Useful basic OS X Hacks

Even though I have a few Mac's (a 400 Mhz G4 power book and a 1000 Mhz eMac) capable of running Mac OS 10.4, and a pimped out beige box that can run 10.3.9, I've been happy using 9.2.2 because IMHO it has a much nicer interface and I have a few performance issues with X.

The major issue I have is how much slower OS X runs with respect to OS 9 on a given computer. Most of the time I just use a computer to surf the web, so I don't need to use an OS like X that can run multiple threads, be memory protected, etc., etc. 'Nix based operating systems have their place, but for a simple guy like me, that just wants to check eMail and browse the web, OS 9 has been my chose because its small, stable, and very secure.

I knew I had to eventually upgrade to X full time so last December 2005 I bought the last generation of the MacMini using a 1.5 Mhz G4 that could run classic and comes in a nice case which isn't all that hard to take apart. What I really like about the MacMini is its low power consumption... According to Editor Frank Voelkel (a review from Tom's Hardware Guide), the Mac mini only draws 20 watts of power and 28 watts during DVD playback. In contrast, Intel-based systems draw up to 160 watts under comparable conditions, eating up almost six times the power of the Mac mini.

But IMHO the eye candy of X is overkill, and the user interface out of the box is a step backwards with respect to OS 9 because the interface does not adhere to the Human Interface Guidelines. So to get back some features of OS 9, I started by tweaked the X interface with Classic Menu shareware and removing some of the OS X bloat using the following basic hacks.

Eliminate stuff ya don’t need

What most uses don't know is X generates lots and lots of cache and log files. One solution to delete these files is a shareware program like CacheOutX. This simple utility that makes it simple to erase and free up some disk space after using Safari 2 the default browser in OS 10.4

NOTE Apple Computer only supports Safari their in house browser for OS 10.4!!! In OS 10.3 Apple included a copy of Internet Explorer published by Microsoft which was helpful cause there were major issues with Safari 1.3.x and OS 10.3.9.

A bonus to using CacheOutX is it also eliminates other items like "history" and "cookie" files which over time can take up a lots of unnecessary disk space.

Cache files in X are located in a users ~/library/caches/ folder and these files can be manually removed... In this thumbnail you will see the contents of the cache generated by Shiira one of many lessor known OS X browsers.

FYI Safari has an option to turn off recording the history of sites ya visit, just look under "file" then "enable private browsing" but this option defaults to off when you quit Safari.

DNS request are usually cache, that’s good as it speeds up the lookups within the same host but sometimes we will want to clear the cache so it don't hold the values that are no longer valid. To flush your DNS cache (OS Tiger and below) use the command line interface in terminal, and type:

lookupd -flushcache

I've been using computers since the early 1980's when the c64 was trying to take market share away from the Apple II and the IBM XT with a 5 Mb harddisk was hot stuff! Back then to make computers run programs faster, graphics (if you can call them that) were turned off so that every clock cycle was used for calculations. Old habbits die hard and IMHO some the the eye candy of OS X (like the shadows) of windows and dialog boxes are a bit much. Guess there are other old school individuals out there too, who feel eye candy is fluff and were motivated enuf to code ShadowKiller which removes window and menu shadows in OS X. This changes the look of MacOS X completely, and speeds up its operation.

WiFi Insecurity

Since I help operate a community wireless network my Mac's pretty much are always connected to the web via a homebrew wireless bridge with a 9 dBi antenna that feeds a signal to an ethernet port. This homebrew setup is lots more sensitive than the built in MacMini radios, so I disabled the built in Airport and Bluetooth MacMini devices. This is because there are a few interesting hacks that allow knuckleheads who know a few tricks to break into a computer thru these areas. Since I'm not using wireless devices that use these paths into the computer, I figure might as well turn off these potential problems.

Stop potential OS X hacking
Someone intent on stealing personal information can pick up WiFi signals with a packet sniffer so use built in OS X tools to protect your Mac from snoops!

If ya have an always-on Internet connection, check out Tiger's built in anti cracker tools. Go to the Sharing preference pane and click on the Firewall tab, to see the "advanced" button. Clicking on it allows ya to check options such as Stealth Mode and Block UDP Traffic. With Stealth Mode enabled, uninvited queries to your computer will receive no acknowledgment, making it harder for someone to discover information about your Mac. Keep in mind that some applications like VoIP and online games use the UDP (User Datagram Protocol), so depending upon what application you are running UDP might need to be allowed thru.

Terminal Basics

Mac OS X is based on an industrial-strength UNIX foundation which has time-tested security protocols and uncompromising performance (the same can not be said for windows). Geeks can access OS X commands at any time from the Terminal application. Since this page is about hacking security tips for Safari and OS X, ya might find the following basic commands useful...

ssh - or Secure Shell provides users with a secure, encrypted mechanism to log into systems and transfer files and is included in every version of Mac OS X. If you wish you enable Mac OS X’s built in SSH server you can do so by opening your System Preferences, clicking on Sharing and checking the box next to Remote Login. Now if you are on the road and wish to access your machine you can use a client like PuTTY (from a windows machine) or "ssh" from a Mac OS X terminal window and connect to the IP address of your Mac. After logging in with your Username and Password you will be presented with complete access to the Mac OS X command line. Openssh has many, many more uses some of which are quite advanced. My personal favorite is using ssh as a SOCKS server to browse the web securely in an open public network.

ifconfig - is a quick and easy way to figure out what ip address your Mac is using. To use ifconfig, open up, and type ifconfig. You will see a lot of information, including your network card’s MAC Address. I like to type ifconfig | grep inet to return just the ip information for my computer. You can disable a network interface (in this example "en0" which is the built in ethernet connection) by typing ifconfig en0 down. You could bring back up with ifconfig en0 up. This method is a quick alternative to using the System Preferences window.

sudo ifconfig en0 lladdr aa:bb:cc:dd:ee:ff - spoofing a mac address is handy for network testing. Basically this command allows a user to spoof the MAC address of the built in ethernet connection (en0) where aa:bb:cc:dd:ee:ff is the new MAC address you want to set. Note: this "mac address" hack is good until your next reboot.

To spoof a "custom" user-agent in Safari, use the following command line in terminal: defaults write CustomUserAgent "\"My user agent string\"". Note: you must "Quit" Safari before you execute that command in the terminal, then restart Safari afterwards.

Removing the non-english language packs

OS X has localised support for many different languages, it includes a ton of *.lproj files that are used to translate the OS and applications to the correct language. If you don't plan on using any other language, you can delete those files and save yourself a couple hundred Mb of disk space.

Monolingual is a program for removing unnecessary language resources from Mac OS X or for those who want to use the command line interface in terminal, type:

find / \! -name "English.lproj" -name "*.lproj" -type d -exec rm -rf -- { } \; -prune

The find and delete operations will take a couple of minutes and will free up couple hundred Mb of disk space.

Here's a quick explanation of the various parts of the command:

find / - executes the 'find' command, and tells it to start at the root ( / ) level of the system

\! -name "English.lproj" -name "*.lproj" - tells find to look for any file that ends in '.lproj' except files with the full name of 'English.lproj'

-type d - tells find only to look at directories (all the .lproj 'files' are actually directories)

-exec rm -rf -- { } \; - tells find to run the 'rm' command on the results of its search (-rf tells rm to recursively delete through the directory tree wihout confirmation, -- tells rm that anything following that is not an argument, I don't completely understand what the brackets do, and the \; signals the end of the 'exec' statement)

-prune - tells find not to look further into a directory once a match has been made; this prevents the rm command from trying to remove a directory inside a directory that's already been removed.

Safari startup screen

Safari 2.x and OS 10.4 are now very mature and stable, but I still like using a workaround I used in Safari 1.x to place a book mark of my site on the bar (look at the left hand side) to act like a "home" key. You can also add a single line of JavaScript: javascript:window.print() which I placed on the right hand side of the bookmark bar with a title "print button" to improve the Safari interface.

The Safari 1.x User Interface did not have a "home" or "print" button, so my work around was to use the bookmark bar. As shipped Safari does not show a status bar, to change this option check View/Show Status Bar... you can also select View/Customize Address Bar... to change the default settings.

Safari "Debug" menu

Another shareware program ya might find useful is TinkerTool. This utility allows users to enable the DEBUG mode in Safari. Essentially the DEBUG mode in Safari allows users to tweak browser settings with an easy to use interface.

The KISS philosophy of design and security states ya eliminate as many options as possible so as to minimize potential problems and security issues. Poking around the Safari DEBUG menu I discovered that it is possible to disable RSS, so I did because I visit the sites I find interesting on a regular basis and do not see the need to have site feeds.

With the Debug menu ya also can change the user agent (i.e. ya can make web sites think you are using another browser, a windows machine using explorer for example). The debug menu has lots of options so check it out!!!! FYI an alternative method to enable the DEBUG mode in Safari is to launch Terminal, enter defaults write IncludeDebugMenu 1 at the command prompt and press return...

