Unless you’re an exceptionally quirky creature, your phone’s clipboard probably isn’t something you spend a ton of time contemplating.
And really, why would you? It’s just an invisible layer that works quietly in the background and supports a relatively mundane system function.
Keep a pinch of your contemplation energy available, though, ’cause my goodness: A teensy bit of attention to your phone’s clipboard now can enhance your Android-using experience in some pretty powerful ways. And you’ll enjoy those enhancements for months or maybe even years to come.
Fittingly enough, Google itself is turning its focus to the Android clipboard in the upcoming Android 13 release. As we discussed in my newsletter on Friday, Android 13 will introduce a slew of genuinely useful clipboard-centric enhancements, all revolving around a new clipboard pop-up that appears anytime you copy something on your phone.
But you don’t have to wait for Android 13 to get some significant new clipboard smarts on your favorite Android phone — and you don’t have to stop with the device-specific improvements Google’s about to give us, either.
Allow me to introduce you to your new Android clipboard BFF.
The missing piece of your Android clipboard puzzle
The real problem to be solved with the Android clipboard experience, if you ask me, is less about the experience of interacting with what you copy on Android and more about connecting that copying action to your other devices.
After all, particularly in the work world, nearly all of us hop between our phones and some manner of computer — right? And getting text or even images that you copy from one device to another is a reliably clunky and time-consuming process.
That’s where a crafty little app called Clipt comes into play. Clipt (which I dare you to try saying out loud 10 times fast) launched last year as an experimental lab creation by the phone-maker OnePlus. I’ve been revisiting it lately as a result of a reader’s recent question in this area.
And Goog almighty, lemme tell ya: Over the past several months, this thing has gotten really, really good.
Clipt’s role on your phone is simple: The app acts as an intermediary between your Android device’s clipboard and the clipboard on practically any other computer you’re using. You just install the Clipt app on your phone, install the companion Chrome extension on whatever computer you’ve got in those pretty person-paws of yours, and poof: Anything you copy on one device will instantly be available on the other.
You can even install Clipt on multiple computers or Android devices, if you really want to get wild, and have all of your copied content from any of those gizmos appear on all of the others simultaneously.
Now, fair warning: On the Android side of things, you will have to take one extra step whenever you want something from your phone’s clipboard to be shared — but I promise it’s painless. And you’ve got a couple convenient choices:
First and most easily, after you copy some text or even an image on your phone, you can look for the on-by-default persistent Clipt notification at the top of your screen and tap the button within it to beam that tasty bit of info over to your computer (and any other connected devices).
JR
If, like me, you find the presence of that persistent notification to be a bit irksome, you can turn it off — by long-pressing it and looking for the appropriate option, at the system level — and instead rely on the Clipt Android Quick Settings tile to play the same role. That tile will be there and ready as soon as you have Clipt installed; all you have to do is edit your phone’s Quick Settings panel (by tapping the pencil-shaped icon in its lower-left corner in Google’s version of Android or by tapping the three-dot menu icon and selecting “Edit buttons,” if you’re using a Samsung phone) to find it and move it up into a more prominent position.
JR
Either way you go, it’s just one tap, and bam: Whatever you last copied will be on your computer’s clipboard and ready for pasting (via Ctrl-V or Cmd-V) anywhere you want.
Speaking of your computer, on that side of the situation, sharing copied content is completely effortless and automatic. Anything you copy will just be sent to your phone instantly and without any extra action on your part — though if you want to disable that function for a while, you can find options to do so by clicking the extension’s icon (within the puzzle-shaped extension menu in the upper-right corner of the Chrome desktop browser).
Just one quirk with that part of the process: Every time you copy something on your computer, you’ll get a ding-inducing notification on your Android device letting you know it received the copied content and has it on your clipboard and ready to paste. Suffice it to say, that gets annoying fast.
But all you’ve gotta do to stop the habit is press and hold one of those notifications and then find the option to disable it. No more noise. Serenity now.
If you open the actual Clipt app or extension on any device, by the way, you’ll find some other potentially useful tools — including a history of everything that’s been copied and shared across your devices along with a way to manually share any text, image, or even file wirelessly between your phone and computer.
But odds are, you’ll rarely to never actually open the app after you get it set up and running. The real magic is the time it saves and the effort it takes away with its easy, seamless cross-platform clipboard sharing.
Clipt is completely free to use, and it doesn’t require any sorts of eyebrow-raising permissions. It relies on your own Google Drive space for storing the info it transfers, and all the info is encrypted — so privacy shouldn’t be a worry.
All in all, it’s one of the most useful enhancements you’ll ever make to your Android experience. And best of all? Once you get it up and running, you can go back to never actively thinking about that virtual clipboard of yours again.
Want even more Googley knowledge? Get three things to try every Friday with my Android Intelligence newsletter — and get three bonus tips on your favorite subject as soon as you sign up.
Among a slew of announcements at WWDC this year were some important changes to Apple’s support for single sign-on (SSO). Here’s what’s coming when new updates ship this fall.
SSO + BYOD = iOS 16, iPadOS 16
Apple first introduced SSO support at WWDC 2019 with Sign in with Apple, which also saw the introduction of extensions to enable this kind of authentication. It allowed a user to access a service or website using their Apple ID, and meant support for identity providers, the use of highly secure token-based signatures and the tools service providers required to implement these systems.
That was v.1, and Apple has continued to improve its offerings since then. All the same, the reality is that because apps and services must be equipped to accept SSO, it’s sometimes necessary to use third-party authentication services such as Okta and others, or simply manual sign in to access some sites.
Apple at WWDC 2022 updated SSO with two critical enhancements:
SSO support for user enrollment for iOS 16 and iPadOS 16.
Platform SSO support to macOS Ventura.
What’s new in SSO support for user enrollment
What’s changed is that when enrolling an iOS device, users can now download a mobile app from their identity provider (IdP) to enable use of SSO on that device. The system also requires a Managed Apple ID set up using Apple Business or School Manager and use of an MDM (Mobile Device Management) system of some kind, such as Apple Business Essentials, Jamf, or Kandji, to name but three.
Apple also made it possible to use Apple Configurator for iPhone to add Macs, iPads, and iPhones to Apple Business or School Manager starting this fall. The company has also made it much easier to enroll personal devices to MDM.
The lightest explanation of how Apple’s system works is that once enrollment is complete, the IdP app remains active on the device to mediate app and service authentications. For an end user, the experience is that once they sign into their iPhone/iPad, they should not need to authenticate use of other supported apps and services.
What is Platform SSO support for Macs?
For Macs, the addition of Platform SSO support means users will be signed into all the apps and websites that make use of their company’s IdP once they authenticate their Mac at login. As they use their computer, authentication will take place on strength of the first login, which was itself mediated by the IdP and stored in the keychain, which means everything takes place behind the scenes, subject to whatever authentication policy you adopt.
(Employees will still need their own logins to access personal sites, apps, and services, of course.)
Apple calls Platform SSO a replacement for Active Directory, but it does require that IdPs implement the protocol and also that device management vendors update their profiles to support it.
Apple also now supports OAuth 2.0 authentication. That’s an important step for both of the above features, as it makes it possible to support additional identity provision systems from third-party services. Apple Business Manager and Apple School Manager now support the federation of Managed Apple IDs with Google Workspace and Microsoft Azure AD.
The password is dead, so use strong ones
While all the above SSO improvements aim at easing friction for enterprise deployments, Apple’s focus is also on reducing the need for authorization on a more pluralistic basis. Its work to replace CAPTCHA technology with seamless authorization that also uses that first device login as the standard of trust means passwords will become less important. Ironically, that work — and SSO generally — also mean the primary passcode you and your employees use to access devices has become far, far more important. You really need these to be strong….
After all, with SSO if your master password is 1,2,3,4 it really isn’t going to take much effort to crack into your confidential systems. This rather suggests you should explain the need for strong device passwords (and biometric authorization) to your employees before Apple ships its new systems in later this year.
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.
Apple updates hardware, software, and services every year and has never been too afraid to cannibalize an existing product range to make way for the new — the iPhone ate the iPod, after all. Now, we hear that Apple is preparing its late 2022/early 2023 product salvo, and, as expected, this may include AR glasses.
What’s the story?
Mark Gurman at Bloomberg condensed all the current Apple speculation in a recent post. In brief, upcoming arrivals include:
Macs, including M2 and M3 models, including an M2 Pro, Max, Ultra and Extreme configurations.
Four iPhone 14 devices – two with an A16 chip and always-on display.
iPad updates, including M2 iPad Pro models and an A14 entry-level model.
Three Apple Watch models, including an SE and a rugged version.
The mixed-reality headset, equipped with an Apple chip, likely a low-power, high performance M2 processor.
An Apple TV upgrade, with additional gaming capabilities and a better processor.
HomePod, which may include a display.
And an AirPods Pro upgrade, including heart monitor.
That’s the round-up, so what might it tell us?
New business opportunities loom
First, it tells us Apple is preparing to open a new business segment around AR glasses. CEO Tim Cook has been guiding us towards this for ages and we’ve written extensively about the company’s purported plans. But this fresh frontier is now about to emerge and will provide businesses with a chance to build customer and internal collaboration relationships, digitize business processes, and explore/pioneer new market opportunities.
We can anticipate companies already in the space will probably be preparing to pivot their own product design and development roadmaps to reflect Apple’s eventual design. Sony, Microsoft, Valve, HTC, and Meta will all be watching, and you can anticipate some spicy talk from at least some competitors through the vehicle of the Metaverse Standards Forum. Talk is cheap, but the overall effect will be to promote rapid growth across the existing AR/VR industry.
Content and services developers will directly benefit, predicts analyst Ming-Chi Kuo. I agree.
Apple silicon roadmap is coalescing
Second, it tells us that Apple is very, very focused on its own Apple silicon chips. We knew this already, of course, but any business considering implementing employee-choice schemes or introducing/extending support for iPads/Macs can now (if they didn’t already) see a clear road map for product development stretching out years ahead. Apple has proved its commitment to regular security and software updates while the market for enterprise supporting products and services continues to expand. There seems little beyond inertia to stop businesses from deploying additional Apple products. That’s possibly why Jamf CIO Linh Lam expects the company will be the number one (endpoint) vendor by 2030.
This is also why Apple will continue to evolve its offer to enterprise pros.
For end users? Fast, increasingly powerful computers with incredibly low power requirements, all of which include on-chip features (such as UWB (probably) and/or machine-learning capabilities) much of which haven’t really been stretched yet.
That built-in and unexploited upside within existing products, along with Apple’s commitment to continuous software upgrades, means the Mac or iPad you purchase today (or next year) will be a better machine the year after that.
One more thing: We don’t know, and we’ve not been told, but it appears Apple is betting on COVID-related production slowdowns ending. With this in mind a lot will depend on health data as we enter the fall.
Health, fitness – and eye care?
Third, it tells us about health. A second report today explains that the new AirPods Pro will use USB-C, have microphones built into the case for use as a hearing aid, motion sensors, built-in fitness tracking, temperature detection, and a heart rate sensor.
