Check #switzerland channel of the MacAdmins Slack for short term info and chat.
Until we meet again, for the [MacSysAdmin] Bier #82, on Thursday, 18 October 2018, still as always at Café Gloria, some of us are fortunate enough to travel north, to Göteborg, to attend the actual MacSysAdmin 2018 – detailed travel reports are expected!
More and more frequent short-term info is still to be found in the #switzerland channel of the MacAdmins Slack.
Yup, it’s totally embarrasing that I haven’t posted anything here since August last year. What, however, is not embarrasing at all is that we now enter our sixth year of get-togethers—or meetups, as the young’uns say—that our events are well-attended by a great group of people, that this happens regardless of my ability to send out little reminders, and that there was a spontaneous 12th meeting last year in December.
So let me at least post the dates for 2017, available at CalendarTree (or on Google Calendar). And then we’ll meet again on Thursday, 19 January 2017, from 18:45, as always at Gloria, for the [MacSysAdmin] Bier #61. In-between you can find many of us in the MacAdmins Slack, often in the #switzerland channel.
So about 25 years ago, this happened. By which I literally mean this, right here, where I’m posting this: The WorldWideWeb. 25 years. Twenty-five. And one of the results: The world isn’t getting worse — our information is getting better, says Ray Kurzweil; and I just might start autoreplying with this on Facebook: This is ‘by far the best time in human history’ — despite what you might read on Facebook.
Doesn’t mean there aren’t any problems left:
- NIST declares the age of SMS-based 2-factor authentication over.
- Snowden Designs a Device to Warn if Your iPhone’s Radios Are Snitching.
- “BlueCoat now has a CA signed by Symantec” — Untrusting an intermediate CA on OS X.
- Disable Find My Mac by Resetting NVRAM.
- You’ve got 2FA on your domain registrar, right? On Cybersecurity and Being Targeted.
- Oops: Microsoft leaks its Golden Key, unlocking Windows Secure Boot and exposing the danger of backdoors.
- Frequent password changes are the enemy of security (via Chris Adams).
- Clever phishing: This is what Apple should tell you when you lose your iPhone.
- Maybe no more Dubai: Using a VPN in the UAE is now prohibited and you could face fines of up to $545,000.
- Remember Ray? The DNC Should Never Have Been Running Its Own Email Server.
- Don’t Trust Sourceforge Downloads. Still.
- Though no Sierra for my trusty Mac Pro, Early 2009: Sierra’s new system requirements. Sniff.
- Prepare your institution for iOS 10 and macOS Sierra (via Rich Trouton).
- Hopefully fixed by release: Xcode 8 Illegal Hard Links Prevent Cloning.
- Der Flounder: Apple-installed applications not responding to keyboard or mouse input.
- 3 obscure but essential MacBook Air add-ons. That TarDisk sounds like data-loss-waiting-to-happen…
- “Apple just announced their first security bounty”.
- Stack Overflow: Documentation! Cf. Stack Documentation.
- Thanks, François! Max: NoMAD.
- Fraser Speirs: The Problem with Managed Apple IDs and iTunes U.
- Bye, bye: Kagi Shuts Down After Falling Prey to Fraud; cf. Farewell Kagi – The end of an e-commerce era.
- Bye, bye? Skype – the journey we’ve been on (via Michael Tsai).
- Bye, bye? “Salesforce buys word processing app Quip”.
- Because you really wanted to try this yourself: “This is what happens if you poke a hole in your phone’s battery with a knife”.
- Look, I’m not telling you Swisscom is consistently slow and expensive, but I am happily pointing to this comparison by dschungelkompass.ch.
- Again, not me: “Only when you have used Outlook seriously for a few days do you fully appreciate how far Google has come with mail, calendar and docs”.
Sorry for not making it last month, but I’ll do my best to show up at Gloria next week on Thursday, 18 August 2016, from 18:45, for the [MacSysAdmin] Bier #56, while we continue to wait for our new iPhones…
So, WWDC brought us the macOS (10.12) Sierra preview, relieves us from remembering that “X” is really ’ten’—and the next version of that other OS won’t be “iOS X”, but “iOS 10”—and returns us, name-, but not spelling-wise, to where we left off in 2001; underneath, it’s Darwin 16. Aside from Siri? Apple File System, or at least the beginnings of it:
- Great overview by Adam Leventhal: APFS in Detail.
