Wednesday, December 30, 2015

A Google Doc I wrote in 2010 has lost its images

Every 1-3 years I write a “solstice letter”. Since 2010 or so I’ve used Google Docs; it’s the best match to sharing it via PDF and web. 

Today I discovered the 2010 document has lost its images. The text is there, but the images are gone. I tried downloading as PDF, but they don’t show there.

It’s a significant non-recoverable Google Cloud data loss, probably related to old versions of Google Docs.

I’d saved a local .docx version to my personal web site so I still have something like the original. Because I’m a particular kind of paranoid; that is, the experienced kind.

Not good Google. Not good at all.

Sunday, December 27, 2015

Emergent phishing attacks

This one amused me.

I have an email address in one of my domains that redirects to an immutable long-random-username address assigned by Appigo. Messages to that address create tasks on Appigo’s ToDo.app [1]. Today when I opened ToDo.app I had a task that included a phishing attack link. The “Dear xxx” introduction included the username portion of my redirect task.

This clearly wasn’t a specific ToDo.app phishing attack; it was a routine email phishing attack. Gmail would have sent it directly to spam, but of course this route bypassed spam filtering. Having a phishing attack appear on my task lists was an emergent result of using a “secret” email address as a data interface.

The good news is that the email redirection I used is also a form of defense. Appigo doesn’t provide a way to change their secret email address (not smart of them), but since I created a short memorable version their immutable “backdoor” was not exposed. I can change the redirect address I control.

Intelligent systems are rather hard to secure. Which is why the Internet of Things is a mistake. Make no system smarter than it needs to be…

[1] I use this app extensively on iOS and OS X, but I don’t recommend it because there’s no data export or archiving support. Of course most of the competition are no better, but OmniFocus and Toodledo provide export.

Wednesday, December 23, 2015

The Apple Way or the Google Way: A rough draft for comment

I’m writing a book on supporting special needs teens and adult independent living with a smartphone. I’m covering both iOS and Android in the one book (if Microsoft pays me I’d do them too :-), so I had to write a chapter comparing them. Except that’s not what I had to write, when I started I realized that I wasn’t comparing iOS to Android as much as I was comparing the Google Way (Android, iOS) to the Apple Way (iPhone).

I’ve done a very rough draft below, I’d love to get comments here or email to jfaughnan@gmail.com (or jgordon@kateva.org if you prefer). By way of context we’re an iPhone/Mac family who do most things the Google Way, and while I do appreciate my iPhone 6 (screen pop!) I’ve been quite impressed by an ultra-cheap Lenovo moto-e phone I bought for this project. I think Apple used to do great software, but they lost that knack around around 2006, when Steve Jobs killed iMovie 6/iMovie HD. So it’s a fair fight now.

Life would be simpler if either the Apple Way or the Google Way were clearly better. Unfortunately, life isn’t like that. So there’s no simple answer to the question “What phone should my Explorer use?”.

In general Guide and Explorer should use the same smartphone. Very few people will want to know learn the ins and outs of two devices. So if you and your Explorer favor the same solution you can skip the rest of this discussion.

School experience doesn’t help much. Most schools, even those that favor iPads over Chromebooks, use gCloud services. This tends to favor Android phones, where gCloud is the only option. On the other hand, as we noted earlier, iPhones can be used with Google’s solutions — it’s just a bit more complicated.

There’s a cost advantage to Android phones, but it’s not as big an advantage as it first looks. If you disregard the deceptive cell phone contract “costs” and look at the real cost of an unlocked phone, you can buy a remarkably powerful Android phone for as little as $100. The least expensive iPhone currently costs about $450. That’s a big difference, but even a good mobile phone plan will cost $40 a month (more below on saving money there). Over two years the Android device will cost $1,920, the iPhone will cost $2,270 or 15% more. At the end of that time the iPhone probably has 2 more years of useful life, but the Android phone will be obsolete. Of course if your Explorer tends to lose or break phones, that $100 phone is awfully appealing.

The iPhone has other advantages that justify some of that price premium. Apple Stores provide excellent technical report and service. iPhones get regular and reliable software updates and are much less vulnerable (so far) to malicious software attacks (malware). If you stick entirely with iCloud iPhones are significantly simpler to use than Android phones.

