WTVN Radio • Columbus, Ohio • Sunday morning from 8 until 9

Is this information useful? If so, consider
making a contribution, please.

Sunday, April 11, 2004

Random thought:

Pack your Suitcase and let's go!

Suitcase has been an important application on Macs for years. I'd say how many years, but I don't have a clue. It's been a long time, though, because earlier versions of the operating system had severe limitations on how many typefaces could be retained in memory simultaneously. OS X has changed the equation substantially and version 10.3 of the operating system includes, for the first time, Apple's own typeface manager. Does that mean Mac users no longer need Suitcase?

That depends. If you're a graphics professional, you still need suitcase. If you're the kind of person who uses the handful of typefaces that came with your Mac, the built-in font manager is adequate. Between those two extremes are a lot of people who might be able to get by with the operating system's font manager, but who also might be better served by Suitcase.

Suitcase X1, released late last year, is clearly a far more robust application than what Apple provides. The more typefaces you have, the more important Suitcase becomes. And for creative professions who need to examine the nuances of various typefaces during the selection process, it's indispensable.

Even OS X bogs down if the user installs hundreds of typefaces simultaneously. But the person who works on several projects, each of which might require a variety of specific typefaces, installing and removing typefaces can be both a time waster and a source of constant annoyance. Suitcase simplifies the process by automating it.

The Suitcase preview pane shows what a typeface looks like without forcing the user to install it. And for those times when a designer wants to compare the appearances of several typefaces, it's easy to view them all on screen.

Users can add keywords and styles to categorize typefaces. This is a crucial feature for those who have thousands of typefaces on their machines. Besides using the application's pre-defined styles, users can create their own.

Then users who need to find a typeface can search based on the typeface's name, the assigned style, or a key word. All faces used by the Fubar Company could easily be tagged "fubar", for example.

Extensis has a licensing agreement with FontDoctor, and this allows Suitcase to scan for corrupt fonts and then to repair the font, if possible.

Just as on the Windows platform, duplicate typefaces can be a problem on the Mac. Suitcase allows users to identify duplicate typeface files, to select the file that should be used, and to delete the extraneous copy.

With this version of Suitcase, Extensis had added auto-activation support for QuarkXPress. The feature also works for Adobe InDesign and Adobe Illustrator. Suitcase automatically activates any typefaces that are not active but are used in an application file -- including those in embedded in EPS files -- when the file is opened.

For additional information on Extensis Suitcase X1, visit the Extensis website.

Technology corner rating for EXTENSIS SUITCASE (Mac)
	NINE CATS: Anyone who has more than 100 typeface files needs a typeface manager. On the Mac, that means Suitcase even if you're using OS X 10.3.
How the Technology Corner rating system works.

Suitcase costs $130 for new users, with upgrades priced at $50 for previous users and $60 for users of FontReserve.

MenuMaker:
Choose one from column A and two from column B

Receiving a new release from Xara is almost always a treat. The company is responsible for several products that make short work of time-consuming tasks. MenuMaker is a good example of this. Making a website menu that uses roll-over effects and click-effects isn't particularly difficult, but it can take a lot of time to make all the alternate-state graphics. And then you still have to write or buy the Javascript code that runs everything and test it with a variety of browsers and operating systems to be sure that it works.

Wouldn't it be nice if you could just fill in the blanks to set up menus and sub-menus, choose typefaces and colors, then click a button and let a program generate everything needed for the site menu?

It would be and you can do this with MenuMaker, which Xara has just upgraded from version 1.0 to 1.1.

The menu directly above "works" but none of the links goes to a useful page. Drag your mouse over it to see how it works. I developed this menu, complete with the links (even though they don't go anywhere useful, I created them), in less than 20 minutes -- and that included taking all the screen capture images so I can show you how it works!

What's new

The most important change is that MenuMaker now makes code that's compatible with more browsers. While it's true that most people use Internet Explorer, other browsers have loyal followers. Menus need to work with Netscape (Mozilla), Opera, and (on the Mac) Safari.

In addition to supporting all versions of IE (5 and above) and NN (6 and above), Menu Maker 1.1 supports Opera, Mozilla, and Safari.

