Feeds:
Posts
Comments

Archive for the ‘Software’ Category

Apple’s computers are too good – they keep working and working. Case in point: we still use a Mid 2007 iMac at home. And: I also still use a Macbook Pro from Mid 2012. Certainly we’re not the only people in the world that do not throw out our computer every three or four years.

Hence it would be… nice if Apple kept the software on those older machines up to date. I understand that Apple cannot implement every last novelty on those oldies. That’s not what I’m asking for. But security patches and certificate updates can’t be that hard to integrate in some sort of update package for earlier versions of Mac OS X. After all, email is still email, and web browsers from 10 years ago are still capable of displaying most current sites. Just covering those two functional domains might allow many Mac users to use their older machines. How about it, Apple?

One of the issues posed by these older Mac OS X versions is the browser message “This Connection Is Not Private” when trying to access a site over the secure https: protocol. This message means that there is a problem with one or more certificates in the certificate chain for that particular site. Usually it’s a matter of expiration: certificates are only valid for a specific period of time. That is also the case for the certificates that were used by the Certification Authorities that sign the TLS certificates for the website. As time goes by, some of those “root certificates” expire, making browsers like Safari pop up warning messages to tell you of the problem. The correction for this problem is easy: the root certificate has to be updated, and things will work again. As long as Apple updates Mac OS X on your Mac, they will do that for you, and you don’t have to worry about this problem (at least for websites that play by the book!). However, if you’re not familiar with the underlying mechanisms in the browser, the error message is actually blocking you from accessing the site – even when in fact there is nothing wrong with it (the problem is on your Mac!).

Can this problem be fixed on older MAC OS X versions, for which Apple no longer provides updates? Luckily, the answer is yes. But it is not a “click here and you’re done” kind of fix; you need to have some experience with the Terminal application and the bash command line on your Mac, and you also need access to a Mac with a recent (preferably the latest) version of the certificates.

Here’s the procedure, paraphrased from StackExchange. To simplify things, I’ll describe how to update all system root certificates in one swoop.

  • On the ‘newest’ Mac, launch the “Keychain Access” application.
  • In the “Keychain Access” application, click on “System Roots” in the left column, and select all certifcates in the list that appears (a single click in the that list, followed by Cmd-A).
  • In the File menu, select the option “Export Items…” and save the file as “rootcerts.pem“.

All the certificates will be stored in that single file. The first thing to do now is to transfer that “rootcerts.pem” file to your ‘old’ Mac. You can do so with a memory stick or card, by email, or by using some kind of cloud storage (Google Drive, Dropbox, etc.).

To do so you should log on to the ‘old’ Mac, using a user account that has administrator rights.

  • Put the “rootcerts.pem” file in a folder, e.g. “Downloads”.
  • Open the Terminal application, and go to the folder with “rootcerts.pem” file.
  • In that folder, create a new script file called ‘trustroot.sh‘ (yes, I prefer to add a .sh extension to that file in order to recognize it as such later on), and add the following content (using pico or the text editor of your preference):
#!/bin/bash
DIR=trustrootdir.$$
mkdir -p ${DIR}
trap "rm -rf ${DIR}" EXIT
cat "$1" | (cd $DIR && split -p '-----BEGIN CERTIFICATE-----' - cert- )
for c in ${DIR}/cert-* ; do
   security -v add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "$c"
done
rm -rf ${DIR}
  • Save the file and make it executable, using the command ‘chmod 755 trustroot.sh‘.
  • Everything is now in place; all that remains to be done is the execution of the script with the following command line (plus your sudo password, of course):
sudo ./trustroot.sh rootcerts.pem

You should see a list of certificate descriptors pass by in the Terminal window.

The certificates exported from your ‘new’ Mac will now be included in the list of ‘System’ certificates (as explained on StackExchange, only Apple can update the ‘System Roots’ keychain), but they will be taken into account just as well.

You can close your Terminal session now. It’s up to you to decide whether or not to keep the ‘trustroot.sh‘ script for future use; you will have to replace the rootcerts.pem file later anyway, with a more recent version of the certificates.

If everything went well, your browser should no longer show the dreaded message – except for sites that really have an expired certificate.

