XProtect Plugin Checker

Are you a system administrator or power user who needs a quick way to check if your Flash or Java plugins have been blocked by Apple? Like so:XProtectPluginChecker Menu 2

Then XProtectPluginChecker is the status menu app for you!

XProtect Plugin Checker iconClick to download.

Written in BASH, sprinkled with PlistBuddy/awk/sed-Fu with a dash of mdfind magic, and wrapped with Platypus, the aim is for XProtect Plugin Checker to be able to dynamically accommodate any additions Apple might make to the Plugin Blacklist, although only Flash and Java seem to be in their crosshairs right now, who knows? Silverlight might be next, given its lack of updates (going on 10 months).

A bonus idea for making this more useful is to make a launchd script that watches the XProtect plist file(s) then fires off the XProtectPluginChecker script when they change, emailing the results to you, because knowing is half the battle!

If you find this useful or if you have some hiccups with it, let me know. UPDATE: Now with comments enabled! :]

Also related, myXProtectStatus is a similar style menu status script that lists the malware threats Apple is blocking.

Restore previous Safari version from .SafariArchive.tar.gz

Did that new Safari update break something? Want your old version back?
Simple. Thanks to Apple’s prescient yet secretive engineers, there’s a way.
Let me show you.

When Safari does an upgrade it saves the previous version in this location:
/Library/Application\ Support/Apple/.SafariArchive.tar.gz

To restore we just need to tell tar to expand the archive to the root folder:
sudo tar -xvf /Library/Application\ Support/Apple/.SafariArchive.tar.gz -C /

To be complete, delete the receipt from /var/db/receipts, in this case it is Safari 5.1
sudo rm -rf /private/var/db/receipts/com.apple.pkg.Safari51SnowLeopard.*

Reboot. (since we’ve just replaced a whole bunch of public and private frameworks the OS uses)

(Whew. This will fix the early Safari 5.1 adopters at work who now can’t use our Java based timesheet app since upgrading!)

A new start…

OK, I’ve upgraded my WordPress install, as well as trying the WP_Spamfree plugin.

You know I had 3,500 Spam trackbacks awaiting moderation? That my WP install had been hacked AGAIN, and my cryptograph plugin disabled? Sheesh. I really would like to allow comments and trackback, but the spam is horrendous (literally, quite the vilest stuff you can imagine), Anyway, here’s hoping it works. Going to give it a day or two and see how it goes.

I’ve got some good stuff planned to share. #1 being how to make standard pkg files for Acrobat Reader and CS3 and CS4… w00t.

10.4.11 DNS results from doxpara.com

The results are in for my iBook G4 running 10.4.11 with Security patch 2008-005 when using the DNS checker at doxpara

Your name server, at 206.141.xxx.50, appears to be safe, but make sure the ports listed below aren’t following an obvious pattern (:1001, :1002, :1003, or :30000, :30020, :30100…).

Requests seen for cf2cfda1b5c1.doxdns5.com:

206.141.xxx.50:3831 TXID=31583

206.141.xxx.40:6670 TXID=27344

206.141.xxx.35:49337 TXID=35665

206.141.xxx.38:10792 TXID=50022

206.141.xxx.36:11111 TXID=63897


There’s some who say things aren’t all right, but the patch from Apple seems to be satisfying the the tool of the researcher who found the bug, and ncircle doesn’t provide the command line or tool that they used to obtain these results. So for me I feel confident in this patch as-is, especially since BIND isn’t turned on anyway and I’m not using my DNS anyway (and the vast majority of Mac owners aren’t either) I’m using my DSL provider AT&T’s DNS server for resolution, so it’s them who I hope have patched all their routers. And I’m sure they did, Tuesday before last

What’s in the MacBook, MacBook Pro Software Update 1.0?

Well they forgot to enable Journalling so they just have to turn it back on with this update. And after it runs the .dist file and makes sure you have the right machine, it runs this command:
/System/Library/Filesystems/hfs.fs/hfs.util -J /
You’ll find it in the postflight file. Besides that it installs a blank dummy file in /var/tmp, because otherwise a package will complain that it didn’t have anything to do!

Anyhoo, to check to see if you have Journalling installed, there are many ways, but here’s the Terminal way:
/System/Library/Filesystems/hfs.fs/hfs.util -I /