April 18, 2016
News and Events
Note that there were three vectors i) fake hotel network, and ii) downloading a file (via text), plus one ‘Bluetooth Driveby’
proficient hackers demonstrated hacks.
man in the middle using fraudulently WiFi hotspot
Defense: environmental awareness, and use a VPN.
throw away such messages — it is a fraud.
Bryan will cover this in his presentation tonight.
empower judges to force companies to assist law enforcement
over orders to reveal customer’s emails and a gag order on those orders
Presentation — Bryan Chaffin
FBI versus Apple and The People
1990’s - crypto wars, our intelligence agencies try to prevent encryption technology from being exported.
— so the foreign tech companies developed their own.
— now twenty years later, we are making a similar mistake.
is there a way to let only the good guys to snoop? Reason dictates that is not possible. If keys exist, everyone can look for those keys.
Also, if you give the government the ability to spy secretly on anyone anytime, how long until they get around to spying on you?
Open Source — GnuCash
Questions and Answers
1. Preview has a memory leak when dealing with PDF files. Recently I had to do a lot of work with PDF, and lost 40 GB of disk space. How do I recover this space.
We think it should be a cache file management problem. Also Preview may be saving versions of files, but that should be visible. Maybe virtual memory files are eating disk space. Perhaps a disk optimization program might find the missing space. Use the console to check for recurring errors. Perhaps the logs are increasing without limit.
2. Booting up MacBook Pro, it seems to always use a WiFi connection rather than an ethernet connection, even though the ethernet is plugged in and ready.
In Mac System Preferences -> Network Settings, you can enable several different connections simultaneously. The priority by which each will be used is set by the order in the list of connections in the network settings control panel. If you wish ethernet to have the highest priority, simply drag the ethernet item to the top of the list.
By the way, the same is true for setting the priority of WiFi connections, should more than one WiFi “hotspot” be available in a given environment. Simply drag the item for the most preferred hotspot to the top of the list that is found under Network -> Advanced settings.
(Flash, Java, Silverlight)
No actual damage done for three reasons:
1) the malware was designed to stay dormant for 72 hours (presumably to make it harder to figure out where it came from)
2) Transmission, the vendor, responded promptly with clear and accurate messages to users, and, with an updated version of Transmission that removed the malware. (Bad Version only there for 36 to 48 hours)
3) Apple responded quickly by revoking the developer cert used to sign the malware, and adding the malware itself to XProtect. Revoking the cert stopped the malicious installer from passing gatekeeper, and adding the malware itself to XProtect prevents it from running, even on systems that installed the malware before the dev cert was fixed.
The end result of all this is that it seems like none of the few thousand people who contracted this malware lost any data. So – in real terms this was not actually a major disaster, it was however a near miss!
from Bart Busschots on podfeet.com
FBI Could Crack the Phone…. Here’s how
iOS 9.3 - must have for security
OS X 10.11.4 -
iTunes 12.3.3 -
Watch OS 2.2
Marcus Aiu and Jeff Parker from Quicken presenting.
sneak preview - right now have a per month budget. New: budget over a full year. Currently, this is “alpha” code.
New: direct connect bill pay.
Buy: quicken.com/mac and the Mac App Store.
and vote for new features.
Raffle: a copy
1. Limit the number of emails that are displayed in the recent emails of the iPhone.
Limit the downloading of emails to the iPhone. Try creating folders for different categories of mail, using the tools on the server.
2. When you click on a purchased TV program, can you set the preferences to show only the most recent episodes, rather than the whole list of episodes? Otherwise you do a lot of right swiping to find the desired episode.
We are not sure
The download buffering estimate seems wrong.
This is because of the way Apple TV attempts to estimate, based on the first few bytes, and the byte rate average.
3. When I add events to my Gmail calendar, the events show up in my iPhone calendar, but not vice versa. Can I fix this to work both ways?
On the iPhone, under calendar settings, set default calendar to Google.
The iPhone fetches data from multiple calendars, but creates events in only one calendar.
4. How do I delete a recovery disk (recovery partition).
Normally, you only see the Mac partitions — the recovery partitions are only shown if you use an “option” boot.
Frankly, you should not delete the recovery partition. It is necessary.
5. Is there a way to prevent iCloud from opening upon startup? I have an ATT cell phone modem, called “ATT All Access”. I am shown two successive iCloud sign-in windows, which takes forever to connect.
SVMUG November 16, 2015
Still More on 1Password Metadata (Scroll down to ‘Security Lite)
iPad Pro is Available (Robert has one!!)
