Episode 312: Selina Ali

---

This week’s transcription is brought to you by Alectrona

James Smith:
This week’s episode of the Mac Admins Podcast is brought to you by Kandji.
You know where the biggest potholes are when switching device management solutions? It’s not the prep work or figuring out how to replicate your current configuration in the new system. It’s that moment when management is temporarily removed from a Mac, leaving you with no control. From there, you have to rely on users to follow your instructions and enroll their devices into the new solution. Multiply by hundreds or thousands of devices, and support tickets and errors start cropping up at scale.
Kandji has changed the game with this migration assistant, a seamless tool with completely customizable logic that guides users through enrollment into Kandji’s device management solution so your support team won’t have to. 100% free for all new customers, Kandji’s migration assistant is just one piece of an overall exceptional experience Mac admins enjoy with the use of Kandji’s comprehensive solution.
To learn more, head on over to kandji.io/migration. That’s K-A-N-D-J-I.io/migration, or join the Kandji channel on the Mac Admin Slack to say hi and see what they’re up to.
Thanks again to Kandji for sponsoring this episode of the Mac Admins Podcast.

Tom Bridge:
Hello, and welcome to the Mac Admins Podcast. I’m your host, Tom Bridge, and Charles, how are you?

Charles Edge:
I am doing great, except it decided to snow, and our guests can tell us a lot more about that if she so chooses, but mid-April, it seems to always drop a few inches. Luckily, it hasn’t stuck, so I don’t think I’ll have to go out and shovel, but it has been snowing all day today

Tom Bridge:
I noticed that it was almost 90 in the Twin Cities on Thursday or Friday.

Charles Edge:
Yeah, it got up into the high eighties.

Tom Bridge:
I had friends sending me pictures of Lake Harriet, and of course, there are ice flows in the lake still, and people wading out into the lake, and I’m just like, it’s almost 90 and there’s ice on the lake, and you know what? I’m just going to let that go. Marcus, how are you?

Marcus Ransom:
Well, I feel like I can join in this conversation for once, where I’ve actually got the heater on right near here me, because it’s bloody cold here today.

Tom Bridge:
You have a heater?

Marcus Ransom:
I have a heater. Yes I do. It doesn’t get turned on very much, but the bottom half of my body is nice and toasty warm at the moment.

Tom Bridge:
None of the places that I lived in Los Angeles for 14 years had heaters. Just wasn’t a thing. Not necessary. After the first place, they all had AC. The first place, big rookie mistake.

Marcus Ransom:
Top half of Australia, very much like that, where I grew up. It was just open all the doors, fans, all that sort of stuff… Down here in Melbourne, yeah, we need heaters some of the year.

Charles Edge:
Tom, I’m guessing you’ve got flowers by now.

Tom Bridge:
We do have flowers. We’ve had flowers for a couple of weeks. The red buds have been going, and so I live on a great street in DC with a bunch of red bud trees, and if you’ve never seen a red bud tree in full bloom… I will say this for the cherry blossoms, they’re there first, but the red buds put them to shame.
So it has been a spectacular weekend. It’s been in the mid-eighties all week, which is nice and toasty. We have not turned on the air conditioning yet. We have let it ride. I do have the fan going right now. Sorry James, and hopefully, it doesn’t end up all over the recording, but I was going to say, I did go across the street to help my neighbors put their window units in this week, and they brought over a very delicious banana pudding this evening as a thank you gift. So that was fantastic, but we’ve got a tremendous guest this week. Welcome to the podcast, Selina Ali.

Selina Ali:
Hey, thanks for having me. Yeah. I’m still also reeling from a 51 degree change in two days.

Tom Bridge:
You’re also in the Twin Cities?

Selina Ali:
I’m also in Minneapolis, but I’m from originally the Los Angeles area, and I will say moving to the Midwest, everyone told me about the winters, but nobody warned me about having a house with AC in the summer was almost more important.

Tom Bridge:
Yeah, yeah. Oh yeah. Especially with the humidity out there.

Charles Edge:
10,000 Lakes.

Tom Bridge:
Not to be trucked with.

Charles Edge:
They make a lot of humidity.

Tom Bridge:
That’s right, and a lot of mosquitoes, let’s not lie.

Charles Edge:
A lot of places make a lot of mosquitoes.

Tom Bridge:
But they aren’t the state bird in a lot of states.

Charles Edge:
I lived in Alaska for a while, and Georgia… I’m from Georgia, but there are mosquitoes everywhere. I’ve never been to a place where I didn’t find mosquitoes. Luckily I have this… My mosquito bites go away within a couple hours.

Tom Bridge:
Oh, you are lucky.

Charles Edge:
Yeah, I know people…

Tom Bridge:
I’m not that person.

Charles Edge:
The mosquito bite lasts for a month, and you’re like, “Oh my goodness. I can’t even imagine.”

Selina Ali:
Yeah. I’m the mosquito magnet. People love being around me when there’s mosquitoes, because nobody else gets bitten. Just me.

Tom Bridge:
Sweet.

Charles Edge:
Yeah. So before we get started, you got to go to the… Sorry, James. See… One for me? We should keep a tally. Well, before we get started… So before the snow came back, you did get to go out and enjoy at least one event on Saturday evening, right?

Selina Ali:
Yeah, the Minnesota United game. So actually, it was quite cold that game, too. So the day before, I was wearing shorts and a tank top and was dying of heat, because it was 80 something, and that night, I think it was 45 and raining, but it was still great to be out. I actually kind of prefer the cold. I’m a weirdo like that. That’s why I moved to the Midwest. I grew up in a desert. So if there’s only so much you can do to cool off, there’s no such thing as too cold, you just have the wrong clothes.

Charles Edge:
I don’t know. When it’s negative 30 with a 10, 15 degree wind shell, no amount of clothes… None.

Selina Ali:
I went ice diving.

Charles Edge:
It just rips through everything.

Selina Ali:
I go ice diving in the winter here. I’ll be out on a lake in White Bear Lake. The high will be five Fahrenheit, and I’ll be out there for nine hours jumping into the water with a dry suit. I’m not a polar plunge person. So it’s a little bit… It’s not that hardcore.

Charles Edge:
I’ve surfed in dry suits. That’s not easy moving around.
So today, we’re going to talk about integrations, not to change the subject. I would love to talk about dry suits all day long, to be honest with you, but most software companies these days want to be a “platform”, and there are entire books about that go-to-market strategy, but part of that play is to build APIs, document the APIs, and facilitate other companies building integrations with them as well.
So many of us have unique workflows, and so have to build our own scripts to interact with different tools, and in this episode, we’ll think about building our own integrations with various tools, because let’s face it, no software vendor can satisfy the need of every organization, regrettably, and one of those tools might be, let’s say, LogicMonitor, and Selina can talk way more about that, and I guess we’ll also cover some of the things to consider when building those integrations.
So thank you again for joining us for the episode. We’ll talk more about soccer later, I’m sure, but in the meantime, do you mind giving us a little bit of a origin story about how you got into the field?

Selina Ali:
Yeah. So I have a super non-traditional background. So I’m currently the project manager for integrations at LogicMonitor. So I handle specifically our alert integration, so anything that happens within our platform that gets sent to an external service, and I also cover our automation tools. So if you’re doing stuff outside of LogicMonitor, but you’re talking to us, that’s kind of what I cover, and LogicMonitor is an IT observability company. We’re a SaaS platform company that offers IT infrastructure and monitoring. So if there’s something going on with your servers and you need to know, then we can do that. We can let you know if something’s going down, if something’s about to crash, whatever thresholds you set.
I didn’t grow up wanting to be a product manager for integration. I’m sure some people have that origin story. There’s a five year old somewhere who’s like, “That’s my dream job right there.” I actually was an archeologist for 10 years.

