407: Bad Apple

Jeff is on Spring Break, so Christina and Brett keep the show going with a heavily tech-oriented episode. From security back doors to complaining about Apple software, it’s all the tech talk you could want.

Join the Conversation

Thanks!

You’re downloading today’s show from CacheFly’s network

BackBeat Media Podcast Network

Check out more episodes at overtiredpod.com and subscribe on Apple Podcasts, Spotify, or your favorite podcast app. Find Brett as @ttscoff, Christina as @film_girl, Jeff as @jsguntzel, and follow Overtired at @ovrtrd on Twitter.

Transcript

Bad Apple

[00:00:00]

[00:00:04] Brett: Welcome back to Overtired, which has become once again, a, um, kind of sporadic, uh, release schedule, but that’s just, it’s spring break. We’ll be back into the swing of things, uh, shortly. In the meantime, um, we’ll, we’ll just keep putting out kind of random episodes. I kind of wanted to put one out. Oh, hi, by the way, I’m, I’m Brett Terpstra.

[00:00:26] Brett: I’m here with Christina Warren. Um, I kind of wanted to release an episode last week that had an intro and then was just a rickroll, um, and like play the entire song and then, and then just like play the outro music. Um, but I didn’t, because that was probably, there were probably copyright issues with that.

[00:00:47] Christina: Eh,

[00:00:49] Brett: I could probably get away with a 30 second snippet though.

[00:00:52] April Fools Day Fun

[00:00:52] Christina: yeah, probably. I saw one good Okay, so April Fool’s Day was What day was that? Was that like, Monday?

[00:00:59] Brett: It [00:01:00] was on April 1st.

[00:01:01] Christina: Well, no, it was last Friday. No, I know, but I was trying to think where we are like, like, like day wise, like I was trying to think of what day was it this week? And it was Monday. So we’re recording this on Saturday.

[00:01:12] Christina: So it was Monday. So I was trying to figure out when it was. Um, and April Fool’s Day as, as you know, the internet has ruined it. I think we’ve talked about that before. I feel very complicit about my own role. Um, in ruining the day because of, of my time as a blogger, um, especially at Mashable during like the height of brands being extremely online and terrible.

[00:01:36] Christina: But there was one good, well, there were a couple of, of good ones that I saw. Um, I think, uh, I don’t remember what the, the second one was, maybe it’ll come to me, but the one that actually got me to laugh was, um, somebody, um, Uh, and I knew exactly what it was before I saw it and I saw Mr. Macintosh, uh, tweet it and it was somebody who was like, hey, I got a way [00:02:00] of getting, you know, full, you know, modern, um, Mac OS, um, running on old power PC Macs, you know, click here for more.

[00:02:08] Christina: And I knew it was like, Oh, and then you click on the thing. It was like, Oh, you know, click, click, click on this link, you know, to get more information or whatever. And I was like, Oh, I know exactly what this is. Before I even saw the YouTube tool tip, before I even saw that, I like, I knew exactly what I was setting myself up for and I still sent it to someone.

[00:02:23] Christina: Um, and, um, and it was one of those things where I was just like, yep. Okay. This, I was like, you get one, you get one Rick roll of an April Fool’s day. And this is, this is a good one. Cause like, that’s, that’s it.

[00:02:34] Brett: I saw a meme that said, Happy April Fool’s Day, the one day of the year when people critically assess information on the internet before accepting it as true.

[00:02:45] Christina: is very true. And it’s also like very awful that it’s like, we acknowledge, it’s like everybody’s a fucking expert on April Fool’s Day. Um. And, and then, yeah.

[00:02:57] Brett: What was your favorite April Fool’s [00:03:00] prank as a kid?

[00:03:05] Christina: I don’t even, I don’t even know. I, I used to buy like, um, stuff from, from, from Spencer’s. Um, there would be like, joke stuff. And I’m trying to think like, what I had. I think I might have had like, fake vomit or something.

[00:03:18] Brett: Do you remember back when sinks, kitchen sinks used to have like a spray nozzle that you could pull out on like a hose to like spray your dishes down back before, like everything was just part of the faucet. I used to, my favorite prank was to rubber band the lever on that. So when you turn on the sink, it sprays you right in the chest.

[00:03:41] Brett: Um, that was my go to April Fool’s prank that does not work anymore because nobody has faucets like that anymore.

[00:03:50] Christina: Um, okay, I did

[00:03:51] Brett: Also, I’m an adult now and I wouldn’t do that.

[00:03:54] Christina: right. Okay, and I actually did, I did find like, the one like, really good April Fool’s thing that I saw. This was funny. Okay, [00:04:00] so. And this one, um, this one almost got me. Not that I thought that it was ever real, um, but I thought that it might have actually been by the company it’s purporting to be because I didn’t, I didn’t clock the URL at first because it’s very good.

[00:04:13] Christina: So I’m going to send you, um, uh, I’ll let you read it.

[00:04:17] Christina: . I’ll put it in our chat. I’ll put it in our chat link. Um, okay. So. Um, and I’ve already, like, told you this is, like, fake or whatever, but for, for, for listeners who, uh, might, uh, not be old enough to remember, uh, and even some of those who are, uh, Gmail famously launched on April 1st, 2004.

[00:04:36] Christina: Um, let that sink in. And, and we all assumed it was kind of an April Fool’s Day thing because, like, it was a gig of, of, uh, storage and, you know, for free email for life and, and everybody was like, And at the time, you have to understand, I think Hotmail gave you like two megabytes, and I think like Yahoo Mail was something similar.

[00:04:53] Christina: And if you didn’t log into your account, like religiously, like they would fucking nuke all of your messages. And [00:05:00] so a gig was like, Unreal. And now, of course, they give you, I think, like 15 gigs. But, um, Google has, you know, over the years, uh, made a lot of questionable decisions. And one of the most recent ones was with their domain registry.

[00:05:15] Christina: They launched zip and mov. Um, Domain Extensions. And, and the security people were very mad, especially for zip. They were like, this is going to help with the spread of malware, this is going to be bad. So, go to this, this, this website, and it looks like the, it’s done to look exactly like the official Google blog.

[00:05:32] Christina: And it says, Google Registry. Execute your best ideas with Google. Google Registries, exe, Top Level, Domain. And then it has, you know, it says, you know, following the success of zip and move, we’re adding brand new extensions to the internet for everyone. Um, you know, whether you’re learning to code or deploying a helpful tool or starting a new community, exe has you covered.

[00:05:50] Christina: Here’s some examples from our developer community. Mydoom. exe, your gateway to digital innovation. Iloveyou. exe, transforming online interactions with love. [00:06:00] Melissa. exe. Empowering women through digital community, and those are, of course, three very famous viruses. And what got me laughing at this was that I didn’t look at the, I didn’t clock the URL at first and I was like, clearly this is fake.

[00:06:15] Christina: I was like, but maybe the registry team just has a really good sense of humor. I was like, damn, they’re like really self aware at Google. And then I clocked that the, that the URL is, is G O G G E L and

[00:06:27] Brett: Oh, I, I was looking at it. I’m like the, how is that not okay. That’s funny. That’s funny.

[00:06:34] Christina: So it worked twice, but what was also really funny about it is that the share, like the share button, they, um, they changed the share URL so that it actually went to the official Google blog.

[00:06:44] Brett: Oh, that’s funny

[00:06:45] Christina: So yeah, this was like a good one and, and this was like, this, this, this, this, this, this was like a really good one.

[00:06:50] Christina: I was like, okay, I’m, I’m down with this cause this is, I genuinely at first thought I was like, You know, for like, you know, 15 seconds I was like, [00:07:00] Oh, Google is actually self aware. I’m, I’m a little surprised. And, and instead it was like, no. Um,

[00:07:07] Brett: be, to be fair. Dot app is a TLD, um, on the Mac side, but it doesn’t have the same implication 'cause an app is a bundle and it wouldn’t have the same implications as an executable

[00:07:20] Christina: well, right. And I think the other thing too is just like more malware is like, if we had as much Mac, um, not like malware, like if Mac was, if Mac mattered, right. Like, well, I mean, just being honest, right? Like, in terms of an attack service, if it mattered the same way, I do think that would be problematic.

