Rendezvous, Microsoft And Apple

serendigital writes "MacCentral reports that a BusinessWeek article entitled: 'A Rendezvous with Redmond?' has -- with Rendezvous -- created an actual threat to Microsoft. As reported by MacCentral, it's interesting to note that BusinesWeek's 'Byte of the Apple' columnist Charles Haddad is on temporary leave and this article was written by a substitute columnist."

Printer Sharing works great

[Anonymous Coward]

I know that USB printer sharing is not technically Rendevous yet, but new printers will support this. I was astonished when I was able to print off a printer shared on my brother's computer by simply clicking "printer sharing" on his computer. If this is how good it will get with any printer, the world will indeed be a better place.

If Redmond is smart, they will jump on the bandwagon. It would be great if I could communicate with my stupid XP box with my brilliant G4 iMac just as easy as it does the printer.

Re:Let them fight among themselves

[banky]

Not open source? [apple.com]

I wonder what that source download is.

Or mod_rendezvous for Apache.

Or the CVS access.

Re:Let them fight among themselves

[MouseR]

What the hell are you talking about?

Rendez-Vous is based on Zero-Config, an open-sourced standard.

Apple merely enhenced it a bit and wrote some high-level APIs for even speedier development. But it's just Zero-Config. Rendez-Vous sources are available as all Darwin source code at Darwin.org [apple.com].

Re:'Bill's Boxes' and 'Steve's Elegant Machines'.

[clasher]

No more insecure than dhcp, http, or smtp. Rendevous, as far as I can tell, are just some lower level protocols. Sure it relies on procedures like dynamic dns updates which can be insecure but they are probably no worse than dhcp. From the few documents I have read about Rendevous it looks like a very elegant solution, it uses existing technology from approved RFCs.

What that means is that Rendevous need not worry so much about security, instead security will be left up to the other pieces, maybe something like secure dns [is.co.za]. Much like http was later secured by wrapping it with SSL, telnet evolved into SSH, Rendevous can be secured with other mechanisms.

Re:'Bill's Boxes' and 'Steve's Elegant Machines'.

[Anonymous Coward]

At the risk of sounding like flamebait, I'm writing right now from a Linux box. Is it my imagination, or does Rendevous sound like the most insecure application ever designed?

Rendezvous is not an application. It's a networking standard that allows software/devices to broadcast services they provide, as well as look for services they need. It's no more or less secure than any app designed to use it. I can use nmap to scan you network for open ports, doesn't mean tcp/ip is insecure.

If it isn't, what ABOUT Linux?

Rendezvous is open source. Plus it's an implementation of the ZeroConf standard. If you want it for Linux, feel free to port it.

Alex Salkever is not "a substitute columnist"

[rpiquepa]

Charles Haddad is on leave for a while now. Alex Salkever, Technology editor for BusinessWeek Online, is replacing him since his last column, which appeared on November 13, 2002. So, he's not really "a substitute columnist." Since then, Salkever wrote several articles about Apple including "A Rendezvous with Redmond?". You can read What's with the Hassles from Apple? (January 29, 2003) [businessweek.com], THE Key to User-Friendly Computers? (January 22, 2003) [businessweek.com] or this other column [weblogs.com]), or Is Apple Getting Too Cool Again? (January 15, 2003) [businessweek.com].

Re:'Bill's Boxes' and 'Steve's Elegant Machines'.

[dhovis]

Um...

Rendevous is a protocol, not an application. It just provides autodiscovery of available services on a single subnet. For example, someone created a Rendezvous module for Apache which allows Macs running Safari to automatically see that the server is there. Does that make Apache less secure? Security is up to the individual services to provide.

Rendezvous is Apple's name for the IETF standard "zeroconf". Nobody has implemented it on Linux yet, but I'm sure people are working on it.

Re:Where is Open Source Rendezvous?

[davebo]

Looks like there are sourceforge projects here [sourceforge.net] and here [sourceforge.net] (although the first project actually has code, and the 2nd looks just like a description.)

Not to mention you can get the "real" rendezvous source here [apple.com] from Apple.

Re:'Bill's Boxes' and 'Steve's Elegant Machines'.

[sakeneko]

Is it my imagination, or does Rendevous sound like the most insecure application ever designed?

If it's your imagination, it is mine too. I work for a company that makes application level firewalls for web servers ( Teros [teros.com] ), and we make our living off of insecurities in networks and networked software. This sounds like something our marketing guys are gonna love. <wry grin>

Apple has posted a technical brief on Rendezvous [apple.com] on their web site. I grabbed a copy, and will read it later when I have the time.

