 The Mac Observers Mac Geek Gab, episode 681 for Monday, October 31st. Happy Halloween 2017! And welcome to the Mac Observers Mac Geek Gab, the show where you send in your tips, questions, cool stuff found in candy because it's Halloween and we share all of it, except maybe the candy because we eat all that, but the goal is to eat at least four pieces of candy. Learn at least four new things each and every time we get together. And I did, I said Monday in the intro to the show, not once, which screwed up, but twice. And that's because we meant to record this on Monday, October 31st. But it is Tuesday, October 31st. So a big shout out to Michael King in the chat room at MacGeekGab.com slash stream for correcting us early on here. We're just going to roll with it. It's fine. It's fine. It's fine. Nobody cares. It's fine. It's all good. Our sponsors for this episode include Jamf Now. We're at jamf.com slash mgg. You can get your first three devices for free for life on Jamf's awesome remote management tool. We'll talk a little bit more about that in a minute and Sanebox. Sanebox.com slash MGG gets you two weeks for free. And once you join, 25 bucks off, but you don't have to give them your credit card up front. And this is the email service that has been saving me time and managing my life for over four years. So we'll talk a little bit more about that in a minute here in Durham, New Hampshire. I'm Dave Hamilton. And here, recovering from the storm. This is in Fairfield, Connecticut. You bring up the storm, of course. What are you recovering from? I had little flicker and some of my devices were upset. You should get UBS, man. Then your devices wouldn't be upset by those flickers. I can't recommend battery backups enough for all your stuff. We had power go out here for not quite a day. It started probably 2 a.m. yesterday and came back about 7 p.m., maybe 6.30 p.m. But I always feel good about my devices, especially in the pre-outage hours or minutes when things are flickering on and off because an outage doesn't blow stuff up. It's the power coming back by surprise or going out very, very briefly and then coming back. That's what fries electronics. And I've seen it where one little flicker like that will fry stuff. I've also seen it where that kind of thing over time tends to reduce the life of stuff like hard drives and power supplies, power supplies especially. But motherboards tend to get a little bit wonky when they start getting zapped with juice like that, when it's dissipating out and it all comes back in. Anyway, I can't recommend battery backups highly enough for all your electronics, not just your computers. I put them on my TVs. I put them on everything. There's no reason not to, other than money, I realize. But it's kind of the way I look at it is insurance policy. As Karan says in our chat room, what has brownouts done for you? There you go. Yep. Because we're talking about UPSs. That's funny, right? UPSs? What have brownouts done for you? That's funny. Wow, there's something going on out there. You got, yes, maybe you are. Maybe there's more to be done. Kids are without school again today here because we've got trees, limbs down and things like that across the roads. It's crazy. Hey, speaking of roads, I have a cool stuff found to mention. I've been testing and really actually loving this thing. It's a car mount for your iPhone. It's called the Exo Mount from Exo Gear. The Exo Mount Touch CD and it's $30. It sits in your CD player. If your car has got a CD player that you never use like most of us, it sits right in there. You kind of slide this thing in the CD player and then you sort of crank it and it opens itself up so that it creates a pressure scenario in there and it just holds itself in. Man, it's great because you're not sticking something on your vent that you're blocking or having to sit it up on the top of your dash or whatever, but it's right there. The cool part about this one, man, is not only does it fit in the CD slot and it just locks right in there, it's got pressure grips on either side of it. It can be rotated so you can have your phone portrait or landscape, but you push these two little things to release the phone and the pressure grips open wide and stay locked. Then the next time you put your phone in, there's a release button in the middle of the clamp. When you put your phone in, that triggers the release and the things come around and grab it on the side. If you forget to put your phone up while you're in the car, you just grab it, pop it on the thing and it automatically clamps closed right on it. I'm actually loving this thing. It's really, really cool and everybody that gets in my car sees it and they're like, hey, where do I get one of those? That's why it's cool stuff found, man. It's good stuff. Yeah? Good? I don't know. I don't even have a CD player in my car. I don't use it though. I don't even know where to go with that. Let me find our agenda here. Oh, I found our agenda. Now I got to find this thing here because things are all over the place today. We'll go to another cool stuff found from Charles. Charles said, I used to use LogMeIn for remote control of my personal machines and those of others I helped until they started charging a hefty price. I transitioned to Splashtop.com, which is a much more reasonable service and since I pay for it, so I'm helping them keep them in business. He says they have a personal plan, which is $16.99 a year. Their business plan starts out at $60 a year per user. Since I'm the only one that uses the service, it's a great deal for me at $60 a year. They also support things like two-factor authentication, URLs that can be emailed for remote deployment, categorization of clients, et cetera. They only support PCs and Macs, but he says that's all I really need right now. Yeah, very, very cool. Very good. Have you ever used Splashtop, John? No. Sounds like a... Yeah, I'm going to have to check it out. It's a good... Not a lot of solutions when people start deciding to charge money for things that were free. It's like, how dare you? Well, Charles is happy to pay. He feels like LogMeIn's price is perhaps too high. Splashtop isn't. There you go. Plays out in the market. That's how life works. All right, and then I think the last of our cool stuff found for this week is Everett with Packet Squirrel. Everett had written in a few months ago, and he says, I asked you guys a while back if you knew of a device that would give me access to a network remotely. He says, and I found it. It's called Packet Squirrel. He says, it also does a few other cool things, too. Did you check this out, John? This Packet Squirrel is an interesting thing. It's built to be set up as a man in the middle kind of thing. It could be used for nefarious purposes. It's a tiny little. It's pocket-sized. It's got two ethernet ports on it and a USB port. And what happens is you plug it in in line in the middle of the network wherever you might want this. But it has an inbound VPN server. It's also got a VPN router. It can capture packets between whatever devices you've put it between. So it can do all kinds of things. I can see it being handy for someone. I think I was using it or wanted to use it as an easy way to set up an inbound VPN for himself to get into his client's networks without having to, say, change their routers or set up another computer with a VPN server on it that they needed to keep running. You thought, well, if I can just put this out there, and then there you go. And because it's got a USB port for power on it, you can either, of course, plug it in or if you've got a high-capacity battery pack, you could plug it into that. And then it doesn't even need power and it could run for probably a week. It's a pretty low-power device. So it's interesting, these types of things, with great power comes great responsibility, John. Pretty interesting, huh, man? Looks like a protocol analyzer plus, if you will. Yes. That's what some call these devices that can capture packets and let you look at them. Yep. Yep. Yeah. And squirrel. I mean, well, I like also that their products seem to have an animal theme. They got a squirrel product, a bunny product, a ducky product, a turtle product. I mean, what kind of work do you want? Yeah, Andy in the chat room is telling us about their land turtle, which is, I don't even know. Oh, it's a remote access for, they've got a 3G version so that you could 3G into a network. Yeah, this is interesting stuff, man. Huh. Fascinating. I don't know, man. I don't know. It's the land turtle, but just better than a land shark, I guess. All right. Last episode, 680, which was also recorded on a Monday, just like this one, Monday, October 31st, 2017. We discussed Microsoft Office alternatives, and I had noted that I preferred Libre Office because they were the only ones that did DocX and XLSX formats, which is sort of the current slash new, although not