05-06:  OpenSSL SSLv3 Session ID Buffer Overflow Vulnerability
  2003-04-23:  MacOS X DirectoryService Denial Of Service Vulnerability
  2003-04-10:  Apple MacOS X DropBox Folder Information Disclosure Vulnerability
  2003-04-10:  Apple MacOS X DirectoryService Privilege Escalation Vulnerability
  2003-03-31:  Apple QuickTime Player Custom URL Vulnerability
  2003-03-21:  Apple Mac OS X Keychain Access Password Disclosure Weakness
  2003-03-02:  Multiple Vendor Sun RPC LibC TCP Time-Out Denial Of Service Vulnerability
  2003-02-28:  Apple QuickTime/Darwin Streaming Server parse_xml.cgi File Disclosure Vulnerability
  2003-02-28:  Apple QuickTime/Darwin Streaming Server Remote File Existence Revealing Vulnerability
  2003-02-26:  Apple QuickTime/Darwin Streaming Server Malicious Port Request Code Injection Vulnerability
  2003-02-26:  Apple QuickTime/Darwin Streaming Server parse_xml.cgi Remote Path Disclosure Vulnerability
  2003-02-26:  Apple QuickTime/Darwin Streaming Server Parse_XML.CGI Cross-Site Scripting Vulnerability
  2003-02-26:  Apple QuickTime/Darwin Streaming Administration Server Parse_XML.CGI Directory Listing Vulnerability
  2003-02-26:  Apple QuickTime/Darwin Streaming Server Command Execution Vulnerability
  2003-02-26:  Apple Quicktime/Darwin MP3 Broadcaster Filename Buffer Overrun Vulnerability
  2003-02-25:  Apple MacOS Classic TruBlueEnvironment Environment Variable Privilege Escalation Vulnerability
  2003-02-25:  Apple File Protocol iDrive Administrator Login Weakness
  2003-02-24:  Multiple Vendor rpc.statd Arbitrary File Creation / Deletion Vulnerability
  2003-02-12:  Multiple Vendor TCP Initial Sequence Number Statistical Vulnerability
  2003-01-28:  Mod_SSL Off-By-One HTAccess Buffer Overflow Vulnerability
  2003-01-10:  Multiple Vendor Telnetd Buffer Overflow Vulnerability

Just me (Sir to you)
Wednesday, November 12, 2003

"These new fangled mac things dont have viruses or security vulnerabilities either."

You should tell Apple, Rhys, because it appears they don't appear to agree with you. Mind you, I guess you know the product better?

Robert Moir
Wednesday, November 12, 2003

http://www.gnufoo.org/ucontrol/ucontrol.html

Its a utility to help you remap your keyboard in OS X.

As for developing on the Mac, I'm only getting started with Cocoa but I'm terrifically impressed.  There's a lot of power available in a fairly intuitive fashion.  And XCode is a really nice development environment - and Interface Builder is just a pleasure (although it really requires more screen real estate than a 12 inch laptop can offer).

As for the security vulnerabilities, be aware that Apple seems to be disclosing some relatively insignificant vulernabilities (file existance broadcasting) and things which seem to appear only within certain packages (QTSS).  Also, is there a cross-comparison with any *BSD branches to see how many vulnerabilites are outside the Apple sphere and truely reside on the BSD branches?  Concurrently, how many have been resolved and how readily were they resolved.  Additionally, how many known exploits exist?  There's a lot to consider when talking about vulnerabilities in code.

Lou
Wednesday, November 12, 2003

I'm with Lou I guess. Counting known vulnerabilities means shite, unless they remain unpatched for a significant time after disclosure. It's the >unknown< ones I worry about.
So I guess I want an OS that is:
a> under siege all of the time by an army of dedicated haters. This unfortunately seems to rule out OS X for now. It could be a knigth in shining armour, or a wimp standing naked in the bushes. Who knows until the games begin?
b> that holds up reasonably well under a torrent of attacks.
I'd say the latest releases of Windows do that for me, but I'm sure YMMV.
c> by a company that is reacting swiftly to reported security vulnerabilities, and not just for the latest release.
Again, IMHO I'd say Microsoft is doing the rigth thing here and now, but I am sure many do hold a different opinion.