Personally, I'm going to want a whole lot more details about Rendevous, and testing of it, before I'd consider enabling it on any computer I owned, though. And I'm seriously considering a switch to the Mac platform when I buy my next personal laptop.

Re:scarey

[Anonymous Coward]

You've missed something. Rendezvous is more like DHCP plus a services directory. It doesn't automatically give you -access- to all of these services. It just lets you know that they're there, and it takes care of all the setting-up-and-connecting details. Once you try to access the service that Rendezvous has found, you may be required to authenticate etc. depending on how you've set it all up.

For example, Rendezvous will show me that there is another computer on my local network and that it has been set up as a file-server. You need zero configuration to do this: plug two completely unconfigured computers into a crossover cable, and all of a sudden you'll have that fileserver available. Buuut to actually surf through the fileserver's stuff, you'll have to put in a username and password if you want to see anything other than the public folders.

Re:simple != insecure

[kakos]

I do know that it isn't on by default. So, it isn't something that is automatically on my iBook and my music files are being broadcast to everyone in the world without me knowing it. It is something I physically have to turn on, and I'm pretty sure you have to set which files are shared and such.

Re:scarey

[bnenning]

It seems to me that zero configuration automatic sharing of resources is exactly what I don't want

It's not automatic sharing, it's automatic discovery. Rendezvous will tell you that there's a machine providing a particular service on your LAN, but that doesn't necessarily mean you'll be able to gain access to it.

Re:Home usage only

[d3xt3r]

... but with all of these broadcast packets i would imagine it would saturate a low speed (read:wireless) network.

Although wireless networks offer slower bandwidth than their wired counterparts, they do offer one advantage over hard-connected ethernet: they don't suffer from the same saturation problems. While 100 demanding users could quickly saturate a shared 100 MB/S wire, the same users on wireless will not interfere with eachother. Wireless scales much better than you seem to think.

Secondly, a couple hunderd extra broadcast packets aren't going to saturate a 100 base-t network. A packet is tiny. If I do a tcpdump right now, you wouldn't believe the number of broadcast packets flying around here at this moment. My network connnection isn't being adversely affected.

Also, I'd really differ with you that Rendezvous isn't useful in a business setting. Obviously it's not going to replace DNS for the majority of services, but it could seriously simplfy things like, printing, scanning, and maybe even some file sharing. I don't doubt that this technology will find a great place in the home, but it certainly doesn't mean it's useless to businesses. It's worth noting though that Rendezvous is limited to the current machine's local subnet.

PDF file on Apple

[nyc_paladin]

Here is a PDF file [akamai.net] that explains the technology behind this a little better...but does not go into too much detail regarding security. It sounds like you can choose what you want to share.

It scales much better than previous protocols.

[Paradox]

You'd be surprised how well this actually scales. That is one of the whole points. Rendezvous is a replacement to AppleTalk, and as such one of the major goals is not to saturate the network like other more chatty protocols.

For instance, each host implements an aggressive caching scheme so if one host asks for data, other hosts can learn from its request. There is also an exponentially rising delay between each request, the assumption being a host that has been around a long time will continue to be around a long time. Further, Rendezvous requests are not just like broadcast pings. They have a very well defined (and specific) domain standard in multicast DNS. You could ask only for http servers running over TCP, or only iPhoto sharing servers. This cuts down on the traffic.

Of course, the other problem is the dynamic IP address assignment. It chooses an IP out of a /16 subnet. In short, in order for there to be a high probability of collision there need to be more than 32768 hosts, and even then it'll converge quickly. The Zeroconf spec gives upper bounds on how many hosts should be in a zeroconf network.

The whole idea of this system is to allow small isolated subnets (like a wireless zone) to auto-configure. After the first 20,000 devices, sure you might see some degredation in performance. Of course, imagine an admintaking care of a 20,000 device subnet. They end up like a cross between Jerry Lewis and Christopher Lloyd. If you need more subnets then you link them via a configured host. A proxy-gateway with rendezvous, forwarding only things that matter for this subnet, would be a pretty cool app too.

Zeroconf, especially in the home or small office setting, is really, really useful.

Rendezvous: The Security Answer

[burgburgburg]

Since Rendezvous is based on Zeroconf, here [ietf.org] is an paper explaining how to secure a zerconf network. Perhaps this will slow the FUD.

