Installing OS X 10.11 El Capitan inside Parallels Desktop

This is actually surprisingly straightforward, once you know the hoops to jump through.

Essentially there are 4 main things we need to do:

  1. Download El Capitan from the App Store
  2. Prepare an install image
  3. Create a virtual machine
  4. Install El Capitan

So let’s take a look at those, one by one…

Step 1: Download El Capitan from the App Store

Currently you need to be a registered developer. Provided you are, you can download the beta from Apple’s website (this redeems a coupon inside the App Store, so you need to be on a Mac to start the download).

Step 2: Prepare an install image

This section is all command-line stuff, so go fire up Terminal.app. (Warning: you’ll need at least 15GB of disk space free to deal with this next section safely… more if you don’t clean up the two temporary images we build along the way)

First up we want to install the iesd Rubygem which provides a nice way to deal with Apple’s InstallESD.dmg files:

sudo gem install iesd

Now we want to use that iesd tool to build a bootable image from the installer we downloaded from the App Store:

iesd -i /Applications/Install\ OS\ X\ 10.11\ Developer\ Beta.app -o ElCapitan-base.dmg -t BaseSystem

Okay, so that’s built us a read-only (DMG format) bootable image for the installer. At the moment, though, that’s missing the copy of OS X that it actually needs to go and install into your VM. To fix that we need to get a read-write (sparse image format) copy of the image:

hdiutil convert ElCapitan-base.dmg -format UDSP -o ElCapitan.sparseimage

Let’s throw away the read-only version now:

rm ElCapitan-base.dmg

And now we want to mount the disk image so we can add some files into it:

hdiutil mount ElCapitan.sparseimage

We also want to mount the InstallESD.dmg file from inside the installer we downloaded from the App Store, as it has some files we’ll need to copy over:

hdiutil mount /Applications/Install\ OS\ X\ 10.11\ Developer\ Beta.app/Contents/SharedSupport/InstallESD.dmg

Now we want to copy the files from the Install ESD into the writable image we made:

cp /Volumes/OS\ X\ Install\ ESD/BaseSystem.* /Volumes/OS\ X\ Base\ System/

Now we want to eject both of those:

hdiutil detach /Volumes/OS\ X\ Base\ System/
hdiutil detach /Volumes/OS\ X\ Install\ ESD/

And now we need to get it back into that read-only DMG format:

hdiutil convert ElCapitan.sparseimage -format UDZO -o ElCapitan.dmg

And let’s throw away the read-write version to free up disk space:

rm ElCapitan.sparseimage

Step 3: Create a virtual machine

  1. Open Parallels, and press the + button to create a new VM
  2. Install Windows or another OS from a DVD or image file
  3. Continue without a source
  4. When asked what type of OS you’re installing be sure to pick OS X
  5. Tick “Customise settings before installation” and click continue
  6. Go to the Hardware tab, then go to USB & Bluetooth, and turn off USB 3.0 support or the installer will kernel panic during boot
  7. Go to CD/DVD 1 and insert the ElCapitan.dmg file you created
  8. Go to CPU & Memory and make sure you have at least 2048MB of RAM
  9. Go to Video and ensure you have at least 128MB of video RAM

Step 4: Install El Capitan

Okay, now comes the moment of truth: boot the Virtual Machine and you should be presented with a white Apple logo on a black background for a few minutes, followed by the El Capitan installer.

Credit where credit’s due…

This post was originally inspred by this post by TheBressman on Reddit, however that was missing some steps, so I filled in the gaps with info from this blog post by Jacob Tomlinson. Thanks!

shareit: Simple FTP-based file sharing from the command line

File sharing websites tend to have ads everywhere, and long running HTTP uploads of large files can be a pain in the backside, so I stopped using them a while back. Whenever I needed to share a file with someone, I’d figure out the file’s MD5 sum (to avoid naming collisions), fire up Transmit (the nicest Mac FTP app by far), upload the file, rename it after uploading, then manually type the link and copy/paste the MD5’d filename in and send it to whoever I wanted to share the file with.

It was nice because I hosted the files, and didn’t have to worry about my recipient seeing a bunch of ads or the file sharing service going down (or being taken down). But it had a huge downside in that it wasn’t straightforward. I was doing a whole bunch of the work by hand every time I wanted to share a file with someone, which as a coder seems like I’m doing something wrong. Eventually I got round to automating it, and now it’s much easier to share a file with someone quickly, just fire one line into the terminal and you’re done.

