In This Issue:
The MAGIC program on Wednesday, June 18 will explore how to store and access passwords. Everyday there are new passwords to remember. New ones are easy to forget. Old ones used over and over become vulnerable. We'll describe several password applications that create strong, unique passwords for every site. These apps even remember them for you. You only need to remember one password. We'll also look at Apple's Keychain utility where passwords, certificates and logins can be saved.
The first hour of the program is a question and answer session with Robert Elphick, especially aimed at beginners. Bring your questions or share a success. The Macintosh Appreciation Group of Island County (MAGIC) meets the third Wednesday of each month from 4 to 6 p.m. at the Unitarian Universalist Congregation at 20103 State Route 525 two miles north of Freeland. A short business meeting follows the Q&A, followed by the program.
Now that the days are long, the program room needs to be darkened with curtains. I welcome two or three volunteers willing to come about 3:30 p.m. to help me put up the curtains and the tables. Contact me at
if you can come. Help putting away the curtains and tables at the end of the meeting is also welcome.
Future Meetings: (subject to change)
See the Meetings Page on this website.
Do not forget to bring your used ink cartridges.
Minutes of the May, 2014 Meeting, and Presentation Notes
by Penny Holland, Secretary
The May meeting for MAGIC was held at the Unitarian Congregation Meeting House of Freeland. Meeting was called to order by Robert Elphick at 4:00. Approximately 18 people were in attendance.
Q & A SESSION
Q:Can you recommend a book I can get to help with Mavericks?
A: You don't have to buy a paper book, but instead you can get a free iBook for Mavericks. The iBook is good because you can search easily for a topic and find it quickly. Another good book is THE MISSING MANUAL published by o'Reilly, costing about $15 at Amazon.
Q: Do you turn off the Mac at night or put it to sleep.
A: There are two good reasons to turn it off. First, you are using electricity even if the computer is in sleep mode and so contrubuting to CO2 emissions. Secondly the Unix operation system does some work when the computer is completely turned off. For instance, the RAM gets erased when the computer is turned off, not sleeping.
Q: When I shut mine off and restart in the morning, I simply have to move the mouse to restart. Yet I still have to log back in with my password.
A: Sounds like pilot error. Make sure you are clicking on SHUT DOWN rather than LOG OUT under the Apple Menu.
Q:How can I make labels on my Mac? I used to use Avery to make them on my PC.
A: You can get templates from Avery. Or use Pages to use labels. The Avery template can be loaded into Pages to be used for labels. Avery template also worked for printing business cards on a Mac. Put the names into a group and then print out labels with Pages.
Robert did a quick demo on how to create labels/envelopes from within CONTACTS. In Contacts, go to FILE -> PRINT and look under Style, you get choices as Mailing Labels, etc. and you can select under Page, Avery Standard, and choose the Avery Style you wish.
Q: Using Mavericks my emails are grouping the conversations. How to stop that?
A: In Mail under the VIEW menu, look for ORGANIZE BY CONVERSATION. Be sure this is not checked. Then all emails will be separate, rather than grouped into conversations.
Q: Has anyone else been getting virus notices from ClamX? I am getting about ten a day that ClamX is finding and isolating.
A: Nobody else has had this problem. Most did not know about ClamX, so Robert showed how to get the ClamX antivirus program. To delete the folder where ClamX puts the questionable files: put it in the trash and do a Secure Empty Trash. You can set up to run in the background so it's always checking for viruses. If this virus detection is consistently happening, report it to WhidbeyTel.
Q: Does TextEdit still do RTF format?
A: Yes. But the latest version of Pages still has some problems and doesn't offer RTF, so the recommendation is to stay with an older Pages version (4.3) until they fix that. (On iPAD you want to stay with Pages version 1.7 not the 2. version.)
Q: How do you do the Contacts and Calendars syncing in the new Mavericks upgrade?
A: Update Mavericks to version 9.3, the latest OS version and also update iTunes. Next, go to the iDevice in iTunes and select the Info button, then click the items you want to sync. Under Advanced (near the bottom of the page), only one time you need to check the REPLACE INFO on this iDevice for Contacts and Calendars.