Rendezvous is (or will be) an Internet Standard

[mbone]

Rendezvous is not just an Apple product - it is on the way to being an Internet standard, with an IETF working group [ietf.org] and two Internet drafts in progress - one on Auto configuration of hosts [ietf.org] and the other on the Dynamic configuration of IP Addresses [ietf.org].

At the ZeroConf WG meetings I have been to, Microsoft was very much present, so I assume that they are well aware of this technology.

End the FUD

[burgburgburg]

As mentioned, since Rendezvous is based on zeroconf, here [ietf.org] is a paper explaining how to secure a zerconf network. Facts vs. FUD. Let the better approach win.

Interesting Rendezvous Links

[tds]

Zeroconf FAQ [zeroconf.org]

Apple Developer Site Apple Developer Site [apple.com]

SourceForge SourceForge [sourceforge.net]

Strangeberry Java implementation [strangeberry.com]

International University and Sun Microsystems supported a collaborative research program. Java source code [neato.org]

Why is everyone so clueless about this?

[amarodeeps]

I'm seeing a lot of knee-jerk reactions about Rendezvous and security. People are assuming that because the protocol is about making certain types of network configuration dynamic and simple, it is necessarily insecure. Well, I've got news for you: any type of connection from one computer to another is creating security issues. I mean...duh. Now, clearly using something like the zeroconf protocol is going to require stuff like...passwords and encryption and all the usual nonsense we need to make things secure. Oh, and a competent sysadmin administrating the system. So can we cool it with the frothing?

Now, if someone had some good comments on the security issues involved with the zeroconf protocol [zeroconf.org] itself, I'd like to read about it [cisco.com].

Re:ZeroConf on Linux? / Rendezvous is Open Source

[mrnick]

That is easy, as soon as someone implements Rendezvous, seeing how it is open source... I love Apple!

Nick Powers

BW's "Byte of the Apple" column

[Lumpish Scholar]

Charles Haddad is nothing but an apple apologist, a real zealot. Have you read his previous articles?

No, but you can find them here [businessweek.com].

Re:Home usage only

[mlyle]

Unless you're talking about the brand-spanking-new (and really cool, but stil unshipped) technology from Vivato, this isn't the way things work. There's only so much spectrum, and you can only fit so much data onto that spectrum. Adjacent access points need to be on different channels in most circumstances for this reason. There's only so much spectrum and you can only fit so much data onto it.

Vivato uses "packetsteering" (phased array technology) to receive different signals from different directions simultaneously. But existing 802.11b doesn't allocate a seperate 11mbps to each user. In fact, if you have just 1 802.11b user and 1 802.11g user, the 802.11g user will only get like 15-16mbps of throughput.

Final note-- you mean mb/s, not MB/s.

Re:Home usage only

[Jordy]

802.11b is a Direct Sequence Spread Spectrum (DSSS) technology with three full channels (most of the 11 overlap two channels.)

Each full channel is able to handle 11 Mbps. Since your access point only operates on one channel, your maximum throughput is 11 Mbps, period. Each wireless connection gets a portion of that using DSSS to keep interference between multiple wireless clients down.

Realistically, you get about 6 Mbps per access point. If you try transferring a file between two computers on the same access point, you'll see about 3 Mbps as it is essentially a half-duplex connection.

Re:Apple will not grow market share with a PC vers

[MesnerTrks]

I thought that enabling PC users to get the benifts was almost the point of this kind of thing. Instead of Apple trying to adapt to a Windows standard, everyone uses a standard that Apple knows pretty well how to deal with. Apple can play well with others using an open standard. They aren't the misfit children anymore.

Re:Nothing really new...

[Midnight Thunder]

Rendezvous seems to have a much greater chance of working. First, it is not language centric, as was JINI and secondly it is much easier to understand and implement. JINI tried to do too much and people just gave up trying to understand it.

If these Apple press release are anything to go by, then Rendezvous has already made huge headway:

• TiVo, Brother & Aspyr Announce Rendezvous Networked Products [apple.com]
• Developers Rapidly Adopt Apple's Rendezvous Networking Technology [apple.com]
• Epson, HP & Lexmark Support Apple's Rendezvous Technology [apple.com]

Although already posted in further down, here is Apple's page on Rendezvous [apple.com]. I want to see this technology work, because simplicity is what most people want. If its simple, then people just use the technology and don't notice its there - this is what future computing must strive to do.

Re:Sweet!!!

