Saturday, October 13, 2018

The end of Google+ will impact Blogger

Visiting Google’s official Blogger blog today I tried viewing comments on a May 2018 post (a list of things removed and a promise of future work). There are 858 comments, based on Google+. I wonder what will happen to them now that G+ is dead. (So will we get our + back in search syntax?)

At one point Google tried to integrate G+ and Blogger — particularly identity management. It didn’t go well. I suspect the divorce won’t go well either.

- fn -

[1] Suggestively most of the future work mentioned were enhancements to moving data out of Blogger.

PS. Google+ was a really dumb name.

Saturday, October 06, 2018

iOS 12 update may undo cellular data lock

There’s an iOS restriction called “cellular data changes”. If it’s enabled a user cannot change their cellular data settings.

I think the iOS 12 update defeats this lock. Settings will show “Cellular Data Changes” - “Don’t Allow” but the settings can be edited.

To reenable the restriction turn it off then turn it on again.

I’ve seen this on a couple of phones post iOS 12 update. I think it’s an old bug.

Only Apple can provide family mobile device management for iOS

Over on my book project blog I recently reviewed Google’s Family Link solution for mobile device management of children and dependent devices (“parental controls”). I reflected on my experience with third party solutions for iOS devices:

… I’ve found problems with all of the solutions I’ve tested. Qustodio’s VPN can’t handle encrypted connectionsMMGuardian has several killer flaws, and their competition didn’t  even meet my minimal test standards …

I think there are four interlocking reasons that make this a “mission impossible” from anyone but Apple:

  1. Apple’s mobile device management model is very difficult to implement — even for leading corporate partners [1].
  2. It’s non-trivial development to build something like scheduled app access control on top of Apple’s suite of iOS restrictions. This isn’t something schools and business need, so it has to be supported by the family market.
  3. Very few people will pay for this service. It’s a lot of work for a niche market.
  4. Any vendor looking at the home market knows that Apple could eliminate their business at any time with no warning. That’s what Google did with Family Link.

Only Apple can do the equivalent of Google’s Family Link [2]. That may require governmental pressure. Until Apple does it parents of children and guardians of special needs adults will need physical access to iPhones to implement restrictions.

- fn -

[1] JAMF is the dominant vendor in the corporate and educational iOS MDM market. I recently took advantage of a “Daring Fireball reader” special offer for a free 3 device JAMF account. When I enrolled a test device I discovered that annual certificate renewal disconnects enrolled devices (unless you have a dedicated corporate Apple ID) and I learned that full access to Apple’s suite of iOS restrictions requires either Apple’s “PreStage purchase program” or use of Apple Configurator (I think this is in flux with iOS 11 and 12).
[2] If Apple does add MDM to iCloud, I hope they think about vulnerable adults. Google’s “age of consent” (13yo in US) opt-out and notification approach is a workable alternative to disabling use of Family MDM for adults.

Wednesday, September 19, 2018

Apple Manage Devices / Associated Devices is still kind of broken

If multiple devices share a Store Apple ID they will show up in Apple ID Devices. They will also show in iTunes (for that Store Apple ID), Apple’s current documentation states iTunes is the only way to see and manage this list. “You can have ten devices (no more than five of them computers) associated with your Apple ID and iTunes at one time."

And you thought iTunes was dead!

You have to remove devices manually from this list after you stop using them. If, like me, you use the same Store Apple ID on family devices it’s easy to hit the limit.

The interesting bit is these two lists are different and they don’t synchronize. They are presumably on two different databases.

The list is current and shows 8 devices. I think if you sign out of a device you’re not using this list will be updated.

The iTunes managed list is not updated when you sign out of a device. You have to update it manually. I think it still supports iPods. It had one of our devices that was no longer active on it, but it also had an old iPhone 4 we use for music only that runs iOS7 [1]

iPod support explains why the iTunes managed list can’t be automatically updated. I don’t know what happens if you exceed the limit on one list but not the other.

- fn -

[1] The iCloud My Devices display supports “iOS 8, macOS Yosemite … or later …”

iOS 12 Family Sharing: Purchase Sharing supports changing Apple ID and UI could support future multiple Apple IDs.

