Plenty of MailBITS about happenings in the computer industry lead off the issue, including important notes about Photoshop 3.0 and Apple's announcement of new PowerPC-based Performa models. Solitaire Till Dawn 2.0 just came out with fifteen new games, plans for the second annual WWW conference unfold, Tonya announces her Word 6 Starter Kit, and the issue draws to a close with the first part of an article discussing Internet firewalls.
This issue of TidBITS sponsored in part by:
InfoSeek may turn into a popular Internet service as the Internet becomes more commercialized. People continually ask why such-and-such isn't available on the Internet, and all too often the answer is, "Because they can sell that data, so why would they give it away?" InfoSeek has an extremely accurate searching engine and some of that sort of data, in this case part of the Ziff-Davis Computer Select database of computer publications. InfoSeek includes 147 publications (some full text, some just abstracts) for a total database of over 79,000 articles (324 MB) ranging from Nov-92 to Dec-93. You can search everything with plain English queries using a Web browser (although MacWeb and Mosaic 1.0.3 don't work with InfoSeek - I used Mosaic 2.0a8 successfully, and Lynx works fine for command-line folks).
Until 14-Oct-94, InfoSeek accounts are free; after that they will be commercial (InfoSeek plans to automatically close free accounts after 15-Oct-94, and you will never be billed as a result of having set up a free account), so if you want to play with InfoSeek for free to see if full text searching on mainstream magazines is useful to you (it's tremendously useful to me), get an account soon. After 15-Oct-94, the Computer Select database will be brought up to date and maintained, although pricing hasn't yet been set. Send email to <email@example.com> for information on how to get an account. They've asked me to request that you put "TidBITS" in the Subject line. Feel free to connect to InfoSeek's Web site before you get an account, but all you can do without an account is browse the list of included publications. [ACE]
Glenn Fleishman <firstname.lastname@example.org> writes to tell us that Adobe has joined two other companies whose names start with A (Apple, with LaserWriter 8.0, and Aladdin, with StuffIt Expander 3.5) in releasing a product without removing code that made the betas expire. Thus, Adobe Photoshop 3.0 will self-destruct on 01-Jan-95 unless you run a patcher that Adobe promises to distribute by 10-Oct-94. We'll be sure to give a URL for that if we can find one. Adobe is recalling copies of Photoshop in the channel and will put out new boxes with a 3.0.1 sticker on them. [ACE]
A PowerPC-based Performa model joins Apple's lineup of consumer-oriented Macintosh models this week. The Macintosh Performa 6100 series machines sport a 60 MHz PowerPC 601 processor (as does the Power Macintosh 6100/60), and all configurations will include an Apple Multiple Scan 15 display, tray-loading CD-ROM drive, and Global Village's new TelePort Gold II modem. Various models (the 6110CD, 6112CD, 6115CD, 6117CD, and 6118CD) differ in hard drive size and bundled software; each chain of retail outlets will offer one or two configurations. [MHA]
PowerBook 500-series owners should now be able to obtain Apple's PCMCIA Expansion Module (item M2995LL/A) from dealers. The unit, which fits into one of the battery compartments on a PowerBook 520, 520c, 540, or 540c, provides a pair of slots for type II PCMCIA cards. The module appeared on Apple's 12-Sep-94 price lists, and the company expects it will be readily available. [MHA]
Claris is selling FileMaker Pro 2.1 in the U.S. for a mere $99 and in Canada for $149 until 31-Dec-94. I'm sure it's purely a marketing move, but since FileMaker Pro 2.1 generally sells for about $265 discounted, it's worth calling Claris for more information if you've been interested in getting FileMaker Pro anyway. [ACE]
Claris -- 800-3CLARIS
Nisus Software, in the throes of releasing the long-awaited NisusWriter 4.0, has also shipped QUED/M 2.7, the latest version of their programmer's editor. QUED/M 2.7 now has a CodeWarrior menu for accessing CodeWarrior commands from within QUED/M, Frontier scripting support, and THINK Debugger support. QUED/M is also MPW Projector and SourceServer aware. Upgrades are $20 from version 2.5 or 2.6, and $49 from version 2.09 or older. [ACE]
Nisus Software -- 800/281-0101 -- 619/481-7197 -- 619/481-6154 (fax) --<email@example.com>