Swift Programming for the non-programmer
What is a programmer?
Flexibility, ease of use, portability, and speed
languages before Swift: problems and solutions
What is Swift? How is it different?
Programmers create instructions intended to cause a computer to do some work.
Users are just programmers who believe anything you tell them.
stored instructions: program, playlist, bookmark, app, Macro, script, shortcut, … html, document…
Programmers care about flexibility, ease of use, portability, and speed.
The Facebook web interface makes it very easy to share a post on Facebook,
but you can’t use it to write a program to solve a math problem.
Using Assembly language you can write a program to do anything,
such as posting to Facebook,
but it takes much much more work then using Facebook.
Trade-off: ease of use versus flexibility
Portability is also a concern. Where can I run the program?
Facebook runs everywhere (via web browser).
But assembly language is very specific to the platform.
Speed is also important: how fast is a program after I write it.
— Find the Middle Ground —
Flexible enough yet easy enough
portable enough yet fast enough.
Control Flow: specify the order of execution of program statements
Spaghetti code: a program where the control flow is hard to follow.
With spaghetti code, different parts of your code can be meshed with each other,
so that changing one piece might break some other piece, especially in unexpected ways.
Excel Macros are flexible but not easy to use — makes spaghetti code inevitable.
Furthermore, it is not portable (works only in Excel), and not particularly fast.
— create anything
— easy to create simple elegant code
— portable - everything has a C compiler.
— Speed - very fast
[Sidenote: a compiler takes readable code, e.g. English, and converts it into machine code (or “byte code”).
“The nice thing about C is that you can do everything. The bad thing about C is that you must do everything.”
Solution: object oriented programming: objects encapsulate data with the code that operates on that data.
— code becomes a loose collection of objects.
— the objects are replaceable without great modifications to the rest of the code.
— objects encapsulate code
Objective-C is a strict superset of C.
— perhaps not quite as easy as plain C
— it was designed to portable, but really only used for Apple devices
— fast, but not as fast as pure C
Apple’s Goals for Swift
- open source
- No “silent consent” for unexpected conditions
- Better memory protection
- No selectors.
If Objective-C encounters an unexpected condition, e.g. null pointer, it does nothing, generates no exceptions, no errors.
Swift will deliberately crash the program. This prevents problems later.
Memory Protection: C can wander around in memory, changing stuff that should not be changed.
Swift will enforce array bounds, rigorously check for overflow, and uses no pointers by default.
In C, C++, or Objective-C, it is easy to accidentally modify memory.
Swift does not support selectors. This allows for the creation of private code that other objects are not allowed to call.
Modern: “when Swift was release, everyone said it was just like their favorite language”
— modern nice syntax
— Swift source code is usually shorter than Objective-C source code.
Fast: significantly faster then Objective-C.
Interactive: not a feature of the language, but of the creation tools (Xcode).
— playgrounds execute code automatically.
— — see the results instantly
— — can use Apple frameworks
— — can use image and sound files
— — no need to embed code in complex programs, to see the results.
Open Source: at WWDC 2015, Apple announced that Swift would be made open source by the end of the year.
— it is not the end of the year, yet.
1. Best Swift book for novices is the Apple Swift book. (Currently version 2.1 in iBooks.)
2. How to speed up file sharing between two Macs?
— Use WiFi for the connection.
— AirDrop is also very quick.
3. I am getting restarts in Yosemite. Is this a bad sign? No problems are found in diagnostics. “Your Mac restarted because of a problem.”
— possibly the HD is starting to fail.
— use Disk Utility to read the SMART data on the drive.
— Google kernel restarts - there is an Apple Support Document.
— try EtreCheck
4. How do I view an email in ‘source text’ without opening it?
— you have to open it.
— in the mail list, force touch the mail item or use the menu “view” -> “message” -> “raw”
5. Suggestions of where to start learning programming?
— pick something simple, write it.
— then move on to more complex things.
6. I can calibrate my monitor using the Apple tool. What can I use?
— Use Spyder Pro, X-Rite Pro, etc.
7. New iPhone 6+ — try to transfer my SIM card, but AT&T says I need a new SIM card for new features. What are these features?
— only AT&T knows — ask them at the retail store.
— it might be the WiFi calling, and HQ calling.
SVMUG October 19, 2015
YiSpecter Malware - for iOS
distributed by enterprise administration, not via iOS App Store
Apple Removes ‘Continue Button’ (iOS9)
Enterprise administration can get around this.
