This week’s Techno Bits focuses on my Summer Engineering Project: using Raspberry Pis for fun and profit! It was a lot of fun to do some hardware stuff for once, and I’ve ordered some extra kit goodies to try and do some other fun stuff with the Raspberry Pi with cameras and sensors and stuff. I also explain how to buid a RetroPie machine for retro gaming.
Last night, I presented at MacDMV on the importance of Testing iOS 10 and Sierra in your environment. The slides and presenters notes are available as a PDF Download. You can also watch the presentation below via Facebook video. The presentation begins about 3:30.
Testing Sierra and iOS 10 is incredibly important, because you need to be ready on Day 1 in case your users update ahead of your wishes. You need to know whether you can make your existing systems work, or if you’re going to have to expend the political capital to roll them back. Do you have a testing setup? Do you have a testing plan? Do you know how to submit good feedback to Apple? This presentation will help.
I’ve also built a Sample Testing Checklist for your environment, available as a PDF below, and also as an editable OmniOutliner file so you can make your own editable list.
What’s the sane way to make sure that you’re not aggressively stupid with Munki changes? How do you maintain an orchestra of munki servers without relying upon a source control scheme?
This Week’s Newsletter has a doozy:
Conferences also show you exactly how much work you have left to do. And that’s okay, work isn’t a bad thing. It just sometimes puts that workload in stark relief and that can feel a little bad sometimes. Technical Debt is difficult to overcome because it requires a change in understanding – and often times training – but it serves to make your organization stronger.
Below are the slides for my 2016 Talk at MacDevOps on Securing Munki. The talk was a good way to revisit what I’ve done with Munki in a Box and discuss some of the maybe not-so-great choices that were made along the way to get to where we are now with the security branch.
The talk focuses on the nature of the munki transaction, and where your deployment system can be vulnerable to attacks from casual interference, dedicated individuals with a grudge or a motive, or larger actors. There is also some advice about how to mitigate the problems that are presented by the architecture.
I’m not a fulltime security anything, but I’ve learned a lot in the last year by doing things that maybe aren’t advisable any longer. So, to anyone who used MIAB before 1.5.0 beta 2, there’s some work you should do to secure your repository if you meet certain use cases, and I strongly recommend that you adopt SSL encapsulation of the munki transaction, and the use of HTTP Basic Auth to secure your repository against prying eyes.
I’ll be making some changes to MIAB over the summer to automate the creation of a CA and enrollment of device certificates using the micromdm scep library and a web server that actually isn’t part of Server.app (likely to be the Go-based Caddy server as described by Viktor in a great blog post)
We got the chance recently to sit down with Arek Dreyer, author of so, so many books, in time for the release of his new 3rd Edition of Managing Apple Devices. We talked about WWDC, writing books like Managing Apple Devices, as well as nearly getting arrested in a Chicago Server Room, and the first apps we bought. Co-hosts Charles Edge and Emily Kausalik were awesome, as was our mixing engineer Aaron Lippincott, who made us sound amazing.
I suppose we could’ve made that “tails” and had a good laugh about how cute the puppy was. Episode 5 saw us talking with Andrew Seago of MacBrained, as well as Miles Leacy of Walmart. We had some audio drama, but we learned a lot in the process. Listen in for discussions of WWDC’s rumor mill, single sign-on as it stands today and in the future, and a whole segment on the importance of communities like the awesome MacBrained.