EGOPOLY

I didn’t see this written anywhere, but I just tried it, and it works. With the iPhone, you can click the microphone to pause the currently playing song, or double-click to skip to the next track. This makes it very pleasant to listen to music, and IMO is what made the iPhone the “best iPod ever.”

What was really annoying was that the first iPod Touch didn’t have this feature: to skip songs, or pause, you had to pull the thing out of your pocket, look at it, wake it up and pause/skip. This made the iPod touch the “worst iPod ever,” at least as far as listening to music goes. For me, this seemingly hostile feature drop, even more than having no physical volume control, relegated the iTouch to watching movies and web browsing.

But all is forgiven. Plug your iPhone (or compatible, presumably) headphones into the iTouch, queue up a playlist. You can pause by one-clicking, skip by double-clicking. I’m hoping the new Nano has the same improvement.

For me, MobileMe has been a fucking disaster. First, during the first few days I had ENDLESS contact/calendar conflicts, and MobileMe actually deleted a random set of about 100 contacts.

That’s all settled down now, but now iDisk has become so unreliable that it’s almost pointless. If I don’t explicitly sync up a computer, and then check that something made it up to the server (via the web UI), then get on the other client computer, and push the sync button, and sometimes reboot, and push the sync button a few more times, nothing syncs. This is despite the fact that everything is set to “Automatically” synchronize.

Guess what? Copying stuff to my personal web site and manually copying it back down is less of a hassle. And I’m paying for this? Bleah.

It’s time for a new laptop. Should I get a black MacBook or a MacBook Air? I keep waffling. I basically use it for remote access to my work/home desktop computers, for web browsing and email.

Black:

Faster (33%50%)
More Disk Space (3X)
Faster Disk (5400RPM)
Has DVD
Cheaper ($300)

Air:

Awesome LED backlit display
Smaller

I’m leaning towards the BlackBook.

Update: BlackBook it is! What put me over the edge (aside from *cough* $300) was lack of an ethernet port on the Air. I don’t want to carry around a stupid dongle to plug in to a LAN.

You’d think this would just be on the install DVD, but I couldn’t find it.

http://www.apple.com/server/macosx/resources/

Most firewalls now support IPSec tunnels for VPN access. My experience has been that you need to buy some client that matches the firewall, and of course that means it has to support the OS you are running. That means that Mac support is hard to come by on the vast majority of firewalls. Cisco supports Mac with their client, but there are two problems with that: Cisco is darn expensive, and their software is ugly.

A little bit of research turned up some interesting stuff. First, OS X has IPSec support (via “kame/raccoon“) built-in. Unfortunately, there’s no GUI or wizard, so configuration requires knowledge that is pretty unattainable to non-network programming geeks, and an inconvenient learning curve for the geeks. Second, there are at least two solutions available to configure IPSec on Mac with various documentation for different firewalls.

One is VPN Tracker, which is a commercial product that costs between $150-$250. It appears to have a very good UI, a great web site, lots of documentation and a responsive support staff. The documentation and support is important because there are hundreds of firewalls out there, and they all have their own specific ways of setting up IPSec tunnels. VPN Tracker seems to have pretty good coverage: every VPN-capable firewall I’ve seen is on the list. I was not able to get the trial version working with either our Fortigate-60 or our Netscreen-50 here at work, but I might be able to; their support staff has contacted me with some questions. I’m pretty confident I could get it to work.

The other solution I found is IPSecuritas. It’s totally free, which is kind of mind-blowing as the software and website is maybe 95% as nice/slick as VPN Tracker. There seems to be a lot less documentation on various firewalls, but there’s a community-driven mechanism where people can post their solutions. I was able to get IPSecuritas working through our NetScreen 50 with the help of this web page. (And, I think I’d be able to go back and get the VPN Tracker working as well. The documentation for VPN tracker didn’t include policy changes, which I thought was odd at the time. Turns out it was odd: you need to add policies to allow the tunnel from the internet to your LAN.)

One disappointment is that the IPSecuritas software promises “split DNS.” The idea is that for hostnames internal to your LAN, it will send requests into the LAN DNS server, and for others, it will use the DNS server of where ever you are. It doesn’t work for me. This seems part of the larger problem I have with DNS on Leopard: it is exceedingly difficult to override a DNS server that comes with a DHCP address. I’m trying to figure out the story behind that.

