[cmeisenzahl]

Which do you prefer?

Chris

[xmacintosh]

I prefer YASU!

[Randman]

Macjanitor should be compared with Macaroni, I would think.

I've always liked Cocktail but Onyx seems more stable these days.

[OSxMeistro101]

I like Onyx. Solid.

[CharlesS]

None of the above. Most of the things these utilities do are not really necessary.

[OSxMeistro101]

That wasn't the question now was it? He asked which was the best of the listed programs.
If you think they are not necessary, then that is fine, but he never asked if they were necessary.

[CharlesS]

His question was, "Which do you prefer?" I prefer... none of the above.

I mean, what do these things do?

- Clean caches? This hoses all your default application binding settings, and is not necessary unless you're having problems.

- Run cron scripts? In Tiger, there are no cron scripts anymore! Check out /etc/crontab yourself. The periodic scripts are handled by launchd now, and if your computer is asleep when they're supposed to run, they run automatically when the computer wakes up.

- Delete all rotated log files? Isn't that handled already by the periodic scripts mentioned just above?

- Repair permissions? Again, unnecessary unless you're having problems.

What's even better is that some of these utilities have been occasionally known to launch tasks by piping your password to grep using echo, so that anyone can read it by typing ps -ax. In such a case, all an enterprising virus writer would have to do would be to have his malware check ps every so often, and once he sees your password, he could get root access and own your machine. I know that Cocktail at least used to do this; I have no idea whether they've fixed it or not by now, but still, it would make me a bit uneasy...

[cmeisenzahl]

Originally Posted by CharlesS

His question was, "Which do you prefer?" I prefer... none of the above.


- Run cron scripts? In Tiger, there are no cron scripts anymore! Check out /etc/crontab yourself. The periodic scripts are handled by launchd now, and if your computer is asleep when they're supposed to run, they run automatically when the computer wakes up.

Charles, please tell me more about this. This is exactly the reason I was looking at those apps. Can you point me to any more info on this change? Very interesting, thanks!


Chris

[Randman]

You're wrong about the cache.

[meta-phor]

errrr ok so have I been 'hosing' my thingymagigs by running onyx? I actually didnt know that Tiger was different to Panther in relation to cron doobies thus why I was hapily running Onyx.
So I guess I don't need Onyx or anything anymore?
Oh and btw used Onyx since I switched and havent had any trouble with it.

[CharlesS]

Well, if you change the default application for certain files types, like .txt for example, and then clear the LaunchServices cache, you'll erase that default application setting that you set.

Try it sometime if you want - change the default app for .txt from TextEdit to something else, like MS Word. Then delete the LaunchServices caches (they're in /Library/Caches, all the files in there that begin with com.apple.LaunchServices) and reboot. Now double-click a .txt file - the default app will most likely be TextEdit again.

[meta-phor]

well i will be jiggered....now I know why that was happening!!!!

[DarwinX]

Onyx

[CharlesS]

Originally Posted by meta-phor

well i will be jiggered....now I know why that was happening!!!!

Yep, which is why I generally leave the caches alone.

Don't get me wrong; clearing the LS caches is a great idea to try if you are having problems with the sort of things LS handles - icons not displaying correctly, documents not opening with the correct default application, the OS being unable to find certain applications, etc. But if everything's working fine, why waste the time of having to go and set all your default apps again? Just leave the caches alone.

[alphasubzero949]

Cocktail and OnyX both echo your passwords in the clear.

CharlesS is right; there is no reason to use these utilities. Cache cleaning and permissions repair should ONLY be done if you experience problems. launchd runs the periodic scripts (unless you install anacron, which uses launchd anyway).

Cocktail Taken Apart - http://www.rixstep.com/4/2/cocktail,01.html
Cocktail Broadcasting Passwords in the Clear - http://www.rixstep.com/1/20050501,03.html
OnyX Broadcasting Passwords in the Clear - http://www.rixstep.com/1/20050502,00.html

[Rob van dam]

You could try "main menu"

[wataru]

How about "Terminal"?

[kcmac]

I'm with Rob. Give MainMenu a try. Very convenient. Onyx was a mess when Tiger came out and i went with MM ever since.

[alphasubzero949]

Originally Posted by wataru

How about "Terminal"?

No kidding.

[iluvmymactoo]

I read the links given above on Cocktail, I'm not much of a programmer person, so much of what was mentioned there went over my head anyway. However with regard to the admin password being sent in the clear by Cocktail I have had no ill effects from this. As a matter of fact I'm not even sure this is happening. I've used Cocktail since it's free days, I only install the app itself (not the extras) and it has not caused me any harm.

I know some of you mention use Terminal, but I haven't the faintest idea of what to do there as I'm sure many people don't.

