Android Malware

This article discusses malware that is infecting apps for Android devices. A very scary situation, and hopefully the hackers don't try this malware on iOS devices. I must say I'm surprised they haven't tried yet. Maybe the hackers have tried and Apple's review and control of authorized apps has prevented this from happening. Seems like a good idea not to download and install an app except directly from Apple, if you have an iOS device.

Jim Hamm


https://www.entrepreneur.com/article/381038

Store Your COVID Vaccine Card

Here is an article from Macworld discussing several ways to store a copy of your COVID vaccination card with you in your iPhone, iPad or Mac. I took a photo of my two cards with my iPhone. The image is automatically stored in the Photos app. Then, on a Mac, Photos can be opened, the image found, then a name placed on it. "Vaccine" is what I used. Then, if you need to quickly show the photo to someone, a search on "vaccine" will quickly find the photo.

The article also discusses other ways.

Jim Hamm

Public WiFi

I previously used public wifi often when we traveled frequently, both by motorhome and otherwise. I never had any hacking problems, which can happen, though, if you're not careful. This article, from the Kaspersky AV blog, has some good tips on safe practices when you're on a public wifi network.

We have breakfast at Denny's occasionally, and I'll take my iPad, and I will use their public wifi to read the news. But I'll never purchase something and use a credit card, or log in to our bank, when on public wifi. Use caution.

Jim Hamm

Clarification on Posting by Forbes.com on iMessage

"Why You Should Stop Using iMessage After Shock iPhone Update"

That’s the headline being posted by Forbes.com (https://www.forbes.com/sites/zakdoffman/2021/08/07/apple-iphone-users-shock-imessage-update-after-security-warning/?sh=39fd73be7075)

It’s over-the-top dramatic to be sure.

Here’s the meat of the article that Forbes.com is referencing in EFF (Electronic Frontier Foundation, https://www.eff.org/deeplinks/2021/08/apples-plan-think-different-about-encryption-opens-backdoor-your-private-life)


"There are two main features that the company is planning to install in every Apple device. One is a scanning feature that will scan all photos as they get uploaded into iCloud Photos to see if they match a photo in the database of known child sexual abuse material (CSAM) maintained by the National Center for Missing & Exploited Children (NCMEC). The other feature scans all iMessage images sent or received by child accounts—that is, accounts designated as owned by a minor—for sexually explicit material, and if the child is young enough, notifies the parent when these images are sent or received. This feature can be turned on or off by parents.”

Overall, the news looks very real. However, the headlines you will see are very damaging in the literal interpretation of the headlines.

So what this really means is that it is NOT as dramatic as it sounds. You do NOT have to stop using iMessages on the iPhone after the update - UNLESS you are taking nude photos of children or sexually explicit photos. Hence, don’t take any chances of that darling nude photo of your baby grandchild getting in your iPhone or Mac.


John R. Carter, Sr.

iOS App Store

Apple recently released a 'white paper' on their position regarding their tight control of iOS apps, which can be somewhat summarized in the following quote:

"Apple’s white paper proposes that, were iOS to allow the sideloading of apps, users’ iPhones would be subjected to a relentless onslaught of scams and security exploits, rendering all of their sensitive personal data subject to invasive collection from malicious actors. The paper suggests that a shadowy army of security exploiters and hackers is drooling over the opportunity to invade the 1 billion iPhones that are currently active, and all that is keeping them at bay, currently, is the App Store’s position as the sole legitimate distribution point for apps on iOS devices."

Should you have an interest in reading it, the following article from the TidBITS newsletter discusses this in some detail.

Jim Hamm

https://tidbits.com/2021/07/02/apple-justifies-ios-app-stores-tight-control-in-white-paper/

Very Important Warning From Apple

If you own an iPhone, iPad, or Mac, then it's essential you update it with the latest security patch as soon as possible due to a zero-day exploit and risk of malware infection.

Apple has issued a security update with iOS 14.7.1, iPadOS 14.7.1, and macOS Big Sur 11.5.1. In all three cases, the update fixes a memory corruption issue that allowed an app to "execute arbitrary code with kernel privileges." Why it's so important to apply the security patches immediately is because Apple admits the exploit is already being actively used in the wild.

Update your iOS or iPadOS device by navigating to Settings > General > Software Update. After that, tap "Download and Install" and the security update will be downloaded and applied, after which you should be protected from this exploit. For Mac users, open the Apple menu, select System Preferences, click Software Update, and then click "Update Now," which will download the latest update and patch your system.


This is why we keep downloading new updates to our operating systems. A zero day exploit is one that is discovered the same day the update comes out. That means, before Apple even knows about the hack, people are being hacked. This one is rather critical.

