 The Mac Observers, Mac Geekab, Episode 742 for Monday, December 31st. Happy New Year, 2018. Greetings, folks, and welcome to the Mac Observers, Mac Geekab, the show that for over 13 years has been here, taking all your questions, taking all your tips, taking all your cool stuff found, mixing in our cool stuff found, sharing everything, answering what we can with the Prime Directive being that we each, every one of us, me, you, him, her, all of us, learn at least five new things each and every time we get together. Sponsors for this episode include Ops Genie, now from Atlassian at OpsGenie.com, LinkedIn Jobs, where you can get 50 bucks off your first job post at LinkedIn.com slash MGG and other world computing at MacSales.com. And we'll be talking about some of their new Thunderbolt 3 stuff, both in the sponsor spot, but also just throughout the episode, because that's kind of how this goes here at Mac Geekab. Here in Durham, New Hampshire, I'm Dave Hamilton. And here in Fairfield, Connecticut, this is John F. Braun. How are you doing today, Mr. John F. Braun? Yeah, you know, winding down, winding down the year, sliding into the greatest slide into that new year. OK, so you're rounding first and sliding into the second of 2019 for perhaps one of the first sports analogies we've ever had on this on this show. So at least at least we got one in in 2018. That's good. That's good. All right, you know, let's just let's dive right in here, John. Let's let's go to let's go to Mark here. We started last show talking about contacts, kind of ranting about contacts. And we have maybe a thought or two to share about that later in the episode. But. Mark had a question about sharing contacts and Mark pointed out. He said, when I was sharing a contact from iPhone 10 with his wife's iPhone eight, both running iOS 12, so I don't think the iPhone model numbers mattered here, but of course they might, which is why I share it. He says, I noticed the titles for child and spouse didn't transfer properly and the order was not the same. And sure enough, like things were all messed up. The the the titles were reversed. The names were some of them were reversed. The titles had weird characters in them and and I asked, I said, OK, well, what method did you use to send these? He says, I use share contact. OK, great. And then air dropped it. And that was what he did. And I said, OK, well, you know, I've certainly done that, but I haven't gone and looked on the other side because usually I air dropped them to someone else and checked, right? And but I know that I have done it with iMessage. And so I said, well, try it with iMessage. And sure enough, with iMessage came through perfectly clean. So there's some little tip here that some for some reason sharing however it shares via airdrop and however it's parsed. So it could be on one end or the other. We don't really know. But that method can result in jumbled contact records, whereas sending via iMessage tends to keep everything in its place. So there you go. I'm not sure where, you know, I'm not sure where that is, but figured I'd share that. Any thoughts on that? It's a it's either a parsing or a parsing error on the receiving end or a encoding error right on the on the sending end. Right, because embedded in the data, you would think that there are tags saying, OK, this is this field, this is that field. And it sounds like that mapping is is failing. Yeah, it almost looked like a character. Like part of it was the parsing, but part of it was the like the mapping. But also part of it was the just the character types or something weren't right. Like they were, you know, like almost not HTML, but but it looked like something that was HTML encoded where it had, you know, one thing standing in for another character and just some weird stuff. So I don't know the magic answer. Yeah, I don't know. Actually, that actually brings up, I don't know if this is really an issue anymore. What's that you tell? Do you tell your device what country you're in or I guess it just figures it out? Oh, that's interesting. No, no, language and read the thing is I've seen on multiple devices. So on the phone, it's in general language and region. OK. And you tell it your language in the region. And sometimes if those are different, I've seen weird things happen. Yeah, on the map and on and on iOS. So. Huh. And I'm looking in here and long time. So does it happen via via one vehicle than another leechman and believe that it's that that's not it? Right. Yeah, it's interesting. I'm looking in that setting in general language and region and I'm seeing a preferred language order. And I added Greek here once many years ago. And it was to get some special character. We talked about it on the show and it it doesn't come to me right off the top, but but you can you can mess with that here, right? You can you can put different keyboards and different languages in here. So yeah, interesting, interesting, interesting. All right. Moving on to Rob. Rob writes, I'm looking into my options for upgrading from my current October 2010 Mac Mini to a new one. The current one has 480 gig SSD from OWC replacing its original 320 gig hard drive. And I was wondering whether I could relocate some of my data to an external drive in order to save money on a smaller built in SSD on the new one. As I was sorting through my home folder evaluating my options, I noticed in my iTunes folder something called mobile applications. This appears to contain iOS app bundles, but the last modified of any of them is May of last year. Now that iTunes no longer manages apps on iDevices. Is there any point in keeping this mobile applications folder? So this is a good question, right? It could be argued by some that keeping those old app binaries around is the only way to install an app that no longer exists in the app store, right, because the binaries that you have are mapped to your Apple ID. So they can only be installed on machines that you are willing to put your password into. So mostly your devices, right? So, you know, while iTunes can't manage those anymore, like I amazing can, right? So so if you want to have something that might not be available from the app store in the future, fine. But the thing is, you know, if a bundle is not available in the app store, it's probably not going to be compatible for a very long time with your device, right? iOS 12 invalidated a lot of those just because of the the way things needed to work. So unless you're running something that's been discontinued, that you fear being discontinued, I think you're fine deleting them. I deleted all of mine. I used to save them like crazy. And, you know, yes, there was one time for me that it actually helped. It was an old version of an app that I used for a mixer that we used to have. And when the software on the mixer, like the audio mixer, it was for the Mackey DL 1608 and they changed their master fader app to match the new software, but an older version of the of the mixer wasn't compatible with the new version of the software. And so you had this this battle that you would fight. So I kept an old version of the software around Mackey. However, after about three months, solved that by pushing two versions of the software so that you could run either one. So, you know, like, I don't know. I don't think it's worth keeping them around. But I'm sure someone out there is waving their hands and saying, no, no, but. And that's and you're and you're probably right. But I think in a general sense, you probably can get rid of them. What do you think, John? Do you keep your app binaries around? I looked and they're there. And where are they? You may ask. Music, iTunes. Oh, that's not even on this machine. Right. But I found it on the other one. Yeah, it had the dot by PA, whatever. Yeah, files. Yeah, but I don't think it was taken up like tens of gigs. So I was like, yeah, right. Yeah, maybe I will delete them. Right. Right. We see what the yeah, 14 14.5 gigabytes for all the stuff in there. Yeah, a lot of room. Yeah. But there's, yeah, and the date of all of them. Yeah, like the most recent one was dated 2016. So it's like, you know, I haven't done anything with the plate. It's all old stuff. Anyways, I'm looking, you know, like first one is Euro one day, you know, like a really old version. Yeah, right. Because it has because iTunes hasn't been saving those since, yeah, for at least a year and a half. Right. Right. Cool. Good question, Rob. I like it. And it's always good to think about that stuff because it's easy to just leave that, you know, as we call it, cruft around, right? The stuff that's just like, oh, I don't need that, but I don't need to delete it. So it'll just stick there. Maybe you don't even know it's there. So, yeah, there you go. That's what we do here. I want to take a quick minute and talk about our first sponsor, which is OpsGenie now from Atlassian at OpsGenie.com. You know how it is. If you listen to this show, you know that incidents are inevitable. And really what it comes down to is how you deal with them. That's what we do here every single week. We talk about how to deal with incidents. Well, the first thing is knowing that an incident happened. And this is where OpsGenie comes in, because not only do you want to know, you want to make sure the right people know at exactly the right moment. And usually the right moment is as soon as possible. So this is where OpsGenie is brilliant because what happens is it through its engine of smart notifications and timing and all of this, it empowers your development and Ops teams to plan for service disruptions and stay in control during incidents. It gives your team the power to respond quickly and efficiently to unplanned issues. And it helps to notify all the right people through a smart combination of scheduling and escalation paths. All of these things taking into account stuff like time zones, holidays, vacation