Saturday, January 04, 2020

Apple's Family: The many surprises of creating an Apple ID with age 13 or under

(You can skip the rant to get to the tech details)

<rant>I frequently berate Apple for the radioactive-feces-infested-dumpster-fire that they’ve built out of Family Sharing and Parental Controls / Screen Time / Restrictions [1] … but my latest experience has added a note of sympathy for the engineers who offend Tim Cook and are HR assigned to work on this prior to leaving Apple.

Apple has built something insanely complicated. The intersection of user interfaces, regional rules and restrictions, content licensing, DRM, functional requirements, iOS, macOS, iCloud, sync, multiple OS versions … heck, there probably time zones in there too. At this point they might as well give up and throw a neural network at it.

Whatever your day job, be grateful this isn’t what you work on.

Things are almost as bad on the consumer side. There’s a reason I seem to be the only person alive trying to make remote Screen Time work. (It’s a book project, I don’t have a choice.) With some effort I’ve come up with practical recommendations for caregivers (example) — but they assume the software actually functions. In practice I have run into a wide range of bugs and weirdness, particularly since iOS 13 was released.<rant>

Among the many complications Apple contends with into are rules about how many devices and how many users can be a part of a Family for the purposes of both DRM management and remote Screen Time. These are poorly documented, but as best I can tell the limit is 5 family members and somewhere around 10 devices (it’s not clear how multi-user accounts on macOS are treated or Apple TV). Our family has five members so we’re pretty much at the limit and I think we’re at the absolute device limit as well.

I say “think” because it’s not clear that there are error messages, I think things simply break.

So the baseline situation is pretty bad, even before one runs into bugs with handing down devices between family members.

I made things worse though. For a book project I added a test account — That pushed us up to six family members and probably hit or exceeded our device limit. Since my test phone is an iPhone 6 [2] it can’t upgrade to iOS 13 and is no longer useful for the book project. So I decided to try to remove it.

That’s where my next set of problems began. I’d make the mistake of creating the book account with an “age” less than 13. Ages are important in Apple’s Screen Time world. Basically:

Age 18 or more: independence, controls stop working, can purchase ad lib, can be Organizer. (Basically at age 18 you need to remove children from Family.)

Age 13: non-vulnerable status but subject to controls, cannot be Organizer. Age 13-18 is the range for Screen Time and content sharing. If you are the caregiver for a vulnerable adult (ex: cognitive disability) and need Screen Time support you need to periodically adjust their birthdate so they are over 13 and under 18. (We need legislation so Apple supports cognitive disabilities they way they support visual disabilities.)

Age 12 or less: vulnerable status. See below for the special rules.

I’d blundered by creating an iCloud ID for a “child” account with a current age of < 13. These vulnerable user accounts are special:

  • They cannot be deleted by users. Only Apple can remove them. They can only be shifted between Family Organizers (supports divorce, parental death remarriage, etc). If a child should die, the grieving parents will need to work with Apple support.
  • The birthdates cannot be changed. (Of course.)
  • Since they cannot be deleted the Organizer iCloud ID they are associated with cannot become a non-Family ID.
  • Since the Organizer ID must stay a Family ID the payment method cannot be removed from it.

That last bullet point is important. It’s a bit weird, but Apple documents how to create an Apple ID that doesn’t have a payment method. You can use it to buy free apps and tunes.

You can’t, however, turn that Apple ID into a family organizer:

If you're the family organizer for a Family Sharing group and want to share purchases with your family, you're required to have at least one payment method on file. A payment method is also required to set up accounts for children.

If you have an Apple ID like that, and you try to make it a Family Organizer in macOS Mojave iCloud despite the warning, you’ll get this helpful error message:

“There was an unexpected error”. Yeah, Apple was serious about that “requires a credit card” warning, they just didn’t code the error handler response for those who ignored it. I figured given the kludgy workaround Apple documented that the warning was obsolete. Wrong.

Why does Family Sharing require a payment method? I suspect Apple’s hacked together back ends can’t prevent some purchases even when there’s no payment method — and Apple doesn't want to get stuck with the tab. Another possibility is that it’s needed as part of Organizer identity tracing in case a vulnerable child family member is at risk.

So, what do you do when you have too many kids and you need to dump one that’s under 13?

