Posts

Don’t Store Confidential Files in Online File Sharing Services

/in /by

Given their integration into the Mac’s Finder, it can be easy to forget that online file sharing services like Dropbox, Google Drive, iCloud Drive, and Microsoft OneDrive can be accessed using a Web browser by anyone with your username and password. Obviously, you should always have strong, unique passwords, but to be safe, it’s best not to use services designed for public file sharing to store unencrypted files containing sensitive information like credit card numbers, Social Security numbers, passport scans, privileged legal documents, financial data, and so on. Keep such data secure on your Mac—outside of any synced folders—where accessing it requires physical access to the machine.

(Featured image based on an original by Kenaz Nepomuceno from Pexels)

How to Avoid Embarrassment During Online Presentations or Screen Sharing

/in /by

Along with the now-ubiquitous videoconferencing, screen sharing and online presentations have become vastly more common during the pandemic. This isn’t yet another article about how to give a better presentation or feel more confident. (Although those might happen too.) The goal of this article is to help you avoid situations that could embarrass you in front of clients, colleagues, or bosses. Follow this advice and you could avoid an unfortunate happenstance that might even cause you to be fired.

Here’s the problem. Even more so than before the pandemic, our Macs feel like personal spaces. Just as you’d add a houseplant and a special photo to your desk at work, you’ve probably personalized your Mac in a variety of ways. Custom desktop wallpaper, for instance, or a screensaver that displays favorite photos. Plus, you may carry on personal conversations, possibly even intimate ones, if you catch our drift, using the same Mac that you use for communicating with those aforementioned clients, colleagues, and bosses.

We’re not here to admonish you or nag about inappropriate behavior. (Though we will encourage you to consider some sage advice from a friend’s mother, who noted drily that you should never put anything on the Internet that you don’t want to appear on the front page of the New York Times. And that was before Twitter.)

No, as we said, the goal here is to help you avoid the embarrassment caused by people who are viewing your screen seeing things they shouldn’t see, something that the New York Times has also covered. Some areas of concern include:

  • Desktop & Screen Saver: Jobs have been lost by inappropriate selections for desktop wallpaper and photo screen savers. Make sure, if you’re ever going to share your screen, that randomly chosen desktop pictures and folders of screen saver photos don’t contain anything that could be problematic. To be safe, choose an Apple-provided desktop picture and a pattern-based screen saver in System Preferences > Desktop & Screen Saver.
  • Icons on the Desktop: We all toss files on the desktop, but if preview icons or even filenames could cause trouble—you might not want your boss seeing Resumé.doc—corral them in another folder before you share your screen. Also note that many videoconferencing apps can limit their screen sharing to particular windows rather than the entire screen, which prevents people from seeing your desktop.
  • Web browser tabs: Limiting screen sharing to a particular window won’t help if it’s a Web browser window with multiple tabs. Even if you avoid accidentally navigating to a tab with NSFW content, its title alone might be problematic. For safety, always start a new browser window when sharing Web content.
  • Open apps and documents: As with icons on the desktop when sharing your entire screen, you may not want just anyone seeing what other apps and documents you have open. Again, stick to sharing a specific window. To avoid mistakes when selecting the window to share, we recommend hiding or quitting all unrelated apps before sharing your screen.
  • Document comments: When collaborating on a document, some people are less than politic with their in-document comments. If comments are visible when you’re sharing a document with people who wouldn’t otherwise see them, hard feelings could ensue. Make sure to hide or resolve such comments before sharing.
  • Notifications: Even if you have hidden or quit Calendar, Messages, Mail, and similar apps, their notifications could still appear at an inopportune time. You might not want colleagues to know about an ob-gyn appointment, meeting with a potential employer, or racy conversations with a coworker. The solution is Do Not Disturb, easily enabled from Control Center in macOS 11 Big Sur and by scrolling up in Today view in Notification Center in earlier versions of macOS. Also, although it won’t help with online screen sharing, it’s a good idea to enable the “When mirroring to TVs and projectors” option in System Preferences > Notifications > Do Not Disturb.