In other words, Apple is proliferating its health data collection systems across its personal products, further expanding its reach into augmented health.
When not evangelizing Apple’s AR products, Cook has frequently extolled his company’s work in health. While I don’t think we’ve seen Apple’s big idea in that sector yet, the addition of health sensors to AirPods gives us a firm direction of travel and, if nothing else, probably means digital health solutions developers should sign up for an Apple developer account.
Starting in iOS 16, Apple has told us to expect the capacity to save vision prescriptions to HealthKit. It says this is because such prescriptions are easy to use. But given the looming launch of AR glasses and that such data is now available to developers via ‘requestPerObjectRead’ authorization, it’s hard not to wonder if there’s something more to this. After all, 75% of US adults rely on prescription glasses. There’s not a huge amount of value in mixed reality if all you can see is the overlay.
The return of the Apple quadrant
Back when Steve Jobs returned to a near-dead Apple and cut the cruft, the company adopted a much-simplified product road map: Pro, Consumer, Mobile, Desktop. There were and still are shades within that, and new product families also now exist, but the company has remained focused around those divides.
Apple’s claimed decision to place A16 chips only in the Pro iPhone models while equipping the iPhone range with (albeit optimized and improved) A15 processors suggests the company’s returning to that strategy. Pro iPhones (and by inference, all Apple’s pro products) will gain additional features and capacities to set them apart more clearly from the consumer range. Apple has reached a point where it’s only truly credible competitor is itself. What’s a firm to do?
[Also read: We already know how Apple will prosper in uncertainty]
Consumer users needn’t feel too down about this, of course: Those high-end features get to be universal features eventually, usually over around two years.
The green slide
One thing that isn’t being discussed much is how Apple must continue work to mitigate the impact of hardware manufacturing as it seeks to meet its own zero carbon 2030 goals. Manufacturing is inherently wasteful of resources, raw materials, water, fuel, and more. The need to optimize manufacturing processes continues across every industry, and this means sustainability and recycling will be core to new hardware designs from the firm. Apple’s approach to “designing in” sustainable business practice across its own and partner businesses should help inform every enterprise as to what’s possible.
The green slides Apple produces during its looming product presentations should be looked at deeply for what they reveal around process innovation, use of recycled materials and more. There is, after all, a lot of otherwise squandered cash to be released within any company through application of more efficient, less wasteful manufacturing and distribution practice. To what extent can Apple’s decisions on this help guide your own as you seek to more effectively manage your business?
One more thing
Bloomberg also seems to predict the introduction of a multitouch screen atop a new model HomePod. If that’s the case, this could conceivably offer up more visual elements such as album art and an on-device music selection system, but it’s not too huge a stretch to imagine support for relevant home-focused apps and widgets. To what extent will Matter and Thread support enable smarter smart homes?
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.
We’ve reached the mid-point of 2022 and when it comes to security, I feel like we’re not making much headway. I still see people report they’re getting scammed, ransomed, and attacked on a regular basis — and for many users the browser is becoming the most important part of whatever platform you use. So now is a good time to review your browsers, and any extensions you’ve installed to beef up security.
Note, I said browsers —plural. While enterprises might want to standardize on only one browser for better control, for small businesses and individual users, I recommend installing more than one. (I often use three different browsers.)
Why is this important? Because attackers (and trackers) go after browsers. In fact, it’s good to think of your browser a separate operating system, and act accordingly to protect it. Though I focus mainly on Windows issues, these guidelines and recommendations apply to Mac OS, Ubunto, Mint, and others.
Basically, every browser should be reviewed for additional protection against malicious sites and ads. On platforms such as macOS, you will need to focus on Chrome, Firefox, or WaterFox protections; if you’ve standardized on Safari, you will need to use Adguard.
Even now, I see malicious banner ads in rotation. If you don’t have endpoint protection or something similar, you can better protect yourself by deploying something like uBlock Origin, which blocks ads and unwanted content.
Be aware that uBlock and uBlock Origin are two different products, with the latter being a fork of the former. They’re separately maintained. I recommend uBlock Origin, which you can install and deploy as a standalone extension. Once it’s installed, you can then build whitelists of sites that you will allow and adjust other settings as needed. If you are new to ublock, you can leave the defaults alone, or review these posts for recommended settings. You can also click on the extension icon in your browser and select “Filter lists.”
By default, some filters are already enabled, though you can more seriously lock down your browser by enabling them all. Then, on another browser, leave the defaults alone for a more lenient approach to surfing.
In a network setting, you can go through the same process and use PowerShell or Group policy to deploy the settings throughout your network. While I’m specifically focused on Chrome, most major browsers work similarly. To deploy using Group policy to Chrome, you need to download the Google group policy ADMX templates and place them in the central policy store. Edit your Google Chrome GPO and navigate to Computer Configuration. Then go to Policies>Administrative Templates>Google>Google Chrome>Extensions. Enable the “Configure the list of force-installs apps and extensions” setting and ensure you link your group policy to an organizational unit that contains authenticated users or Domain computers as a security filtering. If you prefer to test this out before a full deployment, set up a specific security testing group.
It’s a good idea to test uBlock first rather than deploying it widely; you may find that you need to exclude a web site. Invariably you will need to whitelist a website using group policy tools. To do so, follow the guidance at deployhappiness.
As they note:
In your Chrome GPO, navigate to Computer ConfigurationPreferencesWindows SettingsRegistry and create a new registry preference. Leave the Action type at Update. In the preference, set the following:
Value data: {“autoUpdate”:true,”netWhitelist”:”about-schemenbehind-the-scenenchrome-extension-schemenchrome-schemenlocalhostnloopconversation.about-schemenopera-schemenWHITELISTWEBSITE.com”}
This value data has the default exclusions plus WHITELISTWEBSITE.com as an allowed website. Be sure to change the last value (WHITELISTWEBSITE.com) to the website that should be whitelisted. Websites should always be preceded with a n . If you had to add a second website, the value data would look like:
These changes will be active after a GPU update and after a new Chrome browser sessions starts. If you’d rather deploy the solution using PowerShell, you can do so in a similar fashion to group policy.
You may have to be a bit more adventurous with Chrome, Firefox, or Waterfox on the Mac platform. If you are in an enterprise with macOS workstations, you may need to use your remote tools or type up instructions telling your users how to manually deploy the protections if you don’t have management tools in place for your Apple hardware.
You can also add third party external websites that include filter lists. Sample external lists include the following:
Note that the likelihood of page breakage increases with more filter lists added. So always test in a sample setting before deploying across your network.
Attackers know that the browser is one of the ways they can gain access to computers and networks and steal saved user names and passwords. If you ensure your browser is as secure as it can be, perhaps the second half of 2022 won’t be quite as fraught with danger as the first part of the year has been.
Here we go again: another example of government surveillance involving smartphones from Apple and Google has emerged, and it shows how sophisticated government-backed attacks can become and why there’s justification for keeping mobile platforms utterly locked down.
What has happened?
I don’t intend to focus too much on the news, but in brief it is as follows:
Google’s Threat Analysis Group has published information revealing the hack.
Italian surveillance firm RCS Labs created the attack.
The attack has been used in Italy and Kazakhstan, and possibly elsewhere.
Some generations of the attack are wielded with help from ISPs.
On iOS, attackers abused Apple’s enterprise certification tools that enable in-house app deployment.
Around nine different attacks were used.
The attack works like this: The target is sent a unique link that aims to trick them into downloading and installing a malicious app. In some cases, the spooks worked with an ISP to disable data connectivity to trick targets into downloading the app to recover that connection.
The zero-day exploits used in these attacks have been fixed by Apple. It had previously warned that bad actors have been abusing its systems that let businesses distribute apps in-house. The revelations tie in with recent news from Lookout Labs of enterprise-grade Android spyware called Hermit.
What’s at risk?
The problem here is that surveillance technologies such as these have been commercialized. It means capabilities that historically have only been available to governments are also being used by private contractors. And that represents a risk, as highly confidential tools may be revealed, exploited, reverse-engineered and abused.
As Google said: “Our findings underscore the extent to which commercial surveillance vendors have proliferated capabilities historically only used by governments with the technical expertise to develop and operationalize exploits. This makes the Internet less safe and threatens the trust on which users depend.”
Not only this, but these private surveillance companies are enabling dangerous hacking tools to proliferate, while giving these high-tech snooping facilities available to governments — some of which seem to enjoy spying on dissidents, journalists, political opponents, and human rights workers.
An even bigger danger is that Google is already tracking at least 30 spyware makers, which suggests the commercial surveillance-as-a-service industry is strong. It also means that it’s now theoretically possible for even the least credible government to access tools for such purposes — and given so many of the identified threats make use of exploits identified by cybercriminals, it seems logical to think this is another income stream that encourages malicious research.
What are the risks?
The problem: these close-seeming links between purveyors of privatized surveillance and cybercrime won’t always work in one direction. Those exploits — at least some of which appear to be sufficiently difficult to discover that only governments would have the resources to be able to do so — will eventually leak.
And while Apple, Google, and everyone else remain committed to a cat-and-mouse game to prevent such criminality, closing exploits where they can, the risk is that any government-mandated back door or device security flaw will eventually slip into the commercial markets, from which it will reach the criminal ones.
Europe’s Data Protection regulator warned: “Revelations made about the Pegasus spyware raised very serious questions about the possible impact of modern spyware tools on fundamental rights, and particularly on the rights to privacy and data protection.”
That’s not to say there aren’t legitimate reasons for security research. Flaws exist in any system, and we need people to be motivated to identify them; security updates wouldn’t exist at all without the efforts of security researchers of various kinds. Apple pays up to six-figures to researchers who identify vulnerabilities in its systems.
What happens next?
The EU’s data protection supervisor called for a ban on the use of NSO Group’s infamous Pegasus software earlier this year. In fact, the call went further, outright seeking a “ban on the development and deployment of spyware with the capability of Pegasus.”
NSO Group is now apparently up for sale.
The EU also said that in the event such exploits were used in exceptional situations, such use should require companies such as NSO are made subject themselves to regulatory oversight. As part of that, they must respect EU law, judicial review, criminal procedural rights and agree to no import of illegal intelligence, no political abuse of national security and to support civil society.
In other words, these companies need bringing into line.
What you can do
Following revelations about NSO Group last year, Apple published the following best practice recommendations to help mitigate against such risks.
Update devices to the latest software, which includes the latest security fixes.
Protect devices with a passcode.
Use two-factor authentication and a strong password for Apple ID.
Install apps from the App Store.
Use strong and unique passwords online.
Don’t click on links or attachments from unknown senders.
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.
Apple will add another obstacle against successful phishing attacks in iOS 16, iPadOS 16, and macOS Ventura, which will show a company’s official logo to help recipients recognize genuine from fake emails.
Brand Indicators for Message Identification
Apple’s forthcoming operating systems will support Brand Indicators for Message Identification (BIMI). This is a specification to enable the use of brand-controlled logos within emails and will be a way to tell recipients that an email genuinely comes from the company concerned. Google has supported BIMI since 2021.