QuickDraw GX Printer Drivers -- It will take time before all printers and fax modems have GX drivers, but Andy Ihlenfeldt <firstname.lastname@example.org> passed on some encouraging thoughts. "Through my job, I've been interested in GX printing and have had various development versions for almost two years. I have developed printer drivers under GX and would like to pass on a few comments about Apple's GX efforts. Developing a non-GX print driver is rather difficult, and I don't believe that a bug-free driver can be developed (I have a DeskWriter and am continuously annoyed by problems despite Hewlett-Packard having spent dozens of person-years on driver development). Under GX, the rasterization of the image by the print driver is all handled automatically by GX. Additionally, GX can produce output rivalling that of PostScript. As a result, good and consistent output should be common on printers from many different manufacturers. Finally, it is trivial for an experienced Mac developer to produce a printer driver for certain classes of printers. Producing a driver for a brand-X dot-matrix printer can be done in a matter of days to weeks. Perhaps the barrier preventing low-cost PC printers from being used by Macs will finally fall. The support provided by the GX team to driver developers is extensive. The GX printing team seemed interested in helping when I was working with them. I think they (and Apple in general) should be commended for their support in this area." [TJE]
Japanese or Chinese Language Kit users must wait to upgrade to System 7.5 until updates for each language kit are released around the end of this year. The System 7.5 Read Me file suggests upgrading to version 1.1.1 of the language kits, which do not yet exist. The QuickDraw GX URGENT Read Me file says the GX software requires WorldScript II version 7.2 or later, but in fact the language kit update is required as well. [MHA]
System 7.5 -- The TidBITS-243 article about upgrading to System 7.5 provoked commentary from several readers. Carsten Klapp <email@example.com> wrote, "I for one am not going to rush out and buy System 7.5 right away, as I did when System 7.1 came out, because Apple does not yet recognize the importance of the people who are the first to buy a new product. The early purchasers often dictate how well software will sell, because they tell the rest of the market whether to buy now, later, or not at all. Ideally I would like to see discounts for early purchasers of system software along with the discounts for people who purchase the software late. Those in the middle pay the full price - they did not support the development of the software by buying into it early, nor did they wait for the next version."
People outside the U.S. weren't helped much by the article, since I could find little information about how they can upgrade. It almost seems that Apple doesn't want anyone outside of the U.S. to upgrade. Andrew Pitts <firstname.lastname@example.org> had this to say, "I just rang the U.K. System 7.5 upgrade line (0181-730-2828). My pleasure at finding Apple U.K. sufficiently connected to home base to have already set up a dedicated phone line for System 7.5 info was short lived. I was informed that despite having bought a PowerBook 540 a few weeks ago (one of the lucky few, it seems), Apple U.K. is charging 30 pounds plus shipping and VAT (coming to a grand total of 41.13 pounds, (about U.S. $66) to obtain System 7.5." [TJE]
Howard Goldbaum <email@example.com> writes: The Peoria Art Guild presents Digital Photography '95, a juried exhibition to be held 21-Apr-95 to 20-May-95. The entry deadline is 01-Feb-95. This is the second year that the Peoria Art Guild has sponsored this juried competition to explore current work being created in this new medium. The images selected for the exhibition will be shown in both the "physical space" of the gallery, and in the "virtual space" of computer networks, where more than 14,000 people (as of September) have seen the 1994 exhibit.
The exhibition of winning entries will open on 21-Apr-95 and will remain on display at the gallery until 20-May-95. Exhibited work may be in any type of two-dimensional print format. Cash prizes totaling $500 will be determined by the jurors, Mark Siprut (author of The Photoshop Handbook, Random House) and Howard Goldbaum (Associate Professor, Bradley University). You may download and print out the entry form available online, at the URL below. For additional information, email Howard at the address above.
by Mark H. Anbinder, News Editor <firstname.lastname@example.org>
Director of Technical Services, Baka Industries Inc.
Last month, Rick Holzgrafe (of Scarab of Ra and Applicon fame) released a new version of his popular shareware card game, Solitaire Till Dawn. Version 2.0 includes a number of new solo card games, unlimited undo and redo, and a larger card display.
