How to check a file’s spotlight tags (especially on a server)

Many thanks to this post for this info.

I recently tagged some files on my Synology NAS mounted with AFP (Finder Go menu, Connect to Server, afp://SERVER.local/VOLUME) but they were not showing up in the Finder.

I still do not know why the Finder is now showing them (the Finder is so problematic) but I did discover how to determine if the tag had been added to the file.

OS X stores the tags in the file’s metadata and I was not sure if Synology’s ext4 would store them or not. You can use the terminal to print out the file’s tags. This is a bit cumbersome as the file as to go in the middle of the command.

The command is:

In this example, replace YOURFILE with the name of your file. Make sure to use “\ ” for every space (or Terminal will think you are starting a new command). For example, if your server’s volume name is “My Server” and the file you want to check is in a folder named “My Files” and the file is named “filetocheck.txt” then the command would look like this:

You will see output similar to this:

Why erase and restore your Mac?

I am a power user. I develop iOS and Mac software. I run betas of my firewall, my operating system, and my applications. I have developer tools installed. I am bound to have problems.

I am not alone though. OS X, over time, can become crufty. Old extensions,old files, or even improper installations. Third party installers often corrupt permissions or install older components.

System crashes (kernel panics) and OS bugs can lead to disk corruption that most do not catch until it is too late. The operating system does a poor job on alerting you if there are file system issues.

Running Disk Utility to repair these issues may seem successful, but sometimes are not. You may notice a “lost + found” folder on the root level of your hard drive. If you find a “iNode” file within that folder, things are not good.

My Late 2013 MacBook Pro is a little over a year old and has gone through many betas, many system crashes, but according to Disk Utility, all was well. I had had disk corruption that needed fixing by booting from the recovery partition, but Disk Utility fixed it.

Come Christmas, I bought a new monitor for myself, a new Razr Naga Mouse (which has its own drivers) and a new USB dock. The computer started to complain.

At first, it was spinning beachballs of death. Then it was strange kernel panics in the file system and in the graphics drivers. Finally I had had enough.

As members of PMUG know, I have many backups. I backup via Time Machine to a drive on my OS X server, to a local WD Passport drive, and to a drive at work. I also have several clones made with Carbon Copy Cloner. One is in the bank, one is at home, one is at work. All are encrypted.

I figured that if i was having all of these issues, I had better restore, because backing up corruption is not good. So I did what I have not done in a very long time.

I erased the disk and started over.

I began by booting from the recovery partition. This is easy, just reboot and hold down COMMAND R. Hold these keys down until the booting process starts, which is a black screen for OS X 10.10 (Yosemite).

Once the recovery tools had booted, I chose Disk Utility and erased my hard drive. Gulp. It was nice knowing you! Because I use FileVault, I had to first unlock the volume by selecting it and choosing Unlock from the File menu. Then I erased it as a normal journaled disk (not encrypted!)

I then quit Disk Utility and used the recovery menu to reinstall OS X Yosemite. This took about 35 minutes to download and install.

Next up was telling OS X that I wanted to restore from a Time Machine backup. I chose my WD Passport as I had just backed up to it and being a USB 3 drive, this was about as fast an option I had. The restoration took about 2.5 hours.

When all was said and done, I got about 30 gigabytes of my drive back. I am hoping this is due to all of the caches, sleep images, and other operating system artifacts, but I am not certain. A quick perusal though my file system seems to have everything I expected.

I suppose that some of my used space was because of previous disk corruptions, or the worst case scenario is that corruption caused some files to never be backed up, or overwritten. Time will tell.

This is why it is also import to archive. An archive is a backup that you then put away forever. Once a year I take one of my external Time Machine drives and label it as an archive. It goes into the bank and then I buy a new 1TB drive.

With this system, if I notice years down the road that I am missing a file I really want, I can go back to an archive and see if it is there.

Both backups and archives are important.

In the end, all spinning beachballs have disappeared. All kernel panics have disappeared. The system is fast and stable. Something was bad, and it seems that only a complete restore was the answer.

TL;DR If you are having very weird Mac problems, consider not just reinstalling OS X, but also erasing the entire machine and doing a full restore from backup.

What Apple’s SSL bug means to you

On Friday it was revealed that Apple has a very serious flaw in iOS 6, iOS 7, and Mac OS X 10.9.x.

You should stop what you are doing and update iOS now. Agile Bits has a good explanation on how to do this here:

1Password is not affected by the SSL bug (

As of this writing (Sunday night, February 23rd) Apple does not have a patch for OS X 10.9 Mavericks, but as said that one will come “very soon.” You can get that update by choosing “Software Update…” from the Apple menu. 10.8 and earlier do not appear to have this flaw.

To test your system, use

What’s the issue?

When your computer connects to the Internet and asks for a secure connection, it does so using one of several protocols. Secure Socket Layer (SSL) is one of them. When the data comes back, the operating system does checks to make sure everything is proper.

Sometime in 2012, Apple checked in some broken code. The code had an extra line that caused the software to always skip a check and consider the answer good. Now if someone has control over a privileged portion of the network you are communicating on, they can intercept the data and lie to iOS or OS X. Because of the bug, the lie will not be caught and your data will be improperly encrypted.

So someone who has taken control of a coffee shop’s wifi router, or a rogue employee at an ISP, or a hacker who has taken over a router somewhere, can listen to the traffic from Safari, iMessage, iCal, Mail, etc.

Chrome and Firefox are not afflicted because they do not use Apple’s code for SSL.

This is a really big deal. You are encouraged to not use a network you do not trust until Apple patches OS X. Apple has already patched iOS 6 and 7, but not OS X.

iOS 5 is not affected.

For more reading, check out Imperial Violet

Apple needs to be held accountable somehow. Depending on how much tin is in your hat, this bug is either a plain bug that was not caught because Apple lacks code review and unit testing practices, or they added it for the NSA, or a rogue NSA employee added it. That does not matter, this is the most trusted of code and it should never fail like this for so long.