PS. I have changed the location of the temporary directory in the ‘trustroot.sh‘ script to the current directory, compared to what you see on StackExchange. I did that because I got an error message when running the ‘trustroot.sh‘ script that complained about “/” being a read-only file system. Somehow the settings of my Terminal shell had chosen “/” as the TMPDIR, and you can’t just create new folders there. Since the script deletes the temporary directory anyway, it’s location doesn’t matter; it will exist for a just a few seconds anyway…

Advertisement

Read Full Post »

Yesterday I was surprised to see that there was another software update for the Samsung Galaxy Note 10+: I did not expect two updates in just two weeks.

The announcement of the updated was surprising as well. I tried to capture it as a (long) screenshot… but that turned out to be impossible: at least in Android 11 the phone the maximum vertical dimension for screenshots is 17,658 pixels. And this announcement was longer than that!

Anyway: installing the update took some time, but it finished without a hitch. So now I finally have Android 12. But in practice that does not change much. I use the phone occasionally as a camera, photo editor and as an internet browser. Visually there a few slight changes and some extra functions, but that’s mostly it, for my part.

Here’s what the machine says about its software:

Now, of course, it’s time to wonder: will Samsung also deliver Android 13 to this device? Aaaah, progress never ends…

Read Full Post »

I explicitly checked for updates a few times during the last days of 2021, since the previous version dated back to the beginning of November – we’re used to better these days! But Samsung did not come through with new patches for the Galaxy Note 10+ at the time. Yesterday evening however the N975FXXS7FUL2 software came through, and installing it brings the Security patch level to December 1, 2021 level. Here’s the full report:

Read Full Post »

 The N975FXXS7FUJ1 software update
The N975FXXS7FUJ1 software update

Read Full Post »

I forgot to mention this earlier, but on Monday my Samsung Note 10+ received the October 1, 2021 security update.

Read Full Post »

When I tried to update my iPad Pro to iPadOS 15.0.1 a good week ago I ran intro trouble: the “verification” of the update never ended, not even overnight. I had to resort to a hard reboot to regain control of the device. Figuring the next update would solve the issue, I continued to use it without the update.

This is what I saw for many hours: “Verifying update…”

The day before yesterday 15.0.2 came along, but I saw the same situation arise again.

So I did what seemed most logical to me: a complete ‘recovery’, executed from one of the Macs here in the house. It took several hours, including the necessary backup and restore. But in the end the iPad was back up and running 15.0.2.

It turns out I am not the only iPad Pro user encountering this issue. I saw a German blog pointing to “Warum lässt sich iPadOS 15.0.1 nicht auf meinem iPad Pro 10,5 nicht installieren” (Why can’t I install iPadOS 15.0.1 on my iPad Pro 10,5?). MacRumors has similar reports (and solutions) in the “iPadOS 15.0.1 ‘Software Update Failed’” thread.

Not what I expected from Apple in terms of quality, but I’m sufficiently versed in software development to know that it’s hard to avoid bugs in your code ;-). But I won’t go so easy on them if I have to resort to the same measures with the upcoming 15.1 upgrade!

Read Full Post »

The Raspberry Pi is an old topic on this blog, going back to 2012. I have been wondering whether it would be possible to run ColdFusion (or rather: CFML) on it. That would make it a neat system to try out all kinds of things that I cannot do at work.

I should have known that I’m not the only one asking that question – others have provided answers.

Brad Wood has a PiBox up and running since 2015 or so. It runs on a Raspberry Pi 2 over WIFi, if I read his blog correctly. Too bad he stopped blogging on it in 2015.

And now there is a second Pi doing something similar, although (literally) on a smaller scale: CB on the Pi is running on a PiZero with just 512 MB of RAM. As mentioned on Slack: it’s a “$20 webserver, size of a large coin“!

Nice work, guys, even if it’s just a demonstration of what is possible rather than a small but actually productive application of both the Pi and CFML !

Read Full Post »

I’m still developing software in ColdFusion, and yes: in order to keep the code base consistent I still use the CFML markup style. I also try to apply a maximum of helper tools before committing the code to versioning. Now that I use VSCodium as my IDE (it’s more than an editor!) I’m happy to include CFLint in that setup.

Here’s a tiny component to demonstrate an inconsistency in CFLint.

In this form, CFLint will complain with this message “Local variable someoutput is not used in function testLocalVariable. Consider removing it ( UNUSED_LOCAL_VARIABLE )”. OK, let’s do that.

But when you delete the line that defines the local variable, you’ll get another error message, saying “Variable someoutput is not declared with a var statement ( MISSING_VAR )”.

