2025
- 1-courier.push.apple.com - Apple Push Notification Service
- 1-courier.sandbox.push.apple.com - Apple Push Notification Service
- api.apple-cloudkit.com - CloudKit, Apple's backend service for developers to store and sync app data
- api.apple-cloudkit.fe2.apple-dns.net - DNS/gateway services for Apple's infrastructure
- app-site-association.cdn-apple.com - Used for Universal Links
- apple-relay.cloudflare.com
- apple.com - Core Apple websites
- bag.itunes.apple.com - iTunes/App Store purchase container
- configuration.apple.com - for fetching various system configurations, including location services
- configuration.ls.apple.com - for fetching various system configurations, including location services
- cts.cdn-apple.com - CDN for network content
- entitlements.itunes.apple.com - Checks your entitlements for apps and content
- fbs.smoot.apple.com - for crash reports, analytics, or user feedback.
- fpinit.itunes.apple.com - Initialization for iTunes/App Store services
- gateway.fe2.apple-dns.net - DNS/gateway services for Apple's infrastructure
- gdmf.apple.com - Device Management Framework
- gsa.apple.com - Apple ID (IDMS) and Game Center Services (GSAS)
- gsa.idms-apple.com.akadns.net - Apple ID (IDMS) and Game Center Services (GSAS)
- gsas.apple.com - Apple ID (IDMS) and Game Center Services (GSAS)
- gsas.idms-apple.com.akadns.net - Apple ID (IDMS) and Game Center Services (GSAS)
- gspe1-ssl.ls.apple.com - related to Location Services (LS) and certificate validation (SSL)
- gspe35-ssl.ls.apple.com - related to Location Services (LS) and certificate validation (SSL)
- iadsdk.apple.com - Apple's iAd advertising network SDK
- init-p01md.apple.com
- init.ess.apple.com - Apple's Entitlement Services
- init.itunes.apple.com - Initialization for iTunes/App Store services
- kt-prod.ess.apple.com - Apple's Entitlement Services
- lcdn-registration.apple.com - related to Software Update and (CDN) registration
- musicstatus.itunes.apple.com - For checking the status of Apple Music or iTunes Match
- ocsp2.apple.com - Online Certificate Status Protocol
- p44-buy-lb.itunes-apple.com.akadns.net - related to the iTunes Store and App Store purchase
- p44-buy.itunes.apple.com - related to the iTunes Store and App Store purchase
- pancake.apple.com - telemetry
- pd.itunes.apple.com - related to the iTunes Store and App Store purchase
- proxy.safeBrowse.apple - for Apple's Safari Fraudulent Website Warning (Safe Browse)
- sandbox.itunes-apple.com.akadns.net - used by developers for testing in-app purchases
- sandbox.itunes.apple.com - used by developers for testing in-app purchases
- sas-uw2-pcms.apple.com - related to purchase or content management systems within Apple's retail or media ecosystem.
- sas.pcms.apple.com - related to purchase or content management systems within Apple's retail or media ecosystem.
- setup.fe2.apple-dns.net - DNS/gateway services for Apple's infrastructure
- st11p01su-lcdnreg.isu.apple.com.akadns.net - related to Software Update and (CDN) registration
- suconfig.apple.com - related to Software Update and (CDN) registration
- swallow-apple-com.v.aaplimg.com - related to content delivery or image services
- swallow.apple.com - related to content delivery or image services
- testflight.apple.com - for TestFlight, Apple's platform for beta testing apps
- time.apple.com - Network Time Protocol
- token.safeBrowse.apple - for Apple's Safari Fraudulent Website Warning (Safe Browse)
- us-ne-courier-4.push-apple.com.akadns.net - Apple Push Notification Service
- us-sandbox-courier-4.push-apple.com.akadns.net - Apple Push Notification Service
- use1-wps-prod.apple.com
- weatherkit.apple.com
- wps.apple.com
- www.apple.com - Core Apple websites
- xp.apple.com - telemetry
- gateway.icloud.com
- p177-content.icloud.com
- edge-062.usatl5.icloud-content.com
- p104-content.icloud.com
- setup.icloud.com
- p150-content.icloud.com
- p176-content.icloud.com
- p101-content.icloud.com
- mask-api.icloud.com
- apple.news
- apple.tv
- podcasts.apple.com
- siri.apple.com
- caldav.icloud.com
- contacts.icloud.com
- mask.apple-dns.net
- mask-api.icloud.com
- doh.dns.apple.com.v.aaplimg.com
- doh.dns.apple.com
- apple-relay.cloudflare.com
- mask-canary.icloud.com
- mask-h2.icloud.com
- mask.icloud.com
- p120-caldav.icloud.com
Five Recent Finds at MacMenuBar
MacMenuBar.com is the best place on the Internet to find apps with that particular interface. Its recently added section is always worth checking out for new free, freemium and paid apps. Here are five recently added apps that are worth checking out.
