The MacValley blog

 

Welcome to the MacValley blog, your first stop for all the latest MacValley news and views.

 

Tom Briant

The MacValley blog

Editor: Tom Briant

 

Click here to email Tom

Click here for Tom's profile

 

 

To search the blog posts please use the box below

Thursday, October 5, 2017

Senior Correspodent Arnold Woodworth's Weekly Web Wrap-up for Tuesday, October 3, 2017

Official Apple Announcement:
macOS High Sierra now available as a free update
 
Apple today announced macOS High Sierra, the latest release of the world’s most advanced desktop operating system, is now available as a free update.
 
 
 
 
macOS High Sierra, First Take: Solid foundations, but light on eye candy
 
Apple told us that APFS is primarily designed for use on the Mac's boot drive, and will retain compatibility with external drives using HFS+, so there should be no problems continuing to use older external drives that contain all your Time Machine backups. However, third-party disk utilities will need to be updated to support APFS.
 
 
 
 
Will your Mac run macOS High Sierra?
Here is the official list of supported hardware:

• MacBook - Late 2009 or later 
• iMac / iMac Pro - Late 2009 or later 
• MacBook Air - 2010 or later 
• MacBook Pro - 2010 or later 
• Mac mini - 2010 or later 
• Mac Pro - 2010 or later 
 
 
 
 
Patrick Wardle, ex-NSA analyst and now head of research at security firm Synack, found the problem Monday, warning that it could allow anyone able to run malicious code on a Mac to pilfer passwords from the keychain. Apple uses the keychain to store user passwords and should only be accessible to the owner of the Mac. All those logins are typically unlocked with a master password. But Wardle, as shown in the video below, was able to carry out an attack that sent all the contents of the keychain to an attacker without the need for that password.
 
He claimed it wasn't hard to get malicious code running on a Mac today. Indeed, he's repeatedly shown how to execute attacks on Apple's operating system in recent years.
 
 
 
 
Wardle tested the exploit on High Sierra, but said that older versions of macOS and OS X are also vulnerable.
 
 
 
 
Video of KeyChain Stealer app in action.
 
Note that when this web page opens, only the video is visible.
This is unlike youtube.com, which has other things visible in addition to the video being played.
 
 
 
 
MacOS Keychain issue shows that even if you install the latest OS update, security is never a guarantee so take appropriate measures, researcher says.
 
A security researcher posted a video showing that malicious applications running on the new OS can silently steal usernames and passwords stored in users' keychains.
 
Another requirement for his attack to succeed is for the keychain to be unlocked, which is the default state of the keychain after the user logs on. Even in this state, applications still need user confirmation to access it so Wardle's attack violates the keychain's expected behavior.

Users can manually lock their keychains using the Keychain Access tool provided by macOS.
 
 
 
 
9 reasons you should buy an iPhone 8 instead of an iPhone X
 
 
 
 
The best iPhone for every type of person and budget
 
This article has good advice on whether you should buy a new iPhone or not and,
if you should, which iPhone is best for you.
 
 
 
 
Video:
Here's why your iPhone has a tiny hole next to the camera
 
 
 
 
Video:
I won't trade in my iPhone 6s for an iPhone 8 or iPhone X — here's why
 
I bought the iPhone 6s Plus when it was first released and I skipped over the iPhone 7 generation. And now I think I'm going to skip over the iPhone 8. So Apple is still selling the iPhone 6s even though it's a two-generation old phone now. That’s testament of how good the iPhone 6s is.
 
 
 
 
APPLE HAS released the kernel of its iOS and macOS operating systems into the open source.

Both are now available on GitHub, representing the first time that Apple has released such integral code into the public domain.
 
Apple is known to contribute to the open source community already, with Swift being a prime example, but this is a big gift.

https://www.theinquirer.net/inquirer/news/3018430/apple-releases-ios-and-mac-os-source-code-to-github-ahead-of-iphone-x-launch
 
 
 
Is it Worth Buying AppleCare+ for iPhone 8 and iPhone 8 Plus?
 
Since it only takes one accident to pay for itself, if not save you money, many users feel AppleCare+ is ultimately worth it.
 
AppleCare+ will save you at least $120 if the rear glass on your iPhone shatters even once.
 
 
 
 
AppleCare+: Everything you need to know about Apple’s extended warranty program
 
Lots of interesting information about AppleCare in this article.
 
