scripting
Latest
Company made to change name that could be used for website hacks
A company has been forced to change its name after the UK government warned it could be used for website hacks.
'Overwatch' Workshop adds more custom options for heroes and modes
Overwatch fans have long been able to set up custom games (Ana Paintball, anyone?) and now they're getting a lot more options to flex their creative muscles. A new feature called Workshop, a scripting mode for custom games, is live on the PTR.
Microsoft Office 2011: Unattended download and installation
I own Microsoft Office 2011 and wanted to make the process of installing it easier, since I own several Macs and have this habit of reinstalling OS X frequently. So I wrote a shell script because that's what I do to solve these sorts of problems. The best part of the script is that it does not require you to have any of the necessary parts. You do not need your installation DVDs or to have downloaded the latest updates. Once you start the script, it will download everything that you need directly from Microsoft's servers and install all of them for you. The entire process can be left completely unattended after it is started. The length of time for the install process depends on your network speed. The total download size is 1.16 GB (aka 1.08 GiB or 1,157,294,708 bytes) as of today. Once the script is finished, the necessary files will be available in ~/Downloads/Office2011/ which you can then copy to any of your other Macs. The script will look for files in ~/Downloads/Office2011/ and if they already exist, it will not download them again. The script will install the following Microsoft Office for Mac 2011 with Service Pack 2 (14.2.0) Office2011-1439Update_EN-US.dmg Microsoft Error Reporting for Mac 2.2.9 Update Microsoft AutoUpdate for Mac 2.3.6 Update Once the script finishes, it will run "Microsoft AutoUpdate.app" to make sure that there are not additional updates necessary. How to use this script (The Easy Way) There is an installer available. This is an Automator app which will simply download and run the office2011.sh for you. Please note that because of Gatekeeper settings in OS X, you may have to right click the installer app and choose open in order to get it to launch. Once you confirm that you want to download and install Office, the rest will take place behind the scenes. You will be prompted to enter your administrator password because the installation cannot continue without it. Update 2013-12-29: I have updated the information at GitHub to include a walk-through of using the GUI Installer application. If you tried it before and it did not work, please try again. How to use this script (The Nerdy Way) A better way to use this script requires the Terminal.app which is found in /Applications/Utilities/. Using Terminal is like getting under the hood of your car: it shouldn't scare you, but you shouldn't just go randomly poking around either. Once in Terminal.app, you will need to: 1) download the installer script (this should all be one line): curl --remote-name "https://raw.github.com/tjluoma/office2011/master/office2011.sh" 2) make it executable chmod 700 office2011.sh 3) run the script. sudo ./office2011.sh Note that you will have to enter your administrator password to use sudo. After Installation Once the installation finishes, Microsoft's Auto Update app will be launched. This will make sure that there are no additional updates needed which have been released since this script was written. It is also a good time to set the auto-updater to run as often as you'd like it to run automatically. I recommend once a week. Disclaimer and Final Notes As far as I know, installing Office 2011 this way gives you the same result as if you had installed using OS X's Installer.app on the various pkg files directly. However, there's a chance that I could be wrong. Use at your own risk, etc. The only difference that I am aware of is that installing Microsoft Office using these scripts does not automatically add the apps to your OS X Dock. This is considered a feature, not a bug. Using this installer will not give you free access to Microsoft Office 2011. The first time you run it, you will be asked for your license code or Office 365 subscription information. If you do not have either of those you can use a trial version of Office, but I do not know what kinds of limitations it places on you. Discovering those is left as an exercise to the reader. Upon installation, you may want to read my article on how to Reduce visual clutter in Microsoft Word.
Timed command-line screenshots
A TUAW staffer recently asked if there were a way to snapshot the exact same region of the screen over and over at timed intervals without buying third-party software. There is, but it depends on your comfort with the command line. If you're experienced in Unix scripting, read on. If not, you may want to investigate standalone screen-capture apps instead. I pointed him to /usr/sbin/screencapture. This built-in OS X utility allows you to specify a screen region to capture. For example, to capture a 50x200 rectangle starting at the point 200, 200, you'd say: % /usr/sbin/screencapture -R"200,200,50,200" ~/Desktop/foo.png You can easily apply a Unix shell script to create numbered output files. Unix commands will also enable you to sleep and repeat the capture requests over time. The utility is Retina-ready. Since it captures in points (and not pixels), the results are twice as big in each dimension when run on Retina systems.