One of Apple’s “original sins” is the proliferation of Apple IDs and the inability to merge or manage them. I have four that I know of with cryptic and fungible relationships between Apple ID and product ownership. (The worst bugs in the software world are data model bugs.)

In iOS 12 Family Sharing there’s now a setting for Purchase Sharing with an associated Apple ID. Mine is set to my Apple Store ID which is historically distinct from my iCloud ID (many old timers have this unfixable issue). If you tap on this Apple ID it rings up a dialog that allows this to be changed (there’s a bug here — tapping on it doesn’t always work. I had to leave the screen and return to it to enable tap). When I tapped it switched the default to my iCloud Apple ID.

I believe this is a new control. It will be interesting to see what happens when I migrate other family devices that use this iTunes Store ID for purchasing.

At the moment only one Apple ID can be used, but this UI could support multiple Apple IDs. The screen also displays a payment method that cannot be changed, it’s presumably defined by Apple ID.

This is something to watch.

PS. The ten year history of this mess is one reason I recommend Spotify over Apple Music for families.

See also:

iOS 12 Parental Controls / Restrictions / Screen Time: Parental Controls (Passcode restricted) is not always compatible with "Share Across Devices"

Experimenting with Screen Time I enabled a passcode on my personal iPad after I’d enabled “Share Across Devices” [1]. I then found I could disable it without reentering the passcode. Which kind of defeats the purpose of a parental control passcode.

Then I turned it on again, and this time I was asked something like: “Is this iPad for you or your child?” [2]. Once I chose child I could no longer remove the passcode without entering it.

“Share Across Devices” then turned itself off.

When I turned “Share Across Devices” back on then I had to reenter my Screen Time Passcode. After than Screen Time Passcode was disabled.

Maybe this isn’t exactly a bug, but it certainly is awkward. I wonder if “Share Across Devices” uses iCloud ID or iTunes/Store ID.

Screen Time for family is enabled through the “Family Sharing” screen.

- fn -

[1] I think Share Across Devices Requires Apple’s two-factor authentication, which seems to rely on SIM-hack-friendly justly scorned phone number authentication. Yay Apple.

[2] Remember when iOS was going to allow multiple accounts on a single iPad? Android did that for their now defunct tablets.

iOS 12: It's now possible to remove/change Restriction / Screen Time passcode without removing restrictions

Prior to iOS 12 if you’d set a restriction passcode the only way to change it was to remove restrictions — which deleted things like blacklists and whitelists. With iOS 12 there’s a dialog for changing or removing the passcode. My favorite iOS 12 feature so far.

Tuesday, September 18, 2018

iOS 12: "family sharing" is still for children only -- ask to buy disabled at age 18 in US

The “Share purchases on iPad with family members” chapter of my iOS 12 iPad user guide tells me Family Sharing is still limited to children, and still not suited for use with special needs adults.

The problem is that “Ask to Buy” is available only for 18 and under. Since all purchases go to the “Family Organizer” Ask to Buy is the only way for the Organizer to control what family members purchase intentionally or accidentally. Since it’s turned off at age 18 “Family Sharing” is effectively for parents (who presumably share expenses) and children (who can have Ask to Buy).

This means that Family Sharing is not helpful for special needs dependents (guardianship status).

This is unchanged from iOS 11.  I’m not surprised, Apple doesn’t want Family Sharing to be widely adopted beyond the target group.

iOS 12 Books will not sync to Sierra or High Sierra Books

I updated my iPad to iOS 12. Books gave me this notification:

Changes you make to your library on this device sync only to devices running iOS 12, macOS 10.14, or later.

I downloaded the iOS 12 manual to my iPad and, as promised, it doesn’t show on Sierra iBooks.

Took me only a few minutes to find the first problem with iOS 12.

It’s a gift!

A similar problem happened with Mavericks.

Sunday, August 26, 2018

AT&T mobile app: A bug with data usage display and an unexpected feature

We share 6GB of A&TT mobile data between four of us [1]. Normally this is enough, but this month #1 son went over his quota. He pays for the overages, so it wasn’t a big deal, except that MyAT& on my iPhone wasn’t tracking the usage. “See all usage” showed we were using a total of 6GB of data even though we’d used over 8 GB:
IMG 1329
When you add the above numbers you get about 6.1 GB. Turns out there’s a bug in the app — it basically stops working when you hit your data limit. There’s a similar bug in a couple of places — “Change my plan” says I’ve used 6.00GB this month, in truth we used over 8GB.

