Scan array for row above a certain value

Similar Messages

• Bug: when fetching arrays of rows with null data values

  Using Oracle ODBC Driver 8.01.73.00 or 8.01.74.00 (called
  8.1.7.3.0 and 8.1.7.4.0 on the Oracle downloads page).
  When fetching multiple rows, and where some of the data is null,
  the the indicator variable quite often (but not always) has
  incorrect values.
  Is this a known bug? This seems like something that lots of
  people would encounter so I find it hard to understand why it
  hasn't already been fixed.
  Also, how do I report this as a bug to Oracle? I couldn't find
  the place on the site to do this.
  To reproduce:
  Create the following data in Oracle
  create table null_test
  item_id number (10, 0) not null,
  data1 number (10, 0) null,
  constraint null_test_pk1 primary key (item_id)
  insert into null_test (item_id) values (1);
  insert into null_test (item_id) values (2);
  commit;
  When you run the code to print out indicators and values, you
  get this output
  4: 1 -1:
  4: 2 0:-858993460
  The code to do this is as follows (put in your own values for
  the #defines at the top)
  #include <windows.h>
  #include <sql.h>
  #include <sqlext.h>
  #include <stdio.h>
  #define DB_NAME ""
  #define USER_NAME ""
  #define PASSWORD ""
  #define TEST_RETVAL(R) if (R != SQL_SUCCESS && R !=
  SQL_SUCCESS_WITH_INFO) return 1;
  int main()
       SQLRETURN retval;
       SQLHENV henv;
       retval = SQLAllocHandle(SQL_HANDLE_ENV, SQL_NULL_HANDLE,
  &henv);
       TEST_RETVAL(retval);
       retval = SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION,
  (void*)SQL_OV_ODBC3, 0);
       TEST_RETVAL(retval);
       SQLHDBC hdbc;
       retval = SQLAllocHandle(SQL_HANDLE_DBC, henv, &hdbc);
       TEST_RETVAL(retval);
       retval = SQLConnect(hdbc, (unsigned char*)DB_NAME,
  SQL_NTS, (unsigned char*)USER_NAME, SQL_NTS, (unsigned char*)
  PASSWORD, SQL_NTS);
       TEST_RETVAL(retval);
       SQLHSTMT hstmt;
       retval = SQLAllocHandle(SQL_HANDLE_STMT, hdbc, &hstmt);
       TEST_RETVAL(retval);
       const char* Query =     "select item_id, data1 from
  null_test order by item_id";
       const int NumRows = 13;
       int NumRowsFetched;
       retval = SQLSetStmtAttr(hstmt, SQL_ATTR_ROW_BIND_TYPE,
  SQL_BIND_BY_COLUMN, 0);
       TEST_RETVAL(retval);
       retval = SQLSetStmtAttr(hstmt, SQL_ATTR_ROW_ARRAY_SIZE,
  (void*)NumRows, 0);
       TEST_RETVAL(retval);
       retval = SQLSetStmtAttr(hstmt,
  SQL_ATTR_ROWS_FETCHED_PTR, &NumRowsFetched, 0);
       TEST_RETVAL(retval);
       SQLINTEGER rgnItemId[NumRows], rgnData1[NumRows],
  rgnData2[NumRows];
       SQLINTEGER rgnItemIdInd[NumRows], rgnData1Ind[NumRows],
  rgnData2Ind[NumRows];
       retval = SQLBindCol(hstmt, 1, SQL_C_LONG, rgnItemId, 0,
  rgnItemIdInd);
       TEST_RETVAL(retval);
       retval = SQLBindCol(hstmt, 2, SQL_C_LONG, rgnData1, 0,
  rgnData1Ind);
       TEST_RETVAL(retval);
       retval = SQLExecDirect(hstmt, (unsigned char*)Query,
  SQL_NTS);
       TEST_RETVAL(retval);
       for (int i = 0; i < NumRows; i++)
            rgnData1Ind[i] = rgnItemIdInd[i] = rgnData2Ind
  = 0;
       while ((retval = SQLFetchScroll(hstmt, SQL_FETCH_NEXT,
  0)) != SQL_NO_DATA)
            TEST_RETVAL(retval);
            for (int i = 0; i < NumRowsFetched; i++)
                 if (rgnData1Ind[i] == SQL_NULL_DATA)
                      printf("%2d:%5d %2d:%6s\n",
  rgnItemIdInd[i], rgnItemId[i], rgnData1Ind[i], "", rgnData2Ind
  [i], rgnData2[i]);
                 else
                      printf("%2d:%5d %2d:%6d\n",
  rgnItemIdInd[i], rgnItemId[i], rgnData1Ind[i], rgnData1[i],
  rgnData2Ind[i], rgnData2[i]);
            for (i = 0; i < NumRows; i++)
                 rgnData1Ind[i] = rgnItemIdInd[i] =
  rgnData2Ind[i] = 0;
       retval = SQLCloseCursor(hstmt);
       TEST_RETVAL(retval);
       retval = SQLFreeHandle(SQL_HANDLE_STMT, hstmt);
       TEST_RETVAL(retval);
       retval = SQLDisconnect(hdbc);
       TEST_RETVAL(retval);
       retval = SQLFreeHandle(SQL_HANDLE_DBC, hdbc);
       TEST_RETVAL(retval);
       retval = SQLFreeHandle(SQL_HANDLE_ENV, henv);
       TEST_RETVAL(retval);
       return 0;