A CAUTIONARY NOTE: In System Preferences, under iCloud, look to see if all the Apps except perhaps for the Find My Mac choice are turned off or unchecked. CAUTION; DON'T turn everything off on iCloud without looking at the MAGIC website Tricks and Tips as to how to do this safely so you don't lose your data when you turn everything off Look for the article called DISCONNECTING ICLOUD which tells how to archive your data before you quit using iCloud so you don't lose your data.
Q: Sometimes I go to a website and that one takes you to another site, sometimes the back arrow works and sometimes it doesn't. Why is that?
A: It has to do with whether the link takes you to an entirely new window (or tab) or renders the link in the same window. If you canʼt backup using the back arrow, check to see if there is a new tab that has been opened and go to that tab.
Robert announced that we recently had a Board of Directors meeting, where we discussed the fact that being a non-profit organization requires MAGIC to have a president. Robert Elphick has volunteered to run for this position. Penny Holland moved that we elect Robert, and Madeline Van der Hoogt seconded the motion. There were no other nominations. The vote was unanimous in favor of electing Robert Elphick as president.
Robert announced that we are going to do more classes--Essentials and iPhoto. Details are on our website. Essentials begins June 10 and meets every Tuesday for 5 weeks from 1:30 to 4:30 at AuSable in Coupeville. iPhoto class is 3 consecutive afternoons, June 25, 26 and 27. Signups may be made through the MAGIC website.
Our current bank balance is $10,023.35
Three free computer goodies were given away to the first person interested: 4 port USB hub with external power, a set of computer speakers, and a firewire 320 GB external HD.
PRESENTATION - Tips and Tricks for iPhone photos by Prescott
MacWorld's website, offers a lot of tips, but you get even more if you pay for a subscription of the magazine. Play with the site and do searches for things you want to learn about. Prescott announced that the April 2014 issue of the MacWorld magazine has a feature on iPhone photos.
Here are some of the tips:
Prescott suggests you play around with photos on the iPhone. She warns that the digital Zoom capability is pretty poor, so be careful. Robert showed some other APPS that are available to download from the APP STORE for photo work: Camera, Timelapse (takes pictures every so many seconds), PhotoStudio (has editing capabilities), and Camera Plus, and HDR are a few that were mentioned.
More apps include: Stop Motion, which lets you make stop motion-type movies, PS Express (similar to PhotoShop), Parsley allows you to make a photo that is b/w with a single colored object, Snapseed, a Google app, allows for advanced color or contrast correction (costs about $2.99), ColorBlast is another one to take a look at, and finally, Phonto allows you to put text on top of your photo.
You can also buy iPhoto to organize your pictures on your phone. It is compatible with iPhoto on your Mac.
A list including many of these APPS, as well as the photo tricks demonstrated by Prescott will eventually be found on the MAGIC website.
The meeting was adjourned at about 6:00.
Mavericks returns local syncing
With the latest update to Mavericks OS x 10.9.3 and iTunes 11.2 it is now possible to once again sync Calendars and Contacts via the USB cable to iDevices.
iCloud is no longer a requirement.
Apple finally listened to us!
So now it is OK to upgrade to Mavericks if you wish and be able to sync your iPhones, iPads, and iPods like you used to do. For more information read the MacWorld article.
I am very happy to see this!
Summer Education Program
In June we will be starting two more classes:
Note: This Software Update section of the newsletter lists the most relevant Apple updates. Not all updates are listed for all products. Additionally, I'll add other pertinent updates on occasion.
Apple issues iTunes update to fix /Users issue
by Dan Frakes, macworld.com
iTunes 11.2 release contained a bug that was both inconvenient and risky: If you have Find My Mac enabled, your Users folder (/Users) will be hidden at startup. Worse, that folder, along with /Users/Shared, will have their permissions set so that anyone can modify them, creating a security risk.
Our Christopher Breen explained a couple ways to make /Users visible, but that was just a workaround—and your changes were reset when you next restarted. The real fix came from Apple late Friday night in the form of iTunes 11.2.1. Install this minor update, and both the visibility and permissions of the /Users and /Users/Shared folder will be corrected—and will stay correct.
