Connect with us

Technology

Clarus returns home in macOS Ventura

Published

on

Clarus returns home in macOS Ventura

Susan Kare's pixel art dogcow icon
The high resolution dogcow icon that ships with macOS Ventura

How it started / How it’s going

Did you know that with macOS Ventura, Clarus the Dogcow has at long last returned home? Recently, while doing something else, I accidentally hit Cmd+Shift+P which opened the Page Setup dialog. I was greeted, surprisingly, with a new high-resolution version of the classic Clarus icon that I’d never seen before. I looked at it briefly, and then closed the dialog and went back to whatever I was doing before. I had assumed that becuase I’d been in a 3rd-party app at the time, that the Clarus icon was just some easter egg the developer had left. But a little while later, I got to thinking. What were the chances that someone went to the trouble of customizing the Page Setup dialog, of all things, just for an easter egg? Zero, it turns out. That dialog shows Clarus on the page preview in every app.

The Page Setup dialog. The page preview on the left shows the high-resolution Clarus icon.

I don’t have a Monterey machine to test it at the moment (I, er, accidentally updated my laptop to the beta), but I believe this is a new change with Ventura.

Updated: I installed Monterey in a virtual machine to check, and, indeed, the Page Setup dialog there bears no sign of Clarus.

The next step, then—having been thoroughly nerd-sniped by this—was to figure out where the icon was coming from and if I could pull it out of whatever nook it was hidden in.

Advertisement

The first stop was NSPageLayout, the panel object that is responsible for displaying the panel. It was unlikely that the class would actually contain the implementation of the panel, but it was at least a starting point.

In order to actually look at the disassembled implementation of this AppKit class, I needed the actual AppKit framework binary. Since macOS Big Sur, all system framework binaries are stored merged in the dyld shared cache, rather than in separate files. But, I need them as separate files in order to actually inspect them.

Since the last time I wrote about this, a couple things have changed. Before, I built the Apple dyld_shared_cache_util from one of the periodic dyld source dumps. This is annoying because you have to make a bunch of changes to the source code to get it to compile outside of an Apple-internal environment. It also may break whenever there’s an OS update. So, I’ve switched to using this utility which uses the dyld_extractor.bundle that ships with Xcode. The other difference since before is a minor one: the dyld shared cache has moved. Wheras before it was in /System/Library/dyld/, in the Ventura beta it’s moved to /System/Cryptexes/OS/System/Library/dyld/ (the Cryptex seems to be part of the Rapid Security Response feature Apple announced).

With the shared cache extracted, I could load the AppKit binary into Hopper (I had to disable the Objective-C analysis, otherwise the app crashed when trying to load the binary) and start poking around. I searched for the NSPageLayout class that I’m interested in, and looked at the runModalWithPrintInfo: method, since that sounded like a good candidate for something that would lead to the bulk of the implementation. And, indeed, it was. The method appears to be a fairly simple wrapper around the PMPrepare... function that sounds like it lives in a separate private framework.

Hopper window with AppKit showing the runModalWithPrintInfo: method

The next step was figuring out where that prepare function is actually implemented. Running otool -L on the AppKit binary doesn’t reveal anything obviously useful, but in the PrivateFrameworks directory extracted from the dyld shared cache, there’s something called PrintingPrivate.framework, which sounds promising. Opening it up in Hopper, I saw that this is indeed the framework I was looking for.

Advertisement

PrintingPrivate in Hopper showing the _PMPrepareAppKitPageSetupDialogWithPrintInfoPrivate function

Looking at the implementation of the prepare function, what immediately jumps out is the call to _LoadAndGetPrintingUIBundle. This seems to be yet another layer of indirection with the actual thing implemented in a different bundle. There’s also a call in the else branch to the similarly-named _LoadAndGetPrintCocoaUIBundle, but let’s start with the first one in hopes that it’s more common.

The implementation of that function goes through another helper function and it ends up loading a PrintingUI.bundle plugin from inside the PrintingPrivate framework bundle. This one isn’t part of the dyld shared cache, so I can just open it right up in Hopper without any fuss.

If you look for the function PrintingPrivate calls, it turns out it winds up in a method on PMPageSetupController. This sounds promising, let’s see what else that class can do.

What’s this? A method called updateClarus? Could it be? Have we finally reached it?

The PrintingUI binary in Hopper with the search panel showing a bunch of methods with 'clarus' in the name

Yes! Clarus, I’m coming! One method that sounds particularly encouraging is -[PMPageSetupController setClarusImageView:]. If I can find out what’s setting the image view, maybe that’ll lead to where it’s being configured with the image.

Advertisement

Unfortunately, the setter for that property isn’t referenced anywhere in the PrintingUI binary. Nor is the getter. I was stuck here for a while, until I realized that the setter not being called anywhere was probably a sign that the UI was defined in a Nib and that an outlet was added from Interface Builder, even though it was never used.