The new version includes an updated FrontPage add-in and and updated Dreamweaver extension and these make using MenuMaker from within FrontPage and Dreamweaver easier. FrontPage 2000 through 2003 are supported as are Dreamweaver 3 through MX 2004 and Ultradev.

And Xara includes new templates: 23 new NavBar designs in up to 4 variations each, most with both horizontal and vertical designs. This increases the total number of NavBar templates to 55.

How easy is it?

A dozen or so easy steps takes you from no menu to a complete menu. Here's how I created the menu you see above. Click any of the images for a larger view.

	Open the application. You won't need my help to do this.
	This may be the most difficult step: Scroll through the dozens and dozens of samples until you find the one that suits your site. Before you do this, you should also know exactly how you want people to be able to navigate your website. Plan first, then create.
	If you prefer a different typeface than the one that Xara used, you can easily change it.
	Name each of the top-level menu items ("buttons").
	If you'd like to change the color scheme, you'll do that here. You have control over the color of text, the background, and (in this case) even the accent colors. The accent colors are used in the sub-menus.
	Some menus look good with a background texture or image. This one has so many fine details that it looks good only on a solid background. Trust me on this one. If I show you this menu on a textured background, I first have to pass out air-sickness bags.
	I wanted this menu to be a bit larger, and the change took about 3 seconds.
	Hovering the mouse over the menu, I was able to see how the interactive functions work.
	The next step involves creating sub-menus.
	Now when I hover the mouse, the sub-menus appear.
	All that's left is assigning links to each of the menu items. If you've ever created a Web page, you'll know how this works.
	I name the project and save it, which also creates the necessary HTML, Javascript, and images.
	The only complaint I have is that the Javascript created by MenuMaker is virtually unreadable. Everything is jammed together without any formatting. This may be intentional to keep people from stealing the code, but those who want to steal the code will, but those who want to learn from it will be inconvenienced. As far as I know, there is no performance advantage to be gained by removing all the whitespace characters from JavaScript.
	The HTML page that the application creates includes a small piece of code (highlighted in yellow) that you can copy into your own HTML.

Technology corner rating for MENU MAKER 1.1 (Windows)
	TEN CATS: There is simply no easier way to create dynamic HTML menus than MenuMaker. The program comes with a wide variety of "starter" menus and then allows the user to make extensive modifications to the appearance.
How the Technology Corner rating system works.

The upgrade costs $10 for the download version or $15 plus shipping for a new CD. New users will have to pay the full price, but even that is more than reasonable -- just $25, or $30 plus shipping if you want the CD. For more information, see the Xara MenuMaker website.

Saving time by using the UPS website,
losing time by visiting "The UPS Store"

Companies such as UPS make it easy to send a package, or so they claim. Sometimes reality differs a bit from the website hype. Here's an example of what can happen:

1. Guy has package that he needs to send to Nikon repair. Value $1400.
2. Guy goes to UPS website, fills out appropriate paperwork, pays approximately $40.
3. Guy prints labels, notes special message from website that explains package MUST be signed for.
4. Guy prints two copies of receipt as specified on website, affixes label, drives 5 miles to the closest "full service" "UPS Store" (not the much closer Kinko's, which could take the package but cannot sign for it.)
5. At the UPS Store (30 Dillmont Drive, north of Worthington) where he presents paperwork, package, and receipt, noting that the clerk must sign one.
6. When clerk refuses to sign the form, guy asks her to read the section that explains she should sign the form. When she refuses again citing "store policy", guy goes to the bank, makes a deposit, calls UPS customer service on his cell phone.
7. Guy returns to store with UPS customer support person on the phone and hands the phone to the clerk. The clerk refuses to sign, stating store policy.
8. Guy retrieves phone, leaves store, and continues conversation with UPS customer service representative, who then passes him along to the person who can accept a complaint. That person eventually passes him along to her supervisor.
9. UPS customer service apparently can lodge a complaint with the corporate office but because today is Friday, the guy won't hear from anyone until Monday.
10. Meanwhile, a camera in need of urgent repair will sit in a box for 48+ hours unless the guy wants to drive the package across town (about 20 miles) to the UPS hub, drive aimlessly looking for a UPS truck, or pay extra to have a driver come to get it.
11. Guy has already spent $40 and the better part of an hour fighting the UPS system and thinking good thoughts about FedEx. Promises himself that he will now avoid UPS whenever possible.

