 The Mac Observers, Mac Geekab episode number 651 for Sunday, April 2nd, 2017. Just stick around, you'll understand just how to enter those commands. Greetings, folks, and welcome to the Mac Observers, Mac Geekab intro. Thanks to Kurt Lee, I believe. Thank you very much for that, Kurt. Mac Geekab, of course, the show where you send in your questions, your tips, and your cool stuff found. We take those, we share them. The goal is for each and every one of us to learn at least four new things every time we get together. Sponsors for this episode include Smile at actuallytextexpander.com. Because we're talking all about TextExpander for Teams this week, we'll talk more about that later. Blueapron at blueapron.com. That's where you go to get your first three meals free. We'll talk about what some of those great meals are. We actually had two of them here this weekend. And Harry's at harrys.com slash mgg. That's where you go to get a free trial of Harry's awesome shaving products for just three bucks shipping. We'll tell you exactly what you get. Here in Durham, New Hampshire, cleanly shorn, I'm Dave Hamilton. And here in Riverville, Connecticut with a bit of stubble. I'll probably fix that shave off after the show. Oh, there you go. How goes it today, Mr. Braun? Again, I'm kind of kind of scruffy. Well, we can get you. We can get you straightened out on that. Yeah, but we. Yeah, we got an event to go to. So I got to, uh, yeah, I want to present a good image. The event is Thursday. Today is Sunday. So I feel like we might actually make it. It might. I mean, there's enough time between now and no, there's not enough time. We're never going to clean up enough, John. Harry's helps. Don't get me wrong, but we're never going to clean up enough. All right, let's get to, uh, let's get to some of these tips here. We've got all kinds of stuff to go through today. Robert writes, uh, he says, if you install a VPN on your iPhone using the automatic installer slash iOS app that most VPN services provide, it will prompt you and install a VPN profile. And he's right. You have to agree to this. And then it installs it. He says, then in your iOS settings menu on the left-hand side will be a new entry called VPN with a slider for on and off. But there is a full VPN profile configuration settings page that is at least partially hidden to get to it, search for VPN inside the settings app and click on VPN general. For some reason, when you only have one VPN profile installed, this detailed setting screen is hidden away to make it always visible. Just click on add VPN connection, create another dummy profile. He says, I just call mine dummy VPN and type in anything into the fields. Now the VPN entry in the left side of the settings will take you to the detailed screen even by touching it. He says, I find that when the VPN service has a dynamic connection, which you usually want, uh, I need to access to the detailed configuration menu to temporarily disable it when I'm doing software updates or other network intensive things. I prefer to use the real iOS VPN setting and not the proprietary front-end app of the VPN provider. Very, very, very cool stuff. He says a secondary cool stuff found because of Sandbox and iOS security, all VPNs on iOS are not custom code. They are only a VPN profile installed per Apple requirements. The VPN app available from the VPN service is simply a GUI front-end that manages the profile settings and handles filling in the name of the VPN server more easily. Uh, this is all very handy and Robert is totally right. Accept. For all my custom VPNs, and I have several, uh, and there's the ones that have an app and all that stuff. Uh, he's right. You can, it's much, you can just go into the settings app, the standard iOS settings app, choose the VPN and turn it on and it works. That works for every single VPN that I use except open VPN. It will start to connect, but it will never complete a connection if I do it from within the settings app. I have to do it from within the open VPN app to have success. Do you find the same thing, John? Yes. Yeah. For L2TP, for SSL VPN, for any of the others, I can do exactly what Robert says, uh, but for open VPN, for some reason, um, and it doesn't matter what my open VPN server is, but for open VPN, I have to do it this way. Maybe it's something to do with the way they, the, the freely available open VPN app builds the profile. I don't know. I don't know. So there you go. Thoughts on this, John, before we move on, more quick tips. No, I'm, uh, okay. I'm looking at my VPN screen and I got, uh, open VPN and I got, uh, Speedify in there. Cool. And actually I should have tunnel bear in there, but I don't. Those are the three that I use personally. Yeah. Yeah. Yeah. I've got, well, I've actually got three VPNs set up on my disk station right now. So I run, uh, an L2TP VPN, which is great because it's totally natively supported by iOS. You don't even need an app or anything. So I've got that. I've got Spotify's, sorry. Spotify. Why did I say Spotify? Synology's SSL VPN, which is awesome, but only available on their routers, not on their disk stations, but it's great because it tunnels over port 443 so nothing can block it or nothing is likely to block it. And then I have an open VPN set up from my Synology and then I've got an L2TP set up from my dad and then I've got tunnel bear and Speedify as well as my third party VPNs. So it's crazy these days. How much we sell. Gotta be secure. I know. Hi. They're watching. They're watching. Yeah. Sting was right. Um, Steve writes, he says, uh, I'm not sure when this was introduced, but if you go in Sierra, there's a great management storage management tab. Uh, go to about this Mac, choose storage and click manage. And it brings up a great dialogue with suggestions on how to get more space on your hard driver SSD. So, uh, and he's right. I think this is a, I don't think it's new in Sierra 12.4. It's definitely not new. I've seen it before, but I think it's, I think it's just Sierra added this. And it's a handy, very handy way to see what's, uh, what's there. It's not all inclusive. It's not going to do what like, you know, omnidissweeper will do, but, um, but it's pretty good. So, you know, there you go. You ever use this, John? I've seen it. Yeah. Haven't done much with it. Yeah. But, uh, no, it's nice that it summarizes what's going down. Totally. Totally. All right. Uh, let's see what, uh, we have Mike with, uh, with an interesting little tip. Mike says, uh, I will chastise you. I say he's going to join you, John, in chastising me for making a less than ideal iCloud password. But when that modal dialog box comes up, there's no way I can enter my password either. And once dismissed, sometimes I don't know how to get it to prompt me again. I have solved this with universal clipboard. Now on my iPad, I will go to LastPass and grab my password, then paste it into that modal dialog on the phone. There's a slight delay as iCloud does its thing, but it works great and I use it all the time. Says I am not running Sierra, but since that also has universal clipboard support, it probably works from your Mac to your iPhone or iPad as well. You're totally right, Mike, um, that, that this will work. But here's the problem. Two, twofold. Number one, you need to have a second device that supports universal clipboard within ARM's reach, which I don't always have when I'm out and about. It's usually just my phone. And then secondly, if in the, in the scenario that we just described last week, I had changed my iCloud password. So without being, so my, my phone that was prompting me for it wasn't logged into iCloud, therefore I don't think would have gotten universal clipboard from a device that was logged in. So catch 22. I don't know. There's no simple answer, but be careful if you're using last pass. They've got a problem right now. Be careful. What's their problem? Didn't they have some kind of a security breach or something? Not, not a breach, but a, um, read an article where a security researcher said that they found some way that they were able to compromise. It