Always on Top
Always on Top lets
you choose any window on your Mac to pin above all other windows. It's
got a nice menu-driven interface and is a nice addition to your
multi-tasking routine. (Free)
Signal Shifter
Signal Shifter
gives you a convenient location to control the inputs, outputs,
Bluetooth devices and volume control right from your Menu Bar.
(Free)
QuickGif
QuickGif provides a searchable Gif menu for use in any app. Drop GIFs into Slack, iMessage, Discord, and more. Save your favorites. (freemuim)
AppLockr
Applockr allows you to password protect any app on your Mac to prevent it being opened by anyone who should not access it. it's better suited for apps like Apple Notes that have an internal database rather than apps that create separately accessible documents. You should also lock Terminal and Activity Monitor to prevent unauthorized users from using those apps to force quit AppLockr itself. (one time payment)
Calendr
Calendr provides quick calendar access from your menu bar, complete with reminders. it has 1600 stars on Github, so plenty of people find it useful.
The View from Mt. Greylock
My Greylock is the tallest mountain in Massachusetts, coming in at 3491 feet. There is a restaurant at the top and a kind stranger had given us money to buy a meal there, but alas, it was closed when we arrived. No worries thoguh, we just hiked to the next town and ate there instead.
My Mac Contacted 63 Different Apple Owned Domains in One Hour - While Not is Use
During a one hour period today, my computer contacted 63 different Apple domains while i was not logged on and using it.
I have been trying to minimize to the extent possible the reach of big
tech into my life. A full 25% of the DNS queries from one of my
computers (M2 MBA with macOS 15.4) are to Apple owned domains - even
though my DNS provider (NextDNS) blocks Apple's native telemetry.
Additionally, since I do not use Apple for my mail, contacts, calendars,
podcasts or news, I already have the routes to those Apple services
blacklisted.
Interestingly, my 2019 Intel MBP with the same DNS settings has
less than 3% of it's DNS queries hitting Apple domains.
Here are the domains Apple contacted during one 60-Minute Period When I Was Not Using My Computer
One Hour - 63 Apple Domains
Apple Domains I Already Block
Hiking the Berkshires
Western Massachusetts is a pretty place. The Berkshires aren’t too daunting but they have their moments. I’d been brainwashed as a southerner to thinnk that the Northeast US was a big urban jungle. It isn’t. New England is one of the prettiest places I’ve ever been. #hiking #Appalachian. Trail
A Photo Management Workflow Without Big Tech
One of the things that make the tools of Big Tech so seductive to
use are their rich feature sets. Photo management apps from Google,
Amazon, and Apple require little more than flipping a toggle switch to
begin uploading photographs from your phone. Each company provides you a
ready-made website with the ability to create albums, share photographs,
and do basic editing. All you have to do is to give them your data, your
privacy, and I suspect your soul.
This year I opted to remove all of my personal photographs from the servers of the big tech companies and to manage them on a self-hosted server in my home. My challenge was to automate the process as much as possible for both me and my wife and to get the same benefits: iOS access, backup and sharing.
