Episode 308: An academic look at autopkg with Manuela Muñoz Bocanegra

Packaging every version of each piece of software managed can be incredibly time consuming. Without automation, it would take an inordinate amount of time to download, package, test, and deploy software at a cadence that matches how often third party vendors patch their tools. Autopkg can be one of the biggest time savers for those charged with managing Apple devices. We’ve discussed it in previous episodes but in this episode we’ll talk to Manuela Muñoz Bocanegra about her studies of autopkg at a more academic level.

Hosts:

Guests:

Links:

Click here to read the transcript

This week’s transcription is brought to you by Alectrona

James Smith:
This week’s episode of the Mac Admins Podcast is brought to you by Kandji. Kandji is the device management solution for high growth organizations that run on Apple devices. IT teams often struggle with complicated tech stacks or legacy solutions and have to create solutions from scratch when trying to get their Apple devices secure and configured. Using Kandji, a new Mac can be transformed into a ready for work computer with all the right apps and settings in place.
Devices managed with Kandji keep themselves secure and in their desired state autonomously. Apps are patched, Mac always is updated and security controls are enforced without active management from admins. Kandji has seen massive adoption from high growth companies like Allbirds, Lacework, Docker and Notion. Learn more at kandji.io/macadmins. That’s K-A-N-D-J-I.io/macadmins. Thanks to Kandji for sponsoring this episode of the Mac Admins podcast.

Tom Bridge:
Hello, and welcome to the Mac Admins Podcast. I’m your host this week, Tom Bridge. And Marcus, how are you?

Marcus Ransom:
I’m doing okay. I’m doing okay. It’s that weird time of the year where we’re just waiting for daylight savings to change back again, so it’s really dark in the morning and really dark in the evening. It’s starting to get cold and rainy again, which is nice given it was extreme fire danger over the weekend. But fortunately, nothing bad happened.

Tom Bridge:
I’ll take that.

Marcus Ransom:
How are you going?

Tom Bridge:
I’m doing all right. I was going to say it’s freezing cold here in DC today. It is March in the calendar, it is not March outside. So as a result, we had to start a fire with the Boy Scouts this afternoon. We blow scout this year, and so we’re getting all the last people caught up for rank, which is next weekend. So, as you hear this, everybody’s going to get their badge, but we just had to get the scouts trained up on fire safety and first aid this afternoon.
Thankfully, the first one did not require the second one. They were separate events. I’m incredibly grateful for that. I will say I prefer teaching kids about fire safety than I do about knife safety. I was going to say that was last year, and that was a bigger adventure. Charles, how are you?

Charles Edge:
I’m good. I don’t think we have any concern about fire because we got another few inches of snow this week, and it’s a little bit melty today, but barely above freezing, so not that melty.

Tom Bridge:
Yeah. I was talking with a friend of the podcast, Joel Rennich over the past couple of weeks and he’s like, “This is about the point which I know that we are not done with snow yet, but I’m kind of done with snow.” And yeah, that gets to be a little bit rough. So I’m hoping for warm weather for you guys in the not distant future.

Charles Edge:
Thanks. And we have a wonderful guest.

Tom Bridge:
We do.

Charles Edge:
Manuela. Did I say that right?

Manuela Muñoz Bocanegra:
Yeah, that’s correct.

Charles Edge:
Would you like to introduce yourself?

Manuela Muñoz Bocanegra:
So, the basic information? So, I’m Manuela, I’m from Colombia. I’m study in Germany. I’m doing [inaudible 00:03:27] is a technical studies schooling in informatic system integration, and I’m at the end of the studies in June or July, maybe.

Charles Edge:
Congratulations.

Manuela Muñoz Bocanegra:
Thank you.

Charles Edge:
Fantastic. And this episode is going to be about AutoPkg, but from a slightly different perspective than we’ve talked about it before. So one thing that I think anyone who’s managed a lot of devices knows, packaging every version of each piece of software that’s managed can be incredibly time consuming. And without automation it would take an inordinate amount of time to download package test and deploy software at a cadence that matches how often third party vendors update their tools or patch them. AutoPkg can be one of the biggest time savers then, for those charged with managing Apple devices. And again, we’ve discussed it in previous episodes, but this is a slightly more nuanced episode I guess, where we’re looking at it more on the academic level. So I guess before we get started, we do love doing the origin story thing. So do you mind telling us a little bit about how you came to be working with AutoPkg?

Manuela Muñoz Bocanegra:
Yeah. So actually, I was at the beginning of my [inaudible 00:04:48] from the study at six months at the beginning and then I just ended my Jamf course 200, if that tell you something. And I was really excited about this because I was not prepared to be a informatic, but I was like, “Just get in.” And then I just get in, I just get done this certificate and I was like, “Okay, I’m excited about my new role in this company.” And I was big goals, big dream, big all… Imagine all, I will be the next big Jamf admin. And then all of a sudden my company came to me and they give me a new task and I was like, “Okay, I’m excited about the new task.” And then they were like, “Okay, this is your new task. Every week, once a week you have to make a life cycle management.”
And I was like, “Okay, what is it?” And then they just explain it. And at the beginning it was like, “Okay, something new learning.” And then the first week was really being paranoid about the mistakes because like you say, it takes a lot of time and you can make a lot of mistakes because you are doing all manually. And I was really stressful because I want make all perfect. So all documentation, I was checking five times. Did I get the right link? Did I get the right application? Did I get the right… I was really paranoid. And then after one month I was like, “Oh no, this sucks. I’m not learning anything.” And I’m feeling like I’m a robot. I’m not learning anything and it just made Jamf 200. I was like, “No, this cannot be true.”
And then I was like, “Okay, be patient.” I was like, “Okay, this is my new role.” And at the end of the second month I was like, “No, this is not definitely what I imagined. I don’t want to do this anymore.” And then I decided to ask myself and I just saw this was a pattern. There was a pattern in this lifecycle management. But like I say, I didn’t knew that I wanted to be a informatic, so I didn’t knew anything at all. So I was like, “Okay, so there is a pattern. That means there can be an automation.” I was like, that’s the truth. And then I started to check in Python because I didn’t knew anything about Python and I wanted to create AutoPkg. That’s the funny history. I wanted to create AutoPkg because I didn’t knew AutoPkg existed.
And then I came to my boss and I was like, “Hey, I have an idea but I don’t have any idea how to make the idea.” So he was like, “What is your idea?” Automation from lifecycle management. It was really exciting because I was like, “I’m going to change the world.” And then he was like, “That’s already exist.” And I was like, “What do you mean?” And it was like a bomb. “You are not getting nothing innovative. It’s exist already.” And then he told me, yeah, you just have to Google AutoPkg. And then I started to Google and I was like, “Okay, somebody was quicker than me. AutoPkg is an old project.” And I was like, “It doesn’t matter, I’m going to change AutoPkg.” And then I started to get everything but it was too much information at be the beginning and I was so frustrated.
I was like, oh my God, what I get into myself? But I wanted to do it. So I was like, “No, I’m learning.” So I have to learn GitHub. I didn’t knew what was GitHub. I didn’t knew what was Git. I didn’t knew anything at all. But I told myself I don’t care, I’m getting into it. So I decided to check the recipes from AutoPkg recipes, the original recipes. And it was a little confusing and I was like, “I’m just doing.” Because I took two months just researching what is AutoPkg. It was a lot of time and I was not getting to get my goal done. So I was like “No, I have to just do it.” So I started just to read the recipes that was already done, and create my recipes just looking again, to the pattern. And that’s how it all started.

