Dumping Filevault - Back to Truecrypt

Well, after reading more of my new friend Ryan's blog at http://www.macosxforensics.com/, I have decided to un-filevault my home directory in favor of the, in my opinion more secure, Truecrypt. Ryan points out in his blog that Filevault and TimeMachine don't exactly work well together:

What does this mean? It means Time Machine works quite differently for a FileVaulted account. First, Time Machine does not back up user's Home directory files while a user is logged in! A user MUST log out first. Second, a user does not restore a single file from Time Machine, rather a user restores an entire instance of their Home directory! What do I mean by that? If user "aloof" needs to bring back a file he deleted yesterday, he is going to bring back EVERYTHING he deleted yesterday.

So, basically, restoring incrementally is impossible. This seems like a real drawback to me, and even though I wont use TimeMachine that much, if you couple my concerns of how FileVault depends on the users system password, which could be compromised, its not a good solution.

When you are talking about a laptop especially, you are talking about a machine that travels with you, it has the potential to be stolen. And as a good friend of mine said - "Once you have physical access to the target device, YOU'RE DONE!" So, why make it easy for them? Truecrypt has no ties to the system security architecture. So long as you are not stupid enough to use the same pass as you log in with, you will effectively double the work the cracker needs to break your security.

Granted, its not as integrated into the OS, you cannot encrypt your whole home directory with it (that I know of yet), and you have to then manually decrypt/mount the virtual disk you are using, but it seems a much more secure method of encryption than FileVault.

To Google or Not To Google, That IS the Question

I have been using Google's Picasa web albums for quite a while now, and loved the Picasa program for Linux. But, what about now that I am on a Mac? Well, while Picasa itself isnt available for OS X (YET!) there is one nugget of Google-ie-Goodness - an iPhoto plugin to upload to Picasa Web Albums! While not as elegant as a full featured iPhoto publish to .MAC, I am sure, it does provide a nice way to easily get your photo's from iPhoto to your Picasa albums, with all the pertinent tagging info along for the ride. It can export your photos to a new album, or to an existing one as well.

So, for all you Google-heads out there thinking of going Mac, here is one more reason to go ahead and take the leap. You wont lose your ability to maintain your Picasa albums at all, and iPhoto is every bit as good as Picasa. In fact they have alot of things in common. (Remember my first post, imitation is the sincerest form of flattery?) A lot of things make me think Picasa was modeled after iPhoto, or vice versa.

More on that later...

Updates to the OS - when and how

One of the things I am going to really miss about my Linux laptop was the software patching system. Now I have used many flavors of Linux. Ubuntu has been my main course for the last couple of years, but I have much experience with RedHat/Fedora, and even Slackware if you want to dive into the wayback machine. The last several iterations have all had a commonality that there was a tool that automatically gathered data on what patches were available, simmilar to (gasp!) Windows Update. This doesnt seem to be the case in OS X. I have to manually go and see if there are patches available. That is kind of disapointing. I actually have to go and put effort into seeing if there are any patches available.

Why doesn't Apple simply have the OS check every so many times a day for updates? Is this a concious decision? Who knows. I can see that I will have to be vigilant in keeping up with the patches. I did finally break down and get the 600+ MB worth of updates I needed immediately after first boot up, but it took me almost a week.


***Correction*** The update software in OSX X just prompted me to download some patches. The timing of the prompting for applying updates is seemingly more aggressive in Linux/Ubuntu's updater.

Mail Vs Evolution

On the subject of e-mail clients, there are several available for Linux, but I always before used Evolution, which is very integrated into Gnome. Now that I am on OS X, I have started using Mail. (Couldnt they have come up with a more imaginative name - iMail, for instance?) While Evolution always had a built in calendar, iCal is so much better. Anyway, back to the subject at hand. While both email clients pretty much give you the same features, I always felt that Evolution was clunky, if not bloated. It often led me to just use the Gmail web interface for my mail since my email is hosted through Google for Domains.


I am really enjoying Mail at this point, and have not touched my Gmail interface since I began using it. I will still use it if I am without my Mac and need to check in with my mail.

Applications - what CAN'T you do with this thing?

I am blown away by the fit and finish of the apps that run on OSX. Not only the iApps, but the stuff that is available for both OSX and Linux.

Some of my favorites:

VLC - Video Lan Client - Its a media playe rthat is VERY simple and yet very robust. It can handle just about any codec out there, and is very easy to use. I like using it over iTunes for simple things like listening to streaming audio, especially online news/talk stations.

TrueCrypt - One of my favorite cross platform encryption tools. This is available for Linux, OS X, and Windows. Use it to either encrypt a whole drive/partition or a single file. Each is then decrypted and mounted as a filesystem. It supports many different encryption techniques and is very easy to use.

NoMachine Client - Use it to login remotely to my home Linux server. It uses the existing SSH server software on the Linux box to tunnel an X-Windows session to your client, so its very secure.

Skype - One of the most usefeul communications tools out there. Its a voice client, a chat client, and a VOIP phone.

Firefox 3 - Its, of course, my favorite web browser and probably always will be. I know, I know - Safari is not bad.

OS X - the rich mans Linux or something no?

They say that imitation is the sincerest form of flattery. Probably that is true, but in the IT world, everyone seems to imitate everyone else. Contrary to what you hear from Apple (Think Different), there is alot of assimilation going on. I am not sure of who is the chicken and who is the egg there, but there are alot of similarity between OS X's Finder and Gnomes Nautilus file browser.

Both have the navigation destinations on the left with folders on the right. Drag and Drop works within both to move files around. Both have the ability to browse not only local drives, but also network shares via multiple protocols.

One thing that Finder has over Nautilus in this arena is that browsing to a network share and "mounting" it allows local programs to read the files as if they were local. Nautilus has some difficulty in this, in that if the program trying to read the file doesnt understand the mount method, it wont read the file. One of the programs that I always had trouble with in this area is (VLC player) .

Both are very good file browsers, but I would have to give the nod to Finder, if for no other reason than the seemingly great ability to open up remote files in programs seamlessly.

Welcome and first post

Hi - this is a blog about my transition from using Linux exclusively to using OS X. I recently purchased a 13" Macbook, and while I have touched OSX in the past, I never got to know it to the degree I am familiar with Linux.

About me - I am a long time Linux/Unix user, having used it almost exclusively for my personal computing for the last 10 years. I have long used Linux as a server, from back in the mid 90's, working for several small to midsize ISPs. I am currently working as a Network Security Engineer, so while I am not focused on PC security in my job, I always have it in mind.

This blog will be my documentation of my journey into OS X, with comparisons and contrasts of OS X with Linux, and probably wont be extremely technical, but we will see how that goes.