Wednesday, December 30, 2015

A Google Doc I wrote in 2010 has lost its images

Every 1-3 years I write a “solstice letter”. Since 2010 or so I’ve used Google Docs; it’s the best match to sharing it via PDF and web. 

Today I discovered the 2010 document has lost its images. The text is there, but the images are gone. I tried downloading as PDF, but they don’t show there.

It’s a significant non-recoverable Google Cloud data loss, probably related to old versions of Google Docs.

I’d saved a local .docx version to my personal web site so I still have something like the original. Because I’m a particular kind of paranoid; that is, the experienced kind.

Not good Google. Not good at all.

Sunday, December 27, 2015

Emergent phishing attacks

This one amused me.

I have an email address in one of my domains that redirects to an immutable long-random-username address assigned by Appigo. Messages to that address create tasks on Appigo’s [1]. Today when I opened I had a task that included a phishing attack link. The “Dear xxx” introduction included the username portion of my redirect task.

This clearly wasn’t a specific phishing attack; it was a routine email phishing attack. Gmail would have sent it directly to spam, but of course this route bypassed spam filtering. Having a phishing attack appear on my task lists was an emergent result of using a “secret” email address as a data interface.

The good news is that the email redirection I used is also a form of defense. Appigo doesn’t provide a way to change their secret email address (not smart of them), but since I created a short memorable version their immutable “backdoor” was not exposed. I can change the redirect address I control.

Intelligent systems are rather hard to secure. Which is why the Internet of Things is a mistake. Make no system smarter than it needs to be…

[1] I use this app extensively on iOS and OS X, but I don’t recommend it because there’s no data export or archiving support. Of course most of the competition are no better, but OmniFocus and Toodledo provide export.

Wednesday, December 23, 2015

The Apple Way or the Google Way: A rough draft for comment

I’m writing a book on supporting special needs teens and adult independent living with a smartphone. I’m covering both iOS and Android in the one book (if Microsoft pays me I’d do them too :-), so I had to write a chapter comparing them. Except that’s not what I had to write, when I started I realized that I wasn’t comparing iOS to Android as much as I was comparing the Google Way (Android, iOS) to the Apple Way (iPhone).

I’ve done a very rough draft below, I’d love to get comments here or email to (or if you prefer). By way of context we’re an iPhone/Mac family who do most things the Google Way, and while I do appreciate my iPhone 6 (screen pop!) I’ve been quite impressed by an ultra-cheap Lenovo moto-e phone I bought for this project. I think Apple used to do great software, but they lost that knack around around 2006, when Steve Jobs killed iMovie 6/iMovie HD. So it’s a fair fight now.

Life would be simpler if either the Apple Way or the Google Way were clearly better. Unfortunately, life isn’t like that. So there’s no simple answer to the question “What phone should my Explorer use?”.

In general Guide and Explorer should use the same smartphone. Very few people will want to know learn the ins and outs of two devices. So if you and your Explorer favor the same solution you can skip the rest of this discussion.

School experience doesn’t help much. Most schools, even those that favor iPads over Chromebooks, use gCloud services. This tends to favor Android phones, where gCloud is the only option. On the other hand, as we noted earlier, iPhones can be used with Google’s solutions — it’s just a bit more complicated.

There’s a cost advantage to Android phones, but it’s not as big an advantage as it first looks. If you disregard the deceptive cell phone contract “costs” and look at the real cost of an unlocked phone, you can buy a remarkably powerful Android phone for as little as $100. The least expensive iPhone currently costs about $450. That’s a big difference, but even a good mobile phone plan will cost $40 a month (more below on saving money there). Over two years the Android device will cost $1,920, the iPhone will cost $2,270 or 15% more. At the end of that time the iPhone probably has 2 more years of useful life, but the Android phone will be obsolete. Of course if your Explorer tends to lose or break phones, that $100 phone is awfully appealing.

The iPhone has other advantages that justify some of that price premium. Apple Stores provide excellent technical report and service. iPhones get regular and reliable software updates and are much less vulnerable (so far) to malicious software attacks (malware). If you stick entirely with iCloud iPhones are significantly simpler to use than Android phones.

Apple’s software is typically easier to use and learn than Google’s software. It’s also easier to restrict and control an iPhone. Those are real advantages for our users.

In theory, for a vulnerable population, the iPhone with iCloud (not gCloud) has other advantages. Google makes its money from advertising and selling information about its software users, Apple makes money from selling goods and services. In practice I’m not sure how much different this makes … so far.

There’s one last consideration. If you choose an Android device and gCloud it’s not hard to switch to an iPhone. Google wants your advertising attention regardless of what device you use; you can bring gCloud with you. If you choose an iPhone and iCloud though, a move to Android will be more painful.

The good news is that whatever choice you make, you can easily defend it! Both Android and iPhone will work. Just try to avoid supporting both and Android and an iPhone. That’s too much work.

How Apple's broke shuffle in iOS 9.2 (and how to unshuffle your classical music album)

With in OS 9.x Apple effectively made “shuffle” the default way to play an album or playlist. That’s not necessarily bad, but where they went off the rails was they gave one icon two very different behaviors. To explain how to shuffle I have to explain what they did

This is the problematic icon:

Bad icon

On this screen, which is what you see if you tap the new default wee summary screen that shows when music is playing, it behaves like a toggle:

IMG 9660

That is, if you see this screen, you can turn shuffle on or off by tapping on the shuffle icon. It’s a toggle. The color change is too subtle, but if you squint you will see it. Of course this means you have to start playing a song to change the shuffle state and then you have to go back to the album and somehow start over. Very weird. Really only makes sense if you’re in the middle of a playlist and for some reason you decide not to shuffle any more. Why would anyone do that?

But that’s not the real problem with Apple’s UI. This is the real problem, it’s the screen you see if you tap an album or a playlist:

IMG 9659

Do you see our old friend the Shuffle icon? It’s mid-way down. It even has the word Shuffle next to it — a convention that appears nowhere else in Apple’s iOS user interfaces. Except it’s not our old friend. in this context “Shuffle” is not a toggle. It means “start playing what’s below — shuffled”. There’s a control that means “start playing what’s below — not shuffled”; it’s the small pink play arrow that appears above Shuffle (sometimes I think it doesn’t show, but that’s probably a bug. Stop what’s playing and return). This other control actually is a toggle, between play non-shuffle and pause.

So on this screen, to recap, there are 3 functions, play non-shuffle, play-shuffle, and pause. The functions are distributed between two controls, one a toggle and the other an action button, and the action button uses the same icon as a toggle control that appears on another screen.

[UPDATE: If you are in the context of a list, as when you select an album or playlist, and your are not in shuffle-mode, then if you select the first item on the list play will continue sequentially until the list is completed. This behaves the same way as taping the Play icon on the Album Art image when no item is selected.]

Yes, there really is a horror movie to be made about Apple’s software development post 2010.

Incidentally, here’s the official 9.2 user guide as of Dec 2015. They don’t even try to explain this. Smart move.

IMG 9658

Tuesday, December 22, 2015

Calendar sharing between Google and iCloud is very confusing: webcal vs http vs. https

A book project forced me to dig into a perennially painful topic — Calendar sharing and subscription in iOS and OS X (MacOS Yosemite) for Google and Apple.

I discovered:

  • iCloud uses Webcal protocol links to share public calendars among iCloud users. Google can parse these, but it in my tests no events appeared. Old web pages say Apple blocks Google access to public iCloud calendars (robots.txt).
  • Google uses https links to an ICS file to share public calendars. Yosemite can use these links and iOS can use these URLs [1], but Calendar can’t. At least in my testing, with Yosemite, on MacOS and on iOS don’t share these calendar subscriptions.
  • on iOS will pass an iCloud webcal URL link to and this will trigger a calendar subscription. Google ICS file (https) links won’t work, renaming them to webcal doesn’t work either (I think it might have in the past).
This confusing situation is reminiscent of the complex hoops required to support CalDAV sync for multiple Google Calendars in iOS and MacOS. Apple and Google have very different models for calendaring and they also appear to have different approaches to implementing CalDAV (and they’re probably on different CalDAV versions too).
On balance I much prefer Google’s approach to managing Calendars. On the other hand, if one stays entirely within iCloud and ignores Google calendar sharing, then Apple’s Calendars are simpler to use and understand and are better documented.
Don’t bother trying to share a public iCloud Calendar to the world, when Apple says “public” they really mean “iCloud”. If you do want to subscribe to a Google Calendar on your iPhone or MacOS, you will have to do it separately on every device you use (it my testing these subscriptions do not sync, I do hope they are backed up).
If you are sharing a Google Calendar, you’ll want to provide directions for iOS and MacOS users and you’ll need to explain that they won’t be able to see the calendar using
Sample links used in my testing:
- fn -

[1] Documentation: Subscribe to a calendar. Go to Settings > Mail, Contacts, Calendars, then tap Add Account. Tap Other, then tap Add Subscribed Calendar. Enter the server and filename of the .ics file to subscribe to. You can also subscribe to an iCalendar (.ics) calendar published on the web, by tapping a link to the calendar. The second part of this documentation is incorrect, you can only subscribe for a webcal URL and only iCloud seems to produce the “right” ones.