Most obvious will be the fifteen new games in STD 2.0, for a total of 24. The package includes two games invented exclusively for STD, called Manx and Tabby Cat, along with such classics as Klondike, Canfield, Pyramid, Forty Thieves, and Spider. Summaries of each game's rules are available online, and the illustrated documentation comes in PocketDoc format, which can be read onscreen or printed.
STD offers separate score-keeping and preferences for multiple users through the use of individual prefs files. Games may be saved as well; saved games can take full advantage (as easily as games in progress) of the unlimited undo and redo feature, which allows the user to back up a game step by step even as far as the beginning, run it forward again step by step, or "change history" by selecting a new move.
You can obtain Software Till Dawn directly from the author (see details below) or on the Internet at:
Registered owners of STD 1.0 may obtain the upgrade on their own and use it at no further cost. They may also mail a $5 check or money order (drawn on a U.S. bank) and a current address; OR a blank floppy, self-addressed disk mailer, and sufficient return postage, to:
Solitaire Till Dawn 2.0 Upgrade
P.O. Box 371
Cupertino, CA 95015-0371 USA
The $20 shareware payment should also be sent to that address. Although Rick doesn't yet plan to leave his day job, he's been pleased to see that STD 2.0 is his quickest shareware seller to date.
Semicolon Software propaganda
by Gerard Martin <email@example.com>
[Gerard posed an interesting challenge for this article. He loaded his original article with many World-Wide Web links, far more links than we can reasonably include. Given that TidBITS originates in straight text in order to be accessible to so many tens of thousands of people, our current method of giving links, though explicit, is a bit clumsy when the links come in large doses. Our solution to his challenge, at least for the moment, is to present visibly what his article looks like in a Web browser (one question that comes to mind is, how many links is too many?), and to provide the URL to the full article on the Web, replete with links. Enjoy. -Adam]
Funny thing about being online. You get to wondering where everybody is. We all have electronic addresses that say who we are in about the same way our postal addresses do. Maybe that's why the Second International World-Wide Web (WWW) Conference to be held in Chicago, Illinois this October 17-20, 1994 comes less than six months after the First International World-Wide Web (WWW) Conference held in Geneva, Switzerland last April. The next one is already announced for Darmstadt, Germany in April of a rapidly approaching 1995. Of course, the dates only matter for people planning to attend the event. For the rest of us, the entire conference is online in a way that we have never seen before.
The theme of the conference is "Mosaic and the Web" and the conference is among the first to utilize in any grand capacity the potential of the Hypertext Transport Protocol (HTTP). (The 37th IEEE Midwest Symposium on Circuits and Systems held last August in Lafayette, Louisiana is believed to have been the first conference to completely utilize the media rich potential of World Wide Web hypermedia - click here for Cajun music!) For example, the entire conference preparation-in-progress is one giant compound Web-space document. Every day heralds new additions to the event that promises to attract over one thousand Web-surfing enthusiasts. This convention is not about hardware and software, as the online variation of the press release will quickly inform you. Indeed, this conference is "about a revolution as significant as that engendered by the printing press."
So how does one preview the upcoming World-Wide Web conference this Fall? That part's easy. Simply click-link your way to the WWW Conference '94 Information Homepage.
The home page addresses a myriad of different interests. Want a better view of the careful unfolding of the conference preparation? Defer to the Dates and Deadlines Calendar. Want to read the best overview of the exploration into information metaphors that I have ever read? It's there too. In true carpe diem fashion Birds of a Feather (BOF) online advance discussion groups are already preparing for the day when they can meet face to face to hem and haw over issues involving, among other things, real-world publishing and the extensions and auxiliaries of Web-based content, retrieval, and mixed media display. There is even a category featuring proposals for additional BOF topics. With intermittent offline sessions every six months or so, I see no end to these discussions of vision and conundrum that greet the basic online existence.
For those planning to attend the conference, information on theatre, restaurants, nightlife, and other activities is included. International visitors are extended quick access to important numbers in case of diplomatic need. Just as easily available are other important numbers for concerns ranging from cellular phone rental to medical emergency referral. This is Chicago - where to go and what to see offers entrance into these and other places of interest to the Chicago-bound Web-surfer.