[00:07:36] Christina: Um, but also, and I wonder your thought on this, the fact that we don’t see file extensions on macOS, do you think that that

[00:07:45] Brett: I turn on file extensions.

[00:07:48] Christina: Sure, but like, for, you know, like, even if your applications?.

[00:07:53] Brett: Yeah, I do. I’m looking at my screen right now. I got dayone. app, debughelper. app. [00:08:00] Um,

[00:08:00] Christina: I have, like, I have

[00:08:01] Brett: don’t function well without extensions.

[00:08:04] Christina: I have extensions on, not for app, but I, and I, um, I, whatever the default is, which is, you know, mp4, png, whatever. But there’s some things that like, but by and large, like you can even have like a world in like macOS where like you don’t have. You know, you just give something a filename and it’ll show up, you know, as like a document file and you don’t know what it is.

[00:08:24] Christina: That’s not a thing in Windows. Um, so I, I wonder if that has any kind of role in it too. Um, that like, even if you, like, even if people used, like, targeted Mac the same way, if the fact that like, most people don’t realize that app is the bundle name, you know, that So I don’t, I don’t know if that would, if that would matter.

[00:08:43] Christina: Cause I think, I think a lot of people would be like, what do you mean, what do you mean by dot app file? Like if I said that, I think to even like experienced Mac users, they’d be like, I have no idea what you’re talking about. What the fuck is the dot app file?

[00:08:54] Brett: I don’t, I don’t have no data to say that’s true or is not true. Could be, could be [00:09:00] entirely true. I don’t, I don’t hang out with experienced Mac users, I guess.

[00:09:05] Let the Apple Bitching Commence

[00:09:05] Brett: Um, so anyway, um, while we’re talking about Mac, um, before we get into any kind of mental health corner, I wanted to say Messages. Logged me out on my Mac, and it will not log me back in with any of my Apple IDs or, um, or a phone number.

[00:09:29] Brett: Like, I go through the process, I get the password correct, guaranteed, cause I use a, uh, I have a secret system. I have key bindings that insert my different passwords.

[00:09:42] Christina: bindings? Seriously? Um, you?

[00:09:46] Brett: It’s a sequence. It’s a very secret sequence, but to be fair, most of my system passwords are stored in the key bindings dict file, um, as plain text. So it’s super insecure, [00:10:00] but I just don’t. My Mac, the one that that’s set up on, nobody else touches. Um, and it’s very well protected network wise, so I don’t worry about it.

[00:10:11] Brett: So anyway, I know the password is correct and it’ll spin for about two minutes and then it’ll say an unknown error occurred. And it will timeout. And I cannot get messages working on my Mac, uh, for the last three days. Now I’ve talked to other people, including yourself, who are not having issues. Um, this isn’t a system wide problem.

[00:10:34] Brett: Uh, but I have had people contact me previously with the exact same issue. Um, and I don’t know how or when it clears up. I I’ve rebooted, I’ve restarted. And it’s, I’m missing, I’m missing a lot of messages because when I’m working at my Mac, I don’t know, my phone doesn’t

[00:10:56] Christina: It doesn’t. No, totally. Well, and yeah, oftentimes that is a thing, like, it’ll be [00:11:00] like, oh, if, if we’ve sent a message to one thing, we won’t others, and it’s other, it’s just a context switching thing, right? Like I, like, I find I’ll miss things because I often have like do not disturb turned on on my Mac, but my phone still won’t send me messages or I won’t get them the same way.

[00:11:13] Christina: And I’m like, all right, fine. Whatever.

[00:11:15] Brett: It’s a little opaque how that works, but yeah.

[00:11:18] Christina: very opaque how that works because Apple wants to make everything a fucking black box. So while we’re bitching, let’s bitch about that too. No, I’ve had that issue before. Um, it’s been years, but I have had that issue before where like my, my max of just hasn’t worked. And then it’s usually cleared itself up.

[00:11:33] Christina: But that’s the, this is the frustrating thing is that it’s like, there’s no way to get any insight into this. All you can do is like file feedback. I’ve got to file feedback about a fricking notes app issue. Um, And, um, where the note that I see, a collaborative note that I see, um, on my phone and my iPad is different than what it is on my [00:12:00] Mac.

[00:12:00] Brett: What?

[00:12:01] Christina: Yeah. Where, like, the one on my phone, I see actual, um, oh shit, it is also fucked on my other Mac where I’ve never looked at this before. And so I’m, like, literally got this thing where I made a bunch of edits And it looks one way on one of my Macs and it looks a different way on every other device. And so I don’t know, and it’s a shared note, so I don’t know what the actual point of truth is.

[00:12:27] Christina: And like, yeah, um, I talked to somebody about this and they were like, file a radar

[00:12:33] Brett: What app is this in? In

[00:12:34] Christina: notes, notes. So it’s an iCloud sync thing, clearly, um, where it got a version wrong. And because The system is the way that it is instead of being like a, you know, in my opinion, sane system that would treat people like adults and, and be able to also, um, explain context and in a way that you could do it in a very user friendly way and say, Hey, we see two [00:13:00] versions of this.

[00:13:02] Christina: You know, which one do you want? It just is a failure where it appears one way on

[00:13:10] Brett: guessing. It’s just showing you, it’s showing you random versions. Sure.

[00:13:14] Christina: Right, and it’s like, okay, well, like, that’s exactly what I want out of my fucking notes app. Are, like, are you kidding me? No, you have one job, literally, you have one job, which is to be the same everywhere.

[00:13:26] Christina: And you can’t do that. And we accept this sort of shit from Apple, and I don’t know why we do, because every other company that fails even the slightest amount, we rightfully, like, Bitch about them and they get terrible reputations. Like, like, like, you know, like, like, like Office, I think unfairly because I think the offline or not offline, but like, you know, like the, the standalone apps are actually very good, but like people shit on Microsoft Office a lot.

[00:13:50] Christina: And I’m not going to lie to you and say that the real time collaboration stuff is as good as it is on Google Docs. It’s not as fast or whatever, but it is better [00:14:00] and certainly sync on, um, every other platform. Every other platform is superior to what Apple does, and yet, like, if, if, if, if, if, if Dropbox, if Google Drive, if OneDrive, like, if any of them had any of the sync issues that iDrive, or not iCloud, still has.

[00:14:19] Christina: Fucking almost 15 years into its existence. Genuinely. Like, it would be the talk of, it would be like a constant joke. Like, nobody would accept it. I don’t understand how Apple gets away with having such piss poor, like, just genuinely, like, amateur tier, just like, bad, like, full blown unacceptable sync performance.

[00:14:42] Christina: I don’t understand it.

[00:14:44] Brett: Bush League. Yeah, no, I, I don’t.

[00:14:47] Christina: and they charge so much for it, right? I pay 38 a month or whatever it is for Apple One Premiere, my family plan, and it’s like, and that’s fine. It is what it is. And like all the services, none of them are best in class. Not a [00:15:00] single one. Not a single one.

[00:15:01] Christina: Apple Music is not better than Spotify. Apple TV is not better than Netflix. iCloud is not better than Dropbox. Um,

[00:15:09] Brett: wait, wait, wait, wait. You can’t, Apple TV versus Netflix is, do you mean like versus like, um, like Roku or?

[00:15:18] Christina: I mean like Apple TV

[00:15:20] Brett: Oh, oh yeah, okay. Okay, I thought you meant like the Apple TV

[00:15:25] Christina: no, no, no, no, no, no, no, because I’m talking about the services that you get in Apple, uh, One Premiere.

[00:15:30] Brett: yeah, okay.

[00:15:31] Christina: So like Apple TV is not better than Netflix, uh, Apple Music is not better than Spotify, um, Apple News is dog shit, um, uh, Apple Arcade is not better than, um, I guess the next closest thing to that would be Game Pass, and that’s a real, like that’s not a, uh, competition that Apple wants to get into because, They will lose on every fucking level, um, as they should.

[00:15:53] Christina: Um, uh, you know, um, again, like, uh, iCloud is not better than Dropbox or Google [00:16:00] Drive. Um, it just happens to be more convenient because they can, you know, build certain API. Right. Well, because, because they can now give them self entitlements that they won’t give anybody else. Um, you know, like, like health, who fucking cares?

[00:16:14] Christina: Like, or fitness plus or whatever, who fucking cares? Like, it’s one of those things, like genuinely.