Sure enough, in the plugin bundle’s resources, there is a PMPageSetup.nib. And if the page setup UI is defined in a Nib, and Clarus is being shown in a image view, the image itself is probably located in the asset catalog.

Using the system assetutil program, one can list all of the files in a compiled asset catalog. And sure enough, there she is:

$ assetutil --info /System/Library/PrivateFrameworks/PrintingPrivate.framework/Versions/A/Plugins/PrintingUI.bundle/Contents/Resources/Assets.car | grep -i clarus
    "Name" : "Clarus",
    "RenditionName" : "ClarusSmooth2.pdf",
    "Name" : "Clarus",
    "RenditionName" : "ClarusSmooth2.pdf",
    "Name" : "Clarus",
    "RenditionName" : "ClarusSmooth2.pdf",

To actually extract the image from the asset catalog, I needed to use a third-party tool. acextract worked perfectly on the first try, though it did need couple of additional @imports to compile on Ventura since Foundation no-longer re-exports CoreGraphics.

And with that, I finally gazed upon the 512 × 512px beauty that is Smooth Clarus:

Advertisement
Smooth Clarus

The version shown here I’ve added a white background to, so it’s not invisible in dark mode. The original image has a transparent background.

Lastly, if you’re writing a Mac app and would like to hide Clarus somewhere, you can load the bundle yourself and then pull the image out like so:

let bundle = Bundle(path: "/System/Library/PrivateFrameworks/PrintingPrivate.framework/Versions/A/Plugins/PrintingUI.bundle")!
try! bundle.loadAndReturnError()
let image = bundle.image(forResource: "Clarus")

I’m not sure if the Mac App Store would consider that using private SPI, so use it at your own risk.

It would be very cool to see Clarus return as an SF Symbol some day. If hundreds of icons for various Apple products can go in, so too can everyone’s favorite dogcow.

Read More

Advertisement
Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published.

Technology

Zero-trust market shows signs of maturity at RSA 2022

Published

on

Zero-trust market shows signs of maturity at RSA 2022

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!


Zero trust needed a crucible to burn away the hype and leave the essence of what every cybersecurity vendor has to offer, and the pandemic did that. Akamai, Appgate, Cisco, CrowdStrike, Delinea, Ivanti, Palo Alto Networks, Zscaler and many others either announced their next generation of zero-trust solutions or demonstrated their latest releases at RSA 2022. 

Where zero trust is maturing 

While many in the cybersecurity vendor community still treat zero trust as a series of product features, not an architecture or framework, this year’s RSA proves vendors are maturing their platforms by choosing to solve more challenging problems. CrowdStrike taking on the challenge of providing real-time telemetry data and long-term data archiving with Humio for Falcon and their launch of Asset Graph, which shows the vendors understand zero trust is about architectures and frameworks first. Real-time telemetry data is invaluable in building a zero-trust architecture.

Cisco is introducing the Cisco Security Cloud, demonstrating Cisco Secure Access by Duo and Box, as well as their unified Secure Access Service Edge (SASE) solution Cisco+ Secure Connect Now, which reflects how rapidly zero-trust vendors are maturing. 

Advertisement

In addition, Ericom’s partnership with Cyber Guards to deliver Zero Trust Network Access (ZTNA) to midsize businesses and SMBs brings SASE to businesses who need ZTNA support the most but are often the most budget-constrained.

Ericom’s ZTEdge SASE platform reflects how quickly zero-trust solutions are maturing in the mid-market and for SMBs. Its many innovations in Remote Browser Isolation (RBI) extend to Web Application Isolation (WAI), which enables organizations to allow third party unmanaged device and bring your own devices (BYOD) access to corporate apps, while protecting their data and apps using web-based RBI-based technologies, is another proof point. 

ZTEdge Web Application Isolation (WAI) air gaps public and private web and cloud apps in an isolated, secure cloud environment, where organizations can enforce granular app access and data use policies. Ericom’s been able to deliver this without requiring contractors to install apps or browser extensions, make configuration changes to third-party devices, or use special “corporate” browsers.

Ericom relying on RBI-based technologies to solve the challenge of securing third-party contractors' remote devices without apps, browser extensions, or custom code reflects today's zero-trust maturity.
Ericom relying on RBI-based technologies to solve the challenge of securing third-party contractors’ remote devices without apps, browser extensions, or custom code reflects today’s zero-trust maturity. 

John Kingervag created zero trust while at Forrester and currently serves as senior vice president of Cybersecurity Strategyat ON2IT Cybersecurity. An interview he gave during RSA provides guardrails for getting zero trust right. 

“So, the most important thing to know is, what do I need to protect? And so I’m often on calls with people that said, ‘Well, I bought widget X. Where do I put it?’ Well, what are you protecting? “Well, I haven’t thought about that.” Well, then you’re going to fail,” Kingervag said during the interview. 

