Audacity on OSX Mountain Lion

Audacity is a free and open sound editor that works on many platforms, including OSX. It is capable of recording and editing vocals and music. However, because of the broken patent system in the US, you cannot open or save files in MP3 or M4A format. The workaround is to download the encoders from a country where the patent system isn’t broken and install them on your computer. The download process is simple. From the Preferences-Libraries section of Audacity click on the Download button for either of the Libraries. It should take you to this page. Follow the links to the download site and install the libraries. Unfortunately, Audacity doesn’t find the new libraries when using Mountain Lion (and I suspect the same is true on Lion). And when you try to find them manually, you can’t see the /usr directory where they are located. There is a simple fix that requires a single line in the terminal.

Open the terminal and you’ll see a command prompt. It should look something like this.
Copy text after the $ on the line below and past it after the $ in the terminal.
macintosh-users-computer$ sudo defaults write AppleShowAllFiles TRUE
You will get a prompt for your password. Enter your user password for the Mac.
Now restart the finder by going to the Apple in the top left of the screen and clicking on Force Quit option. Click on Finder and then choose Relaunch. The screen will go blank and all the icons will disappear. When they return open the Preferences-Libraries section of Audacity, click on the Locate button to locate the MP3 library and browse to the folder /usr/local/lib/audacity/. You’ll see a file called libmp3lame.dylib. Choose it. Restart Audacity and both the MP3 and FFmpeg libraries should show up.

Now go back to the finder and use the up arrow key to show the previous line. Backspace to change TRUE to FALSE and hit Return. Restart the finder and everything will be back the way it was.

Make a file invisible.

On Unix-like systems (e.g. Linux and OSX) you can make a file invisible with the following command:
setFile -a V /Users/userid/Desktop/untitled\ folder

To make it visible again, just change the V to a lower case v.
setFile -a v /Users/userid/Desktop/untitled\ folder

In this example, from OSX, I typed setFile -a V and then dragged a folder from the desktop to the command line. userid is really my userid. Unless you changed it, it is the same as your command prompt i.e userid$. It’s a bit harder to make a file visible, since you can’t drag it in from the finder.

OSX difference from Linux

If you want to rename a file from the command line you use the mv command. Escape special characters (like spaces, asterisks, quotes, etc.) with a backslash. The backslash character itself is escaped with a backslash. So for example, ‘girl w/ hoop’ would be ‘girl\ w\/\ hoop’

I tried running this command


and got back this error message

usage: mv [-f | -i | -n] [-v] source target
       mv [-f | -i | -n] [-v] source ... directory

You can also put the file name in quotes like so


And you don’t need to worry about spaces and special characters.

Except that OSX doesn’t treat the / in a file name as a slash. It coverts it to a colon.

To see this, drag a file with a forward slash from the desktop to the terminal. Note what happens.

/Desktop/GIRL\ W:\ HOOP.jpg

Spaces are escaped, but the forward slash is converted to a colon.

So to get my move command to work I need to do this.


And it’s happy.

Roxio Toast – Crashes

We’re redoing all of our software so that it works on OSX Lion so that means lots of Toasting. A couple of times I went home without quitting Toast and the next morning it was frozen. Force quitting got out of the app but it wouldn’t launch. I tried removing the preferences files. Still no luck. On two occasions, I reinstalled the app and it would still not open. The only solution I have found is very un-Mac like—reboot the computer. It’s worked the last two times so I think that’s the solution to freezes.

Password Strategy

I just checked and I have over 100 UserIDs and passwords. The vast majority of them are for sites that don’t have any of my personal information but require registration before viewing or commenting. I don’t really care if someone hacks into those sites with my UserID. For those sites I use a weak password protection scheme. I use the same UserID and a password that has a codeword, numbers, and something specific to the site that I can remember. I’ll let my browser remember the UserID and password, but sometimes I’ll have to type it in. So, lets assume that my UserID is WellGolly and I want to register with the New York TImes. The first part of my password will be NYT followed by a code word. Here’s where you get creative. Make up a pseudo-word like delk or kifr. It helps if it is easy to type i.e. the keys are next to each other on the keyboard like these. (But not qwerty or asdf.) Then add a number to the end. Pick something like the first four digits of your locker combination in high school, your street address when growing up, or the year you graduated from high school. Then add a special character like ! or #. That should satisfy most password checkers and no one is going to guess the password. So my hypothetical New York Times password would be, NYTkifr3212!. My Washington Post password would be WPkifr3212!. A lot of places use your member ID as your UserID. There’s no way I’m able to remember all these, so I’ll let the browser remember them for me. For all of the sites in this category, I’ll let the browser or operating system remember my UserID and password.

The second kind of password is one where they have my credit card information. For these I never use a UserID that is visible on the web. They frequently use email addresses as UserIDs so it’s hard to get a secure UserID to use on these sites. For these sites, when I want to receive their spam I create an email account with their name as my email address. e.g. or I can filter their email and look at it from time to time. For sites where I don’t want to receive spam, I use This goes directly into the trash and I only look at it if I need to reset my password or go through a confirmation link to activate my UserID on the site. If you don’t have your own domain to play with, set up a free account at Google or Yahoo and use it only for registrations. The other benefit of this strategy is that if one of these sites is cracked, the crackers can’t use the email and password information from the cracked site on a different site.

I use the same strategy as above, just a different code word and number than the one for the throwaway sites. I let very few websites keep my credit card information—usually only places where I make frequent purchases. And by frequent, I really mean frequent—like weekly.

The third kind of password is for banks and credit card companies. Here I use a different code word for each account. That way, even if someone knows my strategy for choosing passwords, and my throwaway code word, there is no way they can guess the password. I’ll also use a number that is secure but that I’ll remember—like the number for the garage door opener or the security code for the alarm at the office. The codeword is something that is associated with the bank, like My password at Bank Of America might be, BOAcindr1875!#. I use these often enough that the codeword is easy to remember.

Banks are starting to use additional questions to verify your identity. Unfortunately, the questions they pick aren’t things I can remember. They used to ask things like mother’s maiden name and city where you were born. I know the answer to those kinds of questions. They’ve moved to questions that can’t be googled. One account wanted to know my favorite candy, color, and band. I won’t be able to remember what I told them so I’ll have to write the information down somewhere. On a Mac, you can use Keychain Access to create a secure note where you can write that stuff down. It’s a very bad idea to keep that information in a regular text file. If you don’t have a way to save it securely, then write it down on a piece of paper and store it somewhere secure.

Keychain Access (and other password managers) will let you test how easy it is for random crackers to crack your passwords. All of the passwords that are generated with these methods receive Excellent scores. You can get better scores by increasing the length of the password, and that might be something to consider.

For banks and credit cards, never ever let the browser or operating system save your id and password. If someone has access to your computer, then they have access to your accounts.

Update 2011-01-09: This article calculates the time required to hack a few common types of passwords. Dictionary words and random letters don’t take very long. A three word phrase takes basically forever. Add a few numbers and only the NSA is getting in.

Update 2011-07-18: The only secure password is the one you can’t remember. is an interesting read if you’d like to know more.