Blocking Ads

One other reason I like using OS 9 is how well filtering the direct TCP/IP stream works for ad blocking. I've tried a few of the methods of blocking ads in X, like using CSS and tweaking the hosts file, but these methods were not as nice or effective as the OS 9 solution.

Thus far the best solution I have found to block ads using Safari is a PlugIn called SafariBlock which allows a user to block a graph image. Version 1.1.4 of SafariBlock works pretty good, but I do not like the built in user interface to edit the sting of text that specifies where the graphic is located, so my work around to this problem is to use a text editor on:


to fine tune specific settings.

I was kind of curious to see if SafariBlock would work with other OS X browsers, so I tried it with Shiira, but it did not work out.

There are other OS X browsers that work well with Mac OS 10.3.9
There are several methods to block ads, with Shiira, another OS X browser, I used a CSS method.

Looking at the HTML source, I've discovered that ad blocking techniques like SafariBlock and an ad blocking CSS file do not eliminate graphical references in the HTML. Basically SafariBlock and CSS methods do not allow browsers to display specific graphic images like ads, but images are still in the cache. In OS 9 when I blocked ads using theWebFree extension, the HTML code did not include have calls to include graphical ad images (i.e. graph ads were treated as comments in HTML), and therefore saved lots of bandwidth.

If you use the FireFox browser, ad blocking is possible using one of the Firefox Add-ons Adblock Version If you switch between browsers, you might consider importing/exporting ad blocking lists which is what I did by using a editor (in my case I made a duplicate of the SafariBlockFilters.plist which is the list of sites used by the ad blocker in Safari, removed all the HTML like tags, and imported the text file into the FireFox ad blocker).


AcidSearch is a search enhancement for Safari. It adds unlimited "Search Channels" to Google or any other web based search field. Channels can be customized in a nearly infinite variety of ways.

For individuals who do not know how to write cgi scripts or know HTML, AcidSearch can be be used to complement any personal search tool you use so ya do not have to write something custom like this...

Ad-Free If you append the parameter "output=googleabout" to a Google Web Search URL, the results page will not carry any AdSense ads that are otherwise seen on the top and right sections of the page.
WMA's and MP3's Using the string intitle:"index of" +"last modified" +"parent directory" +description +size +(wma|mp3) Google will display music files in unprotected directories.

PDF's in Safari

One thing I do not like with Safari 2.x is the way it treats PDF's (in Safari 2.x Apple included a built in simple PDF reader). Doing some checking I found ya can make Safari 2.x treat PDF's just like Safari 1.x did (that is, save them to your default download folder) by downloading a PDF Browser PlugIn.

One browser
does not fit all!

Because different browsers require slightly different code to be viewable, it is costly to write for different types of browsers. Over the years I've managed to spoof my way thru lots of sites that say they need Explorer, but I'm up a creek without Explorer. Case in point, I was checking the network which uses m0n0wall and discovered a PlugIn that plots network graphs requires Explorer... The web is ever evolving so to access new useful services like (a site where you can find home valuations and more) look to another browser because as of 4/17/2006 the site states: "We do not support the Safari browser yet...."

m0n0wall and Safari don't play well together...
Gosh darn, there are time ya need to have an old copy of Internet Explorer or another browser on your Mac. Ya may not like Explorer but what else can ya do when Adobe or other software publisher has not created a browser PlugIn for Safari?

Well that's some of the stuff I discovered about Safari. In the future I'll post more stuff, like how to disable what a browser reveals about a user in X (for example how to block the Referring page and some of the hacks I used in classic)...

Spotlight? Turn it off

SPOTLIGHT a front end for mdutil is one of those new 'features' in 10.4 that is designed to help users find stuff on their hard disks. Telling SPOTLIGHT to Ignore your hard drive won't delete existing indexes or databases. To disable this feature you will need an editor (I happen to use BBedit) to manually change a few settings...

In a Terminal window: bbedit /etc/hostconfig

This will open up your hostconfig file, which tells OS X what processes to launch at startup. Scroll down the hostconfig file and find the line that reads


and change it to


To get rid of the existing index, run these commands from Terminal:

sudo mdutil -i off /
sudo mdutil -E /
sudo rm -fr /.Spotlight-V100

The first command disables indexing on the boot volume, the second erases the existing template and the third removes SPOTLIGHT store. You can then use Activity Monitor to kill any mds or mdimport processes or else just reboot.