that new, Microsoft Word and Excel formats. Well, it turns out Neal Office will do that too. Lee wrote in and he said, you said that Libre Office is the most Mac-like, and he says, Neal Office is far and away the most Mac-like, and by quite a large margin. I've been using it for years for this very reason. Mac likeness has always been Neal Office's primary strength. You also said that Neal Office doesn't support the DocX format. Actually, in its latest release, Neal Office now does support DocX, as the codebase for Neal was recently switched from the original OpenOffice codebase to the very codebase used by Libre Office for this reason. Saying that Neal Office's Java-based solution is slightly misleading too, he says it uses Java for only a few minor pieces of functionality and runs quite well without Java even being installed, if you like. Actually, all the other OpenOffice systems also have Java-based components, though they might be moving away from that as well. Neal Office is not free, as Lee, it's available in the Mac App Store or from neooffice.org. But the whole point of this system is that it's being the most Mac-like experience and with support for DocX, it is now by far the best solution for those wanting an OpenOffice program. Thanks, Lee. That's helpful. I really appreciate you writing in and sharing that with us. And listener Dave also had similar things to say, and he even sent us a wiki page to Neal Office's feature comparison, which we will put in the show notes. So thanks for that, too. Very, very good, so that we can have all that stuff. Did you check any of these out, John? I think when we talked about this, I mentioned, what do I... I'm running one of... I think you said you were running OpenOffice, which is probably the least popular. Yeah, I have it on my system. I think, like I mentioned, I find apples free sufficient. But if you need that extra oomph. Yeah, it's good to have a round. It's good to have one of these around for when you do need that extra oomph, because then it's right there and you've got it. So there you go. Yeah. All right, good stuff. Thank you. Also, in 680, we talked about various things to sync files in real time, like a private way, like not Dropbox, but some engine that you could run on your Mac that would just automatically sync files. And Doug wrote in it and said, GoodSync does this. He says, after a file change, you can delay it for a few seconds if you want before the sync starts, but it can happen immediately when there's a file change. He says, it can also happen on a folders connect, or periodically you can have it do it once an hour or on any other schedule you'd like to. He says, I use GoodSync to back up my keychain, password management, database live, and periodically to the cloud. Also, oh, he says, I wish I'd would have known you were in Houston is evidently Doug's in Houston too. Yeah, it would have been good to meet up. I will promise to be more proactive telling you folks where I'm going to be when. So there you go. I don't have anything coming up in the very near future, but I will. And lastly, John, we have a note from someone who will remain nameless. We were talking about somebody that works at the mothership there. We were talking about content caching in Mac OS high Sierra, right? Back in 680. And two very important things that we got from this person. Number one, he I assume it's a he will say it's a he I don't actually know. It won't fill up your disk with cashed content. By default, once you get to two gigabytes of free space on the volume, content caching will start clearing things up. But there is a reserved volume space key that you can change that you can use to change the value. And there is and we'll put a link to this in the show notes. There's a developer note from Apple all about how to really go in and tweak all this content caching from the terminal. There's a laundry list of things like this reserved volume space key, but all kinds of stuff, most of which is inaccessible from the GUI. You can set which ranges of the network to listen to. You can go nuts. It's really, really cool. So if you like the terminal and you want to control how content caching does what it does, this is the way to go. So it's pretty good. Did you check that out, John? I think I indicated to you. I'll have to fiddle with it. I haven't fiddled with it yet. Got it. Yeah. That's pretty good stuff. Storing it. I don't know. Caches just cause all sorts of problems. So maybe this will solve some of those caches. Well, it's important to note that this has actually been around for a very long time. This is not new. It's just new to the client OS. It's always been in Mac OS server and with great success because it keeps you from having to constantly sync or download from the cloud. So it's fairly robust. I mean, we use caches all the time. Your machine would be probably a tenth the speed that it is, especially on boot up without caches. Of course. Yeah, yeah, yeah. Yes, very good stuff. And especially for folks that are on either bandwidth throttled plans or limited bandwidth plans. Man, I can see this making a big difference. Yeah, or in an enterprise where you may have tens or hundreds or thousands of clients. Yeah, all wanting the same thing. Yep. Yep. Yeah, it's pretty good. All right. Well, the iPhone 10 went on sale since the last time we we chatted here. And so we've got people that are going to be getting them in the next week plus, right? I think some will arrive on Friday. Mine, thankfully, I was able to get an order in right away. So mine will arrive on Friday. A couple of things. We've had a couple of questions about the iPhone 10, but I will start by saying if you want to know where your iPhone 10 is and you haven't gotten a ship notification from Apple yet, there are a couple of ways you can do it. If you ordered from Apple, you can go to UPS and because most of Apple's things are going to be shipped with UPS. And instead of tracking by tracking number, you can track by reference number. And your Apple Store order will be your reference number. And that will show you and it'll come right up. I put my order number in. You have to remove the last two digits of your order when you're doing it this way, which is a little tricky. Forbes published an article about it. So that's one way of doing it. If it's coming from one of the carriers, oftentimes your phone number will be the reference number. So that's another way of finding your tracking number out. But I find the best way is to sign up for both FedEx and UPS is my choice thing, where you give it your address and all that stuff. And then they'll simply tell you when there's packages coming in or you can launch their apps or visit them on the web and see what packages are inbound to you, even if the shipper has not told you that package is inbound. And I set it up to get an email once a day on this stuff. And it's great being able to see what's coming in. Do I need to be aware or on the lookout for a package? So that's my tip, John. Do you have any tips for things like that? I'm with you. I just got an email the other day from FedEx saying, hey, your friends at Tile are going to send you some goodies that you asked for at the last event you were at. Oh, thank you. Yeah. And I found it useful too. I had somebody ship me something and it required a signature and I'm like, oh man. So I had to stay home. Well, you can, with most of these things, even on the ones, and I found this true, even on the ones from Apple with UPS, I had a couple of things recently where a signature was required. And I went in and I was able to not pre-sign but essentially wave my rights to whatever would happen if somebody stole the package and not have to be around for that signature. And it wasn't just stuff from Apple. It was actually, I think there was a thing from Ultimate Years 2 that was coming in and it was like, they're crazy about that stuff because it's relatively valuable. And I was able to wave my signature requirement by just going in to my UPS account for that same My Choice thing and I could just check the box and say, so yeah. Yeah, I think I'm set up that way too. But sometimes the wishes of the person sending it overrule your wishes. Well, that's what I'm saying though, is my wishes- But you can overrule the overrule? Yes, exactly. Yeah. Okay, because yeah, I've had stuff from Apple you can pre-sign, I guess, or fill out a form. Yeah, sometimes Apple will let you do that thing where you print it out and stick it on the door with the Ultimate Years one. That was not an option for this package. But by going into My Choice, I had to go into not redirect but control the delivery over there or something and then I was able to do it. So anyway, check that stuff out because that can be very helpful for you. Along the lines of migrating to iPhone 10, Chris has a question. He says, I was in line in my local carrier, O2, must be in