Yosemite and iOS 8 are Service Killers

Here are the various apps and services that I use that the latest Apple OS releases could replace:

There are probably more, but these were the ones that struck me immediately. It seems clear: With Yosemite and iOS 8 Apple is going after services in a big way.

Mail
Apple’s Mail is a perfectly good program, but I’ve always preferred the low-load, low-friction of Google’s Gmail in the browser. I also love the ways in which Gmail saves my ass. That said, I’m always teetering on the precipice of ditching Gmail — it just makes me uncomfortable how much information they have about me, and the fact that I have no idea what they do with it, and that I am not considered their customer. Google serves the interests of its advertisers first and foremost. It skeeves me out a lot.

For me, a lot would have to change with email to make me switch from Gmail. I’d love it if there were a server-side only option, for one. I’d also love it if Mail in iOS supported email aliases. Performance would have to get a lot better too. Still, with Cloud Storage integration, we’re one step closer to a Gmail killer. It will be interesting to see just how hard Apple is willing to fight for our email. 

Photos
I’ve also been using Google+ for photo storage and management, as a less than ideal solution. The app and service are almost completely unintegrated into iOS (except for auto-sync). The Google+ app for iOS is not great, and really not geared towards photo management, but Google+ has some nice search tricks (of course!), some nice processing tricks, and it’s free. Still, this is another service I’d ditch if something better came along. ‘Cause: Google.

For integrated photo management — like when I need to get photos from my iOS device to my Mac, or get images into my iPad’s Procreate app — I use Dropbox. Yep. I actually use two apps for image management because Apple’s image management implementation has been so piss poor.

iCloud Photo Library seems to be just the answer to my image woes. It’s fully integrated into iOS and, in time, will be with the Mac as well (hooray!). And it will be very affordable and will, presumably, just work.

Storage
I love Dropbox and have been very happy with it overall. It’s main virtues are that it’s wonderfully reliable, and it has deep hooks into the iOS ecosystem. For image management, particularly when I’m working on comics, it’s the best. But it’s expensive, and their recent policy changes have left me with a bad taste in my mouth.

Enter: iCloud Drive. This is basically a Dropbox killer that offers twice the storage at under half the price. And it should be fully integrated with iOS and all its apps pretty much out of the box. If it’s reliable, it will be a no-brainer.

Location
Foursquare is a thing I’ve never really used, but I like the idea of being able to find out where someone I want to meet up with is currently located. Not sure I want or need a third-party app and service for this, and, as with Google, I question how this info will be used by an online service.

Apple is essentially integrating this idea into Messages, which I think is the perfect way to go. It’s integrated, person-specific and event specific. Messages is just the right context for location sharing. I will probably use the hell out of this feature. 

Search
Google’s search doesn’t really present a problem for me. But having to fire up a browser to access it is a minor impediment nonetheless.

Using Spotlight to accomplish the lion’s share of my search needs is an appealing prospect (though if I’m stuck with Bing I may not be sold). Again, Spotlight’s already integrated into my OS, so no trip to the browser is required. I like the idea of searching the web in the same manner and place I search my hard drive. I like the idea, though I wonder if I’ll like the practice. Time will tell.

Conclusion
With Yosemite and iOS 8 Apple is finally really attacking services in a big way. And, I think, in a smart way. Apple offers two things the third-parties can’t: integration and better privacy. Remember, Apple’s business model is built on making devices, apps and now services that make you, the end-user, happy, not on collecting and selling your information. 

The new features in Apple’s latest releases address some major pain points that have, thus far, been tackled by third-parties in often less than satisfying ways. With Apple handling cloud storage and photo management themselves, these services have a good chance at delivering a much better overall experience than the solutions I’ve found. I’m hoping they turn out well.

Quicklook Full-Size

I'm poking around in Mavericks and found cool new functionality in Quicklook.  If you're using Quicklook to view an image, by default it will show you the entire image. If the image is larger than will fit on your screen, it will show you a scaled version.

normal-quicklook.png

But, in Mavericks, if you press the Option key after Quicklook has opened, the larger images will zoom in to display at the full resolution of the image.

quicklook-full.png

Super Initial Impressions

Normally on Keynote Day I'm right there, but today was an exception. I have a perfectly nerdy excuse: SAN Installation. So I missed all of toady's Apple announcements. I've only skimmed the info on the new products, but I wanted to get down my very initial impressions.  

 Mac OS X Mavericks

The new  version of Mac OS X was announced today. The name is a little corny, but I have to admit it's catchy and it's already growing on me. Time will tell. 

Yes. I am excited about Finder Tabs.

Yes. I am excited about Finder Tabs.

