Enabled the Password Generator shortcut to appear on the Apple Watch - and it works, I can initiate generation on the Watch. Need to re-enable Copy to Clipboard to be global, instead of local. :)

Quickly hacking a password generator

iCloud Keychain Password is not yet at feature-parity with my main password manager, 1Password. One of the issues I have (and also found out that others have the same issue) is password generation (sometimes, it is not easy to copy/edit the newly generated password), which 1Password does very well.

This inspired me to write a more generic password generation tool without needing to install another application. I could have written a script for the command-line, but thought that it is more flexible to write a shortcut.

I hacked a quick shortcut and was able to generate the passwords using the preferred template (based on my current 1Password template, and then some). Unfortunately, it was dependent on other third party iOS apps, Toolbox Pro and TextCase, which I don’t have on the Mac. So back to the drawing board.

Finally managed to finish the shortcut with no dependency on a third-party application, which made it work on iOS, iPadOS and macOS. :) It is not as elegant as I wanted it to be (need more built-in scripting functions on Shortcuts, which I hope gets added on iOS 15.4), but it works!

I forget that one shortcut I wrote uses a free API - which I deleted earlier when trimming the iCloud Keychain passwords. LOL Good thing Toolbox Pro has a built-in currency converter function.

iCloud Keychain experiment (turning off 1Password)

This morning, I exported all accounts from 1Password to iCloud Keychain earlier this morning. From there, I re-configured the TOTP on some apps (making sure that the passcodes are synced between 1Password and iCloud Keychain). I also re-configured some accounts to remove the sunsetting domain that I have been using (which was transferred to the free Google App for Your Domain, which is going to be deleted soon) and replace it with updated email addresses c/o Finally, I deleted quite a number of old accounts as well - those that I don’t use anymore, e.g.,, to name two.

Note that I did not delete 1Password, as it is where I safety store the Backup Codes, and a couple of files, too. I don’t want to use a separate app to store the codes, so a Secure Note on Notes app won’t fly. I cannot wait for iOS 15.4 (next week?), so I can migrate the codes.

I have deactivated the 1Password plug-in on Safari and the 1Password Autofill on iPhone and iPad. So, by Monday, I will see how this goes when work starts at 8. :) Wish me luck!

Should I continue supporting Firefox?

After announcing collaborating with Meta/Facebook on adtech on Firefox, it made me think twice about continuing to use Firefox and supporting it. I remember the time when Mozilla asked for support from its users, and I got on board for Firefox 1.0!

Firefox was great when it was working, until it started deteriorating, performance-wise. It became a memory-hog, which made me ditch it for a “better” browser, cough Chrome cough. However, my loyalty to Firefox remained, as I continued to hope that one day it will get back on track. For a moment there, it did - performance improved significantly, which earned it another spot in my arsenal as the preferred second browser (Safari’s first) on the Mac, but first on Linux.

Unfortunately, Mozilla continued to ruin it. How? Read Is Firefox OK?. And with the Meta/Facebook collaboration, it is rapidly burning Firefox to the ground. :(

The search for the Linux browser and secondary browser for the Mac led me to two options. First was Vivaldi. Although it is not open-source, nor publicly funded, it shows a lot of promise, specially their stance on privacy. I defaulted to the Vivaldi simple interface (as you can get overwhelmed with its bells and whistles). However, when it was time to harden it, i.e., making it more privacy-preserving, it directed me to the Chrome Web Store to get uBlock Origin, among other add-ons. I missed that part that it was Chromium-based, like Brave and whatever it is Microsoft’s browser is called. That did not sit very well. Immediately, I deleted Vivaldi (sorry, guys. can you shift to Gecko or WebKit please? And also add an iOS version).

The search for the Firefox replacement led me to LibreWolf, a no-frills, privacy-focused Firefox fork you can download on Love that it has a separate Intel and Apple Silicon version (yeah, am sucker for not contaminating my M1 MBP with Intel binaries). Unfortunately, MacOS continued to pester me with pop-ups reminding me that LibreWolf may be malicious (it is not recognized by the Mac’s verification and validation process). Got fed up and deleted it, too.

What is left? I can stick it out and just use Safari until DuckDuckGo release their desktop version. I can do that, but I try to separate some of the sites I go to from my main Safari site. As an example, accessing Lazada and MetroMart is done on a secondary browser, which has a VPN add-on, and never on my Safari. Good thing, though, that the fediverse presented me with Hardening Firefox. The site provides settings that you can customize to make sure that Mozilla’s access to your data and telemetry is restricted. Why Mozilla is hiding these settings under about:config is beyond me (is this the effect of receiving funding from Google, and now working with Meta?), but I configured most of what was recommended. So, yes, am back on Firefox, but tweaked for privacy.