The only recourse, short of phoning Apple support, is create another full Apple ID (age over 18), make it a Family Organizer, and transfer the sub-13 to that “Organizer”. You need hardware to create a full Apple ID, but if you have a Mac you can do it just by adding a system user. I did that to upgrade a limited Apple ID I’d created long ago to a full Apple ID. I then tried to use this fake parent/Organizer without a payment method, which is how I got the “unexpected error”.

After I added a real payment method and confirmed iTunes could see the account change I tried to again make that Apple ID the Organizer for a new family. This took a while. At first the macOS Mojave iCloud Preference Pane would simply display a blank window. After about five minutes it worked. I presume a back end system got updated.

From there I hopped through the transfer process between the macOS account for my new Organizer Apple ID and my iPhone that currently managed my faux 11yo. Some of the screens i saw are illustrative:

I got an error message during the process saying the request had expired, but it went through anyway. I think I got that errant error message because I backed up a screen to do a screenshot. Yeah, this stuff is fragile.

So it appears for now that I’ve moved my fake 11yo from my true Family to a new fake Family where it will sit for another 2 years. Then it will turn 13 and I can vaporize it (I’ve created a future task :-) and then I can remove the payment method for the fake Organizer.

Once I get my strength up I may try to contact Support about some of the other problems with our Family Screen Time, like that handed down device still stuck to my daughters account (or I can just wait until she’s 18 and exits).

Now I need some Scotch, but it’s still a bit early here ...

- fn-

[1] Extending the existing Family Sharing to enable remote Screen Time management was a fatal error.

[2] The iPhone 6 can’t move beyond iOS 12, but Apple is still supporting iOS 12 on it, and since iOS 12 is superior to 13 in several ways the 6 is arguably now a better phone than the 6s.

See also:

Saturday, December 21, 2019

Share Sheet crash in iOS 13.3 - try removing apps that have associated share sheet actions

I upgraded from iOS 12 to 13.3. Most things worked (Parental Controls/Screen Time may be more broken, but it’s always broken), but I had one significant bug.

If I opened a .docx (Word) file in it would display in the docx viewer as expected. If I then tapped the share sheet icon the viewer would crash.

David Yeh found a workaround — do a long press on the document and then use the share sheet from that popup screen. Another contributor suggested removing and restoring the mail account, that didn’t work for me.

Today I found a fix for my case. I deleted two utilities: Pinner (last updated 2y ago) and Opener (frequently updated) then restarted my phone. That removed their associated share sheet action apps.

Now the share sheet works for me.

I’ll reinstall Opener if I find I miss it. was updated relatively recently so I’ll use that instead of Pinner (really, I only use the Pushpin app action).

Sunday, December 01, 2019

How to create a file system reference to an iCloud Note

My daughter wanted us to use a shared Apple Note for trip planning. That's fine, but I wanted a way to reference it from the macOS folder that held other trip documents.

This worked:
  1. Open Safari and view the specific Note.
  2. Drag the URL ref to desktop creating a .webloc file, name it as desired
  3. Store .webloc file in folder
Funny bit: If you double-click the .webloc file it doesn't open Safari. It opens Mojave with the specific Note selected and contents displayed.

This is the actual webloc content (I tweaked the GUID just in case it allows global access):
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
<plist version="1.0">

Unable to use MarsEdit with Blogger - Google web OAUTH failure with DHCP mode on AirPort Extreme

I'm now unable to use MarsEdit with Blogger on Mojave or High Sierra. When Google asks me to authenticate instead of getting the usual embedded web page for entering credentials I get a blank page.

Either Google has changed something so this only works on Catalina or there's something odd about my Google accounts. I've tested with

  • two non-2FA Google Apps identities that used to work
  • my personal 2FA Gmail Google ID
  • my wife's personal Gmail Google ID never used for blogger
  • two user accounts on my Mojave machine
  • 1 user account on High Sierra
  • Admin and non-admin account
  • Clearing caches with Onyx
  • I think I also tried an older version of MarsEdit that was on my old account on the High Sierra machine
macOS Console has not been helpful, but I have yet to download and try it using Consolation.
MarsEdit dev (Daniel Jalkut) says it works for him on Catalina and on pre-Catalina.