What we have here is an example of "customer service" that isn't. Each of the three people the guy spoke with was polite and sounded as if she cared, but not one of them could offer any real assistance. What I find really astounding is this: Nobody at UPS seems to have the authority to waive a silly $3 pickup fee. Waiving that fee and getting the package picked up that day wouldn't completely erase the guy's dissatisfaction, but it might have convinced him that UPS cares about its customers.

As you've no doubt guessed by now, the "guy" was me.

The website could have helped

If a company like UPS is going to have a website and if UPS will let anyone set up a "UPS Store" and use the UPS logo, then one of two things should happen:

1. Stores should not be permitted to set their own policies that are in direct opposition to UPS policies, or
2. UPS should highlight on the corporate webiste those stores run by people who set their own policies without regard to corporate policy or customer concerns.

Had the UPS website simply noted that The UPS Store at 30 Dillmont Drive has a policy that's contrary to corporate policy, I would have known better than to have gone there. As it was, UPS wasted my time and a clerk's time. Even worse, the apparent unwillingness on the part of UPS to empower its employees to solve problems for customers, has lost the company a customer. Granted, my "lifetime value" to UPS is probably measured in hundreds of dollars, but a company that loses enough such customers will see an effect on its bottom line. All it would have taken to keep 20+ years of goodwill would have been these words: "We'll have a truck at your office later today."

It's quite an accomplishment for the combined acts of a franchise operation (if that's what "The UPS Store" is) and corporate customer service to convert a long-time customer with whom the company had built up a lot of goodwill over the years into a boiling-mad former customer in about an hour.

Technology corner rating for UPS and THE UPS STORE
	TWO CATS: At least they were polite. Totally unhelpful, but polite. FedEx or the USPS are better choices.
How the Technology Corner rating system works.

Update (April 13, 2004)

I received a call from Teresa Austin in the Columbus office. My letter was apparently discussed at UPS headquarters and then forwarded here for response.

Ms Austin told me that they investigated and found (gasp!) that my complaint had merit. The website wording is absolutely clear, but only if you're a UPS employee who knows that "The UPS Store" operations are not "UPS-staffed".

I have been told that the website will be changed (but Ms Austin has no idea how long it will take) because the explanation on the website isn't clear. I have also been promised a full refund.

I found an off-hand remark somewhat enlightening. Apparently Ms Austin has dealt with customers who received impolite responses from the customer service department. She was happy (and somewhat surprised) that this hadn't happened to me.

Nerdly News

Reminder: An antivirus program is no longer optional

My primary problem with Norton is the significant resources the application needs -- enough to slow even a fast machine with a lot of RAM (2.4GHz, 1GB) -- so about a year ago, I switched to AVG Antivirus and have been delighted with its performance. I use the paid version at the office and the free version on my notebook.

The second-most-important point, though, is to have an antivirus program (about a dozen are available) and to keep it updated -- I set AVG to check for updates daily.

The most important point is that no antivirus program will catch every bad file thrown at it. Between the time a virus/worm is released and the time you AV program installs the updated definitions file, the provider must identify the threat, develop a strategy to eliminate the threat, prepare and test updates to the AV program, and make them available. This process routinely takes 72 hours or more. If you're one of the early receivers of the infected file, the only thing that will save you is your own intelligence NOT to launch an attachment unless you're absolutely certain that it's safe.

At least weekly visits to the Windows update site is a good idea, too, because Microsoft regularly issues patches for its operating systems and for IE. These are released on a regular schedule, but occasionally a serious problem makes it worthwhile to release an update prior to the next scheduled date.

Mac users need not be quite as vigilant, but cross-platform threats are becoming more common. On the Mac, I use Norton Antivirus because I haven't had time to research any other options. It seems not to create the performance degradation I noticed on the PC, even on a slow Ibook with not much memory (500Mhz G3, 512MB).

