Force Chrome to remember iCloud password - how I ended up with LastPass

I don’t use iCloud for much - Apple’s cloud functionality is almost as lacking as its reliability. Our family has used Google Calendar for 7 years [1], I use Simplenote and nvAlt [3] as an information store, Gmail for email [4] and Toodledo/Todo.app for tasks. [5]

That leaves Contacts in Apple’s badlands — they’re too tightly coupled to iOS and OS X to readily migrate. So Contacts are the only bit of iCloud I use; I have to admit that they have been relatively reliable.

Hang on — this does get to the part about forcing Chrome to remember an iCloud password. But first I need a bit of setup. I have to explain something about corporate life and personal data.

Fifteen years ago many employees mixed their personal and corporate data on business laptops and workstations. It wasn’t unusual to use a single email for both work and personal use. Ever since then the two worlds have been dividing - driven by legal and security concerns. Even thumb drives are encrypted on insertion now; data on the increasingly locked down corporate laptop belongs to the corporation.

Which is fine for email and work documents - they should belong to my employer. Contacts though — they’re a problem. They don’t divide neatly between work and personal — and my work Contacts are pretty important for my future employment and family food. So, when it came time to decide where my Contacts should live, I moved them entirely into the personal sphere.

Which is why I need to use a corporate browser (Chrome [6]) to access iCloud — that’s where all of my Contacts live. I need ‘em when I work. 

Ok, so we’ve established I need to use Chrome to access iCloud. Now the problem — it makes me enter my password way too often. And my passwords aren’t easy to type or remember. There are extensions that once forced Chrome to store this password, but they don’t work any more.

So today I broke down. LastPass has a freemium model for online credential storage; the web app and Chrome extension are free. (LastPass charges for mobile services.) Unlike 1Password, which I use on iOS and OS X, there’s no need to buy a Windows client — and I don’t want to put all my credentials in the Cloud anyway. So I signed up for free LastPass, and created an account with a single stored credential - my iCloud ID and password.

It works fine. So one of my longstanding annoyances has been fixed — I can quickly bring up iCloud Contacts.

- fn - 

[1] Calendars 5.app is essential for the Google Calendar power user — we have it on every phone [2]. My native iOS Calendar syncs to my corporate calendar, Calendars 5 reads the iOS calendar database so it appears inline with my other 17 calendars, including 1 for each family member and one ‘all family’ calendar. Our family grandfathered into free Google Apps accounts, but if we didn’t I’d probably pay for the business service. Free has been nice though.

[2] It’s $7 a user. Since it’s not funded by in app purchases I believe iOS family sharing would allow one purchase to support five users. If it did use in app purchases that wouldn’t work. FWIW we still share a single Apple Store only AppleID, I use a different AppleID with iCloud.

[3] nvAlt is in maintenance mode for now — but so is Notational Velocity. Brett has a commercial replacement in the queue, as of today “it’s amazing and will probably be released”.

[4] Google’s broke Gmail usability with their last UI redo. I use Mail.app on iOS and sometimes Airmail on Mac, but mostly I gnash my teeth and weep and use Gmail.

[5] Nobody would do this by choice. Is a legacy choice.  Works and I hate to change things that work.

[6] The corporate standard is IE 9 — thanks to legacy apps. So IE for corporate apps, Chrome elsewhere.

Taking advantage of AT&T's promotion: 2GB to 3GB for same price (exp. 11/15/2014?)

AT&T is offering 3GB of MobileShare data for the $40 price of 2GB - part of a price battle with Verizon. It’s the default for new customers, but existing customers can get it by using the web site as though changing data plan. This is what I saw on that screen:

If you do this be careful not to miss the Submit button on the final screen, it’s lost below the formal fine print agreement.

Based on my reading and what a rep told me, there’s no known catch and no contract. Since Emily and I routinely use 1.9 GB I considered going to 1GB and paying the overage fee, but there’s no new discount at the 1GB level.

AT&T used to charge us $15 for an extra GB when we occasionally exceeded our 2GB limit, so this promotional plan should save us $45 a year — and we don’t have to be quite so obsessive about our iPhone data use.

I’m not sure how long this offer will be in place, the fine print says you have to make changes before November 15, 2014:

We don’t have any contract with our MobileShare (all our iPhones are unlocked), so I’m less worried now about AT&T treating me badly. I can leave at any time.

The change was applied immediately. Instead of 1.8 GB left this billing cycle we have 2.8GB.