Charles Edge:
And I guess since it took a couple months to get to the bottom of I guess what it is and how it works, do you mind for anyone who maybe doesn’t know yet, which I’m doubtful there’s that many. But do you mind going through what AutoPkg is, at least from your perspective because it might be now that I think about it, different for different people.

Manuela Muñoz Bocanegra:
Yeah, so I think my perspective is the simple perspective because I’m not too technique. So AutoPkg is just a tool that simplify the process of lifecycle management. I think the best word to describe AutoPkg is simplify and time management. One of them is the perfect combination for AutoPkg. This tool helps you to download a package from the website, check the package. I just decided to recognize… AutoPkg recognize which type of data you download from the website and then this package…
So with this the download receipt and then the package recipe create a package. That’s the wonderful part about AutoPkg, because it doesn’t matter which data type you just get from the website, they created the package and this package, you can… In my case I uploaded to Jamf server, and there is also a Jamf recipe and… It used to be JSSImporter. Just funny history, I started with JSSImporter and now I’m back to JamfUploader. So yeah, AutoPkg is just download package to the package and upload whatever you need to upload. And it’s like it’s the right path to get things in the right way done, and also with not so many mistakes. You are not not typing all manually and you’re just doing all automatic. I hope that I explain those the right way.

Charles Edge:
Yeah, that nails it. Thanks.

Manuela Muñoz Bocanegra:
Okay.

Marcus Ransom:
And also hearing how you arrived at discovering AutoPkg. For me, I was just getting flashbacks to exactly how I discovered using Jamf and using things like AutoPkg. That whole idea of “Oh, I’ve got this wonderful idea” only to find out that no, I’m not the first person to have that wonderful idea, in fact other people have arrived at it. Which shows that there’s a real need for these tools.

Manuela Muñoz Bocanegra:
Yeah. It was not easy at the beginning, it was a lot of information. It still be a lot of information and AutoPkg in my opinion, it doesn’t have an end. And that’s the beautiful about the project, because it creates itself every time. You have to be up to date every day, check in what is the new changes, what is happening, what is the mistake? Just communicate with the community. That’s what I love about AutoPkg, we are like a community. We are just helping each other and that’s what I love.

James Smith:
This week’s episode of the Mac Admins podcast is also brought to you by Kolide. Our sponsor, Kolide has some big news. If you are an OKta user, they can get your entire fleet to 100% compliance. How? If a device isn’t compliant, the user can’t log into your cloud apps until they’ve fixed the problem. It’s that simple. Kolide patches one of the major holes in zero trust architecture, device compliance. Without Kolide, IT struggles to solve basic problems like keeping everyone’s OS and browser up to date. Unsecured devices are logging into your company’s apps because there’s nothing to stop them.
Kolide is the only device trust solution that enforces compliance as part of authentication and it’s built to work seamlessly with Okta. The moment Kolide’s agent detects a problem, it alerts the user and gives them instructions to fix it. If they don’t fix the problem within a set time, they’re blocked. Kolide’s method means fewer support tickets, less frustration, and most importantly 100% fleet compliance. Visit kollide.com/macadminspodcast to learn more or book a demo. That’s K-O-L-I D-E.com/macadminspodcast thanks to Kolide, for sponsoring this episode of the Mac Admins Podcast.

Marcus Ransom:
So you’ve been working with AutoPkg now long enough that you decided to make it a thesis for your studies, which is something we found really fascinating. So how does that work?

Manuela Muñoz Bocanegra:
So my thesis for my studies is at the end of this this summer, June. So I’m presenting AutoPkg like my project. But in another way because I’m not sure if it already exist, but I don’t want to use AutoPkgr, I just want to do all these thing with a script. So my idea is to run AutoPkg with a script and then upload it all in… We have 11 system for server, so I want to be able… I don’t know if that’s possible, I think it’s possible. I just want that AutoPkg is run automatically and then check the recipe list for every server and then upload the right content for every server. I think it’s possible, but I’m not at the end of my thesis, so that’s the innovative idea that I have. How to do this just without AutoPkgr and to be more trustworth be for my company.

Marcus Ransom:
And so it’s not just having to learn and innovate yourself, it’s also then having to document this and explain it to other people for the purposes of your thesis. So has that made it harder to do this learning, because in your mind you’re always thinking, “All right, it’s not just enough for me to understand it, but I need to be able to convince whoever’s judging my thesis that what I’ve done is valuable and interesting?”

Manuela Muñoz Bocanegra:
So two weeks ago I was having a hard time because I just make the petition from my thesis. I don’t know what is the name in English. You say this is my topic, you explain a little bit about your topic and then they have to say, “Yeah, I like your topic.” Or “This is the right path.” So I was just-

Tom Bridge:
We usually call that a proposal. And so I was going to say when I did my masters, I had to do a proposal, to sit for the exams and explain what I was going to work on for history of the internet. And so that process of filing the proposal is a big part of the academic process.

Manuela Muñoz Bocanegra:
It’s the most awful, because-

Tom Bridge:
Oh, yes.

Manuela Muñoz Bocanegra:
I started AutoPkg at the beginning of my studies in 2021 and I’m in 2023 now, and I have to get back and to explain people and to get the documentation that I didn’t get at the time because I was just doing, I was just getting things done. And now I was having a really bad time these three weeks, because I was like, okay, how can explain some mortals what is AutoPkg? They don’t have any idea what is AutoPkg. How can I explain them in the more simple way? And I was having really bad time because you don’t have too much time to explain to people. I would just have 50 minutes, and I don’t know if 50 minutes is the right minutes from AutoPkg. So I’m really excited about this thesis presentation because I just get the proposal and they did…
So in April I get answer back if that’s the right project, and then I will get all the documentation done. And I just made something amazing actually. I sat myself four days, eight hours every day and I create a brainstorming mind map from receipts, how you can create receipts, and I just check every receipt in every pattern, and I create this brainstorm and I was so exhausted at the end because it’s difficult. It’s difficult how you can get a pattern done. And I was like, “Oh my god, what I just thought?” It’s like I still don’t know how to explain AutoPkg in 50 minutes, plus my script that I don’t have. And I just cut from my project 14 hours. 14? 14. Four zero?

Tom Bridge:
Yep, 40.

Manuela Muñoz Bocanegra:
That’s nothing. That’s nothing. That’s nothing. So of course, I’m lying about the time because now in AutoPkg 200 hours maybe. So yeah, I don’t know. I’m really excited and I hope that the things will get a bright path.

Marcus Ransom:
You’ve just done something amazing because Tom and I were just talking before, about putting together conference presentations for X World, which is, I’m going to say this again to myself next week. And now putting together a conference presentation doesn’t seem so bad compared to that.

Tom Bridge:
Yeah.

Marcus Ransom:
So I think if you can do this, clearly Penn State, Maxis admin, Janek, all of these conferences, go for it because a room full of Mac admins is nothing compared to a room full of academics.

Charles Edge:
You know what’s easy?

Manuela Muñoz Bocanegra:
Is the first step.

Charles Edge:
Yeah. I think a room full of Mac admins is somewhat easy because while there’s a continuum and a range of where people are in their skillset, they’re all Mac admins. A room full of academics on the other hand, if I say, “Oh well, it’s like a package manager. Insert any of the package managers for Linux here.” I can only imagine how many people’s eyes would glaze over because maybe they don’t go there, maybe they don’t know anything about that, they’re SaaS or some kind of other language where that’s not a thing. Even in a CS department, I’m making that assumption. But yeah, the more you can narrow down the audience, the easier it is to deliver a body of work that resonates with that audience. But I can’t imagine in a larger masters type of scenario… The history of the internet, Tom, was brazen and Where Wizards Stay Up Late and some of the books that are around, they weren’t then I don’t think. I don’t know exactly, but-

Tom Bridge:
Yeah, Where the Wizards Stay Up Late was out, Revolution in the Valley was out. And so some of the more first person pieces were there, but I was going to say it was still very much… Twitter was still new. It was the early days of… It was the post web 2.0 pre-social media focus period of time. So yeah, there was a lot less material then, and so it was a lot more first person oriented, a lot more interview based. But really they’re there to talk a little bit about what’s the value of technological advocacy? There we go. That’s the word I’m looking for. I swear I can think in English, I do it all the time. But when you get into doing that academic thing, you’ve kind of got to build a good framework to look around and explain your topic in. And so for me that was the social construction of technology. What kind of framework are you bringing to AutoPkg when you talk about it in an academic perspective?

Manuela Muñoz Bocanegra:
What do you mean with framework? What is the work around?

Tom Bridge:
Sometimes it’s about the context. And so when you think about context of managing packages, where do you start?

Manuela Muñoz Bocanegra:
So I got a metaphor, I think that’s the name.

Tom Bridge:
There you go.

Manuela Muñoz Bocanegra:
I got a metaphor, and I think with the metaphor my dad understood me. So I was like “Okay, so I got my thesis.”

Tom Bridge:
Love it.

Manuela Muñoz Bocanegra:
My metaphor is going to… My first word in the presentation will be, “Imagine AutoPkg a recipe cooking.” So I will be going there because I see AutoPkg like a recipe cooking. You just need the right ingredients. And for every meal you need different ingredients, but you always need onion, tomato, and I don’t know, a sauce. You need three ingredients that’s basics. So I will be explaining AutoPkg like recipe cooking. I was finding new meals and different meals. I was just trying here, a little more onion, a little more tomato. And the fun history is I thought I did already all my job AutoPkg, because I was… JSSImporter, it was since one year I was really… I relaxed about my project and then in February I just log in, in my project and then all of the sudden API is not anymore the same in [inaudible 00:24:02] and I was like, “Oh my god, no they did not do that.”
Because my boss told me, “No you can wait. They are just taking their time.” And I thought they were taking the time, and it just changed everything in one year. And I was like, “No, I don’t have a project anymore.” So I was really afraid. I was like, “Okay, so I have the eggs, but I have to make now scrambled eggs.” And I was afraid about the scrambled eggs. I was afraid about the scrambled eggs. I talked to my dad at the telephone, I was like, “I have to learn how to do scrambled eggs. I just have these eggs, but I don’t know how to do scrambled eggs.” And I was really afraid. But then I got into JamfUploader and I was like, “Oh my God, scrambled eggs are easy.” It’s really easy. So I’m really happy about it because I see AutoPkg is just knowing in the pattern. You have to have a big eyes and be open-minded, and just looking for patterns and looking for little things. Just like a puzzle, you just have to put the right puzzle into it. You know what I mean?