See also (references)

Wednesday, December 16, 2015

iTunes audiobooks: something actually worked

I’ve had such poor experiences with recent iTunes and iOS audiobook support my expectations are pretty bleak. So imagine the shock when something worked.

I recently ordered an audiobook from the Great Courses (aka The Teaching Company. Incidentally, never pay list price. They routinely have 70% discounts). It took me a while to sort out their cryptic download UI — you need to go to ‘My Digital Library” and then click on the book icon to view all tracks, then download one track a time. Once I was done with that I had a set of files in a folder. There was nothing in file names to show they were audiobook tracks; I assumed iTunes would treat them as music and I’d then have to fix the metadata up using Multi-Item Edit.

That’s not what happened. I dropped my folder into iTunes’ My Audiobooks pane and it showed up as an audiobook! Not only that, but the track titles showed correctly; I’ve gotten used to seeing just file names.

Incredibly, I saw the same thing after syncing to my iPhone. Proper book metadata, lectures in order, proper titles. 

Something actually worked. I’m not used to that…

See also:

Tuesday, December 15, 2015

iCloud, iMessage and Keychain issues - obsolete Apple docs and a fix.

I sent a text to #3 and she didn’t get it. When I dug in a bit I discovered her iMessage was working, but it was only using her phone number. iMessages sent to her iCloud address were quietly dying.

When I attempted to authenticate her iMessage I got the same oddly formatted username and password request I saw when #1’s iMessage was recently misbehaving. I also saw that her Keychain wasn’t synchronizing. The latter is often a good sign that “something is not right on Apple’s servers”.

I eventually got things working, but I had to turn off iCloud on her iPhone and her OS X accounts and I had to reset her keychain completely. I never saw any error messages, but Apple’s obsolete (iOS 8?!) support note says (emphases mine) …

If you enter your iCloud Security Code incorrectly too many times - Apple Support

If you enter the wrong iCloud Security Code too many times when using iCloud Keychain, your iCloud Keychain will be disabled on that device, and your keychain in iCloud will be deleted. You might see one of these messages…

The documentation on resetting the Keychain and getting a new iCloud Security Code is also obsolete …

Frequently asked questions about iCloud Keychain - Apple Support

… If you enter your iCloud Security Code incorrectly too many times, you can’t use that iCloud Keychain. You can contact Apple Support, who can help verify your identity so that you can try to enter your iCloud Security Code again. After a number of incorrect attempts, your iCloud Keychain is removed from Apple’s servers, and you’ll need to set up iCloud Keychain again...

… Use these steps if you’re using iOS 7.0.3 or later:..

… If you want keychain data to push to all of your devices, but not to the cloud, turn on iCloud Keychain on each device, but skip the step to create an iCloud Security Code.

iOS 7.0.3 eh?

I suspect her mixed up authentication state was because she never had an iCloud Security Code, but did have Keychain device sync — a probably obsolete configuration that’s described in the obsolete documentation.

I was able to reset her iCloud keychain from Yosemite, then create a new iCloud Keychain with a security code. Then I restored iCloud to the phone. After that I was able to turn on iMessage and FaceTime and they both pulled down the login credentials [1].

- fn -

[1] I think a lot of the weirdness if Apple’s iOS authentication arises because the iPhone is covertly using iCloud Keychain to pass credentials between iCloud setup and iMessage/Facetime setup. So for optimal iMessage credentials configuration you need to first get iCloud keychain working. Which all reminds me of this.

Sunday, December 13, 2015

Thunderbolt 2 Dock Smackdown: OWC vs Elgato. Also cheap UASP SSD enclosures.

This posts could go on for hours, but I’m racing a 20 minute timer [2]. I think it’s still worth sharing.

Until this year I used an ugly corporate Dell with a $35 dock. It could run 2 external displays and multiple USB-2 devices (now USB-3 I’m sure). I love my best-computer-ever 2015 MacBook Air, but I do miss that dock.

Ok, on to the Apple precious metal equivalent. When my 27” 2009 iMac GPU expired I executed a surprisingly painful migration to a relatively modern family platform consisting of two MacBooks, a Synology NAS for Time Capsule backups, and Synology “Cloud Station” LAN file sync. The latter replaced a traditional file server or the newly dying world of Cloud file sync. I could write a long post about why that migration was so hard but life is short.

As a part of the migration I stripped a 1TB Samsung SSD from the iMac. It needed a home, so after some research I bought a very (very) cheap Inatek SSD enclosure that claimed to support UASP [1]. UASP is one acronym for a somewhat neglected SCSI-like data interface that runs over USB 3.

The other part of the migration was a thunderbolt dock. I could have made do with a USB 3 enclosure but I wanted Firewire 800 support and a single cable for display and peripherals. I couldn’t find a trustworthy source so after some research I bought both an OWC Thunderbolt 2 dock (recent Wirecutter favorite, no UASP support, not sold in Apple Store, no cable in box, Firewire 800, lovely USB 3 port number) and an Elgato T2 dock (UASP support claimed, sold in Apple store, T2 cable, no Firewire, not enough USB 3 ports) from Amazon. I expected to return the Elgato.

I then did XBENCH performance scores. Despite lack of UASP support the OWC was roughly as fast as the Elgato. All the speeds are in MB/sec and, yes, they are all far less than the theoretical T2 speeds or even USB 3 speeds.

  • Internal 2015 MacBook Air SSD: 900
  • USB 3 direct cable connection: 600
  • OWC dock: 320
  • Elgato dock: 300 - 368 (varied with different tests, don’t ask me why)
  • External Flash drive (USB 2 flash): 24 (just for comparison :-)

What stands out for me here is how much faster the direct USB 3 cable connection to the cheap Innatek enclosure was than either of the T2 connected drives. All testing was done with the Elgato cable. Nice cable, but too short. So it wasn’t worth much to me.

The lack of UASP support on the OWC didn’t make any difference in my crude testing. I suspect the T2 dock data processing is the bottleneck. The docks are so slow UASP support is wasted.

The OWC seemed fine so I prepared to return the Elgato. Then it dropped my drive connection overnight. So I returned the OWC and kept the Elgato.

The Elgato comes with a utility that is supposed to boost USB 3 port power output and provide the undock shortcut OS X doesn’t have (My Dell had it — but it tended to die when used). It’s a kernel extension. I mean, really, do I look suicidal? Clark Goble taught me how to use the far better AppleScript I charge devices on dedicated 5 port chargers. In any case, the Elgato doesn’t have enough ports to spare.

I’ve been using the Elgato for 5 weeks. I bought an Apple 3 foot T2 cable and an Apple Thunderbolt-Firewire adapter (so both thunderbolt connections are in use). My 1TB SSD is on one USB 3 port, my 3TB drive is still Firewire 800. It all works, no dropped drives. I returned the OWC as defective (because, dammit, it is defective — and based on my research it’s a common defect) so Amazon paid return shipment.

Even though my external SSD is 50% slower on the T2 dock than with a direct USB 3 connection it’s still fine for working with a large Aperture photo library. I love SSD.

[1] They have many SKUs for a similar device and I suspect they change daily. On Amazon they all share one product rating. I got the one that’s aluminum, black, and seemed to have better heat dissipation.

[2] I lost. Took almost 30 minutes!

Update 2/27/2016:

The Elgato drops connection to the external USB3 drive when all USB ports are in use, even though only two of the ports require power. Looks like a genuine defect.