I’m a computer geek, and I mostly hang around other computer geeks. So my views of what is really popular in terms of information technology are very skewed. I’m very aware of this bias, because at work we are trying really hard to make our software easy to use and popular with norms. That’s normal people, not computer dorks.

A vast portion of the technology arguments we have, I fully realize, are irrelevant to the norms. They don’t give shit about Unix, or Macs or Vista. They know that there are computers, and there’s the internet (or Google, which is, for a lot of people, the internet). People just want something simple that works, and all the other bullshit that we Valleywag readers care about doesn’t even register on their personal radar.

That’s what I thought as of a few days ago, anyway. I had jury duty the other morning, that great democratic cocktail shaker that stuffs a couple hundred citizens from all the American castes in one room for 4-5 hours. Mostly I just kept my head down and read my sci-fi novel. But I couldn’t help overhearing a conversation of three norms sitting nearby. One guy, maybe was in his late 50s, seemed like he owned a small business of some kind. Sounded like a good guy, I think maybe with a Woburn accent, probably not a college type. Definitely a norm. There was a college-age woman or maybe a little older: she seemed like a typical Gen Y-er, but not technical. And there was a kid, maybe 21, a semi-goth maybe. A video game junkie, probably. Also not a tech person.

I heard bits and pieces of stuff and then started listening. They were having the Mac vs. PC discussion. It wasn’t the religious thing. Nobody in the conversation was saying PCs were better. The older guy and the woman were basically spouting the party line benefits of Apple and Mac, getting some of the ideas a little wrong or garbled, but mostly getting it right. The younger guy was the PC user and he was playing the role of “I have this old PC and I need a new one, but I don’t really know about how to use Macs.” The other two were right on this, talking him through how it wasn’t a big deal, it just takes a little getting used to, and everything works so much better.

I was floored. I didn’t think it would be possible to dislodge Windows from it’s preeminent position on the desktop. No matter how bad Vista sucked, or how great OS X was. Now I’m not so sure.

I’ve written before about how great OpenVPN is, and how to set it up. I’ve always been using Tunnelblick as a nice little GUI to do the client side connection on Mac. But Tunnelblick has some problems on Leopard, and I think the maintainer is quite busy with something else; it’s been semi-broken for a while, and the last release was October 2007. The main problem is hanging: sometimes you just can’t quit, and even kill -9 doesn’t kill the process, it’s just totally zombied out. Rebooting works, but the shutdown takes a while as the OS times out on the dead Tunnelblick.

I found that Macports has openvpn2 easily available. So I simply:


sudo port install openvpn2


Then:


cd ~Library/openvpn
sudo openvpn2 --config work.conf


Actually I made an alias to do the second part so I can just quickly connect without thinking about it.

Works like a charm.

Update: my pal Kristin pointed me at this page, which is important and helpful, in that it has a pointer to a leopard tun/tap driver. Which you need.

I found this on the new readynas.com commuity site: http://www.readynas.com/?p=291. Looks like there’s lots of good stuff there.

Steve Yegge is my long lost, slightly smarter, twin brother. His recent rants have convinced me of that fact, to a scary degree. (Loves emacs, worships JWZ, not a Mac nut yet has switched, hates IDEs)

Bad news for you, Stevie, is that you’re really 41, not 40. Or maybe I’m 40, not 41. That’s a better thought.

My friend Russ found this. I can’t believe I didn’t know about it, and I can’t believe how incredibly awesome it is.

I’ve found that the “back to my mac” functionality in Leopard to be incredibly disappointing. I have a lot of Macs that I either own or am responsible for in some way: a couple at home, some at work, and a bunch at my wife’s practice. Using VNC viewers like Chicken of the VNC is incredibly inefficient and slow. So I was hoping that the “back to my Mac” thing would let me not only use the more efficient Apple optimizations to remote access, but blow through firewalls so I wouldn’t have to use ssh tunnels.

But back to my mac almost never works for me. I think I got it to work once, when I was at home, and accessing the other Mac I have at home. That’s not a very interesting use case.

Anyway, I had resigned myself to staying on Apple Remote Desktop, which is a really nice application, but is also total overkill for what I want to do most of the time: just get access to a desktop.

So, that’s all a lot of annoying background to get to a simple how-to. If you have enabled remote management on a mac, and you want to open the Leopard screen-sharing application, just do this in a terminal:

open vnc://IPADDRESS-OF-REMOTE-MAC