Episode 315: Just Us

Rapid Security Response, the iMac turns 25, Apple financials, and… WWDC predictions!

Hosts:

Tom Bridge, Director of Product Management, Devices, JumpCloud – @tbridge@theinternet.social
Charles Edge, CTO, Bootstrappers.mn – @cedge318
Dr. Emily Kausalik-Whittle, Manager, Client Platform Engineering, Jamf – @emilyooo

Links:

Click here to read the transcript

This week’s transcription is brought to you by Alectrona

James Smith:
This week’s episode of the Mac Admins Podcast is brought to you by Kandji. You know where the biggest potholes are when switching device management solutions? It’s not the prep work or figuring out how to replicate your current configuration in the new system. It’s that moment when management is temporarily removed from a Mac, leaving you with no control. From there, you have to rely on users to follow your instructions and enroll their devices into the new solution. Multiply by hundreds or thousands of devices and support tickets and errors start cropping up at scale. Kandji has changed the game with this migration assistant, a seamless tool with completely customizable logic that guides users through enrollment into Kandji’s device management solution so your support team won’t have to.
100% free for all new customers, Kandji’s migration assistant is just one piece of an overall exceptional experience Mac Admins enjoy with the use of Kandji’s comprehensive solution. To learn more, head on over to kandji.io/migration. That’s K-A-N-D-J-I.io/migration, or join the Kandji channel on the Mac Admin Slack to say hi and see what they’re up to. Thanks again to Kandji for sponsoring this episode of the Mac Admins Podcast.

Tom Bridge:
Hello and welcome to the Mac Admins Podcast. I’m your host, Tom Bridge. Charles, how are you?

Charles Edge:
I am doing great. It’s beautiful. There’s geese. Sorry if you hear them in the background. The window at my desk looks out over a lake, so every now and then… And this is the time of the year where they get really chatty. I don’t know what they’re saying. I think it’s, “Hey.”

Tom Bridge:
‘Tis the season and soon you’ll see goslings and all of those things. But it’s always a great time of year. I always love that. We’ve got a little nest above our transom above our front door with a nesting pair of mourning doves. Every year, they try and have a clutch or two there. There’s some competition in the neighborhood and so something will frequently spook them off sometimes before they lay their eggs, sometimes after, sometimes before the kids have fledged. So yeah, the circle of life and all of that jazz. But I was going to say, it’s always fun to see those kind of good things. Emily, what are the wildlife situation in your yard these days?

Emily Kausalik-Whittle:
So many bunnies. So many bunnies.

Tom Bridge:
Yeah.

Emily Kausalik-Whittle:
Isabelle has started naming them.

Tom Bridge:
Oh, danger.

Emily Kausalik-Whittle:
One of them is called Taxi, which is a great name.

Tom Bridge:
That is a great name for a bunny.

Emily Kausalik-Whittle:
The geese thing is funny because… I grew up in the Midwest and around this time of year is when school’s wrapping up. At the end of the year, we’d always do our mile run in gym class.

Tom Bridge:
Oh, yeah.

Emily Kausalik-Whittle:
And we would run from the elementary school down the street to the main street and back because it was about a mile, and this time of year is always when there are geese everywhere just pooping everywhere. So we would go run our mile and be dodging goose poop. I’m trying not to swear all the way down the sidewalk [inaudible 00:03:19]. So it just always makes me think of running the mile in fourth grade when the geese are out.

Charles Edge:
[inaudible 00:03:26].

Tom Bridge:
Yeah. I was going to say that was always the fun part at merry weather because they had a flock of Canada geese and they would just poop everywhere and it was just awful.

Charles Edge:
It fertilizes my grass.

Tom Bridge:
Hey. There you go.

Emily Kausalik-Whittle:
That’s the positive spin.

Charles Edge:
I don’t use fertilizer, so-

Emily Kausalik-Whittle:
There you go.

Charles Edge:
They do it for me.

Tom Bridge:
There you go.

Charles Edge:
The previous owner of the house fertilized, and so when we bought it, it was this perfect super tight packed grass and I’m more not that guy.

Tom Bridge:
Yeah. I’m definitely not that guy. We’ve pulled up all of the naturally occurring grass in our front yard and replaced it with native species, and so I’ve got a bunch of indigo that is going live right now. I’m really excited about that because you get these deep, deep purple flowers that fan out and you get these gorgeous sprays of great big purple flowers, and then probably at about a month, we’ll get the echinacea in and then we’ve got a carpet of color that goes for months. It’s fantastic.

Emily Kausalik-Whittle:
Yeah. We are talking about xeriscaping our yard because down here, grass is basically, we call it colonizer grass.

Tom Bridge:
Oh, yeah.

Emily Kausalik-Whittle:
Because most of that grass is just not native down here and it’s just a bunch of white people moved to Texas and went, “We want grass here too,” and it’s just such a waste of water and resources.

Tom Bridge:
Yes.

Emily Kausalik-Whittle:
So we’re letting it die. We don’t care and we’re likely going to scrape most of it out and xeriscape the yards and save hundreds of dollars in water costs every year.

Tom Bridge:
My folks have done it with walnut shells. They’ve replaced a lot of their yard with walnut shells, which is it’s crushed walnut shells. You get these tiny little fragments of walnut shells and they’re phenomenal mulch at that point and it just destroys whatever grass is there, keeps it from coming back. You got to bring more walnut shells in every now and again, but it’s a great way to have a yard that is xeriscaped like that. You don’t have to water the walnut shells, that’s for sure.

Emily Kausalik-Whittle:
Makes sense.

Tom Bridge:
And in California, we know that makes a big difference.

Emily Kausalik-Whittle:
Yeah. Texas too.

Tom Bridge:
Yeah. Marcus is on assignment this week. He is somewhere between Sydney and Auckland at this point, over the air. He threatened to call in from the plane, but then found out they don’t have Wi-Fi on those plane. So-

Charles Edge:
I was just looking forward-

Emily Kausalik-Whittle:
I didn’t know that was possible anymore.

Charles Edge:
Exactly.

Tom Bridge:
I think it would’ve made for scintillating audio as the passenger in 27B suggested that we were probably doing it wrong and we should go back to imaging.

Emily Kausalik-Whittle:
Tom.

Tom Bridge:
And that’s when the air marshal would need to be called. But do they have air marshals down there? I’m assuming they have air marshal.

Charles Edge:
I would assume. But is imaging just another name for Rapid Security Response or is that just a horrible segue into our first [inaudible 00:06:22].

Emily Kausalik-Whittle:
Just-

Tom Bridge:
What a great segue.

Emily Kausalik-Whittle:
Don’t. It’s rude, frankly.

Tom Bridge:
Well, here we are Sunday, the 7th. You’ll get this on the 15th roughly. Earlier this week, Apple ruled out their very first production Rapid Security Response update iOS 16.4.1 (a), macOS 13.3.1 (a). That A is wrapped in parentheses and appears with a space between the parentheses and the version number.

Charles Edge:
And that doesn’t-

Emily Kausalik-Whittle:
And a hidden emojis of air quote fingers moving up and down.

Charles Edge:
Animated emoji at that, right?

Emily Kausalik-Whittle:
Yes. Animated, yes.

Charles Edge:
And that doesn’t screw up any regular expressions or naming conventions that we’ve all been using, right?

Tom Bridge:
I will say I was very thrilled to see them not just shove that into the… If you do the version number checks that are done via the command line, if you ask for the software version, it’s still going to say 13.3.1 or 16.4.1. There’s an extra flag there that’ll tell you which of the rapid response or security response pieces there are there.

Emily Kausalik-Whittle:
Yeah, because when you look at the status push from declarative device management to your management server, which is reporting the supplemental build, it’s in a completely different field.

Tom Bridge:
Yeah.

Emily Kausalik-Whittle:
It’s just not even in the same field at all.

Tom Bridge:
No.

Emily Kausalik-Whittle:
So whatever management solution you’re using would have to append the supplemental build to the standard minor version build of your operating system to report it in the same place. Anyway, Jamf did this. I would imagine other vendors did this as well. It’s reported separately and you have to build out all your reporting separately, those things.

Tom Bridge:
Oh, yeah. I was going to say, for those of us still on the old MDM one frameworks, yeah, the version numbers come back as 13.3.1. It’ll give you a build number that’s different. It’ll give you a build number that now ends with an A and that is now the piece that’s there. What was hilarious for us was our software versioning system saw it as a rollback and called it out as a rollback because the build numbers stayed the same, but the, I’m sorry, the semantic versioning stayed the same, but the build number changed. So we assumed that that was a rollback and I was just like, I see what you tried to do there, engineering, and we’re going to have to have a chat.

Charles Edge:
So that does bring up a really interesting point. Aside from what RSR is, which I guess we can jump into in a second, but every now and then, and this happens with built-in apps on the app store, this happens with all kinds of things where every now and then there’s something that just changes the naming convention a teeny bit. You said it looked at it as a rollback, so a little inside baseball or whatever sports metaphor works. What does your engineering team then have to do?

Tom Bridge:
Well, [inaudible 00:09:28].

Charles Edge:
And [inaudible 00:09:29] perspective.

Tom Bridge:
Yeah, I was going to say we certainly want it. We’ve told our customers and we’ve popped this into various alerts and tickets and comments on their community forum. There’s a whole bunch of things you got to do at that point to message it out to your people to say, “Hey, by the way, we know that this is reporting as a rollback. We’re going to be fixing that in the future, but for the moment, don’t panic. Your systems haven’t gone backward in time. In fact, they’ve gone forward,” and we’re going to have to alter the logic at that point and you got to alter the logic for those kind of directory insights events that says, “Hey, by the way, you’re going to see the version number stay the same and the build number change.” That’s not a rollback. That is in fact a roll forward and it’s now got this security update that’s associated with it.
What’s really interesting was our patch management scheme doesn’t see them as a full-on version patch because of where we get our version information related to the builds because there’s no entry in gdmv.apple.com, which is Apple’s software updates public JSON array that’s out there at gdmv.apple.com/v2/pmv. If you put that in Chrome, by the way, there’s a TLS error. I don’t understand why that is, except nobody at Apple uses Chrome, so they probably just didn’t check, but there’s an error there and that’d be nice to see them fixed. But it’s not really published anywhere. There’s no RSS feed for it or no RSS feed entry for it. It’s not out there published any place that I could see it. As far as I can tell, that’s intentional.

Emily Kausalik-Whittle:
Yeah, because the plan is that once there’s a minor version that rolls in that update, their RSR is deleted and gone. It doesn’t exist anymore, so why would they-

Tom Bridge:
Exactly.

Emily Kausalik-Whittle:
… bother publishing-

Tom Bridge:
It’s ephemeral.

Emily Kausalik-Whittle:
… it somewhere. Right, it’s completely ephemeral.

Tom Bridge:
That’s [inaudible 00:11:25].

Emily Kausalik-Whittle:
Yeah.