Thursday, December 10, 2015

My $100 Motorola moto E Android phone - the startup experience

I needed an Android phone for a book project. I don’t have any other use for an Android phone, and my 2012 Nexus 7 experience was unimpressive, so when the Lenovo moto E price dropped to $100 unlocked I bought one from Amazon. This device would be a typical device for many in the community I’m writing for. It runs a now obsolete version of Android and is unlikely to be updated; it comes with known security vulnerabilities.

I’ve ordered an H2O (a rock bottom service) SIM Card and a $10 32 GB microSD card from Amazon. I didn’t pay too much attention to what I was ordering, I ended up with an 8GB LTE device. There’s a US GSM non-LTE device for $15 less that might work as well for my purposes.

(I dug through my bins looking for an unused SD card, I thought I’d found a 16GB card. On closer inspection it was 16MB. We live in interesting times.)

I’ll write some more about my experience with this ultra-cheap device a bit later. These are first impressions on unpacking it.

  • It is a bit stunning to get the equivalent of a basic computer and communication device backed with Google’s full power for as little as $85 (I’m sure Hong Kong has cheaper ones.)
  • It has the build quality of cardboard. I put a kink in the base of the edge band while removing it. The SIM card slot is mildly misaligned. There’s a weird slot on one side that seems to have a piece of folded paper in it. I kid you not.
  • It comes in a pseudo-iPhone box with a clunky pseudo-iPhone charge.
  • The default startup setting gives China’s Lenovo full access to everything you do. You can change this. Theoretically.
  • I configured it, for better or worse (Lenovo), to use my primary Google account. It was the best choice for the book work but it does make me nervous. I don’t like using Google credentials on a relatively untrusted device. I tested Android Device Manager, it worked well.
  • It includes an FM radio (uses headphones as antenna). That’s just weird.
  • It has both Settings and Google settings
  • I had to use Google search to figure out how to update all the apps (via obscure menu in Google Play Store)
  • The included documentation pamphlet is well done
  • It doesn’t include any significant crapware.

The places where this phone is clearly better than my $700 iPhone 6:

  • Multiple user profile support - Apple’s inability to do this on the iPad is simply sad
  • I can add 32GB of storage for $10 (I’m sure there’s limited use of this storage, and it degrades reliability and adds complexity, but it is there)
  • The screen doesn’t have a pop problem.
  • TouchID aside, Google service authentication and integration, including Authenticator support, are much better than Apple’s hot mess.
  • Google Now is impressive and Google’s voice recognition is astounding. So much better than Siri. I primarily navigate and control this device by voice.
  • I love the ability to quickly view and limit cellular data use 
  • I won’t cry if it’s lost or broken.
A bit more on the cellular data use. Swipe down with two fingers to get first screenshot tap on H2O to get the second. I set those very low limits to match the ultra-cheap H2O wireless service I’m using for this book project device (see Update in this post for how I got data working).
Screenshot 2015 12 18 12 15 21

Screenshot 2015 12 18 12 15 28Update 12/18/2015

And this excerpt from an online manual I dug up explains why the phone experience is so inferior to the cheapest ($450!) iPhone:

Screen Shot 2015 12 18 at 11 04 16 AM

I went looking for the manual because I was having trouble inserting an SD card. The image in the manual is correct, but the text description is wrong. It says put the SIM card in “gold contacts up” and the MicroSD card “writing facing up”. They both go in with contacts “up” (camera side). It’s also quite easy to put the SIM card in upside down; it will fit but the eject feature won’t work.

The pamphlet that came with the phone is correct however.

Monday, December 07, 2015

Unable to use Google for iOS 9 sync? Check IMAP settings.

i was experimenting with iOS 9 and I tried enabling Google (Gmail) IMAP sync. It worked for one of my Google accounts, but not for another.

The trick was Gmail Settings:Labels. I had to check the Notes Label Show in IMAP.

Screen Shot 2015 12 07 at 2 14 15 PM

After doing this it worked again. I’m sure if you have IMAP disabled in Gmail it will similarly fail.

This old school IMAP sync tech doesn’t support the new rich-text-like Notes documents, only plain text notes. It’s really a legacy feature that will likely get dropped in iOS 10.

Saturday, November 28, 2015

iPhone 6 screen pop problem

A day ago, as I slid my finger along the right side of my 9 month old iPhone 6 screen, I heard and felt a sharp pop.

It is the sort of thing Emily would ignore, but of course it bugs me. The screen worked properly, but every time I passed over the SIM card area I felt a little, distracting, pop.

I’m not the only one. As of Nov 28, 2015 Apple Support Communities has a mega-thread on the problem that started in Sept 2014.

Here’s my contribution:

I've scanned this thread. My impression is that there's more than one theme in the thread. Some people have a relatively simple defect -- a screen that's clearly loose. That may be related to dropping the phone or "bad luck" and it sounds straightforward. In some cases there may be loose screws at the base of the phone (these are very tiny screws, few people have the right tools to tighten them -- I'd let the Apple store do it).

More people, especially more recently, have a distinct "pop" sound with light pressure over a part of the display. It can be any part of the display. This sounds like either a design or manufacturing flaw or both. We'd need an expert in iPhone assembly to contribute. I can imagine a small structural deformity related to dropping the phone or imperceptible "pocket-bend" or a problem with screen glue chemistry.

If you squeeze firmly (but not TOO hard) over the pop area the problem will often clear for a few days to a week (which sounds like a bonding issue). I suspect Apple techs are "fixing" some phones this way.

When an iPhone is replaced under warranty Apple typically distributes a refurbished phone, and it sounds like they often have the same issue. It may be that Apple still doesn't understand the problem and that they haven't tested refurbs for the defect. As of Nov 2015 I don't think Apple has distributed a fix to service centers.

The fix may be expensive. It may require replacement of the screen/touch sensor, or frame replacement or even both. From my experience with similar defects on iMacs once Apple understands the problem they will fix it under warranty but if the repair is costly they may or may not do a post-warranty repair program. (Long discussion threads seem to help, contrary to what's often said here I think Apple does monitor long threads).

I'm going to take my phone to a local Apple store for review. If they don't know the cause (or are not authorized to discuss it) I'll hold onto my phone -- but I'll keep a record of the visit so I have proof the problem occurred under warranty.

Squeezing the pop area “fixed” it for me, but I expect the problem to return. I have almost 3 months of 1 year warranty coverage left, so I have time to wait and see if a fix emerges. (If the pop doesn’t return before my Genius appointment I’ll reschedule.)

Thursday, November 26, 2015

Old pet peeve: Blogger uses <BR> tags instead of <P> tags to demarcate paragraphs

I wrote about Blogger’s mad formatting 4 years ago and five years ago. I guess it’s time again. This time I’ll include some screenshots.

My recent ebook DRM post as it appears in MarsEdit:

Screen Shot 2015 11 26 at 11 51 12 AM

The MarsEdit HTML view, each paragraph wrapped in <p>:

Screen Shot 2015 11 26 at 11 52 08 AM

How it looks when viewed as Blogger page:

Screen Shot 2015 11 26 at 11 53 37 AM

Now view source (amazing how much cruft there is in the source):

Screen Shot 2015 11 26 at 11 54 44 AM

Yes, still wrapped in <p>. Now let’s try to edit it using Blogger’s rich text editor. Suddenly the paragraphs are gone

Screen Shot 2015 11 26 at 11 56 14 AM

Blogger HTML view shows all the <p> tags have been replaced by a single <br /> tag:

Screen Shot 2015 11 26 at 11 57 30 AM

This is a very old problem. I think this was configurable in pre-2010 blogger, but it doesn’t seem to be now. I doubt Blogger will ever fix this, I wonder they do this to be consistent with languages that don’t use paragraphs [1].

 There are two things MarsEdit could do to help since Blogger is never going to change:

  1. Provide an option to follow Blogger’s convention and use two <BR> tags instead of one <P> tag when publishing. Do same conversion when bringing back an old post to edit.
  2. Make it easier to edit an old post in MarsEdit — which is probably only possible if there’s some way to send Blogger a current URL and get back a post identifier that the API can work with. Otherwise I assume MarsEdit would need a post identifier like … blogID=5710205 … postID=1945754734324659424

[1] Update: I’m being too kind to Blogger, this really is a bug. If Blogger is replacing <p> tags on an English language blog they should be writing two <br> tags, not one.

