Posts

The Best Characters to Use When Naming Files and Folders

/in /by

Back in the early 1980s, DOS filenames couldn’t be more than 8 characters long with a period and a 3-character extension. That was limiting, so when Apple developed the Mac operating system in 1984, it allowed longer names and eliminated the need for an extension, although Mac OS X’s Unix roots meant a return of the filename extension in 2001. Since then, filename restrictions have loosened to the point where it’s easy to think that they no longer exist.

If only that were true! In some ways, the situation has become even cloudier, thanks to additional limitations from file-sharing services like Dropbox, OneDrive, and Box. (Google Drive’s native Web interface reportedly has no naming limitations, but files whose names contain Windows or macOS forbidden characters may not sync via Google Drive’s desktop software.) Plus, people tend to move files between operating systems more than ever before—if you’re sending a file from your Mac to a Windows user through Dropbox, you need to make sure that all three can deal with the filename.

At least length isn’t something that you generally have to think about these days, since both macOS and Windows—and the cloud services—accept filenames up to 255 characters in length. Technically speaking, Windows limits directory paths (the enclosing folder names along with the filename) to 255 characters, but even still, that shouldn’t be difficult to avoid.

What could go wrong if you run afoul of a naming restriction? macOS and Windows may simply not let you type the character—for example, you can’t put a colon in a Mac filename. Putting a period at the start of a Mac or Unix filename will hide the file. Cloud sharing services might rename the file, or you might encounter syncing issues where files don’t appear where they should. Certain characters can also cause trouble when files are used at the command line.

Here are the characters to avoid and the operating systems and services that prohibit them:

  • : (colon): macOS, Windows, Dropbox, OneDrive, Box
  • . (period): macOS (at the start of a name), Dropbox
  • / (forward slash): macOS, Windows, Dropbox, OneDrive, Box
  • (backslash): Windows, Dropbox, OneDrive, Box
  • < (less than): Windows, Dropbox, OneDrive, Box
  • > (greater than): Windows, Dropbox, OneDrive, Box
  • ” (double quote): Windows, Dropbox, OneDrive, Box
  • | (vertical bar or pipe): Windows, Dropbox, OneDrive, Box
  • ? (question mark): Windows, Dropbox, OneDrive, Box
  • * (asterisk): Windows, Dropbox, OneDrive, Box
  • ^ (caret): Windows (using FAT-formatted drives)

In addition, avoid using special characters like the © (copyright) symbol or emoji 🤷🏽‍♂️  in filenames. They might work locally, but all bets are off if you share the files in any way.

A few other recommendations:

  • Avoid unusual punctuation; in particular, note that OneDrive renames filenames containing:
    • , (comma) to ^J
    • # (number sign) to ^N
    • & (ampersand) to ^O
    • ~ (tilde) to ^F
  • Never start or end file or folder names with a space, and avoid spaces in filenames that will be uploaded to a Web or SFTP server.
  • Avoid putting more than one period in a filename, and don’t put a period after a filename extension.
  • Never assume that names are case sensitive—always make sure that similarly named items differ by more than just case.

If all that seems like a lot to keep in mind, here’s the simple rule that will ensure your filenames will work everywhere:

Name files only with uppercase (A-Z) and lowercase (a-z) letters, digits (0-9), and the hyphen (-) and underscore (_), plus a single period (.) and extension.

(Featured image by iStock.com/cosmin4000 and smartstock)

Social Media: You might think that you can name a file or folder any way you want, but macOS and Windows have restrictions on which characters you can use, and the prevalence of cloud sharing services makes it all the more important to avoid prohibited characters.

Understanding What “Vintage” and “Obsolete” Mean for Apple Products

/in /by

Macs—and Apple products in general—tend to last a long time. It’s not unusual to see someone happily using an 8-year-old MacBook Pro. As much as it’s environmentally responsible to use electronics as long as possible, doing so may reduce your productivity or leave your business in a precarious situation if a hardware failure forces an upgrade at an inconvenient time.

Another factor to consider is whether or not you can get service and parts for your older device. It’s easy to assume that Apple will fix whatever you bring in, but unfortunately, that’s not the case. Apple has policies surrounding how long it guarantees to provide service and parts, which is reasonable. No one would expect Apple to repair a 128K Mac from 1984—many repair techs hadn’t even been born then.

All Apple products fall into one of three categories: current, vintage, and obsolete. Current products, which Apple defines as those that were sold within the last 5 years, are eligible for service and parts from Apple, Apple Authorized Service Providers, and Independent Repair Providers. In other words, if you bought your Mac new within the last 5 years, you won’t have any problem getting Apple to fix it.

(Independent Repair Providers are firms that have signed up for Apple’s Independent Repair Provider Program to provide out-of-warranty iPhone and Mac repairs using Apple-provided parts, tools, service guides, and diagnostics. Other repair shops can repair Apple products but may lack Apple certifications and have to source parts from other suppliers.)

Things get trickier with the other two categories:

  • Vintage: Apple considers a product to be vintage when the company stopped selling it more than 5 and less than 7 years ago. During this 2-year window, Apple says that service and parts may be obtained, subject to parts availability.
  • Obsolete: As you’d expect, a product is considered obsolete when Apple hasn’t sold it for more than 7 years. Apple will not service obsolete products, and service providers cannot order parts for them.

There is one exception to these policies. Mac laptops may be eligible for an extended battery-only repair period for up to 10 years from when the product was last distributed for sale, subject to parts availability. That makes sense since a new battery may be all an old MacBook needs to keep working.