Tom Bridge:
And it’s wild because suppose they release another one, suppose they release B on Monday and things along those lines. Now you need A and B, but both A and B are ephemeral at that point, go away as soon as whatever rapid response update happens after that, whether that’s 13.3.2 or 13.4. Either of those are going to contain the rollup update that is there and those updates are going to stop being delivered. That is the neat thing about RSR is that it is intended for use with only the latest version of the operating system, and it’s a little tiny bit that you just add on the existing operating system.

Emily Kausalik-Whittle:
Yeah, or to be even more granular in that, it’s targeted to a very specific minor version of macOS.

Tom Bridge:
Correct.

Emily Kausalik-Whittle:
And in that moment, it would be the most recent one, right?

Tom Bridge:
Yes.

Emily Kausalik-Whittle:
But our 13.3.1 (a) is only for 13.3.1, and if you’ve got folks that are still on 13.3, they’re not going to see it. They’re going to upgrade-

Tom Bridge:
That’s exactly.

Emily Kausalik-Whittle:
… to that one, and then they’re going to see there’s another update available for your Rapid Security Response update.

Tom Bridge:
Can I ask a fun question, Emily? You’re the practicing admin out of the three of us right now. How did you take 13.3.1 (a)? What was your response internally?

Emily Kausalik-Whittle:
If the little badge on system settings bothers you, go update. If not, don’t worry about it. I don’t have a CVE. I can’t rate the risk posed by the update. This is the first one and I’m operating under the assumption that probably within the next two to three weeks, we’ll either have another rapid release or another minor version update, and then I’m just going to be forcing people to turn around and update anyway and they’ll get that security update rolled into the next minor version. So just didn’t seem worth it to roll that out to everybody, especially considering that for us, we have Jamf Trust. We have network threat prevention, DoH. We have Jamf Protect. We have multifactor on single sign-on for most of our services that folks log into. We’ve got all sorts of protections and mitigation layers in place.
If I can’t sit and really say that this Rapid Security Response is going to address a vulnerability that we can’t mitigate with the other layers of security and protocols that we have in place, just not going to do the additional engineering effort for my tiny team to try to address it. That’s our unofficial, me Mac admin stance. I don’t know if Jamf’s ETO info stack team really has its own policy around that yet because it’s so new. It’s so new.

Tom Bridge:
That was exactly it.

Emily Kausalik-Whittle:
We just haven’t really determined what our approach is.

Tom Bridge:
I definitely traded emails with our CISO this past week going over what’s the risk here. Is there guidance for any of this?

Charles Edge:
Everybody says, “I don’t know.”

Tom Bridge:
Everybody says, “I don’t know, man.”

Emily Kausalik-Whittle:
[inaudible 00:14:43].

Tom Bridge:
I think that one of the interesting things that I thought might be possible here is that for exactly the reason you describe, where we have all of these other tools that are out there to help us figure things out, part of me started to think, are these updates for the same audience as lockdown mode, where you’ve got somebody whose threat profile is so high that you want to do every little last thing? Part of me started to think, is that how to approach it? Is it a place where it’s like, “Oh, right, maybe this is for the CFO and for the CEO and for anybody who has access to prod or live prod” or maybe it’s just not that?

Emily Kausalik-Whittle:
I have not talked to anyone at Apple about this. This is just me being me as a sole individual thinking about this. This feels like a security update rolled out to the highest risk devices, not just at organizations. We’re talking just in the population of the world and they are individuals who buy Macs for their house and they go sit at Starbucks and they have a password that’s one key on their keyboard or whatever. This is like, “Hey,-

Charles Edge:
You need a fingerprint key?

Emily Kausalik-Whittle:
Yeah. That’s the thing too with system integrity production and [inaudible 00:16:10] and all of these things that Apple has built into the hardware to mitigate being able to plug in a keygen whatever into a Mac to do stuff. I just feel like this is them saying, “If you recognize yourself as incredibly high-risk because you either don’t have mitigating tools in place or you’re an individual who doesn’t put CrowdStrike on your Mac or whatever, here’s an extra layer of protection for you,” but what’s the carrot for them to install it, especially since after they install it, they could just go click a remove and restart button and just rip it right off again if they want to? I’m hoping that with the release notes for the next minor version of macOS, so 13.4.

Charles Edge:
You’ll know what CVE was covered?

Tom Bridge:
Yeah.

Emily Kausalik-Whittle:
We’ll learn a little bit more about what was being mitigated, but man, it’s going to be probably at least another week, two weeks from now.

Charles Edge:
Yeah. If you have two billion devices out there, and I don’t know what percentage are running the “latest”, but if you have two billion devices and let’s say 10% are running the latest, then you have 200 million devices that something like this will get rolled out to, I did witness some of our devices not getting it for three, four days. Most of them got an alert within 24 hours, but some, it was a few days. I think no CISO ever got fired for overprotecting the organization.

Emily Kausalik-Whittle:
That’s fair.

Charles Edge:
So I would suspect that the policies will be like, oh, this has to be run immediately. This is big. Whether it is or not, we won’t know, like Emily said, until we see the first patch release and can prognosticate that this was covering these two CVEs or whatever. So that’s my take. Anyone who works at a company with a CISO is going to have to run these and report that they were run immediately because no CISO ever got fired for doing so.

Tom Bridge:
Oh, yeah. I was going to say, I certainly think that there’s going to be varying responses here. I’ve also known a lot of CISOs who are in the absence of information about risk, I have to assume the worst.

Emily Kausalik-Whittle:
The worst, yeah.

Tom Bridge:
And I’ve met others who basically say, “In the absence of information about this piece, I can’t know, but I can trust my gut.” Now, I will say for iOS, it was like 45 seconds to apply this update. It was the least disruptive update-

Charles Edge:
Well, did it reboot?

Tom Bridge:
… I’ve ever had. Question mark? Unknown. I’m assuming the answer is yes because it had to graft on the cryptex and do that and essentially apply that in real time. It feels like at least a partial reboot at that point. macOS definitely is. I was going to say, but even still, some very nice changes here in terms of the amount of time that it took to do it, the small file size, which for large fleets on difficult networks is certainly welcome. So those two things were quite excellent. I think that Apple got a little bit of a question mark out of everybody when they said, “Why do I even need a restart? I thought you said this didn’t need a restart.” And the answer is depends. If we look at these update structure, what’s inside the cryptex is an encrypted object, which we can’t see and a revert.
Those are the kind of things where the encrypted object is that cryptex. That’s the cryptographic, or I’m sorry, cryptographically-sealed extension and it’s a disc image that ends up in your preboot volume and is grafted onto the file system to replace a previous part of it, so that if the Contacts app or the Mail app or the Maps app or even Apple Music had the problem, you could just graft on this new version of that piece and that would be the thing that would be reverted if you allowed it to be reverted. The other nice pieces here is that admins get two settings to control. Admins can show or not show these updates and show or not show the reversion, the revert button within the operating system. Those two controls are how you need to think about it.
So you can basically say, “Hey, look, I don’t want anybody to be bothered by this.” That is a perfectly [inaudible 00:21:08] way of approaching this problem. You could also, at that point say, “Hey, I don’t want these to become back off of the system in the event that they are applied,” and I think that that is a valuable switch to have.

Charles Edge:
I think it might also be Cromwellian in that it gets a CISO’s head on a spike if they disable them. Just throwing that out there.

Tom Bridge:
Yeah. No, I can definitely see. I’m really struggling to see a place where I would want to not show the user that update.

Charles Edge:
I would definitely like to not show the user the ability to disable them, definitely. That’s that.

Emily Kausalik-Whittle:
I just still don’t even know how bad it is. I’m sorry, I’m being very me on this topic. We definitely, in internal communications, when people ask, we’re like, “Yeah, go do it, but we’re not forcing you to do it right now.” We don’t even really have a good way to do that yet, which is funny.

Charles Edge:
We could take away stuff until you do it like the carrot-stick old-school approach, right?

Emily Kausalik-Whittle:
Yeah.

Charles Edge:
That would be the only-

Emily Kausalik-Whittle:
[inaudible 00:22:19] gives me more smart group criteria to scope that kind of stuff too, which we’ve filed internal feedback around to get some of that. I just don’t even really have a good way to do it. I think we’ll probably, once we learn a little bit more after this first pass around what they’re mitigating, we’ll probably end up changing our posture on it a little bit, but we’re going to have to figure out how we would actually enforce it on people’s devices. Because right now, we use Nudge for OS updates and because of the way that the build number is reported, Nudge just doesn’t support it right now, so we can’t really… This has all been talked about elsewhere, but join the Nudge channel on the Mac Admins Slack if you want to see more. There’s also a longstanding open issue/feature request for Nudge and a pretty interesting conversation are outweighing if it’s worth the engineering effort to build that stuff into the application or not, which we can link in the show notes.
Yeah. I don’t know. The other thing that we have to weigh, at least for my group is, I’m the closest Mac admin practitioner out of the host now, I think, but I manage a team and I have engineers under me that do this stuff, so it’s not even really me, but we have to weigh. We have one engineer. Do we want her to take this many cycles to figure out how to address a supplemental build without having a true gauge of risk and having all these other things that are higher priority to do this thing and just business reasons at the end of the day around why we would decide to try to engineer something or not, just to be honest?

Charles Edge:
Boy, and it’s really hard without the information, isn’t it?

Emily Kausalik-Whittle:
Mm-hmm.

Tom Bridge:
Yeah. So I guess that’s the net net of all this is until we know what is actually being addressed, are they really bad [inaudible 00:24:19] or are they just wrapping three or four CVEs that are maybe Safari or some other thing that we’re not super concerned about?

Emily Kausalik-Whittle:
Wasn’t it friend of the pod, Howard Oakley, who posted that the main change that was observed was the Safari build number change,-

Charles Edge:
Yeah. That’s-

Emily Kausalik-Whittle:
… and that was about it? Then there is that blog post that has been going around about the libraries that are used for Safari and where files for Safari live inside and outside of boot volumes and whatever else and because of where they now reside means that the restarts required for this kind of update and all sorts of stuff like that. But here’s my thing, as an admin, why do I even need to know what any of that is? Shouldn’t have to. To try to be like, what’s this guessing game? What is this actually happening on the operating system? I don’t think admins and consumers should really be responsible for figuring out that information to know what’s going on. It’d be nice if there was maybe just a little more information out there somewhere.

Tom Bridge:
Yeah.

Charles Edge:
I suspect that’ll come. With CVEs, you’re always like, well, we’re issuing a patch because there’s a known vulnerability. Let’s not forget, WebKit is used to authenticate a lot of apps. A lot of those might be like Auth0 or passkeys or whatever. Black hats right around the corner, so right now would be a-

Charles Edge:
… black hats right around the corner. So right now would be a really good time to be issuing a whole bunch of patches, just throwing that out there.

Emily Kausalik-Whittle:
That’s fair.

Charles Edge:
But I think short term, we don’t know what we don’t know. Long term, no CISO ever got fired for doing every single thing that they’re told to do by major vendors. Ergo, I suspect this will be one of those policy-driven … like, “Oh, you have to run these immediately within 24, 48 hours,” whatever, “Or we’re going to take away your conditional access, or whatever other stuff that we give you.” For better or worse.