The curse of DRM - can't read new book because Adobe E_ACT_NOT_READY

This is why we should all loathe Digital Rights Management in books. I download the EPUB version of a Google Play book I bought and I got this when I launched the .acsm file

Screen Shot 2015 11 26 at 9 49 49 AM

The E_ACT_NOT_READY error message is a longstanding Adobe Digital Reader problem. It can have many causes, from a server outage to authorization problems. In this case I attempted to deauthorize my account and I got an error message that deauthorization failed.

The next step is to quite Adobe Digital Editions and “Navigate to /Users//Library/Application Support/Adobe/Digital Editions and drag the activation.dat file to the trash.” You then have to attempt to download again — by launching the .ascm file. This worked for me.

In my case I think the bug is related to restoring to a new machine from backup. The Adobe authorization is machine specific. Adobe forgot the use case of doing a restore from backup, so their code hangs and produces a default error message. The app should simply request authorization for the new machine. I suspect I deauthorization failed because, of course, I wasn’t using the original machine. So I suspect I have a ghost machine authorization in my Adobe account — another ubiquitous but subtle DRM problem (most often seen with iTunes authorizations) that occurs in iOS as well as OS X and Windows. It’s a fundamental problem with DRM tied to a specific device that is not immortal.

I checked my Adobe ID Profile, and there is no way to view authorized devices or deactivate them. I bet some users run into an activation limit.

I still think the slow/stalled adoption of eBooks is because of Apple/Adobe/Amazon DRM. In Emily’s words “English majors buy books. English majors don’t tolerate stupid software.”

We should be doing watermarking DRM instead and it should be a part of the EPUB specification.

Saturday, November 21, 2015

Sledging the drives

Obsolete and dead hard drives have been piling up for 7 years in a wardrobe I want to empty. Here they are ready for execution; one had to be dug out of a Time Capsule:

IMG 9055

The ones that I know held sensitive data (unencrypted backups mostly) I wiped via cradle mount.

Then it was sledgehammer time. The lawn was a bad idea — even by my neglectful standards it made a mess.

The best results came from angling drives on concrete, and using short strikes to fold the drive:

IMG 9056

A one pass wipe and a sledgehammer might not stop the NSA, but it should suffice for Best Buy recycling.

Thursday, November 05, 2015

Thunderbolt Dock: Eject all disks prior to undock

My new Elgato TB2 dock comes with an installer for an undock utility, but it also installs a kernel extension for some other function. I need a kernel extension like I need a meth habit.

So I was looking at 3rd party Mac App Store solutions like when @clackgoble on said to just do AppleScript. Google found one then I added Clark’s eject line. I saved it as “” and I launch by Spotlight (Cmd-spacebar “und”).




tell application "Finder"

-- Original: eject the disks

-- Clark Goble version:

eject (every disk whose ejectable is true and local volume is true and free space is not equal to 0)

display dialog "Successfully ejected disks." buttons {"Close"} default button "Close"

end tell

on error

display dialog "Unable to eject all disks." buttons {"Close"} default button "Close"

end try

Update 7/23/2016

The above version may not be reliable in El Capitan (presumably an OS bug). I’m told this works:

tell application "Finder" to eject (every disk whose ejectable is true and local volume is true)

Comcast's xfinity wifi and XFINITY.mobileconfig

The coffee shop’s WiFi was flailing. Periodically my MacBook popped up an xfinity wifi option. I vaguely remembered reading of this when I signed up with Comcast (the Devil we know), so in a fit of recklessness I connected. 

It required my comcast credentials, which I don’t use for anything else. I balked when the install asked for admin privileges but it turned out I didn’t need the install — my connection worked anyway.

So what the heck was going on? And what was a I recklessly installing? Why did I get a connection anyway? (Note I had no proof I was truly dealing with a Comcast site. The less crazy thing to do is to go to Comcast’s web site from a secure network and do any installs from there.)

The install, it turns out, creates a configuration file for Mac OS X Profiles called XFINITY.mobileconfig. It’s a binary file that contains your Comcast credentials in plaintext. (Yep. Delete after use.) The admin privilege escalation is needed to update OS X preferences. (If you run as admin you won’t see this; you really shouldn’t run OS X as an admin user IMHO.)

Oh, you’ve never heard of OS X Profiles? You’ve only heard of iOS Profiles? Profiles is a hidden Preference Pane introduced with Lion and only visible when you install a Profile (rather like iOS actually). "Configuration profiles can be created with the Profile Manager feature of Lion Server. They can configure accounts, policies and restrictions on iOS and Lion clients. The APN settings are iOS only.”

System Preferences will display the profile information (note it’s “verified”, this is via Yosemite):

Screen Shot 2015 11 05 at 12 26 00 PM

After installation my Preferences have a new Apple pane, i can delete from there.

Screen Shot 2015 11 05 at 12 27 56 PM

So what does this profile do? I was hoping it might enable VPN support, but of course it’s not that useful.  It’s actually configuring my machine to auto-join XFINITY WIFI even if it’s not even WPA encrypted. I hope I’m wrong about that, but this is Comcast we’re talking about.

Their FAQ doesn’t explain what’s happening, but this page suggests that the profile is needed to connect to the “XFINITY” SSID networks. (I was able to connect without using the profile because I was using a “xfinitywifi" SSD.). That makes sense because the profile contains an Enterprise Profile ID. (See iOS directions here.)

Which leaves the question of what’s evil about XFINITY WiFi, because, you know, Comcast. I mean, besides the auto join non-encrypted networks.

Don’t worry, it’s evil. Comcast turns customer’s routers into WiFi hotspots by enabling a kind of “guest network” (my Comcast modem doesn’t have WiFi. Smart I am.) Comcast assures customers Homeland Security will knock politely when visiting for tea to chat about your network use by local ISIS affiliates.

Comcast also enables XFINITY WiFi for business customers, who might be well informed and fine with this. I don’t think there’s any way to tell what you’re connecting to though. Can a provider tap the data stream? This is Comcast, so I would assume so. I also assume Comcast monitors the data stream and sells whatever it learns to various businesses and criminals. Lastly, with auto-join unencrypted networks seemingly enabled, I figure Comcast is getting kickbacks from the honeypot industry.

Caveat emptor.

Saturday, October 31, 2015

Time Capsule & Time Machine: "Browse Other Backup Disks" doesn't let you access backups from a different device

One day your iMac dies. It’s old, but not old-old. Sucks. Good thing you are paranoid about backups. You have onsite backups. You have offsite backups. You have Time Capsule backups. You have Synology NAS backups. You have Carbon Copy Cloner “Backups” (clones). You have …

Ok. I’ve made my point. Anyone this paranoid ought to feel good. Problem is, they’re paranoid for a reason. Data just wants to die.

The “you” is “me” and I’m here to tell you that one small bit of my data almost didn’t make it. One folder full of almost-deleted images got lost, I had to pick it up from a last minute copy of the iMac’s user folder. 

I had to do that because when I tried Time Machine’s “Browse Other Backup Disks…” feature (option key)  …

Screen Shot 2015 10 31 at 11 50 45 AM

… it didn’t actually work. That is, I got the right list of disks ...

Screen Shot 2015 10 31 at 11 36 11 AM

but when I selected one of them Time Machine showed me only data from my current Device’s current state — and no past data.

I did this first using a Synology NAS backup replacement for my died-young Time Capsule. I thought I’d run into a Synology limit, but I got the same results from older Time Capsule backups. It turns out that “Browse Other Backup Disks” really means “Browse Other Backup Disks … for the current device”…

 Yeah, I hate Time Machine too. OS X Help has some entries on Time Machine, but there’s no real documentation. There’s nothing on “browse other backup disks”.

So, if you don’t have access to your original mac, you are sort of doomed. That’s what happened to me.

I say “sort of” because there are weak options. You can open the disk image and navigate Time Machine’s base storage. You don’t have access to the File System Event Store or hard links though, so things are hard to locate. might help. Or you can use Migration Assistant, the official solution, and move large pieces of the backup to a local store (only most current versions of course). Maybe OS X Server has some special options …

You can also try Backup Loupe ($10). It doesn’t replace Time Machine’s time-slice views of data, but it does let you browse snapshots and search for file instances. I’m not sure it’s a big improvement on EasyFind, but I bought a copy for emergency use.