You can install iTunes 11.2.1 using the Mac App Store app, or by downloading the latest version of iTunes directly.
OS X 10.9.3, iTunes 11.2 arrive with bug fixes, feature enhancements
by Dan Moren, macworld.com
Time to take a visit to the Mac App Store's Updates tab, because OS X 10.9.3 has arrived, along with iTunes 11.2. The latest update to Apple's desktop operating system brings a number of bug fixes and improvements, while the new version of iTunes adds some enhancements for podcast listeners.
The Mavericks update improves support for 4K displays on the new Mac Pro as well as the 15-inch Retina MacBook (Late 2013), and improves the reliability of VPN connections that use the IPSec protocol. It also lists the ability to sync contacts and calendars between a Mac and iOS device using a USB connection—a feature that used to be the province of iTunes. It's unclear at this point exactly what that entails. According to Apple's knowledge base document about 10.9.3, the update also includes a fix for a problem that prevented Font Book from installing PostScript Type 1 fonts, improves reliability when dealing with SMB file servers or using a network home directory, has better stability when installing configuration profiles, and speeds up login for users in Active Directory groups.
There are also the usual security patches, though the knowledge base document detailing them had not been updated as of the writing of this article. OS X 10.9.3 had previously been available as a public beta via Apple's recently launched Beta Seed program.
iTunes 11.2, meanwhile, makes a number of changes to its podcast support, an area that's been a bit of a sore spot for many users. The Unplayed tab has been revamped, making it easier to find episodes you haven't listened to, while a new Feed tab makes it easier to browse episodes available to download or stream. The update also touts the ability to save favorite episodes on your computer, as well as automatic deletion of episodes after playback. Like 10.9.3, iTunes 11.2 includes assorted security updates.
iTunes 11.2 rejiggers the app's Podcast interface, which may please some frustrated users.
The Mavericks update is available via the Mac App Store, or at Apple's support downloads site; iTunes, meanwhile, is available via the Mac App Store, Apple's downloads site, or Apple's iTunes site, and does not require OS X 10.9.3.
Apple neglects to renew SSL certificate, breaks Software Update in the process
by Nick Mediati, macworld.com
If you were tried to install OS X software updates this weekend, you might have noticed that you...can't. As MacRumors points out, OS X users who attempt to install software updates through the App Store app are getting error messages that complain about an invalid certificate. The reason? Apple apparently forgot to renew the SSL certificate in question.
The error message reads, "The certificate for this server is invalid. You might be connecting to a server that is pretending to be swscan.apple.com which could put you confidential information at risk." Some users (myself included) report seeing an "NSURLErrorDomain error -1012" alert instead; MacRumors speculates that the invalid certificate may be causing this error as well.
A quick check on the certificate status for Apple's update server shows that it expired Saturday, May 24th. For the uninitiated, SSL certificates are a method of verifying a website's identity that are issued by organizations known as certificate authorities. Think of them as a sort of identification card, except for websites. OS X's Software Update mechanism looks for a certificate from Apple's update server to verify its identity, and when that certificate is missing or invalid, OS X will refuse to connect to the update server.
There's no word on when Software Update will be up and running again, so in the meantime, your best bet is to head to the downloads page on Apple's support site to get the updates to install manually.
News, Info and Stories
iCloud FAQ: Why Apple's online service will matter more than ever
by Dan Moren & Dan Frakes, macworld.com
While the focus of Monday's WWDC keynote was on Apple's two operating systems, iCloud was a strong supporting player. That's because, if iOS 8 and OS X Yosemite will represent the two sides of an Oreo cookie, then iCloud will be the creamy filling that keeps them glued together.
Among other things, Apple demoed a number of new features in both iOS and OS X under the general heading of "Continuity"—ways that Macs and iOS devices will be able to work together to offer new services, in many cases using iCloud as the link. Here's everything you need to know about the new connection services coming to Apple devices this fall.
Let's cut to the chase: How much online storage will I get for free?