Please update as soon as you read this.

Frank Croft



10 Steps to Amazing Photos

Because Affinity Photo has so many tools and features, it can be a little overwhelming. Where do you begin when editing a photo? What do you edit 2nd and 3rd? How do you take a regular photo, and make it look amazing?

To answer these questions, I made a free course for you: 10 Steps to Amazing Photos.

This course will teach you 10 simple steps to make any photo look its best. The course is just 1 hour long, but will transform the way you edit your photos. I'm sure you're going to love it!


John R. Carter, Sr.



Keeping Up to Date

It is a pain sometimes trying to keep the OS you're using up to date -- whether it be macOS, Windows or Linux. On a Mac forum I belong to, one fellow was having difficulty doing a few things with his OS, which happened to be an older version of macOS. Another member posted the following comments, which I thought were interesting, and possibly a reason to keep your OS current.

I thought it worthwhile to pass these along, albeit maybe more of interest to 'techies' than casual computer users.

Jim Hamm


I think part of the answer to this is that Safari is integrated into the operating system a bit, from the point of view of Apple. What that means is that when you have a fully updated Operating System, then your version of Safari (whether MacOS or iOS) is also up to date, and is a very good browser.

But, as time goes on, website creators create and use new browser features. This means that browsers gradually get out of date.

For people who are updating a device every time, this never makes any noticeable browser problems. But for those of us who choose to keep using an older version of the OS, that means that (while Firefox can generally still get updated), Safari cannot get updated, and thus does NOT acquire the features expected in a modern browser.

So when you go to a web site with modern downloading and security protocols, any modern browser will likely work.

Every version of Safari was likely state of the art at the time, but gradually falls behind if one is sticking with an old OS.

Eventually, for certain websites (such as those with the latest ads trying to grab your browser’s attention), the old browser won’t be able to handle something.

If the site allows ads to be displayed while it downloads (and who else would be paying for this), then a download process can be like running two different YouTube channels and Apple Music streaming in the background all at once, and as a small side priority, the one old browser trying to handle all of this is also trying not to get distracted doing the actual download.

So folks might need to get newer browsers, or ad-blockers, or differently-funded download hosts, or newer devices with updated OS software.

There are likely good reasons for each of these different choices, but it is useful to be aware of this as a potential issue.

Thanks for reporting your observations on this.

Ways to Save an Email

Here are some simple ways to save emails.

1. Don’t delete it.

2. Drag it to a different folder in Mail.

3. Print it, but instead of actually printing it, select the option to save as a PDF, and save the PDF in a folder on your computer.

4. Copy the content and paste into a text file using Pages, TextEdit, Notes, Stickies, or any app that accepts pasting content, such as ...

5. Create a calendar event and paste the content into the notes section.


Your imagination can probably find a dozen ways.

John Carter Sr.

A Browser Battle

The most popular browser, I believe, is Chrome, which I used for years and liked, but it was/is a memory hog. What is a good alternative browser, you might ask? This article discusses this question, and compares the attributes of three alternative browsers: Vivaldi, Opera, and Brave.

I've used all three, thought all were fine, but have settled on Brave as my browser of choice, at least for right now. If interested, read the article to see what you think.

Jim Hamm

Lime VPN Hacked

In years past, when we traveled, and I was using any public wifi, I'd use a VPN for extra security against hackers 'listening' in to my internet connection. Although all VPN's promise security and no logging of confidential info on a user of the VPN, one must take these promises with a huge grain of salt, as the following story so well illustrates. I hadn't used or ever heard of Lime VPN, and thank goodness for that.

I just took a look at the Lime VPN website, and they clearly state 'no logging of info'. Hmmm? What, then, are the hackers of Lime VPN trying to sell for $13 million, do you suppose?.

Jim Hamm

A hacker just took down LimeVPN’s website, stole over 69,400 sensitive user logs, and is looking to sell them for a $400 Bitcoin payment on a hacker forum. While breaches like this are increasingly commonplace, the real news is how the hacker got the logs since LimeVPN says it is a no-log service.

LimeVPN confirmed that its backup server is what got hacked. PrivacySharks, who initially reported the breach, talked with the alleged hacker who then confirmed that they were able to gain access to the site and shut it down through a security hole.

That backup server contained a database filled with sensitive user account data like email addresses, passwords, and payment information from its WHMCS billing system. The hacker also claims to be in possession of every user’s private key, meaning they are potentially able to decrypt any traffic passing through the VPN service. And now, that hacker is attempting to sell this information to the highest bidder on a renowned hacker forum. They are asking for $400 Bitcoin, which is roughly $13.4 million.

