Since I began using NextDNS, I noticed the top domain my Macbook was querying was ss-prod-ew1-notif-20.aws.adobess.com, by far.

I use Lightroom and Photoshop so I had to install the Adobe Creative Cloud thing. Even though I disabled the only two settings that could enable Adobe stuff running in the background, I noticed a bunch of processes running anyway.

In my team at work, we have a whole Vagrant + Docker setup in order to run the development environment.

We use VirtualBox as the provider for Vagrant. When I first set it up, everything went as expected and my VM was running fine. The next day, it wouldn’t connect over SSH and crashed. I ran vagrant up --provision && vagrant destroy -f countless times and experienced all kinds of strange and inconsistent errors:

At work we have some internal subdomains that only resolve via a specific DNS server only available via a VPN, that is pushed automatically upon connection.

I don’t want all my queries to go trough this DNS resolver, mainly because the one I usually use blocks ads and trackers.

After doing some research, I stumbled upon this tip on Mac OS X Hints from… 2004!

The solution is simple: to specify the resolver to use for a specific domain, create a file named after the domain in /etc/resolver/ and add the nameservers.

Since I’ve switched to my 13" Macbook Pro nearly 2 years ago, I fell in love with the trackpad. It’s insanely good. It’s so good that I stopped using a mouse altogether, even though I had the Logitech G502 which is a pretty high-end gaming mouse. One of the things I couldn’t do without the trackpad was the gestures. Plus, I didn’t feel any strain on my forearm, unlike most laptops.

While I usually use a VPN in public places like cafes, I don’t always do on networks I trust more, like my home or University. Nearly all of my network traffic is encrypted thanks to HTTPS, so my DNS requests are the only plaintext data I sent out in the wild.

I’ve been using DNS-over-TLS (DoT) on my Android phone for nearly 2 years thanks to Android’s native DoT support since version 9. After doing a little bit of research a while ago, I thought it would be a hassle to use an encrypted DNS protocol on my MacBook, but it turns out to be very simple.

I absolutely love unlocking my MacBook Pro with my fingers. I could live without it, of course, but it’s really convenient!

The good news is that it’s natively available as a PAM module! Meaning Touch ID can be used to authenticate with sudo.

All you need to do is to add this line to /etc/pam.d/sudo:

# sudo: auth account password session
auth sufficient pam_tid.so #<= this line
auth sufficient pam_smartcard.so
auth required pam_opendirectory.so
account required pam_permit.so
password required pam_deny.so
session required pam_permit.so

It will make Touch ID the default authentication method but will fallback to others if needed.

…and make it look like High Sierra’s.

With macOS Mojave, Apple disabled a feature called “Subpixel antialiasing”. Apparently, it is some complex, legacy code, and they decided to remove it.

On Hacker News, ridiculous_fish, an ex-macOS software engineer, says subpixel antialiasing is painful to implement:

ex-MacOS SWE here. Subpixel antialiasing is obnoxious to implement. It requires threading physical pixel geometry up through multiple graphics layers, geometry which is screen-dependent (think multi-monitor). It multiplies your glyph caches: glyph * subpixel offset. It requires knowing your foreground and background colors at render time, which is an unnatural requirement when you want to do GPU-accelerated compositing. There’s tons of ways to fall off of the subpixel antialiased quality path, and there’s weird graphical artifacts when switching from static to animated text, or the other way. What a pain!