Extract App Resource Icons with AppleScript
Whether I'm preparing for a demo or writing an article, blog post, book, or technical documentation, I often find myself performing the same set of repetitive steps. I need to navigate into an app's packaged resources folder, find one or more icon files, occasionally convert them to PNG and scale them, and add them to my document, Keynote presentation, etc. Fortunately, this doesn't need to be a manual process each time, thanks to the following AppleScript. Creating the Script 1. Launch AppleScript Editor (in /Applications/Utilities) and create a new script document. 2. Enter the following script into the document. NOTE: If you have any trouble following along, you can download the completed script here. 3. Run the script from AppleScript Editor, save it as an app, or add it to your script menu. Running the Script When you run the script, you're first asked to select an app from which to extract icons. Make your selection and click Choose. The script looks inside the app's /Contents/Resources folder for any files with an extension of .icns. If multiple files are found, it allows you to select the ones you want to extract. The default is all of them. Next, the script gives you the option to extract the .icns files themselves, or PNG versions. Click the button to make your choice. If you click the PNG button, then you're given a choice of sizes to create. You might not need the full sized icons, for example. You might only need 256x256 icons. Depending on the options you chose, the script extracts the .icns files, or it converts the .icns files to PNG and scales them, as needed. You're notified when the icons have been extracted, and they're displayed in the Finder for you. Now you can simply drag them to your document, presentation, file, etc., and you're good to go! Happy Scripting!
AppleScripting OmniFocus > Send completed task report to Evernote 2
In February, I provided instructions for using AppleScript to send completed task reports from OmniFocus to Evernote. The script was quite well-received by readers, and I've had numerous requests for enhancements. This post provides an updated version of the script, which includes a number of additions. The script now supports full project paths and additional task details including the context, estimated time, start date, modification date, completion date and notes. This additional content is optional, and you can adjust the script to not display it if you wish. Creating the Script NOTE: You can download my completed script here. 1. Launch AppleScript Editor (in /Applications/Utilities) 2. Create a new script document and enter the following code: 3. At the top of the script, you can adjust various properties to customize the information that's displayed in the report. Just change any of these property values to false to prevent them from appearing. Running the Script You can run the script right from within AppleScript Editor. Or, you can save it and run it from your system-wide script menu, your Dock or wherever else you'd like. When the script runs, just specify the date range you want to include. The script then creates a report for any tasks completed within that specified range in your Evernote Inbox. Now, you can quickly generate much more detailed reports of your recently completed OmniFocus activity simply by running the script. Happy Scripting!
Alfred v2 brings Workflows, automates what Automator might not
Anyone who's heavily invested in the Mac ecosystem knows Automator, a built-in tool that can string together multiple computing actions without having to know a lick of code. Some of us may want a little more power, or just a different variety of power -- which is where the recently launched Alfred 2.0 comes in. Those who buy the £15 ($23) Powerpack can take advantage of Workflows, which relies on an Automator-like concept of linking simple actions to run complicated tasks. They can be more ornate than you'd expect, however: for a start, you can run multiple app-specific tasks in parallel, such as telling Chrome to search YouTube, IMDB and Rotten Tomatoes the moment you type in a movie keyword. It's equally possible to feed results back to Alfred, launch scripts and trigger notifications (whether Mountain Lion's or Growl's), among other feats. Should you demand control that sits just outside of Apple's boundaries, Alfred is waiting at the source link; anyone who just wants its core launcher functionality can grab the app for free.