[00:16:18] Brett: It’s just there to make you feel bad. You’re paying for this as part of your,

[00:16:22] Christina: Right, right. Yeah, this is like a

[00:16:24] Brett: you’re not using it because you’re

[00:16:26] Christina: using it. Right. Well, you also it’s like people, well, but Peloton, there, there are other alternatives, right? Like, so it’s just, none of these things are best in class at all. And, um, yeah, they, they charge what they charge and everybody’s like, Oh, Apple’s the best.

[00:16:39] Christina: I’m like, no, they’re really not. Like I, I am in the ecosystem because I, I’m going to be a Mac user and I would never even consider another phone other than an iPhone. Yeah.

[00:16:48] Brett: why, why, uh, do you think it’s just marketing? Like they’ve positioned themselves as like untouchable yet forgivable? Like [00:17:00] everything you’re saying is true. Like, I don’t disagree with anything. I just don’t understand because there are a lot of critics in the Apple world. Why is the general population so willing to forgive these shortcomings?

[00:17:14] Christina: I think, if I’m being completely honest, it’s because the original, um, products were so good for so long that there has been two things. I think that one, there’s like a reputational, um, halo that has, that is no longer accurate, to be honest, but has persisted. And I think that it’s also a thing where people don’t realize how much worse it’s gotten and what the capabilities of other things are.

[00:17:43] Brett: I think, I think because it is an ecosystem, because once you have an iPhone and a Mac and an iPad, you are by default using Apple services. And I think a lot of people don’t have a point of comparison.

[00:17:57] Christina: what I’m saying. That’s what I’m saying. They don’t know. They don’t. That’s exactly what I’m [00:18:00] saying. Like, they don’t actually know, like, what the options are for other places.

[00:18:03] Brett: Yeah, that makes sense. I don’t, I don’t generally, like, I don’t use iCloud for much. Um, I use it if I’m sharing a Pages document, which is rare because I don’t use Pages much. Um,

[00:18:17] Christina: would you?

[00:18:18] Brett: right. So, because again, it’s not best in class. Um, I do, I do like Pages. Numbers is a joke. But, um, Anyway, like, I don’t typically use iCloud for much.

[00:18:32] Brett: I use Dropbox and Google Drive, um, and I don’t, I haven’t dealt with the kind of issues you’re talking about with your iCloud sync, um, because I, not because I don’t think

[00:18:44] Christina: No, totally.

[00:18:45] Brett: because I don’t

[00:18:46] Christina: Well, and well, the thing is, and it’s like, I haven’t had like massive issues in a long time, but they do happen from time to time. And when they do, it’s like a black hole because you can’t force things to sink and you can’t

[00:18:56] Brett: with no It sucks with notes because honestly, [00:19:00] the new version of notes in Sonoma is very good. It’s a great app. It, it, it sure locked a bunch of ideas. Um, and, and, you know, fine. That’s, that is what it is. That’s Apple’s ammo. Um, but. Yeah, it’s a, it’s a good app, but if it’s not reliable, uh, between platforms, which is kind of the whole idea, right?

[00:19:26] Brett: Like,

[00:19:27] Christina: whole idea. Yeah.

[00:19:28] Brett: that sucks. That sucks.

[00:19:30] Mental Health Corner

[00:19:30] Brett: Anyway, do you want to, do you want to do a quick mental health corner before we continue bitching about Apple?

[00:19:35] Christina: Yes. Let’s, let’s do that.

[00:19:38] Brett: I will kick it off. So I, I had that three months of insomnia, right? And, and I was, I was losing my mind and I tried multiple drugs. And then, um, my doctor finally gave up on the FDA approved, um, sleep beds, cause none of them had any effect on me and we switched to large doses of [00:20:00] gabapentin.

[00:20:01] Brett: I’m taking like 1, 200 milligrams of gabapentin a night, and I’m finally getting some sleep. Um, I talk a lot, apparently. Um, and, and at first, anything over 600 milligrams was causing sleep paralysis. Have you ever had that? Where like, you’re, you’re awake, but your body won’t move because Your body’s still asleep and your brain is like, just desperately trying to like get your body back in motion.

[00:20:29] Brett: Uh, you’re trying to like snap your fingers or kick your leg.

[00:20:33] Christina: think I’ve had it like once.

[00:20:35] Brett: Yeah. I

[00:20:37] Christina: but, but it’s not a common thing.

[00:20:38] Brett: it used to happen to me on occasion, especially if I fell asleep, like on the couch in the afternoon, uh, it was, it was more likely to happen. But first time I took 900 milligrams of gabapentin, it happened, um, within an hour. Uh, and then For three nights following that happened every night.

[00:20:57] Brett: So I went back down to 600, [00:21:00] um, and, and that was working okay. Uh, but then it kind of stabled out and now I’m up to 1200 and no longer getting sleep paralysis. So I am sleeping. I got into, uh, like the sleep medicine department of Gundersen clinic. Um. But they can’t get me in until July 30th, um, to do like a sleep study.

[00:21:24] Brett: So it’s just me and Gabba Penton until then. And yeah, I should, the other thing I wanted to say was, so I’ve been doing IFS therapy, which is all about like, um, finding all the different parts that exist within like, that you are a kind of legion. Um, and, uh, my My couple’s counselor suggested that Ella and I go on like a part state where we talk to each other’s parts instead of like to each other.

[00:21:56] Brett: Um, and that went pretty horribly at [00:22:00] first. Uh, but there was one point where like, I was feeling, uh, like My ADHD was making it impossible for me to research something fully. And then when Elle with her autism did research it, um, they were giving me all kinds of facts and I was getting frustrated that I didn’t know this to begin with.

[00:22:20] Brett: And I felt really shitty about myself and that made me defensive. Um, and they were like, Can you figure out what part of you is angry right now? And so I did a quick scan. I, I talked to this part that came forward and realized that like, my anger around my ADHD is not necessarily part of the ADHD itself.

[00:22:44] Brett: Like ADHD gives me some disabilities, but my frustration level around that Is a part that I can like deal with that. I can like talk to you and step in, like, there’s this like instant, like relief. [00:23:00] Um, and I suddenly wasn’t mad and our evening wasn’t ruined and it was, it was pretty cool. So props to IFS.

[00:23:07] Brett: And that’s my mental health corner.

[00:23:10] Christina: That’s great. I think that’s, I’m really, I’m really happy for you for that. Um, Grant takes Gabapentin, um, uh, to help his restless leg, but he still has massive restless leg stuff, and so he has massive sleep issues. But, um, I don’t think he’s on I have no idea actually what he’s on. I just know he takes it.

[00:23:30] Christina: Um, I don’t have much of a mental health update. Things are going pretty well. Um, I, um, you

[00:23:37] Brett: Your last, your last couple have been, um, pretty, uh, I want to say concerning. Like you’ve had some serious, so I’m glad to hear things have stabled out.

[00:23:48] Christina: yeah, yeah. I

[00:23:48] Brett: how long has it been since we talked? Like three weeks?

[00:23:51] Christina: yeah, but I think even last time we talked I was fine. Like, I don’t know. Um, it, it, you know, it’s been a few months since I’ve had any, I don’t know. I’m [00:24:00] fine for, you know, nothing really, nothing really to add of note. Um, but yeah, you know, just kind of same old, same old.

[00:24:08] Brett: I like your beanie. Um, in, uh, Riverside here, it’s showing up backwards. So it looks like the prism is turning into a single beam of light. Um, for, for those listening, it’s, uh, it’s the Octocat from GitHub in the middle with a beam of light going into it and a prism coming out the other side. Uh, but if, if you read the mirrored version left to right, it looks like a reverse prism, which confused me at first.

[00:24:35] Brett: And then I realized, Oh, I’m seeing it backwards.

[00:24:38] Christina: Right, right. That’s funny.

[00:24:41] Dimspirations Again

[00:24:41] Brett: Yeah, so, uh, let’s see, what topic do I want to direct a source next? Um, I just want a quick plug. Um, I made this thing called the Dimspirations Cube. Um, if you go to dimspire. me, um, you can click [00:25:00] on the Dimspirations Cube in the menu and It is a 3D spinning cube that every time it goes around, it has different inspirations on every side.