As for the Cron scripts not happening in Tiger This is the first I've heard of this. Where is the Apple document mentioning that?

[TETENAL]

All these applications are simply not needed.

[CharlesS]

Originally Posted by iluvmymactoo

As for the Cron scripts not happening in Tiger This is the first I've heard of this. Where is the Apple document mentioning that?

You could probably find it in Apple's developer documentation somewhere, but the easiest thing to do is type this in the Terminal:

more /etc/crontab

and see what's there!

[wataru]

Originally Posted by iluvmymactoo

I read the links given above on Cocktail, I'm not much of a programmer person, so much of what was mentioned there went over my head anyway. However with regard to the admin password being sent in the clear by Cocktail I have had no ill effects from this. As a matter of fact I'm not even sure this is happening. I've used Cocktail since it's free days, I only install the app itself (not the extras) and it has not caused me any harm.

What the article said was basically this: Cocktail is a bloated piece of crap that doesn't do anything you can't already do for free, and it does it in such a way that it puts your machine at great risk. It doesn't matter if you don't use the extras; the app itself is horribly flawed.

Of course you haven't seen any harm. You won't see any harm until someone has grabbed your password and has stolen your data or fubar'ed your machine (in other words, until it's too late). Why take the chance?

I know some of you mention use Terminal, but I haven't the faintest idea of what to do there as I'm sure many people don't.

So learn. I'm sure you didn't know how to use a computer at one point, but that didn't stop you from trying. You can be lazy about this if you want, but don't come crying to us when your box gets pwned.

[CharlesS]

Originally Posted by wataru

So learn. I'm sure you didn't know how to use a computer at one point, but that didn't stop you from trying. You can be lazy about this if you want, but don't come crying to us when your box gets pwned.

Now this is swinging a bit towards the other extreme. I don't really like telling users to use the Terminal, mainly because it's so easy to thoroughly hose everything if you don't know what you're doing. Fortunately in this case, most of the stuff that these utilities just doesn't need to be done on a regular basis. And for most of those, there's some other GUI way to do it.

Examples:

Cron scripts: There are no scripts run by cron in OS X anymore, so it's a moot point.

Prebinding: It hasn't been necessary since 10.2, and then Tiger doesn't even use prebinding anymore for anything other than some libraries. Updating the prebinding generally does a whole lot of nothing these days, so it's a moot point.

Repair Permissions: You can do this just fine with Disk Utility, and you don't need to do so very often since it's only needed if you're having problems.

Clearing caches: You can do this just fine with the Finder by going to /Library/Caches and/or ~/Library/Caches and deleting files manually, and you don't need to do this very often since it's only needed if you're having problems.

[alphasubzero949]

Originally Posted by iluvmymactoo

I know some of you mention use Terminal, but I haven't the faintest idea of what to do there as I'm sure many people don't.

Besides, there are many tutorials on the web if you google for them.

Originally Posted by CharlesS

Repair Permissions: You can do this just fine with Disk Utility, and you don't need to do so very often since it's only needed if you're having problems.

Actually, you don't even need Disk Utility. What bugs me more than anything is that DU relies too much on the presence of /Library/Receipts/BaseSystem.pkg in order to function. Maybe for the "special permissions," but that's about all. It's even dumber of Apple to put that folder in /Library where it can be easily deleted, making DU and diskutil all but useless.

All it's really doing, for those who don't know, is resetting everything in /Applications to root:admin 775.

[CharlesS]

Originally Posted by alphasubzero949

Actually, you don't even need Disk Utility. What bugs me more than anything is that DU relies too much on the presence of /Library/Receipts/BaseSystem.pkg in order to function. Maybe for the "special permissions," but that's about all. It's even dumber of Apple to put that folder in /Library where it can be easily deleted, making DU and diskutil all but useless.

Well, if you consider repairing permissions to be the only thing that Disk Utility is good for. I would strongly disagree with that - I consider Repair Permissions to be the least important feature of Disk Utility.

[osxrules]

Originally Posted by alphasubzero949

Cocktail and OnyX both echo your passwords in the clear.

CharlesS is right; there is no reason to use these utilities. Cache cleaning and permissions repair should ONLY be done if you experience problems. launchd runs the periodic scripts (unless you install anacron, which uses launchd anyway).

Cocktail Taken Apart - http://www.rixstep.com/4/2/cocktail,01.html
Cocktail Broadcasting Passwords in the Clear - http://www.rixstep.com/1/20050501,03.html
OnyX Broadcasting Passwords in the Clear - http://www.rixstep.com/1/20050502,00.html

I don't know if I trust that guy. If cocktail does leave your password in the open then fair enough but how many other apps do the same thing?

