Tiny Deathstars of Foulness

The Caching Server in OS X Server 5.2 (for Sierra) does content, apps, and software updates. The Software Update service is hidden by default indicating it will likely be removed from the Server app in a future update, although when is kinda’ up in the air. The Software Update service can still be enabled for now, which we’ll look at later. The Caching service on the Server app works like a proxy. When 10 of your users download that latest Nicholas Sparks book and movie, you only sacrifice your WAN pipe to download it once, and the other 9 people piggy-back off that. And when 10.12.1 ships, you only need to download it over the WAN once, and the other local users will pull off that spiffy Caching server sitting in your office. Pretty sweet, right?

So, how do you use this ultra-complicated service? It looks and feels kinda’ like an iPad app. Which is to say that as far as server stuffs go, this thing is pretty darn easy to use. To get started, open the Server app and then click on the Caching service in the sidebar of the Server app.


Here, click on the ON button. OMG, so hard. But wait, there’s more! Click on that Change Location button and you can select a larger volume for your updates that are cached. You’ll likely wanna’ do this because the entire series of the HBO drama OZ is kinda’ big (and yes, creepy, but really well written)…

If you do change the location, you’ll see a window to change the volume you’re caching to. That’s pretty much it. Other than the waiting for the updates to move. By default, the Caching service allows for unlimited space. Use the spiffy slider to reduce the total amount of space that the service can occupy on the hard drive. This can be a good thing if it happens to be your boot volume and there are other more mission critical services hosted on that thing.

Overall, this all seems pretty straight forward. So what else might you need to know. In case you get a corrupt asset, or in case your volume fills up, there’s a Reset button, to reset the cache.


The service can be controlled from the command line as well. To start it, use the serveradmin command along with the start verb and the service name (oddly, that’s caching).

sudo /Applications/ start caching

To stop the service, use the stop verb along with the service name:

sudo /Applications/ stop caching

To see a list of settings, use the settings verb with the service name:

sudo /Applications/ settings caching

The settings are as follows, mostly available in the Server app:

caching:ReservedVolumeSpace = 25000000000
caching:CacheLimit = 350000000000
caching:ServerRoot = "/Library/Server"
caching:ServerGUID = "DEE63BBB-9F32-428B-B717-E3941F82E2DC"
caching:DataPath = "/Library/Server/Caching/Data"
caching:LocalSubnetsOnly = yes
caching:Port = 0

One setting you might choose to change is the reserved volume space, as this can keep you from getting the service started on smaller volumes. In the above example, the setting is 250 gigs. To change that to 100 gigs:

sudo /Applications/ settings caching:ReservedVolumeSpace = 10000000000

A new setting in Server 5.2 for macOS Sierra is defining other servers that can access your Caching server. This is like providing a proxy for a proxy. Basically if your devices can cache updates onto the server from other servers then the updates are caching much faster than if your server caches the updates from Apple. This is called Peering Permissions. To define Peering Permissions, click on the Edit Peering Permissions… button.


At the Caching screen, click on Only Local Subnets if you want to let the server identify which subnets are local, or Only Some Networks to define which ranges of addresses have servers that can cache content and update from your server.


Click on the plus sign to add a network and then click on “Create a new network”


At the Create A New Network screen, provide a name and then the first and last IP


Click Create and then add all of the appropriate subnets. Click OK when you’re done. Restart the service and viola, you’re finished.

September 24th, 2016

Posted In: Mac OS X Server

Tags: , , , , , , , , ,

When using Apple Configurator, you can assign an existing supervision identity to be used with devices you place into supervision. To do so, first open Apple Configurator and click on Organizations.

Screen Shot 2015-10-26 at 5.05.48 PM

From Organizations, click on the plus sign (“+”).

Screen Shot 2015-10-26 at 5.05.51 PM

From the Create an Organization screen, click Next.

Screen Shot 2015-10-26 at 5.05.55 PM

When prompted to provide information about your organization, provide the name, phone, email, and/or address of the organization.

Screen Shot 2015-10-26 at 5.06.02 PM

If you are importing an identity, select “Choose an existing supervision identity” and click on Next.

Screen Shot 2015-10-26 at 5.06.06 PM

When prompted, click Choose to select the identity to use (e.g. exported from another instance of Apple Configurator or from Profile Manager).

Screen Shot 2015-10-26 at 5.06.20 PM

Click Choose when you’ve highlighted the appropriate certificate.

Screen Shot 2015-10-26 at 5.06.24 PM

Click Done.

