tzeejay icon

About

Archive

Github

The Missing Workhorse Mac

The Missing Workhorse Mac

Processing intensive workflows are higher in demand than ever, but the Mac lineup is missing a crucial piece to help pro customers of Apple.

AVM Fritz WiFi Mesh

AVM Fritz WiFi Mesh

AVM Fritz WiFi Mesh kam unerwartet ist aber ein Segen für den deutschen Markt

Turning iOS Extensibility to 11

Turning iOS Extensibility to 11

iOS is amazing but is lacking productivity basics

Latest

Supporting Tapbots & Indie Developer

19.10.2018

Yesterday Tweetbot 5 was released as a free update to every Tweetbot 4 customer. It must be a very difficult time at the moment justifying working on an application that is entirely dependent on a company so hostile to the people who made them. Twitter keeps ripping the band-aid off a bit only to stick it back on again, only to then rip it off a bit further. They have been doing this for a while now and from being a bystander to chatter about it at WWDC with people who have intel on this crisis it must be a huge mental burden on each and every developer of a third party client. I would like to help with that and I hope to convince you to do the same.

I absolutely adore Tweetbot by Tapbots and use it exclusively on iOS and macOS. There is just no f@¿!*∆% way in hell that I will install the first party Twitter client ever again on one of my devices. Twitter has proven over the last years that they don’t deserve to be trusted to any degree, leaving their lack of taste for design or any integrity.

Spending so much time in Tweetbot and getting so much value out of it I was expecting to happily pay yet again for a new major upgrade at some point but that wasn’t the case. The update was free to my surprise and the app is still a joy to use. Independent developers are the ones who push the App Store in terms of design, function and it’s policies and indies deserve a lot of credit for making the App Store what it is today. Even though a lot of indies have plenty of customers some have trouble making a living on the App Store these days and once I saw that I was able to hand the gentlemen at Tapbots a bit of money I happily did just that. The most that I was able to give was 5,49€ which I think is ok but I’d prefer to give back more.
Thinking about how much money I spend on shit I don’t get nearly as much value out of as out of my favorite apps I use every single day, I have decided to consciously seek out ways to give money to the developers of my favorite apps regularly and donate to things that either make my life easier or to things that I enjoy. None of this is to pat myself on the back or get any kind of special treatment but rather in a very selfish way ensure that the people who make the things that I enjoy keep doing just that. Make things for me to enjoy.

Producing anything of quality is hard so thank you very much to Paul, Mark and Todd for making products that delight me on a daily basis!
I hope that this money is partially spent on things your families need and partially on tires, race-fuel and on parts for yet another server to keep Paul warm.



Apple Banter on Twitter

19.10.2018

Twitter has many issues and the overall used tone can be quite hostile in the Apple community on Twitter but yesterdays banter about Apple’s invites has been simply amazing!

Stephen Hackett was nice enough to collect all of them on his excellent blog 512pixels.com but the responses to some of the art just killed me.

People riffed in the best way possible on the designs and I enjoyed these very much.
Please click on the images to get to the original tweets from which I took these images. The creators deserve all the credit!



macOS Menu Bar App Intervention

09.10.2018

Menu bars on macOS all around are a fucking mess. Every developer of little helper apps are convinced that they need to put their little icon in my status bar on my Macs even though I set the damn thing up once and may only touch it rarely after. It has completely gotten out of hand and the thing that drove me over the edge is Night Owl. It’s a great little application that should have been part of the Dark Mode functionality on macOS Mojave in the first place and will probably get Sherlocked in macOS 10.15. It’s an application that triggers macOS Dark Mode at certain times throughout the day based on rules like certain hours or sunrise/sunset. This is great, but why am I forced to have this in my menu bar all the time? A way better place to put something like that is in the System Settings.app alongside all the other system wide settings.

This issue has gotten so far out of hand that people make a living writing menu bar app manager for macOS. I’m not trying to throw shade at any of these apps or their developers since I really enjoy using these apps, I just don’t want to have 10 or 15 in my menu bar.

Many of these managers add additional value apart from being able to hide or rearrange menu bar apps but at some point we should reflect on where we came from and check whether or not we want to be where we’re at.

For now, this is all I want in a menu bar.


