Month: October 2020

I wrote last time about how updates to Operating Systems never fail to arouse the deepest passions in the bosoms of their users. Tears of joy vs gnashing of teeth, wearing of sackcloth and so forth. Any time you take something fundamental that people build their workflow off and make any kind of change you’re always going to court disaster and heartbreak, but very, very occasionally there’s a change that people are pretty much universally going to applaud.

Sometimes those things are the result of careful design or listening to the needs of the clamoring public. Sometimes those things are happy mistakes. Sometimes those are things that are just in the spirit of trying something new. And sometimes – just once in a while – they’re the result of looking at a prior change and then rolling that back. Big Sur (as of it’s current Public Beta 10) has a bunch of all of those – both large and small – but the one that I’m most excited-slash-relieved about is probably the most trivial: they fixed Show Original.

For anyone who doesn’t use file aliases (and yes, I’m including directories as being files because we could get into a useless syntactic discussion about that but this is my blog, dammit) an alias is a link to a file that lives at an alternate location. Maybe – like me – you have a bunch of folders that you regularly use but that you don’t want to have actually live on your Desktop. Or on your computer at all, for that matter. Maybe they live on an external drive, or a file server, or a NAS. There are lots of reasons for going that route, after all; shared access, retention, backup strategies – but it’s also just a lot more convenient to have the things you want to access close at hand. Now and again, though, you might want to know where the original file is or navigate to it, and in macOS Catalina that meant either scouring Finder menus or memorizing a bunch of keystrokes designed to break your own left hand. Here, this is what I mean:

I mean, look at that key combination. It’s… well, I don’t really have the words. “Bonkers” seems like a decent shot, though. I think what I’m aiming for is something more puzzling than rage-inducing; after all, decisions on this kind of thing aren’t made by accident because they are, after all, decisions. At some point, some bright, eager software engineer scratched his or her chin and said “You know what? There are too many people who are inadvertently attempting to find aliases of their files, and yes, Bob, I know that we’re talking about a fringe number of cases where someone has to select the alias in the Finder and then hit a keystroke or two to reveal the location of the individual file, but it’s still a risk that’s not worth taking, dammit. After all, nobody in their right mind wants to live in the kind of world where you can puncture the fragile illusion of how the file system works. Something must be done, so I think we should immediately implement a series of keystrokes that are difficult if not torturous to perform so that this eventuality never comes to fruition and so that we can sleep at night secure in the knowledge that we’ve demonstrably done something with our time. Sushi, anyone?”

(At least, I’m guessing that’s more or less how it went based on the small amount of time I’ve spent working for huge corporations and the much, much smaller amount of time I’ve spent at Infinite Loop eating Sushi at Caffe Macs.)

Just to make really, really sure that this was as unpleasant as possible, they then decided to use all the modifier keys on the keyboard that I – David Ball – have a hell of a time remembering.

Now, I might be alone in this one, and if that’s the case then – if you’ll pardon awkward metaphors – I’ll hold my hand up and take it on the chin. I’ve been working with Apple and macOS in a professional capacity for the better part of a quarter of a century, and while I’m comfortable with what the Command key looks like (⌘), the other two – Option (⌥) and Control (⌃) are things that I have to sneak a peek at the keyboard for (which in the case of Control is particularly inexcusable because I’m always in the Terminal and am constantly hitting that key on a daily – if not hourly – basis). And so, this is me; and if I – someone who ostensibly knows his way around the macOS – am reduced to making confused, whining noises when trying to find the original of an alias then it’s a decent bet that other people are, too.

Of course, adding insult to injury is that the non-modifier key involved is the “A” key, which is smack dab in the middle of the three modifiers and up two rows, so no matter whether you hit the modifiers with whichever combination of fingers you’d care to go with you either end up twisting a finger around or doing some kind of wrist contortion to hit all four keys at once. It’s hard to take this as anything other than some kind of deliberate assault (albeit, a low-stakes one).

It didn’t use to be this way. Prior to macOS Catalina you could hit Command-R in the Finder while selecting an alias, which was simple and easy to mnemonically accommodate (“Command-R means… find ‘riginal?), and thankfully this is something that they’ve re-implemented in Big Sur, thus:

So, all is right with the world. We can all go back to our daily lives secure in the knowledge that this travesty has been resolved, that this great iniquity has been cast aside, and that once again we are free as a people to stand in the light of the sun and eat breakfast under newer, better skies. Okay, there might be the slightest hint of an over-reach in that sentiment; after all, many other things are still in assorted states of brokenness, but the point has enough legs to stand on (albeit in a highly qualified fashion).

The lesson here is not that you need to make a lot of changes to the way that you think about how operating systems work; it’s that there’s value in doing something right the first time, then having the clarity to appreciate and acknowledge that value. I’m not mad because Apple changed a keystroke combination that, let’s face it, most people would go to the appropriate pull-down menu to access anyway. I mean, that’s a fairly small hill to die on. No, the thing that concerns and annoys me is that while most good designers make decisions based on forethought and conceptual understanding, there’s always the pitfall of thinking that you’re going to do something better, and that the work that has been done before lacks value and needs to be remedied.

And it’s not something unique to Apple. I’ve seen that tendency in code that I’ve written and revisited, and I imagine that a lot of people in my shoes have had the same experience. Sometimes you’re so eager to improve something that you fall into the trap of thinking that everything you touch needs to be changed, and you end up throwing up roadblocks to productivity that didn’t need to be put there. You can measure twice and cut once as often as you like, but if the thing doesn’t need to be cut at all? Well. The next best thing you can do is to have the humility to undo your mistakes.

Today I shall be writing about macOS Big Sur, which is even as we speak wending its way through both the Public and Developer Beta programs while the good folks at Apple either glue bits on or hack them off with what we hope is some kind of grand design in mind.

New Operating Systems are polarizing things, and that’s the kind of attitude and behavior that I enjoy, nay, encourage. I like the seasonal nature of disgruntlement; the perennial moaning and scowling and disapprobation that people inevitably kick into high gear whenever what is – on a fundamental level – the single most important thing they use on their computer is improved. Or reimagined. Or… well, changed. There’s some kind of metaphor in there for the nature of man; we all come into the world fresh-faced and brimming with optimism, and then get stuck in our ways and end up grey-haired and angry at progress and prone to using words like “whelp” and “whippersnapper” in cold blood.

It’s freeing to realize this, because it’s a realization that sets you free. You’re not going to like change, and you’re not going to welcome it because you’re older and wiser than you used to be – and that’s okay. The measure of character is not how well we accommodate change, but how well we tolerate it. The test of your maturity lies in rolling with those punches and – instead of trying to change the world – realizing that you’re not infallible, and that maybe you should consider working on changing yourself.

Huh. That got real profound real fast. And I was only here to bitch about the menu bar clock. Let’s get back to that, shall we? Yes? Good.

The menu bar clock in macOS Big Sur is irrevocably stupid. Oh, it’s fine if you want to know what day of the week it is and what the time is, thus:

…but it’s not useful if you, say, want to know what the date is. Or (and this is admittedly rather less likely) know what the month is, just in case you’ve really overslept or have sustained some traumatic and untreated cranial injury.

In the good old days – before whippersnappers like you whelps were running around with your iPhone 12s and your Billie Eilish records and whatnot – you could happily go and jump into the Date and Time System Prefpane and change the way the menu bar clock reported the date and time, specify whether you preferred 24 or 12 hour time, whether you wanted such bizarre indulgences as flashing time separators or the ability to observe seconds as they ticked by. You were probably also able to go and buy shoes for a nickel, but these days that Prefpane shows you this instead:

This will never do. Now, I’m happy to let a lot slide in the name of progress, but I’ll go to the mat for the Date. I’m forty-seven, which is a fact that never ceases to surprise me and induce mild existential horror when I’m confronted by it. I’m forty-seven and my left knee is in a constant state of betrayal of the rest of my body and I wear glasses and I forget what the date is about thirty-thousand times a minute. My options extend to either getting the date tattooed on myself afresh each day or finding a way to get the date back into the menu bar. And I hate needles.

Fortunately, this turns out to be doable because while Apple doesn’t have a convenient button in there to allow you to specify clock options, the fundamental wiring for said clock options is still extent in the OS. To get to what they’ve done we’ll use the defaults command to read what’s going on with the menubar extra, thus:

So, if “Fri 15:43” equates to “EEE HH:mm” then it’s a pretty solid bet that EEE = day of the week, HH = hour, and mm = minute. With that in mind, we can use defaults to write back some other options for the OS to look at. If you turn everything on and then look at the defaults read for the same plist under macOS Catalina then you’ll get this:

Right. So, it doesn’t take much to come to the conclusion that MMM = Month, ss = seconds, and (be still my beating, arthritic heart) d = date.

With that in mind, we’ll write all the above back into Big Sur, thus:

defaults write com.apple.menuextra.clock DateFormat -string "EEE d MMM HH:mm:ss"

…which magically turns into:

Ah. That’s much better. Change is a wonderful thing; particularly when it happens to other people.

This is another one of those posts where I wear my heart on my sleeve about how great Synology is. A lot of that has to do from spending many, many years in an abusive relationship with OS X/macOS Server, which was good during the good times, but when it was bad it was very, very bad. In this time of global apocalypse it’s increasingly important to be able to get remote access to vital data resources, and Synology’s DSM has a really convenient way of doing that in their QuickConnect product, which simply gives you a convenient portal to access your DiskStation from anywhere in the world and administer it through a browser. Sounds good?

No. No, that isn’t good. I mean, I get it; it’s an intelligent and functional way of remote access and administration, but it isn’t ideal. Convenient? Sure. But problematic.

The thing with QuickConnect is that the nature of the thing requires remote access, and the thing about remote access over the internet is that, well, it’s remote access over the internet. And the internet isn’t exactly famed and noted for it’s utter infallibility and ironclad invulnerability.

Tangible example (don’t try this at home and I’m certainly not going to get into specifics because this is ethically problematic territory): it took me about five minutes and some well-crafted Google searches to find, build and install the tools and methods to pull a list of every single subdomain on the internet in the quickconnect.to domain. It’s a big list, and I’m willing to bet that most of those Synology QuickConnect setups are legitimately and intelligently setup with clever usernames and passwords and lots of security. But, statistically, there’s a likelihood – a decent one – that a lot of those have “admin” as the username and “admin” as the password. Or “Password”. Or, I don’t know, “12345678”.

Were I interested in larceny and mischief then I could script the means to run down that list and try the most common usernames and passwords against each of those entries. And I’m pretty sure that I’d end up with, well, a healthy handful of hits. That translates to complete, unfettered access to the files and data of the respective companies and institutions, along with usernames and emails and passwords, VPN access credentials and so on.

Fortunately, there are some pretty basic things you can do to somewhat lock down QuickConnect and the DSM in general. And when I say “somewhat” that’s because hey, this is the internet and no, there’s no such thing as secure, but yes, there is such a thing as making breaking into your stuff difficult and expensive and time-consuming, and yes, that’s your best shot at what we’re euphemistically calling cybersecurity these days.

The best tool in the arsenal is to enable two-step verification to the DSM, so that when you connect via QuickConnect you’ll also have to have access to an authenticator app on your phone in order to retrieve a six-digit code. It is, thankfully, a pretty simple operation.

Sign into your Synology DSM as per usual, then navigate to the person-shaped icon at the upper-right corner of the window and choose Personal, and then choose Account. You’ll see a helpful box marked “Enable 2-Step Verification” that will mostly likely be greyed out if you haven’t set up your Synology with an email account that it can use for notifications. If that’s the case then click on the “Email Account” tab and hit “Add”. You’ll be prompted to add either an Outlook, GSuite, or other email account thus:

Choose the appropriate option, hit Next, then follow the prompts to connect your email Account with the Synology Personal Notification service. If you’re using GSuite (like I do) then it’s as simple as clicking “Allow” at the next window. Seriously.

Once that’s out of the way you can go back to the “Enable 2-Step Verification” box and check it, then walk through the Wizard, which will ask you for an email address to use as an emergency backup. It’s probably best to use a different email address than the one associated with the Notifications setup in the last step. After that you’ll be given a QR code to scan into the authenticator app of your choice (I use Google Authenticator).

Log out of the DSM, and when you log in again you’ll be required to enter the six-digit verification code found in your authenticator app, and can then breathe a little easier. It’s no VPN, but it’s a lot better than just leaving everything open and hoping that you remembered to change the default user name and password…