schedules, all of this good stuff. And because the folks at Atlassian know that the world doesn't live in just the OpsGenie bubble, they allow for deep flexibility into how, when and where alerts are deployed supported by over 200 integrations like Jira, Amazon, CloudWatch, Datadog, New Relic, all of these things, some of them at Atlassian's products. Of course, others not Atlassian's products, because again, they grok that you use tools that work for you and they want to make sure they integrate with all of those tools, no matter who makes them. They're really smart company. They really know what they're doing there. And so OpsGenie tracks all the activity on your incidents and provides useful insights that you can look at to improve future responses. Very cool stuff. We've used it here. It saved my bacon. I like to tell the story about how we had a major problem while I was asleep and I awoke to alerts that the problem happened, that the right people were notified and that by the time I woke up, the problem was solved. This is how it should be in real life, folks. With OpsGenie, your next incident doesn't stand a chance. So visit OpsGenie.com and here's where it gets really good because you there is where you can sign up for a free company account and add up to five team members, right? Free. No credit card required, nothing free. That's OpsGenie.com. Never miss a critical alert again with OpsGenie and our thanks to OpsGenie for doing what they do and for sponsoring this episode. All right, John, you want to take us to Terry? Indeed. Terry writes, hi, guys, when I am in a location where there are dozens of Bluetooth devices, not mine, listed in iOS settings, how do I know which is which? What the heck do these numbers mean? Screenshot from Bluetooth scanning app attached. I'll tell you what they mean. So the screenshot, let me bring that up because that's a separate separate thing, but it was from an app that I found a Bluetooth scanning app. And basically what it shows, Pali, BLE scanner, BLE being Bluetooth low energy. All it showed was name, the RSSI, a time and date stamp and then a big long hexadecimal thing. So RSSI is signal strength, right, just to just to clarify that. Yeah, sorry, go ahead. And then it shows this big long hexadecimal number, which is called the UUID or universal unique identifier. But it basically is like a serial number for the device. And then it should show the name, but this one only, although it claims in their document or screenshots for the app that they do when I ran it and nothing, nothing came up. For the name, for all but one. And then, you know, I would tap on it and it would go drill down like one level, but it wouldn't like show you all the capabilities of the device. Now you may be asking, how do you do that, John? Well, you don't use this program, which my review would be no. It's not a very good scanner. You know what, that's how it should be for reviews. Maybe we need to like completely revamp. We did a year ago, we revamped our review structure at Mac Observer so that it wasn't just one star through five stars or whatever. It was like, yes, you should get this. No, you shouldn't get this. And yeah, if you want to get it, like, you know, we made it a little more realistic. Maybe it should just be yes or no. That's it. It's the Caesar style of reviews, right? It thumbs up and he lives thumbs down. He dies. That's it. That's all we get. Anyway, I digress. Yeah, but sports analogies and Caesar in the same episode. So, you know, I'm just saying. Yeah. Yeah. So the one you want to use is one that I found a while ago, and I believe these guys make a development kits for Bluetooth, but they also make a tool and it's really good and it's called Light Blue Explorer. And we have a link to that in the iTunes and it's cool and it's free. But and I just showed her the first screen. So when I run their utility, so soon as it runs. It found SensePina, John's iPod Touch, Apple TV, John F. Braun's iPad Air unnamed, OK, fair enough, and Wink Hub two. So it already identified all the devices. But then with this scanner, rather than just going down like one level, I mean, it lets you drill way, way in. So a lot of devices have a lot to tell you, like, you know, for example, the Wink Hub, you know, if you drill down, they have a parameter connected to wired network. Yes, last system failure. And then you click on that. That's how I would expect a device browser to work, which is sounds like the other the other one tried, or it was just it was just I don't know why they show so little information. Thumbs down. It shows everything. As John in our chat room said in the chat room, of course, at MacCicab.com slash stream, it's a death match in the Coliseum. That's what it is. There you go. Well, the app survivor, not Light Blue Explorer, thumbs up. BLE scanner. Thumbs down. That's it. But it's now why may you want to run one of these? And I think it's just you want to know what's going on around you. Because normally, if you use iOS, you're only going to see devices that say, hey, I want to pair with you. Whereas this will show you anything that it can find. Right. Right. Unless they check that's that's as far as iOS goes. It only shows you what it thinks you need to see. Right. Yeah. Well, then it's not always right. It's kind of the issue. Yeah. Yeah. All right. Good stuff. Cool. All right. Let's go. This is a shifting gears to some network ish stuff here from Craig. Who writes as soon as I can find it. Come on, catch up with me. There we are. He says I'm wondering how I can use certificates. So he wants actually I'm going to take certificates out of this because that's going to confuse things. He says I have multiple devices in my network and I have my own domain. He says I have a Synology router, a couple of disk stations and a couple of the things. He says I have them all under my main domain. How do I get my port? How do I address them all from the same name externally? Right. And this is where certificates comes in because he has one certificate for like, you know, www.mydomain.com and he wants to be able to use the same certificate on all of these devices. But he's only got one IP address for his house. So how does he connect to, you know, router.mydomain.com and, you know, disk station one at mydomain.com or disk station two.mydomain.com. How do you do that? And the answer is with one IP address as we generally most of us have for our homes and then obviously, you know, sharing internally with with network address translation or NAT as we call it. The smartest way or the simplest way at least to do it in the way I do it. And I think the way you do it to John is that you just use that one domain. So it's, you know, whatever www.mydomain.com, whatever it is. And then you port map. So, for example, you know, for me, I have my Synology router on port 8500, which I think is the nonstandard port. I think the standard port for that is 8000, but I had something else that needed to live on 8000. So I just moved it to 8500. And then that answers there because it's the router, so I don't need to do any port mapping. My disk station, my first one, I put on port 5001 because that's the port that it wants. And I map 5001 from my external network. I use port forwarding to map to 5001 on that internal IP. I'm good. On my second disk station, this is where it gets interesting. Same thing, you know, www.mydomain.com. I map port 5002 from the outside world to port 5001 on that specific device on the inside world so that everything matches up very nicely. I can leave the device where it wants to be by default. But from the outside world, I have a different port and boom, everything works and that way I'm using the same name, the same domain name for all of my devices because really the domain name just applies to my network as a whole. And I think that's the lesson here is you certainly could come up with different names, but they would all point to the same IP because it's just one IP. Now, if we were to, you know, bring IPv6 into this conversation, then we could start doing some direct mappings to things because IPv6 allows for that. But but generally speaking with IPv4, you're not going to get that at your home setup. So everything gets the same name and just different ports. And that's how you connect. And and then if you were doing secure certificates, you just need the one, but the same certificate on all your devices. This is where it gets interesting, right? Generate the certificate. However, you're going to do it. If you have Synology devices, those do it really, really well because they're the disk stations do it well because they can use a service called Let's Encrypt, which allows you to do this for free and it renews the certificate so it doesn't expire every 90 days. And then I put a little note in my calendar to export it to all my other devices every time it updates and I'm good to go. So it's all port forwards is how you deal with that when you have multiple devices that you want to access from the outside world. That's the way to do it. So there you go. What do you think, John? Wow, that's a that's creative. But is that OK? All right. Is there a better way? Or a different way, an alternative, not necessarily better or worse. Well, when I need to access my synologies from outside, which I think is what we're saying here, right? Well, I mean, I wanted to genericize it for people that have all manner of devices. Maybe you want to access a Plex server on your Mac mini from the outside, right? It doesn't matter. This is the way you do it. Yeah. But yes, if if your devices are just Synology, then I think there's another solution you can use, right? Oh, well, their app is smart. You know, I'll, you know, if I need to access one of mine, I'll well, you can either, you know, like this, I think you mentioned it, Smart Connect or whatever you call it, Quick Connect, Quick Connect. Quick Connect, yes. That's