Signs avendor understand zero trust 

Separating the vendors who understand zero trust is becoming easier, given how quickly the landscape is maturing. The vendors who get it realize their systems and solutions are part of an integrated zero-trust architecture. Enterprises don’t “buy” zero trust; it’s an architecture integrated into a given business’s unique workflows. 

Advertisement

During RSA, two standards were released that provide vendors with the guardrails and guidance needed to help serve enterprises. First, the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) published Implementing a Zero Trust Architecture. The NCCoE is planning to release two additional guides in July and August. 

Kindervag and Chase Cunningham, chief strategy officer at Ericom Software, were among several industry leaders who wrote The President’s National Security Telecommunications Advisory Committee (NSTAC) draft on Zero Trust and Trusted Identity Management. The report defines zero-trust architecture as “an architecture that treats all users as potential threats and prevents access to data and resources until the users can be properly authenticated, and their access authorized.”  

The NSTAC Draft on Zero Trust and Identity Management and the new NCCoE guidelines can help enterprises plan their zero-trust initiatives while helping vendors move away from feature sprawl and deliver streamlined, effective solutions. The NTSAC document provides a five-step process that = Kindervag briefly discussed in his interview at RSA.  

NSTAC's draft on Zero Trust and Trusted Identity Management defines a five-step process vendor can use to define where and how they add value to customers, alleviating feature sprawl in the process.
NSTAC’s draft on Zero Trust and Trusted Identity Management defines a five-step process vendor can use to define where and how they add value to customers, alleviating feature sprawl in the process.  

A few key aspects that show a cybersecurity vendor understands zero trust solutions with value and minimal feature sprawl include: 

  • Multirole and multicloud support in Identity Access Management (IAM). RSA 2022’s watermark for zero trust maturity is delivering and implementing IAM support for multiple roles, personas and hybrid cloud configurations. IAM vendors doubling down on how to get this right are advancing zero-trust adoption across enterprises today because their customers can use their solutions in more use cases. Zero-trust vendors are innovating rapidly in this area, making it one of the best-kept secrets at RSA 2022. CISOs went to RSA looking to understand how to control multicloud access across AWS, Google Cloud Platform, Microsoft Azure and others on the same IAM platform. Organizations need cloud-based multifactor authentication (MFA) platforms that can support multiple roles or personas at the same time. AWS Identity and Access Management, BeyondTrust, Ivanti, Microsoft, SailPoint and others all support multirole IAM.   
  • Resilience improves in every release. One of the main messages of Gartner’s top cybersecurity predictions for 2022–23 is that enterprises need to focus more on building resilient tech stacks than attempting to shut down the most prevalent threat of the day. Cybersecurity vendors delivering the most value with their zero-trust solutions already have a track record of delivering resilience in their platforms and systems. Vendors showing maturity in this area include Absolute Software with its continual improvements to Absolute Resilience, Absolute Ransomware Response and a new series of partnerships announced during RSA for its Absolute Application Persistence-as-a-Service (APaaS).  Utopic and WinMagic rely on Absolute’s firmware-embedded technology to monitor and automatically heal their mission-critical security solutions across their customer bases. Akamai, Cisco, Illumio, Ivanti, Palo Alto Networks and Symantec Enterprise Cloud are zero-trust vendors whose product releases over the last two years reflect how each is designing in greater resilience at the tech stack level. 
  • Achieving scale with integrations. The more adoption any enterprise software gains, the greater the demand for broader integration. Every enterprise’s tech stack is unique, making integration options a challenge. Another of the best-kept secrets of this year’s RSA is how abundant the activity is in this area. It’s a leading indicator of which zero-trust vendors have the most active, varied sales cycles. Absolute Software’s announcement before RSA that they’re partnering with BlackBerry to enable their shared customers to strengthen CylancePROTECT with Absolute Application Persistence capabilities reflects how each achieves greater scale with integrations. The partnership aims to enable joint Absolute Resilience customers to extend Absolute’s firmware-embedded, self-healing endpoint device connections to BlackBerry’s Endpoint Protection Platform (EPP). Box also announced more thorough integrations with Cisco, Relativity, Theta Lake and Splunk. New security enhancements to its core platform were also introduced at RSA that will help admins and security teams protect the flow of content inside and outside the organization and across multiple devices.

Maturity in the zero-trust sector is growing

From a marketing blitz in 2020 to a show of force in 2022 by vendors who understand zero trust and are contributing to their customers’ cybersecurity and risk management, RSA has also moved forward. Fewer vendors, less feature sprawl and more focus on solving complex security challenges were a key part of the show. Enterprises are overcoming their inertia of implementing zero trust, as Kindervag alluded to in his RSA interview. 

