Subscribe: The Tao of Mac
Added By: Feedage Forager Feedage Grade B rated
Language: English
azure  cloud  event  exp  exposure  market  microsoft  pixels camp  project  resourcedisk  stuff  thing  things  time  waagent  year  years 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Tao of Mac

The Tao of Mac

Tales from the Tech Trenches

Updated: 2017-10-16T06:59:16+00:00


Severe flaw in WPA2 protocol



It’s going to be interesting to see how Apple intends to deal with this — although truth be told, they’ve been shipping AirPort updates over the past year. My only question is how far back they’ll try to fix this, and on which product lines.

Two Years at Microsoft


Well, that was quick. Like last year, the weeks that led up to this weekend were hectic, so this is (again) written somewhat off the cuff, in an attempt to glean a bigger picture out of the incredible amount of stuff you can actually pack into a little over seven hundred days – all of them pretty unique in some ways. On further reflection, however, a few things stand out. For starters, I had a bunch of personal goals when I joined, two of which were pretty obvious, and a third that might elude the casual reader who typically pegs me as a technologist: I wanted to experience firsthand the way Microsoft was transforming itself to re-focus on cloud (in much the same way as I experienced and took an active role in Vodafone‘s re-invention as a fixed-mobile operator). Catching up on the Microsoft technology stack, and understanding how it fit together as it was rebuilt from the ground up for the cloud. And, finally, getting a handle on the business itself. I’ve gone back and forth from tech to biz a number of times over my career (and I expect to keep twharting people’s tendency to pigeonhole me until I die), and building the cloud business is the best way to understand it. Two years on, all those goals were unquestionably met and I can move on to other stuff, such as enjoying the ride a bit more and peeking at what’s just around the corner. But first, let’s take a look at the status quo. What I Do I’m still a Cloud Solution Architect, and still (primarily) think “in the large” while making good use of my Open Source background. As needs evoved, I moved around in different ways: on one hand, and after a stint dealing with systems integrators and reacquainting myself with the consulting world, I’m now dealing with some of the largest national customers, and tech-wise I moved squarely into what Microsoft terms the “Data & AI” side of Azure, diving into the hard realities of turning analytics and machine learning into actionable business intelligence – and, more importantly, turning it into a process. As it turned out, my in-depth experience with Python helped a fair bit, and even though I’m still not a fan of R (which I nearly gave up on five or so years ago), I got reacquainted with it for exploratory analytics – although it’s still not the cleanest thing to run in production as a standalone runtime, embedding it in other stuff actually works pretty well. I still get a kick out of doing infrastructure and networking, but the bread and butter stuff of firing up VMs doesn’t appeal much to me unless there are zeroes to the right of the number of instances – that’s where automation and orchestration come in, and where I’m most productive. From a service architecture standpoint, most large enterprises just aren’t innovative enough to go all out on containers, so I’m a couple of Kubernetes releases behind the cool kids – which might actually be a good thing, given that it’s driving me to catch up. Looking Back Well, for starters, it’s also been a couple of years since the first time I logged in to our “inner circle” Slack and laughed myself silly with this: My friends are the absolute best. It did feel a little dramatic at first, but now it doesn’t even seem strange anymore, even considering that I’m still largely using Linux and a Mac to get things done. It’s not as if any platform is without flaws these days, and I’ve always stayed steadfastly neutral in many regards – after all, some of the best things in life are acquired tastes. Taking in the bigger picture, it’s sobering to think that over the course of the past two years, Azure grew in complexity and sophistication to a point where there’s no doubt it is more than a match for the competition – something that I try to have an unbiased view on, to the extent of trying out that very same competition from time to time and peering closel[...]

Stealing Apple ID passwords on iOS by just asking



This has been nagging me for years, and I suspect my kids are going to run afoul of it any day now, even with curated access to games and apps.

I have no idea why Apple hasn’t fixed the repetitive authentication prompt “glitch” in a more obviously “safe” way, like having the Settings app pop up a notification and taking the user to it (or the Store) to log in again.

The current behavior needs to go away, and has been a latent security risk for years because it fosters lousy, repetitive habits in unsuspecting users.

