On minimalism

We’re moving next week, so naturally we’ve started packing our stuff already.

Last night, my wife made the most thought provoking remark about our current stack of boxes that kept me thinking:

Basically, all those boxes we packed a week in advance is stuff we don’t need to live.

We pretend, or we like to believe, we’re both minimalists in our approach to live. We don’t have a lot of little stuff around, only have a dozen physical books, with all media being digital.

Even so, when packing boxes you discover that you still have too much stuff. Who needs 4 bottle openers. Do we even read those 12 books often enough to warrant shelve space? Why do we keep moving that set of dinner plates we never use?

We’re currently cooking and eating with a reduced set of items. A few glasses, cups and plates. And we manage.

Our living room is empty. All shelves have been packed and all framed items safely stored. Even so. We still relax in the sofas and enjoy our evenings.

It’s also telling what we didn’t pack yet. Sonos. WiFi. Coffee. Basically, what you pack last is what you really need to live. The rest? Joys of life, extra’s, just stuff.

Moving. It makes you think.

CAT 6E

Next week we’re moving apartments. The new place is a bit smaller than our current one, but has an extra room for #thelittleone and this time: a working hot water installation.

To my surprise the new apartment (we’re renting) has CAT 6E Ethernet installed in the living room and both bedrooms. I know it’s 2018 and wireless is basically the default for any home installation these days, but some decent wired endpoints across the house make placing WiFi access points that cover every spot of the house a breeze.

One problem: even though cables were installed in the apartment and every room has some nice patch ports next to the power plugs, in the utility room all Ethernet cables were unfinished and just hanging there.  (the owner didn’t even know what they were)

So today I spent part of the morning terminating all cables, connecting them to a switch and checking cable stability afterwards.

I used to do this at the office on a regular basis but it’s been a while now since I touched a cable so —with a bit of shame— I had to resort to a schematic on Google to remember the color code. And.. have a 50% chance I choose the same schema as the electrician.

Luckily all went well and I terminated all cables without any issues.

Up next: installing WiFi, adding my home server and start rebuilding HomeKit. And move all our stuff..

HomePod

Plenty of people have written about how Spotify – or rather the lack of Spotify – is the reason the HomePod is not for them.  

Last night, I almost convinced my wife we should trade two Sonos Play:1 for a HomePod in our new living room.

That is, until realized it only has Apple Music and as such will not support any radio streams either.  And since our Sonos play local radio basically 90% of the time via TuneIn Radio, it would mean losing most of the audio that comes through our Sonos.

No HomePod for me ::sadface

(Yes, technically I could stream radio from an iOS device via AirPlay but there’s no Siri support for that)

iPhone Homescreen

It’s been a while since I posted a Homescreen overview. So today, I’m starting with my iPhone.

As you’ll see 50% of the apps on my iPhone’s homescreen are the native iOS apps for certain services. I used to look the best third party app for any service, but I find myself going back to the default solution more often than not. The reason? Convenience. Apple’s first party apps sync natively with iCloud, which makes setting up an iPhone a breeze + it’s free, which lowers monthly recurring fees.

I tend to organize my homescreen by type.

Notably I do not have the Phone app on my homescreen. I see my iPhone as a computer and don’t like phone calls. I consider it an iPod Touch with cellular more than a phone with apps.

Productivity

The first two rows are what I call my productivity rows. They contains task related apps.

Calendar: I use the default app because it shows today’s date on the homescreen. I tend to add locations to most of my events, so I use the Up Next widget to see where I need to go and get timely “time to leave” alerts.

Todoist : Task Managers are my weak point. I tend to move from Omnifocus to Things to Reminders to … multiple times a year. I prefer Reminders for its native Siri integration, which makes dumping thoughts into an Inbox by voice quick and convenient. But Reminders has a terrible interface.

Thanks to Alexa (more on that later) I can now use Todoist as a task manager. I use Alexa to quickly input thoughts, get a daily update every morning and manage my shopping list. Which reminds me: “Alexa, add ‘Ask my wifi to start using Todoist for our groceries’ to my todo list”.

All tasks end up in Todoist. It is a rather utilitarian interface but it does it’s job nicely. I’m a big fan of the comment feature to add extra notes or adding attachments and its Share Extension is awesome.

1Password : Safety first. And when it comes to password management there’s only one choice. 1Password offers 2FA support, syncs across devices and allows me to share a vault with my wife via the Family Accounts feature.

Workflow : I’m going to let @Viticci answer why it’s there.