“What we’ve done is figured out how to break a massively complex problem called cybersecurity into very small pieces called protect surfaces. And as one friend of mine said, ‘We argued for longer than it took us to build the first zero-trust environment that we built.’ So stop arguing about it and do it,” he said.   

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.

Advertisement

Read More

Continue Reading

Technology

Google Hangouts is shutting down this fall

Published

on

Google Hangouts is shutting down this fall

Hangouts holdouts will have to finally say goodbye to Google’s most resilient chat app later this year. On Monday, the company announced it would start migrating consumer Hangouts users to Chat before the former is no longer available after November 2022. If you still use Hangouts on mobile, you’ll see a prompt starting today to move to either the standalone Chat app or the Chat experience in Gmail. “Hangouts has been replaced by Google Chat,” the company declares in the notification.

Over on Gmail, Google won’t begin prodding Hangouts users to switch over until July. The Hangouts web client will remain available until November, and the company says users will have “at least” one month of warning before the platform’s webpage begins automatically redirecting to the Chat website instead. If you’re still actively using Hangouts, Google promises your conversations will automatically transfer to its newer app. That said, you can also use the company’s Takeout service to download a copy of your data.

Google has been gradually phasing out the Hangouts brand in favor of its newer messaging services for some time now, so it’s not surprising the company has finally decided to sunset the platform. And while it never enjoyed the popularity of some instant messaging apps, Hangouts had its devout fans.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Advertisement

Read More

Continue Reading

Technology

Overwatch 2 Beta Begins Tomorrow: Start Time and What to Expect

Published

on

Overwatch 2 Beta Begins Tomorrow: Start Time and What to Expect

Overwatch 2 starts its second beta on Tuesday for PC and console players. The beta begins at 2 p.m. ET/11 a.m. PT and runs through July 18. Sign-ups are still open for a chance to participate, and you can still get guaranteed access if you’re willing to spend some cash.  

The next beta will be our first look at Junker Queen, a new tank hero who first appeared in posters on the Junkertown map that was released in 2017. Fans have been hoping to play her ever since, and five years later, we’re finally getting the chance. The new beta also adds a new hybrid map, Paraiso. The developers have laid out their goals for the beta, which include testing server capacity and hero balance. 

Overwatch 2 is the sequel to Blizzard’s class-based shooter, featuring two teams of five players fighting over objectives. Overwatch devs announced in June that the game will be free to play and will launch in early access on Oct. 4. The first beta injected a frantic pace into the game, which was a welcome change from the slower, more grinding pacing that’s plagued Overwatch in recent years. The free-to-play PvP element will bring the game more in line with other competitive shooters, like Valorant and Apex Legends.

How to sign up for the Overwatch 2 beta

Anyone can sign up for Overwatch 2’s second beta, but it’s not technically an open beta. The game will add people gradually as it ramps up server capacity, and the first big wave of beta access will happen July 5, according to the beta FAQ page. Even if you were in the previous beta, you’ll need to sign up again. 

Advertisement

Here’s how to sign up:

1. Go to the Overwatch 2 beta site.

2. In the top right corner, log in to your Blizzard Account.

3. At the bottom of the Overwatch 2 beta page, choose your platform (and region for PlayStation players).

4. Then hit Request Beta Access.

If you want guaranteed beta access on June 28, you can purchase the Watchpoint Pack ($40). In addition to beta access on day one, you’ll also get two legendary character skins, a unique player icon and enough digital currency to buy the first two battle passes.

How do I download the Overwatch 2 beta?

Blizzard hasn’t released details on downloading the second beta, but it should follow the same process as the first beta. Here’s how that worked:

1. Log in to your Battle.net account and navigate to Overwatch on the game launcher.

Advertisement

2. In the bottom left, click the Game Version drop-down.

3. Select Overwatch 2 Tech Beta to install.

4. When the download is complete, hit the blue Play button to start.

Junker Queen spinning her axe

Junker Queen’s ultimate ability helps her close distance and end fights quickly.


Blizzard

Junker Queen abilities

The new beta finally gives fans a chance to play as Junker Queen, a hero we’ve all been excited about and/or thirsting over since she was first teased on the Junkertown map. Here’s what we know about Junker Queen’s abilities, from the Overwatch Twitter account:

Advertisement

New Hybrid Map: Paraiso

The beta also adds Paraiso, a new hybrid map that explores Lucio’s home, including the DJ’s Clube Sinestesia. As with all hybrid maps, players will start by attacking or defending a control point, and if the attackers succeed, players will spend the rest of the map attacking or defending a payload. 

An underground club with light-up floor

Clube Sinestesia is where support hero Lucio found fame as a DJ.


Blizzard

For more Overwatch 2 news, check out everything we learned from the Overwatch 2 reveal event.

Read More

Advertisement

Continue Reading

Trending

Copyright © 2022 Newsline. Powered by WordPress.