Have you gotten an email message whose Subject line says something like “Change your password immediately! Your account has been hacked.”? If not, it may be only a matter of time before you do. It’s a scary message, especially because it contains one of your passwords, some threats, and a demand for money. Worse, the password is likely one you’ve used in the past—how could the hacker have discovered it? Has your Mac really been taken over?
Relax. There’s nothing to worry about.
This “blackmail spam” has been making the rounds on the Internet recently—we’ve heard from several clients who have received it, and we’ve gotten copies too. The message purports to be from a hacker who has taken over your Mac and installed spyware that has recorded you visiting Web sites that aren’t exactly G-rated. The hacker also claims to have used your Mac’s camera to photograph you while you’re browsing said non-G-rated sites and threatens to share those pictures with your contacts and erase your drive unless you pay a ransom using Bitcoin.
This blackmail spam has raised so many pulses because it backs up its claims by showing a password that you’ve used in the past. Hopefully, it’s not one that you’re still using, because it was extracted from one of the hundreds of password breaches that have occurred over the past decade. Impacted Web sites include big names such as Yahoo, LinkedIn, Adobe, Dropbox, Disqus, and Tumblr—thieves have collectively stolen over 5.5 billion accounts. It’s all too likely that some old password of yours was caught up in one of those thefts.
Concerning as the message sounds, all the details other than your email address and password are completely fabricated. Your Mac has not been hacked. There is no malware spying on your every move. No pictures of you have been uploaded to a remote server. Your hard drive will not be erased. In short, you have nothing to worry about, and you should just mark the message as spam.
However, if you’re still using the password that appeared in the message, that is cause for concern. It means that any automated hacking software could break into the associated account, and it must be a weak password if the bad guys were able to decrypt it from the stolen password files. Go to Have I Been Pwned and search for your email address. If it shows up for any breaches, make sure you’ve changed your password for those accounts.
As always, we recommend that you create a strong, unique password for each of your Web accounts. The easiest way to do this is to rely on a password manager like 1Password or LastPass to generate a random password. Then, when you want to go back to that site, the password manager can log you in automatically. It’s easier and more secure.
If you’re still concerned about your passwords, call us and we can help you get started with stronger security practices.
Potential clients sometimes ask why they should work with us instead of solving their own problems or hiring an employee to manage their IT infrastructure. It’s a fair question, and we’re happy to answer it in more detail if you want to chat. But here are a few of the reasons why working with an Apple professional is the right decision. All these revolve around the fact that we’ve been investigating and fixing tech problems for a long time, we’re constantly working to stay up with the latest changes, and we’re good at what we do.
The biggest reason to hire an expert to solve your problems is that we can save you time. If you’re an individual, it’s time you can spend on your real job, with your family, or on your hobbies. For companies, it’s time you aren’t taking away from your firm’s line of business.
Aside from the fact that we’ll be doing the work to fix your Mac or get your network operational instead of you or one of your employees doing it, we’ll probably be able to finish more quickly than someone who’s not steeped in the field. Would you prefer to spend hours on something that would take us half the time?
As an individual, it might seem counterintuitive that paying us will save you money, but it’s often true. If you buy the wrong hardware or software, that’s a waste of money that could be avoided with our advice ahead of time. For instance, no matter how many ads you see, never get suckered into buying MacKeeper.
For companies, the financial savings are more obvious. Most companies don’t have extra employees just waiting to solve tech problems, and hiring a dedicated IT staff will cost vastly more in salary, benefits, and overhead than outsourcing to us.
It’s easy for businesses to understand the importance of avoiding downtime. If your phone system is down, customers can’t call. If your point-of-sale database gets corrupted, you can’t take orders until the backup has been restored. And so on—the point of working with a top-notch Apple professional is that we can help you avoid problems that would cause downtime, and if catastrophe does strike, get you up and running as soon as possible.
Individuals might say they’re not too worried about downtime, but how long could you go without being able to send or receive email if Mail’s settings get wonky? Or what would your family think about not having Internet access while you back out of a bad firmware upgrade to your router?
Avoid Incorrect Information
Google is a godsend for figuring out weird problems, but it can also lead less experienced people down dead-end paths. If you don’t have years of experience, it’s easy to find a Web page or YouTube video that sounds helpful but makes the problem worse.
For instance, lots of Web articles have advised force-quitting iOS apps to increase battery life, improve performance, and more. Unfortunately, that advice is wrong—force-quitting apps generally hurts battery life and reduces performance. Only force-quit an app when it’s misbehaving badly or not responding at all. Ask us before assuming something you’ve read online is helpful or even correct.
Benefit from the Big Picture View
Because we live and breathe technology, we have a broad and current view of what’s happening both in the industry and with our other clients. We know what new products or services might be the best solution to any given problem, and we can take advantage of our experience with one client to help another.
For example, Apple has officially discontinued its AirPort line of Wi-Fi routers, so we’ve been comparing mesh networking alternatives, including Eero, Plume, Orbi, AmpliFi, Velop, and more. If you’re using an AirPort base station now, ask us which alternative makes the most sense for your installation.