- Michael Tsai’s overview of comments: Apple File System (APFS).
- “John Siracusa, at the moment he learned the new file system is coming. Historic moment.”
- Rich Trouton’s WWDC 2016 notes.
- Rich Trouton: “Mac models supported by macOS Sierra: #noxserves #byebye.”
- Fix for installing macOS Sierra as a VM (so none of that necessary).
- Just in case: Prepare for removal of PPTP VPN before you upgrade to iOS 10 and macOS Sierra.
Also announced and almost practically relevant: Apple Pay for Switzerland. And ridiculous, ridiculous reactions and reporting. For now, this seems like a usable overview: Welche Schweizer Kreditkarte für Apple Pay?, pointing to the Swiss Bankers MasterCard Prepaid and the Simply VISA Card. A curious article, “Viele Kreditkarten schluckt das iPhone nicht: Mit diesem Trick funktioniert Apple Pay trotzdem”, points to boon by wirecard, which should supposedly virtualize any creditcard and make it available to Apple Pay; we shall see. I’ll wait for the end of July: “Für Cornèrcard Miles & More Karten steht Apple Pay ab Ende Juli zur Verfügung.”
By now almost ¯\_(ツ)_/¯: Security:
- Don’t download the “EasyDoc Converter”: New Backdoor Allows Full Access to Mac Systems.
- Citrix GoToMyPC (via Edward Marczak).
- In case you want to talk about anti-virus to me again: How to Compromise the Enterprise Endpoint; “The Symantec worm is so bad that even disclosing it responsibly triggers its execution”; If you use Norton or Symantec it’s best you update immediately.—Though I’d have said, uninstall. Also, ClamXav just released a huge update and runs in user land.
- Google is making two-factor authentication a lot easier to use.—No more excuses…
- Enable Google two-factor authentication for SSH connections on OS X.
- Switching to Apple’s Two-Factor Authentication.
- If you have customers using default UPC Cablecom gear: UPC Ubee Modem: Passwort ändern empfohlen.
- When icons lie: New OSX/Keydnap malware is hungry for credentials.
- Battle of the Secure Messaging Apps: How Signal Beats WhatsApp.
Admin & apps:
- Server Ranger; let me know whether it’s worth it.
- Apple Support: Duplicate mount point in /Volumes after unexpected restart; with all the “Mac OS X” in that article, maybe that’ll go away with macOS…
- Max? macOS LAPS.
- Synology Cloud Sync & Backblaze B2, like your own, controlled CrashPlan…
- I use ExpanDrive (or Transmit’s Disks), but maybe you prefer CloudMounter for OS X.
- I use Fresh, but maybe you prefer Trickster.
- The quest for the perfect Mac calendar app: Yup, BusyCal.
- Grumpy old man? Mossberg: The tyranny of messaging and notifications.
- Docker, for Mac…
- Exify, “for people who take their iPhone photography seriously.”
- Bye, bye: End of the road for MacNN: 21 years of changes for Apple, and for us.
- The Wirecutter founder Brian Lam: Steve Jobs ‘literally caught me with my pants down’.
- Increasingly unsure: Changes to Evernote’s Pricing Plans.
- History: How AOL kept its free disk campaign to itself.
- Future: Mac Office and the Transition to 64-bit.
- Hopefully not the future: Building My $1,200 Hackintosh.
- Microsoft to acquire LinkedIn for $26.2 billion.—“EXCLUSIVE: Microsoft’s Satya Nadella accidentally acquired LinkedIn as he tried to delete his account.”
- Major telecoms promise 5G networks if EU cripples net neutrality.—Do we at least get keep our wallets after you rip out all the cash?
And feel free to ask me how I feel about Adobe—though, in fairness, they responded quickly in those cases—when we meet at Gloria on Thursday, 21 July 2016, from 18:45, at the [MacSysAdmin] Bier #55. But not before you enjoy the Rogue One teaser reel.
It’s always thankless to write something knowing the big event is coming up. Helpfully, Apple decided to try “doing something a little different this year”. See The New App Store: Subscription Pricing, Faster Approvals, and Search Ads; App Store Subscription Uncertainty; and FAQ: How Apple’s new App Store subscriptions affect you (among, you know, the rest of the Internet). And, apparently, macOS and, cautiously hopeful, no more oh-es-ex. Right.