Apple’s software is typically easier to use and learn than Google’s software. It’s also easier to restrict and control an iPhone. Those are real advantages for our users.

In theory, for a vulnerable population, the iPhone with iCloud (not gCloud) has other advantages. Google makes its money from advertising and selling information about its software users, Apple makes money from selling goods and services. In practice I’m not sure how much different this makes … so far.

There’s one last consideration. If you choose an Android device and gCloud it’s not hard to switch to an iPhone. Google wants your advertising attention regardless of what device you use; you can bring gCloud with you. If you choose an iPhone and iCloud though, a move to Android will be more painful.

The good news is that whatever choice you make, you can easily defend it! Both Android and iPhone will work. Just try to avoid supporting both and Android and an iPhone. That’s too much work.

How Apple's Music.app broke shuffle in iOS 9.2 (and how to unshuffle your classical music album)

With Music.app in OS 9.x Apple effectively made “shuffle” the default way to play an album or playlist. That’s not necessarily bad, but where they went off the rails was they gave one icon two very different behaviors. To explain how to shuffle I have to explain what they did

This is the problematic icon:

Bad icon

On this screen, which is what you see if you tap the new default wee summary screen that shows when music is playing, it behaves like a toggle:

IMG 9660

That is, if you see this screen, you can turn shuffle on or off by tapping on the shuffle icon. It’s a toggle. The color change is too subtle, but if you squint you will see it. Of course this means you have to start playing a song to change the shuffle state and then you have to go back to the album and somehow start over. Very weird. Really only makes sense if you’re in the middle of a playlist and for some reason you decide not to shuffle any more. Why would anyone do that?

But that’s not the real problem with Apple’s UI. This is the real problem, it’s the screen you see if you tap an album or a playlist:

IMG 9659

Do you see our old friend the Shuffle icon? It’s mid-way down. It even has the word Shuffle next to it — a convention that appears nowhere else in Apple’s iOS user interfaces. Except it’s not our old friend. in this context “Shuffle” is not a toggle. It means “start playing what’s below — shuffled”. There’s a control that means “start playing what’s below — not shuffled”; it’s the small pink play arrow that appears above Shuffle (sometimes I think it doesn’t show, but that’s probably a bug. Stop what’s playing and return). This other control actually is a toggle, between play non-shuffle and pause.

So on this screen, to recap, there are 3 functions, play non-shuffle, play-shuffle, and pause. The functions are distributed between two controls, one a toggle and the other an action button, and the action button uses the same icon as a toggle control that appears on another screen.

[UPDATE: If you are in the context of a list, as when you select an album or playlist, and your are not in shuffle-mode, then if you select the first item on the list play will continue sequentially until the list is completed. This behaves the same way as taping the Play icon on the Album Art image when no item is selected.]

Yes, there really is a horror movie to be made about Apple’s software development post 2010.

Incidentally, here’s the official 9.2 user guide as of Dec 2015. They don’t even try to explain this. Smart move.

IMG 9658

Tuesday, December 22, 2015

Calendar sharing between Google and iCloud is very confusing: webcal vs http vs. https

A book project forced me to dig into a perennially painful topic — Calendar sharing and subscription in iOS and OS X (MacOS Yosemite) for Google and Apple.

I discovered:

  • iCloud uses Webcal protocol links to share public calendars among iCloud users. Google can parse these, but it in my tests no events appeared. Old web pages say Apple blocks Google access to public iCloud calendars (robots.txt).
  • Google uses https links to an ICS file to share public calendars. Yosemite Calendar.app can use these links and iOS Calendar.app can use these URLs [1], but iCloud.com Calendar can’t. At least in my testing, with Yosemite, Calendar.app on MacOS and Calendar.app on iOS don’t share these calendar subscriptions.
  • Safari.app on iOS will pass an iCloud webcal URL link to Calendar.app and this will trigger a calendar subscription. Google ICS file (https) links won’t work, renaming them to webcal doesn’t work either (I think it might have in the past).
This confusing situation is reminiscent of the complex hoops required to support CalDAV sync for multiple Google Calendars in iOS and MacOS. Apple and Google have very different models for calendaring and they also appear to have different approaches to implementing CalDAV (and they’re probably on different CalDAV versions too).
 
