This week’s Techno Bits focuses on my Summer Engineering Project: using Raspberry Pis for fun and profit! It was a lot of fun to do some hardware stuff for once, and I’ve ordered some extra kit goodies to try and do some other fun stuff with the Raspberry Pi with cameras and sensors and stuff. I also explain how to buid a RetroPie machine for retro gaming.
Last night, I presented at MacDMV on the importance of Testing iOS 10 and Sierra in your environment. The slides and presenters notes are available as a PDF Download. You can also watch the presentation below via Facebook video. The presentation begins about 3:30.
Testing Sierra and iOS 10 is incredibly important, because you need to be ready on Day 1 in case your users update ahead of your wishes. You need to know whether you can make your existing systems work, or if you’re going to have to expend the political capital to roll them back. Do you have a testing setup? Do you have a testing plan? Do you know how to submit good feedback to Apple? This presentation will help.
I’ve also built a Sample Testing Checklist for your environment, available as a PDF below, and also as an editable OmniOutliner file so you can make your own editable list.
What’s the sane way to make sure that you’re not aggressively stupid with Munki changes? How do you maintain an orchestra of munki servers without relying upon a source control scheme?
This Week’s Newsletter has a doozy:
Conferences also show you exactly how much work you have left to do. And that’s okay, work isn’t a bad thing. It just sometimes puts that workload in stark relief and that can feel a little bad sometimes. Technical Debt is difficult to overcome because it requires a change in understanding – and often times training – but it serves to make your organization stronger.
Below are the slides for my 2016 Talk at MacDevOps on Securing Munki. The talk was a good way to revisit what I’ve done with Munki in a Box and discuss some of the maybe not-so-great choices that were made along the way to get to where we are now with the security branch.
The talk focuses on the nature of the munki transaction, and where your deployment system can be vulnerable to attacks from casual interference, dedicated individuals with a grudge or a motive, or larger actors. There is also some advice about how to mitigate the problems that are presented by the architecture.
I’m not a fulltime security anything, but I’ve learned a lot in the last year by doing things that maybe aren’t advisable any longer. So, to anyone who used MIAB before 1.5.0 beta 2, there’s some work you should do to secure your repository if you meet certain use cases, and I strongly recommend that you adopt SSL encapsulation of the munki transaction, and the use of HTTP Basic Auth to secure your repository against prying eyes.
I’ll be making some changes to MIAB over the summer to automate the creation of a CA and enrollment of device certificates using the micromdm scep library and a web server that actually isn’t part of Server.app (likely to be the Go-based Caddy server as described by Viktor in a great blog post)
We got the chance recently to sit down with Arek Dreyer, author of so, so many books, in time for the release of his new 3rd Edition of Managing Apple Devices. We talked about WWDC, writing books like Managing Apple Devices, as well as nearly getting arrested in a Chicago Server Room, and the first apps we bought. Co-hosts Charles Edge and Emily Kausalik were awesome, as was our mixing engineer Aaron Lippincott, who made us sound amazing.
I suppose we could’ve made that “tails” and had a good laugh about how cute the puppy was. Episode 5 saw us talking with Andrew Seago of MacBrained, as well as Miles Leacy of Walmart. We had some audio drama, but we learned a lot in the process. Listen in for discussions of WWDC’s rumor mill, single sign-on as it stands today and in the future, and a whole segment on the importance of communities like the awesome MacBrained.
Knowledge is tricky. Some kinds you can only acquire through experience, dug deep in the trenches amid the fray. Other kinds come easily in books and training manuals and classes held in labs. No matter how you learn, there are good resources in print for the Mac Admin, be they books and manuals, blogs and journals, magazines and other news media. This library, catalogued below, is far from canonical, but it does have the resources that I consider to be the best of breed.
If you think I’ve missed the mark for some reason, or you think I’m missing something great, drop me an email and we can figure it all out.
Please note: Some of these may be in your local library’s collection, either digitally or physically, and libraries remain great technical resources. Use yours!
- Enterprise Mac Administrator’s Guide – Charles Edge & William Smith – Paperback & Kindle – Apress Digital Edition available
- Enterprise Mac Security: Mac OS X – Charles Edge & Daniel O’Donnell – Paperback & Kindle – Apress Digital Edition available
- Managing Apple Devices, 3rd Edition [Pre-order] – Arek Dreyer & Adam Karneboge – Paperback (2nd Edition (Dreyer & White) is out, covers 10.10 & iOS 8)
- OS X Server 5.0 Essentials – Arek Dreyer & Ben Greisler – Paperback & Kindle
- OS X Support Essentials 10.11 – Kevin White & Gordon Davisson – Paperback & Kindle
- Learning UNIX for OS X – Dave Taylor – Paperback & Kindle – O’Reilly Safari
- Mac OS X and iOS Internals – Jonathan Levin – Paperback & Kindle
- Mac OS X Advanced Systems Adminstration – Edward Marczak – Paperback & Kindle
- Essential Systems Administration – Æleen Frisch – Paperback & Kindle – O’Reilly Safari
- UNIX Power Tools – Peek, O’Reilly & Loukides – Paperback & Kindle – O’Reilly Safari
- Tubes: A Journey to the Center of the Internet – Andrew Blum – Paperback, Hardback & Kindle
Sometimes, you just need to get up-to-speed quickly, or need a good example of how someone else explains a product or one of its features.