August 23rd, 2016

Posted In: Apple Configurator, iPhone

Tags: , , , , ,

Looks like Sal et al posted a suite of Automator Actions to link the Casper Suite to Apple Configurator at In my limited tests so far they work pretty darn well!

Screen Shot 2016-07-14 at 12.09.27 PM

Some pretty cool things here, like having the JSS rename a mobile device when managed through Apple Configurator, having Apple Configurator instruct the JSS to remove a device from a group, clear passcodes, update inventory, and other common tasks involved in workflows when leveraging Apple Configurator for en masse device management. Good stuff!

July 14th, 2016

Posted In: Apple Configurator, iPhone, JAMF

Tags: , , , , , ,

There are two main garage door openers in the home automation space. The first is the Chamberlain MyQ and the second is the GoControl. The hardest part about setting up the MyQ was that I had to hit a funny orange button on my existing non-automated Chamberlain opener and then hit the button on the opener in my car to sync ’em up. It took about 10 tries, but eventually it worked.


Once configured, I didn’t love the loud noise the device made to open the garage door (guessing that because it’s compared with a strobe that this is a safety measure). Once the Chamberlain is configured, open the Wink app. Then tap Add A Product and then tap on Garage Doors.


At the Garage Doors screen, tap MyQ Garage Door.


At the Chamberlain Garage screen, tap on Next to verify that you want to add a MyQ to the Wink.


At the Get MyQ App screen, tap on I Have An Account (unless you don’t have an account yet, then tap on Get MyQ App and download the app, setup the garage door, and create an account).


At the Connect Account screen, tap on the Connect Now button.


At the MyQ overlay of the Link Account screen, enter your credentials and then tap on Authenticate.


Provided the authentication worked, tap on Done. Tap Name Garage Door and provide a name for the door (useful if you have two doors).


Next, use the Wink app to test the opener.

July 3rd, 2016

Posted In: Home Automation

Tags: , , , , , ,

The increase in the use and complexity of technological assets in the healthcare sector has been on the rise in the recent past. Healthcare practitioners have moved from recording data manually to keeping Electronic Health Records. This eases the accessibility and the availability of data to the health practitioners. Further, electronically stored data makes it possible for patients to receive high quality and error-free care, improve decision making process because medical history is available and also makes it possible to provide safer and more reliable information for medication. Despite, the numerous advantages that the use of technology in healthcare has, there is also a threat of patients data leakage that lingers around. According to a research by Garrison and Posey (2012), medical identity theft has far more consequences in comparison to the typical identity theft. In average, every medical theft case can cost $20,000, and represents a substantial privacy violation. For this reason and more, it is important for healthcare institutions to protect patient data by securing technological assets within the institution. This article will explore the different methods used to secure the technological assets, with an emphasis on mobile devices.

The first method is limiting access to the electronic health records to only a few individuals. According to Gajanayake et al.(2014) suggests that there are different models of limiting access to the records. The first step is to ask for authentication, this will prompt them to verify their identity. This could be achieved by giving the authorized individuals unique passwords for identification and also by performing biometric scans of the individuals. This step will eliminate the possibility of unauthorized access to the technological access. The second step is to limit the type of information that one is supposed to access. This could be made possible using certain access models. Examples of models that have been proposed include Discretionary Access Control (DAC),Mandatory Access Control (MAC) and Role Based Access Control (RBAC). The DAC restricts access to certain commands such as’ write’, ‘read’ and ‘execute.MAC controls access by assigning information different levels of security levels. RBAC is based on the rights and permission that depend on the roles of an individual. These models normally apply to the security of electronic data. Other assets such as the hardware could be protected physically by limiting authorization to their storage rooms and also limit the location in which they are expected to be used at. Limiting access ensures that those that are not authorized to access the information are locked out of the database.Hence, this is an important strategy in protecting patients’ data.

The second method is through carrying out regular audits on the electronic system and the individuals handling the technological assets. Audit controls record and examine the activities that involve access and use of the patients’ data. This can be integrated into the Electronic Health Record (EHR) system or used to monitor the physical movements of the individuals that have access to the records. In addition, HIPAA requires that all health institutions that use the EHR system should run audit trails and have the necessary documentation of the same (Hoofman & Podgurski,2007). Some of the information collected during audits includes the listing of the content, duration and the user. This can be recorded in form of audit logs which makes it easy to identify any inconsistencies in the system (Dekker &Etalle ,2007). Further, monitoring of the area where the hardware have been placed for used should be done. This can achieve by use of recorded video, which monitors the activities of individuals who use the system. This can also be audited regularly and any inconsistencies noted (Ozair et al., 2005) Carrying out audits of the technology assets of the healthcare institution will help to monitor the daily use of the system which will enable the identification of any abnormal activities that may endanger patients’ data.

The third method is the setting up of policies and standards that safeguard the patients’ data. These policies may vary from one institution to another. For instance, the employees should be prohibited against sharing their passwords and ID and they should always log out their accounts after accessing the system. The authorized individuals would also be properly trained about these so that they are aware of their importance. In addition, these policies should be accompanied by consequences which will impact the users. This will ensure that they follow the policies to the letter. The set of policies and standards are to ensure uniformity in the protection of patients’ data (Ozair et al., 2005).

The fourth method that could be implemented to protect patients’ information is through the application of various security measures to the software and the hardware. The software can be protected through encryption of data, using firewalls and antivirus software’s to prevent hackers from accessing the data. Intrusion detection software can also be integrated into the system. These measures will protect the data from individuals who intend on hacking into the system online and accessing information for malicious purposes. The hardware could be protected by placing security guards at different stations where patients’ data is stored so that he ensures that no unauthorized person gets access to the area or no one tampers with the system or steals it. This step will ensure that the hardware is kept safe from intruders and people with malicious intent.

Protecting patient data starts with the software systems that house the data. The databases that warehouse patient data must be limited to only those who need access and access to each record must be logged and routinely audited at a minimum. Data should only reside where necessary. This means that data should not be stored on devices, at rest. For Apple devices, device management tools such as the Casper Suite from JAMF Software both help to keep end users from moving data out of the software that provides access patient data, and in the case of inadvertent leakage of data onto unprotected parts of devices, devices should be locked or wiped in case of the device falling outside the control of a care giver. Finally, the integrity of devices must be maintained, so jailbroken devices should not be used, and devices and software on devices should always be kept up-to-date, and strong security policies should be enforced, including automatic lock of unattended devices and strong password or pin code policies applied.

In summary, the protection of patients’ data in this technological era should be given a priority. In consideration of the frequency and losses that are experienced due to leakage or loss of private patients’ information, more should be invested in maintaining privacy and confidentiality of data. This can be achieved through controlling access to the electronic data and the gadgets that hold it, carrying out regular audits on the access of the system, creating policies and procedures that ensure that data is secures and finally through, putting in security measures that guard against loss and leakage of the information. All these measures will aid in alleviating the risk of patients’ data and maintaining their privacy and confidentiality which is the main agenda.


Dekker, M. A. C., & Etalle, S. (2007). Audit-based access control for electronic health records.Electronic Notes in Theoretical Computer Science,168, 221-236.

Hoffman, S., & Podgurski, A. (2007). Securing the HIPAA security rule. Journal of Internet Law, Spring, 06-26.

Garrison, C. P., & Guy Posey, O. (2012). MEDICAL IDENTITY THEFT: CONSEQUENCES, FREQUENCY, AND THE IMPLICATION OF ELECTRONIC HEALTH RECORDS AND DATA BREACHES. International Journal of Social Health Information Management5(11).

Gajanayake, R., Iannella, R., & Sahama, T. (2014). Privacy oriented access control for electronic health records. electronic Journal of Health Informatics8(2), 15.

Ozair, F. F., Jamshed, N., Sharma, A., & Aggarwal, P. (2015). Ethical issues in electronic health records: A general overview. Perspectives in clinical research6(2), 73.


June 29th, 2016

Posted In: Apple Configurator, Business, iPhone, Mac OS X, Mac OS X Server, Small Business

Tags: , , , , ,

I’ve worked with a lot of organizations switching between Mobile Device Management (MDM) solutions in my career. And I’ve seen the migration projects go both really, really well, and really, really poorly. In most cases, the migration is somewhat painful no matter what you do. But in this (my first) article on the JAMF blog, I try and organize my thoughts around a few things to look out for when migrating between MDMs/MAMs, and some context/experience around those.

Screen Shot 2016-06-23 at 11.45.32 AM

June 23rd, 2016

Posted In: Articles and Books, iPhone, JAMF, Mac OS X

Tags: , , , , , ,

Here’s a little app to sync data from a DynamoDB database to an iOS device. Includes the ability to search. Simply edit the constants file to link it to your source. Enjoy.

Screen Shot 2016-06-05 at 5.59.57 PM

June 6th, 2016

Posted In: iPhone

Tags: , , , , , , ,

My latest Huffington Post article is up; this one on 10 Cool Things You Might Not Know You Can Do With Dropbox. A sample of the article:

You lіvе in an аgе whеn you wаnt (and ѕоmеtіmеѕ nееd) tо access іnfоrmаtіоn аt аll tіmеѕ. Thіѕ іnсludеѕ yоur оwn dаtа аnd fіlеѕ — text dосumеntѕ, рhоtоgrарhѕ, vіdеоѕ, music and mоrе. Thаt’ѕ whу ѕеrvісеѕ lіkе Drорbоx is so popular wіth thе соnnесtеd gеnеrаtіоn.

Free оf сhаrgе (wіth a раіd uрgrаdе орtіоn), Dropbox lеtѕ уоu uрlоаd уоur files tо fоldеrѕ ассеѕѕіblе аnуwhеrе thеrе’ѕ аn Intеrnеt connection. It еlіmіnаtеѕ thе hаѕѕlе of еmаіlіng уоurѕеlf attachments аnd runnіng іntо size limits. People can use Dropbox through the desktop арр, mоbіlе аррѕ оr via thе wеb.


Screen Shot 2016-03-22 at 1.29.15 PM

March 23rd, 2016

Posted In: Apps, cloud, iPhone, Mac OS X

Tags: , , , ,

iOS 9.3 is out, with lots of new, cool features. For a list of them:

With this update your iPhone, iPad and iPod touch gain improvements to Notes, News, Health, Apple Music and a new feature called Night Shift that may even help you get a better night’s sleep by shifting the colors in your display to the warmer end of the spectrum at night. New features, improvements, and bug fixes include:

Night Shift

  • When enabled, Night Shift uses your iOS device’s clock and geolocation to determine when it’s sunset in your location, then it automatically shifts the colors in your display to the warmer end of the spectrum and may even help you get a better night’s sleep.

Notes improvements

  • Protect notes that contain your most personal data with Touch ID or a passcode
  • Sort notes alphabetically, by date created, or by date edited
  • When sketching, quickly bring up a fresh canvas with a two finger swipe, or by tapping the New Sketch button
  • A new checklist button at the bottom of every note makes it easier to create lists
  • Show thumbnails instead of large images and attachments by long-pressing on any image or attachment in a note
  • Choose whether photos and videos taken within Notes are stored only in Notes, or also added to Photos
  • Long-press on an Evernote Export file to import its contents into Notes

News improvements

  • New Top Stories section in For You highlights the most important stories of the day
  • Discover something great to read in Editors’ Picks, a selection of channels and topics handpicked by our Apple News editors
  • Swipe left on stories in For You on iPhone to quickly share or save or swipe right for more options
  • Play video stories right from For You — without opening the article
  • Read stories and watch videos in landscape orientation on iPhone
  • Change the text size in articles to make reading easier

Health improvements

  • Related third-party apps for select data types such as weight, workouts and sleep are displayed in the Health app
  • Health dashboard adds support for move, exercise, and stand Activity data and goals from Apple Watch
  • Easy access to Dashboard and Medical ID using 3D Touch Quick Actions from the Home screen
  • Third-party apps now have access to Activity rings and summaries from Apple Watch through HealthKit

Apple Music improvements

  • Add songs from the Apple Music catalog to playlists without having to add them to your library
  • Watch music videos on iPad in full screen
  • See what’s playing on Beats 1 directly from the Radio tab — without having to tune in
  • Tap the name of the currently playing song in Now Playing to go to the album
  • See which songs are most popular on albums in the Apple Music catalog

Photos improvements

  • Extract the still image from a Live Photo by tapping Duplicate which will give you the option to duplicate the Live Photo, or just the still image
  • Improved download performance of full size original photos or videos stored in iCloud Photo Library
  • Share Live Photos between iOS and OS X through AirDrop and Messages

iBooks improvements

  • Adds the ability for iBooks to store your PDFs in iCloud, making them available across all of your devices
  • Adds support for downloading previously purchased audiobooks from the iBooks Store
  • Adds the ability to share your audiobook purchases with any of your family members using Family Sharing
  • New controls for reading Manga more comfortably with faster page turns and simple controls for enlarging text
  • Adds Apple Pencil support to highlight and save your favorite passages for later

Education improvements

  • Introduces a preview of Shared iPad that enables multiple students to use the same iPad at different times throughout the day
  • Adds support for signing into iCloud with Managed Apple IDs
  • Adds compatibility for the new Classroom app
  • New configuration options to control the organization of apps on the Home Screen
  • New controls to determine which apps to show or hide on the Home Screen
  • Adds support for new restrictions for iCloud Photo Library and Apple Music

CarPlay improvements

  • Apple Music members now have access to their For You and New content in CarPlay
  • New Nearby screen in Maps to quickly find Gas, Parking, Restaurants, Coffee, and other driving essentials
  • Siri speaks more concisely when reading back and composing messages in CarPlay
  • Equalized sound levels between different audio sources in CarPlay

Dolby Digital Plus

  • Adds support for playing video encoded with Dolby Digital Plus audio streams with support for multichannel output using the Apple Lightning Digital AV Adapter

Hardware keyboard improvements and fixes

  • Enables the use of arrow keys to navigate through lists in Spotlight, Mail and Safari
  • Enables the use of space bar to scroll in Mail
  • Improves performance when using the space bar to scroll in Safari
  • Adds the ability to bring up the software keyboard from the Shortcut Bar when a hardware keyboard is connected
  • Fixes an issue that could prevent unlocking an iPad using the hardware keyboard
  • Fixes an issue that caused hardware keyboards to become unresponsive in captive login pages
  • Fixes an issue that could cause the Messages input field to disappear behind the Shortcut Bar when connected to a hardware keyboard

Other improvements

  • Maps adds support for getting a highlighted view of destinations and stops for a specific transit line by tapping on it
  • Maps now displays whether there are multiple transit line options for each route suggestion
  • Wallet app adds the ability to view the app related to a card or pass in the Wallet app by tapping an icon on the card or pass
  • Apple Pay adds support for signing up for store rewards programs with Apple Pay at point of sale terminal
  • Podcasts adds support for fullscreen video playback
  • Activity app adds a new Workout tab with monthly summaries of key metrics and the ability to filter by workout type
  • Move to iOS now offers app suggestions from the App Store based on apps installed on your Android device
  • iCloud Storage adds proactive status information and in-app notifications to let you know before you run out of space
  • Two-factor authentication is now available for all iCloud accounts
  • Support for Spanish (Latin America) system language
  • Siri support for Finnish (Finland), Hebrew (Israel), and Malay (Malaysia)

Enterprise bug fixes

  • Resolves an issue that could prevent some VPP purchased apps from launching after being updated
  • Adds iCloud backup support for device-assigned VPP apps
  • Addresses an issue that could prevent certificates from installing correctly when updating configuration profiles
  • Fixes an issue for some IPSec VPN configurations that could cause the internet connection to be interrupted after a VPN session was ended
  • Fixes an issue to prevent iBooks from emailing enterprise managed PDFs from unmanaged accounts
  • Resolves an issue for some Exchange users that caused Calendar to send multiple responses to the same invitation
  • Improves reliability for devices connecting to OS X Caching Server

Accessibility bug fixes

  • Improves 3D Touch reliability with Switch Control Accessibility option
  • Fixes an issue where VoiceOver interferes with speech after dictation
  • Fixes an issue where VoiceOver users could not write a review on the App Store
  • Resolves an issue where VoiceOver becomes unresponsive when receiving a phone call with a Bluetooth headset
  • Fixes an issue where large text was unreadable in Reminders

Other bug fixes, performance and stability improvements

  • Fixes an issue where manually changing the date to May 1970 or earlier could prevent your iOS device from turning on after a restart
  • Fixes issues that could prevent some iCloud Backups from completing
  • Fixes an issue for some users where Health data was incomplete after restoring from iCloud Backup
  • Fixes an issue where an inaccurate battery percentage could be displayed
  • Addresses an issue that prevented iMessage or FaceTime activation for some users
  • Addresses an issue that could prevent displaying the Phone interface while receiving a call
  • Fixes an issue that enabled overriding restrictions applied to cellular data toggle
  • Fixes an issue that caused notification settings to appear in the Watch app for apps that were not installed on Apple Watch
  • Improves reliability when using 3D Touch on the keyboard
  • Improves stability of the Phone app when setting up voicemail
  • Improves stability of the Mail app when your device is low on storage
  • Improves stability in Mail while using Mail Drop to send large attachments

Some features may not be available for all countries or all areas, for more information visit: and

For information on the security content of this update, please visit this website:

Sent from my iPhone

March 21st, 2016

Posted In: iPhone, Mac OS X Server, Mac Security, Mass Deployment

Tags: , ,

Posted a new swift command line tool to accept serial number data from an Apple device and respond with warranty information about a device at This is based on pyMacWarranty, at

Screen Shot 2016-03-15 at 10.34.41 PM

March 16th, 2016

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Swift

Tags: , , , , , , , , ,

Next Page »