Took me several hours to update pfSense. *whew*

pfSense released a new version with lots of bug fixes. Since I’m a sucker for new firmware, I immediately tried to upgrade the appliance. It used to be easy - just click on the link (web-based admin interface) and confirm, that is it. This time was different. Hmm…

The appliance couldn’t download the update. Weird, I thought, must be the DNS. Used the built-in tools to check and it was not the DNS. I even played with several DNS IP addresses that I use (and unblocked some known ones on the firewall as well). Still no go.

Time to go CLI-ninja. Installed SSH, but it took a long time. Hmm. Internet connection wasn’t the issue. What then? A reboot might help – there, ssh is now up. Launched Terminal on the Mac. Ah, good ole reliable CLI! SSHed and got in, but I don’t have privileges. What the! A few DuckDuckGo searches schooled me that I needed to add more admin privileges. The pfSense web-based interface provided those settings, good.

Armed with new root priveleges, SSHed again and there! I can initiate the firmware update via CLI. And what did you know, that, too, failed!

A few more DuckDuckGo searches and I was reminded that it might actually be the network. I remember apt-get failing on my Raspberry Pi before, and it was not because of whatever issue, except that the network was set to prioritize IPv6 connections. An eureka moment - let’s see if “forcing IPv4 even if IPv6 is available” works. What do you know? That was it. All these reboots, DNS, etc., and it was just that setting on the gateway that did it. Silly, I agree.

Why can’t repositories support IPv6 reliably? Oh well. At least it only takes one switch on pfSense to do that. Now, I turned off that setting and I am back on “IPv6 first”.

What does Akamai buying Linode mean to Linode subscribers? Hmmm…

Yes, you can turn off Firefox’s telemetry, but not sure if it turns off all, including the future IPA work with Meta. LIbreWolf is based on Firefox, only more privacy-oriented (and open source).

Nexus 7 running LineageOS resurrected. F-Droid installed, too.

OK. Ditched Firefox (because of Meta collaboration and Google influence) and Vivaldi (Chromium-based, and asked me to login to install uBlock Origin from Chrome Web Store). Now running LibreWolf (Apple Silicon native app). Nice.

Let's Play

A few days ago, I discovered another iOS, iPadOS and MacOS gem - Play, an application to save your YouTube video URLs in. It is a convenient way to manage your YouTube video library without logging on YouTube and giving more data points to Google. Play allows you to organize your video collection using tags, and with iCloud sync support, this gets propagated to all devices. Note that Play does not download the videos, it organizes the URLs of your favorite YouTube videos.

YouTube is one of the Alphabet products that I couldn’t find a replacement or alternative to. It is not about replacing the technology, but replacing the content - if only the content on YouTube is available on instances. Anyway, to access YouTube videos without giving too much data to Alphabet, I use when I want to watch it right away, but otherwise, I’d download it using yt-dlp or youtube-dl for later viewing on the Apple TV via Plex. And to make it simpler, I wrote three different shortcuts to automate my workflow: [1] send the YouTube URL to my Raspberry Pi for downloading, [2] Add YouTube URL to Reminders app for later downloading (usually when I am away from my home network) and [3] Process each YouTube URL in the Reminders app and call the first shortcut to download it (when I am on my home network). Why Reminders app? Well, at that time, it is the best way to write, read and delete items using shortcuts that is available on iOS, iPadOS and MacOS.

With Play, I have simplified my shortcuts from three to two. The shortcut that connects to my Raspberry Pi to download the YouTube video remains intact, i.e., no changes. The shortcut that adds the URLs to the Reminders app got cut. Play provides this with its built-in ShareSheet function, “Add To Play”. Finally, the shortcut that processes the list of URLs was modified to access the Play library instead of the Reminders app, yes, Play has Shortcuts support, too! Awesome, right?

I thank Marcos Tanaka for making this application and for quickly responding to queries on Twitter. I found a ShareSheet bug when using DuckDuckGo browser, and also links are not being recognized, and I hope they get resolved soon.

Play is available on the iOS App Store and Mac App Store for PhP99.00/US$1.99, and you can share it via Family Sharing, too! So what are you waiting for? :)

What happened to the Firefox I supported? Yes, I am ditching it now!