right. That's right. Yeah. And they kind of do this magic for you. Yeah. Quick Connect is cool. Yeah. Because it it doesn't think they're doing. They're doing what you're doing, but they're kind of automating it a little bit, I think. Yeah, they're actually doing it a little differently. They're not just doing port forwarding. They're doing a series of of things that essentially make NAT do the port forwarding for you. And then they sort of pass that information along. They use Synology servers to handshake the connection and then pass it down the line, which is really smart. That way you don't need to worry about, does my router support port forwarding or UPNP or any of that? It's like, no, just let us do it. We've got this and it's all good. So, yeah, yeah, it's pretty good. Cool. Hopefully that makes sense. What do you got for us next, John? Got Steve. This is crazy. I have an annoying pop up window that says the following. Any agent wants to use your confidential information stored in password in your key chain. I don't like to give any information out when I don't know what it is. My question is, what is any agent and should I be concerned? So just to be just to be clear, because it sounds different than it than it reads, it is the letter N, the letter E, and then the word agent is the process. Is that right? Not any agent. It's an agent just just for clarity, audibly. And when I get one of these like system messages, because it's a system message, I think, yeah, I want to get to the key chain or the passwords thrown in the key chain. Here's what I did and I was actually kind of surprised at this work, but every now and then it does. So if you get a request from something, it sounds system-y like this. Like something that is indeed a lot of times fire up the terminal and bring up the man page for it. And so I typed man, space, NE agent, and voila, I got a manual page for it. Any agent, host process for network extension plugins. Any agent is part of the network and it says, this may be needed if you're doing a VPN or a content filter. So there you go. If you just started using something that changes the behavior of your network, whether it be a VPN or a content filter, that's why this is happening. Huh. So I think I just saw it recently because I just I just added a. VPN type product. Ah, right. We will be discussing that in an upcoming episode. Yes. Yeah. But I think that triggered this too, because it's like, well, you know, I need to I need to know the password. It's like, all right. Right. Oh, that makes sense. OK. And I think I've also noticed that after you'll also see this sort of thing happen sometimes after a OS update. I noticed this because Drive Pulse has a thing that detects added or removed login items or startup items. Sure. And I noticed that this will happen a lot of times, especially with the with the OS. I saw like three new things added. I'm like, oh, they had three new processes. That's fun. Shortly thereafter, you start getting these, you know, admin queries. It's like, oh, I must be because they just added something new. Right. Right. Right. Or sometimes it'll even show you the name of whatever new thing they added. So that's what I got to say about that. So, huh. Should you be worried? Maybe it depends on if you've changed anything recently. Yeah. Well, I guess that's true. Yeah, yeah, yeah. Yeah. Right. I've been noticing as of late and I don't know what is causing this, but I'm getting kind of random. Oh, this app is not optimized for the OS. You've already talked to the developer. I remember getting those like after I did the major upgrade. But now it seems to be happening randomly with certain programs. I don't know if you've noticed this. Yeah, I think so. I mean, yeah, I'm not the random aspect. I don't it always seems like I can trace it back to something. But even if it's just an app, like auto updating itself under the hood or whatever. Yeah. Yeah. Well, yeah, that could be it. They could. Yeah. Right. I know I run Keybase on my computer and it routinely I get these notifications like, oh, these items changed. Like, OK, cool. Like, I guess I'll trust that or not. You know, I could I could not run Keybase. I guess that's the that's the other way to get around it. Right. Yeah. Good. More thoughts on this. I'd like this any agent. That's that's it's interesting. I didn't even realize that existed. This network extent like that there's network extension framework there that apps can just like tap right into and say, oh, yeah, I don't know. Like, I don't have to do the hard work that Mac OS takes care of it. You know, I just do my own hard work and there you go. That's pretty cool. I get I wonder how long that's been there. It's the the man pages dated March of 2017. That seems like maybe it was brought in when the whole like Safari content filters thing was was introduced. So, I don't know, right? I don't know. What is any agent? Yeah. Yeah, I'm coming up with articles and it's mostly brought up in the in the context of a VPN. Yeah. Right. Well, that's that's that's that's the interesting part. Right. VPNs used to have to work really hard to to insert themselves as network devices and and make sure to capture all the network activity. And it seems like Mac OS is now just like, OK, here you go. Just let me know who you are. We'll get authentication from the user and you're good to go. That's pretty good. While we're on the subject of networks and all that, we talked in the last episode about what you might need in a router and when it's time to upgrade and listener Michael wrote and he says, hey, guys, I think you left out the most important point in answering the question about when it is time to upgrade your Wi-Fi during Episode 741. He says, granted, of course, it's a hard question. Says to me, it is time to update when the router and or extender no longer gets firmware updates. Certainly, after two years, it is reasonable to assume there will never be another update, maybe even a year and a half. I would actually go and say if it hasn't been updated in a year, it's certainly worth asking the question of the router manufacturer like, hey, are we end of life done on this product, right? So he says another reason would be when ethernet speeds through the router are slower than ethernet speeds directly connected to the modem. That's also true. That's that's actually a really good test. You know, routers have CPUs in them. So so two separate things, right? So firmware updates, right? Great. Ethernet speeds. This is interesting because routers have CPUs in them. And and the primary job of that CPU is to make sure the router routes, which means takes the data that's coming in from the outside world and passes it to the right device on the inside world. And we just kind of address this with with some or reference this with some port mapping discussion. The router has to look at every packet and make sure it goes to the right place. That takes the CPU. If that CPU is not fast enough to handle the speeds that you are now currently getting from your ISP, that might be a good time to upgrade your router. And Michael's suggestion of using ethernet tests, not Wi-Fi tests, but ethernet tests to check this are really handy. Unplug your router entirely, restart your cable modem or whatever your your gateway device is, plug your computer directly into that and do some speed tests, right? It has to be an ethernet connected computer. And if you don't have ethernet on your computer, we can talk about some options in a moment here. But but you know, you plug it into the tests, do a couple of them so that you've got, you know, kind of a mix. Then again, restart the modem this time, plugging the router back in, plug ethernet directly into the router. See what kind of speeds you get there. Hopefully they should match. Your router should be fast enough to handle whatever ethernet speeds you get. But if it's not, that's also a good time to consider, you know, upgrading or swapping out or something like that. I like that. That's a good, good, good. That's good. Thoughts on that, John? No. OK. All right. Cool. While we're on the subject of routers, Ken has a question and he says, I hate to bug you. No, no, no, it's never a problem bugging us. It's what we do. In fact, if you want to bug us, feedback at MacGyb.com is the way that you do that. No, really? Oh, yeah. Feedback at MacGyb.com. Yeah. Now, feedback at MacGyb.com, I believe, is what the esteemed Mr. Braun just said there, Mr. F. Braun to you. He says, but my airport time capsule 802.11 AC that I got in 2013 is still working, but I keep getting warnings from airport utility saying that the time capsule is overheated. That's interesting. I think that's the first I've ever heard about airport utility saying that says I have a charter modem that's Docsis 3.0 and I'm looking for a new router now and my wife keeps hearing sounds near the router and she fears it might cause a fire. You know, mixing those two data points together. I can't necessarily disagree with your wife. He says the house is maybe 2000 square feet and only one floor and the modem is in the middle of the house. So you have like the ideal setup. He says, so the time capsule covers the Wi-Fi. So I definitely don't need a mesh system. Says, I understand that the best is the Synology RT2600 AC, the best router says, is that still the best router? And yeah, I would agree with that for that scenario. I would I would highly lean towards the RT2600 AC. There are other good routers out there, but the the Synology router is it's so powerful. It's a four by four dual band router. So it covers both 2.4 and 5 gigahertz with basically as much antenna and stream power as you're allowed to have or that you can functionally have in a router here these days. So it's got that covered. Plus it's got, you know, cloud station built into it. So you can have your host, your own little drop box kind