Apple maintains a page listing all vintage and obsolete products. To determine which Mac model you have, choose About This Mac from the Apple menu. For iPhones, iPads, and iPods, Apple provides pages explaining how to identify your model.

Apple’s policies surrounding vintage and obsolete products shouldn’t make a huge difference to most users. That’s because once a Mac hits 5 years old, it’s likely that upgrading to a new model will provide significant benefits. Many businesses prefer a 3-year replacement cycle because they’ve determined that’s the sweet spot where increasing support costs and lower performance make it worth selling the old Mac and buying a new one that’s faster and more reliable.

Of course, there’s nothing wrong with keeping a Mac longer if it meets your needs and you don’t mind spending more on support. At some point, though, products in the vintage and obsolete categories are living on borrowed time.

(Featured image by iStock.com/Soulmemoria)

Social Media: It might be easier to repair vintage jeans than a vintage Mac. Read on if you want to understand Apple’s definitions of vintage and obsolete hardware and what they mean for support and repair.

Apple Works to Improve Safety in the Wake of AirTag Stalking Reports

/in /by

Over the past few months, there has been a spate of media reports about how people may have been tracked without their knowledge using AirTags, Apple’s elegant location trackers. Like many mainstream media forays into the tech world, the reports are often short on detail and sometimes unclear on the reality of how the AirTags work. Nor is it clear that there have been many successful cases of AirTag abuse, but the mere fact that people are trying to use AirTags to stalk others is concerning.

Apple put significant effort into preventing such abuses, revolving around three features:

  • Safety alerts: If you have an iPhone or iPad running iOS 14.5 or later and an unknown AirTag is traveling with you, your device will alert you to that fact. Although safety alerts aren’t available for those using Android smartphones, Android users can download Apple’s Tracker Detect app to scan manually.
  • Safety sounds: After an AirTag has been separated from its owner for several days, it will make a sound the next time it moves.
  • NFC identification: If you find an AirTag, you can hold it up to an iPhone or other NFC-capable smartphone to load a website that reveals the AirTag’s serial number and the last four digits of the owner’s phone number. The police can use this information to learn the owner’s identity from Apple.

Sadly, those precautions haven’t been sufficient either to dissuade all would-be stalkers or to educate potential stalking victims (and let’s be real—dissuading stalkers is also a matter of educating people that it’s unethical, likely dangerous, and often illegal to abuse an AirTag in this way). Apple has responded in two ways, one general, the other specific to AirTags.

Personal Safety User Guide

Apple documents its products and services quite well, but the company tends to generate many focused pages without much high-level organization. It’s all too easy to flail around within Apple’s support documentation looking for help if you don’t know what search terms are likely to work. In an effort to mitigate that problem for issues surrounding personal safety, Apple has created the Personal Safety User Guide website, also available as a downloadable 56-page PDF.

The Personal Safety User Guide brings together numerous Apple support articles in two main sections:

  • Review and take action: The first section helps you review how your devices and apps are set up, with a focus on settings that could expose you to harm. It helps you manage sharing settings, look at location sharing, control your Home accessories, and more. You’ll also learn how to block unknown sign-in attempts, document suspicious activity, delete suspicious content, and avoid fraudulent requests to share information, among much else. The main criticism here is that the section on AirTag safety doesn’t explain or link to all the features Apple provides.
  • Safety and privacy tools: The second section is a bit more generic, providing support documentation that encourages you to take advantage of the features Apple has provided to protect your safety and privacy. Among other topics, it discusses passcodes, setting up Face ID and Touch ID, using two-factor authentication, seeing which apps are accessing your data, blocking unwanted calls and messages, and using Emergency SOS.

The Personal Safety Guide ends with three checklists, each of which walks you through a series of steps. These are extremely useful because almost no one would necessarily know or remember all the places to check. The checklists help you:

  • See who has access to your device or accounts
  • Stop sharing with someone
  • Control how someone else can see your location

The Personal Safety User Guide website is best when you want an answer to a specific question, but it doesn’t lend itself to reading front to back. For that, we recommend downloading the PDF, which you can read at whatever depth you desire. But do at least scan the entire thing to get a sense of what it contains should you need that information later.

Apple AirTag Announcement

Shortly after releasing the Personal Safety Guide, Apple also posted a short but detailed statement on its website. In it, the company makes it clear that it is actively working with law enforcement on all cases involving AirTag abuse. Apple also says that it has updated its unwanted tracking documentation to explain AirTag safety features more clearly to users and to include resources for those who feel their safety is at risk.

Apple also outlined important advancements that will be coming to the AirTag and Find My network systems via software updates later this year:

  • New privacy warnings during AirTag setup: To ensure that everyone understands the utility of AirTags and the implications of abuse, people setting up an AirTag for the first time will see a message that clearly states that AirTags are meant to track their own belongings, that tracking people without their consent is a crime in many places, that AirTags are designed to alert victims to their presence, and that law enforcement can request identifying information about the owner of an AirTag.
  • Better alerts for AirPods: Instead of an “Unknown Accessory Detected” alert when your iPhone detects Find My network-compatible AirPods traveling with you, the alert will specify that AirPods are involved, not an AirTag. (There are third-party Find My network accessories that will still generate this alert, such as the Chipolo ONE Spot.)
  • Refined unwanted tracking logic: Apple will be updating its unwanted tracking alert system to notify users sooner that an unknown AirTag or Find My network accessory is traveling with them.
  • Precision Finding for unknown AirTags: Those with an iPhone 11, iPhone 12, or iPhone 13 will be able to take advantage of Find My’s Precision Finding feature to home in on the location of an unknown AirTag. Previously, this capability was limited to your own AirTags.
  • Display alerts with unknown AirTag sound: When an unknown AirTag emits a sound to alert anyone nearby to its presence, and it’s detected moving with your iPhone or iPad, an alert will also appear to help you play the sound again or use Precision Finding, if available. This should help when an unknown AirTag is in a place that blocks sound or if its speaker has been disabled.
  • More obvious AirTag alert sound: Apple will be adjusting the tone sequences to make an unknown AirTag’s alert sound easier to hear and find.