Getting Started
Before you get started, you’ll want to create a simple YAML file called .shareit in your home directory with your FTP config details, like this:

hostname: ftp.yourwebsite.tld
username: yourusernamegoeshere
password: yourpasswordgoeshere
path: public_html/shareit/
http_prefix: http://yourwebsite.tld/shareit/

path should exist on the FTP server, and http_prefix should be the URL that the folder is accessible at. Both path andhttp_prefix should also include the trailing slash.

Note that the URLs shareit generates are not secure, but they are random enough that people won’t be able to guess them easily unless they know the file’s exact contents. It is recommended that you disable your webserver’s automatic directory indexing for the folder you define in http_prefix — if you don’t, people will be able to browse your entire collection of shared files.

Once you’ve set up your config file, make shareit available in your PATH by adding a symlink in /usr/bin or /usr/local/bin or something.

Usage
Using shareit is simple, all you need to do is tell it what file to upload:

$ shareit 10mb.txt
Uploading to http://yourwebsite.tld/shareit/596c35b949baf46b721744a13f76a258.txt: 10000K of 10000K (100%)
Upload complete!

You can download shareit from https://github.com/arussell/shareit.

Thoughts on switching from Chrome to Safari 5.2 [updated]

I’ve used Google Chrome almost exclusively as my main browser since 2009, but after seeing Apple’s WWDC keynote last week I decided to give Safari another try, because being able to send a tab from one device to another (without using Pastebot to just copy/paste the URL across devices),  is one of my most-wanted features.

Things I like about Safari:

  • iCloud tabs (even though I don’t have Mountain Lion yet, it’s already come in useful between my iPad and iPhone running iOS 6).
  • A unified bookmarks bar between my iOS devices and Safari on OS X
  • Reader (though I used Readability before, so I’m not really gaining anything really new here)
  • A unified address/search bar in Safari 5.2 (FINALLY.)

Things I don’t like:

  • No built-in translator
  • No distinct incognito/private browsing windows (with Chrome, incognito windows are super-useful for having two separate “cookie sets” allowing you to login as two users at once while developing web apps)
  • No pinnable tabs… there are a few things I always leave open, but I don’t want them taking up huge amounts of real-estate on my tab bar
  • More than a handful of tabs leads to Safari just displaying a >> icon at the end of the tab bar, whereas Chrome makes them progressively smaller so you can at least still get to them all
  • In Safari, Cmd-1 through Cmd-9 select Bookmark Bar bookmarks in Safari rather than specific tabs (this means I keep accidentally leaving the page I’m on and calling a bookmark instead of switching to the tab I wanted)
  • Lame process separation in Safari: although the web process is separated from the main browser UI process, if one tab crashes in Safari, ALL tabs need to be refreshed. This is no better than having the entire browser “unexpectedly quit” on me, really.

So far I’m finding Safari’s limitations super annoying and I want to switch back, but I’m going to stick it out a while longer. Perhaps I’ll get used to the quirks.

Update 2012-06-23: I’m back to Chrome. Safari’s funky replacement for the WebKit Developer Tools was the final straw.

Switching between Ubuntu Desktop and Ubuntu Server

It’s easy enough to start out with an Ubuntu Server machine and install the desktop packages, leaving you with an Ubuntu Desktop machine. Just run:

sudo aptitude install ubuntu-desktop

…and you’re done. Unfortunately, going the other way isn’t so easy. Just removing the ubuntu-desktop package doesn’t remove all the other packages for me, I had to list a whole bunch of packages (enough to trigger all the dependencies, and get all the other desktop packages autoremoved). Long story short, I just fired this (very long) command and it did what I was after:

sudo aptitude remove ubuntu-desktop gdm nautilus \
xserver-xorg libgtk2.0-common metacity x-session-manager \
gnome-session xorg capplets-data gedit-common \
gnome-panel gnome-orca gnome-control-center libgnome2-0 \
mousetweaks network-manager synaptic evolution \
gcalctool gconf2 software-center nautilus-data \
rhythmbox vino vlc update-manager firefox compiz-core \
network-manager-pptp openoffice.org-help-en-us \
gnome-media-common gnome-panel-data gnome-screensaver \
gnome-terminal-data gstreamer0.10-plugins-base \
indicator-me indicator-messages indicator-session \
update-notifier indicator-applet \
indicator-applet-session libappindicator1 \
libcanberra-gtk0 empathy-common evolution-common \
evolution-plugins gwibber-service ibus jockey-gtk \
libbrasero-media1 libpam-gnome-keyring \
nautilus-sendto-empathy rhythmbox-plugins \
xul-ext-ubufox empathy gnome-applets gnome-keyring

