Scott Gruby's Blog

March 26, 2009April 21, 2009

Fighting SSL and winning

I’m in the process of setting up a Zimbra server for work and as part of it, I’m documenting configuration for all types of machines and devices we use. One of the devices is a Palm OS Treo (755p in particular). I’ve done a bit of research and found that the Palm OS Treos don’t work properly with wildcard SSL certificates. So, I got my boss to approve a GoDaddy single domain certificate for $30; I assured him that this was needed for the Treos and he didn’t have a problem with that.

What I failed to read was that they also don’t work properly with GoDaddy certificates. These devices only recognize an old standard while GoDaddy is issuing certificates that adhere to a new RFC.

After much trial and error along with research, I almost gave up and admitted defeat. Everything I read today indicated that RapidSSL certificates worked. So, I was going to have to go back to my boss to approve the $69 for a new certificate; that wouldn’t be a hard sell, but telling him that I made a mistake would be harder. I started complaining to a friend that works at Palm and he pointed me to the same threads I was reading that recommended RapidSSL. I went over to RapidSSL to look at certificates. I happened to click on the Buy link (I’m not sure why as I wasn’t about to buy it), clicked the “Continue without support” link, then was pleasantly surprised to see the following:

Picture 1.png

I selected a 1 year certificate, filled out all the information, confirmed the certificate and waited. Without entering a credit card or anything else, my certificate arrived! Not only did it arrive, it was for 2 years! The certificate we purchased just 2 days ago from GoDaddy for $30 was a 1 year certificate.

I fired up the Treo 755p, setup ActiveSync and presto, it worked over SSL.

Wow, not only was I able to solve my SSL issue with the Treo, I got an extra year on the certificate.

So what did I learn? Hmmm, I’m not sure. I made a mistake, but I was able to correct it with a bunch of research and some luck.

Oh and using a Treo 755p brings back memories of developing Palm OS software. The UI seems a bit outdated and I’m glad that Palm is moving on and not resting on its laurels.

March 21, 2009March 21, 2009

Documentation made easy

About a month ago, I wrote about a program called ScreenSteps for creating documentation for work. I bought the program because nothing else was out there that I could find (I’m not ready to do video documentation), but had major reservations in that the app was created using a cross platform tool. I’ve been using ScreenSteps to create lots of documentation, but have grown increasingly frustrated at it as it is quirky. For instance, it doesn’t do auto spell checking since it doesn’t use standard Mac based text editing, re-ordering steps don’t always work, and the dialogs look like crap.

A few days ago, a product called MacSnapper was released. It had many similarities to ScreenSteps, but one huge difference; it is a Mac app through and through. I converted some documentation to it and quickly purchased it. I made a few suggestions to the developer and quickly got a response. I just have to convert the rest of my documentation to MacSnapper and then I can get rid of ScreenSteps; I kind of feel dirty using a cross platform application as applications like this just don’t act like Mac apps (I’m sure there are a few exceptions, but I haven’t seen them, yet).

March 21, 2009

Cool wall

As our son gets older, we realized that we’ll need some place to place his artwork, pictures, and our items. Most people use magnets to put this on their refrigerator, but our fridge has wood inserts on the front to match our cabinets. Unfortunately this means, magnets won’t stick to it. My parents painted their wall with some type of metallic paint, so we thought that would be cool. My wife ordered a paint additive this weekend and we received it on Thursday. I put 4 coats of primer mixed with the metallic additive on a wall adjacent to the kitchen and it seems to be working well. Magnetics stick to it and we can put pictures on it. Of course it isn’t going to hold heavy pictures like magnets on a fridge, but it looks like it will do the trick. So far, I’m quite happy with this and I hope our son likes it as well.

March 20, 2009

Flaw in San Diego’s water conservation plan

Another letter to the editor:

In your article http://www3.signonsandiego.com/stories/2009/mar/20/bn20water12926/?zIndex=70189 about the mayor announcing his plans for water budgeting, he is missing an important component, the number of members of a household. The water budget is based on water usage in fiscal years 2005-07. Using this is fine as long as other variables remain the same, namely the number of people in a household. Our son was born in May 2007 and since then our water usage has increased to wash his clothes, his cloth diapers and him. While we are doing everything we can to conserve by replacing our backyard with artificial grass and removing our front lawn to replace it with drought tolerant landscaping, not everyone can afford to do that. For families that added a child or even started caring for someone else at home in the last 2 years, this water budgeting needs another variable and that is the number of people residing at a residence. Maybe the mayor and city council will consider this before voting on the plan.