  We get this problem too. We do a large fetch (200K rows)and find
  that not only do the null indicators report incorrectly, but the
  data for the nullable column is corrupt as well.

• I want to identify the global indices that correspond to elements of buffered arrays that are above a certain threshold

  I am logging ECG data and am wanting to compute the distance between successive heart beats online. What I need to do is identify WHEN heart spikes occur so that I can measure the time between two beats. I am using continuous buffered acquisition.

  Thanks for the response. I am having some trouble with indices. Everytime I identify a spike, I want to grab its position. To this end, I have a case structure conditioned on the identification of the spike (a simple comparison with a floating threshold). For TRUE, I write to file the index of the main while loop multiplied by the scans/iteration added to the index value of the buffered data. This works fine for the first read, but is offset increasingly on subsequent reading cycles. What am I doing wrong?

• List rows with a certain value from a different table?

  Hi,
  I'm trying to list certain rows from a different table. Similar to the filter feature, kind of like a report.
  To be specific, I have 12 tables (Jan-Dec) with many entries each (as rows). Each row has a date, text and further data. Now I want to create an additional table that lists rows from the other tables that have a certain date.
  I would like to just enter that date in a header row cell so I can make a quick query. Using LOOKUP only shows the first row of that date. Is that even possible?

  Hi papalapapp,
  If you don't mind using a script, you're using Numbers 3, and all of your monthly tables are on the same sheet, then you could do something like this:
  Copy-paste script to Script Editor
  Enter date you want to filter on in the designated filterCell (here A1 of the Extract table). Make sure it is formatted exactly like the dates in the monthly tables.
  Clear any existing values from the Extract table, and make sure there are enough blank rows.
  Click the run button in Script Editor.
  SG
  property targetTable : "Extract"
  property filterCell : "A1"
  tell application "Numbers"
    tell document 1's active sheet
    set dateFilter to table targetTable's cell filterCell's formatted value
    --get all data in tables (excluding Extract table)
    set vv to {}
    repeat with t in tables
    if t's name is not targetTable then
    set vv to vv & t's rows's cells's formatted value
    end if
    end repeat
    --filter data
    set vvFilt to {}
    repeat with i from 1 to vv's length
    if vv's item i's item 1 is dateFilter then
    set vvFilt to vvFilt & {vv's item i}
    end if
    end repeat
    --write filtered data to table
    tell table targetTable
    repeat with r from 1 to (vvFilt's length)
    repeat with c from 1 to vvFilt's item 1's length
    set row (r + 1)'s cell c's value to vvFilt's item r's item c
    end repeat
    end repeat
    end tell
    end tell
  end tell

• How to Search and Array for multiple occurrences of a value

  Hi,
  I am trying to search an array of doubles for a number and report the index location(s) of a number. I.e. -allow for repetition. Search and report all index[i] where the number is contained in the array. For example I have
  double[] myInputArray = new double[5];
  double[] myInputArray = { 1, 2, 3, 3, 5 }I know how to search through the array ONCE and return the first occurrence of a number:
  public double GetIndexOf(double Number) {
      for (int i=0; i<myInputArray.length; i++) {
           if (myInputArray[i] == Number){
                return(i);
      return(-1);
    }How do I expand this code to report multiple index[i] locations if the number reoccurs in the array like the number 3 does in my example array above?