More specifically, because we put the time into understanding your personal or corporate technology footprint, we can use our experience to ensure that everything we recommend will work well together. If you’re buying into HomeKit automation in a big way, for instance, you should stick with Apple’s HomePod smart speaker rather than competing products from Amazon and Google.
We hope we haven’t come off as cocky here—we’re certainly not perfect. But we are good at what we do, and we’re confident that we can help solve any technical problems you may have.
With macOS 10.14 Mojave, Apple has beefed up the Mac’s privacy so it more closely resembles privacy in iOS. You’ve noticed that when you launch a new app on your iPhone or iPad, it often prompts for access to your photos or contacts, the camera or microphone, and more. The idea behind those prompts is that you should always be aware of how a particular app can access your personal data or features of your device. You might not want to let some new game thumb through your photos or record your voice.
macOS has been heading in this direction, but Mojave makes apps play this “Mother, May I?” game in more ways. As a result, particularly after you first upgrade, you may be bombarded with dialogs asking for various permissions. For instance, when you first make a video call with Skype, it’s going to ask for access to the camera and the microphone. Grant permission and Skype won’t have to ask again.
Skype’s requests are entirely reasonable—it wouldn’t be able to do its job without such access. That applies more generally, too. In most cases, apps will ask for access for a good reason, and if you want the app to function properly, you should give it access.
However, be wary if a permission dialog appears when:
- You haven’t just launched a new app
- You aren’t doing anything related to the request
- You don’t recognize the app making the request
There’s no harm in denying access; the worst that can happen is that the app won’t work. (And if it’s malicious, you don’t want it to work!) You can always grant permission later.
To see which permissions you’ve granted or denied, open System Preferences > Security & Privacy > Privacy. A list of categories appears on the left; click one to see which apps have requested access. If you’ve granted access, the checkbox next to the app will be selected; otherwise it will be empty.
You’ll notice that the lock in the lower-left corner is closed. To make changes, click it and sign in as an administrator when prompted.
Most of these categories are self-explanatory, but it might not always be obvious why an app wants permission. In the screenshot above, for instance, Google Chrome has been granted access to the Mac’s camera. Why? So Google Hangouts and other Web-based video-conferencing services can work.
There are five categories (including three not showing above) that could use additional explanation:
- Accessibility:Apps that request accessibility access want to control your Mac. In essence, they want to be able to pretend to click the mouse, type on the keyboard, and generally act like a user. Utility and automation software often needs such access.
- Full Disk Access:This category is a catch-all for access to areas on your drive that aren’t normally available to apps, such as data in Mail, Messages, Safari, Home, and more, including Time Machine backups and some admin settings. Backup and synchronization utilities may need full disk access, in particular. An app can’t request full disk access in the normal way; you must add it manually by clicking the + button under the list and navigating to the app in the Applications folder.
Automation:The Mac has long had a way for apps to communicate with and control one another: Apple events. An app could theoretically steal information from another via Apple events, so Mojave added the Automation category to give you control over which apps can control which other apps. You’ll see normal permission requests, but they’ll explain both sides of the communication.
Analytics:The Analytics privacy settings are completely different—they let you specify whether or not you want to share information about how you use apps with Apple and the developers of the apps you use. For most people, it’s fine to allow this sharing.
Advertising:Finally, the Advertising options give you some control over the ads that you may see in Apple apps. In general, we recommend selecting Limit Ad Tracking, and if you click Reset Advertising Identifier, any future connection between you and the ads you’ve seen will be severed from past data. There’s no harm in doing it. It’s worth clicking the View Ad Information and About Advertising and Privacy buttons to learn more about what Apple does with ads.
The feature Apple is promoting most heavily with macOS 10.14 Mojave is Dark mode, which the company advertises as “a dramatic new look that helps you focus on your work… as toolbars and menus recede into the background.” Let’s look at what Apple has done with Dark mode, after which you’ll have a better idea of what to think about while trying it.
Enable Dark Mode
First, to turn Dark mode on, go to System Preferences > General and click the Dark thumbnail to the right of Appearance. Mojave immediately switches to Dark mode, turning light backgrounds dark and swapping the text color from dark to light.
While you’re in System Preferences, click over to the Desktop & Screen Saver preference pane. If you scroll down in the Desktop Pictures list, you’ll discover a bunch of new wallpapers that blend well with Dark mode.
Dark Mode Support and Controls
You’ll notice that the color change takes place instantly not just in the Finder, but also in any apps that support Dark mode. Most of Apple’s apps support Dark mode and third-party developers are rapidly adding support to their apps as well. However, Dark mode requires explicit support from apps, so older apps that aren’t being updated will maintain their standard dark-on-light color schemes.
Some apps, such as Maps and Mail, give you additional options that change just how dark they get. In Maps, choose View > Use Dark Map to toggle between a dark map style and the familiar map style that mimics a paper map. Similarly, in Mail, go to Mail > Preferences > Viewing and deselect “Use dark backgrounds for messages” to return to a white background.
If you generally like Dark mode but have trouble reading light text on a dark background due to the reduced contrast, you may be able to choose a different font or style in the app’s preferences that makes the text more readable. Apps like Mail give you a fair amount of that sort of control.