UK, store last Friday and managed to reserve an iPhone 10 for in-store pickup when I will trade in my 7 Plus. My question is, what's the easiest way to get my iPhone 10 set up? I currently have a series to Apple Watch linked to it and both devices are running the iOS betas for my work. I plan to put the 10 on iOS 11.1 also, so I can still do an encrypted backup and restore on iOS 11.1. Can I do that with the recent iTunes changes? I want to keep my health data. I plan to complete an Apple Watch d-linking and full iPhone backup in a local coffee shop before I give the phone in and then back to the coffee shop to restore the phone. I'm then heading north for a trip, so I want to have everything set up before I go for CarPlay and GPS. All right, so yeah, it's a good question. iCloud backup would most likely work for you. iCloud backups are always encrypted, which means they always have your health data in them in an encrypted format, of course. But iTunes still lets you do encrypted backups of your devices. Just assign a password to it, plug the device in is probably the fastest way, although you could do it over Wi-Fi if you're doing it in a coffee shop, probably not the best. So plug it in, it'll go faster anyway. Here's going to be the interesting part. It's possible that iPhone 10 will arrive with iOS 11.1 on it. It wouldn't surprise me if we see 11.1 released, perhaps while we're in the process of recording this episode, but certainly before Friday when these deliveries start to arrive. If it comes with iOS 11.1, you're in great shape because you can just start from scratch, restore the settings on to it, and you're good to go. If it comes with some flavor of 11.0, though, you're going to need to wipe the phone clean and restore iOS 11.1 beta onto there. So you're going to have to go in and download the beta version. I don't even know if the iPhone 10 is available to developers yet. I would imagine maybe it is. I haven't looked. But you'll need that because, as Chris alludes in his post, you cannot restore a backup onto a device with a version of iOS that's older than what the backup was made with. You can go newer. So if the backup is made with 11.0 and you have 11.1, no problem, you can go up to it. But if the backup was made with 11.1 and your phone has 11.0, you cannot go down with that backup. So you have to be on at least the same software, if not later, which makes sense. Thoughts on that, John? No. No, huh? All right. Well, I'm still considering whether I should upgrade my phone. You wait, but I'm just saying, do you have thoughts about Chris's process there? No. Regardless of what you're buying. Yeah. Sounds good. Cool. All right. Karsten has another question about iPhone 10. He says, like many, I was up very early to order a new iPhone 10, which arrives on November 3rd. I did not pick AppleCare because I remembered you order AppleCare from a third-party provider that you are happy with. Can you remind me again who you purchased AppleCare from and their web address? Also, how do I register AppleCare once purchased? So it's important to note that AppleCare is available for your Mac and things like that. And AppleCare Plus is what is available for iPhones. And the two, despite sharing a very, very similar name, are not the same thing. One very big difference is that AppleCare Plus is not, to my knowledge, available from any third-party resellers. You have to buy AppleCare Plus only from Apple or via your carrier. I think you can do that, too. So this is an Apple-sold product. And I have not found any third parties that sell AppleCare Plus. But AppleCare, I've always bought from LA Computer Company. We talked about that on a recent episode. They don't have many things right now. I think they only have AppleCare for the Mini and the iMac at the moment. But you can call them and ask them if they can get it for others. I've also, in the past, although it's been a little while, bought AppleCare from Smalldog Electronics. And that has worked out well for me, too. Again, I don't know what they have in stock at the moment, but it's worth contacting them. They certainly have done that in the past, and they can sell it at a discount over what you would pay Apple for regular AppleCare. So it's worth your while to check with them. In terms of registering AppleCare, kind of moving on from Karsten's question, because Karsten will have to buy AppleCare Plus direct from Apple for his iPhone X, in terms of registering regular AppleCare for your Mac, when you buy it from someone like a computer or Smalldog or anywhere where you're getting it literally in a box, what's in the box is a code. And you go online and you register your AppleCare code and assign it to the serial number of the computer that it's going to be on. Obviously, the type of that computer has to match the type of computer you bought AppleCare for. You can't buy an iMac AppleCare and apply it to a MacBook Pro. But Apple is, other than that, Apple's pretty lenient about how and when you apply AppleCare. The best thing is to apply AppleCare before your one-year warranty runs out. However, if you haven't done that, but you have purchased AppleCare before your warranty run out. So let's say you went to LA Computer, you're on day 350 of your product ownership, you go to LA Computer, you buy AppleCare, they send you the box, you get the box, and by the time you get around to registering it, you're now at day 370. Well, you can't do that online because Apple is going to say, nope, this isn't eligible. But you can get in touch with them. In my experience, and hopefully this would happen for you, they'll ask you, they'll say, look, just send us a proof of the purchase date from when you bought AppleCare. So you send them your receipt. I sent them an LA Computer company receipt. And they say, send that in along with the code that's there. And then they go into their system and backfill all that stuff. So it's a little bit more of a headache, but they are sensitive to the fact that you tried to do it right and you missed the date by a few days, that's fine. We'll take care of it as long as all the rest of your ducks are in a row. So it's pretty good. Do you buy AppleCare for your iPhones, John? I do not. Not for my iPhones. I did get it though. I think it's expired now. I did get it for my Macbook Pro. I did not get it for the mini. And you may ask yourself, how can I tell if I am even covered or what is my warranty coverage status thing? Well, at least these days you go to about this Mac. There's a service tab. And then there's a little thing that says, check my service and support coverage status. And you click on that and it extracts your serial number. And then tells you, you know, I'm looking right now and it says, oh, valid purchase date. Okay, you did in fact buy this machine. They're also saying telephone technical support expired. That's typically I think 90 days or something. And then repairs and service coverage expired, which means I'm totally out of warranty on this one. But I did get AppleCare because I think it's definitely worth it for notebooks. Do we call them notebooks? What do we call them? Laptops. I don't know. Yeah, exactly. I always buy it. I bought it for my two 27 inch iMacs too. I mean, I think with LA computer, I was able to get AppleCare for like 149 bucks or something. And, you know, to put that warranty on a $3,000 machine is like snow brainer. Oh, okay. Yeah. Yeah, because the price is the same for all iMacs. Like there's one AppleCare for everything from, you know, the least expensive iMac all the way up. Well, I don't know about the iMac Pro that's coming out, but certainly the Retina iMacs have always just been, yeah, it's just AppleCare. You're good to go. Sweet. Yeah, I don't buy it on my phones. You know, the reason is we keep four phones active in our house all the time, one for each of us, right? Lisa, me and each of the kids. And it would cost a lot to put AppleCare Plus on every phone that we have. I mean, for the iPhone X, they want $299 for the 64 gig phone for AppleCare Plus. So, I think, I think that's what, oh, that's Australian. So I think it might be $199 here in the US. I was reading that in the chat room and not quite fully parsing, because I'm talking to you folks. But even at $199, that's quite a bit of money. Times four, it's like, whoa, that's a new phone. And then that makes me scratch my head and say, okay, hey, so if somebody destroys or loses their phone, huh, am I better off? Like, how often is that going to happen? And am I better off just essentially self-insuring with, okay, yep, we'll not buy the insurance. And if and when a problem happens, we'll just pay for it. And we've been through that. And we've had to pay, I think the most we paid for any given phone, and it's, I think it's only happened once, was that we paid $300 to get the, you know, the flat rate repair, because the screen was shattered. But when we