The bottom line? Time Machine is a sucky backup solution — just good enough to eliminate strong alternatives. But you knew that. If you don’t have a machine (Device) that “owns” a backup you can use Migration Assistant to copy the latest state of a large amount of data, or if you know a file name you can use EasyFind or Backup Loupe to browse.

Sure, Apple should fix this. They should fix a lot of things.

"Unable to contact iMessage server": try restoring from iCloud instead of iTunes

I picked up Emily’s SIM-Free [1] 64GB silver 6s from the Mall of America Apple store Friday night. I’d used Apple’s reservation system so that, in theory, I’d be in and out. Alas, Friday night at the Apple Store is a zoo — it still took 30 minutes. The staff were so stressed they didn’t try to up-sell AppleCare or setup a contract — just dropped the box in my hand and ran.

There’s an AT&T store in the MOA and it’s not incredibly busy, so we did our SIM swaps there [2]. My son was going from a 4s to Emily’s 5s, so he needed a new SIM.

I restored both phones from iTunes backups. Emily’s worked, though it was a bit choppy. I had to unlock the phone 1-2 times as it went from 9.0.x to 9.1. 

My son’s restore didn’t work. I completely erased the 5s before starting, but there was still an odd feeling about the way the restore proceeded, perhaps because the 5s was still on 8.x (I didn’t realize it had never been updated).  Yes “odd feeling” isn’t very helpful, but I wasn’t paying that much attention. I’ve been down this road a few times.

Prior to the backup I’d removed iCloud, iMessage and FaceTime from his account, planning to put them on post-restore. I had some trouble restoring iCloud — the phone hung on credential entry. I restarted and it seemed to work — but then iMessage and FaceTime weren’t activated. When I enabled them I got a very cramped non-iOS 9 dialog for entering username and password.

I’ve seen that dialog before. It’s something very old — I suspect it’s hard coded for non-retina screens and dates back to the dawn of the iPhone, pre-iCloud. It’s a bad sign, it exposes Apple’s still broken iOS credential management problems [3]. When I did enter my son’s credentials the dialog hung, waiting for a response. I could kill settings; iOS wasn’t frozen. I let it sit for 15 minutes and it eventually responded with something like “Unable to contact iMessage server”. I don’t think there’s a problem with the iMessage server, I think that’s a misleading error message meaning “something went wrong”.

I called AT&T phone support to confirm the IMEI/ICCID relationship was correct at their end. I’ve had my issues with AT&T, but they must give their support staff very good coffee. They are remarkably pleasant and helpful. AT&T’s configuration looked good.

So either the phone was having hardware issues or something had gone wrong with updating one or more of Apple’s configuration systems. There’s lots of evidence that Apple wants iTunes to “die in a hole”, so I decided to try it Apple’s way. I did an iCloud backup, wiped the phone, and restarted with an iCloud restore.

That went smoothly. During the restore I had my son’s Mac account open for Keychain share confirmation, and I got the usual “FaceTime is using..” dialogs. I didn’t have to enter any extra credentials. iMessage and FaceTime activated immediately.

I suspect the combination of iTunes and iOS 8 to 9 and my removing FaceTime/iMessage/iCloud prior to backup exposed a nasty bug in Apple’s frail authentication systems. The real lesson though is that iTunes backup is seriously deprecated. I’d been moving to all iCloud backup and just doing a manual backup to iTunes every few weeks; that’s obviously the way to go.

- fn -

[1] We are currently AT&T customers, and there’s a case to be made that an unlocked AT&T 6s has the best set of antennae and band coverage for AT&T and even international use. You can’t, however, buy an unlocked AT&T iPhone directly, you have to buy it on plan then pay the plan cost to unlock it. Our AMEX purchase protection and extended warranty only work when the full purchase price is on the card. Hence SIM-Free.

[2] In theory you can move a compatible AT&T SIM from phone to phone yourself, but in practice I’ve seen some odd things. AT&T reps tell me their systems don’t update the ICCID (SIM)/IMEI relationships automatically, or at least not immediately. I think this causes some iMessage/Facetime activation delays.

[3] There are separate credential stores for iMessage, FaceTime, iCloud and the App Store — and perhaps for 1-2 other items. If you migrated from to some of these systems require two sets of credentials. Apple tries to hide this from users, but any number of bugs will expose it.

[4] To fit into the iCloud 5GB limit I routinely delete obsolete backups of old phones and I move data to our local machines. I see that with 9.1 there are now more controls on what’s part of an iCloud backup, though they are a bit hard to find.

Thursday, October 29, 2015

File sharing for the all-MacBook home

Lifehacker’s guide to home file sharing was written in 2010 for Windows users. Excluding a traditional server/file share the options back then were Dropbox, a NAS, and, peer-to-peer sync solutions. Things haven’t changed much since then.

Now that I’ve retired our iMac and gone all-MacBook, I need one of those solutions for a small number of files (MBs, not even 1 GB). Our home’s options are Dropbox, Google Drive, Microsoft’s OneDrive, a Synology NAS with or without Synology Cloud Station, Mac LAN based sync solutions (ex: ChronoSync, note MSFT bundles this with Windows), and an Airport Extreme external flash drive.

There are lots of options, but nothing is quite perfect. Dropbox, Google Drive and OneDrive all move our family data into the Cloud — and I’d like to not worry about that. Sync solutions mean new software, but perhaps only on one machine.

I’m going to stick our unused $20 SanDisk Ultra Fit 64GB flash drive in back of the Airport Extreme. I already use Carbon Copy Cloner as part of our nightly backup, I’ll just back the AE Flash Drive up to disk image on one of the my OWC Thunderbolt 2 dock drives. They in turn are backed up by both CCC (to removable drives) and Time Machine (to the Synology NAS).

That should be good enough. Keep it as simple as possible…

Update: oops. "When you use Airport Utility to change AirPort Extreme Shared Disk(s) security it *seems* to wipe out everything on the disk. Except free space shows data is still there.”  The AE has an operating system with some kind of file system support and access controls, but we have very limited access to it.

This Apple article partly explains what is supposed to happen. From Airport Utility we can create username/password “accounts”. Say “Parent” and “Kids”. When a client connects you are asked username/password, that gives access to the Folder of the same name as well as a “Shared” folder. So Emily and I connect as “Parents” and see the “Parents”  and “Shared” folder, but we don’t see a “Kids” folder unless we connect with that username password.

There’s no way for me to connect with to the AE shared disk (partitions?) and see everything.

When I insert the flash drive into my MacBook I can see how it’s organized, including the folders that were on the flash drive when it was “password” access rather than “account” access.

Screen Shot 2015 10 29 at 1 16 43 PM

When I switched “Secure Shared Disks” from “With a disk password” to “With accounts” it didn’t wipe my data, it created a Users folder containing the “Parents” folder and hid the existing folders. I thought I also created a Kids user, but I don’t see that Folder. Bug?

Hmm. This is a bit weird. I could experiment with partitioning the thumb drive on my Mac, but I think I need to look more at the Synology.  The AE’s file sharing security model seems to make backup impossible.

Update 2: I’ll rewrite this when I finalize things, but it looks like the Synology NAS gives me the permission controls I need. I’ll put the shared files there, then use CCC to put them back on an image on my laptop. That image will in turn go back to the Synology NAS Time Machine backup as well as to my local CCC backups.

Update 11/21/2015: I ended up enabling Synology Cloud Station, including installing the Mac client for both Emily and I. So our relatively small (1.5GB) of shared data exists on the Synology NAS (not baked up) and on both of our machines (so multiple backups). It is a strange outcome for the old file sharing/NFS/WebDav model and it doesn’t seem the most elegant solution, but sync seems to be the current technology direction. (Dropbox would be simpler, but we wanted to keep the data local and, of course, Dropbox costs money. The Synology NAS also supports a BitTorrent sync package but the Cloud Station seemed to have more users.

Configuration was a bit odd — you do need to read the documentation. The default setup is within one’s “Homes” folder, so if you want to share with two users (workgroup) you need to create a folder outside that NAS hierarchy and choose to that for sync.

Update 8/23/2016: Synology Cloud Station / Cloud Drive (it has many names) has stopped working reliably with El Capitan. I’ve given up on it. Emily’s MacBook is largely home so I’m moving these files to her machine and making them a file share. Sometimes I won’t have access, but I’ll move some things to a Google Drive we share.

