Sunday, September 27, 2020

iCloud backup and my lost authenticator codes

When my local Apple store tech was unable to remove the battery from my iPhone 8 they gave me a new device -- which was SIM locked to AT&T.

Well, everyone has to start somewhere, including Apple techs. Hope they improve soon.

Anyway, between the initial restore and the factory reset to clear the SIM lock I've been through two iCloud restores in the past week.

iCloud restores kind of suck now. I think they worked better a few years ago. The good news is that my photos were restored (I don't use Apple Photos/iCloud so I needed that backup). The bad news is that so many apps needed credentials reentered or new certificates generated -- especially when doing a restore after a hardware change.

The worst news is that Google Authenticator lost my authenticator codes. As near as I can tell they are restored from iCloud if the hardware is unchanged, but not if the hardware changes. Or maybe it's a bug. Whatever the reason, I lost 'em. 

It was suspiciously easy to regenerate Authenticator codes for my Microsoft account. Not too hard for Google either, because  they've moved to preferring an Apple-like proprietary two factor authentication mechanism. It is a bummer for Dreamhost though -- so now I'm going through support to try to recover access to my domains and web content.

It's hard to reconcile security and backup/restore. For example, Google Wallet and your biometrics (finger/face) aren't backed up either. On the other hand your Keychain credentials are in iCloud, and anyone who can get into your iPhone can read all of your passwords (try: "Hey Siri, Show me my passwords" or see Apple's hidden password manager). So your 4 digit Apple device passcode is not a great idea.

PS. I'm storing Authenticator codes in 1Password now. Which, like most small company software, has its own security concerns, not least that it would be relatively easy for China, say, to acquire the company or insert a backdoor into the source code.

Saturday, September 19, 2020

ToDo apps: Microsoft's solution

I've used Appigo's ToDo app for about 12 years (with Toodledo at first). It's had problems over the years, but in general it's been a good subscription choice. There's a fairly hard data lock (maybe SQLite?) but manual reentry is feasible albeit annoying.

Lately, however, ToDo has been more ragged. A recent server side change induced a date bug (time zone?) that in turn showed me I was using a macOS app last updated in 2016. It appears to have been abandoned on the Mac App Store. When I went to Twitter I found Appigo's account was closed years ago for violating TOS. Eventually I found I could download a current version of their other App Store app from their web site.

At the moment the app is more or less working again, though parts of the macOS app UI are kind of weird. I figure there was some violent ownership transition with lost dev passwords in Appigo's history (maybe they got ransomwared?).

I decided to go shopping again. I'm looking at:

  • Apple Reminders: hard data lock and I have to upgrade from Mojave to get to latest version (not happening).
  • Google Todo: this is one hell of a weird product. WTF is their web strategy? Tied to Gmail? Tied to Calendar? At least there's data export.
  • Things
  • OmniFocus: poor Omni is in some disarray ...
  • Microsoft To Do
Today I dug into Microsoft To Do. Of course it's a mess, but this is 2020 so we expect that. The mess starts with Microsoft reusing product names. To simplify a bit:
  • There are classic Outlook Tasks. I'll call these TasksClassic. TasksClassic was excellent in many ways, including, once upon a time, great import/export options and lots of view flexibility (I like to sort by last modified!). Unfortunately it's dead, just barely hanging on in the current desktop app with some degree of synchronization with the new product.
  • There's the new Wanderlist-based product variable called Microsoft To Do and ... Outlook Tasks (name reuse!). I'll call these TasksW for Wanderlist.
If you open the Help screen page for macOS TasksW (To Do) it takes one to a page on Outlook synchronization that's obsolete -- because the Outlook.com version of Tasks has switched from TasksClassic to TasksW. On the other hand the version of Office 365 on my Mac still has TasksClassic, and it does synchronize with TasksW as displayed on macOS and iOS Microsoft To Do.app.

Are you still with me?

This gave me a brief moment of hope that there was some data freedom here. I remember the import/export options of old Windows Outlook. Alas, the only import/export from macOS Outlook is Microsoft's PST format. There might be some way to do things with Outlook Windows or with 3rd party tools but I don't have the energy for that.

At this time I think TasksW is probably a decent enough product, but this has reminded me how screwed up Microsoft is. So I'm setting this one aside for the moment.

See also:

Sunday, August 16, 2020

Can you do a Time Machine backup to a USB flash drive (thumb drive)?

 I'd wondered if it was possible to do a Time Machine backup to a cheap Flash Drive. My daughter is going to college and probably doesn't have a great need for backup (iCloud Document/Desktop, iCloud Photo, Google Docs, etc) but I'd still like to do something.

So I wondered about a compact Flash Drive. In the twilight of the web Google couldn't find me an answer, so I ran my own test. I used an old San Disk Ultra Fit 128GB USB 3.0 Flash Drive in an old USB 2 MacBook Air running High Sierra. I formatted the Flash Drive as encrypted HPFS and let Time Machine run the backup.

It took about 4-5 hours to do the initial 80GB backup but it seemed to work fine.