Tom Bridge:
Amazing! Where were you doing archeology?

Selina Ali:
So I started when I was 16, I moved to the UK and specialized in Northern European ship building. So that was my whole professional career. Two degrees. My master’s is in maritime archeology, and I’ve worked all across Northern and Western Europe and a bit in Spain. Most countries I’ve worked in in Europe, but I specifically worked with ship construction and submerged landscapes. So I’m a commercial diver and all of that, and now… Yeah, it’s kind of strange. So I came from that world living abroad for 10 years, working in different cultures, and I studied and I specialized in digital capture methods. So how do we record all of this archeology and preserve it for the future? Because every time we’d find something, it’s destroyed immediately. It’s a very destructive science by nature.

Charles Edge:
Especially underwater, I guess.

Selina Ali:
Yeah, and it’s a lot of rescue work. So I’d be diving usually ahead of construction of wind farms or stuff like that, and you wouldn’t really know what you were going to find. If there was a magnetic anomaly, it could be a shipwreck, it could be a bicycle. In Denmark, it was mostly a bicycle. In the UK, it was always shopping trolleys. So it was very common. Very, very modern. Soon to be archeology.

Charles Edge:
Why return it to the store?

Selina Ali:
Yeah, a riverbed is a perfect place for it. I don’t know. When I was a student in the UK, I used shopping trolleys… You turn them on their side and you build a little fire, and you can have a little barbecue on top.

Marcus Ransom:
That’s a thing here in Australia as well.

Selina Ali:
It’s very smart. I was too poor to afford a barbecue. So shopping trolley cost a quid, and if you wanted to, you could return it and get it back [inaudible 00:11:16] found. So I started in that digital world, and when I moved back to the US, I’m originally from Los Angeles, and I knew I didn’t want to live in LA, because as I said, I like the cold, and Los Angeles is too hot for me. So I moved randomly to Wisconsin, Eau Claire, Wisconsin, because I heard they had cheese there, and I was like, “Great.”

Tom Bridge:
They do. Yes.

Selina Ali:
They do have cheese. I love cheese. Sold. There’s another recurring theme of my life. I’ve moved to places on very little, I moved to Wales when I was 16 because they have a dragon on their flag. It’s like, “Done. That’s it.”

Charles Edge:
I like dragons.

Selina Ali:
Exactly. I didn’t know Scotland’s national animal was a unicorn. I probably would’ve put Scotland on my list too if I had known that when I was eight, but I went from that whole career and kind of doing high tech stuff with very little money and a lot of using Xbox Kinect to that old that discontinued…

Tom Bridge:
Oh yeah!

Selina Ali:
We use those as laser scanners.

Tom Bridge:
Oh, no way!

Selina Ali:
Building all sorts of new plug-ins. So I went from that field to moving to Wisconsin with nothing, and walking into a company called Jamf, and worked there for three years, and then from there, learned a lot about integrations, learned a lot about this weird tech world, and moved over to LogicMonitor as a product manager, and I promise you, there is a lot of crossover, transferrable skills between archeology and technology.

Charles Edge:
I would believe it. To me, archeology probably has more transferable skills than almost anything for product management. Maybe anthropological… Sociopolitical anthropology might be up there as well.

Selina Ali:
That’s what my other degree’s in.

Marcus Ransom:
So going from underwater tech debt to cyber tech…

Tom Bridge:
That’s awesome. It’s just under a different kind of water, Marcus.

Marcus Ransom:
Yes.

Selina Ali:
We’re still… The [inaudible 00:13:23] the same. Just layers of tech debt is the same as the layers of the human past.

Charles Edge:
The roadmaps are…

Tom Bridge:
I was going to say, if any product manager out there doesn’t believe that they’re actually an archeologist by trade, they are probably not yet aware of what archeology really is.

Selina Ali:
If people want to learn about archeology, this is my shameless plug that I probably should have told you guys about, in Mac Admin Slack, there’s an archeology fact of the day channel that I post in every workday, not on the weekends, because…

Tom Bridge:
Who’s got the time?

Selina Ali:
Yeah, I’m not on Slack on the weekends, so sorry, but that’s how I keep my degrees relevant, because of two degrees. One in archeology, anthropology, and one in maritime. I’ve got to keep sharp somehow. So that’s open to the Mac admin community, whoever wants to learn something more, or if… My secret plan is to change everyone’s social media algorithms to start having archeology news appear in your feeds more. So if you want to be part of that plan.

Charles Edge:
I love where this is going.

James Smith:
This week’s episode of the Mac Admins podcast is also brought to you by Kolide.
Our sponsor, collide has some big news. If you are an Octa user, they can get your entire fleet to a hundred percent compliance. How? If a device isn’t compliant, the user can’t log into your cloud apps until they’ve fixed the problem. It’s that simple.
Kolide patches one of the major holes in zero trust architecture: device compliance. Without Kolide. It struggles to solve basic problems like keeping everyone’s OS and browser up to date. Unsecured devices are logging into your company’s apps because there’s nothing to stop them. Kolide is the only device trust solution that enforces compliance as part of authentication, and it’s built to work seamlessly with Octa. The moment Kolide’s agent detects a problem, it alerts the user and gives them instructions to fix it. If they don’t fix the problem within a set time, they’re blocked.
Kolide’s method means fewer support tickets, less frustration, and most importantly, a hundred percent fleet compliance. Visit kolide.com/macadminspodcast to learn more or book a demo. That’s K-O-L-I-D-E.com/macadminspodcast. Thanks to Kolide for sponsoring this episode of the Mac Admins podcast.

Charles Edge:
So I’ve got to say, sociopolitical ecology is about ecosystems, and I guess in building a platform, it’s all about ecosystems, and healthy ecosystems, hopefully. So what are some of the most common themes or things that you work on when it comes to making a great ecosystem for others to integrate with?

Selina Ali:
Yeah, so shared APIs is kind of my favorite thing. So when I think of ecosystems, I think of a lot of different products that may have different core purposes that are all connecting and working together, and how do you get these things to communicate with each other? To me is you have APIs that either work super well together, or you have them bundled in a way that’s easy to talk to a few different APIs. So if you have… We’re working a lot with a company called ConnectWise right now. We’re actively developing with them.

Charles Edge:
I’ve worked on their API as well.

Marcus Ransom:
Same here.

Tom Bridge:
Same.

Selina Ali:
So they have a lot of different parts of their product that… They have ConnectWise, their ticketing part, they have automate, they have all of these other things, and so it’s trying to figure out how can we work between these different product areas and create our integration to communicate with a few different endpoints.
So that’s what I always think about, is this seamless integration between different parts of what you want to do. So in my own company, LogicMonitor, where I’m part of the platform experience team, which is kind of a newer initiative this year to bring that… What’s the word I want to use? Integration, bring that seamless experience of uniting the different parts of our product, because we have a lot of different product managers who work in different very specific parts of… We have our logging, element logs, we have different… AI. We have all these different parts of our product, and we don’t all necessarily work with each other all the time. So part of what my team is doing is looking at something holistically and trying to create these inwards and these workflows that go across all of the different areas.

Marcus Ransom:
So something that comes up a lot when we’re talking about APIs is when you think about the sort of data that you get access to with APIs and you’re sharing it usually across the cloud and the internet and whatever that means… So authentication is a really important part of how use these APIs. So how would you frame a conversation about how third parties should authenticate and authorize with a vendor, whether that’s in your scenario or what you would see as a perfect world would look like for that sort of authorization and authentication?