[00:25:11] Brett: And I finally got the, um, uh, set delay or set time out with JavaScript to actually, um, stagger so that the image on each side changes while it’s in the back. of the spin. So you never see the transition and it just constantly updates. It will kill your browser if you let it run for about 10 minutes. Um, it’ll eventually, you’ll get the note that says, this page is slowing down your browser.

[00:25:42] Brett: Would you like to kill it? Um, in, in any browser, um, which I want to add, uh, Uh, kind of, uh, caveat to the text on the page that says, Much like, much like life. If you, [00:26:00] if you exist too long, it will die. Or something dim. I want to do something dim. Um, I’m working on that still. But, uh, also the Demspiration store.

[00:26:10] Brett: Has a bunch of new merch, so if you need depressing t shirts or coffee mugs that will upset your co workers, uh, check that out. That’s my plug. I would love to hear, I would love to hear about XZ though, so I’m going to turn it over to you.

[00:26:25] The XZ Back Door

[00:26:25] Christina: Okay, so there was a massive, um, backdoor, there’s a, a, a potentially cataclysmic, um, security event in the last, um, uh, a week or so. Um, it wound up not being, um, cataclysmic because, um, frankly of a, a confluence of just like luck. Um. Um. But xz is the, is a compression algorithm. And, um, xz utils is, is, you know, kind, kind of like what, what, uh, manages that.

[00:26:52] Christina: And, and it’s, it’s, it’s used in, um, uh, like a, it’s, it’s a compression utility that’s basically used all over, uh, [00:27:00] like Linux systems. And it’s actually like a, um, a dependency in a lot of projects, including. And, um, it’s a, it’s an important project, but maybe not like a very sexy one. And it’s had like one core, you know, maintainer, the guy who kind of created the, the, the format and has maintained like kind of the, the utility or whatever for a long time.

[00:27:20] Christina: Um, and he’s, um, but, but he’s the only guy and he doesn’t do it for And, um, it doesn’t really, you know, have a lot of time to add features with it. Um, and then there’s this other person who, uh, the, the name that they were using, uh, to contribute was, was Jia Tan, and they’ve been contributing, you know, for about two years.

[00:27:39] Christina: And, you know, making some patches, doing, I guess, some other work off list is, is what the original developer said. And, um, This person was actually eventually made a maintainer. Now, a little bit of background about why this person was potentially made a maintainer. On the ex emailing list about two years ago, there were some kind of [00:28:00] fly by night, um, posters who now, it appears suspicious, but it’s, I don’t think we have enough information to read whether they were socks or not.

[00:28:11] Christina: Um, basically we’re, we’re badgering the maintainer to do more. We’re basically like, if you don’t have enough time and resources for this, then you need to just give this project to someone else. And, you know, you’re, you’re not doing enough. And he was like, well, you know, I’m not paid for this. And, you know, I’ve had mental health struggles and I have been working with this other, you know, person off list.

[00:28:29] Christina: And so, you know, they might even be taking a stronger role in the project, you know, stay tuned. And they’re like, well, I’m sorry for your mental health struggles, but. You know, basically, if you can’t, if you can’t do this stuff, then you need to just like, you know, pass it on because this is not acceptable, blah, blah, blah.

[00:28:43] Christina: And, you know, just kind of shitty, typical entitlement that a lot of open source people have. Um, and, and not just open source people, to be clear, like just a lot of people have. But it, but it is kind of a common, Um, you know, it’s not like when I, when I read through that interaction on the mailing list, [00:29:00] um, and, and there’s like some good rundowns that have this entire kind of timeline of things.

[00:29:04] Christina: Um, nothing about that particularly stands out to me. Here’s, here’s what we do know though. So this, this person who’s brought in as a code maintainer and who, uh, in January took over, um, the, like the webpage, which was put on GitHub and actually made the first kind of releases directly under themselves.

[00:29:23] Christina: They inserted a backdoor into XZ Utils that would, would allow people to basically be able to SSH into other machines without any sort of authentication. And so it was like a, uh, as root. And so, This was, this was a bad, bad thing. And the way that they inserted the backdoor was obfuscated. So if you just looked at the patch, you wouldn’t really be able to tell what was happening.

[00:29:48] Christina: And they’d made some other changes to some other code, like they inserted in a typo into one of the, the original maintainers, like the creators. Commit that wound up, um, I guess like, uh, like blocking a certain [00:30:00] security check or something. There were a lot of things that they were doing that would have made this very, very hard for anyone to pick up on.

[00:30:06] Christina: Then what they did, they released like one version and then they released like a point release. They went and they talked upstream to all the big Linux distros, you know, um, uh, uh, Fedora and Red Hat, uh, uh, Sousa, um, uh, Debian. Um, they, they were in talks with Ubuntu, um, about going ahead and upstreaming.

[00:30:25] Christina: that latest release into their distros. None of the mainstream, like the main release distros, long term support or official releases, adopted it. But like OpenSUSE, Tumbleweed, which is their rolling release, Fedora 40, which is at this point like Fedora is a bleeding edge thing, and Debian Unstable all did adopt it.

[00:30:47] Christina: And so, um, but it was only there for maybe a month. Um, OpenSUSE basically says to people, if you were running Tumbleweed, At this point, we think you need to do a complete system restore, um, just to protect against [00:31:00] everything. And then what happened is the code was there for about a month. It was never, um, acted on to anyone’s knowledge.

[00:31:05] Christina: Um, but, um, a Postgres developer, he works at Microsoft as his day job, but in his no night job, like, he’s just like an all around nerd, noticed that, um, That SSH on his machine, which was running Debian Unstable, was slower than it should have been by like a fraction of a second. He was like, what’s going on?

[00:31:24] Christina: And so as he was looking into the performance reasons for that, he realized something had changed within XZ, which as I mentioned before, is a dependency on OpenSSH. And he went further into the code and further into the code and realized what was happening. So, uh, But the thing is, is that this person up until inserting this backdoor had been an innocuous and, and fairly good committer.

[00:31:48] Christina: Like this, there was not, there was no flags that, that would have let this go on. They’ve been working on the project for two years. So, so it had to be state sponsored. Like in, in my opinion, there’s no way that this was [00:32:00] not a state sponsored thing. There’s no way. Um, the, the person’s name, they apparently had very good OPSEC.

[00:32:06] Christina: They, they did log, um, their names maybe a little bit different. differently a couple of times for their Git commits, but there’s no like reference to this person anywhere else on the internet other than, you know, the, the few, you know, like, um, uh, other kinds of related, um, uh, open source things that they made, um, uh, um, commits to.

[00:32:26] Christina: So this person did OPSEC really, really well. Um, there’s, there’s, you know, I’m sure there, there can be forensics and, and people can get involved, try to like, learn more about like where this person was, like. I think that most people assume because of the name that the person was, um, uh, Malaysian or, or Chinese, um, but the, the time zones they worked in makes it seem like they possibly could have been based in Eastern Europe.

[00:32:50] Christina: It’s unclear. Like, the whole thing is though, like it’s a, it’s a cypher, but it probably, it almost certainly was state sponsored and it’s opened up a lot of questions. In the open [00:33:00] source world, I think a few things, like one, it’s like, how many of these are out there, right? Like we caught this one, but how many of these projects are out there?

[00:33:08] Christina: Because if you were doing a state sponsored thing like this, you probably wouldn’t target one. You’d probably target like a bunch of different projects. So how many of these things are out there? And, and I think that’s like a good question to have. And like a scary thing to consider because there just isn’t enough, like open source, a lot of it runs on trust.

[00:33:23] Christina: And, And it’s easy, it’s easy for people to be like, Oh, well, you should demand, you know, a W 2 and like a social security card and like a photo ID from every person who commits to your code base. That’s not how this works. And that’s never been the culture. People use, you know, um, acronym, you know, like aliases all the time to contribute.

[00:33:41] Christina: You know, people never meet each other face to face. You have people who, that’s just not how it works. And pseudonym,

[00:33:46] Brett: sure. And if someone is contributing valid code, you know, over two years, if someone is like, that’s how you build trust in open source is you, you make, you make solid patches, you make solid commits, [00:34:00] and

[00:34:00] Christina: you take over

[00:34:00] Brett: people are like, this guy knows what he’s doing. Yeah.

