Writings by Kirk McElhearn
Apple has finally stopped selling the Apple Watch Series 3, which can no longer get security updates. The FBI shuts down 11-year old malware. And a $300 hacking tool enables phishers to defeat two-factor authentication using automated man-in-the-middle attacks.
Follow the The Intego Mac Podcast, which I co-host with Josh Long. We talk about Macs and iOS devices, and how to keep them secure.
ChatGPT is helping scammers create phishing emails that don’t sound phony, and Amazon sells plenty of items that are scams. Scammers are using AI-generated voices to scam elderly people, and the EU wants messaging apps – including Apple’s iMessage – to be interoperable.
Follow the The Intego Mac Podcast, which I co-host with Josh Long. We talk about Macs and iOS devices, and how to keep them secure.
Modern computers are designed to go to sleep when you’re not using them. When you put your Mac to sleep, the display turns off and most of the computer’s activity ceases. This standby mode is designed to save power. However, your Mac is a light sleeper; a lot goes on when your Mac is not awake.
In this article, I will explain what happens when a Mac goes to sleep, what different types of sleep modes exist, and how you can find out precisely what is happening on your Mac when it isn’t awake. Then we’ll take a look at some security implications to keep in mind regarding sleeping Macs.
Read the rest of the article on The Mac Security Blog.
One of the cleverest things Apple did when it released the Apple Watch in 2015 was to develop a system that allows users to quickly change watch bands (or straps, in the UK). Changing normal watch bands, using little spring bars, is difficult and delicate, so most people rarely change them unless they’re worn out. With the Apple Watch, you can change your band in seconds, so you can use a different band according to your mood or activity, or to match your outfit. This is especially useful if you want a waterproof band for swimming or working out, and a leather band for when you go out on the town.
To date, Apple has released more than 640 bands in more than a dozen different styles. Here’s a complete guide to all the Apple Watch bands that are currently available.
Read the rest of the article on The Mac Security Blog.
Mac malware is again found in pirated applications, LastPass was hacked via an employee’s home computer running Plex, and hackers may be able to get into a bank account with an AI-generated voice. Microsoft makes a step toward supporting iMessage on Windows, and we look at a new Nokia phone that is easily repairable.
Follow the The Intego Mac Podcast, which I co-host with Josh Long. We talk about Macs and iOS devices, and how to keep them secure.
With SMS-based two-factor authentication no longer free on Twitter, we discuss the more secure and free way of protecting your account using an authenticator app. We also look at new details about Apple’s latest security updates, Windows on M-series Macs, and a WhatsApp warning about reused phone numbers.
Follow the The Intego Mac Podcast, which I co-host with Josh Long. We talk about Macs and iOS devices, and how to keep them secure.
Data is encrypted on your iPhone or iPad, and on your Mac, assuming you’ve enabled File Vault. iCloud data is encrypted when it is sent to and from Apple’s servers, and at rest on Apple’s servers, but the company still has encryption keys, and can access some of your data when requested by law enforcement.
End-to-end encryption, however, removes any possibility of a third party accessing your data: you have the only keys to the data on your devices. Apple’s Advanced Data Protection enables this level of security, but there are some limitations to the way it works.
In this article, I’ll explain what Advanced Data Protection is, how to enable it, and whether you should turn this feature on.
Read the rest of the article on The Mac Security Blog.
Twitter recently announced that they will stop allowing the use of SMS-based two-factor authentication for their service, except for Twitter Blue subscribers. This $8 a month service offers a blue checkmark (though not actual verification), the ability to edit tweets, and more. This change will take place on March 30, 2023, and, if you are using SMS-based two-factor authentication (2FA) at that time, Twitter will turn it off, rendering your account less secure.
SMS-based 2FA is not very secure – SMSes can be intercepted, and SIM cloning can allow people to pretend they have your phone – and the other methods available are much more robust. But Twitter’s decision to turn off SMS-based 2FA is dangerous, and their choice to allow it to be used for a price is misguided.
If you have SMS-based 2FA on Twitter, you should change this to use an authenticator app, and there’s one built into macOS, iOS, and iPadOS. Here’s how to do this on Mac, iPhone, or iPad.
Read the rest of the article on The Mac Security Blog.
Apple has issued an update for a zero-day, in the wild, WebKit vulnerability. The Kia Challenge has shown that you can start some cars with a USB cable. And sometimes you need to factory reset Apple devices; we explain how.
Follow the The Intego Mac Podcast, which I co-host with Josh Long. We talk about Macs and iOS devices, and how to keep them secure.
You may need to reset your Apple devices to factory settings when troubleshooting, or when selling, giving away, or recycling devices. In this article, we look at resetting other Apple devices: the Apple TV, HomePod, AirTags, AirPods (all types), and Beats headphones. All these devices are linked to your Apple ID, and if you don’t reset the Apple TV and HomePod, someone could access your content and data.
Here’s how to reset these devices to factory settings. In another article, we look at how to reset any Mac, iPhone, iPad, iPod touch, or Apple Watch.
Read the rest of the article on The Mac Security Blog.