If you later change your mind and decide you want SPOTLIGHT after all, it's easy to reactivate. Set


in /etc/hostconfig, then in Terminal:

sudo mdutil -i on /

and reboot.

To remove SPOTLIGHT from the menu bar, remove the file "Search.bundle" from the folder /System/Library/CoreServices, but keep it around somewhere (along with the file "Info" settings) in case you change your mind. When you reboot the computer SPOTLIGHT will not load.

If you ever want to re-enable SPOTLIGHT just go back through these steps and change NO back to YES and put "Search.bundle" back where it belongs.

Spotlight Alternative, EasyFind

One thing I miss from Mac OS 9.x is how straightforward it was to "find" a file. EasyFind is a "freeware" alternative to Spotlight and finds files, folders, or contents in any file without the need for indexing.

Lets say ya rent movies from NetFlix, ya might want to use EasyFind.App to find the contents of the invisible folder ".dvdcss" created by MacTheRipper, (freeware available online, which is a DVD extractor for Mac OS X that removes CSS encryption, Macrovision protection, sets the disc's region code to '0' for region-free by default, and is capable of removing RCE region protection as well). FYI the ".dvdcss" directory (hidden folder in your home directory), stores the CSS decryption keys for the DVDs MacTheRipper rips.

dvdcss was the target of some legal wrangling for a while, and still has some sketchy licensing issues surrounding, so if you want to "clean up" your hard disk, copy and paste this line of text into Terminal: rm -r ~/.dvdcss or just use the EasyFind application to locate ".dvdcss" (make sure you have "checked" Invisible Files & Folders) then drag and drop the folder into the trash...

Disable Dashboard

DASHBOARD is one of those new 'features' in 10.4 that is designed to help a user add personal features, like a stock ticker, a weather forecast, etc. Like SPOTLIGHT, this new OS 'feature' takes up system resources. To disable this feature you can do the following...

In a Terminal window type the following command, then hit Return:

defaults write mcx-disabled -boolean YES

This tells the system that you no longer wish to have Dashboard available. However, the Dashboard task is actually “owned” by the Dock, so to make your changes take effect, you need to restart the Dock. The easiest way to do that is to type this command into the Terminal (and press Return when done):

killall Dock

After the Dock restarts, hit F12 and you’ll seenothing at all. If you run Activity Monitor, you also won’t find any Dashboard widgets in the list of tasks, even if you had several open when you ran the above command. Dashboard has been eliminated from your system, and won’t return until you tell it to do so. You can do just that by opening Terminal again, and typing this command:

defaults write mcx-disabled -boolean NO

Once again, you’ll have to use the killall Dock command to make the changes take effect. Once you do, though, you’ll find that Dashboard is back as usual and any widgets you had opened on the Dashboard will still be open.

End of the line
Tiger Update Issues

Its a fact of life that there are always going to be bugs in software and the best way to deal with bugs IMHO is to first to accept the fact they exist, then do your best to fix them! What follows is a few issues I encountered with the last update "Combo" of Tiger 10.4.11 which includes Safari 3, general operating system fixes that were suppose to enhance the stability, compatibility and security of your Mac. What this section is basically about is the fix I've used to solve the problem of Safari 3.2.1 crashing...

Like perhaps many others, I found Safari 3.2.1 to be pretty damn unstable. I read on the web that some people thought it was Safari's new feature of "fraudulent website" monitoring that was causing issues. So to disable sending tracking data, in terminal I executed the following line command:

defaults write WarnAboutFraudulentWebsites -bool no

From what I gather this is suppose to ignore the folder "" created in the cache that and a file called "SafeBrowsing.db" BUT that didn't help fix things. Next up, in the preference section of Safari I un-checked the option for "JAVA" and detecting a "fraudulent website" BUT that didn't help fix things either. Then I tried to disable the various Safari plugins such as AcidSearch BUT that didn't help fix things, either. FYI I discovered the latest version of AcidSearch 0.7b3 Redux does not have an option to remove your search channel history, so if you feel the need to remove sensitive information, you'll need to use a text editor on the file com.pozytron.AcidSearch.plist and remove some stuff

			DELETE ALL THESE ENTRIES (if you want to remove your "history") 

Long story short, the fix I discovered to make Safari 3.2.1 stable is to remove all traces of Safari 3.2.1 by using then href="">downloading and reinstalling Safari 3.1.1!