This may all sound a little overwhelming, but there is one trick that will help you avoid most of these problems at once. In System Preferences > Users & Groups, create a new user account dedicated to screen sharing and presentations. In that user account, you can be sure to have innocuous desktop pictures, screen savers, clean Web browser windows, and permanent Do Not Disturb. The hardest part will be figuring out the best way to share documents you use in presentations between your accounts (try the /Users/Shared folder or an online file sharing solution like Dropbox). Then, before you start a call when you’ll need to share your screen, choose your new account from the Fast User Switching menu from the right side of the menu bar (set up that menu in System Preferences > Users & Groups > Login Options).

One final piece of advice. When you’ve accomplished what you need to by sharing your screen, stop sharing it and switch back to video. That way, you can’t accidentally do something in the shared window that might be embarrassing. Similarly, when a meeting is over or you’re dropping off for a while, it’s best to leave the call. Stopping video and muting audio are good tools, but it’s easy to click in the wrong spot accidentally and think you’re safe when, in fact, your mic or camera is still live.

(Featured image by Andrea Piacquadio from Pexels)

Social Media: When sharing your screen online, would you be embarrassed if your clients, colleagues, or bosses saw what’s on your Mac—your desktop picture, screen saver, browser tabs, email notifications, or Messages conversations? Here’s what to watch out for.

Use macOS’s Guest Account to Protect Your Privacy from Temporary Users

/in , /by

We’ve all had it happen. “Can I use your Mac for a minute to check my email?” The answer can be “Yes,” but to keep people from poking around on your Mac, have your visitor log in as Guest. To enable the Guest account, go to System Preferences > Users & Groups. If the lock at the bottom left is closed, click it and enter your admin credentials. Then click Guest User in the list, and select “Allow guests to log in to this computer.” To switch to the Guest account, go to the Apple menu and choose Log Out YourAccountName to access the login screen. Your guest can then click the Guest User icon, at which point they’ll have a clean account to work in. When they log out, the account—including any files they created or downloaded—will be deleted, thus protecting their privacy as well.

(Featured image by Apple)

Social Sites As Backup?

/in , , /by
Its probably safe to say the best thing about social platforms is sharing images. Instagram is built exclusively on pictures and has become as ubiquitous as “Kodaking” was back when the Brownie was invented. Photos on social media are fun and inspiring in so many ways. Yet some of us rely on platforms like Facebook and Instagram for backup and access to our pictures; March 13th’s outage is just one more reminder that social platforms should not be used for back up. When you are choosing an online solution for backup, here are a few questions we think you should ask:
  • Are my images being compressed? How much?
  • Are my private images really private?
  • Who can view, edit or delete them? Can I?
  • Can I easily access them any time I want?
  • Am I able to locate the image I need quickly?
  • Who controls my copyright?
  • Will my images be used for unintended purposes like training artificial intelligence facial recognition without my permission? We’re looking at you Flickr and IBM.
  • Can I answer these questions, or will a deep dive in to Terms Of Service be required?
Enjoy your photo feed on social media. We love it too–especially when we’re friends with you and we follow each other. We don’t think social sites have a role in a sound backup strategy. A good backup is a 3-2-1 system: 3 copies of important files and photos on at least 2 different types of storage and 1 copy off site.

Apple Has Disabled Group FaceTime to Prevent Pre-call Eavesdropping

/in /by

A serious bug has been discovered in Apple’s Group FaceTime multi-person video chat technology. It allows someone to call you via FaceTime and then, with just a few simple steps, listen in on audio from your iPhone, iPad, or Mac while the call is ringing, before you have accepted or rejected it. To prevent the problem from being exploited, Apple says it has disabled Group FaceTime and promises a fix “later this week.”