Now you might argue that it is a false argument since (a) pretty much rules out anything but Windows. Granted. But I guess I realy do believe standing up under massive attack has serious merit.
Just to be clear: I'm not saying that differnt tacticks are worse in any absolute sense. You might argue that whatever the reason, your OS X has been hit by fewer mallware, and therefore, you feel more comfortable with it. Great for you. It is just that "for whatever reason" does not give me that warm fuzzy feeling.

Just me (Sir to you)
Wednesday, November 12, 2003

"Right, one button track pad, what is this the middle ages. Sorry for the confusion."

Still, it's not a huge effort to hit the control key while you're clicking. Not quite as convenient as clicking a different trackpad button, but it doesn't take long to get used to it, especially if you're accustomed to using keyboard commands. Why add a second button to the trackpad when you can use an existing and easily accessible key to do the same trick?

Brad
Wednesday, November 12, 2003

I have a powerbook and love it.  But my biggest gripes are the one button trackpad, and that it has no delete key!  It's got a key that's *labeled* "delete", but that's really a backspace key.  (remove the character before the cursor, not after it.)  I want my delete key!

But the other cool things about it more than make up for these shortcomings, so I'm happy.  As for the price/performance ... it can be hard to justify the mac, but it's a nice machine.

Michael Kale
Wednesday, November 12, 2003

"I want my delete key!"

You've got it. Just press the function key (Fn) while pressing the delete key and it becomes a forward delete key. That's the way it works with all of Apple's notebook computers.

Brad
Wednesday, November 12, 2003

To answer the original question, just assign a different key binding.  I use IDEA on my 12" Powerbook a lot and put Generate on Command-\.  That's kinda where Insert would be if it was there :-)  I use a PC at work and have no problems switching back and forth between the key mappings.

Adnams
Wednesday, November 12, 2003

"Why add a second button to the trackpad when you can use an existing and easily accessible key to do the same trick?"

Why not save teh extra money and improve it further by switching to a 10 key chording tablet and get rid of QWERTY altogether since you believe fewer keys and more multi-key combinations are such an advantage?

Sympathist
Wednesday, November 12, 2003

One key point about the two button issue: the UI doesn't need a second button much.  Look at panther's finder, which has a toolbar button that brings up the context menu for an object, and may be clicked with the left button.

H. Lally Singh
Wednesday, November 12, 2003

That's your take, Sally. As for me, the UI interface *I* use in Jaguar and Panther does benefit substantially from a second mouse button, and also the mouse wheel, and also a fourth fifth sixth and seventh mouse button.

Amazing how people will knock superior technology they've never tried to use while speciously justifying inferior technology that is severely lacking. Just... simply... amazing.

Sympathist
Wednesday, November 12, 2003

yeah, while being able to crtl-click and fn-delete are much better than not having any option for right-click and not-backspace-delete, it is cumbersome to do need to do that.  (Especially when you're already chording it together with another key to delete an entire word, etc.)  Regardless, thanks for the tip.  At least the Mac keyboards have the little knobs on the 'f' and 'j' keys now ... that used to really drive me crazy!

Michael Kale
Wednesday, November 12, 2003

I'll attribute my above comments to an off morning. I am a reasonably OS-neutral person (happen to be writing this on a wintel machine right now). I'm just kinda happy that I have a rock solid laptop, with minimal security problems (none of those vulnerabilities listed above are likely to worry me - I'm not running a server).

By spyware, I am referring to daemon processes for data collection and to pop up windows, etc. I had to remove one yesterday on a clean test PC. All we had installed was xenu, a link checking spider - we weren't exactly talking kazza here. Phoning home is all I have ever come across on the mac, and really isn't a big deal. I have a firewall to protect against that regardless.

Rhys Keepence
Wednesday, November 12, 2003

*  Recent Topics

*  Fog Creek Home