of thing. You can hang a USB drive off it and make it a time machine destination so it replaces your time capsule in that way too. It has its own VPN server so you can VPN into your house. I mean, the list of features just goes on and on and on. So and the user interface is fantastic. It's a great it it as far as standalone routers go. I really haven't seen anything for the general purpose user that beats this. Certainly there are some gaming routers that have some really stellar features. You know, we've talked about those in previous episodes, but but for, you know, you're straight ahead. Here you go. Here's a router. This is this is the one I would I would go with. So so yeah, but this is where it gets interesting. Synology also just came out with their new mesh router that they call the MR-2200 AC. And the interesting part about this MR-2200 AC is that you can certainly use it if you have an RT-2600 AC. The router I just mentioned, you can certainly use the MR-2200 along with it as a mesh point, right? And you can add these things, either wired or wireless. And then you can build a mesh. You don't need a mesh. That's fine. The MR-2200 AC, though, it's a tri-band device. It's not quite as powerful as on individual bands as the RT-2600 AC, but it's a powerful device on its own. And it can be used on its own as a router. So it's not just a mesh point. It can be the router either for it only itself or you can add other mesh points to it. So this is where it gets a little interesting for your house. I think I'd still lean towards the RT-2600 AC just to make sure you're going to get the coverage you want. You're going to spend about 200 bucks on that. The MR-2200 is, I think, about 140. So you could save a little bit of money, but I think you might wind up if you had the MR, you might want a second one and now you're not actually saving money anymore. So so I would go with the RT-2600 AC. It's got more features, too. But but that MR-2200, it's an interesting thing. I've been running them here. The mesh works well, but it works well on its own, too. It's just a good router. So so there you go. That's that's my that's my thought. And really, the first time we're mentioning any sort of experience with the the MR-2200 AC here, I've had one for a while or I've had them for a while. And and and initially, there were some weird issues with how the mesh was being built specifically if one device was on ethernet and another one was not. That's like that's a normal thing. When whenever a new mesh product hits the market, there's that you can you can always, I've always been able to find an edge case with it. The real test is, you know, just like we talked about in the last one, is how quickly the company responds and how the company responds. And Synology has been pushing out firmware updates that have fixed all of these issues very, very quickly. You can't, you know, you can do your own beta testing, but once you roll something, especially like a mesh system, anything to do with Wi-Fi out, you know, you just have no idea what it's going to be like. And no, they've been really good about it. So, so I really like this MR-2200 AC, especially as a mesh point. It can be a mesh point with your Synology and then it all really lives together nicely, but you can also add it to other routers too to be a mesh point. So it's very, very capable and flexible device. And let's say you have like a, you know, a Netgear router or something. Well, as soon as you add the MR-2200 AC, you not only get the meshing of it, but you also get the features of it. So you can do like, you know, cloud station and that sort of thing, because you have that device now on your network, which is pretty cool. So, those are some of my initial thoughts on that, John. And do you have any thoughts on this, my friend? No, I'm happy with what I got, but if I had to get it now, I'd seriously consider the Synology stuff. Yeah, yeah, I mean, it's interesting, right? Because you've got, I think you're still running Euro as your mesh system, right? Yeah. Yeah, I don't need any more. I mean, I suppose I could buy. You could always have more, right? It's just that I don't need. No. I'm content with what I have here. Yeah. One interesting thing I found about this is I've never heard of a time capsule reporting that it's overheating. That's weird. Uh-huh. I don't know. Now, it could have a temperature sensor in there. Well, I'm almost certain it does. Yeah. I'm wondering if that, I wonder if there's like dust. This is like the tower. It's like a tower, right? It's not flat. Yes, this is the tower time capsule, yes. Yeah, I mean, yeah, I mean, I've heard of power supplies in time capsules going bad. So yeah, you're concerned about it burning down the house is valid. Well, it's possible. I would assume that they put a fan in there and it's possible. Well, I was thinking fans or vents maybe. Yeah. I don't know what environment you have it in. It may have attracted dust and dirt and the vents are clogged. So it's telling you, but that's impressive. But it tells you that. Yeah. Yeah. I've never seen that before. So I would and I think that alone, the fact that we've, I mean, we've been doing this, how long have we been doing it and have never heard of time capsules reporting that. I would heed that warning. Definitely. I don't think that's erroneous. So yeah. All right. You know what I want to do? I want to talk about our next sponsor, John, which is LinkedIn Jobs. With the new year ahead, you know, it's a good time to set your goals and make sure it'll be a strong one, not just for you, but for your business too. And as I can attest, making the right hire is the difference between success and failure, potentially success and failure of your business as a whole. I've made the right hires over the years and live to tell the tale. I've also made absolutely the wrong hires over the years and thankfully have lived to tell the tale, but have been through some dark times in the business making the wrong hiring choice. And so you can post on a job board and just hope that the right person will apply, but why leave it up to chance? When you can post your job where people go every day, even if they're not looking for a job, they go to LinkedIn to make connections, grow their career and discover other opportunities. That's what LinkedIn's for. That's what I like to call LinkedIn's unfair competitive advantage, right? You're not going to these other job boards if you're not looking for a job, but you're probably going to LinkedIn pretty regularly. That's where they get you because they find you the right people that might not be looking and oftentimes those are the best people, right? So most LinkedIn members aren't checking job boards regularly, but nine out of 10 of them are open and interested in hearing about new opportunities like yours. With most of the US workforce on LinkedIn, posting on LinkedIn is the best way to get your job opportunity in front of more of the right people, people with the right skills, people with the right backgrounds for exactly your role who might be ready for something new, right? This is how it works. It truly is the best way to find a person who can help grow your business and that's why a new hire is made every eight seconds using LinkedIn. I've used LinkedIn jobs. It has truly helped us find some stellar people and here's a deal for you. You can find the right people for your business this year at LinkedIn.com slash MGG and get $50 off your first job post. That's LinkedIn.com slash MGG to get $50 off your first job post. LinkedIn.com slash MGG. Terms and conditions apply. I have used this. You may well find your prime person before you've used up that 50 bucks. Like this is truly something that is valuable here and I'm really, really stoked to be able to offer it to you. Again, it's LinkedIn.com slash MGG. Our thanks to LinkedIn for sponsoring this episode. All right, John, we've got some tips here. Listener Paul has, well, that's kind of a fun tip. He says, listen to podcasts at 1.25 or 1.5 speed. He says it really powers through them and keeps you more engaged, especially if you're trying to catch up to podcasts after the holidays. And he says, you can also play YouTube at faster than normal speed to power through some of the long like hour items that still and still get the info. And he says, since I'm now used to one and a half X podcast, it was a really easy change. I had no idea you could do this on YouTube, but it's right there. It's super easy. So the other tip that I'll offer and this is more for fun than for actual productivity is try listening to a podcast at half speed. Listen to John and me here at half speed. It'll sound like we're stoned, man. Like it's so ridiculous to hear, you know, just plotting through all this stuff. So highly recommend it just for your entertainment. Then then you might want to nudge it back to one or even one and a half as as Paul suggests. So thank you for that, Paul. Good stuff. Yeah, good thoughts on that, John. Options options. Yeah, I like it. Coolio. All right. Let's see. Next up, we have another tip. We actually have several tips in a row here. Another quick tip, though. This one from Scott, who says, the things I learn, if you double tap on the minutes in the iOS time picker, you can change from one minute to five minute intervals, right? Or two one minute from five minute intervals. Like if you're in the calendar, you know, when you're picking times, it shows it in five minute intervals. Well, if you want to set an event that starts at 10, 13 a.m., you double tap on that. And now you can set those specific times. You don't have to wait to get back to your Mac like I've always done and change it there and like type it into the calendar. It's pretty good, huh, John? There was a Reddit thread that Scott linked linked us to. Yeah, so we'll put that in the show notes, too. Pretty good. Any thoughts on any of