What OS X Yosemite and iOS 8 Portend

Apple announced today their new versions of Mac OS X and iOS at Worldwide Developers Conference in San Francisco, with lengthy demonstrations from Craig Federighi, Greg Joswiak and other senior members of the Apple. You can watch the keynote to see all of the pieces in motion. If you’ve got the time to pass, you could pass it many worse ways than watching the masters at Apple do a Keynote better than pretty much any other major player in tech.

There are some big changes coming this Fall, and they’re not just coming to your Computer or your iPhone/iPad, they’re coming to both platforms, bringing them closer and closer together.

The Mac + iOS preview page on Apple’s website is very specific about the iOS and Mac OS tie-ins - these are platforms each made better by the other, to be used as an intertwined whole.

Sure, you say, I’ve been doing that since 2008! You’re right, you have, but the chasms between the two spaces were quite large and joined by very narrow, and sometimes tenuous, bridges. Finally, with the new Extensions functionality, as well as a vast new array of extensible service gateways in OS X and iOS, the bridges between the two spaces are growing more frequent, and are bringing the two sides closer and closer.

Affirmative participation is now something that can be granted once and assumed as a default going forward. The best example here is the new method for activating your personal hotspot on your phone. Once your laptop is paired properly - and, I’m assuming, if you have the same AppleID in both places - your computer can activate your hotspot without so much as pulling your phone out of your coat pocket. In iOS 7, it’s at least four taps on your screen before it’s done.

When you look at some of the opportunities added to the new Handoff feature, it’s hard not to get excited. Step off the Metro, type out the first paragraph of an email on your block’s walk home, then sit down at your machine and that paragraph’s waiting for you to keep editing.

Make changes on your iPad to a Pages or Keynote document, and by the time you’ve walked up the front steps, they’re on your desktop waiting for you.

Between that, and the expansion of iCloud and AirDrop, there’s an awful lot to like here.

Looking at the Developers’ portion of today’s Keynote, though, it’s hard not to look at Extensions as anything but completely revolutionary. We finally have a secure path between application sandboxes, and a way for apps to interact that’s secure, private, and easy. That’s been holding people back for a long time. The examples that Apple gave today - Bing and Pinterest - are fairly light-weight. I look forward to seeing what the next three months of coding from the heavies in the marketplace will bring us for utility.

Your sharing section, and your action section, of the phone’s Share dialog is going to get more crowded, but it’s also going to get a helluva lot more useful.

This is a fascinating time to be a Mac and iOS admin, and I look forward to seeing everything that’s going to come out over the next three months.

And now to dive in myself and start playing with Server 4, Yosemite, and iOS 8…




Late yesterday, a flaw in a very important piece of the secure Internet, secure sockets layer or SSL, was announced to the public.

The bug, called Heartbleed affects Internet servers that use certain versions of the OpenSSL libraries. An attacker could see small portions of server memory, including data that would normally be encrypted, including password data and SSL private keys.

We have been rolling out fixes to affected machines we control over the last 24 hours, and believe we have completed patching of all critical systems by 4pm yesterday.

News stories on the issue range from urging you to change important passwords to imminent armageddon. As usual the truth is somewhere in the middle.

Unless a provider tells you that their servers were affected you really have no idea of knowing if they were compromised.

What we recommend in this case is caution and selective corrective action. Some high profile websites that were affected in some part include Dropbox, Yahoo, Facebook, Google, Twitter and Microsoft, and credentials for some of those could be revealed through a buffer overflow. The ability to perform this attack was out in the wild from Monday morning, and fixes were deployed as late as 3pm yesterday. If you accessed one of those services in that timeframe, it is possible, but not necessarily likely, that your username and password for those services was recoverable by third parties. We would recommend changing your password for that service.

Over the next week, we will be re-issuing SSL certificates for a few servers as a precautionary measure.

Link Munki in a Box

The open source Munki software installation and patching system is a wonderful swiss army knife, but currently building a repository is anything but automated. This process can take time, but it could just as easily be scripted if you’re building a series of servers to do this.

This script is a first crack at creating AND populating these repositories, using the open source AutoPKG tool.

Initially, this script is designed around Mac OS X 10.8 and 10.9, Server 2 and Server 3 for Web Services, and requires that munkitools be installed in the host environment. The script checks for those three things, then creates a repository, installs AutoPKG, and runs it to add Adobe Flash Player, Adobe Acrobat Reader, Dropbox, Firefox, Chrome, Oracle 7 Java, Text Wrangler and the munki tools.

Line 106 is where you can alter the recipes that are fired at run, and Line 92 is where I’m currently pulling the main recipes list, so if you want to add your own recipe repo there, that’s where it’s done.

