Don't upgrade to OS X 10.8 Mountain Lion before reading this

Summary: It's tempting to install OS X 10.8 "Mountain Lion" immediately, but to avoid a costly mistake you need to thoroughly check all of your productivity apps to make sure that they're compatible. 

By Jason D. O'Grady for The Apple Core | July 26, 2012 -- 03:39 GMT (04:39 BST)

Apple released OS X 10.8 "Mountain Lion" ($19.99, Mac App Store) today and we Mac users tend to be quicker than most to update our software. This blog post is a cautionary tale that you should heed if you use your Mac to earn a living or if your rely on it to be productive.
First, it's important to note that 10.8 is a major update of the entire operating system. It's much different than an incremental update to an application or even an incremental update to the OS (like 10.7.4 was). If you use your Mac to make a living or perform live, you should wait until the dust settles before installing an update of the magnitude of Mountain Lion.
You've gone this far without it, so another couple of days or a week won't kill you. Or as the old expression goes "pioneers take the arrows, settlers take the land."
The problem with major OS updates like 10.8 is that they break things. And nothing's worse than installing a major update like 10.8 only to find out that one of the apps that you use daily now crashes on launch, or won't connect to the Internet. Or that your data is gone or corrupted.
Another thing to consider is that 10.8 was relased to the public just 16 days after being declared "Golden Master." This means that developers have only been testing their applications against 10.8 for just over two weeks -- assuming that they downloaded the GM on the first day it was available and that they've been testing every day since.

I recommend waiting at least a week before installing 10.8 on your production machine. Use this time to read the Apple blogs (*cough*), and the forums of the software developers that you use the most to see if issues have arisen with 10.8 that you should know about. Apple's own Mountain Lion support overview and discussion boards are a great place to start. Just search for your most critical applications and contribute to the threads.
Another site I recommend is RoaringApps.com which aggregates 10.8 compatibility reports on hundreds of applications. It's not the fastest site in the world, but it can save you a lot of heartache. Check your top applications on Roaring Apps to make sure that they're compatible before taking the leap.
Once you've waited the requisite week and done your homework, make a complete bootable backup of your hard drive before pulling the trigger on 10.8. And don't be lazy. In fact skip Time Machine completely and invest in a solid backup application like SuperDuper! ($28) or Carbon Copy Cloner ($30) and clone your entire hard drive or SSD to an external. Then boot from the backup and make sure that the backup is 100 percent operational.
If you're an early adopter and have already installed Apple's latest kitty, take the time to report incompatible apps through the above means (RoaringApps.com, Developer fourms, Apple Communities) and save others a lot of grief.

Google borrows Microsoft tactics as it ramps up Amazon cloud battle

Summary: Google and Microsoft's cloud revamps look set to dramatically change the competitive marketplace for infrastructure-as-a-service, but people are sceptical of their ability to dethrone Amazon

By Jack Clark for Cloud Watch | July 26, 2012 -- 13:40 GMT (14:40 BST)

 

Google was once a revolutionary company, but its revamped cloud offering, Google Compute Engine, shows it has fallen prey to the same type of proprietary thinking that has afflicted Microsoft in its fight to take on Amazon.

Both Google and Microsoft began their clouds with platform-as-a-service systems - closed technologies that forced developers to write their applications in a small set of languages, with little ability to control the underlying infrastructure.

read this

AWS: The complete guide to Amazon's cloud

Read more

This was a blunder for both companies as, contrary to the wisdom of the time, it was the low-end infrastructure-as-a-service model that came to take the lion's share of cloud spending.

Now, Google and Microsoft have re-jigged their clouds to better fit that model, but having spent four years working on technologies in the wrong area of the market, cloud integrators and competitors are sceptical of Google and Microsoft's ability to convince customers that their clouds are better than Amazon's.

"For them to focus on [IaaS] says to me that those behemoths, those organisations are going where the money is in the initial adoption which is in the IaaS layer," Robin Meehan, chief technology officer of cloud consultancy of Smart421, says. But "Amazon win both ways... they have a market-leading infrastructure-as-a-service offering".

Of the two, Azure is a more capable competitor, but only since it was re-engineered to include an infrastructure-as-a-service capability, according to Kevin Reid, chief technology officer of Virtustream, an enterprise-focused cloud company.

"It's very difficult to think of [Azure] as a pure deployment engine when you don't have an IaaS that goes side-by-side with it," he says. "A lot of legacy applications have a lot of interdependencies... where Microsoft had to change their tune was in realising those dependencies they had to... take care of."

