Thursday, November 26, 2015

Old pet peeve: Blogger uses <BR> tags instead of <P> tags to demarcate paragraphs

I wrote about Blogger’s mad formatting 4 years ago and five years ago. I guess it’s time again. This time I’ll include some screenshots.

My recent ebook DRM post as it appears in MarsEdit:

Screen Shot 2015 11 26 at 11 51 12 AM

The MarsEdit HTML view, each paragraph wrapped in <p>:

Screen Shot 2015 11 26 at 11 52 08 AM

How it looks when viewed as Blogger page:

Screen Shot 2015 11 26 at 11 53 37 AM

Now view source (amazing how much cruft there is in the source):

Screen Shot 2015 11 26 at 11 54 44 AM

Yes, still wrapped in <p>. Now let’s try to edit it using Blogger’s rich text editor. Suddenly the paragraphs are gone

Screen Shot 2015 11 26 at 11 56 14 AM

Blogger HTML view shows all the <p> tags have been replaced by a single <br /> tag:

Screen Shot 2015 11 26 at 11 57 30 AM

This is a very old problem. I think this was configurable in pre-2010 blogger, but it doesn’t seem to be now. I doubt Blogger will ever fix this, I wonder they do this to be consistent with languages that don’t use paragraphs [1].

 There are two things MarsEdit could do to help since Blogger is never going to change:

  1. Provide an option to follow Blogger’s convention and use two <BR> tags instead of one <P> tag when publishing. Do same conversion when bringing back an old post to edit.
  2. Make it easier to edit an old post in MarsEdit — which is probably only possible if there’s some way to send Blogger a current URL and get back a post identifier that the API can work with. Otherwise I assume MarsEdit would need a post identifier like … blogID=5710205 … postID=1945754734324659424

[1] Update: I’m being too kind to Blogger, this really is a bug. If Blogger is replacing <p> tags on an English language blog they should be writing two <br> tags, not one.

The curse of DRM - can't read new book because Adobe E_ACT_NOT_READY

This is why we should all loathe Digital Rights Management in books. I download the EPUB version of a Google Play book I bought and I got this when I launched the .acsm file

Screen Shot 2015 11 26 at 9 49 49 AM

The E_ACT_NOT_READY error message is a longstanding Adobe Digital Reader problem. It can have many causes, from a server outage to authorization problems. In this case I attempted to deauthorize my account and I got an error message that deauthorization failed.

The next step is to quite Adobe Digital Editions and “Navigate to /Users//Library/Application Support/Adobe/Digital Editions and drag the activation.dat file to the trash.” You then have to attempt to download again — by launching the .ascm file. This worked for me.

In my case I think the bug is related to restoring to a new machine from backup. The Adobe authorization is machine specific. Adobe forgot the use case of doing a restore from backup, so their code hangs and produces a default error message. The app should simply request authorization for the new machine. I suspect I deauthorization failed because, of course, I wasn’t using the original machine. So I suspect I have a ghost machine authorization in my Adobe account — another ubiquitous but subtle DRM problem (most often seen with iTunes authorizations) that occurs in iOS as well as OS X and Windows. It’s a fundamental problem with DRM tied to a specific device that is not immortal.

I checked my Adobe ID Profile, and there is no way to view authorized devices or deactivate them. I bet some users run into an activation limit.

I still think the slow/stalled adoption of eBooks is because of Apple/Adobe/Amazon DRM. In Emily’s words “English majors buy books. English majors don’t tolerate stupid software.”

We should be doing watermarking DRM instead and it should be a part of the EPUB specification.

Saturday, November 21, 2015

Sledging the drives

Obsolete and dead hard drives have been piling up for 7 years in a wardrobe I want to empty. Here they are ready for execution; one had to be dug out of a Time Capsule:

IMG 9055

The ones that I know held sensitive data (unencrypted backups mostly) I wiped via cradle mount.

Then it was sledgehammer time. The lawn was a bad idea — even by my neglectful standards it made a mess.

The best results came from angling drives on concrete, and using short strikes to fold the drive:

IMG 9056

A one pass wipe and a sledgehammer might not stop the NSA, but it should suffice for Best Buy recycling.

Thursday, November 05, 2015

Thunderbolt Dock: Eject all disks prior to undock

My new Elgato TB2 dock comes with an installer for an undock utility, but it also installs a kernel extension for some other function. I need a kernel extension like I need a meth habit.

So I was looking at 3rd party Mac App Store solutions like when @clackgoble on said to just do AppleScript. Google found one then I added Clark’s eject line. I saved it as “” and I launch by Spotlight (Cmd-spacebar “und”).




tell application "Finder"

-- Original: eject the disks

-- Clark Goble version:

eject (every disk whose ejectable is true and local volume is true and free space is not equal to 0)

display dialog "Successfully ejected disks." buttons {"Close"} default button "Close"

end tell

on error

display dialog "Unable to eject all disks." buttons {"Close"} default button "Close"

end try

Comcast's xfinity wifi and XFINITY.mobileconfig

The coffee shop’s WiFi was flailing. Periodically my MacBook popped up an xfinity wifi option. I vaguely remembered reading of this when I signed up with Comcast (the Devil we know), so in a fit of recklessness I connected. 

