macOS Security

Looking for some ideas on how to secure your macOS installation, head over to drduh’s collection of tips and hints on Github.

Comments off


I am not a fan of meetings. Anyone that has worked for me knows that I try to avoid meetings at all costs. Now, I am not talking about individual meetings with a single employee or even a quick touch point with 1 or 2 people. I am referring to the larger meetings that usually involve more than 5 people, a vague topic and an agenda that looks like a project plan for putting a man on Mars.

Here are some notes that I try to follow when planning a meeting:

Invite the Right Individuals

There is nothing more frustrating to me than attending a meeting where an agenda item is being discussed and the host says something like “I guess I should have invited Bob to this meeting to discuss this.” Yes, you are right host, you should have invited Bob and more than likely should have left other people off the invite as they do not need to be here.

Go through your agenda and figure out who can speak to the item and make sure to invite those individuals. If they can not attend, scratch the agenda item, or if it needs to be discussed then work with those individuals to schedule the meeting when they can be there. You are wasting everyone’s time when you have the wrong individuals.


The agenda for a meeting should be a quick list of bullet points with a topic and maybe a brief 1 or 2 sentence describing it, if the topic title is vague. The agenda should not be a multi-page dissertation on the meaning of life. Also, make sure that the number of items on the agenda can be dealt with in the timeframe allocated for the meeting. If not, then break up the topic items and if needed schedule multiple meetings.


We all know what happens at meetings. We have an agenda and then 15 minutes into the meeting the agenda is thrown out the window and the meeting turns into a free for all. As the meeting host, it is your job to stop those diversions. Nicely point out to the person that they are wasting everyone’s time (probably want to use different words than that), write down their item and put it on a list of follow-up for after the meeting.

Length of Meetings

NO meeting other than a briefing or training session, should be over an hour and most meetings can be concluded in 30 minutes. When I am done with the agenda items, I end the meeting and give time back. There is no need hanging out in a meeting after the agenda has been discussed. If someone has something they need to talk about that is not related to the current topics, that should be dealt with offline in another meeting or with the individuals.


I have found that I am not able to facilitate a meeting as a host and effectively take notes. Usually, if I think there will be a need for minutes/notes, I ask to have someone else scribe the notes from the meeting and then send those out to all the invitees afterwards. If I try to do it, something gets missed, or there are too many times I have to apologize for writing instead of doing my job to keeping the meeting moving along.


Nothing I mention above is earth shattering, more about items I try to follow on a daily basis to have meaningful meetings that are not wasting mine or others time. My job as the facilitator of the meeting is to make sure the agenda is discussed, actions are developed and we get in and out of there in a timely manner. In most companies, ours and our employees jobs are not to attend meetings, but rather to get work done, this is why I have as few meetings as possible.

Comments off

Configuring SSH Key Authentication

This is a quick a dirty guide to creating key authentication for goofy between system earth and pluto. Of course, replace goofy, earth and pluto for what matches your network.

I am assuming that these are OS X or Linux/Unix based systems. Windows systems will need to download a tool like Putty, as ssh does not come as part of the OS by default.

These instructions were tested with the following systems:
earth (OS X El Capitan)
pluto (Ubuntu 12.04)

From a terminal, ssh into both earth and pluto either as goofy or with a user that can switch (ie. su) to goofy.

Create the id_rsa and keys

For this exercise, I am going to use RSA keys with no passphrase. If you want to use a different encryption protocol, I encourage you to Google ssh-keygan or utilize the man pages.

As goofy on earth and pluto, run the ssh-keygen command. This will create the .ssh directory if needed and create the public ( and private (id_rsa) RSA keys.

NOTE: You never want to give out the private key as this will compromise your system. It is the key used to decrypt the public key and ensure that its a valid public key for user.

Example (goofy on earth):

earth:~ goofy$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/goofy/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /Users/goofy/.ssh/id_rsa.
Your public key has been saved in /Users/goofy/.ssh/
The key fingerprint is:
SHA256:bRDbQEI+dCHEnT2GnXQgWSAg3+VyMvYeKuhSJ91HN44  goofy@earth.local
The key's randomart image is:
+---[RSA 2048]----+
|  . .=BoX@+o.    |
|   o +.B=**.     |
|    . O =...     |
|     . B.oo      |
|   . . .S+o.     |
|  o.o .oEo.      |
| ..o. ...        |
|..   .           |
| ..              |

Perform the same action on pluto. To verify that the key files have been created you can look in the .ssh directory under your home directory for id_rsa and

earth:~ goofy$ ls .ssh

You now have the public and private RSA keys necessary for key authentication.

Adding Public Key to Remote System

We are now going to setup the ability to log in from earth to pluto as the userid goofy only using the keys as authentication.

On pluto, go to the .ssh directory and open/create the file authorized_keys. This can be done with any editor of choice.

pluto:~ goofy$ cd .ssh
pluto:.ssh goofy$ nano authorized_keys

In that file, add the contents of the file from earth, save the file and then change the permissions to r– which can be performed with the following command.

chmod 600 authorized_keys

Perform the same steps on earth to allow key authentication from pluto to earth.