Next up is replacing the AutoPKG download hard link to a more dynamically determined latest-release version, use of Mac OS X’s built in apache2 install instead of the one done by Server.app for those not installing Server.app, and then automating the running of AutoPKG with Sean Kaiser’s AutoPKG Scripts

I look forward to comments and suggestions!


Security Update

Hi everyone,

Happy Saturday. Late last night, Apple released 3 iOS updates, 6.1.6 and 7.0.6 for iPhone and iPad and 6.0.2 for AppleTV.

These updates contain a very important fix for a potential security issue.

There is a serious vulnerability regarding SSL websites on existing versions of iOS that would allow a web site that is not properly encrypted to pretend that it is.

This opens up a can of worms for making sure that you can trust what you’re seeing - and that you’re the only one seeing it when connected to a secure web site (that’s pretty much all social media, commerce and banking web sites).

We recommend that you upgrade to iOS 6.1.6, 7.0.6 or 6.02 for Apple TV as soon as possible.

MacOS X 10.7.x and 10.8.x are not vulnerable to this particular problem, but OS X 10.9.0 and 10.9.1 ARE affected. There is not yet a patch for this, but we suspect that we’ll be seeing one in the near future.

If you want to read more about it, there’s a good technical summary here: https://www.imperialviolet.org/2014/02/22/applebug.html

If you want to check if you’re affected, you can check here: https://www.imperialviolet.org:1266


Mavericks, New MacBooks, iPads and Apps!

Dear Clients & Friends,

As you may have heard, Apple held an event in Cupertino today to talk about the future of the Mac platform and announce some new hardware. Some of this news is quite interesting, and we wanted to share our thoughts about it with you.

First up is the next release of Mac OS X, called Mavericks. The new OS (10.9) was released to the public today, and in a move that caught many of us by surprise, they’re releasing it free to anyone with a machine that can run it. If you have a machine running 10.6.8 that meets the requirements (iMac from Mid 2007 or later, Laptops from 2008 or later, Mac Pros from 2008 or later), you can download and install Mavericks for free.

Mavericks is mainly an update that provides performance increases. I’m seeing about 90 minutes more battery life per charge under the last pre-release edition, which is substantial, and there are some significant improvements in the Finder (file tagging) and general OS, including how it handles multiple-monitor setups.

The free release of Mavericks has some wide-ranging effects that we’ll be talking with in the near future, but for the moment we would recommend holding off on upgrading. With the upgrade, Apple’s servers will be deluged with users rushing to download, and there may be claim and activation issues in downloading it right away.

We would recommend waiting a week at least to let the dust settle, and we can help you make sure that Mavericks can be deployed across your entire office without wrecking your bandwidth, and without wrecking anyone’s working environment.

Second up is the release of new MacBooks Pro. Apple upgraded the MacBook Pro with Retina Display with new, faster processors, as well as faster onboard solid state storage to make for significant increases in battery life, operating speed, and overall performance. If you’ve been holding on to an older generation of MacBook Pro, this would be the time to buy. The new hardware has been released to the purchasing channels today, and we’re happy to help you identify which MacBook Pro is right for you. The best part of the upgrades? They’ve dropped the price on the new MacBook Pro with Retina display. 13” models start at $1299, and 15” models start at $1999, a drop of $200 per machine.

Apple will still ship an old-style MacBook Pro, but with these new Retina machines at their current prices, I can’t fathom wanting to buy one.

Third up is the new announcement of a release date for new Mac Pros. If you’ve been waiting on bated breath for a new desktop workstation with proper power, December is your month, as Apple releases the new Mac Pro. It comes in 4, 6, 8 and 12-core models, is as quiet as the current Mac mini, and comes with dual GPUs, six Thunderbolt 2 ports for expansion, and supports up to 3 full-resolution 4K displays. It will start at $2999, with the 4 and 6 core versions arriving in December, and the rest shipping in 2014.

Fourth is the upgrade of Apple’s iWork and iLife suites. They will have new versions in the App Store for iOS and Mac OS today, and if you have purchased a new Mac or iPhone, those upgrades are free. In addition, they will be free on all new Macs, while existing Macs will have an upgrade option through the Mac App Store.

Lastly, Apple refreshed the iPad line today. At the top of the line is the iPad Air, a thinner, lighter version of the iPad you’ve come to know and love, at the same pricepoint ($499 with WiFi/$629 with WiFi + LTE) as before. It is 20% thinner, and about 30% lighter, weighing in at just one pound. In the middle of the line is the new Retina version of the iPad mini, which will stay at the same at $399/$529. It features a new Retina display, which is double the resolution of the old version. At the bottom of the line, Apple is keeping the iPad 2 ($399) and the iPad mini ($299) available for those who want budget tablets.


Happy iOS 7 Day!

Happy iOS 7 Day!