Files, Photos and Notes: I prefer the first party solutions for these three because they just work. Although I do use Google Photos as an extra backup for my photos and backup my files via Backblaze just in case. All three are rather basic in their functionality, especially when it comes to sharing, but when it comes to integrating with other apps they still win when compared to Dropbox, Google or other Cloud Storage Services.

Screens: I work on iOS mainly, but when I do need a Mac, I often resort to Screens to quickly connect to my Mac mini at home. Thanks to its Connect service you can connect from anywhere. Lovely app, although I hope they soon at MFA security to the Screens Connect account.

Social

The second big block is the social block. These are the apps that connect to the world.

Mail: Similar to task managers, mail is an app where there and back again is often applied. I used Spark, Inbox, Mailbox, … but always see myself go back to the default Mail app. I’m not a big fan of the defer to later mailbox approach (I use a task manager for this) so most third party apps are to complex for my needs.

Messages: I detest Whatsapp and Facebook Messenger is a necessary evil. So when I can, I go to iMessage to message friends and family.

Alexa: I’ve only started using Amazon Echo devices since last fall so I regularly use the Alexa app to add or change some skills. The announced Alexa voice integration within the app allows it to stay on the homescreen.

Safari: doesn’t need an explanation.

Tweetbot: Timelines should be chronological. That’s why they’re called timelines.

Instagram: Guilty pleasure.

Unread: I still use RSS feeds to follow blogs, no matter what Kottke says. Feedwrangler is my current backend service although I like what Feedbin is doing with their new Twitter integration. Frontend I use Unread for its beautiful reading experience.

Pocket: Feedreaders and read it later apps are two sides of the same coin. I’ve used Pocket since forever and love the way it allows you to save both text and media in a convenient way. I inject some sites like Daring Fireball and MacStories automatically via IFTTT, and use its sharing extension a lot.

Media

The last rows are dedicated to Media apps. Music, Video, Reading.

Squarespace Blog: I’m trying to blog more again and since Squarespace is the platform I’ve chosen I’m stuck with their iOS apps. I say stuck because the apps are basic. They allow you to enter text and media, but that’s about it. No sharing extensions, no Files integration, no API’s. For longer form text I use Ulysses and copy-paste though. (Yes I know, the app is in the wrong row and is technically a productivy app, but those rows where filled aready 😉 )

iBooks: I buy my media on Apple’s platforms. It’s a lock in and I can never read these books in Kindle but since I’m all in on Apple hardware it doesn’t really bother me. Why iBooks? One word: layout. The way iBooks displays text is way nicer than the Kindle app. I also use its PDF syncing feature a lot, and I hope they soon expose those files via a Files integration too.

Swarm: another guilty pleasure. I love to track where I’ve been and often use the app (and the full Foursquare counterpart) to check places I’ve been or refer restaurants to friends who go on holiday.

Music : “Hey Siri, Play Metallica” while walking around with AirPods is magic. Although I do have a Spotify account for Alexa.

Podcasts: “Hey Siri, Play Connected” while walking around with AirPods is magic.

Youtube: doesn’t need an explanation

Camera: I never use this shortcut and always launch the app from the lockscreen. That is, until I’m on the homescreen and look for the Camera app. I’ve removed the app so many times from my homescreen and found myself looking for it, it’s now a permanent ficture on the homescreen.

Dock 

The dock is filled with four folders. I love the way they replace the homescreen when you open them. It’s a nice mode-shift when going from homescreen to Wallet or Connected.

  • Office: all other productivity apps
  • Connected: smart home and activity apps
  • Media: all other media apps
  • Wallet: online banking, web shops, …

Hidden Apps

Siri unlocks HomeKit. Activity and Health are tracked via the Watch. Alarms are managed via Siri, so is the timer (Seriously Apple, add support for multiple timers!). They do not need a place on my homecreen but I use them daily.

Deploying In App Purchase via VPP

TLDR; You can’t distribute apps with in-app purchases within a company using the preferred Apple VPP methods. Apple should create a VPP program for IAP to fix this.

Deploying Enterprise Apps 

When deploying apps within a company there’s the good, the bad ad the ugly way of doing it.

  • The ugly: buy the app once and allow all users to install it with a shared Apple ID. Or, in other words, welcome to 2010.
  • The bad: have users buy and install apps with their own AppleID, refund via iTunes Credits or use Vouchers from Apple’s Volume Purchase Program do deploy the apps.
  • The good: buy apps via the Volume Purchase Program and distribute them via device based assignment with an Mobile Device Management tool.

