🔒 Patreon Special

IT Pros: exclusive shows await you on Patreon, focusing on the more challenging aspects of running your practice and working with clients and employees.

251: Some Serious 'Splainin' About Apple Products

/
Come see our live show at ACEs 2018! acesconf.com/ccp

Come see our live show at ACEs 2018!
acesconf.com/ccp

hqdefault.jpg

• 'Splainin': Originally derived from the TV series I Love Lucy: to give a false explanation to something you are trying to hide.

• Jerry mentions tracking slow times on the calendar for future reference and reflection

• Jerry picks Joe’s brain about different types of labor scenarios and how PsiMac offers labor services

• Joe and Jerry discuss the need to constantly reevaluate the optimal age of a Mac that might be a candidate for upgrade. When is it worth upgrading 2011-2012 iMacs?

• Jerry recommends the iFixIt Pro program for resellers to get a better rate on parts including the adhesive kit for 2012 and newer iMacs

• Jerry revisits the Mouse Jiggler app from Episode 246: Let Go Of My Echo or Echo Location that helped his Fusion Drive encryption proceed, and shares some excellent feedback from Tom Bridge re: encryption requiring the mouse to be moving. Tom suspected Apple is "using the entropy from the mouse cursor to do part of the encryption" which is apparently the case in High Sierra with APFS (although Jerry's drive was not APFS). See also: The Lava Lamps That Help Keep The Internet Secure

• installing MalwareBytes on High Sierra requires manually allowing the kernel extension to run by clicking Allow in System Preferences: Security & Privacy: General. It appears that it cannot be done using TeamViewer, or perhaps other remote access software e.g. Screen Sharing either. It must be clicked by a local user. See MalwareBytes forum posts 1 and 2

• the MalwareBytes kernel extension issue reminds Joe of an old issue where Keychain Access prompts for login password would require a local user with a physical mouse to click the Allow button. We discussed it two years ago in February 2016, in Episode 140: Tom Bridge of Technolutionary.com - Go iPad Pro or Go Home, in which we discuss the Apple security note About the security content of OS X El Capitan 10.11.1, Security Update 2015-004 Yosemite, and Security Update 2015-007 Mavericks, which explains a change to SecurityAgent: "Impact: A malicious application can programmatically control keychain access prompts. Description: A method existed for applications to create synthetic clicks on keychain prompts. This was addressed by disabling synthetic clicks." Also, we followed up in the very next episode, 141: Keep Your "clicks" Local and Organic!

• In honor of all the new segments (Joe's Conspiracy Corner and Think Like a Client), Jerry and Joe both bring back an old segment and share an "I Should Have Known This"

• Jerry shares a tip courtesy of our very own Sam Valencia: how to find which volume is the startup disk in Terminal

• Joe shares where the setting is to turn off the Offload Unused Apps feature: in Settings: iTunes & App Store

• Jerry brings up the 'Splainin' we sometimes have to do on Apple's behalf

• To round out the show, we share some of the challenges and confusion clients can feel when trying to decide on a new Mac or an upgrade

250: Interview - Justin Esgar of ACES Conference, Adam Engst Of Tidbits Contenet Network & Adam Rice of AdamRice.org .

/

Join us all at ACEs Conference on May 9th & 10th in Baltimore, MD! 
https://acesconf.com/ccp

ACEs Conference was created for one reason and one reason only: To help IT consultants grow their companies.With unique, premium content delivered by world-class speakers, ACEs Conference is the place for inspiration, ideas, business networking, and…

ACEs Conference was created for one reason and one reason only:
To help IT consultants grow their companies.

With unique, premium content delivered by world-class speakers, ACEs Conference is the place for inspiration, ideas, business networking, and instantly-applicable knowledge. It’s no surprise that our attendees continue coming year after year—just one ACEs Conference and you’ll be sold.

Justin esgar

Justin esgar

Adam engst

Adam engst

adam rice

adam rice

Our Guests This Week:
Justin Esgar - Founder and creator of ACEs Conference
Adam Engst - TidBITS Content Network & speaker at ACEs - https://tcn.tidbits.com
Adam Rice - Fellow ACN and ACEs attendee extraordinaire - https://adamrice.org

Just some of the great features of ACEs Conference 2018:
-Sit Down with Charles Edge - Panel Discussion
-Adam Engst will be Moderating a marketing panel
-Mark Berman - Journey Mapping (to be revealed)

-A general discussion brews about how marketing works within the world of small business

-Find that one "golden nugget" that resonates the most with you and introduces new way to thinking about things

-Jerry brings up an excellent question that Justin answers about business owners that may think they know the lay of the land and what ACEs can do for them

-Adam Rice discusses his business location, clientele, and how his first ACEs opened his eyes

-Justin talks about the ACEs Mastermind Group, which continues the conversation after the conference: https://www.acesmastermind.com

-Addigy will be holding a welcome party overlooking Camden Yards on May 8th.  Join us there!

