Archive for the ‘OSX’ category

LastPass Hacked

June 16, 2015

I hate passwords. I have too many accounts and too many passwords to remember. So, I resorted to using LastPass not too long ago for simplifying sign on services. Okta was another service I’d had the opportunity to use and I found the experience of both to be quite good.

Until this morning.

There is no substitute for a good, strong password portfolio + a regimen of deprecating them on a schedule. If you’re good at eating at least once per day, you should be capable of changing your passwords once every six months (if not more frequently).

Apple has Keychain. Google has Authenticator. I’m sure Microsoft has something (probably called Keychain or Authenticator because they’re too lazy to come up with their own product names). Anyway, the point is, picking one of these and electing for an extremely long factor passcode that is 100% machine generated is probably the best way to go. I, personally, like GUIDs with mixed upper and lower case letters mixed in PLUS another character in there somewhere such as a “!” (which I don’t use). But you get the idea. A password such as has a lot going for it:

!c40d2b17-42f8-4908-b341-F6538CBE997C

First it’s nearly 40 characters long. A human isn’t going to remember a randomly generated string of mixed case and letters very easily. That is a good thing. Nor is that person going to bother to write that sort of thing down or easily transcribe it to a friend or relative.

The one thing it sucks at now is it’s public and has probably been scooped up by some machine and folded into the crazy ass long list of passwords to try while attempting to brute force past a security wall of some kind. Plus all it’s variants. Don’t even waste your time recycling it.

But, that type of password is ideally suited to living in something like Keychain and probably forgotten. Easily discarded and reset regularly. See, we get attached to passwords. It’s the familiarity of the thing. A birthdate mixed with an address mixed with a childhood friend’s dog’s name. The problem with anything remotely like those… The cracking algorithms and raw compute power available today can make mincemeat out of those in nothing flat. The ability to recurse through all the variations with brute force velocity is astounding and only getting better and cheaper to do so.

Blockchain holds a lot of promise. If you’ve not been paying attention to digital security or alt digital currencies like Bitcoin… The Blockchain holds a lot of promise. A LOT! Our digital identities are at risk. Our state secrets are at risk. Our banking is at risk. Our infrastructure is at risk. Oddly enough, our flesh and blood lives are now inextricably weaved with the digital fabric of the world. We are cyborg in William Gibson’s finest sense of it. Wearables are an interesting aside.

What’s a netizen to do?

If you’re a Mac, like me I use Apple’s built in password generator. Follow these very simple steps:

1) Click on the Apple Menu (upper left) and select System Preferences

2) Click on Users and Groups

3) Click on Change Password. If it asks for iCloud Password, Cancel or Change Password… Choose Change Password. Don’t worry, we’re not changing anything. We’re just fabricating a new password for you to use elsewhere or at the very least showing how to do it at a later time.

4) See the icon that looks like a key? Click that and a small window like the one pictured below will show up.

LastPass GUID Keychain Blockchain

 

5) One of the first things you’ll see is the Type menu dropdown. I prefer Random. Pick anything you like. But, remember, anything resembling a word is going to be more easily cracked. Apple probably oversimplifies the Quality meter. Generally speaking the farther that meter is to the right, the better the password.

6) Next, change the length of your password. See how you can manipulate the quality and security of your new passcodes? And, it’s all built into OSX.

Well, this is all good and fine. We have a new, strong password generator in our pocket.

How do we put this into practice?

I’ll show you, in my next post (because I have to create screen shots and write against an outline I’m creating in my notebook – yes, pen and paper) how to go about integrating Keychain into your web browsing of secure sites AND using Keychain across Apple devices.

See, Apple’s already solved this problem and I placed my faith in a couple of companies because of employment policy. Well, screw that. Apple has more cash money and a declared interest in the security of the digital fabric. I believe them when they say it. Google, Microsoft… not so much. Facebook, not at all. Those guys are out to monetize our behaviors across a broad spectrum, not make our lives better.

Advertisements

REVIEW: My First 5 Minutes with OS X Yosemite

October 18, 2014

Holy Caw! This beast is… SLEEK.

I didn’t think I would like the non-skeumorphic icons. I’m not crazy about them on iOS. Yosemite will probably carry me over that hump.

Right off the bat I was concerned about app compatibility. We’ve all been stung by that with these updates. Yet, here it is 30 minutes in. I’ve launched all my go-to apps and I only have 8 requiring update via Software Update. Yet, they launch fine, docs open, save, reopen. Try THAT Windows!

I’ll run Yosemite for a while on this production machine before I take anything else past Maverick. But, there’s plenty of reason to appreciate the polish Apple has applied to this latest version of OS X.

First impression of the UI is the login screen after installation. That’s a really nice “Hello”. Very subtle. Very beautiful. Very elegant. Very… Jonny Ive (honestly).