  The way the Java libraries do this type of operation (String.indexOf(), etc) is to specify the starting index along with what you want to find.
  Changing your example slightly (notice how I fixed your naming and more importantly, your return type):
  public int indexOf(double num) {
     return indexOf(num, 0);
  public int indexOf(double num, int fromIndex) {
      for (int i=fromIndex; i<myInputArray.length; i++) {
           if (myInputArray[i] == num){
                return(i);
      return(-1);
  //usage to get all indices:
  for ( int index = -1; (index = indexOf(num, index+1)) != -1; ) {
     System.out.println(index);
  }Note that due to how floating point numbers work, you may find doing this on doubles (or any other operation that uses == with double arguments) to give you unexpected results.

• Retrieving the row number where a certain value exists

  Hi,
  I wanted to find out if there is a way to retrieve the row number of a row where a certain value exists. For example, if I had a query
  Create or replace Procedure p1
  IS
  v_Stmt varchar2(100);
  BEGIN
  v_Stmt := 'Select * from emp where lname = 'Davis'';
  Execute Immediate v_Stmt;
  END;
  SQL> exec p1;
  Then, I would like to find out that this name is on row 3.
  Can anyone tell me how this can be done?
  Thanks in advance.
  Sincerely,
  Nikhil Kulkarni

  theres is no rownum related to a particular row. A rownum is a pseudocolumn which value may be different for the same row depending on the query you do. What you can use is the rowid which is the row's address.
  HTH
  Maurice

• Pulse train generation fails with certain values for "number of samples"

  I'm generating a retriggerable analog output signal, and so I'm using a counter as the sample clock (see: Retriggerable AI Using Retriggerable Counter). I am finding that, above a certain number of samples, and only for certain values of the number of samples, the counter task gives me error -200305, "Desired finite pulse train generation is not possibe." The error crops up only when actually starting the task.
  The analog signal that I'm trying to generate will be about 800 kHz, so my counter is set to run at the same frequency. I find that the counter task works fine if the number of samples to generate is anywhere between zero and 671,088 samples. Setting the number of samples to 671,089 gives the error above, as does 671,090 samples and so on. However, using 671,096, the counter task works fine. After that, the counter seems to output fine only if the number of samples is divisible by 8.
  The only thing I can think of is that (617088 samples) / (800000 Hz) = 0.839 s. At the internal clock rate of 20 MHz, 0.839 s is 2^24 samples, and it is a 24-bit counter on this hardware. So if it's this internal counter rolling over, that's fine and I can work around that. But if that's the case, what I don't understand is why increasing the number of samples in increments of 8 samples still works.
  The hardware is a PXI-6733 board, running with LabView 7.1.1 and NI-DAQmx 8.1.

  Hmmm,  multiples of 50 & 100?  Now I'm puzzled again.
  Here's how to make sense of the 100 kHz timebase idea though, even if it turns out not to be the right explanation.  For a retriggerable finite pulse train, you actually use a pair of counters.  If you were to program it manually, you could set your output counter to generate a continuous pulsetrain at 800 kHz using the internal 20 MHz timebase.  This output counter would also be configured to use the other counter's output as a digital level-based pause trigger.  So the 800 kHz pulsetrain is only output while the other counter's output is, say, high.
  The other counter is configured for retriggerable pulse generation.  The pulse duration or high time should be set for (# pulses) / (800e3 pulses/sec).  This other counter can be configured to use the 100 kHz timebase, so its high time would then have to be an integer multiple of 10 usec.
  So let's see...  An 800 kHz pulsetrain is possible with a 20 MHz timebase (exactly 25 cycles).  A 700 kHz (28 + 4/7 cycles) or 900 kHz (22 + 2/9 cycles) is not.  So when you request those other frequencies, you actually get a near approximation.  I dunno if DAQmx can be queried for the actual value correctly or not -- I recall an early version that reported back whatever freq you had asked for rather than what it actually used.  Queries based on ticks (rather than time or freq) did return what was actually used, as I recall.
  Let's suppose a request for 700 kHz gets truncated to 28 cycles of the 20 MHz timebase making a 1.4 usec period.  Then 50 of those periods becomes 70 usec, which is evenly divisible by the 100 kHz timebase.  Bingo!  (Note: 70 is the least common multiple of 10 and 1.4)
  Now suppose the request for 900 kHz turns into 22 cycles of the 20 MHz timebase, or a 1.1 usec period.  Now it takes 100 of those periods to get to 110 usec, which is also evenly divisible by the 100 kHz timebase.  Bingo again!  (Note: 110 is the lcm of 10 and 1.1).
  Did you follow the method here?  It should help you figure out expected results for various output freqs and #'s of samples.
  -Kevin P.