On balance I much prefer Google’s approach to managing Calendars. On the other hand, if one stays entirely within iCloud and ignores Google calendar sharing, then Apple’s Calendars are simpler to use and understand and are better documented.
 
Don’t bother trying to share a public iCloud Calendar to the world, when Apple says “public” they really mean “iCloud”. If you do want to subscribe to a Google Calendar on your iPhone or MacOS, you will have to do it separately on every device you use (it my testing these subscriptions do not sync, I do hope they are backed up).
 
If you are sharing a Google Calendar, you’ll want to provide directions for iOS and MacOS users and you’ll need to explain that they won’t be able to see the calendar using iCloud.com.
 
Sample links used in my testing:
- fn -

[1] Documentation: Subscribe to a calendar. Go to Settings > Mail, Contacts, Calendars, then tap Add Account. Tap Other, then tap Add Subscribed Calendar. Enter the server and filename of the .ics file to subscribe to. You can also subscribe to an iCalendar (.ics) calendar published on the web, by tapping a link to the calendar. The second part of this documentation is incorrect, you can only subscribe for a webcal URL and only iCloud seems to produce the “right” ones.

See also (references)

Wednesday, December 16, 2015

iTunes audiobooks: something actually worked

I’ve had such poor experiences with recent iTunes and iOS audiobook support my expectations are pretty bleak. So imagine the shock when something worked.

I recently ordered an audiobook from the Great Courses (aka The Teaching Company. Incidentally, never pay list price. They routinely have 70% discounts). It took me a while to sort out their cryptic download UI — you need to go to ‘My Digital Library” and then click on the book icon to view all tracks, then download one track a time. Once I was done with that I had a set of files in a folder. There was nothing in file names to show they were audiobook tracks; I assumed iTunes would treat them as music and I’d then have to fix the metadata up using Multi-Item Edit.

That’s not what happened. I dropped my folder into iTunes’ My Audiobooks pane and it showed up as an audiobook! Not only that, but the track titles showed correctly; I’ve gotten used to seeing just file names.

Incredibly, I saw the same thing after syncing to my iPhone. Proper book metadata, lectures in order, proper titles. 

Something actually worked. I’m not used to that…

See also:

Tuesday, December 15, 2015

iCloud, iMessage and Keychain issues - obsolete Apple docs and a fix.

I sent a text to #3 and she didn’t get it. When I dug in a bit I discovered her iMessage was working, but it was only using her phone number. iMessages sent to her iCloud address were quietly dying.

When I attempted to authenticate her iMessage I got the same oddly formatted username and password request I saw when #1’s iMessage was recently misbehaving. I also saw that her Keychain wasn’t synchronizing. The latter is often a good sign that “something is not right on Apple’s servers”.

I eventually got things working, but I had to turn off iCloud on her iPhone and her OS X accounts and I had to reset her keychain completely. I never saw any error messages, but Apple’s obsolete (iOS 8?!) support note says (emphases mine) …

If you enter your iCloud Security Code incorrectly too many times - Apple Support

If you enter the wrong iCloud Security Code too many times when using iCloud Keychain, your iCloud Keychain will be disabled on that device, and your keychain in iCloud will be deleted. You might see one of these messages…

The documentation on resetting the Keychain and getting a new iCloud Security Code is also obsolete …

Frequently asked questions about iCloud Keychain - Apple Support

… If you enter your iCloud Security Code incorrectly too many times, you can’t use that iCloud Keychain. You can contact Apple Support, who can help verify your identity so that you can try to enter your iCloud Security Code again. After a number of incorrect attempts, your iCloud Keychain is removed from Apple’s servers, and you’ll need to set up iCloud Keychain again...

… Use these steps if you’re using iOS 7.0.3 or later:..

… If you want keychain data to push to all of your devices, but not to the cloud, turn on iCloud Keychain on each device, but skip the step to create an iCloud Security Code.

iOS 7.0.3 eh?

I suspect her mixed up authentication state was because she never had an iCloud Security Code, but did have Keychain device sync — a probably obsolete configuration that’s described in the obsolete documentation.

I was able to reset her iCloud keychain from Yosemite, then create a new iCloud Keychain with a security code. Then I restored iCloud to the phone. After that I was able to turn on iMessage and FaceTime and they both pulled down the login credentials [1].