replaced the screen, there was more to it than just screen damage. So everything needed to go. So it was this, you know, whatever it was, $299 on that phone. It's like, okay, well, through 10 iPhones, which is what we've probably had, if not more, through the house here, we've, you know, we've had one that went south at our own, which was our own fault. And it cost us 300 bucks. It's like, okay, that's way cheaper than buying insurance on all of them. So that's sort of my thought process. I have nothing against AppleCare Plus on the iPhone. It just, for us, it just financially, it makes no sense to do that. So, but that's how you need to do those types of calculations. It's just an insurance policy. So where would you rather put the money? Do you want to put it on a sure thing, and maybe spend a little extra, but you know you're covered, or are you willing to take a little bit of risk and save a, in our case, thus far, a ton of money. So there you go. Yeah. Yeah. I can't believe this. I can. Actually, it's based, follows my spreadsheet almost to the letter. Yeah. Yeah. I do want to talk about our premium supporters here, because you folks rock. If you are interested and able to support the show directly, you can visit macgeekab.com slash premium. And I want to send a big shout out to the folks that contributed or renewed this week. And an especially big thanks to everyone that's had to go through this credit card migration with us, migrated processors. And that meant that we couldn't migrate you entirely over. You had to do a little bit of it. And I really appreciate it. It is our goal to lose no one in this migration process. And thus far, you folks are doing a pretty good job of holding true to that. I think there's, I think there's five of you that have yet to migrate that needed to. There's still several, many of you in fact, that haven't migrated, but your renewals aren't up yet. So do it before your renewal happens. And life is way easier for you and for us. If you do it after the renewal, it's just a little, it's one extra step that you have to go through. But if you do it before the renewal, you're in great shape. So, and you can just visit your account and mackeykev.com slash premium and just log in and you can see your account and migrate it right there from your subscriptions page. This week to thank on the $25 biannual plan, we've got Charles K, Kenneth C, Thomas S, Chuck J, Ed I, Mark W, Bobby H, Stevie D, and Anthony C. Thank you to all of you. And on the monthly $10 plan, we have Elizabeth B, Petter H, or Peter H, Chris F, Jim E, and lastly, Micah P, who stepped it up and does 15 a month and you all rock. Thank you so much, so much for all that you do. Let's see, where are we here on all of this, John? You know what? While we're in that vein, how about we tell you about our sponsors for the week? Does that work for you, John? Absolutely. All right. Our first sponsor today is Sanebox.com is where you go to get a two-week free trial, no credit card necessary for the trial, no risk, you just try it out. And then, if you decide to buy by having visited Sanebox.com, you get $25 off of the email service that has saved me so much time, it's ridiculous. I've been using and paying for Sanebox for the last four, almost four and a half years, and I cannot imagine a world without it. It's true. What Sanebox does is it monitors your inbox for you. It only looks at the headers, so it's not like looking at or indexing the content in your emails or anything, but it looks at the headers and decides based on rules that they have initially, and then immediately as soon as you join, based on your rules, your accounts are managed by your rules. It decides if that message should stay in your inbox so that you can see it or moves it to, say, a different category of mailbox. I've got a category, I think it's when they started for me, called Sane News, where it moves all my newsletters to that. I've got one called Sane Later that they created that's just sort of things that maybe I could see later. I created my own called Sane Watched, which is sort of the not quite inbox, but the thing that is the first place I go when I'm done with my inbox, what's cool is let's say a newsletter comes in and it goes to Sane News and all of my newsletters go there, but let's say there's one like the Mac Observer Daily Express, I want to see that in my inbox. So all I do is I drag it out of Sane News into my inbox and that trains Sanebox. All I did, doesn't matter what mail client I use, I could do this on my iPhone with iOS mail, I could do it in Outlook, I could do it on my Mac with Mac mail, doesn't matter. This is all server based and it doesn't matter what server you use, this is the cool part, Sanebox integrates with everything. I just move it, Sanebox notices that I've moved it from Sane News to my inbox and boom, it's good to go. I promised that I'd tell you a little bit about Sane Reminders. Sane Reminders are the thing that keeps me from forgetting to follow up on stuff. So let's say I get an email in or let's say I reply to an email, it doesn't matter. I can either forward to or BCC or even openly CC an address like friday.9am at Sanebox.com and then guess what happens? Friday at 9am my time, Sanebox resurfaces that email in my inbox and says, hey, you asked us to remind you about this on Friday at 9am. And then I can snooze it from there, I can do something about it. It also checks reply tracking. So if I had, let's say send you an email and I'd BCC'd friday.9am at Sanebox.com saying, hey, if I haven't heard back from you, I want to know on Friday at 9am. If I've heard back from you, it does away with it, because it knows, all right, we're moving forward. But you can also do things like every friday.9am, where it reminds you every Friday to go and do something. It's like a to-do, but it surfaces in your inbox. This stuff's really cool. You got to check it out. Sanebox.com slash MGG, two week free trial, no credit card required. Just go try it out. And then if you decide to buy, because you joined with that link, you can get 25 bucks off. Our thanks to Sanebox for doing what they do and sponsoring this episode. Our second sponsor for today is JamfNOW at J-A-M-F.com slash M-G-G. You can go and get your first three devices free for life in Jamf's awesome management monitoring software remote management of all of your Apple devices. Jamf is so cool. And the fact that you can do this for free with three devices for life is great. After that, it's just two bucks per device per month. We had an email from listener John who listened to an episode. We were talking about a guy who was looking for a way to program the password change on his Wi-Fi router. He says, this sounds like a job for Jamf. He could do a device restriction and disable and enable Wi-Fi on those devices. That way he doesn't even need to change the password. He could just do it right from within Jamf. He says, I have a friend of mine who does this to his daughter's iPhone and iPad. He doesn't put her on restriction. When she misbehaves, what he does is he turns off the device camera and watch her hope slowly dim as he realizes she can't use Snapchat or Instagram or FaceTime. He says, this is a little bit evil, but a little bit awesome. But this is the kind of thing that you can do with Jamf. It's also, of course, built for the corporate environment where you have employees all over the place and you want to manage that iPad that somebody has 100 miles away or have them forbid that iPad gets lost. Well, with Jamf, you can remote wipe that thing. It's really, really cool. You've got to check it out. It's software that I think works sort of in so many different ways. And again, you totally get to try it and use it for free. All right, John, let's go to Jeff here and see where discussion about VPNs brings us, shall we? Uh-oh. Okay, you're there. All right. Are we okay? Sound wise? Did I lose? It sounds like we had some weird Skypey thing there. You all good? I'm good. Okay, good. All right. Yeah, you sound great, actually. Okay, cool. Jeff asks, he says, on the podcast that talked about the crack vulnerability VPNs were brought up again. Do you recommend any free is always nice? He says, but I'm willing to pay. Another topic you brought up was rolling your own. Are there packages that guide you through that? Or are there any good references? Free is risky, but there are two freemium model VPNs that I've used and have found work for me. One is TunnelBear. They give you somewhere between 500 megs and a gig per month, depending on how you are willing to promote them, if you're willing to post a tweet or whatever, they'll bump you up to a gig, I think, is how it works. And so that's free. Beyond that, if you want an unlimited plan, then, of course, you can pay them. And that's the point, is they want to get you in, show you how great it works. And then as you choose to use it more, you start