More Tips for Troubleshooting Automator Workflows
In my last post, I shared some useful tips for troubleshooting Automator workflow problems. I didn't cover everything, though. There are lots of other ways you can troubleshoot your workflow. Here are some more tips to help. 1. Use Get Selected Finder Items Wisely Automator workflows are frequently created to process files and folders. When you save a workflow as an application, you can drag files and folders onto it and they're passed right into the workflow for processing. Other types of workflows behave similarly. Save a Folder Action workflow, for example, and every time new items are added to the folder, they're automatically passed to the workflow for processing. At the top of a workflow, Automator tells you if it receives files and folders as input. From time to time, however, you may notice that your workflow has processed your files twice, or that it's encountered some kind of obscure error. Often, this is due to the presence of a Get Selected Finder Items action at the beginning of the workflow. As enticing as its name sounds, the Get Selected Finder Items action isn't always needed to process files and folders. Remember, depending on the type of workflow you built, those items may be passed automatically to your workflow. In these cases, the inclusion of the Get Selected Finder Items action causes the dropped items to be appended to themselves. This can result in the items being processed twice or an error. So, what's the solution? Just try removing the Get Selected Finder Items action from the beginning of your workflow. Many times, that one simple change fixes the problem. Don't insert the Get Selected Finder Items action at the start of a workflow if your workflow already receives Finder items as input. 2. Finding Missing Output Files Imagine this. You run an Automator workflow that takes a PDF and outputs its pages as images. The only problem is that the images never seem to show up. Sound familiar? If you've ever been unable to find files output by a workflow, it may not necessarily mean that your workflow failed. Those files may actually be buried somewhere on your system. This is because some Automator actions generate their output files in hidden temporary folders. The Render PDF Pages as Images action is one example. It extracts the pages of a PDF as image files, gives them unique names, and saves them into a hidden temp folder. Render PDF Pages as Images sneakily outputs files to a hidden folder. Note that it doesn't have an option to select an output folder. To determine whether this has happened, run your workflow in Automator. Then, open the action's Results area. If there are files or folders listed, you should be able to figure out where they're located by viewing them in list view. An action's Results area tells you if an action really produced a result. To output the files or folders to the desired location, just insert a Move Finder Items action into your workflow. This should move the items from their secret location to the Desktop or wherever else you choose. Use the Move Finder Items action to move hidden output files someplace more useful. 3. Improving Recorded Task Playback A great feature of Automator is its ability to record things you do manually, so you can play them back later as part of your workflow. A not so great feature of Automator is its knack for being unable to play back what it records. There are a number of reasons this can happen, and some options for fixing things. You may have made a mistake while recording. Remember, Automator is watching. So, it picks up your mistakes too. If this happens, try selecting the extra steps in the Watch Me Do action Automator adds to the workflow. Then, press the Delete key to remove them. You can remove recorded steps by selecting and deleting them. You may have moved too fast, and Automator couldn't keep up. It may have missed some of what you did. You can try to resolve the problem by recording the steps again. This time, take your sweet time. Automator may be unable to repeat what you did manually. Unfortunately, Automator can't access everything in OS X. It can access a lot, but not everything. If this happened, consider trying a third-party macro utility, such as iKey. It may have greater reach than Automator. 4. Locating Missing Actions If you've ever launched Automator but have been unable to locate an action that you used in the past, it may not mean that action is entirely gone from your Mac. Automator may just be unable to load it for some reason. For example, maybe the app the action works with isn't installed anymore. You can see what Automator is unable to load by checking the Console app (in /Applications/Utilities). Just open it up, launch Automator, and see what shows up in the Console. The Console app tells you what actions Automator can't load. Here, the Entourage actions weren't loaded because I don't have Entourage installed anymore. I now have Outlook installed. 5. Service Workflows Not Triggering? Have you created service workflows, but when you trigger them, they don't seem to run? Give them some time. For whatever reason, they may take some time to get going. After one has run, however, subsequent service workflows should run a bit faster. You may have also noticed that you can assign keyboard shortcuts to Service workflows. If you haven't noticed this, you can do it in System Preferences > Keyboard > Keyboard Shortcuts. Assigning a keyboard shortcut to a Service workflow Once you've assigned a keyboard shortcut, you may have found that the workflow doesn't run when you press the keyboard shortcut. One possible fix is to manually choose the workflow from the application's Services menu. Then, once it's been triggered for the first time, the keyboard shortcut often starts working again. Hopefully, these tips and my prior tips have put you on the path to more stable and reliable workflows. Good luck and Happy Scripting!
