Intego Mac Podcast

An app named Zoom may sound like a good thing, but this app opened the Macs of users who had it installed - including Kirk - to a serious security vulnerability. This led Apple to take the rare action of pushing out a silent security update to Macs. And Josh tells us all about how you find out who creates malware.Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website! Apple has pushed a silent Mac update to remove hidden Zoom web server SilentKnight Apple disables Walkie Talkie app due to vulnerability that could allow iPhone eavesdropping Josh’s talk from Objective by the Sea v2.0:White Paper Slides PDF Brief video with excerpts from the talk Get 40% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

We discuss a number of issues in the news, such as a 17-year old Firefox vulnerability, the threat to end-to-end encryption, and whether Apple should offer a VPN. We also answer listening questions about browser fingerprinting - what is it? we explain - and turning off hyper-threading (we explain that too). AmIUniqueEpisode 83: Epic disasters: ZombieLoad, WhatsApp, Google 2FA Keys, and Microsoft RDPCPUSetterU.S. officials consider end-to-end encryption crackdown17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From DeviceHere’s the next big step Apple should take to protect our privacyEpisode 57: The Advantages of Using a VPN, with CyberGhostAmazon confirms Alexa customer voice recordings are kept foreverGet 40% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

Everyone uses a web browser, on their Mac and their iOS device. But there are many web browsers, and some are better designed to protect your privacy. We take a deep dive into web browsers and discuss the pros and cons of Safari, Chrome, Firefox, and a number of alternatives. Goodbye, Chrome: Google’s web browser has become spy software (https://www.washingtonpost.com/technology/2019/06/21/google-chrome-has-become-surveillance-software-its-time-switch/)Breezometer (https://breezometer.com)The Waste Land (https://apps.apple.com/app/the-waste-land/id427434046)Google Chrome (https://www.google.com/chrome/)Mozilla Firefox (https://www.mozilla.org/en-US/firefox/new/) Firefox Focus (https://apps.apple.com/app/firefox-focus-privacy-browser/id1055677337)Chrome Canary (https://www.google.com/chrome/canary/)Brave (https://brave.com)Opera (https://www.opera.com)Opera Touch (https://apps.apple.com/us/app/opera-touch-web-browser/id1411869974)Waterfox (https://www.waterfox.net)Puffin (https://www.puffin.com)Microsoft Edge (https://www.microsoftedgeinsider.com/en-us/)Get 40% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

There's been a lot of Mac malware appearing lately, and Intego has been discovering many serious new threats. We look at some of these malware, discuss an interesting new OneDrive feature, then talk about installing and using Apple's public betas for macOS, iOS, iPadOS, tvOS, and watchOS.Paprika Recipe Manager (https://apps.apple.com/us/app/paprika-recipe-manager-3/id1303222628?mt=12)OSX/NewTab (and other new Mac malware)OSX/CrescentCore (was originally named OSX/Adspartam)Tweet showing a postal phishing letter (https://twitter.com/MatKendrick/status/1143970477880295424)Microsoft’s new OneDrive Personal Vault protects a folder with 2FA (https://www.theverge.com/2019/6/25/18744045/microsoft-onedrive-personal-fault-secure-folder-storage-2fa)Installing macOS on a separate APFS volume (https://support.apple.com/en-us/HT208891)No, Apple isn’t killing off iTunesGet 40% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