Tom Bridge:
I’m throwing a couple of links in the show notes for folks to go read on their own. Armin Briegel has a really good dissection of all of this from scriptingosn.com. He has his weekly newsletter. I thought he had a really good roundup of links there. In addition, there’s a really great article on chronokernel.github.io that is a … talks a little bit about the rapid security response maybe being designed into the corner a little bit. It’s got some of the nuts and bolts of the CryptXs, and that’s a really good place for you to go to understand.

Charles Edge:
It’s a really good read.

Tom Bridge:
It’s a really good read. I enjoyed the hell out of that.

Charles Edge:
Me too.

Tom Bridge:
And then, I also spent probably about 30 minutes talking about how Mac OS updates and how the RSRs fit into this spot on our internal spot, The IT Hour. And so, I put that video in the show notes. Folks can watch that. Skip in about 15 minutes and you’ll get into where you need to go, to start that spot here.

Charles Edge:
Love it.

Tom Bridge:
If you don’t want to hear all about product releases. But also I’m going to be giving a talk at Penn State in two months on software update, and there’s going to be a whole section in that about rapid security response and how to think about it and how it goes about doing those kind of grafting, CryptX patches.

Charles Edge:
Love it.

Tom Bridge:
So lots of stuff going on there in the software update world. It’s tough to keep track of all of them and building some good canonical sources of data here, is one thing I’m really glad the admin community is doing.

Charles Edge:
One thing I’m glad the admin community doesn’t have to deal with is Apple financials.

Tom Bridge:
Oh, yes.

Charles Edge:
We’ll include this link in the show notes. Apple announced their financials revenue is down three points, but EPS was up or equal to what it was a year ago this quarter. So, like 24 cents or whatever, for all you shareholders. And there are a lot of Apple shareholders in our listener pool. So, enjoy your two to 200 nickels, according to how many shares you happen to have.
Another thing that I’ve been seeing a lot in my little feeds is the Apple card savings account at 4.15 APY. So, if you use Apple Pay and have all that set up, it’s pretty easy to set up a nice little new savings account for … I would say, what is it, we used to call backups warm? A nice hot backup account, for if you need to be able to transfer funds around.

Tom Bridge:
Well, I thought it was really neat. It’s a Goldman Sachs Marcus account and I’d been looking around, a friend offered me a discount or a signup code, which got me an extra half percent on that one. And so, that was pretty nice. I got an extra half percent for three months, which is pretty solid. I mean, that’s not nothing. It’s a good spot to go stash your money when the interest rates are where they are right now, which is the highest they’ve been in my adult life.

Charles Edge:
Make more of that than the market rate this second.

Tom Bridge:
I mean, honestly. Seriously. I mean, I was going to say, I think that that’s also … This is a really interesting market moment. I’m going to find some links to throw in here. I know that living where I do, I’m a little concerned about the debt limit right now and all of that messing with the state of the economy and of course, working at a startup, where the marketplace for funding for startups is largely gone right now, or it’s certainly a lot more expensive to get money than it’s been for a decade or more. It’s definitely an interesting moment in the marketplace, I’m a little … I got some trepidation about the next six months, so I don’t know. How do you see things, Charles?

Charles Edge:
Oh goodness, I don’t prognosticate. You sell the downside and you sell the upside. It’s called hedging.

Tom Bridge:
There you go.

Charles Edge:
That’s that.

Tom Bridge:
It’s like crazy.

Charles Edge:
Yep. I mean, I can say that the pro people who buy the downside and buy the upside, because I don’t do that, they are paying less points spread-wise. So, as you quote unquote short things, I guess, because you have to control risk by shorting it … Anyways, it does seem like they’re not thinking things are going to be great for a few months, on the other side. So, who knows?

Tom Bridge:
Happy thoughts, Happy thoughts. But anyway, you can get four and an eight percent on your Apple Cash when you stash it in the savings account option. It’s really easy to set up. I think it needed my social security number when I did it, and that’s all it needed. And especially if you do most of your purchasing on an Apple card, that’s a great way to turn your cash into more cash, which is nifty.

Emily Kausalik-Whittle:
That’s the thing. Get 2%, 3% cash back when you use Apple Pay, and then it dumps into account where you get 4.15% interest on it.

Tom Bridge:
I mean, you’re getting it coming and going friends.

Emily Kausalik-Whittle:
Yeah, It seems like a no-brainer, really.

Charles Edge:
Yeah, one thing I have to say about that, you can get a lot of really good deals on points, but it is hell to manage.

Tom Bridge:
Oh, yeah.

Charles Edge:
And just that to me, that’s the thing. I don’t have to touch anything. It just does its thing for me. So I’m not always logging into a portal and moving … That whole thing sucks.

James Smith:
This week’s episode of the Mac Admins podcast is also brought to you by Kolide. Our sponsor, Kolide, has some big news. If you are an OKTA user, they can get your entire fleet to 100% compliance. How? If a device isn’t compliant, the user can’t log into your cloud apps until they’ve fixed the problem. It’s that simple. Kolide patches one of the major holes in zero trust architecture, device compliance.
Without Kolide, IT struggles to solve basic problems like keeping everyone’s OS and browser up to date. Unsecured devices are logging into your company’s apps because there’s nothing to stop them. Kolide is the only device trust solution that enforces compliance as part of authentication, and it’s built to work seamlessly with OKTA. The moment Kolide’s agent detects a problem, it alerts the user and gives them instructions to fix it. If they don’t fix the problem within a set time, they’re blocked.
Kolide’s method means fewer support tickets, less frustration, and most importantly, 100% fleet compliance. Visit kolide.com/macadminpodcast to learn more or book a demo. That’s K-O-L-I-D-E.com/mac.adminspodcast. Thanks to Kolide for sponsoring this episode of the Mac Admins Podcast.

Charles Edge:
You know what doesn’t suck? Is the iMac.

Tom Bridge:
The IMac. Did the IMac turned 25 this week? It’s hard to think it can now rent a car on its very own. I don’t know. Do we trust the iMac to do self-driving yet?

Charles Edge:
Oh, hell yeah. More or less than my teenager.

Tom Bridge:
Hey, fair. Respect. We think about this … it’s so wild to me to realize that that was 25 years ago because I very distinctly remember the-

Charles Edge:
Bondi blue.

Tom Bridge:
… original Bondi Blue, and labs of them at school. And then I think it was, what, a year or so later? We get the colors and we had labs of them at Denison, where I was an undergrad and working at the help desk, and they were so much better than the molar-

Charles Edge:
The [inaudible 00:34:48] or the-

Tom Bridge:
… the molar shaped, all-in-ones that were the primary lab cases. Oh God, they were terrible. But yeah, the iMac was a spectacular change and really a sea change moment for Apple.

Charles Edge:
Truly. Yeah, not only the iMac, but the whole strategy. Wrapping that iMac, it was just a game-changer. More sports metaphor if we’re talking about games, but I mean, we might be talking about risk, not exactly sports ball games, but yeah, total game-changer. And I remember going to some of those WWDCs right around then, and I remember being told, “This is coming. This is coming.” And after years of not much happening, things started to come really fast.
So, speaking of WWDC, WWDC is coming up soon, so maybe we should talk about what we think about that. I don’t know, what do you guys think?

Emily Kausalik-Whittle:
Less than a month now. Holy cow.

Tom Bridge:
I know.

Charles Edge:
Right? And for both of you, you work at companies who are going to have to be beta testing this stuff as it spins out, which means you get this rapid pace … you know?

Tom Bridge:
Yeah. And I’ll be really candid with folks. I have no idea what’s coming. It’s not like we get told. There is no disclosure outside of Apple on this one, from what I understand. The MDM vendors, the software manufacturers, there’s no pre-access program, I could not … There are places where-

Charles Edge:
And yet, I mean, we can make good guesses … I mean, to me, we can start with Mac OS14 and the MacBook. I mean, it’s probably going to be another MacBook, right?

Tom Bridge:
I would imagine.

Charles Edge:
It’s the bread and butter at this point, of the desktop fleet, at least. And Mac OS14, we can pretty much guess that’s right around the corner. It’ll probably have a cool name or maybe a name that we make fun of. Either way, it’ll have a name and maybe software update will get overhauled yet again, because people complained about it so much. I don’t know.

Tom Bridge:
I would hope so. I mean, I can’t imagine that Apple doesn’t understand what the feedback situation is there. I mean, they have the data.

Emily Kausalik-Whittle:
They have a mighty crew of incredible people behind the scenes at Apple who are the funnel of all of our poop flinging around software update. God bless them.

Charles Edge:
Ouch.

Emily Kausalik-Whittle:
God bless those people.

Charles Edge:
You’re not actually-

Emily Kausalik-Whittle:
So, it’s not a mystery.

Charles Edge:
I mean, I have a baby, so I’m really concerned. Nobody’s actually flinging poop, right?

Emily Kausalik-Whittle:
I hope not.

Tom Bridge:
I really hope not.

Charles Edge:
Okay, good. But other than-

Emily Kausalik-Whittle:
We love the enterprise workflows team, and we very much appreciate everything that they do. But yeah, I mean, what would you posit as the percentage of managed … like institutionally managed, or MDM managed Macs versus consumer unmanaged Macs in the world?

Charles Edge:
Less than 10, more than five.

Emily Kausalik-Whittle:
How do you prioritize engineering work when engineering works costs money and you go, “Okay, this is for 10% of our devices out there in the world that would care about this.”

Tom Bridge:
And by the way, they don’t pay full retail for their equipment. So I get a lower margin on all of those deals.

Emily Kausalik-Whittle:
Maybe if we’re lucky they pay for AppleCare+, right? But you know-

Charles Edge:
At a discount.

Emily Kausalik-Whittle:
… yeah, at a discount.

Charles Edge:
And maybe they buy one of those enterprise contracts.

Tom Bridge:
Which makes up for what, 10 of those machines?

Charles Edge:
Max, yeah.

Tom Bridge:
Out of a thousand. I mean, I was-

Emily Kausalik-Whittle:
Selfishly, as a Mac admin, I want to think that what I need and what Jamf needs, being a member of Jamf IT and managing our own fleet is going to be prioritized over a million other things. It’s probably not. I mean, just playing the numbers game, [inaudible 00:38:53].

Charles Edge:
The thing that hits the two billion versus the thing that hits … I mean, it’s understandable, and yet, it’s your career. So, you really hope that there’s more, and you’re a squeaker wheel than that person that just bought a Mac at the Apple Store and took it home.

Emily Kausalik-Whittle:
I would hope.

Charles Edge:
There’s that.

Emily Kausalik-Whittle:
I hope at least our squeaks are not too horribly unpleasant for them to hear.

Charles Edge:
I know as a software engineer, you really respect the well-informed requests you get because you’re like, “Oh, I see exactly … ” and I mean, the quicker you can see exactly what someone wants and compartmentalize it in a way that you can actually build that, then the more you’re like, “Oh, I can make people happy.” And ultimately, isn’t that what we do as technologists, is try to make people happy and more productive?