[clmensch]

First of all, you have to have the Windows networking client installed. That's usually not an issue, but it isn't something EVERYBODY uses. Then you have to search your local network for machines with shares...and if it's a big org that could mean many many options. Then you have know what shares on those machines house the directories you are interested in...and if the "mp3" directory isn't at the top level, you could have some perusing to do. Then when you find the directory, you have manually create a playlist in your player of choice...and repeat the process for each share you want to utilize.

With Rendezvous-enabled iTunes, your machine automatically finds all other machines on the network that are sharing via iTunes. It will even display their playlists so you don't have to create your own. You don't have to do anything but launch iTunes.

Your argument is like saying, "Sure I can microwave this microwaveable popcorn bag in two minutes...but my gas stove, popcorn popper cookware, bottled popcorn, and Wesson oil can make popcorn too, and only five times slower! And all I need to know is how much corn and oil to use!"

Rendezvous is Apple's implementation of ZeroConf.

[Woodie]

OK -

for the record, Rendezvous is the Apple implementation of ZeroConf, a protocol well on it's way to becoming a standard. Much like Apple renamed AltiVec the "Velocity Engine", it's something that Apple did not invent, and is simply incorporating into their system...

By-the-by, ZeroConf for wireless (at least 802.11b) works pretty good under Windows XP. It's not particularly restricted to any application - installing your wireless stuff in "Ad-hoc" mode (similar in many ways to the old AppleTalk approach) makes all systems in range visible. Gnutella, and most any networking capable application "Just Works" over it. I hadn't realized that Apple needed to specially adapt their applications to take advantage of ZeroConf, or as they like to call it, Rendezvous.

Don't get me wrong, Apple makes some nice looking hardware, and they have a great marketing team - but when you get right down to it, they're just like Microsoft. A business.

Re:'Bill's Boxes' and 'Steve's Elegant Machines'.

[clasher]

Sorry, I read a few different zero conf related RFCs the day I learned about Rendezvous and may be confusing them. What I was thinking of when writing that post though was from page 19-20 of this rfc refered to by apple's Rendezvous site (at http://files.dns-sd.org/draft-cheshire-dnsext-dns- sd.txt DNS-Based Service Discovery) regarding service discovery in larger network situations

In larger networks, a high volume of enterprise-wide IP multicast
traffic may not be desirable, so any credible service discovery
protocol intended for larger networks has to provide some facility to
aggregate registrations and lookups at a central server (or servers)
instead of working exclusively using multicast. ...

Service discovery needs to be able to provide appropriate security.
DNS already has existing mechanisms for security [RFC 2535].

In summary:

Service discovery requires a central aggregation server.
DNS already has one: It's called a DNS server.

Service discovery requires a service registration protocol.
DNS already has one: It's called DNS Dynamic Update.

Service discovery requires a query protocol
DNS already has one: It's called DNS.

Service discovery requires security mechanisms.
DNS already has security mechanisms: DNSSEC.

Service discovery requires a multicast mode for ad-hoc networks.
DNS doesn't have one right now, but it will soon, to meet Zeroconf
requirements.

It makes more sense to use the existing software that every network
needs already, instead of deploying an entire parallel system just
for service discovery.

Re:'Bill's Boxes' and 'Steve's Elegant Machines'.

[PetWolverine]

It seems to me like Rendezvous is just a means for other computers to find your computer, not a way for them to actually connect to them. If your computer is secure, you should be able to enable Rendezvous without causing problems. If it's not, then the security-through-obscurity of keeping it turned off isn't going to help you much.

Re:ZeroConf on Linux?

[Anonymous Coward]

zcip [sourceforge.net] has been available in the kernel for more than a year. Last I looked, it hasn't received a great deal of fanfare. It is an incomplete implementation of the spec. Most of the recent updates have usually dealt with handling incompatibilities with Microsoft's incorrect implementation of zeroconf protocols in Windows.

Remember that Rendezvous is really a packaging of three separate protocols, not just zeroconf. So full Rendezvous support in Linux requires more porting work.

Re:On leave? Good

[bigBlackSabbath]

All my Macs running can browse my windows NT domains as well my Samba Domains, no problem.

Maybe your problem has to with the way your network is configured (I'd check out your WINS server as a hunch). OS X is using Samba. If you want to figure out why you can't browse, try checking the Samba page (or do a Google search).

Just because it doesn't work for you doesn't mean that it doesn't work.

Re:On leave? Good

[Oculus Habent]

All I have to do to browse a Windows network is click in the box in the Connect To Server Windows - everything comes right up, workgroups/domains first.