[00:34:03] Christina: you take over for a maintainer who has already been put upon and hasn’t been supported. Like, there’s like a lot of, um, you know, yeah. Like this was a really long con. So, you know,

[00:34:15] Brett: pretty

[00:34:15] Christina: of this. It’s really insidious and it’s really scary to think about, but I think the bigger thing, like other than just like how many more of these instances are out there, because there are many of them.

[00:34:25] Christina: And, um, just like with Heartbleed, which was almost exactly 10 years ago, you do have the usual sources who are trying to be like, yeah, well, this is why I don’t

[00:34:31] Brett: years.

[00:34:32] Christina: 10 years. Literally, it’s 10 years tomorrow. Um, that Heartbleed, you know, the, the, the big, the first real famous, you know, um, uh, vulnerability.

[00:34:42] Brett: vulnerability.

[00:34:44] Christina: Um, oh, that was SSL, but yeah,

[00:34:46] Brett: Oh yeah, yeah,

[00:34:47] Christina: but like, but you know, which I think the only reason that was mitigated so well was because they made it, you know, they gave it a brand, gave it a website and, um, But, you know, I’ve seen some people make, you [00:35:00] know, comments, well, this is why I don’t trust open source software.

[00:35:02] Christina: I’m like, well, okay, first of all, your proprietary shit is not any better. Don’t get it twisted. Also, you can’t escape it. Like everybody, like, you know, something like, like 60 something percent or 70 something percent of code, like from when they do audits, like all software is like made up of open source libraries.

[00:35:20] The Future of Open Source

[00:35:20] Christina: Um, it’s just a fact. But like, for me, the bigger thing is, Okay, so you have this important dependency, this project that all these people rely on, and it’s just like with, with Heartbleed, with OpenSSL, where in that case you had this incredibly important project that was made, that had one full time employee.

[00:35:38] Christina: In this case, you have one person who’s been the maintainer, who’s not paid for it, who’s not supported by anything, and it is yet this crucial project. And, and it’s just kind of Okay, well, like, what are we doing? Like, it’s great that the code is all out there and that people are willing to volunteer and do stuff, but companies make, like, real money off of these things, and, and what are we going to [00:36:00] do to create sustainable environments for people to, um, you You know, contribute.

[00:36:06] Christina: And what are we going to do to like audit and make sure that these really important projects like that you don’t just have like one guy with burnout who, to be clear, even if he hadn’t had burnout, like this sort of situation could have caught anybody, right? Like you could have had a really, really strong, you know, complete system.

[00:36:23] Christina: And if somebody had built enough trust, this, this sort of thing could have gotten in, right? But, um, It makes it harder when you have people who like, you know, millions and millions and millions of things depend on this. Um, maybe not millions, but definitely hundreds of thousands, you know, packages depend on this thing.

[00:36:43] Christina: And it’s not like a priority. Like no, no, like if nobody used you to check in and be like, Oh, should we make sure that we can have support contracts or that we’re giving money to this guy or that we’re making sure that like, this is a sort of thing that has support so that we can. Check on this. Or at the very least, like, [00:37:00] we should do, you know, audits every five years on the, you know, X number of, you know, dependent upon packages.

[00:37:06] Christina: I don’t know. I just feel like we have to have, like, broader conversations about, like, how do we support people who do this and, um.

[00:37:14] Brett: Yeah. It gets weird because like I run the Oracle DevRel GitHub org and the whole reason that we have a separate, uh, organization for DevRel is because we want to make it as easy as possible for people to contribute. Uh, for people to contribute working non production example code. But in order to make it easier, we have to circumvent a lot of the security measures.

[00:37:46] Brett: Like we have kind of, it’s like a buddy system where we have to, we have to trust one maintainer who has to review every pull request and approve it. So there’s like an audit trail, but every repo has [00:38:00] a different. Maintainer, and we trust them because they have an Oracle email address, um, and that’s basically all it takes to become a maintainer on any of these repos.

[00:38:12] Brett: So, um, this is, this isn’t like core libraries that are going into other code, but it is code that is being executed by, you know, thousands of people who are using it and, like, It’s that trust issue. Like the, I don’t, I don’t think that open source could maintain the forward momentum it has if we had to restrict it.

[00:38:46] Brett: With additional security measures. But based on this, I don’t know if there’s another way, like this is, this is a big conversation to have.

[00:38:55] Christina: well, and the thing is, though, I don’t know if the security measures here would have helped necessarily, right? Like, I think it’s definitely one [00:39:00] of those things where, like, it, you, you can make an argument that, um,

[00:39:05] Brett: Sure. Like even if he’d met him in person, it sounds like the guy knew everything he had to do to build up the necessary trust.

[00:39:13] Christina: right, right. I think, I think for me, the bigger thing is, it’s just like, okay, what, what do I need to do? Like, what, what do we need to do to make sure that, like, we don’t just have these single, these single projects?

[00:39:27] Brett: sure, even if, even if you had someone that truly was trustworthy, um, and a state decided to pay them enough money to turn that trust into a vulnerability,

[00:39:41] Christina: Oh, that’s

[00:39:42] Brett: um, So like you could have all the security, you could have someone completely vetted for maintaining a project and enough money, enough, uh, threats, enough, you know, whatever a state sponsored attack [00:40:00] would look like, um, you could probably turn a trusted, uh, operator into, uh, a vulnerability that, yeah, that’s messed up.

[00:40:10] Brett: Because you’re right, like, this code, these open source projects are the basis, the foundation of so many, um, even, like, corporate projects, like,

[00:40:21] Christina: Oh, yeah.

[00:40:22] Brett: uses, Oracle uses a lot of open source, like, and, and

[00:40:27] Christina: Everybody does. Everybody on the planet does. Like you can’t not at this point, like it’s, it’s almost impossible not to, you know?

[00:40:34] Brett: Yeah. Oh man, this is

[00:40:36] Christina: So it is problematic, but yeah, but I just, I hope that we can do more to like hopefully help like, I, I just feel really bad for the original maintainer who was clearly burnt out and, and wasn’t, you know, nobody, nobody seemed to care.

[00:40:49] Christina: Right. Um, and, and, and it wasn’t even on anybody’s radar. And I mean, it’s also one of those things that it’s like, you know, I don’t know, I If there are these, even [00:41:00] when I think about trust, I’m like, and this isn’t to any way knock any people who work on these projects, but if you have these, these dependencies that are incredibly important and that are incredibly insidious, maybe we should be doing audits of them.

[00:41:09] Christina: Like that’s like open SSL was, was one of those where nobody, you know, I found this thing that I wrote 10 years ago about, um, open source and says, you know, you know, Heartbleed exposes a problem with open source, but it’s not the one that you think. And everything that I wrote, like, unfortunately.

[00:41:27] Christina: Completely still accurate today. And, and it’s just, it’s disappointing that we haven’t found a way to make those things more sustainable. Especially when people make money off of this. And, and it’s, there are things we can do. Like I know we’ve internally at GitHub, we’re trying to talk about how we can maybe do more to Surface what some of these important projects are, but we’ve gotta like do that where we have to do some more serious audit trails.

[00:41:49] Christina: And like, certainly I know the Linux kernel is going to be taking a lot of steps to probably, you know, beef up what they’re, you know, willing to do and, and at the [00:42:00] distro level, right? Like, I’m sure there are a bunch of conversations happening now from people about, okay, like, are we accepting this new code version or not?

[00:42:07] Christina: And what are we doing and, and what, what sort of auditing are we doing because this. Yeah, it’s really bad.

[00:42:16] Brett: All right. Well, that was a, we have a lot of complaints today.

[00:42:19] Christina: We

[00:42:19] Brett: Complaining about Apple, complaining about open source in general. Wow.

[00:42:24] Christina: complaining about people abusing stuff, I don’t want to complain about open source per se.

[00:42:29] Magical Keycaps

[00:42:29] Brett: Yeah. So before we get into Graptitude, there’s one topic I want to know if you have any experience with. Um, have you ever bought resin key caps for mechanical keyboard?

[00:42:41] Christina: Resin ones, no.

[00:42:43] Brett: so I’m holding up a key right now that has. It’s like an interstellar key that’s clear resin. And I have ones that have Koi, I posted a Flickr image in the Quip Doc. [00:43:00] Um, I have ones that have Koi swimming around in them. One with Mantis Ray, I’m getting one that has an astronaut inside of it to be my hyper key.