Charles Edge:
Yeah. And I can imagine that Graham Pugh, if he actually listens to this episode, will just be giggling about the fact that he gave you an automated scrambled egg maker without that tool. So good on him and you, for finding it. I think the word pattern has been used many times. And I think Pattern Recognition, in addition to being a wonderful book by William Gibson is-

Tom Bridge:
A really good book.

Charles Edge:
Yeah, right? So [inaudible 00:25:57] with absolutely zero logos on anything I own anymore.

Tom Bridge:
Okay, Casey.

Charles Edge:
But I think one of the really interesting things is how we engage and learn about technology. Kind of going back to Tom’s thesis, in a way. And the journey people take to get to know more about tools like AutoPkg and how they work is really interesting. So would you mind taking us through… You mentioned how you kind of heard about AutoPkg, but let’s say a tool like FileZilla, can go out and download other files, that’s not what we’re after, we’re after more. And I guess how do you go about finding each of those recipes so that you can make scrambled eggs, devon or whatever it is, and getting an automated package out of that? Where does that process of trust maybe, is what I’m thinking about start around, “Oh I can go grab this recipe and I can make this object.” Yeah, do you mind taking us through a little bit about that?

Manuela Muñoz Bocanegra:
Yeah. Actually I don’t trust anybody. So I saw all recipes but I was like, “How can I trust?” Because I didn’t knew about what is a community with open sources. I was not getting into that philosophy. So I just got at the beginning, some of the recipes and then I just saw, but I don’t get anything. It was like, “Okay, that’s a new language for me.” But then I just download Google Chrome, example. I just download Visual Studio Code, I just download Zoom. Different programs and different data type, and then I got the recipe from all the community. And I was like, “Okay, when it’s a [inaudible 00:27:57] you are getting this recipe done. When it’s a sip, you’re getting this recipe done. When it is a package, you are getting this recipe done”. But when you had a sip with a… No, when you have a package that has something inside, I just get all the pattern, I compare every receipt.
But at the beginning my of my studies, my… How do you name? [inaudible 00:28:28]. My monitor was looking like four recipe at the time, all different recipes and I was getting all the patterns, getting all the little things, open eyes and getting this and this and then just testing and getting mistakes and then test again, and then again. It was exhausted. But like I said, I just get the pattern from ever the [inaudible 00:28:57] and I recognized the pattern. I think the most important thing about AutoPkg is really get pattern. You don’t need to be the most intelligent person, you just need to be like a fox, be smart about it. Use what you have, read what you have and get the pattern done. So yeah, that was my idea or my path, how I get things done.

Marcus Ransom:
And is that the same approach you’ve had? You mentioned trying to understand GitHub and Git. That’s something I still struggle with daily. So what was the approach trying to wrap your head around tools like that, that it’s not just understanding AutoPkg, it’s understanding all of the other tools that are used to build and maintain it?

Manuela Muñoz Bocanegra:
Yeah, I don’t know. I was just getting… I read a lot, way too much and I was just testing and testing and I made… At one point I was making a lot of mistakes and then my computer was having trouble. And then my boss was like, “No, you’re not doing this anymore in your computer. You’re getting a virtual machine, or you’re getting a test computer. Please stop testing in your computer.”

Marcus Ransom:
They still try to get-

Charles Edge:
The number of times-

Marcus Ransom:
… me stop, and I won’t.

Charles Edge:
Yeah, I was going to say the number of times that I have broken my production machine is substantial.

Manuela Muñoz Bocanegra:
No, so I was just testing a common line. I was just testing Git. I was just testing, testing and I still don’t have anything in my mind. I still get mistakes. I still don’t understand Git. I think I got the basis, and that’s the important thing now. And now that I got the basis, but sometimes I got also things that as far away from my… How do you say? My experience. I’m learning now about how to get the right basis because I have too many puzzle, but I don’t know how to get all connected.
So that’s my new challenge also, from this year. I know how to do the things, but I don’t know why they work that way. So I’m learning the why and the how and I’m more just doing. Also learning why is this happening? So I made a GitHub and Gitk note from my company and I have to explain GitHub and Git in my company. It was not easy at all. Nobody understand, and I was like, “Oh my God, I’m so bad explaining something difficult to people.” And I was at the end, “You know what, I learned this alone. You got this. You got this.” GitHub is not difficult. You just have to try and not give up. So yeah.

Charles Edge:
It does sometimes feel like there’s a lot of brute force involved with the way I use it, especially if you’re using it inside Xcode or something where you’re like, “Wait, what is this doing?” And then you have to bus back to the shell. Yeah, one of the things I think is interesting about a tool like AutoPkg is there’s a whole lot of underlying technologies. I don’t really need to know how to curl down an object onto my own file system. I don’t really need to know how to run package build to actually build a package. I don’t need to know how to do an MD5 Checksum or whatever kind of checksum it’s doing at this point, to verify that the thing that I curled down is actually the right thing.
So it kind of obfuscates a lot of underlying technology into an XML or a JSON file that’s really easy to follow and would actually be easy to put into a database I guess, now that I think about it. But you mentioned JamfUploader. So do you have that running… And that would be yet another piece that gets automated. Do you have that running automatically or do you have that running manually?

Manuela Muñoz Bocanegra:
No, I don’t have anything. I mean-

Charles Edge:
Oh, okay.

Manuela Muñoz Bocanegra:
No, I mean the searching time without JamfUploader, I read about it and I was like, “Okay, so the scrambled eggs are easy to make.” So I am just getting the… Because I have the JSSImporter recipes already, so I saw that Graham… Graham is amazing person because documentation is the most important thing for him, and I love documentation because you can’t just give the people the documentation and just help the people to just read that and follow that.
So I saw the documentation from Graham and I was like, “Okay, so I got this.” And I’m planning to make the JamfUploader processors also to run automatically with my script. And I saw today actually, that Graham told in the block about package [inaudible 00:34:31]. You know What is that? And I was like, “Amazing.” So I got something just to testing, but then change also the things… Upload all the things testing, and then change it in Git. So I’m still learning about all the tools. It’s a big, big world and sometimes I’m afraid that it doesn’t have an end, it’s learning and learning and learning. And I’m a people, I want to know everything, but I have this feeling that with AutoPkg I will never know and everything. It’s constantly learning all. So yeah.

Marcus Ransom:
The great thing about being a Mac admin… I don’t know if it’s a great thing, but we’ll just say it’s a great thing so we don’t question how we ended up [inaudible 00:35:24]

Manuela Muñoz Bocanegra:
So we don’t cry.

Marcus Ransom:
Yes, exactly. Is just when you think you’ve reached the end and you’ve got it all sorted out, Apple goes and changes everything once a year and then we have a whole bunch of new things to learn. And as you mentioned with the API changing for the Jamf cloud uploads, it’s not just Apple that changes things. All of the software companies and the vendors, the developers of the applications where we’re trying to package, are in this constant cycle… Well, as you call it, this life cycle of it’s constantly evolving and changing. So the only way to get to the end is for everybody to stop innovating with what they do. And we’re in the wrong industry for that.

Charles Edge:
I was going to say-

Manuela Muñoz Bocanegra:
It’s like a [inaudible 00:36:10] game. Sorry. Sorry, Charles.

Charles Edge:
No, no. I was going to say that’s called innovation, but you beat me to it. So we’re in alignment.

Marcus Ransom:
Sometimes it doesn’t seem like innovation when you are looking at these changes, but this is something that I got from the episode we had the other week on penetration testing, is hearing from the other side about all of the changes that happened with the Apple ecosystem and sandboxing. Hearing that there is some innovation there that from a security point of view, those things have made a massive difference to the security of our tools. So the heartache and grief and crying that we go through dealing with it is in fact worth it and has allowed that innovation to happen.

Manuela Muñoz Bocanegra:
Yeah.

Charles Edge:
Yeah.

James Smith:
This episode of the Mac Admins Podcast is sponsored by Data Jar, creators of datajar.mobi, a cloud-based managed MDM solution that redefines Apple device management. Developed from the ground up by Apple admins for Apple admins, datajar.mobi is the first solution to truly extend the capabilities of Jamf Pro, the undisputed leader in Apple device management. Datajar.mobi superchargers Jamf Pro through a managed MDM service that delivers simplified zero-touch workflows, fully automated patch management, centrally managed EDR, and a scalable multi tented view with centralized reporting for global and distributed fleets. Designed to provide IT teams with the best of both worlds, we have developed a true MDM as a service platform for Apple admins that is fully managed and scalable, but can also be controlled through a rich but simplified web interface.
Backed by the unmatched experience of the award-winning Data Jar engineering team, it is no surprise datajar.mobi is consistently ranked in the top 10 highest rated solutions in the G2 grid for mobile device management. Want to learn more? Come and say hi in the Data Jar channel of the Mac Admins Slack or visit us at datajar.co.uk/macadminspodcast. Thanks so much to our friends at Data Jar for sponsoring the Mac Admins Podcast.

Charles Edge:
Well, this has been awesome. I haven’t written a bonus question yet, so-

Tom Bridge:
That’s a really great place for us to think about that for just a second.

Marcus Ransom:
I’ve got a good bonus question.

Tom Bridge:
Go ahead.

Marcus Ransom:
Has there ever been anything you’ve gone down the rabbit hole and researched, only to come out the other end of it saying, that’s a really bad idea and I now know that from having looked at it? I don’t know, does that sound like a good bonus question? I’m hoping you won’t say AutoPkg.

Manuela Muñoz Bocanegra:
Oh, my God.

Marcus Ransom:
Because at least we’ll all be wrong together if that’s the case. But yeah, has there ever been… Maybe not to the degree of a thesis, but just you sound like you’ve got a very curious mind. Has there been anything you’ve looked at where you’ve gone down a path only to say, yeah, this is not the way to do things?

Manuela Muñoz Bocanegra:
You mean if I just got to the point where I say, this is not the right way or what do you mean?

Marcus Ransom:
Yeah, yeah.

Tom Bridge:
Exactly.

Manuela Muñoz Bocanegra:
So difficult. Because I think with AutoPkg I have too much ideas, but I don’t have the knowledge. Is that right?

Marcus Ransom:
Yeah.

Manuela Muñoz Bocanegra:
I don’t have the knowledge and that’s frustrating, because I want to change AutoPkg also, but I don’t have the knowledge. So it’s just deep breath and just to accept that there’s people that know better than me. And maybe at one time I could just get feedback and tell them, hey, I got this idea. But I’m being just patient is… Of course I’m not thinking, oh, you’re doing amazing or just the right path, because I don’t have the knowledge to say if that’s the right of not the right path. You know what I mean?

Marcus Ransom:
Yeah, absolutely. Absolutely. Yeah. What about outside of AutoPkg? Have there been any other… In your journey as a Mac admin, have there been any other tools or ideas that you’ve had where you’ve gone looking only to the investigation to suggest that maybe that’s not the right way of doing things?

Manuela Muñoz Bocanegra:
I don’t know.

Marcus Ransom:
An example of one that I had was… This is probably going back nearly 10 years ago now, when MDM for iOS had this great idea of app wrapping where rather than deploying applications from the app store or using proper or manual deployments for your own in-house deployed apps, is this great idea that you would get a commercial application and then do stuff to it and then side load it onto devices and that would somehow open up all of these possibilities. And it was 100% correct in that it did open up all of these possibilities. It’s just the possibilities were not-

Tom Bridge:
Not all were good.

Marcus Ransom:
No. I got to the point where I was struggling to find even any of them that were good. And it was great for science to go down and look at, “Oh yes, you can do this.” But for me, that one really confirmed that, no, this is definitely not the direction I should be focusing my efforts in to work out how to do this. I am going to focus all of my efforts into listening to what Apple and the sane MDM organizations were recommending, which was to not do that. What about you-

Tom Bridge:
All of my terrible ideas that I’ve vanquished had had to do more with, should we say power over ethernet, over ungrounded cable? And I was going to say there were definitely some choices made in those particular circumstances that we were like, “I’m amazed we got this far.”

Marcus Ransom:
Why is my watch now going backwards?

Tom Bridge:
Well, I mean it was definitely one of those cases, “Why is this buzzing?” “Oh, oh, that’s not good.” But it had more to do with power over ethernet and improperly grounded access points in difficult situations. So yeah, I was going to say that was also the access point that did not have proper grounding, that got struck by lightning and it didn’t work anymore after that. So I was going to say we learn things and no matter how long extra it takes to attach the ground loop, you should attach the ground loop. It will save you a lot of time and effort. Also, the eaves of a house are an excellent place to put an access point as long as the hornets don’t build the nest inside of it.

Charles Edge:
Also, in the eaves scenario, it’s cold here and not all access points are rated to work at negative 30.

Tom Bridge:
Correct. If you’re going to do that, use the integrated heater and run the the extra two pair electrical cable for the heater because yeah, I was going to say we had two access points on at Merryweather one year that froze because we spent a week below zero, and that was a week too long. [inaudible 00:43:31] too long.

Marcus Ransom:
My internet is frozen, takes on a whole different meaning.

Tom Bridge:
Yes. The other great one that I’ve seen recently was if you are planning to need a wifi inside of a freezer… So if you put a whole room refrigerator in for a cold area-

Charles Edge:
We have one in our office. Yep.

Tom Bridge:
Yeah. You want to make sure that you’re drilling the hole for the antenna, not for the access point, because otherwise you end up with a block of ice that has an access point and not just an antenna that sticks into the hole. So I will find a picture of that particular situation that we heard about once. Thankfully that mistake was not mine.

Manuela Muñoz Bocanegra:
I think it is a good example about what you say, Tom, because it’s like people are just focused on… They don’t see all the perspective.

Tom Bridge:
Yes.

Manuela Muñoz Bocanegra:
And it’s like with AutoPkg, I don’t say that AutoPkg have sometime mistakes, I said Apple has the mistakes. Because they change sometimes things that I’m like, “Why did you do that? What is the point?” I have the feeling Apple is sometimes not working with the developers. They just do things and they don’t ask if we are happy or if that makes sense. You know what I mean? It’s all right, but it’s like they need more communication with the community. I think so. You know what I mean? I don’t know-

Tom Bridge:
Yeah. 100% agree.

Manuela Muñoz Bocanegra:
And that will be better because then we can see the changes and we can have more perspective and a big… We have this little picture that Apple give us and then all of a sudden it’s getting bigger and then bigger and then bigger. And we’re like, wait a minute, I was not expecting this bigger picture. So I think Apple need more communication with us and then we can get maybe things better and maybe we will get more innovative ideas because we are changing all the time. We are changing things that it doesn’t need to be changed anymore, they’re working. You know what I mean? And we take more time to change things that are already there, but we don’t have too much time to innovate because they’re taking us back with these changes that doesn’t make sense.

Marcus Ransom:
And that was something that you said earlier where when you were talking about how you tried to understand Git and AutoPkg, not just how it works, but why it works, and I think that would be a really valuable piece of information to get from Apple. There is a degree of it that you get.

Manuela Muñoz Bocanegra:
Why?

Marcus Ransom:
Yeah. But why is this being done?

Manuela Muñoz Bocanegra:
They don’t give explanation.

Marcus Ransom:
Why is it being done this way? We do get it to a degree, but I think more and more we are starting to see a lot more two-way conversation where we can say, so when you said this and you’re doing this, does that mean this? And for us to be able to… Almost like an AutoPkg recipe, is to be able to translate what Apple is telling us in the way that Apple is telling things, for us to then have a better understanding of what that means to us and what the impact is going to be to all of the ways we do things and also to get an understanding of the vision of where Apple’s going, so we can prepare ourselves for what the next iteration of that change may be and how we’re going.
But I think it’s hard enough trying to work with Apple to understand these changes. And then I look at organizations where they choose not to participate in the developer betas or to not be as open and transparent as you’re allowed to be within the boundaries of it to work with their customers, their admins, the community, everything like that. I think all of us getting better at this developer preview season that’s coming up, is going to make this a lot better because these community tools exist because we can’t do it on our own.

Manuela Muñoz Bocanegra:
Yeah.

Tom Bridge:
Exactly. And as I get ready for X World, I’m starting to think about WWDC this summer. And it’s very interesting because you talked about the pace of change. If we look at the Apple marketplace, the pace of change has not dramatically increased over the life of the platforms. I don’t think the pace of change has dramatically increased. It is always been at the rate that we are at now and-

Charles Edge:
Well since OS 10.

Tom Bridge:
Since OS 10. Correct.

Charles Edge:
OS six and seven days, those were…

Tom Bridge:
OS six and seven were a little bit more stable, but if you look their internal iterations that were by themselves about a features released of operating system between each of those subsections. They might be on 18 month cadences instead of annual cadences, but that’s not a substantial slowdown.

Charles Edge:
Or six year cadences.

Tom Bridge:
Well, I was going to say if you look at system six and system seven, each of which lasted five to seven years, there were internal releases inside of those at least every eight months.

Charles Edge:
Yeah. 71, 76,

Tom Bridge:
And 705, six.

Charles Edge:

  1. Yeah, some of those.

Tom Bridge:
Yep.

Charles Edge:
But the changes weren’t fast enough at that point-

Tom Bridge:
Well, that’s very definitely true.

Charles Edge:
… to keep up with…

Tom Bridge:
There was a structural change going on there too as they fought out the Taligent and Pink situation.

Charles Edge:
The Blue Meanies.

Tom Bridge:
And the Blue Meanies and all of that. And if you want to learn more about that, come see my talk at X World in a week, and change.