Feature-wise, I audibly called out, "Finally!" multiple times while skimming the list. Don't get me wrong, I'm pleased as punch about a number of the new features — tags, tabs, books for Christ's sake, yes! — but really, what took you so long? Some of this stuff is great, but a little obvious and a bit of a reach. Makes it looks like Apple might be short on new ideas.

iOS 7

When Microsoft released its mobile OS a few years back I really liked the look of it: flat, simple, classy and downright minimalist. It was a terrific contrast to Apple's bouncy translucent eye candy. 

But now iOS 7 is taking a similar approach, and while the new look holds a certain appeal, I can't help feeling they borrowed the idea from Microsoft. I also worry they may have taken things a bit too far, with control screens that look more like software prototypes than actual working apps.

Does this button do anything?

Does this button do anything?

Again, though, time will tell, and reading about a product is by no means the same as using it. 

MacBook Air 

Each iteration brings the Air one step closer to a product I can use. This release is no different, with solid — though hardly surprising — gains in performance.

The real story here, though, is the battery life. A very competent computer with battery life that rivals the iPad? Very cool!  

Mac Pro 

Most of today's announcements were hardly earth-shattering. But the Mac Pro is just that

When I first opened the page I said to myself, "Why is there a picture of a giant lens? Where's the computer?" Slowly it dawned on me: That is the computer. 

Is that the barrel of a gun? No, it's a Mac Pro.

Is that the barrel of a gun? No, it's a Mac Pro.

From an industrial design standpoint, the new Mac Pro is a wonder. It's the sexiest thing Apple's released since the iPhone. It's straight up beautiful. But perhaps more important is the fact that it's geared towards professional computer users. Here you have an extremely beautiful, thoughtful, exciting product in a category most people had written off. Apple hasn't done something this exciting in this space for perhaps a decade. And I didn't think they ever would again. 

The new Mac Pro may prove me wrong.

I have yet to even look at the specs or talk to my pro user friends. But if the new Mac Pro is only a symbol, it could just be the sort of symbol pros need to take Apple seriously again. It's the first sign we've seen of Apple making something that at least looks amazing specifically for pros since Final Cut Pro X. We all know how that turned out. Or do we? 

Apple's stance on the pro market has been unclear over the past few years. The Mac Pro makes it a bit clearer. It remains to be seen what this machine's really all about. Does it have what it takes to win over pros? But it's heartening to see Apple making a real effort. Though only time will tell if it's enough. 

Either way, I can't wait to read all about it. Which is what I'll be doing for the rest of the night.

Happy Keynote, everyone! 

 

Securely Erasing a Mac SSD

I've recently made the switch to an SSD for my boot drive. And, yes, it is good. Everything feels all buttery smooth now; I don't feel like I'm waiting for my system to catch up to me as much. It was a bit of a hassle, but totally worth it. But that's not what I'm here to talk about.

The Problem

If you ever want to, say, sell your now SSD-equipped computer, you're probably going to want to erase its contents as securely as possible. Back in the HD days, this was very well-understood and relatively easy to do. You simply overwrote every bit of data on your Hard Drive numerous times with zeroes or random data or what have you. There are command-line tools that allow you to do this, as well as Disk Utility's Secure Erase Options, which allow very secure and thorough erasure of a drive. But because of the way that SSDs work, all this goes out the window.

I'm not a Hard Drive or SSD expert, but, in a nutshell, in order to maintain performance and increase longevity, SSDs add another level of abstraction between the device and the filesystem that makes it impossible for the OS to accurately know the location of a given file on the actual device. This means that it's virtually impossible to securely erase individual files. So the question becomes: How do I securely erase the entire drive?

We Want... Information (-ation, -ation)

The tools and procedures for securely erasing SSDs are not self-evident. I poured over a pretty hefty amount of literature before arriving at a method that I think will work fairly effectively. Since there's no way to accurately erase individual files, this method erases the entire SSD. And since the best way to do this, while still balancing usability and effectiveness, is to use encryption, we'll be enabling FileVault 2 in Lion, as well as, of all things, Find My Mac in iCloud. I'll go over all of this in a bit, but let me first talk a bit about my thinking.

My Thinking

The most secure way to delete an SSD is to find a way to scrub the drive, to go through every cell on the SSD and overwrite the data, similar to how you would securely delete a typical hard drive, but at the hardware level. Out of the box the Mac has no way to do this. There are a variety of Linux and Windows utilities — some of which come directly from the drive vendors — that allow you to do this, but they require a huge number of hoops to jump through, not the least of which is creating a Linux LiveCD or Windows machine to boot from, as well as a significant time investment. Using this method, while perhaps a more secure deletion of the data, will be time consuming, difficult and error-prone.