[00:43:09] Brett: Um, some of the ones I ordered, I accidentally ordered SA profile instead of OEM profile. So I lost like a hundred dollars worth of. Because they’re like 40 bucks a piece for these keys, uh, 20 to 40 bucks. But Etsy is full of crazy ass resin keycaps. And by the time I’m done, my, my, I want my keyboard to be, um, symmetrical and cool looking, but I keep trying different different creators and different resin keycaps trying to find the one that I want to like proliferate around my keyboard.

[00:43:44] Brett: I love the Koi ones, but they don’t backlight. Um, and so they look dark on my otherwise backlit keyboard. And like, I have all ceramic keys now. I’m really loving this. And, and now just as I’m getting this keyboard [00:44:00] put together, I started looking into like lily keyboards and, and like, Like the newer versions of Ergo Docs keyboards.

[00:44:09] Brett: I have an ergo docs I need to update, but like some of these that are, that have like a splayed thumb key, uh, organization and, and, and very minimal like actual keys, like everything is done with layers. Um, I am going nuts with keyboards right now, but these resin key caps, oh, by the way. If you want to get into crazy ass keyboards, but you don’t want to do a bunch of soldering, go to Etsy.

[00:44:42] Brett: There are creators on Etsy that will give you pre soldered keyboards of any of the like crazy cool, even the ones that like curve up. Have you seen these? It’s like splayed and then the keys, like the whole thing curves up and. [00:45:00] Yeah, it’s, it’s nuts. I’ll post some links in the show notes. Um, and I really, before I invested in one of those really crazy ones, I would want to try it.

[00:45:12] Brett: But I live in an area where there’s like, no meetups, there’s no meetups. And I have like no friends that would have this kind of keyboard that I could try out. So I might look in Minneapolis, see if I can find like a meetup where everyone will bring their crazy ass keyboard and I can see what actually feels good. Um,

[00:45:32] Christina: I hope. That’s cool. Yeah, no, I do know Etsy is a thing where you can do some of that stuff, but no, that’s fun.

[00:45:38] The Future of Blogging

[00:45:38] Christina: Oh, did you want to talk about your blog? About how blogging sucks?

[00:45:41] Brett: Yeah. How much time do you have?

[00:45:43] Christina: Let’s do it.

[00:45:44] Brett: Um, yeah, so I, and I, I, I posted, uh, uh, kind of just opinion piece on the state of, um, blogging in, in 2024, [00:46:00] um, and I feel like it could have, I could have, um, Steel man some of the arguments, um, by offering some actual numbers and I may go back and revise the piece and try to organize it a little bit better because it was very stream of thought, stream of consciousness.

[00:46:17] Brett: But, um, I have watched mine and Other blogs that 10 years ago, like we were, we were sharing each other’s links. We were getting mentioned on like Lifehacker and News Hacker, uh, Hacker News, and during Fireball, you’d get fireballed once in a while and it would all result in, uh, Increasing your readership.

[00:46:42] Brett: Um, you would see it in your traffic stats. You would see it in your RSS stats, and that is not happening anymore. Um, my blog has gone from about 20, 000 page views a day to more like 20, 000 page views [00:47:00] a week. So. What’s that, a 70 percent decrease? I don’t do math well. Um, but, like, traffic is down. My, I have about 35, 000 RSS readers, and that number hasn’t grown for like 5 years.

[00:47:20] Brett: Uh, despite like projects like Bunch get written up in fucking German print magazines, blogged all over the place, mentioned on like, uh, Automators with David Sparks, and I get like a lot of downloads because of that. But the readership does not increase. Like, it used to be, like, Mood Blast. Back in the days when Tuas started, when David Chartier at Tuas started covering Mood Blast, like, I watched, I watched my, my daily traffic go from, like, a hundred visits a day to a thousand visits a day.

[00:47:56] Brett: And that sustained. Like, that was sustainable. And [00:48:00] then you’d get Doug. You remember Digg? Of course, you remember Digg. You have a fucking didactic memory. Um, so, like, you’d get dug, and those people would stick around. But now, it’s like, now instead of newsreaders, people are using social media. And we share our links of interest into social media, where even our own followers have a hit or miss chance of seeing them because of, you know, The algorithm, quote unquote.

[00:48:28] Brett: Um, and like people are, they’ll make one visit and then they’ll go back and expect the next cool thing to show up on Twitter instead of, um, you know, adding this cool site to their RSS feed. Like nobody, that’s just not a thing anymore. Um, so there’s no way for an independent blogger to build reliable, sustainable traffic.

[00:48:54] Brett: Not in the way that it was 10, even 20 years ago. Um, so that’s what the [00:49:00] piece is about. It’s, it’s just, it’s accepting things have changed. Like the header image for the post is Clint Eastwood from Gran Torino. Uh, because it really, by the time I was done with it, it felt like a real get off my lawn kind of post.

[00:49:17] Brett: Um, but it’s not. It’s just, I don’t have the hustle. I watch people that succeed, like on YouTube and TikTok, and kind of these Newer platforms and medium and, uh, what’s the sub stack, which everyone’s fleeing from now, but like people who succeed on those platforms have a level of hustle that I just don’t, I just, I don’t have that energy.

[00:49:44] Christina: Well, I wonder if that’s what the difference is, if I can be, like, bold enough to maybe, like, question that. Right? Like, I don’t disagree. I don’t disagree with, like, the core of what you’re saying. Like, the way that we discover and get content now is different. And blogs, like, if I were to talk to somebody today and they’re like, oh, I want to [00:50:00] start a blog today, and they’ve never done anything else, I wouldn’t, I would say, maybe have a newsletter.

[00:50:06] Christina: Right? I would say, like, you know, maybe you can still do your blog, but maybe do a newsletter, and I would say, you know, you’re going to have to be active places like, you know, like, uh, Threads, or, or, you know, Mastodon, Thread, Threads is much more normally focused. Um, You know, potentially look into, you know, doing some video content, if that’s the sort of thing you want to do.

[00:50:29] Christina: If it’s just text based though, like newsletters, uh, for at least the last like six years have been, um, a much, um, more common medium for, for people to kind of get used to and it kind of took over blogging. But I think the secondary part, like you said, like people who like you said, have the mediums and the sub sacs and all that, they have a hustle.

[00:50:47] Christina: I think, I wonder how much of it is that, right? It’s that like, you know, You’ve done this consistently for a really long time, and so you have your core audience of people, but if you want to grow that audience, I think, I don’t know, I [00:51:00] think there’s an argument made that like, there is a certain amount of hustle you have to do, and you probably, you had that hustle when you started, Getting into this stuff like 20

[00:51:07] Brett: but I’m 45 now and I just don’t, I

[00:51:10] Christina: Yeah, and I don’t blame you I

[00:51:11] Brett: energy to start again.

[00:51:13] Christina: I don’t blame you. I but I just I just I don’t know I feel like that’s the real thing is that the the hustle never stops like some people can you have to be content with okay? Well, then my audience isn’t gonna grow.

[00:51:25] Brett: So the other point in this post though, is that even those who hustle, um, the, the revenue stream is heavily geared towards the platform now, um, where you are hustling to make content that you don’t own. You know, the platform you put it on owns it and the platform that you put it on monetizes it and you see a fraction of, of ad revenue come to you.

[00:51:53] Brett: Um, and so in order to succeed, you need a million plus viewers,

[00:51:59] Christina: Um,

[00:51:59] Brett: [00:52:00] you can

[00:52:00] Christina: we’re going to be very targeted and what you’re doing and and have loyal audiences and be able to do like if you’re not

[00:52:06] Brett: Patreon or

[00:52:08] Christina: Right. Yeah. Like Patreon, um, or be in markets where people like, you know, uh, brands will recognize you. Advertising right now is bad and digital, um, for everything, basically everything but video and, and even video, the rates I’m, I bet are, I don’t know this definitively cause I, I don’t, I don’t have any, um, uh, knowledge on this and, and the video CPMs are, are, uh, a weird black box anyway.

[00:52:31] Christina: Uh, YouTube really doesn’t like to share that. And, and weirdly Influencers, and I think this is to their detriment, um, don’t share like what sorts of money they get from sponsors and stuff. Like it’s not a discussed thing, even amongst podcasting and stuff, right? Like it’s, well, which is so stupid because we do talk about salaries now, like levels on FYI, you can see exactly what you should be making, um, in a tech job anyway.