Python 3.2 lets you write Python on the iPhone
We've posted before about Codea, an iPad app that allows you to code and create LUA scripts. And now here's a new iPhone app called Python 3.2 that, as you might imagine, allows coders to write Python scripts through iOS. The app runs Python 3.2.3 and serves as a full development environment for that scripting language, complete with an interactive interpreter and a number of other Python-related bells, whistles and options. Of course, the issue with both of these script-writing apps is that you're often writing code you can't actually run on the iPhone or iPad, given Apple's restrictions on security and the way it requires apps to be sandboxed. But Python allows you to save scripts as needed and presumably you could just copy them out of the app if you wanted to run them elsewhere. We don't exactly have "Xcode for iPad" just yet, but coding on Apple's iOS platform is becoming more viable.
VoodooPad 5: wiki magic
For those of us who nerd out about things like desktop wikis, VoodooPad 5 (from the creator of Acorn) is an exciting release. It brings new capabilities so powerful that they should come with a "for good, not evil" warning. If you're not familiar with VoodooPad, it's a desktop wiki with media embedding capabilities, a scriptable interface and a lot of power under the hood. Whether you want to use it for note-taking, project management or even maintaining documentation and live websites, it's a powerhouse. We may have mentioned it once or twice before. What's so great about version 5? First, Dropbox sync is greatly improved. You can even share docs with multiple people and see who edited what, when. For those of us of the Markdown persuasion, there's a new page type specifically for Markdown, with editing features and syntax highlighting. If you build large documents -- say, a documentation project for your software -- you can publish the entire document as a PDF or ePub book. There's a new feature called "Collections" that lets you create tables of contents and determine page order, which makes the export features much more useful for more linear output formats. We've always been able to do fun things like write event scripts that search for certain @tags and compile them, but the new To-Dos palette offers a faster, customizable solution for this. There are more flexible event scripts, new scripting language support (including the ability to write scripts in JavaScript). There are even "scriptlets," your own small scripts that can be embedded directly within a page. There's plenty more, as you can see in the release notes. VoodooPad 5 is available in the Mac App Store for US$24.99 (limited time price), or directly from Flying Meat's store (same price).
SWTOR's Daniel Erickson on pulling players' moral strings
BioWare's Daniel Erickson said that for the writing team, the crunch time came way ahead of everyone else since the script for the game had to be done first. As such, the team has had plenty of time to reflect on how the game's developed while it's moved on to future content. In speaking with GameSpy, the Star Wars: The Old Republic head writer opened up about the difficulties and fun of penning a game with so many personalities, choices, and plot twists. Probably the most revealing is how Erickson admits that the writers are trying to pull players in multiple directions through a series of moral influences: the game's own light and dark side system, players' own morality, companions' own likes and dislikes, and multiplayer dialogue. Ideally, he said, one of the goals of the writing team was to make quests that would challenge players' set paths to make them want to change. "It's interesting to watch all those dynamic forces affect the player, see how they interact with the storytelling method," he said. Erickson also says that the project got initial pushback over the notion of centering it on story, because of the past limitations of MMOs and "the expected norm" that had grown over the years: "It was clear, when you played the early MMOs, that they were trying to put as much as they could in for what was there. There were people on each one of these projects that clearly cared passionately about the lore, and were really trying to get it across to the players. So we knew that that was there and we knew from the single-player games what did it." The interview continues to cover a wide range of writing challenges, including coming up with the script for Huttball, quests that the team was sure would get cut by the ESRB, and how the team enjoyed coming up with intricate stories, connections, and romances for companion characters.
Arduino hack lights up the tree with every email, spammers get in spirit
The holidays are all about eggnog, ugly sweaters and disconnecting from the internet just long enough to reassure the family you still care. For those of us with web separation anxiety, the folks at MAKE have hooked us up with an easy way to stay hip to incoming emails -- by connecting the holiday fir to the Internets. It works as such: using an Arduino and PHP script, the tree will check for incoming emails and light up if the number has increased. The set-up can be tweaked based on your most valued type of alert like YouTube comments, texts or changes in the weather. To the family, it will look like unparalleled holiday cheer rather than your cue to ditch the sing-a-long and get back to Gmail. Check out the video after the break. [Thanks, Matt]
WhiteHat Security hacks into Chrome OS, exposes extension vulnerability at Black Hat
It's been a rough Black Hat conference for Google. First, FusionX used the company's homepage to pry into a host of SCADA systems, and now, a pair of experts have discovered a way to hack into Chrome OS. According to WhiteHat security researchers Matt Johansen and Kyle Osborn, one major issue is Google's vet-free app approval process, which leaves its Chrome Web Store susceptible to malicious extensions. But there are also vulnerabilities within native extensions, like ScratchPad -- a note-taking extension that stores data in Google Docs. Using a cross-site scripting injection, Johansen and Osborn were able to steal a user's contacts and cookies, which could give hackers access to other accounts, including Gmail. Big G quickly patched the hole after WhiteHat uncovered it earlier this year, but researchers told Black Hat's attendees that they've discovered similar vulnerabilities in other extensions, as well. In a statement, a Google spokesperson said, "This conversation is about the Web, not Chrome OS. Chromebooks raise security protections on computing hardware to new levels." The company went on to say that its laptops can ward off attacks better than most, thanks to "a carefully designed extensions model and the advanced security available through Chrome that many users and experts have embraced."