Tuesday, October 27, 2015

iCloud Settings: remove devices, restore some iCloud content (but not Notes)

An Apple World post on El Capitan’s iCloud device management tools led me to check out what iCloud Web Settings supports. It has similar functionality

Screen Shot 2015 10 27 at 8 30 09 AM

From this web UI, as in El Capitan, you can remove devices from your iCloud account — including a machine that’s died or been sold.

There’s also a “restore files” option — the beginning of a backup solution for Apple’s iCloud services. It’s limited to iCloud files, Contacts and Calendars — there’s currently no support for restoring files (sadly). I didn’t see any way to accelerate deletion of files — once data goes to the Cloud it is beyond our control.

Restores are all or none — you can’t restore only some Contacts.

Friday, October 23, 2015

Group text on iOS: native functionality and the alternative (and GroupMe)

Our school mountain biking team has been doing group texting for coaches. Works well on rides — especially when coordinating riders of different skills. 

Yeah, I know the larvae do this. They use dedicated chat apps though, like WhatsApp Group Chat or Facebook Messenger or, much less often, named iMessage groups. We are old and set in our ways, so we need something that works with SMS. (Google Hangouts is said to support Group SMS, with Hangout 4.0, but I couldn’t verify this. Too complex anyway.)

The simplest approach to to send one message to a group, then dig up the thread when desired. You can even name the thread — but only if everybody is using iMessage (never happens). In practice many of us lose the thread.

There’s another approach sort of built into iOS. In OS X or iCloud you can define “Groups” of your Contacts. Bizarrely, you can see Groups using iOS, but you can’t edit Group membership in the standard iOS [1]. You can buy for $2 and it will do lots of things that should do including editing Groups — and it works with the Contacts database. Or you can use iCloud or OS X to edit Groups and sync.

However you do it, once you define a group you can use it in iMessage as though it were someone’s name. There’s a limit of 10 SMS members however. Worse, a single person can have multiple phone numbers — and every number is used.So this looks appealing but it doesn’t actually work very well. What might work natively, at least for 10 or less SMS names, would be to create a Group composed of 1-n people each with 6-7 numbers each. Say the group is BIKE, and there are five people in it - Mike, John, Bob, Alice, Jim. Define the group BIKE, then create a contact MIkeJohnBob and a contact AliceJim with appropriate numbers. You’ll probably still hit the limit of 10 SMS numbers though.

But it’s not hopeless. It turns out is pretty smart about this. When I chose my group in, and select all the members (one tap) then tap SMS, it asks me to adjust the phone numbers for each recipient — and it does intelligent number selection. I was able to create a message for the BIKE group with 11 members, presumably because several used iMessage instead of plain old SMS.

i was able to create it … but not to send it. The message failed; I assume can’t get around the 10 SMS limit (maybe is US specific?).

We should really use a group chat app that works on Android and iOS, like WhatsApp...

[1] A function we’ve been asking for since iOS 2. I don’t think we’ll every see it.

Update: Richard (in comments) suggested I look at GroupMe, a product launched in 2010 and acquired by Microsoft’s Skype in 2011. He says GroupMe will incorporate SMS users into a group, no app required. That wasn’t obvious from the main page, but in the About page … "Best of all, it works on nearly every phone, via push or SMS” and in support: "You don't need to have our app to use GroupMe. Add anyone from your phone book and they will immediately be able to chat with the group. You can chat with your groups directly over SMS.” SMS costs money, so I wonder if the web site has been revised to downplay the SMS integration. No business model needed since this is Microsoft.

It feels like the echo of another era, back when some phones walked on 2 legs and others slithered. You can do most things just with SMS (I have vague memories of Twitter and perhaps Facebook doing SMS things), and your correspondents don’t have to register or sign up for the app (yeah, you can spam anyone). A 2011 Business Insider article mentioned it alongside Kik; apparently GroupMe was hot once.

Every member of a GroupMe Group sees messages coming from a unique phone number. Which is a clever workaround for the limitations of SMS chat — the phone number you see is a unique identifier (key) for a combination of a Group ID and a member’s cellphone number. When you send a message to that number GroupMe confirms the sending phone (callerid) matches the database record, then GroupMe sends it out to all the other cell number that are a part of the group.

It’s clever, albeit a bit obsolete now, but it’s also quite an expensive approach. GroupMe must have ways to reclaim numbers for reuse ...

Wednesday, October 21, 2015

Macs and external SSD storage - thunderbolt hubs and USB 3 UASP

My 2009 iMac is finally dying. It was my second iMac and my second iLemon. My 2005 iMac had early screen discoloration, overheating, and drive failure — but it survived the capacitor failures that killed many of its generation and it was the almost last Mac designed for user servicing. My 2009 iMac had early screen discoloration, overheating, screen flickering, two drive failures (one under recall) and, now, GPU failure. It’s not user serviceable. Lemon.

So I’m not a fan of Apple’s iMac lineup; I don’t want to buy another one. The Mac Mini is interesting, but the SSD pricing is irritating. The obscure but still sold non-retina 2012 MacBook Pro is an attractive iMac alternative when paired with an external monitor — and I actually prefer two 21" displays to a single 27” display. A refurb costs $829 and it’s easy to add memory to the 8GB max. It even has a Firewire 800 port. Still … 2012. That’s pretty old tech. I could buy another 13” Air ...

Or, I realized, I could not buy a Mac. I could save money and, more importantly, reduce my maintenance hassles. When my Time Capsule died young I bought a Synology NAS [1], I can use that as a file server for the family files. My Aperture photo Library is too large for my MacBook Air SSD, but I can pull my 1TB Samsung EVO SSD from the dying iMac and put it in an (very) inexpensive UASP+ external SSD enclosure (or this one) [5]. Based on past experience Aperture ran pretty well even over Firewire 800 and an external SSD. Emily has her 11” Air, I have my 13” Air, #3 uses her school iPad, and #2 only uses a computer for his school work. He can use one of the Airs — or maybe I’ll buy a disposable $150 Chromebook. [2]

Ahhh. One less computer to update, debug, drag to the Apple store, configure … I feel the warm breeze of a southern sea … [2].

My Air has two USB 3 ports and one Thunderbolt 2, currently occupied by a mini-display port. If it’s replacing my iMac it needs to work with 1-2 external displays, the iMac’s 1TB SSD in a USB 3 enclosure, several USB devices (scanner, DVD), an ethernet cable connection to the NAS and, ideally, my old Firewire 800 external 4TB drive, backup drive cradle, and flatbed scanner. Apple’s $1000 answer is the aging USB-free Apple Thunderbolt display.

Disregarding the obsolete Apple solution, I could go with a USB 3 hub or a Thunderbolt hub. With either one I’d like UASP Support [3]. The Vantek UGT-AH700U3-2C USB 3 hub is said to support UASP on a Mac; Wirecutter’s favored Anker hub didn’t in 2013 (though it might with newer chipset, wire cutter missed this important criteria in their review).

Really, even though the USB 3 hubs are ultra-cheap, I’d prefer something that would give me a single plug. Which means Thunderbolt-2 docking stations. I reviewed the options...

  • The original Caldigit ThunderboltStation claimed UASP support but the new one doesn’t mention UASP — and it has a limited number of ports.
  • Elgato thunderbolt 2 dock is sold by Apple Store [4], it has Thunderbolt_2 (2), USB 3 UASP compliant (3), HDMI, GB ethernet (no firewire, but Apple sells a firewire/thunderbolt adapter for $30)
  • Belkin thunderbold 2 express HD is also sold by Apple, but there’s no mention of UASP and it has only two USB connectors.
  • The OWC Thunderbolt 2 dock has the best connector options: Firewire 800 (!), 5 USB 3, Ultra-HD HDMI, Gb ethernet — BUT there’s no mention of UASP support anywhere. You have to buy a thunderbolt cable.
  • The Akitio has only two USB 3 ports, but they do support UASP [5] - but no ethernet ports.

Overall I like the OWC Thunderbolt 2 ($228 + $30 thunderbolt cable), but it’s missing the UASP support (but [5]). Otherwise the Elgato ($208, need to buy $30 Firewire/Thunderbolt adapter) would be my choice.

I’ve got a response from OWC pending on UASP support, but I’m also wondering if it makes a real world difference. Update pending.

- fn -

[1] Apple quality? Only by comparison to the alternatives, and perhaps not even then.