BIMI requires that companies authenticate their email using DMARC. Described by the IETF in more detail in a March 2015 document, DMARC helps mail administrators prevent hackers and other attackers from spoofing their organization and domain.
The feature won’t provide complete peace of mind.
Not every company will be certified (though if you wish to begin using the system at your company, the BIMI website is a good place to start).
Many smaller companies probably will never get certified, and it’s possible the system itself may be abused over time — those who construct these attacks are ever inventive.
The feature also requires support from the email client, which won’t appear until Apple ships the next iterations of its operating systems.
What BIMI provides
But what BIMI does provide is a visual way to assess trust when receiving a message, helping protect us against phishing and ransomware exploits by making it far more challenging for criminals to impersonate brand names in emails.
That’s important in the pluralistic sense — we’ve all experienced attempts at malware infection buried in emails that purport to come from big brands.
It may also help protect enterprise communications by making it more challenging to successfully launch phishing and targeted attempts against companies or supply chain partners.
This is particularly important given that ransomware attackers are currently targeting smaller firms as larger entities put better protection in place — and that manufacturing firms often rely on outmoded security practices. That is why the relatively recent US Cybersecurity & Infrastructure Security Agency has designated manufacturing as one of the critical US sectors that need better security protection.
The main use is B2C marketing, of course. Marketers will make extensive use of BIMI as they attempt to persuade customers to open email marketing campaigns.
The magic marketing sauce of combining a trusted brand with relevant content will remain essential to success. It is worth taking note of a recent study that suggests consumers are more likely to open emails that display a logo beside the email, and that this kind of branding also improves brand recognition over time.
How it works
BIMI lets brands verify the authenticity of emails they send. Once verified, the system can show the company logo in a relevant position within a supporting email client. BIMI is a text file that is kept on the sender’s server, which ISPs handling end-user traffic can then check to verify authenticity.
That integration between BIMI, DMARC, and the email client makes it challenging for spammers to figure out how to show their spoof logo in the same spot. The effect is that customers can see if an email is genuine and can delete those that aren’t without ever opening the offending message, further reducing the risk of accidentally running malicious code.
Securing the internet
Apple’s decision to support BIMI in Mail echoes industry acceptance of the standard. Google, Yahoo! Mail, AOL, Verizon, and Microsoft all support it. Apple’s addition means the standard has achieved critical mass.
This isn’t the only attempt to lock down the internet experience taking place across Apple’s platforms in its next OS updates. Its decision to standardize an alternative to CAPTCHA will reduce friction online (and help protect user IP addresses). Its support for next generation authentication in the form of passkeys will be seen as a major step toward replacing password protection with more effective biometric account/service security. Apple continues to invest in privacy, with better protection against cross-site scripting on the way and improvements in endpoint security also on the horizon as declarative device management comes to the Mac.
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.
Psst: Come close. Your Android phone has a little-known superpower — a futuristic system for bridging the physical world around you and the digital universe on your device. It’s one of Google’s best-kept secrets. And it can save you tons of time and effort.
It’s a little somethin’ called Google Lens, and it’s been lurking around on Android and quietly getting more and more capable for years. Google doesn’t make a big deal about it, weirdly enough, and you really have to go out of your way to even realize it exists. But once you uncover it, well, you’ll feel like you have a magic wand in your pocket.
At its core, Google Lens is best described as a search engine for the real world. It uses artificial intelligence to identify text and objects both within images and in a live view from your phone’s camera, and it then lets you learn about and interact with those elements in all sorts of interesting ways. But while Lens’s ability to, say, identify a flower, look up a book, or give you info about a landmark is certainly impressive, it’s the system’s more mundane-seeming productivity powers that are far more likely to find a place in your day-to-day life.
So grab your nearest Android gadget, go install the Google Lens app, if you haven’t already, and get ready to teach your phone some spectacularly useful new tricks.
Google Lens trick No. 1: Copy text from the real world
Google Lens’s most potent power and the one I rely on most frequently is its ability to grab text from a physical document — a paper, a book, a whiteboard, a suspiciously wordy tattoo on your rumpus, or anything else with writing on it — and then copy that text onto your phone’s clipboard. From there, you can easily paste the text into a Google Doc, a note, an email, a Slack chat, or anywhere else imaginable.
To do that, just open up the Google Lens app and tap the “Search with your camera” area at the top of the screen. Point your camera at any text around you, then tap your finger onto any area of the viewfinder — and you’ll be able to select the exact portion of text you want as if it were regular ol’ digital text on a website.
JR
All that’s left is to hit the “Copy text” command in the panel at the bottom of the screen, and every last word will be on your system clipboard and ready to paste wherever your thumpy little heart desires.
Google Lens trick No. 2: Send text from the real world to your computer
Let’s face it: Most of us aren’t working only from our Android phones. If you need to get some real-world text onto your computer, Lens can handle that for you, too.
Just go through the same steps we did a second ago, but this time, look for the “Copy to computer” option in the panel at the bottom of the screen. As long as you’re actively signed into Chrome with the same Google account on a computer — any computer, whether it’s Windows, Mac, Linux, or Chrome OS — that option should appear. And when you tap it, you’ll get a list of all available destinations.
JR
All you’ve gotta do is pick the system you want, and just like magic, the text from the physical document will be on that computer’s clipboard — ready and waiting to be pasted wherever you want it. Hit Ctrl-V (or Cmd-V, on a Mac), and shazam! It’ll pop into any text field, in any app or process where pasting is supported.
Google Lens trick No. 3: Hear text from the real world read aloud
Maybe you’ve just been handed a long memo, a printed-out brief of some sort, or a letter from your dear Aunt Sally. Whatever it is, give your eyes a breather and let Lens read it for you while you’re on the go and between meetings.
Just point your phone at the paper, exactly as we did before, and tap that “Text” option once more. Select whatever text you want — and this time, look for the little “Listen” option in the bottom-of-screen panel.
Pound your pinky down on that bad boy, and the Google Lens app will actually read the selected text out loud to you, in a soothingly pleasant voice. Hey, Google: How ’bout a bedtime story while we’re at it?!
Google Lens trick No. 4: Interact with text from an image
In addition to the live stuff, Lens can pull and process text from images — including both actual photos you’ve taken and screenshots you’ve captured.
That latter part opens up some pretty interesting possibilities. Say, for instance, you’ve just gotten an email with a tracking number in it, but the tracking number is some funky type of text that annoyingly can’t be copied. (This seems to happen to me way too often.) Or maybe you’re looking at a web page or presentation where the text for some reason isn’t selectable.
Well, grab a screenshot — by pressing your phone’s power and volume-down buttons together — then make your way over to the Google Lens app. Look for the screenshot on the Lens home screen, tap it, and tap “Text” along the bottom of the screen. And then, you can simply select the text you want.
From there, you can copy the text, send it to a computer, or perform any of Lens’s other boundary-defying tricks. Speaking of which…
Google Lens trick No. 5: Search for text from any physical document or image
After you’ve selected any manner of text from within the Google Lens app, swipe your finger toward the left on the row of options in that bottom-of-screen panel — the one with “Copy text,” “Copy to computer,” and so on. You’d never realize it from looking, but even more options are hiding to the right of those initial choices.
One of ’em is the simple but supremely useful “Search.” (And sometimes, Lens will even put related results right there in that bottom-of-screen panel, without any additional searching required.) Keep that in mind as a super-easy way to get info on text from any physical document or captured image without having to manually peck in the words on your own.
And on a related note…
Google Lens trick No. 6: Search for similar visuals
In addition to searching for the text from an image, Lens can search the web for other images that match the actual object within your photo or screenshot. It’s a fantastic way to find visually similar images or even identify something like a specific phone model or product seen within a photo.
JR
To pull off this bit of Googley sorcery, look for the “Search” option within the main sliding bar of options at the bottom of the Lens interface — which, confusingly enough, is not the same as the text-oriented “Search” command we just went over.
Google Lens trick No. 7: Create a calendar event
Anytime you see something with a date involved — a flyer, a billboard, an appointment card, or even a physical invitation to your dear Aunt Sally’s weekly canasta game — save yourself the trouble of typing the info into your digital calendar and instead just open up the good ol’ Google Lens app.
Aim your Android phone’s camera at the paper and then tap on the date. Lens should give you a “Create calendar event option” at the start of its bottom-panel choices, and tapping it will beam the info right over to your preferred calendar app so you can tweak it as needed and save.
JR
And a quick bonus tip: Don’t forget that all this stuff will work even if you hold your phone up to capture an image of something on your computer screen. That’s a spectacular way to save yourself time and steps when working across different devices.
Google Lens trick No. 8: Save someone’s contact information
If you find yourself holding a business card and thinking, “Well, blimey, I sure as heckfire don’t want to type all of this into my contacts app,” first, congratulate yourself on the excellent use of blimey — and then sit your beautiful person-shell back and let Lens handle the heavy lifting for you.
Open Lens, point your phone’s camera at the card, and tap on the person’s name. The Google Lens app should recognize the nature of the info and prompt you to add a contact.
One more tap, and the deed is done.
Google Lens trick No. 9: Email, call, text, or navigate to a website
Got an address or number you need to get onto your phone for a specific sort of action? It could be on a business card, on a letter, or even on the front of a random business’s door. Whatever the case, just open the Google Lens app, point your phone at it, and tap the text. (Or, option B: Snap a photo of the info in question and then pull it up in the Lens app later.)
JR
Once Lens sees it, it’ll offer to do whatever’s most appropriate for the sort of info involved. Then, with a single tap, you’ll have the address ready to roll in a new email draft, the number ready to call or text in your dialer or messaging app, or the website pulled up and ready for your viewing in your browser — no time-wasting typing required.
Google Lens trick No. 10: Translate text from the real world
If you ever find yourself staring at a sign in another language and wondering what in the world it says, remember that the Google Lens app has a built-in translation feature. To find it, open the app, aim your phone at the text, and tap the word “Translate” along the bottom edge of the screen.
Before you know it, Lens will replace the words on your screen with their English equivalents (or with a translation in whatever language you select, if English isn’t your tasse de thé) — practically in real time. It’s almost spooky how fast and effective it is.
JR
Pas mal, eh?
Google Lens trick No. 11: Act as your on-demand calculator
The next time you’ve got a numerical challenge in front of your weary peepers, give your musty ol’ brain a break and let Lens do some good old-fashioned solvin’ for ya.
Just open up Lens and point your phone at the equation in question — whether it’s on a whiteboard, a physical piece of paper, or even on a screen in front of you. Scroll over along the line at the bottom of the Lens viewfinder screen until you see the word “Homework” (and don’t worry: Despite what that label implies, you don’t have to be an annoyingly youthful and bushytailed student to use it).
With everything from basic equations to advanced math, chemistry, physics, and biology, Lens will eagerly do your calculation for you and spit back an answer in the blink of an eye.
I won’t tell if you don’t.
Google Lens trick No. 12: Scan codes galore
‘Twas a time when Android code-reading apps were all the rage — and plenty of folks still have ’em hangin’ around today. So long as the Google Lens app is on your phone, though, guess what? You don’t need anything else.