Marcus Ransom:
Or watch it afterwards on YouTube. But yeah-

Tom Bridge:
There you go.

Marcus Ransom:
… Australia. It’s worth it.

Tom Bridge:
It is, although I did… So I realized the other day that I needed to get a visa because I had forgotten that part. And so I was very grateful to discover that it’s just an app now, and so [inaudible 00:49:56]

Marcus Ransom:
You were deemed of good character, were you, Tom?

Tom Bridge:
I was deemed of good character that decided I was not… Although I do think it’s a little bit hilarious for Australia to be like, “Yeah, we want to check out your criminal record first.” And I was like, “You what?” [inaudible 00:50:12] history lesson here?

Marcus Ransom:
Colonization of Australia was built entirely on criminal records. Is it to ensure that you have the appropriate level of criminal record, Tom? Did you have to lie about stealing loaves of bread or something like that to be…

Tom Bridge:
I mean, entirely possible.

Marcus Ransom:
Yeah. Well speak speaking about speaking WWDC as well, I was looking at that last week with another presentation I was working on and actually drew out this timeline, which will… I actually made the timeline circular rather than a line because it is this constant cycle and we are in fact closer to WWDC than we are to the production release of Ventura. So we’re all in that time where we’re anticipating what comes next, and it’s like the release of Ventura is a long forgotten dream that we’re all used to, right? And we’re all totally up to speed with all of the changes Apple have made and now it’s just sort of limbering up, getting ourselves match fit for whatever date in June when Apple goes and breaks all of our hearts. But at the same time, getting us excited about a whole bunch of other things as well.

Charles Edge:
Let’s take away the finder next.

Marcus Ransom:
Yes.

Charles Edge:
Launchd. Who needs launchd? Launchd is legacy.

Tom Bridge:
Yeah, who needs launchd? I mean, that’s just… No.

Manuela Muñoz Bocanegra:
Oh my God. There’s actually one of my task in my company to read this book, CAS. I think that’s the name in English, CAS Benchmark.

Tom Bridge:
Oh, CSI.

Manuela Muñoz Bocanegra:
CSI.

Charles Edge:
CIS.

Tom Bridge:
CIS. Yeah, yeah.

Manuela Muñoz Bocanegra:
So I have to read all the book and that’s my next big goal to read again, the Ventura, because I read the [inaudible 00:52:07] and I have to make all the documentation and I have to test every common line code. So it is really difficult and I don’t like it. But then you can find-

Marcus Ransom:
Well now you’re an expert in Git, you can use the-

Manuela Muñoz Bocanegra:
Oh my God, I’m not an expert.

Marcus Ransom:
… micro security compliance project. And once again, the community can help you with everything and even more. So yeah, that’s the next great fun to learn. That’s exciting.

Manuela Muñoz Bocanegra:
To read, yeah. Did you read already this book, this benchmark from Ventura? Did you already?

Marcus Ransom:
Too many times. Yeah.

Manuela Muñoz Bocanegra:
How many time do you have in your life? I don’t have any time in my life.

Marcus Ransom:
It’s my job to have these discussions with people so we can then argue about which is… I suppose it’s just like presenting a thesis to academics. We can then argue over interpretation as to how you interpreted that. Lines of code are supposed to be absolute, but they’re not. Everyone will interpret how to use-

Manuela Muñoz Bocanegra:
In the other way.

Marcus Ransom:
… when to use the line of code, the order it’s being used in, which is the fun bit.

Charles Edge:
I like to alternate between one page of CIS Benchmarks and one page of the Confederacy of Dunces and back again.

Manuela Muñoz Bocanegra:
That’s crazy. Oh, my God-

Marcus Ransom:
CIS is like you can choose your own adventure as well.

Tom Bridge:
Oh, yeah.

Marcus Ransom:
The end’s different every time you read it.

Manuela Muñoz Bocanegra:
Yeah, yeah. I know. I know. So that’s your job, just talking about the new topics? It’s amazing job.

Marcus Ransom:
Helping people understand the possibilities in using device management and Apple Management. All of the things that without having been exposed to the community that we have and the years of poor choices we’ve all made, is showing people that there are solutions out there. Some of them are elegant solutions, some of them are not so elegant in terms of their solution, but what are the outcomes? What are the outcomes?

Charles Edge:
The why.

Marcus Ransom:
What may seem like, yeah, a real problem can maybe be a little bit easier if you change your approach. So having a look at all of these tools people are creating and working out how to implement them is really a case of I get paid to show people how to do these things rather than having to solve those problems myself and be responsible for it running in production. I get to do that to lots of people and have the fun bit of the discussion and then work with other people who are much better at it than I am for the actual implementation. And I get to help people go and buy the puppy or the kitten, but somebody else gets to look after it.

Tom Bridge:
They will never rip up your furniture.

Marcus Ransom:
Exactly. Well, to a degree. But I always want to make sure that I’m helping them select a pet that’s the right one for them.

Charles Edge:
Always a good thing.

Manuela Muñoz Bocanegra:
That sounds really like the dream job for me, actually. You guys are my inspiration. I think that’s the word.

Charles Edge:
There you go.

Tom Bridge:
That’s the right one.

Manuela Muñoz Bocanegra:
Yeah. No really, really. You know Andrea Cheng?

Charles Edge:
Mm-hmm.

Tom Bridge:
Oh, yes.

Manuela Muñoz Bocanegra:
He’s my boss and he-

Charles Edge:
Oh? Tell him we sent a howdie!

Tom Bridge:
Yes.

Manuela Muñoz Bocanegra:
Yeah. And he choose me without experience, without anything, but he told me he saw something in me and I was like, “Oh, thank you.”

Charles Edge:
We like him. He’s good people.

Manuela Muñoz Bocanegra:
Yeah.

Tom Bridge:
He’s good people.

Manuela Muñoz Bocanegra:
He’s amazing to explain how to have success with [inaudible 00:56:02] he said this is really simple. And he’s also my inspiration like you guys, because he also make keynotes and he explain people in the simple way how to get success with [inaudible 00:56:18]. And he goes also to America and to Rothenburg, I think so.