Selina Ali:
With us… So I come from… So one of our integrations is taking stuff out of LogicMonitor. So we have something called a custom HTTP integration, and that’s if you want your alerts to be sent to an endpoint that we don’t have built out of the box. We’re trying to be extensible. So I talk to a lot of customers and a lot of folks about, “All right, well what type of API do you want to authenticate with? What type of authentication does it have, and how can we make our custom HTTP… How can we make this as extensive as possible? What type of authentication methods are people using?”
OAuth 2.0 Is my favorite authentication. I think that’s the new standard. I will admit, my product is a little bit behind on that, where our custom HTTP is only in the UI today. It’s only a username and password, but you can create a backend API workaround to do OAuth 2.0, which is what I was day one when I started as the PM, I noticed that failing on us, but when folks integrate with us, the other part of my job is I talk a lot with people who want to integrate with LogicMonitor, and the conversation’s usually around, “Okay, is this a system to system type integration? Are you talking directly with us? Are you another vendor who is similar to us that’s not going through a third party or something like that?”
Then we have something that’s… Our LMv1 token is probably our most secure. We have a lot of custom headers where you have to get… I think it’s something like you have to provide the epoch time and you have to provide a few different things has to be sent with the request to get a token, and if those things don’t match up, we won’t give you a token. So it’s a little bit more complicated, and some vendors really like that, because they’re just used to it. Other vendors, it’s a little too advanced for them or they have something weird going on where there might be a delay and their first request might be 30 minutes behind, which is… The epoch time has to be within 30 minutes of the first request.
So we also have something called Bearer tokens that you can get. It’s just like a JSON web token. A little bit less secure than I would like, but it’s still perfectly good. It just kind of depends on what you’re doing. We also have some integrations that people built into us, where they’re going through a third party. So they’re using SaaS integration companies, is what I call them, people who build integrations between two different platforms, and they prefer the JSON web token, our bearer token support for that. It’s just a little bit easier for them.
When we build integrations with people, we always require some type of authentication. So we’re building an integration right now with an event driven automation platform, and they were not requiring any type of authentication, and we did not like that. So we built in something where we have to do a passphrase exchange, something that’s a little bit easier for the customer to set up, and still relatively secure of, you know it’s coming from us at this passphrase you stored on your vault locally on your machine, or wherever you’re hosting your automation hub, and that has to be exchanged. That handshake has to happen. You’ll have to give each other the head nod and be like, “Yeah, that’s cool. I know who this person is.”

Charles Edge:
All that’s pretty common. I feel like most organizations do want to be in an OIDC or some kind of more modern place, but the whole user, username and password, or some kind of authentication credential, hit a create token in an interface, which is how most of Apple’s APIs do it, is pretty common, and then a lot of people have this, “Oh, I want to get to that next thing,” and a lot of times with the assertions and things like that, there’s also the desire to just have better permission sets and beyond crud type of…
Also as an API endpoint, I don’t want to accept a request unless you have permission. I don’t want to have to parse that. I want that filtered out before it even gets to my controller or what have you, but yeah, the authentication piece is so… I don’t feel like OAuth 2.0 is going to be the end, of course. It’s number two, so there’s obviously going to be a number three, which doesn’t work right, and so probably a number four that everybody goes into production with or what have you, or maybe it’ll be a resurgent SAML or whatever.

Tom Bridge:
Or some weird cross hybrid.

Charles Edge:
Yeah, and that’s part of that technical debt never being done, because what’s in front of that, is it’s spring, and in front of spring is their hibernate, if it’s in a Java stack or if it’s in a goat… Anyways, there’s so much there, but it’s…

Selina Ali:
There’s always going to be someone trying to crack it too.

Charles Edge:
Yeah, but Bearer token… Any authentication mechanism that’s supported in Postman to me is kind of, “Okay, we’re authenticating and we’re rate limiting and it’s healthy.” So I don’t have to worry about all the things, and sorry, Marcus, you were going to say…

Marcus Ransom:
I was going to say, is the Bearer token, the shopping trolley that we are getting out of the water that we are then using to create a barbecue is that sort of…

Charles Edge:
At least Bearer Token is a JWT, and the thing that’s always amusing to me is like, “Oh, well, we’re using tokens. We wouldn’t use horrible username and passwords,” and you’re like, “Well, username and a password is kind of two factors,” and if you need a PIN, that’s actually three factor, but a token that never rotates and doesn’t expire and doesn’t get terminated after three incorrect logins or what have you, is we pretend like it’s more secure, but I always wonder if it truly is.

Selina Ali:
Well, and people tend to make these users admins. I always stress to folks, I’m like, “Look, you’re going to do what you’re going to do, and that’s on you, but on the record, I’m saying, principle of least privilege.” Only give it the things that you need access to. If this only needs to be a read-only integration, then don’t make it an admin, please.

Charles Edge:
Oh yeah. For monitoring…

Marcus Ransom:
[inaudible 00:25:09] read the things that has business reading as well.

Charles Edge:
Well, that becomes… Most log systems are a fire hose. We probably won’t have time to get into that. That’s like… “Oh my goodness, how do you parse it out?” I do feel like, you touched on this, but how do you frame that conversation about how third parties… Let’s say instead of a third party vendor, but a third party organization who is a customer, so rather than a partner, should authenticate and authorize with you.

Selina Ali:
I have a lot of those conversations, and usually I ask them, “What is it you’re trying to do, and is there something that you can do this in a better way?” I get a lot of customers trying to reinvent the wheel, but I always push a LMv1 token, which… I should know this off the top of my head, but it has those three different checks that are in the header that is our most secure, and that’s what we support, and I also tell them to use our latest API. Please don’t use anything that’s old, anything that’s going to be deprecated. Make sure you’re checking our documents and that type of conversation, but the LMv1 token is tied to a user in LogicMonitor.
So I always start those conversations by, “First, tell me what is it you’re trying to do? What’s your dream world scenario? Tell me what the end goal is.” A lot of these folks come in with a very specific set of questions, and it’s like, “Look, I need context. Please. Are we even talking about the right things?”, and then I always look at their permissions, and I’m like, “Yep, all right.” These are the real world permissions you need, because that is tied to a user, and that token will have whatever privileges that user has. So that’s probably the most important part of that conversation, is what are the privileges, and who in your org might have access to wherever you’re putting this, because the second part of that is it’s all well and good. You can have the best authentication in the world. If you’ve put your script or something in a public place where anyone can get it, you’ve lost part of that equation.

Charles Edge:
That does take us to the next question. Where should that script run? We can put things on devices because a lot of us, like your experience at Jamf for device management… So we can put that script on a device, but then we have to deal with key distribution, that token distribution, whatever it is, or we can host our own service like a small Lambda that has a key, but then we need to rotate the key, but how do you typically think of where and when the integrations should run? I guess it depends, but we can frame it in a device management kind of context.

Selina Ali:
When I was at Jamf, that was a huge conversation I had with customers all the time because I always saw them putting credentials where they shouldn’t.

Charles Edge:
Like in GitHub.

Selina Ali:
It’s just classic, or even if you sold your passwords, the data is there. So if that’s your last resort, is you can have it on your endpoints machines, it’s not great. I hope it’s calling somewhere else to get those creds from. LogicMonitor, it’s a little bit easier, because we have data sources that… We have something called collectors, and the collectors can talk to your environment. They’re the things that are actually doing the monitoring. We are an agentless monitoring company, so you don’t have to have a collector on every single thing that you’re monitoring, but the collector still needs to be able to talk to those things, and so we have data sources that you can run and you can script, you can make your own, you can do it in Groovy, you can do it in Bash, Python, whatever you want. Groovy was a new thing for me when I started at LM.

Charles Edge:
As well it should have been.

Selina Ali:
Yeah. I was immediately writing everything in Bash and then Python, and then now I’m trying my hand at Groovy. What I really like about having a data source do a lot of these things, and it depends on what your workflow is too. If you’re actually taking action on something, then I’d say if you have an automation hub somewhere, then that’s where it should live. If you’re using something like Ansible or Stack Storm or whatever, that has many layers of security, and I hope that server is locked down with access, but if you’re doing something fairly harmless, like doing some gits or just read-only stuff… I actually use a data source for all of my integrations. If I’m doing something hacky with rotating tokens, I’m posting them to update my integration every 15 minutes.