Also, there are far more unsecure things in OS X that would be a lot easier than that to exploit. When I install a program that uses the OS X installer software and it asks for my password, not one piece of installed software has ever said exactly which folders it is accessing. It could easily overwrite my system.

My only security is my trust in the site I got it from. The installer app should tell me at every stage of the install what it is up to.

The other reason that makes me suspicious about him is that he goes on about file shredding software not being secure and that only software that implements the Gutmann 35-step overwrite method is effective and he happens to be selling it.

What he fails to mention is what is said in the Gutmann paper:

"A good scrubbing with random data will do about as well as can be expected. This was true in 1996, and is still true now... In fact performing the full 35-pass overwrite is pointless for any drive"

And Apple's disk utility does this free.

This guy continually bangs on about how crap everyone else's software is and we should only trust him. If you read about his review of cocktail, he talks about them wasting hard drive space and our bandwidth to the tune of a couple of MB. God, it's almost criminal.

So what if the poor developer is trying to make people's lives easier by wrapping unix commands in a GUI and making some money at the same time? Some people (not me) think that paying for that is worthwhile because they don't want to learn about computers.

Cocktail does it's job pretty well IMO and I've used it for quite a few things. I prefer to use CLIX these days as well as OnMyCommand (which is a contextual menu equivalent) but I wouldn't go about making up an inflammatory site about any products I didn't feel were up to my standard.

[wataru]

Originally Posted by osxrules

I don't know if I trust that guy. If cocktail does leave your password in the open then fair enough but how many other apps do the same thing?

If you don't believe him, then try it out yourself and see that your password is exposed in clear text. And no, most apps don't do the same thing, because they use more intelligent ways to run subprocesses. Instead of passing your password in the clear to sudo via AppleScript, he should be using authorization services and launching his processes as NSTasks. That would avoid the problem.

[CharlesS]

Originally Posted by osxrules

I don't know if I trust that guy. If cocktail does leave your password in the open then fair enough but how many other apps do the same thing?

Not many, because most apps that need administrator access won't be written in AppleScript (see below).

Also, there are far more unsecure things in OS X that would be a lot easier than that to exploit. When I install a program that uses the OS X installer software and it asks for my password, not one piece of installed software has ever said exactly which folders it is accessing. It could easily overwrite my system.

My only security is my trust in the site I got it from. The installer app should tell me at every stage of the install what it is up to.

Yeah, I don't trust .pkgs either. Before I install a third party .pkg, I usually check it out first to see what it's going to do, and if it's doing something simple, then I usually just extract the files and put them in place myself. But at least with .pkg, you're just giving root access to the guy who built the package. If a problem is broadcasting your password in the clear, you're giving root access to everyone. With something like that, you don't even have the security of the site you got it from...

The other reason that makes me suspicious about him is that he goes on about file shredding software not being secure and that only software that implements the Gutmann 35-step overwrite method is effective and he happens to be selling it.

What he fails to mention is what is said in the Gutmann paper:

"A good scrubbing with random data will do about as well as can be expected. This was true in 1996, and is still true now... In fact performing the full 35-pass overwrite is pointless for any drive"

And Apple's disk utility does this free.

This guy continually bangs on about how crap everyone else's software is and we should only trust him. If you read about his review of cocktail, he talks about them wasting hard drive space and our bandwidth to the tune of a couple of MB. God, it's almost criminal.

So what if the poor developer is trying to make people's lives easier by wrapping unix commands in a GUI and making some money at the same time? Some people (not me) think that paying for that is worthwhile because they don't want to learn about computers.

The guy's an extremist in many ways, and I disagree with a lot of what he says, but he's dead right in that if a program is broadcasting your password so that anyone who types 'ps -ax' can read it, then that is a serious vulnerability and a reason not to use it. He's also correct about many of Cocktail's functions being unnecessary boondoggle, for reasons I've already enumerated.

Originally Posted by wataru

If you don't believe him, then try it out yourself and see that your password is exposed in clear text. And no, most apps don't do the same thing, because they use more intelligent ways to run subprocesses. Instead of passing your password in the clear to sudo via AppleScript, he should be using authorization services and launching his processes as NSTasks. That would avoid the problem.

Actually, NSTask can't be used to launch a task as root - you have to use the Authorization functions found in the Security framework. The reason most of these "periodic maintenance" apps don't ever use the proper authorization functions is that they're usually written in AppleScript, where AFAIK it's not possible to call those C functions. The only kosher way to launch something as root in AppleScript is to use the 'do shell script "<whatever>" with administrator privileges' command. However, that's not good enough for the author of Cocktail because apparently it doesn't allow a blank password (of course, making the admin password blank is just a Bad Idea anyway, but oh well). Now, how do I know this? Well, the author e-mailed me about 2.5 years ago asking how to do authentication the way I did it, for this particular reason. I told him that it's a C API, and he can't call it from AppleScript without writing some code in C, but here's the link to an article that explains how to do it. He gave me a reply that was basically, "never mind, I figured something out."