Overall, these changes are welcome, and it’s a testament to the care Apple took when designing the AirTag and Find My network systems that it can make such enhancements through software updates—no hardware changes are necessary. It’s also good to see Apple taking the problem—however small it might actually be—seriously and working to reduce it even further.

(Featured image by Apple)

Social Media: Media reports suggest that miscreants are trying to use Apple’s AirTag location trackers to stalk people. Apple has responded with personal safety advice and promised AirTag safety enhancements.

Avoid Unusual Top-Level Domains in Custom Domain Names

/in /by

Remember the heady dotcom days, when businesses were desperate to get a short, memorable, easily typed .com domain? It quickly became difficult to get what you wanted—so much so that deep-pocketed companies paid exorbitant sums for just the right domain.

Before we go any further, let’s make sure we’re all on the same page. Domain names are necessary because computers on the Internet are all identified by inscrutable numeric IP addresses. You can remember and type apple.com easily; 184.31.17.21 not so much. Domain names have two or more parts: the top-level domain (read from the end, such as com) and the second-level domain (like apple), plus optional third-level domains (which could give you support.apple.com).

Since the days of speculating in .com domains, however, hundreds of additional top-level domains have been opened up, including domains from .aaa to .zone. There are now top-level domains for .doctor, .florist, .lawyer, and many more, including the general .xyz. It might be tempting to switch from the awkward dewey-cheatham-howe.com to the shorter and more memorable dch.lawyer. And even if there isn’t a profession-specific top-level domain that works for you, you may think that if abc.xyz is good enough for Google’s parent company Alphabet, surely it’s good enough for you.

Alas, much as we appreciate the creativity and flexibility offered by these alternative top-level domains, we’d like to dissuade you from using one, if possible. Problems include:

  • Email deliverability: If you’re sending email using an alternative top-level domain or including links to that domain, it’s much more likely that your email will be considered spam by receiving systems.
  • SMS deliverability: Some SMS text message providers will automatically delete messages containing URLs with alternative top-level domains in an effort to protect their customers from phishing attacks.
  • Social media spam filtering: As with SMS text messages, social media posts that include URLs with alternative top-level domains may be categorized as spam or as linking to a malicious site.
  • Firewall blocking: Abuse of alternative top-level domains has become so commonplace by scammers that some companies prevent their employees from accessing websites using certain alternative top-level domains at the firewall level.
  • User perception: Although there’s no telling how anyone will react to a particular top-level domain, people won’t think twice about .com but might think .ooo seems sketchy. (We would.)

Obviously, it may not be possible to get the domain name you want in .com. What to do? There are a few strategies:

  • Expand or abbreviate: At this time, people mostly don’t see, remember, or type domains apart from those that go with businesses that do a lot of real-world advertising. So if you need to add or subtract words (or letters) in your domain to find a unique one, that can work.
  • Use a country domain: Two-letter top-level domains are restricted for use by countries, so .us is for the United States, .ca for Canada, and .au for Australia. Every country has different rules for who can register them. For instance, it’s possible to get a domain ending in .it (Italy) as long as you work through a registrar that acts as your representative there. .io (British Indian Ocean Territory) and .ai (Anguilla) are popular top-level domains among tech companies.
  • Stick with better, pricier alternatives: Not all alternative top-level domains are equally problematic. The classic .net and .org are fine, and .biz isn’t bad. But how to determine that? When you’re checking to see if a domain name is available, compare prices. For instance, at one domain name registrar, iphonewhisperer.xyz costs only $1 per year, whereas the iphonewhisperer.biz version is $4.98 per year, iphonewhisperer.net is $9.18 per year, and iphonewhisperer.studio is $11.98 per year. The more you pay, the less likely that domain has been abused by spammers and marked for filtering.

In the end, when it comes to domain names, it’s best to be conservative and stick with a top-level domain that won’t cause people or filters to think twice. That’s probably .com, if you can make the rest of the name work for you.

(Featured image by iStock.com/BeeBright)

Social Media: Tempted to get a short, memorable domain name ending in .xyz or .shop? As we explain, that’s a bad idea if you care about user perception, email and text message deliverability, and not being blocked by social media and firewalls. Details at:

New Features to Try (Or Not) in Safari 15

/in /by

Along with a new version of Safari in iOS 15 and iPadOS 15, Apple has released Safari 15 for macOS 11 Big Sur and macOS 10.15 Catalina. Why do this before macOS 12 Monterey ships? Some of the browser’s new capabilities—notably the Tab Groups feature—integrate it more deeply into your Apple device experience by syncing across devices. So, assuming you have Safari 15 on at least some of your devices, what’s new, and is it any good?