And, given both Google and Microsoft have PaaS services that they have poured significant R&D into, they have an interest in making sure their technology encourages users to climb up the stack, when they are ready. This contrasts with Amazon's approach, which has been, as chief technology officer Werner Vogels puts it, to encourage services like Heroku and EngineYard to live on top of its cloud to "let a thousand platforms bloom".

Proprietary attitudes

Google's attempt to take on Amazon in IaaS could also be hobbled by its commitment to proprietary technology, and its secrecy around it: as the company's cloud sits on the same technology used to power the rest of its services, the company has been loath to disclose the precise technical details of its architecture.

"Google have wrapped it all up in a completely managed thing," James Monico, technical director of consultancy Cloudreach, says. "Amazon have gone infrastructure plus open source."

It's a similar story for Microsoft, meaning both companies may not be able to share as much information with developers about their clouds as Amazon can, given Google has an interest in protecting the technologies that power its mainstay web advertising business.

On a side note, the most noticeable effect of Microsoft and Google's entrance will probably be further price reductions by Amazon, according to Meehan, who expects the three companies to "slug it out for quite a while at very low [profit] margins to do a landgrab", and, after this has played out, they will ultimately differentiate themselves through SLAs pegged to availability.

All in all, the picture that emerges from Google and Microsoft's moves is of two rich businesses that have been caught on the backfoot by a scrappy young start-up. In this cloudy world, Microsoft has become IBM, Google has become Microsoft and Amazon has become the new Google. The way this triumvirate competes will have a huge impact on the industry.

Update Java or Kill it

Microsoft: Update Java or kill it

Summary: Microsoft is offering advice on how to protect yourself from Java-based malware. The instructions are simple: either update it, disable it, or just uninstall it completely.

By Emil Protalinski for Zero Day | July 26, 2012 -- 15:06 GMT (16:06 BST)

 

Microsoft has decided is enough is enough: Java-based malware sees no end and it's time to do something about it. The software giant points to two type-confusion vulnerabilities (CVE-2012-0507 and CVE-2012-1723) that have been very actively exploited in recent months. Redmond thus wants you to do one of three things: update Java, disable it, or uninstall it.

First, some background. Type-confusion vulnerabilities are effective because they lead to a Sandbox compromise for Java. They occur when the type safety check in Java Runtime Environment (JRE) fails to verify wrong types supplied to instructions working with different types. If the classes' type safety is broken, you can access some methods that are not supposed to be opened to processes outside of the class.

As a result, Microsoft's first recommendation is to update your Java installation. To check the version of JRE your browser is running, head over to java.com/en/download/installed.jsp and get the latest version.

I did that in Chrome and IE9. Google's browser informed me that "Java(TM) is required to display some elements on this page." Excellent, so I don't have Java installed in Chrome, which I use the most frequently. Next, Microsoft's browser gave me the following error:

No working Java was detected on your system.
Install Java by clicking the button below.

I know I have Java installed, but I'm guessing this error is happening because it's the 64-bit version. I wasn't suprised Oracle still hasn't fixed Sun's version check code.

Next up, Microsoft has offered guidance for those who don't want to keep Java updated. The software giant points to Apple's instructions for the Mac (support.apple.com/kb/HT5241) and details its own instructions for Windows:

If you prefer, you may also just disable your current Java Plug-in temporarily to prevent being vulnerable to Java-based threats. To do this, on Windows systems, go to "Control Panel" and select "Java". When the "Java Runtime Environment Settings" dialog box appears, select the "Java" tab. From there, click the "View" button. You can just uncheck the "Enabled" check box to disable that installation from being used by Java Plug-in and Java Web Start. Even though you can disable Java Plug-in on a per-browser basis, this method is most effective in disabling Java Plug-in system-wise.

Last but not least, Microsoft recommended you uninstall Java if you don't use it. Instructions from Oracle are available at java.com/en/download/uninstall.jsp.

After seeing Microsoft's warning, I chose to kill Java with fire. I removed it completely from my Windows 7 box. Mind you, I'll probably be doing some programming in a few months, but I'll just reinstall Java then.

"So, by following some simple steps, you can protect your machine from this malware infection by choosing to update, disable or uninstall," a Microsoft spokesperson said in a statement. "All of these will be effective for preventing currently prevalent Java based malware; it's just up to you to choose the right method to protect yourself based on your needs and situation."