macOS and iOS: Zero-click Security Bug Finally Fixed

Apple cannot get core security right—this is only one of an endless parade of examples.

Yet Apple now wants to insert a full-scale spying infrastructure into iOS and macOS? What a recipe for disaster, as all security experts agree on. Not just because it would embed spywar infrastructure to be abused at will, but that infrastructure itself could also be compromised.

Apple Issues Urgent Software Update to Patch Spyware Vulnerability

Apple users are being encouraged to update their devices after researchers discovered a security flaw that could allow hackers to secretly install spywarewithout targets knowing.

The company on Monday released an emergency patch to the vulnerability flaw that allowed advanced spyware to be installed into users’ Apple devices, including iPhones, iPads, Macs, and Apple Watches.

It comes after security researchers at Citizen Lab at the University of Toronto last month uncovered the security flaw that they believe has been used by government clients of Israeli spyware company NSO Group to secretly hack into devices since February.

...According to Citizen Lab, researchers found that in some cases, NSO Group’s Pegasus malware-infected targeted Apple devices without the users taking any action—what’s known as a zero-click vulnerability. The malware enables hackers to gather a target’s personal information and listen into and read calls and messages...

...The speed with which Apple was seeking to find a solution its operating system’s vulnerability highlighted the “absolute seriousness” of the Citizen Lab’s findings, researchers said.

...NSO Group was the focus of recent reports by a media consortium that found the company’s spyware tool Pegasus was used in several instances of successful or attempted phone hacks of business executives, human rights activists, and others around the world.

...

WIND: the real issue here that is not being debated: why are our spy agencies (NSA, CIA, FBI, etc) buying this stuff and use it, rather than protecting us? Do the benefits (top secret!) outweigh the risks to 200 million Americans, let alone the billions in the world?

Can’t Apple Release a macOS that is Reliable?! Kernel Panics

Count on Apple to take something that works, and break it. We once had a reliable macOS, 4 or 5 years ago.

When if ever will we ever again have a macOS that doesn’t kernel panic on a regular basis?!

Meanwhile, engineering work is expended on backdoor spying infrastructure that is ideal for totalitarians all over the world. Which is why every privacy-oriented organization is in shock and awe at Apple’s poor judgment. Apple does not deserve any trust whatsoever in the realm of privacy—assume that everything you do is wide open. Because they won’t tell you when they decide to expand the scope of their spying.

Kernel panic

My 2019 Mac Pro would not wake up this morning. It had crashed and shut itself off. Why and how it should do so when idle is beyond me.

A reader is having horrible kernel panic problems using Adobe Lightroom on his 2020 iMac 5K. Basically he cannot get work done.

A modern operating system should be able to run all year without a crash. But the emoji-happy managers at Apple cannot make macOS run for more than a week at a time, while embedding spyware into iOS and maybe soon macOS. This new problem might be related to the last Apple update?

Update 2021-09-05: it happened again, and it has also destroyed all file systems on one of my SSD backup drives (Disk Utility format). At this point I'll have to remove this drive and consider it suspect, but it has otherwise been operating normally.

panic(cpu 0 caller 0xffffff80161d51f7): "IOSCSIPeripheralDeviceType00::setPowerState(0xffffff95a5c646c0 : 0xffffff80185ae1cc, 3 -> 2)
timed out after 101093 ms"@/System/Volumes/Data/SWE/macOS/BuildRoots/d7e177bcf5/Library/
Caches/com.apple.xbs/Sources/xnu/xnu-7195.141.2/iokit/Kernel/IOServicePM.cpp:5382
Backtrace (CPU 0), Frame : Return Address
0xffffffa5fdd8bac0 : 0xffffff8015a8e04d 
0xffffffa5fdd8bb10 : 0xffffff8015bd4e13 
0xffffffa5fdd8bb50 : 0xffffff8015bc540a 
0xffffffa5fdd8bba0 : 0xffffff8015a32a2f 
0xffffffa5fdd8bbc0 : 0xffffff8015a8d86d 
0xffffffa5fdd8bce0 : 0xffffff8015a8db63 
0xffffffa5fdd8bd50 : 0xffffff801629dc0a 
0xffffffa5fdd8bdc0 : 0xffffff80161d51f7 
0xffffffa5fdd8be10 : 0xffffff80161d4b19 
0xffffffa5fdd8be20 : 0xffffff80161edc5e 
0xffffffa5fdd8be60 : 0xffffff80161d3898 
0xffffffa5fdd8be80 : 0xffffff8015ad4605 
0xffffffa5fdd8bef0 : 0xffffff8015ad5574 
0xffffffa5fdd8bfa0 : 0xffffff8015a3213e 
Process name corresponding to current thread: kernel_task
Mac OS version:
20G95
Kernel version:
Darwin Kernel Version 20.6.0: Wed Jun 23 00:26:31 PDT 2021; root:xnu-7195.141.2~5/RELEASE_X86_64
Kernel UUID: FECBF22B-FBBE-36DE-9664-F12A7DD41D3D
KernelCache slide: 0x0000000015800000
KernelCache base:  0xffffff8015a00000
Kernel slide:      0x0000000015810000
Kernel text base:  0xffffff8015a10000
__HIB  text base: 0xffffff8015900000
System model name: MacPro7,1 (Mac-27AD2F918AE68F61)
System shutdown begun: NO
Hibernation exit count: 0
System uptime in nanoseconds: 137987168157671
Last Sleep:           absolute           base_tsc          base_nano
Uptime  : 0x00007d7fa4244543
Sleep   : 0x0000788963bf9866 0x000000017cb6b290 0x0000787772f75145
Wake    : 0x00007889c6d0d783 0x000000017aa74e66 0x00007889aaf9abd8
last started kext at 62222130999907: @filesystems.exfat	1.4 (addr 0xffffff7fb1299000, size 53248)
loaded kexts:

Joe M writes:

Lloyd, I believe this might be a similar problem I emailed you about on my iMac Pro on 5-11-21. The key is your panic string "IOSCSIPeripheralDeviceType00::setPowerState(0xffffff95a5c646c0 : 0xffffff80185ae1cc, 3 -> 2) timed out after 101093 ms

In my case the message was similar: ""PowerOff timed out in phase 'Notifying priority clients'. Total 30000 ms: vfs_unmountall: 1002 ms". I've had that many times, always during a commanded shutdown or commanded restart. I never use sleep/hibernate, so that's not involved in my case.

Maybe your case is triggered by sleep/wake, but with a similar mishandling of drive response resulting in a kernel panic. If we read the mS correctly yours was 101 sec and mine was 30 sec. If those are real numbers, a drive should respond faster than that but the OS should not panic.

I was told by OWC this is a known bug in MacOS if multiple OWC Thunderbolt drives are connected (with or without SoftRAID). In my case it wasn't new to Big Sur but also happened on Catalina. Apparently MacOS is issuing synchronous (not asynchronous) dismounts. Depending on response time of various RAID arrays, the cumulative response time exceeds some MacOS shutdown timeout and it panics.

For the shutdown case OWC tried to work around it in SoftRAID by issuing unmount commands during MacOS shutdown. That seemed to work for a while then a MacOS update broke it (sorry, don't remember the versions), and to my knowledge the problem still exists. I have eight different OWC arrays and it seems more common on some of them, especially the Thunderbay 4 Minis with four Samsung EVO 850/860 SSDs. Those pass all diagnostics and have never hung in operation, but the problem often happens during shutdown.

I think I've also seen it on the big Thunderbay 4s with mechanical drives. I've had it happen with only a single OWC Thunderbay drive connected, so it's not unique to daisy-chained or multi-array configurations. I don't think it's cable-specific. It happens when using short OWC or Apple Thunderbolt 2 cables (with Apple adapters) or Thunderbolt 3 cables with no adapters. No hubs or other interconnects are involved.

I've spent a huge amount of time troubleshooting it and sending logs to OWC. Finally I gave up and just quit using SoftRAID and I manually dismount and unplug all Thunderbolt drives before restarting or shutting down. Yes it's a hassle.

MPG: on my 2019 Mac Pro system, I have two 4-blade arrays. One is a PCIe SSD (internal), and another is an OWC Thunderblade (external, direct connect not daisy-chained).

Apple Spotlight Won’t Find Applications Until they are Launched

Count on Apple to take something that works, and break it.

This problem has been happening since the last macOS update of macOS Crapalina. At first I thought it might be a bad index, but I forced the Spotlight index to rebuild with no luck.

PROBLEM: using Spotlight to find an application won’t find it, instead showing all sorts of other things. It holds true for all apps I tried.

The solution is simple: launch the app manually. Then and only then will Spotlight find it! For low long... I don’t know. Maybe forever, or maybe it expires?

Shown below is Spotlight search on top of the Applications window showing the presence of the application being search for! Nice job, Apple.

UPDATE: Spotlight forgets EVERY DAY, so app search never works for me.

Apple Spotlight cannot find an application

Conjuring up non-existent web pages

It gets worse, and this too is a new behavioral bug.

I often search for my source code files by name to open them directly. What does Spotlight do? Deprioritize the #1 match for the file I want and instead invent a non-existent web page instead.

Apple is so screwed-up these days, unable to even keep basic functionality working. Quality control is an oxymoron with this company, which is now intent on spying on the world.

Apple Spotlight deprioritizes the prime search result in favor of a non-existent web page

TESTED: OWC Envoy Pro SX

MPG previously discussed the OWC Envoy Pro SX features in OWC Introduces Envoy Pro SX Thunderbolt Bus-Powered Portable SSD.

OWC Envoy Pro SX

Solidly built undersells just how well-built the OWC Envoy Pro SX is: it’s substantial as a solid chunk of metal and it feels like it. Connect it with the supplied Thunderbolt 3 cable.

The unit gets only slightly warm under full unrelenting use, but the solid metal build and the heat fins apparently make short work of heat.

Superb build aside, performance is top-tier, crazy fast for a single-blade external SSD.

Real-world speed through the macOS file system*:
Average read speed: 2749 MB/sec
Average write speed: 1985 MB/sec
Tested using diglloydTools Disktester fill-volume.

Speed for even small trasnfer sizes ranks up there with the very best SSDs, starting out at 806 MB/sec for 32K reads, a feat that very few SSDs can manage. Small transfer size speed is important for responsiveness for all sorts of everyday tasks.

WOW! Bought too-small an SSD in your Mac or PC? Just plug one of these in and you’re 'good'.

*Mac users should reformat to APFS prior to usage, using the supplied utility on the drive, or Disk Utility.

OWC Envoy Pro SX 480GB SSD: speed vs transfer size

OWC Envoy Pro SX 480GB SSD: speed across capacity

Apple replacing industry-standard end-to-end encrypted messaging system with infrastructure for surveillance and censorship — iPhone as spyPhone

You should now assume you have ZERO privacy with Apple services like iCloud, and everything else that Apple offers. Coming soon to macOS also?

This is NOT about child abuse images; that’s propaganda to get most users to accept the spyware infrastructure. Later, all sorts of social credit scoring add-ons can be made. Presumably Apple will be working hand-in-hand with Communist China first, where human life has no value. This technology, will be welcomed with open arms by the brutes in the CCP, who will quickly make expanding it for CCP purposes a condition of doing business in China.

This is about an infrastructure which can be put to use for any and all of your data. It doesn’t matter what Apple claims it is limited to doing now. What matters is that this is a general purpose capability. And your system resources will be used to scan data, without your consent.

This change is a MOAB for goodwill towards Apple—this single action makes a mockery of all Apple’s past security and privacy claims—meaningless twaddle. But that should have been obvious already to anyone paying attention to Apple PR.

This new infrastructure is a backdoor which makes a mockery of security and privacy.

As a practical matter, it is incredibly short-sighted too: anhilate user trust for a short term benefit of catching a few sickos. But only technology-ignorant child-abusers will fail to turn off iCloud photo syncing, which at the moment is what the Apple system counts on. Everyone else gets spied on. Like burning down a barn to eliminate the rats, who mostly flee elsewhere.

It’s hard to believe that Tim Cook is this dumb.

Fury at Apple's plan to scan iPhones for child abuse images and report 'flagged' owners to the police after a company employee has looked at their photos

Data privacy campaigners are raging today over Apple's 'appalling' plans to automatically scan iPhones and cloud storage for child abuse images and nudity, accusing the tech giant of opening a new back door to accessing personal data and 'appeasing' governments who could harness it to snoop on their citizens.

...There are concerns that the policy could be a gateway to snoop on iPhone users and could also target parents innocently taking or sharing pictures of their children because 'false positives' are highly likely. But Apple insists there is a 1-in-1 trillion probability of a false positive.

Others fear that totalitarian governments with poor human rights records, could, for instance, harness it to convict people for being gay if homosexuality is a crime. 

While the measures are initially only being rolled out in the US, Apple plans for the technology to soon be available in the UK and other countries worldwide. 

Ross Anderson, professor of security engineering at Cambridge University, has branded the plan 'absolutely appalling'. Alec Muffett, a security researcher and privacy campaigner who previously worked at Facebook and Deliveroo, described the proposal as a 'huge and regressive step for individual privacy'.  

Mr Anderson said: 'It is an absolutely appalling idea, because it is going to lead to distributed bulk surveillance of our phones and laptops.' 

Campaigners fear the plan could easily be adapted to spot other material. 

Greg Nojeim of the Center for Democracy and Technology in Washington, DC said that 'Apple is replacing its industry-standard end-to-end encrypted messaging system with an infrastructure for surveillance and censorship.'

...Matthew Green, a top cryptography researcher at Johns Hopkins University, warned that the system could be used to frame innocent people by sending them seemingly innocuous images designed to trigger matches for child pornography. That could fool Apple's algorithm and alert law enforcement. 'Researchers have been able to do this pretty easily,' he said of the ability to trick such systems.

...

MPG: technology like this is guaranteed to be expanded, and to abused. Heck, if Google and Facebook can get away with it, Apple apparently wants to one-up them with direct intrusion on formerly private data.

See also:

The Shadow State: NeuralHash and Apple’s Post-Privacy World.

The All-Seeing "i": Apple Just Declared War on Your Privacy

by Edward Snowden, August 25, 2021

...Why is Apple risking so much for a CSAM-detection system that has been denounced as “dangerous” and "easily repurposed for surveillance and censorship" by the very computer scientists who've already put it to the test? What could be worth the decisive shattering of the foundational Apple idea that an iPhone belongs to the person who carries it, rather than to the company that made it?  

Apple: "Designed in California, Assembled in China, Purchased by You, Owned by Us."

The one answer to these questions that the optimists keep coming back to is the likelihood that Apple is doing this as a prelude to finally switching over to “end-to-end” encryption for everything its customers store on iCloud—something Apple had previously intended to do before backtracking, in a dismaying display of cowardice, after the FBI secretly complained.

... optimists are wrong: Apple’s proposal to make their phones inform on and betray their owners marks the dawn of a dark future, one to be written in the blood of the political opposition of a hundred countries that will exploit this system to the hilt. See, the day after this system goes live, it will no longer matter whether or not Apple ever enables end-to-end encryption, because our iPhones will be reporting their contents before our keys are even used.

I can’t think of any other company that has so proudly, and so publicly, distributed spyware to its own devices—and I can’t think of a threat more dangerous to a product’s security than the mischief of its own maker. There is no fundamental technological limit to how far the precedent Apple is establishing can be pushed, meaning the only restraint is Apple’s all-too-flexible company policy, something governments understand all too well. 

...

MPG: with YouTube and Facebook deciding what is acceptable thought, Apple seemingly wants to one-up them right on your iPad, iPhone, and coming soon to a macOS near you.

Opinion: We built a system like Apple’s to flag child sexual abuse material — and concluded the tech was dangerous

by Jonathan Mayer and Anunay Kulshrestha, August 19, 2021

...We wrote the only peer-reviewed publication on how to build a system like Apple’s — and we concluded the technology was dangerous. We’re not concerned because we misunderstand how Apple’s system works. The problem is, we understand exactly how it works.

...Our system could be easily repurposed for surveillance and censorship. The design wasn’t restricted to a specific category of content; a service could simply swap in any content-matching database, and the person using that service would be none the wiser.

A foreign government could, for example, compel a service to out people sharing disfavored political speech. That’s no hypothetical: WeChat, the popular Chinese messaging app, already uses content matching to identify dissident material. India enacted rules this year that could require pre-screening content critical of government policy. Russia recently fined Google, Facebook and Twitter for not removing pro-democracy protest materials.

We spotted other shortcomings. The content-matching process could have false positives, and malicious users could game the system to subject innocent users to scrutiny. We were so disturbed that we took a step we hadn’t seen before in computer science literature: We warned against our own system design, urging further research on how to mitigate the serious downsides. We’d planned to discuss paths forward at an academic conference this month.

That dialogue never happened. The week before our presentation, Apple announced it would deploy its nearly identical system on iCloud Photos, which exists on more than 1.5 billion devices. Apple’s motivation, like ours, was to protect children. And its system was technically more efficient and capable than ours. But we were baffled to see that Apple had few answers for the hard questions we’d surfaced.

China is Apple’s second-largest market, with probably hundreds of millions of devices. What stops the Chinese government from demanding Apple scan those devices for pro-democracy materials? Absolutely nothing, except Apple’s solemn promise. This is the same Apple that blocked Chinese citizens from apps that allow access to censored material, that acceded to China’s demand to store user data in state-owned data centers and whose chief executive infamously declared, “We follow the law wherever we do business.”

...But make no mistake that Apple is gambling with security, privacy and free speech worldwide.

MPG: Ugghhh. Enjoy your SpyPhone.

Apple M2 Macs: What Pros Need to Know in a Nutshell

Your computer is getting along in years, and maybe with performance that is less than satisfying—when’s the right time to buy a new Mac, given that the next-generation Apple M2 Macs are on the distant horizon? In a nutshell:

• MacBook Pro 14 and 16-inch models are due for an update late this year. Probably with the M2 chip. Odd are 50/50 of a delay into early 2022.
• Mac Pro with high-core-count M2 CPU—my guess is Jan-March 2022.
• iMac with high-core-count M2 CPU—same guess of Jan-March 2022.

Apple is tight-lipped about all this.

If you need a high-powered Mac now, the best best is the 2020 iMac 5K. See With the Delay of Apple M1/M2 Pro Macs, What to Do Now?

Future compatibility with peripherals

The key thing for those with Thunderbolt 2 Macs is to wait on everything until you have a Thunderbolt 3/4 Mac. But for those with Thunderbolt 3 Macs, have no fear of buying needed peripherals now. You can buy now with confidence of compatibility with an M2 Mac.

OWC has a wide range of Thunderbolt 3/4 products for your current or future Mac.

OWC External SSD Options

External SSD wish list • Deals on OWC

$3999 OWC 16.0TB OWC ThunderBlade Ultra High-Performance Gen 2 Thunder… in Storage: SSD

$2099 OWC 8.0TB OWC ThunderBlade Ultra High-Performance Gen 2 Thunderb… in Storage: SSD

$899 OWC 4.0TB OWC Envoy Pro EX USB-C NVMe M.2 SSD Solution in Storage: SSD

$549 OWC 2.0TB OWC Envoy Pro EX with Thunderbolt 3 - Rugged High-Perf… in Storage: SSD

$479 OWC 2.0TB OWC Envoy Pro SX Rugged Portable NVMe SSD with Thunder… in Storage: SSD

$299 OWC 1.0TB OWC Envoy Pro SX Rugged Portable NVMe SSD with Thunder… in Storage: SSD

$229 OWC 480GB OWC Envoy Pro SX Rugged Portable NVMe SSD with Thunder… in Storage: SSD

$179 OWC 240GB OWC Envoy Pro SX Rugged Portable NVMe SSD with Thunder… in Storage: SSD

Don H writes:

I know the Apple guessing game can lead to madness, but I offer two tidbits:

1) Some rumors indicate that Apple might release one more iteration of the current Mac Pro with updated Intel processors (maybe just a speed bump, but no new features otherwise). If true, that could put off M2 Mac Pros until the tail end of 2022, which would still meet their 'two year' transition window. That makes a certain amount of sense from the point of view of add-in card support. It would also allow them to announce new M2 Mac Pros at the June '22 WWDC to give hardware developers some more concrete details of the future specs.

2) Meanwhile, Intel might be working on a new version of Thunderbolt (TB-5) that would increase the throughput to 80 Gbps: https://www.anandtech.com/show/16858/intel-executive-posts-thunderbolt-5-photo-80-gbps-and-pam3-then-deletes-it

That shouldn't change anyone's plans in terms of Thunderbolt purchases, as long as they acquire TB-3 and later peripherals. It is good news if true, although the timeline for this is up in the air. That shouldn't change anyone's plans in terms of Thunderbolt purchases, as long as they acquire TB-3 and later peripherals. It is good news if true, although the timeline for this is up in the air.

MPG: agreed, but IMO, neither point has any bearing on a decision to be made in the next year.

A CPU speed bump in the current Mac Pro would likely be all but immaterial in clock speed terms, but maybe you could get 2 or 4 more cores for the same price and a faster GPU. I’d rather go for an M2 iMac than a Mac Pro anyway, assuming we finally got 4 Thunderbolt ports on the iMac.

As for a Thunderbolt 5, have we ever seen a fast rollout of a new Thunderbolt spec? If it were finalized today, two years seems like a minimum for products with it to appear (beyond token ones).

OWC Thunderbolt Hub, Dock, cables

Cables wish list • Deals on OWC

$279 SAVE $21 = 6.0% OWC Thunderbolt Dock with Thunderbolt 4 cable in All Other Categories

$179 OWC Thunderbolt Hub in All Other Categories

High Capacity Storage

Big Fast Storage wish list • Deals on OWC

$2619 OWC 64TB OWC ThunderBay 4 RAID 5 4-Drive HDD External Storage So… in Storage: ThunderBay

$1049 OWC 16TB OWC ThunderBay 4 RAID 5 4-Drive HDD External Storage So… in Storage: ThunderBay

$5679 OWC 144TB OWC ThunderBay 8 Thunderbolt 3 RAID Storage Solution in Storage: ThunderBay

$3799 OWC 96TB OWC ThunderBay 8 Thunderbolt 3 RAID Storage Solution in Storage: ThunderBay

Recommended Peripherals

Sony Mirrorless wish list • Deals on Sony

$1999 OWC 48TB OWC ThunderBay 4 RAID 5 4-Drive HDD External Storage So… in Storage: ThunderBay

$599 OWC 16TB OWC Mercury Elite Pro USB Storage Solution in Storage: Mercury Elite Pro

$630 OWC 128.0GB (4x 32GB) OWC 2666MHz DDR4 PC4-21300 260-Pin SO-DIMM… in All Other Categories

$279 SAVE $21 = 6.0% OWC 14-Port Thunderbolt 3 Dock with Cable - Space Gray in All Other Categories

Recommended Apple Macs and Accessories

Sony Mirrorless wish list • Deals on Sony

$5479 Apple 27" iMac with Retina 5K Display (Mid 2020) in Computers: Apple Macs

$3679 Apple 27" iMac with Retina 5K Display (Mid 2020) in Computers: Apple Macs

$4279 Apple 27" iMac with Retina 5K Display (Mid 2020) in Computers: Apple Macs

$3149 SAVE $100 = 3.0% NEC MultiSync PA311D 31.1" 17:9 Color Critical Desktop HDR IPS D… in Computers: Displays

How to Make Web Sites Work Properly with Apple Safari Web Browser —  Disable 'Enable content blockers'

It’s crazy that I have to write this post. But so many web sites fail to work properly with Apple Safari now that I had better.

For a feature to have value it can’t break things frequently! But Safari does.

Many sites like the one below will do some things properly, while other things won’t work. So far, it seems like this feature, ostensibly for security/privacy, is more of a PITA than useful all too often.

The most common problem is the content blocking feature of Apple Safari, namely, the Enable content blockers setting. Other times it is the lack of support for WebGL. Or sometimes the web site itself is poorly designed and never tested with Safari.

It’s easy to check for a fix; uncheck the following, then refresh the page.

Safari => Settings for this Website... => Enable content blockers

BareBones Software BBEdit

BBEdit Still My Plain Text Editor of Choice For Source Code, HTML, etc

BareBones Software BBEdit (now at version 14) is one of those indispensible applications that everyday users do not need, but anyone who uses it as I do would go crazy without it. Hence the “professional’s choice” description is apt.

Heck, even everday users would do well to learn a plain-text editor for all sorts of formatting tasks. But that’s another topic.

Highly recommended.

And unlike Apple software, it never sucks and never has and presumably never will.

I edit a lot of plain text in the course of my work: source code, HTML, etc. I also regularly use regular expressions to massage plain text and HTML into shape, search/replace, etc. And sometimes dealing with Microsoft Excel, Apple Mail or other programs demands converting to plain text in a way those programs can’t handle. And then there is high speed performance both while editing and for search and replace stuff.

Thus a good plain text editor is essential for what I do.

BBEdit ranks up their in my top-3 most-used tools, every day, day in and day out, #1 when working with source code and html. And for real geeks, the BBEdit folks even have optional command line tools in addition to the superbly useful app.

BareBones Software BBEdit

Separate Your Data from System and Applications on the Boot Drive Using an APFS Volume

Separating your data from system/applications was a good idea back in 2010, remained a good idea, and is still a good idea here in 2021

MPG recommends NOT moving mail and similar things off the boot drive, due to maintainance headaches across system software updates.

Prior to Apple’s APFS file system, creating a separate volume for your data meant true partitioning, a space waster because you had to decide how much space to allocate to each volume in advance.

Here in 2021 and when working with SSDs, MPG recommends a much better alternative: APFS volumes, such as on the internal SSD. These do not waste space as with true partitioning and are very fast to create, as they do not impact existing volumes.

Creating an APFS volume, and why

Recommended only for SSDs (not hard drives because hard drives perform poorly with APFS).

Shown below, the internal 8TB Apple SSD on my Mac Pro has its two default volumes named Boot (read-only boot volume), and Macintosh HD - Data (anachronistic Apple naming for read/write data on the boot volume pair).

You can store everything in your home folder. Why not, if you have simple needs.

But I store just about everything of my own data on an additional volume named Master (as in “master copy of my stuff”. I do this for multiple reasons:

• It insulates me (somewhat) from the increasingly annoying changes Apple makes to the boot drive and its security.
• I don’t want all my data buried down in my home folder.
• I can backup my critical stuff by backing up just Master.
• I want one volume that I can backup without concern for new changes in macOS security on the boot volume.
• It’s a real volume, so /Volumes/Master works in paths.
• Separate file system not comingled with millions of macOS files.

Shown below is Apple Disk Utility.

Internal SSD “Apple SSD” with container volumes

To create an APFS volume, click the + icon over “Volume”, at top. Choose your preferred name, click Add, and you’re done.

Don’t forget to backup the new volume(s) that you create.

Creating an additional volume “MoreStuff”

Brain-Dead Spotlight Search for Source Code Files

This behavior changed in macOS Big Sur AFAIK. It drives me crazy. I have not found a way to make it work as it used to.

I write code (java mostly, but other stuff too). To open a source file I frequently rely on Spotlight to open a file.

A beautiful thing—if I want to open LensParser.java, I’d start typing “LensP...” and up pops LensParser.java, I hit ENTER, and I’m now looking at the file in my text editor BBEdit.

So far so good. But for various reasons, I sometimes have the full source file name. Using that, Spotlight figures that I want to do a useless web page search for lensparser.java, which does not exist—it’s just some useless web search link.

I sometimes wonder how many people Apple hires whose jobs it is to figureout how to degrade usability.

Internal SSD “Apple SSD” with container volumes

Backing up With Carbon Copy Cloner For Years Now, Latest Update As Good As Ever in Functionality, but Confusing Visuals

I’ve been backing up with Carbon Copy Cloner for years now. Great functionality that I rely on every day for my backups. An alternative is SuperDuper.

CCC has done a great job of keeping up with the ever-changing macOS landscape with its increasing security restrictions,.

But it cannot unbreak some Apple-imposed changes, like the need now with macOS Big Sur to do an entire backup from scratch to bring a bootable drive up to date.

Visual

While the functionality is excellent, the latest version is disturbingly visually distracting. Two things I find very bothersome:

• Icons are now placed on the destination for status that to my eyes look like errors or problems. Even after weeks of usage with this new version, all I “see” at a glance is “something is wrong”. When nothing is wrong. Very poor visual design IMO.
• The color-ified task lists end up being a distracting mess. For solid reasons I often have tasks that now show up with those big red X's on them. And I don't need the messy green check marks either.

Two thumbs down on this visual overhaul. I much prefer the visuals of the previous version.

Carbon Copy Cloner

How To Quickly Email a Link to a Web Page

It can be annoying to get an email for a web page—27 pages of junk and missing images, etc—when all you want is the link to the page. Just try an Amazon page—what a mess.

Two ways to send a link to a web page.

Copy/Paste

Works everywhere: copy the URL from the web browser and paste it into a mail message. Works great, but a time-waster.

One step

In Apple Safari, cmd-shift-I and bingo. Or for those with time on their hands, holddown the Option key and choose File => Share => Email Link to This Page.

Same shortcut in Google Chrome or File => Share => Email Link.

In Firefox, File => Email Link.

Apple Safari: Email Link to This Page

Batch Renaming Files for Photography using 'A Better Finder Rename'

See also: Quick Look: Batch Renaming Files with 'A Better Finder Rename'.

Still photos can sometimes benefit from renaming to add useful information, instead of the idiotically uninformative names a camera gives files (e.g., “DGLY00459.ARW” or “IMG0123.jpg”, etc)—obtuse, to say the least.

Simple example: Tags feature to add the aperture number to the filename

Different workflows vary a lot, but one thing that matters most to me is the shooting aperture, particularly for aperture series. I don’t care to do much more than that to the file name, but some photographers might want to add date, time, location, a label for the shoot, etc.

Kudos to 'A Better Finder Rename' for being smart enough to rename the XMP sidecar files along with the corresponding image files!

On minor gripe is that I cannot see any way to reference the original file name itself, or its sequence number, so I could build a full name with prefix and the original name embedded in one step. In other words, I’d like to be able to do:

<my-prefix>-<original-fname>-f<aperture>
eg:
SonyFE50f1_2GM-TwentyLakesBasin-DGL2934 -f5.6.ARW

Shown below, the dialog is set up to rename files by appending "-f" then the aperture number.

A Better Finder Rename.app: appending the aperture to the file name

Anon writes:

I'm writing in response to your latest article, to share a tip/trick for ABFR. You can indeed do multiple different rename actions in a single step; click "Show Advanced Sidebar" in the bottom left and then use the plus button to add additional steps. This way you can add a prefix, and then add your aperture setting. I've done a dozen rename steps, which is very powerful since you can see the final output before renaming (and you can use Command + R to initiate renaming from the main window, and then again to confirm all renames in the processing window.)

You can also change a preference in the preferences window to autoclear the queue when renaming is complete; this allows for rapid renaming (especially if you leave multiple steps in the sidebar window, they can be toggled on and off, so you can keep several different rename workflows on standby.)

Of course, if adding your camera name and aperture to the filename is a common workflow, you can save it as a droplet, so that all you need to do is drop the files onto the droplet and they're automatically processed. Perhaps one for each camera type?

MPG: agreed that you can string together multiple actions into one action. But that isn’t a single step. It also raises the potential problem of subsequent steps operating on a now-modified name, which might have undesirable matching.. It is rarely a good idea to “pipe” output when a single substitution can be done at once. But it does address the issue with a solution.

IMO a templatized approach is already 95% there and could be improved, just be adding a few more tags. It’s a lot of “friction” to have to create and name multiple actions—great when they’re all reusable/generic, not so great if you have to start going camera or lens specific.

All the software would have to do is add another tab “Original” or some such, and offer <basename>, <extension>, <sequence-number>. Then you could write something like this:

myPrefix-<sequence-number><lens-name>-f<aperture>.ARW
===>
TwentyLakesBasin-2934-FE 50mm fF1.2 GM-f5.6.ARW

I’d want a different form of the lens name though (including brand), but that’s a tougher nut to crack—in that case I’d have to create an additional action to map the name to the normalized name (including brand) that I want.

Maybe there are tricks I am unaware of to sidestep these issues.

Sebastian B writes:

Perhaps have a look into ExifRenamer, it might be able to do what you're trying to do:

https://www.qdev.de/?location=mac/exifrenamer

You can set up a preset with prefix and let it ask for a prefix on runtime (leaving the field empty if you don't want one). The interface is not the sleekest in the world, but once set up, it usually does what you want it to. (F-number is errantly called "Focal number" in the tag list, but "%8E" should do the trick for aperture.)

MPG: exiftool has some capabilities as well; see https://exiftool.org/filename.html.