Update 12/6/2019: I eventually realized the problem was my home network. I have a Comcast Xfinity router and an Apple AirPort Extreme. Both have had no configuration changes in months, but Comcast recently updated my service and the AirPort firmware went to version 7.9.1 a few months ago.
Update 12/7/2019: Today I discovered my AirPort Extreme Guest Network no longer works. That’s the network all our IOT devices connect to.  Turns out suggests that the Guest network doesn’t work in Bridge mode unless the internet router is configured for VLAN support. Would be nice if Apple documented some of this stuff. Maybe this is why they exited the router business.
So I have to go back to double NAT for now then try reverting the firmware. (Though once I’ve authenticated a blog I don’t need the web OAUTH, so there is that option.)
Update 12/8/2019: So I reverted from 7.9.1 (79100.2) to 7.7.9 and it still doesn’t work! So I think I’ve ruled out a problem with the AirPort Extreme firmware update. I think I tried an older version of MarsEdit. I can’t say for sure but now I suspect it’s something Google did that broken compatibility with Double NAT (DHCP) on the AirPort Extreme.
I went back to 7.9.1 (got an ominous notice that firmware update failed but it seems fine) and I guess I’ll use my TunnelBear VPN when I need to authenticate with Google. I’ll test periodically to see if Google fixes things.
I tried out Google OAUTH playground. It’s a bit above my pay grade but it seemed to work across my Double NAT setup.

Removing encryption from PDF on macOS with Chrome

My son's employer has one of those obsolete and spectacularly awful SAP style web sites that distributes pay statements.

The PDFs are encrypted. They won't render in macOS Mojave Preview; I can enter the password but I see a blank page. (For more on all the many issues with PDF on every platform but especially macOS see the great Eclectic Light series on macOS PDF by Howard Oakley.)

To remove encryption:
  1. Drop onto Chrome. Enter password. Chrome will render them.
  2. In Chrome select Print.
  3. Change print destination to PDF.
  4. Save.
The saved PDF is not encrypted and will render in Preview.

Thursday, October 31, 2019

Aperture to - preparation

I despise Apple in general and Tim Cook in particular. I wasn’t always that way. In the 00s I was kind of fond of Apple.  That ended with the way Cook killed Aperture in 2014. Apple could have provided an exit, but they didn’t.

Being unable to leave Apple has not improved my mood over the past six years. The exit cost is too high. On the bright side my Apple resentment has made it easier to resist the Apple watch. So I have a bit more time in my life for family, bikes, skis, and CrossFit. Thanks Tim!

I’ll still be on Aperture into 2020, three years beyond my original plan. The Catalina catastrophe has made staying on Mojave more agreeable. I’ll have to switch sooner or later though, almost certainly by 2021. So I’m working on a list of what I need to do prepare. I’ll update this post with items I think about:

  1. Eliminate all stacks. I have hundreds of unwanted stacks created by Apple’s original hacked up iPhoto to Aperture migration (that was horrible). I need to edit each of the stacked images and remove the duplicate.
  2. Flatten the keyword hierarchy (the marvelous hierarchy is from a time when giants walked the earth).
  3. Regenerate images from RAW (this will take eons and is high risk).
  4. Be sure image locations and face recognition (never worked) are turned off.
  5. Simplify all smart albums not supported by
  6. Create an empty shell of current Library, then use that to import all images from past Library. Confirm everything is correct.
  7. Rebuild database to confirm no errors.
  8. Per Apple’s migration directions, create full-sized “previews”.
  9. Ensure iCloud is empty of images and that destination library is empty with no iCloud sync. Disconnect from network.
  10. Import into
  11. Validate.

This project will take many months, many backups, and purchase of at least one other 1TB SSD.

Tuesday, August 20, 2019

Black Diamond Spot User Guide (manual)

I’m swearing off Wirecutter. Again.

It’s not that their recommendations are awful, they’re just kind of inexpert. They don’t actually use the products they recommend, they just test them.

Like the Black Diamond Spot headlamp. I needed something for an upcoming trip and it wasn’t mission critical, so I used the Wirecutter recommendations. The Spot actually works ok, and seems well made, but it’s ridiculously complex. The Spot is what happens when you give bored Chinese engineers some chip space.

Serious climbing headlamps have maybe two settings — basic and high. This has at least 6 settings based on combinations of switch press, hold and side tap. My brain looked at the directions and shut down.