[00:52:55] Christina: Right. And they, those exist for a lot of industries. We finally got to the point where we’re willing to talk about salaries, [00:53:00] but yet we don’t talk about like, okay, what are you getting paid for a sponsorship? And. Um, and for advertising, when you have those direct relationships, I’m not talking about programmatic, which is a completely different thing and is bad and will always be, you know, to the bottom, right?

[00:53:15] Christina: Like, those rates will never be good and it’s always a volume play. But, um, I think that the only place where, you know, uh, like advertisers are really willing to spend money right now, because digital advertising in general is just really taking a beating right now, is on video. Um, but, but on that, right, like you’re right, you are dependent on the algorithms, you’re dependent on the platform you’re on, you’re dependent on, you know, what you can get, and, and it’s hard to build, like, loyalty around that.

[00:53:44] Christina: Um, And, and it’s sort of ironic because you have the people at the first wave of the web, right? Like, you know, people like you and John Gruber and Neil Dash and, you know, like Merlin and people who were like all part of this early wave, like did really well. Um, and, [00:54:00] and, you know, most people kind of succumbed the, or not, not succumbed, like were able to, were, um, able to resist succumbing to the, um, you know, um, I guess, Lores of those big platforms.

[00:54:13] Christina: But yeah, I think that’s just the world that we’re in now. And if you do want to stay at it though, you have to

[00:54:20] Brett: so my. My point is that that world that we’re in now is geared toward platforms and not creators and that and that things have changed and it’s not to the benefit of original content on the web.

[00:54:38] Christina: No, absolutely not.

[00:54:39] Brett: So yeah, so you agree with my thesis.

[00:54:41] Christina: completely agree with your thesis. I totally agree with your thesis. I think I just only, my only disagreement a little bit is that it’s just almost like

[00:54:50] Christina: the It’s definitely harder than it was 20 years ago, and the circumstances are different. But [00:55:00] there is, like, and you’re not wrong that even if you put in the hustle, your returns would not be what they were back then. But I feel like, no, I think, I think you nailed it. Like, what’s happened is, is what’s happened.

[00:55:13] Christina: I just think that, like, at a certain point, like, I don’t know. I guess I’m more jaded because I just, I’ve, I’ve seen this evolution happen over the last, like,

[00:55:20] Brett: Well, you’ve been part of it. Yeah,

[00:55:22] Christina: Yeah, but it is disappointing. Um, I think, I think what sucks though, is that for the average like Reader or listener or whatever, like, on the one hand, the platforms made it easier for them to maybe find and discover things and have to do less work, right?

[00:55:41] Christina: But then on the other hand, like, I, I wonder how many people, like, cause I’m, I’m guilty of this myself, right? Where they’ll be like, Oh, I used to read this person. I used to do this thing. And then you fall off, right? Because you don’t see their content recommended anymore. You don’t see their, you don’t

[00:55:54] Brett: Yeah. And, and newsletters, newsletters show up in your inbox and, and you keep up with them. And I think [00:56:00] newsletters are a valid, um, a valid way for creators to expand their audience. And every newsletter that I’m part of asked me to. You know, become a Patreon subscriber or whatever platform they’re on. Um, and that, that seems to be a way to make money.

[00:56:15] Brett: Um, in a way that trying to break into like YouTubing that takes, you need, there’s an investment to become like a well known YouTuber.

[00:56:29] Christina: Oh yeah.

[00:56:30] Brett: you, you don’t do that without a team, without equipment. Like there’s

[00:56:34] Christina: don’t want to say that about a

[00:56:35] Brett: an investment.

[00:56:36] Christina: You don’t necessarily have to have a team, but you do need to have time and equipment and hustle. Like, you cannot do video without hustle, and it’s a grind, but I have watched channels go from very small to very large over the course of a year. And, People who are, you know, not, like, being funded outside things, like, that’s definitely possible, but it takes [00:57:00] a lot of work, right?

[00:57:01] Christina: Like, all

[00:57:02] Brett: of hustle.

[00:57:03] Christina: a lot of these things take a lot of work, whereas, I think 20 years ago, it was one of those things, you had a blog, and everybody else who knew about blogs would find you, and that’s just not the

[00:57:12] Brett: and all you had to do is make good shit and, and you would be, you would be rewarded for making good shit. Anyway, um, quick sponsor break. This episode is brought to you by nothing. Um, are you overwhelmed by choices when it comes to your disposable income? Try nothing. It’s inexpensive, and if you try it, you’ll be surprised how much you don’t miss something.

[00:57:37] Brett: Head to dimspire. me and follow hashtag dimspirations for more cooking tips.

[00:57:44] Grapptitude

[00:57:44] Brett: Um, so that brings us to, uh, Graftitude. Are you prepared for Gratitude? I, I kind of picked mine last, last minute. I’ll, I can go first if

[00:57:56] Christina: you go first.

[00:57:57] Brett: while I

[00:57:57] Christina: yeah, you go first, because I’m trying to, I’m trying to think about what I wanted [00:58:00] to choose, so go

[00:58:01] Brett: Um, my pick for the week is Screens, which I don’t know if we’ve talked about before. I’ve lost track.

[00:58:07] Christina: have, but, but, but talk about it anyway.

[00:58:10] Brett: Um, they, they recently pulled out of, uh, Uh, I think they were on set up, but I had

[00:58:17] Christina: are only in the Mac App Store now.

[00:58:19] Brett: yeah, and I believe they’re subscription only now. Uh, which,

[00:58:23] Christina: But you can pay for a lifetime for the thing of, it’s just expensive.

[00:58:27] Brett: I get it. I like, I got a free lifetime license cause I’m that cool.

[00:58:32] Brett: But, um,

[00:58:33] Christina: I paid for mine. Um, I think, I, I think, and I, I was trying to do the math in my mind if it was going to be like worth like doing the lifetime or doing the yearly. I did do the lifetime, but yeah, but I think it was for a family, it was expensive, but well, not expensive. It’s good. It’s good for what it is, for sure.

[00:58:46] Brett: yeah. Screens is in my opinion, the best VNC client. Um, I. Don’t know what happened with, um, you know how in, on a Mac, when you load [00:59:00] up a server, there’s a share screen

[00:59:03] Christina: Yeah.

[00:59:03] Brett: button. Um, I just, it, I, I hate the built in, like what used to be remote desktop, like. Screens fills in all the blanks, all the password saving, all the shared clipboard, all the file drag and drop.

[00:59:20] Brett: Uh, you can mask a remote screen so that people can’t see what you’re doing on the machine you’re controlling. Um, so in like, uh, shared environments that can be really important. And, uh, you can, uh, If you’re sharing a screen with somebody who’s active, you can like share control of the screen or, or take full control of the screen.

[00:59:42] Brett: And all of these things that kind of, I’m pretty sure remote desktop used to be pretty good at.

[00:59:47] Christina: Yeah, and, and they haven’t updated a remote desktop in like five years because

[00:59:51] Brett: do you even get remote desktop? Is it part of like, yeah, okay.

[00:59:55] Christina: have to buy it, and it’s in the app store, but it’s like 75 or something, or 150. It’s [01:00:00] more than, it’s more than screens. So screens for family, like the lifetime, well no, family is included for all of them, so screens is 79 for lifetime.

[01:00:07] Christina: Apple remote desktop, let me see what this is right now, um, or it’s 25 a year, um, So, uh, I think when I talked about it, uh, back in December, it had just The Screens 5 update had just come out. Yeah, Remote, Apple Remote Desktop is also 80. So they’re the same price, but it hasn’t been updated since, like it’s had, like it got like a point release update like five months ago, but it’s been at the 3.

[01:00:34] Christina: 9 series for, for seven years. Okay. So, so it is not an actively, like this is one of those products that Basically, like, I think the only valid reason at this point to buy Apple Remote Desktop would be if you were doing a lot of management of, um, Macs, like as a, as like a Mac admin, where you’re needing to install a bunch of service, um, patches and other sorts of things.

[01:00:58] Christina: And in that case, I’m going to be [01:01:00] honest, you probably have better MDM solutions. Um, then that, that would, that would work better than, than what Apple Remote Desktop does. So if you’re not like a, a Mac admin, if you don’t have a fleet of Macs that you’re trying to manage, that it is no longer like a program that you should buy, in my opinion.