hitting the bandwidth limits, and then you unlock those by paying. The other one that I've used for free is ProXPN. They have a forever free model, but you're limited on the endpoints that you can use with that. Again, it's the same kind of thing. Let's get you in, test it out, see how you like it, and then out you go. So those are the two free ones that I could recommend. Paid-wise, I think I'd lean toward, of those two, I'd probably lean toward TunnelBear. There's Cloak out there. There's also Astral, which is probably one of the better ones. Are there any VPN services that you'd like to use, John? Then we'll talk about how to roll your own. So the ones that I have on my phone are, as you mentioned, so I got the TunnelBear, because bears are cool. I love their graphics. Speedify, I don't know off the top of my head if they have a free mode. And then the last one that I do is that, yes, I roll my own, that I have a open VPN that I host on my Synology. Yeah, and that really is, especially if you're somewhere that wants to block you from using a VPN. And this is certainly true of people traveling to China these days. But even there's networks, I've seen some schools try to block outbound VPN and that sort of thing. And what they don't block is you connecting to your home computer, or you connecting to, say, Amazon web services. And you can rent space on an AWS server, for lack of a better term, it's not just one server, it's on their cloud. And then you can, inside that, you can roll your own VPN server there. And you can do the same with Dreamhost. And we've got an article at TMO about how to roll your own VPN server with that. And it works very, very well. And you'll wind up paying, somewhere in the range of what you would wind up paying one of these other things, somewhere between $5 and $15 a month to have access to this server and then off you go. So, if you can't easily roll one at home, you could rent space on one of these servers and roll it out there. There are some router manufacturers that bake inbound VPN functionality into their firmware. Synology is one of them. And then Netgear is the other. Netgears, routers all tend to have, it's just one, they have open VPN, which works fine. The problem with open VPN is that it requires you to install a third-party app and profile on your phone. It's not natively supported on the iPhone or the Mac, whereas something like an L2TP VPN, which is just another protocol of VPN, and another one is IKEV2, those are all natively supported on the Mac and iOS, so you don't need third-party software to connect to them. And your Synology, your disk station will do, it won't do IKEV2, but it'll do the other one, L2TP. But there's nothing wrong with open VPN. It just requires extra steps and reliance on third-party software that hopefully continues to be updated. And I think it will. I think it's pretty popular, but there you go. Is there a reason that you continue with open VPN and haven't jumped to L2TP or anything like that? I just set it up and used it and... It works. It works. Have you run into play? Because I have them all set up. I run, I have open VPN set up here. I've also got an L2TP VPN, and then I have Synology on their router only, but not the disk stations, lets you set up what they call their SSL VPN, which is great because it runs on port 443, which is the same port that secure web pages connect over, so nobody's going to block that. But that also requires a separate app to get connected. But that often is the one I use just because I know it's going to work from everywhere I try, and it sure enough it does. And I've had some problems connecting with open VPN. If I'm going to have a problem on a network, open VPN is generally the one that fails the most frequently for me. Have you experienced that where you've tried to connect and it just won't let you? Sometimes. Sometimes it takes a while to get rolling. The client on iOS will say, okay, I'm trying to talk to your VPN server, and it shows the progress, and sometimes it may take... I don't know whether something on the network is saying, hey, what is this? I'm not sure what this is. Should I block it? I don't know. Right. Because you pointed out, so open VPN, lots of VPNs are on standard ports, and some networks may say, hey, I don't want you on that port because you're VPNing, and you're doing stuff I don't know about, and I don't like that. And I don't like that. Yeah, exactly. Yeah, interesting stuff. The overriding point is that the exploit that was mentioned, the reason you want to use a VPN or SSL or something, the whole point that brought up the question was, well, if somebody executes this exploit, is all my data going to be revealed? And it's like, well, not if you're using other encryption at different levels. Right. That's right. And of course, it looks like most vendors have patched, I mean, like Euro immediately fixed. Yeah. Well, yeah. Again, just for clarity on that, the crack vulnerability affects both routers and clients. In fact, there were like 10 CVEs, certified vulnerabilities or exploits. I think that's what CVE stands for. I'm making that up, but not the number. I think there were 10 of them. And eight certainly were only about clients. And then two, one was definitely about routers only. And then there was one that sort of covered both. So, yes, many routers will need to be patched, but really it's the client devices that need to be patched. And at least for our Apple stuff, Apple says that the active betas, so 11.1, I presume for iOS and whatever the next build of high Sierra that we get, will have that in there. I don't know about Sierra. I don't know if they're planning on patching that or not. They might be. So, I don't know. It's crazy. It's crazy. All right. Let's see. Where are we here? Do you want to take us to Barry, John? I'm going to take us to Barry because Barry's got a fish shake. All right. I like people that have fish shakes. So, Barry says, why did Apple dumb down mail so much? I can't change any of the settings like I could under Sierra and before. I have clients that need server changes, but all those choices are gone. Is there a terminal command to restore the older account settings? And then he continued his rant. There is no setting for incoming mail server, real problem when a client changes servers. There is no place to enter a new password or reenter an old password. Lots and lots of missing entries. The outgoing server seems to have moved to server settings, but no place to update or make changes. Mail is now dumb. Okay. Rant accepted. And Barry? He's not wrong. Yeah. And I agree with Barry. Sometimes Apple hides things from you and they shouldn't. Well, they think they should, but they shouldn't. So, I definitely share his fish shake regarding the detailed settings in Apple's mail app and how they just kind of willy-nilly select what to show you and what to hide. However, I think I have a solution. So, I was looking through my mail setup, Dave, and so if you go into mail accounts, you're going to see some tabs, account information, mailbox behaviors, and then server settings, which is what Barry would like. Well, here's a problem for most of the services, Dave. And I looked at this. So, I have iCloud, I have Exchange, I got Gmail, I got Yahoo, iMap. And this is, you're asked this when you set up a mail account. They're like, well, which service is it with? Here's the problem is that if you pick any of the predefined services, Dave, the server settings are very, very limited. And I was looking at them all and there was some of them, all they have is like one choice is like, well, here's the outgoing server name, like iCloud. It's like, well, I'm going to let you use iCloud. And it's like, that's it. Here's how you can get around this, Dave. So, if you go into mail and when you set up the account and you say, other internet provider. Even if you're using one of the ones from the list, right? Here's iCloud or Google or something, you choose other provider. Is that right? Yes. Okay, got it. And I think this will get you around it because I look through my various mail accounts, Dave. And most of them, the server settings were limited, very limited. But then I went to my opt online, my ISP account that I set up. And lo and behold, when I look at server settings, Dave, it's glorious to be fair, everything that Barry wants. Right. But incoming mail server has my username, my password, the host name, the port, the authentication scheme, even advanced settings. And the same for outgoing is all of the stuff is listed, you know, all the detail and all the settings that he would like to have access to are there out in the open. So, the only challenge, though, is that you may have to, which it sounds like Barry is well versed in this, you may have to figure out the name of the servers from the person that provides the service. Yeah. So, I'm not convinced this is going to work for