In the meantime, if you’re still concerned (there were some reports of people being able to invoke the bug even after Apple disabled Group FaceTime), we recommend turning off FaceTime entirely in Settings > FaceTime in iOS and by launching the FaceTime app in macOS and then choosing FaceTime > Turn FaceTime Off. (Or just be quiet when a FaceTime call comes in.) Apple may be able to fix the problem without requiring users to update software; if iOS and macOS updates do prove to be necessary, we recommend that you install them sooner rather than later.

What Are All These New Privacy Request Dialogs in Mojave?

/in /by

With macOS 10.14 Mojave, Apple has beefed up the Mac’s privacy so it more closely resembles privacy in iOS. You’ve noticed that when you launch a new app on your iPhone or iPad, it often prompts for access to your photos or contacts, the camera or microphone, and more. The idea behind those prompts is that you should always be aware of how a particular app can access your personal data or features of your device. You might not want to let some new game thumb through your photos or record your voice.

macOS has been heading in this direction, but Mojave makes apps play this “Mother, May I?” game in more ways. As a result, particularly after you first upgrade, you may be bombarded with dialogs asking for various permissions. For instance, when you first make a video call with Skype, it’s going to ask for access to the camera and the microphone. Grant permission and Skype won’t have to ask again.

Skype’s requests are entirely reasonable—it wouldn’t be able to do its job without such access. That applies more generally, too. In most cases, apps will ask for access for a good reason, and if you want the app to function properly, you should give it access.

However, be wary if a permission dialog appears when:

  • You haven’t just launched a new app
  • You aren’t doing anything related to the request
  • You don’t recognize the app making the request

There’s no harm in denying access; the worst that can happen is that the app won’t work. (And if it’s malicious, you don’t want it to work!) You can always grant permission later.

To see which permissions you’ve granted or denied, open System Preferences > Security & Privacy > Privacy. A list of categories appears on the left; click one to see which apps have requested access. If you’ve granted access, the checkbox next to the app will be selected; otherwise it will be empty.

You’ll notice that the lock in the lower-left corner is closed. To make changes, click it and sign in as an administrator when prompted.

Most of these categories are self-explanatory, but it might not always be obvious why an app wants permission. In the screenshot above, for instance, Google Chrome has been granted access to the Mac’s camera. Why? So Google Hangouts and other Web-based video-conferencing services can work.

There are five categories (including three not showing above) that could use additional explanation:

  • Accessibility: Apps that request accessibility access want to control your Mac. In essence, they want to be able to pretend to click the mouse, type on the keyboard, and generally act like a user. Utility and automation software often needs such access.
  • Full Disk Access: This category is a catch-all for access to areas on your drive that aren’t normally available to apps, such as data in Mail, Messages, Safari, Home, and more, including Time Machine backups and some admin settings. Backup and synchronization utilities may need full disk access, in particular. An app can’t request full disk access in the normal way; you must add it manually by clicking the + button under the list and navigating to the app in the Applications folder.
  • Automation: The Mac has long had a way for apps to communicate with and control one another: Apple events. An app could theoretically steal information from another via Apple events, so Mojave added the Automation category to give you control over which apps can control which other apps. You’ll see normal permission requests, but they’ll explain both sides of the communication.
  • Analytics: The Analytics privacy settings are completely different—they let you specify whether or not you want to share information about how you use apps with Apple and the developers of the apps you use. For most people, it’s fine to allow this sharing.
  • Advertising: Finally, the Advertising options give you some control over the ads that you may see in Apple apps. In general, we recommend selecting Limit Ad Tracking, and if you click Reset Advertising Identifier, any future connection between you and the ads you’ve seen will be severed from past data. There’s no harm in doing it. It’s worth clicking the View Ad Information and About Advertising and Privacy buttons to learn more about what Apple does with ads.

So if you’ve been seeing repeated requests for permission after you upgraded to Mojave, now you know why these dialogs keep popping up. They’re a bit annoying at first, but the added privacy is worthwhile, and once you’ve granted permission to an app, you shouldn’t hear from it again.