wasn't very specific, so I, I didn't take it too seriously. Okay. Okay. And that when I see, I don't know, personally when I see articles and they're like, well, somebody found an exploit, a theoretical exploit, blah, blah. I'm like, okay. And yeah, um, I don't know. So I'm, I'm still, so yeah, that's the standard research that I did. Our technique is pretty, pretty detailed about it says the flaw which affects the latest version of the one of the last pass browser extension was, um, let's see. When people have last pass binary running, the vulnerability allows malicious websites to execute code of their choice. So it's not that your passwords are necessarily corrupt. It's that there's this hole. Okay. Um, that allows, you know, people to do nefarious things. He says, uh, even when the binary isn't present, the flaw can be exploited in a way that lets malicious sites steal passwords from the protected last pass fault. Okay. So there it is. Uh, develop proof of concept exploit and sent it to last pass last past officials. Developers now have three months to patch the hole before project zero discloses technical details. Um, last pass says it will take a long or not. No. Travis Ormandy, a researcher with Google's project zero, um, vulnerability reporting team says it will take a long time to fix this properly. It's a major architectural problem. Last pass has 90 days. But no need to scramble. So there you go. So be aware. Last pass users, the clock is ticking. And if it gets to, I would say if it gets to 45 days and last pass hasn't indicated that they have a fix that they're actively testing, I'd move. You don't want this. It's not the, it's not the world you want to live in. All right. Or I mean, based on what they said, uh, it's, uh, it can be exploited by, uh, uh, malicious websites. So just don't go to malicious websites. Well, yeah. There you go. Right. Uh-huh. That's not the point though. Yeah. Yeah. Okay. Well, thank you for the, uh, May 1st is the date that I would put on that. All of you last pass users, it'll probably be fixed by then, or at least they will have communicated something that, that everything's good. But, uh, but if we haven't heard anything by May 1st, my advice is jump ship. That's all. But do you don't have to do that yet? Okay. Um, another quick tip that I think is going to lead into some questions here, John. And, uh, this quick tip comes from Eric who says, I have a Mac Mini at home. And this is very topical based on some things we've been discussing. Here he says, I have a Mac Mini at home, which is permanently connected to the to the internet via Ethernet. But I don't want it to also be connected to Wi-Fi. If I turn Wi-Fi off, then I can't use things like AirDrop. If I keep it on, but tell it to forget the network, that forgetting action sinks over to all my other devices because I have iCloud Keychain turned on. He says, I found a solution out of this catch 22 that lets me do exactly what I want. In Keychain access, search for the name of your home network. There should be only two that appear, one under the system keychain and one under iCloud. He says, if there are more than two, look at only the most recent entries. Double click on the one in system, then click on the access control tab. You will see airport D and airport under the application access section. Remove both of those and then restart your Mac. It will no longer auto join your home network, but it will still let you have Wi-Fi enabled, letting you have full access to things like AirDrop while not affecting any of your other iCloud devices. So this is brilliant because it's still syncing with iCloud Keychain. You're just telling your Mac, don't let airport D and airport processes access this password so they can't see it, they can't auto join. To me, that's brilliant. Nice hack, yeah. Uh-huh. That totally solves that problem that we were having. We were discussing last week or two weeks ago about the guy who wanted to make sure his work Mac didn't connect to his home network. Yeah. Brilliant. I like it. Very, very good. John, you want to take us to Scott? Scott sent me on a learning journey. Okay. And I'll, uh... Well, here's what he has to say. So gents. I don't know what he's writing to here. He clearly hasn't met us. That's right. Thanks to the competitive world of wireless carriers there are now affordable family, unlimited data plans and I'm taking advantage of one. It's safer than public Wi-Fi. In fact, I've written an article about this for CSOOnline.com. Okay. Um... It doesn't require a VPN because it's natively encrypted. Moreover, it's generally faster than most of the crappy public Wi-Fi networks that I've used. True that. Um... No, I'm pretty happy with my public Wi-Fi. Uh... Anyways. Uh... What I'd like to be able to do in order to conveniently capitalize on this limit data plan is to have my iPad connect my iPhone's hotspot automatically all the time unless I indicate a specific Wi-Fi network to take priority. It would be analog to a trusted network process in a VPN app. Uh... And it uses Cloak. Uh... And that I would be able to indicate which Wi-Fi networks my iPad should connect to in lieu of my iPhone hotspot. Do you know of any native way within iOS to do this or if any app that would offer either a direct method or workaround? And when he asked that question I assumed that he meant an app on either iOS or... Sure. Yeah, so tell us how we would get this done. All right. So I went on a learning journey. So the first thing is I hunted around for I wanted to see if there were any programs out there or apps out there that could help prioritize what networks you connect to. And I did find one, Dave. Um... It doesn't quite solve the problem though, but I thought I'd mention it because it may solve a problem for people. Sure. It's called Wi-Fi Priority. Okay. And basically what you do with that. So what it's doing underneath the covers and this is what set me on a learning journey is it lets you create a profile and you can specify networks that you want your iOS device to not auto-join. Oh, right. Just like you get if you're an Xfinity customer you get a profile that has the networks in it and instructions on how to connect to them. Right. So at first I thought that that would do it. But then Well. a little more research indicated to me and you actually had chimed in and led me down this path here. Here's the problem though is what he's connected. The problem is the way that iOS decides on what wireless network to auto-join. How can you tell how iOS does that? Well, you read this handy-dandy support article called how iOS decides which wireless networks to auto-join. And as you pointed out to me, here's the bad news. Hotspots are at the bottom of the list. Right. So the thing is the default behavior if this thing was broadcasting if it was an access point versus a hotspot then this would have solved the problem but it's not. Right. Because it appears as an ad hoc network it is D prior it is put at the bottom of the list below all other infrastructure networks or router networks whatever you want to call it. Right. Yeah. But then so taking those two pieces of information I'm like, hmm how could I well the the way that Wi-Fi priority does what it does led me to come up with a solution though not quite meeting the parameters here. I'm like, oh creating a profile well what lets you do that? Oh well. Apple configurator two does Dave. Oh OK. configurator two is a program that lets you create a profile for iOS devices and you can bake Wi-Fi networks into that profile. Correct. So here was my solution so what I did again per you know what I did was set up my Mac as a hotspot. OK. Mine also an ad hoc network so should get close to approximating the scenario. Yeah. OK. So then I set up as an ad hoc network and then it appeared as a network that I could choose from on my iOS device. OK. But still because of the priority prioritization rules it would not connect to it by default. Here's how I kind of convinced iOS to do this though. So when you create a profile a Wi-Fi profile there are two pieces of