Just open up Lens, aim your camera at any barcode or QR code, and poof: Lens will offer to show you whatever that code contains faster than you say “What does QR stand for, anyway?”
But wait: There’s more! If you’ve got one of Google’s own Pixel phones, the process is even easier…
Google Lens trick No. 13: Use Lens from Image Search, Photos, and your phone’s camera
All those tricks we just talked about can work not only from the actual Google Lens app but also from a few other potentially useful places on your phone:
Google Image Search: Anytime you’re looking at an image within images.google.com on your phone’s browser, keep an eye out for the Lens icon in its upper-right corner. Tapping that will activate Lens and give you any relevant info about whatever’s being shown.
Google Photos: See that third icon along the bottom when you open an image in Photos? That’s Lens! Tapping it will fire up Lens and let you copy text, activate links, and get additional context about anything Lens is able to recognize.
JR
Your camera: On Pixel phones, you can find Lens right within your regular camera app. Just open the camera and then press and hold your favorite fingie on any spot in the viewfinder. That’ll launch an on-demand Lens search for the item in that area — and the results will then pop up right then and there, without the need for any app-switching or extra searching. (If you’ve taken my Pixel Academy e-course, congratulations: You already knew that, along with mountains of other exceptional Pixel secrets!)
Google Lens trick No. 14: Get to Lens without lifting a finger
Last but not least, a bit of a meta tip: When you want to open the Google Lens app in a hurry, skip the usual swiping and tapping and instead say: “Hey, Google: Open Google Lens.” So long as you’ve got the Lens app installed, your friendly neighborhood Assistant will happily oblige.
Being a mobile-tech magician has never been so satisfying.
Get six full days of advanced Android knowledge with my free Android Shortcut Supercourse. You’ll learn tons of time-saving tricks for your phone!
Apple’s rapidly growing enterprise market share is generating an expansion in the support services ecosystem for the products. One company to recently enter the Apple device management space is Hexnode. I spent a little time with company founder and CEO Apu Pavithran to see this part of the world through his eyes.
What will the workplace of the future look like?
As we work through the pandemic, we hear a lot about the new workplace. But no one yet knows what this will be. We know expectations have changed and employees have proved that remote work can be productive, though many managers are having problems making this transition.
How does Pavithran see the future of work?
Looking at it through the lens of device management, he points to the need for cloud-native device management systems. “We can safely say that almost every application will migrate to an entirely cloud-based or hybrid solution in the next few years,” he says.
This move away from on-premises systems to cloud-backed intelligence is likely to show up as increased spending on SAAS, which is certainly what Gartner, IDC, and others expect.
This is also going to generate challenges in terms of handling multi-cloud deployments, applying customer-led pressure on vendors to build solutions that play nice with others,” says Pavithran. “On top of easing the burden of IT administrators, application integration offers many other benefits. Organizations may establish integrations that update their infrastructures and enable agile business operations by combining and streamlining data and workflows between disparate software applications.
“New cybersecurity ideas like SASE result from the growing convergence between existing solutions.”
Hexnode’s boss also sees the new workplace as an intelligent workplace. “From medical to automotive to cybersecurity and E-commerce, AI has strongly impacted almost every industry,” he said, predicting this will continue and accelerate.
Apple is growing in the enterprise
Pavithran definitely sees growth in Apple and Mac market share. Windows was the de facto enterprise OS 10 years ago. Today, the resurgence of Apple means millions of Macs, iPhones, and iPads are in use across every industry. The feedback is that TCO spending falls, productivity increases, and employee loyalty grows when offering such choice.
“Apple played an essential role in turning the MDM industry into what it is today,” says Pavithran. “The device management APIs Apple introduced with iOS 4 in 2010 introduced many new capabilities…. For example, through Apple Device Manager or Apple School Manager, MDMs can onboard any organization-owned Apple device to their fleet. Even the new user enrollment capability was launched so that MDMs can better manage the devices in their arsenal.
“The capabilities Apple has released in supporting device management functionalities have allowed vendors like us to securely manage both personal and corporate-owned Apple devices. Hexnode has seen considerable growth in Apple in the enterprise.”
[Also read: How Apple improved enterprise deployments at WWDC]
The digital transformation of the workplace
Alongside the move to adopt different platforms and practices, the way work works is also changing.
Accelerated by the pandemic, this digital transformation means new challenges and opportunities to keep business leaders up at night.
“It is true that digitalizing the different processes, procedures, and operations of work will see significant benefits in the form of increased productivity, faster provisioning, reduced costs and so on. Unfortunately, the advent of new technologies and solutions requires changes in the traditional methods of operation. Employees, IT administrators, and managers will have to re-learn new techniques to keep up with it. Fortunately, improvisation is one of the greatest boons of our kin, and as new challenges emerge, so do new solutions.”
These include MDM APIs Apple provides, including its relatively recent user enrollment capability to help endpoint management solutions like unified endpoint management (UEM) or mobile device management (MDM) protect user privacy by separating personal and corporate data.
“I don’t see hybrid work coming to an end any time soon. However, successfully maintaining a remote environment poses many difficulties in both device management and data security,” he says.
That’s why the MDM market is evolving so fast.
“UEMs are even a part of next-generation architecture like zero trust. One of the tenets of zero trust is that you don’t trust either the user or the device. In essence, people must verify that they are who they claim to be, and devices must verify that they are what they claim to be. UEMs are one class of solutions that allow admins this visibility into their remote devices while providing additional security.”
How MDM works with Apple devices
Apple uses Managed Apple IDs to authenticate user enrollment. Controlled and created by enterprise admins in Apple School Manager or Apple Business Manager, Managed Apple IDs are different from regular Apple IDs. They usually handle things like your email, may manage data storage and app provisioning, and will likely feed into endpoint security systems. It is now possible to host both a personal and a managed Apple ID on one device, using containerization.
Containerization means a person’s personal data existence is kept separate — you even get access to your personal iCloud storage — striking a balance between security and privacy for both company and employee.
UEM/MDM systems provide administrators with intricate visibility and management of every device, but this can affect user privacy if containerization is not in play.
The difference between Apple user enrollment and Android
On the outside, both Apple’s user enrollment and Android’s work profile aim to secure corporate resources while respecting employee privacy, says Pavithran.
“Implementation is similar, as both systems create separate virtual containers for work apps and data,” he explains.
However, on Android, the virtual container is visible in the user interface as a separate folder or a section of the app drawer, which means various versions of the same application may be operated with different accounts.
“Unfortunately, since Android only sets a framework for this feature, the scope and capabilities of Android’s work profile changes according to the device manufacturer.”
It works a little differently on Apple, he said, describing it as a “stealthier” approach.
The separate (enterprise) space exists in the backend and is not as visible.
That means that rather than creating parallel applications for personal use and work, “The same application can create a personal profile with a regular Apple ID and a work profile with a Managed Apple ID.”
Pavithran seems reasonably confident Apple will continue to extend the enterprise support it builds into its system. “As Apple makes its APIs more available to third-party vendors, the resulting synergy will surely help secure the enterprise workings of the future,” he said.
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.
As expected, Apple at WWDC announced a series of significant changes to how Macs, iPads, iPhones, and Apple TVs are managed in business and education environments. These changes largely break into two groups: those that affect overall device management and those that apply to declarative management (a new type of device management Apple introduced last year in iOS 15).
It’s important to look at each group separately to best understand the changes.
How did Apple change overall device management?
Apple Configurator
Apple Configurator for iPhone got a significant expansion. It’s long been a manual method of enrolling iPhones and iPads in management rather than using automated or self-enrollment tools. The tool originally shipped as a Mac app that could configure devices, but it had one major downside: devices had to be connected via USB to the Mac running the app. This had obvious implications in terms of the time and manpower in anything other than a small environment.
Last year, Apple introduced a version of Configurator for iPhone that reversed the workflow of the original, meaning an iPhone version of the app could be used wirelessly to enroll Macs into management. It was primary used to enroll Macs that had been purchased outside of Apple’s enterprise/education channel into Apple Business Manager (Apple products purchased through the channel can be auto-enrolled with zero-touch configuration).
The iPhone incarnation is incredibly simple. During the setup process, you point an iPhone camera at an animation on the Mac’s screen (much like pairing an Apple Watch) and that triggers the enrollment process.
The big change this year is that Apple expanded the use of Apple Configurator for iPhone to support iPad and iPhone enrollment using the same process — removing the requirement that devices be attached to a Mac. This greatly reduces the time and effort needed to enroll these devices. There’s one caveat: devices that require cellular activation or have been activation locked will need that activation to be completed manually before Configurator can be used.
Identity management
Apple has made useful changes for identity management in enterprise environments. The most significant: it now offers support for additional identity providers including Google Workspace and Oauth 2, which allows an expansive set of providers. (Azure AD was already supported.) These identity providers can be used in conjunction with Apple Business Manager to generate Managed Apple IDs for employees.
The company also announced that support for single sign-on enrollment across its platforms will be implemented after macOS Ventura and iOS/iPadOS16 arrive this fall. The goal here is to make user enrollment easier and more streamlined by requiring users to authenticate only once. Apple also announced Platform Single Sign-on, an effort to expand and streamline access to enterprise apps and websites each time they login to their device(s).
Managed per-app networking
Apple has long had per-app VPN capabilities, which allow only specific enterprise or work-related apps to use an active VPN connection. This applies VPN security, but limits VPN load by only sending specific app traffic over a VPN connection. With macOS Ventura and iOS/iPadOS 16, Apple is adding per-app DNS proxy and per-app web content filtering. This helps secure traffic for specific apps and functions the same as per-app VPN. And this requires no changes to the apps themselves. DNS proxy supports system-wide or per-app options while content filtering supports system-wide or up to seven per-app instances.
E-SIM provisioning
For iPhones that support eSIMs, Apple is making it possible for mobile device management software (MDM) to configure and provision an eSIM. This can include provisioning a new device, migrating carriers, use of multiple carriers, or configuration for travel and roaming.
Managing Accessibility settings
Apple is well known for its expansive set of Accessibility features for people with special needs. In fact, many people without special needs also use several of these features. In iOS/iPadOS 16, Apple is allowing MDM to enable and configure a handful of the most common features automatically, including: text size, Voice Over, Zoom, Touch Accommodations, Bold Text, Reduce Motion, Increase Contrast, and Reduce Transparency. This will be a welcome tool in such areas as special education or hospital and healthcare situations where devices may be shared among users with special needs.
What’s new in Apple’s Declarative Management process?
Apple unveiled Declarative Management last year as an improvement over its original MDM protocol. Its big advantage is that it moves much of the business logic, compliance, and management from the MDM service to each device. As a result, devices can proactively monitor their state. That eliminates the need for the MDM service to constantly poll for their device state and then issue commands in response. Instead, devices make those changes based on their current state and on the declarations sent to them and report them back to the service.