-Tickets are $529 but using the code CCP will give you a 10% discount.  Use your code before prices go up!

-Command Control Power will be doing a Live Show at ACEs Conference 2018 on day 1.  We hope to see you there.

 

249: Live Show - A Series Of Unfortunate Events

/
watchman.jpeg

We're sponsored this week by Watchman Monitoring, a favorite tool of ours that should be in every professional consultant's toolkit.

Visit WatchmanMonitoring.com/cmdctrlpwr and sign up for your free trial to find out how Watchman Monitoring can keep an eye on your client machines and notify you of over 100 issues. Be sure to tweet @cmdctrlpwr #CCPsentme to support the show!

Topics:

-Joe calls back to a 27" iMac hinge repair.  Sam & Joe have both used https://www.themachack.com to hold up the display.  But Joe references that Apple will reimburse customers with proof of repair.

-TI83 Calculator was Joe's calculator of choice in high school.  You can still get one on Amazon!
https://www.amazon.com/Texas-Instruments-TI-83-Graphing-Calculator/dp/B00001N2QU

-The Jiggler was a handy program Jerry had used to keep FileVault moving along.  But unfortunately he has some follow up news regarding FileVault that wasn't so great.

-The team discusses fusion drives and weighing cost options for clients

-Joe introduces a new segment to the show, "Joe's Konspiracy Korner"
In this week's konspiracy, Joe throws around theories about a rash of errors on macOS computers. - "macOS could not be installed on your computer.  The path /System/Installation/Packages/OSInstall.mpkg appears to be missing or damaged"
Some solutions offered from Stack Exchange - https://apple.stackexchange.com/questions/299808/high-sierra-the-path-system-installation-packages-osinstall-mpkg-appears-to-b

-Sam got bleeped! Guess the banned word and we'll give you credit on the show!

-Sam brings up a scenario where a client lost her iPhone with Find My iPhone off and a lost iTunes backup password.  Jerry offers a possible solution in LCOM Soft:
https://www.elcomsoft.com/

-Some Synology follow up from Sam regarding rebuilding a RAID.  This was discussed on an Episode 241 with Weldon Dodd.

-Jerry has some rave reviews about a podcast app for Apple Watch called Outcast
https://itunes.apple.com/us/app/outcast-for-apple-watch/

Some more of Jerry's reviews:
PopClip Extensions
pilotmoon.com/popclip/

Card Hop
https://flexibits.com/cardhop

-Joe's pop quiz: how is a shut down and cold boot different from a restart?

-Another new segment from Joe!  How to think like a client?
This week: Backups.  A client wouldn't realize that the key to laptops backing up reliably is to plug them into power while they are open and awake, unless they support Power Nap (Dark Wake). The default setting is not to back up while on battery power.

-One of Jerry's clients has an issue where she thought all of her documents appearing as My Documents.zip.  The explanation is something we have all encountered before.

-How much time have you spent assisting clients with downloading and running TeamViewer?

THANK YOU TO OUR PATREON SPONSORS!

THANK YOU TO OUR PATREON SPONSORS!

244: Victory From The Jaws Of Defeat

/

Topics:

rooted-consulting.png

-This week we are proud to be sponsored by FLEXdesk, an offering from our friends at Rooted Consulting.  FLEXdesk - Help Desk support that grows with you

-Sam shares a story where a client has some confusion with hardware

-Social media and clients.  Do they mix? 

-Joe shares a story about a client calling and saying the keyboards were not working at their retail store so they couldn't check out customers. We walked through looking for a battery compartment or a way to plug them in, but they didn't seem to have any way to change batteries or charge them. Then Joe remembered that the Logitech keyboards are solar powered and wonders if something changed in the environment. Client said they recently replaced all the lights with energy efficient LEDs! Apparently the new LED lights are so efficient, they don't have any spare light to charge the keyboards (or more likely, they aren't the right wavelength of light to work with the solar panels).

-Sam talks about voice recognition when meeting someone in person

-After upgrading a hard drive on a 27" iMac, Sam realizes he needed to fix the hinge.  He found an excellent option from The Mac Hack. As it turns out, a site that Joe knows well.

-Joe investigates a situation where sent mail doesn't show in the client's Sent mailbox. Mail.app was configured to BCC the client on all emails, and Gmail was deleting the copy from his Sent when the copy in the Inbox was deleted.

-Sam recounts being at JFK Airport in New York City when the emergency alert system was used to warn of a water main break in the next terminal and wonders if iBeacon was used to alert only people in the airport.

Hawaii warning.jpg

-We discuss the recent false alarm in Hawaii which also used the emergency alert system, and while Joe can't help but introduce a conspiratorial angle, it was likely due to bad design. Perhaps Heinlein's Razor (or Hanlon's Razor) – "Never attribute to malice that which is adequately explained by stupidity" – applies here.