this, my friend? No, they sound all like happy accidents. That's the thing is, yes. Or somebody just getting curious. So I wonder what happens if I tap on that? Oh, so so now we've referenced the sport analogy. We've referenced Caesar and and with you. Citing happy little accidents. We've now also referenced Bob Ross. So this is fantastic. This is perhaps my favorite episode ever. And we're not even finished. Yeah, OK, moving on. Phil has a correction clarification to offer. He says in in I think it was Mac, he kept 740. You guys were discussing ports and devices. He says, Dave commented that one of the devices was USB 3.0, not 3.1. USB 3.0, as Paul or Phil, sorry, Phil correctly states, is no more and has been absorbed into the USB 3.1 spec as USB 3.1 gen one. So that's yes, you are absolutely correct. And he links us to a Tom's Hardware article that sort of pedantically like in a well thought out way, walks through why this is and how this is and all of that stuff. So yeah, great. So much fun USB. Why? Why USB? Do we have letters and numbers and numbers that being the same thing but sound difference and all of that stuff? It's crazy. It's crazy, John. Any thoughts on all that? One's faster than the other, I think, because it's pretty much it. No, no, no, no, no, no, no, no. Oh, that's what I got from the article. I guess that's true. Yes. Oh, no, you're right. Yeah, one is just faster than the other. Yeah. Yeah. Why they do this to us, though? Like, I just don't get it. I don't like it. Well, I don't know about renaming standards that I find confusing. Yeah. Yeah. Yep. And you're right. One is faster. Gen one, or as it used to be called USB three, goes five gigabits per second, maximum throughput, not guaranteed like all the time, but maximum throughput, depending on the devices. Whereas USB 3.1 Gen two goes 10 gigabits a second. That's what they say. That's it. There you go. Done. Thank you for that, Phil. Good stuff. Yeah, good. We can move on now. Pass that. All right. Listener Jason, we've been talking about USB C. Now that's different than USB three, because as we know, letters define the shape of the connector. Numbers define the speed and capabilities of the transmission. Anyway, Jason says, after listening to Mackie kept seven forty and you were talking, talking, talking, talking about trying to find USB C and Thunderbolt three docks and hubs. He says, I'm part of the Mac admins community and a fellow admin has created an amazing spreadsheet and blog post going over exactly this. And sure enough, Jason has found a stellar list of some of these things here and a Google doc to go along with it that that really kind of lists through all of these, not all, but most of these devices and and how they all work and all of that stuff, the different capabilities. They've got pricing in there. But of course, pricing changes pretty, pretty rapidly. But it tells you how many USB C ports, how many, you know, if is there Ethernet doesn't have display port, doesn't have many display port. So with this list, we'll put this list in the show notes, of course, because it's super handy to have to have and be able to look this stuff up, especially as lots and lots more devices are coming out that are supporting all this stuff, right, John? I got one. What do you have one USB C port? This is what I mean. You have one on what? Well, on a charger. Hmm. OK, got it. Yeah, right, right, right. Which charger is that? A ventive. OK. That combined with a USB C to lightning cable from Apple will let you fast charge. Their latest phones got the fastest charging you can do. Yeah, I was like, I'm going to do with this. I don't have anything as USB C and it's like, well. No, I do. Interesting. All right, well, you for the future, I can use it to charge all sorts of other things. Sure. Sure, that time will come. That time will come. Well, that time has come for me, John, because as listeners know, I, Lucas and my son and I got new MacBook Airs for Christmas. And so I am now in the USB C world here. What listeners don't know because I but you did, John, is that I didn't share because I wanted it to be a surprise is my wife now has a new Mac mini for for her desk at at the house, which has USB C, but also has USB A ports and an ethernet port and an HDMI port. So it's really well, well configured. It's got four. Well, they're they're USB C ports that support Thunderbolt three, just like the two USB C ports on the MacBook Airs also support Thunderbolt three. So very versatile in that regard. And I have to say, I'm going to go through some of the things that I've tested with it here, but I have to say I am I'm really thrilled about this whole USB C thing like the dongle thing. I actually kind of like it because it really gives you flexibility on what you have, especially after living with an air where most of the stuff that I did was off of its Thunderbolt two port or Thunderbolt one port, maybe, because, you know, I wanted gigabit ethernet, which that didn't have, I wanted USB three, which that device didn't have when it was built. But Thunderbolt let you expand and so or let me expand. And so there you go. So I've messed with quite a few of these things over the last couple of weeks as I've been testing these airs and all of that stuff. The there are a couple of favorites that have have shown up for me. IO gear makes a USB C travel dock that has power delivery. So there's there's a couple of features that, you know, and this is why this chart that Jason found is great, because it allows you to narrow down on what you need. A lot of these things, you know, will give you ports, but will they let you power the device through it? Or do you have to if you want to charge, say, your MacBook or your MacBook Air, do you have to plug that the charger into a separate port or can you plug it into a port on the dock? So being able to pass power, aka power delivery is an important thing. And this US this one from IO gear does that. It also has a cleverly included ethernet port in it. So you get ethernet on this, which I find handy to travel with something that can let me plug into ethernet. It's rare that I do that in a hotel nowadays, but it has happened. And when you're on the road and it's midnight, it's nice to already have this device with you. So so that's one of the reasons I like this IO gear thing. It's very handy in that regard. And it's it's 69 bucks. It's got power delivery and ethernet. Kingston also has a pretty cool little hub. It does not have ethernet, but it does have HDMI and a couple of USPA ports that the IO gear one also has USPA ports on it. That's sort of a given. You need some USPA ports and it does support power delivery. So you can go through it and that's 50 bucks. And one that I really like, but does not have power delivery is the very sleek and cleverly designed anchor USPC hub. It's got three USPA ports along the side, an HDMI port along the side and an ethernet port in the end. And the thing is like barely wider. I mean, it's essentially as wide as it would need to be to have an ethernet port on it. That's it. It's really sleek and slim. This will be the thing that lives in my laptop case just because of how compact it is, but it doesn't pass power delivery. Now, obviously, I have two ports on the MacBook Air, so I can charge with one. But having power delivery is nice, right? So so there you go. And then another one that kind of comes in here is Kensington makes what they call a USPC travel dock. It's larger, but for 76 bucks, it's got pass through USB charging, ethernet, HDMI, VGA, which is can be handy. You know, if you're trying to connect to an old projector or whatever, and and three USB ports. So that's that as far as the USPC stuff goes, those are the things that I've sort of narrowed down on. I tested a bunch of others, but frankly, some of them were crap. I will point out, even though the device was crap, so I won't talk about which one it was, but the MacBook Air's USPC ports are spaced exactly the same as the two on the side of the MacBook Pro, which means that those docks that plug into both ports simultaneously will work with the MacBook Air. No problem. Even stuff that was built prior to the air being announced in release. They they I've tried a few of them, few of them. They plug in no problem. I'm a little leery of those because it gives you a real good lever to break those things off with if you've got something sort of plugged right in there, but but they will work. So just so you know. Thoughts on that before I jumped into Thunderbolt, John? No, but we need one of them someday. Yeah. Yeah. So Thunderbolt docks are, you know, they are a thing. And if you have a Thunderbolt equipped Mac, you probably at least considered getting a dock in the past. If you if you don't already have one super handy being able to add lots and lots of ports, of course, Thunderbolt, if you if it's a powered Thunderbolt dock, Thunderbolt 3 dock, it will also power your, you know, it'll charge your laptop so it can act as a desk based charging station. So you don't need to buy another charging brick like that's all included. And the two that I've looked at there are the OWC one for two ninety nine and the Kensington one for one ninety nine. They both pass eighty five watts of power. Our MacBook Air is only the charger that comes with them is thirty. So this is more than enough and they have different configurations of ports. The OWC one has. I don't it has it cleverly has a mini display port on it, which is handy because it sort of fits all those other things. It's got five. I think USB three point one gen one ports and ethernet and and then a couple of, you know, USB ports to plug pass through and audio and all that good stuff. And then the Kensington one has a display port port on it, like a larger display port, which can also be handy, as well as, you know, a bunch of USB C ports and ethernet and all that good stuff. Or sorry, USB