Declarative management relies on declarations that contain things like activations and configurations. One advantage is that a declaration can include multiple configurations as well as the activations that indicate when or if the configuration should be activated. This means a single declaration can include all the configurations for all users, paired with activations that indicate to which users they should apply. This reduces the need for large sets of different configurations as the device itself can determine which ones should be enabled for the device because of its user.
This year, Apple has expanded where Declarative Management can be used. Initially, it was available only on iOS/iPadOS 15 devices that leveraged user enrollment. Going forward, all Apple devices running macOS Ventura or iOS/iPadOS/tvOS 16 will be supported, regardless of their enrollment type. That means device enrollment (including Supervised devices) is supported across the board, as is shared iPad (an enrollment type that allows multiple users to share the same iPad, each with his or her own configuration and files.)
The company has made it crystal clear that Declarative Management is the future of Apple device management and that any new management features will be rolled out only to the declarative model. Although traditional MDM will be available for some unspecified time, it has been deprecated and will eventually be retired.
This has major implications for devices already in use. Devices that can’t run macOS Ventura or iOS/iPadOS 16 will eventually be dropped and any that remain in service will need to be replaced. Given the swath of devices losing support, this could make for a costly transition for some organizations. Although it isn’t immediate, you should begin to determine the size and cost of the transition and how you will manage it (particularly since it will likely require a transition to Apple Silicon, which doesn’t support the ability to run Windows or Windows apps, in the process).
Beyond expanding what products can use declarative management, Apple also extended its functionality, including support for passcode configuration, enterprise accounts, and MDM-governed app installation.
The passcode option is more complex than simply requiring a passcode of a certain type. Passcode compliance is traditionally required for certain security-related configurations, such as sending the corporate Wi-Fi configuration to a device. In the declarative model, those configurations can be sent to the device before a passcode is set. They are sent along with the passcode requirement and include an activation that will only enable it once the user creates a passcode that complies with that policy. Once the user sets a passcode, the device will detect the change and enable the Wi-Fi configuration with multiple connections to the MDM service, enabling Wi-Fi immediately and notifying the service it’s been activated.
Accounts — which can include things such as mail, notes, calendar, and subscribed calendars — function similarly. A declaration can specify all the types of accounts supported within the organization as well as all the subscribed calendars. The device will then determine — based on the user’s account and role(s) within the organization — to activate and enable.
MDM app installation is the most significant addition to declarative management, since app installation is one of the tasks that puts the most load on an MDM and the biggest bottleneck during mass device activations (such as a large onboarding of new employees, new device rollouts, or the first day of school). A declaration can specify all the potential apps to be installed and sent to a device at activation, even before it has been handed to its user. Again, the device will determine which app installation configurations to activate and make available, based on the user. This avoids each device having to repeatedly query the service and download apps and their configurations. It also simplifies and speeds up the process of enabling (or disabling) apps if a user’s role changes.
These are significant improvements and it’s easy to see why they are the first additions to Declarative Management after its initial rollout. There are still MDM capabilities that have not made the leap to declarative use, but it is obvious that eventually – perhaps as soon as next year – they will.
This is one of the most significant WWDC announcements for enterprise and it’s good to see that Apple has been thoughtful in deciding which features to add or update since most of them tackle areas that were difficult, time consuming, resource intensive, or tedious. Apple is not just addressing enterprise customer needs, but demonstrating that it understands those needs.
Google Calendar is a core part of the Android productivity package — but if all you’re using is what you see on the app’s surface, you’re missing out on some pretty powerful possibilities.
Yes, oh yes: Just like so many of our modern digital tools, there’s more to Google Calendar than meets the eye. And while the majority of the service’s advanced options revolve around the Calendar website, the Calendar Android app has its share of handy out-of-sight options that are specific to the mobile experience. From time-saving shortcuts to efficiency-boosting options, they’re all things that have the potential to make your life easier in small but significant ways.
Find time in your agenda to check out these 12 hidden Google Calendar features on Android. Trust me: You’ll be glad you did.
1. The event creation quick-peek
Tell me if you can relate to this: You head into the Calendar app on your phone to create a new event. You open the screen to add the event in — then you suddenly find yourself facing a foggy mental blank.
What else did you have going on that day? Did you need to schedule the event for 2:00 p.m., or would 3:00 be better? When was that podiatrist appointment, again?
I’ve certainly been there (well, not to the podiatrist, specifically, but in the general event brain fog situation). And the Android Calendar app doesn’t do much to help offer any broader calendar context while you’re in the midst of adding in a new event.
Or so it’d seem. After years of using Google Calendar on Android, I just noticed a curiously camouflaged option that’ll change the way you create events on your phone.
See that barely noticeable light-gray line at the top of the Calendar app’s event creation screen? The one that looks vaguely like an arrow pointing downward?
JR
Yup, that’s the one. The next time you’re adding a new event on your phone and you find yourself wondering what else is on your agenda around that same time, tap the line — or, alternatively, swipe downward anywhere within the main event creation area of the screen.
And…
JR
Wouldya look at that?! You can actually minimize that event creation interface down and browse around on your calendar behind it.
And that’s not all…
2. Simple event sliding
After you’ve entered that concealed quick-peek view, remember this: If you decide you need to shift your new event around to another time, you can simply touch and hold the outline on your screen and slide your finger up and down to move it.
Nifty, no? And there’s one more piece to this puzzle yet…
3. An event adjusting gesture
In addition to sliding an event around to move it in the Calendar Android app’s event creation quick-peek interface, you can touch your finger to the dots on the top or bottom of your event’s outline and then slide up or down from there to make the event longer or shorter.
JR
Now if only our actual meetings could be condensed down so easily!
4. Quick monthly calendar view
When you need to glance at a full-month view whilst thumbing through your events, take note of the following invisible Calendar shortcut: You can tap or swipe downward on the app’s top bar — where it says the current month’s name — to bring a monthly view into focus. Tap on the bar a second time (or swipe back up, with your finger starting just beneath that area) to hide it when you’re done.
JR
Who knew?! And speaking of shadowy shortcuts…
5. A handy way to snap to today
Anytime you’re scrolling through your agenda view in the Calendar app and want to jump back to the current day, tap the small calendar icon (the box with a dot it in, directly to the left of your profile picture in the upper-right corner of the screen).
JR
That’ll zip you back to today, no matter how far into the future you’ve traveled.
6. Speedy deleting of events
Here’s an easily overlooked and incredibly handy gesture in the Calendar Android app: From the agenda view, you can swipe any event or reminder toward the right to delete it in a single, swift action.
JR
So long, responsibilities!
7. The Meet omission
Have you ever noticed how Calendar developed an irksome habit of automatically adding Google Meet links into every forkin’ event you create?
That’s fine and dandy if your event actually includes a Meet-based video meeting, but it’s pretty annoying — and potentially confusing — when your event is something that’s in person. Worse yet is when your event is virtual but in a different video meeting service, like Zoom, and then everyone you invite ends up getting both the correct link and a meaningless Meet link for the same event.
Here’s a little secret: You can put a stop to this madness. And all it takes is a handful of quick taps in your Android Calendar app.
Open up Calendar on your phone, tap the three-line menu icon in its upper-left corner, and scroll down to the bottom to select “Settings.”
Tap “General,” then tap “Add video conferencing” and turn the toggles into the off position for every account you’ve got connected.
Now, if you ever want to add a Meet link to an event, you can do so manually whilst creating said event. But by default, those blasted links won’t get auto-added onto every single event for you.
8. Event-sensitive silencing of your phone
This one is technically an Android feature, but it works hand in hand with Calendar and is one of the most practical options out there: the ability for your phone to automatically silence itself anytime an event from your Google Calendar is underway.
All you’ve gotta do is enable it: Head into your phone’s settings and find the Do Not Disturb section (by either looking in the Sound section or simply searching for “Do Not Disturb” in the box at the top of the screen). Tap “Schedules,” bring your pretty little fingie to the line labeled “Event,” and either tap the line itself (not the toggle next to it) or the gear icon alongside it, if you see one.
That’ll pull up a screen that looks something like this:
JR
The first option on the screen, “During events for,” lets you select which of the calendars associated with your device will trigger the phone-silencing behavior. You can leave it set to the default setting of “Any calendar” to have any event on any calendar cause your phone to be silenced, or you can narrow it down to one specific calendar — like your work calendar — and leave the others out.
The second line lets you specify what types of events will cause your phone to be silenced. You can tell the system to silence your phone only if you’ve replied “Yes” to an event, if you’ve replied “Yes” or “Maybe,” or if you’ve replied “Yes” or “Maybe” or haven’t replied at all. (Those choices are for events that other people created and invited you to attend, by the by; any event you create on your own will always count as an automatic “Yes.”)
And finally, the third line lets you decide whether your phone should use its default Do Not Disturb behavior or if you’d rather create your own custom settings for how the phone should behave in this specific circumstance. The custom settings option gives you tons of flexibility for how exactly your phone should act while a Calendar event is underway: You can opt to allow calls or texts from starred contacts to come through, for example, or to let events and reminders alert you even if no other sounds are permitted. You can even customize how different types of notifications appear visually during an appointment.
JR
Not seeing any of this on your device? If you’re using a phone with an older version of Android or one whose manufacturer has fudged around with this part of the operating system, you can set up your own simplified version of the same feature by embracing this IFTTT applet.
9. Quick responses for group events
Just like Android allows you to send a prewritten quick response when you’re rejecting a call, Google Calendar can let you send a speedy note to anyone involved in an upcoming meeting — all with a couple quick taps on your phone.
To configure the feature, open up the Calendar app, tap the three-line menu icon in the upper-left corner, and select “Settings” from the menu that appears.
Next, select “General,” then scroll down until you see “Quick responses.” Tap that — and there, you’ll see four options for prewritten messages you can fire off on the fly while en route to any appointment involving multiple mammals.
JR
Oddly, Calendar doesn’t let you create additional responses, but you can edit any of the default responses to make them say whatever you want. Just tap any one of ’em and then replace it with whatever text your silly ol’ heart desires.
JR
To put your custom quick responses to use, open up any upcoming event that has at least one other person invited. Tap the envelope icon within the “Guests” line, then tap the response you want from the list.
That’ll take you directly to a ready-to-roll email with your message in place and the recipients added in. All that’s left is to hit “Send” — and maybe let out a guffaw in delight, should inspiration strike.
10. Duplicate an existing event
Ever find yourself needing to create a new event that’s remarkably similar to one already on your agenda? The Calendar Android app has an easy way to duplicate an event and then use it as a blueprint for a new one: Just tap the event you want to emulate, tap the three-dot menu icon in its upper-right corner, and select — you guessed it — “Duplicate.”
And that’s it: Your new event will show up with the original event’s info filled in and ready for to be tweaked as needed.
Doesn’t get much easier than that.
11. More useful notification times
Google Calendar’s default notification times for new events aren’t right for everyone. If you find yourself changing the setting for when an event will notify you more often than not (and/or quietly muttering creative curses every time an event notifies you earlier or later than you’d like), do yourself a favor and adjust your Calendar’s default notification times so they work better for you.