New Tab Bar Interface

For Safari 15, Apple tried to minimize the tab bar interface to occupy less screen real estate and stand out less from the content of Web pages by co-opting the color of each page. Early betas were met with a litany of complaints from testers, and Apple pulled back in the eventual releases, offering settings that let you retain the old interface. How that plays out varies between the iPhone, iPad, and Mac:

  • iPhone: Apple combined the address bar and tab bar into a single set of controls at the bottom of the screen, where they’re easier to reach with your thumb while working one-handed and where you can swipe left and right to switch tabs. Plus, the status bar area at the top of the screen takes on the color from the current site, which isn’t necessarily a visual win. This is a huge change from the controls appearing at the top, so if you don’t like it, go to Settings > Safari and switch from Tab Bar (below left) to Single Tab (below right). Turn off Allow Website Tinting (also below right) if you don’t like the colorizing.
  • iPad: Displays on the iPad are relatively small, so saving some vertical space with the new Compact Tab Bar could be helpful. However, since the tab bar automatically minimizes when you scroll down a page, reducing its size when it’s visible isn’t as much of a win as it might seem. And the colorized tab bar can be shockingly bright. In Settings > Safari, you can choose between Compact Tab Bar (below top) and Separate Tab Bar (below bottom); either way, consider disabling Show Color in Tab Bar.
  • Mac: Laptop screens aren’t huge, and Safari doesn’t minimize its tab bar when you scroll, as it does on the iPhone and iPad, so saving some vertical space might be welcome on a smaller screen. But the way the Compact layout embeds the address field inside a tab and reduces the number of buttons you can see may perturb you (below top). Once again, the colorized tab bar can be glaring. To revert to something closer to the old look, in Safari > Preferences > Tabs, select Separate for the tab layout (below bottom), and disable Show Color in Tab Bar to keep the controls gray regardless of the site color.

Voice Search

For many searches, it’s easier to speak than type, and Apple has made doing that even faster with Voice Search on the iPhone and iPad. Tap the current tab to display the address field, tap the microphone button, and speak instead of typing. As soon as you stop, Safari performs the search. You can even navigate directly to a site by speaking its URL, like “apple dot com.” Sadly, Apple didn’t extend this feature to the Mac version of Safari 15.

Tab Switcher

In iOS 14 and earlier, Safari used a card stack metaphor for its tab switcher (below left), which could make it hard to see what each tab contained. In Safari in iOS 15, Apple took a cue from the iPad and Mac versions of the app and moved to a grid interface for the tab switcher (below right). You can drag the tab thumbnails around to organize them and remove them by tapping an X button (weirdly located in the upper-right corner) or swiping them left off-screen. You can also bring up the option to close all open tabs by pressing and holding Done at the lower right corner of the screen.

Tab Groups

If you struggle under the cognitive load of dozens of unrelated tabs, the new Tab Groups feature might help. With it, you can collect tabs into as many groups as you like and switch among them. You work with tab groups in either the tab switcher interface (iPhone and iPad with the Separate Tab Bar) or the sidebar (Mac and iPad with the Compact Tab Bar).

To open the tab switcher on the iPhone, tap the tab button in the lower-right corner of the screen; on the iPad, tap the different-looking tab button in the upper-right corner. Once you have the tab switcher open, tap X Tabs to reveal the Tab Groups menu. To show the sidebar on either the iPad or the Mac, tap or click the sidebar button in the upper-left corner of the tab bar.

Once you have the Tab Groups menu or sidebar showing:

  • To create a new tab group on the iPhone’s or iPad’s Tab Groups menu, tap New Empty Tab Group, name it, and tap Save. In the sidebar on a Mac or iPad, use the New Tab Group button at the top (or choose File > New Empty Tab Group on the Mac). You can also use New Tab Group from X Tabs to create a tab group from currently open tabs.
  • To switch to a different tab group, tap it in the Tab Groups menu on an iPhone or iPad, or access it from the sidebar on a Mac or iPad.
  • To delete a tab group, swipe left on it in the Tab Groups menu or sidebar to reveal a delete icon on an iPhone or iPad; on the Mac, Control-click it and choose Delete.

Shared with You

Ever gone spelunking through Messages to find a link someone sent you? Safari 15’s new Shared with You feature should help. It automatically collects all Web pages you receive in Messages into a new Shared with You section of the Safari start page. On the iPad and Mac, there’s also a Shared with You item in the sidebar.

Customizable Start Page

Speaking of the start page, if you want to customize which headings appear and in what order, you can now do that on the iPhone and iPad. (Choosing which headings appear has long been possible on the Mac by clicking the little settings button in the lower-right corner, but reordering isn’t possible there.)

Create a new tab to view the start page, scroll to the bottom, and tap Edit. Then disable any headings you don’t want to see and drag the remaining ones into your desired order. You can also choose among several Apple-provided background images and have your start page settings sync to your other devices.

Other Stuff

Two final new features may be welcome but probably won’t rock your world:

  • Pull to refresh: If you need to reload a Web page on the iPhone or iPad, either you can tap the reload button in the address field if it’s visible with your tab bar settings, or you can now just pull down with your finger from the top of a page.
  • HTTPS upgrade: If you visit a website that supports encrypted HTTPS but is also loading insecure content over unencrypted HTTP, Safari will now ensure that you connect to it over HTTPS so your entire connection is secure.

There you have it! Check out the new features in Safari 15 and let them improve your browsing experience.

(Featured image based on an original by iStock.com/Evgenii Mitroshin)

Social Media: Safari 15 brings some welcome new features, along with tab bar interface changes that have received mixed reviews. Read on to learn about the features and how you can customize the tab bar more to your liking.