Social Media: macOS 10.14 Mojave changes how privacy works on the Mac by making apps ask for permission to use the camera, microphone, and quite a bit more. Here’s how this works and what you should do when prompted.

Being an Apple User Means You’re Not the Product

/in /by

There’s an Internet saying: “If you’re not the customer, you’re the product.” The point is that, if you’re getting a service for free, the company providing it sees you not as a customer, but as a product to sell, generally to advertisers.

This is how Google, Facebook, and Twitter operate. They provide services for free, collect data about you, and make money by showing you ads. In theory, the more that advertisers know about you, the better they can target ads to you, and the more likely you’ll be to buy. Personalized advertising can seem creepy (or clueless, when it fails), but it isn’t inherently evil, and we’re not suggesting that you stop using ad-supported services.

This ad-driven approach stands in stark contrast to how Apple does business. Apple makes most of its money by selling hardware—iPhones, Macs, and iPads, primarily. Another big chunk of Apple’s revenue comes from App Store and iTunes Store sales, iCloud subscriptions, and Apple Pay fees. Knowing more about you, what Web pages you visit, what you buy, and who you’re friends with doesn’t help Apple’s business, and on its Privacy page, Apple says bluntly, “We believe privacy is a fundamental human right.”

Of course, once your data is out there, it can be lost or stolen—in June 2018, a security researcher discovered that the online data broker Exactis was exposing a database containing 340 million records of data on hundreds of millions of American adults. Ouch!

Let’s look at a few of the ways that Apple protects your privacy.

Siri and Dictation

The longer you use Siri and Dictation, the better they work, thanks to your devices transmitting data back to Apple for analysis. However, Apple creates a random identifier for your data rather than associating the information with your Apple ID, and if you reset Siri by turning it off and back on, you’ll get a new random identifier. Whenever possible, Apple keeps Siri functionality on your device, so if you search for a photo by location or get suggestions after a search, those results come from local data only.

Touch ID and Face ID

When you register your fingerprints with Touch ID or train Face ID to recognize your face, it’s reasonable to worry about that information being stored where attackers—or some government agency—could access it and use it for nefarious purposes. Apple was concerned about that too, so these systems don’t store images of your fingerprints or face, but instead mathematical signatures based on them. Those signatures are kept only locally, in the Secure Enclave security coprocessor that’s part of the CPU of the iPhone and iPad—and on Touch ID-equipped laptops—in such a way that the images can’t be reverse engineered from the signatures.

And, of course, a major goal of Touch ID and Face ID is to prevent someone from violating your privacy by accessing your device directly.

Health and Fitness

People with medical conditions can be concerned about health information impacting health insurance bills or a potential employer’s hiring decision. To assuage that worry, Apple lets you choose what information ends up in Health app, and once it’s there, encrypts it whenever your iPhone is locked. Plus, any Health data that’s backed up to iCloud is encrypted both in transit and when it’s stored on Apple’s servers.

App Store Guidelines

A linchpin in Apple’s approach to privacy is its control over the App Store. Since developers must submit apps to Apple for approval, Apple can enforce stringent guidelines that specify how apps can ask for access to your data (location, photos, contacts, etc.). This isn’t a blanket protection—for instance, if you allow a social media app Facebook to access your contacts and location, the company behind that app will get lots of data on your whereabouts and can even cross-reference that with the locations of everyone in your contact list who also uses the service.

In the end, only you can decide how much information you want to share with the likes of Google, Facebook, and Twitter, and only you can determine if or when their use of your details feels like an invasion of privacy. But by using Apple products and services, you can be certain that the company that could know more about you than any other is actively trying to protect your privacy.

Social Media: Many of the big Internet companies make their money by assembling a dossier of information about you and then selling advertisers targeted access to you. Luckily, that’s not true of Apple—here are a few of the ways Apple protects your privacy.