And those directions — they go on for pages and pages in many languages, but the core is a small series of pictures. Sure to be lost, essential to reference, and not available online.

So here’s my scan of the part of the Black Diamond Spot User Guide that matters

You’re welcome.

Here are all the friggin modes (I put them in a note on my phone). Die Wirecutter, Die.


Not Powered On (why it needs a lock mode)
- press and release 1x: turn last active light on
- press and release 2x: toggle between spot and wide angle light
- press and release 3x: strobe
- press and hold 2s: red light on
- press and hold 3s: always turns on spot light
- press and hold 4s: toggle lock mode (small blue light blinks for a few seconds in lock mode)

Powered On
- press and hold: goes to bright then dims as hold
- 3x: strobe

(light tap when powered on)
- activate BOTH spot and wide angle

Saturday, August 17, 2019

Best way to get Scrivener content into a blog post

After various experiments the best way I’ve found to get Scrivener content into a MarsEdit blog post is to complete to HTML then copy/paste the rendered HTML into MarsEdit.

Everything else messes up paragraphs.

Friday, August 16, 2019

Mountain bike dropper posts, a very quick review

A public Facebook group featured the best review of dropper posts I’ve read, by TB R-A. Reposting here so it’s not lost...

I’ve owned the RockShox Reverb, Fox Transfer, Specialized Command, Bontrager whatever it is called, and 9 Point 8 Fall Line. Of them all the Fall Line has had the best actuation and has been the best performing.

The Reverbs are a pain because they need bled. The bleed process is easy enough, but still a pain. Also, if the line would be damaged or cut out on a long ride you’re SOL. You can’t fix it in the field.

The Transfer worked well enough, but it makes a sucking noise at the top and bottom and drove me nuts.

The Specialized was a bit finicky, I don’t remember much more about it. The Bontrager was OK, but not nearly as nice as the Reverb in terms of quality or performance.

Right now I have the 9 Point 8 Fall Line on both of my bikes. Performance has been flawless and you can easily repair it on the trail should you need to. The upgraded lever made by WolfTooth is really nice, good ergonomics and you can just replace pieces of it should something break (which happened when I loaned my bike to someone). You can release the rail from the head on one side to access the air valve, it’s pretty slick. So, the Fall Line is my choice. I replace the seals annually on it, which takes about an hour. Aside from that nothing really needs done.

Dropper posts are expensive still, though the cheap clones are emerging. I like the idea of the wireless rockshox, but it’s $800 for now. The Bontrager is less costly than the 9 Point 8.

Sunday, August 04, 2019

Bleeding Avid (SRAM) XX/XO 2012 hydraulic mountain bike brakes (scan of manual)

I’ve now bled my front and rear 2012 Avid XX brakes. I did the front first and got an excellent result. I did back twice, the first time it sucked the 2nd time it was good but not as good as the front.  Tricky business! You really need to follow directions fairly precisely.

Want to get some quick notes out here mostly for my use. Maybe later I’ll fill in the rest.

  • If you’re going to bleed brakes buy a set of fresh pads to insert. No sense bleeding with old pads.
  • The Avid/SRAM (SRAM bought Avid) kit I bought for my 2012 XX vintage brakes is amazing. Full of bits and pieces. For bleeding only need a few. Everything feels surgical quality. The procedure felt more like a medical procedure than a bike procedure.
  • The brake block for my Avid XX 2012 is the one in the manual with the prongs. You can use it with the prongs and the pads in place, or with the pads out and the thick end. There’s a right and wrong way to insert, all the cutouts and notches have a purpose. You’re supposed to remove the pads for and use the thick end, but I’m not sure it isn’t better to use the prongs with fresh pads. You’re running risk of getting fluid on pads, that’s supposed to destroy them and the bicycle and surrounding neighborhood.
  • The 2012 manual that came with the kit I used is excellent. I couldn’t find a copy online save from scurvy services that vacuum up PDFs and reserver them. The 2019 manual isn’t as good. It’s sad SRAM didn’t keep this one around, I’ve uploaded a brake fluid stained scan of my copy.
  • Take your wheels off so they don’t get brake fluid on them or tires.
  • They describe the brake fluid as quite toxic. First time around there were drops on the ground and I really needed a clean lint-free rag. Would be easy to get in eyes. Wear eye protection. Wear latex gloves. If you’re sloppy wear crappy clothes. Do it outdoors.
  • The kit includes a small Torx wrench. If you have a magnetic torx bit driver you’ll be very happy.
  • They are serious about that 75-80mm lever distance.
  • You should have lots of isopropyl alcohol around to clean with. I washed my bike with soapy water.
  • Make a copy of the directions so you don’t get brake fluid on your only (paper) user guide
  • The clamps on tubing were super stiff at first. Needed pliers to close clamp. Gets better after use but still a pain.
  • There are lots of online directions and videos but for me the old manual worked best.
  • I think you need the bike somewhat horizontal, don’t have it in a stand where the brake lever is lower than the caliper.