Warnings/disclaimers/tips:

  • Make sure you’re not in a GNOME session while you’re doing this, or it could have unexpected results.
  • It’ll remove a lot more packages than those listed above. Read the list of packages that are going to be removed CAREFULLY and be sure before you confirm the removal.
  • You may not hold me responsible if you hose your system by blindly removing packages. You should know what you’re doing before attempting this, if you’re not sure what will happen, you should do some more research first.
  • If you don’t have aptitude installed, just replace “aptitude” with “apt-get” in the commands above. I prefer aptitude, so that’s why it’s in the commands above.
  • My scenario: I started off with an Ubuntu Server 10.10 (not a fresh install, I’d been using it a while, so forget this being a clean experiment!), then installed the Desktop, installed Chromium and Flash, then switched back to Ubuntu Server.
  • This will almost certainly need some tweaks to work on earlier or later versions of Ubuntu than 10.10. If you do tweak the above command for another version and you feel like helping out, please comment with the relevant remove command that worked for you so it can be shared.

If this works for you, drop me a comment below!

PS: Nope, I don’t understand that photo either. :)

Safari skews web stats

Here’s an interesting thing to consider next time you’re looking through your web stats: the popularity of Safari 4 and later (the desktop version, not the iOS one) probably looks way higher than it actually is.

Safari’s “Top Sites” feature checks sites to see if any content has changed since you were last there (and also to draw the preview images), and it does this reasonably often. The way it checks is to load your website behind the scenes, which means your server gets hit, and your stats show Safari’s more popular with each refresh.

Perhaps Apple should make the background thread use a different user agent string so that we can differentiate real requests from the Top Sites updates?

My Koobface / Facebook Roadblock experience

I figured I’d write up my experience with the Facebook Roadblock, as it might come in useful for other people who get locked out.

Last night I noticed Adium started spinning away on my dock, unable to connect to one of its configured networks, which turned out to be Facebook. A few minutes later I closed whatever browser tab I had open, and noticed that Facebook tab I had open behind it was showing the “Please login to continue” dialog over my previous session. Clicking the login button took me to something I’d not seen before, the Facebook Roadblock:

The Facebook Roadblock
The Facebook Roadblock

A few minutes of checking the SSL certs, retyping bookmarks, checking for DNS spoofing, and even trying from my iPhone over the 3G data network (which still didn’t work, it instantly logged me out once it loaded and didn’t let me back in), I received an email claiming to be from Facebook. And the headers seemed valid too:

Return-Path: <notification+z4o6=66@facebookmail.com>
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on
  server01.filesanctuary.net
X-Spam-Level:
X-Spam-Status: No, score=-99.0 required=5.0 tests=AWL,BAYES_50,
  DNS_FROM_OPENWHOIS,RCVD_IN_DNSWL_LOW,SPF_PASS,USER_IN_WHITELIST autolearn=no
  version=3.2.4
X-Original-To: aaron@unadopted.co.uk
Delivered-To: aaron.unadopted@server01.filesanctuary.net
Received: from mx-out.facebook.com (outmail013.snc4.facebook.com [66.220.144.145])
  by server01.filesanctuary.net (Postfix) with ESMTP id CF77B315237
  for <aaron@unadopted.co.uk>; Thu, 28 Oct 2010 19:04:33 +0100 (BST)
DKIM-Signature: v=1; a=rsa-sha1; d=facebookmail.com; s=201006181024; c=relaxed/relaxed;
  q=dns/txt; i=@facebookmail.com; t=1288289073;
  h=From:Subject:Date:To:MIME-Version:Content-Type;
  bh=qEIXppA9YVJnzP16lPu8knjBLI4=;
  b=R8irJgwrt6XVn16hAvSUFeIlM++vWMcDyAYhNXrhKnQ6ItFMnyMlWp5Mpop9/8qW
  RBXeIrBlbl9R+MhQ7tTzmYKGcHpDpA4sMc27xKmYwDphIdANX0rgfCfxLzsRwYvJ
  wu+CZxtaBphfkFdMo0RZabSpGN4v5Q0WCW12jqDxKBM=;
Received: from [10.30.185.191] ([10.30.185.191:35133])
  by mta018.snc4.facebook.com (envelope-from <notification+z4o6=66@facebookmail.com>)
  (ecelerity 2.2.2.45 r(34222M)) with ECSTREAM
  id F6/5B-27367-13BB9CC4; Thu, 28 Oct 2010 11:04:33 -0700
X-Facebook: from zuckmail ([MTI3LjAuMC4x])
  by localhost.localdomain with local (ZuckMail);
Date: Thu, 28 Oct 2010 11:04:33 -0700
To: "Aaron B. Russell" <aaron@unadopted.co.uk>
From: Facebook <notification+z4o6=66@facebookmail.com>
Reply-to: Facebook <notification+z4o6=66@facebookmail.com>
Subject: Security Warning From Facebook
Message-ID: <9202ff1cbcd06add33c763f96edc88cd@localhost.localdomain>
X-Priority: 3
X-Mailer: ZuckMail [version 1.00]
X-Facebook-Notify: roadblock; mailid=333b85fG1e289220G6f8ad57G7b
Errors-To: notification+z4o6=66@facebookmail.com
X-FACEBOOK-PRIORITY: 0
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="UTF-8"

Dear Aaron B. Russell,

We have detected that your Facebook account is infected with a form of
malware, or virus, called Koobface. You downloaded the virus after
receiving a message from a friend, which invited you to view a video.

To restore your account, please log in to Facebook and follow the
instructions you see there. You can also learn more in our Help Centre at:
http://www.facebook.com/help/?topic=koobface

Thanks,
Facebook Security Team

Hmm. So I really was locked out. But was I really infected? As I use a Mac, I wondered if I’d been hit by the (supposedly harmless) OSX/Koobface.A virus (Intego Security Memo). But if that was the case, why didn’t VirusBarrier X6 tell me about it? And why didn’t I get the Java applet warning? My mind wandered back a couple of days and I remembered I’d logged in on my Windows 7-based HTPC recently too, so there was a slim chance that I got infected that way.

So off I went to set some scans running. Kaspersky Internet Security finished on the HTPC first due to it’s relatively small HD, but that was clean, which only left my MacBook Pro as a potential candidate for infection. After discovering just how long it takes to scan a 500gb hard disk (more than 8 hours)… VirusBarrier told me that it didn’t find anything on my laptop either.

VirusBarrier says "no virus detected"
VirusBarrier says "no virus detected"

Both Kaspersky Internet Security and VirusBarrier X6 claim to be able to deal with various versions Koobface worm/trojan hybrid, but neither of them picked anything up despite having the latest virus definition updates, so my systems seem to be clean. Having checked my systems meant that I was now “allowed” through the Roadblock (Facebook requires you to certify that you’ve checked your system — that said, it’s only a checkbox to tick and you could easily lie, but if you receive genuine reports that your computer appears to be compromised, it’s better not to chance it), and I went through this sequence of steps…

Facebook give you a few options to prove your identity
Facebook give you a few options to prove your identity
I opted for SMS message verification
I opted for SMS message verification
Facebook then try to educate you about what happened...
Facebook then try to educate you about what happened...
... which is a really good idea (despite showing me Windows screenshots when I'm on a Mac)
... which is a really good idea (though they should detect I'm on a Mac)
... and then they forced me to reset my password (also good!)
... and then they forced me to reset my password (also good!)

And then after a confirmation screen, my account was restored.

So… what the hell happened? Well, from what I can tell my machines are not infected, so either my account was compromised, or it was a false alarm (possibly due to Adium’s frequent reconnects to Facebook Chat, because it drops the connection often). Either way, I think Facebook handled this very well from a security point of view. They also offered me a (Windows-only) 6 month free subscription to McAfee VirusScan Plus on the final confirmation screen, but I skipped that as I’m on a Mac and already use Intego VirusBarrier X6, but it’s good to be offering protection to people who might not be protected.

I’m interested to hear if anyone else has gone through this (especially Mac users), so if you have a similar story to share, please drop me a comment.

