January 30, 2018

244: Victory From The Jaws Of Defeat

January 30, 2018/ Jerry Zigmont

Topics:

-This week we are proud to be sponsored by FLEXdesk, an offering from our friends at Rooted Consulting. FLEXdesk - Help Desk support that grows with you

-Sam shares a story where a client has some confusion with hardware

-Social media and clients. Do they mix?

-Joe shares a story about a client calling and saying the keyboards were not working at their retail store so they couldn't check out customers. We walked through looking for a battery compartment or a way to plug them in, but they didn't seem to have any way to change batteries or charge them. Then Joe remembered that the Logitech keyboards are solar powered and wonders if something changed in the environment. Client said they recently replaced all the lights with energy efficient LEDs! Apparently the new LED lights are so efficient, they don't have any spare light to charge the keyboards (or more likely, they aren't the right wavelength of light to work with the solar panels).

-Sam talks about voice recognition when meeting someone in person

-After upgrading a hard drive on a 27" iMac, Sam realizes he needed to fix the hinge. He found an excellent option from The Mac Hack. As it turns out, a site that Joe knows well.

-Joe investigates a situation where sent mail doesn't show in the client's Sent mailbox. Mail.app was configured to BCC the client on all emails, and Gmail was deleting the copy from his Sent when the copy in the Inbox was deleted.

-Sam recounts being at JFK Airport in New York City when the emergency alert system was used to warn of a water main break in the next terminal and wonders if iBeacon was used to alert only people in the airport.

-We discuss the recent false alarm in Hawaii which also used the emergency alert system, and while Joe can't help but introduce a conspiratorial angle, it was likely due to bad design. Perhaps Heinlein's Razor (or Hanlon's Razor) – "Never attribute to malice that which is adequately explained by stupidity" – applies here.

-followup on Episode 236: MacBook Pro - Turn Back Time re: Temp user can not be deleted. Joe noticed that when migrating to a clean install of 10.13.2, Migration Assistant prompts to re-enter some users' passwords. For non-admin users, it changes passwords to a temporary password (looks like one generated by Keychain Assistant) and then prompts the user to change it upon first login. Could this be related to the root login issue? And/or to Joe’s Temp user issue? Note the difference in behavior when using Reset Password vs. Change Password. Joe bets that it's related to the method of storing the password hash – maybe there’s a less secure format for legacy accounts with longstanding passwords, which Apple has now deprecated?

January 23, 2018

243: Star Belly & Plain Belly Sneetches

January 23, 2018/ Jerry Zigmont

Topics:

We're sponsored this week by Watchman Monitoring, a favorite tool of ours that should be in every professional consultant's toolkit.

Visit WatchmanMonitoring.com/cmdctrlpwr and sign up for your free trial to find out how Watchman Monitoring can keep an eye on your client machines and notify you of over 100 issues. Be sure to tweet @cmdctrlpwr #CCPsentme to support the show!

-Jerry humbly shares a story of formatting the wrong drive while preparing new external installers and things to watch out for in APFS volumes when booted from HFS+

-Joe almost attempted a migration to Sierra from High Sierra when setting up Judy's new computer

-Jerry compares HFS+ to APFS issues to the Dr. Seuss Sneetches

-Sam shares his latest experience with Daylite and how he has seen the power of the product. Our own Jerry Zigmont can help!
http://www.daylitemac.com

-This leads into a further conversation about Daylite as a product and methods of integration

-Joe has frustrations about Microsoft's auto update. It provides a perfect opportunity to discuss our friends at Addigy

-Jerry talks about some of his non-public facing websites to try and make things easier for his clients. But as it turns out, it ends up creating frustration.

-The group compares MSP models and how they all operate slightly differently

-Joe was listening to the mac catalog and has some followup from episode 231: “Grant BigLanik Easy Access” re: Amazon Gift Cards: very annoying, resulted in having to use AirPlane Mode to finish a recipe for Curried Butternut Squash and Pear Soup on AllRecipes.com. (Joe misstated this as SimplyRecipes.com in the podcast. The Editor regrets the mistake.)

January 16, 2018

242: Goals For 2018 With Weldon Dodd of Rewind Tech - Denver, CO

January 16, 2018/ Jerry Zigmont

Topics:

Weldon Dodd of Rewind Technology joins us for another episode
https://rewindtech.com

-Weldon asks the crew about New Year's resolutions and the conversation immediately delves into a discussion on Wi-Fi

-Eero is a recommendation Weldon has been using in a lot of residential environments. Joe & Jerry have similar positive experiences:
https://eero.com

-Cisco Meraki is what Rewind Tech usually turns to for continued management of a network:
https://meraki.cisco.com

-Weldon discusses his 1, 3, 5, 7 plan (Software - every year, endpoint equipment (laptops) - 3, servers - 5 years, networking equipment - 7 years)

-Sam is starting to evaluate Daylite as a CRM and sees many possibilities for use within his organization. Still, the discussion of a good old fashioned spreadsheet comes about.
https://daylitemac.com

-Weldon discusses the future of his training and MSP business as well as his role within the organization