Flash - of course - Advice on Flash
Apple Removes Apps that Could Spy
Safari 9m iOS 9.02
iWork for iOS & El Capitan
Apple Ordered to Pay U of Wisconsin
Apple to Report Earnings Oct. 27, Call @ 2PM
Figuring Costs on New iPhones
Gary Allen, Founder of IFO Passes On
Apple Initiates Help for Apple Music via Twitter
El Capitan problems with Office ‘Apple’s Fault’
Apple Launches Program for MacBooks with Screen Issues
IBM Likes Using Macs Photo from the Past
‘ChipGate’ - Much ado about Nothing 1
‘ChipGate’ - Much ado about Nothing 2
Steve Jobs Movie
Economist Review of Steve Jobs Movie
‘Old News’ - Ron Johnson and a Startup
Harry Potter Books on iBooks
1. Is there a browser that will reflow text when you zoom in on a page?
This is, today, mostly related to the coding of the web site: is it “responsive”.
Try using landscape mode to help.
2. I have some old Adobe Type Fonts. Is anyone interested in these?
3. System Report: storage tab displays a lot of device images in “/tmp” with BSD names.
Perhaps you have some old disk images still mounted? Use Disk Utility to locate the offending items, and eject these.
4. What is the safest way to dispose of SysQuest or Bern. disks, with sensitive information?
Drill a physical hole through the disk.
Rumor: Steve Jobs wanted to make a car — he was in to cars.
Tim Cook: a car is the ultimate mobile device.
Software has become more important than mechanics.
Apple is the best software company on the planet.
(Apple has NOT become Microsoft, because Apple doesn’t suck.)
Google may beat Apple with having a ready-to-go car.
But it will not be as “pretty” as Apple’s. Or “neat” as Apple’s.
(Before Google, Larry Page has been thinking about
self-driving cars since the early 1990’s.)
Apple has special experience in power conservation.
The Apple car will a luxury item, maybe at $70,000.
August 17, 2015
Silly season: DefCon and Black Hat conferences
An attack using Thunderbolt cable chips as a infection vector.
However, it is a low impact.
Screen shot of a scammer attempt
— this ransomware that targets naive Windows users.
— completely bogus
Screen shot of Apple Fixing bad stuff
“Installer” will damage your computer. You should eject…
— this is a real warning, generated by the Apple malware scanner.
— pay attention if this pops up on your computer.
Zero Day Privilege Escalation Bug in OS X Yosemite (patched)
has been patched in 10.10.5
Cyber Flashing & How to Stop It
A woman on the London subway opened her phone
and saw a genitalia image (a human flasher). The
vector was AirDrop, so it was a naive user enabled
Be sure to update.
Don’t run Flash unless you have to.
And just today, an Italian research found a theoretical
vulnerability. He notified Apple, but then one hour later,
released the details to the public. Normally, such a
researcher would wait for the company to respond.
This was very bad on his part.
10.10.5 - Very important - contains lots of security fixes
iOS 8.4.1 - also lots of security fixes
— beat estimates in revenue and eps,
but not for iPhone unit shipments.
50% off Selected TCO Books for MUG Members
Presentation - Home Automation
by John Rich, author and journalist and photographer, www.JasonRich.com
Download this presentation from www.JasonRichClasses.com
Automate your home and vehicle using smartphone or tablet, with technology that is available today.
Your iPhone and/or iPad can become a powerful remote control for many other devices and appliances.
Door Locks & Doorbell
Television & Stereo
Vehicle Navigation (GPS)
Hands-Free Cell Phone
Q and A
1. Thunderbird email app - accidentally closed inbox viewer. How do I get it back?
— we will investigate
2. When I expand Finder column widths, it does not persist when I open new Finder windows.
— hold the option key when dragging the column borders.
3. Apple ID - cell texts go arbitrarily to either Messages or email. How do we set this?
— Messages will try to use the relay of “Messages to Messages”, but if you are offline, it will use a secondary method, e.g. email, cell SMS.
4. I need help loading 10.5 onto a G4 Powerbook.
— 866 MHz CPU and 512 MB RAM is required.
5. When I copied a file, the file size was different on the copy. Why?
— Maybe block sizes are different. Maybe the metadata was changed. Maybe the copy is more efficiently de-segmented.
July 20, 2015
Earnings for FY Q3 Tomorrow
iTunes 12.2 NOTE: NEW TCO BOOK OUT, See Discount code on Agenda
***PLEASE BE RESPECTFUL OF THIS CODE***
Apple Music - Jeff Gamet, Managing Editor of MacObserver
Apple Music is part radio station, part streaming music, part music storage, and part musician social network. That’s a lot for for a single new online music service, and depending on how you use Apple Music, it can be a little confusing. Jeff will show us the new features that Apple Music gives us and point out what’s changed from iTunes Radio and iTunes Match. We’ll also find out which devices support listening to Apple Music.