• JTable row selection on certain cell values

  Hi Everybody,
  Here is the scenario. I have MyTableModel.java, MyTable.java and MyTablePanel.java etc classes. I want that user can only able to select the row in the table when there is certain data in the cell, otherwise user should not able to select the row.
  I know in advance that only one value form a pole of value can be in the cell, and I know all these pole data. Let say we have the three constant values in the pole i.e.. A, B, and C. I want that when there is "B" value in the cell, then user can select the row, in other two cases should not.
  What I did I looked the value form the TableModel for that cell, if the value is "B" then set the "flag" true otherwise false, and used this flag in the table.setRowSelectionEnabled(flag).
  The problem is that this method just read the flag at the start, even when the flags value changed, doesn't make any change.
  Is some body have any idea, how I can solve this problem.
  Thanks in advance

  It sounds like you are trying to catch selections from the user at the point where they click on the row, right? The problem is that the clicking event is what selects the row, so by the time you catch it in an event handler, the selection has been done.
  I guess the best way to do it is to have a MouseListener on the table which intercepts the click and checks the value held in the cell. If the cell displays a value the user shouldnt be able to select, it should set the selection in the table selection model back to empty.
  DS

• I want the max date but only look at rows with a certain category value.

  I want a way to get the max date but only look at rows with a certain category value - ignoring the other rows.  My detail table contains expenditures including date (col A) and category (col D) the number of rows will increase with expenditures over time.  My summary table will have a cell for each category and display the last expense date for that category using a functionality that I must ask of you, dear community.
  I am using the latest numbers on an iPad (4) with IOS6.
  Secondarily, I would like to add another cell in the summery table with the value (col E) of the last expense for each category.
  Thank you,
  Warren

  ...later...
  With the addition of an auxiliary column to the Main table, a second header row to the Most recent table, and a minor modification to the formula on the second table, the tables can handle a range of dates set by entering the first and last date into A1 abd B1 respectively of the summary table, Most recent.
  Note that the selected range, shown with a green background in the auxiliary column, does not contain any category B expenses. Using LOOKUP, this would result in a repeat of the January 6 expense bering listed in this row. Switching to VLOOKUP, which can be set to require an exact match, allows the result shown—if there are no expenses in a given category, the formula returns "none" (or whatever message you substitute for "none" in the formula in that column).
  Formulas:
  Main::A2: =IF(OR(B<Most recent :: $A$1,B>Most recent :: $B$1),"x"&E,E)
  Fill down to the end of column A.
  This column must be located on the left side of the table (ie. must be column A), but may be hidden.
  Most recent::A2: =IFERROR(VLOOKUP($D,Main :: $A:$D,COLUMN()+1,FALSE),"none")
  "FALSE" will display as "Exact match" in Numbers's formula editor.
  Fill down to the end of the table and right to column C.
  Regards,
  Barry

• Validate ascii value above a certain point javascript

  Hi guys,
  I'm wondering if it is possible to create a javascript function to validate within form items ascii values which are above a certain point, I would need to loop through the user input, through each character to check its ascii value but im unsure as to how to do this??
  T.I.A
  Stefan

  Hi,
  Something like
  function LoopStr(pStr){
  var a;
  var c=160;
  for(i=0;i<=pStr.length;i++){
    a=pStr.charCodeAt(i);
    if(a>c){j=i+1;alert('String '+j+' character '+String.fromCharCode(a)+' is not allowed');return false;}
  }Br,Jari

