Tools

In the wake of the release of the latest MacBook Pro models, I’ve been thinking of the best way to pen something that talks about something like the MacBook Pro, and any Apple product really, as the sum of both the hardware and software. It’s all too easy to forget the software when new hardware arrives and I think that clouds people’s judgement. While sloshing that general idea around in my mind to get a feel for the best way to write it, it dawned on me that it’s a great deal more than just Apple’s software that makes me love my Mac. There’s a whole ecosystem of considered software and tooling from great developers that makes it the best platform for me and the kinds of things I like to do. So while I’ll get back to macOS in particular in another post, I first want to write about a bunch of tools and software that I use on my Mac. Maybe there’s something in my list that’ll help you enjoy using your own Mac a bit more.

The list will also talk about the hardware I use where applicable, if it links in to the software somehow.

Passwords and Security

I used to be a big fan of LastPass, but I swapped to 1password about 6 months ago at subscription renewal time. LastPass were acquired by LogMeIn, and while I’ve got nothing personal against them, I’m more comfortable using password security software from companies where that’s their only real business. Given the credentials to my entire online existence are trusted to it, I want the company writing the software to have laser focus on the product. It has excellent Mac and iOS syncing for the password store, and the client software works well with all major browsers on macOS.

I also use Yubikeys with my Mac to protect access to other resources I access from my Mac. It’s possible to integrate Yubikeys with the login system of macOS itself because it’s based on PAM, but I haven’t done that yet. Yubikeys are terribly useful for authenticating you as a second factor, and they have broad online service integration now, including Google and GitHub in FIDO U2F mode. You can also use them to store private keys for SSH authentication, and they can also type passwords for you as well.

Ever wanted to know what apps on your system were accessing the Internet and your local network, and where on the Internet those apps are connecting? You really should have a handle on that these days, where security of your data and your privacy are increasingly paramount and under threat. What about what files your apps are accessing on your filesystem? Or what apps are accessing your microphone or camera and potentially using them without your knowledge?

Little Snitch is what you want for network access, and Little Flocker is what you want to keep an eye on and protect your filesystem data. Little Flocker can also tell you what’s using your camera and microphone, and the Little Snitch developers also have an app for that called Micro Snitch, which you can get in a bundle deal with Little Snitch (or at least you could when I bought them both!).

Even if you don’t do anything about what Little Snitch or Little Flocker are telling you, just having some way to see what’s using the filesystem and network on your Mac is a good idea, so I recommend them even if you don’t want to be proactive with the data they’ll show you. Both support passive monitoring modes that stay out of your way and just show you what’s going on.

I’m also in the middle of moving my home network to one that has a VPN connection to a server I control as its first hop, at the router, so that the only traffic my ISP can see is encrypted. Developing that to the point where I can switch it on at the router was all done on my Mac, using a great OpenVPN client called Tunnelblick. While I won’t need it for much longer, it’s the best open-source VPN client for macOS today.

Productivity

If you use a Mac and you launch an app by opening the Finder and navigating to your Applications folder, or even use the Dock shortcut or Spotlight, you’re missing out on a better way. Alfred should be your gateway not just to starting programs, but also your contacts, as an ad-hoc calendar, accessing pasteboard history, iTunes control, 1password bookmarks, text auto-expansion and more. It’s the first thing I install when I setup a new Mac for the first time.

A few years ago I discovered f.lux, software that changes the colour profile of your display(s) as the day passes, primarily to reduce the amount of whiter light you see as it gets darker outside. Sitting at a bright display all day affects my eyes and my sleep. Your mileage may vary since I think the jury is still out on the exact biological interactions, but the basic mechanisms of circadian rhythm adjustment and melatonin production seem to happen with me from what I can tell. F.lux’s job is therefore to help with that, allowing you to use your Mac (it’s also available for Windows, Linux and Android!) later in the day without it seriously affecting your ability to get good sleep afterwards. At least that how it works for me. Apple seem to agree, since a similar feature called Night Shift is built in to iOS and is soon coming to the Mac.