information that you provide. One is the name of the access point whether it be ad hoc or sure infrastructure and then there's a little checkbox says auto join and you can either check it or uncheck it so this is exactly what the Wi-Fi priority guy is doing that wrote that software is he but here's the the problem is just went a little further he would have created a program that could do what a friend needs here's what I did is so I created a profile that had three entries in it the first entry was my home Wi-Fi network and so I punched that in and I deselected auto join so I said OK don't join that one don't auto join it OK then I typed in the next one that it typically defaults to which is OK yep so what I did is I took the the ones that appeared on the list that it knew about and I basically created a profile saying ignore these and then the third entry Dave is I entered the name of my hotspot which was called Macbook Pro for lack of a better better term and I clicked the auto join button to setting up this profile see this is a learning journey and then I went the extra mile here you understand what this means John right because what I could do is go to my Mac and create a profile that says Logan Wi-Fi is the Wi-Fi network name and unchecks the auto join thing and put that on my iOS devices especially my iPhone I believe that would be enough to convince your phone to never try to join that stupid thing again to yes our friend got back to me and he said well you didn't really meet my criteria because I don't worry about that this is awesome well he he wanted to do it all from his iPhone he didn't want to have to use a Mac but okay yes and I get that sure I said app I'm like well you can run configurator too that's an app but it's an OS 10 app so I get that there is no configurator app for the iPhone or iPad yeah yeah okay well I think if he wanted to roll up online then he probably can do scripting or programming the thing is you know what a profile is Dave underneath at all it's an XML file oh is that right oh so you could well the thing I knew this is because when I was goofing around and creating the profiles I would highlight the profile and because I believe it's because I was running default folder it showed me a preview of the file and it's and a profile is nothing more than an XML file I would ask do you know what HTML is it's basically a text file with a whole bunch of with structure to it and tags in it and that's basically what a profile is so if you could learn the structure of this profile file that Apple configurator to generates I bet you you could write yourself maybe a workflow sure well I mean just take a look at yeah take a look at the oh I see what you're saying yeah maybe workflow but certainly you could just use a text editor to do it the trick would be editing it on iOS and then delivering it to your phone in a way that your phone will slurp it in and that that may be the more difficult trick because you'd have to build it into the app in order for it to like present this profile yeah or maybe email it to yourself sometimes if you email yourself a profile you can click on it and then and then it tries to slurp it in so that's pretty good man I like that now the other thing is if the wifi priority guy if he just tweaked his app just a little bit so it sounds like anything that he puts in his profile is he defaults it to auto to not auto join right if he made that a choice hmm oh yeah and of course we're you know gonna contact yeah well the author as we mentioned it and say hey you know this may meet the needs of more users right so it's a lot of fun and if if you want to tweak the behavior of your I mean the configurator to let you do so many things I think the main purpose of configurator to is like enterprise deployment of yeah because you can control all sorts of aspects of an iOS devices behavior and typically especially in an enterprise situation you want to lock down certain behavior yep you know you may not want to allow people to access certain resources or yeah it's a there's tons of things in there I like it it makes me happy that it was able to help me solve the sprung cool all right let's see yeah no good fine man I like it that's crazy all righty let's let's go to let's go to Everett here because Everett asked a question that seems crazy on the surface but but it's really not that crazy so Everett writes on the Mac he says he has two questions but really he doesn't think he has to but he does he says what do you use for remote screen sharing I've been looking for a good solution for my wife who has an iPad Air she needs to remote into her desktop from school in order to access some sites that require flash or some other non-ipad friendly plugins do you have any good programs or services you prefer she says clunky and she said it didn't work well for her all right so I'm gonna answer your second question first which is remote login I really like screens from Adobe that it's got a Mac version and an iOS version you can build it you can set it up on your Mac to let you come in it's very very seamless and streamlined I can't think of a better thing to do this with a four-pay program but you know this is one of those scenarios where you get which pay for so I like screens a lot John before we move on to the next part of his question that he didn't know he was asking do you have any thoughts on this my initial thought was can you do this with messages and the answer unfortunately as I started going down that path is no it seems you can only do it you can only do screen sharing between Mac right well and also she needs to connect to a machine that she's not sitting at right so yeah so it needs to be it's actually fairly trivial to do again on iOS you'd still need an app and I use screens for this but you know locally on your like on your home network it's a little different than having to pierce the firewall but screens on the Mac will take care of some of that and I think screens is available set app now so so that's a you know that service is pretty good there's some great things in set app so so that's worth checking out for ten bucks a month you get access to a lot of apps you know the one thing I found I did find an article that suggested a hack for this and I'll have to look into it more one suggestion was okay well connect two Macs to each other do screen sharing we've pointed this out in the past but if you connect an iOS device to a Mac and you run QuickTime Player that will show what's happening on that iOS device I didn't verify that this still works okay so this is a this is a whole different thing right you want to you're talking about showing the content of your iOS device to someone else yes over a thing yeah yeah yeah totally different thing but yes screen sharing with QuickTime Player can do that that's right that's right because it'll capture it and QuickTime Player now that we're off it'll also let you capture the screens from your Apple TV you just got to plug in USB to it so you need you know you need your Apple TV Gen 4 is a USB-C port so you need USB-C to whatever your Mac has which might be USB-C if it's a newer Mac or USB-A if it's if it's not all right but Everett asked a different question without knowing it because he said my wife needs to access sites that require flash from her iPad and we all know that the iPad doesn't allow you to use flash except it does via an app there's a web browser called the Puffin web browser P-U-F-F-I-N and it will let you access flash sites from your iPad so that might be the answer here because because if that gets it done then you don't even need to worry about it have you ever checked this out, John? No I haven't Puffin like Opus Opus is a Puffin, isn't he? Oh, I don't know or Penguin Puffin, Penguin Yeah Okay But yeah that'll let you access flash or shake your fist at the people that are still doing flash and tell them to cut it out Well, there's that right but in the meantime Puffin exists let's hope Puffin's existence at least for that purpose is limited but in time but it does exist so yeah it's pretty good because