• How to ask for an array and how to save the values

  I'm supposed to be learning the differences between a linear search and a binary search, and the assignment is to have a user input an array and search through the array for a given number using both searches. My problem is that I know how to ask them how long they want their array to be, but I don't know how to call the getArray() method to actually ask for the contents of the array.
  My code is as follows:
  import java.util.Scanner;
  import java.util.ArrayList;
  public class Main
      private static Scanner input = new Scanner(System.in);
      public static void main (String args[])
          //creates ArrayList
          int List[];
          System.out.println("How long would you like the array to be?");
          int arrayLength = input.nextInt();
          //Initializes array list
          List = new int [arrayLength];
          System.out.println("Please enter the first value of the array");
      public static void getArray(int List[], int arrayLength)
          for(int i=0; i < arrayLength; i++) {
               System.out.println("Enter the next value for array");
               List[i] = input.nextInt();
       public static void printArray(int List[])
           for(int i=0; i < List.length; i++)
               System.out.print(List[i] + " ");
  public class search
      public static int binarySearch(int anArray[], int first, int last, int value)
          int index;
          if(first > last) {
              index = -1;
          else {
              int mid = (first + last)/2;
              if(value == anArray[mid]) {
                  index = mid; //value found at anArray[mid]
              else if(value < anArray[mid]) {
                  //point X
                  index = binarySearch(anArray, first, mid-1, value);
              else {
                  //point Y
                  index = binarySearch(anArray, mid+1, last, value);
              } //end if
          } //end if
          return index;
      //Iterative linear search
      public int linearSearch(int a[], int valueToFind)
          //valueToFind is the number that will be found
          //The function returns the position of the value if found
          //The function returns -1 if valueToFind was not found
          for (int i=0; i<a.length; i++) {
              if (valueToFind == a) {
  return i;
  return -1;

  I made the changes. Two more questions.
  1.) Just for curiosity, how would I have referenced those methods (called them)?
  2.) How do I call the searches?
  import java.util.Scanner;
  import java.util.ArrayList;
  public class Main
      private static Scanner input = new Scanner(System.in);
      public static void main (String args[])
          //creates ArrayList
          int List[];
          System.out.println("How many values would you like the array to have?");
          int arrayLength = input.nextInt();
          //Initializes array list
          List = new int [arrayLength];
          //Collects the array information
          for(int i=0; i < arrayLength; i++) {
               System.out.println("Enter a value for array");
               List[i] = input.nextInt(); 
          //Prints the array
          System.out.print("Array: ");
          for(int i=0; i < List.length; i++)
               System.out.print(List[i] + " ");
          //Asks for the value to be searched for
          System.out.println("What value would you like to search for?");
          int temp = input.nextInt();
          System.out.println(search.binarySearch()); //not working
  }

• How to look for a certain value in a database using sql

  Hello everyone. How do you do this in SQL? Or, is there a way to look for a certain value in a database? What I'm trying to do is this:
  I want to look for the exact value "abcdefg" in the database so that oracle will return me details on the following that contains the said value:
  1. the name of the table(s)
  2. the column/field name(s)
  Note: "abcdefg" could exist in different tables with different column names with different data types.
  Any help is much appreciated. Thanks.
  UPDATE: What about if I just want to check those fields/columns with string data types?
  Message was edited by:
  dongzky
  Message was edited by:
  dongzky

  Just a teeny tweek
  DECLARE
     l_dummy   VARCHAR2 (4000);
  BEGIN
     FOR rec IN (SELECT table_name
                   FROM all_tables)
     LOOP
        FOR rec2 IN (SELECT column_name
                       FROM user_tab_cols
                      WHERE table_name = rec.table_name)
        LOOP
           BEGIN
              EXECUTE IMMEDIATE    'select 1 from '
                                || rec.table_name
                          || ' where to_char('
  || rec2.column_name
  || ') = ''CAS'' and rownum = 1'
                           INTO l_dummy;
              DBMS_OUTPUT.PUT_LINE (rec.table_name || ' ' || rec2.column_name);
           EXCEPTION
              WHEN NO_DATA_FOUND
              THEN
                 NULL;
           END;
        END LOOP;
     END LOOP;
  END;

• Detail page only for certain values

  I have a page that searches a few tables.
  its a overall search, but there are records we dont want to
  allow anyone to
  edit based on a value.
  So my question is... i have a results page which is already
  setup to display
  all records found.. with a link(go to detail page) how can i
  code it so if
  any of the results have a certain value that link is not
  available?
  Example
  Name Phone Email
  Contact Details
  John 555-555-5555 [email protected] Yes View
  Dave 222-333-4545 [email protected] No
  Jess 854-896-7852 [email protected] Yes View
  Using ASP, SQL2005 and DW8