So in the second situation it will detect the fact that ‘someoutput’ is a local variable, while that’s not the case in the first. Strange, yes. A bug ? Possibly…

I have checked the CFLint issue list, and I did find a few tickets that signaled that CFLint is not detecting the use of local variables with <cfdocument> and QueryByQuery. But none of those mention the fact that in some checks the variable is detected, and in others not. So I added my observations to the issue list of the project: Inconsistent local variable detection? #713.

Read Full Post »

A few days ago, Samsung sent out the September 1 security patch for the Galaxy Note 10+. Just a quick installation; I did not find any details on the exact content.

The N975FXXS7FUI1 update as shown on the device

Read Full Post »

Two days ago, late in the evening, I wanted to clean up my list of “favourite” sites in the right column on this site. Since I couldn’t remember how things were handled, I went to the appearance section in the settings. What I saw, was an announcement the the widget section would now be handled with the block editor. OK. But…

The old widgets were supposed to remain available, unless I misread the announcement, no? There were pencil icons next to them, but clicking on them resulted in nothing – or so I thought. But when I reloaded the home page in another browser windows, I was shocked to see that the nice calendar had changed into a long, long list of dates! After all, there are more than 3000 posts on this site. Same for the tag cloud: it had turned into a list of categories. No, I was not amused when I saw that – and I’m doing my best to stay polite here.

Yesterday I had a bit of time to investigate. Since I’m using the free hosted WordPress service, I am not able to install the required plugin to continue editing the old widgets. The new editor showed no widgets (although the site still displayed those long lists), so I added the (new) Calendar widget… and sanity returned, more or less: the lists were replaced by a calendar, like I wanted to. The tag cloud was bit harder; the new one isn’t as nice as the old one. Even when I diminish the number of words shown, the display isn’t as readable as before, as you can see :-(

As for my links list: when I try to add the “Links” widget all I get is an unspecified error message. That’s not what I wanted in terms of “cleanup”.

It’s good that WordPress continues to evolve – yes, it’s gotten better over the years, and I’m confident that it will continue to do so. But in an evolving product it pays to take care of the old features until there is a reliable way to transform the old into the new. What I went through is no fun, and as a developer you should not force your users to go undergo such a process. Really.

Read Full Post »

There is a new markup language on the market. As a Wikificionado I like markup languages better than using any wordprocessor – for my own writing I haven’t used a wordprocessor in many, many years. Even at work I only use Word when I have to, and that has been a while ago (that probably means all I write are emails and code). And bug reports and documentation get dropped into JSPWiki and Trac and Joplin – all I need is simple markup.

I like markup for regular writing, and I use it daily in tools like Trac and JSPWiki. The trouble, of course, is that each of those tools (and many others!) uses a slightly different markup scheme.

And now there is a new contender on offer: Mau.

Click the image to go to the source code on Github

I can see where it comes from: the author needed more than what any simple markup could offer. I too have at times been frustrated by the lack of feature X or Y in any markup scheme. It surprised me to see that he did not check out LaTeX, which as far as I know should have covered his requirements. But it would probably have been too steep a learning curve.

Back to Mau: I haven’t yet tried it, but I can see that it would be a very nice tool for writing documentation. However, for me the system should be an extension of Markdown, let’s say a SuperMarkdown or MarkdownPlusPlus, rather than another variant markup scheme with subtle differences from what I know.

I guess I am not the only one to dislike “yet another divergent markup scheme”. So far I haven’t seen much traction for Mau… although it is, in a way, a very cool project. I applaud Mau’s author for making the effort – he clearly thought this through. And who knows: perhaps Mau becomes wildly successful in the future?

Read Full Post »

The last two years, and 2020 in particular, have seen much writing and talking about “digitalisation” and “digital maturity”. A quick search on the Internet makes it clear: the big consulting firms have lots of advice on the subject, magazines and blogs write about it, and there is even a five-stage “Digital Maturity Model” – how could we discuss the subject without an appropriate model ? Sarcasm aside:  there doesn’t seem to be a clear and concise definition of “digital maturity”.

Don’t expect me to deliver that definition; I’m not even convinced it is necessary. It’s a bit like “digitalisation”: the term became ‘en vogue’ the last few years, and was used in politics to defend all kinds of measures that were supposedly “transforming” enterprises and societies into something better, more future-proof, more productive, more…

I don’t know about you, but when I started my professional career in IT more than 35 years ago, we called it “automation”. I was not even part of the first wave of automation; I was among those who were going to replace the mini-computers in the sales part of the company I work(ed) for, and introduce PC’s. We were laying foundations for a lot of digital work in the enterprise, so in my view “digitalisation” started already in the 1980’s.