Ask TUAW Video Edition: Geeking on GeekTool
It's Tuesday, which means it's time for another edition of Ask TUAW video! On the heels of our AppleScript episode, we are going to talk today about GeekTool. GeekTool is a great way to have information displayed on your desktop, without it being too intrusive. First thing, you need to download GeekTool here. I have posted some example GeekTool scripts, which can be downloaded here. As always, the video is in the second half of the post, and please ask questions -- that's what we're here for!
Ask TUAW Video Edition: PDF and Scripting
Andrew asked us about how to have a folder convert documents to PDF format so that he can sync them to his Dropbox. Today's show goes into how to use Automator and AppleScript to do some scripting, and we're going to demonstrate an iPad app that will convert documents for you on your iPad. Some resources for you: Automator - Mac OS X Automation Automator AppleScript - Mac OS X Automation AppleScript Save2PDF - Main Company Page Any questions, please leave them in the comments or email us! Read on for the video.
Lost Pages of Taborea: Do-It-Yourself Combat Engine
When I first started playing Runes of Magic and other MMOs, I never used addons because they broke my perceived immersion. Fast forward to today and I have well over a dozen different addons to enhance my user interface and interaction with Taborea. There are quite a few addons that I'd now highly recommend. The collection has both evolved and stayed basically the same over the months. The collection does grow, but a lot of the new addons that come along don't see any love once uploaded. Some of the great classics -- like Advanced AuctionHouse -- are constantly being updated and are very useful. Many others that come along are variations on older popular addons or they aren't popular because they are small fluff addons. Basically, there's a core of great addons that are still being updated, but good new addons are coming at a slow pace. One new addon in particular is the Do-It-Yourself Combat Engine. DIYCE is a robust combat engine that can allow players to pre-script entire combat encounters with the push of a button. There are some ethical questions about the ability to easily program what some would call a cheat code. Is this going too far and skirting the boundaries of hacking? Let's take a closer look at the pros and cons for this program.
Mobiola WebCamera gets localization, AppleScript support
It's always nice when developers respond to the suggestions of reviewers. A few weeks ago, I wrote a review of Mobiola Web Cam from SHAPE Services. It's a combination of an iPhone app and a desktop (Windows and Mac) client that turns your iPhone into a webcam. At one point in my review, I suggested that it would be nice to see scripting support built into the Mac desktop client for automating the process of capturing screen shots or video from the camera. Just over two weeks later, the app has a slightly different name (WebCamera instead of Web Cam), it's localized in German, Italian, Spanish, French, and Dutch, and AppleScript support has been added. The app is currently on sale for US$1.99 from the usual $4.99 price, so if you're thinking about picking it up, now's a good time. A quick look at the Mobiola WebCamera Scripting Suite from AppleScript showed three new verbs: take snapshot, start recording, and stop recording. With these, and a connected property that's part of the application class, it's quite simple to write an AppleScript that waits for the iPhone to connect to the desktop app, and then takes a picture or timed video at regular intervals. I found that I also no longer needed to specify an IP address and port for the client and app to get the camera to connect, so it's obvious that the developers at SHAPE Services are paying attention to reviewers and customers to make a good app even better.