[2] Apple, you really shouldn’t be making non-purchase so appealing. Maybe invest more in software quality and hardware reliability and value and less in marketing gimmicks?

[3] USB Attached SCSI. Really?!  I still have nightmares from my SCSI days, termination voodoo. Yeah, not the same thing, but tell that to the dreams. From the wikipedia article: "Apple added native support for UAS to OS X 10.8 Mountain Lion; drives using UAS show up as using IOUSBAttachedSCSI instead of the older IOUSBMassStorageClass kext”. I wonder how much USB Attached SCSI/UASP resembles Firewire protocols; I couldn’t find any Google references. This is the kind of thing BYTE magazine used to do so well...

[4] Navigating the online Apple store really can’t get any more painful… can it?

[5] It sounds like, practically speaking, the best one ever does is about 370MB/sec whether by USB, thunderbolt or eSATA. Makes me wonder whether UASP support actually makes a real difference in today’s products.

Update [5]: The Amazon listing for the Intateck is a bit mind boggling. This screenshot shows the multiple options shown for a single listing:

Screen Shot 2015 10 21 at 1 54 12 PM

Depending on where the mouse lands you can get a model FE2003, FE2002, or FE2001 with varying case designs, some plastic, some aluminum, some with side vents, some not. I chose Aluminum, Optimized For SSD] Inateck 2.5 Inch USB 3.0 Hard Drive Disk HDD Aluminum External Enclosure Case with usb 3.0 Cable for 9.5mm 7mm 2.5" SATA HDD and SSD, Support UASP - the FE2003 version. The reviews for these different units are all merged. I suspect both Inteck and Amazon are guilty here.

Update: I ordered both the Elgata AND the OWC Thunderbolt docks from Amazon. I’ll run my own tests on both of them against the Inateck F2003 containing my 1TB Samsung and I’ll return the loser. If the OWC is good enough I’ll keep that one.

Update 12/12/2015: Results of my testing.

Sunday, October 18, 2015

Replacing a Time Capsule with a Synology NAS - Time Machine for multiple machines

When my first Time Capsule died young I grumbled and bought another. When the second Time Capsule died even younger I decided to try a Synology NAS. If nothing else, maybe restores would, maybe, actually work.

Yes, Apple’s Time Capsule sucks. So does Apple to be honest. But you go to war with the army you have ...

Synology has a technical article on configuring Time Machine, but it assumes you have only one Mac.That’s dumb. If I had only one Mac I’d use an external drive cradle.

Two web sites were particularly helpful

To begin with I purchased a consumer grade Synology DS215j for $200 . This device is widely used and has a good reputation, but I suspect it’s due for replacement soon. I like using old stable stuff so this was fine with me. I bought it through Amazon where it was clear most users buy a pair of WD Red 4TB NAS drive to go with it. Installation was simple — but I still got confused! Synology provides two sets of screws, one for the drive mount and the other for case closure. They also provide extra screws for each! So, of course, I ended up thinking the packet of 10 screws was 8 mounts and 2 case. Except they don’t fit the case… Ok. Look for the other wee packet.
So far my Synology setup seems fairly quiet. If you hear a loud fan noise you probably got a bum unit (OTOH I expect the fan will get loud in a year or two.)
The initial setup defaults to Synology’s version of RAID 1 Synology Hybrid Raid (SHR). Use the Storage Manager tool to run a SMART Quick Test or a full Extended Test. The Health Info will show SMART status and useful disk information including Temperature (90F on mine). I configured Notifications to send me a monthly report; I didn’t want to give it access to my primary Google account so I used a non-critical secondary account for email services.
Synology tells me I have 3.6TB of storage to play with. That’s enough for my backups, but it doesn’t leave much for other uses. I considered using a Disk Group to create a 7.2 TB “drive” and divide that into two volumes, but then I did the arithmetic on failure assuming a 1/10 chance of drive death in the first year of use (which, for me, would be typical):
  • Use one drive for backup without drive group: 1/10 chance of data loss.
  • SHR data loss probability: 1/100 (both drives must fail, really it’s much less than that because they have to both fail before I can replace one)
  • Single Drive Group data loss probability: 1/5 (1 - 0.9*0.9) — Assuming data is striped so that if either drive dies the entire data group is lost.

I decided I like having a much more reliable backup — at least for now. I don’t like the risks of creating a Single Drive Group, but I could see one day using one drive for backup and another for other work.

First in Control Panel:File Services enable AFP service. Even in 2020 I have not enabled SMB service. (At least through High Sierra Time Machine needs AFP and that works for Mojave too.) In the Advanced tab I enabled Bonjour and SSDP.

Within the Control Panel:Shared Folder you create one Time Machine folder on the Synology NAS that will hold one or more Time Machine disk images (one disk image per Time Machine). I named mine Time_Machine_FLNAS (no spaces).

In Control Panel:User create one user for each Mac so each machine can have its own quota and the logs are machine specific. I created one user per machine named after each Mac’s network name (they all share the same password). Each of these users has its own disk quota. I gave each user “Network Backup Destination (later rsync)” and “File Station” application permissions, I’m not sure both are needed.

Synology supports AES encryption of the backup disk, but a 2012 article claims a major performance impact. Time Machine also supports encrypted backups (new since 2012) but for initial setup I’ve left that off. Since my primary server is also unencrypted this isn’t worse than my current practice. I use encrypted images for sensitive data and we do encrypt our laptops and our rotating offsite server backups. The primary risk of an unencrypted onsite drive is, of course, theft.

From the client Macs Time Machine should show the Drive name you created on Synology. Choose that and wait. As of 8/2020 I alternate TM backup for one of my machines between my Synology TM and a tiny local USB drive. I've been using the same Synology box and drive for five years.

PS If you have to delete a large sparseimage then do it from the Synology NAS using File Station (NOT from MacOS!). It takes about an hour to delete a multi-TB sparseimage.

AT&T iPhone 6s with iOS 9.0.2 problem: no WiFi-Calling, Call Forwarding or Call waiting. Fixed by new SIM card and repeat activation.

I described this problem in a series of Apple Discussion posts, but I’ll summarize here. I think it’s the related to the problem that’s described in a Verge article from 10/9 (despite Apple marketing in the 6s is not actually GSM carrier neutral). I also bought an unlocked iPhone from Apple.

Shortly before a trip (as usual!) I found I couldn’t do Call Forwarding (Settings:Phones) on my relatively new iPhone 6. Instead of getting a number I could edit, I saw the display “loading…”. If I deleted the text I could enter a number, but it didn’t really work. If I played around a bit I could generate an Oops! error message. Around the same time I discovered WiFi calling wasn’t working despite new AT&T support; initially it seemed to be available but I got yet another “Oops!”: “We can’t turn on Wi-Fi calling for your account. Think this message is a mistake ..” Call Waiting wasn’t working either.

I don’t know if the call forwarding was a new problem, I don’t use it very much. I found that other phones on our family account could forward. I called AT&T and the rep hadn’t heard of the problem, but based on a tip from Apple Discussions I asked for a new SIM card. Turns out they can send these by mail.

That fixed everything. I suspect the SIM activation process updated my AT&T config data correctly. I’m not sure how I activated my iPhone 6 — I might have put my 5s SIM in it. That’s probably not the write way to do things.

You need to setup your phone as if it were a new device, per the “Let’s Get Started” directions and the site. When I started the process AT&T showed me my iPhone 6 IMEI number and the SIM/ICCID number for the new SIM card. I turned off my iPhone, did the Activation on the web site, inserted the new SIM card, and turned on the phone. Everything worked — even iMessage (to be safe consider logging out of iMessage with the old SIM then activating again with new SIM — but I didn’t run into problems).

Screen Shot 2015 10 18 at 1 14 21 PM

Thursday, October 08, 2015

Comcast (xfinitiy) Arris modem link light blinks orange (yellow?) rather than green - check your ethernet cable.

[jump to the update on this one, it’s not what I thought it was…]

When I switched from CenturyLink to Comcast two months ago my “boost” speeds were 50 up and 10 down on a rented Arris modem. The modem lights were green and i thought the link light was blinking green.

Recently comcast claimed to have doubled my internet speed. It did go up briefly to 100+ mbps, but now it’s back down again. Around the same time I noticed my modem link light started blinking yellow/orange.