Charles Edge:
There are services like… Oh, what is it called? SKM or whatever, the AWS token rotation services. There are ways to do this, kind of, but I feel like it’s really tough on the device management front. The best we can really hope for if we’re putting something on a lot of devices, is that OAuth 2.0, if that’s an option.

Selina Ali:
Yeah, and hiding it well. So if you have no choice, and that’s the only place you can have it, making sure that it’s not going to be in… Well, you have to think about the transmission. It may be secure on one side of the MDM service, whatever, and then you have to think about what’s happening in that between when it’s being sent over. Can somebody grab it from there? But you’re only as secure as where your server really is if somebody has access. For me, it’s kind of like, well, if somebody has access to the server that your automation hub’s on, for example, you have bigger problems than this credential getting lost. You have something far more serious going on.

Charles Edge:
So that’s interesting. How about you, Tom or Marcus? When you have conversations, because you both have customers who are doing some of the same exact type of stuff, and there’s stuff that you don’t support and probably don’t think should even be on the roadmap, because you’re like, “Why in the heck would you want to do that?”, but also we want you to do whatever you want.

Tom Bridge:
Well, I think that the product at JumpCloud is anything we build for the UI is getting built for API anyway, and there’s getting other extra stuff built for the API sometimes, but most of the time, if we’re going to build it out there, it’s going to go into our API docs, it’s going to go into the swagger, which is published, and you’re going to be able to see it out at jumpcloud.com.

Charles Edge:
I guess in terms of not a web hook exactly, but like, “Oh, I have a thing on a device, and I want to trigger an event to a happen.”

Tom Bridge:
Sure. We certainly have commands that can be run that way, and for example, if you’ve got a command in the jump cloud commands gallery, or if it’s built into your environment, we’ll let you use the API to call it with a web hook, and so then you can essentially set a trigger for it that’s just essentially a trip wire, and if you’ve got the right API key, you can do those kind of things.

Charles Edge:
I assume, Marcus, that you’d probably tell people to use the scripts or an extension attribute on the Jamf side as well, and probably, Selina, that’s what you would’ve said before.

Marcus Ransom:
Yeah, but I think the important thing is to be conscious about what you’re doing. So for example, it’s very easy and straightforward to set up an extension attribute, but is this something that needs to run every single time, or is it a script that just needs to run once that’s going to give you the information? What’s the cadence you’re wanting to do where that’s going? I think understanding all of the different ways that you can get data moving backwards and forwards, and on an individual case, deciding which is the right way for what you’re actually wanting to do, what’s the most sustainable, very much using more modern APIs when they’re able to do things rather than sticking with older APIs that you may be more comfortable with, layering more tech debt for the archeologists to have to go through one, two, three years down the track.
So I think leveraging APIs and data communication can be very exciting when you first get into it, and it’s sort of tempering the ability to start doing everything with it, and maybe not doing it in a structured and a considered way. Going back to the, “All right, well, if I just create myself an API account that’s got admin access, then I can just use that for whatever I want to do,” is a very easy way to get things set up and running, and maybe might be useful for a sandbox or a proof of concept, where you don’t want to be limited, but the second you move into production with real data and real people and real endpoints, that’s when you really want to peel things back, but also, understanding how that fits into the broader context of the organization you’re in.
You may have some compliance that you need to adhere to, and so maybe you need to do something in a less than ideal way, but it’s making sure that what you’re doing still meets the compliance for your organization and that you’re not going to get shut down or be asked to stop something or get called into one of those fun discussions with a compliance team about, “Hey, we’ve just noticed that you’ve got X, Y, Z configured, and that doesn’t meet these rules.” So it’s a lot to think about when you’re doing this, thinking about the implications of what you’re doing, not just, “I need to get this information or I need to perform this automation. I’ve found a way that works, therefore that’s the right way.”

Charles Edge:
It’s worth saying, the reason we need to authenticate to these APIs is because we need to do something, and I think most software is pretty much getting things in buckets in a structured fashion. That’s pretty much all we do for a living, and we pretend like it’s more, but sometimes it’s not. No offense to any of us, but maybe offense to…

Marcus Ransom:
It’s pouring those buckets into a trough and then turning the trough… The trough flows into…

Charles Edge:
Yeah, yeah, yeah, and that’s all about getting the buckets to flow that data in a structured fashion. So I guess, Selina, do you have thoughts on how vendors make web hooks or other triggers… We’re not getting into structured data exactly, but more just the alert side, the automation side, but do you have any thoughts on how the vendors can make those available to developers or what the better ways are? Because obviously, an unauthenticated web hook isn’t exactly the best way.

Selina Ali:
Yeah, that’s a nightmare waiting to happen. For me, when I think about how think about right roadmap and how can I help people get data out of LM, I always think about extensibility. I never want to be prescriptive as the integrations product manager, and say, “This is the way to do it. This is the only way to do it,” because that’s not how anyone works. You have to meet people where they’re at with their resource level. If they only have one guy who can work on this every now and then, or maybe they have a whole dedicated team filled with people who are going to build integrations or super great scripters, you have to meet people where they’re at.
So for me, it’s extensibility. Having many different ways to get stuff out of your product, whether you’re just having a very well-documented API, whether we have something in the UI like a custom HTTP integration, we have external alerting web hooks, we provide… We also have Ansible and Terraform modules trying to plug into what some folks are using, but also making it set up of like, “Yeah, okay, if you don’t want to use something that we’ve built out of the box, here are the tools to build it yourself, and here are the documents to help you along the way,” and making sure our support team knows about those documents and has at least a fairly basic understanding of, “How did these things work? How does our API work? How does our authentication work?”, answer some of those early questions, and having support for…
Like I said, groovy was new for me, so how can I build an integration that’s going to be written in groovy I don’t know anything about, or go making sure that we’re thinking about these ways and I love talking to customers and seeing what weird things they’re trying to do, and what [inaudible 00:38:28].

Charles Edge:
So many.

Tom Bridge:
It’s always the best. You’re on the call with the customer, and they’re like, “Oh yeah, and we were thinking about, I don’t know, starting ColdFusion using this household implement.”

Charles Edge:
ColdFusion.

Tom Bridge:
Wow. There were a couple of times where…

Charles Edge:
You mean the language?

Tom Bridge:
Long conversation… No, I was just joking about ColdFusion, but I would definitely not recommend anyone, in the year of our Beyonce, 2023, use the programming language ColdFusion. It’s been dead for some time. Now, that said, we were just talking about archeology, so dead things never die, but we think about some of the people out there going into detail. I was talking with a group not too long ago. They were like, “Hey, I still need to do kernel restarts… Excuse me, forced restart commands with kernel extension paths included,” and I was like, “Why?”, and then they had a very compelling reason why on their old Intel machines, they still needed to be able to include an old version of Fuse and do a whole bunch of other things to mount a common file system that was outside of our usual pattern, and then I was like, “Huh, okay.” You can go ahead, and now you’ll notice, if you go and look at the docs, you can’t do it in the gooey, but you can do it in the API. Here’s how you specify a kernel extension path to a restart command, so that you can get what you need to do. Sometimes you hear compelling things that don’t make sense, but still have a use. Right?

Charles Edge:
That’s a really interesting… I think that might be one of the very, very rare times that I hear, “Well, we added it to the API, but not the gooey,” and that that’s like… Because if you add something to the gooey, everybody can do it, but if you only add it to the API, only your most savvy people, customers, who know how script that…

Tom Bridge:
Generally speaking, I don’t want to encourage the use of kernel extensions anymore.

Charles Edge:
Right. That’s an interesting way to go about that. Well played, sir. Well played.