5GB is yours, free That much won't change. That will include your documents stored in iCloud Drive, your photos in your iCloud Library, your device backups, and so on. It's a little on the paltry side, but the good news is …
Apple's new iCloud storage plans: Cheap for consumers, even cheaper for developers
by Sam Oliver, appleinsider.com
At this week's Worldwide Developers Conference in San Francisco, Apple announced a restructuring of its iCloud storage and computing services as part of an apparent bid to stem the tide of user data flowing from iOS and OS X to competitors like Dropbox and Facebook.
If there were a commodities market for intangible goods, consumer data wouldn't trade very far behind breathable air. Physically trading a Vaio for a MacBook or an iPhone for a Moto X is easy; migrating data between those platforms isn't, and that makes for particularly strong platform loyalty.
Apple has seen competitors wrest control of its users' data away in recent years, and the company is responding to the threat with a number of new features and pricing changes that are good for both consumers and developers.
Apple lays out what it can tell law enforcement about you
by Marco Tabini, macworld.com
A newly-released document on Apple's website outlines the company's policies when it comes to sharing the personal information of iOS users with U.S. law enforcement.
According to the whitepaper, the company can help lawmen get their hands on a significant amount of information you share through iCloud, including your e-mail, iWork documents, calendars, and so on—provided, of course, that they come looking for it with a valid warrant.
Perhaps a bit more worryingly, the folks from Cupertino can also help a law enforcement agency to extract certain information from an iPhone or iPad, even if the device is protected by a passcode lock.
Luckily, this kind of operation can only coerce a relatively small amount information from an iOS device, and only from Apple's own apps. This includes data, like call history and SMS messages, that law enforcement could more easily obtain directly from a cell provider, but can also extend to your photos, movies, contacts, bookmarks, and device backups (it's unclear whether the latter are encrypted or not).
Not all bad news
Now for the good stuff: First of all, Apple can't use Find My iPhone to track you unless you turn it on first, and even then it only keeps track of a relatively restricted set of data. This means that the company will respect your privacy if you decide to keep Find My iPhone off, and that it will be able to help Search and Rescue find you in an emergency.
It also looks as though Apple is capable of holding to some of the logs from its lost-device service. Although GPS information is not on record, the company will be able to tell law enforcement if Find My iPhone was used to wipe out an iPhone or iPad remotely—an important bit of information for a prosecutor who is looking to establish whether a suspect attempted to wipe out potentially incriminating data after it had entered into evidence.
Finally, the whitepaper states quite unequivocally that Apple cannot provide access to either iMessage or FaceTime communications, which are encrypted end-to-end to preserve their privacy. If true, this bit of information is, indeed, very big news: It means that FaceTime calls and iMessage chats are, in fact, more secure than their traditional phone and SMS counterparts, which travel in the clear and can be intercepted with a wiretap warrant.
OS 10.10 Yosemite
by Kali Hilke, smalldog.com
It seems funny to type that — 10.10 — but Apple's newest OS incarnation is just that: the 11th version of the OS X operating system (pardon the redundancy). In his keynote, Apple's Senior Vice President of Software Engineering, Craig Federighi, talked about the "future of OS X: "Yosemite."
My first thought: How can the successor to Mavericks top itself? I've loved the cleaner, more iOS-like interface of Mavericks, and especially loved the changes to Finder and couldn't make the switch fast enough, especially since it was free-of-charge to Snow Leopard, Lion or Mountain Lion users. However, along with the beneficial features and the fact that it kicked off a new OS naming scheme dedicated to notable California locales, it also had a few hiccups (most notably with Mail) that could stand to be improved upon.
From the looks of Yosemite, it delivers and then some.
So, what will users see in the latest Mac OS? For starters, Yosemite also includes a user interface redesign, further adding iOS 7 (and iOS 8)-like visuals to your desktop. Yosemite boasts a more seamless integration between all of your devices as well as major new features focusing on seamless integration between Mac and iOS devices, a storage system called iCloud Drive, which is essentially iDisk coming back but with enhanced cloud features, and phone and text features added to your desktop.
There was a ton of information included in the keynote, so we figured it might be better to expand more on it on the blog. Head on over to our blog, Barkings for all the details and to check out some screenshots of the new software. Both Yosemite and iOS will be available for free to the public this Fall.