Emily Kausalik-Whittle:
Yeah, I would say my job is to remove friction, less than make people happy. I mean, I’d love it if they were happy, but if I can at least remove some friction, maybe that will help them feel a little happier. I don’t know. And our due diligence on that is filing feedback around stuff that our users are experiencing on their devices and hoping that Apple will smooth some of those edges out for us. I’m just also very pragmatic about it at this point in the grand scheme of things, and maybe I work just product adjacent enough that I know now I’m learning that every decision around what engineering work you do has a dollar amount attached to it, right?

Charles Edge:
Oh, yes.

Tom Bridge:
Yes.

Emily Kausalik-Whittle:
So, that’s where …

Charles Edge:
I can tell you exactly what that is per two weeks, pretty much. And most companies, it’s very similar, almost anywhere you go. So, other than software update though, I mean, we can guess that some feature of iOS that’s potentially annoying to Mac admins will come to the Mac.

Tom Bridge:
I think that’s pretty fair.

Charles Edge:
I don’t know which feature. Maybe a dynamic island just randomly shows up in my dock. I have no idea.

Emily Kausalik-Whittle:
I wouldn’t hate that.

Tom Bridge:
I like the dynamic island. I would not hate that. [inaudible 00:41:09].

Emily Kausalik-Whittle:
I wish more developers leverage. The dynamic island, is where I’m at now. It’s really cool. The apps that really lay into it like MLB app and some of these other things where they really …

Charles Edge:
Traeger. Every now and then I-

Tom Bridge:
Oh, Traeger has one?

Charles Edge:
… every now and then I see something and I’m like, “Oh, wow. They get it.”

Tom Bridge:
My favorite is Flighty. Flighty on the io.

Charles Edge:
Interesting.

Tom Bridge:
And it’s got a subscription cost, and it’s not small. It’s like 80 bucks a year. So I mean, you’re paying for it, but oh my God, it’s the best thing ever. When you have a series of flights that are tracked, and it’ll pull them right out of your calendar for you. It tells you where you are in the flight. So, if you’re in the air, it gives you how long you have to go and whether or not … You have a clear indicator of whether you are on time, or early, or late. And then as soon as your flight lands, it tells you where your next flight is, or it tells you which bag carousel your stuff is on. And so, you land in JFK and you’ve got to make a flight to Buffalo. It’s going to tell you, “By the way, your Buffalo flight’s at Gate A7,” and you look up and you’re at B24 and you’ve got a schlep.
But it tells you exactly how long you’ve got to get between point A and point B. And then when you land in Buffalo, it tells you, “By the way, your bag’s on carousel 14,” and I didn’t have to open the app once. It’s got a really great live look on the home screen. I was going to say, I apologize for going on the lengthy infomercial here, but they have the best usage of the dynamic island of any app I’ve played with.

Charles Edge:
It’s really cool when used right.

Tom Bridge:
Oh, yeah.

Emily Kausalik-Whittle:
Or just used at all.

Tom Bridge:
Used.

Emily Kausalik-Whittle:
I know.

Charles Edge:
Yeah, yeah. I mean, felt the same way about widgets, and I mean, ultimately, it is this-

Tom Bridge:
Ultimately they went away.

Charles Edge:
I know. Well, I mean, they are still … nevermind. So, what else do we-

Tom Bridge:
Dashboard’s still there somewhere.

Emily Kausalik-Whittle:
I think I would love to see … So, I had a really interesting conversation with Apple a few months ago. We were talking about BYO on mobile, using user enrollment, managed Apple IDs, the new user enrollment flow, the partitions, the work partition, personal partition, tied to different Apple IDs, et cetera, et cetera, et cetera, on a device. It’s super cool.
If you can get your organization lift it beyond all of the barriers that are in place for it. It’s cool, but there are barriers, right?

Charles Edge:
Lots of them.

Emily Kausalik-Whittle:
I would love to see if Apple could find a way to lower those barriers a little bit. Maybe by allowing more IDPs into Apple Business Manager, or letting you build your own integrations with Apple Business Manager for your own ID. Just opening things up, so it’s a little easier to roll your own if you need to.
It pains me to say this because I don’t see the value in it myself, but I would actually think it’d be really interesting if that same concept of a work managed Apple ID having its own data partition on a Mac OS, versus a personal one for a personal Apple ID on Mac OS, and having the data stores separated, and if you sign out the work stuff goes away. But with that would need to come better management of iCloud for work for managed Apple IDs through Apple Business Manager, or some other service.
It would be really cool if there was consistency in that enrollment experience across both platforms. Because back to the conversation that I had with Apple was, “Well, user enrollment exists for Mac OS.” And I was like, “It what?”

Tom Bridge:
Does it though?

Emily Kausalik-Whittle:
Well, you can do user initiate enrollment. That’s not the same thing. I don’t want to install MDM profiles and stuff on someone’s personal Mac. I just want to give them the little partition and the extra stuff they need, and it can exist in a little bubble, and I don’t want to know what their personal iCloud stuff is, or see their photos, or have full control over their device. I very intentionally don’t want that. I want their data privacy. I just want to give them access to the things that they might need to get to on that device while they need it, and then have it be able to go away when they’re done. Seeing some of that translate over, I think could be a big value for some organizations, especially ones that hire contractors and stuff like that.

Charles Edge:
To your really astute point, that would require partition and an encryption key that comes from effectively iCloud keychain, which-

Tom Bridge:
My understanding-

Emily Kausalik-Whittle:
Is not supported by managed Apple IDs.

Charles Edge:
Right.

Tom Bridge:
Yeah, I was going to say, my understanding though is that when you do a user-led enrollment on a Mac OS device, you do end up with a secondary partition. I mean, that’s the nice thing about APFS. It’s just another volume that goes into the container.

Emily Kausalik-Whittle:
Yeah. I guess the missing piece there is that for most MDMs, you’re going to install an MDM profile, which could then do disgrace and be able to get inventory information,

Tom Bridge:
BYO user enrollment for Macs does exist. It is a thing. What is it that they used to say about the Mac Mini that remains a product in our lineup? It’s definitely possible at that point, but the only thing you can get rid of is that partition, which contains the managed application, or the managed iCloud drive. Now, again, managing iCloud Drive today is …

Emily Kausalik-Whittle:
Well, you can’t.

Tom Bridge:
Yeah, you can’t. You can just put stuff in it and hope, and you can’t buy more storage unless you’re using Apple Business Essentials. And so, this seems to be a case where it’s privileged to a specific Apple product, and that’s fine.

Charles Edge:
I know a few people that are using Apple Business Essentials, not for MDM, just for the iCloud storage.

Tom Bridge:
Oh, yeah.

Charles Edge:
That seems like a lot to me.

Tom Bridge:
Yeah, that’s a lot of overhead for not being able to put that on everybody else. I think that there’s definitely … I would love to see a much better story for both iCloud chain for managed Apple IDs, iCloud drive management en masse. And I think that that is a place where there’s enough push. I got to think that there’s a way to do the keychain in such a way that we can get better experiences for managed Apple IDs. Because here we are this week, Apple put … or excuse me, Apple and Google got all together. Pass keys are a thing for Gmail accounts now. They’re not a thing for Google Workspace accounts yet.
If I could combine that with my managed Apple ID with a cloud keychain and say, “I don’t need you to have a password anymore. You have a pass key.” Oh, yes. Less passwords, less phishing, less hassle, less frustration. All of those things are tied up nicely together in pass keys but it’s going to require managed Apple ID sport for keychains, and it’s going to require Google Workspace together for those things.

Emily Kausalik-Whittle:
Wasn’t that what Platform SSO is supposed to solve for? [inaudible 00:48:13].

Tom Bridge:
Not necessarily, no. Platform SSO is all about turning an identity into a set of … it’s kind of pass key adjacent though, isn’t it? Because it’s all about providing on-demand access to the OpenID Connect, authorization tokens for a given IDP’s log.

Charles Edge:
And ultimately, these are just APIs that you’re federating access to, under the [inaudible 00:48:37].

Tom Bridge:
Exactly.

Charles Edge:
They’re system extensions, network extensions, whatever. And you’re saying, “Oh, you can have access to that.” The pass key, for example, the navigator endpoints are from WebAuthn are what those are. And you’re saying, “Okay, WebKit can access these if you have this entitlement,” et cetera, et cetera. But I do think a bunch of that stuff, really kind of keys on iCloud keychain for needs, as far as institutional accounts go. So, I think if it were me as the product manager, not that I know anything about how product management works at other companies, but if it were me, I would be like, “Let’s prioritize that over, for example, other OIDC vendors, simply because we get to a point where now we can put more effort into this other thing.” But again, I don’t know anything. I just smile and nod look stupid most of the time.

Emily Kausalik-Whittle:
I think the on-ramp for federating Apple Business Manager is a really big one, and I’m really hoping we will hear more about that at WWDC, for our friends who provide directory services and whatnot. I mean …

Tom Bridge:
I would love it if I could basically say any open ID connect with Skim is a [inaudible 00:50:05].

Emily Kausalik-Whittle:
Yeah, exactly.

Tom Bridge:
If that’s it, awesome. Fantastic. That’s a great day for everybody. If it’s not that, make a program for it. Let me sign up for it. Let me apply to sign up for it. Let me offer a five digit check and we can figure out if that’s worth it for everybody involved. And of course, Charles is over there doing the math, and he is like, all right, three teams of identity engineers for six sprints and $2.7 million later. I mean, I can only imagine what the costs were to integrate Google Workspace into Azure, into the Apple identity system.

Charles Edge:
The problem with identity engineers specifically is there are very few people with code level experience with OIDC and/or SAML. And the place where those concentric circles interface with Swift or whatever, now you’ve got this very small slice of people who know how to do this thing, and you’re like, “Hey, Joel, or Tim, can you come over?”

Tom Bridge:
I was going to say, I know both of them and I work with one of them, and it’s the best possible experience.

Charles Edge:
There might be another dozen, but there’s not many.

Emily Kausalik-Whittle:
Josh. Hey, Josh.

Tom Bridge:
Yeah. Hey, Josh. Yeah, I was going to say, Josh is the other one, but I was going to say we think about it from that perspective. Yeah, there’s not a lot of people out there that speak that. And who knows what the original Apple ID IDP is built in? Is it built in WebObjects? Is it built in Web JSP? Is it built in something else along those lines, that’s particularly obscure? And my heart goes out to those people who keep Apple IDs running day-to-day, because that is a massively important trust system.

Charles Edge:
Yeah. Things I don’t want to know the answer to are your questions.

Emily Kausalik-Whittle:
Oh, man.

Tom Bridge:
So…

Charles Edge:
Do we…

Emily Kausalik-Whittle:
Oh man.

Charles Edge:
I guess, do we have any other kind of prognostications for the Mac though? I mean, it’ll become a teeny bit more iOS ish. Maybe some days software packages are going to go away.

Tom Bridge:
Oh, [inaudible 00:52:18] no, over my dead body.

Emily Kausalik-Whittle:
Maybe they’ll finally kill the touch bar.

Charles Edge:
Oh, well.

Emily Kausalik-Whittle:
They’ll continue to gaslight us on ports. Everybody’s been asking for two HDMI ports. Oh, all right. Right. Oh look, Apple silicon. These devices can now support multiple displays without an external dock or card. That would be a big one.