As I mentioned, there's a ton of literature on the topic of securely erasing SSDs, but the vast majority of it is theoretical. There are very few articles that actually tell you, practically, how to go about securely erasing your SSD. What got me thinking in the right direction was an article from Ars Technica that very broadly discussed the various difficulties with and methods for secure SSD erasure. In it, they talk about drive scrubbing approaches, but then they also mention using an encryption-based approach:

"The most popular option for protecting data, absent of robust secure erasing tools that scrub right down into the over-provisioned cracks, is to encrypt the SSD's contents. This way, if someone's coming after your data, the only thing you need to make sure is off the drive is the security key (128- or 256-bit AES is recommended) and your bits will be safe, unless whoever wants your data is up to cracking that code."

This caught my attention, because it sounds very much to me like the secure erase procedure that newer iPhones use. If you've ever securely erased an iPhone 3GS or later, you may have noticed that it goes extremely fast. Older phones take a long time because they're actually scrubbing the SSD clean of data, but newer ones are really fast because all they're actually doing is deleting the encryption key, making the data virtually impossible to access.

Finding a similar procedure for an SSD-equipped Mac was no easy feat, but I think I've dug one up that may work for most typical users who just want to pass on their SSD-equipped Macs without worrying about someone accessing their private data. The thing that's tricky about doing this is that Apple has provided no similar utility for erasing SSDs as they have for the iPhone. On an iPhone you simply go to your Settings and choose:

General->Reset->Erase All Content and Settings.

There is no such utility on a Mac.

Or is there?

Enter: FileVault 2

Mac OS X10.7, Lion, has a new feature called full disk encryption, now popularly known as FileVault 2. What FileVault 2 does is take all the data on your boot drive — which in my case is my SSD — and encrypts it. The encryption key is stored on the disk and is only accessible with your home account password (or any other user's password that you allow). In and of itself, in fact, assuming you have a reasonably secure password, simply enabling FileVault 2 on your boot drive provides a pretty decent degree of security: No one can access the contents of your disk without your password.

Encryption key deletion, a la the iPhone, provides the final layer of security, but how do you go about doing such a thing? The Apple literature on FileVault 2 makes reference to something called "Instant Wipe:"

"With FileVault 2, instant wipe removes the encryption key from your Mac instantaneously, making the data completely inaccessible."

Enter: iCloud & Find My Mac

I have yet to find a way to access this "Instant Wipe" from my Mac, nor is there any reference to it in the Help files. But with the addition of the Find My Mac feature, now freely available via iCloud, a Mac can securely erase a drive in a fashion quite similar to that of the iPhone. Find My Mac allows Mac users to remotely locate and lock, send messages and alert sounds to, and — most important for our purposes — wipe a lost Mac. Of course, this functionality works perfectly well with Macs that aren't lost as well.

Sending the "Wipe" command to your Mac from Find My Mac (either via a browser logged in to iCloud or from Find My iPhone on your iPhone) will do the same thing to your Mac that Secure Erase does on your iPhone. It will erase the encryption key that protects the data on your SSD.

"The Remote Wipe command is, of course, a last resort, as it instantly destroys the boot drive's contents by erasing the encrypted volume's key, rendering the drive's contents unusable."

This means that, once the encryption key is deleted, even you will no longer be able to access your data with your password. Once this happens, the only way to access the data is to decrypt it, and without the key, this is a monumental task far beyond the capabilities of most users. The XTS-AES 128 bit encryption that Lion uses is extremely difficult and time consuming to crack. In fact, though there are more secure options out there, I believe this one has yet to be cracked at this point.

Also, once the encryption key is wiped, the wipe command apparently goes through and deletes all the data as well:

"Instant wipe removes the encryption key from your Mac — making the data completely inaccessible — then proceeds with a thorough wipe of all data from the disk."

It's unclear exactly how this wipe is performed. Does it happen at the hardware level clearing data from each and every cell of the SSD? Are the files overwritten multiple times with random data or are they just marked offline? It's hard to tell from the scant online literature I've seen; even the developer docs seem to be out of date. But whatever the case, this is pretty durned good security for the average joe.

So, how to get all this working? There are only two things you need to set up: FileVault 2 and iCloud with Find My Mac

This article is already long enough, so I won't go into FileVault 2 or iCloud setup here. They're easy to do and there's already plenty of information about the procedures. Here are some great links to get you started:

Set Up Filevault 2

Set Up iCloud's Find My Mac

Suffice to say, once these services are configured, erasing your SSD, when the time comes, should be as simple as logging in to iCloud, locating the Mac in question using Find My Mac, and issuing the Wipe command. After a very short amount of time, the encryption key will be deleted, and some time later (how long depends on a number of variables, some of which we don't actually know), your disk will, in theory, be wiped clean of data.

One caveat: I have yet to actually try the Wipe command. Oh, believe me, I intend to. But we're talking about a day out of my life, and that's a day I just don't have to spare. And you know what they say about good intentions. Yeah.

If I do manage to get around to this, I'll certainly post my findings here. I encourage others to do likewise in the comments section of this article.