Migration assistant didn't seem to migrate my OS X Mail mailboxes and content

I used Migration Assistant to copy a user account from a Time Capsule backup (of a Lion machine) to a Mavericks machine. The Lion machine Mail app used the Google IMAP connection.

The behavior of Mail.app surprised me. Initially it appeared empty, though mailbox folders were present. Then, overnight, messages appeared to transfer from Gmail. They didn’t appear to have been migrated from the original machine.

Curious. I couldn’t find much about this on the net, so for now I’ll share without comment.

Adventures in using Migration Assistant to move one User from a Lion Mac to a Mavericks Mac

When my G5 iMac finally died (1995-2014) I first thought we’d need another machine - like Apple’s top-secret max value DVD containing laptop. As it turned out, we didn’t, which is probably not great news for Apple. I did have to reconfigure our existing devices and order an external display, but we ended up with a better hardware distribution than we started with.

The reconfiguration did require migrating a user from an older machine running Lion to a Mavericks machine [1]. That’s what this post is mostly about, so feel free to skip the hardware refactoring discussion.

The hardware refactoring

Before the G5 iMac (2005-2014) died our family of five (not counting Kateva) had 1 iPhone apiece, no iPads, a 2009 27” iMac [2], a 2006 MacBook Core 2 Duo (Lion) [3], a 2011 11” MacBook Air [4] and, of course the G5. (And two of the kids are getting school iPads in a few weeks.)

Each machine had its constituency. 

The SSD revitalized 2009 iMac is our family server and my personal machine — thanks to its 1TB Samsung SSD power I’d need to spend $2,800 to replace it with a better machine. The 2005 G5 iMac was used by the boys for writing and light web browsing, and it was a DVD playing / iTunes streaming entertainment center. The Air has always been sadly underutilized — it’s my laptop but I usually travel with a corporate winter thing. The 2006 MacBook (Lion) is the main homework machine and my wife’s laptop [5].

We played around with a few options, most of which involved spending about $1,600 and dealing with the pain of a new Mac [6], but we realized that we actually had everything we needed. 

So the 2009 iMac stays where it is, the 2011 Air will become Emily’s primary workstation (hence the account migration need), and the 2006 MacBook with its DVD player will get a $240 external 27” display with integrated speakers. It  will become the DVD/iTunes streaming media center and, with the new external display, a much improved homework machine [7].

All the hardware gets used, we save about $1,300 and weeks of pain (burning coals, pins in eyes, etc). 

Moving the user - quirks of Migration Assistant

I wanted to move Emily’s data from the MacBook (Lion) to the Air (Mavericks) and I remembered that Migration Assistant can move a single user account (or much more) [8]. So I hooked up the two machines with an ethernet cable and … it didn’t work. The User Accounts from the MacBook didn’t show up — only apps and config data appeared.

I did, however, see that I could move Emily’s data from the MacBook backup on Time Capsule. I hadn’t known that was possible. (Turns out this is also a way to restore User data to a new machine from the backup of a defunct device.)

Google told me the missing User option can be a permissions issue, so I did a safe boot (power up while holding shift key). That runs a number of cleanups including permissions repair and disk utility repair. 

Then I turned WiFi off - to reduce any network confusion.

This time it seemed to work — until it hung with the dreaded “Less than a minute remaining” message.

From my reading it looks like this might be related to disk issues, or file corruption, or the fact that computers hate us (it’s mutual). There are a few options:

1. Run Disk Utility repair or Disk Warrior or equivalent, seeking the bad file. (I’d already done the safe boot, which I believe runs Disk Utility repair.)
2. Wait overnight. Sometimes many hours later, the process may complete.
3. Force quit Migration assistant on the sending machine.
4. Use Time Capsule instead. (Yay!)

I decided to let it run overnight and try a force quit in the morning… but the MacBook closed its session. I noticed it was repeatedly trying to logout, and in user preferences security was set to logout after 8 minutes of inactivity. I wonder if the logout attempts were causing the problem. I ran fsck -fy in single user mode but the MacBook seemed fine.

So rather than try again I switched to Time Capsule using a direct ethernet connection. It took 16 min to move the data over. I ran into 1 (replicable) UI bug that’s hard to explain. If you don’t see a “continue” prompt, click somewhere else.

Then I tried email - and saw nothing. As I submit this post it appears emails are streaming in from Google - NOT from the backup. I may be running into Mavericks Gmail problems, compounded by a migration from Lion. I think that’s going to be a different post. (At least I have the original machine to work with!)