Then again, we can always return to the perennial favorite, security. And two-factor authentication: “I was hacked today: my Twitter account, two email addresses, & my phone. It was not due to passwords, they hacked my phone account itself.” See also How activist DeRay Mckesson’s Twitter account was hacked (via Daring Fireball).—And I’m sure all our Swiss telcos will swear that can’t possibly ever happen with them…
There was also some confusion around TeamViewer: Upset users, first accusatory, then apologetic company; see also: A Letter To TeamViewer Users On The Recent Cyber Attacks.—A lot seems to go back to these mega-dumps: Seven Hundred Million (via Michael Tsai) or Cluster of “megabreaches” compromises a whopping 642 million passwords. If you trust Troy Hunt, you can check your username or email address on ’;–have i been pwned?—yes, my LinkedIn account is listed, but I’ve changed that password, like, four times this year alone…—This should therefore not surprise: “Security and privacy risks causing so many to avoid online activities should be a wake-up call for the entire field”, which links to Lack of Trust in Internet Privacy and Security May Deter Economic and Other Online Activities—if your business relies on the Internet, do you have a plan?
Because we’re admins:
- Nice compilation by Tom Bridge: The Mac Admin Library.
- “Old vs new. Anyone with equipment in a rack needs to know about this wonderful invention. No more sliced fingers.”—For the next rack I touch, I’m gonna get a bag of those…
- If you’ve been holding out so far: AutoPkgr for Dummies.
- Download now: “If you have Office365, Office 2011 will only be available to download installer until Sept 22.”
- Google Chrome will start blocking Flash by default. But not really, sadly…
- Gala • KerbMinder + ADPassMon + ShareMounter.
- “MicroMDM is a flexible Mobile Device Management server for OS X administrators [and] integrates with DEP and can provision a device with configuration profiles, user accounts and settings. Unlike most commercial MDM products, MicroMDM allows an administrator to choose which management tools to deploy during DEP Enrollment.”
- Arek Dreyer: “Interesting (and welcome) to see Apple recommending specific MDM services at apple.com/education/it/.”
- Both ownCloud and Nextcloud advertise “a safe home for all your data”, but one might be safer than the other…
- So you wanna go on-prem do ya.—You don’t.
- A long network cable: Facebook and Microsoft are building an underwater cable across the Atlantic.
- I’m sure this will be as successful as Paymit and TWINT, until Monday, that is: eSIM von Swisscom.
- Introducing HyperDev.
- Motion Stills.
- 1Blocker for Mac.
- Just a few years ago I would have freaked out about this: SyntaxNet: The World’s Most Accurate Parser Goes Open Source.
- So many hours: Programming fonts.
- Intel, Microsoft, Apple, ARM, forecasts, models, experts, guts, culture, jobs, errors.
- Because you never have enough browsers: Brave, Vivaldi (via 1Password release notes).
- Clever: “[User requests feature already in product]
Junior dev: “lol dumb user”
Staff dev: “Closed – fixed”
Senior dev: <opens usability bug>.”
- Ladies and Gentlemen, our federal council: “J. Schneider-Ammann im Interview mit #SRF: ”Die Digitale Revolution kommt enorm, noch vor einem Jahr hätte ich das nicht gedacht." #SEF2016.—I do hope this is a prank quote and not the actual thoughts of our country’s leaders…
First things first: You can now register for MacSysAdmin 2016, as always in Göteborg, this year from 4 – 7 October 2016. Limited to 240 seats, lots of great familiar and new speakers, and, if I’m not mistaken, the 10th anniversary. Some Swiss people are flying up on Sunday, 2 October, with LX1226, staying at the familiar Elite Plaza, and returning on Sunday, 9 October, with LX1227, or so I’m told. If you’ve been before, I don’t have to tell you anything—if you’ve never been, you really should!
Then Apple held an event on 25 March 2016 and announced Liam, whom we can’t have. But you can now buy a new iPhone 5(S), erm, SE, finally in rose gold! And an iPad Pro that’s smaller than the old, but still current iPad Pro, but the same size as the iPad Air 2, but with better speakers. And—wait for it—in rose gold! Also, the new small one only does USB 2, while the old big one does USB 3 (via @WillBeech (via @marcoarment)).