it's using Puffin's servers and all that stuff it's shifting around that it's not actually running flash on your on your iPad but but it is letting you access flash sites so there's some there's some you're essentially creating a man in the middle situation so be aware of that because it's not running flash locally it's just it's access you're accessing the web via Puffin's data centers but yeah let's do it I mean it's it's the same thing right it's instead of using her computer at work via screen sharing and that clunky scenario you get to do it this way which for you know it's very specific flash content works a lot better so there you go but know that you know if there's logins that you are passing them through another set of servers pretty good huh John yes sir yeah all right you know what I want to do is I want to take a moment and talk about our sponsors if if that's okay by you my friend of course sweet I will start then with smile software's text expander for teams at text expander.com slash geek that's where you go to what they've prepped for you as a Mackie Keb listener this month but you know text expander is one of these great pieces of software that I can't live without because it lets me create shortcuts to type long bits of text but it's not just long bits of text it's long bits of text with say a snippet from my clipboard in there like John and I when we're doing these show notes and stuff for Mackie Keb we have a format that we need to use and so we just use it and I can type a very special thing from my keyboard and it takes if I have the link of a site on my clipboard it puts the link in the format the right way and then positions my cursor so I can type the beauty of text expander for teams is that I could sync that snippet with John so we're using the exact same snippet and if something has to change one of us changes it in text expander and then that is synced for both of us think about this from a customer service standpoint if you've got a bunch of people in your company that are all dealing with the same type of customer facing job they might have snippets especially if it's email based support a snippet because that way you don't have to type out I'm sorry here's our we have to type that out every time you want to be able to just paste that in so you'd write a snippet for it with text expander for teams that snippet is now shared amongst everyone and if you make a change to your RMA process then all you have to do is change it once and you know that everyone has it right there really really simple abbreviations for much larger much more complex pieces of text you got to check this out to TextExpander.com geek and check it out our thanks to TextExpander and the folks at Smile for sponsoring this episode next up is Blue Apron BlueApron.com slash MGG is where you go to get three meals for free this is the ingredients for all the meals packed beautifully in this box that comes via FedEx and the instructions for how to make this meal two nights for dinner we've made Blue Apron meals we made a great stir-fried chicken thing on Friday night and a really really nice like roast beef thing last night killer stuff yeah it really and it and the cool part is because it comes with these instructions everybody in the family can participate at an equal level because we're all sort of operating from the same script and we can all see it's not like you know one of us has the recipe in our head and we're trying to okay you do this you do that you do this and you know the piece of paper is right there everybody's at an equal level everybody just comes in you gotta chop stuff you gotta get this going you gotta get that going there's things you can do in parallel and help each other really really fun and then you get this really tasty meal with super fresh ingredients right there to eat we're constantly surprised with how much we like some of this stuff a lot of it is stuff that we don't eat regularly and that's sort of the point it broadens our horizons but yeah you know there's cashew chicken stir fry with tango mandarins and jasmine rice right I mean like that's a recipe that's mildly complex roasted pork with apple walnut and ferro salad right udon noodle soup with miso and soft boiled eggs these are things that I don't know how to make and yet I'm able to make them all cook within about 30 minutes or less really really fun really easy and great tasting food so go check it out go to blueapron.com mgg and you'll get your first three meals free so can't beat it thanks to blueapron for sponsoring this episode and harry's at harry's.com mgg long time listeners will know that I am most definitely a harry's convert these blades on these razors are hands down the best razors I've ever used and the thing is they're really really inexpensive it's two bucks a blade compared to like you know four or six bucks that you'd pay for it at your pharmacy and the nice part is this harry's stuff is just delivered to your house and you can get it delivered to your house for free all you gotta do is pay $3 shipping right so you go to harry's.com mgg and you sign up for your free trial you pay three bucks to have them ship it to you but that gets you a razor handle a set of blades on there and shave gel and a travel blade cover so you're all set to start shaving when this thing arrives and that's a nice set really the only thing that you then need to get more of eventually down the road is more blades because that's how it works as you keep using them they kind of get used up but along that line I will tell you these harry's blades last longer than any other blades that I've ever tried for me certainly so you know not only are they less expensive than the blades I used to use they actually last longer than the blades I used to use so it's a no brainer folks go to harry's.com mgg harry's.com mgg is where you will go to sign up for your free trial and and like I said you pay three bucks in shipping and then this thing arrives and you can start shaving with it I really love this shave gel it's really really nice stuff and obviously the blades are as I said best ever used are thanks to harry's again harry's.com mgg that's where you gotta go thanks to harry's for sponsoring this episode alright john why don't you take it away you want to you know what let's go to yeah take it just take us to steven john why don't you do that steven yeah where is steven steven steven ah here we go this was a good question may I so so answer that's a good answer we'll help you through it yeah could you review issues associated with changing of an apple id eleven years ago I used my comcast email address for my apple I think just apple id yes it's an apple id I don't think there's a unique itunes id well but it was an itunes id initially right I think I think he's right we're getting into the you know the need yeah your apple id now is your apple id across everything my neighborhood is being cabled for fios hey good for you I will likely leave comcast so should I use my iCloud email as an id and I think the other question he's asking is can so it sounds like he's going to be retiring the comcast email address got it so I think the question being asked although it wasn't explicitly asked is can you change the email address associated with your apple id oh because his comcast email is going to go away oh right this is a real yeah this is a so I think that's the question yeah that he's asking now it's kind of relevant because I've been moving away from my isp's email as well and replacing it when I can with my dot mac email right because yeah I mean once you leave your isp you're not going to have email with them well you can but then it'd be silly to keep paying them right right so you know I wish somebody had an answer to this question Dave but the good news is apple has an answer to this question and basically here are the current rules so the rules for apple ids have changed over the years back in the day I think you actually could have just used a word for the apple id but I think the apple id right now has to be an email address okay and basically