 
 
 
iPhone 8 Plus Displays Are Popping-Out, Literally
 
What could be giving sleepless nights to Apple’s engineering team are three reports of battery swelling in the iPhone 8 Plus, and that the deformed batteries caused displays to pop-off.
 
iPhone 8 owners need not panic yet, as three faulty devices out of the millions of iPhone 8 sold so far, is not really a cause for concern. However, if you own an iPhone 8 and see any signs of swelling, stop using it, and contact Apple Care right away.
 
 
 
 
Tim Cook Jumps to No. 3 in Vanity Fair’s ‘New Establishment List’
 
 
 
 
Apple iOS 11.0.1 Starts Causing Problems
 
Both Reddit and Apple’s official @applesupport Twitter account are currently being swamped with complaints about Apple’s latest iOS update. 
 
 
 
 
Warning: Latest iOS 11 Update Making Life Hell For Some
 
Apple will likely release a fix to the problems.
 
 
 
 
Apple Watch Series 3 review: better late than never
Apple has finally brought cellular service to the Apple Watch, and with this latest iteration it looks like the wearable is at last delivering on some our earliest hopes for the series
 
We've seen smartwatches with cellular connectivity before, of course, but most have fallen far short of making it work well. This is where Apple usually swoops in, late to the party, but with a solution that is reliable and simple to use.
 
This killer app of the new Watch is the cellular service, so don't scrimp on that £70 and go for that version.
 
 
 
 
How to use Apple’s terrific document scanner in iOS 11
You don’t need a separate app anymore
 
To try out Apple’s built-in scanner for yourself, open Notes. Inside of any note, hit the + symbol above the keyboard. The menu that comes up will offer a few options — this is also the tool you’d use to add a photo or sketch to your note — but the “Scan Document” option is the one you want.
 
Don’t worry if you end up snapping the picture of your document from an angle, as Notes will automatically correct for this and straighten everything out. That’s one of the most impressive aspects of Apple’s tool. So if you’re in a situation where you don’t have time to square things up, it’ll still work great.

 
 
 
iOS 11's Most Obnoxious Features
 
 
 
 
The Good and Bad in Apple iOS 11 for iPhone and iPad
 
Apple’s iOS 11 isn’t perfect but, overall, it’s an outstanding operating system.
 
 
 
 
How to Use Instant Notes on iPad in iOS 11
 
If you have an iPad Pro, there's a new feature in iOS 11 that's designed to let you open up a new document in Notes just by tapping the Apple Pencil on the iPad's display. 

The feature, Instant Notes, works even when the iPad is locked, so you can pick up the iPad and get right to writing without having to go through the hassle of unlocking the device, opening the Notes app, and creating a document.
 
If you don't want to allow the Apple Pencil to open the Notes app, you can turn off Instant Notes in the Settings app.
 
 
 
 
How to Use Instant Markup to Quickly Edit Screenshots in iOS 11
 
Instant Markup is a feature that's present on the iPhone and the iPad in iOS 11. There is no way to turn it off at the current time, so if you dislike those little screenshot popups, the only option is to wait the few seconds for them to disappear or swipe them away to the left of the display.
 
 
 
 
Turning Off Wi-Fi and Bluetooth in iOS 11's Control Center Doesn’t Actually Turn Off Wi-Fi or Bluetooth
And it’s a feature, not a bug.
 
Apple’s documentation says:
“When  you toggle the Wi-Fi or Bluetooth buttons in Control Center, your device will immediately disconnect from Wi-Fi and Bluetooth accessories. Both Wi-Fi and Bluetooth will continue to be available.” That is because Apple wants the iPhone to be able to continue using AirDrop, AirPlay, Apple Pencil, Apple Watch, Location Services, and other features, according to the documentation.
 
 
 
 
Apple iPad (2017) review
It might look like more of the same – from 2013, no less – but this iPad gets the power-to-price ratio just right

https://www.stuff.tv/in/apple/ipad-2017/review
 
 
 
Instant Expert: Secrets & Features of iOS 11
 
While this fall’s release of iOS 11 doesn’t provide some of the flashy new improvements that past iOS versions have, it does add some nice quality of life improvements for iPhone users, and — probably most fittingly for the tenth anniversary of the operating system — matures the iPad into a whole new realm.
 
This article has a list of devices that are supported by iOS 11.
 
 
 
 
iOS 11 and Apple Watch Series 3, the good, the bad, and the insecure
 
Security problems fixed by the latest version of iOS 11.
 
 
 
 
iOS 11 Update Patches Multiple Potentially Dangerous Exploits
 
The details in this article are technical.
 