ports and ethernet and all that stuff. So it's worth checking those out. Those are both powered. Those have eighty eighty five watts. Io gear has a little clever Thunderbolt three travel dock. It I'm not. I'm not sure where this fits into the mix. It's it's cleverly designed. It contains its own little cable. It doesn't pass power because it has no way of taking power in. It's got display port, HDMI, USB and ethernet, one of each. That's it. So it kind of gives you, you know, everything you might need in a hotel room, I suppose. But you might want another USB a port and it doesn't have that. So and it's one hundred and thirty six bucks. So I'm not sure where this fits in the realm, but it's it's so cleverly designed, I didn't want to ignore it. So that's what I got on those, John. Thoughts on anything else? I got some chargers to talk about, too, especially must be one that I'm very excited about. But but while we're on the Thunderbolt thing, I figured I'd. Yeah. Yeah. Good. Anything. No. No. OK. Well, while we're on the Thunderbolt thing, I'm going to take a detour here and go to our third sponsor, which is OWC and OWC makes all kinds of great Thunderbolt things, including their new Thunderbolt three 10 G ethernet adapter, right? It allows anybody with a Thunderbolt three equipped Mac or PC to download stuff ten times faster than gigabit ethernet plugs right into one of your Thunderbolt three ports. It's got it's actually got a great little design. It's got the ethernet port at the end. Of course, it will also support gigabit ethernet. So this could be the device that you take with you. And you know that you're always going to get the fastest that you can. And this, you know, like this epitomizes the benefits of Thunderbolt because here you have a Mac that either didn't couldn't come with Thunderbolt with a gigabit ethernet or in the case of like the Mac mini that I got for Lisa chose not to order it with 10 gig ethernet. But sure enough, I can add it. That's what Thunderbolt lets you do is it lets you expand the capabilities and OWC is right on the forefront of all this stuff. So you really you got to check this out. So go to MacSales.com and and you know, that's where you can find this. We'll also put a link to it in the show notes here, of course, because that's what we do. But while you're there, you can check out their Thunderbolt 3 dock that we just talked about. And when it's time for a RAM upgrade or you need an external hard drive or a case for a hard drive that you've got, OWC is where John and I go. We just visit MacSales.com. And that's really it truly is the first place that that I shop for any of this stuff because they understand what they're doing. They know what they're doing. They understand their products and they care deeply about making sure that you get the right solution for you. They really, you know, there's a reason they've been in business. Well, let me put it this way on Friday. Yeah, Friday the 28th, Mac Observer, we celebrated our 20th anniversary. OWC has been in business, I will say, far longer than we have. They really do know what they're doing. There's a reason that they've been around this long. You got to check them out. MacSales.com and our thanks to OWC at MacSales.com. Otherworld Computing for sponsoring this episode. All right. I promised chargers, John, and one in particular that I am thrilled about is the Anchor Power Core Speed 20,000 P.D. Now that sounds all fine and good. What is it? Well, it costs 100 bucks. OK, what is it? It is two things. It is a wall charger and a battery pack. The battery pack has both of these devices, in fact, can output up to 30 watts, which means you can use the wall charger to power your MacBook Air and you can use the battery to power your MacBook Air. Real simple, just USB cable, USB C cable and boom, you're good to go. Very cool that we can easily power our laptops with batteries now. Of course, those of you that have had USB C laptops for a while already understand this beauty and if you didn't already understand this beauty. Well, now you do. It's a really, really beautiful thing. So. So thoughts on that, John? Oh, did I like the P.D. thing? Yeah, I'm following along. Yeah, the thing I mentioned had that too. That's what allows fast charge with a lot of things. Right. Right. Yeah, the whole idea of sending more than five watts or more than 10 watts, I guess, over USB is is sort of what falls into that P.D. or power delivery range. And I think power delivery by definition goes over a USB C port. Right. But yeah, I'm stoked about this, especially for for CES. I'm curious to see how much I'll use this battery to to power my laptop. I mean, you know, I get easily getting eight hours of battery life out of this thing. So I don't know that I'll even need it. But but, you know, it's much better than the old days when we had to jury rig like a battery and splice a MagSafe connector together and do all that stuff. I like I like our new, our new underworld here, John. It's good. Yeah, those are dark days. Those were dark days. Yeah, I agree. Well, when they're making everything proprietary, I mean, they still do it here and there a bit. Yeah, yeah. Yeah. Yeah, yeah, yeah. Yeah, it's good. Well, I like the power power delivery stuff. It's fun, makes life makes life more fun. So it's good. Any any other thoughts on that before we before we move on to whatever's next here? Oh, whatever. All right, whatever. Whatever. All right, Greg has a question. I don't know that we're going to have a good answer for this to be perfectly honest, Mr. Braun, but Greg says, I'm looking to change my Apple ID, but I can't quite figure out how to do it and I don't want to destroy any of my data. I think we're going to make this one a geek challenge, but maybe we have an answer for him, John. It says, so I figured I'd ask your advice. He says, here's my situation. And this is the details are important. It says, years ago, I created a mobile me account and I still have access to that Apple ID and its email. With the advent of iCloud a little while after that, I created a separate Apple ID, not using an iCloud email address, but using my work email address. That's the Apple ID I've been using as my primary iCloud account for logging into devices, handling App Store purchases, iCloud Photo Library, etc. So that's the main one. It says, I'd like to change my Apple ID from my work account to an aticloud.com email address to simplify things. It says, I found a support article from Apple, which is informative, but doesn't give me quite the info that I need. And this article is titled. Oh, come on, Safari, do your job. The article is titled if you've forgot your Apple ID and you can go through and change some things. I'm not sure why that would be the one that he found. But OK, says, in particular, I don't know how to add how to add an iCloud.com email address as one of my reachable ad addresses. It won't let me add my old mobile me address, presumably because it's an active Apple ID. I thought that maybe I could just create a new iCloud.com email address when trying to add new reachable ad addresses, but that doesn't work. After entering several addresses that were rejected as unusable, I found one that was only I found one that was but only to be told that a verification code was sent to that address. Not what I was hoping to see. He says, I know there's no way to combine Apple IDs. And, man, I wish there were. You know what? I'm with you on this, Greg. But is there a way to downgrade an account so that it's not a fully fledged Apple ID but just an email address? If so, then that's probably my simplest path forward here. So, yeah. All right, I want to help the discussion here. OK, please go all the way to the bottom of that article. So I was wondering that, too. But now I think I could go all the way to the bottom, see that thing that says change your Apple ID. I do. I think that's what he wants. Because that goes into some of the details that he brought up here. Yeah, there's another article about changing Apple IDs. Yeah. And if you click on that, that makes it because he says that's what he wants to do. And the thing is the article itself has two classifications. It's like, does your Apple ID end with this, this or this? Or is it not a Apple? Right. Suffix. And depending on what state you're in, you may be able to go in one direction. They outline all this in the article and they tell you how to do this. So you got to log everybody out and stuff. But if the goal is to get away from the work address, which, you know, oops. Yeah, this seems to allow that you can go in that direction. You can't go in the other direction. I think that's that's the summary here. Yeah, I don't know why he was getting some that weren't permitted unless someone else already had them. I don't know. Oh, yeah. But I mean, he said he found one and maybe that was it. Maybe the one he thought that he found. There's that whole reachable at thing. And you can add an Apple like an iCloud dot com address to that section, at least according to Apple, even if your main account is not an iCloud dot com address. It says if your Apple ID is a third party email address, you can enter an iCloud, me or Mac dot com email address that's already associated with your account. And to see these, you go to apple ID dot Apple dot com and check the reachable at section in the account section. So I think I think what he wants to do is possible. However, I don't know that you can do what he wants and downgrade this other one. That's the real question is can you take can you take an Apple like an iCloud dot address or a me dot com address or a Mac dot com address and after the fact, merge that in. And I think the answer there is no, I think. But but that would be worth calling Apple support or, you know, using the Apple support app and just asking about before you punt on that and find a different address. But I think if