The canonical location of our photos is located on the hard drive of an always on Mac which has multiple backups including Time Machine, two different European based cloud storage companies (Koofr and kDrive)and multiple external hard drives. The iOS app of my cloud service, kDrive by Infomaniak automatically uploads all images added to the phones library to their server and those are synced to to the Mac in our home. I created an Apple shortcut that runs once a day when triggered by a Keyboard Maestro macro that copies all of the photos added in the past 24 hours from the upload location to the canonical photo location. Then Hazel moves those photos to a folder corresponding to the current year and month. During this process, images are converted from HEIC to JPG.
I use the powerful and full featured open-source photo management app, Digikam, to rename and tag my photos and to make any adjustments to the geolocation. Digikam also does editing and duplicate detection. I have Syncthing running on the Mac to two other computers. One is my server which uses Unraid. The other computer is a 16-year-old iMac with Xubuntu, a good distro for old hardware, that serves as a 24 inch digital picture frame to rotate our photo collection in a never ending loop. On my server, the synced photo library is used by the photo management application, Immich. I have Immich connected to the Internet through a secure Cloudflare tunnel. It allows us to view our photo collection on the Immich iOS app and to create shareable albums with our friends and family.
Hopefully, if you are interested in removing your photos from the clutches of big tech, this will give you some ideas on how to use some of the software I've reviewed to create your own solution. Feel free to hit me up with questions.
Crucial Track for June 10, 2025
"Baba O'Riley" by The Who
I was a farm kid in the 70s and 80s. When I hear Pete Townshend's guitar play those unmistakable chords and Roger Daltry's voice sing this song, I've felt like I could take on the world. The Who and the Kinks were the more intellectual bands of the British invasion with more and better imagery than some of the pop stuff from the lads from Liverpool and their dirty London Cousins.
*"Out here in the fields, I fight for my meals I get my back into my living I don't need to fight to prove I'm right I don't need to be forgiven
Don't cry, don't raise your eye It's only teenage wasteland"
Ice Gulch
This is Ice Gulch, located on the Appalachian Trail just north of Great Barrington, MA. It’s a mile long and a hundred feet deep. It’s on a stretch of the trail that makes for a good day hike if you are ever in the area.
State Line
That brook is the state line for Connecticut and Massachusetts on the Appalachian Trail. There was supposed to be a bridge there, but oh well. If there is one thing I leaned on that hike, it was how to be resilient.
Runner's High
Wonder Woman gliding through a mountain meadow on a warm June morning. She makes it look easy. #ultrarunning
Crucial Track for June 3, 2025
"Jackson (with June Carter Cash)" by Johnny Cash with June Carter Cash
What song would you use to describe your current relationship? Jackson by Johnny Cashand June Carter Cash - Before I met my wife, I lived a life with too much of a whole bunch of stuff that's not good for you. Most people would consider me reformed today. I love the good natured way Johnny and June sing this tune, knowing Johnny's rough life prior to their marriage.
The Glacier at Portage Lake
On a day trip to the town of Whittier, Alaska, Winder Woman and I went to see the glacier at Portage Lake. I wanted to see one before they all melt because of climate change.
South Fork of the Holston River
The Virgina Creeper Trail crosses the soth Fork of the Holston River, just north of Abindon, VA.
Taylor's Valley, VA
We’re heading back to this slice of heaven next weekend so Wonder Woman can volunteer at the Dam Yeti 50, an ultramarathon. It will be our first visit since Hurrican Helene devastated the area. #ultrarunning
Use Obsidian in a Browser from Anywhere, Without Installation
I just got into self hosting about a month ago with an old Lenovo
Thinkpad I pulled out of the recycling pile at work and a couple of big
external hard drives. Tonight I discovered that there is a Docker version of
Obsidian that works on my server. In a couple of hours, I had an
https connection to a test vault, accessible over the Internet via a URL
through a CloudFlare Zero Trust tunnel (which is a free service that
does secure routing for you). You can password protect the vault to keep
out intruders. You should also use a cryptic subdomain and not
obsidian.mydomain.com
All the people who want to use Obsidian at work but are prohibited from installing anything could surely find use in this. Additionally, folks with one of those big ass iPad Pros can now use the desktop version of Obsidian and the plugins that don't work on iOS. Any time you don't have access to your own device, you can jump on anything with a web connection to access your data.