The Good

Why is the good, the good? Mobile Device Management platforms like Jamf allow you to assign apps to devices without the use of an AppleID. This way you control who has which apps, users can install and update the apps without passwords and, as a company, you retain control of your licenses making it both easier to revoke access when someone leaves the company, and easier to proof that all software used in the office is legally purchased.

You can buy licenses to distribute App Store apps to devices via Apple’s Volume Purchase Program. This portal is linked to your company, you buy x amount of apps via a central AppleID/Credit card, and the apps show up in your management system of choice. 

Once the license shows up in your MDM system you can assign the app to a device or group of devices (e.g. the new OmniOutliner 3 to all IT Support engineers) and they can immediately use the app.

Pretty cool.

The issue

Recently a couple of big Productivity apps made the switch from pay up front to get the app for free and unlock it completely via IAP. One of the bigger examples is The Omni Group, who made all their apps free, and allow you to unlock e.g. OmniGraffle fully via an In App Purchase. (They even allow you to get a discount if you’ve got a prior version installed).

Similarly, apps like Ferrite or Notability allow you to unlock extra features like new paper types or longer track duration via an IAP. There’s also apps like Ulysses, that are only useable when you have a subscription.

But currently there is no way to distribute these IAP to users. You can install Notability, or OmniGraffle but you can’t unlock the app for your users. Worse, when users try to unlock the IAP themselves, they can’t, since there is no AppleID involved.

Regular users face a similar issue when sharing apps via Family Sharing. If one family member unlocks all levels of Civilization, no one else can get that level unless they unlock, and pay, for the level themselves. It’s understable since most IAP are consumables for games and you can’t spend the same item twice. But when IAP are feature unlocks, or worse, ways to get the full app, the lack of IAP sharing across family members is a limiting, and often frustrating fact.

At least, within a family you can pay up twice (or trice) and get your IAP. But for enterprise users this is not possible. If you want someone in your company to use an app that unlocks via IAP you have to resort to the bad and ugly installation methods.

A Terrible solution or two

  • Developers could create specific enterprise SKUs in the App Store that allow you to pay fully up front. But this results in duplicate apps, user confusion and a lot of support tickets from users buying the wrong SKU. Plus it means they need to maintain two different versions of the same app.
  • Some developers allow you to buy the Mac app directly from their own store with seperate licenses. They can easily be installed via JAMF Pro but lacks the convenience of VPP distribution + it’s yet another serial key to track. Plus, you can’t use this on iOS.
  • You could go the way of Office365, 1Password, Dropbox,… and link the apps’ features to a user account that’s licensed. Downside of this approach: it’s yet another username and password for your users to remember, it’s yet another thing to manage seperately for your IT department. And not every app has need for a username.

A Better solution

With the launch of the new App Store, Apple also launched a better way to Promoting in-app purchases within the store. You can sometimes even buy an IAP directly from the App Store. Why can’t they expose that IAP within the IAP portal and allow us to distribute both the app and the IAP via the known VPP distribution methods within an MDM server?

You buy an app via the VPP Portal, and also buy the related IAP. On your MDM server you then assign both the app and the IAP to your user and voila, problem solved.

With macOS server focused more heavily on Device Management, and Apple promoting IAP and subscriptions as a way to provide upgrades for apps and give developers a means to get money for their work, it’s time for Apple to take these features to an Enterprise level.

So put this on my WWDC 2018 wishlist: Apple, please allow us to distribute IAP via VPP.

If you want this too, please create a radar and reference #37531416, which contains a copy of this post.

iCloud Identity

How many times have you gone through this scenario on your Mac or iPhone: you install a new app, and the first thing it asks you is to sign up to its service. Or, if the app uses CloudKit, you can skip the registration part, but it still asks you for your name, e-mail address and a photo.

Each time you type in your name, enter your e-mail address, upload an avatar, which needs the app to have access all your photos, scroll through your favorites to pick a photo, set a password and click done. Sounds familiar?

There are a few problems with this:

  • These steps are way to much work for what should be a few simple steps.
  • Why do you need to give an app access to all your photos for just one photo?
  • I have to do this every time for every app and service.
  • My iPhone already knows who I am.

Some Solutions

There are ways to shorten this process. You can choose to login via Twitter, Facebook, or Google. But what you win in convenience, you lose in privacy. Where an app used to be a separate service, it’s now connected to those big networks, with all the possible tracking and privacy implications active.

On macOS Apple has solved this issue for their own platform. When you setup a new Mac, they ask you for your Apple ID. They then ask you to create an admin account, but they prefill the username field with your first and last name. It’s easy and convenient. They even create a contact card (if it doesn’t exist yet) with your information which is then used for autofill in Safari.

