If you are interested in purchasing Base to aid your development projects (it is a front-end for SQLite3 database design), you must remove the ".xml" extension on the license file (Base_License.baselicense.xml) Menial sends to you in order for the app to recognize it.

I realize this applies to a very small subset of folks out there (most of whom probably figured this out as quickly as I did), but if this post helps out even one person, it was worth the entry time.

Dropbox is a great way to share items between team or project members and can also help you keep your data synchronized across multiple systems (and web-accessible). It is very fast, especially if files are deleted inadvertently and restored due the use of a cache.

Hidden in your home directory (/Users/username/) is a directory named .dropbox where the application keeps a database of your account configuration (encrypted) and what should be synchronized to your local Dropbox folder. There is also a ~/.dropbox/cache directory which can get huge. Since Dropbox has yet to add cache management to the agent application, you will need to manually clear this out if you want to free up space on your hard drive.

Enter: Dropbox Cache Cleaner. This simple Dashboard Widget lets you see how big your Dropbox cache is and then gives you the option to clear it all away.

While this has worked very well for me, your mileage may vary. If it fries your local Dropbox or interferes with future Dropbox functionality, I take no responsibility.

Drop a note in the comments if you found it useful or if you have suggestions for how to improve the widget. Once Dropbox adds proper cache management tools to their app, I will cease updates.

I've got a decent number of folks on Twitter who are also in my OS X Address Book and I wanted an easier way to keep their Twitter avatars in sync than just manually downloading and updating the images. Enter Taabu [297K DMG], my Twitter Avatar to OS X Address Book Updater.

As long as your OS X Address Book contacts have one URL field with their http://twitter.com/twitterid account in it (and you are following them), you will be able to use Taabu to update their OS X Address Book pictures with their Twitter images.

This currently works for up to ~98 contacts (all depends on your current Twitter API rate limit status, which you can use the widget in the previous post to keep track of) and is fine for me since I have far fewer than that I need to sync. Post a comment if you need that functionality as it will mean some coding to allow processing of your local contacts in batches (due to the rate limit situation). There's a "README" in the DMG download that gives a bit more info and some additional screenshots.

Requests, bug reports, complaints, accolades, etc are all welcome. (And, yes, there is a spelling error in "Downloadig" - will fix when I post the next release which will also contain the full, ugly Objective-C source code :-)

MacNN continues their inaccurate reporting trend for the week with this travesty of an article. They use Secunia as a reference to make the determination (albeit with a "?" in the article title) that OS X is less secure than Windows.

This type of journalistic faux pas is all too common when writers with no security background delve into what may be one of the most complex areas of information technology. When one sets out to determine the "security" (I prefer the term "risk profile") of an operating system it is inexcusable to rely solely on raw numbers culled from CVE (Common Vulnerabilities and Exposures) entries. Each flaw has:

• an exploit impact or severity (e.g. Denial of Service, Information Disclosure, ....) that explains what the potential damage may be if the exploit is successful
• an exploit vector (e.g. remote, local, requires user interaction, ...) that documents how the exploit will be delivered
• and an exploit likelihood level based on factors such as the difficulty level of crafting and delivering the exploit.

When combined, these factors form a fairly complex and partially subjective equation. Many large corporations spend an afternoon or morning once per month near "Patch Tuesday" mulling over such information to assign patch priorities to new Microsoft vulnerabilities. I guarantee that you will find disparities in the ratings lists that are produced.

Raw flaw counts and ratings only paint one part of the security picture. Head on over to SecurityFocus or any other reputable security news aggregator/publisher and you'll find that the documented trend is exploiting application security flaws and direct targeting of users via attacks such as phishing. These rise above the operating system level and do have an impact on Apple as well as Microsoft (and it's one of only a few areas where Apple bugs can impact Microsoft users). Even the oft referenced SANS Top 20 Security Risks continues to highlight program-related security issues over operating system ones. Excluding this information when attempting to make an "X is less secure than Y" argument is just plain irresponsible.

All consumer operating systems and related software are insecure (hey, we can't all run OpenBSD) and Macs will see their fair share of malware and other security-related attacks in the coming months as Apple's user base increases. This will and should change the security profile of OS X, but flagging it as being less "secure" than Windows just defies logic and reason.

MacNN is about two more cruddy articles away from being removed from my RSS list.

You can pre-order your copy of Leopard from Amazon from here: