 MacGeekGab Episode 653 for Easter Sunday, April, April, April 16th, 2017. And welcome to the Mac Observers, MacGeekGab, the show, where you send in your questions, tips, your cool stuff found. We share it all like car talk for Apple Geeks. We're here for all of us to learn at least four new things. And the first thing you're going to learn is we speak a lot of Spanish in my house. And when I went to say April, I confounded that with the Spanish abril. So I think that's what happened in the old noggin there here on a Sunday evening. We'll see what else happens in the old noggin during the rest of the episode. Sponsors for which include Otherworld Computing at macsales.com. We'll talk about something you might not know about those guys in the spot about them. TVEdit celebrates its 25th birthday this week, celebrated its 25th birthday this week. We'll talk about that and more during their spot. And Eero, E-E-R-O.com, the home mesh Wi-Fi, we'll talk about them, including the new pricing and where you can get it during their spot here in Durham, New Hampshire. I'm Dave Hamilton. And here in Fairville, Connecticut, John and Ron. John F. Braun, happy Easter, man. Yeah, I believe we both got back from our various family Easter-themed activities. Indeed. It was a good time. Easter is always a good time to get together with family and friends. Yeah, we went out for brunch this morning and then my wife and my son each had stuff to do, so my daughter and I went down to Portsmouth and just walked around a little bit. It was a couple hours ago or whatever and I was thinking, oh, I had this fork in my brain where it was like I could be, I could, I'm not, but I could be upset that I have to go and quote-unquote work tonight and do the show. And this is work without question. And I was like, but wait a minute, I'm really happy to come do the show today. I'm stoked about it. A, I'm stoked that I get to do this and call this work and B, I'm stoked just to do it because it's, you know, we always have so much fun together. So it's, it's a wonderful thing. And, and people are saying, oh, that stinks. You have to work on the holiday. It's like, no, it doesn't actually. It's all good. So let's, let's start with a couple of, a couple of tips from a couple of Scots, shall we? And I mean that by first name, not by nationality, although it could be both. I don't know of Scott. Number one writes in and says, he says, I have a quick tip with regards to Siri and fan behavior on my Retina MacBook Pro 15 inch. I'm not sure if this applies to all Macs with Siri capabilities, but I noticed on my mid 2015 Retina MacBook Pro that if you launch Siri whilst the fans are running at an accelerated pace, i.e. fast enough for you to hear them, the system temporarily shuts off the fans or turns them down in speed until you either stop the Siri initialization or it assumes you're finished with your Siri query, which is a phrase that Scott has coined. And so we're going to use that here. Siri query. I like it. He says, I assume this is to help ensure that your vocal input isn't hindered by the sound of the fan spinning right next to the microphone. So yeah, I don't know if it does this on desktop Macs, but but it certainly makes a lot of sense on laptops where the fans and the microphones are in very, very close proximity. So nice little find. If you need to spin down your fans and you don't want to use a third party app to do it, just fire up a Siri query off you go. Pretty good. So and Kiwi Graham in the chat room at macgeekab.com slash stream is saying that noise reduction works on his old non Retina MacBook Pro as well. So good stuff. Thank you, Scott. And now that we're finished with Scott, let's go to Scott because Scott Scott says we were talking in the last episode about a keyboard command to lock your Mac. And Scott says that keyboard command is control shift F 13, which is the eject button. If you don't have an F 13 on your Mac, they are they are one in the same. He says, I don't believe it can be changed, at least not. You can't be changed in system preferences as far as he knows. And I tend to agree with that. But control shift F 13 will lock your Mac. So very cool. Thank you, Scott. It's good luck. My MacBook Pro. That's that's great. And not my podcast machine, because I've learned not to fiddle with it when we're working. Yeah, we're working. Yeah, exactly. Yeah. Yeah, I think we've both made that mistake at least once in the last 12 years. And, you know, it's fine. We we we do go out on limbs and and and explore the edges in order to answer these questions and share the stuff and make sure that what we're sharing is is actually valuable and safe for you. So sometimes that causes us a little bit of trouble, but it's good. All right. And then kind of extending a conversation that we've been having for a little while, Daniel writes, he says, I have to admit I've been a bit alarmed about all the things happening with LastPass since I have used that app for years. Of course, I don't want to use anything that may be compromised and not and not when that has, especially not when that has my passwords for everything else. I originally found out about LastPass through another podcast over on the Twit network, Leo LaPorte and Steve Gibson. Steve, being the host of security now over there, seem to be really big fans of LastPass. Steve, who does security now, still recommends it. He even discussed it yesterday on the screensavers, the new screensavers with Leo, and he says he sent us a little snippet about about this segment over on security. Now, we'll put a link in the in the show notes where Steve talks about he said and actually Daniel summarizes it here. He says, Steve Gibson thinks it is still fully safe to continue using LastPass. He claims the reason LastPass keeps getting into the news is because it is it is the only one being tested by White Hat hackers. And that is and that everything that they find is fixed. He also claims that one weekend they fixed over 3,000 things before they even got out into the wild. Steve's reasoning that LastPass is safe is because it keeps getting tested and they continue to fix it. Some of the other apps are not even being tested. So, so he says, you know, I mean, that sounds like good logic. And Daniel continues, said, you mentioned the episode that you would rather be with a company that continues to stay on top of upsetting itself, updating itself based on this. I'm curious if you still think LastPass is unsafe. Obviously, Steve Gibson is a huge fan. And I wonder if he could be blinded by the fact that he is a fan. Do you agree with his claims and decision to continue using it? I certainly don't disagree with Steve on this one. It's true. He's a fan of LastPass. I'm not, but in I could I could easily suffer. The blindness could could be the same two sides of the same coin. Steve really likes LastPass and defends it a lot. I don't like LastPass, but it has nothing to do with their their infrastructure or anything like that. I just don't like the user experience of using LastPass. It's it's clunky to be quite frank. And and it's been a while. It's been maybe 18 months since I tried it. I actually considered moving over to it because I know John, you're you're a user and and I tried it. And it's just like it was a little there were some things it does that I like and some things that I just couldn't get over. And so I stuck with one password for for that. I also I use one password in tandem with iCloud Keychain. And that way I have my password vault in one password, which is way easier to use when I have to look things up. But iCloud Keychain, of course, is right there in my browser on Safari on mobile and LastPass or one password. You have to invoke a, you know, the the extra app and it's an extra step. So I like having them both and it actually with one password in any way. That is pretty seamless. Having two password managers running, no problem. So that's that's what I stick with. But but yeah, I don't I don't have. I don't have a fundamental issue with the security of LastPass, especially considering how great they've been staying on top of of all these things as they've been announced. So there you go. Thoughts. I the thing is they have improved their UI slash UX as you refer to it. Yep. Or at least in your your reply user user interface and user experience are very related, but they are two different things. In fact, user interface is a subset to me of UX, which is user experience, the entirety of using the app. The interfaces is just one part of that. And so there you go. Right. Yeah. And UX I would define as the number of times you don't want to shake your fist. You are not shaking your fist at something in that or even praising it that way. But right. Yeah. Yeah. Exactly. You know, you do bring up an interesting question, though, is that. Why have we never heard about iCloud key chain exploits or issues? Are there any has anybody ever hacked it or compromised it? I mean, we hear about it with LastPass and on a less frequent occasion. Sometimes one password has an issue. Yeah. I haven't heard about any with iCloud key chain. And certainly to me, that would be the biggest one to target if I were a hacker, right, because you figure people that are using a third party password manager like a LastPass or one password, they're they're a little more active about it. I don't want to say they're more knowledgeable necessarily that could be. But certainly they're they're taking an active role in choosing to do this. And they and for many of them, it might be something they've been doing for a while since before iCloud key chain existed. But let's face it, iCloud key chain is the simplest password manager to install on your Mac because it's already there. And as we noted, it syncs between, you know, your your iCloud connected devices, your iPhones and your iPads and your Mac. So if I were going to target something, I would start with iCloud key chain because I figure, well, these are potentially the least savvy or the least attentive users in terms of of people storing their passwords. So, yeah, it was actually. So I was just in my parents and the thing is at one point I was like, you know what, I think they need this on their Mac. And I looked and due to, I think, a recent. OS update and default behavior. I found out that they were using iCloud key chain. Yeah, to manage their passwords within Safari. And that was great. And and I'm like, OK, you you you have a password manager. I'm like, all right, here's some tips. You know, maybe you want to not use the same password on all your sites. And then they took my advice and it works right for them. Yeah. Yeah. Cool. And they didn't even know they were they were using it all of a sudden. They were just so seamless. Oh, wow, I can log into Amazon and this and that. And it just happens. I'm like, yeah, you're good. Yeah. Now I will I will rant quickly. And then I do want to move on. We have a lot to go through today. But when you have passwords in iCloud key chain, it is possible for iOS app developers to include a reference to that so that you can allow your app to log in with to, you know, let's say let's say it's American Airlines for, you know, for lack of a better example. So you can go to americaa.com and iCloud key chain will remember your password and you log in and you're good to go. You get into the app. The app could reference the iCloud key chain and say, you know, ask the user for permission to use the iCloud key chain reference for our website. And there's a way to prove your website to the to iOS. You don't even have to, you know, show it to the user. But then the user is asked, you know, this is this is wanting your password from a.com. Do you want to provide it? And then you say, yes. And boom, it fills in your password. That takes four lines of code. OK, so any app that doesn't do it is because it's because they're lazy. And I just want to say that and I'll just leave it there or clues or both. I guess a clue is certainly possible. Yeah, yeah, if you don't know, well, now you know, and you can tell these people. I mean, I've seen it done and it's it's just four lines of code because the framework is all right there and you just do it. So anyway, there you go. OK, moving on while we're on the subject of security, we will we will go to Wesson here because Wesson brings an interesting thing up. He says, there is now a red dot on my system preferences icon in my dock on my Mac Pro. When I click the icon, system preferences opens in the iCloud preferences and offers to quote unquote finish setting up two factor authentication. He says, to my knowledge, I never started this process and I don't want to finish it either. I'm just not ready yet. I'm not sure I even want to. What's going on? Is Apple going to force us to use two factor authentication? Well, not quite yet, but it wouldn't surprise me if we do get forced to use it. My son, when he upgraded his phone recently to ten point three and then, of course, ten three one, he was asked and pestered to update to two factor authentication name. So I have to upgrade my parents iPad, my dad or one app. He was like, hey, you know, why can't I run this app anymore? And I said, well, you need iOS 10, whatever to run it now. Yeah, like, OK, let's upgrade it. And I saw the same thing as soon as it upgraded to iOS 10. There was a red dot in the preferences saying, by the way, do you want to do this? And I'm like, not now. Yeah. Yeah. So I saw it, too. So so they're they're they're suggesting really encouraging. Yeah. And Lucas also, my son noticed he had always used an alpha numeric passcode and it was three digits, three alpha numerics. It wasn't actually digits. It was it was letters. Well, yeah, but here's the thing about using a non-specific password or passcode length that it's very difficult to hack because if you have a four digit or a six digit passcode on your phone, people that are trying to hack it know that it is either four digits in length or six in length and that it is digits only. If you use alpha numeric, you have no idea how long it is. It's just a text entry box and the same with a non-specific. Like I have a not four or six digit passcode on my phone. And if you go to enter a passcode, you won't know how long it is. So so there's some security there. I agree that three digits is short, but you again would have to know that it was three in order to find, you know, to begin finding out what his is. And of course, his is alphanumeric, right? But anyway, I was thousand choices and you're going to expire that. And then you're going to lock the device way more than a thousand choices with an alphanumeric. Oh, all right. So you got 10 plus 26. Yeah, or whatever that is. Yeah. Yeah. It's a lot more. Right. So, you know, anyway, he's had this for a long time. 10.3 yelled at him about this. And it said in no uncertain terms, you have one hour to change this. And it pastored him every 15 minutes until he changed it. And it said, after an hour, your phone, you can't do anything on your phone except change this from, you know, a three, three letter thing. So obviously he changed that, too, because because he had to. So so, yeah, it's getting a little a little tighter about the security there. But, you know, that's not. I mean, it's not a bad thing. It's just annoying, you know, it's how it goes. Right. Good. Right. Can I take a second, John? And I want to thank all our premium subscribers. Well, I want to thank all of you at Mackey.com slash premium, if you want to learn about how to support us directly. We both thank them because without them, Dave. Yeah, where would we be? Yeah. It like I said, you know, it takes both the premium subscribers and the sponsorships. That's what it takes to to make this happen every week. So it we really appreciate both. And and as we started doing recently, I want to thank the people specifically who either contributed this week with one time contributions or your monthly or or bi-annually contributions. And so I will start with the bi-annual contributions. Twenty five bucks every six months is what that's set at. Although you can you can pick an amount if you choose. But these are all twenty five. Daniel R. Michael S. REL Donald S. Andy D. George C. Willie M. Gary B. And Jed E. Thank you all. Thank you. Thank you. Thank you. In the monthly ten dollar a month level, we have Paul M. to thank. Thank you. J.C. Gary B. Joe S. Another J.C. John G. Mark R. Barry F. And Ken L. And then we did have a couple of one timers this week for 100 bucks. Brian H. Thank you. And for 50, Kenneth M. Thank you very much. So that's like I said, it really means a lot. You can learn more about it at mackeykeb.com. I think it's that Barry F. The Barry F. I think it is. Well, it is the Barry F. Of the week, of course. I know I think you're right. The very F. Who was our first first subscriber? That's right. Thank you. Yeah, Barry. Yeah. Cool. All right. And and with that, let's let's move on. Again, a couple of follow ups related to recent shows, some actually interesting ones. So Thomas brings us to an interesting solution. He said. I just listened to Mackeykeb 651, where you were talking about adding an iPhone and a Wi-Fi network to the iPhone's priority list. And he says, a quick tip for Scott, who wants to generate and deploy a dot mobile conf file using online MDM service, mobile device management service like Jamf Now, which is a recent sponsor of Mackeykeb. In fact, you can get three devices for free for life. Still the link works. It's jamf jamf.com slash MGG. But he says you can manage all types of things for your iOS device remotely. And this is truly remotely. You can go to a web browser on your phone or on your Mac or whatever and push changes to a device that you've approved to do this wirelessly, like from on the other side of the planet, if you want. And so this can be mobile device management. It's one of those things. I mean, it's it's built for corporations to use to manage, you know, all the devices that you might have. And you can actually lump them together and say, all right, on this group of devices, push this profile out. And that profile might, you know, install certain apps on the device or like this push, you know, certain Wi-Fi networks to it so that they can automatically connect without having to, you know, you don't have to change password on the device and manually do it and all that. It's built for that. But I've I've long been a fan of managing family devices, even my own devices this way, because it's way easier. You just say, all right, great. I want to push this change out to them. And it just happens. It's like magic. And it's built into the iOS and Mac OS to do this. So that's an interesting thought for Thomas. Do you have anything on that before I before I kind of lump the same concept in for a different purpose with Aaron, John, I think it's actually mobile dot mobile config, or at least when I look at a something I created with Apple Configurator 2, it does end with dot mobile config, which is the suffix of that file. Yeah, that's right. You can use Apple Configurator to manually push stuff to the phone or create these profiles that you manually push, but you can use a third party service to do it just totally wirelessly over the air, which is pretty awesome. When you get down to it, it's really just a text file, but it has things that the device will say, Hey, I should do this or you can force it. And, you know, we've talked about that in prior shows, right? Much to my joy and that it's also it can solve a lot of problems and that you can solve problems with your iOS device, which otherwise would be impossible. Impossible. So that's right. Yep. Yeah, so I'm learning. Yeah, it's pretty cool. Yeah, it's pretty cool. All right. And then, and then Aaron related to the last show says, I was listening to 652 and I was really pleased to hear you mentioned that you should never delete your old certificates. This was a mistake I made. He says, he says, then I got caught or so I thought I had to restore an iPhone from an iCloud backup after getting the phone replaced under Apple care. And I found that all my email certificates, my SMIME certificates weren't included in the backup. I had to find each cert, export the P12 file and then email it to myself. This was very time consuming and not very pleasant because, of course, at least the first certificate had to be emailed to my iOS device unencrypted. That's true. That's the only way. Or is it? He says, then I found a better solution. I took all of my exported P12 files, which are the certificates that you're going to use. You know, we talked last week with with Jeff Butts about, you know, creating your your SMIME certificates that you can do encrypted email on both the Mac and iOS. And that's what these are. He says, so I took all my exported P12 files and uploaded them to my MDM service. He says, I use Meraki, M-E-R-A-K-I. So I was able to create, he says, two profiles, one that I named home and one that I named work. I loaded all my respective certs into each of those. Then I was able to assign the profiles to my iOS devices that needed them seconds later, both my iPhone and my iPad had all the certificates installed, no emailing required. And it just magically happens. You don't even have to accept them because you've already accepted the process of being remotely managed by, you know, by this service that you obviously control. This is the best thing is I no longer have to email a certificate to myself to install it on iOS. I can also be sure that all of my old certificates are automatically installed on any device I select. He says, I don't know about other MDM solutions and whether they support this, but I'm pretty sure this functionality is fairly standard. He says, in my case, Meraki has, has ensured I'm not going to get caught. I tried to figure out how to do this with Jamf Now. And I couldn't. I've asked them to comment on that and they haven't yet gotten back to me, but, but if there is a way to do it with Jamf Now, I'll, of course, share that here. So this is pretty cool, John. So, but I think you have some thoughts on this. Absolutely. So once I read this question, Dave, I asked myself, other than email, so what we're talking about is you mail yourself a .p12 file, which is a, an encapsulation of your certificate, or you could mail yourself a .mobile config file, which one option is to put a certificate in that. The thing is mail, when you mail those to you yourself in iOS mail, iOS mail knows what to do with those files. Right. That's right. The problem is a lot of other things don't. And so I was scratching my head. I was like, yeah, you can't put these on with Dropbox or anything like that, because it'll see the file. Can you? Yes, you can. Really? And that's the revelation I'm going to give you, my friend. So I was scratching my head. How can I do this outside of emailing them to me? And maybe, so one strategy could be you have a mailbox in your mail and you store your certs and your mobile con files. Okay. And you click on them and iOS knows what to do with them. That's because mail, I believe Dave has an engine underneath it that knows how to parse those files. When you click on them, it will run the certificate installer. It does. It sees them for what they what they are. That's right. Yeah. Then I tried. I'm like, you know, I wonder if one of my cloud services, be it iCloud drive or Dropbox using their app could do it and close, close. And that I could store my P12 files and my mobile con files in my cloud drives. But when I clicked on the file, iOS was like, yeah, nothing. I don't know. Yeah. Here's the breakthrough that I made, dude. So we all mail has an engine that knows how to launch the cert installer when you click on a file. Right. Can you guess what other app on iOS also uses that same engine, Dave Safari? You got it, my friend. Oh, so if you access and I verified this. So if you holy crap, access. And it was just the shot in the dark. And I'm like, I wonder if this will work. And it did. So I accessed my drop by. So I already store my P12 files and mobile con more recently, right, right in my drop box in a little folder. And thing was, if I accessed drop box via Safari on iOS and then access that folder and clicked on the P12 file, bam. So I'm rather proud of myself that I found this this path and I don't think we've talked about it in the past. So it may be so happy as soon as I clicked on the P12, it's like, hey, you want to install that cert and I'm like, yep. And when I put a mobile con file there, it's like, hey, you want to install this because the advantage of a mobile con file is you can also now you may not want to do this, but the thing is you can put a certificate and the password to unlock it in a mobile con file. Right. You may not want to do that. Right. You may. Yeah, that's right. Yeah. But dude. So I accessed again with Safari on iOS when I clicked on the P12. It said, yep. OK, that's a cert. I see it from your P12 file. Dude, I just did it. So I just did the same thing. So I have I have all my certs stored in it, but it's not through their app. Through the app, it doesn't work. But through. So if you access Dropbox through Safari, it works because Safari, I suspect because it's using Webkit. Yeah, I believe mail is also using Webkit knows. OK, P12 means run the certificate and run this. So I store all of mine on my disk station, right, which I can access from my phone with DS file. But I've tried this before and the nice part about storing my certs on my disk station is it's mine. I'm not storing it on Dropbox's cloud that other people can get to it, right? It's mine. Private cloud, beautiful. But as John noted, same with Dropbox, the DS file app, which is what I used to access the files there for my iPhone, doesn't know what to do with these P12 files, these certificates. So using John's thought process here, I used Synology sharing engine, which lets me share a file with a web file link. So I could send you a link to a file, but I sent it. I didn't send it to anyone. I just generated the link. I can password protect the link so that, you know, even and I own and of course with with cloud station on that's actually this is cloud station, but it's just with Synology sharing, you can set a time limit. So this link that I just created is only good for 24 hours, right? But still, I put a password on it just in case anybody out there gets this link. I don't want you to have my P12 file. It's no offense. It's just I don't want you to have it. And it is, it's about you. No. And and then I copied that link to Safari. And it, of course, asked me to log in with the custom password that I created. I did that. Boom. And now it's walking me through installing the certificate on my on my phone. Far more convoluted than doing it with MDM, though, just FYI. But that's pretty cool. I like it. Now, that's really smart, man. That's good. I like it. It was. Part smart, part luck. But I just tried that path and it worked. So yeah, I guess my head scratcher, Dave, is I don't know. And if there are any hardcore iOS developers. Clearly, mail and Safari on iOS know what to do with a P12 or a mobile config file. Yeah, other apps do not. And the thing is, is this buried deep within the innards of iOS? And there's no way to change that. You and I think had kicked this around earlier, Dave, is there a way to change? I'll call the mapping behavior of what app can understand what type of file in iOS. And I don't know, even with the configurator, if you can do that. Yeah. Yeah, I don't talk to our bud, Corey, or, you know, somebody, but any iOS developers, is there a way, is this mapping set or? Yeah, right. Yeah. I mean, could you do this? So yeah, if I choose to download this cert locally to my device, it's still not going to work. I mean, unless they've changed something, but I don't think they have. But it made me so happy because when I stored them on my cloud services and I clicked on the files, like even iCloud Drive, it's like, yep, this is a cert. It showed the icon for a cert and I'm like, oh, well, you're smart enough to know what to do with this. And I clicked on it and it showed me the text of the XML. And I'm like, dude, you're so lame. Same thing with the con file, with the mobile con file. I'm like, oh, you know, it showed the icon for a mobile con file. It showed a little gear and the icon. And I'm like, oh, well, you know what to do with this. And I clicked on it and it showed me the text. And I'm like, dude, so close. So close. If anybody at Apple is listening, maybe you want to teach some other apps how to handle these files. Yeah, yeah, yeah. That would be a good thing. Yeah, thank you. Right. Awesome. Fine, man. All right. Let's see. Yeah, while we're on the security thing, let's go to. So we're going to do a couple more. We're going to do one more thing about security than we've got kind of a total oddball question about something else. And then we've got some stuff about NAS. So that's the order we're doing things. So let's address Ken. John. Hi, Ken. Oh, you want me to talk about Ken? Yeah, maybe that's a good idea. All right. So Ken has a very good question, because we're all talking about the certs and security and stuff like that. So in a nutshell, Ken went to Komodo to get a certificate. OK. Well, here's his question. I'm going to boil it down without all the text because he had a little chat with them. But his question is, if I want to send an encrypted email to someone, do they need a digital certificate? OK, I think that sums up what he's asking. Yeah, right. We just talked about all this pain that one must go through to get these certificates on there in order for you to be sent an encrypted email, let alone how to send one. Right. Yeah, that's a question. My answer to Ken is what follows. So my answer to Ken is if you want to use a system that incorporates certificates, which is an implementation of public key cryptography, the recipient absolutely needs to have a certificate. Right. The reason for this is that when you obtain a certificate, you are actually generating two keys, a private key and a public key. The public key is then signed by the certificate authority and returned to you. The person's public key in the certificate is used to encrypt the message and the private key that they generated, remember, is used to decrypt it. So the answer is yes, they need a certificate in order for you to send a secure. Let me frame this a different way. Let me take what you said and reframe. So if John and I wanted to exchange information, we could agree on a password. I want to explain what we mean when we say key here. So if I wanted to send you a file, you and I could, hopefully, a different communications medium, not alongside the file. But we could agree on a password. Maybe we talk about it in person. Then we decide what the password is going to be. Then I encrypt the file with that one password and I send the file to you and use that same password to decrypt it. That is what we call a shared key. One key, password. Key equals password. OK, now what John just explained is the beauty of public key encryption. Because with public key or a key pair system, we don't have to agree upon this private key ahead of time. John creates his key pair. One is public, one is private. So this is a key pair or a password pair. And one of those passwords can be used only to encrypt a document. So he can give me or anyone that password. And the only thing I can do with it is encrypt a document. And then I send it to you and you have the other key or other password that is used to decrypt that document. So the beauty of it is we didn't have to use a different way of sharing this key because we're not sharing the private key. And that's the beauty of public key encryption. Yeah. OK, I thought I said that. But you said it differently and hopefully between the two. Yeah. We all agree. So the beauty of that system is that there is no need for you to keep a key, which you implied, which a lot of people call a secret key or single key system. Password. Here's the problem with those systems or password. The problem is password are interchangeable in this sense. Technically, yes. Yeah. OK. Yeah. Yeah. So the thing is the public key system eliminates the need for you to keep a key secret to yourself and that the keys can all be out there. Some of these are on your computer. It doesn't eliminate that need at all. It means that the person. It means you do keep one key secret for yourself. But and the beauty is you can keep it. But it's on your computer only. Only. Yeah. Where it should be. Like you never share your public your private key, even if you have someone that wants to send you something. That's the beauty of it. People can send you stuff all day long. The only person that can decrypt it is you because you're the only one that has the private password, the private key. So. Right. But you could 12 file we were talking about earlier has both. That's that's an entity that contains both of your keys and you must protect it. And that's why you should password protect it. Right. Yeah. But to Ken's question, is there a way for him to send. An encrypted message to someone. We just gave him one. You agree on a private thing is you can use it. Right. Well, the thing is you can use a certificate. But the other way is that you could use a system that uses. A single key. Right. A single password. Let's just say password or a single password. Yeah. Yeah. Now thing is the risk of this. So number one. All right. Say I send Dave, my friend Dave, a message using a single key or secret key system. Here's the problem. So number one, you don't want to send that password along with the encrypted message because. Well, that's where that that's where the public key thing. Eliminator gets better. Of course. Now, if you are going to use a system that requires a single key. You absolutely must send that key outside of. Right. The system that you use to send the message. We talk to each other in person and share this key. And look, you and I have done that. We've encrypted files with a password that only you and I know. Right. And it's fine. Back in the day. Yeah. But you don't want to use the same channel. Right. To communicate the message. And also there's a security risk in continuing to use the same password for years and years. Because if it gets compromised, everything is compromised. And so that that's where you're better off using. Right. Public key. But there are email services that you can use. And off the top of my head, I can't think of any of them. So I'm hoping somebody in the chat room can where like the keys are all like stored and managed there. And you can send encrypted messages to people without. Right. Having to generate a key pair and all that stuff. One of the better services that I've seen. And I'll recommend them by name because I've used them and and I trust them is something called in crypto from our friends at MacPaw. This is a piece of software that you can get from the iTunes App Store. We're going to link to it in the lovingly handcrafted show notes. This is a program that basically you take a file, you drag it on to this and it's like, OK, what's the secret or the password or the key kind of all the same thing that you want to use for this. And then you send the file to the recipient and you tell them this using another channel, not the same email. Right. What the password is and when they receive the file. They type in that password and then the file is decrypted and they get it. Cool. Yeah. No, that's the answer. That's the answer. Yeah, there you can. You can that there are programs. Actually, you could even if you want to get down a dirty Dave, you could even send a zip file zip actually has. Last I checked the password slash key option. So if I want to take a file and zip it and apply a password to it and encrypts it, I'm not sure the best encryption. Sure. Yeah, of course. And someone can unzip it and then there you go. But yeah, in crypto uses a S 128 or something like that, you know, military and great encryption and everybody's cool. Every everybody's cool. That's right. All right, John, I want to actually, you know what I want to do? I want to take a minute and talk about all of our sponsors that work for you. Of course. All right. Well, our first sponsor for today is Otherworld Computing at MacSales.com. My favorite place to go when it's time to get Ram, external hard drives, external hard drive cases, all that stuff that you need to add to your Mac. But they're also the place to go if you need to get a Mac. Their selection of used and refurbished Macs is awesome. And it's easy to overlook because we always think of OWC is that place to go to get things for our Macs, not to go get our Macs. But in fact, it can be great. So like I started comparing some prices today in their used inventory, as with Apple's refurb inventory changes constantly. But comparing the two, their prices are about the same as Apple's. Except, you know, Apple might give you eight gigs of RAM with a retina iMac. OWC 24 gigs. So you pick where you want to go, right? So this is where it really starts to make sense. You want to get a laptop? Well, you can go and get like a 13 inch MacBook Pro quad core I7 2.7 gigahertz Thunderbolt 899. This is where you can start to really get something that matters and is going to do what you need it to do. You've got to check this out. So go and visit Macsales.com. Like I said, they've got all these refurbs and they've got great prices on quality accessories for your Mac, all that stuff. You've got to check it out. Macsales.com are thanks to Otherworld Computing, not just for sponsoring this episode, but for being an awesome company. Really great folks there are thanks to them. Our second sponsor for today is Barebone Software. BB Edit, their flagship product, celebrated its 25th birthday this week. If you can believe it, that's pretty amazing. If you ask me to have one piece of software that's been around longer than OS 10, right? I mean, that's pretty impressive. Longer than my children and still a very relevant piece of software. In fact, it's right at the top of the list. It's one of those pieces of software that I just can't live without. It's always running on my Macs. It's running right now. I will use it as we process the show notes and the chapters and all of that for the show. It is an integral part of my workflow there. And that's not crazy code stuff, but it's just a way to manipulate text and create a text file that is readable by the engine that we use to build our chapters. That's the thing about BB Edit is you know that you're always going to get just clean text out of it. That's really valuable a lot of the time. And that's why I use it. It's also nicely formatted because it's just, you know, mono spaced text. So you can see how things are going to lay out. You get to see what's happening. It does some very light formatting just on the view. It doesn't change the text file, but some very light formatting that really helps visually separate out all the different elements. So you got to check it out. Plus you got to go say happy birthday. So go to barebones.com, download your free copy of BB Edit. And if you want to have some of these extra features, then you pay for it. But if you don't, BB Edit is free for you. So you got to check it out. Barebones.com, our thanks to Barebones for sponsoring this episode, our thanks to them for being awesome people and happy birthday to BB Edit. Our third sponsor for today is Eero, E-E-R-O.com. The people that redefined what home wireless can be like. Yeah, they were the first of the home mesh wireless solutions. And because of that, I think they're one of the best. And yes, this is a sponsor spot, but that's my opinion of them. And it doesn't change based on whether or not they're a sponsor. They have really been in the market longer than anyone else doing consumer grade wireless mesh for Wi-Fi. And their software shows that it has enough of the features that you want. Plus it does all this stuff behind the scenes that makes your life better. We've talked on this show a lot about QoS and why you have to care about it. When I go around the country speaking about Wi-Fi, that's one of the things that I have to tell people about because it's really important. Eero is hands down the best implementation of QoS that I've ever seen in that it's just on. It works the way you'd want it to work. You can't turn it off. You don't even know that it's on. It just does what you want, and that's the point. So you got to check this out. You can pick up Eero, of course, at Eero.com, E-E-R-O.com. Best Buy has it. Amazon has it. You can buy a two pack for $299 is the retail price on that, which is down from where it used to be. And you can buy a three pack for $399. That's the retail price. Again, that's down $100 from where it used to be. So go check it out. Visit Eero.com, Best Buy or Amazon to find yourself your Eero pack and forget about Wi-Fi dead spots. Forget about your Wi-Fi. Just install it and it works and it's awesome. So go check it out. Our thanks, sincere thanks to Eero. Again, for being awesome people, creating an awesome product and for sponsoring this episode. All right, John, now let's go to Barry. It's time to talk about NAS a little bit, Network Attached Storage and all of that good stuff. So Barry is where we will start. And I have no idea where we're going to wind up with this, but, you know, that's that's how it's going to happen. So Barry says my newest drive, a three terabyte Lisi, died. And I need to make a quick backup decision. A Drobo 5N was recommended, but the person knows nothing about Synology, so they couldn't really recommend one knowing about the other. Do you lean one way or the other or is it a toss-up? This is a great way to enter kind of the back back into the NAS discussion. For backup solely, I don't think there's going to be a huge difference. They both support Time Machine, but they can both also just be Network Storage Destinations, so you can backup to them. You know, you can use carbon copy cloner to do a file copy, a folder copy, if you will. And that's going to work and that's just backups. So, OK, fine. But once you get beyond that, I find that Synology NAS devices, their disk stations, are miles more flexible than Drobo's. In terms of the apps and the way you interact with it, it's just it's a it's a whole different experience. That said, Drobo, there's a new sheriff in town over there in Drobo land. And they are they are more focused on the NAS market, the network attached storage market, especially the consumer focused network attached storage market, they are more focused on this than they have been since the Drobo FS was announced. And that that was years ago, right? And the problem was between the time the FS was released and, you know, six months later, the entire focus of that company changed and changed again several times. So they never really could deliver on the promise that they made with that with that original FS. And they came out with the 5N and now they have the 5N too. I would I would say, well, and I am going to watch this market very carefully because it's possible in the next six, 12, maybe 18 months on the outside that we will see a radical change from Drobo in terms of just how useful their their consumer focused NAS, which is the 5N product, really is. So it's it today it's Synology and has been for a long time because Drobo's focus on this just hasn't been been all that clear. It seems like that has changed from conversations I've had with people at Drobo. So there you go. Thoughts, John? My thought is the question was framed in the context of a quick backup decision, Dave. Yeah. And using that lens and also based on the people of I talked to. That have a need to do backups. Like some of the photo like I went to a photo expo, you know, when it's people that need to store huge amounts of data, need to have it backed up reliably, I would honestly vote for Drobo. In that it's it couldn't be easier. So you toss drives in the thing, it figures it out. It gives you more storage. You can choose the redundancy. I agree that the Synology is absolutely the champ as you and I have discussed with apps and stuff like that. But I would say if you're just looking for a backup solution that is as simple as possible, I personally would lead towards the Drobo. Yeah, I don't I don't disagree with you. You have not experienced the new setup of Synology, right? With the whole beyond cloud thing that where they really made that it's simpler, it's not OK, it's still not as simple as as Drobo, though. I I agree with you. I'm just saying pure backup. Yeah, if you're pure backup solution, I would say Drobo for most people is probably a better choice. But if you want to geek out like me and Dave and you want apps and you want, but I got to admit when I had to set the thing up, so I put one drive in and then I put another drive in and I'm like, OK, well, like the Drobo, you're just going to kind of figure out what to do, right? And it's like, well, no, I'm kind of you got to tell me. No, it didn't automatically bring the drive into the fold. It was like, well, you got to kind of do some extra work here. And it got honestly kind of technical. That's and that's what I'm saying. You haven't experienced that in the last year when again, it's still both fine products for pure backup. I would still for most people leading towards Drobo. So right. The problem is and this is why I split the difference is, yes, Drobo gets you there. But once you have that thing in your in your home and you decide you want to do something else with it, you at the at the moment, you may not find everything you want to do with Drobo. Sure. And and that's where the that's where I hesitate. And I say it might be worth a little bit more trouble in the end. And at this point, it is just a little bit more to get that Synology set up so that you can you can get rolling. Yeah. And plus, you know, Synology doesn't make you run an app on your Mac to manage the device. And as we've seen that Drobo app can be problematic at times and then you can't manage your device and that's frustrating. The Drobo has no way of web management. And the reason is because sure Drobo makes like Synology just makes network attached storage, right? They don't make direct attached storage. So Web Interface makes perfect sense. If you but Drobo makes direct attached and web attached and they've chosen to manage it all from the one app. That kind of makes sense. If you want to manage it, the direct attached storage has to be an app. Yeah. And the and the FS was not there. It was not their shining moment. It was awful. It was not. It was awful. I mean, they they came out with this great product and then they just didn't back it up. They did and I don't mean back it up in terms of like backup. I mean, they didn't support it. They weren't there to deliver on the promise to their credit. Dave, I still on occasion get notifications saying, hey, we have a new firmware update version of Drobo desktop. Not the firm. I haven't seen a firmware update for the FS for a while. OK. But the desktop app, they let's move on because we got there's lots to do here and we can't spend six minutes on that. So even though we just did. So Andrew writes and Andrew was is talking about NAS and storage space. He says he has a Synology DS2 16 play that he uses for which is a two bay Synology uses for file storage and as a local backup for Dropbox OneDrive, Google Drive, Box and iCloud, which is handy. And other than iCloud, which is not automatically built into Synology, all those other things are so you can just log them into your your accounts and it will slurp down all the contents of your Dropbox or your Google Drive or whatever you want. And then now you have that stored on your local disk station. Very, very cool. He says the disk station, however, comes empty. You can put your own drives in. He says I chose two two terabyte Seagate drives. They're made for video. So I thought this was going to give me four terabytes of storage. But my system showed only two. He says, yes, there are two to two terabyte drives in there, but only two terabytes of storage is usually says I thought I had a dud drive. I was going to use the other two terabytes as my time machine backup and sell my time capsule. Says, but what it turns out has happened is that it mirrors the drive. And that's true in a two bay Synology set up in what all called default mode. And this is to your point earlier, John, is, you know, Synology used to ask you a lot more questions when you set it up. Now it assumes you want what you mentioned that you want, which is the drives lumped together. But it's going to set it up in essentially what we'll call single disk fault tolerance, which means it can survive one of your disks failing and you won't lose any data or really even access to your data. In a two drive system, though, single disk fault tolerance means both drives have the same data. That's just how that's going to work. It's no other magic to it. Two drives, one of them fails. The other drive has your data because of that in a single disk fault tolerant mode, you lose one effectively one disk's worth of storage to fault tolerance. Right. We understand why that is with a two disk system where it gets interesting. Let's say you have a four bay disk station, not just a two bay. And this is true of Drobo too. Drobo as well, I'll say. Let's say you put three two terabyte drives in. You would then have four terabytes of storage. So if you take your two, your two drives and you add a third, you get that full two terabytes as the remaining storage. Why? Because it still only needs one disk to be fault tolerant. It can store enough parity information about the data on the on all of the drives. All that it's not just that one one specific drive could fail. Any of your drives, any one of your drives could fail. And the other two have enough data on them to recreate it. This is where it gets magic. If you have three disks in when they're three two terabyte disks, you now add, let's say, a fourth two terabyte disk. You now have six terabytes of storage usable. That's the beauty of NAS and storage is when you start adding more and more disks, that one disk that you have to dedicate. And it's and I'm oversimplifying a little bit. If you have disks of different sizes, it starts to get a little bit interesting. It basically it chooses the largest one. And that's effectively what it dedicates to to your fault tolerance because it has to it has to be able to. That's the amount of space it dedicates to fault tolerance. So if you have three two terabyte disks and one four terabyte disk, it's going to dedicate four terabytes total to your storage. So you'll get six available and then, you know, out of your 10. But as soon as you add another four terabyte drive, that changes. It's kind of the way it works when you have multiple drives. So yeah, expect to lose the capacity, add up all the drives that you have. And lose lose one of them, lose the largest of them. And if they're all the same size, then there is no one largest, but lose the capacity of the largest to your to the fault tolerance of the system. That's single disk fault tolerance. You can set them all up with dual disk fault tolerance. And I'll let you figure out it is the intuitive math. You lose two disks worth of storage space in trade for that that fault tolerance. Now, you can set a Synology up as a JBod, right? They just a bunch of disks. It is not the default configuration, but you can do it and you can force it to do it. And then you get all the storage on everything. But if one drive dies, you basically lose it all or a lot of it. So, so yes, that is how storage works. OK, anything to add to that before we before we move on? Guess not. OK. I don't think so because I have so I have a two bay and then I have an expansion port and I have two two point seven drives in the main one. And then I have a three point six four and then I have an SSD cash. That's the cash. I don't even know what I'm talking about here. Right. Yeah. But it claims that the total capacity of what I have right now of five Synology hybrid RAID with data protection of one disk fault tolerance is five point three six terabyte. So so you're losing the biggest drives worth of space. Out there. Yeah. So if you added another three terabyte drive, you would get three terabytes more of storage, but you can't because in the Synology, you have to add when you add a drive to a to the system, you have to add a drive that is equal to or larger than your largest drive. And that's not true of the Drobo. Drobo will let you put a drive in that's that's of any size. And it'll kind of slip that in and make it work. But Synology, it has to be equal to or larger than whatever the largest drive you currently have in there is. So there you go. Yep. Yep. Listener Dave asks while we're comparing here, he says, I'm looking for a basic solution for the house, three users backup requirement for four computers, numerous iOS and Android devices, lots of photo storage with a few libraries. I'm wanting easy access to them and to be able to view on Apple TV, personal cloud and iTunes library accessible with Sonos. I'm a geek, but my wife and daughter need to use it as well. I read blazingly good reviews about Qnaps products, but I know you guys are a big Synology supporters. I'll also need a solution for the studio, but that's simply reliable, redundant backup of audio files with web access from anywhere. So here's an interesting thing. If you start looking at Qnap and Synology, you'll see a lot of similarities between the two, including similarities of like package names and app names on the devices. Note station, cloud state, like that kind of stuff. I don't know if cloud station is comparable between the two, but you'll see a lot of similarities. I've often wondered, like, you know, are these two companies joined at the hip somewhere way up the line? I don't know, but. There's a lot of similarities between the two and Qnap does some interesting things by adding HDMI ports to some of their things. So you can plug it directly into your TV, which is handy. Here's the one difference between them that keeps I was going to say keeps us, but certainly keeps me from recommending Qnap to all of you. And that difference is what we were just talking about. Qnap does not let you use discs of different sizes. They force you to use discs of all the same size. If you're in a big company or whatever, that's not that big of a deal. You get a eight bay, you know, unit or a five bay unit, four bay unit, even going out and buying four discs. You know, let's say we buy four, two terabyte discs, we fill the thing up. Then down the road, you want to add more storage. You have to replace all four of those discs with larger discs before you get any storage with Qnap. With Synology, with Drobo, you just start putting larger discs in over time, your storage space grows, starts to take advantage of them as soon as it can. So that's the reason that I don't recommend Qnap, because otherwise there are a lot of things about their products I love. And they make a good, they make a good NAS. So, well, to be fair, they, as far as I know, last I checked, they follow traditional rates. Correct. So the what you're saying, I think, is there is the potential if you get a Qnap drive that if you toss another drive in their array, you're going to be wasting space. That's right. Whereas with Synology and Drobo, Drobo, I think, being the easiest, it's going to be like, yep, you're part of the family and I'm going to do, I'm going to figure out how much more space you get. Synology is a little bit more restrictive. Yep. But Qnap is like, no, I'm following the traditional rage standards, whether it be one, five, ten, whatever. But there is the potential for you to not get the most space on the drive you put in a Qnap. Right. Yep. OK. So Dave then asks, OK, great. So it's Synology then. He totally, he buys in. He wants the SHR, Synology Hybrid Raid. He says, OK, which one do I get? This is where I feel like I'm living back in the preforma days of Apple. Where there's how many models further? Yeah, that's the thing hundreds. How many hundreds of models? And that's sort of the problem with with Synology right now is there's lots of models. But it's pretty easy to begin to narrow it down. They have a good little disk or a disk station compared utility on their website. And you can start narrowing down. How many bays do you want to have? What features do you want to have? And you can start really kind of narrowing this down and and decide what you want to get. You know, for a two bay unit, the DS216 series, either the 216 Play or the 216 Plus, that's about 250 bucks for the play, 299 for the plus. The plus indicates that it's got an Intel CPU and that can make a difference running packages. But the play units often have a hardware transcoder in them. That's what the play designation means. So you might get if your biggest use case of the CPU in a unit is going to be watching videos because that's that requires a great deal of horsepower. Having the hardware transcoder in there sort of eliminates the need for a fast CPU. But the Intel CPUs, the plus models are generally better in terms of the CPU. This week, they just came out with the DS15, 17 plus and the 18, 17 plus. Those are the five and eight bay units with Intel CPUs in them. It's the same Intel CPU as the previous one. But go and use Synology's configurator. That's definitely the place to start when when you're when you're out there looking for for for where to do this. And you can email us too. We're happy to to help feedback at MackieCab.com, of course. Did you say feedback at MackieCab.com? I said feedback at MackieCab.com. Yeah, I did. That's that's how I roll, you know, checking. Yeah, man, I'm with you. I'm with you. OK, but it is a good point in that there I was baffled by. Overwhelmed, yeah, shall I say, by the wealth of units that they offer. I think, like you said, the performer days, like Apple in its not so best times, yeah, offered way too many models. It's like, dude, simplify, please. And I hope Synology for our friends. We love them, but the problem is they they serve many different markets. They serve enterprise. Yeah, yeah. So there's, I mean, I mean, even have Rackmount units, which we have never even talked about. But they I think it's the RS series, right? That's right. Yeah, you want to Rackmount? Yeah, yeah. And you're in a big company? Sure. Sure. They look cool. But when I've seen about the shows, they're like, wow, that's awesome. Dude, it's like, you know, 20 drives or whatever. Yeah, you can go crazy with it. And the with the expansion units, you can go nuts. Tony asks, he says. After listening to the latest show, 642, when you detailed some of the functionality of the new Synology router, RT2600 AC router, it appears that it has a lot of the capabilities that their NAS devices have, as far as applications and utilities. Can you break down what the router can do with an attached USB drive compared to what the NAS can do? I'm wondering if I can get away with just having the router with an attached USB disk to perform my daily functions, namely backing up my Mac using Time Machine, syncing files from various clients, backing up Windows clients and serving media, music and movies. OK, so you're totally right. Good good observation, Tony, because certainly because Synology has been developing NAS devices for so long, it's not surprising that their router inherits some of these features. So it's a router, but it goes further than that. And it does have some of this stuff. So the things that you can do with the router are file sharing. So and again, as Tony said, this involves hanging a USB drive or two. One of those, I mean, you could hang a Drobo, a direct attached Drobo to this thing if you want it. So you could have a lot of storage attached to it. That's what Pilot Pete's doing. He's got a Synology router with a direct connect Drobo. I think it's a four bay Drobo hanging off of it. So lots of storage. You can do file sharing. It'll do Apple file system. It'll do SMB. It'll do FTP and SFTP and WebDAV. So you can certainly do that more importantly, I think. But the file sharing is good because you can do Time Machine to that. More importantly than that, it has cloud station, which is your own private drop box. So and that can be accessed not just from your local network, but from anywhere. And the app for the Mac is awesome. It just syncs just like Dropbox. It's pretty cool. So there's that. It has a VPN server on it. And that VPN server lets you do L2TP, which is natively supported on on all Apple products, open VPN, which we talked about last week, and then it has its own SSL VPN baked in as well. That actually their disk stations don't even have. So that's pretty cool. It has download station, which is a BitTorrent client. So you can have it download all your BitTorrent stuff. You don't have to have a Mac on dedicated to it. You can have your router do it. That's pretty cool. That's and then it has you can run a network time server and a DNS server. If you want, I mean, the DNS server is sort of part of the router thing. And there's an expanded DNS server you can install. But that's about it, though. There is a media server in it, and it's called media server. But this thing ain't Plex. This is a DLNA server. It's very bare bones. Many smart TVs will let you connect to a DLNA server and stream from them. And it can be fine. It's not overly pretty. It's not doing a lot of the smarts for you. It's just sort of barfing up all of the data that you put there. But in the right situation, it can be serviceable. It's not Plex. And there is, at the moment, no version of Plex to be installed on the Synology routers. I wouldn't hold your breath for that either. But it's certainly a place to get started, as you can see. So it's a good question, Tony. Thank you for asking. Any thoughts on that, John? I like DLNA because my hios talks to it. Yeah, for your music. Right. So that's nice, even its bare bones, as long as they publish your media using DLNA. That's cool. But it's interesting because it seems, I don't know if I would say that their router is a D-featured NAS. I mean, it seems like there's a lot of overlap. Yeah, it's right. It's either an overfeatured router or a D-featured NAS with routing capability. Yeah, right. And a lot of the, I mean, and duh, I mean, I'm sure they share a lot of the same code. Of course, right. But they don't they don't duplicate each other because that'd be silly. Right. But it is. It's like it's the router has like what I call disk station light inside. OK, you know. Yeah, yeah, it's pretty cool. So D-featured isn't probably the best word. Right. Yeah, light. It's disk station light or DSM light. Yeah, yeah, exactly. Yeah, they call it actually SRM. Synology Router Manager. Oh, OK. Yeah. Yeah, it's a great interface. I like it. Yeah, it's pretty good. Larry has a question. It's actually a fair question. So we'll address it. We'll use this sort of to wrap us out. He says, I have a Synology DS411 Slim 4B from 2011. That's how the numbers work that I use mostly for streaming video within my home and occasionally through remote locations when I travel and I'm quite happy with it. Recently, though, I tried to update to the latest version of a disk station manager, and I, which is the operating system on it. And I got a warning message that if I were to update that, my Plex server would not work. Consequently, I didn't update because I want my Plex software to be updated. And I figured that would happen shortly thereafter. The update not appearing. I Googled around and found a page stating that Plex would no longer support my version of NAS. Yeah, so he's stuck in, like, you know, the coffin corner to use a plain term. I don't know why I'm using a plain term here, but it's that you can't go one way without forcing yourself to not be able to go the other. And he says, so my question is, is this NAS now effectively obsolete? As a 411, I make that the unit to be six years old. Am I within my rights to be annoyed? Yeah, you're certainly within your rights to be annoyed. I mean, I would never, never keep anyone from from the enjoyment. I would say you could even shake your fist. We grant you permission. That's right. But in planned obsolescence. Yeah, I mean, is it planned obsolescence? I honest, I don't I don't know. I will say this, you know, the fact that your NAS keeps getting more and more features. When you bought that thing in 2011, you could not run. I don't think cloud station existed on it. That's the drop box thing. Let. But if it did, it was awful because cloud station used to be awful until about a year ago, and then it just like like way better. But that's sort of the beauty of software iterative design is, you know, it just keeps being improved. So you have this device that does way more than it did when you got it, including what Plex can do on it, because Plex has gotten better in the last six years, too. But now, like we've seen with Mac OS and iOS, there are certain things in the operating system that are needed to do stuff with, you know, future versions of apps. And your device can't do some of those things. So you're starting to see where, you know, those limitations are employed. It of course, it's annoying. Of course, it's frustrating. And after six years, it's to be expected, I think, you know, I think that's just how it goes. Six years is a good long run for a piece of piece of hardware like that. I think most Mac users, maybe not iOS users, but most Mac users tend to expect a somewhat longer lifespan versus their windows counterparts. Yeah. Yeah, yeah. So somebody in the chat room, Text 777 asks, did you say that the Synology router can take an external drive formatted APFS? No, I said that you can access data on that drive using AFS. I should have said AFP. I don't know why I must have written it incorrectly, Apple File Protocol. So no, it does not use APFS and it's a NAS drive. So no, you can't store a photos library on it and expect any, you know, anything great about it. So but it will take drives formatted is HFS plus and it will take drives formatted is the XT4 and FAT32 and all of that stuff. Yeah, yep. I tried that. It has USB ports for most of them do. Yeah, I think all of them do. Yeah. Oh, so yeah, that's fun. Yeah. So good question. Thanks for catching me on that text. Appreciate it. All right. Well, Dave, we had some VPN stuff, but we're not going to get there today, so it's all good. There's always next time there. That's the good news. And I take that as good news all the way around. Our phone number is 224888 Geek. John, what's that is for three three five. How else can you reach us, Dave? Well, those premium subscribers that we mentioned, premium at MacGeekab.com is the email address that all they get to all of they all of them get to use. Yeah. And yeah. Are we are we out of sync? It seems like it seems like we're stepping on each other, which now we've got 39 milliseconds of latency. So it's just late in the day. All right. So premium MacGeekab.com slash premium. Thank you to all of you for that. And of course, you can find us on Facebook. Go to MacGeekab.com slash Facebook. That will redirect you to our Mac Greek Mac Geekab group over there, where we all help each other answer questions. It's really a wonderful thing. Next week, we'll talk about Mastodon, because that's been a fun little experiment. This new open source social network. Another one. Oh, peer to peer. It's a cool thing, man. It's a cool thing. So we'll talk about that next week. I want to thank, of course, all of you for listening. All our premium subscribers, because, hey, you know, that's that's how it works. I want to thank Cashfly, C-A-C-H-E-F-L-Y.com for providing all the bandwidth to get the show from us to you. I want to thank our sponsors, of course, the ones we mentioned in the show. Other World Computing at MacSales.com. Barebones Software at Barebones.com. Iroh at Iroh.com, of course. And then and then the folks in the podcast marketplace, which rounds out with Smile at Smile Software.com and Blue Apron at Blue Apron.com slash M-G-G. Happy Easter by the time you hear this Easter's over, if you celebrate. Happy Sunday, if you don't, it's all good. Have a splendid week. Have a good time. And John, what's the set of the thing we like to say? I believe it's don't get caught.