It sounds like this may be associated with a > 100 mbps connection, but I suspect it also happens when there’s something amiss with Comcast’s network. Based on what I read and a call to Comcast there’s nothing to do about it as long as you’re getting the speed you paid for (which may not be the speed comcast promised, but there you go.) The comcast rep did say my area was suffering from network issues.

Update: A better thread on Amazon (!) says: "The light is orange when connected to a 100 Mbit device, and blue when connected to a 1 Gbit device”. My modem is connected to a GB device though (Airport Extreme), and the link light should be for upstream connection, not downstream. I may try a different ethernet cable...

Update b: I’m surprised, it’s not at all what I thought. The link light isn’t for upstream connections, it indicates downstream (internal) connection mode — 10/100 is yellow/amber/orange, 1000 (gb) is green. I’d forgotten that, in the midst of resolving an issue with a dying time capsule, I swapped out the ethernet cable connecting my Comcast modem to my Airport extreme. The new cable was a better length, and I thought it was excellent quality. Turns out it wasn’t so excellent! I swapped my original cable back in and the light immediately went green.

I then repeated the Comcast speed test, this time with my Macbook Air within a few feet of my router. For convenience I tried with 5GHz Wifi, not wired gb ethernet. Comcast more than passed the speed test — delivering 125 mbps over wifi. I don’t know if my modem reports a faster internal speed to Comcast and if that impacts provisioning. I’m used to berating my ISP, but Comcast did very well on this one. With 100+mbps (much less gbps) broadband internal networks matter.

In the dining room, a floor below and about 20’ feet away, the same speedtest over 5GHz wifi gave me about 73 mbps (my 11” Air might have been a wee bit faster than my 13” Air). Quite an impressive reduction.

Monday, October 05, 2015

Apple Time Capsule - dead at 2 years 4 months, resurrected as a pure NAS solution

My Apple Time Capsule is dead. It started taking a very long time to join my wireless network, so I did a ’restore default settings’. The restore seemed to work, but it couldn’t join the network; on restart it’s settings were scrambled. So I tried again, and it stopped paying attention altogether.

This TC lasted 2 years and 4 months. Even when it worked restores were agonizingly, impossibly, slow; the Time Capsule is a grossly underpowered NAS. I was disappointed in my previous time capsule, but at least it limped along for almost 4 years.

I have a reasonably modern Airport Express that can take over print server duties for now, but I do need something to run Time Machine backups on. I’ll have to think this over a bit…

Update 10/6/2015: Using broken TC as a wired peripheral

It looks like something is rotten on the network/wireless side of the Time Capsule. I gave it some debug time and some factory resets, but I didn’t invest a lot of time. For one thing I realized there’s only 25GB left on the 2TB internal drive — it really is too small to backup our home network. I’ve ordered a Synology DS215j [1] and two WD Red 4TB NAS drives to be our Time Machine and file server. Over time I may be able to use this to replace an external drive attached to our home server. Shawn Blanc’s 2014 review of the DS213j is a helpful guide.

In the meantime I’m short on backup for our home network. My primary server runs a highly carbon copy clone with offsite backup, and I can run carbon copy manually to a network share from my personal workstation, but that leaves two other machines. I also like having two very different backup modalities for my primary machines. I found I could still use the Time Capsule through its wired ethernet connection.

Our home network is all WiFi now that the Time Capsule (switch, NAS, etc) is dead, so I used network preferences/location to make wifi the primary network option on all devices. Then, using Airport Utility, I browbeat the half-dead TC until WiFi was off and network services were in bridge mode, but file share with local file password was on. Then I found I could connect from each machine by direct ethernet to the TC and run Time Machine manually. I’ll do that until I get the Synology integrated.

Hmm. I wonder what happens if I connect the Time Capsule to a network port on my Airport Extreme...

Update 10/6/2015b: Using broken TC as a pure NAS hanging off my newish Airport Extreme

It took me too long to figure this one out. I blame that partly on Apple’s now opaque Airport configuration tool (designed to try to hide complexity of WiFi, fails at that).

Our newish AirPort Extreme (column thingie with fancy antennae), which plugs into our Comcast “modem”, is powerful enough to cover our whole house — and it has 3 ethernet connectors. So after I disabled WiFi and put the broken TC into bridge mode, I connected its ethernet uplink to an ethernet jack on the Extreme. Voila — it’s lights are happy green and Time Machine works with no configuration changes. Even the photo slideshow on the TC USB mounted thumb drive share works. This will hold us until the Synology arrives (0 drive configuration is out of stock).

Screen Shot 2015 10 06 at 12 23 55 PM

The only trick is convincing the TC to accept bridge/no wifi:

Screen Shot 2015 10 06 at 12 23 34 PM

Screen Shot 2015 10 06 at 12 23 41 PM

After doing a hardware refresh AirPort Utility (ethernet connection to Mac) insisted I first configure it as standalone network service. That left it blinking yellow, but I could then get to the “advance” interface that let me make it into a pure NAS solution.

[1] What are the odds its firmware comes with Chinese gov hacks pre-installed?

Saturday, October 03, 2015

Search is broken on for OS X

The developer working on for OS X took an unfortunate shortcut when coding search. That’s kind of a problem, because search is what Simplenote is about.

It’s easy to see the problem.

In Simplenote 1.1 for OS X a note that has three words in it:

blue green yellow

search on blue and you’ll find the note. Search on blue green and you’ll find it. But search on [blue yellow] and you won’t.

That’s because the developer implemented a very simple string match search (sometimes this is called phrase search, but that’s a bit grandiose). Whatever string you enter in search has to directly match a string in the note.

Now repeat the same experiment with the Web version or for iOS You’ll find that [blue yellow] works, as does [blu yell]. The developers who implemented search on iOS and the  web used what I call ‘word-starts-with-search’; it means a separate index is created containing all the lexical tokens and the input tokens are boolean matched against the index tokens (see also).

I’m quite surprised the OS X app passed Automatic acceptance testing — search is feature #1 for this app and it’s very broken in the OS X version.

Thursday, September 10, 2015

Rich Text Format (RTF) died between 2006 and 2012. Without a funeral. What does that mean?

Nine years ago, when I was looking for a decent word processor (now that’s an old word, almost as obsolete as typewriter) for OS X I had a list of requirements...

Gordon's Tech: Nisus Writer Express: My Review

… It had to use an open file format. Practically that means RTF, RTFD or OpenOffice. I cannot abide yet another file format that will strand my data. That ruled out Mellel and, sadly, AbiWord. I don't care if it's the second coming of WordPerfect, it has a stupid proprietary file format. That also rules out Pages and AppleWorks...

I wanted a Mac native OpenDocument compatible word processor, but that didn’t happen (remember when the EU was going to make OpendDocument work?). So I settled, for a time, on RTF. In theory. In practice I didn’t do much wordprocessing on my Macs, I did most of my writing in, MarsEdit and Google Docs. On Wintel I used Word.

I’m not using Wintel these days, so I was looking for something other than plain text for my Mac document work. Pages is an act of desperation, and until recently Word for Mac was a lousy product, so I started using TextEdit as a document editor because its default file format is RTF.

That’s how, rather late to the game, I realized that nothing on my iPhone would work with RTF. Google Drive will display RTF contents, and convert RTF to Google Doc, but since none of my iPhone apps supported RTF I couldn’t use an app extension to open those files.

So I started asking what was up with RTF. The short answer is that RTF died - sometime between 2006 and 2012. I’ve been unable to find an obituary — it simply passed from the scene. RTF only lives on in TextEdit because it’s been baked into OS X since time immemorial — but not iOS. (Nisus Writer still uses RTF as a native file format. Might be time to give that up.)

Sheesh. Shouldn’t there at least have been a eulogy?

I guess .docx is our de facto native document file format; the heir to the dreams of RTF and OpenDocument and many before [1]

Meanwhile geeks are using plaintext and markdown.

This is really not what we expected...

- fn -

[1] If you create a new document in TextEdit, then hit cmd-opt-s, you can specify docx and save. TextEdit will then stick with .docx. There doesn’t seem to be a way in Yosemite, secret or public, to make TextEdit use .docx as a the new document format.

See also:

Update 12/12/2015: Scrivener uses RTF in its text editor. Might be last to do so. I suspect it’s using OS X native support. The new version of, interestingly, uses a subset of HTML.