This is probably old news to old school self hosters, but to this neophyte, it was a cool-as-hell discovery.
Whitetop Mountain, VA
One of my favorite spots in the world, Whitetop Mountain, VA. The day we first hiked hiked there, we met a group of self described “old hippies” having a picnic. They invited us to join in. Back in the late 30’s, this was the site of a music festival featuring the Carter family among others.
Anchorage View
This is what you will see from Potter Wildlife Viewing Center just outside of Anchorage. It’s a great place to go if you are into birding.
BlockBlock and KnockKnock from Objective-See
Anyone who tells you that Macs don't get viruses is misinformed,
and you shouldn't rely on that person for computing advice. Mac malware
exists. Having said that, the average Mac user is in much better shape
than the average Windows user because the bad actors of the world tend
to concentrate on the platform with the largest market share.
Additionally, those who have a modern Mac running an up-to-date OS have
built-in
behind the scenes protection that requires them to very little to be
safe. If that's you, and you get all your software from the App Store,
move along and have a nice day. But, if you download software from
developer web sites, Github or if you are living the Pirate's life (you
gangster, you), it's probably a good idea to take the extra step to
protect yourself.
The Objective-See Foundation is a non-profit 501©(3) corporation that has been around since 2015. It provides free, open-source security software for the Mac platform.
BlockBlock
BlockBlock is a utility that loads at login and monitors your Mac for the installation of any persistent program, a category that includes most malware. When BlockBlock encounters a new persistent installation, it alerts you and asks for your input. Do you want to allow this or forbid it? "If the process and the persisted item is trusted, simply click 'Allow'. If not, click 'Block'. Both actions will create a rule to remember your selection (unless you selected the 'temporarily' checkbox). If you decide to block an item, BlockBlock will remove the item from the file system, blocking the persistence."
KnockKnock
KnockKnock serves as an on-demand file scanning utility. "Press the 'Start Scan' button to instruct KnockKnock to scan known locations where persistent software or malware may be installed. By design, KnockKnock simply lists persistently installed software. Although by default signed-Apple binaries are filtered out, legitimate 3rd-party software will likely be displayed.
"If the item is an executable binary, KnockKnock automatically queries VirusTotal with a hash of the binary to retrieve any information. While VirusTotal is being queried, this button displays '■ ■ ■'. Once the query is complete, the title of the button is automatically updated with either the detection ratio, or a '?' if the binary is not known to VirusTotal."
"With the query complete, the button can be clicked to reveal a popup containing VirusTotal-specific information about the file. If the file is unknown, clicking the 'submit?' button will submit the file for analysis. Known files contain a link to the full analysis report and a 'rescan?' button that will rescan the file."
Other Options
Objective-See makes other security products including LuLu, an open-source free firewall and ReiKey, which detects keyboard trackers.
If your primary security concerns center around places you go online vs. the software you install, I would also suggest running a periodic scan with the commercial product, Malwarebytes. It has a free version for manual scans and a paid version for more extensive real-time protection.
For more on security - see this post for information on my personal toolkit.
I Like Your Blog If...
Since I stopped spending much time on commercial websites and more time
exploring the blogs on IndieWeb platforms, I have developed a type and a
preference for the kinds of blogs I like. There's plenty to choose from.
I like tech but not too much tech
For better
or worse, it takes a fairly technical person to get involved in
blogging. A lot of the people I read are developers of some sort or
other even if they don't write about that part of their lives that much.
I enjoy reading about the relationship people have with the tech in
their life and how that has evolved over time. I find it interesting to
read about what people are making, although if a blog primarily consists
of code blocks and inside baseball talk about the nuances of particular
programming languages, I'm probably going to move on. Most people do a
pretty good job at striking a balance.