- fn -

[1] I think a lot of the weirdness if Apple’s iOS authentication arises because the iPhone is covertly using iCloud Keychain to pass credentials between iCloud setup and iMessage/Facetime setup. So for optimal iMessage credentials configuration you need to first get iCloud keychain working. Which all reminds me of this.

Sunday, December 13, 2015

Thunderbolt 2 Dock Smackdown: OWC vs Elgato. Also cheap UASP SSD enclosures.

This posts could go on for hours, but I’m racing a 20 minute timer [2]. I think it’s still worth sharing.

Until this year I used an ugly corporate Dell with a $35 dock. It could run 2 external displays and multiple USB-2 devices (now USB-3 I’m sure). I love my best-computer-ever 2015 MacBook Air, but I do miss that dock.

Ok, on to the Apple precious metal equivalent. When my 27” 2009 iMac GPU expired I executed a surprisingly painful migration to a relatively modern family platform consisting of two MacBooks, a Synology NAS for Time Capsule backups, and Synology “Cloud Station” LAN file sync. The latter replaced a traditional file server or the newly dying world of Cloud file sync. I could write a long post about why that migration was so hard but life is short.

As a part of the migration I stripped a 1TB Samsung SSD from the iMac. It needed a home, so after some research I bought a very (very) cheap Inatek SSD enclosure that claimed to support UASP [1]. UASP is one acronym for a somewhat neglected SCSI-like data interface that runs over USB 3.

The other part of the migration was a thunderbolt dock. I could have made do with a USB 3 enclosure but I wanted Firewire 800 support and a single cable for display and peripherals. I couldn’t find a trustworthy source so after some research I bought both an OWC Thunderbolt 2 dock (recent Wirecutter favorite, no UASP support, not sold in Apple Store, no cable in box, Firewire 800, lovely USB 3 port number) and an Elgato T2 dock (UASP support claimed, sold in Apple store, T2 cable, no Firewire, not enough USB 3 ports) from Amazon. I expected to return the Elgato.

I then did XBENCH performance scores. Despite lack of UASP support the OWC was roughly as fast as the Elgato. All the speeds are in MB/sec and, yes, they are all far less than the theoretical T2 speeds or even USB 3 speeds.

  • Internal 2015 MacBook Air SSD: 900
  • USB 3 direct cable connection: 600
  • OWC dock: 320
  • Elgato dock: 300 - 368 (varied with different tests, don’t ask me why)
  • External Flash drive (USB 2 flash): 24 (just for comparison :-)

What stands out for me here is how much faster the direct USB 3 cable connection to the cheap Innatek enclosure was than either of the T2 connected drives. All testing was done with the Elgato cable. Nice cable, but too short. So it wasn’t worth much to me.

The lack of UASP support on the OWC didn’t make any difference in my crude testing. I suspect the T2 dock data processing is the bottleneck. The docks are so slow UASP support is wasted.

The OWC seemed fine so I prepared to return the Elgato. Then it dropped my drive connection overnight. So I returned the OWC and kept the Elgato.

The Elgato comes with a utility that is supposed to boost USB 3 port power output and provide the undock shortcut OS X doesn’t have (My Dell had it — but it tended to die when used). It’s a kernel extension. I mean, really, do I look suicidal? Clark Goble taught me how to use the far better AppleScript undock.app. I charge devices on dedicated 5 port chargers. In any case, the Elgato doesn’t have enough ports to spare.

I’ve been using the Elgato for 5 weeks. I bought an Apple 3 foot T2 cable and an Apple Thunderbolt-Firewire adapter (so both thunderbolt connections are in use). My 1TB SSD is on one USB 3 port, my 3TB drive is still Firewire 800. It all works, no dropped drives. I returned the OWC as defective (because, dammit, it is defective — and based on my research it’s a common defect) so Amazon paid return shipment.

Even though my external SSD is 50% slower on the T2 dock than with a direct USB 3 connection it’s still fine for working with a large Aperture photo library. I love SSD.

[1] They have many SKUs for a similar device and I suspect they change daily. On Amazon they all share one product rating. I got the one that’s aluminum, black, and seemed to have better heat dissipation.

[2] I lost. Took almost 30 minutes!

Update 2/27/2016:

The Elgato drops connection to the external USB3 drive when all USB ports are in use, even though only two of the ports require power. Looks like a genuine defect.