PS. The Air has an encrypted drive; Mavericks Migration Assistant does not automatically enable migrated non-admin users to unlock the drive on startup. That has to be done in security settings from an admin account.

- fn -

[1] I’m waiting a bit longer before going to Yosemite.

[2] Which, like the G5 iMac, had a troublesome youth, multiple hardware issues, and display discoloration — but has settled into a reliable middle-age. People wonder why I hate buying new Macs.

[3] Suffered from plastic case disintegration syndrome — I missed the recall notice for that one. Has had off-kilter hinges and 1 dead drive, easily replaces because it’s freakily easy to service. Yeah, I hate buying new Macs.

[4] Aside from the early demise of the power supply (replaced by Apple) this machine has been insanely trouble free. Reminds me of the remarkably reliable machines before Jobs and Ives. I can’t explain why the Air actually seems to work.

[5] She likes it, and she doesn’t like dealing with unreliable machines.

[6] Typically something between needles in the eyes and walking on hot coals.

[7] If the drive falters I can put in 250GB SSD for $120 or so and it will be supercharged. This was one of the last of the truly serviceable Macs.

[8] If an account of the same name already exists on the target machine Migration Assistant will help, but I prefer to delete the target machine account if, as is usually the case, it’s not worth keeping.

Wordpress spam comment hole and fix

I had comments turned off in Gordon’s Shares [1], but on a rare visit to my admin Dashboard I found 15,000 spomments in the Pending queue [2]. They looked to be all spam, there were several from today, and they were largely related to old posts.

That was a surprise. The blog has comments disabled, there’s no way in the UI to create a comment; I presume the attackers were leveraging an API bug. So in addition to confirming the Commenting was disabled, I also restricted the (disabled) commenting to registered users (which would be me). That seems to have fixed the problem.

[1] Mirrors/archives [1] my pinboard shares. Current setup is a bit different than 2012:

• Pinboard shares to ADN via Pourover and RSS.
• Pinboard shares to Twitter and WordPress via IFTTT

[2] I used the Delete All Comments plugin to clear out the 15K — it transiently tied down my database but it worked.

Update 10/9/2014

Stunningly, this is working as designed (via @martinsteiger)

If you have unchecked Allow people to post comments on the article on the Options > Discussion panel, then you have only disabled comments on future posts.

This is the kind of thing that gives open source a bad name -- and it doesn't say much for the tech journalists who praise the WordPress organization either. Looks like a great way to do a DOS attack on a WordPress site -- fill up database storage with spomments.

Happily my workaround works perfectly.

ptel Real Paygo fatal flaw: it's a prepay plan that runs up overage fees

One of the reasons we use prepaid plans for the kids is that there should be a natural limit on overages. If Apple’s mediocre iPhone Cellular data controls break down, perhaps due to the iOS 7.1.2 cellular data bug [1], our losses are capped.

Not so with ptel Real Paygo, a service I recently compared to H2O mobile. My son’s cellular data was disabled two days ago, and when I inspected his account I found this notice:

His did make use of that data, perhaps due to an iOS 7.1.2 bug (thanks Apple) [1]. He still shouldn’t have run up an actual overage however. ptel should have run his account to zero and then cut off service. Instead they ran up the equivalent of 3 years of his typical usage - perhaps due to problems in ptels accounting infrastructure (in which case the honorable thing would be for them to “eat” the overages they didn’t block).

I haven’t bothered pursuing this with ptel — I’d been planning to switch my sone back to H2O wireless after H2O provided a profile to enable 4G data services on the AT&T network. So I abandoned the ptel number. He doesn’t get that many phone calls, so reactivating iMessage on these MVNO networks is the primary pain. I’m just glad this didn’t happen to my daughter. Changing her phone number would be a Richter 10 crisis.

I hope H2O doesn’t have the same abominable practice. Google searches didn’t turn up anything about this practice, but I might not have the right search terms.

[1] My son ran through 1.2 GB of Podcast data on his prepaid account. I have screenshot evidence that Podcasts.app was set not to use Cellular data, and when I inspected his phone changes to the cellular data controls were restricted. Nonetheless, Podcasts.app cellular data access was enabled. I’ll keep an eye out for a class action suit …

iOS 7: Apple may have broken Safari by changing iCloud sync behavior

My son’s iOS 7 Safari began loading very slowly and crashing on bookmark entry.

Disabling Safari sync in iCloud settings fixed the problem.

I assume Apple has made changes to iCloud as part of their general iOS 8 screwup, and those changes are now impacting iOS 7 users.