[01:01:18] Christina: And, um, for regular users, when Apple, uh, nerfed, you know, kind of like the, the, the easier way for people to be able to remotely log in and they kind of, you know, like, like fucked a bunch of that stuff, like screens really stepped in. Um. to its, um, to its shoes. And I certainly think that for, the fact is, you know, you can also use it on iPad and iPhone and access things that way.

[01:01:43] Christina: Like it’s a really, really, really good app.

[01:01:45] Brett: Can, can remote desktop, uh, connect to Windows and Linux machines? I assume it’s a VNC. No. Cause screens, screens can. Screens, screens can connect to any VNC server. Um, and I run, I [01:02:00] run multiple Macs in my basement that have no displays attached to them. And I control them entirely with screens. Um, and I can have like all, both of my Mac mini servers and my local desktop all up at once.

[01:02:14] Brett: Um, and I can just drag files between them and, um, my key bindings still work on remote machines. And yeah, so that’s my pick. Sure.

[01:02:24] Christina: and I think screens is, screens is really good. I really like screens a lot, a big fan. I use it all the time. So, um, I’ve been looking at, speaking of like servers and Mac Mini’s and whatnot, I’ve been doing a bunch of research. Uh, I don’t know, maybe I’ll write about it. Who knows? For, um, Like, uh, kind of like, um, I guess OSs or, or kind of front ends for home servers or I guess, uh, other things.

[01:02:53] Christina: And so there is, uh, there’s one called, um, uh, RunTP. Um, it’s, uh, uh, R [01:03:00] U N T I P I, uh, dot I O. And, um, there’s one called, um, I’ve been making a, I made a list. Let me find this. There’s one called, um, Cosmos, and there’s one called, um, Casa OS. So there, there are a couple of these that I’ll put in, but I’ve basically been kind of like investigating various, so basically what these systems are is they’re just easier ways to run and, and kind of launch like Docker containers and, and apps on your home server server.

[01:03:39] Christina: Thank you. Without having to be completely just, you know, in, um, Docker Compose and Ansible Runbooks and stuff. So, um, these are, uh, some of the things that I’ve been looking into. I don’t really have a pick yet as to which one, like, I think is like the best, but I’ll have some links. I don’t know if you have any, um, [01:04:00] experience with anything like this, but

[01:04:01] Brett: No, I, I do it all the hard way. I would love to, I would love to explore this stuff. So yeah, sure. Sure. All your links

[01:04:08] Christina: Yeah, I’ll share all the links to there. Yeah, because yeah, because there’s CASA OS, there’s, uh, RUN, TP, um, there’s Cosmos, um, uh, Cosmos, and they all are, you know, open source. They’re varying degrees of, of, um, I guess, you know, activity and development and whatnot, and some of the things definitely are, um, probably, like, better maintained than others.

[01:04:30] Christina: There are always, I always have kind of, like, security kind of questions about some of these things, but I, um, I like, I like the idea of, um, these types of projects to make it easier for people to self host things. So,

[01:04:46] Brett: God, the CASA OS webpage is very cool.

[01:04:49] Christina: yeah, it is.

[01:04:50] Brett: Nice. I’m jealous. I gotta figure out how to do some of this stuff.

[01:04:54] Christina: Yeah, yeah, and that one has got like 21, 000 stars on GitHub and, um,

[01:04:59] Brett: one [01:05:00] thousand.

[01:05:00] Christina: yeah, and, um, Cosmos has, uh, 2, 600 and RunTP has 6, 600. So I guess the big one, obviously the biggest one is, is CASA OS. So at least in terms of star numbers, but, um, but I don’t know what, what that is saying about anything. But, um, I don’t know.

[01:05:21] Christina: Anyway, I’m a fan, I’m a fan of this type of stuff. Um, I’ve been thinking about getting, I have a bunch of Raspberry Pis, but you can actually now get like, um, an N100 box. Um, Andrew at Ars Technica wrote a review of one and Jeff Gerling has done some reviews of these things too. Basically for like 150 bucks, you can get like a very tiny little box for like a mini PC that has like Windows 11 Pro on it.

[01:05:43] Christina: Um, but of course you could, you know, nuke it and just put Linux on it or whatever that is. Very capable. That is way more capable in most aspects than a Raspberry Pi for about the same amount of money. So, so for people who are just wanting to play around with stuff like that, if you don’t have a random PC around and [01:06:00] you know, because this is an area where like I have some older Mac minis, but at this point like I think one of them I have Proxmox on, I’ve been playing with, and then one of them just like whatever the latest version of Mac OS it can support is, which is old, but like Yeah, it’s something like that.

[01:06:15] Brett: No, I think I got, I think I got mine up to, uh, Catalina.

[01:06:21] Christina: but like, but you know what I mean? But like in, in, in those instances, it’s one of those things where it’s like, okay, um, Mac is great. And if you have a Mac mini that you want to dedicate to those things, that’s, that’s fine. Like, and if you have like for, for your purposes in your basement, you’d like to drag and drop files with, um, You know, using screens, that’s excellent.

[01:06:39] Christina: It is not the ideal platform for anybody to buy into for managing a home server. It is not designed for that. Um, it, the, the best apps won’t run well on it in, in a way that we can actually do things the way virtualization on macOS works, especially for, for Linux derived apps is pretty shit because they don’t allow nested virtualization.

[01:06:59] Christina: Because again, [01:07:00] you know, these are things that we all find acceptable, but are not. Um, and, um, So, you know, and it’s expensive, right? If you wanted to get, like, something with, like, enough RAM to do what you’d want it to do, like, you’re looking at spending over 1, 000, you know, on, like, a Mac Mini, and you’re like, Okay, or I could just buy this very cheap, like, Windows Mini PC.

[01:07:24] Brett: I mean, to be fair, you can get old Intel Mac minis for fifty to a hundred dollars. Um, but, but as you say, they’re not, Yeah, they’re not capable of a lot of things you want to do.

[01:07:38] Christina: No, and really what you want to do on those is like what one of them because I got a couple of them from Um, one of the old guys from Mac. Um, yeah from Orchard. Yeah. Yeah. Yeah,

[01:07:47] Brett: Mac Orchard. Something

[01:07:49] Christina: it was Mac Orchard or something like that Yeah, I bought I bought um some thing that when he was doing up with his kids last summer I got a couple of Mac minis I think for like I tweeted about it, or I posted about it on [01:08:00] Mastodon and basically like gave them massive sales boosts, um, which, which excited the kids, which I was happy about.

[01:08:05] Christina: And they basically cleared out all of their stock. But like I got them, I don’t know, maybe it was 35 or 50 a piece. It was cheap. Right. But like, but like I said, one of them I have macOS running on it just to have it running. The other one I have Proxmox on, like I literally just turned it into a Linux box.

[01:08:20] Christina: Cause at that point, like the hardware is so old, like it still has like 16 gigs of RAM. And like they have, they put in, you know, SSDs and like. Very capable for just running containers and stuff, but it’s not one of those things that I would use Mac OS in any Mac OS way for. So, um, but yeah, um, anyway, those, those are my picks.

[01:08:38] Christina: I just, I’ve been looking at Homebox or Homelab, um, OSes. So

[01:08:43] Brett: What are we going to call this episode? Should it be Apple Bitching? Bitching, bitching about Apple? The Anti Apple Apple Podcast?

[01:08:52] Christina: I, I kind of like that.

[01:08:57] Brett: Apple is dead. That’ll be our title. [01:09:00] Um, anywho. Anyway, um, thanks for joining me. We miss Jeff. Jeff will be back after his, uh, his spring break. Um, and, you know, I, I might rickroll everybody next week. Who knows? Be prepared. Be prepared for, uh, you won’t laugh when it happens. Nobody will laugh. They’ll roll their eyes.

[01:09:24] Brett: But, that’s never stopped me before.

[01:09:27] Christina: No. Why, why, why, why, why would it, why, why would something like that stop you? Right? Like just do, do you like share your truth,

[01:09:36] Brett: Thanks to all of our, thanks to all of our sponsors today. Um, Christina, get some sleep.

[01:09:42] Christina: get some sleep