AlbertPacino
Skilled
While most developers point to dramatic changes in Tiger's kernel as the reason, several claim that part of the problem is one or more bugs in the kernel of Mac OS X 10.4, bugs that they say Apple has acknowledged and has promised to repair.
Apple declined to comment.
Incompatibilities with Tiger exist for a large variety of network software, including VPN clients from a variety of vendors, file sharing and Active Directory integration products from Thursby Software Systems Inc. and others, and network encryption software, including PGP Desktop from PGP Corp.
A Microsoft Corp. spokesperson said that Virtual PC 7's Virtual Switch networking option does not function under Tiger. This option allows a virtual machine running Windows to have its own connection to the Internet. The company will issue a free patch within two to three months.
"There have been some changes in the innards of Tiger that are not completely compatible with what we do and what other people do," said Chris Chen, general manager of Mobility Security Solutions at Apani Networks. The company's Mobile VPN for Nortel (formerly called the Netlock Contivity Client) isn't Tiger-compatible.
Much of the incompatibility is due to new kernel programming interfaces being introduced with Tiger and dropping of support for many developers' network kernel extensions. However, other developers say that in addition to these changes, there are bugs that Apple will have to fix before they can make changes to their software.
"There's not a reasonable thing we can do before Apple [issues a patch]," said Bill Thursby, CEO of Thursby Software. "We also have to wait for the fix to be publicly available."
Thursby is predicting that it will have Apple's fix in time to release its own fixes in August.
"We're doing our best to meet or exceed these expectations," he said.
Thursby also described the nature of the bug that affects ADmitMac, which provides Active Directory integration, and DAVE, an SMB file/print-sharing product.
"Simply, what happens is when you remove a code module from OS X, like we remove SMB, Tiger forgets that it's not there."
VPN client developers Equinux USA Inc. (VPN Tracker) and Lobotomo Software (IPSecuritas) are also saying on their Web sites that Apple will have to fix Tiger before they can adapt their own products. It is not known whether the Tiger bug they refer to is the same bug the affects Thursby products. Equinux and Lobotomo were unavailable for comment.
VPN clients for Mac OS X appear to be almost universally affected. Every developer of third-party VPN clients that ZDI News talked to is recommending that customers not upgrade to Tiger. Last week, Cisco Systems Inc. announced that its VPN client was incompatible. Many VPN developers report very slow bandwidth through the VPN when running Tiger.
The VPN client developers expect to have fixes available sooner than Thursby and Microsoft.
Dan Sarel, director of VPN Solutions at Check Point Software Technologies Ltd., expects to have an upgrade for the VPN-1 SecureClient in a matter of days or weeks.
"So far the changes don't look that major to us in terms of how we attach," he said, "but as always with software, you can run into surprises down the road."
Chen said that Apani would have a fix for Mobile VPN for Nortel available later this month. Cisco said its fix would be available by mid-May.
However, Thursby doesn't blame Apple for missing the problems in the kernel before the release of Tiger.
"There were so many changes in the OS that we couldn't get to testing until the past 30 days," he said. "I can't really blame Apple for not immediately recognizing [the bugs]. I'm sure they'll fix it in the short term."
Thursby also thinks users will benefit in the long run.
"There are a lot of changes that aren't apparent to the general users. Obviously this is in preparation for future enhancements."
Source