  Can anyone help with this one?
  I just want to disable the link to the detail page if the
  value for Contact
  is NO then disable Details link
  Using ASP, SQL2005 and DW8
  "Daniel" <[email protected]> wrote in message
  news:f2d35r$806$[email protected]..
  >I have a page that searches a few tables.
  >
  > its a overall search, but there are records we dont want
  to allow anyone
  > to edit based on a value.
  >
  > So my question is... i have a results page which is
  already setup to
  > display all records found.. with a link(go to detail
  page) how can i code
  > it so if any of the results have a certain value that
  link is not
  > available?
  >
  > Example
  >
  > Name Phone Email Contact Details
  > John 555-555-5555 [email protected] Yes View
  > Dave 222-333-4545 [email protected] No
  > Jess 854-896-7852 [email protected] Yes
  > View
  >
  >
  >
  > --
  > Using ASP, SQL2005 and DW8
  >

• Search timestamp array for a specific value

  Hello,
  I need some help creating a VI that will allow me to do some data post-processing.  The problem is multifaceted, so help on any aspect will be of great help.  The end goal of the VI will allow the user to select two times, intial and final, and create a plot based on the corresponding data vs. the time selected, and output to a .jpg. 
  1.  How do I find the index of the time array?  Right now, no matter what time value i input, the index is zero.  The time input should only be significant at most to seconds.
  2.  How do i select all the values between the two chosen times?
  3.  Is there a better way to read in my .tdm file?
  4.  Documentation on exporting plots?  I also have Diadem.
  Attached is the VI that im working with.  The post unfortunately does not allow .tdm files.  I can't say that i've gotten very far, so any advice would be much appreciated.
  Alex
  Attachments:
  post-analysis.vi ‏50 KB

  The "Threshold 1D Array" works in a similar manner as the "Search 1D Array" except that it doesn't try to find an exact match. It finds the two array elements between which your search value falls. It then tells you a fractional index that basically tells you where it falls between those two values. So, a value of 2.5 means it falls smack in the middle between the third and fourth elements of the array. A value of 2.1 means it would fall just after the third element, and a value of 2.9 means it would fall just before the fourth element. The one caveat is that the array must be monotonically increasing. The "Interpolate 1D Array" can be used to interpolate a value given the fractional index. In your case it isn't really necessary - I was showing it for demonstration.
  As to your specific question, I'm not sure which array you're talking about. When you run the VI does the "32bit ingerer" indicator give you the correct index based on the timestamp that you're looking for?

• I am looking for a (free, ideally) virus scan/check for my MacBook Pro -- any suggestions?

  I am looking for a (free, ideally) virus scan/check for my MacBook Pro -- any suggestions?

