Testing iOS 10 & Sierra in Your Environment

Testing Sierra & iOS 10 Slide

Last night, I presented at MacDMV on the importance of Testing iOS 10 and Sierra in your environment. The slides and presenters notes are available as a PDF Download. You can also watch the presentation below via Facebook video. The presentation begins about 3:30.


Testing Sierra and iOS 10 is incredibly important, because you need to be ready on Day 1 in case your users update ahead of your wishes. You need to know whether you can make your existing systems work, or if you’re going to have to expend the political capital to roll them back. Do you have a testing setup? Do you have a testing plan? Do you know how to submit good feedback to Apple? This presentation will help.

I’ve also built a Sample Testing Checklist for your environment, available as a PDF below, and also as an editable OmniOutliner file so you can make your own editable list.

Helpful Links:

Maslow’s Wi-Fi
Mike Boylan’s 2014 Presentation: Getting Your Issue on Apple’s Radar
Sample Testing Checklist PDF
Testing Checklist OO3 File


Techno Bits vol. 74: Technical Debt

This Week’s Newsletter has a doozy:

Conferences also show you exactly how much work you have left to do. And that’s okay, work isn’t a bad thing. It just sometimes puts that workload in stark relief and that can feel a little bad sometimes. Technical Debt is difficult to overcome because it requires a change in understanding – and often times training – but it serves to make your organization stronger.

Read on, or better yet, subscribe!

MacDevOps YVR 2016: Securing Munki

Securing Munki

Below are the slides for my 2016 Talk at MacDevOps on Securing Munki. The talk was a good way to revisit what I’ve done with Munki in a Box and discuss some of the maybe not-so-great choices that were made along the way to get to where we are now with the security branch.

The talk focuses on the nature of the munki transaction, and where your deployment system can be vulnerable to attacks from casual interference, dedicated individuals with a grudge or a motive, or larger actors. There is also some advice about how to mitigate the problems that are presented by the architecture.

I’m not a fulltime security anything, but I’ve learned a lot in the last year by doing things that maybe aren’t advisable any longer. So, to anyone who used MIAB before 1.5.0 beta 2, there’s some work you should do to secure your repository if you meet certain use cases, and I strongly recommend that you adopt SSL encapsulation of the munki transaction, and the use of HTTP Basic Auth to secure your repository against prying eyes.

I’ll be making some changes to MIAB over the summer to automate the creation of a CA and enrollment of device certificates using the micromdm scep library and a web server that actually isn’t part of Server.app (likely to be the Go-based Caddy server as described by Viktor in a great blog post)

Download my slides & notes!


MacAdmins Podcast Episode 6: Dreyer, Rhymes with Slayer

We got the chance recently to sit down with Arek Dreyer, author of so, so many books, in time for the release of his new 3rd Edition of Managing Apple Devices. We talked about WWDC, writing books like Managing Apple Devices, as well as nearly getting arrested in a Chicago Server Room, and the first apps we bought. Co-hosts Charles Edge and Emily Kausalik were awesome, as was our mixing engineer Aaron Lippincott, who made us sound amazing.


MacAdmins Podcast Episode 5: SSO & Puppies, Two Adoption Tales

I suppose we could’ve made that “tails” and had a good laugh about how cute the puppy was. Episode 5 saw us talking with Andrew Seago of MacBrained, as well as Miles Leacy of Walmart. We had some audio drama, but we learned a lot in the process. Listen in for discussions of WWDC’s rumor mill, single sign-on as it stands today and in the future, and a whole segment on the importance of communities like the awesome MacBrained.