 
 
 
How to use iCloud Drive's new sharing features

With MacOS High Sierra and iOS 11, iCloud Drive is finally catching up with Dropbox and Google Drive in terms of sharing ability. You will need to convince your collaborators to start using iCloud Drive, however, if you want to share files on Apple's cloud service, a dubious proposition given the head start that both Dropbox and Google Drive enjoy.

Still, if you've got friends and family all using Macs and iPhones, there's lots to like about the new and improved iCloud Drive. Plus, you can now share an iCloud account with your family for more than just app and iTunes purchases.

https://www.cnet.com/how-to/how-to-use-icloud-drives-new-sharing-features/


 
Scams bites Apple customers
 
Several ways the hackers conned people into giving up their personal private information.
 
 
 
 
iOS 11 solves one of the biggest issues with having multiple Apple devices in your family
 
The new version of iOS, the operating system that underlies the iPhone and iPad, solved an annoying problem in my family.

As the family IT administrator, one of my jobs is to make sure each of the devices we own is backed up. That task just got a lot easier with iOS 11.
 
 
 
 
With a Stolen iCloud Password, Your Mac Can Be Held Hostage
 
Apple designed macOS’s Find My Mac feature to help those who have lost a Mac or had one stolen recover their machines while simultaneously rendering the computers inaccessible. Unfortunately, Find My Mac has recently been subverted by extortionists relying on usernames and weak passwords leaked from account breaches at major sites like Yahoo and LinkedIn — not iCloud itself.
 
If you use the same password for iCloud and other sites or if you haven’t changed your iCloud password in years, change it immediately.
 
To be crystal clear, iCloud has not suffered a major breach. Rather, this attack was made possible thanks to breaches at other sites that revealed usernames and passwords. 
 
 
 
 
Hackers Are Using iCloud's "Find My iPhone" Feature To Lock Apple Devices Remotely For A Ransom
 
All the hackers need to make use of the “Find My Device” is your iCloud username and password. It doesn’t matter that you may have two-factor authentication, seeing as that precaution would be useless when the code is sent to the device you’re trying to locate.
 
 
 
 
Hackers are locking people out of their MacBooks – here’s how to stay safe
 
Hackers using stolen iCloud credentials have been able to use Apple’ Find My Device features to remotely lock down computers and demand Bitcoin ransoms from affected users. However, that doesn’t mean Apple’s iCloud was hacked. Instead, hackers are likely trying their luck with some of the many available username and password combinations that resulted from recently publicized hacks.
 
 
 
 
Hackers are using iCloud to remotely lock MacBooks
 
This has happened to countless Apple customers in recent weeks, the author if this article included.
 
 
 
 
Hackers are using Apple’s “Find My” service to remotely hold devices for ransom, reports MacRumors. Multiple people have tweeted about stolen accounts in the past week. Two-factor authentication does not prevent the hack.
 
But how did hackers get these people’s passwords? As MacRumors reports, it’s likely that the hacked users had been using the same password for their Mac and for other sites. So when some third-party site was breached and passwords were exposed, hackers pored through the list, trying the same login info on iCloud accounts. And they found the poor suckers who re-use passwords.
 
So how do you prevent this happening to you? As MacRumors suggests, if you’ve ever re-used your iCloud password for some other service, change your password immediately.
 
 
 
 
Apple’s two-step verification goes away with iOS 11 and macOS High Sierra
To be replaced by two-factor authentication.
 
Two-factor authentication (2FA) is a method of protecting an online account. The two factors—things that identify you—in 2FA: Something you yourself know, like a password; and something you have that can receive a token to confirm who you are, such as a smartphone.

Apple’s original two-step system relied on its Apple ID site for set up and management, and could only send codes to iOS devices and via SMS. Its update in September 2015 left two-step in place for those who continued to want to use it, but the 2FA revision was far better. 
 
If you’re still using two-step verification, Apple converts your account to 2FA with iOS 11 or High Sierra. 
 
 
 
 
Why You Should Set Up IOS 11’S Emergency SOS Now
 
So how do you get this life-saving tool on your own iPhone?

First, make sure you’ve installed the latest update so that you’re working with iOS 11. Next, go to Settings and click on “Emergency SOS.” From there, you can turn on the “Auto Call” option. Once it’s on, you will be able to receive help by clicking the “Power” button five times.
 
 
 
 
The iOS 11 32-bit Apocalypse Actually Isn’t That Bad
 
While iOS 11 leaves 32-bit apps behind, the move hasn’t taken developers by surprise. 
 
That developers have had nearly three years to get in line, and that doing so wasn’t particularly taxing, matters more than you might think in gauging why Apple’s banishing 32-bit boffins in the first place.
 