Mozilla saying that “advertising provides critical support for the web” is true, but advertising is good IF THERE IS NO TRACKING ACROSS THE INTERNET. Sorry, Mozilla - your IPA (partnering with Meta whilst accepting funding from Google?) will keep this data tracking alive. That is it for me. I do not trust you anymore.

I cannot wait for the DuckDuckGo desktop browser.

On using Apple AirTags, Tile and a GPS Tracker - as reported by Kashmir Hill

Why is Google mum about the issue that is BT trackers? Why won’t they pick up that AirTag detection code, add it to AOSP and push it to all? Anyway, there are far worse trackers readibly available in the market today (see Amazon).

AirTags are positioned at the middle of the pack – between Tile, which was close to useless in tracking and getting detected, and GPS tracker, which was better as a tracker, with close to impossible getting detected.

Read how Kashmir Hill tracked her partner, with his consent, of course.

In a span of three (3) days, two awesome developers just made my iOS workflow simpler. One is Play and the other is @vincode’s Humboldt. Thanks much!

Just in case you have not seen it yet, MacOS 12.2.1,iIOS 15.3.1, iPadOS 15.3.1, watchOS 8.4.2 are now available

Microsoft is green with envy - they missed mobile and the corresponding app stores, and since they were not successful on those fronts, they throw everything they got against those who’re successful. So typical, patented Microsoft behaviour. LOL

Safer Internet Day with Facebook and Google?

An annual celebration marked by events that educate and inform young ones and young once on how to be safe on the internet. On the main website, Safer Internet Day, you will see that it is supported by the likes of Facebook, Google, Tiktok and Twitter, four of the largest online services where users are not safe.

Events promoting Safer Internet Day (SID) often concentrate on online bullying, specially on these platforms. It is like a tobacco company sponsoring a healthy smoking habit to children! It is rare to have an event where organizers tell participants to stop using these companies' products and services for fear of losing sponsorship money.

For fear of losing sponsorship money, SID event organizers will not tell users to protect their privacy and stop using products from Facebook, Google, Tiktok and Twitter. Event organizers will also not tell users in order to protect their mental health, they should avoid these same companies' products.

So how can you be safe on the internet when the narrative is controlled by companies that make the internet unsafe, right?

How to be safe on the internet?

For starters, stop using Facebook, Google, Tiktok, Twitter, Viber, Instagram, and use products and services that are privacy-centric. Here are some examples:

  1. Use Signal, Threema or Matrix/Element instead of using the messaging services from Facebook, Google, Telegram or Viber.

  2. Use DuckDuckGo or Ecosia as your search engine. On DuckDuckGo, you can access Google Search without providing Google with your data.

  3. Use Fastmail or ProtonMail or Tutanota as your e-mail provider instead of Gmail.

  4. Use email aliases to hide and protect your main email address., DuckDuckGo, Firefox, iCloud+, and Fastmail provide this service.

  5. Use a password manager (paired with email aliases) to ensure that passwords and email addresses are unique for each online service or app you sign-up on.

  6. Add your main email addresses on to monitor if they’re compromised. Some password managers, like 1Password, have this monitoring feature built-in.

  7. Use to view YouTube videos or use youtube-dl or to download YouTube videos and watch it on your device without any trackers or recommended videos.

  8. Use Safari (if available) or DuckDuckGo (if available) or Firefox as your browsers (and change the default search engine to DuckDuckGo) instead of Chrome.

  9. Use mailing lists (e.g., or a public chat/messaging service (e.g., to manage and engage with your community.

  10. Write on your own blog (e.g.,, wordpress,, where you have control and ownership of your content.

  11. Use or to host your public photos. Do not overshare. If you think your innocent looking photo doesn’t contain data that reveals where and when you have taken it, you are in for a surprise. Parents respect the privacy of your children - don’t post photos of their faces - you will never know how it will be used against them in the future.

  12. Avoid feeding the trolls. The best way is to ignore. Same with bullies.

  13. Be kind. Having a safer internet means treating each other kindly and respecting others the way you want to be respected.

I doubt that you will hear most of these from any of the Safer Internet Day events or they will lose their sponsorship deals!

Be safe out there.

Nothing is free forever, specially when we are talking about Google

When closed shop, the folks there moved users to Google App For Your Domain and provided as domain. It was a safe transition because Google marketed it as free forever. That account was used as an email forwarder.

Just like most of what Google said they’d provide for free, it’s just temporary. Good thing that there is no other user on that domain except me, and by now, I have moved the important accounts using that domain to another domain and alias provider,

If you were victimized like me (although mine has minimal impact), then plan your transition now. There are better alternatives out there, Fastmail being one of them.