-2018 goals for Weldon: creating and utilizing custom DEP deployment solutions since the future of imaging is changing. Ultimately he wants a great experience for the customer. Here are some of the tools that he is looking into:

The ability to create macOS packages to deploy user accounts
https://github.com/gregneagle/pycreateuserpkg

DEP deployment tools:
https://github.com/Shufflepuck/SplashBuddy
https://gitlab.com/Mactroll/DEPNotify
https://github.com/erikng/installapplications

-Tim Perfitt from Two Canoes discusses acquiring a new iMac Pro and the changes that come with it: https://twocanoes.com/secureboot-imac-pro/

-Another great resource mentioned from Scripting OS X called NetInstall Is Dead, Too: https://scriptingosx.com/2017/12/netinstall-is-dead-too/

-Weldon takes a few moments and acknowledges the fellow members of the Mac community

-Have a great 2018!

January 09, 2018

241: "Not Dead Yet" With Weldon Dodd of Rewind Tech - Denver, CO

January 09, 2018/ Jerry Zigmont

Topics:

-To start the new year, we are very pleased to be joined on our first live show of 2018 by Weldon Dodd of Rewind Technology in Denver, CO. Weldon hangs with the crew as another host in case Sam goes missing again.
https://rewindtech.com

-Some things never change, the old HCS land grab jokes are in full swing

-Joe discusses the first zero day exploit of 2018, actually launched via tweet on New Year's Eve. Check out the IOHIDeous narrative on GitHub, kind of interesting! The vulnerability exists in a process called IOHIDUserClient which the macOS limits to having only a single instance at any given time, which happens to be spawned by WindowServer. So in order to exploit the vulnerability, we need to kill the WindowServer process. But terminating it requires admin privileges and essentially reboots the GUI, so this is not a viable mode of exploitation. But it turns out that by logging out the user, WindowServer releases its IOHIDUserClient temporarily, giving the exploit enough time to spawn its own instance of IOHIDUserClient and leverage it to compromise the system. The exploit can use "launchctl reboot logout" which does not display a warning dialog. The exploit can also use an AppleScript command to send loginwindow an event called "AppleEventReallyLogOut" (osascript -e 'tell application "loginwindow" to «event aevtrlgo»'), and loginwindow apparently doesn't care who sent the event, but it does display a dialog box as if the user selected "Log Out" from the Apple menu.

-Jerry wonders if this will be on the CCP test

-Sam recalls a story working after hours at a client when the alarm goes off

-Weldon shares his story of a Promise RAID gone wrong. Friends don't let clients pull drives out of RAID drive bays. It also leads to a further discussion about how to handle RAID solutions and future expansion.

-A handy virtualization app for Synology, which Sam has used in conjunction with CrashPlan, is Docker: https://www.synology.com/en-us/dsm/feature/docker

-Jerry is busy building Minecraft worlds on Synology. He ends up needing a volume formatted as Btrfs. Read more here: https://www.synology.com/en-us/dsm/Btrfs

-Time Machine and Synology has had a spotty past

-Sam discusses a Wi-Fi upgrade in NYC and replaced aging equipment with Ubiquiti Unifi. He also has some advice on utilizing a Cloud Key.

-He also mentions a handy workaround to test network settings remotely while still needing to reconnect to the remote computer. Joe recalls a similar solution for another problem.

-Jerry talks about the Unifi In Wall units that he has set up recently: https://inwall.ubnt.com

Thanks as always to our Patreon sponsors!

Listen to the outtakes and learn the origin of this picture!

December 25, 2017

239: Joe's Super Secret Password - PSIMacRules!

December 25, 2017/ Jerry Zigmont

We're sponsored this week by Watchman Monitoring, a favorite tool of ours that should be in every professional consultant's toolkit.

TOPICS:

When The Beatles Gave Fans A 'Crimble’ Present
https://www.npr.org/2014/12/21/372257350/when-the-beatles-gave-fans-a-crimble-present

The Kim Komando Show ® and all material pertaining thereto is a Registered Trademark / Servicemark: No. 2,281,044. America's Digital Goddess
https://www.komando.com

Logo (programming language)
https://en.wikipedia.org/wiki/Logo_(programming_language)

December 19, 2017

238: Interview With Pepijn Bruienne Of DUO Security & The Mac Admins Podcast

December 19, 2017/ Jerry Zigmont

Pepijn Bruienne is a Research and Development Engineer at Duo Security in Ann Arbor, Michigan. He breaks Macs to help his employer's customers be more secure. With more than a decade and a half of experience in a variety of Mac Admins areas, his skills include Systems Administration, Operations Management, Mac/Linux/Windows Server and Desktop integration, software deployment, configuration management and process automation.

Pepijn is also co-host of the popular Mac Admins Podcast and friend to our show. Subscribe today and listen to Pepijn and the crew discuss all things in the Apple IT world. Listen to the first Command Control Power/Mac Admins crossover show here:
https://podcast.macadmins.org/2017/10/01/episode-53-cultural-exchange-with-sam-valencia/