Wednesday, July 03, 2019

I really like my SharePoint list based blog that's not a SharePoint blog

I don’t think anyone is terribly interested in this, so I’m not going to provide a lot of detail, but if you want to know more just email

So why am I writing anything? I’m writing because this thing has worked very well for years. Alas, nobody at work appreciates the simple genius of how it works. So here I can vent.

I ignored SharePoint’s clumsy native blog. I built my blog off the SharePoint announcement list which has basically worked the same way for 10-20 years. Like every list in SP it has an RSS feed (deprecated in newest versions of SP alas) and email notifications with user controlled update frequencies. So the subscription side works fine.

I added a couple of fields to the basic list. One is for tags. Tags let me create topical views of the list by creating SP views that filter on tags.

The other field (and this worked better than I imagined) was to create my own PUBLICATION_DATE field and sort the blog (list of announcements) by publication date. The default value is the date created — but I can edit the publication date without changing the post URL!

The last is wonderful. Instead of having to point to an old post and perhaps add some new additions, I just update the old post and revise the publication date to current. SP regenerates email notifications to subscribers, updates the RSS feed, and the view shows the updated post at the top — but the URL is unchanged so links don’t break.

It’s really simple, it’s worked very well for 2-3 years, it should work indefinitely. I wish other blogs worked that way — let me revise publication date, sort by that date, don’t break links.

PS. Why SharePoint? Because where I work that’s what we have. We aren’t getting anything better.

Saturday, June 29, 2019

Chrome: Default pjkljhegncpnkpknbcohdijeoejaedia quit unexpectedly

For years I’ve launched gmail and gcalendar on my Mac using apps in my user/application folder I’d named and I loved them. Not only did they let me go directly to gCal and gMail from spotlight they also opened in my preferred user profile rather than the last user profile I’d used.

Today they crash on use.

Intermittently I got this error message:

Default pjkljhegncpnkpknbcohdijeoejaedia quit unexpectedly.

That looks like malware, but apparently pjkljhegncpnkpknbcohdijeoejaedia is an undocumented internal Google Chrome extension. (Very cute Google.)

After a bit of research I believe those apps were known as Chrome apps, and years ago Google supported creating them on the Mac. Google ended support in 2017. I think the apps lived in a Chrome folder that was removed, but on my machine they survived because I’d moved copies into a user folder.

Today my extended use luck ran out. Now they crash [1] under Chrome 75.0.3770.100. I suspect my Mac was updated today or yesterday, this version of Chrome was released June 18.

I REALLY miss the desktop app functionality. “Progressive Web Apps” were supposed to replace it but I don’t think they happened [2]. I might try this 2018 tip to see if I can restore it.

Or maybe the next release of Chrome will fix the crash :-).

- fn -

[1] sample start of log

Process: app_mode_loader [1087]
Path: /Users/USER/*/gCal (jfaughnan).app/Contents/MacOS/app_mode_loader
Version: 4.5.6 (2564.97)
Code Type: X86-64 (Native)
Parent Process: ??? [1]
Responsible: app_mode_loader [1087]
User ID: 502

Date/Time: 2019-06-29 14:33:12.397 -0500
OS Version: Mac OS X 10.14.5 (18F132)
Report Version: 12
Anonymous UUID: C285F89D-D3A8-7245-0199-81B760782A83

Time Awake Since Boot: 2100 seconds

System Integrity Protection: enabled

Crashed Thread: 0 Dispatch queue:

Exception Codes: 0x0000000000000002, 0x0000000000000000

Termination Signal: Trace/BPT trap: 5
Termination Reason: Namespace SIGNAL, Code 0x5
Terminating Process: exc handler [1087]

Application Specific Information:
dyld2 mode

Thread 0 Crashed:: Dispatch queue:

[2] No, didn’t happen on Mac. Over a year late now:

Progressive Web Apps on Desktop 
Progressive Web Apps now work on the desktop, including Chrome OS and Windows, with support for Mac and Linux coming soon.