When looking at iOS, things are similar at first: there’s also a reference to your Contact card in Settings (buried deeply in the contacts section) and your phone number appears in the Phone app, and Safari Autofill knows who you are.

But when you first launch the Health app, Apple asks you for a photo. Even when there’s one in your Contact card. They offer a field to fill in your birthday, even when you already set one when you created your Apple ID. They asks you to select emergency people and they even allow you to tag them with partner, mother, father. For years now contact cards have the option to show or add related contacts. If they parse my vcard in the address book they know this stuff.

It’s a lot of manual work for stuff they already know, and iOS could suggest this info for you.

Identity

Ignorance by Design – Federico Viticci

Apple prioritises user privacy above anything else. They don’t want to know about you. But Apple is also about convenience. Combine these two and I think you can have a very powerful combination:

What if, instead of all this manual stuff, Apple adds an Identity section to the iOS privacy settings. It’s a system level contact card that you can prepopulate with general information about you. This system-level identity contains your name, photo, e-mail, phone number,…

When you install an app that needs your information, it can ask the system for your Identity. iOS shows a modal popup similar to what HealthKit shows. It allows you to pick what the app can see (if not all of it), press done and the app or platform is configured with your data without the need of typing it all in, giving the app access to photos, etc. It makes entering your personal data very fast, but it doesn’t expose unnecessary resources like your photo library to external services.

Next you could imagine Apple filling in a password too, so that’s automatically stored in iCloud Keychain. When you later launch the app on a second device, they can use the build-in Keychain API’s to log you in automatically.

Conclusion

I wrote this because I was frustrated with yet another app that asked me for access to all my photos just to add a profile picture to my account. But while thinking about this I started thinking about how identity exists on Apple’s platform.

Presenting a modal dialog with your personal information is not a guarantee that the platform that asks your data will handle your information in a secure and moral way. But clicking ‘Login with Facebook’ isn’t either. When users need to chose between convenience and privacy, they pick the former.

Privacy is a tough question. And an integrated identity in iOS or macOS doesn’t improve your privacy. It only allows for a faster and more convenient way to create an account in services.

Star Wars Ranking

My friend Arne posted a ranking of Star Wars movies on his blog. Below you can find mine.

  1. A New Hope
  2. The Empire Strikes Back
  3. The Last Jedi
  4. Rogue One
  5. Return of the Jedi
  6. The Force Awakens

(I’ve never seen the Ewok and Droid movies, so can’t really place them in the list.)

I do wonder what those other three movies on his list are. There are rumors about prequels, but as far as I know, they don’t exist?

Black Friday for SysAdmins

Black Friday. A crazy American holiday-day-after with bargain prices on old and newer stuff. People crashing mall doors, fighting over TVs and dolls.
But also: good deals on iOS and macOS apps.

Which makes it, combined with Cyber Monday, a pretty good moment to stock up on VPP purchases for your MDM server.

Ever needed a dozen Pixelmator licenses for the Marketing team? They’ve got a 50% discount today.

Or twenty PDF Expert licenses for Finance and Sales? There’s a great Readdle promo going on!

I’ve got a wishlist of apps that I want for the office but don’t immediately need. Each year when these kind of sales occur, I can often scratch a few from the list. Or expand the licenses of a few apps that are always shy of having more users than available slots.

Black Friday. Great for System Admins.

iPhone X Claim Chowder

The iPhone X drastically alters the way we interact with iOS and our phones. No more home button, more interactions that rely on gestures and a device state that, similar to the Watch, changes depending on what the user is doing.
After using the iPhone X for only a day I’m feeling some of those new UI and UX decisions are temporary and will change with a future iOS versions once we get used to this new home button-less world.

So, some Claim Chowder:

  • The home indicator will become optional or disappear like scrollbars in a future version of iOS. For now it has to be visible so users don’t get lost while we migrate away from the home button.
  • Similar, I think the Face ID animation is going to become faster and less visible once people get used to it. Currently it has to be very visible because we aren’t used to invisible security yet.
  • More apps will start using the password autofill because logging into an app with manually password entry feels ancient now.
  • AirPower will be to battery life what Face ID is for security. It’ll quickly make battery anxiety going away once more surfaces will become charging surfaces. I can see it quickly become part of desks, arm rests, night stands.
  • Since Apple now knows when we’re actually looking at the device, they should link background fetching to attention. Is the iPhone on a table and is the owner glancing at it? Do a background fetch of email, Tweetbot, News,… in the background and notify them if something new is available.

iPhone X feels like a reset, similar to how iOS 11 did a reset of the iPad. Can’t wait to see where they go next.