you find a different address, you can you can do this. I've been able to add addresses to my to my account before. And that seems to work fine. And then they stay as like sub addresses and you can promote them out. But I think once you've promoted them out and once they stand on their own is fully fledged, I don't think you can downgrade it. But if there's a way, I think Apple supports the way to do that. So, yeah. Yeah, it's kind of crazy. And yes, I again, I will say I truly agree with you and wish that Apple would. Would would let you merge Apple IDs. I mean, I grok that that probably creates major headaches on the back end for them. So maybe that's not the maybe that's not the right way to go. But still, you know, it would be it would be helpful for us as users. So any more thoughts, John? Nope. Nope. All right. Then let's go to David. And David says someone donated an old iPad A 1337 to a charity my wife works at and she brought it home for me to troubleshoot. And I can't seem to get past one thing. It won't boot. He says it's odd when plugged into any of my USB hubs or Mac mini. The screen will have a little black black background flicker and nothing else. If I use one of my iPhone plugs and plug it into the wall, though, I can get it to boot to a connect to iTunes prompt holding sleep and home. However, when I unplug it and to plug it into the computer, it immediately shuts off. Is the battery just completely toast and this thing is bricked? Or do you have any other troubleshooting of suggestions? So it sure sounds like the battery is the issue here. And I, you know, I'm wondering if you could find a USB hub or like a Thunderbolt dock like I know my my Thunderbolt 2 dock that I have on the iMac downstairs from OWC has obviously a bunch of USB ports on it, one or two. The two on the side are high speed ports, but they're also sync ports, right? So you can use them, say to power an external hard drive or fast charge your iPhone or iPad or whatever. I wonder if that's what this needs. It needs enough power to actually run the thing because the battery is dead. So plugging into a port like that, that also then syncs with the computer and then doing the, you know, the thing where you you hold down the sleep and home would allow you to have the computer see this. I think you need a higher powered USB port than your computer or existing docks or hubs provide. And I think that. But the core issue is that the battery shot, I would agree with that. And so maybe you just want to do a battery replacement on it. And then, you know, then it sounds like you you might have a further option down the road. I don't know. That's that's my thought. What do you think, John? You could run a tool like coconut battery, which requires you to connect via USB to your device and it'll show you the battery level and it's probably like zero or something. Yeah, I think that's the problem. It won't even see it right because it's not powering up to announce itself. I think he needs more power, but I agree with you. Yeah, coconut battery would be the way to do it. Yeah, would have. Well, no, the steps holding on those two buttons is like doing a restore or something. It puts it into. Yeah, puts it into. I don't know if we call that DFU mode, but we put it into restore mode. I think that DFU mode is one step past that. But yep, yep. Yeah, it's pretty crazy. Pretty crazy. All right. Any other thoughts before we before we move on here, John? No. All right. Gary writes, he says, my late 2015 I Mac has been having moments where the machine will momentarily freeze with the beach ball, hiccup on iTunes and doing other random tasks. The problem is particularly noticeable when I'm watching a YouTube video. And if it's a longer one, like part of a video game walkthrough, the video will freeze, but the audio will continue. And eventually, the video will speed up to the current point and resume on iTunes. The song I'm listening to will momentarily stop and then resume. And sometimes even deleting an email will cause a hiccup given the machine's age. I'm thinking the internal hard drive is showing warning signs of its impending demise. My Apple care runs out at the end of the year. And as we all know, Apple care is a one time deal and you cannot renew it. Says, I know it's the machine because I don't have these issues on my phone or other laptop on the same network. So I've seen videos on how to change the drive on YouTube, but it looks pretty tough for my comfort level. He says, I do a new can pave each time Apple releases a new version of Mac OS. So I just wiped this back in September when Mojave was released. So I don't think it's a software issue. He says, I use Google Chrome as my default browser. The US and programs are all up to date and I have security software running. So, yeah, I would tend to agree with you. I mean, you could boot in safe mode and see if this happens to kind of skip any potential, you know, CPU type things. I mean, and that's actually one thing I would check is launch activity monitor. If you're running something like I step menus is the CPU pegged at these times when it's lagging? If it is, then that's something to look at, right? You know, and but if it's not and especially if it's happening in safe mode where you're not running whatever security software might be there because that too is sort of built to get in the way or just disable your security software temporarily to test this barring that, yeah, I think it might very well be the drive. It's possible, you know, it's it's hard to say for sure, especially, you know, troubleshooting from a distance via email. But but, you know, if you've got AppleCare that runs out before the end of the year, get a case open with AppleCare right away. Even if you're going to do some more troubleshooting on your own, get a case open with AppleCare right away. Because I think once you've got the case opened and reported the issue, even if like they don't have an appointment for you right away or whatever, you'll still get the benefit of it being covered under AppleCare, you know, if the case opened before it expired. So, yeah, that that would that would be that would be the thing. I I'm not convinced that it's the drive. It this does sound like a CPU or even GPU thing, although the iTunes thing iTunes thing sort of mitigates that that negates that that's not that's not the GPU, but it could well be the CPU getting bogged down. It could be your security software or it could be the hard drive. But I'd open an AppleCare case before your AppleCare winds up. So, yeah. Thoughts on this, John? Yeah, I could see a dying hard drive is affecting performance because you're going to be you may be swapping. Sure. From that drive. And if the drive is starting to fail, it's going to take longer than necessary, causing pauses. All right, maybe. Yeah, maybe. Yeah. Yeah, I mean, I've certainly seen, you know, what he talks about with with iTunes lagging and email, you know, deleting an email, causing a lag, like that that definitely could point to the hard drive, you know, especially once we sort of disable whatever security software it is, just to get that out of the way, because we don't know what that is and it could that could very well be it. But but it wouldn't surprise me if it was the hard drive. But, you know, it could be something else, too. There's there's other things to look at. So, yeah, yeah. All right. Any more thoughts on that, John? Moving right along. All right. Are you ready to do Jim here, John? We've got a little time to do that. Yeah. What do you want me to do, Kevin? OK, let's do Jim. Let's do it. All right. So, Jim asks. Do you know of a utility for auditing a system security certificates on a Mac, comparing them to the current Apple default certificates? Then you wrote a letter with a little more detail. And I don't think I'm going to read the whole thing here, but I'm going to try to get to the just a bit. All right. So, as we all know, security certificates help secure and verify someone's identity. And you have some on your machine. If you run keychain access and they go to system routes, it's going to list the certificates that are trusted and they're given to Apple and they will update that when they see fit. So, he found an article, which one is it here? Yeah. So, which certificate is trust by Apple? So, there's a sport article that shows that, OK? And it's like, OK, well, that's interesting. And it lists them all out. And but then it also gives instructions on how to look at, at least on the Mac, what they call the trust store. And there's actually a file, I guess we'll pace that path in here, where if you look at this file, so it's an HTML file, so it'll open up in your browser. But if you find this file and click on it, it'll show you the same thing. But what it also shows you is the trust store version. And I think the current one is 2018071800. Then he said, OK, and by the way, I noticed the discrepancy between the stuff in the article and the stuff that I see in the trust store file on my computer. And he identified certain certificates and I verified that they were in fact installed on my system. So, I don't think there's anything to worry about. Here's what he found is basically, Apple hasn't updated that article. Aha. So that's why he's seeing a difference. And I figured what they did is so between, because the article says this is for macOS 10.14, not 10.14.2. So it looks like they haven't gotten around updating that article yet. So I think he's OK. OK. Then he identified another certificate that also wasn't listed there. And I'm like, OK, fair enough. And it's actually an Apple Developer certificate. And I think it may not be listed in the trust store because it's not a root certificate. It's an intermediate certificate. But now back to the question of is there a utility where you can audit your key chain? And I would say the best utility is probably key chain