Charles Edge:
M3.

Emily Kausalik-Whittle:
Yeah.

Charles Edge:
To drive it.

Tom Bridge:
Oh yeah. That’d be pretty sweet.

Charles Edge:
Yeah.

Tom Bridge:
And at some point we got to get a Mac Pro, right. I feel like this would be the-

Charles Edge:
I don’t think so.

Tom Bridge:
-time to get the Mac Pro.

Charles Edge:
I’m sorry.

Emily Kausalik-Whittle:
I feel like we’ll probably get a newer iMac before we get a Mac Pro. Huh.

Tom Bridge:
I’d say that’s probably likely. I think that there’s a big hole in the iMac lineup where the 27 inch iMac used to be. And I’m looking at this beautiful Apple, I’m sorry, I almost called it the Apple Cinema Display, but that’s not what it is. It’s the Apple Studio Display has a gorgeous panel in it and [inaudible 00:53:15]

Charles Edge:
A cinematic panel

Tom Bridge:
And yeah. Oh, very nice. But we think about that should be an iMac of its very own. I mean, this has an iOS chip in it or it doesn’t have an M Series chip in it somewhere. I think it’s an A14, A15 in there that’s powering it. Why couldn’t that just be an M1 and making an iMac kids. Or an M2 Pro or an M3 Pro?
So maybe we get to see some fancy new hardware. I’m holding out hope. I did buy my ATP Believe t-shirt this past week with the top of the Mac Pro on it because I also want to believe that that’s a thing. Even if I recognize that the hardware choices they have to be making are awful. And my thought goes out to all of the product management team over at Apple who have to make heads or tails of the professional services market and those devices.
So Godspeed and glad it’s not me. Do we think that we are going to get anything? I mean, I’ve heard rumors of some fun stuff for watchOS. I’ve heard some fun things [inaudible 00:54:27] .

Charles Edge:
I’ve heard about a whole redesign coming.

Tom Bridge:
Yeah.

Charles Edge:
And I’m so excited about that.

Tom Bridge:
I mean, I love my Apple Watch Ultra or whatever it’s called, and I think it’s phenomenal. The battery life is tremendous, but I definitely could use a better…

Charles Edge:
Thanks for the reminder to charge mine.

Tom Bridge:
There you go. I mean you only need to every two or three days.

Charles Edge:
Yeah, yeah. Mine’s getting a little old. So maybe, yeah, every two days still. So you get prompted now for the health app to track your sleep and a few other things if you have all that enabled. So sleeping with it on and then docking it while you’re sitting being lazy at your desk, aka working that. That’s kind of become part of my flow. But I don’t know. I feel like for me personally, I go for walks. It tells me I’m going for a walk. We’ll talk about AI if we have time later in the episode. But I don’t know what I don’t know that I want it to do. I need them to tell me what I want it to do. So that’s my idea for watchOS 10. Just tell me what’s awesome and I’ll do it.

Tom Bridge:
I mean, I definitely hope that family setup gets better. I hope that we get some more options there. I recently had to repair Charlie’s watch, thankfully AppleCare Plus quoted 75 bucks for a totally smashed display on his wrist. And the backup restore process for that is bad. It does not work as far as I can tell. I tried it twice to get it to take a backup or to take a backup before I even sent it in and couldn’t get it to trigger an iCloud backup because those do not back up to your device. They back up to iCloud. I have no idea what happened with that. And it’s totally FUBAR. And then there was no way to restore it when you’re setting up a new handset or a new watch. So his entire config got blown away and so that kind of sucked. So he was mad about it.

Emily Kausalik-Whittle:
When I got my last watch, I had the same experience and I don’t even usually have family, it’s just I see a historical log of cloud backups when I’ve got it charging overnight, but it will not restore it. So I had to just set my watch up new again. And unfortunately there isn’t a ton going on with the watch. It’s not losing the 17,000 pictures of my daughter on my phone. But it was still annoying.

Charles Edge:
Sorry. I just had a small heart attack thinking about what would happen if I lost a photo library.

Tom Bridge:
Oh yeah.

Emily Kausalik-Whittle:
Yeah. It would be bad. It would be a very emotional day for me for certain, because I hoard pictures of my daughter. She’s only four. I’m going to have to upgrade to a new phone size next time. Because I just can’t delete anything.

Tom Bridge:
Same.

Emily Kausalik-Whittle:
But what I am hoping for is I really, really, really want them to find a way to support webcams and FaceTime with Apple TVs. If you could plug a webcam into Apple TV and use it for FaceTime in your living room to talk to your family.

Charles Edge:
Oh God yes.

Emily Kausalik-Whittle:
Or jump on meetings with people. So many people have Apple TVs in their house that live in this ecosystem already. Just let them plug in their Logitech 4K and be able to FaceTime grandma. Like-

Tom Bridge:
Yes.

Emily Kausalik-Whittle:
Come on. It’s just, it’s right there.

Charles Edge:
Especially since there’s not a camera on it. I have to connect and I go to conference rooms where they have the Apple TV connected to the Logitech and you know, have to connect to both and then do the whole rigmarole and yeah.

Emily Kausalik-Whittle:
Mirror. It’s just mirroring. It’s not even really doing, yeah, it’s such a bummer. To me as a Apple person and as just a person that has family members with iPhones and iPads that we can just pop it on the Apple TV and sit on the couch and talk to my in-laws. God, it would be such a huge thing for a lot of people, I think.

Charles Edge:
Rather than have the video sitting on my phone and then maybe I share it to my Apple TV.

Emily Kausalik-Whittle:
Yeah and then where are you looking? And it just-

Charles Edge:
Right.

Emily Kausalik-Whittle:
Whatever or whatever. I feel like it’s a slam and it would potentially open up a lot of opportunity in enterprise, especially if they’re trying to get people to use group FaceTime messaging and do some of this stuff. And even trying to tie into Freeform and some of these other collaboration tools that they’re rolling out that you can share with people. That just seems like there’s really cool opportunity for collaboration and communication tools through tvOS that just aren’t there yet.

Charles Edge:
One day they’re, they’re going to put some focus in on that and I feel like they could just absolutely come in and wreck the video conferencing market forever. In 48 hours.

Tom Bridge:
I mean…

Emily Kausalik-Whittle:
Yeah,

Tom Bridge:

[inaudible 00:59:51]

Emily Kausalik-Whittle:
Imagine you can just take any Logitech, 4K, Rio, whatever thing you like, pop it in a room.

Charles Edge:
Yep.

Emily Kausalik-Whittle:
Zoom app, install it, pair key, you’re done. And I know most of those third party providers want to provide you with proprietary software, but Apple TVs are like, what, 140 bucks? Maybe another-

Charles Edge:
99 on the cheap side.

Emily Kausalik-Whittle:
Maybe another hundred bucks for a decent webcam. I mean it just feels like, yeah, well I feel like we’ll get there someday. It’d be nice to hear. It would nice to see tvOS get some love. The other thing that would be really nice? If you could literally just search in the fitness app for a class.
Give me a search. Let me type in a thing I want to look for in fitness rather than having to scroll through every different activity type to try to find a workout. What’s up with that? That one seems like a no-brainer to me too. But again…

Charles Edge:
Especially since search is kind of an E, they’re extensions import. The extensions add a few lines of Swift UI and you did it.

Emily Kausalik-Whittle:
But again, how much does it cost to get an engineer to build search into an app at Apple?

Charles Edge:
Well, because it’s not that easy.

Emily Kausalik-Whittle:
Hopefully not too much.

Charles Edge:
Now you have to translate it into like 800 languages.

Emily Kausalik-Whittle:
You have to localize it. Yep, yep, yep, yep.

Charles Edge:
So I really like, I’ve become more forgiving every year for things that other companies don’t do that I want them to do. For better or worse, I should probably not be as forgiving as I am anymore, but whatever.

Emily Kausalik-Whittle:
Yeah.

Charles Edge:
So tvOS. Yeah. I mean I feel like yet again you say that and I’m like, I don’t know what I want my TV to do that it doesn’t do. I would love for it to, and now that you said it, I never would’ve thought about that. Maybe. But now that you said it, I’m like, yeah, I don’t want to have to point my phone because right now I set my phone on my laptop as a phone stand and then I share it to my TV because the phone does it so much better than the Mac. And that’s how we talk to my dad. But like you said, then I’m like, which one am I looking at? Am I looking at the TV or am I looking at the camera on the phone? I don’t know. But.

Emily Kausalik-Whittle:
Anyway.

Charles Edge:
Yeah, so that’s tvOS. I don’t know. Any other thoughts on tvOS. I would love for it to just magically know without me having to do anything, what I have access to and what I don’t.

Tom Bridge:
Oh yeah, that’d be pretty rad.

Charles Edge:
The whole rigamarole of let me link my Google account or whatever account, but that’s definitely not something that’s possible. That’s just me.

Tom Bridge:
I will say they’ve been killing it on the TV+ front, and I’m hoping we’re going to get some more trailers, but I Hugh Howey’s new show Silo, it was based on his book Wool. That is a book that messed me up something good. You read it. It’s a book I could not put down but wanted to, it’s a little dark. It’s a little bleak. It’s a little post-apocalyptic in a lot of ways, but it’s also a phenomenal piece of storytelling and a really great piece of world building. And the Apple TV+ show, the first two episodes are out as we record this. They are spectacular.

Charles Edge:
I mean, I have yet to watch a show, and I’m sure one of you can say one and I’ll be like, “oh yeah”, that was on Apple TV plus that I wasn’t like, “oh yeah, that’s awesome”. There are some that aren’t my genre, but for their genre, they’re awesome, I would say.

Tom Bridge:
Although I will say there’s an odd man out here, an odd woman out because it’s Jen Garner. Jen Garner’s show on there which is now in week five or six is jarring, but only because they constantly are using Android phones. And I was like, did you not get the memo? [inaudible 01:04:11]

Charles Edge:
Which is totally anti-alias because iPhone. Alias. Nevermind.

Tom Bridge:
Well done. Well done, Charles. That was perfect. We’re just going to leave that right there. I’m not going to touch that.

Emily Kausalik-Whittle:
I feel like I’ve got to plug Big Prize Door too.

Tom Bridge:
Oh, are you enjoy- I haven’t watched that yet. Is it? Is that worth picking up?

Emily Kausalik-Whittle:
It’s very good.

Tom Bridge:
Okay.

Emily Kausalik-Whittle:
It’s also based on a book, which neither of us had read, but we watched it for Chris O’Dowd because we love him.

Tom Bridge:
Yes.

Emily Kausalik-Whittle:
And it’s very good. It’s very good. I don’t hear really anybody talking about it, but I think it’s going to be one of those things, kind of like Ted Lasso where it really took until maybe after the first season for people to really go sit, watch a bunch of it and be like, “wow, this is really good”. I think that show’s going to be like that. We’re probably going to hear more about it after the first season ends and people catch up.

Tom Bridge:
You talked me into it. I’ll start this week.

Emily Kausalik-Whittle:
Especially if you like a little bit of that Twilight zone vibe of-

Tom Bridge:
Oh okay.