The process of trying to fix stability issues of Safari 3.2.1 was not a total waste of time because along the way I discovered a number of useful tid bits. For example to enable single window mode in Safari, in terminal executed the following line command:

defaults write TargetedClicksCreateTabs -bool true

Ya might have noticed after browsing for a few hours in Safari it's possible to end up with a dozen windows or so because of links that open a new window (links with target="_blank"). If you want to have these links open in a new tab instead of a new window, ya now have a way to do so. To disable the single window setting, run the same command with "false" instead of true.

It was reported that Safari has an RSS exploit could let hackers steal your passwords. Since I figured out long ago the best way to avoid any exploit is to eliminate the option before hand, in terminal its possible to to Disable RSS Support in Safari if you executed the following line command:

defaults write DebugSyndicationEnabled 0

Basically after you execute this line command, the RSS support option in Safari program preferences is eliminated. To (re)enable RSS Support in Safari, in terminal type the following command

defaults write DebugSyndicationEnabled 1

One last trick I discovered is with a single terminal entry, its possible to to make the SAFARI user agent permanent! As with all the rest of terminal command line tips, its best if you quit Safari, enter the terminal and type in the following command line (but in this example, the escaped quotes are necessary, just type in your own CUSTOM USER AGENT STRING)

defaults write CustomUserAgent "\"CUSTOM USER AGENT STRING\""

If you're really interested in tweaking the various Safari settings, I'd suggest installing Pref which is an application used to edit plist (Property LIST) files.

One feature missing from Safari is the ability to download an .mp3 or flash video file (in other words Firefox does have the capacity to "File/Save As" but Safari does not). If you don't want to use the Firefox work around to save an online .mp3 file, another way to download a music or video file is with "Curl" in the terminal mode. For example suppose you're using Safari and want to download to your desktop the contents of, in terminal type in the following to save some "music_file.mp3" to your desktop:

$curl -o ~/Desktop/music_file.mp3

With the various tweaks on my system (MacMini 10.4.11) I was kinda concerned about a virus or some kind of nasty bug or spyware when I kept on seeing a popup window saying, "your network settings have been changed by another application" when I changed the System Preferences (specifically NETWORK settings). Fearing the worst I installed ClamXav which is a free virus checker for Mac OS X. It uses the tried, tested and very popular ClamAV open source antivirus engine as a back end. When that didn't find anything, I next tried to find out more information about a Mac Specific Trojan Horse from SecureMac but that also indicated that I didn't have any MalWare on my system.

Another long story short, the bug was a security patch Apple released. Basically Apple changed the way PPP and PPPoE passwords are maintained on your system. To fix this bug you first need to make the annoying "Your network settings have been changed by another application" dialog box, stop popping up! To do this, open "System Preferences" and go to "Security" then tick off "Require password to unlock each secure system preference" then click "show all" at the top. BTW I had to quit "System Preferences" to make the change take effect. Next open "System Preferences" once again and choose "Network" (you will probably get the annoying pop up once, but this time when you click "OK" it won't loop). Notice that the padlock in the bottom left corner is now locked. Click it to unlock. Enter your password (assuming you are the administrator on the Mac). Now click back on the show all button. The Mac will think you made a change and ask if you want to " Apply configuration changes" click "Apply" once it saves the changes your problem should be fixed. You can go back to the "Security" pane and untick the option you enabled earlier. BTW if you have ever used the USB fax/modem on your system there could be PPP settings that you can't get to without having the modem attached. The only way to edit the PPP password was to plug in the USB fax/modem then edit the settings.

Think Different

Think Different was an advertising slogan created for Apple Computer in the late 1990s by the Los Angeles office of advertising agency TBWA\Chiat\Day. It was used in a famous television commercial, several print advertisements, and several television advertisements for Apple products.

Out of the box OS X is pretty useful, but if ya "think different" as the advertising slogan suggests ya can customize the Mac OS to suit your personal needs and reflect your personality.

Cults and consumers think alike not different, because they believe or buy into the propaganda of subliminal messages
Apple ads told me to "think different" so I did and came up with this unofficial Apple tee shirt that can be used at Burning Man or at an Apple store on buy nothing day. Figure I'd print up a few high quality tee shirts and use BS to call it commerical pop art inspired by Andy Warhol's Campbell soup can series and a sculpture called Kryptos -- the Greek word for "hidden" -- that was dedicated at the C.I.A. in October 1990. Basically my BS commercial illustrator pop art is a way to display two often used branding logos (get the irony?) at Black Rock City and iThink is a pragmatic Burning Man costume.

Well that is it for now, if ya have any comments or suggestion about my basic collection of OS X hacks or a mac pinup suitable for a workshop or a Burning Man costume, use the graffiti wall!