It required my comcast credentials, which I don’t use for anything else. I balked when the install asked for admin privileges but it turned out I didn’t need the install — my connection worked anyway.

So what the heck was going on? And what was a I recklessly installing? Why did I get a connection anyway? (Note I had no proof I was truly dealing with a Comcast site. The less crazy thing to do is to go to Comcast’s web site from a secure network and do any installs from there.)

The install, it turns out, creates a configuration file for Mac OS X Profiles called XFINITY.mobileconfig. It’s a binary file that contains your Comcast credentials in plaintext. (Yep. Delete after use.) The admin privilege escalation is needed to update OS X preferences. (If you run as admin you won’t see this; you really shouldn’t run OS X as an admin user IMHO.)

Oh, you’ve never heard of OS X Profiles? You’ve only heard of iOS Profiles? Profiles is a hidden Preference Pane introduced with Lion and only visible when you install a Profile (rather like iOS actually). "Configuration profiles can be created with the Profile Manager feature of Lion Server. They can configure accounts, policies and restrictions on iOS and Lion clients. The APN settings are iOS only.”

System Preferences will display the profile information (note it’s “verified”, this is via Yosemite):

Screen Shot 2015 11 05 at 12 26 00 PM

After installation my Preferences have a new Apple pane, i can delete from there.

Screen Shot 2015 11 05 at 12 27 56 PM

So what does this profile do? I was hoping it might enable VPN support, but of course it’s not that useful.  It’s actually configuring my machine to auto-join XFINITY WIFI even if it’s not even WPA encrypted. I hope I’m wrong about that, but this is Comcast we’re talking about.

Their FAQ doesn’t explain what’s happening, but this page suggests that the profile is needed to connect to the “XFINITY” SSID networks. (I was able to connect without using the profile because I was using a “xfinitywifi" SSD.). That makes sense because the profile contains an Enterprise Profile ID. (See iOS directions here.)

Which leaves the question of what’s evil about XFINITY WiFi, because, you know, Comcast. I mean, besides the auto join non-encrypted networks.

Don’t worry, it’s evil. Comcast turns customer’s routers into WiFi hotspots by enabling a kind of “guest network” (my Comcast modem doesn’t have WiFi. Smart I am.) Comcast assures customers Homeland Security will knock politely when visiting for tea to chat about your network use by local ISIS affiliates.

Comcast also enables XFINITY WiFi for business customers, who might be well informed and fine with this. I don’t think there’s any way to tell what you’re connecting to though. Can a provider tap the data stream? This is Comcast, so I would assume so. I also assume Comcast monitors the data stream and sells whatever it learns to various businesses and criminals. Lastly, with auto-join unencrypted networks seemingly enabled, I figure Comcast is getting kickbacks from the honeypot industry.

Caveat emptor.

Saturday, October 31, 2015

Time Capsule & Time Machine: "Browse Other Backup Disks" doesn't let you access backups from a different device

One day your iMac dies. It’s old, but not old-old. Sucks. Good thing you are paranoid about backups. You have onsite backups. You have offsite backups. You have Time Capsule backups. You have Synology NAS backups. You have Carbon Copy Cloner “Backups” (clones). You have …

Ok. I’ve made my point. Anyone this paranoid ought to feel good. Problem is, they’re paranoid for a reason. Data just wants to die.

The “you” is “me” and I’m here to tell you that one small bit of my data almost didn’t make it. One folder full of almost-deleted images got lost, I had to pick it up from a last minute copy of the iMac’s user folder. 

I had to do that because when I tried Time Machine’s “Browse Other Backup Disks…” feature (option key)  …

Screen Shot 2015 10 31 at 11 50 45 AM

… it didn’t actually work. That is, I got the right list of disks ...

Screen Shot 2015 10 31 at 11 36 11 AM

but when I selected one of them Time Machine showed me only data from my current Device’s current state — and no past data.

I did this first using a Synology NAS backup replacement for my died-young Time Capsule. I thought I’d run into a Synology limit, but I got the same results from older Time Capsule backups. It turns out that “Browse Other Backup Disks” really means “Browse Other Backup Disks … for the current device”…

 Yeah, I hate Time Machine too. OS X Help has some entries on Time Machine, but there’s no real documentation. There’s nothing on “browse other backup disks”.

So, if you don’t have access to your original mac, you are sort of doomed. That’s what happened to me.

I say “sort of” because there are weak options. You can open the disk image and navigate Time Machine’s base storage. You don’t have access to the File System Event Store or hard links though, so things are hard to locate. might help. Or you can use Migration Assistant, the official solution, and move large pieces of the backup to a local store (only most current versions of course). Maybe OS X Server has some special options …

You can also try Backup Loupe ($10). It doesn’t replace Time Machine’s time-slice views of data, but it does let you browse snapshots and search for file instances. I’m not sure it’s a big improvement on EasyFind, but I bought a copy for emergency use.