Emily Kausalik-Whittle:
World building and how are we figuring this mysterious object appeared and it’s changing people’s lives and where did it come from and why is it making the decisions that it’s made and why are people buying in so easily to this? And it’s a very cool show. Yeah. It’s got some Twilight Zone vibes.

Tom Bridge:
You had me at Twilight Zone.

Emily Kausalik-Whittle:
Yeah, yeah. That’s part of why we started watching it because we watched the trailer and my husband and I are huge Twilight Zone fans. We’re like [inaudible 01:05:27]

Tom Bridge:
You mean original Twilight Zone, or?

Emily Kausalik-Whittle:
We’ll take any of it. Obviously that the original is where our hearts lie and outer limits, but didn’t mind the revival stuff either. Anyway, yes, Apple TV+ content’s been crushing it really.

Charles Edge:
Totally.

Tom Bridge:
The job Apple Keep it up.

Charles Edge:
And I’m looking forward to the next season of Foundation this summer. [inaudible 01:05:48]

Tom Bridge:
You know at some point, we’ll get another one for For All Mankind as well, which I’m also [inaudible 01:05:53]

Charles Edge:
Oh, yeah. So good. They’ve taken so many weird left turns in that show where I’m like, “ah, I didn’t see that coming”. Like video of Nixon.

Tom Bridge:
Oh, yeah.

Charles Edge:
Where you’re like, “whoa!”

Tom Bridge:
Yeah, no, they’ve done an incredible job. And my favorite is they have a montage in the first episode where it’s all the newspaper clippings from that era.

Charles Edge:
And music.

Tom Bridge:
Cannot wait [inaudible 01:06:18]

Charles Edge:
[inaudible 01:06:18] music.

Tom Bridge:
Yeah, yeah, totally.

Charles Edge:
Especially when they were doing in the nineties. Because I was-

James Smith:
This week’s episode of the Mac Admins Podcast is brought to you by Alectrona Patch. What would you do with your time if you no longer had to spend so much of it on packaging and deploying updates for third party app? With Alectrona Patch, you can install or update over 300 Mac applications automatically to keep your users protected with the latest security update. Alectrona Patch works with your existing MDM solution by simply deploying a package and a configuration profile for ongoing management. It’s cloud native so no server or package hosting is required and the latest updates are delivered directly from the software vendor. You control which apps are installed or updated so you deploy only what you need. Alectrona Patch is customizable to ensure your users can update without interruption, so you can keep your security team and your end users happy. Alectrona is a proud Java sponsor of the Mac Admins Foundation. Check out Alectrona Patch at alectrona.com/patch. That’s A-L-E-C-T-R-O-N-A.com/patch to learn more and to book a demo with our team. Thanks to Alectrona Patch for sponsoring this episode of the Mac Admins Podcast.

Emily Kausalik-Whittle:
Do you think Apple TV plus will start releasing content that’s exclusive to mixed reality headsets?

Charles Edge:
Oh, there’s the next transition.

Tom Bridge:
I know I’m a weirdo, but I don’t get this at all.

Emily Kausalik-Whittle:
I don’t either. I’m too old I think. I just don’t understand.

Charles Edge:
It hurts me because it’s just like every time I’ve tried to use a VR headset, I get violently motion sick in about the first 10 minutes and I have to take it off. I got to step away. It just does not work for me.

Emily Kausalik-Whittle:
I love-

Charles Edge:
I’m really nervous about this.

Emily Kausalik-Whittle:
I loved my virtual boy so much, but I could only play it for three minutes before I wanted to go vomit.

Charles Edge:
Yep.

Tom Bridge:
Talk about a snapshot in time.

Charles Edge:
Yeah.

Emily Kausalik-Whittle:
Yeah.

Tom Bridge:
Yeah, I don’t care if they release it or not. They said they would. So I guess it’s coming. I can say when they released a phone, when they released a tablet, there were other phones and tablets and they crush it with haptics and having used all the headsets that are out there, I’ve had mixed experiences and if anyone can do it, they can historically. If the DNA is still there. So I look forward to tinkering with it. At it’s massive price tag, I’ll probably still end up tinkering with it for better or worse. But…

Emily Kausalik-Whittle:
I keep thinking about when Apple announced they were making a phone and when everyone was like, what? [inaudible 01:09:27]

Charles Edge:
It’s a big iPod. What?

Emily Kausalik-Whittle:
My doctor, Dr. [inaudible 01:09:34] was like, you’ll be able to check the price of gas in the car on your phone and go to a gas station and know how much the gas is going to cost. And it blew his mind. He was so excited to check gas prices on his phone. And I was like, “I guess everybody’s going to find that one thing where it’ll resonate with them”. They’ll find that one thing.

Charles Edge:
That’s a really good point, that one thing.

Emily Kausalik-Whittle:
Everyone will find that one thing or they’ll be me and be a fuddy duddy and be like, I don’t like this new thing. I don’t understand it. Just keep it away from me. Just give me FaceTime on my Apple TV. Come on.

Tom Bridge:
Mean, it feels like you read the stories and you interview people who talk about the Steve Jobs complaining about all the phones at the time just hated them all. Right? And I can only imagine if poor Tim Cook has had to use any of the VR headsets out there right now that that’s probably why we get a mixed reality headset. These things suck. So.

Emily Kausalik-Whittle:
The neighbors kids have such a hard time when they play Beat Saber. We got to do something better. That’s the only thing I know.

Tom Bridge:

[inaudible 01:10:53]

Charles Edge:
The one thing I can say, you can MDM manage a bunch of those devices because they are computers. They have the mixed reality headset. If it comes out as it’s supposed to, we’ll have an M2, ergo, MDM. Right?

Tom Bridge:
Yep. I mean it’s very possible that we’re going to have to manage these things.

Charles Edge:
[inaudible 01:11:13] with it’s rapid response update.

Tom Bridge:
Oh gosh.

Emily Kausalik-Whittle:
Oh boy.

Tom Bridge:
Oh God, I’m going to drink. How did the company get infected with ransomware? Well, we didn’t install the rapid response update on the CSOs mixed reality headset. And that’s how they got us. And that’s one of those things where it’s just like, all right, I’m just going to walk directly into the sea-

Charles Edge:
You’re all fired.

Tom Bridge:
And not come back again.

Emily Kausalik-Whittle:
We’re turning all the computers off

Charles Edge:
Unless the sea parts.

Emily Kausalik-Whittle:
Encasing them in cement, we’re dropping them in the ocean. We’re done.

Tom Bridge:
Right.

Emily Kausalik-Whittle:
It’s over.

Charles Edge:
I’m done teaching sand to do math was a huge mistake.

Emily Kausalik-Whittle:
Oh man.

Charles Edge:
[inaudible 01:11:55] and algebra. Who knew it would go so bad? Okay, so I guess none of us care about the mixed reality headset unless we’re told to manage it. And then we need MDM profiles that will install on them and we still can’t do that really easily with the Apple TV unless it’s…

Tom Bridge:
It’s kind of tricky.

Charles Edge:
Yeah. So moving on. Will we see another, I guess we already said Mac Pro. I said probably not. You guys seem to indicate that you saw it. Maybe. I don’t know.

Tom Bridge:
I’m a yes. I’m a yes that they’re going to have to say something because Apple was going to say, “Hey look,” they’ve said in the past, “the Mac Pro is for another day”. And I have a feeling that one John Syracuse may jump out of his skin if there’s not some sort of knowledge of what’s going on with the Mac Pro here to on in a month. And I feel bad for you John, and I hear you. I feel you. I’ve got one of those Believe shirts. But I’m betting Apple’s going to have to address that somehow or at least call out and say “there’s no Mac Pro. It’s the Mac Studio now and here’s why.”

Charles Edge:
Yeah, Emily?

Emily Kausalik-Whittle:
I wish I cared more about hardware stuff. I really don’t.

Tom Bridge:
Well, that’s a good transition. You probably do care about the Apple TV. Actually, maybe not. I mean if it does the format of your TV, why do I need a new Apple TV? I don’t know.

Emily Kausalik-Whittle:
Yeah. Unless there’s a huge new feature functionality like supporting Webcams or something like that. Right?

Tom Bridge:
Yeah.

Emily Kausalik-Whittle:
I don’t know what the next jump is to get people to buy. I mean, after the-

Tom Bridge:
Two HDMI ports?

Emily Kausalik-Whittle:
Sure.

Charles Edge:
We’re not going to give them to you on a laptop, but here have it on the TV. I’m joking. It would be stupid to have-

Emily Kausalik-Whittle:
Dock support? I don’t know. It would be dumb. I just-

Tom Bridge:
How about AirPods then? New AirPods?

Emily Kausalik-Whittle:
We got new, we got new AirPods this past year. Right?

Charles Edge:
I’m hoping for new AirPods Max. That would be pretty cool.

Emily Kausalik-Whittle:
Max, yeah.

Tom Bridge:
The max ones. I mean, I was going to say, I still have zero complaints about these headphones and I’m still mad that they cost $550, but I’m still in love with them and I use them every day.

Charles Edge:
I mean, if you use them every day.

Tom Bridge:
Yeah, I mean, I was going to say, I gotten my dollar a day out of them Oh yeah, I was going to say my calendar’s a garbage fire.

Charles Edge:
By hour, but you’re 10 cents, 5 cents.

Tom Bridge:
I was going to say we’re probably still around a dollar a day. Yeah. So I guess probably [inaudible 01:14:34]

Charles Edge:
Your Apple dividends won’t pay for that, but maybe, I don’t know.

Tom Bridge:
I’ll sell three shares as it stands. I mean, three shares is one pair of AirPods Max today.

Charles Edge:
And according to when you bought them, that might just be one basis according to the basis.

Emily Kausalik-Whittle:
One of the appeals of the new AirPods Pro is the case with the little lanyards doohickey and whatever.

Charles Edge:
And the USBC. The speaker, which is super helpful to find them when you leave it someplace and it gets put into something that’s put on top of it.

Tom Bridge:
Unless your teen drops it in the snow and then no speakers.

Charles Edge:
Oh.

Tom Bridge:
Or… Nevermind.

Charles Edge:
Goodbye AirPods.

Tom Bridge:
Long story there. Yeah, I’ve been there.

Emily Kausalik-Whittle:
That story isn’t coming from any kind of personal experience of yours clearly. No. It’d be cool, I would take a new, I’ve been holding off on the max, kind of hoping that there would be a new version of a 2.0 maybe with some kind of charging stand of some kind that’s kind of released with it or something like that would be cool. I mean, I’ve seen some really cool 3D printed ones and people come up with [inaudible 01:15:39] solutions for that kind of thing. But maybe some new colors. None of the colors really speak to me. I don’t know what I’d want. I just want something else. I don’t know. I’m horrible.

Charles Edge:
I don’t know what I want.

Emily Kausalik-Whittle:
I don’t know what I want.

Charles Edge:
Just not what I got.

Emily Kausalik-Whittle:
I’m channeling Charles on that one. I don’t know what I want. Apple, tell me what I want out of a new version of the AirPods Max.

Charles Edge:
This is why I’m not a product manager, by the way.