From left to right

iStat Menu CPU widget
iStat Menu Network traffic widget
  Rocket (I can’t hide it and it has to run all the time in the background)  
   Audio (connecting AirPods to a Mac is not great)   
    VPN    
     WiFi     
      Battery (no percentage or anything else)      
       Time       
        Spotlight        
         Notification Center         



tmutil and macOS Mojave Application Data Protections

05.10.2018

macOS’ Time Machine is a great backup tool for the average user in my opinion. It safely creates a backup of all your data and provides a simple graphical interface to setup the backup and another one to restore a backup later if needed. As great as it’s very simple graphical user interface is for the average user, it’s not helpful at all when things go wrong and you wish for a million dials and nobs. Alongside the graphical interface Apple ships a great little tool called tmutil to do exactly that. It allows a power user to look under the hood of Time Machine and move things around manually if needed. That is until you try to alter anything about the backups manually under Mojave. I was provided a bunch of very weird and inexplicable error messages until I ran tmutil latestbackup out of frustration, which showed the following error

tmutil error

$ tmutil latestbackup The operation could not be completed because tmutil could not access private application data on the backup disk. Use the Privacy tab in the Security and Privacy preference pan to add Terminal to the list of application which can access Application Data.

The fix for this, as stated in the error message, is annoying, but very simple. You open System Settings.app, navigate to the Security icon, click the Privacy tab, select Application Data from the list and finally select the button labeled + underneath. Done and done. Trying to be a bit of a smartass, I entered which tmutil into my Terminal session to find the path to tmutil. I was hoping to trick the system into only allowing ‘tmutil’ access to all the Application Data on the system but not grant Terminal.app outright access. Doing that sadly does not work, since the parent process needs to be granted access, which forced me to add Terminal.app to the list after all.

Ignoring entirely whether I’m of the opinon that this is a regression or not, it is nice to see that Apple’s engineers hit the exact same issues every other third party developer hits and does not grant itself specialized permission to get around it. The absence of training wheels in desktop OS’ is what makes them so clunky and insecure to use for many, but at the same time that insecurity is what allows a certain group of users who know the pitfalls well do incredible things. Steve Jobs Trucks vs. Cars analogy fits perfectly here. I think these issues will be worked out over the next couple of major releases and it will become an absolute non-issue. For now I’m happy to see that Apple’s own engineers have to find work arounds, or rather not so elegant solutions like the error message above. This way a couple of really smart people will sit down in a conference room somewhere in Cupertino and come up with a solution to all of this, simply based on necessity for Apple’s own software.


If you’re interested in reading more about this and related topics I can highly recommend this post by Felix Schwarz.



A Once Seemingly Great Corporate Culture

⚓︎

02.10.2018

If you’ve read my tweets over the last months you will know that I’m not too keen on the trajectory that Apple has been on since Tim Cook has fully taken over as CEO. Important duties have been passed on to objectively unqualified SVPs and very little course correction has been publicly visible. I have the feeling that Apple is suffering from the same things that car makers have suffered from in the early 2000s: the companies were no longer run by enthusiasts whose sole goal was to build the best products, but rather by those in control of the money. In the case of car manufacturers the products we got were mostly bland, not really exciting and sometimes only remembered because of their seemingly obvious flaws. Of course there are products every once in a while that appear to be unaffected by these trends cough AirPods cough but this rule generally does apply.
It seems like pleasing investors and paying as little taxes as possible are the top priorities at the moment for Cupertino.

Under CEO Tim Cook, however, Eastman contends Apple’s commitment to quality has declined. “Many talented employees who’ve given part of their life for Apple were now regularly being disciplined and terminated for reporting issues they were expected to during Mr. Jobs tenure,” his complaint says.

[…]

“The executive team’s main focus is eliminating tax liability and bad PR being disseminated about Apple,” he claims. “No corporate responsibility exists at Apple since Mr Jobs’ death. There’s no accountability, with attempts at doing the right thing met with swift retaliation.”

The Register asked Apple to comment but we’ve received no response.

[…]

“The responsibility which comes with treating your employees correctly will also help Apple fix its management and quality problems. Being the most valuable company in the world doesn’t mean anybody’s above the law. I dream of a day when fixing the toughest problems and delighting the customer return to being priorities again at Apple.”

This report of internal change terrifies me. Apple holds a monopoly on the OS and hardware that I want to use, not only as a professional getting my work done, but much more as an everyday regular user. I don’t mind this monopoly while it is smooth sailing but the idea of the opposite leaves me with nowhere to go. No other notebook feels like a MacBook, no phone has the compute power iPhone has, no tablet has the displays iPad has and none of the competitors hardware can legally run either of my favorite OS’, macOS and iOS.


