Up to 1527MB/s sustained performance

Some Solid Discounts on Apple iMac Pro and MacBook Pro

See my top deals lists and also deals of the day and various wishlists for cameras and computers. Or, search for deals by category or search for deals by brand, filter by percent savings and search. All updated daily, bookmark these pages!

For iMac Pro deals, 32GB memory and 1TB SSD will serve most users very well, and 8 cores are the sweet spot for price/performance.

For 2017 MacBook Pro deals, I recommend no less than a 512GB SSD (1TB for photographers), but for some users 256GB is enough, and OWC has a very nice and relatively inexpensive 1TB Thunderbolt 3 SSD for under $500.

With the 13-inch MacBook Pro, I prefer it without the trackbar nuisance. An 8GB / 256GB model is fine for school use, and a bargain at $1099.

 

Deals Updated Daily at B&H Photo

The Internet of Things (IoT) Poses Huge Numbers of Worldwide Security Risks, Large and Small

When I started coding nearly 40 years ago, other than basic passwords on Unix, security was an afterthought. Regrettably that history carried forward well past the year 2000 and even until today, with negligence far from uncommon.

One core issue is simply not raising risks that need not exist; see my commentary at petapixel.com in Sony’s Camera Firmware Updater is a Major Security Risk, Expert Warns. In that case, Sony’s updater requires kernel-level access. Rather than doing firmware updates of cameras the right way (all in-camera), Sony chooses to instead create a kernel extension so that the most critical of security protections is thus bypassed. Thus millions of users take on the risk of comprised computers should Sony’s code ever by compromised (remember, a kernel extension can be signed after it has been compromised!). Perhaps Sony cameras cannot update firmware in-camera (Nikon and Canon and Fujifilm can); if so that is a major design flaw IMO.

Another major issue are many millions of devices that have either poor security or no security. It’s no laughing matter that a dam might be remotely controlled to open all floodgates and kill thousands. Or a power plant or chemical plant to self destruct in various ways, and so on.

Water could do damage in other places too; see Hackers can take over Car Wash, trap you and smash your vehicle. For numerous other examples, see IoT Hall-of-Shame.

Who is at fault? Many, many companies for whom security was just a nuisance and an extra cost, so why bother. That age is seemingly over, we can hope.

It is a invariant fact that security flaws always exist and always will. Remember that when buying anything electronic.

What you can do

First of all, be careful with sex toys as some of them can be hacked:

The database pertaining to all customers data was accessible via internet in such a way that explicit images, chat logs, sexual orientation, email addresses and passwords in clear text were compromised.

I used this example for a reason: remote control of anything is in many cases IMO a very bad idea because most of the time it adds little or no value, and yet it incurs yet one more vector into your home or business network.

Anything in your home or business that can get to the internet in any way should be replaced if its security cannot be ensured (and in some cases, even without the internet). Because if it can get to the internet, it is probably through your home or business WiFi or similar, thus it becomes an unlocked door into the building.

Don’t even get me started on internet-connected cars, a feature I’d pay to remove. Sometime in the future (especially with self-driving cars), it is very likely that people will be killed (murdered) by cars getting hacked. From across the world.

Maybe someone out there really does need milk and TV-dinners and pickles delivered when the TV finds too few remaining, but internet-connected refrigerators seemed an idiotic idea to me years ago, and still do. They solve no real problem, add cost and things to break and debug and update and patch (do you really want to update your refrigerator like Apple’s iOS nuisance?).

Adding Features/Functionality Always Decreases Security, Never Underestimate the Power of the Dark Side: Siri and Alexa et al Exploits

When new functionality is added, it not only adds its own features, but intercouples with other areas, leading to bugs and more security risks. A very good example of this is described in Researchers Demonstrate Subliminal Smart Device Commands That Have Potential for Malicious Attacks.

Researchers in the United States and China have been performing tests in an effort to demonstrate that "hidden" commands, or those undetectable to human ears, can reach AI assistants like Siri and force them to perform actions their owners never intended. The research was highlighted in a piece today by The New York Times, suggesting that these subliminal commands can dial phone numbers, open websites, and more potentially malicious actions if placed in the wrong hands.

What if 10,000 people in Time’s Square carrying smart phones all dial 911 at the same time, via an exploit from some loudspeaker system. Chaos could result in that and any number of imaginable scenarios. Sure would be a good way to make money driving phone calls to numbers that charge for the call.

Privacy is closely related to security; it demands strong security. It seems to me that a core premise of privacy is not breaking security, which makes Tim Cook’s comments on privacy nice for tea and crumpets and MSNBC interviews, but off target: there is no privacy if Apple breaks your security nor does giving in to government pressure inspire confidence in his or Apple’s comittment and integrity to principle; to use an analogy, you either believe stealing is wrong each and every time, or you don’t. It’s that simple, though in this muddled day and age, rationalizations abound for attacking principled stances in all sorts of vicious ways.

I turn Apple’s Siri OFF, but Apple disrespects my choice (in my reality, off is OFF, I want the cord unplugged so to speak). Yet Siri kicks in even when turned off. It did so just yesterday while in my pocket for no apparent reason, and I had not touched the phone for 5 hours. Ditto for being out fishing high in the mountains, and having music start to play at some random time.

A strong distrust of technology is your best first line of defense—disable every feature you don’t absolutely need, that is, if it is even possible to do so (not with Siri, not completely).