Re:On leave? Good

[pete_p]

I love OSX and think it a vastly superior desktop OS to either XP or Linux with KDE or Gnome. However, having said that, there clearly are things OSX doesn't yet do easily. Try browsing a Windows network. Yes you can connect, but (to quote an earlier post) you have to write down the address. There isn't anything equivalent to clicking on Network Neighborhood or Computers Near Me and seeing everything. You have to know IP addresses and so forth for printers. Further the printer drivers for OSX are often inferior to XP versions.

In 10.2, Connect to Server will list Windows workgroups and machines.
At least, it does on my machine. Try clicking the down arrow to the right of the At popup?

Re:Rendezvous is Apple's implementation of ZeroCon

[Elwood P Dowd]

Apple was also involved in the creation of the Zeroconf standard with the IETF. I'm not sure what your point is.

Re:i'm sure that M$ is just shakin in their boots.

[Anonymous Coward]

the original tray loading iMacs (333 Mhz G3 Rev C and earlier) have the paper clip reset button located on the right side in the same area as your other ports. Beginning with the slot-loading iMacs, Apple changed from the paper clip reset button to a simple button you press with your fingertips.

Re:Home usage only

[Cajal]

A lot of the technology behind this seems very cool in nature, but just like AppleTalk (which had many similar zeroconf features) i can't imagine it will scale very well. Although this article would love you to think otherwise, I would imagine this whole thing would have more of an effect on the home market then on the buisiness market. I can see not wanting configure applications on small network, but with all of these broadcast packets i would imagine it would saturate a low speed (read:wireless) network.

Actually, ZeroConf contains many provisions for scalability:

• It is just using DNS packets, which have no connection overhead, and are small.
• It can pack multiple DNS queries or answer into a single packet, reducing protocol overhead.
• All DNS traffic is multicast. Other hosts on the network can see responses to your queries, and cache this information. They then suppress their own queries for similar services (i.e., if you just looked for IPP printers, and 5 min later someone else wants to, that person can just use the cached information from your query).
• Devices announce their presense when they join a network, but the frequency of these announcements is reduced exponentially, up the rate of about 1/hour.

• Apple has said that they designed ZeroConf to generate significantly less traffic than AppleTalk.

How to Re-name that printer

[Dragonfly]

Assuming it's not secured and you don't fear for your job if you try this, either:

• Point a web browser to the printer's IP address (the browser must identify itself as IE for Windows) and name it there using the built-in admin tools; or,
• Go to hp's site and download the Mac drivers for the printer. Included will be the HP LaserJet Utility, a Classic app that you can use to set up HP JetDirect cards. Just use it to select the printer and give it a nice, humane AppleTalk name.

Re:Rendezvous is Apple's implementation of ZeroCon

[tupps]

While they didn't invent zero-conf I believe that the head of the steering committee is and has been a full time Apple employee.

Re:Frying Pan; Fire

[nitehorse]

They tried that, back in the days when Gil Amelio was running things, in case you don't remember.

It almost drove them out of business.

No, Apple's doing exactly what they should, and they're being extremely successful with it.

The thing is, the style of their machines is one of the selling points - it resonates with the art crowd, as well as the very rich, as well as the "I'm totally computer-illiterate and I don't care" crowd who just wants a machine that works. Their hardware isn't cycle-for-cycle competitive with x86 machines, so putting it in ugly boxes and charging less would kill them. End of story.

Take a look at their history sometime. Interesting stuff.

Re:Networking for dummies...but

[hawkbsd]

I think you're confusing what Rendezvous is doing. It's just a discovery protocol. On the server side, it advertises the existence of a service available on a particular port. On the client side, it browses for services of a particular type. It does this only on the local subnet.

When a client tries to contact a server, that's when the firewall rules/access control lists/what-have-you kick in. There's nothing keeping you from restricting the incoming connections by IP, or having the server ask for a password. The former is a firewall-level restriction, and the latter is about the specific protocol you're using.

Re:On leave? Good

[nonsuchworks]

Precision CD Ripping. I can 100% automate the process of dual ripped and verified .wav files using exact audio copy (freeware) on windows and have them auto-encoded to OGGs. Nothing like this on OS X.

I'm not sure I understand this process exactly, or which functionality you're missing, but if it's the lack of automation that rankles, you need to start investigating AppleScript [apple.com]. It's a falling-off-a-log easy scripting language that allows you to hook into OS and 3rd-party apps to automate routine tasks. Like I said, I'm not sure I quite get what you're up to, but I'd be willing to wager that a script that tapped into the Finder and, say, Toast would do everything you needed.