Frequently Asked Questions Surrounding Apple’s Expanded Protections for Children

/in /by

Apple’s recent announcement that it would soon be releasing two new technologies aimed at protecting children has generated a firestorm of media coverage and questions from customers. Unfortunately, much of the media coverage has been based on misconceptions about how the technology works, abetted by uncharacteristically bungled communications from Apple. It’s not inconceivable that Apple will modify or even drop these technologies in the official release of iOS 15, iPadOS 15, and macOS 12 Monterey, but in the meantime, we can provide answers to the common questions we’ve been hearing.

What exactly did Apple announce?

Two unrelated technologies:

  • Messages will gain features that warn children and their parents when sexually explicit photos are received or sent. Such content will be blurred, the child will be warned and given the option to avoid viewing the image, and parents may be alerted (depending on the age of the child and settings).
  • Photos uploaded by US users to iCloud Photos will be matched—using a complex, privacy-protecting method that Apple has developed—against known illegal photos considered Child Sexual Abuse Material, or CSAM. If a sufficient number of images match, they’re verified by a human reviewer at Apple to be CSAM and then reported to the National Center for Missing and Exploited Children (NCMEC), which works with law enforcement in the US.

Does this mean Apple is scanning all my iPhone photos?

Yes and no. Messages will use machine learning to identify sexually explicit content in received and sent images. That scanning takes place entirely on the iPhone—Apple knows nothing about it, and no data is ever transmitted to or from Apple as a result. It’s much like the kind of scanning that Photos does to identify images that contain cats so you can find them with a search. So scanning is taking place with this Messages feature, but Apple isn’t doing it.

The CSAM detection feature operates only on images uploaded to iCloud Photos. (People who don’t use iCloud Photos aren’t affected by the system at all.) On the device, an algorithm called NeuralHash creates a hash and matches it against an on-device database of hashes for known illegal CSAM. (A hash is a one-way numeric representation that identifies an image—it’s much like how a person’s fingerprint identifies them but can’t be used to re-create that person.) NeuralHash knows nothing about the content of any image—it’s just trying to match one hash against another. In this case, it’s matching against existing image hashes, not scanning for a type of content, and Apple is notified only after enough image hashes match.

It’s also important to note that this is different from how companies like Facebook, Google, and Microsoft scan your photos now. They use machine learning to scan all uploaded photos for CSAM, and if they detect it, they’re legally required to report it to the NCMEC’s CyberTipline, which received 21.7 million CSAM reports from tech companies in 2020, over 20 million from Facebook alone. Because Apple does not scan iCloud Photos in the US like other companies scan their photo services, it made only 265 reports in 2020.

What happens if the CSAM detection feature makes a mistake?

This is called a false positive, and while vanishingly improbable, it’s not mathematically impossible. Apple tested 100,000,000 images against NeuralHash and its CSAM hash database and found 3 false positives. In another test using 500,000 adult pornography images, NeuralHash found no false positives.

Even if NeuralHash does match an image hash with one in the known CSAM hash database, nothing happens. And nothing continues to happen until NeuralHash has matched 30 images. Apple says that the chances of there being 30 false positives for the same account are 1 in 1 trillion.

I have terrible luck. What if that happens with my account?

Once at least 30 images have matched, the system enables Apple to decrypt the low-resolution previews of those images so a human can review them to see if they are CSAM. Assuming they are all false positives—remember that possession of CSAM is illegal in the US—the reviewer sends them to Apple engineers to improve the NeuralHash algorithm.

Could non-CSAM images end up in Apple’s CSAM hash database?

It’s extremely unlikely. Apple is constructing its database with NCMEC and other child-safety organizations in other countries. Apple’s database contains image hashes (not the actual images; it’s illegal for Apple to possess them) for known illegal CSAM images that exist both in the NCMEC database and at least one other similar database. So multiple international organizations would have to be subverted for such image hashes to end up in Apple’s database. Each source database will have its own hash, and Apple said it would provide ways for users and independent auditors to verify that Apple’s database wasn’t tampered with after creation.

Plus, even if a non-CSAM image hash were somehow added to Apple’s database and matched by NeuralHash, nothing would happen until there were 30 such images from the same account. And if those images weren’t CSAM, Apple’s human reviewers would do nothing other than pass the images to engineering for evaluation, which would likely enable Apple to determine how the database was tampered with.

Couldn’t a government require Apple to modify the system to spy on users?

This is where much of the criticism of Apple’s CSAM detection system originates, even though Apple says the system will be active only in the US. On the one hand, Apple has said it would resist any such requests from governments, as it did when the FBI asked Apple to create a version of iOS that would enable it to break into the San Bernardino shooter’s iPhone. On the other hand, Apple has to obey local laws wherever it does business. In China, that already means that iCloud is run by a Chinese company that presumably has the right to scan iCloud Photos uploaded by Chinese users.

It’s conceivable that some country could legally require Apple to add non-CSAM images to a database, instruct its human reviewers to look for images the country finds objectionable, and report them to law enforcement in that country. But if a country could successfully require that of Apple, it could presumably force Apple to do much more, which hasn’t happened so far. Plus, the CSAM detection system identifies only known images—it’s not useful for identifying unknown images.

Is Apple heading down a slippery slope?

There’s no way to know. Apple believes this CSAM detection system protects the privacy of its users more than scanning iCloud Photos in the cloud would, as other companies do. But it’s highly unusual for a technology that runs on consumer-level devices to have the capacity to detect criminal activity.

(Featured image by iStock.com/metamorworks)

Social Media: Apple’s recently announced expanded protections for child safety have generated a firestorm of criticism and confusion. We attempt to answer some of the most common questions we’ve received.