All of this has to be taken with a grain of salt though. I know this very well, but have to remind myself of it repeatedly.
The reported experiences are from almost 5 years ago, Darren Eastman states that he hasn’t worked since so motives may be unclear and the reasons as to why he wants to be credited on those patents is beyond me, but objectively a valid complaint.
Apple is a huge company and as much as I’d like to see Darren Eastman credited and compensated properly for his contributions to the company, it is unlikely that poor experiences of a single employee reflects on the general management style at Apple.
I think the truth can be found somewhere in between the two extremes, as it usually is the case but I hope that any such issues are acknowledged internally so that any disputes between the two parties can be resolved swiftly.
I think Apple’s general values will sort out any bad management in the long run which leaves me concerned about how Apple represents itself with its products at the moment. I think it’s absolutely embarrassing for a company like Apple to up sell every single customer who walks into an Apple Store with dongles and accessories for almost every device it currently sells just to make the device the customer actually desires work. While management style, or lack of any as it seems in Darren Eastmans case, may exist only unintentionally, nickel-ing and dime-ing every customer is a deliberate decision Apple’s leadership made.

Apple’s once praised culture of excellence and constant dissatisfaction of the status quo by its employees is, in my opinion what made the company what it is today, a trillion dollar company, and the reason why others try to imitate it. It’s the collective sum of humans who make up Apple and that simply can’t be imitated.



macOS on AMD EPYC

23.07.2018

I think I should start out with a few disclaimers:

  1. I work for MacStadium. My salary comes from customers paying for Mac hardware in order to build iOS apps and submitting them to the App Store. I don’t add this because I like my salary, even though I do, but rather because this pretty much violates everything hardware wise in the macOS EULA that one could violate.
  2. You shouldn’t ever use this for production builds. Apple could add checks to the binaries that you submit and one day they reject your builds.
  3. There is no support for any of this. If you screw up, you’re on your own so be aware of this.
  4. “If you don’t endorse this why do it in the first place?” - Well given Apple’s recent stance on hardware I hope for the best but expect absolutely nothing anymore. Especially not a replacement for the Xserve which we badly need. That said I think it’s reasonable for me to checkout what the enemy is capable of. How easy is this? Could this be commercially supported? To what degree? Getting an understanding of what could be gives you perspective about your current offerings.

Great, so now that we have this out of the way I can to tell you that Packet currently has a cool promo going for their partnership with AMD. You can apply for a 250$ credit and test the c2.medium featuring 24 cores (48 threads) of AMDs latest EPYC CPUs. I saw the announcement a while back in Packets newsletter and after not being able to think of something to do with 250$ of free compute I decided to try to run macOS on these machines.

Thanks to KVM and QEMU being incredible pieces of software this endeavour was not hard at all. Having never required a VNC connection from a headless server I wasted most of my time fighting the VNC connection on the server in order to kick off the installation process.
I would say that it is reasonable to say that you could do this at home, pretty much for free in a couple of hours start to finish so I tried to outline it as best as I could for you.


Things you’ll need:

  1. A Packet account
  2. Basic understanding of SSH & the Linux command line
  3. A VNC client (I had many issues and finally ended up using Screens)
  4. A macOS .iso file to install the OS

If you want to take advantage of the 250$ promo you’ll need to fill out this form for Packet & AMD. The peeps at Packet are all super nice & hard working so there is a chance that you’ll be granted the credit quickly. Once granted, login into your account & create a new server in one of the available locations. As of writing those are AMS1, SJC1, EWR1 & NRT1.

Packet.net web app

The important bit when selecting the setup is which Linux distribution to use. I highly recommend using Ubuntu 18.04 LTS since it already comes with all the right versions so you wont have to compile QEMU from source or something. I’m not good enough with KVM or QEMU to explain why exactly, but having tried older LTS versions of Ubuntu and other distributions I can tell you that it’s an absolute pain in the ass.
Waiting for your machine to finish being deployed may seem like an eternity compared to deploying a VPS’, but working for a company that offeres dedicated Macs which allow for basically no automation at all I can tell you that waiting 5-8 minutes for dedicated hardware is blazing fast. Have a quick walk, show your dog a little love or go and drink some water. It’s good for you!

Once your machine is up do the usual dance of grabbing your dependencies and updating whatever needs to be updated. You know the deal.