The bottom line? Time Machine is a sucky backup solution — just good enough to eliminate strong alternatives. But you knew that. If you don’t have a machine (Device) that “owns” a backup you can use Migration Assistant to copy the latest state of a large amount of data, or if you know a file name you can use EasyFind or Backup Loupe to browse.

Sure, Apple should fix this. They should fix a lot of things.

"Unable to contact iMessage server": try restoring from iCloud instead of iTunes

I picked up Emily’s SIM-Free [1] 64GB silver 6s from the Mall of America Apple store Friday night. I’d used Apple’s reservation system so that, in theory, I’d be in and out. Alas, Friday night at the Apple Store is a zoo — it still took 30 minutes. The staff were so stressed they didn’t try to up-sell AppleCare or setup a contract — just dropped the box in my hand and ran.

There’s an AT&T store in the MOA and it’s not incredibly busy, so we did our SIM swaps there [2]. My son was going from a 4s to Emily’s 5s, so he needed a new SIM.

I restored both phones from iTunes backups. Emily’s worked, though it was a bit choppy. I had to unlock the phone 1-2 times as it went from 9.0.x to 9.1. 

My son’s restore didn’t work. I completely erased the 5s before starting, but there was still an odd feeling about the way the restore proceeded, perhaps because the 5s was still on 8.x (I didn’t realize it had never been updated).  Yes “odd feeling” isn’t very helpful, but I wasn’t paying that much attention. I’ve been down this road a few times.

Prior to the backup I’d removed iCloud, iMessage and FaceTime from his account, planning to put them on post-restore. I had some trouble restoring iCloud — the phone hung on credential entry. I restarted and it seemed to work — but then iMessage and FaceTime weren’t activated. When I enabled them I got a very cramped non-iOS 9 dialog for entering username and password.

I’ve seen that dialog before. It’s something very old — I suspect it’s hard coded for non-retina screens and dates back to the dawn of the iPhone, pre-iCloud. It’s a bad sign, it exposes Apple’s still broken iOS credential management problems [3]. When I did enter my son’s credentials the dialog hung, waiting for a response. I could kill settings; iOS wasn’t frozen. I let it sit for 15 minutes and it eventually responded with something like “Unable to contact iMessage server”. I don’t think there’s a problem with the iMessage server, I think that’s a misleading error message meaning “something went wrong”.

I called AT&T phone support to confirm the IMEI/ICCID relationship was correct at their end. I’ve had my issues with AT&T, but they must give their support staff very good coffee. They are remarkably pleasant and helpful. AT&T’s configuration looked good.

So either the phone was having hardware issues or something had gone wrong with updating one or more of Apple’s configuration systems. There’s lots of evidence that Apple wants iTunes to “die in a hole”, so I decided to try it Apple’s way. I did an iCloud backup, wiped the phone, and restarted with an iCloud restore.

That went smoothly. During the restore I had my son’s Mac account open for Keychain share confirmation, and I got the usual “FaceTime is using..” dialogs. I didn’t have to enter any extra credentials. iMessage and FaceTime activated immediately.

I suspect the combination of iTunes and iOS 8 to 9 and my removing FaceTime/iMessage/iCloud prior to backup exposed a nasty bug in Apple’s frail authentication systems. The real lesson though is that iTunes backup is seriously deprecated. I’d been moving to all iCloud backup and just doing a manual backup to iTunes every few weeks; that’s obviously the way to go.

- fn -

[1] We are currently AT&T customers, and there’s a case to be made that an unlocked AT&T 6s has the best set of antennae and band coverage for AT&T and even international use. You can’t, however, buy an unlocked AT&T iPhone directly, you have to buy it on plan then pay the plan cost to unlock it. Our AMEX purchase protection and extended warranty only work when the full purchase price is on the card. Hence SIM-Free.

[2] In theory you can move a compatible AT&T SIM from phone to phone yourself, but in practice I’ve seen some odd things. AT&T reps tell me their systems don’t update the ICCID (SIM)/IMEI relationships automatically, or at least not immediately. I think this causes some iMessage/Facetime activation delays.

[3] There are separate credential stores for iMessage, FaceTime, iCloud and the App Store — and perhaps for 1-2 other items. If you migrated from to some of these systems require two sets of credentials. Apple tries to hide this from users, but any number of bugs will expose it.

[4] To fit into the iCloud 5GB limit I routinely delete obsolete backups of old phones and I move data to our local machines. I see that with 9.1 there are now more controls on what’s part of an iCloud backup, though they are a bit hard to find.

Thursday, October 29, 2015

File sharing for the all-MacBook home

Lifehacker’s guide to home file sharing was written in 2010 for Windows users. Excluding a traditional server/file share the options back then were Dropbox, a NAS, and, peer-to-peer sync solutions. Things haven’t changed much since then.

Now that I’ve retired our iMac and gone all-MacBook, I need one of those solutions for a small number of files (MBs, not even 1 GB). Our home’s options are Dropbox, Google Drive, Microsoft’s OneDrive, a Synology NAS with or without Synology Cloud Station, Mac LAN based sync solutions (ex: ChronoSync, note MSFT bundles this with Windows), and an Airport Extreme external flash drive.

