Stuck in the past? Your time may get warped, too

Stuck in the past? Your time may get warped, too

If the recent kerfluffle among autopkg folks (over GitHub shutting off TLS less-than 1.2) is any indication, a lot of people are still on 10.12.6. If I may editorialize for a second, this is probably contributed to by Apple’s less-than-ideal planning, execution, and communication around the High Sierra release. What […]

Read more

UEFI, 10.13/APFS, and You(r Imaging)

UEFI, 10.13/APFS, and You(r Imaging)

Let’s discuss the basic input/output system for IBM PC compatible computing devices, aka BIOS. Wait, that’s not a good start, P.eople C.an’t reM.ember C.omputer and I.nternet A.cronyms. Ok, EFI – that’s a thing that’s like BIOS, right? You can lock it, it makes sure all your most vital hardware components […]

Read more

Hook The Lintings

Friends don’t let friends commit puppet code with obvious errors. Especially when you’re working with a team, having a consistent style enforced by something like puppet-lint means less messy diffs as you send changes to each other to review. And if you’re leveraging stuff like r10k, you definitely don’t want […]

Read more

Hipster Software Management

Hipster Software Management

Socially, Slack and Twitter are the two poles I gravitate between: Slack for when I’m hoping to be a burden on or distracted by our always-up-to-something community, and Twitter when I’m more in the mood to consume the echo chamber than reverberate sound out in to it. And then there’s […]

Read more

Arbitrary Code via Puppet instead of Jamf (Pro)

Arbitrary Code via Puppet instead of Jamf (Pro)

If you are familiar with Jamf Pro’s (formerly the JSS/Casper Suite’s) model of smart groups and extension attributes (or EA’s), they provide a way to run code that can (among other things) inventory the state of a computer. Every recon run, they run the provided scripts configured server-side, and through […]

Read more

Proactive Mac Security: Santa 🎅

Proactive Mac Security: Santa 🎅

For the next stop in our journey, we’ll review that jolly ol’ soul, Santa. It’s a system for either monitoring what apps are launched and blacklisting the ones you decide are bad, or locking down a macOS computer to only run the ones you’ve whitelisted. Despite what The Register seems […]

Read more

Stop All The Downloadin’

Stop All The Downloadin’

Just a quick one, to remind you that there are ways you can have a dialog with users about tightening security controls. We’re beating the drum about Flash dying a death, and haven’t included it in our image since the Great Analytics Fiasco of 20.0.0.235. I’m not the most tolerant […]

Read more

Proactive Mac Security: osquery

Proactive Mac Security: osquery

There are two reputations(at least) that your faithful writer is hoping to shake: #1, I do not work for Google. #2, I am not the ‘osquery guy’. I don’t even know any C++! (I’m going to make time for this eventually, though.) However, for three events over the course of […]

Read more

Proactive Mac Security, Introduction

Proactive Mac Security, Introduction

Let’s say your company is a place where no one works day-to-day logged in as an admin on their Mac. Everybody in this environment is also a computer expert, and therefore aren’t as prone to tomfoolery such as letting family members use their login to play Chrome games, and of […]

Read more

Ep. 4 – MacAdmin Easter Egg

Just in time for WWDC, another special guest on the Frogor 45 – Tim Sutton, of Mac Operations fame, here to discuss things non-Adobe… like mcxToProfile. Mastering by AD⚡️CB logo designer Pepijn Bruienne Other things mentioned: Bluetooth fingerprint unlock apps that shall remain nameless Ollllld topics like ManifestDestiny The first […]

Read more