I like smart and smart-ass but not people who think themselves
smarter than everyone else
There are a few bloggers
who consistently write about how dumb people are and it's a big old turn
off. I like smart people. I like people smarter than me (not hard). I
even like people with a smart ass sense of humor but I have worked for
too long with stereotypical computer support people who think all end
users are stupid and I'm so very weary of that attitude. I think it's
great to point out the misconceptions of others but it's boorish if
that's the main thing someone writes about.
I like people whose political content is about peace,
compassion, equality and diversity
In other words,
I'm not a fan of, nor will I read very much of what passes as
conservative ideology these days. I don't want to live in a bubble but
I'm just not going to waste any of my remaining time on this planet
engaging with people who don't believe in climate change or the
importance of stamping out white supremacy or in allowing people to be
as non-traditional as they want to be. Luckily, I haven't run into too
much of that in the circles where I run.
I like consistency
If you are the kind of
blogger who just spits out content day after day, I'm here to tell you
to keep it up! I realize not everybody has that in them and that's OK.
With me, you just don't have to worry that you post too much. If you
only write a few paragraphs a week, it's harder to get to know you, to
develop curiosity about your the things you share. I don't always have
the time or the inclination to read 5,000 word missives, but I like
knowing what folks are up to.
I like friendly
I'm from the south and have
lived here my whole life. Down here we have a sort of innate
familiarity. We are apt to ask how your Mama's doing even if we don't
know her. I like people who come across with that same sort of vibe,
letting pieces of their real lives leak out. I absolutely do not mind
hearing about you feeling tired taking your kid to basketball practice
or shocking news about your grandma's affair. I like authentic people
who don't posture, who are just themselves, struggling like the rest of
us to make sense of a confusing world without resorting to barrier
building between themselves and their readers.
Heart Stopping News
For about the past five years, it's occurred to me regularly that two things: my advancing age and my neglect of what people call "taking care of yourself" were going to bring about the end of days before I'm ready for them. My dad, only seventeen years my senior, proclaims to be "ready to go," but I am not. Not at all.
What's happened to me isn't unique. I developed painful arthritis in both knees after a lifetime of being physically active. I eventually had both of them replaced in 2020, but I never bounced back from it. The surgeries coincided with a prolonged bout of depression, one of may I've dealt with over the past 40 years. Complicating that even further, I came down with Guillain–Barré syndrome. By the time I recovered, I'd gained weight and had almost no endurance capacity. Walking a mile was about as much as I could do.
Recently, the slightest bit of physical exertion has been leaving me winded. I have been having real problems with fatigue. Last week my feet and lower legs started to swell in a way that hasn't ever happened before. I made a doctor's appointment with some difficulty because it's America in the 21st century. I didn't really want to think too much about what I might hear, but I was prepared for anything. After prescribing some medication and cautioning me against excessive sodium consumption, the doctor quickly diagnosed me with congestive heart failure and referred me to a cardiologist, which is where this story pauses.
I'm not the type of person who obsesses about their health. I'm not going to WebMD to read everything they have on my condition. I'm just going to wait on the cardiologist to tell me what I need to know. I'm shaken up a bit. I just turned 60 in February and though I'd have more time before this kind of stuff started happening. I take some comfort in knowing that my father-in-law was diagnosed with the same thing 20 years ago. My dad has had three heart attacks. They started in his 40s and he took another 15 years to even quit smoking. Hopefully, I'll have that kind of luck.
I'm already grateful for each day. As a recovering alcoholic with 16 years of sobriety, I've already gotten one second lease on life, one that I have taken full advantage of. I count my blessings every day and draw a lot of strength from a loving family and a fulfilling life that allows me to pursue the things that interest me. While this news has knocked me a bit of a loop, I don't see myself falling into a self-pity trap. It is what it is. I would rather not spend time moping when I can be doing something that brings me joy.
Hopefully, whatever treatment plan I get will alleviate the symptoms I've had and give me more energy. I have the motivation to do stuff, just not the capacity I'd like. I'm lucky to have Wonder Woman who is supportive and loving and not full of "I told you so's". There are plenty of people worse off than me. I'm keeping that in mind.
Enjoyed it? Please upvote 👇