Macs

MacOS Monterey/Big Sur Backups: Q&A

For those who have bought a new computer or have updated their machine to Apple’s Big Sur operating system, here are some things to know about the new(ish) APFS disk format, bootable backups and the Carbon Copy Cloner backup program…

Q: Should I continue to use Carbon Copy Cloner to make backups of my data?
A: Absolutely. A backup to an external drive is the best way to recover from a sick drive mechanism, failed operating system update or lost/stolen computer.

Q: Should I make my Carbon Copy Cloner backups “bootable”?
A: This is a tricky question to answer. Prior to Big Sur, the answer was “absolutely”. Today things are a bit more complicated… Start with this article by Carbon Copy Cloner’s programmer Mike Bombich:

https://bombich.com/kb/ccc6/cloning-macos-system-volumes-apple-software-restore

As noted in this article, the answer depends on several factors, including which Mac hardware you have (Intel processor vs. Apple “M1” processor), and if you want to preserve previous “Snapshots” (points in time from which you can restore data).

If you’re running an Apple silicon “M1” Mac, I recommend using Carbon Copy Cloner’s “Standard” data-only backup strategy. For Intel-intel based Macs, I still recommend the “Legacy Bootable Backup”.

Q: What do I need to know about backups in Big Sur (or Catalina)?
A: Disks used to boot a Mac are now required to be formatted in Apple’s newer file system (APFS). If you have an older backup drive which was previously set up for an earlier operating system (“Mac OS Extended, Journaled”, a.k.a “HFS +”, it is will likely need to be erased and reformatted as APFS. Note: This will permanently destroy all previous backup data on the drive.

Q: Can I continue to use my old external spinning hard drive for Carbon Copy Cloner bootable backups of Big Sur?
A: I don’t recommend this. The performance of a spinning hard drive formatted as APFS is terrible. In an emergency it may take 8-10 minutes to boot from a spinning APFS drive (vs. <60 seconds to boot from a backup made to a solid state drive (SSD). SSDs are becoming much more affordable per Gigabyte, are exponentially faster than spinning hard drives, and are more resilient to bumps and bruises due to them having no motor or moving parts to wear out.

As of this writing (October, 2021), a name-brand 1TB SSD can be had for around $155 and a 2TB model for ~$300.

Q: Should I upgrade to Carbon Copy Cloner 6?
A: If you’re running Mac OS Big Sur, I recommend updating to Carbon Copy Cloner 6. CCC6 is significantly faster and the upgrade price is only $20. Here’s a list of some of the new features:

https://bombich.com/blog/2021/05/19/ccc-6-here-faster-backups-better-accountability-dark-mode-and-so-much-more

Note: Carbon Copy Cloner 6’s user interface is a bit different and may take some getting used to. If you’re running a version of Mac OS before Big Sur, Carbon Copy Cloner 5 still works fine.

Q: Should I run both Carbon Copy Cloner and Time Machine backups?
A: Yes. Keeping multiple backups is always a good idea and Time Machine and Carbon Copy Cloner will work to save your data in different ways, depending on the crisis/scenario.

Q: Can I keep using my old spinning external drive for Time Machine backups?
A: Yes. As long as you have enough ports on your computer to connect both drives (or are comfortable rotating external drives on a regular basis), your old Time Machine disk can still be used. If your old spinning drive was previously partitioned for both Carbon Copy Cloner and Time Machine, the Carbon Copy Cloner volume can usually be deleted, making more room available for future Time Machine backups.

Q: Should I exclude my external backup drive from Spotlight indexing?
A: Yes! This prevents a scenario where you search for a file and inadvertently open the copy on the backup drive. If you then edit and save your changes, those changes will NOT reside in the original file on your internal storage. This can be confusing later when you open the original file and your edits are not there!

Q: The icon for my external backup device disappeared from the Desktop during the first run of a Legacy Bootable Backup run. What’s up with that?
A: This is a normal, (but annoying) behavior of Apple’s ASR tool which Carbon Copy Cloner uses to create a bootable clone. The destination disk’s icon will appear again when the copy is finished.

There are plenty of options and questions involved in backing up your Mac. Feel free to contact me via email or the “Contact” section on the right of this page for technical translation and/or advice on or help with any of the above.

Kirk van Moon
LANsharks Consulting

Using Quad9’s Free Service to Protect Your Mac Online

The internet is ripe with scams, malware and phishing attempts. A common method for hackers to obtain your important usernames/passwords is to set up a site which looks *very* similar to your financial institution’s or webmail login. If you don’t notice the address is slightly different than the actual site (i.e. www.citibank.com vs. www.citiibank.com), you may be fooled into providing your credentials at a fake site. The scammers then use the credentials you entered to log in to the real site and drain your bank account, read your personal email, etc.

To help prevent these types of scams, I recommend a free service from a company called Quad9, as a filter for malware and fraudulent sites. A bit of background first, but if you’re already convinced you can skip to the Setup Guide.

When your computer wants to connect to anything on the internet (a web server, send/receive email, update your calendar, etc.), it first needs to do a “Domain Name Service” (DNS) lookup. The internet works on numerical “IP Addresses,” which look something like 69.27.37.10. But numbers are hard for us humans to remember, so we use named entities instead. Rather than having to remember the numerical IP address for Google’s search page, we just enter www.google.com and the computer does a DNS lookup to find the IP address for that particular server. Think of DNS as the “directory information” or “411” of the internet. Here’s a short video describing how DNS works: https://www.youtube.com/watch?v=kURzoJ0Qj9o

By default, most computer users’ DNS lookups are handled by the DNS server at their ISP. This generally works fine, except:

1. The DNS server at your ISP will resolve any domain name your computer asks for. Therefore, if you enter www.infectmycomputerwithmalware.com, the ISP’s name server will diligently do the lookup and point your computer to the IP address of the server which serves that website. There is no filtering or anything to protect your computer from visiting some of the dark and crusty locations on the internet, which may be ripe with malware, viruses and other bad stuff.

2. Most ISPs look at the sites you visit (not the actual pages, but the internet addresses), based on your DNS queries. So if you visit www.iwantanewmazzerati.com, expect to see some advertising for new sports cars soon. This data is then sold to advertisers and used for who-knows-what marketing and other purposes.

I use and am a big fan of Quad9. Quad9 works in tandem with IBM’s security databases and financial companies who keep lists of known-bad-news and look-alike domains. The Quad9 DNS servers will not allow your computer to resolve the name of a known-malicious or look-alike domain to an IP address which your computer would then connect with. So even if you enter www.bankofamerrica.com (note the misspelling with a second “r”), your browser won’t be directed to a fraudulent site asking for your login/password or whatever malicious content is served at that site. In addition, Quad9 doesn’t collect, track or sell any of your DNS searches.

Using Quad9 is particularly helpful in preventing email scams which may point your computer to a website which looks exactly like that of a site you use regularly.

The setup of Quad9 takes literally 2 minutes to enter 9.9.9.9 in your DNS server settings in System Preferences > Network > Advanced.

Setup Guide: https://www.youtube.com/embed/NM4AdfEnAmY?autoplay=1

I can’t recommend this simple step strongly enough. Let me know if you have questions or need a hand. Feel free to share this with those who may benefit.

Kirk out

P.S. I also urge you to enable two-factor authentication at any site where it is offered, particularly for financial institutions.

MacOS 11 “Big Sur” Observations

UPDATE: 3/9/2021:

I remain unimpressed with the stability of Big Sur. Many users (myself included) are reporting kernel panics when waking from sleep and trouble using external displays with laptops.

In addition, the update process introduced in Big Sur was supposed to *reduce* install time, but has actually done exactly the opposite. Given the number of bugs and requisite updates being released, updates are taking upwards of 45 minutes each, longer if you don’t have a fast internet connection. Details here: https://eclecticlight.co/2021/02/28/last-week-on-my-mac-users-are-losing-out-against-big-surs-sealed-system/

Another problem with Big Sur is the cryptographically signed system volume. This was designed as a security mechanism, but in daily use it means that your Carbon Copy Cloner bootable backup must be erased each and every time the operating system is updated – a problem Apple introduced in Big Sur.

I still recommend Mojave (MacOS 10.14.x) or Catalina (MacOS 10.15.x) and am not recommending Big Sur at this time.

November 12, 2020

Apple released Big Sur – the newest operating system for the Mac today.

If you’re looking for the quick and dirty “should I install Big Sur?”, the answer is no, not yet.

Read on for more details and information:
Big Sur leverages the changes Apple made in Catalina, when it was released last October. Catalina was the first operating system for the Mac that only supports 64-bit application software. Older 32-bit apps do not and cannot be made to run in Catalina.

In addition, Catalina requires startup disks (including bootable backups) be formatted in the new APFS format, which Apple only supports on SSD media. This means there are ramifications for your backups (i.e. you’ll need new backup drives), if/when you update to Catalina or, as of today, Big Sur.

My observations regarding Catalina remain true – here are more details from back when Catalina was released:

http://lansharks.net/2020/01/17/things-to-consider-and-know-about-catalina/

I spent much of the day yesterday arguing with the Big Sur beta installer – not a good sign for stable, hassle-free software. Today’s public release (a gargantuan 12GB download) *seems* better, and Apple released a software update only hours after the initial release – not a confidence builder for well-tested code. I’ve only had a few hours to put it through the paces – so far things seem to be working and it feels snappy on my 2018 15” MacBook Pro.

There are some pretty significant cosmetic changes in Big Sur – for those who aren’t a fan of Apple changing/moving things around, this may be a release you want to wait to install, when you have time become familiar with the new bells and whistles. Here is an excellent comparison of some of the different look and feel changes from Catalina and Big Sur:

https://www.andrewdenty.com/blog/2020/07/01/a-visual-comparison-of-macos-catalina-and-big-sur.html

Bootable backups of Big Sur now require the system volume be cloned using a new software mechanism from Apple known as ASR. The system resides on a cryptographically sealed “Signed System Volume”. That seal can only be applied by Apple; ordinary copies of the System volume are non-bootable without Apple’s seal. To create a functional copy of the macOS 11 Big Sur System volume, Carbon Copy Cloner has to use the ASR tool to copy the system, or install macOS onto the backup. The upshot is that your backup drive will need to be erased the first time you run a clone under Big Sur and your previous backup data will be lost. If this is problematic for you, you can re-run the initial backup of your Big Sur Mac to a new external hard drive. More about Carbon Copy Cloner and ASR here:

https://bombich.com/kb/ccc5/frequently-asked-questions-about-ccc-and-macos-11

So, my advice for now is to wait to download and install Big Sur. Give it and other third party software time to mature. And of course, I wouldn’t be me if I didn’t remind you to update your bootable clone backup immediately before downloading any software updates, especially new operating systems. And don’t run your backup again for a few days, until you’re certain everything is working as expected.