Thursday, December 10, 2015

My $100 Motorola moto E Android phone - the startup experience

I needed an Android phone for a book project. I don’t have any other use for an Android phone, and my 2012 Nexus 7 experience was unimpressive, so when the Lenovo moto E price dropped to $100 unlocked I bought one from Amazon. This device would be a typical device for many in the community I’m writing for. It runs a now obsolete version of Android and is unlikely to be updated; it comes with known security vulnerabilities.

I’ve ordered an H2O (a rock bottom service) SIM Card and a $10 32 GB microSD card from Amazon. I didn’t pay too much attention to what I was ordering, I ended up with an 8GB LTE device. There’s a US GSM non-LTE device for $15 less that might work as well for my purposes.

(I dug through my bins looking for an unused SD card, I thought I’d found a 16GB card. On closer inspection it was 16MB. We live in interesting times.)

I’ll write some more about my experience with this ultra-cheap device a bit later. These are first impressions on unpacking it.

  • It is a bit stunning to get the equivalent of a basic computer and communication device backed with Google’s full power for as little as $85 (I’m sure Hong Kong has cheaper ones.)
  • It has the build quality of cardboard. I put a kink in the base of the edge band while removing it. The SIM card slot is mildly misaligned. There’s a weird slot on one side that seems to have a piece of folded paper in it. I kid you not.
  • It comes in a pseudo-iPhone box with a clunky pseudo-iPhone charge.
  • The default startup setting gives China’s Lenovo full access to everything you do. You can change this. Theoretically.
  • I configured it, for better or worse (Lenovo), to use my primary Google account. It was the best choice for the book work but it does make me nervous. I don’t like using Google credentials on a relatively untrusted device. I tested Android Device Manager, it worked well.
  • It includes an FM radio (uses headphones as antenna). That’s just weird.
  • It has both Settings and Google settings
  • I had to use Google search to figure out how to update all the apps (via obscure menu in Google Play Store)
  • The included documentation pamphlet is well done
  • It doesn’t include any significant crapware.

The places where this phone is clearly better than my $700 iPhone 6:

  • Multiple user profile support - Apple’s inability to do this on the iPad is simply sad
  • I can add 32GB of storage for $10 (I’m sure there’s limited use of this storage, and it degrades reliability and adds complexity, but it is there)
  • The screen doesn’t have a pop problem.
  • TouchID aside, Google service authentication and integration, including Authenticator support, are much better than Apple’s hot mess.
  • Google Now is impressive and Google’s voice recognition is astounding. So much better than Siri. I primarily navigate and control this device by voice.
  • I love the ability to quickly view and limit cellular data use 
  • I won’t cry if it’s lost or broken.
A bit more on the cellular data use. Swipe down with two fingers to get first screenshot tap on H2O to get the second. I set those very low limits to match the ultra-cheap H2O wireless service I’m using for this book project device (see Update in this post for how I got data working).
Screenshot 2015 12 18 12 15 21

Screenshot 2015 12 18 12 15 28Update 12/18/2015

And this excerpt from an online manual I dug up explains why the phone experience is so inferior to the cheapest ($450!) iPhone:

Screen Shot 2015 12 18 at 11 04 16 AM

I went looking for the manual because I was having trouble inserting an SD card. The image in the manual is correct, but the text description is wrong. It says put the SIM card in “gold contacts up” and the MicroSD card “writing facing up”. They both go in with contacts “up” (camera side). It’s also quite easy to put the SIM card in upside down; it will fit but the eject feature won’t work.

The pamphlet that came with the phone is correct however.

Monday, December 07, 2015

Unable to use Google for iOS 9 Notes.app sync? Check IMAP settings.

i was experimenting with iOS 9 Notes.app and I tried enabling Google (Gmail) IMAP sync. It worked for one of my Google accounts, but not for another.

The trick was Gmail Settings:Labels. I had to check the Notes Label Show in IMAP.

Screen Shot 2015 12 07 at 2 14 15 PM

After doing this it worked again. I’m sure if you have IMAP disabled in Gmail it will similarly fail.

This old school IMAP sync tech doesn’t support the new rich-text-like Notes documents, only plain text notes. It’s really a legacy feature that will likely get dropped in iOS 10.