Setting up Azure VM Swap using Ansible


Long story short, I was reviewing my bootstrap playbooks and realized that I could make swapfile creation a bit more generic by leveraging waagent (the Azure Linux agent). So here’s a task file that will reconfigure waagent to set up the swap file on the local hypervisor volume (the volatile device you get for temporary data) and restart it – but ideally you should reboot the machine afterwards, which is what I do as part of my bootstrapping anyway since I usually update the kernel as well. --- - name: set up swap vars: waagent: ResourceDisk.Format: y # Format if unformatted ResourceDisk.Filesystem: ext4 # Typically ext3 or ext4 ResourceDisk.MountPoint: /mnt/resource # ResourceDisk.EnableSwap: y # Create and use swapfile ResourceDisk.SwapSizeMB: 2048 # Size of the swapfile sudo: yes lineinfile: dest=/etc/waagent.conf line="{{ item.key }}={{ item.value }}" with_dict: "{{ waagent }}" tags: - setup - name: unmount device mount: path: /mnt state: unmounted tags: - setup - name: restart agent service: name: walinuxagent state: restarted sudo: yes tags: - setup In the meantime, I moved this site to a new, smaller VM (an Azure B-series “burstable” VM, which costs around €3.75/m) as a sort of experiment – Cloudflare makes it trivial to deal with peak loads, but I want to stress-test a few things and test custom Azure metrics, so tightening resources makes it easier to get meaningful numbers. [...]



A glimpse of something more.
(shot with a Lumia 950 and processed using darktable)

High Sierra may reveal your password for an encrypted APFS volume



Adding to the train wreck the dumbed-down Disk Utility app is turning out to be, there’s now a credential leak bug for encrypted APFS volumes – and a 915MB update to fix it.

I’m shocked that Apple actually suggests you should erase the volume to fix this. There ought to be another way.

Inside Out


The view to the outside from Rubro.

Pixels Camp 2017


After three days of Pixels Camp to top off a grueling week of travel and meetings, I’m down for the count with the flu, but quite happy indeed. Like last year, I didn’t have much time to dive in and actually organize the event. I did, however, spend a fair amount of time at the Microsoft booth doing the corporate thing, as well as going on stage for a few times – to present the Microsoft challenge during the opening session, as a commentator for the Chasing Ghosts challenge (along with the inimitable @chbm), and as an impromptu host for Presentation Karaoke. So great fun was had, if only because I spent the past three days in the company of people who matter to me: The organization team (best shot I got so far). I'm the guy in the Microsoft T-shirt, far left. Again like last year, I didn’t have time to actually sit down and see a single session from beginning to end, so I’ll just wait until they show up on YouTube. This year’s motto was “to the moon!”, and I think it was spot on, because there were a lot of amazing things happening besides “just” a hackathon – it was a rich, multi-layered experience, and you just had to be there to enjoy it. Pay Me With Exposure This year there was a grand (and, let’s face it, insanely awesome – or awesomely insane) experiment: The entire event ran on a crypto-currency named Exposure (EXP), which I believe to be an absolute first. I know a complete (technical and organizational) write-up is in the works, but the whole thing was so awesome that I felt the need to provide a little summary: The Market. Some services on offer were... creative, to say the least. To get things started, participants could buy and sell services in a public market, but the awesome new twist was that project voting was made through Exposure, which meant that every participant who created a wallet (getting 300 EXP to begin with) could “invest” in their favorite project – and there were even angel investors who could provide massive funding (25000 EXP). The T-Shirts Another hilarious twist that is sure to be properly documented later was that the event T-shirts had a puzzle behind them – and whomever figured it out would be able to unlock a massive amount of… You got it, exposure. The Moon T-shirt, which was only given to organizers and had the last missing bits of information. Between artwork, coloring and text variations, there were twenty-four different T-shirts , and once people caught on to that fact (around the morning of the second day) a feverisly updated Google Sheet was ablaze with data and a lot of wild speculation – I kept a copy here for posterity. The puzzle was solved quite late in the second evening, and it was a lot of fun to watch the attempts at figuring it out. Project Voting The final project ranking after funds were redistributed (and losing projects went "bankrupt"). After hackathon contestants did their on-stage pitches, participants and angels invested in their projects, and it was amazing to watch market dynamics in action and see how they invested their EXP and the project rankings shifted – it was eerily similar to real life, and the only fault I can find with this model is that a couple of solo projects that were brilliant and obviously had tremendous effort put into them simply couldn’t earn enough exposure by themselves to be successful. But maybe that’s not really a fault when you consider the big picture – Pixels Camp now has a publicly auditable way to run the entire event and expose participants to market dynamics, just like they would need to do to succeed in real life. “To the moon”, indeed. I can’t wait for next year. [...]

Pixels Camp Opening


Just before the opening ceremony, at the amazing new venue.

macOS High Sierra keychain zero-day vulnerability



I wasn’t really planning on upgrading this soon (unless I really had to convert some iPhone raw photos to JPEG), but this definitely put me off it.

Furthermore, there were hints of this being exploitable now in Sierra, so I’m going to try catching up on news later and then making an informed decision.

Either way, this is not a reassuring sign that the Mac is back.

iOS 11 Control Center does NOT switch off Bluetooth or Wi-Fi



Who the hell thought, even for a second, that this was a good idea?