Just head back into the Calendar app’s settings section — and this time, find the section for the Google account you want to modify and tap the “Events” line beneath it. That’ll give you a screen on which you can change the default notification times for standard new events as well as all-day events. You can even add multiple notifications, if you want, and change the default color for events on that calendar while you’re at it (ooh, ahh, etc).
JR
If you want to change the default notification time for reminders or for any secondary calendars you’ve created within a particular Google account, just find the appropriate line beneath the account’s header and select that instead of “Events” — then make the same sorts of modifications there.
12. Custom calendar goals
In addition to regular ol’ events and reminders, the Android Calendar app can help you create recurring goals. And despite the cheesy-sounding nature of the feature’s name, it can actually have some genuine value from a productivity perspective.
To check it out, tap the circular plus icon in the Calendar app’s lower-right corner, select “Goal,” and then look through the sections that appear. Most of the categories are pretty goofy — exercising, spending time with family, reading, and other such tasks that I find it hard to believe anyone would actually put onto their calendar and then follow — but the last item in the list is called “Organize my life,” and it’s at the very least worth looking through.
Once you tap that section, Calendar will give you a few suggested goals to schedule. Ignore those and tap “Custom.” The app will then give you a list of things you might actually want to schedule on a regular basis:
JR
You can ignore those, too, though, and type in your own activity — whether it’s processing invoices, planning meetings, or something truly important like deciding what sorts of sandwiches should be ordered for lunch (I recommend pastrami). Once you’ve chosen something or typed in your own custom item, Calendar will ask how often you want to do it, for how long, and at what time of day — and it’ll then find open times in your schedule and work your item in as often as needed.
JR
You can keep track of how often you accomplish your goal over time by telling Calendar whenever you finish it. You can even opt to use something called “smart notifications,” which alert you both before and after your scheduled session so you can “prepare and track progress” (and/or grumble about the annoying nature of “smart notifications”).
It’s nothing revolutionary, by any means — but if you have a regular, recurring task that seems somewhat goal-oriented in nature, it can be an interesting and visually distinctive way to manage it in your calendar.
Bonus: Calendar’s secret codewords
Hardly anyone knows this, but there’s a way to hack the Calendar app’s illustration system and make any of Google’s contextual graphics appear on any event you want.
The trick is simply learning the Calendar app’s secret codewords and then putting ’em to use exactly how you want.
Check out this complete list of Google Calendar codewords, and get ready to give your calendar a whole new customized look.
And with that, your Android calendar experience is officially upgraded. Now all you’ve gotta do is get everything on your agenda accomplished — and that, my dear amigo, is squarely on your shoulders.
Get even more advanced shortcut knowledge with my free Android Shortcut Supercourse. You’ll learn tons of time-saving tricks for your phone!
Two sessions I attended at last week’s Worldwide Developer Conference (WWDC) — the Managed Device Attestation and Secure Endpoint sessions — highlight the company’s commitment to delivering increased capabilities for security tools. While both were naturally oriented more to developers of device management and security solutions than to end users or IT admins, some of the additional capabilities developers will be able to build into enterprise tools are noteworthy.
Managed Device Attestation
Let’s start with Managed Device Attestation, a new capability that helps ensure servers and services (on-premise or in the cloud) only respond to legitimate requests for access to resources.
The use of cloud services and the deployment of mobile devices both grew in tandem (and exponentially) during the past 10 years, which changed the enterprise security ballpark significantly. A decade or so ago, having strong security at the network perimeter coupled with VPN and similar secure remote access tools was the primary way of securing a network — and all enterprise information.
Security today, though, is much more complex. Many resources live outside the corporate network entirely, and that means trust evaluation has to occur across a broad range of local, remote, and cloud services. This typically encompasses multiple providers and each needs to be able to establish that the users and devices connecting to them are legitimate; that goes well beyond simple authentication and authorization.
Today, services rely on user identity, device identity, location, connectivity, date and time, and device management state to determine whether requests for access are valid. Services can use any or all of these criteria, and most — including MDM solutions — can use these criteria when granting or denying access.
Depending on the sensitivity of the data, simple user authentication may be enough for a given security posture or it may be prudent to rely on all of these criteria before granting access, particularly for sensitive or administrative systems.
One of the more powerful criteria is device identity. It ensures that any device accessing your organization’s systems (including MDM services) and resources is both known and trusted. Today, Apple device identity includes the following information: the unique ID of the device in Apple’s MDM protocol, information returned by the MDM Device Information query (which includes things such as serial number, IMEI number, and so forth), and security certificates that have been issued to the device.
In iOS/iPadOS/tvOS 16, Apple is building in additional capabilities to establish device identity: Device Attestation. Basically it’s a way to establish the authenticity of a device using known information about it that can be verified by Apple using the company’s Attestation servers. The information Apple uses to do this include specifics about the Secure Enclave on the device, manufacturing records, and the operating system catalog.
The attestation looks at the device itself, not the OS or apps installed on it. This is important because it means that a device might be compromised, yet Apple would still attest to it being the device it claims to be. As long the Secure Enclave is intact, attestation will proceed. (MDM services, however, can verify the integrity of the OS.)
Attestation can be used in two ways. The first is to verify a device’s identity so an MDM service knows the device is what it claims to be. The second is for secure access to resources within your environment. Implementing this latter use of attestation requires deployment of an ACME (Automatic Certificate Management Environment) server or service in your organization. This offers the strongest proof of device identity and configures client certificates similar to the way SCEP (simple certificate enrollment protocol) does.
When the ACME server receives an attestation, it will issue a certificate allowing access to resources. Proof from attestation certificates assures the device is genuine Apple hardware, and includes the device identity, device properties, and hardware-bound identity keys (related to the device’s Secure Enclave).
Apple notes there are a number of reasons attestation might fail and that some failures — such as network issues or problems with the company’s attestation servers — don’t indicate a malicious issue. Three types of failures, however, do indicate a potential problem that should be remediated or investigated. These include modified device hardware, unrecognized or modified software, or situations where the device is not a genuine Apple device.
Device Attestation offers unparalleled device identity verification. Even if you aren’t interested in setting up ACME services throughout your environment, enabling attestation for your MDM solution is an easy and obvious choice. Exactly how it will function, though, will depend on how various MDM vendors implement the functionality. It’s also possible that some vendors will build ACME services into their MDM offerings, making it easy to take full advantage of this new capability.
Secure Endpoint
The second WWDC session involved Secure Endpoint. It introduced new functionality for Apple’s Secure Endpoint API and was intended for developers of various types of Mac security tools. Apple is enabling developers to implement new types of events, including authentication, login/logout, and XProtect/Gatekeeper events.
Authentication events that are now accessible to the Secure Endpoint API include password authentication, Touch ID, the issuing of cryptographic tokens, and Auto Unlock using an Apple Watch. Developers can use these to look for patterns of suspicious access attempts (successful or not) and deal with them in a variety of ways, from simple alerts to further actions.
Developers will now be able to use the Secure Endpoint API to examine login/logout of various types, including from the login window (logging in directly to the Mac using the keyboard), login via screen sharing, SSH connection, and command line login. Again, the value here is the ability to look for and flag suspicious login activity or attempts.
XProtect/Gatekeeper will enable developers to use the Secure Endpoint API to access information when malicious software is detected, as well as when it has been remediated — either automatically or via IT personnel.
Some of this functionality was previously available to developers using the OpenBSM audit trail, which was deprecated beginning in macOS Big Sur. Although still available, it will be removed in a future macOS release.
While both of the sessions were aimed at developers rather than front-line IT personnel, they highlight the new technologies Apple is offering to enterprise and security vendors. And they underscore Apple’s understanding of the changing enterprise security landscape and its commitment to giving enterprises the tools they need to bolster security.
Apple remains focused on the needs of enterprise IT. With this in mind, it made several interesting changes at WWDC 2022. Here’s a rundown of the improvements Apple announced we’ve identified so far.
Apple announced a raft of developer technologies
Apple ushered in a range of enterprise-focused improvements during the developer sessions held at the event.
Declarative Device Management
Introduced in 2021, declarative device management works to make devices more autonomous and proactive, while allowing servers to be lightweight and reactive. It is now also available for Macs.
Managed deviceattestation
A new security feature that uses the Secure Enclave to provide strong assurances about a client device, such as its identity and software version.
Apple Configurator
Apple Configurator for iPhone was introduced in 2021. It lets admins add Macs purchased outside of the normal channel to their organization using Apple School Manager (ASM) or Apple Business Manager (ABM). When running Setup Assistant on the Mac, admins just need to hold an iPhone running Configurator over the animation. The Mac will then connect to the internet and add itself to your organization. At WWDC 2022, Apple extended Configurator for iPhone so that it can now also add iPhones and iPads.
Google Workspace
In keeping with the move toward password-less access, Apple wants to build systems tough enough that users only need to sign in once and then for that identity to be held across everything else. With that goal in mind, the company confirmed that for Federated Authentication, Apple Business Manager now integrates with Google Workspace as an Identity Provider.
Sign in with Apple
The company said this feature can now be be used at work and school with Managed Apple IDs. There are additional security features baked in, so admins can allow all apps or selected apps to use the sign in tool.
OAuth2 support
This is quite an important change. Apple used a token-based authorization system in iOS/iPad OS 15 to allow MDM servers to verify user identity. This changes in iOS/iPad OS 16 with the addition of support for OAuth 2 as another authorization mechanism. This means MDM servers will be able to support additional identity provision systems providers also improves security, and adds another new feature that is described below.
Enrollment Single Sign-on, or Enrollment SSO
This is a faster system that enables employees to enroll their personal devices into your organization’s MDM system. The system requires users to enter their email address to download an enrollment single-sign-on app. The user then signs in once and the app handles the rest of the process. The system does require IT and MDM vendors to take certain steps before it is supported, including MDM server configuration to ensure the correct JSON document is shared.
Platform Single Sign-On (Platform SSO)
macOS Ventura gains this new feature, which lets users sign in once on login to automatically sign into apps and websites. The feature, which uses a range of technologies — including third-party SSO extensions, its own Kerberos extension, FileVault, OAuth, OpenID and so on — means you may never need to remember another website password, or go through the process of entering it, again, at no compromise to your security.
Automated device enrollment
Apple made an important change to automated device enrollment, one that I imagine will make it much harder to setup a lost or stolen managed device for sale. The company says ASM/ABM-registered Macs must have an internet connection to be setup once erased or restored.
Accessory protection
To protect against close-access attacks, a new MDM setting lets administrators require a user password before using new Thunderbolt or USB accessories with M-series Apple notebooks.
Web content filtering
Admins will be able to apply Web content filters and DNS proxies on managed iPhones and iPads running iOS 16 and iPadOS 16.
Making it easier to swap eSIMs
You will be able to transfer eSims between iPhones using Bluetooth. To do so, just move your older iPhone close to your new one and follow the Set Up Cellular command dialog. Apple also put protections in place to ensure users don’t accidentally delete their existing eSIM, as doing so requires a new one be provisioned.