him. It's good to try. But I have certainly on iOS, I have tried this because I connect to actually two accounts at Google for my mail. And I've done this where I don't choose to set it up as, you know, I don't tap the Gmail button, I just go and choose other and then fill in for Google. Generally it's imap.gmail.com and then smtp.gmail.com. I have found that the phone is too smart and it will say, oh, you're connecting to imap.gmail.com. I got this. I know what to do and it takes over and makes it a Gmail account. But it's worth trying again. I have not tried this in a while. But if I go in on my phone and I know that the accounts that are there were set up that way, if I go in on my phone right now and I go into, which is going to make a liar out of me, if I go into my main account, nope, actually there it is. Okay, so it made a liar out of me. All right, so on the phone this works. Maybe it was the Mac where it kind of took over and obscured everything even after I went through it. But all right, that's good to see on the phone with iOS 11 because I can change it. And here's a handy tip that we haven't talked about in a while. If you are using Google, imap.gmail.com is the server name for your inbound mail. However, sometimes things get stuck and even if you were to delete that mail account and put it back, iOS keeps a cache of your email at imap.gmail.com and it will just resurface that. And so whatever the problem was in, you know, if you had to rebuild your inbox or whatever, it's going to just bring all that stuff back from the cache to John's point earlier. Sometimes caches are bad. There's another server name you can use and maybe this is the reason that my phone did not jump over to acting like a Gmail account. And it's because when I look in my phone, it does not say imap.gmail.com for the host name. It says imap.googlemail.com, which was the original name of their mail server years and years ago before they migrated it over to Gmail and it still works. So maybe that's the reason my phone didn't jump over. So try that. They are interchangeable imap.gmail.com and imap.google.com interchangeable as far as the, you know, it's the same servers that you're connecting to or at least you're getting the same data when you connect to them. I think it's just one's an alias for the other. So I don't know. That's maybe that's the work around there. I don't know, John. Do you? But he's got a good point. Yeah, he does. Yeah, yeah, yeah. It's frustrating when you can't get in there and tweak that stuff. Although I get why Apple does this. I mean, us, those of us that like to tweak and tinker with things, but also like the reliability and elegance and any of the other positive aspects of Apple products, it's a balancing act that we have to live with Apple's choices of because they want to make this easy for most and they're willing to sacrifice, especially the geeks desires in order to make this easy for most. So the fact that it does take over when it realizes it knows what you're doing, that's intentional and not a surprise. Frustrating at times, yes, Barry, but not, it's just, it's how we, it's how we have to expect Apple to continue to operate. But by and large, it's a good thing. So I don't know. What do you think, John? Yeah, it's a bad thing. Well, hey, it gives us something to talk about, right? Exactly. Yeah, yeah, yeah. Yeah, it's totally, totally. All right, let's, where are we on time here? These certificate ones going to be, what do you think, John? You prep these, you want to take us to Christopher? I'm going to take us to Christopher. All right. So we're going to talk about certificates. Certificates, of course, being a piece of data that basically helps. It does crypto stuff and secures your data. But there's a whole hierarchy and structure. And that's what Christopher found. So he says to us, greetings, John, David, perhaps by Lapite, in my effort to learn at least four new things from the Mackie Cat podcast that we can contribute to our shared knowledge, I humbly submit this screenshot for my iMac Keychain. So first off, to look at certificates on your system, you want to run something called Keychain Access. And he found something which had me scratching my head. So when you're in Keychain Access, there are two things you can select. So one is the Keychain you want to look at. And so in this case, it's an item in the system Keychain. And then he noticed something. There's a certificate in the system Keychain called Dashboard Advisory. It's like, all right, well, that's interesting. The dashboard, of course, being Apple's mechanism to offer widgets and all sorts of fun little components. And so the certificate is called Dashboard Advisory. But here's what caught his attention. And it says, when you click on it, issued by Dashboard Advisory CA, but then here's the thing that concerned him. Below that is a little X saying this certificate was signed by an unknown authority. The thing is, certificates have to be issued by someone. And normally, what you're going to see is there's another Keychain called System Roots. And these are certificates of people that, or what we'll call the root certificate of people that issue certificates. What this warning is telling us, Dave, is that it's not in the system roots. And that could be cause for concern. And I actually looked on my system, Dave. So I first, I looked on my, so this is something from way, way in the past. So I looked on my MacBook to see if the certificate was here and it wasn't. That's kind of weird, huh? And I look at my Mac Mini, which has been through many, I don't think I've ever done a Nuke and Pave on this. So this system has been through many upgrades throughout time. And I found the certificate on there, Dave. And I got the same error. So then I started poking around and surfing the the internets here. And Dave, this is something way, way in the, from way, way in the past. Like I found articles talking about this that were dating like 2006, like a decade ago. Yeah, I was going to say, I don't have this dashboard advisory Keychain in here, or a certificate in here. Yeah. So as far as I could tell, it was, it was kind of a slip up on Apple's part in that they put a certificate in so at some point, it seems like what they were doing was using a certificate to verify the integrity of widgets that you downloaded. Yeah, yeah, right, right, right. And as it turns out, they didn't put the root certificate of this certificate. I think this is a self-signed certificate that was doing some sort of authentication. And it's just left over from so, I mean, my advice would be on that particular one, delete it, right? No. Oh, well, my advice would be be very careful about what you delete from the Keychain. Right. I wouldn't, I wouldn't delete it because deleting, I'm very wary of people deleting things from the Keychain, because it can only lead to pain. I actually, I totally agree with you. But in this case, given that it's not on even Sierra, let alone high Sierra, assuming you're running one of those, it's not in use. This is, you know, when we talk about doing a clean install, this is the cruft that gets cleared out when you don't inherit, you know, when you don't just keep installing over the top of everything. In fact, I would even say this wouldn't have been inherited from a migration assistant restore. I think this is only inherited when you just keep installing over the top over and over again, because it's not used by those operating systems. So my reflection is that we had one question in the past where, and this is the reason why I say you probably shouldn't, you know, delete any of this stuff here. It was a listener that said, you know what, I'm seeing all these certificates in the system routes that I don't know who they are. Like, you know, some of them are like the NSA and stuff. And he's like, and I don't want the NSA to have access to my system. So I'm just going to start clobbering certificates in the key chain. And I'm like, no, no, no, no, no, no, no, no, no, no, no, no. Right. Right. So it was challenging to find out what the heck this was. And I would say you probably could delete this. The thing is, again, I'm wary of deleting things when everything is working. Yeah, I'm with you on that. It's good. I mean, it's good. And especially when you're surfing and you access a site and you get a warning that says something like, you know, unknown issuer or stuff like that, that's certainly something to be concerned about, because somebody could be trying to pull one, pull a fast one. Yeah. Yeah. In this case, that's not the case. And that actually brings us to our next one. Listener Todd wrote in and asked, he said, sometimes on the checkout or payment page of a website, my web browser warns that the page is not fully secure. The protocol in the URL bar is HTTPS. And the SSL certificate is valid, he says. But the page loads some external assets over