Sunday, September 06, 2015

Weirdness with Yosemite Google accounts and email configuration: "This message may not have been sent... Report phishing"

I noticed my daughter was receiving email sent from my iPhone with my email address but the sender name of “Gmail personal”.

It took a while to figure out that this sender name was coming from how I named one of the user accounts for Mail.app … on OS X.

I really don’t understand this, but a Google search somehow sent me to this seemingly unrelated conversation ...

Fortunately, I know better than to ignore the nsAI of our time (non-sentient AI) - so I started poking around the configuration of my “Internet Accounts” (Yosemite, click Details after choose account name) and my OS Mail.app Account settings (which are sort of like the “Internet accounts” and sort of not like them).

There I found some oddball settings for Outgoing Mail Server — on a freshly configured machine (I didn’t migrate from prior machine):

Screen Shot 2015 09 06 at 8 57 01 PM

Screen Shot 2015 09 06 at 8 57 29 PM

I deleted the odd outgoing mail server .. .and Mail.app stopped sending email.

There’s a problem with Yosemite and multiple Google accounts on one OS X user account. i’m still figuring this out. I suspect the keychain is involved...

Update: It seems to be working at the moment. I had to create a unique SMTP server for each account and entering my Google credentials (2F bypass password for one of ‘em). I don’t think it’s supposed to work this way. I think in theory there’s a typical Apple hack whereby one does Google authentication in OS X System Preferences and OS X is supposed to create keychain entries Mail.app uses. In practice this appears to fail when a user has more than one Google account...

An AskDifferent thread also implications the keychain, and since the keychain is iCloud synced its configuration can poison multiple clients. i suspect Apple (engineer? product?) simply decided to ignore people with multiple Google accounts.

Update 9/26/2015

In much the same thread I ran into a similar configuration problem on a different Yosemite Mac. This time a correspondent reported Google was warning him my email was suspicious:

Screen Shot 2015 09 26 at 3 03 46 PM

I figured that Google was seeing a mismatch between the stated sender domain and the SMTP sending service domain. When I looked in Mail.app account configuration (not to be confused with OS X account configuration) I found this:

Screen Shot 2015 09 26 at 3 00 02 PM

I have two Google accounts configured, one a Google Apps account (single factor) and another a Gmail account (2FA). The “Home” (2FA) account was using the SMTP server I’d labeled “Gmail Work”. Wrong one.

I switched the the Gmail Home (my definition) SMTP server, which was setup this way by OS X. NOTE the lack of password. Despite the UI displayed here OS X doesn’t actually use the account password. It does some other form of authentication for this 2FA account, possibly via some OAUTH token magic stored in the OS X keychain (which is synchronized between devices, and since Google looks for matches between device and credentials I suspect that causes issues):

Screen Shot 2015 09 26 at 3 05 20 PM

After switching the SMTP service to this one (“Gmail Home”) my next email did not generate a phishing warning.

Friday, September 04, 2015

AT&T Mobile Share - Reviewing our options

Emily and I switched to AT&T’s no-contract shared data plan over a year ago and saved about $25/month. With the iPhone’s (crappy compared to Android) cellular data use controls we were doing pretty well with 2GB a month. Unfortunately over the past year Google Maps started using a lot more data (no idea why). Between Google Maps and adware bloat we started to hit 2.5GB/month — but then an AT&T special (we had to request) gave us 3GB/month for the same rate. There’s no contract to change by the way, so it’s much less worrisome to make changes now.

During this time the kids were on H2O wireless prepaid. H2O wireless worked well for years as a $40/year voice only service, but things got more strained when #1 needed reliable data services (find friends in particular) and #3’s social necessities required high volume SMS. Then we ran into the flip-side of MVNO’s low cost — truly lousy customer service. We’ve since ported two of the kids numbers to the AT&T mobile shared data plan, one remains on H2O (he almost never uses his phone).

So now we have 4 devices on AT&T mobile share. Time to examine plan options.

That’s almost impossible to do except by requesting a plan summary handout from an AT&T store. Almost … except that using phrases from the handout I located the equivalent very well hidden readable online mobile share plan summary (of course it doesn’t include corporate discounts many of us have).

We currently have 4 devices ($25*4=$100) and 3GB — except that AT&T did something weird the other day. Our official plan is “3GB” for $40, (this is what a store account rep sees), but we actually have “3GB and 3GB Bonus” or 6GB for $40. A Reddit poster interrogated an AT&T phone rep about this mystery bonus:

In an effort to recognize our customer’s loyalty [tenure], we want to show you our appreciation and thank you for being our customer by giving you more data for the same monthly MRC. You don't have to do a thing to get more data – we automatically added it to your plan at the start of your current bill cycle! If you decide to change your plan, including a change in your data bucket size, you will be allowed to select any current plans offered at that time; however, this promotion will no longer be available

So our total cost, pre-discount and not including significant hidden fees and taxes, is $140 for 4 devices and more data than we need (6GB plus rollover).