Reopening Your Office? Now’s a Great Time to Evaluate Your IT Infrastructure

/in /by

As vaccination rates climb, many businesses are starting to think about reopening their offices and bringing back employees who have been working from home for the last year. That’s a big decision that will undoubtedly vary from company to company, but we’d like to suggest a few things to consider. Please contact us early in such deliberations so we can provide guidance before problems crop up.

Full Return or Hybrid Model?

Perhaps the biggest question firms will have to answer is if they’ll require all employees to return or if some can continue to work remotely. Many organizations have discovered that physical presence isn’t as important as they thought it was. In a post-pandemic world, many employees may prefer to continue working from home if they can, at least for a while.

If you decide on a hybrid model, you’ll want to put some thought into what technology you’ll need to enable hybrid meetings, with some people connecting remotely via videoconferencing software and others gathering in person. Large screens, specially mounted cameras, and dedicated speakerphone hardware may be necessary to conduct a hybrid meeting effectively.

With some workers remaining at home, it will also be important to ensure that everyone has appropriate access to on-premises servers. Obviously, that has been a problem for the last year as well, but it may be tempting to revert to old approaches upon reopening an office. That may not be effective in a new hybrid workplace, so check with us on cloud-based alternatives that could work better in the new world order.

Consider Your Physical Space

Particularly if you do decide on a hybrid model, it’s worth evaluating whether you need the same amount and type of space as you did before. There’s no single answer here. You don’t want to downsize your physical space only to discover in a few months that some of those employees who swore that they never wanted to come back feel that they’re missing out. Simultaneously, if your offices are a warren of small, poorly ventilated rooms, employees may be even more hesitant about returning.

Plus, your physical space is inherently related to your IT infrastructure, so don’t ignore the costs surrounding an office move. A new space might require pulling new Ethernet cables, testing Wi-Fi signal strength to ensure sufficient coverage, evaluating the cleanliness of the electrical power, and more.

We don’t mean to dissuade you from moving offices if that’s what makes the most sense for the future of your company, but talk to us before signing any new leases so we can help identify and head off any technical problems with the physical plant.

Finally, this isn’t related to IT, but if your existing office space has been entirely vacant for the last year, it’s worth reading the information that the Centers for Disease Control puts out to help employers create safe and healthy workplaces. Buildings don’t do well with prolonged shutdowns.

Does Network Infrastructure Need Updating?

Before you bring employees back, at least en masse, it’s also worth touching base with us about your IT infrastructure. If you’ve been limping along with sketchy Ethernet cabling, or if you have dirty power that could be damaging your Macs and peripherals, it’s a great time to consider addressing such problems. Pre-pandemic, attempting to install new electrical circuits or pull new network cabling might have been too disruptive, but with an office that’s empty or nearly so, such work can be done more quickly and cheaply.

Similarly, this could be a good time to replace aging computers, printers, or even phone systems. Such infrastructure upgrades and transitions can cause interruptions in normal times, but if you’re bringing people back, wouldn’t it be nice to have the office provide a better IT experience than it did before?

(Featured image by Shuki Harel from Pexels)

Social Media: If you’re having discussions about when and how to reopen your organization’s office, it’s worth thinking—and talking to us—about the role your IT infrastructure plays in such discussions. Learn more at:

What Is This “App Tracking Transparency” Apple Added to iOS 14.5?

/in /by

You’ve likely seen mention of the dispute between Apple and Facebook. It revolves around App Tracking Transparency (ATT), a technology Apple released in iOS 14.5.

The goal of ATT is to give iPhone and iPad users more control over the extent to which app makers can track their data and activities across apps and websites owned by other companies. Before App Tracking Transparency, nothing prevented companies from sucking a vast amount of data about your everyday activities and connecting it to other data to build an insanely detailed picture of who you are and what you do. Apple has written A Day in the Life of Your Data white paper and released the Tracked TV ad to give you a sense of how apps track you. We like to think of app tracking as a fleet of tiny drones constantly hovering over your head, recording your every waking moment for their corporate masters.

Facebook is particularly perturbed by the introduction of App Tracking Transparency because the company makes billions of dollars every year by gleaning as much as it can about you and then selling advertising access to you to companies that want to target people like you. For instance, Facebook knows if you’re a New York City lawyer and divorced mother of two who loves dogs, donates to the Sierra Club, and has Crohn’s disease. Although App Tracking Transparency won’t prevent Facebook from tracking your behavior across its own apps, at least it won’t be able to track you across other companies’ apps and websites.

Once you upgrade to the latest version of iOS and iPadOS, App Tracking Transparency requires that apps ask for permission to track you. However, depending on your current privacy settings, you may never see those requests. In Settings > Privacy > Tracking, if Allow Apps to Request to Track is turned off, you won’t receive any permission requests, and apps won’t be able to track you. Turn that setting on, and you’ll start getting alerts that ask for permission.

Put bluntly, there is absolutely no reason to allow any app to track you. Apple explicitly says that apps may not withhold features from those who opt out of tracking. So if you turn on the Allow Apps to Request to Track setting, tap Ask App Not to Track whenever you’re prompted. If you accidentally tap Allow, you can always go back to Settings > Privacy > Tracking and turn off the switch to rescind permission.

You might want to enable Allow Apps to Request to Track to see which apps were likely violating your privacy before and are still willing to do so even after App Tracking Transparency has exposed their sleazy business practices. Frankly, we’d encourage you to think about whether you want to use apps from such companies—perhaps the best reason to allow the requests is to identify privacy-abusing apps that you’ll then delete.