Tom Bridge:
I can certainly say that, “I want to support your end goal, customer, but I think you’re doing something that’s maybe dangerous and not well-thought-out,” but yeah, sure. Okay. If it just means adding a single path and variable to a restart command, okay, that’s not so bad.

Charles Edge:
I’ve been asked to do things that are very bizarre that… Once I fully unpack why they need it, even if it seems archaic… Sometimes you’re like, “Oh.”
One of my favorites is, “Well, our executives sometimes get kidnapped, so we need to do this thing,” and I’m like, “Oh, how often does that happen?” They’re like, “Often enough.” Literal conversation I had once, and I’m like, “Okay, well, I’ll build that, then.”

Tom Bridge:
Well, yeah, it’s pretty wild.
There’s a building around the corner for my son’s school, and DC being DC, you see some things on buildings that maybe you’re just a little questioning about, but my favorite is Crown Captive Insurance, which is right around the corner from my son’s school, and it’s very funny, because that’s not the kind of insurance that they do. You go out to their website and you’re like, “Oh, it’s just a car insurance company for fleet vehicles? What a weird name.”

Charles Edge:
Yeah. Talk about… “Oh, I was so curious, and now I’m not.”

Tom Bridge:
Super bored now.

Charles Edge:
Totally.

James Smith:
This week’s episode of the Mac Admins podcast is brought to you by Alectrona Patch. What would you do with your time if you no longer had to spend so much of it on packaging and deploying updates for third party app? With Alectrona Patch, you can install or update over 300 Mac applications automatically to keep your users protected with the latest security update.
Alectrona Patch works with your existing MDM solution by simply deploying a package and a configuration profile for ongoing management. It’s cloud native, so no server or package hosting is required, and the latest updates are delivered directly from the software vendor. You control which apps are installed or updated, so you deploy only what you need.
Alectrona Patch is customizable to ensure your users can update without interruption, so you can keep your security team and your end users happy.
Alectrona is a proud charter sponsor of the Mac Admins Foundation. Check out Alectrona Patch at alectrona.com/patch. That’s A-L-E-C-T-R-O-N-A.com/patch to learn more and to book a demo with our team. Thanks to Alectrona Patch for sponsoring this episode of the Mac Admins podcast.

Tom Bridge:
It seems like, at least in my experience, table stakes for any kind of integration stuff, any kind of functional integration piece needs to come with API documentation. Any thoughts on maybe swagger or Postman collections or API versioning, or other design patterns to communicate how to use APIs and communicate changes about them?

Selina Ali:
Yeah, I have many opinions.

Tom Bridge:
Let’s do it.

Charles Edge:
Yay.

Selina Ali:
So at LogicMonitor, I actually have no power over our API. I’m not the product manager for that, and I annoy that product manager all the time.

Tom Bridge:
I’m sure they love you for it.

Charles Edge:
That’s part of your job. So yes, well played.

Selina Ali:
I’m like, “Look, this is not good enough.”

Tom Bridge:
Good.

Selina Ali:
Part of that is being careful what you sunset, when you sunset. You brought up a good point of some of this old architecture that exists. When I was an archeologist, and this isn’t just because archeologists live in the past. Well, it’s a little bit that. There was a computer, this was 2018, and we can only run a software program on a Windows 98 machine, a 32 bit Windows 98. It was a critical piece of software that was for an international database that was hosted in the European Union, and the only way you could get data into this… It was a tree ring data. The only way you could get it was to use an old version of Microsoft Access on a 32 bit computer that was on 98. So we had to keep those things alive, and if you are someone like LogicMonitor, where we’re monitoring IT infrastructure, we have to make sure that we have some of that legacy stuff still available, even if we take it out of our UI, but it’s a little bit off topic.
I desperately, desperately always complain about having good API documentation, and not just what your endpoints are and what type of operations you can have. I want to know your error codes. I want to know everything about this. I want to see examples. I really, really like… Back at LM, a little bit before my time, we had a lot of technical blogs where we invited our engineers to write up stuff, and they’d say, “Hey, this is how I use the API to do this thing.”
When I started at LM coming from Jamf and coming working a lot with the Apple APIs, I was really into Postman. That was how I did all my API calls. So if there’s a Postman collection that I can just click the button and have it just appear for me to mess around with, that’s my favorite.
I think having swagger docs, SDKs, all of it, if you’re building an API, it’s kind of your responsibility to make sure that people can use it in whatever way they want to use it, and more importantly, if you can do it in the UI, you absolutely should be able to do it in the API, and that’s an argument I have almost daily.
As LogicMonitor, we’re going through a UI refresh right now, and part of that refresh is going to be creating new API endpoints, and there’s a big debate with me and everyone else of, “No, absolutely.” If there’s a new feature we’re adding in the new UI, we have to have it in the API. That’s not the case at LogicMonitor. There’s a few operations that don’t have API endpoints. You can only do through the UI, which hinders my job as the integrations person, because I don’t have special powers. I can’t communicate with the product internally any differently than a lot of our customers can. So I am not only an internal stakeholder, I’m also a kind of customer using our LogicMonitor APIs. So I think that’s why I’m the most annoying, and probably the most critical. Our APIs are fine, we’re getting there. It’s an ongoing process, but I’m not necessarily happy with our documentation. I think it could be better. I think it can always be better, and the second anyone says they have the perfect API docs or they’re happy, they’re not done.

Charles Edge:
I thought you just automatically generated them based on the actual… Nevermind.

Marcus Ransom:
Their existence?

Charles Edge:
That’s not actually possible.

Tom Bridge:
The thing is that one of the steps that I really appreciate about how we document our own API is that our tech writers are involved, and that you go to your tech writer to make sure that, “Hey, when we spend time updating the API, we may spend time writing about the API, because it’s an interface that our customers see and use.” Is it perfect? No. Is it adequate? Sometimes, and it’s 1% better every day. If you can add one sentence of extra documentation, if you can add one more thing that your customers can clearly understand, it’s hugely helpful.

Charles Edge:
I do feel like it’s very refreshing, Selina, to hear someone complain about their own stuff as a product manager, because it’s such an inherently political kind of position, and to be like, “Yeah, we suck at that,” but you don’t suck at that. You’re perfectly adequate at that, but you know can be better, and that kind of constant seeking to be better is just worth a little applause. So thank you.

Selina Ali:
Well, the way I go about with all of our documentation, and when I talk to my tech writers, I’m like, “Look, guys, I need to be able to follow your directions to do this thing, and I need you to understand, I have liberal arts degrees. I know enough tech to be dangerous.” So if I can follow it step by step and get something set up without getting frustrated or without getting lost or hitting an issue and not being able to find the answer, then I’m happy for it to be published. Then I’m happy for this to go out into the world. So I’m the bottom. I’m the low bar.

Charles Edge:
But more than a QA tester, and some of that stuff, you’re like, “How does anyone even do QA on something that…” Some of the stuff that we do is fairly complicated. I can’t imagine.

Selina Ali:
We’ll never know what the customers are going to do. You can try to think of every single scenario, and then somebody’s going to do something really weird.

Marcus Ransom:
Being able to feed that back into how you are evolving your product. I know this is something we’ve seen make an enormous change at Apple, is them working really hard to get a better understanding of what we, as Mac admins, are trying to do with Mac OS and iOS out in the real world, and to understand the impact of the changes that they put in, whether it be software update or what we saw with the background login items, and realize the impact of changes that they’re making and the direction they’re going, and understanding how we’re trying to do what we do with all of the services, APIs, lack of APIs, things like that in our organization, the sort of complex webs that we are required to weave, to get things to do what we need them to do, and to have that factored into the roadmap and the development, whether that’s about clear communication… We saw that with the kickstart command recently. Clear communication of, “Please don’t be running this every 15 minutes on every device. It will catch on fire,” and it’s great to know when you need to go in and start dealing with whatever processes you had doing bad things for good reasons, and fixing that so that you don’t end up having a really bad day.

