How to selectively run Keyboard Maestro macros in a synchronized environment

A challenged I’ve always faced in running Keyboard Maestro on multiple Macs, is the maintenance of macros that are common to all, i.e. when updating a macro on one machine (say, changing the API keys of a service I’m accessing), I have to remember to go make the same updates on the others.

Keyboard Maestro provides a solution to this problem, by allowing you to synchronize your macros across multiple machines. Their implementation, however, and in contrast to say, Hazel’s folder-scoped implementation, is all or nothing—meaning that you can’t have macros on one machine that don’t exist on the others. And that can become a problem, especially with macros that are scheduled to run periodically.

Keyboard Maestro provides two approaches to address this problem:

The first is the ability to, for any given group (folder) of macros, to click, “Disable on this Mac”.

Unfortunately, there’s a number of shortcomings to this option. For example, anytime you add a new group of macros to a given machine, you have to remember to potentially go around disabling them on the others.

The second approach, and better in my opinion, is to condition the execution of any macro on the UUID (universally unique ID) of the machine on which the macro is running. Here’s an example of how this works.

The first step is to maintain a macro that determines the UUID of the current machine, and defines a list of named UUIDs for machines you’ll later be referencing. I run the following macro daily, and whenever I add a new machine, I’ll add its UUID to the list of named machines by temporarily running the disabled action that copies the current machine’s UUID to the clipboard.

With this in place, I can now condition the execution of other macros by machine. The following is an example of a macro that runs daily, and quits FaceTime on my MacBook Pro.

If I wanted this macro to run on two machines, I could add a second UUID check, and change the condition to “any”.

While this approach requires additional effort in creating your macros, it provides big benefits in being able to manage from a single machine, the conditioned execution of macros on all of your machines.

How to perform a currency lookup in a Numbers spreadsheet

Apple recently introduced in the Numbers spreadsheet the ability to pull live stock prices from the internet, making it now possible to track portfolio performance.

To access this feature, you use the STOCK function:

Since the feature pulls data from the Yahoo finance service, the symbols you should use for reference are those used at Yahoo. For most stocks that I’ve come across, the symbols are the same as those used at Google, but they do seem to vary slightly for non-US stocks and currencies.

To track the Euro/USD exchange rate, the symbol used at Yahoo is “EURUSD=X”, but using this symbol in the Numbers STOCK function returns an error. The solution, as I found in this discussion at Apple is to use the CURRENCY function:

Email Verification

I’m the owner of a Gmail address that bears my name, in the form first.last@gmail.com.

Many others who share my name, have addresses that are slight variations of mine, e.g. first.last2@gmail.com or first3.last@gmail.com, or even first.p.last@gmail.com. You get the idea.

Often when these people signup at websites, they mistype their email address—and accidentally enter mine.

On account creation, modern websites send a verification email to the registered address, containing a link that the user must click before they can use the service. This verification-loop confirms that the person actually owns the email address they entered. You’ve probably experienced this yourself.

If I’ve directed you to this article, it’s likely because your company does not verify email addresses, such that I’m currently experiencing one or more of the following problems:

  • I’m receiving notifications, alerts, user-related communications (often containing personal data), and I’ve been unable to stop them because either:
    • Your communications don’t have an unsubscribe link, or
    • There is an unsubscribe link, but requires login to confirm
  • Your service doesn’t allow me to reset the account password simply by knowing the email address, i.e. it’s requiring me to provide some user-specific information I wouldn’t know.

In other words, I am stuck, have wasted time that I shouldn’t have wasted, and need your help.

But just as importantly, I need that you get the message to whoever in your company is responsible for the website, insisting that they need to add email address verification to the account creation process, to prevent this from happening in the future.

Thank you.

Decommissioning old email addresses with FastMail

The first business email address I used, [email protected], now almost twenty years old, is the source of 95% of the spam I receive. I no longer use this address, and would simply like to kill it, but every now the arrival of an important message reminds me that decommissioning it could result in missing something important.

Our company uses FastMail for email hosting, and the account has several domains aliased, including makalumedia.com. Chatting with FastMail support, I discovered that I could use their advanced “Sieve” support to effectively kill the address without risking to miss important emails.

Here’s how I did it:

  1. In Mail.app, I created a smart folder that collected all mail addressed to [email protected] during the past 10 years (and which is not in my junk mail folder). This is the starting point of my list of “known senders” from whom I’ll continue to receive mails.
  2. I exported this smart folder to a mailbox file on my Desktop
  3. I then used the Mac app “eMail Extractor” to parse a list of all email addresses found in that file.
  4. I then used BBEdit to clean up the list, leaving me with only a single copy of unique {domain}.{tld} entries.
  5. I then created the following Sieve rule in my account at FastMail

This sieve triggers on any mail received on my old makalumedia.com addresses. It then checks if the sender is in my list of known senders (which in my real sieve is much longer than the above). If the sender is not in that list, it rejects the mail with a message to contact me through my blog to get my current contact information.

Since setting this up a few days ago, my spam has been reduced by probably 90%. The few that have gotten through were from senders on my known-senders list, and so I went and removed them from the list. So over time, my known-senders list will get cleaned of the few spammers who were present in the original list.

All in all, I’ve been super happy with Fastmail. Their service is well-designed, technically solid, and provides just enough geeky flexibility to do advanced stuff like the above. Well worth the money!

Support Authentication

When I signup for an online service, I like to use an email address that’s unique to that service, i.e. something like [email protected]. Email for my-special-domain.com is then configured to forward all incoming mail to my personal email address.

This allows me to do two things:

  1. Know which services sell my address on to third-parties. (If I start getting spam on this domain, I can figure out where it came from.)
  2. Kill any address for which incoming mail gets out of hand

This works fine, except for one problem, and a problem that shouldn’t exist:

Often when emailing [email protected], I’ll get a reply back indicating that—for “security” purposes—I must email support from the address associated with my account at the service.

What’s the problem with that? The problem is that the “from” address of my support enquiry provides absolutely no authentication or security at all, since email headers are dead-easy to forge.

Therefore, if a service wants to authenticate support conversations, there’s only one way to do it, and that is to provide an internal messaging system accessible only once a user authenticates into the service’s website. (Most financial institutions have this, since getting user authentication right is particularly important to them.)

I decided to post this to my blog, in order to have something I can conveniently point to in the future, when trying to convince these services that they’re misguided and causing unnecessary inconvenience to users who prefer to use throw-away addresses on their accounts.