Looking at the current plan summary we could do 3GB for $45 (2GB for $30 plus $15 for extra GB) - but that’s less data for more money and same device cost, $145. Or we could do 20GB (much more than we need) for $140 plus ($15*4=$60) for devices, or $200. That plan includes free Canada calls, but we do that for free using Google Voice. That would be a terrible waste of money.

More interestingly we could drop to 2GB for $30/month, total cost $130 for $10/month reduction (over the past year AT&T has dropped cost of 2GB plan by 25%). I think, with rollover, we’d vary between 1.8 to 2.9 GB/month for an average cost of about $135/month. Slightly less than our current plan, but not a big difference and the data hassle would be much larger.

So we’ll stay where we are. Your numbers will vary; we get a typical corporate discount as well and those are certainly worth pursuing. We will continue to track Ting and its growing GSM use and, of course, T-Mobile.

PS. Incidentally, AT&T has a new SIM Unlock procedure, saw this while reviewing my account:

Apple iPhone 4S
PUK: ##########
Follow these steps to unlock your SIM card:

Enter the eight-digit PUK above, then select OK/Yes. Note: Some Motorola phone users will need to enter **05* if "Enter PUK" isn't displayed. Then enter the eight-digit PUK and select OK/Yes
Choose a new PUK and select OK/Yes
Re-enter the new PUK and select OK/Yes
If the codes were entered correctly, you can now use your phone

Have an iPhone?
If you enter the wrong PUK 10 times in a row, your SIM card will be permanently deactivated. You might see a message like "PUK blocked. Call operator." You'll have to start over. You can:

Buy a new SIM card from an AT&T retail store
Use our technical support chat (full site) or call us at 800.331.0500.
Have a different type of phone?
If you enter the wrong PUK 10 times in a row, the SIM card will be permanently locked. If you see a message like "PUK 2," you'll need to:Buy a new SIM card from an AT&T retail store

Monday, August 31, 2015

Yosemite Mac Calendar.app travel time feature isn't compatible with Google Calendar

Travel Time for Appointments in Apple Calendar (Yosemite) is a nice feature, but it’s not compatible with Google Calendar. I suspect travel time is an attribute of the appointment, not a separate appointment, and it’s not a standard CalDAV feature.

So if you’re using iOS or OS X Calendar.app with a Google Calendar back end don’t bother with this feature. 

Is kind of nifty I admit.

Wednesday, August 26, 2015

Parental Controls? Home VPN? Turn abandoned PC into Sophos firewall for free home use.

Via app.net@remus I’ve learned that Sophos has a free for non-commercial (max 50 IP) home edition product:

Free Firewall: Home Edition for the Sophos UTM Firewall

Our Free Home Use Firewall is a fully equipped software version of the Sophos UTM firewall, available at no cost for home users – no strings attached. It features full Network, Web, Mail and Web Application Security with VPN functionality and protects up to 50 IP addresses.

The Sophos UTM Free Home Use firewall contains its own operating system and will overwrite all data on the computer during the installation process. Therefore, a separate, dedicated computer is needed, which will change into a fully functional security appliance. Just right for the spare PC you have sitting in the corner!

… Use Web Filtering to stop sites from infecting you with viruses and spyware, keep your kids from surfing to bad sites, and get full reporting on the activity in your home…

… Dial in using Roadwarrior VPN access to securely use Remote Desktop, transfer files, and even print, from anywhere in the world, even from your iPhone...

The usual installation is on an old PC, but it can be used "within a virtual machine … Virtual appliance can be run directly in any VMware vSphere Edition”. From a quick read however an old PC with two network cards is more practical.

One should proceed with caution however - the download page has a bad link to a “Sophos Community” support forum; the real forum is hidden away at an astaro.org url. I assume this product was acquired from astaro. There is activity on the forum, but you need to be prepared for some pain to make this work.

Other VPN alternatives mentioned in that app.net thread: OpenVPN (easier to setup than OS X Server VPN) and, of course, Synology NAS. I think you’d only want to try this product for the web filtering and monitoring features.

Tuesday, August 25, 2015

Mac web authoring for non-experts: My choices 2015.

In the beginning we wrote web pages in BBEdit and we FTPd them to a NeXT box.