Sometime today, Apple will release iOS 7 to the masses. There’s a lot of great new features in iOS 7, from better Maps, to new enhanced quality ringtones, as well as a lot of “fit & finish” updates to the functionality of the phone. My personal favorite is the re-do of the Calendar application which dramatically enhances the usefulness of the application. You can read about all the changes at Apple.

If you have an iPhone 4, 4S or 5, an iPad 2 or later, or a 5th generation iPod touch, you can run iOS 7.

For those who want to leap right into the new OS, there are a couple of things you should do this morning to get ready:

1) Download the newest version of iTunes and make sure all your software is up to date.

On the computer that you plug your iPhone into, make sure your iTunes is at the most recent version, and that you have applied all the system software updates. The best way to do this is to use the AppStore (if you’re on on OS X 10.8), or by choosing Software Update… from the Apple menu. This may require you to reboot your computer.

2) Do a full encrypted backup of your iOS device using iTunes.

That means plugging your iPhone, iPad or iPod touch into your computer, opening iTunes and then selecting your device at the top of the screen, then under the Backups section of the Summary screen, you can check the box for Encrypt iPhone backup, then click Back Up Now.

Making an encrypted backup of your phone is the ONLY way to make sure that all your network passwords, email passwords, and other secure storage is kept on the when you upgrade between versions.

You will be prompted to choose a password when making an encrypted backup. You MUST remember this password when restoring all that data to your phone tomorrow during iOS 7 install, so you might want to consider writing that one down.

3) Make sure you have a good iCloud backup, too

Belt and Suspenders is a great way to think about backup. You never want to be caught with your pants down.

If your phone is set to make an iCloud backup, it will do that automatically when the phone is locked, plugged into a power source, and connected to a WiFi network. Usually this happens when you plug it in at night, but you can force the issue at any time from the phone itself. Go to Settings App > iCloud > Storage & Backup > Back Up Now

Now you’re ready for the update.

iOS 7 will be released at some point during the day, and you can plug your phone in to install it. For those of you who already use Find My iPhone (Which you all should!) you will have to turn that off before you can install iOS 7 on the phone. This is a new security measure built into iOS 7 that will strengthen the ability of the phone to be found after being stolen or lost.

Once you have iOS 7 installed, you can then restore from your encrypted backup (with all the passwords, and done over USB) or from your iCloud backup (you’ll need to re-enter account passwords). Remember to make sure to re-activate your Find my iPhone!


Happy New iPhone Day!

Happy New iPhone Day!

Today, Apple held a press event at their Cupertino offices to announce new phones and the release date for iOS 7, the next iteration of the OS that powers iPads and iPhones. We’ve now seen the keynote, which you can watch in its entirety at Apple.com, or via the Apple Events channel on AppleTV or on your iOS device.

We’re going to handle this in the form of some quick Q&A.

Q: What’s the lay of the land for new iPhones?

A: Starting next week, there are three iPhone models for sale: iPhone 4S, iPhone 5C, and iPhone 5S. The 4S is the new “cheapy/free” phone for most cell contracts. The iPhone 5C is a re-imagined iPhone 5, and the iPhone 5S is the brand new model.

Q: How much do they cost?

A: With an upgrade available on your wireless plan, the 4S will be free (or $0.01, legalities apply), the 5C will be $99 or $199 (16 or 32GB), the 5S will be $199, $299 or $399. (16, 32 or 64GB)

Q: And there’s colors?

A: Yep, there’s colors. The 4S is white & black, the 5C is White, Yellow, Green, Blue or Pink. The 5S is Space Gray (think black), Silver (think white), or Gold (white with gold metal backing). You can see all of this at Apple.com.

**Q: So what’s the difference between the 5C and 5S? **

A: The 5S has all the fanciest new technologies: 64-bit A7 processor, M7 motion coprocessor, fingerprint scanner, enhanced 8 megapixel camera. The phone is supposed to be about twice as fast for CPU and GPU tasks than the current iPhone 5, which will make it feel snappier. The new M7 coprocessor will work with new motion-based applications, like a forthcoming Nike app, to better show off how much you move around. The new Fingerprint Scanner makes it possible to unlock your phone by on your fingers, as well as buy things with just a tap, instead of typing in a long password.

The new Camera has a sensor that’s 15% larger, which means more light comes into the sensor, which means better pictures. It also does 120 frames-per-second slow-motion video. It also supports the ability to take bursts of photos, for action shots, and it can do auto-exposure within a panorama.

It’s better, trust me.

The 5C is no slouch, but it’s still carrying a 32-bit A6 processor. If you just have a 5, unless you really, really want colors, there’s no compelling reason to upgrade to a 5C. If you have an iPhone 3GS or 4 still, though, the 5C will feel like driving a new Ferrari.