After that’s done run

$ apt install qemu uml-utilities libguestfs-tools git

to install QEMU itself, a few dependencies and git since we need to clone a Github repo. The repo is maintained by Dhiru Kholia but there is no support in any way. Not even an issue tracker. It features a bunch of useful scripts, a ready to go Clover image and lots of very useful information. I recommend starting in the README for High Sierra. It features plenty of information and this post is mostly a rehash of said README.

You can grab the repo with

$ git clone https://github.com/kholia/OSX-KVM.git

Next cd into the repo and create a new virtual HDD for macOS

$ cd OSX-KVM
$ qemu-img create -f qcow2 mac_hdd.img 120G

Don’t be afraid to change any of the names, you just simply have to keep track of them and change the boot script and the end. The image file that was created is the recommended file format for KVM qcow2, though it can handle a lot of different formats, and is 120 GB big which should hold plenty of things like Xcode, your source code and any dependencies necessary to build your app.

As I said before the repo comes with a pre-built Clover bootloader image, also in the qcow2 file format. It’s resolution is 1024x768 which is absolutely fine for a CI setup. I recommend using the pre-built Clover image and moving on for now.

Once you finished all of the tasks on your AMD EPYC machine you will have to build your macOS .iso on your Mac.
First download the macOS installer .app from the Mac App Store that you’d like to run, in my case High Sierra. The .iso can easily be created by running the create_install_iso.sh script in the repo.
The output of that shell script should be an .iso file in the range of 5GB which needs to be copied to your AMD EPYC machine with Packet, for example (the colon at the end is required)

$ rsync -P /path/to/install_macOS_High_Sierra_10.13.5.iso root@your.ip.from.packet:OSX-KVM/

After the transfer finished we could boot straight into macOS without any issues, though we need to sightly modify the boot-macOS-HS.sh script to add the slowest, but easiest to setup networking & remove a few audio devices that give you nothing but trouble, even on a real Mac.
I also set the virtual CPU to -smp 8, cores=4 & the virtual RAM to -m 8192 which equals 8GB. The virtual CPU configuration is still a mystery to me but this setup gives you plenty of speed and should allow you to run 5-8 VMs on this AMD EPYC machine (probably more if you’d like to overprovision your machine a little).

Please find the line with file=./'HighSierra.iso' at the end and replace the HighSierra.iso string with the name to the .iso file that you generated and copied over.

#!/bin/bash # See https://www.mail-archive.com/qemu-devel@nongnu.org/msg471657.html thread. # # The "pc-q35-2.4" machine type was changed to "pc-q35-2.9" on 06-August-2017. # # The "media=cdrom" part is needed to make Clover recognize the bootable ISO # image. ################################################################################## # NOTE: Comment out the "MY_OPTIONS" line in case you are having booting problems! ################################################################################## MY_OPTIONS="+aes,+xsave,+avx,+xsaveopt,avx2,+smep" qemu-system-x86_64 -enable-kvm -m 8192 -cpu Penryn,kvm=on,vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,$MY_OPTIONS\ -machine pc-q35-2.9 \ -smp 8,cores=4 \ -usb -device usb-kbd -device usb-tablet \ -device isa-applesmc,osk="ourhardworkbythesewordsguardedpleasedontsteal(c)AppleComputerInc" \ -drive if=pflash,format=raw,readonly,file=OVMF_CODE.fd \ -drive if=pflash,format=raw,file=OVMF_VARS-1024x768.fd \ -smbios type=2 \ -device ide-drive,bus=ide.2,drive=Clover \ -drive id=Clover,if=none,snapshot=on,format=qcow2,file=./'Clover.qcow2' \ -device ide-drive,bus=ide.1,drive=MacHDD \ -drive id=MacHDD,if=none,file=./mac_hdd.img,format=qcow2 \ -device ide-drive,bus=ide.0,drive=MacDVD \ -drive id=MacDVD,if=none,snapshot=on,media=cdrom,file=./'HighSierra.iso' \ -netdev tap,id=net0,ifname=tap0,script=no,downscript=no -device e1000-82545em,netdev=net0,id=net0,mac=52:54:00:c9:18:27 \ -monitor stdio \ -vnc 127.0.0.1:0

Once that’s done you should be able to boot the VM

$ ./boot-macOS-HS.sh

I was not able to directly connect to the VM via VNC so I forwarded the port 5900 that I specified in the boot-macOS-HS.sh script with the trailing :0 via SSH

$ ssh -L 5900:localhost:5900 root@your.ip.from.packet

After that I only disabled password authentication in Screens and was able to connect to the VM right away.


Below are a few screenshots of the boot & installation process.



Blog Archive