I doubt these Flash Drives are super reliable, but I think this is an option. I can see taking advantage of it while traveling for example. Unfortunately her 2020 Air doesn't have an open USB slot where an Ultra Fit could live, but it could be a part of her Anker 7-1 USB-C docking station. A modern San Disk Ultra Fit USB 3.1 is $33.

Friday, August 14, 2020

Chrome malware: Managed by your organization

I think my son installed a "managed by your organization" chrome malware extension when he was trying to find Flash. This one showed in Chrome as "searches.network"

The obsolete Federal government website required for his US census enumerator job probably directed him to get Flash. I wouldn't be shocked if he got the malware directly from the Federal site. US government web sites are notoriously insecure. [1]

This class of malware now works by installing an unsigned profile on the user's Mac that activates Chrome's "managed by your organization" mode. It locks the home page and search page so traffic is routed through the malware's server and it prevents a Chrome reset. (It may do other things as well of course.)  For some reason it locked him into Bing, which was a dead giveaway. Smarter malware wouldn't have changed the default search engine.

Once upon a time a quick Google search would have explained how to remove the malware. This is 2020 though, so Google's search results on this topic are mostly garbage. I found one result on a garbage site, however, that must have been partly based on a real site. That clued me to the profile. Once I deleted it then I could do a full Chrome reset. Once I knew the fix I found this guide, which covered the territory. (I can't tell who manages the site, I hope they make money by malware app referrals rather than anything more ominous.)

Before I did this I followed advice from a trusted source and installed the free (but suspiciously marketed) Malwarebyte antiviral. It found nothing. I'll try running one or two more antivirals (AVG, Sophos). Malwarebyte is an easy uninstall, so points for them.

[1] I am the solo family geek, my digital-age children seem to prefer the 18th century. My theory is the latest generation has the same take on computers that, at the same age, I had on automobile engines. It should just work, and if it doesn't work an old person might understand it.

Monday, July 20, 2020

Blogger (draft) supports mobile

If you are using Blogger Draft you will find that it works fairly well in Safari.app and Chrome.app for iOS.

The new interface is responsive. 

I’d prefer a different font for writing on mobile but it’s very doable. Competitive with WordPress mobile app but expect some rough edges.

(Eons ago there was a mobile app for Blogger, but it was discontinued. I doubt it will return.)

Sunday, June 28, 2020

Carbon Copy Cloner was quietly excluding 1Password stores from backup (Corrected: app, not data stores)

This morning's heart attack:

"CCC no longer excludes 1Password by default."

What the fork were they thinking?!

-----------
Update: OK, looks like they did this briefly in 5.1.18 and, even though their language is sadly unclear, it was the the 1Password app rather than the 1Password credentials that were not being backed up. That link lists all the files not backed up, though as of today it's not been corrected for 5.1.19.

So I still have chest pain, but not a heart attack.

Wednesday, June 24, 2020

Python macOS environments for learners in 2020

My daughter is auditing Coursera's Intro to Python class. It's pretty standard stuff, but I was surprised by the development environment. For macOS there's a non-trivial Python install that requires some unix knowledge, use of the Homebrew package manager, dealing with admin vs non-admin user issues, consideration of pyenv, editing the path, and finally installing Python.

That's a long way from the ease of, say, TurboPascal circa 1983.

I figured there had to be a better way, but Google only found me some pro-level IDEs. It fell to Twitter to clue me in to the modern scene. The 4 good modern options turn out to be:
  • Google Colab: absolute easiest and least painful. I believe the Python code executes in the browser, so it's substantially slower than execution directly in macOS.
  • Microsoft Visual Studio Code for macOS: this does require the traditional Python install with Homebrew, but it's a very beginner friendly environment. The Python plugin provides Jupyter support.
  • Homebrew Jupyter: similar to Colab but like Visual Studio is part of the Homebrew/Python path.
  • Azure does Jupyter Notebooks (via @jhovland) at notebooks.azure.com.
Years ago I ran into iPython as a novice environment; turns out it morphed into Juypter.

It's a sign of the times that Google search didn't turn up a blog post with these options. (It won't find this one either, I'm way off Google's radar now.) Once I'd identified the above options however I could do a Google search to find an educational resource that did mention then:

There are many ways to write and execute Python code:

Python tutor (online, visual debugger)
Python interpreter (command line)
Visual Studio Code (editor, good debugger)
Jupyter (notebook)
Google Colab (online, collaborative)
 
During this lab we see all of them and familiarize with the exercises format. For now ignore the exercises zip and proceed reading.

That site is the University of Trento's data science lab course, updated 2019/2020.  The U of Trento was founded in 1962. Reading the wikipedia page it seems to have started out focusing on sociology (and, given the era, was likely a wee bit Left) but now seems to be very tech.

The course material is presumably translated from Italian. It's quite readable though it would benefit from a native speaker updating the GitHub content. Judging by my little test it may be one of the best resources of its kind.

See also:

I came back to Python for course on working with the OpenAI ChatGPT LLM. This time around I used Visual Studio Code with the Jupyter support. I use the default Python PIP package manager but I think Microsoft favors Conda. As of 2024 CoPilot is an option but it is not free.