Jun 052015

So iCloud Family Sharing is a bit of a bust.  The wizard for setting up all the security measures on each account that you must create, combined with the lack of privacy, AND the fact that a payment method is now required are a real pain.  If you’re planning to let children use the devices unsupervised – you’d be amazed what they can find on Youtube – and you don’t want to have to explain any number of topics you’re not prepared for, then you need a better method to lock down the devices.

The problem with Apple Configurator is that when Supervise mode is used (which is necessary to lock down most of the device), application distribution is designed to work with the Volume Purchase Program (VPP) which is closed to consumers.  Even if you have a DUNS number (which is required to register as a business) you are stilled faced with purchasing multiple copies of software you’ve already paid for. Even for the kids on two devices, I’d be looking at $30 minimum to get Plex, Minecraft (a game they enjoy), and Move the Turtle (introduction to basic programming similar to Logo on the old Apple IIe’s).  Since iCloud Family Sharing allows you to share apps between family owned devices (up to 5, I believe), Apple is not requiring you to pay for additional copies of software… UNLESS you wish make the iOS device safe for children to use.

There are subscription based Mobile Device Management (MDM) providers that provide access to some management features and application deployment capability, but I was unable to find one that really offered the ability to secure and customize the device to my liking.  In any case, to deploy apps with via MDM,you still have to have a VPP account.

When the kids are a bit older, and are responsible enough to have unrestricted access to our iPads and old iPhones, an MDM provider such as Curbi.  I’ll probably subscribe next year when Liam is 10.  This way he can have his own iOS device, but I can control when it works and when it doesn’t from a well designed and easy to use iOS app.

For now, the challenge was to get an appropriate selection of the apps I own onto a phone configured and secured for each kid.  Initially, I wrongly assumed that since the intention was to deploy apps via VPP, there was likely no easy alternative to purchasing additional license for the software in order to make the phones safe for children.  Ultimately, I found the checkbox which allows Supervise mode to be used without removing existing applications.  Always the damn checkboxes that get me!

Here’s what the preferences pane look like:

Best to clear both if you don't want to waste time

Best to clear both if you don’t want to waste time

The default settings are both boxes checked.  Since I failed to notice that when I first setup the phones, Every time I applied a profile, all the apps were wiped off the phone. Very frustrating to say the least.

Lock screen  preferences are found here:

The benefit of using Supervise mode

The benefit of using Supervise mode









to be continued…

May 022015

While I hate to admit it, sometimes the only way to get a few minutes of rest while away on a family vacation is to throw the kids in front of the tv for an hour or two.  Unfortunately, most of the tv shows I’m willing to let my kids watch aren’t typically available in the hotel room.

Luckily, most hotels have tv sets that have a free composite or HDMI port available.  This allows you to easily connect your own Roku, Apple tv or other streaming device and access your own programming.  The one SNAFU is that most hotel wi-fi networks require you to authenticate your access with a password, and there is no way to do that from your Roku.

Here’s a little trick to get you around that.  Assuming you’ve brought your laptop (for demonstration purposes, I’m using an Apple laptop), you can authenticate the Roku device using your laptop.  The first thing you’ll need to do is to get the MAC address of the Roku.  Luckily, it’s printed on the back in nice, easy to read lettering.  Here’s a picture of mine:


One you have the MAC address, you temporarily ‘spoof’ (think clone) this mac address onto the wireless network adapter of your computer.  On OSX 10.x, you do it in terminal like so:

Screen Shot 2015-05-02 at 7.38.09 PM

Once you’ve spoofed the MAC address, join the wireless network and authenticate from your laptop:

Screen Shot 2015-05-02 at 7.36.19 PM

Repeat the terminal command using the original MAC address to restore your original settings.

Now that the MAC address of the Roku has been authenticated with the hotel network and been issued a network address, you simply have to plug it into the tv, turn it on and then join the network from the settings page!  You now have access to Netflix, Hulu, Amazon Prime, Plex and anything else you already have on your Roku!  (And you have the kids occupied long enough to make a blog post!)

Aug 252014

If you are running postfix/dovecot using the server app on OSX 10.8.x and want to implement the markasjunk2 plugin for roundcube, allow me to save you hours of frustration…  Here are the settings that worked for me.

Assuming you intent to use sa-learn to update the Bayesian filter when using the plugin, modify config.inc.php as follows:

Set plugin to use cmd_learn driver:$rcmail_config['markasjunk2_learning_driver'] = cmd_learn;


$rcmail_config[‘markasjunk2_learning_driver’] = cmd_learn;

Set spam option for learn driver:$rcmail_config['markasjunk2_spam_cmd'] = 'sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/sa-learn  --spam %f';

$rcmail_config[‘markasjunk2_spam_cmd’] = ‘sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/sa-learn  –spam %f’;

Set ham options for learn driver:

$rcmail_config['markasjunk2_ham_cmd'] = 'sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/sa-learn --ham %f';

$rcmail_config[‘markasjunk2_ham_cmd’] = ‘sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/sa-learn –ham %f’;

If you want to see it in action, be sure to turn on logging:$rcmail_config['markasjunk2_debug'] = true;


$rcmail_config[‘markasjunk2_debug’] = true;

In order for roundcube to call sa-learn with access permission to spamassassin database, it is necessary to update the sudoers file.

Open terminal and type:  sudo visudo

Screen Shot 2014-08-25 at 10.28.51 AM

(homebrew is so much easier on the eyes)


Once in the sudoers file, add the following line:

Screen Shot 2014-08-25 at 10.05.50 AM




_www ALL=(root) NOPASSWD:/Applications/Server.app/Contents/ServerRooy/usr/bin/sa-learn

After you have added the changes,  save your changes –   ‘:’  brings up menu and ‘w’ to write changes.  Then ‘:’  and ‘q’ to quit (I prefer nano to vim, but supposedly there is some voodoo about changing the sudoers file in an unsafe manner and you’ll shoot your eye out.. blah blah blah.

Open roundcube inbox, and mash the junk button, and see the results in the log file:

displayed at bottom of roundcube interface


learned some tokens!

Here are some good references (without which, I’d have never gotten this working):