Charles Edge:
Truly. I do feel like microservicey architectures are a thing, and we haven’t really talked about that, but any of us can write a lambda, we can string lambdas together into some bizarre workflow to do a bunch of things that we want to do. So any thoughts on how you’d like to see… Or at least in your environment, which we’re using you as a canary in the coal mine for all environments, so to speak, but any thoughts on how you’d like to see developers like Mac Admins, or third parties, even, like developer partners, integrate with tools in a kind of service oriented fashion?

Selina Ali:
It’s a really kind of new concept for us too at LogicMonitor. It’s something I’ve been thinking about a lot. I like the idea of them. We don’t have much… We have a lot of microservices internally that we use. I think the biggest danger I see, and where we have to be careful, is not over complicating things sometimes. Microservices can help you with speeding up the time between you do things and make things a little bit more efficient, you’re spreading the load around a little bit, but when you suddenly go from having something that you could have done with one endpoint or maybe two, to suddenly I have 10 or 15 different services that I have to get different information from, you have more points of failure.
So we’re thinking about it of like, “Oh, well, I can’t do this thing, because this service is down, or it doesn’t quite do the thing that I want it to do, or the update hasn’t gone out yet.” So I don’t actually have that much experience with it today, but it is something we’re thinking about, and carefully, because I don’t want to end up having something that’s overly complicated. It’s kind of balancing that efficiency, which there is great, those efficiency gains to making it hard to integrate with.

Charles Edge:
Well, yeah… Your point about, “Oh, this is something you can do in the UI…” If I remember correctly about your APIs specifically, if you have a JSON document, I can get that JSON document. If you have logic that your UI is performing on that JSON document in order for it to render on a screen in a way that I might want to click a button to see, and that’s not available, there’s still a way for me to get it, that JSON document, in your… I think Mongo or whatever database, in the backend.
So to me, as we get into these kind of microservicey things… I had a conversation with some of the developers that I work with, and we were trying to decide, okay, well, there’s an endpoint to show me a thing, but all I need to do is trigger a variable to true or false in the JSON document that I’m seeing with the Git, and I can post and see something, but I want to change a second variable. So okay, are we going to create a second microservice, or are we just going to expand the JSON that can go in and out?
It becomes a very nuanced kind of conversation. Like, okay, well, to your point specifically, yeah, we’re now making it harder, because we’re domino affecting a bunch of microservices, and if one fails, we’re increasing the points of failure along the way, and now we have key exchanges going back and forth and whatever, but the more object-oriented, you kind of end up wanting to be like, okay, I know how Lambdas does work. I know how many lines of code I can put in this thing, and if I want what I used to effectively use as a function to become a Lambda, then sometimes I’m going to have to start parsing out things that maybe don’t seem as logical, and as long as my naming convention…
I don’t know. That’s a pretty meta conversation, but yeah, it’s interesting to hear how a product manager from a real company, because I don’t consider anything I do a real company, thinks about these kind of things.

Selina Ali:
It’s always thinking about scale. I can think about what we’re going to do. So when I think about stuff like microservices, for example, or anything that I build, it’s like, “All right, what’s the bare minimum we can put out for it to be useful?”, but then how is this going to look in five years? How is this going to look in 10 years? We have to think kind of carefully about our naming conventions. For example, if you set start with v1, then you need to go v2, v3, v4, start getting into those.

Charles Edge:
Per endpoint or per entire API, right?

Selina Ali:
It gets deeply philosophical very quickly, and there is no right answer, and sometimes you just need to make a decision and be like, “All right, we’re going to do this and deal with the tech debt in the future.”

Charles Edge:
The tiebreaker goes to unit tests.

Tom Bridge:
It always does. SDKs are also a thing, like software development kits, and so any thoughts about why a vendor builds one or maybe doesn’t build one in addition to the APIs they offer?

Selina Ali:
I think it depends on how much you want folks to build integrations, to be honest. If you’re a company and you’re…
So some companies really rely on the community and on third parties to build integrations with their software. That’s part of what makes them relevant is, yes, I’ve made it easy for you to build integrations and now I’ve spread through into the world, and everyone can talk to us and that’s really nice, and so they try to make it as easy as possible.
Other companies maybe don’t see the value. I think there’s always value in it, just because, as the integrations pm, it’s in my best interest to make it as easy as possible for folks to integrate with us. It makes my life easier because if they can do it themselves and I don’t have to do it. It’s just the reality of it. If there’s something that you want, you can build it yourself or you can pay professional services to do it. We need to make it easy for that to happen.
But it’s kind of like balancing, “Okay, how important is it? If we have good API docs and we have say a good swagger and we have Postman collections, how much more value are customers going to want from this? How many people are going to use it? How many people are going to build something cool?”, and looking at it in this very business oriented way… As the PM, that’s always kind of what I’m looking at, is, yeah, this would be nice to have, but if nobody’s going to use it or if 10 companies are going to use it, then great, I’m happy for them, but it’s kind of a waste of my dev’s time to build this, but I think they should always be available, but I’m biased, and I don’t always win that argument internally.
I often go to my customers, sometimes perhaps a little leading, of like, “Oh, tell me what you want to build.” “Oh, wouldn’t it be nice if we had this thing?” “You know that you can file feedback for that.”

Tom Bridge:
I’m not saying I don’t court feedback requests on things all the time that I want. It’s nice for me to want things. It’s nice for everyone else to want the things that I want. I’m just…

Charles Edge:
So speaking of things that you want fixed… So true story. Let’s say a developer gets an error code that isn’t documented, maybe with LogicMonitor, maybe not for any old random vendor. How would you recommend… This doesn’t have to be specific to you guys, and we’re actually… I’m going to expand this to Tom and maybe Marcus after, but how would you recommend they get information as to what that error code is, because it’s not in the docs?

Selina Ali:
Honestly, I’d just say Google it. If somebody comes to me as the product manager and they’re like, “Hey Selina, I’m trying to build this thing and I have this error code. Please help me,” me, as product manager, internal person, would be like, “I got you,” and then I’ll ask people internally and be like, “Yo, I got this error code,” but if you’re external and you don’t have a contact, so we build integrations all the time, but we’re not working with the vendor directly. We’re just Googling stuff. I always Google all my error codes. I’ve been working a lot with Ansible the last few days, and then my Google is just filled with different error codes, different things, and sometimes the exact code doesn’t exist, and then I Google words that are kind of like that, and eventually I’ll usually find something.

Charles Edge:
With Ansible, you’ve got to go to source. That gets really complicated. That’s an interesting… Yeah, I could imagine if you’re in a company who has to be SOC2 compliant, so not any old body can see source, as an example, that you’re tapping a developer on the shoulder at lunch, like, “Hey man, I’ll buy you a hot chocolate if you’ll tell me… If you’ll just search the entire repo for this string.”

Selina Ali:
If it’s something that’s not documented internally that somebody reaches out to me, like a development partner or something, and then I’ll reach out to my docs writer and be like, Hey, somebody asked me this question and I didn’t know the answer, and now we know the answer. So put that answer up there. So nobody has to ask me again.

Charles Edge:
So how about you, Tom?