I'm really excited to get this on my (personal) iMac, since we'll be restricted from using Yosemite until IT clears it — likely beyond the official Fall release date. I plan to renew my Developer account, so we'll see. In the meantime, since Don has already installed it on his personal machine, we'll be pestering him for details that we'll make sure to share in future issues of Kibbles & Bytes.
ClamXav is a valuable troubleshooting tool
by Chris Barylick, MacWorld
As much as you might want to believe that your Mac is nigh on invulnerable to viruses, trojans, malware and phishing-based attacks, this simply isn't the case. Along with well-publicized vulnerabilities that have been exploited such as Flash Player and Java, OS X is still vulnerable to a variety of malware that can make life interesting for both you and your clients. This is where ClamXav 2, a free application developed by Sourcefire VRT, becomes the greatest thing ever. Lovingly developed and religiously updated by the group of open source developers responsible for the cross-platform ClamAV anti-malware application, ClamXav won't actively scan incoming downloaded files the way commercial anti-malware suites will, but it does a great job of combing through your user account, your hard drive, or more specific folders as needed. If there are files that are infected on your Mac, ClamXav will find them, provide you with a description as to what the infected file can possibly do to your computer, and give you tools to deal with them.
ClamXav's two-pronged approach helps it do as well a job as it does. The program allows you to put infected files aside in a specified quarantine location, then tear them and delete them as you see fit following the scan. The scan process, in turn, can be paused and resumed at your leisure (something which is definitely appreciated in the case of multi-terabyte hard drives), and infected files can be quarantined and/or deleted outright on the fly. It's simple to schedule scans or add a flash drive or external hard disk to the device list to scan later.
What makes ClamXav truly shine is its support base, as well as the fact that it doesn't try to be overbearing within the OS X operating system, nor does it try to function without your permission and solve all your problems. Unlike offerings like Symantec's recent anti-virus and security suites, ClamXav doesn't try to be ever-present and continuously monitor your system functions. It's there when it needs to be, its application and virus definition update functions work like a dream, and after having to remove an unresponsive 2009 copy of Norton Antivirus out of a client's MacBook Pro using a shell script located on the Symantec website, one can appreciate the effort that goes into its steady upkeep.
ClamXav doesn't promise to police your downloads, act as a firewall, keep your kids from adult content, or solve all your problems. Instead, it lets you isolate and delete the assorted viruses, malware, and trojans that could be causing your Mac to behave erratically. ClamXav is updated on a daily basis by a group of incredibly talented security engineers and distributed for free.
ClamXav requires an Intel-based Mac running Mac OS X 10.6 or later and can be downloaded from the ClamXav website or from the Mac App Store. It may not be the be-all and end-all for every virus-related issue you'll see on your or your clients' Macs, it's easy to install, easy to configure, and a great place to start the diagnosis and repair process.
Snoop-proof your Macs
by Rich Mogull, MacWorld
The NSA (the National Security Agency, or, as some people prefer, No Such Agency) has found itself in the spotlight lately, owing in large part to leaks from former contractor Edward Snowden. But although the agency has been in hot water because of who it has been spying on, snooping isn't the agency's only job. The NSA also plays an important role in helping the rest of the government secure its computers from outside attackers.
Back in 2010 the NSA published Hardening Tips for Mac OS X 10.6 'Snow Leopard' (PDF), a terse, two-page pamphlet recommending a series of security precautions. The agency hasn't updated that pamphlet for more recent versions of OS X—so I thought I'd do so in the agency's stead.
Practically speaking, these precautions would seriously degrade the Mac user experience for anyone who implemented all of them. So as I was updating the NSA's advice for OS X 10.8, I decided to add a little guidance as to how much pain some of these tips might cause you. I certainly don't use all of these tricks myself. But they are still good to know.