There are lots of options, but nothing is quite perfect. Dropbox, Google Drive and OneDrive all move our family data into the Cloud — and I’d like to not worry about that. Sync solutions mean new software, but perhaps only on one machine.

I’m going to stick our unused $20 SanDisk Ultra Fit 64GB flash drive in back of the Airport Extreme. I already use Carbon Copy Cloner as part of our nightly backup, I’ll just back the AE Flash Drive up to disk image on one of the my OWC Thunderbolt 2 dock drives. They in turn are backed up by both CCC (to removable drives) and Time Machine (to the Synology NAS).

That should be good enough. Keep it as simple as possible…

Update: oops. "When you use Airport Utility to change AirPort Extreme Shared Disk(s) security it *seems* to wipe out everything on the disk. Except free space shows data is still there.”  The AE has an operating system with some kind of file system support and access controls, but we have very limited access to it.

This Apple article partly explains what is supposed to happen. From Airport Utility we can create username/password “accounts”. Say “Parent” and “Kids”. When a client connects you are asked username/password, that gives access to the Folder of the same name as well as a “Shared” folder. So Emily and I connect as “Parents” and see the “Parents”  and “Shared” folder, but we don’t see a “Kids” folder unless we connect with that username password.

There’s no way for me to connect with to the AE shared disk (partitions?) and see everything.

When I insert the flash drive into my MacBook I can see how it’s organized, including the folders that were on the flash drive when it was “password” access rather than “account” access.

Screen Shot 2015 10 29 at 1 16 43 PM

When I switched “Secure Shared Disks” from “With a disk password” to “With accounts” it didn’t wipe my data, it created a Users folder containing the “Parents” folder and hid the existing folders. I thought I also created a Kids user, but I don’t see that Folder. Bug?

Hmm. This is a bit weird. I could experiment with partitioning the thumb drive on my Mac, but I think I need to look more at the Synology.  The AE’s file sharing security model seems to make backup impossible.

Update 2: I’ll rewrite this when I finalize things, but it looks like the Synology NAS gives me the permission controls I need. I’ll put the shared files there, then use CCC to put them back on an image on my laptop. That image will in turn go back to the Synology NAS Time Machine backup as well as to my local CCC backups.

Update 11/21/2015: I ended up enabling Synology Cloud Station, including installing the Mac client for both Emily and I. So our relatively small (1.5GB) of shared data exists on the Synology NAS (not baked up) and on both of our machines (so multiple backups). It is a strange outcome for the old file sharing/NFS/WebDav model and it doesn’t seem the most elegant solution, but sync seems to be the current technology direction. (Dropbox would be simpler, but we wanted to keep the data local and, of course, Dropbox costs money. The Synology NAS also supports a BitTorrent sync package but the Cloud Station seemed to have more users.

Configuration was a bit odd — you do need to read the documentation. The default setup is within one’s “Homes” folder, so if you want to share with two users (workgroup) you need to create a folder outside that NAS hierarchy and choose to that for sync.

Tuesday, October 27, 2015

iCloud Settings: remove devices, restore some iCloud content (but not Notes)

An Apple World post on El Capitan’s iCloud device management tools led me to check out what iCloud Web Settings supports. It has similar functionality

Screen Shot 2015 10 27 at 8 30 09 AM

From this web UI, as in El Capitan, you can remove devices from your iCloud account — including a machine that’s died or been sold.

There’s also a “restore files” option — the beginning of a backup solution for Apple’s iCloud services. It’s limited to iCloud files, Contacts and Calendars — there’s currently no support for restoring files (sadly). I didn’t see any way to accelerate deletion of files — once data goes to the Cloud it is beyond our control.

Restores are all or none — you can’t restore only some Contacts.

Friday, October 23, 2015

Group text on iOS: native functionality and the alternative (and GroupMe)

Our school mountain biking team has been doing group texting for coaches. Works well on rides — especially when coordinating riders of different skills. 

Yeah, I know the larvae do this. They use dedicated chat apps though, like WhatsApp Group Chat or Facebook Messenger or, much less often, named iMessage groups. We are old and set in our ways, so we need something that works with SMS. (Google Hangouts is said to support Group SMS, with Hangout 4.0, but I couldn’t verify this. Too complex anyway.)

The simplest approach to to send one message to a group, then dig up the thread when desired. You can even name the thread — but only if everybody is using iMessage (never happens). In practice many of us lose the thread.

There’s another approach sort of built into iOS. In OS X or iCloud you can define “Groups” of your Contacts. Bizarrely, you can see Groups using iOS, but you can’t edit Group membership in the standard iOS [1]. You can buy for $2 and it will do lots of things that should do including editing Groups — and it works with the Contacts database. Or you can use iCloud or OS X to edit Groups and sync.