Shared iPad improvement
This slight improvement may make a big difference. A new command lets admins autosuggest the domain name of your company when a user begins to enter a Managed Apple ID. This is going to save a lot of time for shared iPads, particularly when handling complex URLs, as it means spelling becomes less of a problem.
Accessibility in iOS and iPadOS 16
Apple has added tools to let MDM systems manage popular accessibility settings including Text Size, VoiceOver, Zoom, Touch Accommodations, Bold Text, Reduce Motion, Increase Contrast, and Reduce Transparency. Users can modify these settings, but it does means devices can be made more accessible from the start.
Apple also made some keynote announcements
Apple also made several announcements that should benefit enterprise and business users during its WWDC keynote:
Continuity Camera
This lets you use your iPhone as a webcam and adds a Desktop view to let you share video from above your keyboard.
Mail and messages improvements
The welcome (and long-awaited) introduction of improvements to Mail search will help everyone. Scheduled emails, the capacity to delete sent emails and the ability to set reminders to return to unactioned emails will all make a big difference to workflow. This is Apple playing catch-up, as features like these have been available to other email platforms using tools such as Boomerang.
Metal 3
Some interesting enhancements within Metal 3 include the capacity to create more photo realistic environments and to take further advantage of graphics memory to drive applications.
Spotlight search
This means you can get valuable web results at a platform level. This doesn’t completely replace traditional search engines, but it’s a desideratum of what’s to come.
Live text
The ability to pull text (in actionable format) out of images and video will make a huge difference to users and opens interesting possibilities for developers, particularly at businesses working with international audiences.
Rapid Security Response
Rapid Security Response will make a solid difference to hybrid and remote enterprises as it means Apple can directly install security updates into Macs, iPhones, and iPads. This should help accelerate installation of software updates across businesses that until now relied on employee discretion around updating. It also means MDM systems don’t need to wait on full updates.
Passkeys
These are important, as they usher in a completely passcode-free future. The move should vastly reduce business and personal vulnerability to phishing.
Have you come across additional enterprise enhancements announced at WWDC? Please drop me a line and let me know.
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.
I spoke with Jamf CIO Linh Lam on a recent UK visit to mark the company’s 20th anniversary. The 2020 Bay Area CIO of the Year Finalist joined Jamf in 2021 – and thinks Apple will be the top enterprise endpoint by 2030 as its current momentum accelerates.
The changing landscape of enterprise IT
“The way the demand is growing and the expectations of younger generations joining the workforce, Apple devices will be the number one endpoint by 2030,” she told me.
That’s not an outlier analysis. Spurred by Apple’s move to adopt its own rapidly improving silicon, Gartner analyst Mikako Kitagawa recently predicted Apple will seize 10.7% of the PC market in 2026 as Windows share slips. In the enterprise, where Apple adoption has been particularly rapid, BYOD, the impact of mobility, and the renaissance of flexible and hybrid working are accelerating the trend.
Managing this fast-changing technology and cultural landscape has forced CIOs to focus on fresh challenges. For example, when during the pandemic employees brought work home with them, they brought their technology home, too.
“It blended with their home technology,” said Lam. But it wasn’t just the worker’s tech, or their domestic tech. “I have two children at home doing third and first grade for nearly two years together and they bought their own tech home as well,” Lam said.
While providing the tech was the first challenge, CIOs soon saw the security threat implicit in distributed endpoints outside of traditional permiter controls. “So, as all of these devices are connecting into our network, how do we make sure that they are not introducing more risks?” Lim said.
Security – balancing protection with productivity
CIOs must strike a good balance between elegant user experiences and security, but in doing so must also understand that: “If employees feel like it’s overly cumbersome or bogs them down or, or even worse, if they start to feel like, ‘Wow, this seems a little bit Big Brother, are they accessing my personal data on my device?’ What happens then is employees stop using your solution, you lose productivity and security.”
You also end up with workers using unauthorized solutions to get things done.
There are lots of security tools out there, different tools that do different things. The challenge comes when you try to bring them together.
“Some of them have varying levels of support for different OSes, so to push out policies, you need to push them out across different tools to make that one end user experience work, and it might be very inconsistent.”
Lim argues that creating seamless experiences to empower employees without undermining the user experience or device performance is essential. “That’s where you’re going to succeed on that employee experience place,” she said.
“Technology should enable them to do their jobs, not make their work harder for them,” she said.
Eric von Hippel, professor at MIT’s Sloan School of Management, calls this “user innovation,” and believes there is big value to be unleashed when businesses work with employees to identify and resolve the challenges workers have, rather than forcing solutions they don’t need upon them.
“We’re all engineers at the end of the day in the field of IT. We’re building things,” says Lim. “That’s what gets us excited. But it’s even more exciting to see it being used. So, if you’re rolling out solutions, or putting security tools on devices that make them harder to use, or make your employee’s or student’s lives harder, they’re not going to use them or will find a way to get around them. That would be the worst-case scenario, because if they start doing that, then you lose visibility and control and security around those connections.”
Remote work is a huge opportunity
Ultimately, employee experiences are critical.
Lam is based in California, and notes that one positive outcome from the pandemic has been a willingness to embrace remote work. She might otherwise never have been hired at Jamf, for example.
“Our employees can work from anywhere. employees do have choices now, right. So, if you make it so hard for them, when you become known as the company that, ‘Oh, man, all their devices are locked down — you can barely get your work done, you know, on the devices.’ People have choices and they may look elsewhere.
[Also read: How Apple improved enterprise deployments at WWDC]
“I feel that, you know, it’s just that muscle of reminding yourself, that experience also needs to be there because — well, look at what’s happening — the Great Resignation, for example.”
The ability to work remotely makes it possible to build teams from a diversity of backgrounds. Employee diversity is another key tenet being rapidly embraced across enterprises, not just in line with corporate social responsibility, but also because diversity brings teams additional insight and knowledge that can help businesses succeed, even in a down period. McKinsey says there is a relationship between diversity and business success, in that the more diverse teams are more likely to experience financial outperformance.
The complexity will be rationalized
“I came from a world in which I had to support Windows devices and Macs,” said Lam. “My breakdown was around 40% Macs and the rest Windows. I was doing zero touch deployment with Autopilot and Intune for the Windows devices. There was no chance I was going to accomplish that for the Macs, and we leveraged Jamf for it. And I will tell you the experience of doing it for the Mac devices on Jamf was near flawless from like inception to deployment to getting it out. It was a little bit of a bear on the other side, right?
“As soon as a new OS shipped, everything broke because users would update and then call my help desk because apps stopped working and this happened each time an update shipped. But telling people not to update when the software ships is a terrible experience.”
Jamf, of course, provides same-day support for Apple software updates, and Lam and her team use the same technology to maintain their devices. “I know that all of our devices and their apps will continue to work seamlessly when updates ship.”
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.
In the run up to last week’s Apple’s Worldwide Developer Conference (WWDC), a concerning problem hit people trying to order new Macs. For some configurations, customers were told they would have to wait until August to get their new machines. Granted, many of these delays involve systems with added memory or storage. But you can’t upgrade many Macs after you buy them, so – for some – this problem is not trivial.
How bad is the problem? Apple’s 14- and 16-in. MacBook Pro laptops, which have been on sale since last fall, are weeks out from delivery. If you order now, you’ll have to wait until at least July 28, and maybe well into August, before the new hardware arrives. Even worse: the base 24-in. iMac, if ordered now, won’t be in hand for “nine to 10 weeks,” according to Apple’s online store. (Higher-end iMacs are available right away, however.)
Many of the delay reports have come from annoyed consumers. But the on-going backlog has had an outsized impact on education and enterprise customers.
I’ll focus first on how the supply chain problems have affected the education market, because that’s who was the most inconvenienced.
Delays hit education hardest
As anyone who’s worked in education – either K-12 or higher ed – knows, summer break is the only opportunity in the year to replace, refresh, or retire your fleet of computers and tablets. For this reason, the device lifecycle in schools is almost completely built around summer break.
If these delays mean a school can’t buy enough Macs to update its fleet this summer, that school won’t have another opportunity for a full year. Schools don’t have other breaks of much longer than a week in any year — and a week is not a realistic timeframe for doing lifecycle management or upgrades.
Colleges and universities, theoretically, could weather these delays a bit better. The winter break between semesters is often several weeks long. IT teams often use that break to manage big projects such as upgrading technologies, archiving student work, and offering training to faculty and staff. While it’s not ideal to attempt major lifecycle management tasks during that short break it is, at least, possible. I have never done a device lifecycle update during that short break between semesters but, in my days in higher ed, I did manage a complete system refresh across several Mac-specific labs.
Enterprise and small business customers are probably less affected by these delays. Typically, a non-education business can do a full or staged lifecycle update at any point during the year since they don’t have any lengthy breaks in their business operations. But the upcoming release of macOS Ventura, which will drop support for a wide range of Macs as part of Apple’s effort to shift customers to Apple Silicon, changes that calculus somewhat, particularly for companies that are largely or completely Mac based.
What happened at Apple?
One major factor behind the delays of new Macs is the supply chain slowdown thathas affected companies across many industries. However, with Apple unveiling new M2-based MacBooks at WWDC — they won’t be available until July — it may be that Apple is allowing some of its products to become constrained in order to encourage people to purchase these upcoming models.
(I have certainly suspected them of this sort of strategy before.)
It’s also important to note that shoppers are not experiencing these delays through many of Apple’s resellers. Some Apple sales partners, including Amazon, have Macs available without long delays. Most enterprise and education customers, however, tend to order directly from Apple because that ensures they will easily be able to add their new Macs to Apple School Manager or Apple Business Manager and enable zero-touch deployments.
Some of Apple’s channel resellers can add your purchases to Apple School Manager and Apple Business Manager, but it can be challenging to figure out which resellers can do it. This might mean, too, that you have to work with a vendor you have no previous relationship with or one that doesn’t offer the discount you need. Schools and government agencies often get discounts when they shop with certain vendors, and some of these groups are required to use specific vendors whenever they do technology procurement.
Buying from unsupported vendors
To maneuver through the current delays, you may find yourself shopping around. It is simpler and more expedient to buy direct from Apple – or a vendor supported by Apple – but it is possible to purchase from other companies. This will likely add some steps to the process and probably won’t allow for zero-touch deployment. But, if you are in a crunch, it’s worth considering.
If you attempt it, you will need to use Apple Configurator to configure the new Macs and join them to Apple School Manager or Apple Business Manager. This requires booting each Mac and using the Apple Configurator for iPhone app that Apple released last year to make the connection. That process isn’t difficult. In fact, it’s similar to setting up an Apple Watch. You point the iPhone’s camera at an animation that appears in the Mac’s setup screen to start the process. It could be time consuming, though, if you are adding a large number of Macs.
What should you do?
Given the current delays, you have a few decisions to make to navigate it. The first question to ask yourself is if you need that custom Mac configuration, especially if the standard option is available. And, if the standard option is delayed, can you substitute a different model that is available now?
The next question, if you do need that custom-configured system, is can you delay the purchase?
If neither of these are possible, your next step would be to see if you can purchase from a channel partner that enables automatic connection to Apple School Manager or Apple Business Manager.