(I'll be referring to the pamphlet throughout, so you should download it before you go any further. Plus, one reminder: When changing some System Preferences items, you'll need to click the lock icon in the lower-left corner and enter an administrator password.)
iPhones, iPods, and iPads
iOS apps now top browsers as the way to watch TV online
by James Careless, TechHive
The revolution will be televised. And if you're watching the revolution online, chances are you'll be doing it on an iOS app. That's just one of the fascinating conclusions—minus the prospect of a revolution, of course—drawn from a quarterly report by Adobe on video consumption. The illustratively titled US Digital Video Benchmark for the first three months of 2014 compiles and analyzes online TV (TV Everywhere) and non-authenticated online video trends.
According to Adobe, iOS apps topped browsers as the most popular access point for TV Everywhere content. iOS apps grabbed a 43 percent share of this market between the first quarter of 2013 and the same period in 2014. Browsers came second with a 36 percent share—down 47 percent a year ago.
This seismic shift signals that the move from the desktop to mobile devices is now well under way for online TV viewers. Android apps also grew, grabbing a 15 percent share, while gaming platforms hit 6 percent, up 539 percent form the year before.
Another staggering figure (and another offense to math geeks who insist that percentages cannot exceed 100 percent): Overall online TV consumption across all platforms grew 246 percent year-over-year, with March 2014 setting a new record in total authentications.
"More than one fifth of all pay-TV households in the U.S. now watch TV online across screens," said Jeremy Helfand, vice president of Adobe Primetime. "With rapidly rising consumer expectations for TV across devices, the TV industry is moving through a rapid transformation and finding new ways to bring TV to whatever screen audiences want to watch."
Adobe measured a portentous age split during this same time period: 80 percent of children's content was viewed on iOS apps while browsers were used for 50 percent of news-focused videos. This data suggests that younger viewers are more likely to use mobile platforms for viewing. If true, that's bad news for conventional TV broadcasters (and TV manufacturers) hoping to retain audiences using higher-resolution 4K broadcasts.
History is not on the broadcasters' side. When it comes to content consumption, convenience trumps quality. That's a fact twice proven by the victory of visually-inferior VHS over Betamax videotape, and audibly-inferior MP3s over CDs.
Adobe based its conclusions on data collected from more than 1,300 media and entertainment sites between the first quarters of 2013 and 2014. It incorporates 151 billion total online video starts and 1.3 billion TV Everywhere authentications across 250 pay-TV service providers covering 99 percent of U.S. pay-TV households, plus TV Everywhere content from 95 TV channels and over 160 TV Everywhere sites/apps.
iOS 8 will be 'Made for iHome', offer universal remote functionality for all smart devices
by John Brownlee, cultofmac.com
For many of us, our iPhones are already the most used remote controls in our entire house. But come June's Worldwide Developer's Conference, and Apple's ready to make that official. A new report says that the company is planning a platform that would turn its iOS devices, including the iPhone, into a universal remote for the internet of things inside your house. Think of it as Made for iHome.
According to The Financial Times, the new platform would be built right into iOS 8, centralizing control and giving a common API for all of the various smart devices in your home: the Philips Hues, the Nest thermostats, and so on. This would centralize control instead of spreading it all out over multiple third-party apps.
Not only would Apple's new remote feature work on the iPhone and iPad, but it would also incorporate the Apple TV, which is due to get updated hardware later this year. Together, these devices will allow users to do things like set their lights to come on automatically when they enter the house, or trigger the security alarm when they exit.
The Financial Times says the business model here would be similar to Apple's Made for iPhone program, where it collects licensing fees for every device it approves. It would be similar to services like AirPlay, CarPlay, and iBeacon, which likely means that the whole system runs on low-energy Bluetooth LE.
For years, the argument for a true Apple TV was so it could function as the centralized nexus point between the Internet and all the other gadgets in your house. With all talk of the Apple HDTV having died down in favor of rumors about the forthcoming iWatch, however, it appears that Cupertino knew something the rest of us didn't: that it never needed a gadget to be the centralized nexus connecting all your gadgets together, when an API it controlled (and collected payments for) could do the same thing instead.
If the Financial Times is right, we should hear more come Tim Cook's keynote at WWDC on June 2nd.