  Mac users often ask whether they should install "anti-virus" software. The answer usually given on ASC is "no." The answer is right, but it may give the wrong impression that there is no threat from what are loosely called "viruses." There  is a threat, and you need to educate yourself about it.
  1. This is a comment on what you should—and should not—do to protect yourself from malicious software ("malware") that circulates on the Internet and gets onto a computer as an unintended consequence of the user's actions. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the computer, or who has been able to log in to it remotely. That threat is in a different category, and there's no easy way to defend against it.
  The comment is long because the issue is complex. The key points are in sections 5, 6, and 10.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user. Internally Apple calls it "XProtect."
  The malware recognition database used by XProtect is automatically updated; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  ☞ It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  ☞ It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  As new versions of OS X are released, it's not clear whether Apple will indefinitely continue to maintain the XProtect database of older versions such as 10.6. The security of obsolete system versions may eventually be degraded. Security updates to the code of obsolete systems will stop being released at some point, and that may leave them open to other kinds of attack besides malware.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  ☞ It can easily be disabled or overridden by the user.
  ☞ A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  ☞ An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  Apple has so far failed to revoke the codesigning certificates of some known abusers, thereby diluting the value of Gatekeeper and the Developer ID program. These failures don't involve App Store products, however.
  For the reasons given, App Store products, and—to a lesser extent—other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. Sandbox security is based on user input. Never click through any request for authorization without thinking.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is effective against known threats, but not against unknown ones. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. The built-in security features of OS X reduce the risk of malware attack, but they are not, and never will be, complete protection. Malware is a problem of human behavior, and a technological fix is not going to solve it. Trusting software to protect you will only make you more vulnerable.
  The best defense is always going to be your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "Trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the scam artists. If you're smarter than they think you are, you'll win. That means, in practice, that you always stay within a safe harbor of computing practices. How do you know when you're leaving the safe harbor? Below are some warning signs of danger.
  Software from an untrustworthy source
  ☞ Software of any kind is distributed via BitTorrent, or Usenet, or on a website that also distributes pirated music or movies.
  ☞ Software with a corporate brand, such as Adobe Flash Player, doesn't come directly from the developer’s website. Do not trust an alert from any website to update Flash, or your browser, or any other software.
  ☞ Rogue websites such as Softonic and CNET Download distribute free applications that have been packaged in a superfluous "installer."
  ☞ The software is advertised by means of spam or intrusive web ads. Any ad, on any site, that includes a direct link to a download should be ignored.
  Software that is plainly illegal or does something illegal
  ☞ High-priced commercial software such as Photoshop is "cracked" or "free."
  ☞ An application helps you to infringe copyright, for instance by circumventing the copy protection on commercial software, or saving streamed media for reuse without permission.
  Conditional or unsolicited offers from strangers
  ☞ A telephone caller or a web page tells you that you have a “virus” and offers to help you remove it. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  ☞ A web site offers free content such as video or music, but to use it you must install a “codec,” “plug-in,” "player," "downloader," "extractor," or “certificate” that comes from that same site, or an unknown one.
  ☞ You win a prize in a contest you never entered.
  ☞ Someone on a message board such as this one is eager to help you, but only if you download an application of his choosing.
  ☞ A "FREE WI-FI !!!" network advertises itself in a public place such as an airport, but is not provided by the management.
  ☞ Anything online that you would expect to pay for is "free."
  Unexpected events
  ☞ A file is downloaded automatically when you visit a web page, with no other action on your part. Delete any such file without opening it.
  ☞ You open what you think is a document and get an alert that it's "an application downloaded from the Internet." Click Cancel and delete the file. Even if you don't get the alert, you should still delete any file that isn't what you expected it to be.
  ☞ An application does something you don't expect, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  ☞ Software is attached to email that you didn't request, even if it comes (or seems to come) from someone you trust.
  I don't say that leaving the safe harbor just once will necessarily result in disaster, but making a habit of it will weaken your defenses against malware attack. Any of the above scenarios should, at the very least, make you uncomfortable.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it—not JavaScript—in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Stay within the safe harbor, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself.
  7. Never install any commercial "anti-virus" (AV) or "Internet security" products for the Mac, as they are all worse than useless. If you need to be able to detect Windows malware in your files, use one of the free security apps in the Mac App Store—nothing else.
  Why shouldn't you use commercial AV products?
  ☞ To recognize malware, the software depends on a database of known threats, which is always at least a day out of date. This technique is a proven failure, as a major AV software vendor has admitted. Most attacks are "zero-day"—that is, previously unknown. Recognition-based AV does not defend against such attacks, and the enterprise IT industry is coming to the realization that traditional AV software is worthless.
  ☞ Its design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere. In order to meet that nonexistent threat, commercial AV software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  ☞ By modifying the operating system, the software may also create weaknesses that could be exploited by malware attackers.
  ☞ Most importantly, a false sense of security is dangerous.
  8. An AV product from the App Store, such as "ClamXav," has the same drawback as the commercial suites of being always out of date, but it does not inject low-level code into the operating system. That doesn't mean it's entirely harmless. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  An AV app is not needed, and cannot be relied upon, for protection against OS X malware. It's useful, if at all, only for detecting Windows malware, and even for that use it's not really effective, because new Windows malware is emerging much faster than OS X malware.
  Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else. A malicious attachment in email is usually easy to recognize by the name alone. An actual example:
  London Terror Moovie.avi [124 spaces] Checked By Norton Antivirus.exe
  You don't need software to tell you that's a Windows trojan. Software may be able to tell you which trojan it is, but who cares? In practice, there's no reason to use recognition software unless an organizational policy requires it. Windows malware is so widespread that you should assume it's in everyemail attachment until proven otherwise. Nevertheless, ClamXav or a similar product from the App Store may serve a purpose if it satisfies an ill-informed network administrator who says you must run some kind of AV application. It's free and it won't handicap the system.
  The ClamXav developer won't try to "upsell" you to a paid version of the product. Other developers may do that. Don't be upsold. For one thing, you should not pay to protect Windows users from the consequences of their choice of computing platform. For another, a paid upgrade from a free app will probably have all the disadvantages mentioned in section 7.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
  10. As a Mac user, you don't have to live in fear that your computer may be infected every time you install software, read email, or visit a web page. But neither can you assume that you will always be safe from exploitation, no matter what you do. Navigating the Internet is like walking the streets of a big city. It's as safe or as dangerous as you choose to make it. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices.