The New Hotness and The Old Lameness

I have two points to make and then I'm out.

First: I have a deep and unbridled lust for the new MacBook Pro with Retina Display. I reserve final judgement for after I've actually held one in the flesh, but I think they look pretty great and I might end up getting one to replace my beloved but aging 17" behemoth.

The real shocker to me, though, is if you configure the standard, non-retina display MacBook Pro with a fast 512GB SSD drive it comes out to be $300 more than than its comparably equipped Retina Display toting sibling. Max the RAM out on the Retina Display MacBook Pro and it's still $100 cheaper! It's a no brainer: the Retina Display MacBook Pro is the one to get if you can afford to get something with fast, decent-sized storage.

Point the second: The paltry, pathetic, pointless Mac Pro update is your queue to exit the building if you're a real pro user whose needs entail high-end hardware. I'm sorry, but does anyone really expect anyone to buy this latest round of Mac Pros? Especially now, with Apple claiming they're going to announce some vague new hardware product aimed at professionals? (I can pretty much guarantee this will not be an actual Mac Pro, but something much more disappointing.) In 2013?

Frankly, this sounds exactly like the Final Cut Pro fiasco from last year: over-promise some hot new product for pros, then deliver something they not only dislike but really just can't use. Three years is too long to wait for a proper hardware upgrade, and with professional Apple products dropping like flies, it's clearer than ever: despite their claims, Apple truly no longer cares about the existing professional market. They may be interested in creating a new sort of professional market — one that appeals to new users and up-and-coming pro and prosumer types — but Apple couldn't give two shits about legacy pros.

Pros, I really believe it's time for you to abandon the Apple ship, because Apple has made it abundantly clear through their actions (though not through their words, I must say) that they have abandoned you. (For the record, I don't really consider myself a Pro user anymore. Though I am a sysadmin, my computing hardware needs are quite modest these days.)

That's it. That's all I've really got to say.

Securely Erasing a Mac SSD

I've recently made the switch to an SSD for my boot drive. And, yes, it is good. Everything feels all buttery smooth now; I don't feel like I'm waiting for my system to catch up to me as much. It was a bit of a hassle, but totally worth it. But that's not what I'm here to talk about.

The Problem

If you ever want to, say, sell your now SSD-equipped computer, you're probably going to want to erase its contents as securely as possible. Back in the HD days, this was very well-understood and relatively easy to do. You simply overwrote every bit of data on your Hard Drive numerous times with zeroes or random data or what have you. There are command-line tools that allow you to do this, as well as Disk Utility's Secure Erase Options, which allow very secure and thorough erasure of a drive. But because of the way that SSDs work, all this goes out the window.

I'm not a Hard Drive or SSD expert, but, in a nutshell, in order to maintain performance and increase longevity, SSDs add another level of abstraction between the device and the filesystem that makes it impossible for the OS to accurately know the location of a given file on the actual device. This means that it's virtually impossible to securely erase individual files. So the question becomes: How do I securely erase the entire drive?

We Want... Information (-ation, -ation)

The tools and procedures for securely erasing SSDs are not self-evident. I poured over a pretty hefty amount of literature before arriving at a method that I think will work fairly effectively. Since there's no way to accurately erase individual files, this method erases the entire SSD. And since the best way to do this, while still balancing usability and effectiveness, is to use encryption, we'll be enabling FileVault 2 in Lion, as well as, of all things, Find My Mac in iCloud. I'll go over all of this in a bit, but let me first talk a bit about my thinking.

My Thinking

The most secure way to delete an SSD is to find a way to scrub the drive, to go through every cell on the SSD and overwrite the data, similar to how you would securely delete a typical hard drive, but at the hardware level. Out of the box the Mac has no way to do this. There are a variety of Linux and Windows utilities — some of which come directly from the drive vendors — that allow you to do this, but they require a huge number of hoops to jump through, not the least of which is creating a Linux LiveCD or Windows machine to boot from, as well as a significant time investment. Using this method, while perhaps a more secure deletion of the data, will be time consuming, difficult and error-prone.

As I mentioned, there's a ton of literature on the topic of securely erasing SSDs, but the vast majority of it is theoretical. There are very few articles that actually tell you, practically, how to go about securely erasing your SSD. What got me thinking in the right direction was an article from Ars Technica that very broadly discussed the various difficulties with and methods for secure SSD erasure. In it, they talk about drive scrubbing approaches, but then they also mention using an encryption-based approach:

"The most popular option for protecting data, absent of robust secure erasing tools that scrub right down into the over-provisioned cracks, is to encrypt the SSD's contents. This way, if someone's coming after your data, the only thing you need to make sure is off the drive is the security key (128- or 256-bit AES is recommended) and your bits will be safe, unless whoever wants your data is up to cracking that code."

This caught my attention, because it sounds very much to me like the secure erase procedure that newer iPhones use. If you've ever securely erased an iPhone 3GS or later, you may have noticed that it goes extremely fast. Older phones take a long time because they're actually scrubbing the SSD clean of data, but newer ones are really fast because all they're actually doing is deleting the encryption key, making the data virtually impossible to access.

Finding a similar procedure for an SSD-equipped Mac was no easy feat, but I think I've dug one up that may work for most typical users who just want to pass on their SSD-equipped Macs without worrying about someone accessing their private data. The thing that's tricky about doing this is that Apple has provided no similar utility for erasing SSDs as they have for the iPhone. On an iPhone you simply go to your Settings and choose:

General->Reset->Erase All Content and Settings.

There is no such utility on a Mac.

Or is there?

Enter: FileVault 2

Mac OS X10.7, Lion, has a new feature called full disk encryption, now popularly known as FileVault 2. What FileVault 2 does is take all the data on your boot drive — which in my case is my SSD — and encrypts it. The encryption key is stored on the disk and is only accessible with your home account password (or any other user's password that you allow). In and of itself, in fact, assuming you have a reasonably secure password, simply enabling FileVault 2 on your boot drive provides a pretty decent degree of security: No one can access the contents of your disk without your password.

Encryption key deletion, a la the iPhone, provides the final layer of security, but how do you go about doing such a thing? The Apple literature on FileVault 2 makes reference to something called "Instant Wipe:"

"With FileVault 2, instant wipe removes the encryption key from your Mac instantaneously, making the data completely inaccessible."

Enter: iCloud & Find My Mac

I have yet to find a way to access this "Instant Wipe" from my Mac, nor is there any reference to it in the Help files. But with the addition of the Find My Mac feature, now freely available via iCloud, a Mac can securely erase a drive in a fashion quite similar to that of the iPhone. Find My Mac allows Mac users to remotely locate and lock, send messages and alert sounds to, and — most important for our purposes — wipe a lost Mac. Of course, this functionality works perfectly well with Macs that aren't lost as well.

Sending the "Wipe" command to your Mac from Find My Mac (either via a browser logged in to iCloud or from Find My iPhone on your iPhone) will do the same thing to your Mac that Secure Erase does on your iPhone. It will erase the encryption key that protects the data on your SSD.

"The Remote Wipe command is, of course, a last resort, as it instantly destroys the boot drive's contents by erasing the encrypted volume's key, rendering the drive's contents unusable."

This means that, once the encryption key is deleted, even you will no longer be able to access your data with your password. Once this happens, the only way to access the data is to decrypt it, and without the key, this is a monumental task far beyond the capabilities of most users. The XTS-AES 128 bit encryption that Lion uses is extremely difficult and time consuming to crack. In fact, though there are more secure options out there, I believe this one has yet to be cracked at this point.

Also, once the encryption key is wiped, the wipe command apparently goes through and deletes all the data as well:

"Instant wipe removes the encryption key from your Mac — making the data completely inaccessible — then proceeds with a thorough wipe of all data from the disk."

It's unclear exactly how this wipe is performed. Does it happen at the hardware level clearing data from each and every cell of the SSD? Are the files overwritten multiple times with random data or are they just marked offline? It's hard to tell from the scant online literature I've seen; even the developer docs seem to be out of date. But whatever the case, this is pretty durned good security for the average joe.

So, how to get all this working? There are only two things you need to set up: FileVault 2 and iCloud with Find My Mac

This article is already long enough, so I won't go into FileVault 2 or iCloud setup here. They're easy to do and there's already plenty of information about the procedures. Here are some great links to get you started:

Set Up Filevault 2

Set Up iCloud's Find My Mac

Suffice to say, once these services are configured, erasing your SSD, when the time comes, should be as simple as logging in to iCloud, locating the Mac in question using Find My Mac, and issuing the Wipe command. After a very short amount of time, the encryption key will be deleted, and some time later (how long depends on a number of variables, some of which we don't actually know), your disk will, in theory, be wiped clean of data.

One caveat: I have yet to actually try the Wipe command. Oh, believe me, I intend to. But we're talking about a day out of my life, and that's a day I just don't have to spare. And you know what they say about good intentions. Yeah.

If I do manage to get around to this, I'll certainly post my findings here. I encourage others to do likewise in the comments section of this article.

MORE:

http://arstechnica.com/apple/reviews/2011/07/mac-os-x-10-7.ars/13

http://en.wikipedia.org/wiki/Whole_Disk_Encryption

Airport Extreme

This year for Xmas I asked for and received an Airport Extreme. Some of you may recall my struggles with the numerous Airport Expresses I own. This is because of the way my home network has evolved over the years, which is to say, completely piecemeal and haphazardly.

A Piecemeal Network

My home network, like many, started simply with a wired router. It then progressed to wireless with my first Airport Express, which, at the time was plenty for me, living alone in my small studio apartment. My next apartment, however, was a duplex, so I extended my network with an additional Airport Express, one capable of 802.11n. Then, as wireless networks in the city exploded and frequencies grew more congested, causing problems with the wireless Netflix streaming I started doing a good deal of, I added yet another Airport Express and built out my network, creating one 5GHz network for my heaviest use-cases, and a 2.4GHz network for my phones and gadgets.

When all was said and done I had a wired router feeding three Airport Expresses, two of which were supplying wireless on 5GHz and one of which provided separate wireless access on the 2.4GHz frequency. It was a total mess: it took forever to set up (like when we recently moved to a new house); it broke often and was horrible to troubleshoot.

Cut To The Present Day

So this year one of my presents was an Airport Extreme. I just wanted to simplify everything. I suppose I could've gotten some LinkSys dealio that would've been faster, but frankly, this is about laziness, and the Airport Extreme is, for me, the easiest option available, if for no other reason than the fact that I already use and am quite familiar with the Airport ecosystem.

And easy it was! In fact, I was able to set it up and completely replace my existing network — a router and three Airport Expresses — in about ten minutes. That's right, what used to take me hours to set up and get working just so took ten minutes with an Airport Extreme. And now, all those boxes are gone, replaced with a single — and quite attractive, I might add — wireless router. It's fantastic!

I have to say, setting up my Airport Extreme was one of the best user experiences I've had in a very, very long time. I'm not used to calling network setup easy, but that's exactly what it was. I entered my settings and it simply Just Worked.

Clearly a lot has changed since I first began building my home network. It's nice to finally be using some current gear, and the Airport Extreme is a great box. Super simple to set up and use. Oh, and it's fast too!

If you're looking to upgrade an aging wireless network, want simplicity and ease-of-use, and don't need a ton of tweakable settings, I highly recommend the Airport Extreme.

iPhone 4S

So I've had my Verizon iPhone 4S for a few weeks now, and I thought I'd let you know how it's been going.

The Phone

In many regards, this is the same phone I had a few weeks ago. The software is the same, the data is the same, most things are the same. And this is a good thing. Moving to the new phone was almost completely painless and straightforward.

Performance

Overall, though, there are some differences, of course. In general, I really like the phone itself. It's a huge speed boost from the iPhone 3GS, and that helps make everything work better, more smoothly and quicker. The interface is just faster, and that's really nice.

I was more surprised at how much faster the network is. I assume that this has something to do with my new provider, Verizon (more on that in a minute), but I also think that speed gain is a function of the phone hardware itself. Whatever the reason, I'm extremely pleased by this.

The Body

Coming from the iPhone 3GS's rounded edges and arched back, I was a bit skeptical that I'd like the body of the iPhone4S, with it's all-flat surfaces and hard edges. The 3GS felt perfect in my hand. It was a most ergonomic body shape.

But I've been pleasantly surprised at how much I actually do like the 4S's feel. It's not as soft to the touch, but it feels a bit thinner, and the hard edges add a certain grippiness that makes it feel very firm in hand and easy to pick up. They also afford the possibility of placing the phone on its edge for video shoots.

The glass surfaces, too, are very elegant — far more so than the 3GS's plastic back — yet have enough friction to them that the phone never feels in danger of slipping out of my hand. They also don't appear to scuff as easily or as much as the 3GS's plastic back.

And the iPhone 4S's body is just beautiful, maybe the prettiest phone I've ever seen. There are tradeoffs to the new body style, but they're very minor and pretty much even out. I'm quite pleased with the body style of this phone.

The Screen

I'm pretty blown away by the Retina Display. This is one of my favorite things about my new phone. Sure, I'd seen friends' iPhone 4s, so it wasn't completely new to me. But seeing the screen and using one on a regular basis are two very different things. Using the Retina Display is amazing, especially as my vision gets crappier with age. Reading text on this screen is noticeably better, an improvement that extends to every area of the iPhone experience. Also, I can finally notice tiny details, like the paper texture in Notes, that I'd never seen before. It's really terrific.

The Camera

The camera is much faster than the one on my old phone. It's also better, but I wouldn't say the improvement is huge. Side by side you can certainly tell a difference, but these still look like iPhone photos.

The HDR functionality is good only for certain types of lighting situations. For anything else it usually does a worse job. Moreover, it slows the camera down considerably. I recommend keeping it off unless you need it. For this reason I wish it had a dedicated button instead of being buried within a submenu.

Video is still clearly phone video, though as such it's quite serviceable. But what impressed me was the stabilization. It's very good, and on such a small device, it's really essential. These little video phones tend to exacerbate camera shake, but the iPhone 4S does a pretty darned good job of smoothing out the worst of it by using the phone's physical sensors, in part, to do the job. This, perhaps even more than the optics, makes a huge improvement to the video the iPhone 4S produces.

Siri

The big surprise for me, with Siri, is how much I actually do use it. For Reminders and phone calls it really is much quicker and easier than using the touch screen. And, yes, it's really as accurate as everyone says. It's not for everything, but there are certain situations that Siri is perfect for, and when you're in those situations, Siri is a joy.

Perhaps my favorite use of Siri is dictation. It's great! It's very accurate, and far more convenient than typing everything out on the touchscreen keyboard. Accurate dictation is far less useful on a computer with a physical keyboard, because you can usually type faster than you can speak. But with virtual keyboards, the equation is the reverse, and this is one place where Siri really shines.

Siri's limitations can be frustrating, though. I wish (as I think everyone does) that it was more hooked into the OS. I'd love to use Siri as an application launcher, for instance. Or maybe even for navigation. Siri's technically only in beta at this point, though, so I'm sure we'll start to see these sorts of things as the service evolves. I think it's going to be great.

Verizon

One of the biggest changes for me with this upgrade has nothing to do with the actual phone hardware itself. For this phone purchase I switched to Verizon as my mobile provider. I was actually a little worried about the switch as I'd been fairly happy with AT&T's customer service and web apps. But I live in New York City, and AT&T's reception is pretty lousy here. Moreover, at work, often when I really need a connection, AT&T is spotty or just plain out of range, and that's not cool.

So I switched to Verizon on a trial basis.

Thus far I've been very happy. The cell service is truly amazing, a huge step up. Calls are not only more reliable, they are also clearer and louder. Some of this may be due to the new phone hardware, but credit where due, Verizon's cell service works everywhere I go, and works very, very well. I've not had a dropped or garbled call, nor been in an area with no signal yet. I actually needed to make a call on the first day I had the phone from a previously impossible location at work and it worked flawlessly. With voice commands, no less!

The improved reception has also brought another advantage: my data connection is more pervasive and reliable. Suddenly, I'm able to get a data connection in all sorts of places where it had been terrible on AT&T. At times, I believe this more reliable data connection even makes it appear that the network is much faster than on my old phone, which would choke when trying to connect using a spotty connection. So, overall, the increased reliability has ultimately resulted in increased network speeds.

Verizon's customer service has been very good as well. I've had two occasions to deal with their phone support, and both times they've gotten the job done quickly and politely. And that's pretty much all I ask.

Their account management site is also very good and easy to use.

Verizon is definitely more expensive, however. About $30 more per month for the plan I got, which is a slight step up from my old AT&T plan. I am now getting an employee discount that brings this back down to only about $10 a month more than my AT&T account, but without that, the price hike is significant. If phone reception is key, though, it might just be worth it; the improvement is huge. In my case, I'm more than happy to pay $10 more per month for much, much improved service.

Bugs and Updates

It hasn't been all wine and roses, however. There have been some bugs and issues.

The most annoying problem I've had is that, when shooting pictures or video with the Camera app — and this seems particularly bad when shooting from the lock screen rather than launching directly from the Springboard — sometimes they don't show up in the Camera Roll gallery. If I sort by Places, the pictures appear and can be moved to other galleries, but for some reason they don't appear in the Camera Roll. For that reason, importing via iPhoto can be hit-or-miss. Sometimes the photos appear for import, sometimes they don't. Sometimes they get deleted from the phone, sometimes they don't. It's more of an annoyance than anything, and I haven't permanently lost any data yet. But I really wish they'd fix it. And fast.

I was hoping the iOS 5.0.1 update would bring some relief, but it does not seem to have addressed the issue. Moreover, after applying the update, I

experienced the bug wherein contact names don't appear for incoming calls, despite the fact that they're still in your Contacts. This I was able to fix, however. It seems the Contacts database gets corrupted with the iOS 5.0.1 update, and the punctuation (parentheses and dashes and what not) gets removed from the phone numbers of all your Contacts. The incoming phone number, however, does retain all the necessary punctuation, and this inconsistency causes the Phone app to be unable to recognize said incoming number.

The fix that worked for me is easy enough: Just restore your contacts from a recent backup. Of course, this assumes you made a backup before updating. If you didn't, this is perfect example of why you should. Shit happens.

Conclusion

I'm very happy with my Verizon iPhone 4S. The hardware is a vast improvement over the 3GS, and I notice the speed boost and spectacular display all the time, in every area of operation, from note-taking to search, even after weeks of use. Siri is fun and useful, and the technology to watch; it's going to be great someday and a real boon to iPhone users. Finally, Verizon has really rounded out my user experience by at last allowing my phone to perform well in its primary function, as a phone.

Like a lot of people, I'd imagine, I seem to be on a leapfrog iPhone upgrade cycle, upgrading every other version, and so far that seems to be working out well. Each time I upgrade I receive a subsidy on the price of the phone and a significant hardware boost. The iPhone 4S is no exception. It's a solid upgrade, and I'm very happy with it.

End of The Line?

There's been lots of discussion here about whether or not Apple has lost interest in the Pro market. The big turning point for me was the release of the wholly inadequate — at least for many video professionals — of Final Cut Pro. A complete ground-up rewrite of Apple's flagship professional video editing application, for which Apple reportedly never once consulted a professional.

Now comes this latest salvo in the barrage of evidence that points to major focus shifts at Apple: It appears they are considering ending the Mac Pro line of desktop machines.

Now I quite realize that this is just at the rumor stage. But I actually think it's very likely that this will come to pass, that Apple will end the Mac Pro line, or at least radically transform it to such a degree as to be unrecognizable to its former user base. Apple is aggressively cutting out parts of the business that aren't big money makers. Everything they've done with their pro-oriented products speaks to a company that's pretty much only interested in mass markets, huge ones like cell phones, not niche ones like pro workstations and software.

I may be proven wrong, but I do think this is the beginning of the end, not just of the Mac Pro line, but of Macs as powerful tools for creative professionals.

I hope I'm wrong, but that seems to be the way the wind is blowing.