the in a nutshell so you know there's an article that goes into detail here but I picked out the important parts and I verified this so the thing is if you use a non-apple email for your apple id you can change it you log in and so you log in through you know the apple id site and when you bring up the preferences or something there's going to be an option somewhere showing the email address being used for the id and it's going to say edit well just go in there you edit it and you change it and then I think what it's going to do is send an email to the new address and alright well let's just make sure you're moving around here and that you actually own this email address and then it will switch it okay so that's the answer an additional answer though and apple has set up this rule this rule as well is that if you are using an apple email for your apple id you cannot change it okay so once you've moved into a mac.com me.com or now iCloud.com address I guess iCloud is the only thing you can move into now although you can keep the previous ones then that's it you're locked that's my interpretation of what the rules say I think that's right yeah hey you can't change it if it's yeah so there's what dot me dot mac and I guess dot iCloud I still have a dot mac that's kind of a legacy thing there's no dot correct it's at mac.com at me.com and at iCloud.com yeah and you can't set up a new account with anything other than at iCloud.com now you don't get me or mac.com that's just for those of us that did it early on right um but for me it's kind of a vanity address because it shows that I'm like kicking it old school that's right not too old school because dot me is way old school um I think dot me came first no no mac.com came first and then it was me I think I'm pretty sure yeah but um the difference here is that if you are using an apple address of one of those three domains we mentioned then presumably your apple ID will last as long as your email address right you won't your your apple hosted email isn't dependent on it's really dependent on apple remaining in business right it's not dependent on what ISP you happen to be using at that point in time it's a you know it's an agnostic email address from that standpoint you could go and move anywhere and presumably be able to access it in fact my guess is even China's firewall lets you access iCloud email um because you know they sell a lot of iPhones over there so um so that's that and of course that's the issue that we're trying to solve here is he's moving away from Comcast so he needs to keep his uh he needs to to change everything and and two things about this number one this is why I highly recommend no one use their ISP provided email for anything other than communication with your ISP because you have to assume it will go away at some point either your ISP will change hands or you will choose to get a better service level and the last thing you want is to have like this guy you know this great choice of Fios and feel like you're ham strung a little bit because oh but if I choose that I lose my email address uh and that I've relied on and everybody knows how to contact me there that's a big problem and and they know this too that if I put on my tinfoil hat for a second however David in the chat room or Dave I should say my apologies Dave Ginsburg in the chat room says uh my friend moved to Vegas and is now on Cox Comcast let him keep his email address and uh and other people have said that they've uh they've had that happen too sometimes Comcast has has forced people to pay for it or made people pay for it but um but at least there you might be able to call them and there's the option but if if you're on and relying on your ISP provided email my advice is change now because you could take six months to change and it probably won't affect you right uh but if you wait until you're in that crunch where you have to change then your time limit is uh is much tighter so there you go that's my that's my rant actually it's not my rant I have another rant but it's unrelated so I'll leave it at that I got a somewhat relevant tangent but the thing that I've been doing and uh any decent password manager should let you do this is that um you may also want to uh well number one use a password manager that may be not last pass if they don't get their act together right um we'll see one thing that you can do typically is search through your database of the sites that you have username and password for and I've been doing this when possible or if it's important uh anyone that is using my opt online address I'm like you know let me go to that site and let me change that there's only one or two sites where they won't let me change the email address to something else or they won't let me change my username from that which is kind of aggravating most do though so cool all right uh all right let's um let's jump around here let's well let's go to let's go to Craig we we've been talking enough about VPN here that I think Craig's VPN related question is quite relevant so Craig asked he says I've been enjoying some of the talk recently about security VPNs and Synology really been learning a lot he says I've been looking at mobile travel VPN solutions like the tiny hardware firewall and the black hole cloud uh he says I have a Synology at home and so could use the Synology VPN as well which would be more secure and which would be more reliable I guess if I am away for a while and my Synology goes down I might lose my VPN access which is less likely when using a paid service but if I go to Hong Kong and China my Synology is less likely to be blocked by their firewall and on a public Wi-Fi network how much of a risk is connecting my iPhone to it when initiating a VPN connection with disintermediating using something like the tiny hide hardware firewall be more secure so um this is where I get to learn something new because when this question came in I had no idea what the tiny hardware firewall was did you know what this thing was John no oh dude it's this little thing that plugs in via lightning to the bottom of your of your iPhone and uh it fits on your keychain actually I guess it plugs in uh do they have a lightning one no they have a USB one so you have to plug it in uh I guess you use an adapter but um what it does is it becomes your internet connection right um so okay sorry I'm I misunderstood this thing USB is only for power it's a wireless device you connect to it it connects to the uh Wi-Fi in the coffee shop or whatever it is this way you're never connecting to the Wi-Fi in the coffee shop and that way there's not even a split second where you're not connected over your VPN or Tor or whatever it is you want to use I mean this thing is so crazy this is uh you know it uh it's just it's just built to totally separate you from whatever it is you're connecting to pretty good huh John sweet yeah yeah I'd never heard of this thing before so we got to learn more about this but to uh to answer Craig's question um yes your spot on about Synology being less likely to be blocked in Hong Kong or China because it's not Synology service it's just their VPN at your home and based on everything that I've heard and as I mentioned I've got some family members traveling to China very soon here so I've been researching this uh our home IP addresses here in the US generally not blocked by China's great firewall so uh so yeah running a VPN at home is most likely to work except if in your case if you're not there to restart your router or disk station well then you know VPN's down you can't do anything um so yes good to have a backup in fact I'm even sending my family with backups even though I'll be here to reset things uh but using this tiny hardware firewall on a public Wi-Fi would definitely be more secure because it's never as we mentioned never connected to uh to the your Mac is never directly connected to the public Wi-Fi so uh so I like that it's a pretty cool thing yeah yeah yeah we gotta check this thing out it's um let's see it uh the hardware costs are um somewhere I don't know it's hard to say I think it's like there's an ethernet one for 35 bucks um one with an external antenna for 41 and then the new little USB powered I guess maybe they're all USB powered but uh the new little keychain size one called Napoleon is 30 bucks and um they uh there's an annual VPN subscription of about a hundred bucks just shy of a hundred bucks but it says each one comes with an annual VPN subscription so you might get that for free for the first year I don't know so it's pretty cool we gotta check these things out John I like this I love it we learn new stuff and then he also talked about uh black hole cloud I think that's the company if I'm not mistaken uh that sells this stuff but maybe not I've never heard of the black hole cloud either yeah black hole cloud is the company that sells the tiny hardware firewall looks like and that might be the uh the service to which you subscribe so we'll put a link to that in the uh in the show notes too cool right crazy I know it's good though you know I've been running a VPN at home for what over 10 years and that's actually the reason that I started using uh DDWRT the custom firmware because there was no firmware for a home grade consumer grade router that supported a VPN server obviously that's changed now and that's part of the reason that I don't find any need to use DDWRT anymore because I can actually get better easier VPN support out of uh certainly out of the Synology router but um but also out of NETgears routers have uh decent VPN it's limited only to OpenVPN you can't do L2TP or SSL VPN with those so the Synology is definitely better but the um NETgear OpenVPN setup is really straightforward um it makes it very very easy so an OpenVPN I know I've complained about it before John because you gotta install the app in the profile it took me about four minutes to get that setup so I really yeah yeah it's just not a biggie well you know part of why it was a biggie was to use OpenVPN on that custom firmware on the third party firmware DDWRT was a huge thing I had to do all kinds of stuff in the command line and build the the certificates in the profile and all that it's like I don't have time for that but when your router takes care of it for you it's like yeah just here's this profile dumb dumb email it to yourself launch it in the OpenVPN app and you're done so yeah I mean the hardest part for me was you know so I'm running it on my Synology yeah so one you can download the certificate and the hardest part putting it in my iOS device was dragging that certificate file over to the iPhone with iTunes so the way I guess pain in the neck the way I did it was I emailed I tried messaging the certificate to myself and I did but it wouldn't like from within the messages app on my iPhone I couldn't launch it out but emailing the certificate to myself could I was able I wonder if it then maps it yeah it knew it was like do you want to open this in OpenVPN and I was like yes and then it did and then there and then it was like all good so yeah with the certificates and that's what I was saying before with your with the profile that you create you know you you could email it to yourself and that would probably be enough to sort of trigger that that process on the phone so it's pretty good though pretty good hey I need to I need to rant for a second John is that alright by you get the get those fists shaken man dude so you know I've been I've been obviously messing with with all these VPNs and one of them as I mentioned earlier is the Synology SSL VPN which is great because it connects over port 443 which means even if people are trying to block you know OpenVPN or L2TP or whatever nobody is going to have a workable Wi-Fi network that blocks outbound connections on port 443 because port 443 is what you use for secure web connections so there's just nobody in the world that's going to block this and so Synology has built this SSL VPN thing it's only in their routers but it's great and it works like flawlessly so I set it up and it worked and then the next day it didn't work I couldn't connect to it like what the heck you know like there's no way and I try to even try connecting from within the house wouldn't connect and it had the day before because it does you know WAN port loop back so you can connect that way and it you know it's all good and I started digging around in the port forwarding section of my router and I saw that my D-Link webcam it's a DCS935L I'm pretty sure I'll confirm that but it's a D-Link webcam it's a couple years old HD I have it named it Hector right our parrot Hector D bird on Twitter right and so public no definitely not public now because it's in my kitchen I'm not going to publicize the camera that's in my kitchen yeah so I'm like what the heck so you know I go and I look in the you know in the settings for the webcam and I see that there's a thing in there that says yeah you know UPNP use UPNP which is like the auto port forwarding thing use UPNP to forward you know both straight web track traffic port 80 and SSL traffic straight to the camera but it's turned off like okay well you shouldn't be doing this and yet sure enough it's doing it okay great thanks so I go in and I change it and I tell it to use different ports I tell it to use 81 and 444 I don't want it to use anything but it seems intense on doing something and if I turn off UPNP it just grabs it and I made sure the firmware was up to date and all that stuff so that sort of worked every now and then it would still grab port 80 but and then I had to reboot my router because there's no way to you know to do that so there's no way to remove UPNP things which I've complained to Synology about they should let you remove entries but so fine okay so I finally get that sorted out and I feel like I've got it straightened out but it took me you know a few days to figure out what it was and then and then I had to fix it and jack with it and I was always worried about if the camera restarted if it would cause this problem again because that it would seem to at least some of the time what the heck do you think okay fine now yesterday my power goes out right we had a big snowstorm here huge snowstorm we got like a foot of snow or something crazy and so the power goes out so when the power's out you know I have UPSs on everything because that's what we do but they start beeping and it went out at 6.15 in the morning this is my one day where I get to sleep in a little bit and now I've got this UPS in my bedroom waking me up so I'm awake so it's obvious the power's going to be out for a little while everybody in the neighborhoods out and I looked on Facebook one of our neighbors posted that you know a tree a tree limb came down burned on the wires in front of their house but you know it's fine it's going to be a couple hours so I go around I turn off all the UPSs and then I go back to sleep when the power comes back on of course I'm woken up again a couple hours later because you know lights things happen we have like a fan in our bedroom and so that turns on and that wakes me up like alright I'll go around and I'll turn everything on so but the camera's not plugged into a UPS so I'm turning things on and then I turn on the router but before I turn on the router I see that my phone is connected to wifi and that's because in the bedroom I have another access point running but it's not in DHCP mode or anything it's just an access point not trying to be a router like well why does it think it's connected to that there's no DHCP server it shouldn't work and I look and my phone is but it's got this weird 10.255.255. whatever IP address what the heck is that coming from so before I turn on the router again the real router I gotta figure out what device is handing out IP addresses on my network because I don't want a second DHCP server on my network and so I get my computer out or I try to log into it from the phone and it just gives me like you know username and password so it's like there's something but I can't tell quite what it is so I launch my computer and I realize sure enough it's the freaking webcam why is this thing handing out IP addresses on on my network the way you configure this is if it can't connect to another wireless network it broadcasts its own ad hoc network right so you connect to it it does give you an IP address and that's how you configure the camera and you tell it your wifi network name and all that you get to its web interface and it's fine but it should never be handing out IP addresses on my network that's insane so that webcam is now unplugged like what the heck that's insane yeah how again did you determine that it was that oh because so my computer or everything that got an address got a 10.255.255.x whatever whatever it was but I figured okay well the router the thing handing out addresses generally is going to be at .1 so I fired up a web browser and I went to 10.255.255.1 and it said log in and it took a little bit of sleuthing to figure out and I really didn't even know what I was connecting to but based on this other problem that I had with this webcam I'm like I bet it's a freaking webcam and so I tried it and it had previously set up on the webcam sure enough it's like yep hello I want to make sure because I was distracted by some page but no I was doing some additional research here the other way you could have found out that this is happening I believe would have been to do a port scan on that device so that's what I wanted to do because DHCP and I just looked this up DHCP operates on UDP 67 and 68 I believe if the information I have in front of me is correct yeah but I mean I already knew it was handing it I mean it was like yeah I'm saying in general if you want to determine if something is doing DHCP you could see if either UDP port 67 or 68 is open or respond if it does then that's a DHCP server what was more important to me which I had a little trouble sorting out was what other devices exist on this subnet because I'm about to turn my normal router on but I don't know how long of a lease this stupid webcam has given to all these other devices that are out there and so like what's going to happen like my Drobo that's already on my disk station that's already on you know they all have 10.255 addresses what devices are they I just wanted to know what they were so I could try and log in and fix them there's no way anymore in the OS 10 GUI to do a ping of a range of IPs there used to be but there doesn't seem to be anymore in network utility at least not in the Sierra build that I have on my laptop yeah well you could ping I'm pretty sure you could ping the .255 address I believe that's the one that was ping that's what I should have done I just educated I took network I remember that was one fun thing as far as I know pinging a .255 address ping everybody on this subnet yeah that's what I should have done duh hey we all learned something yeah that totally would have done it yep oh well yeah that would have been the right thing so there's the trick it was like wait that's not working crap now for things that are ethernet connected the way to get them to renew their IP address without going into their interface is to just unplug ethernet from the back of them for a second or two and then plug it back in that will generally force an ethernet device to just because it loses its network connection everything's back to zero it gets a network connection back and it's like let me reintroduce myself and boom there you go but yeah what the heck is up with this webcam trying to like be it's what is it the eye of Sauron or something it's like trying to control my life it's like dude just I've turned it off I like having the HectorCam I don't use it all that often but it's fun and it's nice to be able to use it to test Synology's surveillance station and stuff which is cool that's whoa that was a good one and we learned something I reminded you about that broadcast thing you want to take us to Andrew Andrew what's up with the Andrew I know what's up with the Andrew this is an easy one actually it wasn't so he says hi if I wanted to use an iPad Pro at work as my primary computer and I needed to connect to a server where the workplace stores and shares file what is the best way to accomplish this was an iPad Pro at first I was scratching my head over that so I'm like because the thing is as you may know iOS doesn't really have really give you direct access to a file system or network servers right there is no finder on iOS you can't say well connect to this so at first I thought well hey you just you know in macOS you could go menu and say connect to server or command K and type in something like AFP colon slash slash in the IP address of the server or SMB or whatever protocol and actually I tried that and that does not work on iOS it works on the Mac or from Safari you can do that too in Safari if you type protocol colon slash slash in the IP address then hand it off to the finder and say hey you want to connect to this dude I found the bees knees now I've never really had a need to do this before so one suggestion would be well maybe you could start in a cloud service but then that probably isn't the right way to go about it but dude I found this app oh my gosh it's the greatest alright I'm waiting my breath is baited and I think this would help you with a problem that you have Dave there's a free little app in the app store called file explorer from SkyJose Company Limited fire this thing up and it's like okay would you like to connect to a macOS 10 server or window server or linux unix server or a NAS or a time capsule or WD, Toshiba, webdav, FTP oh dude so you see in this app here the screen shot should get across what this does exactly and so I'm like wow I never heard of this app before so I download the app and I punched in so I said windows and I typed in I gave it the IP address of my Synology username password and lo and behold it appears all my folders and stuff okay so lets you access the files alright so that's one part of the puzzle but then what are you going to edit them in place or whatever well you could but then here's the other thing that it does that helps complete the job you can download files from your NAS two it creates its own little file system so like I downloaded a graphic and then it's stored in a folder accessible from within the app called downloads so it has a few folders so it creates a file system or maybe it just so I don't know if they're breaking any well they're not breaking any rules because otherwise they wouldn't be in the app store but um it allows you to and it also lets you access your cloud services wow so that's pretty cool man so I think what you were saying that you wanted to do before you wanted to take a picture and get it somewhere else yeah this this little app should be able to do it for you yeah because it'll see a photo library as a it does it shows your photo library as a store my problem was I had a photo and I wanted to share it to Dropbox so that I could share the link with actually I just wanted to share it with the people in the chat room so um so I was trying from the photos app to share to Dropbox and it doesn't appear there I had to launch Dropbox and do it really and then Dropbox was like I don't have access to your photo library but I know and so then I had to go through a whole other I messaged it to myself and then just dragged it into my Dropbox on my Mac was actually what I did yeah yeah so this looks great though there's a pro version I'm trying to figure out what the difference is between File Explorer and File Explorer Pro awesome you want me to tell you as far as I could tell very quickly so yeah so they so the initial app is free right the limitation with the free app is that you can only have a single network connection at a time so the pro version which you got a you got a pony up $4.99 wow I mean hey that's short money for what we're talking about here yeah the pro version gives you the ability to be connected to numerous to multiple file servers at the same time and I think it also supports playback of a wider range got it that makes sense files yeah wow huh yeah because at first my thoughts would be well I don't know if I'd necessarily be using on iPad pro is right right as your main computer in a workplace cause my humble opinion it's probably not the best option but using something like this Federico would disagree with you man so yeah yeah but looking at the availability of this app since the OS doesn't do it this app should be able to let you connect to your server and store your you know store the stuff locally edit it I would imagine you could upload yeah it accesses the standard share sheet it'll let you access the share sheet so it's pretty cool man wow yeah I don't know if he I don't know if they just access stuff that's already available in iOS or use open source stuff to you know do the SMB and you know someone else also reminded us of good reader not quite the interface that you're talking about with this here but good reader is one of those apps that kind of does everything with iOS that you could possibly imagine it's it's not really built to do it you know this way but it's kind of how it works so we'll put a link to that into I think file explorer is far closer to what you're you're looking for but if you already happen to have good reader it might serve this purpose for you too it's worth it's always worth a mention in these these kinds of scenarios yeah man that's pretty crazy I like it all right let's we've got a few minutes left our shows have been trending towards the hour and a half mark and I'm trying to not let that happen but when we started this 12 years ago 45 minutes was the number then it nudged to an hour and then an hour and 15 and now an hour and a half I'm shooting back for an hour and 15 John so but I think we got time for at least a quick one and this is a good follow-up from Todd from last week's show Todd says you recently discussed the new Lima Ultra and didn't sound particularly impressed especially when compared to Synology and others which is almost the same in the price range but a possible possible advantage to Lima might be storing the photo library from the Mac photos app we've discussed in the past that the photos app requires its library to be on an HFS plus formatted drive which can't be done with a normal NAS unless you're using iSCSI but the photos library is also supposed to be stored on a local drive not a network drive obviously Lima is actually a network drive but didn't you say it appears to the Mac as a local drive what do you think about this so yeah it Lima uses a technology called OS 10 fuse to make this network store appear as a local drive but the problem is it does not appear as an HFS plus file system it appears as format general file system OSX fuse and anyway I tried it I figured what's the harm I went to create a new photos library and pointed it at the Lima and photos summarily crashed but it said it unexpectedly erred out when it was creating the new photos library I disagreed it wasn't all that unexpected I kind of expected it but nonetheless it won't do it because the file system doesn't exist it doesn't match HFS plus but it's a good idea it's good thinking I think there's like I said last week the Lima it's solid it just it's just feature starved so it's a I'm curious to see where it goes but if they can get the price down that would be a key thoughts on this John no no all right you know I will simply point you to an article that Jeff butts and I wrote this week about the Apple's new file system APFS we talked about it on TDO as well but you can if you have Sierra you can format a disc as APFS it won't mount on anything other than Sierra which just isn't a great surprise but it will mount on Sierra disc speed test with black magic showed that APFS is about 20% slower for both reads and writes on an SSD than than HFS plus and that's including HFS plus encrypted now it's not released or ready for prime time yet so maybe that's the reason but Jeff also did some testing with his iPhone and found similar results so your mileage may vary but it's worth keeping an eye on this and there might be other benefits you know the other benefits to APFS might be enough that this particular you know sort of bulk speed reduction doesn't really you know doesn't stop you from using it so anyway just figured I'd throw that out there did you see those John yeah yeah kind of surprising unless speed was not their primary design goal right right exactly I mean there could be still be debugging hooks in it or whatever that are slowing it down and okay fine but you know it it's not it's with bulk data transfers so you know big files one gig to five gigs in size reading and writing back and forth all the time but it's possible it's faster with smaller file stuff and you know that kind of thing so it's worth it I mean there may be good even if what we're seeing is the final build of APFS there there's probably enough incentive to move to it anyway even though for this one thing it happens to be fall short of HFS plus so yeah it's interesting stuff though don't you think yeah I mean I mean currently a disc might my disc throughput now that I'm on the SSD train is not something that usually gets in my way that's the thing right giving up 20% of that is sort of irrelevant for me to you know I guess if you're someone who does a lot of video editing then maybe you would I mean you would do that on an external drive anyway and maybe in that case it makes sense to format an HFS plus and just do it there so I don't know that's my thoughts if you have thoughts on this or really anything else give us an email feedback at macgeekab.com what he said was feedback at macgeekab.com I did say feedback at macgeekab.com except if you are a premium listener and if you are a premium listener well then you get to email premium at macgeekab.com and as we started last week this week I'm going to do the same thing and we're going to give a shout out to all of those premium listeners whose contributions came in during the last week for those of you that contributed before this we'll catch you up as time moves forward but this is just how we're doing it and of course like we said last week we're wide open to your suggestions and thoughts and comments and all that so there's a lot of you this week let's see we had monthly people on the monthly $10 month plan Dave C Michael P, Chris F, Elizabeth B Michael L, Bob P and Jason A thank you all very very much for your contribution and your help and keep an MGG going on the every six month plan 25 bucks every six months we have James H, James C Keith K, Roger Y Randy B Robert R, Sharon F Frank K Michelle D Ulysses B, Mario Z thank you to all of you and then we had some one time contributions come in this week at the $100 level Joseph BP Simon C Sandra H, you all rock at the $50 level David G and Lawrence H you rock and 25 is Frank R so thank you really you folks like we said last week you all rock thank you so much for doing what you do to help keep things rolling here all of you any of you you premium folks and anyone else you're all welcome to call us to do for 888 geek which is 4335 one more way John what's your favorite way what do you want to tell them about I like the twitters myself it's just full of funny games and if you'd like to get involved in fun and games on twitter twitter.com and I am John F. Braun he is Dave Hamilton the show is Mac Geek Gap the publication is Mac Observer and the guy flying all over the place to help stimulate the economy and just because he likes flying is Pilot Pete thanks to cash fly CACHEFLY.com for providing all the bandwidth to go from us to you and then the podcast marketplace includes all our sponsors of course we mentioned smile at texexpander.com at blueapron.com at blueapron.com at blueapron.com at blueapron.com at blueapron.com at blueapron.com at blueapron.com thanks to everybody thanks to you thanks to everybody who contributes and all that great stuff you all rock you know sometimes it's just how it works right John what's that thing we like to say oh what was that for I pressed the wrong button John you know what happened I started I'm doing all the wrong things what's that thing we like to say