access. Yeah, it's a manual audit, right? There's no way to say, make sure I have the defaults, right? What you could do, so you can click on system roots, you can click on a certificate, you then go to the key chain access menu, there's then a certificate assistant menu, and then there's an evaluate, never certificate, you just got. And then that brings up a dialogue and it's like, what do you wanna do? You wanna, you know, check out an SSL, SMIME, or just, you know, general. And if you say that, it'll then show you the trust tree. And it'll show you the same thing that you see for the most part in the, what you see in key chain access list, but it gives you a little more information. It's like, oh, by the way, this certificate is also here, and you know, here's the one authorized. So you'd be like, for example, the intermediate developer one, if you put it through this certificate assistant, it'll say, oh, by the way, I'm signed by the main Apple developer certificate. So it's like, okay, that's good. Huh. So you're not, the thing is you're gonna see, basically with key chain access, if you see something and it has a red X as the status, there's something wrong with it. It's either expired, it may have been revoked. Those are the two really only good reasons, or somebody just screwed up the configuration of it. Sure. I think what this tool also does, so there are some protocols, OCSP or CRL, that I believe this enhanced certificate assistant actually does reach out over a network to check with the server to say, hey, is this really? Yeah. Good. Oddly enough, the latest version, Dave doesn't seem to have any, that they took away the ability to configure these protocols. Remember you used to have an option, you could say like, yeah, maybe use this if you can, or always use this or never use this. That's gone now. So they've changed that. So I'm assuming they just make the functionality in, where it'll try to reach out over the network. And I'm like, you know, I don't think there's anything to worry about. And then got another response saying, well, you know, there was somebody that pulled this fast one a while ago. It was a vendor that released the, I think it was a headphone software or something. And the problem is, they had a self-signed certificate that they had you install, I guess to then interact with their software. That's a really bad idea. And what happened is it was kind of an exploit because I guess the thing is they didn't encode it properly. So you could read the private key. And so, so it's possible for somebody to try to pull a fast one by doing something like that. So that was just a poor implementation of certificates. But even if that did come up, but the Mac should ask you, especially if something is like, oh, well, wait, this is a self-signed certificate. Are you sure you want to trust this? I think the Mac will usually flag that. At least like with the, so for example, I have a self-signed Synology certificate. And I think the first time you encounter the site, the Mac will say, hey, this is self-signed. And it's like, do you want to trust it? And I'm like, yeah, because, you know, I just generated it. Yeah, right. Yeah, of course. Yeah, yeah, yeah. Of course. Yeah, if you know, you know, yep. Yeah, so you should always get a warning with self-signed certificates, which basically mean that they, yeah, you say, hey, I'm okay. Is what a self-signed certificate, whereas a signed certificate by a CA means, well, I say he's okay too. It's like, oh, all right, well. That's fine, yeah. So I did some digging on this too. And I found a Reddit, no, it wasn't Reddit. It was a Stack Exchange thing that goes all the way back to Snow Leopard where someone was essentially asking, how do I restore the default certificate settings, right? Because that would be a way to say, yep, look, I just want to wipe the slate. I want to make sure I have what macOS wants me to have and nothing else and let's go. And there's no way to open key chain access and say go, right? But if you were to wipe a drive and install a fresh copy of Mojave and update it to all the latest and greatest, whatever, let software update do its thing, then you would have a default set of certificates. And those would be the .keychain files in system library keychains. And you could take those and then replace them or put them in place of the ones that you have on your existing system. I don't have to say, but I'll say it anyway, that I highly recommend you back up your systems before messing around with this stuff. But that should work, especially if you're just taking the two .keychain files or I think it's three now, but moving those and wiping out anything, you know, any other .keychain files that are there, then reboot because you're changing some core level stuff. It's always better to reboot when you do. That should get you there. Like that, in fact, I can't imagine why it wouldn't. You'd still have any of your user certificates that you install because those are stored in your user's keychain, not your system keychain, but this would wipe out any of that stuff and get you the default things for your Mac. So that would be one way to do it. That'd be one way. That's what I got. That's something I would spend my time on, but. Fair, fair. Okay, yeah, yeah, no problem. Now there is a parting word, so I'll have to see if I can find that article, which about that exploit. Yep. But now there is something called certificate transparency that is kind of making the rounds, and I think it's an attempt, I think Google is leading it, or at least I thought they hosted a page talking about it. Yeah, you've mentioned this before. Yeah, yeah, yeah. Well, I think you mentioned it to me. You're like, I heard of it. I think you heard about it at Paktac, right? Oh, yeah, that could have been. Yeah, you're right. And you were like, hey, you should know about this. I'm like, okay, so I looked, and it's basically an effort to open up the standard so there's more touch points so that if a certificate gets compromised, some will know about it sooner rather than later. I think that's basically, this is accomplishing. Yep, yep, makes sense. Makes sense. Right now the way the system is set up is somebody manages to forge a certificate, saying it was signed by you, but it really wasn't. There's no way for the current infrastructure to let you know that, whereas I think this is an effort to tell you, hey, you know what this certificate was issued under your name, or did you know about this? Sounds like a great idea. That is a great idea. Huh. Yeah, of course, it also, you know, I mentioned, when I mentioned the OCSP and CRL, which are the network messaging ways that you can check for certificates that have been revoked. I've always had a lot of people say, yeah, good luck with that. Right, yeah, yeah, yeah. And it's hard to deploy that properly. So I guess this is an effort, sort of a good transparency is an effort to kind of fix that. Yeah, fair. Well, it's good. Well, it's good. Coolio. All right, well, that's, I think that's gonna do it for us today, my friend. It's been, I know, it's been great. Like, lots of information in this show. I learned way more than my five things. But it's good. It's great. And it's, I've learned, I can't even count the number of things that I've learned all year doing this show. So thank you to all of you that listen, all of you premium supporters that support, all of you that send in questions, all of you that send in tips, and of course, everything else and interact. And of course, those of you that visit the forums at mackeycup.com slash forums, it really like, I'm sure I've said this every year, but you know, it's like, ah, I just love where this community is and where we all are together. So I couldn't be happier. Actually, I could. Let's make the community bigger. Tell everybody, you know, really, seriously, like that's the, that's the thing. Just, just spread the word about mackeycub. And the easiest way to do that is to tell people to visit mackeycub.com so that they can get their questions answered. You know, that's, that's usually a good entry point. Like, hey, if you got a problem, ask those guys. They might actually answer it, you know, for free and talk about it on the show. That's pretty good these days. So that's what we do. That's what we do. Yeah, yeah, yeah. All right, what else do we have here, John? We talked about the email addresses, you premium folks, you know that you can email premium at mackeycub.com. And if you want to learn more about that, mackeycub.com slash premium. Talked about the forums. I want to thank, I'll say thanks to you, John, for yet another year of doing all this. I'm looking forward to CES next week. I think our next episode will be recorded at CES unless we foobar something, which of course is possible because not only will we be recording from the road, but we'll be recording on a new setup because I'll have that air with me, although I don't foresee any issues. If I do have an issue, I know who to call, except it's us, so there you go. Actually, I know some other people to call. We all have our support systems and that's how it goes. Thanks to Cashfly at CACHEFLY.com for providing all the bandwidth to get the show from us to you. Thanks to all of our sponsors. Of course, at Lassian with Opschini, as we mentioned earlier in the show. Otherworld computing at maxales.com, LinkedIn jobs at linkedin.com slash mgg. Smile at smilessoftware.com slash podcast. Eero at Eero.com slash mgg. A couple others coming up too. It's good stuff. That's what I got. Happy New Year, everybody. Have a good one. Make sure you have fun. Make sure you're kind to everyone around you. Answer a question. Share the show. John, any words from you as we make our departure and say goodbye to 2018 and say hello to 2019? I would say you all made it. Congratulations. It's the end of 2018. And I'm pretty sure none of you got caught.