You might think that things are starting to quiet down as the holidays are approaching. But we got a “last minute before christmas” announcement from Apple: new over-ear headphones called AirPods Max.
Hidden in the announcement, you can see that the new AirPods Max require iOS 14.3 (and siblings) or macOS Big Sur 11.1. Sure enough, a few hours later iOS 14.3 Release Candidate (and siblings) was released to the beta channels, followed yesterday by macOS Big Sur 11.1 Release Candidate. The headphones will start shipping next week, so we can expect the updates to be released next week as well.
If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)
macOS 11 Big Sur and Apple silicon Macs
- iOS Apps on Mac Require System Integrity Protection – Michael Tsai
- What happens when an M1 Mac starts up? – Howard Oakley
- What’s New in macOS Big Sur 11.1 RC Release Candidate (20C69)? – Mr. Macintosh
- Platform Support in macOS Installer Packages (pkg) – Scripting OS X
MacAdmins on Twitter
- Carl Ashley: “I don’t know if other macadmins knew this, but in macOS Big Sur, you can enable the SecureToken for an MDM created admin account by changing the password for that account as long as no other account has logged in first. It works in pre/postinstall scripts in packages too.”
- Eric Holtam: “Password change isn’t even necessary. Any auth works. I use
dscl . -authonly [username] [password]
very early on to enable the ST on an admin account to escrow the BootstrapToken.” - Jason Meller: “I’ve been deeply disappointed by the state of endpoint security & mgmt. The industry has chosen a path where end-users are considered obstacles and their privacy is irrelevant. Today, Kolide is publishing a different vision. It’s called honestsecurity.” (Thread, Link)
- Tim Perfitt: “That was easy. Signing Manager is totally made for EC2 Mac instances. Took about 2 minutes to set up. No private keys in the cloud. Used codesign to sign an app using our CTK extension connected to a remote API for signing operations.” (Thread, Image)
Bugs and Security
- Three Myths about Honest Security – Jason Meller, Kolide
- FireEye breach and Jamf Protect – Stuart Ashenbrenner, Jamf Blog
- Flash Shut Down Will Cripple Millions Of Websites On January 12 – Barry Collins
Support and HowTos
- I’ll die If I don’t get admin rights – Tony Williams, Jamf Blog
- Installing AirPrinters “offline” – Kevin M. Cox
- Making TextEdit Create an Untitled Document at Launch – Michael Tsai
Scripting and Automation
- Defaults Monitor 1.0 – tool to sniff defaults keys and values using unified log. Maybe someone finds this helpful
- Determine if a Mac can run ARM64 code, whether or not the binary is running in Rosetta 2 via pyobjc – Mike Lynn
Apple Support
- The Mac Hardware/Software Obsolescence Chart – Anthony Reimer (updated for M1 Macs)
Updates and Releases
- Munki 5.2.1 Release Candidate 1
- Release Even Yet Another Super Early Experimental Universal Build of Munki 5.3.0a4
- desktoppr v0.4
To Listen
- Real World Telemetry – Mac Admins Podcast
- Mac mini in the Clouds – MacDevOpsYVR
- A Cesspool Of Covid — Command-Control-Power
- Lesson planning your school’s cybersecurity with Doug Levin – Lock and Code, Malwarebytes Labs
Just for Fun
Support
If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!
- Weblog
- Weekly Email Newsletter (TinyLetter)
- Apple News
- Micro.blog
- Mastodon.social
If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!