Google gives up on Wave

This is a pretty huge disappointment: Google’s admitted defeat on Wave, citing poor uptake, and plans to cut it loose later this year.

“despite these wins, and numerous loyal fans, Wave has not seen the user adoption we would have liked. We don’t plan to continue developing Wave as a standalone product, but we will maintain the site at least through the end of the year and extend the technology for use in other Google projects.”
— Urs Hölzle on the Official Google Blog [link to post]

I’ve found Google Wave to be very useful as a meeting and collaboration space for working with people hundreds or thousands of miles away from me, but I guess not enough people saw just how useful it actually is. It does have a pretty steep learning curve initially, so I can see why a lot of people probably didn’t bother, or didn’t get what it was for. I guess it’s back to IRC, IMs and Campfire for now.

FaceTime missing on your iPhone 4? Here’s how to fix it.

I discovered today that FaceTime didn’t work on my iPhone 4: people couldn’t start FaceTime calls with me and I didn’t have any of the FaceTime buttons present. Turns out that this problem is caused when restoring from an iPhone 3G running iOS 4 — it seems the FaceTime on/off setting is imported from the iPhone 3G (which has it turned off as it doesn’t support FaceTime). Going into Settings > Phone and then flipping FaceTime on solved it for me.

Other people seem to have had to jump through a couple of extra hoops to get this to work, if flipping the switch didn’t get you going, take a look at this post over at the Rusty Brick blog.

Update 2010-08-22: Still having trouble? Did you jailbreak your iPhone 4? There’s something else that might stop this working too.

Update 2011-08-20: Did you find this post helpful? It would be awesome if you’d take a moment or two to check out File Sanctuary, my hosting company. We’d love to help you with our cloud servers, web hosting, email hosting, radio station hosting, domain registration, SSL certificates, and Livedrive cloud backup. We really care about the service we provide, and we’re fairly priced. Have a look around our website to find out some more, then get in touch and tell us what you’re after, and we’ll do everything we can to accomodate your needs. Thank you for reading my shameless plug! :)

Update 2012-07-18: Several people have reported that the FaceTime icon disappears after you have done the initial setup, and that this is normal. To make a FaceTime call once setup is complete, go into your Contacts, find the person you want to video chat with, then you should see a FaceTime button underneath their contact info, in the same ara that the “Text Message” button is. Thanks to everyone who’s commented for sharing their stories!

Make a perfect Ubuntu AFP file server with Time Machine support

Just found an awesome guide from Mattias Kretschmann on how to create a perfect AFP file server for Mac clients that supports Time Machine backups over the network out of the box. It worked for me with a Mac OS X 10.6.3 client and an Ubuntu 10.04 server, with just one small change to the /etc/netatalk/afpd.conf file. The final line simply needed to read:

- -transall -advertise_ssh

Beautiful, thanks Mattias. :)

Unadopted Podcast Session 028 Out Now!

This one’s so lively it should probably come in its own cage! Fantastic tunes this time from the likes of Passion Pit, Justice, and a couple of truly brilliant remixes from Last Japan.

If you love the Unadopted Podcast, please add Unadopted on Facebook and tell your friends about the podcast!

Want to send music in to the Unadopted Podcast? Now you can! Visit the Unadopted Soundcloud and send your music in (it’s dead easy). If I like it, I’ll try and get it into one of the sessions!

  1. Passion Pit – Little Secrets (Jack Beats Remix)
  2. Touché – Vampires
  3. Booka Shade – Mandarine Girl
  4. Kidda – Feel Too Good (Jack Beats Remix)
  5. Soft Toy Emergency – Critical (Last Japan Remix)
  6. Boris Dlugosch – Bangkok
  7. Kissy Sell Out – This Kiss (Jack Beats Remix)
  8. Yeah Yeah Yeahs – Heads Will Roll (Passion Pit Remix)
  9. The Bingo Players – Devotion
  10. Crystal Fighters – Xtatic Truth (Last Japan Remix)
  11. Justice – D.A.N.C.E. (Beau Damion Mashup)

Listen now over at http://unadopted.co.uk/podcast/. If you haven’t already set it up, click the “Subscribe” link on the right-hand-side when you get there to get the podcast automatically delivered right into your iTunes or RSS reader whenever I release a new session!