HTTP, causing what appears as a mixed content warning and different browsers display this in different ways. This is indicated by a grayed out HTTPS rather than a green one. And further detailed in the Chrome DevTools. So in Chrome, that's what you'll see. In Safari, you just won't see the lock, even though it's there. And he says, customer service agents rarely understand what I'm talking about, as it's probably more technical than they're trained for. And getting the problem fixed could take weeks or months until site development team takes care of it. But sometimes, he says, I really want to make a purchase. So my question is, how risky is it to make purchases and put my credit card in on a mixed content warning website? Am I being paranoid? He says, Dave, I know you think of security as a spectrum, so I'm curious to hear your thoughts. Yeah, in fact, it's possible, although we've gone to great lengths to ensure that you won't see this on, say, the MacGigab premium page. But here's something interesting. So the only way, when you're visiting a website, the only way that you'll see that green lock or whatever it works out to be in whatever browser you choose, the thing that says, hey, this connection is secure, is if every single thing that's loaded on that page comes over a secure connection. What that means, when you load a web page, you get the main web page, but then that HTML, that code tells your browser, okay, go get these images, go get these CSS files to describe how the page looks, potentially go get some JavaScript to add some functionality to the page. In fact, I say potentially, I don't think there's a website around today that doesn't have some JavaScript running on it because it's great. But there's all of these additional assets that make up the web page. And so for each of those, the web browser opens a separate connection and goes and gets them. And for each of those, they must be loaded over HTTPS in order for the entirety of the website to get blessed with that green secure thing. If it doesn't, or the lock or whatever it is, your browser shows, if it doesn't, then you'll, you'll either get nothing or you'll get a mixed content warning if you dig in. And that's what they're saying about mixed content is that we have some HTTPS and some HTTP. So to answer your question, Todd, it depends. For example, on our Mac Geekab page, everything is secure, right? In fact, all of Mac Observer is secure since, for about a year now. We've been running HTTPS everywhere there. And it's great, right? Because then we know your connection to us is secure. You know that. It's great. If you've logged in and assigned your Twitter account to your TMO account, it will load your, once you're logged in on TMO, it'll load your Twitter avatar as your, you know, as your avatar, as your image up, you know, and you'll see it in the top header of the page when you're logged in. And of course, you'll be logged in when you're doing all your management of your subscriptions and things like that. And a lot of times, in fact, more often than not, Twitter chooses to serve that avatar over HTTP, not HTTPS. So in those instances, you guessed it, you get mixed content warning. Everything we serve you is HTTPS. Everything we link to is HTTPS. But this one thing that effectively you as the user have linked in without your knowledge, but bear with me on this. So you bring this along, you link your Twitter account, and boom, you get mixed content warnings. So in that case, is it safe to put your credit card information in? And the answer is yes, because all that's being loaded is an image. An image can't take over the page. It can't see the page. It can't see what's going on on the page. So yes, in that sense, it's safe. And really, you're loading that image from Twitter. So I mean, that's safe too. You're not ever sending credit card information over the link back to Twitter or anything like that. So yeah, in that sense, it's safe. But that takes a lot of digging on the customer's part to find out what is the mixed content here? What's the thing that's not secure? And that's where it's really hard to answer your question. In some instances, yeah, absolutely mixed content warnings are no big deal like that one. It's just an image. But if it's say the form into which you're entering your credit card isn't secure, well, that, you know, that's a much bigger deal. So yeah, security is a spectrum. There's no there's no easy way for me to tell you, you know, where mixed content warnings sit on that. It's better when they don't exist, obviously. So there you go. I think I made sense of that. Did I, John? It's mixed up, man. It's mixed up. Yeah, that's right. I haven't seen that warning in ages. You won't in Safari. Safari does not display that warning. Chrome and Firefox will. Safari doesn't because it's nonspecific, right? I mean, it raises exactly the question that Todd came up with and to our discussion in the previous one. Freaking people out. Right. It freaks people out. And Apple's like, you know what? We don't want to have to support this. So they just do whatever. Yep, whatever. It's not secure. So that's how Apple deals with it. It's like, well, let's punish the webmaster and not incorrectly, right? It should be up to the webmasters to get this right. And it's not up to the customers. So Apple just says, fine, we won't say there's a mixed content warning. We just won't put the green secure dot up there. And, you know, that's on you, man. That's how they go. Yeah, it's interesting stuff. Very interesting. I've got, we've got two more things that we're going to try and get through here. We're going to go to Eolake. He's got an interesting question about something that matters to all of us, I think. He says, hi, Dave, I couldn't find any real info on this. Do you know if it's better for an iPhone or iPad battery to leave it plugged in much of the time or not to? That's a good question. It's a lithium ion battery in there, right, John? I've got that right, right? Or iPhones have lithium. Yeah, okay. So the general rule in stealing Adam Christensen's phrase of keep the electrons flowing applies. And what that means is that the battery is either flowing electrons out, i.e., discharging by being used or charging with electrons coming in. What you want to avoid is stasis, which generally only happens at about 100%, where electrons are coming in and out, but not at any great pace. The battery's charged and so now it's just sitting there charged and things are just running off of power. That's really bad for long term. And when I say long term, I mean days on end or weeks at a time. That's the kind of thing that can really kill your laptop battery. And we've been through a lot of that on this show over the years. The best thing, and that's part of why the app Fruit Juice exists, to remind you, don't stay plugged in all the time. And it's a great app. So there is no Fruit Juice for your iPhone because there can't be because nothing gets to run all the time and monitor like that unless Apple bakes it into the US. But here's the thing, unless you're going to leave your iPhone or iPad plugged in for days or weeks on end, you're not going to have a problem with it. Most of us use, the way these devices are at their size and their portability, rarely is it going to be plugged in for more than a day at a time. You're going to take it and you're going to use it and move around with it and drive in your car or walk around and it's going to be unplugged probably at least every day, certainly many days per week. So yes, you need to worry about this, but chances are your use case and your usage patterns with the iPhone and the iPad just don't lend themselves to say, yeah, let's just leave it plugged in on my desk for a month like you might do with your laptop. For a long time, there were those of that had laptops that were essentially, and they still are, that essentially are desktop machines, and then the only time we travel with them is when we travel as opposed to back and forth to the office every day or whatever that is. So that's my feeling on it, but you can check this stuff. My favorite way to check it, and I think, John, you're going to have a better way. Now that I'm saying this, I know that there's a better way, but there's an app called Coconut Battery that'll let you see your, it's built for your Mac to see your Mac's battery, but you can plug in your iPhone while Coconut Battery is running and it'll show you not only the current charge state of your battery, but the maximum charge that it can take. And that'll give you an idea of how close to its factory maximum it is and whether or not your battery is suffering any sort of long-term damage. So is there a better tool, John? Probably. Well, the tool that I like, Dave, is iMazingMini. That's it. So iMazingMini, if you click on it, it's going to show you the device or devices that it's backing up. And you