It probably won’t get published because I recently had a letter published, but we’ll see. I’m going to send this to the mayor as well.

March 20, 2009March 20, 2009

Holiday season in March?

This week was a pretty exciting week for a geek like me. Google Voice was rolled out, iPhone 3.0 was announced, and the hardware for our new Zimbra server shipped. Google Voice, the successor to GrandCentral has lots of cool features. So far I like the SMS forwarding and the voicemail transcription is interesting (it sort of works; it seemed to get a phone number pretty well). The call quality seems decent and the ability to call any number from the web site is also quite useful. I discontinued my GrandDialer application as I don’t have any time to work on it. Another developer is working on GV Mobile which looks quite promising.

iPhone 3.0 looks cool and I can’t wait to see it released.

The Zimbra hardware means that my company can start moving towards a real email solution; the hosting provider we use is just awful and quite unreliable despite their claims. In addition, running our own email will reduce external bandwidth and give us more control. The downside is, of course, that if there are problems, I can no longer point the finger!

The disappointment this week is that MIMO Monitors has said that supplies for their 740 have been scarce and don’t know when they’ll be able to get them. I had ordered one to try out. The touchscreen didn’t interest me, but the webcam did; they are having problems getting the touchscreens.

March 15, 2009March 15, 2009

Who says hacks don’t cause problems?

The other day I had lunch with a friend and a friend of his wanting to get into Mac development. We were talking and this guy said that he admired a company that created “haxies”. I said that I really disliked them as their software can cause problems left and right with the system.

The very next day, I got a ReceiptWallet crash report where the user said he pulled down a menu and tried to create a new library. This action is pretty basic and just uses actions in the nib. In this user’s case, it caused ReceiptWallet to crash. Normally I would have ignored this and just said it was some fluke, but I decided to dig deeper. Here’s the top of the crash report:

Process:         ReceiptWallet [99875]
Path:            /Applications/ReceiptWallet.app/Contents/MacOS/
ReceiptWallet
Identifier:      com.ggtenterprises.receiptwallet
Version:         2.0.9 (2.0.9)
Code Type:       X86 (Native)
Parent Process:  launchd [98]

Date/Time:       2009-03-11 16:49:08.632 -0600
OS Version:      Mac OS X 10.5.6 (9G66)
Report Version:  6

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x00000000c0226ccb
Crashed Thread:  0

Thread 0 Crashed:
0   libobjc.A.dylib               	0x935cd688 objc_msgSend + 24
1   com.apple.AppKit              	0x947c453b -[NSApplication
sendAction:to:from:] + 112
2   com.apple.AppKit              	0x9487317c -[NSMenu
performActionForItemAtIndex:] + 493
3   com.apple.AppKit              	0x94872e81 -[NSCarbonMenuImpl
performActionWithHighlightingForItemAtIndex:] + 220
4   com.apple.AppKit              	0x9484fb5a AppKitMenuEventHandler +
6608
5   com.apple.HIToolbox           	0x964d4143
DispatchEventToHandlers(EventTargetRec*, OpaqueEventRef*,
HandlerCallRec*) + 1181
6   com.apple.HIToolbox           	0x964d357d
SendEventToEventTargetInternal(OpaqueEventRef*, OpaqueEventTargetRef*,
HandlerCallRec*) + 405
7   com.apple.HIToolbox           	0x964efed2 SendEventToEventTarget +
52
8   com.apple.HIToolbox           	0x9652423d
SendHICommandEvent(unsigned long, HICommand const*, unsigned long,
unsigned long, unsigned char, OpaqueEventTargetRef*,

I then looked at what was loaded in memory and saw this:

  0xeb2000 -   0xeb4fff +com.unsanity.menuextraenabler 1.0.3 (1.0.3) /
Library/InputManagers/Menu Extra Enabler/Menu Extra Enabler.bundle/
Contents/MacOS/Menu Extra Enabler

Hmmm, looks like a “haxie” that deals with menus. While the company that makes these haxies has repeatedly said that their software doesn’t cause problems, but until users can prove to me that the problem is reproducible without the haxie installed, I have no insert in pursuing the matter. In a post about two years ago, a member of Apple’s DTS team wrote that they don’t investigate any crash that has haxies in it.