Apple pledges to restore order to its oversized App Store
by Philip Michaels, macworld.com
Every time Tim Cook stands before an audience, the Apple CEO has a battalion of numbers at the ready to illustrate the breadth and depth of the App Store. Monday's Worldwide Developers Conference keynote was no exception: Cook told WWDC attendees that the App Store hosts more than 1.2 million apps, with total downloads now topping 75 billion.
There's a point Cook hopes to make with this numerical recitation: If you're looking for a particular kind of app to run on your mobile device, chances are you're going to find it in the App Store. So why even bother with those other mobile platforms and their less sizable app stores when iOS offers you everything you could possibly want? It's probably one of the biggest selling points of Apple's mobile platform.
20-plus iOS 8 features Apple didn't talk about
by Serenity Caldwell & Dan Moren, macworld.com
Apple's Monday keynote at its Worldwide Developers Conference was jam-packed with information about the company's new operating systems and development tools. As such, it's no surprise that a slide entitled "iOS 8 features we didn't have time to talk about" made only a lightning-brief appearance. But we picked through that slide to find some of the intriguing new features you may not have realized were coming to iOS 8 this fall.
Apple hints password reuse, not iCloud hack, at heart of locked iDevice ransom attacks
by Michael Ansaldo, macworld
Apple says an iCloud breach is not to blame for the recent spate of iOS devices held hostage by malicious actors via Apple's Find My iPhone service. Many users in Australia and several other countries have reported being locked out of their iDevices by a third party who demanded $100 to return control of the iPhones and iPads to their rightful owners.
The messages say the devices have been hacked by "Oleg Pliss," according to numerous Apple forum reports. The name Oleg Pliss appears to be an alias for a hacker, or group of hackers, responsible for the ransomware-like attack.
The bad guys sent the messages using Apple's Find My iPhone service, which is designed to let iOS device owners lock down their devices if they are lost or stolen. Using Find My iPhone, you can put your phone into lost mode, which locks the phone with a four-digit passcode. You can also force the device to make a loud beeping sound (even if the mute switch is on) and send a text message to the device.
It's not clear how the hackers were able to get access to the Find My iPhone settings of a large number of users, but Apple says their services aren't to blame.
Apple was unavailable for comment at this writing, but the company released a statement to ZDNet earlier:
Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.
Although the company didn't explicitly say so, Apple seems to be implying that these attacks were the result of reusing the same username and password across multiple online accounts. Troy Hunt, a developer and web security specialist based in Sydney, Australia, has also suggested this as the most likely scenario.
If password reuse was the culprit, that means the hackers probably gained access to the users' accounts by sifting through usernames and passwords from previous password database breaches.
And there certainly have been enough of those.
Password problems, password solutions
Adobe, AOL, Avast, Canonical, eBay, LaCie, and Ubisoft have all suffered major database breaches in the past year. EBay, the most recent company to lose control of its password database, had 128 million active users affected alone.
With so much password and username hacking going on, reusing the same passwords across multiple sites is just plain not a good idea. The best way to protect yourself from password breaches is to use strong, unique passwords for each website you frequent, never using the same password twice. To do otherwise is to risk a visit from Oleg Pliss.
It isn't as hard as it sounds. You can create unique passwords using either a password manager's random password generator or by coming up with a memorable system for managing passwords site-to-site. You'll definitely want to do it especially sensitive online accounts such as email, social networking, banking, shopping sites like Amazon, and Apple's Find my iPhone or Google's Android Device Manager. Enabling two-factor authentication on any service that supports it is another smart security precaution.
Finally, make sure you know how to protect yourself against all kinds of PC-based scams out there such as phishing, fake emails, and phony update warnings.
It may be a pain to have different passwords for all your sensitive online accounts, but the alternative is exposing yourself to losing control of your devices or, as Wired writer Mat Honan discovered in 2012, losing your personal data completely.
iOS 8 first look video: Spotlight now searches iTunes, movie times, locations & more
by AppleInsider Staff
With this year's launch of iOS 8, users will be able to access far more content through Spotlight search on their iPhone or iPad than they ever were before, including data from Maps, iTunes and Fandango.
As can be seen in the video, Spotlight is less tethered to local content than ever before, offering quick links to services like the App Store, websites such as Wikipedia, and pulling in data like movie times. Spotlight also searches for recent news stories, iBooks titles, and can even recommend suggested websites.