For those constantly worried about their data
in the cloud on other people’s servers—though I’m with Ticci—note that EU-US safe harbour might not apply anymore, but then, we’re not in the EU, instead, we’re an internet piracy haven. And while we’re on other people’s servers: Remember how they with their oh-so secure BlackBerries made fun of us with our “insecure” iPhones? Oops, I guess: Canadian Police Obtained BlackBerry’s Global Decryption Key (via Daring Fireball). Also, other people’s servers: The book I bought and wanted to read while on vacation: Here’s How Google Makes Sure It (Almost) Never Goes Down.—Not unrelated: Lessons learned while protecting Gmail.—And Dropbox announced Project Infinite, which sounds a lot like odrive’s placeholder files—“good… copy; great… steal”, I guess… Let me also note Cloud Status App (via Daring Fireball), which comes in handy when you’re using other people’s servers. Finally, Arq 5 now lets you backup your files even faster, to even more servers, your own or other people’s.
Speaking of the Alphabet’s seventh letter: Chrome 50 ends support for Windows XP, OS X 10.6, other old versions (via Chris Adams).—Those “other old versions”, you’re asking? They include OS X 10.7 and 10.8. Better upgrade soon-ish…
Things I’ve enjoyed (since 13 March 2016, the last invitation):
- Hacking Gmail to use custom domains for free:
dig kermic.com MX.
- More Star Wars! Without Rey, sadly, but maybe Jyn will make up for it: Rogue One.—Also: Yoda – Luke – Rey.
- Email Isn’t The Thing You’re Bad At. Phew. Not for Tobias, but the rest of us. Maybe another mail client will fix it? Canary Mail.
- Thankfully preserved by Daring Fireball: Fiat Chrysler CEO: Apple Should Not Try Making a Car on Its Own. Because we’ve never heard that before… Speaking of flops: “In 2015 the Swiss exported 4.5m watches in the $200–500 band & 3.4m in the $500-$3,000 band. Apple sold 10–12m Apple Watches. Some flop.”
- Bash everywhere: Developers can run Bash Shell and user-mode Ubuntu Linux binaries on Windows 10. As Rich Trouton says: “I’m looking forward to this. Who knew that shell scripting was also going to be ‘write once, run anywhere’?”
- The problems with forcing regular password expiry.
- I’m testing Objective-See’s RansomWhere? and found the background interesting.
- Another security guide for OS X.—I’d have liked a bit more background on some options, but solid overall.
- Slack for free? Ryver (probably via Capterra).
- Another bucket for your tasks: MeisterTask.
- Hmm: “ReactOS […] ’s design is based on Windows in the same way Linux is based on Unix […] ReactOS looks and feels like Windows, is able to your run Windows software and your Windows drivers…”
- Automatically Cache Updates To Your OS X Server.
- YubiKey in Switzerland.
- For those using JAMF’s Casper: d3.
- From Tobias: Network Analyzer App.
- For Tobias: “Farewell to Lytro cameras, which took photos that you could refocus AFTER taking them. Company is… refocusing on VR.” Cf. Lytro’s 755 Megapixel Cinema Light Field Camera.
- Like LaunchBar—yeah, the original CMD-Space, even before Spotlight—but for menus? OptionSpace.
- An App Store For Bots: Botlist.
- If I ever buy a camera: The Leica Q.
- You’d be disappointed if I didn’t include this: Swisscom gibt zu, dass sie zu Wegelagerern des Internets werden wollen.
- Coz I never get to listen to all the podcasts: MacAdmins.org Podcast.
- And you thought the 29 W USB-C Power Adapter was for the MacBook: iPad Pro Fast Charging.
- Risky? Massively Speed Up Time Machine Backups.
- While my wife appreciates the uniqueness of my (ab)used Apple leather case, I might get a new one: Metro Case.
- “so @ubnt just broke into the home wifi market big time”: AmpliFi Wi-Fi.
- Git on iOS: Working Copy. But note, too: “Troubleshooting remote unix or linux box using a SSH client for mobile devices.”
- I’m with Gruber in wishing this were true: “Drinking more coffee may undo liver damage from booze”.