While I use one program (1Password) that patches the system, it is quite stable and only affects a few programs (Safari, FireFox, NetNewsWathcer). I’m just really tired of haxies that touch stuff that they shouldn’t.

March 14, 2009March 14, 2009

Fun with multi-homing

We have a bunch of Xserves running Mac OS X server at work. Most of the machines are only using one of the 2 built in Ethernet ports as they are on the LAN. We have 2 machines that are customer facing and we just added a dedicated inbound connection for them. Being the clever person that I am, I decided that to ease the transition between the old and new IP blocks, I’d block the new connection into the second Ethernet port and we’d be good to go. Turns out it isn’t that easy with the Darwin kernel. I setup the default connection to be the new network connection and traffic to the new IP addresses worked fine. However, traffic to the old address got hung up. After a lot of investigation, I determined it was due to Asymmetric routing. No problem, I thought, a few commands and it would work. I managed to do this in Linux by following an article, but it wasn’t so easy in Mac OS X. Basically the traffic coming in to the old IP block had the responses going out through the other Ethernet interface out over the new IP block. Many routers block this as it kind of looks like an attack of sorts.

OK, so now that I was stuck, what would I do? I spent about 12 hours on this issue and through some magic use of Apache proxies and another server, I was able to get things working. It isn’t pretty, but it solves the problem until we can get an A record changed (we have no control over that record).

Lesson learned, really, really, think carefully before deploying Mac OS X as a server; it can be quite frustrating to do things that I believe should be simple. Maybe I expect too much and OS X Server isn’t designed for me.

March 7, 2009March 7, 2009

Misinformed Author

As is pretty routine in our lousy local paper, I read an article where the author didn’t bother to do his research. He lumps LinkedIn with MySpace and Facebook as social networking sites routinely used by those under 18. Here is my letter to the editor:

In your article today (Saturday, March 7) about social networking sites, your author has clearly failed to due his research as there is a glaring mistake in the first sentence. The author lumps LinkedIn with MySpace and Facebook. Anyone that has used LinkedIn or visited its home page knows that it is for professionals and is quite unlike Facebook and MySpace. In fact, I suspect that very few people under the age of 18 use the site. I’ve used LinkedIn for several years as it has helped me establish and maintain professional contacts. In fact, I routinely receive job inquiries and last summer was offered a job based on contacts through LinkedIn. LinkedIn is clearly not the same as MySpace and Facebook.

March 1, 2009March 1, 2009

Accepting responsibility for bugs

When I make a mistake, I take full responsibility for the issue. While some people think I never make mistakes, I am human. The same goes for bugs in my software; software will never be perfect and I make my share of mistakes. I acknowledge these mistakes in my release notes where I say “Fixed”. If it wasn’t broken, then how could I fix it?

Today I had a user get on my case about me blaming others for bugs in ReceiptWallet. There are basically only 2 cases where I do this. The first is a bug where if “write metadata to PDFs” is turned on, sometimes PDFs will become corrupt. This one is quite easy to blame Apple. I’ve had users send me the original documents in question, I opened them in Preview (an application that Apple wrote), showed the Inspector, added some keywords, saved the document and then re-opened it. The result was that the document was corrupt. Recently I had a user report a very odd behavior in which the document didn’t look corrupt, but when he tried to copy information out of it, the copied text was garbage. Sure enough, I did the above steps in Preview and demonstrated the problem. Sure sounds like an Apple bug to me; I’ve reported this to Apple a few times and have seen it fixed in the next OS release. Unfortunately it keeps coming back; what that means to me is that Apple’s CoreGraphics routines for handling PDFs are not tolerant enough. Some random program implements PDF writing and then Apple has to handle it; so while I blame Apple, maybe I should blame the original PDF writing application. That, of course, would be fruitless as there are far too many of them out there. If Apple could work on their PDF handling, this issue might go ago. In any case, turning off “write metadata to PDFs” works around this bug. (I love this feature as it lets my wife enter receipts, email me the archive, and then I can just import them into ReceiptWallet with all the information intact.) This issue is clearly not an issue with ReceiptWallet except for the fact that ReceiptWallet has this option.

The second issue has to do with me blaming scanner vendors for their poor quality drivers. Anyone that has had a scanner on the Mac for any length of time knows how crappy the drivers are. I finally had my father acknowledge this after he fought with the HP drivers for the longest time (I wrote about this last August when the scanner driver reported that it used 16815 bits per pixel which means it had a ton of color information!). These drivers are typically ports from Mac OS 9; some of the UIs still look like OS 9. I see com.epson in crash log all the time; anyone that reads crash logs knows that this is in the bundle that ReceiptWallet has to load in order to run the scanner. In addition, I’ve lately seen crashes when ReceiptWallet quits.

Thread 0 Crashed:
0   libobjc.A.dylib               	0x905eb688 objc_msgSend + 24
1   com.apple.CoreFoundation      	0x93f9f372 CFBundleGetIdentifier + 50
2   com.apple.CoreFoundation      	0x93fa2dc5 __CFBundleDeallocate + 53
3   com.apple.CoreFoundation      	0x93fff768 _CFRelease + 216
4   ???                           	0x00fc5340 0 + 16536384
5   dyld                          	0x8fe13083 ImageLoaderMachO::doTermination(ImageLoader::LinkContext const

After some investigation and looking at Console logs for the users having this problem, there is clearly a message in it saying that the EPSON plugin is releasing its bundle identifier when it should not be and that the user should report this to the plugin vendor. Who should I blame in this case?

The only scanners I recommend are the Fujitsu ScanSnap and the Pentax DSMobile 600. The ScanSnap series don’t use TWAIN drivers so they can’t blow up ReceiptWallet and the Pentax DSMobile has incredibily well put together drivers. My guess is that they didn’t start from legacy code. I’ve also had an engineer at a major scanner vendor acknowledge that their drivers are pretty poor, but unfortunately it will take time to fix. (Of course, I can’t tell you which vendor.) I’d love for scanner vendors to either fix their drivers or acknowledge that they are poorly written; however, most vendors bundle some of their own software and barely test the TWAIN interface (Pentax doesn’t bundle any Mac software, so they are totally dependent on TWAIN).

So while I’d love to be able to accept responsibility for these issues in ReceiptWallet and fix them, there is nothing I can do about it (I had one user suggest that I write scanner drivers for all the scanners…after I got up off the floor from rolling around laughing, I told the user that that was not going to happen).

February 15, 2009

ScreenSteps, cool idea, but not quite a Mac app

On Friday I stumbled across ScreenSteps, a program for doing documentation by quickly and easily capturing screen shots. While I no longer do documentation for my own software, I am starting to do some internal documentation for work on things like connecting to our VPN, setting up connecting to a file server, etc. I put together one “lesson” in maybe 15 minutes and was able to stick it on our internal web site. One thing that bothered me was that there were some dialogs that didn’t look like Mac dialogs like the following (The icon looks funny and it should have been a sheet):

09-02-15 140924.png

Things like this usually indicate it was written in REALbasic. While I don’t have anything against REALbasic itself, I have problems with people slapping together programs in REALbasic and passing them off as Mac applications; in most cases they work like Mac applications, but they seem unpolished. I realize that this is a generalization, but I haven’t seem a REALBasic based program that I’d purchase (at least knowingly). ScreenSteps didn’t have the REALbasic libraries buried in its app bundle, so I knew it wasn’t built using REALbasic. So did the developers purposely create crappy looking buttons? I don’t think so. They appear to release the Mac and Windows versions at the same time, so they must be using some type of cross platform library. Ah, the about box gives me a clue. They’re using a system called Runtime Revolution. Uggh, another attempt at creating cross platform applications with the click of a button.

So the question boils down to, can I live with the sort of Mac like appearance to quickly build documentation or can I find another tool? I’m not sure, but I’m definitely not a fan of cross platform tools as they produce apps that just aren’t up to Mac UI guidelines.

AaronJ on Monitoring a SunPower Solar SystemJanuary 15, 2025
Yup. Just got the call from Freedom - they said they could look at it, take some measurements and charge…
Stan on Monitoring a SunPower Solar SystemJanuary 15, 2025
AARONJ, If Freedom Solar did not do your original installation, I am amazed that they will service you. They refused…
AaronJ on Monitoring a SunPower Solar SystemJanuary 14, 2025
I am still learning about what might be compatible with what myself. In the process of trying to get service…
Stan on Monitoring a SunPower Solar SystemJanuary 14, 2025
Does anyone have a way to access the commissioning process on the PVS6? I can logon the local network that's…
Dad on The Road to RetirementNovember 27, 2024
Do something that involve creating things. Art, music, woodworking, writing, …. Feeds a part of the brain and spirit that…