For Google macOS is not a priority platform.


Saturday, May 25, 2019

Getting Emily's iCloud photos -- you can multi-select in Photos.web (again)

As recently as 2018, Apple had stopped supporting multi-select in iCloud Photos.web. It was really annoying.

Today it works. I don’t know when this was fixed. It didn’t get a lot of attention in my streams.

It’s a big feature for me.  Now if I want to add photos from my wife or daughter I can browse to their iCloud accounts, select from Photos.web, and download. Much easier than switching to a user account, running Photos.mac, waiting for it to sync, exporting to a shared account, etc, etc.

One odd thing, the file “Modified” date is “Tomorrow at 12:15am”. Presumably a server time zone problem….

Saturday, May 11, 2019

Screen Time old device bug: Dev used device ID as key, forgot Apple ID

There’s a well known old-device bug with Screen Time. Once you’ve setup up Screen Time for a child’s device it will always show up under their Apple ID — even after you wipe the device.

So my daughter’s old iPhone 6 showed up under her Screen Time Apple ID — even after it had been wiped.

Today I changed the Apple ID for that device and enrolled it in Screen Time under a new Apple ID. Then I went to look at her Screen Time device list. Lo and behold — the old device was still there, but now its device name changed to match the device name it had when I reenrolled it with the new Apple ID.

So now one device shows twice in my remote Family Screen Time, once under my daughter’s device list, once under the new Apple ID.

I’ve read that Apple’s Screen Time was a “rush job”. Looks like the dev is doing Screen Time by storing a device identifier — maybe a Serial Number and the device name used at enrollment time. They should have used a combination of Apple ID and device identifier but they used device identifier alone.

Two new discoveries in iOS Screen Time (parental controls): Age 13 and Apple ID incompatible with Screen Time

A reputable Twitter source recently wrote that “Screen Time” was "a rush job".

It feels that way. As part of a book project I’ve spent way too much time experimenting with Screen Time. It needs a top to bottom rewrite. Also needs an API so other vendors can extend what Apple offers. 

Anyway, I’ve learned two new things about Screen Time — two special ages and a hint about why one iPhone could not be enrolled in remote Screen Time.

First the ages. US Screen Time has two special ages: 13 and 18. We know about 18, but the 13 is new to me. 

If a Family Member's Apple ID birthdate means their current age is over 18 then remote screen time blocks are turned off. It’s an 18th birthday gift from Apple! This is a problem for special needs adults — chronologically 18 but very vulnerable. The workaround for a special needs adult is to set their AppleID birthdate so they are 14 (write down the birthdate you used, you may need it).

Note I wrote 14, not, say, 10. That’s because 13 is another special age. If a Family Organizer creates an Apple ID birthdate such that a family member’s age is under 13 they will see, after it’s been created, the message "Children under 13 cannot be removed from Family Sharing.” Not only can they not be removed, their birthdate cannot be changed either. You will need to call Apple Support to have changes made, and you may need to work with a supervisor.  Meanwhile any devices with that Apple ID will count against your sharing cap.

What else did I learn?

I learned that some Apple IDs won’t work with Screen Time. It’s not clear why; I assume it’s a obscure bug somewhere in Apple’s creaky identity management infrastructure. When I set up a test phone for my book project I used an old Apple ID of mine. Without going into the convoluted history, that Apple ID is descended from an old email account and it’s all way too complex to describe. In any case, even though I'd changed the birthdate so age was 14, remote Screen Time settings didn’t “stick”. I’d enable them, they’d flip back to off. I changed the device Apple ID to a fresh one created from my Family Organizer account (which is how I discovered the 13 yo bit) and now it works.

Since my test iPhone doesn’t have a SIM card I wondered if that was part of my remote Screen Time problem. It wasn’t — my setup worked fine. Interestingly when I set the Apple ID this way both FaceTime and iMessage also worked without a SIM card — no ‘waiting for activation’ issues.