Oh my god! They‘ve done it! As it seems, Apple has introduced a really cool under-the-hood feature into Mac OS X 10.3 (you know, the black cat thing). It is some kind of auto-defragmentation within the HFS+ file system.

As documented in this Ars Technica Forum Thread, the source code for this can be reviewed in the recently posted Darwin sources.

Heres how it works: files under 20 MB in size get checked for fragmentation on open and if they are too distributed, they get reallocated. So a contiguous block of data is allocated, the data is copied over and the old data gets cleared afterwards. The result is a nicely ordered file. No need for disk doctors anymore as this seems to be a viable solution to the problem of scattered data.

Here is the fun part: the source code itself contains a nice illustration of how this thing works. It‘s so great: whirr… shhwip! :>POOF!<: *gleam*

/*
 * Relocate a file to a new location on disk
 *  cnode must be locked on entry
 *
 * Relocation occurs by cloning the file‘s data from its
 * current set of blocks to a new set of blocks. During
 * the relocation all of the blocks (old and new) are
 * owned by the file.
 *
 * -----------------
 * |///////////////|
 * -----------------
 * 0               N (file offset)
 *
 * -----------------     `´`´`´`´`´`´`´`´`
 * |///////////////|     }    whirr...   {     STEP 1 (aquire new blocks)
 * -----------------     `´`´`´`´`´`´`´`´`
 * 0               N     N+1             2N
 *
 * -----------------     -----------------
 * |       ////////| ===}|///////        |     STEP 2 (clone data)
 * -----------------     -----------------
 * 0               N shhhwip!            2N
 *
 *                       -----------------
 *     :>POOF!<:         |////*gleam*////|     STEP 3 (head truncate blocks)
 *                       -----------------
 *                       0               N
 *
 * During steps 2 and 3 page-outs to file offsets less
 * than or equal to N are suspended.
 *
 * During step 3 page-ins to the file get supended.
 */

I love it.

Huh. We have finally managed to convert the Camp Wiki to a general Chaos Computer Club Public Wiki System. Radar has spent many hours separating the Camp content and putting it in its own section (called a „Web“ in Twiki speak). If you had an account on the Camp Wiki, it should still work.

This makes the Wiki usable for more than just a single event and the new „20C3“ section invites you to use the Wiki for planning your activities at the upcoming Chaos Communication Congress in December.

I admit the CCC Wiki is still no beauty albeit being useful. Unfortunately, even the next release of TWiki (which was expected in August but still isn‘t ready) won‘t bring much in terms of CSS-based design. So it would be another hack changing the templates to allow for a more sexy look. But so far at least the features are nice. Go ahead and use it!

The Commodore Billboard is a nice site with a extensive collection of Commodore adverts, brochures and TV commercials from the 80ies. Vintage Fun!.

My recommendation: a TV spot comparing the C64 to the Apple II (MPEG-1).

The new Mail program in Mac OS X finally allows the setting of user-defined headers. So you can customize outgoing mails to your needs. Have a look at karelia to see how it works, showing an example of adding these user picture URLs to your mail in mac.com style. [via 0x2a]

Mac OS X has improved support for encryption on many levels. There is the FileVault feature storing your home directory in a dynamically growing disk image that is encrypted using the AES-256 encryption standard which can currently be considered to be quite safe. Although the feature basically works I would recommend waiting for other bravehearts to gain some experience with it as it is potentially endangering your files. I have seem at least one encrytped home directory being destroyed completely after a forced reboot on an early Panther beta version. It might be that Apple has cleared out all nasty bugs now, but you never know.

Improved handling of SSL is also part of Mac OS X as you can now have a user interface in the Keychain application to store X.509 certificates (CERTs) in your and the system certificate keychain (X509Anchors, residing in /System/Library/Keychains). For instance, if you visit the encrypted version of the CCC Home Page you will get a warning in Safari that the certificate is unknown and you might be in trouble. The only reason for this is, that the System (obviously) does not know anything about the CCC‘s own Certificate Authority (CA) handing out signed certificates for SSL encryption of web sites and mail servers. But as the public key of the CA‘s certificate is online, you can add that knowledge to your system easily.