can do one of two things. So one, in the upper right hand corner, there's a little info circle with an i in it. And that tells you everything you ever wanted to know about your device, including battery stats. The other thing is you can click on the battery icon, and it'll give you an abbreviated version focused on the status of your battery. And then you would say, hey, your battery's healthy or it's not too good. And it shows milliamp hours and the maximum charge and all sorts of wonderful things there. Cool. Cool, cool. All right. One last thing from Todd. I think we can squeeze this one in. Todd writes, but also kind of shares a tip here. He says, I make a full clone of my MacBook every week using Carbon Copy Cloner to an external USB drive. I should probably do it more often than that. But, well, I don't. I also use Time Machine, which I guess he says runs hourly ish. If my Mac ever dies and I need to fully restore, how should I do it? I don't fully trust Time Machine because well, who does? Certainly not for a full restore. I do trust my clone, but it could be a week old. So what's the best way to use Time Machine to restore everything from last week that I'd be missing from the clone? This is an interesting question, right? Because neither of these is complete. Time Machine does not store a complete backup of your system. Time Machine only stores your user data in settings. It doesn't store any system files. It's not meant to be booted from and it's not meant to have any of that stuff. The way Time Machine works is you either have a working Mac that you've accidentally deleted something from and you just go to Time Machine and pull that one file, or you're setting up a new Mac or resetting up your Mac where the hard drive died. You install Mac OS first and then once it's installed, it asks you very early on before you set up user accounts and everything, do you run Migration Assistant? And if so, where do you want to get your data from? And then that data can come from a Time Machine backup or a clone or various other places. So that would be the best way, right? Because it's going to have everything current. What you don't get is the ability to immediately boot from your clone and then pull your Time Machine data in. You could boot from the clone and then manually enter Time Machine, point it at that Time Machine store and manually migrate the things over, but there's no automated way of doing that from what I know. I would do your clones more regularly if you could. I always recommend every day if it's easy enough for you to do that, Carbon Copy Cloner lets you schedule it. So thoughts on this, John? I do pretty much the same thing with one of my machines. So my Mini, I do a clone every night, or like three in the morning, it does that. I do the same thing and I'm okay with this. On my MacBook, Dave, I do a Carbon Copy clone once a week. On Sunday, I have it, you know, schedule it and if the drive is not plugged in, it yells at me saying, you know, there was an error, didn't put the backup drive in. And that reminds me, oh, okay, time to do my weekly backup. But I'm okay with the hybrid solution that I think you, you know, I'm okay with having a clone that's not entirely current, but I also do the Time Machine. So yeah, like you said, I, you know, for whatever reason, I need to recreate the system. I first do the clone and then pull, you know, pull the documents if they're not, less than a week old, I pull them from Time Machine. But you'd have to do that manually. There's no, Yes, correct. Yeah, yeah, as far as we know. Another, well, another solution to this is syncing your documents with either, you know, a private cloud or, or public cloud, like public cloud being Dropbox or, you know, iCloud Drive or something like that, private cloud being, you know, like the, the, the cloud station or whatever. And yeah, if you've got your documents synced, then when you boot from your clone, your clone will just like the drive from which it was cloned, the clone will connect to whatever the syncing service or services you use and immediately begin updating itself with all the new stuff that it hasn't seen from the cloud yet. So if, if you make sure that you're cloning all the stuff that matters to you and that you're using frequently, that can be effectively a backup or store. A great way to think about this is your email, right? Your email on your clone is going to be a week old. But as soon as it connects to the mail server and assuming you're using IMAP, like most mail servers do, although not all, as soon as it connects to the mail server, it's just going to update itself. No problem. Right. And then everything's there and you're good to go. So that's, yeah. Now that you mention it, I actually have updated my workflow and I thought I'd mention it, but I also do cloud station backup, which that's right. So that's basically Synology's synchronization service. And what I do is I sync or I sync my documents folder with my Synology using their software. So that's actually, and I decided to do it just to have multiple backups of my documents. So they're on time machine, but they're also on my Synology using their cloud station. And the reason I decided to do that, Dave, is I don't know what happened, but during some migration, when the Mac decided to put some of my documents in iCloud, it didn't put them all there. That's what you said. Yeah. And then one day I was looking, I'm like, oh, you know, I needed some old tax returns for some reason. And I saved them my computer. And so I looked at my documents folder and I looked in the tax returns folder and then in the folder for the year, and there were no documents in there. And I'm like, where did they go? Now, fortunately, I had a time machine backup from, you know, a couple of years ago and they were there. So I'm like, yeah. So iCloud ate my homework or I don't know what happened. But that's why I decided to do, you know, something redundant like this. Yeah. Okay. Multiple destinations, because, you know, as was stated, I don't know if I entirely trust time machine. In this case, I'm going to say I don't entirely trust iCloud. It lost my documents. As we've said many times, redundancy is a good thing with your backups. To get what I did there. But as we've said many times, I think that's a perfect time to to bail out of here, shall we? Yeah, it's good stuff. Thank you so much, folks. You, Rock, we love being able to do this every week. And our apologies for not being able to do it on Monday, October 30th with my power out. So instead we, of course, did it here on Monday, October 31st. It would have been a challenge because you'd have to do it over LTE. Yeah, we have a generator. You have a generator. So there you, we could have done it. We've done it. Well, you didn't have internet, right? That's the problem is we've done it on generated power before. Where it was a problem this time is as soon as the power went out, so did Comcast or Xfinity Cable. So we had no broadband. And you know, doing it over 4G from here would have been dicey. We could have tried it, but I'm not convinced it would have been happy for, you know, whatever the two hours that we needed to be for a call like this. So yeah. Yes. Yes. All right. I just got one thing for you, Dave. What's that, John? Feedback at MackieGab.com. I think you said Feedback at MackieGab.com. Oh, you I said Feedback at MackieGab.com. And of course, that's the email address that you can send in all your questions, tips and cool stuff found unless you're a premium listener and then you do get priority premium at MackieGab.com is where you get to email. And you know, we make sure we answer all of those first and we pay close attention to the stuff that comes in there. Anybody, though, can call us at 224-888-GEEK, which John is 4-3-3-5. Thank you, sir. And, you know, you can find us on Facebook. Our Facebook group is MackieGab.com slash Facebook will bring you right there. It's a great place to hang out, ask questions, answer questions, share tips. We have a lot of fun over there and we learn a lot. I learn a ton every time I come in and see what you folks have said and all that good stuff. It's great. I want to make sure we thank Cash Fly, C-A-C-H-E-F-L-Y.com for providing all the bandwidth to get the show from us to you. Our sponsors, of course, SaneBox.com slash M-G-G, Jamf.com slash M-G-G, of course, Smile Software at, or Smile, I should say, at SmileSoftware.com, otherworldcomputingatmaxsales.com, Barebones Software at Barebones.com, and some other ones coming soon. Plex, check out Plex.com slash M-G-G. You'll be thankful you did. John, we made it through the episode. That was good. And we didn't do this. We almost did. Thankfully, Michael caught me at the beginning of the show. It's Tuesday, not Monday. So, I want to kind of share this and pay it forward with one lasting piece of advice. And that is, folks, don't get caught.