Australia’s Attorney General is meeting with Apple this week thinking he can convince the company to give his government a back door into our encrypted data.
Security
Some Researchers Think Apple's Bug Bounty Program Isn't Competitive
iOS is such a secure operating system that Apple may be doing more harm than good with its bug bounty program.
iPhone 8 Sans Touch ID, WebVR Community Group - TMO Daily Observations 2017-07-06
Dave Hamilton and Bryan Chaffin join Jeff Gamet to look at a report claiming Touch ID won’t be an iPhone 8 feature, plus they offer up their thoughts on Apple engineers joining the WebVR Community Group.
Top 6 Free Mac Security Tools
Two of these tools were said to stop MacSpy and MacRansom dead in their tracks.
The Boys of Summer are Back in Town – Mac Geek Gab 661
Quick Tips to start (no hints!), and then it’s time for some new Mac advice, which is a fitting question to get on the heels of Apple’s WWDC 2017 announcements. Then it’s time to discuss backups, and how much you should worry (hint: a LOT… that’s the point of backing up!). Add in some Wi-Fi chaos and that’s the foundation of a good Mac Geek Gab episode.
macOS: Revoking FileVault Access for Individual Accounts
Here’s how to block individual administrator accounts on your Mac, like those you set up for testing, from unlocking FileVault.
OneLogin Customer Data Exposed in Ridiculously Bad Security Breach
Hackers managed to steal a set of Amazon Web Service keys and use those to decrypt all kinds of OneLogin customer data.
Secure Document Syncing, Splitting Audio & More – Mac Geek Gab 659
Thunderbolt 3 Docks, Quick PrefPane Access, the best iOS PDF viewer, splitting audio files, and finding your lyrics. THAT’s what your two favorite geeks start with this week… and then they go from there! Press play and enjoy.
Samsung Galaxy S8 Iris Scanner Already Hacked
Samsung’s Galaxy S8 smartphone iris recognition biometric security feature is surprisingly easy to hack.
Data Forensics Company Recovers Notes Data Apple Claims is Deleted
Files deleted from Apple’s Notes app shouldn’t be recoverable after 30 days, but the security and data forensics company Elcomsoft found they could access records that were deleted months—or even more than a year—ago. That sounds pretty bad, but recovering those files requires some pretty specific elements, including knowing your iCloud login and password.
Siri the Cyber Security Guard - TMO Daily Observations 2017-05-17
As artificial intelligence systems improve, voice assistants like Siri make take a more active role in protecting our computers and our online activity. John Martellaro and Kelly Guimont join Jeff Gamet to look at how Siri may play a bigger part in our personal cyber security, and whether or not that’s something we want.
Starting June 15, iCloud Will Require App Specific Passwords
Starting on June 15, Apple will require third-party apps that use iCloud to use app specific passwords that the user sets up. This also means that you must be using two-factor authentication for your Apple ID. Andrew Orr tells us what this means for you.
Apple Squashes 30 Security Holes in macOS Sierra, Plus Standalone Updates for El Cap and Yosemite
Apple squashed 30 security holes in macOS Sierra with the release of macOS 10.12.5 on Monday. The company’s security notes indicate the update addressed a wide variety of issues in its Mac operating system, many of which are serious. Apple included the same fixes in separate security updates for El Capitan and Yosemite.
Apple Releases iOS 10.3.2 with Bug Fixes and Security Patches
Apple released iOS 10.3.2 Monday. The patch notes for the updates indicate it is entirely a maintenance update, noting that it “includes bug fixes and improves the security of your iPhone and iPad.”
How to Remove Conexant Keylogger Found on HP Laptop Models
Modzero, a security firm in Switzerland, has discovered a Conexant keylogger pre-installed on certain laptop models. It’s an audio driver located in the Windows system folder. This driver automatically loads every time a user logs in. Andrew Orr shares which HP models are affected.
FBI Paid $900K for San Bernardino iPhone Hack
The FBI refused to ever share how much it paid for the hack into San Bernardino shooter Syed Farook’s iPhone, but thanks to Senator Diane Feinstein we now know the price was US$900,000. The Senator accidentally spilled the beans during a Judiciary Committee meeting on accessing encrypted data on smartphones and personal computers.
How to Require a Password to Wake Your Mac from Sleep or Screen Saver
This Quick Tip is about a very, well…quick setting to change to make your Mac more secure. If you can just unlock your Mac after it’s been sleeping without needing a password or your fingerprint, you’ve gotta read this! And make the change! We pretty much insist.
DOK Malware Signed by Valid Developer Certificate (for Now)
A new piece of malware, called OSX/Dok, has been discovered by the Check Point malware research team. It affects all versions of macOS and is signed with a valid developer certificate authenticated by Apple. Dok malware is also the first to spread in a widespread email phishing campaign. Andrew Orr gives us the technical details.
Never Check Your NSA Email Over an Insecure Connection – Mac Geek Gab 654
Quick Tips, Cool Stuff Found and LOTS of questions. Sleeping Mac? No problem. VIP Mail help? No problem. Building a home? No problem. Want to know about VPNs? Well, now… just kidding. No problem! Mac Geek Gab answers your questions and shares your tips so everyone can learn at least four new things each week!
What We Want in Apple's Pro iMac - TMO Daily Observations 2017-04-18
Apple says an iMac with pro features is coming later this year, but didn’t elaborate on exactly what that entails. Jeff Butts and Dave Hamilton join Jeff Gamet to talk about what they’d like to see in the new model. Spoiler: they were able to distill that down to two words.
Physical Security Matters, Too – Mac Geek Gab 652
SMC Resets, Migration Assistant tricks, Auto-Upgrade solutions and Renting vs. Owning your Cable Modem are just the beginning for your two favorite geeks today. S/MIME is taken to a whole other level with guest Jeff Butts who helps us all understand how to make this work on both macOS and iOS! Then it’s time to dive into your system certificates – and which ones you can touch vs. those that you can’t. Security is always on the mind and a quick VPN discussion rounds that out. Then John and Dave move on to something more pleasing to the ear: sound, and how best to manage it on your Mac!
Apple's New Display Plans, Broadcom's WiFi Chip Security Flaw - TMO Daily Observations 2017-04-05
Along with the promise of new a new Mac Pro yesterday, Apple also said it’s going to get back into the pro display business, too. John Martellaro and Kelly Guimont join Jeff Gamet to talk about Apple’s plans, plus they look at Broadcom’s WiFi chip security flaw.
Apple's iOS 10.3.1 Update Fixes Critical Broadcom WiFi Security Flaw
If you haven’t installed Apple’s iOS 10.3.1 update yet, now would be a good time because it fixes a big security flaw in the Broadcom WiFi chips in your iPhone. The security flaw could let attackers who are in WiFi range inject and run code on your smartphone.
TMO Staff Share their Favorite VPN Services
Thanks to a new law green lighting ISPs selling our personal web browsing data, along with restrictions prohibiting the FCC from stopping the activity, there’s a lot of talk about VPNs, or Virtual Private Networks. With so many VPN services to choose from it’s hard to decide which is best for you, so I asked the TMO staff what they rely on.