For those not planning to attend the conference, virtual participation is not only possible but invited. In addition to BOF's response index and Daniel LaLiberte's HyperNews, feedback is requested for the purpose of choosing the conference topics and events. For those who simply wish to familiarize themselves with the latest reflections and developments, there are the received papers online, which fall under categories ranging from Arts&Humanities to Publishing. It's the makings of something for everybody - and in a medium that no one has quite experienced before (and one which doesn't require the respiration of the oxygen-poor air provided for your convenience by the airline of your choice)!
by Tonya Engst <firstname.lastname@example.org>
After I quit my job as a Word Support Engineer at Microsoft last spring, I ignored Word for a few weeks and then plunged into the task of writing a book about Word 6. The book, called "Word 6 Starter Kit for Macintosh Users" (Hayden, ISBN 1-56830-035-2) is the result of long days figuring out what was happening between the lines in the beta manual and help system in order to have a book ready when Microsoft shipped Word 6. Hayden, the publisher, having noted the success of Adam's various Internet Starter Kits, has decided to do a whole line of Starter Kits, and the Word 6 Starter Kit is one of the first to join the lineup.
The Starter Kit book is not an update to my previous "The Word Book for Macintosh Users" about Word 5.1. I will update "The Word Book," but for now, the Starter Kit comes in at about 300 pages and addresses Word from a beginning and intermediate level, with an editorial slant on helping people get started (including a chapter about installing and upgrading), avoid problems, customize commands, and have a clue about what's going on behind the scenes.
If you are considering using Word 6, read my review of Word 6 in TidBITS-239., and note that to use Word 6 effectively you need a 68040-based Mac or (until Word ships in native mode) a Power Mac 7100 or 8100. The main people I worked with at Hayden on the Starter Kit used a IIci and a Power Mac 6100, and they found Word 6 frustrating. I gave up using Word 6 on my Duo 230 and do not recommend it unless you have the CPU power.
That said, if you upgrade to Word 6 and decide you want a Starter Kit to help you figure out the new features (or the old ones!), they should arrive at bookstores this week, or you can get one at a 25 percent TidBITS reader discount by ordering direct through Hayden. The list price is $25 (Hayden just switched to whole-dollar prices, hooray!), so the discount price comes out at $18.75 (plus tax and shipping). To get the discount, give the magic code WOR6 when you order.
To read the introduction to the book (which includes a list of what I think are the top twenty new features) and receive a form for email or fax ordering, send email to <email@example.com>.
Hayden Books/Macmillan Computer Publishing -- 800/428-5331
317/581-3535 -- 800/448-3804 (fax) -- 317-581-3550 (fax)
by Jonathan Hue <firstname.lastname@example.org>
Stuck behind the corporate firewall with your Macintosh? Part I of this two-part article introduces firewalls and describes common firewall configurations. Part II explains how to access the Internet from behind a firewall with your favorite Mac Internet applications, and how to safely access your internal networks from the Internet.
What is a firewall? A firewall is a collection of components (not necessarily a single computer, although a single computer is not an uncommon configuration) that protects your company's internal networks from attacks from the Internet. A firewall acts as a choke-point through which all traffic to and from the Internet must pass; it determines which types of traffic are allowed between the Internet and the internal network, which types are not, and in which directions a given type of traffic may flow. A firewall makes it easier to protect internal networks, as it represents a single point of exposure - a single machine can be secured more easily than an entire network, and having all traffic pass through a single point makes it easy to maintain audit trails of traffic to and from the Internet.
Who needs a firewall? A single Macintosh accessing the Internet via a dialup PPP connection to a service provider need not hide behind a firewall. Compared to Unix workstations, Macs are safer to expose to the Internet, because they run few, if any, TCP/IP-based daemons (this assumes your Internet connection does not route AppleTalk). If you run any MacTCP daemons (such as Peter Lewis's just-updated FTPd 2.3.0), you must make sure the access you allow does not permit a malicious intruder to damage your system.
Once you have more than a few machines, or if you have a variety of machines running on a private network, it makes sense to protect a company's assets by installing a firewall between the network and the Internet. A firewall is a cheaper and more efficient than securing every computer on a network, and many computers become much less usable when configured for high levels of security. Where I work, we have over one hundred Unix workstations, Macs, and PCs. The decision was easy: we could not connect our networks to the Internet until we had a good firewall in place.