Things progressed quickly. Almost two decades ago, when Microsoft FrontPage 97 was released and Macromedia created Dreamweaver, there were many powerful Windows applications for creating largely static web pages - with dynamic reflow based on HTML tables [1]. Operating systems, like Windows 95, shipped with a native web server. Netscape added Composer, fulfilling TBL’s original vision of the web as authoring environment. Non-technical users worked with server based systems, ultimately producing millions of web pages on sites like GeoCities [3].

Technology has moved in odd ways. There’s nothing quite like mass market FrontPage today, though Sharepoint Designer/Wiki came close and SeaMonkey survives. Dreamweaver is the strongest survivor of the original era, but it has evolved into a high end tool leased for $20 a month. I don’t think there’s a practical way to move Dreamweaver content to another platform, so adopting Dreamweaver is a deep commitment to the Adobe platform.

At one point I thought the Wiki would fill the vanishing mid-market niche [2], but Wiki solutions seem to have stalled out - much like WebDAV technologies. iWeb/MobileMe came and went quickly - an early sign of Apple’s decade (so far) of dysfunctional application development and fondness for destroying customer data.

Today developers hand code web sites in Coda, a programmer’s tool not so different from the BBEdit we started with. Other experts use Adobe's deep lock-in solutions, from Dreamweaver to Muse ($15/month) or open-source server-based WordPress (Less technical users some might use Blogger in a similar way).

For non-experts Weebly’s small business oriented server side authoring platform is an option, but it’s another deep data lock commitment to one vendor. Google Sites, amazingly, is still around, but focused on intranet solutions.

There are two longlived Mac desktop products both sold for $80 on the Mac App Store: RapidWeaver (presumably inspired by DreamWeaver) and Sandvox. I’ve tried both in the past, Sandvox more frequently than RapidWeaver. Neither product supports wysiwyg table authoring. RapidWeaver was last updated in January of 2014 and has three stars in the Mac App Store; it may be in maintenance mode. SandVox was last updated in April 2015 and has recently added a hosting service (revenue stream!), it has 4-5 star ratings. It’s App Store page still references iPhoto and Aperture however. Of these two I think Sandbox is more likely to make it to 2017.

It’s rarely mentioned anywhere, but TextEdit will export to well formatted HTML, and it even has table support (since 2006 at least). You can embed images and export — but only in single file “webarchive” format. As a simple page editor it’s not too bad, and it’s as standard as anything is these days, but the image limitations are a killer. (I suppose one could similarly author in Pages then view in Pages/web and export the code.)

Similarly one could author in Blogger or WordPress (example: free wordpress.com blog) wysiwyg mode, switch to HTML mode, and paste the HTML into a text editor (Coda?) for FTP upload. Or I could author in MarsEdit (as in this post) and similar export the HTML view as a file. Nisus Express and Pro both include HTML import and export; I don’t know how well their table export works and if embedded images are exported. When I last tried them years ago they weren’t a practical HTML authoring solution.

Google Docs work quite well for sharing and editing online, but they’re not useful for a root (www) web document. Very proprietary of course, but in some ways Google Docs are the closest thing we have today to the original view/edit vision of the www. I haven’t tried sharing iCloud Pages web sharing, but it seems like it would work similarly; it also can’t serve as root page of a web site.

Of the options today, what makes the most sense for me? There aren’t a lot of options on the table, so things should filter quickly with a few constraints:

  • I’d like to avoid dying products.
  • I want to be able to produce a reasonably pretty looking site without a lot of effort (iWeb pretty at least).
  • I’d like a solution that works with Dreamhost and it’s (typical) constraints on www/domain mapping [4]. 
  • I don’t want to sell my soul to Adobe. 
  • I’m not a developer and web authoring isn’t my profession. 
  • I really miss wysiwyg HTML tables and table based layout, but they are clearly gone. Still, I’d love basic table support.
  • I’d prefer to avoid hard data lock.
  • I’d like something that managed a site and updated links when I rearranged web page relationships or renamed pages.
  • I’d like to avoid major malware and security issues. Static sites are very nice that way.
  • Mac (or course) or Safari if server based.

Based on my review of the options, and applying my constraints, it’s easy to see that my best choice is ….  is …. Ok. Nothing survived the constraints. It’s easy to see why I’ve been struggling with this for about 15 years.

If I relax a few constraints I think my least bad options are WordPress (free) and Karelia Sandvox ($80). So I’m going to try both of those — and maybe, if only to close the long loop, Coda too.

Am I missing anything?

See also

- fn -

[1] I think we took the wrong road when we entirely substituted CSS for dynamic tables; no modern tool approaches the table management power of FrontPage 98. Perhaps this happened because it was insanely difficult to manage table authoring by hand, it was really a job computers did better than humans.

[2] Speaking of vanishing mid-market, remember when personal finance software was big? Intuit is trying to find a buyer for Quicken and its future looks quite bleak.