This week, as we are at Midsummer's Day, we look at the final nail in Adobe Flash's coffin, a new Chrome incognito mode feature, the UK's porn block, and a bunch of new malware. Google Chrome 76 beta makes it harder to use Flash, easier to dodge paywalls (https://www.theverge.com/2019/6/13/18678388/google-chrome-76-beta-dark-mode-incognito-flash-paywall)homestarrunner.com (http://homestarrunner.com)Apple restricts online Apple Store access to newer versions of Safari and macOS (https://appleinsider.com/articles/19/06/14/apple-restricts-online-apple-store-access-to-newer-versions-of-safari-and-macos)Josh misstated the NetMarketshare statistics (https://netmarketshare.com/operating-system-market-share.aspx?options=%7B%22filter%22%3A%7B%22%24and%22%3A%5B%7B%22deviceType%22%3A%7B%22%24in%22%3A%5B%22Desktop%2Flaptop%22%5D%7D%7D%5D%7D%2C%22dateLabel%22%3A%22Trend%22%2C%22attributes%22%3A%22share%22%2C%22group%22%3A%22platformVersion%22%2C%22sort%22%3A%7B%22share%22%3A-1%7D%2C%22id%22%3A%22platformsDesktopVersions%22%2C%22dateInterval%22%3A%22Monthly%22%2C%22dateStart%22%3A%222018-06%22%2C%22dateEnd%22%3A%222019-05%22%2C%22segments%22%3A%22-1000%22%7D). By default, they show the market share over the course of a year, so that fact that macOS Mojave hasn't yet been out a year, the results are skewed. With updated statistics - from April to May of this year (https://netmarketshare.com/operating-system-market-share.aspx?options=%7B%22filter%22%3A%7B%22%24and%22%3A%5B%7B%22deviceType%22%3A%7B%22%24in%22%3A%5B%22Desktop%2Flaptop%22%5D%7D%7D%5D%7D%2C%22dateLabel%22%3A%22Custom%22%2C%22attributes%22%3A%22share%22%2C%22group%22%3A%22platformVersion%22%2C%22sort%22%3A%7B%22share%22%3A-1%7D%2C%22id%22%3A%22platformsDesktopVersions%22%2C%22dateInterval%22%3A%22Monthly%22%2C%22dateStart%22%3A%222019-04%22%2C%22dateEnd%22%3A%222019-05%22%2C%22segments%22%3A%22-1000%22%7D) - macOS 10.14 usage is 250% of that of macOS 10.13.Cellebrite Now Says It Can Unlock Any iPhone for Cops (https://www.wired.com/story/cellebrite-ufed-ios-12-iphone-hack-android/)Forbes: UK Porn Block Is Just The Privacy Risk You'd Expect (http://www.forbes.com/sites/emmawoollacott/2019/06/14/uk-porn-block-is-just-the-privacy-risk-youd-expect/)In-the-wild security vulnerability fixed in Firefox 67.0.3 & Firefox ESR 60.7.1 (https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/)OSX/Linker malware found in the wild exploiting recently exposed zero-day Mac vulnerabilityLoudMiner, aka Bird Miner: Cross-platform cryptocurrency mining malware in cracked VST softwareGet 40% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

We discuss running iOS and macOS betas, the new iPod touch, Firefox's coming subscription service, Safari auto-submitting user names and passwords, and how some companies' private policies can be as complicated as Kant's Critique of Pure Reason. iPod touch (https://www.apple.com/ipod-touch/)Mozilla says paid subscription service is coming to Firefox (https://www.theverge.com/2019/6/10/18660344/firefox-subscription-paid-service-vpn-cloud-storage-release-date)Episode 57: The Advantages of Using a VPNWe Read 150 Privacy Policies. They Were an Incomprehensible Disaster (https://www.nytimes.com/interactive/2019/06/12/opinion/facebook-google-privacy-policies.html)Safari Auto-Submitting AutoFilled Passwords (https://mjtsai.com/blog/2019/04/17/safari-auto-submitting-autofilled-passwords/)Everyone hates passwords. Good news: They’re about to die (https://www.fastcompany.com/90344117/everyone-hates-passwords-good-news-theyre-about-to-die)Get 40% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

Apple announced their new operating systems early this week, and we take a close look at the many interesting and useful new security privacy features that will soon be available on your Mac and iOS devices. Trypophobia (Wikipedia) (https://en.wikipedia.org/wiki/Trypophobia)Why some people are freaking out over Apple’s new Mac Pro (https://www.cleveland.com/entertainment/2019/06/why-some-people-are-freaking-out-over-apples-new-mac-pro.html)New Security and Privacy Features in macOS Catalina and iOS 13Three Key Points about Apple’s WWDC AnnouncementsGet 40% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

