Tiger Bugs Break Networking Software

Developers warn users to wait before upgrading to Apple's new operating system, saying bugs and changes in the kernel are causing incompatibilities with certain network software programs.

Some enterprise networking software developers have discovered that their products are not compatible with Apple Computer Inc.s new "Tiger" operating system and are recommending that their customers hold off on upgrading to Tiger, Ziff Davis Internet News has learned.

While most developers point to dramatic changes in Tigers kernel as the reason, several claim that part of the problem is one or more bugs in the kernel of Mac OS X 10.4, bugs that they say Apple has acknowledged and has promised to repair.

Apple declined to comment.

Incompatibilities with Tiger exist for a large variety of network software, including VPN clients from a variety of vendors, file sharing and Active Directory integration products from Thursby Software Systems Inc. and others, and network encryption software, including PGP Desktop from PGP Corp.

A Microsoft Corp. spokesperson said that Virtual PC 7s Virtual Switch networking option does not function under Tiger. This option allows a virtual machine running Windows to have its own connection to the Internet. The company will issue a free patch within two to three months.

"There have been some changes in the innards of Tiger that are not completely compatible with what we do and what other people do," said Chris Chen, general manager of Mobility Security Solutions at Apani Networks. The companys Mobile VPN for Nortel (formerly called the Netlock Contivity Client) isnt Tiger-compatible.

Much of the incompatibility is due to new kernel programming interfaces being introduced with Tiger and dropping of support for many developers network kernel extensions. However, other developers say that in addition to these changes, there are bugs that Apple will have to fix before they can make changes to their software.

"Theres not a reasonable thing we can do before Apple [issues a patch]," said Bill Thursby, CEO of Thursby Software. "We also have to wait for the fix to be publicly available."

Thursby is predicting that it will have Apples fix in time to release its own fixes in August.

"Were doing our best to meet or exceed these expectations," he said.

Thursby also described the nature of the bug that affects ADmitMac, which provides Active Directory integration, and DAVE, an SMB file/print-sharing product.

"Simply, what happens is when you remove a code module from OS X, like we remove SMB, Tiger forgets that its not there."

VPN client developers Equinux USA Inc. (VPN Tracker) and Lobotomo Software (IPSecuritas) are also saying on their Web sites that Apple will have to fix Tiger before they can adapt their own products. It is not known whether the Tiger bug they refer to is the same bug the affects Thursby products. Equinux and Lobotomo were unavailable for comment.

VPN clients for Mac OS X appear to be almost universally affected. Every developer of third-party VPN clients that ZDI News talked to is recommending that customers not upgrade to Tiger. Last week, Cisco Systems Inc. announced that its VPN client was incompatible. Many VPN developers report very slow bandwidth through the VPN when running Tiger.

The VPN client developers expect to have fixes available sooner than Thursby and Microsoft.

Dan Sarel, director of VPN Solutions at Check Point Software Technologies Ltd., expects to have an upgrade for the VPN-1 SecureClient in a matter of days or weeks.

"So far the changes dont look that major to us in terms of how we attach," he said, "but as always with software, you can run into surprises down the road."

Chen said that Apani would have a fix for Mobile VPN for Nortel available later this month. Cisco said its fix would be available by mid-May.

/zimages/2/28571.gifTiger includes support for Kerberos-based VPNs and a stealth mode for its firewall. Click here to read more about some of the new security-focused features in Mac OS X.

However, Thursby doesnt blame Apple for missing the problems in the kernel before the release of Tiger.

"There were so many changes in the OS that we couldnt get to testing until the past 30 days," he said. "I cant really blame Apple for not immediately recognizing [the bugs]. Im sure theyll fix it in the short term."

Thursby also thinks users will benefit in the long run.

"There are a lot of changes that arent apparent to the general users. Obviously this is in preparation for future enhancements."

/zimages/2/28571.gifCheck out eWEEK.coms for the latest news, reviews and analysis on Apple in the enterprise.