For even more control over contrast, open System Preferences > Accessibility > Display. There you’ll find a Display Contrast slider that lets you make text lighter and backgrounds darker. You can also select Reduce Transparency to make it so items like the Dock and menu bar are solid colors, rather than allowing the background to bleed through. To separate dark and light further, select Increase Contrast, which increases the brightness of divider lines as well.
The Dark Side of Dark Mode
Contrast is necessary for pulling out fine details, but too much contrast can be uncomfortable or even painful—think about how you feel when someone turns on a bright light in a previously dark room. For visual comfort, it’s usually best to match your screen with the lighting of your surroundings. That’s why people who often work at night or with the window blinds down like dark modes—a bright screen seems brighter in a dimly lit room. That’s the theory behind the traditional dark text on a light background too, since the room will be quite light during the day.
So Dark mode can run into two problems. First is that using it during the day or in a brightly lit room may create an uncomfortable contrast between the screen and its surroundings. Controlling your room lighting can eliminate this as an issue. Second and more troubling, even apps that support Dark mode may have large content areas that are bright white, creating a strong contrast between the content area and the rest of the app. Many Web sites in Safari have this effect, as do documents in apps like Pages and Numbers. There’s no way around this scenario.
Even if Dark mode isn’t perfect, it’s worth a try if you have trouble looking at bright screens. Regardless, if it goes too far for you, one of the new dark wallpapers may be easier on your eyes. While most people aren’t overly light sensitive, a non-trivial percentage of the population is, particularly those who suffer from migraines or who have endured concussions, and those with a variety of ocular conditions. And if you’re on the other end of the spectrum—if Dark mode looks dirty and is hard to read, just stick with the traditional Light mode.
There’s an Internet saying: “If you’re not the customer, you’re the product.” The point is that, if you’re getting a service for free, the company providing it sees you not as a customer, but as a product to sell, generally to advertisers.
This is how Google, Facebook, and Twitter operate. They provide services for free, collect data about you, and make money by showing you ads. In theory, the more that advertisers know about you, the better they can target ads to you, and the more likely you’ll be to buy. Personalized advertising can seem creepy (or clueless, when it fails), but it isn’t inherently evil, and we’re not suggesting that you stop using ad-supported services.
This ad-driven approach stands in stark contrast to how Apple does business. Apple makes most of its money by selling hardware—iPhones, Macs, and iPads, primarily. Another big chunk of Apple’s revenue comes from App Store and iTunes Store sales, iCloud subscriptions, and Apple Pay fees. Knowing more about you, what Web pages you visit, what you buy, and who you’re friends with doesn’t help Apple’s business, and on its Privacy page, Apple says bluntly, “We believe privacy is a fundamental human right.”
Of course, once your data is out there, it can be lost or stolen—in June 2018, a security researcher discovered that the online data broker Exactis was exposing a database containing 340 million records of data on hundreds of millions of American adults. Ouch!
Let’s look at a few of the ways that Apple protects your privacy.
Siri and Dictation
The longer you use Siri and Dictation, the better they work, thanks to your devices transmitting data back to Apple for analysis. However, Apple creates a random identifier for your data rather than associating the information with your Apple ID, and if you reset Siri by turning it off and back on, you’ll get a new random identifier. Whenever possible, Apple keeps Siri functionality on your device, so if you search for a photo by location or get suggestions after a search, those results come from local data only.
Touch ID and Face ID
When you register your fingerprints with Touch ID or train Face ID to recognize your face, it’s reasonable to worry about that information being stored where attackers—or some government agency—could access it and use it for nefarious purposes. Apple was concerned about that too, so these systems don’t store images of your fingerprints or face, but instead mathematical signatures based on them. Those signatures are kept only locally, in the Secure Enclave security coprocessor that’s part of the CPU of the iPhone and iPad—and on Touch ID-equipped laptops—in such a way that the images can’t be reverse engineered from the signatures.
And, of course, a major goal of Touch ID and Face ID is to prevent someone from violating your privacy by accessing your device directly.
Health and Fitness
People with medical conditions can be concerned about health information impacting health insurance bills or a potential employer’s hiring decision. To assuage that worry, Apple lets you choose what information ends up in Health app, and once it’s there, encrypts it whenever your iPhone is locked. Plus, any Health data that’s backed up to iCloud is encrypted both in transit and when it’s stored on Apple’s servers.
App Store Guidelines
A linchpin in Apple’s approach to privacy is its control over the App Store. Since developers must submit apps to Apple for approval, Apple can enforce stringent guidelines that specify how apps can ask for access to your data (location, photos, contacts, etc.). This isn’t a blanket protection—for instance, if you allow a social media app Facebook to access your contacts and location, the company behind that app will get lots of data on your whereabouts and can even cross-reference that with the locations of everyone in your contact list who also uses the service.
In the end, only you can decide how much information you want to share with the likes of Google, Facebook, and Twitter, and only you can determine if or when their use of your details feels like an invasion of privacy. But by using Apple products and services, you can be certain that the company that could know more about you than any other is actively trying to protect your privacy.