-followup on Episode 236: MacBook Pro - Turn Back Time re: Temp user can not be deleted. Joe noticed that when migrating to a clean install of 10.13.2, Migration Assistant prompts to re-enter some users' passwords. For non-admin users, it changes passwords to a temporary password (looks like one generated by Keychain Assistant) and then prompts the user to change it upon first login. Could this be related to the root login issue? And/or to Joe’s Temp user issue? Note the difference in behavior when using Reset Password vs. Change Password. Joe bets that it's related to the method of storing the password hash – maybe there’s a less secure format for legacy accounts with longstanding passwords, which Apple has now deprecated?

242: Goals For 2018 With Weldon Dodd of Rewind Tech - Denver, CO

/

Topics:

WeldonDodd-sm.jpg

Weldon Dodd of Rewind Technology joins us for another episode
https://rewindtech.com

-Weldon asks the crew about New Year's resolutions and the conversation immediately delves into a discussion on Wi-Fi

-Eero is a recommendation Weldon has been using in a lot of residential environments.  Joe & Jerry have similar positive experiences:
https://eero.com

-Cisco Meraki is what Rewind Tech usually turns to for continued management of a network:
https://meraki.cisco.com

-Weldon discusses his 1, 3, 5, 7 plan (Software - every year, endpoint equipment (laptops) - 3, servers - 5 years, networking equipment - 7 years)

-Sam is starting to evaluate Daylite as a CRM and sees many possibilities for use within his organization.  Still, the discussion of a good old fashioned spreadsheet comes about.
https://daylitemac.com

-Weldon discusses the future of his training and MSP business as well as his role within the organization

-2018 goals for Weldon: creating and utilizing custom DEP deployment solutions since the future of imaging is changing. Ultimately he wants a great experience for the customer.  Here are some of the tools that he is looking into:

The ability to create macOS packages to deploy user accounts
https://github.com/gregneagle/pycreateuserpkg

DEP deployment tools:
https://github.com/Shufflepuck/SplashBuddy 
https://gitlab.com/Mactroll/DEPNotify
https://github.com/erikng/installapplications

-Tim Perfitt from Two Canoes discusses acquiring a new iMac Pro and the changes that come with it: https://twocanoes.com/secureboot-imac-pro/

-Another great resource mentioned from Scripting OS X called NetInstall Is Dead, Too: https://scriptingosx.com/2017/12/netinstall-is-dead-too/

-Weldon takes a few moments and acknowledges the fellow members of the Mac community

-Have a great 2018!

241: "Not Dead Yet" With Weldon Dodd of Rewind Tech - Denver, CO

/

Topics:

-To start the new year, we are very pleased to be joined on our first live show of 2018 by Weldon Dodd of Rewind Technology in Denver, CO.  Weldon hangs with the crew as another host in case Sam goes missing again.
https://rewindtech.com

-Some things never change, the old HCS land grab jokes are in full swing

-Joe discusses the first zero day exploit of 2018, actually launched via tweet on New Year's Eve. Check out the IOHIDeous narrative on GitHub, kind of interesting! The vulnerability exists in a process called IOHIDUserClient which the macOS limits to having only a single instance at any given time, which happens to be spawned by WindowServer. So in order to exploit the vulnerability, we need to kill the WindowServer process. But terminating it requires admin privileges and essentially reboots the GUI, so this is not a viable mode of exploitation. But it turns out that by logging out the user, WindowServer releases its IOHIDUserClient temporarily, giving the exploit enough time to spawn its own instance of IOHIDUserClient and leverage it to compromise the system. The exploit can use "launchctl reboot logout" which does not display a warning dialog. The exploit can also use an AppleScript command to send loginwindow an event called "AppleEventReallyLogOut" (osascript -e 'tell application "loginwindow" to «event aevtrlgo»'), and loginwindow apparently doesn't care who sent the event, but it does display a dialog box as if the user selected "Log Out" from the Apple menu.

-Jerry wonders if this will be on the CCP test

-Sam recalls a story working after hours at a client when the alarm goes off

-Weldon shares his story of a Promise RAID gone wrong. Friends don't let clients pull drives out of RAID drive bays.  It also leads to a further discussion about how to handle RAID solutions and future expansion.

-A handy virtualization app for Synology, which Sam has used in conjunction with CrashPlan, is Docker: https://www.synology.com/en-us/dsm/feature/docker

-Jerry is busy building Minecraft worlds on Synology. He ends up needing a volume formatted as Btrfs.  Read more here: https://www.synology.com/en-us/dsm/Btrfs

-Time Machine and Synology has had a spotty past

-Sam discusses a Wi-Fi upgrade in NYC and replaced aging equipment with Ubiquiti Unifi. He also has some advice on utilizing a Cloud Key.

-He also mentions a handy workaround to test network settings remotely while still needing to reconnect to the remote computer.  Joe recalls a similar solution for another problem.

-Jerry talks about the Unifi In Wall units that he has set up recently: https://inwall.ubnt.com

Thanks as always to our Patreon sponsors!

IMG_0890.JPG

Listen to the outtakes and learn the origin of this picture!