Anyway, here’s what CMSWire has to say about how to become digitally mature:

But it isn’t enough to throw money at a problem and buy the latest digital tools. Instead, CEOs should be focused on solving problems. The objective of digital transformation isn’t just transferring data from paper to digital, or being able to run a business off of a computer. It’s about identifying what problems and inefficiencies employees are experiencing and implementing technology solutions that will solve those problems. It’s also about empowering employees with tools to make their lives easier.

Identifying problems; finding and designing solutions; solving problems: it takes collaboration between all parties concerned to do that right. That’s easier said than done, as evidenced by the fact that an extensive industry was built around collaboration! There are many considerations to be taken into account when you’re taking the CMSWire way to improve the digital maturity of your company. Let me just list three of them.

  • There should be only one content management system in your company“. If you’re going to diverge from that rule, at least make sure that you have very good and explicit rules for doing so – there are indeed situations where you need more than one. If you don’t follow the guideline, you’ll end up with data and documents in different systems within a company, and then the question becomes: where do I store this document? Will all documents of the same type end up in a single location? That is very unlikely – and it will become problem in the (near) future: where will you find the documents you’re looking for?

  • Invest in a good enterprise-wide search engine“. “Enterprise-wide” means that ideally it should cover all data and documents that circulate within the company – if you have multiple content stores, the search engine should be able to index them all. The investment needed does not just cover the installation and runtime cost of the search, but should include the daily management of the data and metadata needed to make the search work for everyone. For example, it may seem like a little thing, but making sure that data and documents can be found using the vocabulary of the people in the company is harder than you think. Is project X called “X” when people talk about it, or do Marketing and IT use different abbreviations? If there are multiple names, how will they find documents related to the project? A bit of AI may help, but even then it may well take a full-time job (or more!) to keep your search engine running perfectly.
  • Establish clear governance rules for collaboration tools“. The pandemic of 2020 and 2021 has fueled the rapid growth of video meeting and chat tools. The problem, of course, is that there are many choices. Most of those tools are an island upon themselves, incompatible with others that do the same thing from and end user point of view. It may seem simple to pick one of them and use that for all and any communication within and outside your company – but depending on circumstances that may not be the best choice. Perhaps you want to install one on your own infrastructure, to serve all internal meetings, and use an internet-based tool for contacts with your clients or partners? There may be financial, legal, or other reasons to take or avoid that road. Regardless of the solution chosen for any type of collaboration tool, you will need to establish clear governance rules: when to use the tool; how to use it; what precautions to take when interacting with external parties; what and how to archive; etc. Those rules should just be added to an existing body of governance for other tools like paper, email, etc. – I’m assuming any organisation worth calling an ‘enterprise’ already has such rules.

I did encounter the negative consequences of not following those guidelines at least once in my career so far, and certainly in big companies it’s very difficult to get everyone aligned on a single, enterprise-wide approach. But when every division or team starts its own collaboration project and chooses its own tools it becomes very hard to collaborate on anything. Good collaboration throughout the entire company: that is a cornerstone of an effective and productive digitalisation process.

Making hard choices on an enterprise level is necessary to reach a higher “digital maturity” level; when it comes to internal tools for content management and collaboration those choices can make or break your strategy. Choose wisely!

Read Full Post »

You won’t find my life or posts or pictures on Facebook. I have my blog, of course. But also, over the years, my distrust in the company grew. There have been enough “scandals” to confirm my opinion. For those who want to know more, there’s a book titled “An Ugly Truth” written by reporters Sheera Frenkel and Cecilia Kang. This summary from the MIT Technology Review’s review of that book says:

This is what Frenkel and Kang call Facebook’s “ugly truth.” Its “irreconcilable dichotomy” of wanting to connect people to advance society but also enrich its bottom line. Chapter after chapter makes abundantly clear that it isn’t possible to satisfy both—and Facebook has time again chosen the latter at the expense of the former.

Review: Why Facebook can never fix itself

As Dave Winer writes: “It’s even worse than it appears“…

Read Full Post »

On Saturday, my Samsung Note 10+ installed the July 1, 2021 security patch. As far as I can tell, there were no other changes  included in the patch.

Read Full Post »

Yesterday, Samsung released another software update for the Galaxy Note 10+. The update includes the June 1, 2021 security patches.

Read Full Post »

Older Posts »