Q: So, the 5C. It’s still pretty good?

A: Yeah, it’s essentially the current iPhone 5, but with a new lease on life. They rethought the casing so that it’s now a single piece of heavy-duty plastic with a steel-reinforced frame, and then a glass touchscreen front. The plastic is grippy, which means fewer dropped phones, which many should like. In addition, Apple has cases for the new phones, for those who may want to accessorize with a complementary color, or a similar one.

It also has a slightly larger battery than the 5. The 5S has the same battery capacity, we’re told.

Q: What are you going to buy?

A: The camera put me over the edge to buy a 5S, but I have to say I was really tempted by an electric blue 5C. Especially at that pricepoint.

Q: And if I don’t have an upgrade available?

A: Check with your carrier for pricing. Unlocked phones are going to be super expensive (starting at $600.) so be ready for a bit of sticker shock. Or, consider one of the plans that allows you to upgrade your phone more frequently. They’re more expensive per month, but include more frequent upgrades.

Q: Anything else?

A: iOS 7 comes out on the 18th. It’s a pretty drastic change in aesthetic for Apple, and there’s some good and some bad that goes with that. The new Notification Center and Control Center are major steps forward, and AirDrop will be a massive step forward for sharing stuff. It will work on most iOS devices still ticking today, starting with the iPhone 4, the iPad 2, the iPad mini, and iPod touch 5th generation and later. Siri gets a big boost, and multi-tasking will get a lot more productive, as well. We’ll have a follow-up email next week about that.


iPhone Charger Hack in the Wild

This is just a quick note to point your attention toward a vulnerability in the iPhone that was released at Black Hat 2013. It uses an unlikely source: a compromised charger. Phones plugged into this charger can have their current apps replaced with malicious copies that can be used to raid your contacts, calendar, email and other applications, which makes this a pretty serious vulnerability.

For the time being, we would recommend against plugging into public USB chargers, like those found in Airports, and in other restaurant and bar-type situations. We’re available for questions and concerns if you have them.

We believe that Apple will patch this in the near future, and we’ll be sure to let you know when this has been properly addressed.

In the meantime, if you wanted to read more about this hack, there’s a good story at ZDNet about this.


WWDC WAGs (Wild-Ass Guesses)


Here’s my list of wild guesses for WWDC today:

  1. New Mac Pros, MacBook Airs (Pro comes with an SSD by default)
  2. New AppleTV partners with content agreements. One major cable network with a co-broadcast agreement.
  3. New AppleTV SDK for Developers for selling Apps via new AppleTV Store.
  4. Siri Improvements and API in iOS 7
  5. Better Backgrounding for iOS Apps
  6. New non-password authentication for OS X
  7. Functional iCloud Syncing (hahahahah, just kidding)
  8. Something Wonderful (said like Dave Bowman)

So! how’d I do?

  1. Check & Check.
  4. Partial Credit
  6. Partial Credit? I’m not sure if the new Keychain-in-iCloud thing counts
  7. Not enough info.
  8. I’m going to claim full credit here that the Mac Pro was my something wonderful, because when I saw all the stats and the preview page at Apple, I drooled. So, yeah, I think it’s probably gonna be just fine.

Let’s call this 3.5 out of 8? Not bad.


Destroying Old Hard Drives

If you’re anything like most people we know, you probably have been holding on to some old hard drives or computers not sure what to do with them before you get rid of them. Here’s what we recommend:

  1. First, erase the drive. You can do this on any 10.7 or 10.8 Mac easily by booting into Recovery Mode (Hold Command-R at boot) and then use Disk Utility.
  2. If you’re really concerned about sensitive information, you can use the secure erasure option, but be prepared to give it some time to run. This can take hours.
  3. Once you’re done, extract the hard drive. Depending on the model, this can be difficult, but it’s worth it for peace of mind. Check iFixit.com for a take apart guide if you need to, but since this machine won’t work again, don’t worry about keeping track of the screws.
  4. Once you have the HD out, grab a good hammer (I prefer a 5lb sledge, but any claw or ball-peen hammer will work) and just beat the ever-loving crap out of it.
  5. Your goal should be to hit the spindle in the center, which will often get you radial fractures in the magnetic platters, which is a death sentence for any residual data.

Then, take the whole thing to your neighborhood ecycler. Most communities these days have free options for ecycling old electronics. Check with your neighborhood waste disposal group for options.

Other methods of destruction that will work include:

  1. Drill Press
  2. Firearm (if legal in your state, please be responsible.)
  3. The PD-4 Hard Drive Destroyer (a steal at $5,000)
  4. Disassembly

But really: just don’t burn it. Too many toxic chemicals that you don’t want to breath. That includes microwaving it, folks.