Tom Bridge:
Well, generally speaking, I start with the same thing. The Google machine is where I go, but if it’s an internal JumpCloud thing, I have a channel for that. I have a team that is called the Smoke Jumpers at JumpCloud, and they jump into the difficult support situations. They’re part engineer, part sport, and I’d just drop into the channel and be like, “Hey, I did this crazy thing, and this other crazy thing happened. What did I do, and how did that happen?”, and usually someone amazing, like Andy Hendrickson, tells me exactly where I went wrong, and that’s where we start.
If it’s not my JumpCloud stuff, yeah, Google FU is a great place to look. So is any kind of Google string with quotes around it from the error message in specific. The other things that I tend to do is search the Mac Admin Slack for that error code, because who knows? I’m probably not the only person who broke it like that, and ask questions, go spelunking. Try and make it fail in new and different ways by changing individual flips, individual variables that you’re tinkering with, but I just like to go in and break it until I break it thoroughly, and I understand the depth and the breadth with which I have broken it, and that’s usually helpful to find out where the other error codes are that I won’t have known.

Marcus Ransom:
Also giving you an indication of… So [inaudible 01:03:12] troubleshooting was fantastic to do some training on that and have a look at, when is it happening? When is it not happening? How many people are happening? Where? When? Why? Who? Going and doing all of that Google, ChatGPT, Mac Admin Slack, and before you go and ask someone, actually having a little bit of context… There’s nothing worse than someone coming to you and going, “Hey, I’ve got this error message. What does that mean?”, and they’ve not actually done any investigation themselves, where if someone comes to you and say, “Hey, I’m getting this error message,” and the only other example I’ve seen of where it’s happening is this, but that’s actually nothing to do with what I’m doing, and was from a post that was 12 years ago anyway, so is probably unrelated… When you’re asking someone for help, actually giving them a little bit of help in providing you help rather than just demanding an answer out of nowhere, and making them have to go and do all of the research that you are probably going to be a lot faster at doing anyway.
Even if it’s for them to just turn around and go, “Hey, yeah, no idea. Let’s find out, or maybe go and speak to this person, because that’s their area of responsibility,” but at least getting error codes back is good. There’s nothing worse than when you just get, “a bad thing happened.” Contact your system administrator, and you go, “Well, that’s me.”

Selina Ali:
Unknown error.

Charles Edge:
Yeah, unknown error, even better. So the third most visited page on Crypted is this list of error codes I wrote up for… All the error codes at that time for the Mac, and I used it [inaudible 01:05:12] to automatically generate this, and I took a stab at trying to document what each one did, but they are 25,000, so I didn’t get that far. A bottle of wine only goes a couple hours max, but the nice thing about rest is there’s kind of a known design pattern for how each endpoint should respond with this error code, that error code, and then inside that, each developer can say, “Oh, well, that didn’t match this [inaudible 01:05:50] string, so it’s going to output this other numerical code or hex code,” or what have you. So yeah, that’s super interesting.
I like that, Selina, you led with the knowledge of the crowd, kind of like, “Oh, Google it,” because no matter how many docs our tech writing team writes, or how many whatever, there’s this infinite, vast amount of information that Tom later said the ChatGPTs could then make codified, in a way. So that’s very interesting. Thanks.

Selina Ali:
That’s what made me a great champ support agent, was having websites like that where I could see, on Crypted, all those error codes, but also Jamf Nation Reddit, oh, man, it’s a little shameful how many support cases I solved by looking at old Reddit threads.

Charles Edge:
I love that response too.

Tom Bridge:
Here at the Mac Admins podcast, we want to say a special thank you to all of our Patreon backers. The following people are to be recognized for their incredible generosity. Stubacca, thank you. Adam Selbie, thank you. Nate Walk, thank you. Michael Tsi, thank you. Rick Goodie, thank you. Mike Boylan, you know it, thank you. Melvin Vivez, thank you. Bill Steitz, thank you. Anoush Dorville, thank you. Jeffrey Compton, M.Marsh, Stu McDonald, Hamlin Crusin, Adam Berg, thank you. AJ Petrepka, thank you, James Strasie, Tim Perfit of Two Canoes, thank you. Nate Sinal, Will O’Neill, Sebnash, the folks at Command Control Power, Steven Weinstein, Chet Swarthout, Daniel McLaughlin, Justin Holt, Bill Smith, and Weldon Dod, thank you all so much, and remember that you can back us if you just saw head out to patreon.com/macADMpodcast. Thanks everybody.

Charles Edge:
So we did come up with a bonus question.

Tom Bridge:
Oh yes. We’ve got a good bonus question this week, and the bonus question is usually not technical, so we’re going to dive right into it. If you could discover one fact from history, what would it be?

Selina Ali:
Oh, man, that’s hard, and that’s a good one. Usually I get questions of, “What’s the best thing you’ve ever found?”, or something like that.
All right, so this is super nerdy and very niche, and I’m probably the only person… Well, there’s maybe a dozen people in the very niche maritime world. It is not really a fact so much as a moment. So the reason why I love shipwrecks, this is kind of a longer answer, so sorry about that.

Marcus Ransom:
No, this is good.

Selina Ali:
Context is needed. The thing that I loved about boats and what drew me towards boats isn’t just because they’re cool, because they are, objectively, obviously. Everyone can see that, but there’s something innate about humans, of… They see the sea and they want to go towards it, and even today, 80% of people in the world, I think it’s like 80 some percent, live within 10 miles of a body of water, whether it’s a river or a lake or something.
We have been going into the water, into the ocean since before civilization, before farming, before pottery. It’s thing that predates… It’s one of the earliest needs of humans, and I would really, really, really like to know what that first person… Probably wasn’t even a modern human. It was probably an early human. What that first early human’s thought was of, “I want to go out there,” and what that boat looked like, whether it was something that floated, just like a raft, a piece of wood, but how did they solve that problem of, “Food’s there. I want to get there, but I also want to get back, preferably with all of my arms and legs. How do I do that?” So I think that’s the one thing that, if I could learn, would be.

Charles Edge:
Because 50, 60,000 BCE, there probably would’ve been a lot more things in that water to eat you. We’ve killed a lot of them and eaten them.

Selina Ali:
Yeah, they’re pretty tasty.

Charles Edge:
Yeah. Yeah. I do love tasty, salty ocean animals. How about you, Tom?

Tom Bridge:
This one’s really, really tricky, because it’s like, give me the fact. So here’s the fun bit. I have an incredibly useful, useless degree in history of technology and thinking about those things. It’s not the fact that I’m interested in. It’s the circumstances surrounding it, all of those things.
So this past summer, I had the chance to go up to a great bar up in the hills in above Silicon Valley, and it happens to be where the first email was sent from, and it was one places where they set up the packet radio gear and dot those things over, and while it probably needs a sign that says, “This is not a place of honor. No grand deed is commemorated here,” and all of the historical warning figures that we might use for nuclear waste, or something along those lines, I want to follow that team around for that day and understand that whole, “I’m sending the first email.”

Charles Edge:
I thought Ray Tomlinson was… Had he moved to… Oh, I feel really stupid right this second. So he was working for BBN when he sent that email, right?

Tom Bridge:
I am assuming it was a BBN project. I’ll need to go find the rest. I’ll find the article here, but it’s a great bar. It’s a great beer bar.

Charles Edge:
Because it’s BBN, I assumed… I always assumed that he was in Boston, because that’s where BBN was based, but yeah, I never thought to be like, “Oh, what node on Arpanet was that sent on?” Interesting.

Tom Bridge:
It might be the first email sent over wireless as opposed to the original Ray Tomlinson from [inaudible 01:12:10].

Charles Edge:
Because that would’ve been over aloha net, right?

Tom Bridge:
Yeah, or something similar.

Charles Edge:
Yeah, something, yeah. Interesting. Cool beans. How about you, Marcus?