You now have said that goofy can authenticate via public/private RSA keys between earth and pluto. This can be tested by using the ssh command on either earth or pluto as goofy to connect to the other system.

Comments off

Apple Watch Musings

Apple Watch

About two months ago, I finally broke down and bought myself an Apple Watch. Okay, my wife finally got sick and tired of me talking about it and told me to just purchase one.

I bought the 38mm Space Gray Aluminum Case with Black Sport Band, starting at the lowest price point in case it was something in 6 months to a year I no longer wanted to use. After using it for the last two months, I have not found myself wanting to be a day without it. In fact the only times I do not wear it is when I am sleeping, bathing or when I was coaching volleyball.

So, what do I like about the Apple Watch?

In the few months that I have been wearing the watch, I found that there are three main features/functions that make me coming back to the watch day after day.

  1. Time Piece
  2. Notifications
  3. Health and Fitness

Time Piece

First and foremost, this is a watch. Yep, I just put the Apple Watch in the same category as an expensive Rolex and those cheap plastic watches you see at your discount retailers. This is not a knock on the Apple Watch, it just shows that telling time on your wrist is still a valuable function.

I had not worn a wrist watch in about 20 years, having relied on technology other than a watch for telling the time. What I did not realize was how much more convenient it was to have that time telling ability on your wrist. Now, I would not have bought the Apple Watch just for telling time, but this feature (as simple as it is) along with the other two features have made the Apple Watch a go to device for me.


This was an area that took me a while to appreciate and lot of that was due to the fact that I had to change my behavior around knowing information and the presentation of that information. I had grown accustomed to either a vibration, sound or both coming from my phone to alert me that something needed or wanted my attention. I never realized, but there is a whole production to pulling the phone out, looking at the screen and then usually unlocking the phone to get more information about the notification.

The Watch changed this. Now the notification came as a vibration on the wrist, a quick glance and if warranted a pulling out of the phone. Initially there was almost a 1 to 1 relationship between the notification and pulling out the phone to check on it and get more information. However, as the time has gone on, I find that I pull the phone out a lot less. I can glean from the notification on the screen the importance and make a decision whether it needs action now, later or never.

This has also forced me to go through my notifications and make an intelligent decision around whether I need to know about it or not. I get notifications now from the following items, each heavily customized.

  • Mail Notifications from Outlook’s Focused Inbox
  • Mail Notifications from Good (work email) for favorites (my staff and management)
  • Calendar Notifications from Calendar and Good
  • Phone Calls and Voice Mail
  • Fitbit (more on this later)
  • Sports (I have to know when my favorite teams have won)
  • Text Messages

This may seem like a lot of notifications, but because I have taken the time to tweak each application, it is sometimes no notifications an hour and at other times (like something is broke at work) multiple notifications.

However, there is no time spent taking the phone out, reading the screen and unlocking the phone. I see the message and make a decision right there about its disposition and since the phone is a process now that is foreign, it usually means dismissing or deleting the notification unless I find it to be critical.

Health and Fitness

This was an area of functionality on the Apple Watch that was one of the original reasons I even considered wearing one. I have been a Fitbit Zip user (and still am) for about the last two years. Tracking my steps was always a game for me, but I wanted something more. I wanted more data, I wanted to know more about my habits.

This is where the Apple Watch has pushed me to be more active. With the Fitbit, it was a simple metric of steps. Did I get my goal of 11K steps today. Nothing really more to it. I know I could have gotten fitness bands that did more, but I wanted something different if I was going to change.

The Apple Watch is this difference. It is now a game to see if I can earn the achievements, track exercises (walks/runs), monitor my heart rate and overall see this data holistically. I am now more concerned with the quality of my walks (increased heart rate), than about the length (steps). This over time will lead to me keeping more fit and helping me understand my body better.

As I mentioned above, I still have the Fitbit and wear it each day. This may seem insane to most and even I have questioned the validity of doing this. I have a simple reason and something not quite fixed by the Watch and maybe something that never is. I use the Fitbit for the awesome and simple social interactions that it allows me. There are 10 of us in a group and the goal is to see who can out step each other each week. It is a simple game, but it keeps all of us engaged in exercising and we want to one up each other. This is lacking on the Watch and since the Watch is a starting price point of $349 and the Fitbit is $60, this will always be a challenge. It is easy to justify $60 to track steps and compete against friends.


Overall, I am surprised at my adoption of the Apple Watch. I keep waiting for myself to get sick of wearing the Watch, but each day I wake up and look forward to putting it on my wrist and going out into the world. It has made me less neurotic about my phone as I rely on the notifications and time on my wrist instead of reaching for the phone, which usually leads to a distraction to some application or email other than what originally the intention was for.

So, here I am, a happy Apple Watch wearing fool.

Comments off