However you do it, once you define a group you can use it in iMessage as though it were someone’s name. There’s a limit of 10 SMS members however. Worse, a single person can have multiple phone numbers — and every number is used.So this looks appealing but it doesn’t actually work very well. What might work natively, at least for 10 or less SMS names, would be to create a Group composed of 1-n people each with 6-7 numbers each. Say the group is BIKE, and there are five people in it - Mike, John, Bob, Alice, Jim. Define the group BIKE, then create a contact MIkeJohnBob and a contact AliceJim with appropriate numbers. You’ll probably still hit the limit of 10 SMS numbers though.

But it’s not hopeless. It turns out is pretty smart about this. When I chose my group in, and select all the members (one tap) then tap SMS, it asks me to adjust the phone numbers for each recipient — and it does intelligent number selection. I was able to create a message for the BIKE group with 11 members, presumably because several used iMessage instead of plain old SMS.

i was able to create it … but not to send it. The message failed; I assume can’t get around the 10 SMS limit (maybe is US specific?).

We should really use a group chat app that works on Android and iOS, like WhatsApp...

[1] A function we’ve been asking for since iOS 2. I don’t think we’ll every see it.

Update: Richard (in comments) suggested I look at GroupMe, a product launched in 2010 and acquired by Microsoft’s Skype in 2011. He says GroupMe will incorporate SMS users into a group, no app required. That wasn’t obvious from the main page, but in the About page … "Best of all, it works on nearly every phone, via push or SMS” and in support: "You don't need to have our app to use GroupMe. Add anyone from your phone book and they will immediately be able to chat with the group. You can chat with your groups directly over SMS.” SMS costs money, so I wonder if the web site has been revised to downplay the SMS integration. No business model needed since this is Microsoft.

It feels like the echo of another era, back when some phones walked on 2 legs and others slithered. You can do most things just with SMS (I have vague memories of Twitter and perhaps Facebook doing SMS things), and your correspondents don’t have to register or sign up for the app (yeah, you can spam anyone). A 2011 Business Insider article mentioned it alongside Kik; apparently GroupMe was hot once.

Every member of a GroupMe Group sees messages coming from a unique phone number. Which is a clever workaround for the limitations of SMS chat — the phone number you see is a unique identifier (key) for a combination of a Group ID and a member’s cellphone number. When you send a message to that number GroupMe confirms the sending phone (callerid) matches the database record, then GroupMe sends it out to all the other cell number that are a part of the group.

It’s clever, albeit a bit obsolete now, but it’s also quite an expensive approach. GroupMe must have ways to reclaim numbers for reuse ...

Wednesday, October 21, 2015

Macs and external SSD storage - thunderbolt hubs and USB 3 UASP

My 2009 iMac is finally dying. It was my second iMac and my second iLemon. My 2005 iMac had early screen discoloration, overheating, and drive failure — but it survived the capacitor failures that killed many of its generation and it was the almost last Mac designed for user servicing. My 2009 iMac had early screen discoloration, overheating, screen flickering, two drive failures (one under recall) and, now, GPU failure. It’s not user serviceable. Lemon.

So I’m not a fan of Apple’s iMac lineup; I don’t want to buy another one. The Mac Mini is interesting, but the SSD pricing is irritating. The obscure but still sold non-retina 2012 MacBook Pro is an attractive iMac alternative when paired with an external monitor — and I actually prefer two 21" displays to a single 27” display. A refurb costs $829 and it’s easy to add memory to the 8GB max. It even has a Firewire 800 port. Still … 2012. That’s pretty old tech. I could buy another 13” Air ...

Or, I realized, I could not buy a Mac. I could save money and, more importantly, reduce my maintenance hassles. When my Time Capsule died young I bought a Synology NAS [1], I can use that as a file server for the family files. My Aperture photo Library is too large for my MacBook Air SSD, but I can pull my 1TB Samsung EVO SSD from the dying iMac and put it in an (very) inexpensive UASP+ external SSD enclosure (or this one) [5]. Based on past experience Aperture ran pretty well even over Firewire 800 and an external SSD. Emily has her 11” Air, I have my 13” Air, #3 uses her school iPad, and #2 only uses a computer for his school work. He can use one of the Airs — or maybe I’ll buy a disposable $150 Chromebook. [2]

Ahhh. One less computer to update, debug, drag to the Apple store, configure … I feel the warm breeze of a southern sea … [2].

My Air has two USB 3 ports and one Thunderbolt 2, currently occupied by a mini-display port. If it’s replacing my iMac it needs to work with 1-2 external displays, the iMac’s 1TB SSD in a USB 3 enclosure, several USB devices (scanner, DVD), an ethernet cable connection to the NAS and, ideally, my old Firewire 800 external 4TB drive, backup drive cradle, and flatbed scanner. Apple’s $1000 answer is the aging USB-free Apple Thunderbolt display.

Disregarding the obsolete Apple solution, I could go with a USB 3 hub or a Thunderbolt hub. With either one I’d like UASP Support [3]. The Vantek UGT-AH700U3-2C USB 3 hub is said to support UASP on a Mac; Wirecutter’s favored Anker hub didn’t in 2013 (though it might with newer chipset, wire cutter missed this important criteria in their review).