1. Get the CCC CA‘s certificate from http://www.ccc.de/ca/cacert.pem. This is stored in the so-called PEM format, which is the BASE64-encoded („ascii savvy“) version of the ASN1 DER binary format (see here for an explanation).
2. Once downloaded, double-click or drag the file to the Keychain application. A window will pop-up allowing you to review the certificate‘s contents and to store the CERT in the Keychain of your choice. In order to make Safari accept the CA, you have to select the X509Anchor keychain, that resides in your System directory. Storing the CERT in your private keychain is possible but useless.
3. Relaunch Safari and connect to the CCC Home Page via HTTPS again. There shouldn‘t be any more warning messages now.

I have described the process for doing the same thing with Mac OS X 10.2 before. This is now obsolete as the Keychain makes it a lot easier right now.

Even more intriguing, Apple has added the X509 certificate-based support for encryption into the Mail application as well. However, I still wasn‘t able to bring it to work as many Trust Centers spitting out certificate are giving out certificates in DER format only, which Keychain doesn‘t support yet (for no obvious reason, if you ask me, but better ask Apple). It is a bit disappointing they chose the X.509 way only leaving the Web Of Trust-based popular PGP/GPG encryption behind. Maybe they just wouldn‘t want to compete with PGP products and chose to focus on the X.509 standards.

Any hints for making X.509 encryption work in Mail.app would be appreciated. I tried it with various free example certificates from TC TrustCenter and Thawte but I did not succeed persuading Mail to offer me encryption buttons (as promised in the help system) or even to verify the signatures sent to me by the Trust Centers!

The trust centers themselves seem to be quite clueless as well as they still seem to live in a browser- and Windows-centric world, offering „certificates for Netscape Navigator“ and not realizing that CERT support has to be in the core of the operation system (and in case of Mac OS X, it already is). However, Joar has found a way by importing the CERT into Mozilla first and then converting it via Mozilla‘s backup function for inclusing in Keychain.

But beware: the X.509 approach to encryption is a bit problematic in my point of view. First, you have to give away your public key to public servers which is just an option in case of PGP/GPG. Second, you have to trust a trust center and other people have to trust the trust center that it trusts you to be yourself. There is no way of including your own first-hand-knowledge of identity of persons into this process. Actually, I wouldn‘t trust most of these trust centers, especially not VeriSign and all the sub-companies they already bought as they are far too close to the usual suspects in my point of view.

Mark Pilgrim, author of the always-so-excellent Dive Into Mark blog, has made an extensive review of Panther worth checking out.

Did you know? The middle east does no longer exist and the birthplace of civilization is right in the heart of Germany! On the other hand, does this mean the USA is planning a regime change here as well? You don‘t believe me? It was on the news: have a look for yourself. CNN can‘t be wrong! Can it?

Hmm. Just started a small weblog project on the University Of Arts Berlin to give the students something to communicate and design with. Interest seems to be high but as I failed turning everybody into Macheads so far I am in need for some good RSS readers on Windows. Can somebody point me to viable solutions?

I am not looking for the typical overfeatured and misdesigned Windows app that tries to do everything and fails in anything but something like NetNewsWire on the Mac: a simple tool to read RSS channels and (maybe as another tool) a simple editor program allowing to post to a Movable Type weblog.

I know there are some Windows tools mentioned on the external resources page of Movable Type but I am asking for first-hand knowledge and/or experience about the usefulness of some tools on Windows to recommend it to our students. Any helpful comment is appreciated.

„My favorite net things“, available in an audio version as MP3 (6.4M) and video version as MPEG-1 (46.8M) sings the lovely tune of the nerd in a digital world. [via 0x2a]