Early statistics from analytics company Flurry suggest that 94%–96% of users in the United States have opted out of app tracking, either by tapping Ask App Not to Track or by disabling the Allow Apps to Request to Track. We’re surprised the number is so low.

(Featured image by Glen Carrie on Unsplash)

Social Media: New in iOS 14.5 is a privacy-protecting feature called App Tracking Transparency, which forces apps to ask you for permission to track your activities across other apps and websites. Learn more about why you should never allow tracking here:

It’s Time to Consider Upgrading to macOS 11 Big Sur

/in /by

We’re cautious when it comes to recommending upgrades to new versions of macOS. Apple makes the upgrade process easy—though it can be time-consuming—but upgrading can create workflow interruptions, render favorite apps inoperable, and have other consequences. At the same time, it’s important to stay in sight of the cutting edge for security reasons and to take advantage of advances from Apple and other developers. Upgrading is not an if question; it’s a when question.

We’re not saying that everyone needs to upgrade to macOS 11 Big Sur now, but if you want to, it should be safe now that Apple has released several bug-fix updates. However, there are still a few caveats, and preparation is essential.

Reasons Not to Upgrade

Some people should continue to delay upgrades to Big Sur due to software incompatibilities. Most software under steady development will have been updated for Big Sur by now, but some workflows rely on older versions of apps where an upgrade isn’t practical or possible (ancient versions of Adobe Creative Suite, for instance), or on obsolete apps that will never be updated. You may be able to learn more at RoaringApps, but those who haven’t yet upgraded past 10.14 Mojave may have to upgrade or replace 32-bit apps that ceased working starting with 10.15 Catalina.

The other app category that continues to have trouble with Big Sur are backup apps that make bootable duplicates. Catalina moved macOS to its own read-only volume, and Big Sur goes a step further by applying cryptographic signatures that make it even harder for an attacker to compromise the operating system. Unfortunately, that also makes creating a bootable duplicate difficult. Carbon Copy Cloner and ChronoSync have developed workarounds; SuperDuper remains incompatible at this point, although an older version can create data-only backups. If you rely on one of these apps for critical backups, make sure you know what you’re getting into before upgrading or reassess your backup strategy.

Before You Upgrade

Once you’ve decided to upgrade to Big Sur, you have three main tasks:

  • Update apps: Make sure all your apps are as up-to-date as possible. If you regularly put off updates, now’s the time to let them complete so you have Big Sur-compatible versions.
  • Clear space: Big Sur needs a minimum of 35.5 GB to upgrade, and as of macOS 11.2.1, the installer won’t proceed unless there’s enough space. Don’t cut this close—you should always have at least 10–20% free space for virtual memory, cache files, and breathing room.
  • Make a backup: Never, ever install a major upgrade to macOS without ensuring that you have at least one current backup first. In an ideal world, you’d have an updated Time Machine backup, a bootable duplicate, and an Internet backup. That way, if something goes wrong as thousands of files are moved around on your drive, you can easily restore.

After those tasks are complete, make sure you don’t need your Mac for a few hours. There’s no telling exactly how long the upgrade will take, especially if it has to convert your drive to APFS, so never start an upgrade if you need the Mac soon.

Initiating the upgrade is just a matter of opening System Preferences > Software Update, clicking the Upgrade Now button, and following the instructions.

After You Upgrade

Part of the reason to set aside plenty of time for your Big Sur upgrade is that there are always clean-up tasks afterward. We can’t predict precisely what you’ll run into, but here are a few situations we’ve noticed:

  • macOS will probably need to update its authentication situation by asking for your Apple ID password, your Mac’s password, and if you have another Mac, its password too. Don’t worry that this is a security breach—it’s fine.
  • Some apps may have to ask for permission to access your contacts and calendar even though you previously granted permission. Again, that’s fine.
  • If you use your Apple Watch to unlock your Mac and apps (and you should, it’s great!), you’ll need to re-enable that in System Preferences > Security & Privacy > General.
  • If you use Gmail or Google Calendar or other Google services, you may need to log in to your Google account again.
  • Websites that usually remember your login state will likely require that you log in again. If you’re using a password manager like 1Password, that’s easy.
  • You may have to re-enable text-message forwarding to your Mac on your iPhone in Settings > Messages > Text Message Forwarding.
  • Those who use Backblaze for Internet backups will find their backups have been “safety frozen.” Follow these instructions for thawing your account.

Finally, Time Machine in Big Sur now supports and prefers APFS-formatted drives, and all of Apple’s development is going in that direction now. You can keep using your existing Time Machine backup in Big Sur, but after you’re confident that everything is working well—and you have another backup—it’s worth removing your Time Machine backup drive in System Preferences > Time Machine > Select Disk, reformatting the drive as APFS in Disk Utility, and restarting the backup in the Time Machine preference pane.

With all that housekeeping done, it’s time to check out all the new features in Big Sur!

(Featured image based on originals by Apple)

Social Media: Should you upgrade to macOS 11 Big Sur? There’s no need to do so yet, but it should be safe for most people, so if you’re excited about the new look and the new features, this is a good time to upgrade. Read on for our pre- and post-upgrade tasks.

So, Are Apple’s New M1-Based Macs Any Good?

/in /by

In November, Apple unveiled its new M1 chip and three new Macs that use it: the MacBook Air, 13-inch MacBook Pro, and Mac mini. The M1-based MacBook Air replaces the previous Intel-based MacBook Air, but with the 13-inch MacBook Pro and the Mac mini, Apple continues to sell some Intel-based models with beefier specs—most notably a higher memory ceiling.