If that isn’t an option, you’re left with the question of sourcing from a different vendor and manually adding the new Macs. This will take more time and resources, so you’ll need to plan for that, too.
Ultimately the issue comes down to how important this purchase is to your organization. None of these options, or the tradeoffs you will be forced to make, are likely to be ideal for your situation. So, consider this: Maybe there are advantages to delaying your purchase completely. If you wait, you might be able to purchase newer and more powerful powered machines than the custom upgrade that Apple is delaying.
Let me just go on the record as saying: The Google Calendar website is fine.
And fine really is the most appropriate word here. Google’s default desktop Calendar interface is perfectly functional, and it gets the job done.
It’s good enough, in fact — until you experience a truly exceptional Chrome OS calendar alternative and realize how much more efficient, effective, and generally enjoyable your Chromebook-based agenda juggling could be.
I’ve been raving endlessly about my favorite Google-connecting desktop calendar app of the moment, the recently-acquired Cron, and lemme tell ya: Phenomenal doesn’t even begin to describe it.
Cron, though, is currently available only for Windows and Mac systems — which leaves those of us on the Chrome OS side of the river high and dry. (I move between a Windows system and a couple of Chromebooks, so I’ve got my feet in my both of these murky and suspiciously steamy bodies of virtual water.)
But hang on, my fellow damp Chromebook dwellers: I’ve found a suitable and similarly exceptional standalone calendar app that works swimmingly well in the Chrome OS environment. And if you’ve been paying attention here for long, it’s an app that may feel surprisingly familiar.
Your new Chromebook calendar companion
I won’t keep you waiting: The app of which we speak is an Android-centric calendar tool called Business Calendar 2. It integrates directly with Google Calendar, so all you have to do is install it and grant it the one calendar permission, and you’ll be up and running in seconds flat.
Business Calendar 2 is the app I actively recommend in my best Android calendar apps collection as the top all-around choice for a fully featured, customization-friendly calendar upgrade on Android. And as of a recent update, its experience on the Chromebook front is every bit as delightful.
JR
Specifically, the app’s developer introduced some large-screen-aimed enhancements that allow the app to adapt its interface intelligently to any display size and look especially spiffy in a desktop-sized form. Along with a bunch of new built-in keyboard shortcuts, that makes for a next-level calendar experience that feels custom-made for computer use.
But all size-specific interface niceties aside, Business Calendar shines because of the oodles of useful extras it adds into your agenda management equation.
For instance, when you’re looking at your month view and want to zoom into a specific series of days, you can simply click or tap and drag across whatever days you want — and Business Calendar will instantly create an on-the-fly custom-zoomed view for you.
JR
The app is filled with scads of other similarly efficiency-enhancing gestures, all of which work equally well with your finger or a mouse. Some standout examples:
In that multiple-day view as well as the standard week view, you can slide a snazzy little slider to zoom in or out and see more or less info on the screen without having to scroll. (Look toward the bottom of the previous screenshot, and you’ll see what I’m talking about!)
Also in that week view, you can extend any event’s duration by simply clicking or tapping on it once and then dragging up or down.
JR
In the agenda view, you can right-click to select multiple events and then move, delete, or otherwise modify ’em all together at the same time — such an improvement over the multiple steps required to do something similar on the standard Google Calendar website.
JR
And — maybe my favorite feature of all — within the standard event creation screen, you can fill in any number of fields and then save that specific setup as a template for future use. You can either make it available as a quick auto-fill or even as the default info that gets filled into every new event as a starting point.
JR
And get this: Even if you don’t take the time to set up templates, Business Calendar will offer up auto-fill suggestions based on your past calendar activity every time you create a new event — with the suggestions even getting synced across multiple devices (both Android and Chrome OS) where you’ve got the app installed.
JR
Speaking of the event creation interface, the way Business Calendar puts your current calendar right alongside the new event form and lets you see and even interact with your existing agenda whilst adding in something new is an almost painfully logical touch — don’tcha think?
Business Calendar has tons of other time-saving extras, including the ability to create preset groups of different individual calendars and then being able to bring those in and out of view with a single click or tap on the app’s favorites bar at the bottom of the screen (or on the right side, if your Chromebook has a smaller display space) — not to mention the option to create a custom floating action button that gives you fast access to whatever calendar-related functions you use most often.
Its notifications are richer and more productive than what you’ll get from the Google Calendar website, too — with built-in options for snoozing alerts at any increment your foggy ol’ noggin desires — and you can customize practically every facet of the app’s appearance on your Chromebook, ranging from the theme and colors to the font size and presence or absence of almost every individual element imaginable.
JR
I’m tellin’ ya: This. Thing. Is. Fantastic. And now, it’s every bit as good on a Chromebook as it is on an Android phone.
Business Calendar 2 is free to use in its base form with an optional $7 upgrade that eliminates ads and unlocks certain advanced features (including that aforementioned template system). And if you pay for that upgrade once, it’ll apply both on your Chromebook and on any Android devices where you have the app installed.
If you spend as much time staring at your agenda as I do, that’ll be seven bucks well spent. But even if you stick with the app’s free setup, you’ll be blown away by just how awesome of an upgrade it brings into your life.
Happy calendaring!
Want even more Googley knowledge? Sign up for my weekly newsletter to get next-level tips and insight delivered directly to your inbox every Friday.
Today, at long last, Microsoft is officially ending support for Internet Explorer. Goodbye and good riddance to the most annoying web browser of them all.
Let’s review:
Back in 1993 when I wrote the first story about this newfangled thing called the WEB, I knew it would be big. That’s more than Bill Gates thought about it at the time. At the 1994 Comdex, Gates said, “I see little commercial potential for the Internet for the next 10 years.”
Whoops.
Oh well, he got it right eventually. But neither he nor Microsoft was the first to release a web browser. Far from it!
The first popular graphical web browser came from the National Center for Supercomputing Applications (NCSA) at the University of Illinois at Urbana-Champaign. It was called Mosaic. It was created by Marc Andreessen and Eric Bina, but while it’s the one everyone remembers, it wasn’t the first graphical web browser. That honor goes to ViolaWWW, a Unix browser, while Cello was the first Windows graphical web browser.
Mosaic, however, was the first browser to enable you to see images within pages. That was a game-changer. Earlier browsers could only show images as separate files. It was no contest: Mosaic won the first and earliest browser war.
A day late and a dollar short
By 1995, Gates had realized that Microsoft needed something to offer all the users who desperately wanted a web browser. In May 1995, Gates started saying things like, “The Internet is the most important single development to come along since the IBM PC was introduced in 1981” and comparing it to a tidal wave.
A tidal wave or not, Microsoft still wasn’t ready. Its quick-fix answer was to adopt Spyglass, a commercial version of the successful Mosaic web browser. This was the foundation of Internet Explorer (IE) 1, which debuted in August 1995, as part of Microsoft Plus for Windows 95, a Windows software add-on package.
IE 1 was a flop. It also created bad blood with Spyglass, which had been promised a percentage of Microsoft’s profits from IE. But Microsoft began bundling IE with Windows — and therefore had no profits. Microsoft would eventually settle with Spyglass for $8 million in 1997.
This Spyglass/Mosaic codebase would remain part of IE until IE7 was released. The “About” window on IE1 to IE6 contained the text “Distributed under a licensing agreement with Spyglass, Inc.” There are claims that Microsoft innovated with IE. It didn’t.
At the same time, Andreessen took the Mosaic code and turned it into the first widely successful web browser, Netscape. Andreessen boasted that Netscape would “reduce Windows to a set of poorly debugged device drivers.”
Netscape in its sights
Microsoft took the threat seriously. Netscape CEO James Barksdale would later testify that in a June 1995 meeting, Microsoft proposed that the two companies split the browser market, with Internet Explorer being the only Windows browser. If Netscape didn’t comply, Microsoft would crush it.
“I had never been in a meeting in my 33-year business career in which a competitor had so blatantly implied that we should either stop competing with it or the competitor would kill us,” Barksdale said during the Department of Justice’s 2001 antitrust trial against Microsoft.
Despite that warning, Netscape continued to lead the technology revolution. Netscape Communicator was where the real innovation happened. JavaScript, for example, is arguably the most popular programming language globally, and JavaScript was a Netscape creation. But, Microsoft, in all fairness, had its moments too. For example, IE 3.0 was the first browser to adopt Cascading Style Sheets (CSS) in 1996.
But the real reason we’re saying goodbye to IE only today, long after Netscape became history, is that Microsoft exploited its illegal PC/Windows monopoly to block Netscape from computers. Microsoft strong-armed PC vendors into putting the new operating system and its browser on all their PCs. The goal was not so much to kill off other PC operating system vendors; there wasn’t any real OS competition in the mid-‘90s. The goal was to destroy Netscape.
The courts agreed. The DoJ won in its lawsuit against Microsoft because the company’s PC monopoly made it impossible for Netscape to compete with IE. Unfortunately, the government gave Microsoft a slap on the wrist rather than breaking it up into separate companies or open-sourcing its code. And Netscape died, just as Microsoft had threatened back in 1995.
So it was that many of you grew up with IE as the browser you knew and loved. You didn’t know any better.
Not with a bang but a whimper
Microsoft stopped innovating with IE, particularly after it released IE6 with Windows XP in 2001. Why bother? Users weren’t going anywhere. They had no real alternatives. By the mid-2000s, IE’s market share was consistently over 90%.
But eventually, Firefox, starting from Netscape’s old code, became a viable alternative around 2005. IE’s real end began, though, when Google decided to make a modern, fast, and efficient web browser, Chrome, in 2008.
Microsoft never caught up. Today, Microsoft’s modern browser, Edge, is based on Chromium, Chrome’s open-source code base. Indeed, except for Firefox, all current major Windows web browsers are built on Chromium’s foundation. Edge offers a feature called IE mode, which uses the Chromium engine for modern websites and the Trident MSHTML engine from IE11 for legacy sites built to work with Internet Explorer.
IE itself? It’s been left to die of neglect. Despite that, people are still using IE today, God help them! The US federal government’s Digital Analytics Program (DAP) shows an average of 300,000 IE site visits to government sites over the past 7 days.
Although support for IE11 on Windows 10 ends on June 15th, Microsoft isn’t just killing it outright. No, the IE11 desktop client on Windows 8.1 and Windows 7 (and even Windows 10 Enterprise, version 20H2), with extended security updates, will stagger on.
In addition, IE mode in Microsoft Edge will still be supported until at least 2029. So, yes, those miserable IE-only websites and apps are still going to be working for years to come. That means you don’t want to uninstall IE yourself. Edge will still be using that functionality when it runs into an antique website. Microsoft has also said that IE desktop applications will be progressively redirected to Microsoft Edge for now.
When will IE actually be buried? We don’t know. Microsoft isn’t saying. Someday, though, you’ll get a Windows Update that wipes out IE once and for all.
TALLAHASSEE, Fla. -- The coronavirus pandemic has become politically fraught for Florida Gov. Ron DeSantis, as evidenced by a polished two-minute video released on social media this week that had t…