I was a Windows user for a long time before I switched to the Mac, and one of the instant frustrations was the behaviour of the Home and End keys in Mac apps. On Windows, Home and End are line-based, but on the Mac it’s application dependent. Sometimes it’s line-based, but most of the time it’s page or document based. Not if you install Karabiner, though (or Karabiner Elements if you run macOS Sierra, since Apple changed the input layer heavily in Sierra so much that the original Karabiner no longer worked, forcing the developer to start from scratch with Elements).

Karabiner is a little fiddly to setup, but it’s one of those pieces of software that once it’s running the way you like it, it disappears into the background never to be seen again. If you’ve ever wanted to remap any keyboard keys in macOS to change their behaviour, like I do with Home and End, Karabiner is where you should start. Either that or Hammerspoon which a friend of mine swears by, but I haven’t had much experience with.

Backup

You do backup your data, right? Right? I use macOS’ built-in backup system, Time Machine, as you should if you use a Mac too, but Time Machine has no real support for making sure your data is backed up somewhere that isn’t still in your house or office. For off-site backups I use Backblaze, in the mode where Backblaze don’t get to see my data, due to me supplying a private key (provided by one of my Yubikeys!). Backblaze supports unlimited size, constantly-running backup of a single Mac for $50 a year. It’s almost completely unobtrusive to the point where I rely on the regular summary emails to tell me it’s still running. It just quietly takes a running copy of everything on your Mac.

I also use Tarsnap for my most sensitive data. It’s installable with Homebrew (I’ll get to that later!), but it’s also easy to build yourself from verified source (the method I use). It works like the tar command line tool except rather than create local tarballs, it generates a deduplicated, encrypted copy of the data you feed it and sends it to Tarsnap’s system off-site, protected by a private key only you know. If you’re comfortable on the command line, tarsnap should be a tool in your arsenal, potentially even to completely replace something like Backblaze. I made the mistake of loading my account with $10 to start with. Years later and I’ve only made a 6 cent dent in it, due to how little I store with the service (around 10MB) and how little new data gets sent there because of the deduplication. Go look up their unique pricing model to see what I mean.

Window Management

macOS does a reasonably terrible job of managing application windows. It has a virtual desktop feature called Spaces, and while that’s a great way to organise the apps you’re working with into more logical groupings, moving the individual windows around inside each Space is pretty rubbish, mostly because you have to use the mouse pointer. I’m a big fan of using the keyboard as much as possible, and so I use a piece of software called BetterSnapTool to give me global keyboard shortcuts to move windows around. 99% of the time I either want an application window to either move to the display it’s not currently on, or occupy the left or right half of the screen so I can side-by-side a pair of apps on a given Space, so I have three shortcuts setup to do just that. It’s one of those things that really should be built in to macOS. Even Windows does it better.

Writing

I’m writing this in a distraction-free text editor called Byword. It’s not a programmer’s editor, but a writer’s one. I always run it full-screen so it’s the only thing for me to focus on when I’m writing, and there’s no real UI to speak of. You just type. In fact, all I can see on the screen right now apart from this text is a running word count in a low-contrast tiny font right at the bottom.

For longer-form stuff where I need to organise my thoughts before I start pressing the keys, I’ve started to use a program called Scrivener. It’s centred on script writing, either for screen or book, but it has some nice visual metaphors for organising information for bigger texts that you need to put together. I used it last year to write a Pascal analysis for The Tech Report. If you love to write, especially longer bits, it’s highly regarded and recommended.

Programming

I love writing software and automating software to do what I want. I won’t get into what I think are the best programmer’s editors since I’m not a religious man, but if you do any kind of development on your Mac, be it for macOS, iOS or any of Apple’s other platforms, or against major platforms or frameworks, you should check out Dash. It faced some controversy in 2016 when Apple removed it from the Mac App Store, but you shouldn’t take that as a slight against the app’s utility or quality. It’s an API and documentation browser for a great many systems and platforms, giving you fingertip access (no mousing is really needed with it, which is great) to a wide range of documentation. Dash has support for integrating with Xcode, Alfred, Emacs, Vim, Visual Studio Code, Atom, Android Studio and more. Highly recommended.