Anyway, in my opinion, AppleScript is great for a lot of things, but it's really not the best language to use for something that requires root-level access. IMO, of course.

[alphasubzero949]

Originally Posted by CharlesS

Well, if you consider repairing permissions to be the only thing that Disk Utility is good for. I would strongly disagree with that - I consider Repair Permissions to be the least important feature of Disk Utility.

I didn't mean to say that DU is completely useless for anything else. Personally I use it for creating password-protected images to store my important backups in.

You have to look at it from a novice user's perspective if they were to trash /Library/Receipts/BaseSystem.pkg whether by accident or intentionally and then try to use DU to repair permissions.

[iluvmymactoo]

Originally Posted by alphasubzero949

Besides, there are many tutorials on the web if you google for them.



Actually, you don't even need Disk Utility. What bugs me more than anything is that DU relies too much on the presence of /Library/Receipts/BaseSystem.pkg in order to function. Maybe for the "special permissions," but that's about all. It's even dumber of Apple to put that folder in /Library where it can be easily deleted, making DU and diskutil all but useless.

All it's really doing, for those who don't know, is resetting everything in /Applications to root:admin 775.

You really don't need to be so rude!

I hardly think it's a prerequisite for using a Mac (or any computer for that matter) to learn the use of Terminal.

[alphasubzero949]

Originally Posted by iluvmymactoo

You really don't need to be so rude!

I hardly think it's a prerequisite for using a Mac (or any computer for that matter) to learn the use of Terminal.

Did you not see the after the image?

Nice to see that some people have malfunctioning sarcas-o-meters around here.

[Anand]

[QUOTE

- Repair permissions? Again, unnecessary unless you're having problems.

[/QUOTE]


I used to use cronix to run a repair permission at a given time. For some reason, a lot of our macs have permission problems and I have felt having this run every day helped. Can this be done? By an idiot like me?

[Anand]

Originally Posted by Anand

I used to use cronix to run a repair permission at a given time. For some reason, a lot of our macs have permission problems and I have felt having this run every day helped. Can this be done? By an idiot like me?

It is funny how people like to complain on these boards rather than actually helping....

I did figure out a way to do it using automator and ical. Actually, automator is really cool!

[ghettochild]

interesting thread. 1st time that I see ppl strictly advocate against using maintenance programs.

I'm fairly new to mac, and after reading dozens of threads I've checked out macjanitor and onyx. while the former seems to be a pretty straightforward app, I'm not so sure about the latter.
I prefer shutting down my imac & ibook over night to conserve energy, and sometimes my ibook keeps shut down for several days.

are programs like macjanitor and onyx really redundant, and if so, what do you recommend as far as regular maintenance is concerned?

thx. in advance for the help!

[iluvmymactoo]

Originally Posted by Anand

It is funny how people like to complain on these boards rather than actually helping....

I did figure out a way to do it using automator and ical. Actually, automator is really cool!

And how did you do that? I've never tried using Automator.

Thanks for your help

[CharlesS]

Originally Posted by ghettochild

interesting thread. 1st time that I see ppl strictly advocate against using maintenance programs.

I'm fairly new to mac, and after reading dozens of threads I've checked out macjanitor and onyx. while the former seems to be a pretty straightforward app, I'm not so sure about the latter.
I prefer shutting down my imac & ibook over night to conserve energy, and sometimes my ibook keeps shut down for several days.

are programs like macjanitor and onyx really redundant, and if so, what do you recommend as far as regular maintenance is concerned?

thx. in advance for the help!

MacJanitor is useful for seeing if the Security Framework is broken or not, because it's so simple. If some other app like Pacifist is giving authentication errors, you can run MacJanitor, see if it does the same thing, and if so, something's wrong with your Security Framework.

Other than that, though, it's pretty much obsolete in Tiger, because if your computer isn't active at the time the periodic scripts would have run, it'll just run them the next time you wake it up. Nothing is run by cron at all anymore. Even if this were not the case, the periodic scripts aren't nearly as important as some people have made them out to be.

As for things like OnyX and Cocktail, they're just thin AppleScript wrappers around some commands which for the most part are unnecessary. Other than maybe running DiskWarrior or something every once in a while, IMO you don't need an app for "regular maintenance." You're running a real OS now - you don't need to worry about doing voodoo just to keep it working.

[frankthetank966]

Onyx is solid. I do not think Cocktail works well with intel.

[frankthetank966]

Is it bad to use Onyx to adjust settings in Mac OS X such as Finder, Dashboard, Expose...