Emily Kausalik-Whittle:
Yeah.

Charles Edge:
I don’t know. So how about HomePods also? We got one earlier, but yet, I don’t know. It’s not speaking to me.

Tom Bridge:
Yeah, I don’t think we’re going to get any updates there. Maybe we get a software update, but…

Emily Kausalik-Whittle:
It would be really cool and there’s probably some kind of technological limitation behind it that I don’t understand. Because again, I’m just not a hardware person. I do not care. That I can’t keep a regular HomePod automatically paired with an Apple TV over Airplay or whatever. Like you can with the bigger HomePod. The HomePod Mini versus the HomePod. Right? The mini, you have to re pair it every time you want to use it versus the standard one that’ll stay automatically paired like a speaker.

Charles Edge:
Yep.

Emily Kausalik-Whittle:
Like give me that on a-

Charles Edge:
[inaudible 01:16:52] a share sheet effectively the extension at least. Yeah.

Emily Kausalik-Whittle:
Yeah. Just give me a mini that does that. That’d be cool.

Charles Edge:
Or three because Boo boo boo.

Emily Kausalik-Whittle:
Well that’s the thing. I could buy Four Minis for the cost of one standard one and really have minis all over my downstairs automatically paired to Apple TV for music and movies and stuff. Like come on.

Tom Bridge:
Probably, I mean, when we put in the basement TV, the basement TV is not a TV at all. It is actually a display. And it’s just an HDMI connection to an Apple TV. And then we’ve slapped in a couple of AirPods, or excuse me, HomePod Minis down there. HomePods Mini?

Charles Edge:
That’s all I-

Tom Bridge:
The attorneys general.

Emily Kausalik-Whittle:
I think it’s HomePods Mini. Yeah.

Tom Bridge:
HomePods Mini. And they’ve been amazing. And it fills that basement room perfectly. I have two on my desk. I love them.

Charles Edge:
And yet there’s still other things out there because it’s not just bulletproof yet.

Tom Bridge:
Yep.

Charles Edge:
To Emily’s point. You’re not pairing, but resetting things up a little too frequently and just, yeah, it feels ephemeral.

Charles Edge:
Yeah. It feels ephemeral. I think that’s the issue that I have so far. But what’s not ephemeral, are watch bands. So, we’ll be seeing new watch bands. Nevermind, we know we’ll see new watch bands. It’ll make us think about, “Oh, this new watch band is just the thing,” and you’re like, “I don’t know, whatever.”

Emily Kausalik-Whittle:
I have a correction.

Charles Edge:
Yeah?

Emily Kausalik-Whittle:
You’re supposed to call them HomePod speakers. So it’d be HomePod speakers, HomePod mini speakers. I’ve grabbed the Apple style guide.

Tom Bridge:
Thank you. Now I will use those words correctly.

Emily Kausalik-Whittle:
Just want to be technically correct for our friends.

Tom Bridge:
There you go. The best kind of correct.

Emily Kausalik-Whittle:
Yeah. Here’s my ask for Apple Watch. Give me one of the double loops that isn’t leather. That’d be cool. Like Hermès wraparound things, but just give me one that’s vegan leather, full leather.

Charles Edge:
Fake leather, because you don’t want to kill a cow to…

Emily Kausalik-Whittle:
I don’t like wearing dead animal skin on me. I’m just not that person.

Charles Edge:
That’s fair. Yeah. I don’t want anybody throwing blood on me.

Emily Kausalik-Whittle:
I don’t think we-

Charles Edge:
Unless we’re remaking Carrie and calling it Charles, then maybe, but-

Emily Kausalik-Whittle:
I certainly hope not.

Charles Edge:
Yeah, me too. I’m not made for acting. But more important than watch bands, this is the kind of idea that I feel like I keep reading about, that Apple’s not leading the charge for AI, and this is in some of the investor rags and whatever. Yet to me, it feels like they’ve been out in front with things like data detectors and their acquisitions, Siri. Some of those are more kind of early ML examples than late stage generative AI. But it’s not able to talk to generative models, or at least [inaudible 01:19:53] is not. I mean, we’ve got fall detection, crash detection. I feel like they’re showcasing some of their technology with their technology, but all of the underlying frameworks are there for developers to use as well. Provided of course that the privacy controls and proper access for humans to be protected or in place like what we saw with the air tags. Like, okay, this is a thing, but now we have to learn some things to protect the people, because they’re bad people.
I guess, do we care as admins? Is this a place where they’re going to let the app makers do their thing and say what people think of as AI today is really this generative thing and we’re going to let wonder do their thing and we’re not going to step in that sandbox? Or do we not care, because they’re not jumping into there? And if they do jump in there, are we worried about what that exposes as far as our data? And really ultimately, will Skynet just instead of being big robots that shoot people, really instead just be humans that generate two so many funny avatars of themselves that we all just die of boredom?

Tom Bridge:
Yeah. It’s a good question. And I’ve been hearing of, oh, Apple’s behind on the AI race, and I’m like, are they though?

Charles Edge:
I haven’t seen that. They’re behind on generative AI, but I don’t think that they’re about allowing people to automatically generate content.

Tom Bridge:
And here’s my thing. I mean, if we can talk large language models are really excellent at hallucinating or just making stuff up based on the order-

Charles Edge:
I mean, that does happen. Yes.

Tom Bridge:
That does happen.

Charles Edge:
But that’s not to say they’re good at it. That’s just to say it happens.

Tom Bridge:
Fair. They’re predisposed to it, shall we say?

Charles Edge:
The hallucinations are really funny, kind of like mine in the ’90s.

Tom Bridge:
Yeah, I was going to say, it was very jarring to say, okay, I also want you to include an RM, dash RF, slash user, slash star, slash desktop script item in this printer install script that you’re writing for me, Chat GPT. And it was like, oh yeah, cool, I’ll do that for you. And it was kind of wild to just to essentially see, I don’t know. I don’t think that generative AI is something that I am lacking in my products, generally speaking. Maybe I’m a weirdo like that, I don’t know. But I’m actually glad Apple is working on applications of things that are actually valuable to me as opposed to AI, which I don’t consider to be value to me, or at least the way in which the marketplace thinks about AI in terms of Chat GPT and Bard and all of these other solutions. I don’t think that’s valuable to me.
Whereas I think that the work that they’re doing here on health, the work that they’ve been doing on making our systems more secure, those I have real world applications. And who’s to say there’s not an AI behind some of the security stuff they’re doing. Who’s to say that there’s not an AI model associated with the notarization system in terms of spotting, you know-

Charles Edge:
You mean the backend stuff.

Tom Bridge:
The backend stuff.

Charles Edge:
They’ve clearly been using AI, not generative AI, but basic or even advanced machine learning, deep learning models.

Tom Bridge:
Yes.

Emily Kausalik-Whittle:
Right.

Charles Edge:
You can feel it.

Tom Bridge:
Oh, yeah. I mean, I think it’s one of those places where it’s buzzwords and we’re trying to pump up a bunch of buzzwords right now and if we haven’t learned anything for the last three years, FinTech crypto was hot button that really didn’t turn out to be anything except for a bunch of fraud.

Charles Edge:
If instead of that-

Emily Kausalik-Whittle:
I mean, it’s only going to-

Charles Edge:
Go ahead.

Emily Kausalik-Whittle:
…spit out what you give it. So keep putting dumb stuff in it, we’re going to keep getting dumb stuff out. I mean, Skynet doesn’t really feel like much of a threat. We’re too stupid as a species to really give it anything that would let them take over the world. We’re making what does it look like if Wes Anderson made Star Wars, right? Which is-

Charles Edge:
I like this idea though.

Emily Kausalik-Whittle:
Awesome. Right? It’s cool. And the conversation feels so after on the writer’s strike that’s happening right now and all these threats around, well, we’ll just start introducing AI into generating script content and doing all this kind of stuff that they’re really trying to fight against. It’s just what are you putting in, what are you getting out? I think there’s potentially a lot of value in, and it kind of echoes of what you were already discussing. For me, the obvious model in business and maybe for Apple as a business or [inaudible 01:24:45] as a business or whoever else has a business, I don’t want to speak for [inaudible 01:24:47] and what it’s doing, but internally we have a chatbot that’s like part of the IT help desk, where you can ask it questions and our support staff can feed it information, right? Here are internal KB articles, here are external Apple KB articles.
Here’s additional stuff. And as people are asking it questions, we’re able to learn, it’s able to build models for different types of information and then share it so that the next time someone asks a similar question, it gets a better response. And I think there’s application in that sense. Maybe Apple can lead the forefront in terms of how it engages with its consumer audience for end user support first stuff, but maybe not in the way that it does other, I don’t think the model just always needs to be, apple will use generative AI to build new content. No, it can use AI to better support the people using its technologies. And that seems fair in that. And I think that’s probably already happening a lot more than we realize at a lot of companies.

Charles Edge:
Well, I mean since you mentioned the support teams, Salesforce Einstein, which backs way more support teams than I think anybody knows, was introduced I believe in 2016, but they bought the company that evolved into Einstein as in, I think 2014 or 2015. So none of this stuff is even remotely new. I mean the backend algorithms are probably more from the ’60s and ’70s, but now the CPUs are fast enough to, and the data is surfaced fast enough to get to them. But yeah.

Emily Kausalik-Whittle:
Yeah, and I think the difference now is it feels like the barrier for entry is lower too.

Charles Edge:
Yeah. You check a box in Einstein and it evaluates all your KBs and it introduces the chat button and just throws a link in it. It’s a checkbox as opposed to… In wonder, you say, I want a Sumerian goddess. And it shows you a white lady who’s probably naked, which is all very awkward.

Emily Kausalik-Whittle:
Yeah. Again-

Charles Edge:
We’re like, hide your eyes kids.

Emily Kausalik-Whittle:
You get out what you put in essentially.

Charles Edge:
Right. No offense to Wonder, who apparently will not be sponsoring this episode after I said that.

Emily Kausalik-Whittle:
That was a big concern of ours.

Charles Edge:
Yeah, obviously. I guess Emily, you put in one last thing or who put this in?

Emily Kausalik-Whittle:
Yeah, that was me. It just felt worth mentioning that after Jamf’s earnings call a few days later, CEO Dean Hager announced his retirement and that he’ll be transitioning CEO over to John Strosel, who’s been at Jamf for six years?

Charles Edge:

[inaudible 01:27:48]

Emily Kausalik-Whittle:
…something like that. He joined not too long-

Charles Edge:
Seven or eight.

Emily Kausalik-Whittle:
…I think. Yeah.

Charles Edge:
And that was not long after.

Emily Kausalik-Whittle:
I know it’s a specifically Jamf V thing. Spoiler alert. I work at Champ, I’ve been a Jamf engineer for most of my career. But Dean is a really well known figure in the [inaudible 01:28:06] community, regardless of what platform you use as a champion of Apple technology in the workplace and innovating alongside Apple and all those things. And just seem worth mentioning as something newsworthy that happened recently.

Charles Edge:
Dean has done amazing-

Emily Kausalik-Whittle:
I’m jealous that he gets retire-

Charles Edge:
Amazing… Well, he did a phenomenal, I think it was an eight-year stint at Champ.