The mandatory overhaul acts as a mechanism to purge abandoned apps from the App Store en masse. If developers can’t be bothered to go 64-bit, they likely haven’t put much TLC into their software in general.
 
"Apple wants to get rid of dead apps," says Eliran Sapir
 
 
 
 
Are You Ready for a Browser Cleanup?
Here’s How to Clear Cookies on an iPad
 
AW comment:
This should also work on iPhone and iPod.
 
Cookies are small files that websites store on your device.
 
Before you choose to delete all your cookies remember that many websites need cookies.
 
This article has instructions for deleting the cookies of four different web browsers.
 
 
 
 
Hands On: OmniGraffle gains drag and drop for iOS 11 on iPad and iPhone
 
 
 
 
Inside Hong Kong's Wanchai computer market, where unofficial iPhone repairs are a cottage industry
 
China’s Shenzhen market is famous for the unofficial iPhone repairs and upgrades available from the many stalls there. Hong Kong’s Wanchai electronics market may be smaller, but in the five floors of tightly-packed stalls, you can’t turn around without bumping into an iPhone repair service.

The market sells everything from phone cases through cheap-and-nasty Windows laptops to expensive drones and high-end cameras. But there’s one thing that really stands out, and that’s the ubiquitous and entirely unofficial presence of everything Apple …

The stalls are basic, but the services are comprehensive.
 
Would I risk using their services? Definitely not – but I have the luxury of being able to pay Apple’s prices if I need to. Not everyone can, and I’m sure that there are a great many devices repaired here which would otherwise be landfill.
 
 
 
 
Apple has finally realized that some people may need more than 24 hours to watch a movie. Or that they may want to watch a movie more than once after renting it. So, with that in mind, you can now watch any movies you have rented through iTunes for a full 48 hours after you first click “Play”.

http://www.makeuseof.com/tag/longer-watch-itunes-movie-rentals/
 
 
 
How to add a fast new SSD to your old Mac or MacBook for only $150
 
Replacing your old 500GB hard drive with a same-sized SSD from a reputable manufacturer costs only $150, while 1TB drives are under $330.
 
With this week’s release of macOS High Sierra, Apple has officially made SSDs its preferred Mac storage solution, introducing the new APFS standard to further optimize SSD performance over Fusion and traditional hard drives. So this is a perfect time to revisit the topic of SSD upgrades; if you held out before, now’s the time to jump in!
 
This articles has instructions for do-it-yourselfers on how to install a new SSD drive into various MacBooks and desktop Macs.
 
If your Mac is too old for installing an SSD drive, you can buy an external SSD that plugs into your FireWire or, better yet, your ThunderBolt port.
 
 
 
 
Some MacOS Users Aren't Getting the Firmware Security Patches They Think They Have
 
Apple's security updates for macOS sometime include patches for serious vulnerabilities in the firmware that runs beneath the operating system. So you might think you're safe if you keep your OS version up to date, but that's not always the case. Depending on your Mac model, you might get the firmware patches or you might not, a team of researchers found.
 
Apple's security updates for macOS sometime include patches for serious vulnerabilities in the firmware that runs beneath the operating system. So you might think you're safe if you keep your OS version up to date, but that's not always the case. Depending on your Mac model, you might get the firmware patches or you might not, a team of researchers found.

Duo Security researchers Rich Smith and Pepijn Bruienne found 16 Mac models that appear to have never received any EFI update in the past three years, over the lifetime of OS X Yosemite (10.10), OS X El Capitan (10.11) and macOS Sierra (10.12). During that time, other models received patches for serious vulnerabilities.
 
The Duo researchers told me that despite the identified problems, Apple actually does a much better job of patching EFI security issues than other computer makers.
 
It's not entirely clear why EFI updates fail on some systems, but the more concerning finding is that there's no indication to users or Apple when this happens.
 
 
 
 
Most New iMacs Can't Benefit From macOS High Sierra's Best Update
 
The new Apple File System (APFS) is made to improve performance with Solid State Drives (SSD).  Unfortunately, many Macs don’t have an SSD.  Instead, they have an older Hard Disk Drive (HDD).  And APFS doesn’t do much for HDD.
 
APFS is built for SSD storage, ditching the 19-year-old HFS+ file system that was built for old spinning-disk tech like that found in HDD and floppy drives. It encrypts your data and uses less memory and resources when retrieving and saving files.
 
 
 
 
The Real Problem with Voice Assistants Like Siri Is Your Brain
 
The human brain does not multitask well.
 
Even when it seems like we’re able to do two tasks at once, we’re likely only shifting the focus of our attention rapidly back and forth between the two tasks, and that comes with a cost to speed and accuracy.
 
Fumbling around the real world while blundering through the digital one is not the hands-free, intuitive, more intentional future of our dreams. It's attentional slavery by another name.
 
 
 
 
How to Discreetly Disable Touch ID and Face ID on an iPhone in iOS 11
 
There's an Emergency SOS feature built into iOS 11 that has hidden functionality -- it automatically disables Touch ID and makes it so your passcode has to be entered to unlock your iPhone. 

Because it essentially shuts down the biometrics on your device, you can't be compelled by a police officer or malicious person to unlock your iPhone with a fingerprint, nor can your fingerprint be used to get into your device should you be unconscious after an emergency. On iPhone X, this also applies to Face ID.
 
Detailed instructions are provided in this article.
 
 
 
 
iPhone X: Sorry Apple, but I just can't face using Face ID
 
Apple promises that using facial recognition will be more secure than using a fingerprint.
 
But there are still a few things that make me reluctant to use it.
 
First, for a smartphone I'd argue that a fingerprint is actually the easiest replacement for the password.
 
If we start using facial recognition in a controlled scenario like unlocking our phones, do we then encourage its use elsewhere -- in scenarios where we have less control?
 
 
 
 
The newest iCloud threat is preventing some people from using their Apple devices. Here are five steps to shore up iCloud security and protect Apple devices from being exposed to ransom attacks.
 
 
 
 
How to Back Up Your iPhone
 
If your phone is loaded with pictures, songs, apps, and years worth of text messages, a basic iCloud backup isn’t going to cut it. If you have a computer with some gigs to spare, all you need to do is plug in your iPhone, install iTunes on your Mac or PC, and click a few buttons to make sure all your phones data is tucked away, safe and sound.
 
 
 
 
Google Is About To Start Tracking Your Offline Behavior, Too
 
It’s no secret that Google already monitors its users’ online shopping activity, but now it will follow them out of their homes and keep a close eye on every interaction they make. The tech giant announced a new system to track users’ in-store credit card purchases Tuesday in a statement published on the company’s official blog.
 
Google rolled out the new tool at Google Marketing Next, an annual event geared toward advertisers where the company unveils its newest innovations in marketing. “Store sales management” works by pulling data from Google’s third-party partnerships, which capture approximately 70% of credit card transactions in the United States. The system then streamlines user information in order to generate reports automatically sent to merchants who opt in. The reports will measure the effectiveness of online advertisements by matching in-store transactions back to Google ads.
 
 
 
We introduced store visits measurement back in 2014 to help marketers gain more insight about consumer journeys that start online and end in a store. In under three years, advertisers globally have measured over 5 billion store visits using AdWords.
 
Integrations with AdWords, Google Analytics and DoubleClick Search make it easy to bring together data from all your marketing channels. The end result is a complete view of your performance.
 
 
It’s far too common that people encounter annoying, intrusive ads on the web—like the kind that blare music unexpectedly, or force you to wait 10 seconds before you can see the content on the page. These frustrating experiences can lead some people to block all ads—taking a big toll on the content creators, journalists, web developers and videographers who depend on ads to fund their content creation.

We believe online ads should be better.
 
“Looking at the past few years, we’ve come to realize that to the rise of ad blockers has negatively impacted potential revenue across all of our properties, particularly in Europe. 
 
 
 
 
Why so many spam phone calls come from your area code
 
When you see an incoming phone call from a number you don't know, but has the same area code as you, it's understandable why you would drop your guard and pick up the phone.

Spam callers can make it seem like they're calling from your hometown's area code with a tactic called caller ID "spoofing." Indeed, the word "spoof" means both to imitate something, as well as to trick someone.
 
The most popular way that miscreants spoof their caller ID is with voice-over-IP (VoIP) services. Some of these VoIP services let spam callers choose what number they want their victims to see on their phone's caller ID.
 
 
 
 
Google: Yes, we blew it. But we cannot clean up digital advertising alone
 
From ads ending up next to hate videos on YouTube to having to refund advertisers after showing their ads to bots instead of humans, Google has been in the thick of an advertising maelstrom this year.
 
 
 
 
Britain has passed the 'most extreme surveillance law ever passed in a democracy'
The law forces UK internet providers to store browsing histories -- including domains visited -- for one year, in case of police investigations.
 
It's the "most extreme surveillance law ever passed in a democracy," according to Jim Killock, director of the Open Rights Group.
 
Scroll down to the end of the article to see a video.
 
Posted by Thomas Briant at 8:05 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

 

 

Blog Archive