- The Wirecutter knows us well: Why All Printers Suck (Even the Best Ones).
And so, after I return from summer, we will meet at Gloria on Thursday, 19 May 2016, from 18:45, for the [MacSysAdmin] Bier #53, in the winter…
We can’t not talk about Apple and the FBI:
- Code to ruin?
- Apple, FBI, and the Burden of Forensic Methodology.
- Edward Snowden: The @FBI is creating a world where citizens rely on #Apple to defend their rights, rather than the other way around.
- US: “Tech, make backdoors b/c fighting terrorism is hard” US: “China, how dare you force tech cos to make backdoors”: Obama sharply criticizes China’s plans for new technology rules.
Less high-profile, but no less high-impact: Apple Blacklists Its Own Ethernet Driver. Oops.
Notes from the past month:
- VMware Fusion, Workstation team culled in company restructure. Ugh.
- Then Mandrill pissed off the Internet, e.g.: A pox upon the house of MailKimp. I take @textfiles levels of umbrage to their Mandrill change. a) way too fast b) super unforgiving.
- First Mac ransomware spotted.
- Munki Conf 2016.
- USB-C cables are playing Russian Roulette with your laptop. Includes links to Benson Leung’s reviews on Amazon.
- ResetPlug – A smart plug to monitor your WiFi router/modem and automatically reset power if WiFi fails.
- Impressive reaction time: CVE–2015–7547 and OnHub (via Chris Adams).
- Alternative: Need to detect filesystem changes for packaging, but don’t want to use InstallEase or Composer?: logGen.
- Another alternative: HashBackup: Linux, Mac, FreeBSD Server Backup.
- RTFM: Actually, read everything.
[MacSysAdmin] Bier #51 on Thursday, 17 March 2016, from 18:45 at Gloria, as always.
From LaLa-Land, M’n’M
I think we all agree the big news was Hoefler & Co. releasing Operator: Rands likes it, Gruber likes it, of course I bought it. Turns out, Hoefler & Co. fonts generally—so says their support—do not include the glyphs for delta (
0x2206) and not sign (
0x00AC), which Bare Bones’ BBEdit (and, I guess, TextWrangler) uses for displaying usually invisible tab and carriage return. So, so sad.
In other news: Adobe launches major new PR campaign for Apple’s app sandboxing technology, according to Daniel Jalkut. See also: Warning: Bug in Adobe Creative Cloud deletes Mac user data without warning.
No time for more, because still in London, post MacAD.uk, but come join us for the 50th (!) [MacSysAdmin] Bier on Thursday, 18 February 2016, from 18:45,
at Gloria, and let Michael and special guest Balz tell you all about the pub conference…
And Max became Internet-famous: Der Flounder: Downloading installer packages from the Mac App Store with AppStoreExtract.
Since I’m still traveling, I’ll have to keep it short, but I did want to specifically mention Quiver, because it can import Evernote ENEX files, even those consisting of multiple notes. Yes, you’ll lose the OCR and some formatting, but at least you get to reuse your content in an open format. See also the MacStories review.
A few notes from the past two months:
- 2016 Reality: Lazy Authentication Still the Norm.
- Apple on GitHub.
- A Brief History of Email Apps.
- 1Password 6 for Mac is here!.
- Dropbox: Saying goodbye to Carousel and Mailbox.
- Recommended USB Type-C Legacy Cables.
- iOS App Store behaves mysteriously? Tapping a tab item 10 times deletes caches and reloads everything.
- Not on the Mac App Store.
- OS X 10.11 zerschießt Recovery-System des Backups.
- Der Flounder: Upgrading to OS X El Capitan using the OS X 10.11.2 installer removes package installation receipts.
- I looked at high end MBP geekbenches through out the years. You can just see Intel give up after 2011/2012..
- Mind the adware. Cyberduck: “@macupdate Please remove the adware installer from your site. We will forward all support costs in a monthly bill to you.”
- Internet Explorer End of Support.
- Office 2011 support has been extended to 10/10/2017.
- Why that Swiss flag? Exposing the misuse of the flag of Switzerland.
So, next week then, in a different time zone, and in apparently very different weather, we’ll meet at Gloria on Thursday, 21 January 2015, from 18:45 for the [MacSysAdmin] Bier #49.