Keep in mind that a firewall is just one part of a comprehensive computer security plan. A firewall cannot protect you against a disgruntled employee walking off with a DAT full of the "corporate jewels," nor can it check for the presence of computer viruses in programs retrieved via FTP.
What do common firewalls look like? One of the most common firewall components is the packet screening router, such as a Cisco 7000 or Livingston IRX router with packet filtering enabled. Packet filtering uses a set of rules to determine what type of traffic can pass through the router. Rules are generally based on destination address, port , and source address. A completely made up example of a rule is:
operation src addr dst addr dst port ---------------------------------------------- permit * mailhub smtp deny * * smtp
This fictitious rule permits any Internet host to send mail to your mailhub machine, but prevents mail from being sent directly to any other address on the protected network. Packet screening routers have the advantage of being configurable to allow almost kind of traffic to pass, but typically they cannot maintain detailed audit trails, and they sometimes require you to leave more "holes" in your firewall than you would like. Only a few packet screening routers (such as Firewall 1 from Checkpoint) do not have these problems. Packet screening routers are usually not used alone; instead, they are used in conjunction with other firewall components, such as a bastion host (a highly secure machine on your network). Filtering can be set up on the router so the outside world can only talk to the bastion host, but not to any other machines on the protected network.
Another common firewall component is the application-level gateway, such as Gauntlet from Trusted Information Systems, or their freely available Firewall Toolkit running on a dual-homed gateway (a computer with two network interfaces, with forwarding between the two interfaces disabled for use in a firewall application). Application-level gateways are application-specific programs which act as proxies, forwarding traffic through the firewall for a specific protocol. A separate proxy is required for each supported protocol (FTP, Telnet, HTTP, Gopher, and so on).
Some of the simpler protocols, such as NNTP and AOL's Internet access , can be proxied with a "generic" gateway. Application proxies offer excellent security, as you completely block all traffic through the firewall, and since they are application-specific, they understand the traffic that passes through them and can create detailed audit trails of the traffic they pass. The big disadvantage is that a separate proxy must be written for each supported program, and it requires detailed knowledge of the protocol used in each application to write a proxy.
The third common firewall component is the circuit-level gateway. The most popular example of this is the SOCKS package, originally written by David Koblas, now maintained by Ying-Da Lee of NEC. Circuit-level gateways have the disadvantage that the application generally must be recompiled to use the gateway (a shared library implementation of the SOCKS client library has been developed for some versions of Unix, removing the need for recompilation on some platforms). Recompiling is typically not a problem in the Unix world, as almost everyone has a compiler and access to the source code of the client they want to "socksify," but recompiling poses a significant problem in Macintosh world - even if you have the source code, the SOCKS client library is in the form of replacement functions for the BSD socket interface, so it isn't directly usable on the Macintosh. The advantage of a circuit-level gateway is that you can support just about any program which uses TCP with just a recompile, and your firewall can block all traffic. The SOCKS daemon runs on the firewall to gateway traffic through it.
Which services do I not need to worry about? Typically, you need not worry about email or Usenet news. This is because most network administrators will have set up a way to pass SMTP and NNTP traffic through the firewall to their internal mail and news hubs, and your Mac simply talks to the local SMTP, POP, and NNTP servers on the inside of the firewall. To access one of these servers on the other side of the firewall, you must talk to your network manager.
In Part II, I plan to discuss how to get popular MacTCP applications to work through a firewall, both from the inside out, and the outside in.
 A port is a 16-bit number used by TCP/IP to identify a network service. Servers are normally found at "well-known" port numbers. For example, an SMTP (Simple Mail Transfer Protocol) server (typically Unix sendmail) listens at TCP port number 25. Other services with well-known ports are Telnet, FTP, NNTP (Usenet news), and Gopher.
 AOL's Internet access uses TCP port number 5190 on host <americaonline.aol.com>. You can redirect the AOL software to a proxy server on your firewall by editing one of the CCL scripts which comes with the AOL software.
Non-profit, non-commercial publications and Web sites may reprint or link to articles if full credit is given. Others please contact us. We do not guarantee accuracy of articles. Caveat lector. Publication, product, and company names may be registered trademarks of their companies. TidBITS ISSN 1090-7017.