The post Being an Apple User Means You’re Not the Product appeared first on TidBITS Content Network.

iOS 11.3 Introduces New Battery Health Feature, Business Chat, and More

/in , /by

At the end of March, Apple released updates to all four of its operating systems, but iOS 11.3 was the most notable. It boasts a variety of new features and other changes—you can think of it as the midpoint update between iOS 11’s first release and iOS 12, probably coming next September. All remaining updates to iOS 11 are likely to be minor maintenance updates. Here’s what’s new.

iPhone Battery Health

The most anticipated change is the Battery Health feature that Apple promised to add in the wake of revelations that the company was quietly reducing the performance of older iPhone models (starting with the iPhone 6) to lessen the chance of unexpected shutdowns with weak batteries. You find the new Battery Health screen in Settings > Battery > Battery Health, and Apple explains it in detail here.

If your iPhone battery is aging, you may see a lower maximum capacity, and if your iPhone has shut down because of a weak battery, the screen will tell you that performance management has been applied. You can disable performance management, if you prefer the iPhone shutting down to degraded performance, but it will turn on again the next time your iPhone shuts down. Finally, if your battery is bad enough, the screen will recommend replacement.

Also note that iPads running iOS 11.3 can better maintain battery health when they’re plugged into power for long periods of time. Be sure to upgrade if you have an iPad that stays plugged in all the time.

Business Chat

New in both iOS 11.3 and macOS 10.13.4 High Sierra is Business Chat, an Apple service that lets you chat with participating companies directly within Messages. If you look up one of these companies in Maps, Safari, or Search/Spotlight and see a Messages button, just use it to start a conversation. Only you can start conversations, and Business Chat can be a fast way to ask questions, get support, schedule appointments, and even make purchases using Apple Pay.

Apple’s launch partners are 1-800-Flowers, Ameritrade, Discover, Hilton, Home Depot, Lowe’s, Marriott, Newegg, and Wells Fargo, although not all of them seemed to be active out of the gate. And, of course, you can use Business Chat with Apple itself.

Health Records

Most people won’t be able to take advantage of iOS 11.3’s next new feature—medical records in the Health app—right away, but we have high hopes for it. Apple has partnered with over 40 healthcare systems to bring your medical records into the Health app, centralizing them and making them easier for both you and healthcare professionals to access. The records include lab results, medications, conditions, and more. Health Records data is encrypted and protected with a passcode so it remains private.

Data & Privacy

We haven’t yet seen this, but Apple says that iOS 11.3 (and macOS 10.13.4) will display a new privacy icon whenever Apple asks for access to personal information, as it might do to “enable features, secure Apple services or personalize an iOS experience.” The icon should be accompanied by detailed privacy information explaining the situation. In an era when every company seems hell-bent on collecting and exploiting our personal data, it’s nice to see Apple increasing the transparency of its data collection practices.

Safari

iOS 11.3 tweaks Safari in several small ways that make it easier to use and more secure:

  • Autofill now inserts usernames and passwords only after you select them on Web pages.
  • Autofill now works in Web views within other iOS apps.
  • Safari warns you when you interact with password or credit card forms on non-encrypted pages.
  • Safari now formats shared articles sent via Mail as though they were in Reader mode.
  • Favorites folders now show icons for the contained bookmarks.

Other Improvements

Apple made lots of other minor improvements in iOS 11.3. You can see a full list in the release notes, but those that we find most noteworthy include:

  • iPhone X users get access to four new animoji: a lion, dragon, skull, and bear.
  • iOS 11.3 adds support for the Advanced Mobile Location (AML) standard, which provides more accurate location data to emergency responders when Emergency SOS is triggered.
  • Podcasts now plays episodes with a single tap, and you can tap Details to learn more about episodes.
  • Apple Music now streams music videos uninterrupted by ads.
  • Apple News has improved its Top Stories feature and includes a new Video group in the For You collection.

iOS 11.3’s improvements may not change the way you use your iPhone or iPad, but they’re welcome nonetheless, and Business Chat and Health Records should become more interesting as additional institutions sign on. And, of course, anyone with an older iPhone should check the Battery Health screen right away.