After touting on its website that it didn’t keep logs, LimeVPN is certainly under suspicion now since the hacker was able to jump in and scrape its entire database. Its customers were under the impression that none of their information or activity would be stored on the company’s server and are now the ones having to pay for LimeVPN doing so anyway.

Unfortunately, there isn’t much LimeVPN users can do at this point to stop the breach. However, just to be safe, we recommend users of the service stop using it immediately, take action to protect payment information (like order a new credit card), change the passwords of any sites visited while using the VPN, and watch out for potential identity theft.

The breach serves as a reminder that the vast majority of VPNs are not trustworthy. Most lure customers in with cheap prices and hollow promises of security and privacy without actually being able to back them up. If you’re looking for a (new) VPN service we recommend taking a look at our best VPN services, especially our best overall pick, ExpressPVN. This service regularly undergoes independent security audits to back up its no-log policy.

iO App Store

Apple recently released a 'white paper' on their position regarding their tight control of iOS apps, which can be somewhat summarized in the following quote:

"Apple’s white paper proposes that, were iOS to allow the sideloading of apps, users’ iPhones would be subjected to a relentless onslaught of scams and security exploits, rendering all of their sensitive personal data subject to invasive collection from malicious actors. The paper suggests that a shadowy army of security exploiters and hackers is drooling over the opportunity to invade the 1 billion iPhones that are currently active, and all that is keeping them at bay, currently, is the App Store’s position as the sole legitimate distribution point for apps on iOS devices."

Should you have an interest in reading it, the following article from the TidBITS newsletter discusses this in some detail.

Jim Hamm

https://tidbits.com/2021/07/02/apple-justifies-ios-app-stores-tight-control-in-white-paper/

Apple's M1 Chip

The following Macworld article gives a good summary of probably everything you'd want to know about Apple's new "System on a Chip", also known as the M1 chip. Although the new chip has mostly favorable attributes, it is limited to 16GB of RAM, which apparently is of some concern to some users, who want more RAM. The article mentions that a revised design of the M1 chip might have 64GB of RAM, available by the end of next year. The article also speculates that all Macs will have the M1 chip in about two years.

Jim Hamm

https://www.macworld.com/article/234860/apple-silicon-m1-system-on-chip-macbook-air-macbook-pro-mac-mini-imac-m1x-specs-features-intel-apps-rosetta-2.html

SSD in macOS X

In the past, I have mentioned that enabling TRIM in the OS should not be done if the SSD in question is from Crucial. I contacted Crucial support today to confirm this because I see a lot of articles on how to enable TRIM in a Linux OS and also configure several options to reduce the number of read-write cycles to an SSD. The purpose in reducing the read-write cycles to increase the life span of the SSD.

Recent articles on read-write cycles of an SSD have given rise to a concern that the way Apple has implemented SSDs in computers is going to substantially reduce the life span of the SSD. The culmination of all the articles seems to allay the concerns somewhat by indicating that even under heavy use an SSD will outlast the usable life of the computer.

Here are two short articles provided to me by Crucial:

https://www.crucial.com/support/articles-faq-ssd/trim-and-os-x-operating-systems

https://www.crucial.com/support/articles-faq-ssd/trim-and-ssd-performance-importance

What must be kept in mind regarding SSDs installed in any computer is that in order for either TRIM or Crucial’s Active Garbage Collection to work at all, the computer must be turned on and be left idle for enough time to allow the operation to actually complete the task of garbage collection. The suggestion is to leave the computer turned on and not allowed to go to sleep, either overnight or during the day for several hours. Using the computer and then turning it off or putting it to sleep right away actually prevents garbage collection from happening. Sitting idle for a few minutes at a time might not help either. There is no data on how long a computer must be left idle for garbage collection to work since the factors include computer speed, the size of the SSD, and how much data has to be managed. And herein lies the importance of leaving a minimum of 20% free space in an SSD - to allow garbage collection to properly manage the storage.

With the advent of the M1 (Apple Silicon on a Chip), memory is now embedded in the same chip as the CPU. That memory operates in the same manner as a solid state drive. TRIM is enabled by default. Here’s a system report of my M1 found under NVMExpress:
APPLE SSD AP0512Q:
Capacity: 500.28 GB (500,277,792,768 bytes) TRIM Support: Yes Model: APPLE SSD AP0512Q
For any external SSD, be sure to find one that has garbage collection built in, like the Crucial SSD. If you install an SSD that doesn’t have an internal garbage collection routine, you will need to enable TRIM in the OS (“sudo trimforce enable” which is a command executed in Terminal). Enabling TRIM in the OS does not affect any garbage collection routine built into an SSD.

John R. Carter, Sr.