MORE:

http://arstechnica.com/apple/reviews/2011/07/mac-os-x-10-7.ars/13

http://en.wikipedia.org/wiki/Whole_Disk_Encryption

Mountain Lion Sneak Peek

I'm always excited to hear about new OS releases for the Mac. But that excitement is increasingly mixed with trepidation, and the Mountian Lion sneak peek is no exception.

 

Concerns

Count me among the "Pro" users who fear that the Mac and its OS are quite possibly headed towards an iOS-ification that would relegate lots of the professional functionality we've come to rely on to the dung heap. That's what happened with Final Cut Pro X, it seems to be where the Mac Pro is headed, and I, along with some of my colleagues, worry that that's where Mac OS X (now called, simply — and some might say, ominously — OS X) is headed. Take one look at the latest AirPort Utility — the most blatant example I've seen where Apple has actually removed key features from an app to make it simpler and more iOS-like — and you'll see what I'm talking about. Maybe you'll even start to get worried yourself.

Lion has had its fair share of clues that Apple is headed towards simplification in the OS and is becoming increasingly unconcerned with professional users. Some of the new features are great, or at least could be some day. I think the versioning system, while still problematic, could someday be transformative if a good deal of thought and effort are put into improving the UX. But little things, like the hiding of the user's Library folder, hint at more totalitarian possibilities, ones which lock the user out of the OS to an unprecedented degree. The suggestion that Apple might someday get rid of filesystem access in the desktop OS sends shivers up my spine, but I do consider it a very real possibility. Personally, I don't think this will happen any day soon. But some of my colleagues are less optimistic.

So it is against this backdrop of thought that I consider Mountain Lion.

The Worrisome

As with Lion, we see in Mountain Lion the iOS trend continue. This, in and of itself, might be cause for concern. iOS presents the OS in a simpler, more restrictive way, and more iOS on the desktop could be a sign of greater restrictiveness.

It's certainly worth noting that Software Update will be gone in Mountain Lion, replaced wholly by the Mac App Store. I suspect that this means it will be even harder to save archives of application and OS updates, if we'll even have the ability at all. And if you read this blog with any regularity you have a pretty good sense of how I feel about the Mac App Store in general (hint: it's not good). I suppose if you like iTunes, you'll be tickled pink that App Store will soon be handling core OS functions. But then, if you like iTunes, there is something seriously wrong with your brain.

I'm also a bit perturbed by the fact that X11 — the engine that powers numerous open source software projects, including GIMP and many of the OpenOffice ports — will no longer be included as part of the default install of the OS. It is still being developed and supported and will still be available, for now, from Apple, but as a separate download under the guise of XQuartz. Not a huge problem, per se, but, it could be argued, a sign of things to come.

Finally, it might also be of some concern that this year, for the first time ever, Apple decided not to announce this update with a big event. This year, instead, Apple chose to make the announcement quietly, to a select group of press members. It's almost eerie, the lack of fanfare.

The Promising

For the most part, however, Mountain Lion seems to be less about restrictions as it is about bringing iOS features to the Mac. Less about limitations and more about integration. And that's at least somewhat reassuring.

So mainly what we're seeing in Mountain Lion is the addition of numerous applications and interface trends brought over from iOS to OS X. Messages, Notes, Notification Center, Share Sheets, Game Center and AirPlay Mirroring are all applications or features that are being brought to the Mac desktop from iOS. As a Mac user, this is the kind of cross-pollination I want to see. A cool feature developed for iOS making it into OS X just makes good sense. The fact that Apple is doing this is yet another sign that perhaps they haven't completely given up on the desktop market.

I also think it's very promising that Apple has decided to begin refocusing efforts on the desktop with a commitment to yearly OS X updates. Sure, if the direction they take is bad, this could be a huge negative, I suppose, but at least they aren't letting the desktop languish; they see potential in the desktop market, and are developing for it. I take this as a positive sign.

Also, Gatekeeper, Apple's approach to application security, hits, I think, the right note. Its default mode, which requires all apps to be digitally signed, is perfect for mainstream users. But Apple has given pro users ultimate control and freedom by giving them the option to bypass Gate Keeper. To me, that's just the right balance between security and freedom. In fact, if Apple ever does choose the route of a hidden filesystem, I hope they do something like this, allowing pro users to see and access it easily, with a simple preference.

Final Thoughts

From what I've seen so far, Mountain Lion looks promising. I'm seeing less of the iOS restrictions hitting the desktop OS than I'd anticipated, and instead what looks to be happening is that a lot of iOS-only features are now getting integrated into OS X. I take this trend as a generally positive sign. So I remain hopeful.

If Apple follows a policy of integration and eschews the limitations of iOS on the desktop, I'll remain a happy Apple customer. I hope that's what they do.