Really, even though the USB 3 hubs are ultra-cheap, I’d prefer something that would give me a single plug. Which means Thunderbolt-2 docking stations. I reviewed the options...

  • The original Caldigit ThunderboltStation claimed UASP support but the new one doesn’t mention UASP — and it has a limited number of ports.
  • Elgato thunderbolt 2 dock is sold by Apple Store [4], it has Thunderbolt_2 (2), USB 3 UASP compliant (3), HDMI, GB ethernet (no firewire, but Apple sells a firewire/thunderbolt adapter for $30)
  • Belkin thunderbold 2 express HD is also sold by Apple, but there’s no mention of UASP and it has only two USB connectors.
  • The OWC Thunderbolt 2 dock has the best connector options: Firewire 800 (!), 5 USB 3, Ultra-HD HDMI, Gb ethernet — BUT there’s no mention of UASP support anywhere. You have to buy a thunderbolt cable.
  • The Akitio has only two USB 3 ports, but they do support UASP [5] - but no ethernet ports.

Overall I like the OWC Thunderbolt 2 ($228 + $30 thunderbolt cable), but it’s missing the UASP support (but [5]). Otherwise the Elgato ($208, need to buy $30 Firewire/Thunderbolt adapter) would be my choice.

I’ve got a response from OWC pending on UASP support, but I’m also wondering if it makes a real world difference. Update pending.

- fn -

[1] Apple quality? Only by comparison to the alternatives, and perhaps not even then.

[2] Apple, you really shouldn’t be making non-purchase so appealing. Maybe invest more in software quality and hardware reliability and value and less in marketing gimmicks?

[3] USB Attached SCSI. Really?!  I still have nightmares from my SCSI days, termination voodoo. Yeah, not the same thing, but tell that to the dreams. From the wikipedia article: "Apple added native support for UAS to OS X 10.8 Mountain Lion; drives using UAS show up as using IOUSBAttachedSCSI instead of the older IOUSBMassStorageClass kext”. I wonder how much USB Attached SCSI/UASP resembles Firewire protocols; I couldn’t find any Google references. This is the kind of thing BYTE magazine used to do so well...

[4] Navigating the online Apple store really can’t get any more painful… can it?

[5] It sounds like, practically speaking, the best one ever does is about 370MB/sec whether by USB, thunderbolt or eSATA. Makes me wonder whether UASP support actually makes a real difference in today’s products.

Update [5]: The Amazon listing for the Intateck is a bit mind boggling. This screenshot shows the multiple options shown for a single listing:

Screen Shot 2015 10 21 at 1 54 12 PM

Depending on where the mouse lands you can get a model FE2003, FE2002, or FE2001 with varying case designs, some plastic, some aluminum, some with side vents, some not. I chose Aluminum, Optimized For SSD] Inateck 2.5 Inch USB 3.0 Hard Drive Disk HDD Aluminum External Enclosure Case with usb 3.0 Cable for 9.5mm 7mm 2.5" SATA HDD and SSD, Support UASP - the FE2003 version. The reviews for these different units are all merged. I suspect both Inteck and Amazon are guilty here.

Update: I ordered both the Elgata AND the OWC Thunderbolt docks from Amazon. I’ll run my own tests on both of them against the Inateck F2003 containing my 1TB Samsung and I’ll return the loser. If the OWC is good enough I’ll keep that one.

Sunday, October 18, 2015

Replacing a Time Capsule with a Synology NAS - Time Machine for multiple machines

When my first Time Capsule died young I grumbled and bought another. When the second Time Capsule died even younger I decided to try a Synology NAS [1]. If nothing else, maybe restores would, maybe, actually work.

Yes, Apple’s Time Capsule sucks. So does Apple to be honest. But you go to war with the army you have ...

Synology has a technical article on configuring Time Machine, but it assumes you have only one Mac.That’s dumb. If I had only one Mac I’d use an external drive cradle.

Two web sites were particularly helpful

To begin with I purchased a consumer grade Synology DS215j for $200 . This device is widely used and has a good reputation, but I suspect it’s due for replacement soon. I like using old stable stuff so this was fine with me. I bought it through Amazon where it was clear most users buy a pair of WD Red 4TB NAS drive to go with it. Installation was simple — but I still got confused! Synology provides two sets of screws, one for the drive mount and the other for case closure. They also provide extra screws for each! So, of course, I ended up thinking the packet of 10 screws was 8 mounts and 2 case. Except they don’t fit the case… Ok. Look for the other wee packet.
So far my Synology setup seems fairly quiet. If you hear a loud fan noise you probably got a bum unit (OTOH I expect the fan will get loud in a year or two.)
The initial setup defaults to Synology’s version of RAID 1 Synology Hybrid Raid (SHR). Use the Storage Manager tool to run a SMART Quick Test or a full Extended Test. The Health Info will show SMART status and useful disk information including Temperature (90F on mine). I configured Notifications to send me a monthly report; I didn’t want to give it access to my primary Google account so I used a non-critical secondary account for email services.
Synology tells me I have 3.6TB of storage to play with. That’s enough for my backups, but it doesn’t leave much for other uses. I considered using a Disk Group to create a 7.2 TB “drive” and divide that into two volumes, but then I did the arithmetic on failure assuming a 1/10 chance of drive death in the first year of use (which, for me, would be typical):
  • Use one drive for backup without drive group: 1/10 chance of data loss.
  • SHR data loss probability: 1/100 (both drives must fail, really it’s much less than that because they have to both fail before I can replace one)
  • Single Drive Group data loss probability: 1/5 (1 - 0.9*0.9) — Assuming data is striped so that if either drive dies the entire data group is lost.