Even though Apple makes impressive performance claims for the new Macs, the community was still somewhat skeptical. Were these new Macs as fast as Apple said? Would they be limited in some other way? And the biggest question of all, should we be buying untested M1-based Macs or tried-and-true Intel-based models? Now that these new Macs are shipping and people have had a chance to try them, let’s address these and other questions so you can plan your future Mac purchases appropriately.

Are these new Macs fast?

It’s hard to overstate just how astonishing the performance benchmarks for these new Macs are. In single-core GeekBench 5 tests, the M1-based Macs beat every existing Mac by a lot: the most recent 27-inch iMac clocked in at a benchmark score of 1250, whereas the M1 Macs hovered around 1700. (The Mac Pro and iMac Pro are tweaked for faster multi-core performance instead, so they fare even worse on the GeekBench 5 single-core benchmarks.) For many everyday apps, single-core performance is what you’ll notice.

Of course, the top-of-the-line 28-core Mac Pro and its siblings outperform the 8-core M1-based Macs in the GeekBench 5 multi-core benchmarks, but if you focus on the new M1 Macs in the multi-core rankings below, you can see that they’re just behind the fastest 27-inch iMacs and low-end Pro models. That’s doubly impressive when you remember that the Mac Pro in the screenshot below costs $6000, compared to $700 for the Mac mini.

Benchmarks don’t lie, but they also don’t tell the whole story. These new Macs feel fast. Apps launch with only a bounce or two of the icon on the Dock. The MacBook Air and MacBook Pro wake from sleep and unlock with an Apple Watch so quickly that they’re ready to use by the time you’ve finished opening the screen. We can’t promise you’ll never see the spinning beachball wait cursor, but we haven’t so far. In some ways, using these new Macs feels more like using a fast iPad or iPhone, where everything happens nearly instantly.

Finally, note that only apps that have been rewritten to support the M1 chip receive the full speed boost. Older apps must be “translated” by Apple’s Rosetta 2, which converts apps from Intel instructions to the Arm instructions needed by the M1. That happens at launch, after which macOS launches the translated app. The first launch might be slow, but subsequent launches are faster. Although emulation environments are generally quite slow, early tests show apps translated by Rosetta 2 as running at about 80% of native speed. The upshot of that is that even translated apps might run faster than the equivalent app running on an Intel-based Mac.

What’s the deal with the new M1-based Macs having only 8 GB or 16 GB of RAM?

With the new M1-based Macs, you can choose between 8 GB and 16 GB of RAM, and that’s it. In contrast, the current Intel-based 13-inch MacBook Pro lets you go up to 32 GB, and the Intel-based Mac mini can take up to 64 GB.

Although 16 GB of RAM sounds limiting, that doesn’t seem to be nearly as concerning as one might think. The reason is that the M1 chips use what Apple calls “unified memory,” which is built onto the M1 chip itself and shared by the CPU, GPU, and Neural Engine. A significant performance bottleneck in modern computers is moving data around in memory. Benchmarks suggest that the memory bandwidth on the M1 chip is about 3x faster than on a 16-inch MacBook Pro. The faster that data can be moved around in memory and shared between the processing cores, the less memory is needed.

The speed of their SSDs also lets the M1-based Macs get away with less memory. When macOS uses all its physical RAM, it falls back on virtual memory, which effectively involves moving data on and off the SSD as needed. When Macs used hard drives, swapping memory to and from disk was very slow, but modern SSDs are fast enough to hide swapping delays.

To be fair, there are still memory-intensive tasks that will run better on Macs with lots of physical RAM. That’s a big reason Apple kept the Intel versions of the 13-inch MacBook Pro and Mac mini for sale. On the very high end, you can put a whopping 1.5 TB of RAM in a Mac Pro, and if you need that kind of RAM for your work, you’ll need to stick with Intel-based Macs for now.

How will the M1-based Macs fit into a workflow?

Here’s where things get tricky. If you have an office full of Macs, there are some good reasons why you might want to stick with Intel-based Macs for a while.

  • Big Sur: The M1-based Macs require macOS 11 Big Sur. In general, we recommend that people hold off on upgrading to Big Sur until Apple has released maintenance updates to solidify stability and compatibility. Plus, mixing versions of operating systems and apps can lead to interoperability problems.
  • Apps: Although Rosetta 2 appears to do a good job translating older apps, there may still be quirks or performance hits, particularly for complex apps.
  • Memory: As mentioned above, there are some tasks where lots of physical RAM is essential, and there’s currently no way to go above 16 GB on an M1-based Mac.

But here’s the thing. Apple very intentionally focused its initial M1-based Mac models on the low end of the Mac product line. These Macs are ideal for students and individuals, or as auxiliary or traveling Macs for office workers, particularly given the startlingly good battery life in the laptops. They won’t be replacing a Mac Pro or even a 27-inch iMac right now, but no one would have replaced such a machine with a MacBook Air, 13-inch MacBook Pro, or Mac mini before either.

In the end, we’re bullish on these new M1-based Macs. They’ve redefined what the most inexpensive Macs can do, making them compelling for those who don’t require more than 16 GB of physical RAM or need to slot them into highly specific workflows.

(Featured image by Apple)

Social Media: Apple’s new M1-based Macs are getting rave reviews for their stunning performance and battery life. Should you buy one for your next Mac or stick with a tried-and-true Intel-based Mac? We look into that question in this piece.