It's essential that you update your software, both to have improved features, squashed bugs, and security fixes. But should you update your software automatically, or should you wait? How can you best manage software updates on the Mac and on iOS? What every Apple user should know about software updatesVirusBarrier Scanner (Mac App Store)Sparkle (https://sparkle-project.org)Safari Technology Preview (https://developer.apple.com/safari/technology-preview/)Get 40% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

We've called out Facebook many times recently for their security issues, and now it's time to look at a couple of problems with Google. We also discuss the Huawei situation, and how it may affect Apple, and more. Google stored some passwords in plain text for fourteen years (https://www.theverge.com/2019/5/21/18634842/google-passwords-plain-text-g-suite-fourteen-years)Google has been tracking nearly everything you buy online—see for yourself with this tool (https://www.theverge.com/2019/5/17/18629789/google-purchase-history-gmail-email-receipts)G Suite (Wikipedia) (https://en.wikipedia.org/wiki/G_Suite) G Suite security and trust (https://gsuite.google.co.uk/intl/en_uk/security/?secure-by-design_activeEl=data-centers) Google pulls Huawei’s Android license, forcing it to use open source version (https://www.theverge.com/2019/5/19/18631558/google-huawei-android-suspension) Apple’s China Business Faces Another Blow From Trump’s Huawei Ban (https://www.bloomberg.com/news/articles/2019-05-22/apple-s-china-business-faces-another-blow-from-trump-huawei-ban) In Price and Value, Chinese Phone Makers Outpace Apple in Much of the World (https://www.nytimes.com/2019/01/04/technology/china-smartphones-iphone.html) Bloomberg **** the Bed Again on Cybersecurity (https://daringfireball.net/2019/05/bloomberg_shits_the_bed_again_on_cybersecurity) ROT13 (Wikipedia) (https://en.wikipedia.org/wiki/ROT13) Apple is trying to make web ads truly private (https://www.engadget.com/2019/05/22/apple-privacy-protecting-web-ads/) Privacy Preserving Ad Click Attribution For the Web (https://webkit.org/blog/8943/privacy-preserving-ad-click-attribution-for-the-web/)Get 50% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

It's been a busy week for security vulnerabilities. ZombieLoad affects all recent Intel processors, and Apple has issued a fix for it. A serious WhatsApp vulnerability made the evening news because it was so dangerous. And Google and Microsoft had a few issues as well. WhatsApp exploit let attackers install government-grade spyware on phones (https://techcrunch.com/2019/05/13/whatsapp-exploit-let-attackers-install-government-grade-spyware-on-phones/)Facebook's brief explanation of the WhatsApp vulnerability (https://www.facebook.com/security/advisories/cve-2019-3568)You probably weren’t a target of the WhatsApp surveillance hack (https://techcrunch.com/2019/05/14/whatsapp-vulnerability-risk/)Buffer overflow (Wikipedia) (https://en.wikipedia.org/wiki/Buffer_overflow)Remote code execution, or arbitrary code execution (Wikipedia) (https://en.wikipedia.org/wiki/Arbitrary_code_execution)Secure Real-time Transport Protocol (Wikipedia) (https://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol)Microsoft Issues Urgent Fix For Windows In First XP Patch Since WannaCry (https://www.forbes.com/sites/kateoflahertyuk/2019/05/15/microsoft-issues-urgent-fix-for-windows-in-first-xp-patch-since-wannacry/)Titan-ic disaster: Bluetooth blunder sinks Google's 2FA keys, free replacements offered (https://www.theregister.co.uk/2019/05/15/google_titan_bluetooth_key_security_flaw/)Apple security updates (https://support.apple.com/en-us/HT201222)Episode 13: Is My Computer's CPU Secure? (discussion of Meltdown and Spectre)Additional mitigations for speculative execution vulnerabilities in Intel CPUs (https://support.apple.com/en-gb/HT210107)How to enable full mitigation for Microarchitectural Data Sampling (MDS) vulnerabilities (https://support.apple.com/en-gb/HT210108)SGX enclaves (https://software.intel.com/en-us/blogs/2016/06/06/overview-of-intel-software-guard-extension-enclave)CPUSetter (https://www.whatroute.net/cpusetter.html)Get 50% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.