Emily Kausalik-Whittle:
Something like that. Yeah.

Charles Edge:
And I don’t know that I could have imagined that anyone could come in and do what he did. I mean, he was a phenomenal CEO. And having watched what John has done in every role that he’s had in the org, I think more power to him. I am excited that he’s the one taking the reins that it’s an internal hire, that it’s not someone brought in from the outside and that it’s someone who’s had such a successful career at Champ. I mean he, I can’t imagine if you had told me eight years ago that the sales year over year would consistently net the gains that they have. I would’ve honestly thought you were crazy. I thought it was tapped, to be honest, and I am so glad to have been proven wrong. More power to him. Congratulations to both of them. [inaudible 01:29:51] huge congratulations from the bottom of my heart. They’ve both earned it. Dean is-

Tom Bridge:
Well, you think about, and I say my special congratulations to Dean, because I can’t imagine what it’s like to steer that ship. And the only times you’re probably not deeply engaged in the running of the business is when you’re unconscious. And so that kind of always on mentality is really, really hard.

Emily Kausalik-Whittle:
I have a little anecdote I can share on that. I’ve never worked for Context for, because I haven’t been on the podcast regularly in a while. I manage the team that runs the Jamf stack of Enterprise Solutions at Jamf for our endpoints. My team are the endpoint admins for Jamf as a business. So as you can imagine, we use pro and trust and connect and protect and the whole gamma of everything, right? And as soon as product is ready with a new thing, they’re now coming to us saying, hey, how can we get this implemented? And the biggest cheerleader of any of that is always Dean, which I’ve never worked… I’ve worked at places that are very technologically savvy that really embrace Apple technology, but I’ve never had a CEO who’s like, “No, no, no. It’s okay if you break my phone, I just want to try it. Can you please just do it?”
He was on vacation ice fishing somewhere. Someone somewhere calls me on a Friday evening. I’m trying to get fast passed out of my phone and I think I’m missing a step. So he’s on his phone out on the frozen lake on the phone with me talking about setting up this thing for his user enrolled device. Who else is like that, except Dean? He’s just always been such a huge champion of all the stuff that the company is building to and really embrace. Dog fooding, I think is the most apt way to say it. I know that our CIO, Lynn, calls it drinking our own champagne, right? Really like we’re all in-

Charles Edge:
She’s from California, so.

Emily Kausalik-Whittle:
Yeah, we’re all in one Jamf. And he’s always been all in and his knowledge of the technology runs deep and it’s so admirable for so long for him to be that person. And he and John both are just so nice. They’re just really nice people. And it’s having leadership that’s very kind and cares so deeply about everyone at their organization, truly, is you don’t get a lot of opportunities to have leadership like that in the corporate space. It’s just not always the case. It’s just not very, very spoiled. And I’m big congratulations to him and to John for moving and shaking in their careers.

Charles Edge:
Indeed.

Emily Kausalik-Whittle:
Love it.

Tom Bridge:
And John, best of luck is you take the helm and Dean, I hope you get a well-deserved rest and onward to new and more interesting things.
Here at the Mac Admins Podcast. We want to say a special thank you to all of our Patreon backers. The following people are to be recognized for their incredible generosity. Stu Baka, thank you. Adam Selbi, thank you. Nate Walk, thank you. Michaels Tsi, thank you. Rick Goodie, thank you. Mike Boylan, you know it. Thank you. Melvin Vivez, thank you. Bill Steitz, thank you. Anush Storyville, thank you. Jeffrey Compton, M. Marsh, Stu McDonald, Hamlin Crusin, Adam Berg, thank you. AJ Petrapka, thank you. James Tracy, Tim Perfet of Two Canoes. Thank you. Nate Sinal, Will O’Neill Sebnash, the folks at Command Control Power, Steven Weinstein, Chetz Warthad, Daniel McLaughlin, Justin Holt, Bill Smith, and Weldon Dod, thank you all so much and remember that you can back us if you just head on out to patreon.com/macadmpodcast. Thanks everybody.

Charles Edge:
I guess we don’t have a bonus question, but we’ve gone an half hour over so we think we had a quick-

Tom Bridge:
I was going to say, I don’t know, I think I’ll ask, out of the five areas that we talked about, which are you most excited about? iOS, MACos WatchOS TVos…are mixed.

Charles Edge:
Retiring.

Emily Kausalik-Whittle:
I am the most excited about retiring.

Tom Bridge:
I am most excited about retiring as well. And it should hopefully happen sometime before 2078 when I turn a 100.

Charles Edge:
I’m most excited, I’ll kick this off, because I think I always go last pretty much, but I am most excited about software update.

Emily Kausalik-Whittle:
I will say again, I long for a day when admins do not have to give a Flying F about software update.

Charles Edge:
Yes.

Emily Kausalik-Whittle:
That we do not have dear friends at large companies who spend 50% of their time filing feedback with Apple around the nuances of being able to apply updates via MDM. I love that they do that. I appreciate all their effort. They shouldn’t have to do that in the first place. My opinion. Right? It just seems, it bums me up.

Charles Edge:
Table stakes. They call it tables stakes.

Emily Kausalik-Whittle:
I appreciate them, but it bums me out. I want to not have to care about software update. I want it to just do what it needs to do. That’s the dream.

Charles Edge:
But what are you most excited about was the… Because it might be software update or it might be that APY on the Apple card or it might be new airpod. I don’t know. It’s definitely not MR, from what you said.

Emily Kausalik-Whittle:
No, God. Yeah. I think, honestly, I don’t know if we really touched on it specifically, but I’m curious to see how we continue to on ramp to declarative management or MDM2 and how more of what we kind of do with a management, our devices comes through those channels versus MDM1 or Protocol one, or whatever you want to call it, whatever the thing is. I actually think the on-ramp to it is a little faster than I anticipated, because it really felt very theoretical when they were talking about it. And then when we finally we’re like, oh, now it’s available for all devices. As long as they upgrade to these versions of the operating system. It’s like, oh, they’re serious about this. Cool.
I’m interested to see what comes from that. And we did talk about Apple Business Manager. I’m excited for enhancements to Apple Business Manager and how organizations on ramp their devices and the identities of their users. I really, really long for some love there. Some jing, just a little bit. Please. That’s what I’m looking for. Just give me a jush, this year, please. I’ll take it.

Charles Edge:
Yeah. Now Tom, you’re not allowed to say, but Identity Federation. Other than that, what do you have? Sure.

Tom Bridge:
I’m interested to see what they do with [inaudible 01:37:11] and then I’m really interested to see what they do with the rumored journaling tool that’s supposed to be coming to Health and iOS17. As someone who’s under undergoing a bit of a health journey these days, I’m very interested. I’m doing a lot more mood tracking. I’m doing a lot more… As I go through medication adjustment, I’m going through and having more data is better. And if there’s a great way to do that that’s tied to my private health data in the same layer that’s actually that private, awesome. Hell yes, please. Yes. Yes, please. Co count me as excited for that particular feature. I hope it makes it out. Otherwise, count me in for whatever watch OS 10 brings.

Charles Edge:
Lovely answer. I’m looking forward to a redesign. I haven’t seen anything new in… What’s it been six years? I mean, let me rephrase that. It’s been a slow, wonderful progression, but…

Emily Kausalik-Whittle:
I hope that I would love to see, because I think the watch, the Ultra Watch kind of super flat face and the bezzle, I think it’s beautiful. And I’d love to see some version of that coming just across all of the different offerings of the watch, because I just think it’s a really beautiful watch. I also wouldn’t be mad if they made it round.

Charles Edge:
Oh.

Tom Bridge:
Yep. Wouldn’t be sad at all.

Emily Kausalik-Whittle:
I wouldn’t be sad about it.

Charles Edge:
Like complications in the car.

Emily Kausalik-Whittle:
We didn’t talk about card play. Where all the cars with the new extended card play heads up display. When is that going to happen?

Tom Bridge:
We feel like this is where we need to insert the Avery Brooks, where are my flying cars at from IBM in the late ’90s. Where? Where? I was promised flying cars.

Charles Edge:
In a positronic brain? I mean, cme on, foundation. I’m waiting for that next season. Anyways. We could go all night. It’s wonderful to have you back, Emily.

Emily Kausalik-Whittle:
Hi. It’s fun. I drag things out. You’re welcome everybody.

Charles Edge:
In the loveliest way.

Emily Kausalik-Whittle:
Oh, thanks.

Tom Bridge:
But yeah, it’s been a phenomenal evening. I’m really sorry to have to shut it down, but I’m going to, and I’m going to do it by saying thanks to all of our wonderful sponsors and our friends at Collide and our friends at [inaudible 01:39:34] and thanks everybody and we’ll see you next time.

James Smith:
The Mac Admins podcast is a production of Mac Admins podcast, LLC. Our producer is Tom Bridge. Our sound editor and mixing engineer is James Smith. Our theme music was produced by Adam Kodiga, the first time he opened Garage Band. Sponsorship for the Mac Admins podcast is provided by the macadmins.orgslack, where you can join thousands of Mac Admins in a free Slack instance. Visit macadmins.org. And also by Technalutionary LLC. Technically we can help. For more information about this podcast and other broadcasts like it, please visit podcast.macadmins.org. Since we’ve converted this podcast to APFS, the funny metadata joke is at the end.

Listen

Sponsors:

With Alectrona Patch you can install and update over 300 Mac applications automatically to keep your users protected with the latest security updates. Alectrona is a proud Sponsor of the MacAdmins Podcast and MacAdmins Foundation. Check out Alectrona Patch at alectrona.com/patch to learn more and to book a demo with our team.

Patreon Sponsors:

The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include:

Rick Goody, Mike Boylan, Melvin Vives, William (Bill) Stites, Anoush d’Orville, Jeffrey Compton, M.Marsh, Hamlin Krewson, Adam Burg, A.J. Potrebka, James Stracey, Timothy Perfitt, Nate Cinal, William O’Neal, Sebastian Nash, Command Control Power, Stephen Weinstein, Chad Swarthout, Daniel MacLaughlin, Justin Holt, William Smith, and Weldon Dodd

Mac Admins Podcast Community Calendar, Sponsored by Watchman Monitoring

Conferences

Event Name	Location	Dates	Format	Cost
XWorld	Melbourne, AUS	30-31 March 2023	TBA	TBA

Upcoming Meetups

Event Name	Location	Dates	Cost
Houston Apple Admins	Saint Arnold Brewing Company	5:30pm 4th March 2024	Free

Recurring Meetups

Event Name	Location	Dates	Cost
London Apple Admins Pub	Online weekly (see #laa-pub in MacAdmins Slack for connection details), sometimes in-person	Most Thursdays at 17:00 BST (UTC+1), 19:00 BST when in-person	Free
#ANZMac Channel Happy Hour	Online (see #anzmac in MacAdmins Slack for connection details)	Thursdays 5 p.m. AEST	Free
#cascadia Channel Happy Hour	Online (see #cascadia channel in Mac Admins Slack)	Thursdays 4 p.m. PT (US)	Free