If you do any development for iOS or the Mac (or Android now!), you really need to seek out and get to know PaintCode. It’s a visual design tool for creating custom UIs and UI elements for Mac, iOS and Android apps. The party trick? It doesn’t output raster images, but code. That lets you have full programatic control over your UI, and the UI is about as efficient to draw as it possibly can be. I can’t imagine designing and developing a Mac or iOS app without it.

System Monitoring

macOS is a very well behaved operating system for the most part, with decent built-in support in Activity Monitor for showing you application resource usage, including power on recent Macs with recent versions of macOS (in the last few years or so at least, if not longer). However sometimes you need a deeper view of what’s happening. I use iStat Menus to get a per-processor view of what’s going on, primarily for when I’m developing but also to get a view of whether software is efficiently using the resources available on my Mac. The processor cores, disks and memory are there to be used after all. The per-app disk monitoring is particularly useful.

Email

I’ve lost count of the number of email client applications I’ve used on macOS over the last decade or so. I’m a heavy emailer who never deletes any, so the email clients I use need to be fast even with a huge corpus split across many accounts, they need excellent built-in full-text search, and they need to do a good job getting emails I don’t want to deal with or see out of my way. Keyboard control is a must, so I don’t have to mouse around to deal with what’s inherently just text at the core. My client of choice for the last few years, meeting all of those goals, has been Airmail. Now on version 3, the highlights are great keyboard control, iCloud syncing for account information (but not passwords) so that setting up a new Mac is easy, and they have a matching iOS version that quickly stays in sync with the Mac client. If I read an email on my Mac, it’s marked as read on my phone and vice versa. Airmail 3 really is fantastic.

Package Management and Shells

Finally, I spend a huge amount of my time either in a text shell on my Mac, or in remote shells on the servers I look after, for Beyond3D, my business, my mailserver, this blog, etc. The best terminal emulator on macOS is easily iTerm2. Don’t let the number in the name fool you, it’s on version 3 today. I find it absolutely indispensable because of its tmux integration and support for automatically switching the terminal profile based on things that are happening inside it. For example: when I connect to my bastion host, iTerm switches the colour of the window from a black to a blue, so I know I’m on the bastion and ready to jump to where I’m going next. If it detects me becoming the root user on any system I’m on, locally or remotely, it changes the colour to a red.

Anything you can set in an iTerm2 profile takes effect during those profile switches, so you can go much much further than just colouring if you want. Really, the entire interactive portion of how you use iTerm can be switched based on what’s going on. My second display is almost always just a full-screen iTerm2 instance, which I split up in whatever way I need for the work I’m doing locally or remotely.

That leads me on to maybe the biggest thing I make use of on my Mac on an ongoing basis: shell-based programs. macOS is a Unix, and out of the box there’s a decent userland with a mix of normal POSIX and related userland software, along with Apple’s own stuff. In general, if there’s a major system on the Mac, there’s a shell program to manipulate it, so a lot of the power of your Mac can be controlled from the command line as well as the GUI. However there’s a broad swathe of great command line software and libraries that Apple doesn’t provide, or provides old or unsuitable versions for when you’re building your own software from source.

Apple doesn’t provide any of that kind of software through the Mac App Store, so the macOS community created a few of their own, aping what’s possible on other Unix and Linux systems. I use Homebrew, which markets itself as the missing package manager for macOS. After installation, apt-like commands are available to install software (including GUI programs!) on your Mac. If you’re used to Linux or similar systems, the software available will be very familiar. Things like, wget, autoconf and automake, emacs, vim, a large amount of libraries needed to build lots of common software from source, like openssl and libpng. Shells like zsh. At least for the kinds of work I do, I’ve been able to find almost everything I need via Homebrew, so if you’re happy at the command line and use that environment to get things done in a Unix-like way, I highly recommend it.