The foregoing should raise alarm bells given the article above, and with smart phones starting to tie into locks, alarms, bank accounts, cryptocurrency, etc. Or... what if the subliminal command is set up to send tell Siri (or Alexa et all) to send email to a known terrorist or child porn site, say, to black mail someone? Seems like something useful for political operatives prior to an election to smear an opponent.

How to Fix Apple Remote Desktop that was Broken by Apple’s Recent Security Update: Reinstall RemoteDesktopClient 3.9.3 on Client Machines Using SSH

Apple’s recent security update broke Apple Remote Desktop client machines (machines being remotely managed). Installing it on those machines corrupts the setup somehow, making the machine unreachable by the management application.

The problem is particularly egregious when physical access to the machine is not available. For me that would mean a bare minimum of 5 hours with security checks with an escort into a server room accompanied by a representative from my ISP—not exactly the way I would want to spend my day, nor easy to arrange quickly.

Why a security update by Apple would not also install the required RemoteDesktopClient software is best explained by failure to test the update properly—standard practice at Apple these days—witness recent macOS releases and security bugs of the worst kind (exposing passwords). The software testing and release process at Apple has set new lows in quality metrics in the recent 6 months.

Installing RemoteDesktopClient remotely via ssh

It’s actually quite simple once the hours are spent on the internet searching for the solution.

Fix the problem by updating RemoteDesktopClient to version 3.9.3. Lacking physical access to the machine, that means using ssh into the Mac for a remote shell. You did enable ssh didn’t you?

Definition: the “client machine” is the machine being managed remotely by Apple Remote Desktop. Use ssh to get a shell on this machine.

#1 see what software is available. In this case, RemoteDesktopClient must be reinstalled, and version 3.9.3 is what is needed.

# see what software is available
diglloyd $ sudo softwareupdate -l
Software Update Tool
Copyright 2002-2015 Apple Inc.
Finding available software
Software Update found the following new or updated software:
* RemoteDesktopClient-3.9.3
Remote Desktop Client Update (3.9.3), 8587K [recommended]
* iTunesX-12.7.4
iTunes (12.7.4), 272816K [recommended]

#2 Install the update.

diglloyd $ sudo softwareupdate -i RemoteDesktopClient-3.9.3
Software Update Tool
Copyright 2002-2015 Apple Inc.
Downloading Remote Desktop Client Update
Downloaded Remote Desktop Client Update
Installing Remote Desktop Client Update
Done with Remote Desktop Client Update
Done.
Upgrade Your Mac Memory
At much lower cost than Apple, with more options.
Lloyd recommends 64GB for iMac or Mac Pro for photography/videography.

Apple Core Rot: It’s Big Things, and Hundreds of Little Ones, that Together Add up to Chaos

See Apple Core Rot. MPG is the original source of this term, and first to report on the growing trend, starting back in 2013. The press at large is still in a murky state on this matter, barely grasping its importance or even its existence.

No professional can trust Apple any more not to break key tools at will, without a care in the world (at Apple) as the impact. Extreme engineering sloppiness (this has to be called incompetence at this point) has produced the worst possible kinds of security bugs in a steady stream: exposing cleartext passwords in (if I’m counting right) in at least 4 different ways in just 6 months such as this most recent fiasco.

The problems are not confined to big things. Little things, hundreds of them act together to make daily use of macOS anything from a headache to a chore.

I do not refer to the dilettante uses of a Mac where a user can just put up with garbage design for playing music and similar ( iTunes is truly a horrible design ranking right up there with Windows XP). Still even that is problematic. I for example listen to recorded books and I regularly (by mistake) touch the Shuffle button. Who in their right mind would want to shuffle the in-seriatum tracks of a audiobook? It is mighty irritating to go find track 37 on disk 23 again, particularly when it means pulling off the freeway. But seemingly no one at Apple must bother to consider such things (or has for a decade). Yet deem such things obvious to any intelligent mind developing software. I guess my 25 years of software development has made me too keenly aware of incompetence at all levels. Now I just get the stuff from Apple’s fan.

Speaking to professional use: I use Apple Remote Access to get to my servers. With the recent macOS security update, Apple Remote Desktop simply stopped working. Obviously, Apple did not bother to test how components interact (not the first and it won’t be the last time sloppy work will be foisted on customers). It cost me 3 hours to finally find a solution (reinstall the ARA 3.9.6 client software on the remote server, and do so in Terminal at the command line since I had no physical access to the server).

Do 99.9% of users care? Of course not, they do not use ARA. Does every server administrator naive enough to use an Apple product care? Heck yes. So this was a Big Thing that fortunately I was able to fix. I wish I could bill Apple for my time.

Then there are the little things. For example, reading mail in Apple Mail. I travel a lot and connections are often slow, so it matters a lot to me to know whether my mail has been downloaded and/or whether it is proceeding apace. In the screen shot below, the number might be "2" or "73" or "248" or whatever—I’ve seen it all. In every case, the actual number is zero (0) remaining, and this happens every day. A little thing? Not to me, but it is probably 3 levels down in priority on Apple’s fix list, if it is even on the list. Past experience of seeing up to 6 weeks pass before a bug report even gets an initial response make me unwilling to waste my time reporting—it will not get fixed. Bugs are to be added with each release, but rarely fixed.

Don’t get me started on how AppleMail destroys all my POP account configuration nearly every system release, and is so buggy that a special protocol to reconfigure is required, which fails 90% of the time—it can take hours repeating the process to restore functionality.

Apple Mail: consistently fails to report status correctly when downloading email

In MPG’s view, these operational issues speak to a company in decline. While it will take years, chickens do come home to roost.

Up to 1527MB/s sustained performance

Are Smart Phones an IQ and Creativity Downgrade, with Anti-Social Bonus Points?

Get Thunderbolt 2 cables and Thunderbolt 3 cables at MacSales.com.

See also: Thunderbolt on OS X: Spontaneous Drive Disconnect and 2013 Apple Mac Pro: Cables and Rotating Chassis.

Heroin is addictive. The iPhone and other smart phones maybe more so, in the active sense of having people so detached from the world that they get themselves killed while texting “I farted” and similar useful revelations. I’ve met people who need the next 'fix' so badly that they cannot take their eyes off the phone for more than 10 seconds, and that goes on without respite. It is stunningly scary (and sad) to observe it. Unable to have a human conversation, they strike me as worse off than heroin addicts. As a cyclist out on a gorgeous glorious day, I see other cyclists pulled over, texting, oblivious that life is passing them by. But each to his/her own.

The worst decision I ever made was to get my kids iPad/iPhone. Try taking away an iPhone from a teenager for one hour, and for extra credit, an entire day. Gold medal for a week. Kudos if you succeed without coming to blows, verbally or otherwise.

Personally, I think smart phones should be banned for anyone under 21 though in legal terms I would never support any such government mandate or anything like it, on principle. Still, developing brains are being stunted in many ways, and perhaps permanently, but Government Schools ensure that anyway.

To be sure, smart phones have very useful features—I use one and consider it essential. But having had a varied and stimulating woodsy upbringing, I feel pretty much immune to it—it’s a tool like a hammer and when there are no nails to be pounded, I forget about it, leaving it on DND most of the time. If you pound nails a lot, use the tool. Otherwise, put the thing away. It’s a nuisance most of the time due to robocalls to my do-not-call-listed phone number (I’m starting to support the idea of a mandatory 20 years in federal prison for robocallers). I mainly use it for (1) phone calls, (2) built-in flashlight, (3) alarm and timers, (4) handy grab shots to document stuff. Other than that, I despise the thing.

Am I “full of it”? I don’t think so—my views as stated above were already gelling 7 or 8 years ago and have only firmed up to granite. The hardest thing to see is the obvious, and a bubble is invisible to those inside it. MPG has long advised staying away from Facebook and its ilk, such things being psychological toxins for the most part, with little redeeming value in most all cases. You are the product, and the product is an addict.

The science

The Wall Street Journal in How Smartphones Hijack Our Minds summarizes the science of just how damaging smart phones are to intelligence and creativity, not to mention the anti-mindfulness and anti-social ramifications. When I had my recent concussion, I hardly used my phone at all except for maps (driving) and an occassional phone call. I wonder how damaging it is to recover from a concussion with a smart phone addiction hard-wired in?

The following brief excerpts ought to scare anyone, even if only half of it holds water. I believe based on personal observatioin for years that the research is only the tip of the iceberg and that there are many other even more serious issues that will emerge.

Emphasis added. Basically, using a smart phone pushes you towards being a mediocrity relative to your potential. Some particularly strong individuals will be minimally affected, but they are a tiny fraction of humanity. Augmented intelligence is an oxymoron until it really is so—and smart phones are not it. So... spend that $1200 on the next iPhone X as your investment in aspiring to be... a moron. It might in part explain the dismal detachment from reality of most students at American universities.

How Smartphones Hijack Our Minds

Research suggests that as the brain grows dependent on phone technology, the intellect weakens.

...when people’s phones beep or buzz while they’re in the middle of a challenging task, their focus wavers, and their work gets sloppier—whether they check the phone or not.

...when people hear their phone ring but are unable to answer it, their blood pressure spikes, their pulse quickens, and their problem-solving skills decline

...subjects whose phones were in view posted the worst scores, while those who left their phones in a different room did the best. The students who kept their phones in their pockets or bags came out in the middle. As the phone’s proximity increased, brainpower decreased.

...the more heavily students relied on their phones in their everyday lives, the greater the cognitive penalty they suffered.

...Just suppressing the desire to check our phone, which we do routinely and subconsciously throughout the day, can debilitate our thinking.

...students who didn’t bring their phones to the classroom scored a full letter-grade higher on a test of the material presented than those who brought their phones. It didn’t matter whether the students who had their phones used them or not: All of them scored equally poorly.

...when schools ban smartphones, students’ examination scores go up substantially, with the weakest students benefiting the most.

...Social skills and relationships seem to suffer as well. Because smartphones serve as constant reminders of all the friends we could be chatting with electronically, they pull at our minds when we’re talking with people in person, leaving our conversations shallower and less satisfying. [MPG: ersonally experienced with 'heroin'-like smart-phone addicts]

... “The mere presence of mobile phones,” the researchers reported in 2013 in the Journal of Social and Personal Relationships, “inhibited the development of interpersonal closeness and trust” and diminished “the extent to which individuals felt empathy and understanding from their partners.” The downsides were strongest when “a personally meaningful topic” was being discussed.

...Those who believed that the facts had been recorded in the computer demonstrated much weaker recall than those who assumed the facts wouldn’t be stored.

...when people call up information through their devices, they often end up suffering from delusions of intelligence. They feel as though “their own mental capacities” had generated the information, not their devices.

Now consider the dismal state of politics in this country—is it any wonder that intellectual and physical violence is the preferred method of discourse today?

I’d like a response from Tim Cook on the WSJ article. But what could it be other than bromides? Apple builds a product that is addictive; it is the business model.

Matt writes:

Oh boy, you really hit on a sore spot. My 4 kids are ages 9-15 and I regret the iPad/iPhone invading our home. My wife and I are planning on a 1 week total device fast for the kids next week and then going to a limited 4-5pm usage for the summer. I appreciate you confirming the dangers.

MPG: the best laid plans of mice and men often go iWry.

Deals Updated Daily at B&H Photo

Thunderbolt Bug: Drives Disconnect at Random and Intermittent Times

Get Thunderbolt 2 cables and Thunderbolt 3 cables at MacSales.com.

See also: Thunderbolt on OS X: Spontaneous Drive Disconnect and 2013 Apple Mac Pro: Cables and Rotating Chassis.

It is bad enough that poor Apple hardware design can toast a $700 optical Thunderbolt 2 cable.

Back in 2016 in Thunderbolt on OS X: Spontaneous Drive Disconnect, I wrote about a frustrating problem of drives going AWOL at random times. Well, it seems that this issue persists with Thunderbolt 3 as well, a situation I’ve been monitoring and investigating for months. I’ve held off to be certain, but it is now time to discuss it, since I am certain it is a real and disturbing low-level bug (hardware or software I cannot say).

Here is what I know:

  • Occurs on 2017 iMac 5K and 2017 iMac Pro. I have no other Thunderbolt 3 Macs to test and since it is so intemittent, testing would require weeks to make sense of things. But since I saw similar issues on Thunderbolt 2 on a 2013 Mac Pro, I very much doubt that it is machine specific—I think it is a fundamental Thunderbolt bug, or (perhaps) yet one more Apple Core Rot bug.
  • I have 'intel' (I can say no more here) that says that this is a real issue that has nothing to do with my machines or my Thunderbolt 3 enclosures. Moreover, it happened with both Thunderbolt 2 and Thunderbolt 3 devices on different machines., and probably a hardware one.
  • Apple and Intel are mum on the issue. It feels like a cover-up to me, perhaps some intractable hardware bug. But maybe not, and maybe it is fixable in software, if Apple can ever get its quality mojo back, when it’s not busy damaging minds of every age with iPhones.
  • It is intermittent. I’ve had no trouble for a week, then it might happen 3 times in a day.
  • It can happen coming out of sleep, or it can happen spontaneously while working actively at the computer.
  • The drives disconnect then immediately reconnect. But the damage is done—this can screw up all sorts of things.

I’m not happy about this at all. I’ve been putting up with it for years, and now it persists with Thunderbolt 3 with all-new hardware and it has been an ongoing problem. I am not the only one seeing this sort of issue.

Drives/disks disappear due to some intermittent Thunderbolt bug
Drives/disks disappear due to some intermittent Thunderbolt bug

Kobi E writes:

Aha, so it wasn't just me. The transition to the 2013 MacPro was almost uniformly bad -- don't get me started on just how poorly the Trash Can served my needs. But what pushed over the brink was having my external SSD and RAID arrays go offline at random times.

I gave up trying to diagnose the issue, and wondered vaguely if the weight of the Thunderbolt cable was pulling it out of the socket enough to cause a glitch. I sold the thing and spent the money on a badass Hackintosh with room to house all my spinners.

I honestly can't say I'm particularly happy with running macOS on unsanctioned hardware, and it's a huge pain to upgrade the software, but my RAID arrays never disappear. I should be grateful for that little mercy, I guess.

MPG: Apple can fix this, but will it happen or not? All great companies decline (have their been any exceptions?!) and suck at some point. Apple started to suck in 2013, notwithstanding the addiction of the iPhone which is making Apple untold billions in profit.

NuGard KX Case for iPhones and iPads
Outstanding protection against drops and impact!
Excellent grip for wet hands, cycling, etc!

Overheating Can Kill Optical Thunderbolt 2 Cables, Root Cause is the Mac Itself (Thermal Dumping)

Get Thunderbolt 2 cables and Thunderbolt 3 cables at MacSales.com.

See also: Thunderbolt on OS X: Spontaneous Drive Disconnect and 2013 Apple Mac Pro: Cables and Rotating Chassis.

I’ve confirmed this information as correct by a well placed source.

In essence, the embedded lasers in a Corning optical cable can become overheated by thermal dumping from the host computer or from peripherals*, particularly the 2013 Mac Pro.

The Thunderbolt 3 specification prohibits this thermal dumping, so Thunderbolt 3 should be unaffected. All thunderbolt 3 cables conduct power and have a full metal jacket on them.

All Thunderbolt 2 non-optical cables are the same. It’s only the optical Thunderbolt 2 cables at issue, none of which had power with them and specification didn’t have the juice to do power over distance, that have this issue.

* Beware of Thunderbolt2 devices with no metal around the port since plastic is a heat insulator.

This note from reader Ed H captures the issue:

Just wanted to let you know about an experience I’m having with the Corning Optical Thunderbolt cables (10M length). And I believe that Corning OEM’s the optical cables for OWC. In fact, I think Corning might be the only optical thunderbolt cable manufacturer right now. This is a bit long, but have patience and you might be able to give some good info to your readers from my experience.

Optical Thunderbolt 2 Cables from Corning can experience thermal issues leading to decreased operating life when connected to Mac Pros, Mac Mini’s, and possibly other hosts — especially if operating 24x7 and transmitting a lot of data (such as to a RAID array and/or always on display) constantly.

Corning had/has confusing warranty replacement policy and support information, which they are in the process of updating. Optical Thunderbolt 3 Cables *should* not be affected, but time will tell.

Full story—

I have a setup with a Mac Mini (late 2012) is in a rack in a closet, connected with the Corning Optical Thunderbolt 2 Cable (10M) to a sonnet Echo 15 drive dock (populated with two HDDs and BluRay player), then daisy chained to (in various orders that changed with testing when the problem arose) an OWC dual external drive dock, an LG 34” Ultrawide Thunderbolt Monitor, and a Lexar workflow professional HR2 with two SSDs and 2 SD readers.

At first, the cable performed flawlessly, but then the monitor started exhibiting random intermittent signal drops from the Mac Mini. Then the disks in the OWC drive dock and the Echo 15 started disconnecting (though I didn’t realize it yet). Then the monitor problems became more frequent to the point where the setup was unusable. At first, I thought it might be the monitor, or the Mac Mini’s graphics card, or who knows what else… but through step by step testing, I managed to isolate the problem to the optical cable.

Well, on top of this, I had purchased the cable from Safe Harbor Computing through Amazon (who are actually listed as an authorized Corning Optical Cable Dealer), but the Corning website said warranty returns had to be processed through an Authorized dealer rather than Corning Directly.

So I contacted Safe Harbor (and then Amazon themselves, eventually) to inquire about a warranty return. To Safe Harbor’s credit, they went into full research mode because this seemed to be an unusual situation for a warranty return, because industry standard practice is that the MFR usually handles the return. They got at least three or more different answers from their various Corning contacts, most of them unhelpful, but they continued to research and update me. And also let me know that some of their other customers had experienced similar issues.

Finally, I managed to find a phone number for Corning in a very obscure page on a different Corning Optical support page since all the other support info on Corning’s website said to contact the reseller. Eventually after some back and forth with the Corning rep, I received a response from a Sales Development Manager at Corning, who informed me that they’ve had issues with the Thunderbolt 2 version of the Optical cable where the host is thermally dumping excess heat into the connector connected to the host, which has the two 10 gig lasers in it. They’ve seen it with the Mac Pro and also the Mac Mini. This excess heat elevates the internal temperature of the lasers shortening their operating life. Here’s an excerpt from the email:

“The typical damage we see is from the Host computers thermally dumping heat into the Corning Optical cable that has 2 x 10 gig lasers in them. This tends to elevate the internal temperature past the safe operating range of the lasers which reduces the life.

This typically happens more with the Mac Pro, but I have had some customers report your issue with the Mini. There are two or three things you can do to extend the life of the replacement cable being sent to you.

1) If possible, blow some air (doesn’t need to be very high volume) over the interface between the Mac mini and Thunderbolt interface.

2) Plug the Thunderbolt display into a power strip, and at the end of the work day shut the Thunderbolt monitor AC power off. The optical cable plugged into the back of the display will turn off and signal the other end of the optical link (on your Mini) to go into a low power sleep state (much lower internal heating temps!).

3) I have not tested this on the Mac Mini, but running the Mini internal Fan Speed on high on the Mac Pro helps move heat away from the Thunderbolt interface (not sure about its effectiveness on a Mini). Macs Fan control v1.4.2. http://www.crystalidea.com/macs-fan-control.

Let me know if you have any further questions or concerns. We are currently working on a white paper outlining this potential long term issue and typical lifetime of laser based products in general. The good news is that the Thunderbolt 3 specification will mandate that no thermal dumping into any active assembly is allowed. This requirement was not specified in the initial development of Thunderbolt when only the Macbook (thick version with optical drive) was the only host to test with.”

That makes sense to me with what I’ve seen from other optical transceivers in fiber optic networking cables. I wished that the transceivers on the Optical Thunderbolt Cables were replaceable without having to replace the whole cable, but that would probably discourage the users that the cables are marketed to.

Corning are also switching to handling warranty returns themselves and changing their website to reflect that.

Not related but worth knowing: LEDs can have drastically shortened lifespan if overheated. That’s why the Lupine cycling lights and flashlights and headlamps I use have temperature regulation, cutting output when too hot.

Darren K writes:

Happened to mine, but Corning swapped it out. Kernel panic crashes and the like without any solution messed with me for months. Apple even had the MacPro for 3 weeks to test it. Couldn’t believe it when I got the new cable. Will likely happen again since not much has changed in my setup. Maybe I can run a 10’ TB cable.

MPG: well, doesn’t the Mac look nice and pretty in a photo? I see it as another Apple distraction of form over function—please Apple, spend the time engineering robust operation first and foremost—everything else follows.

Cycling

OWC Thunderblade SSD Shipping in All Capacities up to 8TB — Ideal for Video Production and Capture. and/or Silent and High Capacity Photoshop Workflow

Get the OWC Thunderblade at MacSales.com

High-end video production users need a fast and super reliable device for capture and processing of 4K/6K/8K video. There are other scenarios too, such as audio users, where silence is a priority.

While I am not a video or audio user, I too would like to have the 8TB OWC Thunderblade, because I have my own ideal scenario for my still photography work with these key requirements:

OWC Thunderblade cutaway view
  • Portable, fast, compact storage with industrial-grade reliability for my last few years of work. 'Spinners' (hard drives) are an acceptable risk in a high vibration environment of my Mercedes Sprinter photography adventure van [on my recent trip, dirt-road washboard vibration was so severe that some sheet-metal screws worked themselves out of the wall. While hard drives would not be powered up while driving, I still don’t want them vibrated severely].
  • Silent operation. I love a quiet work environment; it reduces stress level and is just plain nice. The 2017 iMac 5K is silent most of the time while I work (except under brief high loads). The iMac Pro stays silent for virtually everything I threw at it.
  • Fast simultaneous backups. A high performance SSD as the 'master' drive makes multiple backups much faster, since the Thunderblade can dish out data for 2/3/4 simultaneous backups (which I do regularly).
  • Fast verification. I can verify data integrity using diglloydTools IntegrityChecker at maxed-out bus speeds. BTW, IntegrityChecker is cross-platform (Mac, Windows, Linux, etc) via a Java version.

How I’d like to use the 8TB OWC Thunderblade

Currently I work off one primary Thunderbay. Other Thunderbay units serve as backups, and I leave them turned off except once a day when making backups. This eliminates the extra noise and cuts the risk of any data loss due to system issues or whatever.

The change would be working off one 8TB Thunderblade for very high speed but mainly for a highly desirable situation: complete silence. All the Thunderbay units would serve as secondary backups.

A key feature of me is being able to take all my data with me in the van. It would solve a major headache for me in that I don’t want spinners in my Mercedes Sprinter photography adventure van nor to risk them to vibration. Currently it's a hassle hand-selecting recent shoots and copying them over to the internal SSD; I then have to sync those up when home with the Thunderbay volume. That takes time and raises the risk of not taking all that I need or making a mistake when merging once back home.

As my data grows beyond the 8TB capacity of the Thunderblade, I would then need a 2nd Thunderblade, or use a Thunderbay (undesirable) for overflow of aged material. That overflow would generally be older stuff, so I could leave it off much of the time; in general having the few years of shooting is plenty.

The same architecture would be applicable to video or audio or large database users.

Enter the OWC Thunderblade, available in capacities up to 8TB.

More details on the OWC Thunderblade.

With the dual Thunderbolt 3 busses on an iMac Pro, up to 12 of them (96TB) can be daisy-chained together. Multiple units can also be used in RAID-0 stripe or RAID-1 mirror or RAID-4/5 fault tolerant mode. With RAID-0, speeds of up to 3800 MB/sec are possible.

Expensive sure, but if you’re shooting a production film, you can’t spend $1M to go back and reshoot a complex scene for your movie.

  • Data transfer speed up to 2800MB/s, two ThunderBlades can reach 3800MB/s.
  • Capacities up to 8TB (1TB, 2TB, 4TB, 8TB options).
  • Two Thunderbolt 3 ports; daisy chain up to 6 Thunderbolt 3 devices from each port on the computer.
  • Rugged portability in a sleek design Includes a custom-fit ballistic hard-shell case.
  • OWC 3 Year Limited Warranty with 24/7 customer ‭support.
  • Built to the highest ‭standards of reliability and performance. Because 100% reliability is always the goal, ThunderBlade is rigorously quality tested.

OWC’S GROUNDBREAKING THUNDERBLADE NOW SHIPPING IN ALL CAPACITIES

INNOVATIVE EXTERNAL DRIVE IS TRANSFORMING ULTRA HIGH-RESOLUTION CREATIVE WORKFLOWS.

OWC Thunderblade

Woodstock, IL – April 9, 2018 OWC®, a leading zero emissions Mac and PC technology company, has announced that the pioneering ThunderBlade™ external drive is now shipping in four capacities, from 1TB to 8TB. The first-to-market ThunderBlade is the fastest external drive available, with almost unheard of transfer speeds up to 2800MB/s Read and 2450MB/s Write, making it the preeminent production solution for professionals.

Celebrating their 30th anniversary in 2018, OWC continues to build on their legacy of first-to-market innovation, proudly designing products that push the edges of possibility in order to support the M&E space. Larry O’Connor, Founder & CEO, said “We at OWC can’t thank our customers enough for allowing us to do what we love so much every day. We strive to build products that will go further and deliver a better return on our customers’ technology investments. The ThunderBlade is one more example of a solution that will allow our customers to work more effectively, a product that can literally change the way they create. Everyone at OWC is excited by the boundless opportunities the next 30 years will bring for our customers.”

OWC Thunderblade cutaway view

Thanks to SoftRAID’s cross-platform technology, not only is the ThunderBlade the fastest Thunderbolt 3 solution available, it is the only one of its kind to seamlessly support both Mac OS and Windows, allowing for faultless interoperability between them for multi-platform workflow requirements. The ThunderBlade is currently deployed to great acclaim in production houses and studios nationwide. Dave Helmly, Sr. Manager, Professional Video/Audio for Adobe Systems Inc. had this to say about the ThunderBlade: "Whether you're working on a 4K, 5K or 8K production or diving into huge Immersive VR environments, loading large complex projects just got easier with the new ThunderBlade from OWC."

The ThunderBlade is available in capacities from 1TB up to 8TB, MSRP from $1,199.99 to $4,999.00.

About OWC

Having served the Apple community worldwide since 1988, OWC has become the reliable manufacturer and upgrade provider of choice for Apple and PC enthusiasts with its extensive catalog of accessories, storage, and memory upgrades for nearly every Mac made in the last decade. Recognized for award-winning customer service, OWC provides extensive U.S.-based technical support for Mac and PC users around the world and comprehensive step-by-step installation and support videos.

Deals Updated Daily at B&H Photo

Apple’s Problems with Severe Security Bugs Continue

MPG has written on security numerous times and warned that Apple cannot be trusted to do much of anything right these days, in terms of macOS.

The latest fiasco, which MPG did not cover in a timely manner due to a concussion is the exposure of plaintext passwords in system log files. Ironically, this exposure is for encrypted volumes meaning the case where security is most important.

Rather than go through the details here, please see:

When I was an engineering manager at PGP (Pretty Good Privacy), it was not just a question of never exposing plaintext passwords, we went to lengths to not allow a plaintext password to exist in memory or virtual memory over any significant period of time (memory burn in, virtual memory, etc). Apple doesn’t even get past a failing grade, let alone to that sophistication.

Apple has exposed plaintext passwords in multiple ways ove the past 6 months. This speaks to intolerable incompetence in both engineering and quality control. It is beyond unacceptable to ever reveal plaintext passwords. Doing so has the worse possible ramifications that could be catastrophic for privacy or financial reasons. Yet Apple has not stepped up to with anything to make users whole who might ultimately suffer from Apple software development security breaches: where is the indemnification if a user is compromised by an Apple security bug?

MPG’s recommendation now must be extended from the 6-month time frame: wait at least a YEAR before adopting any new macOS release. In other words, stay one macOS release behind.

4TB Internal SSD
for 2013 Mac Pro
Free how-to videos and tools included, 3-year warranty

Beware of Phishing — Fake “Apple Limited”

See previous security tips and previous phishing posts.

Nearly all phishing uses bait (and you’re the fish). Bait can be subtle, threatening or insulting. Don’t bite. All bait is designed to provoke a reaction: fear, anger, an appeal to your innate decency to help with or solve a problem, etc. Appeals to decency and honesty work because most people want to set things right, even if they did not cause the problem—it’s the desire to help.

Don’t let emotions be baited into helping someone hack you.

Below, the attached screen shot shows a relatively crude attack. It is crude in that it does not use Apple graphics, but resorts to incompetence in that it uses crude layout, garish red, and words like “WARNING”. Still, plenty of people get suckered into such things. And if the hackers are competent and use real Apple imagery, the usual Apple fonts and perfect grammar, etc?

NEVER CLICK on LINKS or ATTACHMENTS in EMAILS!!!

Never means never unless you gain the technical competence to verify the email. Even so, that can sometimes take several minutes to be sure—and the more sophisticated the phishing, the easier it is to overlook a crucial detail.

Details on the risks of this particular email further below.

 
Phishing email exploiting FUD (fear, uncertainty, doubt) purporting to be something from Apple

The phishing email in more detail

See Apple Mail Security: Viewing Mail Headers.

There is a red flag right in the mail headers. Do you really want to respond to an email purporting to be from Apple but actually from trollnet.no?

Source code for the ad is base-64 encoded, so that the average user cannot even see what the nasties are. The terminal command 'base64' can be used to decode this incomprehensible encoded content block. Once done, the clickable come-on buttons can be seen to go to these two URLs [a space was added to defeat them as URLs here in this post]:

https: //mega.nz/                    <== do NOT go here
http: //dothemetal.com/403727504.asp <== do NOT go here

It should be obvious that these are not Apple web sites. Land mines are embedded in the content source code, like this for the “View Message” button:

 <a id="bottom-button" href="http ://dothemetal.com/403727504.asp" target="_blank"
    style="...omitted...">View Message</a>
 
Source code of phishing email

Apple’s sloppy approach in Mail is unacceptable

Why does Apple Mail EVER allow this level of exposure to risk? It is security malfeasance for an email program to present users with such risks.

Safari has active detection of malware sites, but Apple Mail blithely enables outgoing links, making them clickable and thus a serious risk.

It’s about time Apple fixed such sloppy security practices in Apple Mail. Users should not have to be aware of such risks—the risks should be eliminated. We get new emojis with every OS release with top billing in Apple press releases, but Apple cannot be bothered to fix a core Apple Mail security risk? You can’t make this stuff up.

The proper first step that Apple should take is to disable all outgoing links in all emails so they are no longer clickable as links. Bonus points for showing the actual destination URL instead of the title. In terms of security, 99% of users would be well served by this . And would bitch and moan about the loss of convenience, but it is the smart thing to do by default.

Next, allow the user to downgrade the security from there, e.g., allow clickable links to (1) only sites previously visited and (2) known-good sites and (3) enable all sites as is allowed now for those who like to take the risk. A bonus feature would be to change the links so that clicking on one presents a dialog showing the actual destination URL and a rating as to safe, unsafe, unknown, then allow the user to take the risk by choice. I deem this a useful thing for technically skilled users, inadvisable for most.

Why hasn’t Apple fixed this extremely dangerous practice right in Apple Mail, and done it two years ago? My view is that the Apple Mail development team surely has been badly damaged over the past few years, because Apple Mail is rife with bugs.

See also:

Up to 1527MB/s sustained performance

Concussion aka Mild Traumatic Brain Injury (mTBI): Experience Report and Advice, Ongoing

First of all “mild” and “traumatic” are a curious combination. I would not say what I have experienced is mild. But what is meant is that most concussions are mild compared to massive injury that cripples people in debilitating ways.

I am still recovering from a moderately severe concussion.

As my first significan test of computer usage, I have added a new section on concussion: how it happened, initial (lack of) diagnosis, a chronological log of how I felt, how I dealt with it, ideas on nutrition and information, and so on. It is a very complex subject for which modern medicine has few solid answers, if any.

Accordingly, I hope this might help others dealing with mild traumatic brain injury (mTBI) both in actionable ideas and in giving hope.

The concept of neuroplasticity is key— the brain can be trained. The worst thing you can do is to accept anyone’s claims that you are stuck with your condition. That includes doctors, many of whom are not only poorly informed about concussion (even neurologists!), but are hassled and harried by today’s medical system. My own internist tells me that there are zero (0) concussion gurus in the San Francisco Bay Area, and it is a major population center!

Up to 1527MB/s sustained performance

Apple’s Tim Cook Weighs in on Facebook

CEO of Apple, Tim Cook, weighed in from China with this nugget. China is by far the global leader in Orwellian surveillance systems:

The ability of anyone to know what you’ve been browsing about for years, who your contacts are, who their contacts are, things you like and dislike and every intimate detail of your life—from my own point of view it shouldn’t exist.

This is rich, that is, with Tim Cook having just thrown Chinese users under the bus. Does anyone but MPG see the alarming disconnect between actions and PR statements?

To stick to moral philosophical principles while under duress is beyond the reach of all but a few. But at least respectable wisdom is found in not lecturing others when the courage to stick to those princiciples collapses at the first serious challenge.

OWC ThunderBay 4 Thunderbolt 3
Configure single drives or as RAID-5, RAID-0, RAID-10.
Capacities up to 48 Terabytes!

Concussion

See the MPG recommendations for iMac Pro, backup, peripherals. Not sure which Mac to get or how to configure it? Consult with MPG.

Nothing to say for a while, except that MPG has long advised against Facebook and its ilk.

Facebook and similar are massive and incredibly sophisticated surveillence tools by design.

Recent events were inevitable and are trivial. That is, if the implications are properly understood of the massive threat these services pose, e.g., paving a superhighway to a totalitarian Orwellian state the likes of which could only be envied by past States, with China leading the race.

I am recovering from a severe concussion, but the foregoing was my view nearly a decade ago, and it remains unchanged.

 

 

 

 

OWC Easy SSD Upgrade Guide
MacBook Pro and MacBook Air
iMac, Mac Pro, MacMini, more!

One more Finder File Copy Bug: Is it Even Safe to Count on the macOS Finder to Copy Files?

See the MPG recommendations for iMac Pro, backup, peripherals. Not sure which Mac to get or how to configure it? Consult with MPG.

It is this sort of thing, along with zero size files and folders that make the macOS Finder so scary to use these days: are the files copied, or not? Can the Finder even be relied upon (ever!) to copy files without data loss? See also:

Files long since copied still show copying in progress
Up to 1527MB/s sustained performance

Privacy: When Your Computer is Repaired, Does the Facility Scan your Private Information too? BestBuy’s GeekSquad Gets Paid to Scan and Report to the FBI

See the MPG recommendations for iMac Pro, backup, peripherals. Not sure which Mac to get or how to configure it? Consult with MPG.

Law enforcement enlisting companies are one solid structural beam in establishing a brutal police state, so I find the following very disturbing:

Geek Squad's Relationship with FBI Is Cozier Than We Thought

After the prosecution of a California doctor revealed the FBI’s ties to a Best Buy Geek Squad computer repair facility in Kentucky, new documents released to EFF show that the relationship goes back years. The records also confirm that the FBI has paid Geek Squad employees as informants.

EFF filed a Freedom of Information Act (FOIA) lawsuit last year to learn more about how the FBI uses Geek Squad employees to flag illegal material when people pay Best Buy to repair their computers. The relationship potentially circumvents computer owners’ Fourth Amendment rights.

The documents released to EFF show that Best Buy officials have enjoyed a particularly close relationship with the agency for at least 10 years. For example, an FBI memo from September 2008 details how Best Buy hosted a meeting of the agency’s “Cyber Working Group” at the company’s Kentucky repair facility.

For those unfamiliar with the constitution of the United States:

Amendment IV

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

It’s hard to imagine how warrants having been issued to search every computer coming info for repair—there is no probably cause to actively search a computer’s data. This is a chilling abuse of corporate and government power.

MPG advises readers to boycott GeekSquad and BestBuy.

...

See also:

Big banks want to weaken encryption protocol for convenience.

China’s “social obedience” platform a harbinger of our collective future

Apple To Store iCloud Private Keys In China

Don H writes:

This is another reason why I’m reluctant to buy another iMac (or other machine without easily-reomved storage). Not only does a buried/glued-in drive thwart easy troubleshooting, it also means you can’t remove it if you need to have the machine repaired. If the power supply dies you can’t even access it through Target Disk Mode as a last resort.

I *really* hope that Apple releases a user-servicable (even if minimally) Mac Pro which allows the storage to be removed somehow. Assuming it’s not a terrible design I’d get one to use daily and then watch the refurb deals to stock up on spares over time if necessary. We really are losing control of our own computing resources and private data now.

(This is also a reason I don’t rely to much on my iPhone for anything. Not only can it be lost or stolen, it locks you away from your own data in significant ways by design. To me it is just a disposable, albeit expensive, appliance, and not a personal data repository.)

MPG: Apple is tone deaf to such needs and wears “looks good in pictures and reviews” blinders these days, a sort of idiot-savant corporation.

Jonathan L writes:

Photoshop won’t allow you to scan or take high res photos of us currency: https://hyperallergic.com/195922/what-happens-when-you-try-to-photoshop-money/

Of course, the US won’t release to adobe exactly how they recognize the anti-counterfitting measures, so this means that Adobe has allowed them to put in code that Adobe hasn’t been able to review. Who know what else the code is doing.

MPG: unaudited code is a very bad idea, not just for privacy reasons, but security weaknesses.

Up to 1527MB/s sustained performance
Durable and fast, up to 1800MB/s

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2008-2017 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__