Charles Edge:
Gothenburg, yep. That’s where I met him, I think.

Manuela Muñoz Bocanegra:
And that for me, it’s a really nice job just to do the hard work or the dirty work, to read and understand everything, and then just explain to little kids how to get things done. I think that’s really amazing.

Charles Edge:
Me too.

Manuela Muñoz Bocanegra:
You see? I’m excited about my future. That’s really-

Charles Edge:
We are too. Or at least I am.

Tom Bridge:
We are too.

Charles Edge:
I know I’m not going to speak for Tom and Marcus.

Tom Bridge:
Here at the Mac Admins podcast, we want to say a special thank you to all of our Patreon backers. The following people are to be recognized for their incredible generosity. Stu Bakka, thank you. Adam Selbe, thank you. Nate Walk, thank you. Michael [inaudible 00:57:14], thank you. Rick Goodie, thank you. Mike Boylan, you know it. Thank you. Melvin Vivez, thank you. Bill Steitz, thank you. [inaudible 00:57:22] Storyville, thank you. Jeffrey Compton, M. Marsh, Stu McDonald, Hamlin Crusin, Adam Berg, thank you. AJ Petrepka, thank you. James, Tracy, Tim [inaudible 00:57:32] of two Canoes, thank you. Nate Sinal, Will O’Neill, Seb Nash, the folks at Command Control Power, Stephen Weinstein, [inaudible 00:57:39], Daniel McLoughlin, Justin Holt, Bill Smith, and Weldon Dot. Thank you all so much and remember that you can back us if you just head on out to patreon.com/macadmpodcast. Thanks everybody.
Manuela, thank you so much for joining us this week on the podcast. It was a great pleasure to get to know you. If folks want to follow your work online, are you going to plan to post your thesis when it’s done?

Manuela Muñoz Bocanegra:
It’s in German.

Tom Bridge:
It’s okay, we have German listeners.

Charles Edge:
Yeah.

Manuela Muñoz Bocanegra:
Really?

Tom Bridge:
Oh, yes. I was going to say a bunch of them.

Manuela Muñoz Bocanegra:
Maybe if I get something good and something new, I will post it.

Tom Bridge:
Okay, fantastic.

Manuela Muñoz Bocanegra:
But because Andrea Cheng is my boss, he’s like, “You have to bring something new.” You know what I mean? He’s like-

Tom Bridge:
He’s right.

Manuela Muñoz Bocanegra:
… “you cannot copy. You have to be innovative. You have to bring something new, Manu.” And so yeah, maybe if I get something new and something different, then I will post it. But I’m little scared because like I said, I’m new in this world. It’s like three years ago my life changed with [inaudible 00:58:54] because before that I was just a fan from Apple like everyone. I was just a fan and I was… Yeah, a fan. And I’m like a freak fan that no Everton and son want to know anything more. So yeah.

Tom Bridge:
Well, thanks. It’s been a huge pleasure to have you on this week. Thanks also to our wonderful sponsors. That’s Kanji, Kolide and Data Jar. And thanks everybody, we’ll see you next time.

Charles Edge:
See you next time.

Manuela Muñoz Bocanegra:
Thank you. Bye.

Marcus Ransom:
See you later.

Tom Bridge:
The Mac Admins Podcast is a production of Mac Admins Podcast LLC. Our producer is Tom Bridge. Our sound editor and mixing engineer is James Smith. Our theme music was produced by Adam Kodega, the first time he opened garage band. Sponsorship for the Mac Admins Podcast is provided by the macadmins.org Slack, where you can join thousands of Mac admins in a free Slack instance. Visit macadmins.org. And also by Technolutionary LLC, technically we can help. For more information about this podcast and other broadcasts like it, please visit podcast.macadmins.org. Since we’ve converted this podcast to APFS, the funny metadata joke is at the end.

Listen

Sponsors:

datajar.mobi is a cloud-based managed MDM solution that redefines Apple device management. By providing completely automated and managed services backed by an award-winning Apple support team, the platform delivers zero-touch onboarding, configuration management, patch management and EDR capabilities. Want to learn more? Come and say hi in the #datajar channel of the macadmins slack or visit datajar.co.uk/macadminspodcast

Patreon Sponsors:

The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include:

Rick Goody, Mike Boylan, Melvin Vives, William (Bill) Stites, Anoush d’Orville, Jeffrey Compton, M.Marsh, Hamlin Krewson, Adam Burg, A.J. Potrebka, James Stracey, Timothy Perfitt, Nate Cinal, William O’Neal, Sebastian Nash, Command Control Power, Stephen Weinstein, Chad Swarthout, Daniel MacLaughlin, Justin Holt, William Smith, and Weldon Dodd

Mac Admins Podcast Community Calendar, Sponsored by Watchman Monitoring

Conferences
Event Name Location Dates Format Cost
XWorld Melbourne, AUS 30-31 March 2023 TBA TBA
Upcoming Meetups
Event Name Location Dates Cost
Houston Apple Admins Saint Arnold Brewing Company 5:30pm 4th March 2024 Free
Recurring Meetups
Event Name Location Dates Cost
London Apple Admins Pub Online weekly (see #laa-pub in MacAdmins Slack for connection details), sometimes in-person Most Thursdays at 17:00 BST (UTC+1), 19:00 BST when in-person Free
#ANZMac Channel Happy Hour Online (see #anzmac in MacAdmins Slack for connection details) Thursdays 5 p.m. AEST Free
#cascadia Channel Happy Hour Online (see #cascadia channel in Mac Admins Slack) Thursdays 4 p.m. PT (US) Free

If you’re interested in sponsoring the Mac Admins Podcast, please email sponsor@macadminspodcast.com for more information.

Social Media:

Get the latest about the Mac Admins Podcast, follow us on Twitter! We’re @MacAdmPodcast!


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back MAP on Patreon



Support the podcast by becoming a backer on Patreon. All backer levels get access to exclusive content!

Subscribe

Archives