To see the true state of things look down to the bottom of this screen (may need to scroll) and tap “See all my usage” (compare to “See all usage”, above). You get an embedded web page and if you scroll down you see the true current use.

Scroll further down that page and tap a link called “Manage data” (elsewhere it’s Manage my data usage”). You get some useful features I didn’t know existed …
IMG 1332
Stream saver reduces video streams to 480p, it’s on by default. This screen also lets you turn data off completely for an individual user; I didn’t know that was an option. It might be useful for working with an uncooperative dependent burning data, but it also disables Find iPhone and Find Friends. So it’s a bit of a mixed blessing.

With the data overages it’s tempting to pay $16 more (basically cost of one overage) and go to the 10GB plan, but typically we’re under the 6GB level and almost never go over 7. So it’s more economical to stay at 6 and buy overage GBs periodically. I have found everything is using more data so we might need to change in a few months.

[1] #2 son uses so little data he gets by on a @$50 a year H2O prepaid plan.

Saturday, July 07, 2018

Thoughts on replacing FileMaker Pro 11

Once upon a time database apps were priced and sold as a consumer product. Those were the days when computers were marketed as a replacement for a recipe book.

There were dozens of consumer oriented database products then, priced from under $15 shareware apps to around $100 for relatively full featured commercial products (AppleWorks, etc). Some of these products, particularly on the Mac, were astounding (though high end ones were priced as business products).

That era seems weird now. It definitively ended when Apple discontinued Bento. Shortly afterwords FileMaker was priced as a business-only product. Panorama X has followed a similar path. Tap Forms is sold at a consumer price, but it failed my basic trial tests.

The era of the affordable personal database app has passed. The only commercial remnant on any platform is Microsoft Access — somehow Microsoft can’t quite kill it. LibreOffice Base began as Microsoft Access clone and sort of runs on macOS, but parts of it still require Java.

My only current use case for FileMaker Pro is that it runs my personal password database. I could move that (yay data freedom!) to Microsoft Access in a VM, but Windows 10 is a monstrous amount of baggage to keep around just to run a personal password manager.

I could finally migrate to 1Password. Emily and I use it and I have to periodically dump data into it manually from my old password database. I wonder how long that product will last with Apple incorporating credential management into the operating system though.

Or I could adopt the lazy choice and stay on Sierra and FileMaker Pro 11 a while longer. I like the sound of that one.

Replacing Filemaker Pro 11: Tap Forms fails within minutes of testing

Filemaker 11 is not compatible with High Sierra. I checked out Tap Forms. It failed because …

1. Tap Forms Mac stores its database files in ~/Library/Containers/com.tapforms.mac/Data/Documents. I prefer not to use apps that store data in unorthodox places, it makes backup and restore too difficult. It’s much to easy to lose track of files and uninstall is more complex. This is, however, an Apple design practice — MarsEdit does the same thing.

2. I choose a csv file to import and I renamed the fields in the import dialog as below.


After import the fields had the original names.

I found two significant problems in 5 minutes of testing. The first is a design choice I dislike for this type of app. The second is a bug - an obvious bug found on the very first thing I tested.

Tap Forms is not a viable choice for me.

Also, uninstalling is the usual pain — but that’s a longstanding Apple issue.

Google Voice: "We could not complete your call - Please try again."

I’ve been using Google Voice for eons — starting before Google acquired GrandCentral. It saved me thousands on my daily mobile calls to my mother in Canada.

GV must be a real money loser for Google though — the interconnect fees to landlines are a real cost [1]. So it’s not surprising that it’s a bit of a mess — between GV legacy, GV current, Hangouts [2] and heaven knows what else.

Today I tried a GV call from my iPhone and got “We could not complete your call - Please try again.” In my case this is a bug that happened because the GV number associated with the Google ID I was using did not have an associated mobile phone (I’d moved that phone to a different GV account). I think Google for iOS used to permit that, but it doesn’t now. To use Google now you need to have an associated verified mobile phone with the active GV account.