The latest MSIE security hole

THIS SECURITY BUG CAN BITE EVEN IF YOU DON'T USE MSIE AS YOUR DEFAULT BROWSER. That's because the exploit uses the ITS protocol handler, which calls MSIE unless you have specifically changed it. An exploit could allow a attacker to execute code with the privileges of the user.

Solution? Microsoft is working on it, but nothing currently exists. According to the Computer Emergency Response Team (CERT) at Carnegie Mellon University:

There is a cross-domain scripting vulnerability in the way ITS protocol handlers determine the security domain of an HTML component stored in a Compiled HTML Help (CHM) file. The HTML Help system "...uses the underlying components of Microsoft Internet Explorer to display help content. It supports HTML, ActiveX, Java, [and] scripting languages (JScript, and Microsoft Visual Basic Scripting Edition)." CHM files use the InfoTech Storage (ITS) format to store components such as HTML files, graphic files, and ActiveX objects. IE provides several protocol handlers that can access ITS files and individual CHM components: its:, ms-its:, ms-itss:, and mk:@MSITStore:. IE also has the ability to access parts of MIME Encapsulation of Aggregate HTML Documents (MHTML) using the mhtml: protocol handler.

When IE references an inaccessible or non-existent MHTML file using the ITS and mhtml: protocols, the ITS protocol handlers can access a CHM file from an alternate source. IE incorrectly treats the CHM file as if it were in the same domain as the unavailable MHTML file. Using a specially crafted URL, an attacker can cause arbitrary script in a CHM file to be executed in a different domain, violating the cross-domain security model.

Any programs that use the WebBrowser ActiveX control or the IE HTML rendering engine (MSHTML) may be affected by this vulnerability. Internet Explorer, Outlook, and Outlook Express are all examples of such programs. Any programs, including other web browsers, that use the IE protocol handlers (URL monikers) could function as attack vectors. Also, due to the way that IE determines MIME types, HTML and CHM files may not have the expected file name extensions (.htm/.html and .chm respectively).

Because there is currently no security patch available and because this exploit doesn't depend on the user's running MSIE as the default browser, caution is the best defense. Specifically:

• Disable Active Scripting and ActiveX controls: This will not eliminate the threat but will reduce the effectiveness of any hostile code you encounter. It may also make desirable functions stop working. Do not make this change on a corporate computer without first asking a system administrator.
• Do not follow unsolicited links: This is always good advice. If you wander down a dark alley at 2am because someone in the dark alley promised to give you something, you were negligent. It's the same with unsolicited links.
• Keep your antivirus software up to date: You know that already, right!

Alternatively, you could delete or rename this key in the Registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\{ms-its,ms-itss,its,mk}
Warning: Editing the Registry can be dangerous. Do not attempt it unless you know what you're doing.

Let us know what you think about this program! Write to:
Bill Blinn --
(wtvn@blinn.com still works)
Joe Bradley --

Joe
(Photo by Sally)

Bill
(Photo by Scampi)

Privacy Guarantee:

I HATE SPAM and will not sell, rent, loan, auction, trade, or do anything else with your e-mail address. Period.

This is the only ad you'll ever see on this site. It's for my website host, BlueHost in Orem, Utah. Over the past several years, they have proven to be honest, reliable, and progressive. If you need to host a website, please click the banner below to see what BlueHost has to offer.

TechByter Worldwide receives a small advertising payment for each new client that signs up with BlueHost but I would make the same recommendation even if the affiliate program didn't exist. (If you don't see a banner ad above and you would like to know more, this link takes you to BlueHost.)

As if you didn't already get enough weather on the radio!

If you do not see a Weather Underground banner above and you use ad-blocking software, please set your application to allow images from "www.wunderground.com" to appear.

Annoying legal disclaimer
My attorney says I really need to say this: The Technology Corner website is for informational purposes only. Neither Joe nor I assume any responsibility for its accuracy, although we do our best. The information is subject to change without notice. Any actions you take based on information from the radio program or from this website are entirely at your own risk. Products and services are mentioned for informational purposes only and their various trademarks and service marks are the property of their respective owners. Technology Corner cannot provide technical support for products or services mentioned on the air or on the website.