Next, and particularly impressive, is Safari. I’ve nearly exclusively moved over to Chrome (and Firefox for one very specific site cpanel). Safari hasn’t factored for a long time in my daily use except on iOS. Th new OS X Safari *may* lure me back across the aisle. Realistically, I doubt that… I have too much configuration invested in Chrome at this point to really seriously a permanent move. Kudos to Apple for getting their browser tight and right though. (fwiw, I still miss RSS)

There are so many fresh new nooks and crannies to explore. I’m genuinely looking forward to this one. Those who know me well, know I just plunge into these updates with a reckless pursuit to see what’s waiting on the other side and know the price for that will (usually) be picking up the broken pieces of busted apps and such. And, usually, that’s apparent within the first thirty minutes. Judging by the stability, ease of migration and lack of core apps misbehaving I have to say right now, barely 10 minutes in this is going to be one of the easiest updates I’ve been through of all the OS X releases. It does make me wonder what Yosemite Server must be like. That hasn’t happened in a long time. Which also makes me wonder about ZFS implementation (or lack of) in Yosemite. More on that later if there’s anything to pass along. A boy can hope 🙂

iPhone4 + FaceTime ≠ Open Standard

June 24, 2010

For crying out loud Apple… You have this wildly popular new shiny thing (iPhone4). Congrats by the way…

You go on this big screed about “open standards”. While…

In your other corner you have this wonderful but 1/2 forgotten platform called OSX (which was notably absent from this years WWDC by the way) which you graced with a pretty nice iChat protocol.

Now, why have TWO proprietary (ie. NOT open or otherwise known as CLOSED) Apple protocols when they could be made to work great together over public internet?

Is it because selling two iPhone4’s is that much better than giving us a little OSX/iOS cross-platform compatibility?

Is it because it’s planned to be an iOS5 feature?

Is it because it’s going to be melded into ONE protocol? Which one wins out? When?

Is it because you really have in mind to FINALLY come out with a Windows version of iChat that will work with Mac iChat and iOS FaceTime? (I’m full on delusional at this point to think this might happen)

Guys, it’s genius you have this FaceTime thing going on. But jeez Louise! Make your shiny new thing work with your other shiny things! Please?!

OSX 10.5.2 Now Available

February 11, 2008

Apple released 10.5.2 (client and server) into the wild today and immediately issued a graphics update to it. So, if you download 10.5.2 be sure to run Software Update once again after your restart to pick up this other updater as well.

The combo updater weighs in at 340 Mb.

Apple Developer DVDs Up For Grabs

December 31, 2007

Michelle and I did a vicious cleaning cycle last week while I was on vacation. Ever the packrat there are some things I just couldn’t bring myself to throw in the trash… Apple Developer DVDs among them. Those are going up on the blog as give aways.

I don’t do much developing myself. I’m primarily interested in knowing what’s coming down the pike and keeping what I do code up to speed and fresh (mostly of the OSX Server variety).

So, I’m probably akimbo with the Ts & Cs of the ADC agreement by doing this… But, oh well… Anyone commenting in response to this post is welcome to claim any of the 2005 or 2006 Apple Developer Connection DVDs (minus the OS seed discs). What I need from you is simply a signal of your interest and a valid email address. I’ll follow up with you and get a mailing address to send your disc to you. We’ll probably work in reverse chrono order. So, move fast.

Leopard Install… Upgrade? Fresh + Migrate?

December 18, 2007

MBPro has been running Leopard for many moons as my main development machine. It was bought stock with 10.4.x and promptly wiped in favor of 9a### revs of Leopard until launch.

Not so with the PowerBook. It still has 10.4.11 and I’m contemplating the move to Leopard this week. I’ve heard some people had problems “upgrading”. Wonder what the groupthink is on this one…

Upgrade over Tiger? -or-

Fresh install and migrate stuff over?

Are You Prepared To Install Leopard?

October 25, 2007

We’re down to the last 48 hours. You might prep for Leopard by doing these couple things NOW. When you buy the commercial install of Leopard (as opposed to the developer seeds bumping around the torrent sites) have two things in mind:

FIRST: Backup your current production drive off to something else. Something suitably large. Something stable. Something you can boot back up off of should you need to. For what it’s worth I’d recommend Carbon Copy Cloner for this task and a FireWire drive of your favorite flavor. USB drives are notably spotty as startup drives these days. The technical reasons for this escape me.

SECOND: After you’ve installed Leopard have a second HUGE volume off to the side (physically a seperate drive, not just a partition on your boot drive). 500-750Gb. This will be for your Time Machine backups. Nothing else goes on it. It’s dedicated for the goodness in Leopard.

Yes, by doing this, Leopard’s total cost of ownership just went up. Your transition from Tiger to Leopard will be much improved and Time Machine is so much better a method of backing up… it’s worth the extra bucks.