Marcus Ransom:
I’m sort of fascinated by what you were saying, Selina, about the idea of going on a boat and coming back in one piece, and that’s sort of an area of history that fascinates me. The idea of so many of the first to do this, and the first to do that, that’s in documented history, relies on not just the success on being the first to get somewhere, but actually being able to come back and tell people about it.
So we imagine Armstrong and Aldrin were the first on the moon, but they were the first on the moon that came back again. If it hadn’t have gone as well as it did, depending on which conspiracy theorists you talk about, how would we have known about it?
Yeah, a really, really good example of this is George Mallory. So he was a mountaineer that was one of the early expeditions to summit Everest, and didn’t make it back, and there’s so much conjecture as to, they’ve found his body, they’ve found where he is, they’ve been able to photograph it, he’s preserved on the mountain, but did he die on the way up or on the way down? So was he, in fact, the first that we know about to reach the peak of Everest? But also this idea of, well, we only know what we know. We only know what we’ve been able to find, and most importantly, what we’ve gone looking for.
Was there, 50,000 years BC, a group of pre-humans with much better thermal protection that went up there then? Maybe the mountain was higher. Maybe it was shorter. So yeah, that sort of stuff is so fascinating.

Tom Bridge:
Well, maybe because the mountain would’ve been shorter [inaudible 01:14:07]…

Marcus Ransom:
So maybe something else was higher, but that idea of history, that we only know what we are looking for, and when people discover things, looking for something else that they weren’t even looking for, and it completely changes what people thought, what had been celebrated, what had been documented, and I sort of think about that with Mallory, where if it was discovered that he was, in fact, the first to make it to the summit, that would then change what everybody has celebrated about Hillary, Tenzing Norgay, all of this sort of stuff, which would be awful for them, but yeah, this idea of what’s documented in history is just your opinion, dude. It’s just what someone knows, and it may not actually be correct, and that’s something that discovery is amazing, where someone can come across something that just completely knocks things out, and especially now when we have so much monitoring and tracking of what’s going on.
You think about the early moonshots, where they’d go around the dark side of the moon and there was no communication, whereas now we can have some satellites out there and they can still communicate and everything like that. The idea of someone just making themselves some sort of floating device and pushing it out through the surf and wondering what they’re going to find, and did they actually tell anyone they were going out there? You think there’s so much more that we can discover, and this idea of who discovered countries or islands, despite the fact that there were ancient cultures already happily living there.

Charles Edge:
Spoken a true Australian.

Marcus Ransom:
Exactly.

Selina Ali:
Well, it’s discovery and it’s continuous rediscovery, because it wasn’t just one person who went out into… There were multiple people all around, I’m sure, or early [inaudible 01:16:07].

Marcus Ransom:
Exactly.

Selina Ali:
Yeah. Rediscovering. Relearning, but even today, despite all of those stuff that we have…

Marcus Ransom:
Taking what belongs to somebody else… Was never needed to be discovered anyway.

Selina Ali:
Put it in a museum very far away from…

Charles Edge:
Yeah. From where it should be. Yeah. So what were you going to say, Selina?

Selina Ali:
Oh, just, yeah, about rediscovering things, and even today, in our world of where we think everything’s documented, I think we’re losing a language a day or something like that, a language a week in the world, and intangible heritage.

Charles Edge:
A species.

Selina Ali:
Yeah, a species, it’s fine. It’s nothing to worry about, but intangible heritage protection. People think about UNESCO world heritage, and they usually think of these big… The Colosseum and these big sites, but intangible heritage is something that UNESCO protects. The Viking ships. I used to work for the Viking Ship Museum, and that just got its intangible…

Charles Edge:
In Malmö?

Selina Ali:
No, in Roskilde.

Charles Edge:
Oh, okay.

Selina Ali:
Not far from there.

Charles Edge:
I went to the one in Malmö, but not…

Selina Ali:
Roskilde is the best one.

Charles Edge:
I love it. Spoken like an actual Dane or Swede, because they’re like, “Oh, we are the best and we are the best,” and after hundreds of years of fighting, they’re now like, “Well, we’ll just be the best, and we won’t fight anyone.”

Selina Ali:
I sailed with the Viking Ship Museum for six years on the Viking ships, and having met the Norwegian sailors and some of the Swedish sailors as Danish… I’m not even Danish, but I consider myself a Danish Viking ship sailor. We’re the best.

Charles Edge:
Love it.

Marcus Ransom:
So what about you, Charles? What piece of history would you like to know?

Charles Edge:
So having just finished a history book, I would say the antikythera device and the history of technology book. To me, that is… There are these moments of inspired technological advancement that doesn’t… Selina, you had a very good word for this, continuous something, but there are these moments where something happens, and then it doesn’t happen again, and so there’s no evolution from that moment. It’s kind of like a dead language, and I think the antikythera device, the first kind of “computer”, whatever, it’s adjacent to your shipwreck research. So that’s what made me think of it, but who actually made it?
Some people say, “Oh, well…” I’ve heard [inaudible 01:18:50], but it was like 400 years after he died. So probably not so much unless he got really old. Who knows? If you’re a seventh sage, you can probably live for as long as you choose, but yeah, I would say who made that and why did that kind of technological trunk of history, or the history of clockworks, I guess, die off. We always say that it was Greek, and it’s worth saying it was found on a Roman ship. So was it Greek or Roman? Also, Rome had conquered Greece by then, so theoretically it was all Roman… Whatever. I’m babbling. Sorry. We can end the episode.

Tom Bridge:
Nah, Charles, we’ll just get it from you next time. It’s cool.

Charles Edge:
All right.

Tom Bridge:
Selina, thank you so much for joining us this week. It was a great pleasure to talk with you. We hope you’ll come back and join us again. Yeah.

Selina Ali:
Of course. Especially if we do like a archeology episode. I’m not saying we should, but…

Charles Edge:
Two history of technology nerds, you’re bound to…

Tom Bridge:
I was going to say, I feel like the archeology of computers is a subject that would be fascinating to construct at a bare minimum.

Selina Ali:
Yeah, we can set the foundations of a PhD. I’m just saying.

Tom Bridge:
I was going to say, one of these days I’m going to be done with my technical work and go back into academia, but I’m not there yet.

Charles Edge:
If it paid, I would’ve done it 20 years ago.

Tom Bridge:
Oh, totally.

Charles Edge:
30.

Tom Bridge:
My problem is the way in which it pays is challenging in and of itself. So it pays in lots of weird jobs.

Marcus Ransom:
Enlightenment is payment.

Tom Bridge:
Correct. Enlightenment is payment. I will give you that.
Selina, if folks want to find out more about your work or you, where can they go looking?

Selina Ali:
I am on LinkedIn. I don’t log on as often as I should. So if people send a request and they don’t hear from me for a week or two, I am probably not ignoring them. I just haven’t logged on. I’m on Mac Admins.

Tom Bridge:
Awesome.

Selina Ali:
Selina.Ali is my Mac Admins. Feel free to Slack me, and if you want to ask any history nerd related questions or just get random facts of the day to slowly change your social media algorithms.

Tom Bridge:
Yes, please.

Selina Ali:
Archeology fact of the day. I’m the only poster in there every day, so if people find folks that are interesting on their feeds, feel free to post it in there. Spread the love.

Tom Bridge:
Yeah, for sure. Awesome. Thank you so much for joining us week. It was a great pleasure to talk with you, and of course, thanks so much to our wonderful sponsors, Kandji, Kolide and Alectrona, and thanks everybody. We’ll see you next time.

Charles Edge:
See you next time.

Marcus Ransom:
See you later.

Tom Bridge:
The Mac Admins Podcast is a production of Mac Admins Podcast llc. Our producer is Tom Bridge. Our sound editor and mixing engineer is James Smith. Our theme music was produced by Adam Kudiga the first time he opened Garage Band. Sponsorship for the Mac Admins Podcast is provided by the macadmins.org Slack, where you can join thousands of Mac admins in a free Slack instance. Visit macadmins.org.
Also by Technolutionary LLC. Technically, we can help.
For more information about this podcast and other broadcasts like it, please visit podcast.macadmins.org.
Since we’ve converted this podcast to APFS, the funny metadata joke is at the end.