Tag Archives: iPhone

Bushel iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment Minneapolis

Bushel: The Device Enrollment Program (DEP) In Action

Apple’s Device Enrollment Program (DEP for short) allows you to automatically setup devices with the settings you need on devices that your organization purchases. In Bushel, we give you the ability to link an Apple DEP account up with your Bushel account. This allows devices to add themselves automatically to your Bushel when the devices are activated. We tend to think this is the coolest thing since sliced bread and so we want to make sure you know how to use the feature.

Setup Device Enrollment Program in Bushel

To get started, log into your Bushel and click on Devices. Here, click the button for Device Enrollment Program.

XcKrpO-M0gXF27l0exLKtVbNMLdI1itn8ThiXRqW3xQ

Download your certificate and go to deploy.apple.com and log into your Device Enrollment Program account. Click on Manage Servers in the Deployment Programs sidebar.

Screen-Shot-2014-10-14-at-2.12.49-PM

Next, click on Add MDM Server and provide the certificate we gave you and a name. Once Bushel has been added to your Device Enrollment Program (DEP) account, click on Assign by Serial Number to add your first device. Assuming the device is part of your DEP account, enter the serial number for the device and choose which server (the one you just added) that the device should reach out to on activation to pull settings from.

Screen-Shot-2014-10-14-at-2.13.53-PM

Once you’ve added the server, you’ll be greeted by a screen that says Assignment Complete. You can now wipe the device and upon reactivation the device will pull new settings from your Bushel.

Screen-Shot-2014-10-14-at-2.13.58-PM

The Device Enrollment Program in Bushel

Click OK and you can add more devices. Once your devices are added into the Apple DEP portal they will automatically appear in the DEP screen of your Bushel. Click on a device to assign a username and email address, if you will be using email.

xdWSZrVkYs6wWHgmzfmdkOdmZjSXVMDqrypOkqCaC3w-1

Good luck!

iPhone Mac Security Network Infrastructure

Listen To iOS Network Communications

OS X has a command called rvictl, which can be used to proxy network communications from iOS devices through a computer over what’s known as a Remote Virtual Interface, or RVI. To setup an rvi, you’ll need the udid of a device and the device will need to be plugged into a Mac and have the device paired to the Mac. This may seem like a lot but if you’ve followed along with a couple of the other articles I’ve done recently this should be pretty simple. First we’ll pair:

idevicepair pair

Then tap Trust on the device itself. Then we’ll grab that udid with idevice_id:

idevice_id -l

Next, we’ll setup a rvi with rvictl and the -s option (here I’m just going to grab the udid since I only have one device plugged into my computer):

rvictl -s `idevice_id -l`

Then we can list the connections using rvictl with the -l option:

rvictl -l

Next, we’ll run a tcpdump using this newly constructed rvi0:

tcpdump -n -i rvi0

Next, we’ll get a lot of logs. Let’s fire up the Nike FuelBand app and refresh our status. Watching the resultant traffic, we’ll see a line like this:

22:42:29.485691 IP 192.168.0.12.57850 > 54.241.32.20.443: Flags [S], seq 3936380112, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 706439445 ecr 0,sackOK,eol], length 0

There’s an IP in there, 54.241.32.20. We can look this up and see that the servers are sitting on Amazon Web Services and verify it’s Nike. Watching the traffic with tcpdump we can then obtain GET, POST and other information sent and received. Using wireshark we could get even more detailed data.

Overall though, this article is meant to focus on the iOS side of this and not on debugging and refining the approach to using tcpdump/wireshark. rvictl is a great tool in the iOS development cycle and for security researchers that are looking into how many of the apps on iOS devices exchange data. Enjoy.

Wearable Technology

Integrate Nike Running App With Apple’s Health App

The new Health app from Apple provides a conduit to run all of your health data through on an iOS device in order to then provide you with a single pane of glass to see all of your health related data. This can include diet, workouts, weight, blood pressure, etc, provided that the vendors of such devices or apps you may use support those features. The Nike Running app (not yet for the Fuelband) is one such app. And if you track runs with Nike Running then you’ll want to setup the integration asap, as the Health app only looks at runs that are configured after you setup the integration.

To integrate the app into Health (and therefore showcase what Health can do) we’ll simply upgrade it and do so real quick. The first step is to upgrade the Nike+ Running app. To do so, open the App Store, tap on Updates and find the Nike+ Running app. Here, tap Update and provide your password.

IMG_1717

When the app is finished updating, open it. You should be prompted on the first open after the update to setup Health Access. Here, use the sliders for each of the items you’d like to sync to Health. These include your NikeFuel (the fuel points obtained per run), the Workouts and, if you have a device that tracks Heart Rate, whether or not the Running app can access that Heart Rate data. Tap Done when you’re satisfied with your settings.

IMG_1713

From within the Health app, you can then see what Health reads from and writes to the NikeFuel app. Open the Health app, tap on Fitness and then NikeFuel. Here, you can change the settings that were previously configured.

IMG_1714

The NikeFuel entry will then start to sync with your Nike account. Tapping on NikeFuel in the Health app provides you the option to Show on Dashboard, which is the first screen of your Health app. Toggle this to enable the option.

IMG_1715

Once enabled, you can see stats from your Nike Running app on the dashboard in Health. The data is then useable by other apps that can also integrate with Health, provided you allow it.

IMG_1716

When the next run is synchronized, you should see data from the run populate the NikeFuel entry on the dashboard. The FuelBand, Nike Basketball and Nike Training Club apps have not been integrated into Health. But when they are, I’ll try and remember to come back and update this article.

 

Mac Security

Need A Password? There’s An App For That!

Remember this comic:

Regrettably, password policies don’t allow for a few random words at most organization, so a special character, a capital letter and a number are basically required in most passwords these days. However, if you need a quick and dirty generator that includes a phrase and those additional characters, consider MyPhrase from Björn Albers. It’s simple to use, fast and easy. Good luck out there!

iPhone_6_Vert_SpaceGray_sRGB_0914

iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment Minneapolis

Come One, Come All: To The JAMF Nation User Conference

If you do deployments of Apple products, there are a few conferences to look at. Based on where you are and what industry you are in, some of these are better than others. But if you use the Casper Suite or are considering doing so, it would be really hard to beat JNUC, the JAMF Nation User Conference.

jamf-nation-user-conference-2014_1140_464_84_1399405603

And yes, I’d of said all this and posted this even if I hadn’t of come to work here a week and a half ago! So come one, come all to Minneapolis. And if you’re really nice, we’ll hook you up with some good old fashioned Minnesota lutefisk!

iPhone Mac OS X Mac OS X Server

MacIT Presentation

I enjoy going to MacIT so much. Paul Kent ran a great little conference in Monterrey one year and I am so glad that I started going to Macworld around that time. I missed it last year while trying to trim back on the travel and am pretty stoked I got to get there again this year. Special thanks to everyone I saw and was able to hang out with. Considering there isn’t a single person I didn’t want to hang out with, sorry if I didn’t see you or get to spend any time. Thanks to Duncan and Kevin White for making time to do the podcasts (hopefully the background noise is low enough so we can get them posted!).

Also, this is a top-notch production. Kathy, Paul, the board (Arek, Dan, John, Kevin, Duncan, etc) and everyone else I’ve ever interacted with there are absolutely amazing. I would love nothing more than to not get a chance to speak next year because a flood of amazing talks burst on the scene. Start thinking about what you could talk about now so I can show up and sit in the back and watch you do your thing! :)

And if you were in my session and asked about the presentation when the conference site was on the fritz (which could have also been my fault BTW), the presentation is here: MacIT 2014

Screen Shot 2014-03-29 at 11.09.44 PM

iPhone

Testing iOS Services Using Services Test

The good folks at Amsys have built a nice little app called Services Test for verifying outbound connectivity to critical services to make iOS devices work.  If you are having problems connecting to these services or activating devices, simply open the App and tap on the play button in the upper right hand corner of the screen.

photo 1

Click on the Info button to see what each of these servers do during the activation and management process.

photo 3

The app can also test a few common server services, including connecting to an OS X Server, Casper and AirWatch. These are typical services used in an iOS and Mac environment.

photo 2

Overall, this is a really nice little app for testing connectivity to typical iOS services and a very nice tool Amsys is providing to the community!

 

Wearable Technology

10 Things To Know Before Buying A Pebble Watch

At first I didn’t think that I was going to write a review of my Pebble. Then, I realized that my perspective is probably different than most, so I changed my mind and decided to jot down 10 things to know about the Pebble. Before I get into that though, I’m one of those weird people that still wears a watch. Yes, I know, how very dated I must look. But hey, I really don’t care so I keep wearing it. Therefore, a different device on that wrist really doesn’t move the needle, it’s just a device that isn’t the other one that I wore for 20 years… I have stopped wearing my Tag completely, but that’s OK, it’s getting a little long in the tooth anyway.

pebble-watch

The Pebble has a lot of promise. A lot is fulfilled and more yet has yet to be fulfilled. Let me explain, starting with the things I love (the promise that is fulfilled):

  • The Pebble has an SDK. Using the SDK, developers can design apps and sell them or post them online.
  • The battery of a Pebble lasts me about 5 or 6 days, depending on how many push alerts the device gets over the low power bluetooth connection back to my phone.
  • The screen is monotone and epaper, which is to say that it is not designed to emit light (unless shaken) and so you can see the screen very well in sunlight, much like the pump at a gas station.
  • The Pebble receives low power bluetooth push alerts from your phone. This means that when someone says something on Instagram, likes a photo on Facebook or sends you a text, you see it on the phone and on the watch. Since many alerts you just look at, this keeps you from taking the phone out of your pocket. You can’t really do anything with most alerts, but you can see them and just file the piece of information for later. The alert will still be on your phone when you take it out of your pocket.
  • When someone calls, you see caller ID and contact info on the watch.  You can then answer a call right from the watch. If you’re wearing headphones and a mic then you never have to take the phone out of your pocket to answer calls.
  • You can control music on your iPhone through the watch. This means you can go forward and backward without taking the phone out of your pocket. When I’m on my morning runs this is especially helpful when I’m on a treadmill as taking my phone out of my pocket on the treadmill often makes me just unstable enough to possibly wipe out on the treadmill. I’ve only had it in the winter here in Minnesota so I’m not sure if that will matter to me when I get to run outside again.

The promise to be fulfilled:

  • I think this starts with a true app store, like Apple has. There are accelerometers and other doohickeys in these things that mean they can really do a lot more than what they can today. The app store isn’t out yet, although you can buy or download apps at the Pebble site (it’s just not a simple process all the time and better apps typically tend to get written when people make money from them).
  • There are fitness apps but the device doesn’t yet replace a FuelBand or a FitBit. It doesn’t track steps (which with an accelerometer should be simple to do), calculate burned calories, etc. I’d like to see an app that allows you to choose foods you tell an app on your phone you like so you can calorie count at the dinner table without busting out your phone. I’d also like to see a step tracking app that can sync to FitBit so I can stop wearing my Force.
  • Watchfaces are currently the big thing most apps allow you to control. I don’t give two craps about changing the watch to look different.  However, if you want to make your own “Haz Cheezburgur” watch face, feel free (this isn’t really a bad thing, just a lot of time wasted designing pixelated and monotone watch faces that could have been spent writing cool apps).
  • The device is currently half way between SDK 1 and SDK 2. This means there are cool features that you can only get if you go through a lengthy upgrade process that includes sending them a UDID for your iOS device. It’s not a terrible thing, like the other promises to be fulfilled with the Pebble, it’s just a thing.

Overall, I love the Pebble. The nerd factor around not having to take your phone out of your pocket, the ability to skip songs, the ability to look and see which push alerts you actually care about are all awesome. I hope that the app store brings with it a bunch of new apps that give you access to lots of things and that I can get rid of my Nike FuelBand or FitBit soon, but that could be 2 weeks from now or 2 years for all I know. It’s a quality device that’s well worth the money if the things I mention are things that you’d like to have. However, for now it’s not a replacement for that Garmin, FuelBand, etc type of device you may be using for fitness purposes. Anyway, if it’s the type of thing you’re into then good luck and I hope you enjoy it!

Home Automation

Integrate WeMo with IFTTT

Part II. In Part I we setup those little WeMo units you just got. Now, we’re gonna’  connect our WeMo devices to IFTTT. Short for If This Then That, IFTTT allows you to connect lots of different services to other services so that you can trigger events between services. For example, you can connect WeMo to Facebook so when you come home from work the motion sensor posts to Facebook. I don’t recommend that, but it’s an example. A better example is to trigger a change in the weather from your thermostat. Wait, I mean, change the thermostat based on the weather… Anyway, the more things you connect to IFTTT the more ideas you’ll get of cool things that can save you a little time here and there. In this case, we’re just going to connect WeMo devices to IFTTT. To get started, open the WeMo app and tap on the More button along the bottom of the screen. At the bottom, there’s a button for Connect to IFTTT. Tap it.

IMG_7394

At the next screen, you’ll be provided with a Temporary WeMo PIN.

IMG_7395

Log into your IFTTT account and then click on Channels. At the Channels interface, click on the WeMo Insight Switch icon.

Screen Shot 2013-11-12 at 4.19.48 PM

At the WeMo Motion Channel screen, click on Activate.

Screen Shot 2013-11-12 at 4.19.59 PM

At the Activate WeMo Switch screen, provide the PIN provided earlier and then click on the Activate button.

Screen Shot 2013-11-12 at 4.21.05 PM

If you ever change your mind, just use the Deactivate button to turn off your WeMo channel.

Screen Shot 2013-11-12 at 4.31.42 PM

 

Once done, you can configure a Recipe linking your WeMo Switch to trigger other events. To do so, click on Recipes in the top nav bar and then at the Recipes screen, click on Create a Recipe. In this example, the Recipe uses a Tweet that contains a hashtag of #off to

Screen Shot 2013-12-05 at 9.03.37 AM

 

Once done, trigger the event and see if it does what you’re after. If so, you’re all done!

Home Automation

Quick and Easy Home Automation For Christmas Lights

OK, if you’ve been following this site for awhile you probably know that I’m a huge z-wave nerd. But I’m open minded and I like to experiment with new systems. So I bought some Belkin WeMo stuff. I am mostly pretty happy with it. To start, it came in a cute little box. You can just get the light switch, but I splurged the extra $5 and got the little motion sensor, which is well worth $5. I got mine at Best Buy who has a couple of WeMo products in stock at the stores around my house.

IMG_7380

First up, install the WeMo app on your iOS device from the app store.

IMG_7382

By now, you might have noticed that your two WeMo devices have each setup their own wireless network (similar to the setup of a FitBit Aria). Once you install the WeMo app, open it to be prompted to select a wireless network. Tap on one of the two listed WeMo networks.

IMG_7383

The iOS app pairs to the selected WeMo device and then prompts for the SSID of your main network that you want the app to configure the device to connect to.

IMG_7384Assuming the wireless network requires a WEP or WPA key, you’ll then be prompted for what the app will send to the WeMo device as the key. Enter it and tap Join.

IMG_7385

You’re then prompted for whether you want to receive Push Notifications. I like to do so, so I just tap OK here.

IMG_7386

The next screen informs you that the app is gonna’ do all the networking in the background so there’s no ports or other weirdness to open to be able to control your awesome Christmas tree remotely. Tap OK.

IMG_7387

At the Setup Successful screen, you’ll see the information for the device you just entered. Give it a name, make sure the icon is correct and provide an email address, then tap Done.

IMG_7388

Now the annoying part. You need to say yes to this Firmware dialog. The firmware file only takes a couple of minutes to transfer from your iOS device to the WeMo device. Just tap yes…

IMG_7389

And then tap Update Now.

IMG_7390

Now, you get to do the next device. Yay. Tap add and then select the other wifi network created.

IMG_7391

Then complete the wizard again, updating firmware when prompted.

IMG_7393

Next, tap on Rules and configure a New Time Rule. I’ll do an article on this soon. First, I want to do one of IFTTT integration so that this flows. I guess that makes this a series. Swanky.