The same new and improved search functions can also be found in the smart search field in Safari. But with their inclusion in Spotlight, users won't have to launch an app to access that information if they so choose.
As Apple continues to feud with its chief rival Google, many of the changes made in its iOS platform over the last two years have focused on bypassing the search giant completely. These latest changes only serve to further that effort, though Google does remain the default provider on the iPhone if users choose the "Search Web" result in Spotlight.
iOS 8 is currently in beta for developer testing. It is expected to launch on iPhone and iPad this fall. For more, see AppleInsider's other iOS 8 videos.
WWDC News: iOS 8
by Stephanie Farrell, smalldog
With WWDC comes the opening keynote that most Apple nerds (and even non-Apple nerds) get all excited about because this is when they announce their new software and hardware. The two-hour keynote today consisted mostly of software announcements: Yosemite and iOS 8, baby While Kali will cover all the juicy details of Yosemite below, I'm here to give you a quick coverage of highlights from iOS 8. While it's keeping the same flat design of iOS 7, it has been updated with features that will make your experience [even] easier. iOS 8's tagline reads, "Huge for Developers. Massive for everyone else." Apple provided developers with deeper access and more tools. Such things like keyboard options and more ways to share content are just some of the things they can get their hands on. Here are some of the other improvements we'll see when iOS 8 is released this fall:
by our science correspondant, MAGIC
With thanks to xkcd.com.
By The Way
by Ron Sharp, MAGIC
"I'm trying to remember the password for... why didn't it work? Oh maybe it's all lower case. Or maybe this should be my Apple account password and not my OSX User account password? Is my Apple account password the same as my iTunes password?"
Passwords are like your house keys or car keys. You have to use them all the time and a pain if you loose them. It's easier to put off dealing with passwords because they are not a physical thing like a car key. But it's really something you need to set up right.
You have some choices how to handle them and it shouldn't be to just use the same one. Imagine having the same key for your house and cars and locks. If you loaned someone your car they'ed have access to your house and all your other things. Also see the article included in this newsletter where Apple claims the recent breach of iDevices was caused by passwords and user names being reused.
You can write all your passwords down to store in a safe place. Better yet you could create a encrypted file on your computer and keep all your passwords there, accessible by remembering only one password. Or you could use one of many password applications that keeps track of them for you. There is 1Password, Last Pass, Password Genie, One Safe, and others.
Internet browser programs like Firefox keep track of passwords you use for websites if you allow it to, but not for other apps on your computer. Your Apple operating system comes with "Keychain" that remembers passwords it uses for Apple applications like your Airport wireless network and your Mail login password as well as many internet passwords if you use Safari. But it doesn't remember passwords used by many non-Apple applications. Also, to access the passwords it saves, you have to know your Mac OS User account password.
Now to answer the question above, if you have an account set up with iTunes, that is your Apple account password. However, you can have more than one Apple account and you have to keep track of them. If you purchase music or apps, Apple keeps track of your account history, but the accounts are separate. If you delete one account, then the items you've purchased on that account are no longer stored with Apple. That means you'll have to repurchase them if you ever loose them off your computer.
You also have a User account password for your computer operating system that is used for making changes to computer settings. You can use this User account password to find passwords that your Keychain app has stored. Your Keychain app is in your Utility folder of the Applications folder.
If you want to set up an encrypted folder on your computer to store passwords you can use Disk Utility found in your Utility folder. Open Disk Utility and click on menu item File>New>Blank Disk Image, then select a file or create a new folder and using the menu options from that window set it up as an encrypted file. You can choose a list of passwords you've already created to encrypt or create a new folder. If you need help, attend this months meeting where passwords and password apps will be presented. Or you can contact one of the mentors listed on the MAGIC website.
MAGIC, the Macintosh Appreciation Group of Island County, serves people who use Macintosh computers, software and peripherals. Our goal is to share information and get answers to questions to make us more productive with our use of technology. Our monthly meetings give us a chance to discuss computer problems and share ideas with other Mac users, feature speakers on specific topics, and to keep apprised of Apple news.