I decided I like having a much more reliable backup — at least for now. I don’t like the risks of creating a Single Drive Group, but I could see one day using one drive for backup and another for other work.

You can only have one Time Machine folder on the Synology NAS that will hold one or more Time Machine disk images (one disk image per Time Machine), but you do have a choice about how many users to create. If you create one user with privileges for this folder they all share the same disk quota and the logs are hard to interpret. If you create one user for each Mac then each machine can have its own quota and the logs are more useful. I created one user per machine named after each Mac’s network name (they all share the same password). Each of these users has its own disk quota, I’ll have to see how Time Machine behaves with that. I gave each user “Network Backup Destination” and “File Station” application permissions, I’m not sure both are needed.

Synology supports AES encryption of the backup disk, but a 2012 article claims a major performance impact. Time Machine also supports encrypted backups (new since 2012) but for initial setup I’ve left that off. Since my primary server is also unencrypted this isn’t worse than my current practice. I use encrypted images for sensitive data and we do encrypt our laptops and our rotating offsite server backups. The primary risk of an unencrypted onsite drive is, of course, theft. When I have more experience I’ll experiment with Time Machine’s native encryption, but I wonder if that service has something to do with the impossibly slow Time Capsule restores I’ve seen.

As I finish this post my first Time Machine backup is starting — over Wifi, so this will take a while...

[1] Synology is a very Chinese product — including off-key English syntax. I wouldn’t install it in a US government facility.

Update: I’m realizing 3.5TB probably isn’t enough storage, and I’ve been told the Synology NAS keels over when asked to remove a TB sparsebundle. So after my initial testing I’m probably going to start over with two separate 4TB drives and create a separate volume for each machine I’m backing up. Then I can wipe the volume rather than delete the sparesebundle. Seems like the right balance between reliability and storage efficiency for my uses.

AT&T iPhone 6s with iOS 9.0.2 problem: no WiFi-Calling, Call Forwarding or Call waiting. Fixed by new SIM card and repeat activation.

I described this problem in a series of Apple Discussion posts, but I’ll summarize here. I think it’s the related to the problem that’s described in a Verge article from 10/9 (despite Apple marketing in the 6s is not actually GSM carrier neutral). I also bought an unlocked iPhone from Apple.

Shortly before a trip (as usual!) I found I couldn’t do Call Forwarding (Settings:Phones) on my relatively new iPhone 6. Instead of getting a number I could edit, I saw the display “loading…”. If I deleted the text I could enter a number, but it didn’t really work. If I played around a bit I could generate an Oops! error message. Around the same time I discovered WiFi calling wasn’t working despite new AT&T support; initially it seemed to be available but I got yet another “Oops!”: “We can’t turn on Wi-Fi calling for your account. Think this message is a mistake ..” Call Waiting wasn’t working either.

I don’t know if the call forwarding was a new problem, I don’t use it very much. I found that other phones on our family account could forward. I called AT&T and the rep hadn’t heard of the problem, but based on a tip from Apple Discussions I asked for a new SIM card. Turns out they can send these by mail.

That fixed everything. I suspect the SIM activation process updated my AT&T config data correctly. I’m not sure how I activated my iPhone 6 — I might have put my 5s SIM in it. That’s probably not the write way to do things.

You need to setup your phone as if it were a new device, per the “Let’s Get Started” directions and the site. When I started the process AT&T showed me my iPhone 6 IMEI number and the SIM/ICCID number for the new SIM card. I turned off my iPhone, did the Activation on the web site, inserted the new SIM card, and turned on the phone. Everything worked — even iMessage (to be safe consider logging out of iMessage with the old SIM then activating again with new SIM — but I didn’t run into problems).

Screen Shot 2015 10 18 at 1 14 21 PM

Thursday, October 08, 2015

Comcast (xfinitiy) Arris modem link light blinks orange (yellow?) rather than green - check your ethernet cable.

[jump to the update on this one, it’s not what I thought it was…]

When I switched from CenturyLink to Comcast two months ago my “boost” speeds were 50 up and 10 down on a rented Arris modem. The modem lights were green and i thought the link light was blinking green.

Recently comcast claimed to have doubled my internet speed. It did go up briefly to 100+ mbps, but now it’s back down again. Around the same time I noticed my modem link light started blinking yellow/orange.