Terminal Tips: bash cron script to keep an app running
Do you have some apps that you want to keep running all the time? If so, and if you're not afraid of the Terminal or the command line, I have a script for you. When I come home at the end of the day, Dropbox has stopped running on my iMac. I'm running the latest version, and it works fine on my MacBook Pro, but for some reason, this just keeps happening. The script has nothing to do with Dropbox itself; you could substitute any app that you always want running, such as LaunchBar, OmniFocus, 1Password, or any other app that you like. It's fairly simple: #!/bin/sh PATH=/bin:/usr/bin # Change 'Dropbox' to whatever app you want. Be sure to capitalize # it correctly and include any spaces. You do not need to add .app APPNAME="Dropbox" # if the app name _IS_ found in process list, exit ps xc|fgrep "${APPNAME}" >/dev/null && exit 0 # if the app isn't found, open it open -a "${APPNAME}" exit 0 That's it. Now, you save the file (I call mine "keep-my-app-running.sh"); I saved it to ~/bin/, but you can put it anywhere you want. Be sure to type 'chmod +x /Users/luomat/bin/keep-my-app-running.sh' (or wherever it is saved) to tell OS X it is an eXecutable file. (Thanks to Justin for reminding me about this in the comments below.) Now, we need to tell cron to run it. Some folks will tell you to use launchd, but cron works well and it's easy, so we'll use that. To do that, create a ~/.crontab file using your favorite text editor. If it already exists, just keep whatever's there, and add this line at the bottom: */5 * * * * /Users/luomat/bin/keep-my-app-running.sh Change "luomat" to whatever your login name is, and change "keep-my-app-running.sh" to whatever you named the script. This tells cron to check if your app is running every 5 minutes or so. You can change the 5 to something else if you want to change the frequency. The last step is to tell cron to load the new file you've created: crontab ~/.crontab If you want to verify that it worked, run 'crontab -l' to see if your crontab is listed properly. It may also be a good idea to run 'crontab -l' before you begin in order to make sure that there isn't anything already in there. Most likely there isn't, or if there is, you already know about it. Update: As noted in the comments, cron works fine, but launchd can be configured to relaunch Dropbox as soon as it exits. I've enclosed a picture of a Lingon screenshot below, or you can see the plist that it creates. Lingon is no longer developed, but it works fine for me under Snow Leopard. I tried to use launchd to run a script at 0, 15, 30, and 45 minutes past the hour, which I can do in cron using this: */15 * * * * /path/to/script.sh but launchd didn't keep that schedule (for example, it posted at 11:48 and 12:03). So I decided to keep using cron for that, although launchd is a much better option for the 'keep alive' purpose. %Gallery-105694%
The story behind the Twitter worm
When we heard about this malicious JavaScript code that hit Twitter yesterday, we were kind of relieved: perhaps it was nature's way of ridding us of celebrity micro-bloggers. But as the day went on, it seemed that even if this were the case, a sordid tale was emerging: apparently the whole thing began with a Norwegian programmer named Magnus Holm, who had experimented with a flaw in Twitter's website that let users execute code on a mouseover. His version of the code simply replicated itself: "The purpose was simply to see if it was possible to create a worm," he told The New York Times, adding that he was surprised it had spread as quickly as it did. "Because it was very easy to delete the Tweet that contained the worm, I expected that everyone would just delete it the moment they realized that they've been 'infected.'" But soon enough, folks were updating the code for malicious purposes, including redirects to spam sites and, perhaps worst of all, Rickrolling. By 8:30 AM President Obama's Press Secretary Robert Gibbs had inadvertently sent the thing out to his followers, and by 10:00 AM (when Twitter had patched the hole) an estimated 200,000-plus users had been hit. Fortunately, it looks like things are back to normal, which reminds us: @justinbieber hasn't tweeted for over twenty-four hours. We hope he's OK!
'Rainbow tweets' start hammering Twitter after onMouseOver exploit discovered
Oh dear. Some wise guys have discovered a JavaScript exploit in Twitter's web interface, which uses an onMouseOver instruction to hijack your own tweeting voice and force you to say things you don't want to say. Simply put, hovering on some of these colorful new tweets can result in you tweeting out the spammiest spam you ever did tweet. So, as with Tetris, be wary of those blocks of color, they are the harbingers of doom. And until the Twitter crew wrap their brains around sealing this vulnerability off, we'd recommend just using any of the cornucopia of Twitter apps floating about in the webosphere. [Thanks to everyone who sent this in] Update: The Twitgineers are already dealing with the issue and are rolling out a patch that should span the entire Twitterverse before too long.