[3] The immolation of GeoCities, echoed on a smaller scale with the 2012 death of MobileMe’s iWeb based web pages, should not be forgotten.

[4] The odd handling of the www domain is, I think, a legacy of early net development. It is a pain in the butt.

Update 4/29/2016

Sandbox can be used free for up to 5 pages. I gave it a good try with a book site I’m working on. The lack of both drag-and-drop placement and tables made me give up on Sandbox. 

Of course RapidWeaver doesn’t do tables either, but I’m going to try it anyway.

It’s obvious that tables are insanely hard to implement; I wonder if CSS support made the challenge even greater. I wouldn’t mind an editor that handled CSS tables, but no tables at all reminds me of all the software functionality and value we have lost over the past 15 years (yeah, Apple Aperture, I miss you.)

Oh, and vendors, please stop trying to tell us we don’t really want tables or that HTML tables are fine. You are just insulting our intelligence. Just say something like “tables are extremely hard to do …”

Thursday, August 20, 2015

H2O Wireless just redid their prepaid accounts. Might be time to abandon ship.

H2O Wireless has been a rock-bottom ultra-cheap prepaid AT&T MVNO for our kids phones. I’ve used ‘em for years Our #2 son, who never uses his phone, cost us about $40 a year ($10 minimum payment, lasts 3 months). #1 son costs us more, about $150 a year, largely because we use Find Friends to track his cycling. HIs data use on an unlocked iPhone increases costs. #3 (daughter) was costing about $20 a month in texting fees alone; we relented and put her on our AT&T mobile share plan.

Alas, our H2O days may be ending. Today I’m unable to access my H2O account. Sometime in the past 1-3 weeks H2O redid their account system for prepaid users. Each phone must have its own account, and for web access each phone must be registered with a distinct email and password. It’s no longer possible to manage multiple phones from one account. In an extra twist our phones may be orphaned — our account number was my personal AT&T mobile number, and that’s not an H2O number. Their system upgrade didn’t account for that possibility.

Well, I knew that was a risk with a bottom-feeder service. I’ll have to see if I can salvage one of the accounts — it has a fair amount of credit on it (since I had to pay $40 a year to keep #2’s account open, but he rarely used any service). I can setup redirects on one of my domains, so I'll create unique emails of the form 1111111111@domain.com, give each account the same password, and see if I can salvage one or two accounts. I think it’s time to try again (ain’t easy, carriers cheat on portability rules all the time) to port #1’s primary number to AT&T.

Update

On further inspection there’s good news and bad news. 

The bad news is that the chat service rep had no idea how H2O wireless accounts work. I actually called a second time and that chat rep was following the same incorrect script — their documentation doesn’t match the site behavior.

The good news is that in reality the system hasn’t changed that dramatically. The contact number on the account doesn’t have to be an H2O number. You add H2O numbers to the account one at a time, entering a passcode (seems to make it rather easy to steal numbers, but there you go). Since I only learned this by experimenting with a new email address I seem to have moved the numbers from my old account to the new one, with balances intake.

The really bad news is even the 800 support number people have no idea how the web site works.

Oh, and one number won’t transfer. I think I just need to port that one to AT&T and live with the other two...

12/18/2015

I now have 3 devices that use H2O. One is an iPhone belonging to #3; his pattern of phone use means he costs $40/year still. I have another H2O SIM in a voice-only emergency phone and a $100 Android phone I bought for a book project. This is what I’ve learned with their new accounting system:

  1. There doesn’t seem to be “privileged” phone number, the system lets me associated an H2O number with an email address based account. This seems to be one-time procedure, once associated you can’t move number to a different account.
  2. For a new number you first activate it using their standard procedure, then from your H2O account you “add a number” They send a text code, if you enter that code you get the association. It sometimes shows an error message even when it works. 
  3. My latest SIM was an LTE SIM, but the standard data activation stage failed. I found a manual configuration page that worked even though H2O’s web site claims data activation requires a prepaid plan. I activated it constrained to 3G, but I found LTE works, so that was probably not necessary.

Friday, August 14, 2015

Deleting a sparsebundle: Disk Utility Erase doesn't work either. Or does it?

Years ago OS X Mountain Lion could not delete sparse bundles containing over 262,144 bands (2TB+). I don’t know if that’s still true, but when I had to remove a 1.7TB disk image today I first tried doing an Erase using Disk Utility.

Alas, this didn’t work. When I opened the image it was indeed empty. However First Aid on the volume reported it was corrupt. When I tried deleting it I got the usual OS X hang. 

So this problem is still around…

Update: on the other hand deleting the sparse bundle in Finder took 2-3 minutes rather than 12 hours. So maybe there’s something to this.