It sounds like this may be associated with a > 100 mbps connection, but I suspect it also happens when there’s something amiss with Comcast’s network. Based on what I read and a call to Comcast there’s nothing to do about it as long as you’re getting the speed you paid for (which may not be the speed comcast promised, but there you go.) The comcast rep did say my area was suffering from network issues.

Update: A better thread on Amazon (!) says: "The light is orange when connected to a 100 Mbit device, and blue when connected to a 1 Gbit device”. My modem is connected to a GB device though (Airport Extreme), and the link light should be for upstream connection, not downstream. I may try a different ethernet cable...

Update b: I’m surprised, it’s not at all what I thought. The link light isn’t for upstream connections, it indicates downstream (internal) connection mode — 10/100 is yellow/amber/orange, 1000 (gb) is green. I’d forgotten that, in the midst of resolving an issue with a dying time capsule, I swapped out the ethernet cable connecting my Comcast modem to my Airport extreme. The new cable was a better length, and I thought it was excellent quality. Turns out it wasn’t so excellent! I swapped my original cable back in and the light immediately went green.

I then repeated the Comcast speed test, this time with my Macbook Air within a few feet of my router. For convenience I tried with 5GHz Wifi, not wired gb ethernet. Comcast more than passed the speed test — delivering 125 mbps over wifi. I don’t know if my modem reports a faster internal speed to Comcast and if that impacts provisioning. I’m used to berating my ISP, but Comcast did very well on this one. With 100+mbps (much less gbps) broadband internal networks matter.

In the dining room, a floor below and about 20’ feet away, the same speedtest over 5GHz wifi gave me about 73 mbps (my 11” Air might have been a wee bit faster than my 13” Air). Quite an impressive reduction.

Monday, October 05, 2015

Apple Time Capsule - dead at 2 years 4 months, resurrected as a pure NAS solution

My Apple Time Capsule is dead. It started taking a very long time to join my wireless network, so I did a ’restore default settings’. The restore seemed to work, but it couldn’t join the network; on restart it’s settings were scrambled. So I tried again, and it stopped paying attention altogether.

This TC lasted 2 years and 4 months. Even when it worked restores were agonizingly, impossibly, slow; the Time Capsule is a grossly underpowered NAS. I was disappointed in my previous time capsule, but at least it limped along for almost 4 years.

I have a reasonably modern Airport Express that can take over print server duties for now, but I do need something to run Time Machine backups on. I’ll have to think this over a bit…

Update 10/6/2015: Using broken TC as a wired peripheral

It looks like something is rotten on the network/wireless side of the Time Capsule. I gave it some debug time and some factory resets, but I didn’t invest a lot of time. For one thing I realized there’s only 25GB left on the 2TB internal drive — it really is too small to backup our home network. I’ve ordered a Synology DS215j [1] and two WD Red 4TB NAS drives to be our Time Machine and file server. Over time I may be able to use this to replace an external drive attached to our home server. Shawn Blanc’s 2014 review of the DS213j is a helpful guide.

In the meantime I’m short on backup for our home network. My primary server runs a highly carbon copy clone with offsite backup, and I can run carbon copy manually to a network share from my personal workstation, but that leaves two other machines. I also like having two very different backup modalities for my primary machines. I found I could still use the Time Capsule through its wired ethernet connection.

Our home network is all WiFi now that the Time Capsule (switch, NAS, etc) is dead, so I used network preferences/location to make wifi the primary network option on all devices. Then, using Airport Utility, I browbeat the half-dead TC until WiFi was off and network services were in bridge mode, but file share with local file password was on. Then I found I could connect from each machine by direct ethernet to the TC and run Time Machine manually. I’ll do that until I get the Synology integrated.

Hmm. I wonder what happens if I connect the Time Capsule to a network port on my Airport Extreme...

Update 10/6/2015b: Using broken TC as a pure NAS hanging off my newish Airport Extreme

It took me too long to figure this one out. I blame that partly on Apple’s now opaque Airport configuration tool (designed to try to hide complexity of WiFi, fails at that).

Our newish AirPort Extreme (column thingie with fancy antennae), which plugs into our Comcast “modem”, is powerful enough to cover our whole house — and it has 3 ethernet connectors. So after I disabled WiFi and put the broken TC into bridge mode, I connected its ethernet uplink to an ethernet jack on the Extreme. Voila — it’s lights are happy green and Time Machine works with no configuration changes. Even the photo slideshow on the TC USB mounted thumb drive share works. This will hold us until the Synology arrives (0 drive configuration is out of stock).

Screen Shot 2015 10 06 at 12 23 55 PM

The only trick is convincing the TC to accept bridge/no wifi:

Screen Shot 2015 10 06 at 12 23 34 PM

Screen Shot 2015 10 06 at 12 23 41 PM

After doing a hardware refresh AirPort Utility (ethernet connection to Mac) insisted I first configure it as standalone network service. That left it blinking yellow, but I could then get to the “advance” interface that let me make it into a pure NAS solution.

[1] What are the odds its firmware comes with Chinese gov hacks pre-installed?