- Take Control of Slack Basics – Glenn Fleishman – PDF, Mobi, ePub
- Take Control of Slack Admin – Glenn Fleishman – PDF, Mobi, ePub
- Take Control of OS X Server – Charles Edge – PDF, Mobi, ePub
- Take Control of iCloud – Joe Kissel – PDF, Mobi, ePub
- Photos for Mac: A Take Control Crash Course – Jason Snell – PDF, Mobi, ePub
Networking & Wireless
- CWNA Deluxe Study Guide – David Coleman & David Westcott – Hardcover
- CWTS Official Study Guide – Robert Bartz – Hardcover & Kindle
- Cisco Routers for the Desperate
- Network Fundamentals: CCNA Exploration Companion Guide – Dye, McDonald & Rufi – Hardcover, Paperback & Kindle
- 802.11ac A Survival Guide – Matthew Gast – Paperback & Kindle – O’Reilly Safari
Network Warrior – Gary Donahue – Paperback & Kindle – O’Reilly Safari
Learning the bash Shell – Cameron Newham – Paperback & Kindle – O’Reilly Safari
- Learning Python – Mark Lutz – Paperback & Kindle – O’Reilly Safari
- Learning Python the Hard Way – Online Course with Downloads
- Swift Programming: The Big Nerd Ranch Guide – Matthew Mathias & John Gallagher – Paperback & Kindle
- OS X and iOS Kernel Programming – Ole Henry Halvorsen & Douglas Clarke – Paperback & Kindle – Apress Digital Edition
- Mac OS X for Unix Geeks – Ernest Rothman – Paperback & Kindle
Mac Admin Blogs
- Rich Trouton – Der Flounder
- Greg Neagle – Managing OS X
- Nick McSpadden – OS X Dominion
- Pepijn Bruienne – Enterprise Mac
- Charles Edge – Krypted
- Ben Toms – MacMule
- Graham Gilbert
- John Kitzmiller
- Various Authors – Amsys
- Flying Toasters
- Scripting OS X
Mac Admin Podcasts
This is part of Techno Bits Vol. 71. If you’d like to read more like it in your email every week, sign up
There’s been a lot of talk lately about Apple’s competitive advantage, and how we’re standing at some sort of mobile precipice that might find Apple on the receiving end of the same treatment Apple gave to RIM a while back. It’s good to stop and think about these kinds of things, and that’s important.
But in this case, I don’t see the case being adequately made.
I think we are at a technological inflection point, but in a lot of cases, it’s Apple pushing the marketplace forward, not sitting still. The first of these cases is Apple Pay. The state of payment structures in the US is antiquated and terrible. We pay with plastic cards with magnetic stripes that are easily duplicated, a technology that has been subject to fraud since before I left college more than 15 years ago.
Europe banded together years ago with Visa and Mastercard to create the EMV Chip-and-PIN system to build better cards. I’ve had one in my American Express since 2001 or so. But only within the last year have I ever used it to make a payment. Why? Because no one’s incentivized a movement away from the stripe payment system. This past year, a change in liability for fraud started to push more contactless and chip reader terminals to the forefront.
I’ve spent the past three months on a project replacing all of the old stripe readers with new chip and contactless systems for a client with a large venue. We’re now four big events in, and I can tell you more about the problems in the payment space than I thought I’d ever be able to. The biggest problem with chip card transactions? Time and User Awareness. If you get a user that’s never used their chip card before, even with the best terminals on the market today, you’re adding 30 to 60 seconds of frustration and delay to the transaction. And that’s with the best terminals on the market today!
What about the mom and pop shop on the corner that has no control over that experience?
It’s pretty bad.
Even with the shiniest new terminals, they’re still not the bulletproof credit card swipers that we’re used to, the ones that rarely if ever malfunction, because their software was treated like the software to keep astronauts alive: it can only fail safe, it can only be changed rarely. It was ossified technology for good reason: it worked, and it worked well, and it worked for people who didn’t want or need to understand every moving part behind it. The credit card industry had made it simple by taking on the technical requirements and adhering to them in an act of ironclad religious devotion that you might find admirable in a cargo cult.
Sure, contactless is a better experience, thanks to Apple Pay, because they put a lot of thought into the user experience, but it’s still a vanishingly small percentage of commerce. Apple can do better here by evangelizing the ease of use to both commercial institutions and users alike. This needs to be better if we’re going to complete that changeover. In addition, these transaction times need to get better and not worse.
But, if you want to see what the future looks like for payments, read what happened when a Buzzfeed writer lived only off contactless and bitcoin for a period of time.
Let’s slide onwards here to another advantage that Apple has: research and engagement with the scientific community. Last year, they released ResearchKit, designed to provide the research community with necessary and almost futuristic backends for collecting complex data from layman users. It was a huge project, to the point it was released in a keynote by now-COO Jeff Williams last year.
Better still, Apple both open-sourced ResearchKit, and then released CareKit to help medical environments make apps that can persist outside of the care environment.
Apple has an unquestionable commitment to medical research with iOS devices as tools to help gather data.
Meanwhile, Android has ScienceJournal which looks like a tinker toy.
So, I don’t think that Apple is nearly as poised to fall as quickly as RIM fell, especially not with their massive cash reserves and revenues. But it’s important to stay agile, and I expect Apple won’t disappoint. Even if I don’t want a Siri bridge for home, it would make sense to build it elsewhere if only to help mollify concern they’re missing a crucial interface.
So, it’s not all bad. Even if the markets make it seem that way. Apple is best when they have to compete for their lives. I look forward to seeing them hungry and behind. It’s when we get the best work from them.
Links to Read
- Blacktip: We’re moving from Google to Office 365. [Blacktip IT]
- Windows 7 (Sort of) has a Service Pack 2 [Ars Technica]
- A 4K Display that can actually be 4 different HD displays. I want this SO HARD [The Verge]
- A real virus affects Ubiquiti AirMax Antennas [UBNT Community Forums]
- Collecting 802.1X data using Python [Mike Lynn’s Github]
- Dealing with Documentation Debt [18F]