So I moved my two mobile numbers to the two GV accounts I wanted them on. Now if I try to use Google with an account that doesn’t have a verified mobile number it gives me a more appropriate error message (that’s why this was a bug — wrong error message).

I’d be happy if GV would figure a way to make money from me, it is a great service.

- fn -

[1] Funny thing and cautionary tale: In the early 90s we were sure that by the year 2000 voice calls would be so cheap they wouldn’t be worth metering. That was only sort of true. Never underestimate the power of discontinuities.

[2] GV sort-of migrated to Hangouts, but that seems to have stalled and perhaps reversed. Hangouts seems to be dying, caught up in Google’s flailing messaging strategy.

Sunday, June 24, 2018

IOT: Switching a Chamberlain MyQ WiFi garage door opener WiFi network

When our garage door opener died our service guy installed a LiftMaster Contractor Series Garage Door Opener. I think it’s an 8155W, 8164W or 8165W.

You can enable smartphone app access to monitor and control the garage door — assuming your home WiFi extends that far. Yeah, it’s Internet of Things (IOT) device.

There are obvious problems with doing enabling wifi access:

  • Chamberlain security is probably fairly typical. As in … lousy. Assume whatever credentials you use to setup this account are now public. Also assume that the garage door is accessible by anyone who wants in badly enough.
  • Even if there are no known exploits in the device OS (hah-hah) it will never get updated. So there will be exploits eventually.
  • It’s made in China. Presumably it comes with a backdoor.
  • The standard setup is to connect it to your home network. Which means you are, basically, toast.

On the other hand an additional remote is $50 and you can set alarms if the garage door is open after, say, 10pm.

Our garage is not connected to our home, but our Apple AirPort Extreme does reach it. So, despite the risks, I did an initial experimental connection and installed the

It worked ok, so I enabled the Guest network on my AirPort and decided to switch it over. I couldn’t find documentation on how to switch to this network though.

The web page of an error message did give one way to force it to connect:

MyQ Wi-Fi Garage Door Opener: press and release the round yellow Learn button three times on the opener's motor unit. The motor unit's blue LED will be blinking on and off and the opener will beep once.

It turns out there is documentation in the product manual (available online), it just doesn’t contain the keyword “reset”. Instead it uses “erase”. To erase/reset the WiFi network you need to use the controls on the opener, not the remote. There’s an “up arrow” called an “adjustment button”. Press and hold it until 3 beeps are heard. Then start over with the WiFi. (I ran into some issue and Chrome seemed to work around it, so if Safari doesn’t work for you …)

The garage opener is on my Guest network now, so theoretically isolated from my home network.

Thursday, June 07, 2018

Things old persons don't understand -- what happens to all those school Google Docs?

Two of our kids are ending their St Paul Public School careers. Both have a collection of Google Docs.

The school does not seem to provide any mechanism for mass reassignment of document ownership to a personal Google account. From what I can tell the school actually blocks ownership reassignment. (Ownership management is one of the several significant issues with Google’s document sharing infrastructure [1].)

So what do students do with all those documents [2]? Olds like me have no idea. They don’t just let them all evaporate … do they?

(I use CloudPull, one of my favorite macOS apps, to create a local repository. The download process converts Google “docs” to Office files. Of course there’s nothing like this for iOS.)

- fn -

[1] Only owners can truly delete an owned document, and ownership cannot be transferred for non-Google “docs”. I think all own/share privileges are at the document level, but documents may inherit some properties from their folder “container” — but not ownership. Yeah, I don’t understand this. Not sure anyone does :-).
[2] Due to some cognitive disabilities and temperaments my guys can’t answer this question… I guess I should ask my daughter …

Update: of course I just write this and today I get for all my CloudPull accounts: “CloudPull was unable to export your backups”. It turns out CloudPull had lost track of my backup directory. I don’t know why. I relinked in Preferences:Advanced and it worked again. It didn’t write anything to console when that happened. Support was great at helping me fix this.

Update 8/26/2018: I again ran into “CloudPull was unable to export your backups”, this time on my personal (36GB export) gDrive. I cleaned up some other non-active accounts, used Help force reindex, and booted into Recovery mode and ran 1st Aid (it fixed things). Then it worked.