Intego Mac Podcast, Episode #163: Black Friday; Securely Dispose of Your Old Mac; The HomePod mini

With Black Friday coming up, we give some tips on buying older devices that may be insecure. We discuss how to audit your subscriptions with Apple, so you don’t pay for what you’re no longer using. We look at how to securely dispose of a Mac when you’re selling or giving it away. And we talk about the new HomePod mini: is it the right smart speaker for you?

Subscribe to The Intego Mac Podcast, which I co-host with Josh Long. We talk about Macs and iOS devices, and how to keep them secure.

How to Use Apple’s Built-in Features to Encrypt Files and Folders

The best way to protect your data is to encrypt your files, ensuring that, even if they get into the hands of hackers or cybercriminals, your personal data is safe. macOS provides a suite of tools to protect you, and, in this article, I’ll discuss the many ways you can use built-in macOS features to provide unbreakable encryption. (Unbreakable with current computing power; it’s possible that future quantum computers will be able to break the robust encryption algorithms that macOS uses.)

In this article, I’ll explain how to encrypt your startup disk with FileVault; how to encrypt other disks; and how to create encrypted disk images to store files securely in the cloud or send by email; and how to encrypt PDF files.

Read the rest of the article on The Mac Security Blog.

Intego Mac Podcast, Episode #162: How To Prepare Your Mac for macOS Big Sur

Apple released macOS Big Sur last week. On release day, there were a number of issues, including problems launching apps on Macs. We discuss what happened, and how Apple is changing its Gatekeeper security check. We also talk about when you should upgrade to Big Sur and how you should prepare your Mac for the big upgrade.

Subscribe to The Intego Mac Podcast, which I co-host with Josh Long. We talk about Macs and iOS devices, and how to keep them secure.

Mac and iOS Keychain Tutorial: How Apple’s iCloud Keychain Works

You use passwords to log into websites and services, and since there are so many of them, it’s hard to remember them. It’s a bad idea to use the same password for different websites, because if one site is compromised, hackers will have an email address and password that they can try on other sites. Because of this, you need to ensure that your passwords are different for every website and app, and that they are hard to crack. (An episode of the Intego Mac Podcast talks about password strategies.)

Your Macs and iOS devices have a “keychain,” which is an encrypted file that stores your logins, passwords, and some other information. This file syncs via iCloud, so you can use the same passwords on all your devices. Here’s how Apple’s iCloud keychain works.

Read the rest of the article on The Mac Security Blog.

How to switch search engines on macOS and iOS (and why you should)

If you’re like most people, you search the web a lot. Google handles nearly 85,000 searches per second, or 7.3 billion per day, or more than two and a half trillion searches every year. Your share of that may be small: if you’re just an average person, you may search the web 3-5 times a day, but some of us, such as writers, may perform several dozen searches in a single day when researching articles and books.

Searching the web is free. But nothing is really free. In exchange for providing you with such a powerful tool, Google collects data about you. It creates a unique profile of you, of your interests, your medical conditions (because everyone searches Google when they have health questions), and your browsing activity, and uses this to provide carefully targeted ads. It also tracks the websites you visit, ensuring not to miss anything you do.

This is why you often see ads related to your web searches. For example, you may have a question about your pet, and use Google to find the answer. You’ll soon see ads for pet food on various web pages. Google is the biggest advertising provider on the web, and millions of websites use Google Ads. So by storing information about you on Google’s servers, the company can know which ads are most likely to interest you. (Of course they don’t know if that search about the cat was really for a friend or neighbor, in which case the ads are incorrectly targeted, but if no one clicks, they don’t make any money.)

In other words, using a search engine is the same as giving away lots of private information about you, your habits, and your life. You may not want to do that.

Read the rest of the article on The Mac Security Blog.

Intego Mac Podcast, Episode #161: Apple Launches New Macs, and Big Sur Arrives

Apple announced three new Macs with its own processors, the first of a transition of the complete line of Macs to Apple silicon that should be complete in about two years. At the same time, macOS Big Sur is released. We discuss the new Macs, Apple’s M1 “system on a chip”, and a two-year old Apple bug that still hasn’t been fixed.

Subscribe to The Intego Mac Podcast, which I co-host with Josh Long. We talk about Macs and iOS devices, and how to keep them secure.

Intego Mac Podcast, Episode #160: What to do if you think you have malware on your Mac

Sometimes when things start going wrong on your Mac, you may think you have malware. In this episode, Josh and Kirk discuss the possible signs of a malware attack, and the steps to take if you think that you’ve been infection.

In the introduction, we said we didn’t think there would be much Apple-related news this week, but we learned that Apple will be announcing new Macs, and the release date for macOS Big Sur, on November 10, so we’ll be covering that in the next episode.

Subscribe to The Intego Mac Podcast, which I co-host with Josh Long. We talk about Macs and iOS devices, and how to keep them secure.

How to Use a Security Key to Protect Sensitive Online Accounts

Protecting your online accounts has become more important, as so much of our lives takes place on websites, via email, and through messaging. If someone gets access to some of your accounts – especially your email account – they can get access to others, and potentially usurp your identity.

In order to ensure security, most sensitive services now offer two-factor authentication (sometimes called two-step authentication). This combines something you know – your user name and password – with something you have, which is generally a code that is generated on demand. In many cases, these codes are sent by SMS text messages, and must be used within a few minutes. But SMS is inherently insecure, and other methods are needed to ensure optimal security.

Security keys are another way to add an additional authentication factor. They are portable, like flash drives, and easy to use. In this article, I’m going to explain why you might want to use a security key to protect certain accounts, how to set one up, and how to use it.

Read the rest of the article on The Mac Security Blog.

Intego Mac Podcast, Episode #159: Will Quantum Computing Change Computer Security?

Quantum computing is just around the corner, and it will affect the way computer security works. Strong passwords and encryption will be cracked, and we’ll need new ways to secure our data and identity. We also discuss complaints against Apple’s coming anti-tracking protection in iOS, and we revisit the suggestions that Apple may build its own search engine.

Subscribe to The Intego Mac Podcast, which I co-host with Josh Long. We talk about Macs and iOS devices, and how to keep them secure.

How Quantum Computing Will Affect Computer Security and Passwords

One of the key elements in securing or data and our identities is the use of strong passwords. Using passwords that can’t be guessed—unlike the perennial favorites 123456 or password—helps ensure that hackers and cybercriminals can’t access your computer, mobile device, or websites where you’ve created accounts, and can’t steal your identity to pretend to be you, or empty your bank account.

Simple passwords can be cracked using brute force; this is where an attacker uses tools that try every possible password until the correct one is found. This generally done using a dictionary attack, where an attacker will try known passwords and words until they find the one that unlocks an account. There are databases available on the internet that contain personal names as well as dictionary and slang words, in scores of languages, along with passwords found in data breaches, and more. One such database that I found through a simple web search contains 1.4 billion entries.

But many people use unique, random passwords, such as m3*9V-jh&3W (which I just generated with my password manager), and these passwords are generally not found in databases—unless you use them for multiple websites, and one of those sites has been breached. (This is why you should never reuse the same password for more than one account.) Cracking this sort of password requires much more computing power. Estimates vary, but, as an example, cracking the password above would take a couple hundred thousand years using a standard computer, or a few years using a supercomputer or botnet.

But what will happen when quantum computers become more common? These passwords could be cracked in minutes, or even seconds.

Read the rest of the article on The Mac Security Blog.