Via Skype and the MacObserver Web Site.
Catch Jeff’s weekly podcasts.
What is Apple Music, as compared to iTunes, iTunes Radio, iTunes Match?
1. Beats One — Apple’s own Internet radio station
much like a traditional radio station,
with DJ’s, music, interviews, call in requests, etc.
“old school radio station”
Zane Low is the station manager.
Beats One focuses on Pop Music.
Maybe in the future, there will be a Beats Two, Beats Three,
and so forth for separate genres of music.
2. Apple Radio — this is iTunes Radio retooled.
This is a genre selectable streaming service.
A computer algorithm put together the stream
for iTunes Radio, and made odd choices at times.
However, human curators put together the streams
for Apple Radio. The ideal is to hear a mix of songs
that you already know with news songs that you do not.
3. “For You” music collections — hand curated recommendations.
iTunes Match vs. Music in the Cloud
iTunes Match — takes your purchased library and puts it in the
cloud so that it is available from the Cloud on any of your devices.
The purchased library includes CD’s that you have ripped into your
library. The artist royalty was paid out of your original purchase price.
Apple Music in the Cloud — you can listen on demand to any item
in the catalog of iTunes, and the artist is paid a per-play fee.
This is a subscription service.
Apple chooses the music curators very carefully,
looking for expertise in the given genre.
DRM - Digital Rights Management — Apple Music allows you to download music for per-play-fee listening, under your monthly subscription. So it has copy protection. This means that should you end your subscription, any downloaded songs still present on your hard drive will be unplayable.
If you have a given item in your purchased library, you will play the non-DRM file. If you do not have the item in your purchased library, you will download and play the DRM file.
Without Apple Music Subscription, you get these services:
listen to any music you've purchased, ripped, or uploaded to your device.
(If you pay $24.99/year for iTunes Match, you'll be able to listen to any music
you've uploaded to iCloud, regardless of whether it's on your device or not.)
listen to Beats 1 radio, view and follow an artist's Connect stream,
listen to ad-supported Apple Music radio stations
(which replaces the current iTunes Radio interface)
—though you'll only have limited song skips available.
With Apple Music Subscription, you get these additional services:
Apple Connect — a social network for artists to interact with fans
(but not for fans to interact with artists).
It is the modern version of “liner notes”.
Jeff believes that Apple Music is aware of your connection method, e.g. LTE versus WiFi, and will appropriately choose the best bitrate for the given connection. So you LTE data plan will not be overwhelmed.
The CrossWire Bible Society is an organization with the purpose to sponsor and provide a place for engineers and others to come and collaborate on free, open-source projects aimed at furthering the Kingdom of our God. We are also a resource pool to other Bible societies and Christian organizations that can't afford-- or don't feel it's their place-- to maintain a quality programming staff in house. We provide them with a number of tools that assist them with reaching their domain with Christ.
The heart of most projects here at CrossWire use a common technology called The SWORD Project.
— a Bible reading and study app for iDevices
— by CrossWire Bible Society
It is more than just Bible study. It provides for language studies,
learning foreign languages, learning grammar of your language.
Runs on desktops (Linux, Windows, Mac), and on smartphones.
There is a Java version as well.
Eloquent (formerly known as MacSword) brings the power and versatility of The SWORD Project to users of OS X, along with a beautiful Aqua interface.
Discussion: “does not seem to have been deployed”
Windows Update Cautions - Sequence is Crucial this time
More (Update) on Superfish - Government Certificates not an issue AFAIK, Superfish is an issue
“… it took about 3 hours to reverse engineer the Lenovo/Superfish certificate and crack the password. In this blog post, I described how I used that certificate in order to pwn victims using a rogue WiFi hotspot. This took me also about three hours.”
— stolen credit cards are used by thieves on their own Apple Pay
— not really an Apple Pay problem
Apple Updates for FREAK Vulnerability & More (Note, this is iOS, Mac OS & Apple TV)
Tim: Tell us how/where we can do better http://apple.com/feedback
The Internet of Things
Withings scale, Nest thermostat, …
Previously at Frog Designs.
You do not want separate apps for each smart device.
How about URL’s instead?
The growth of smart devices will be exponential, and getting more apps is not going to scale with that growth.
Furthermore, apps are being drown in the number of App releases.
40% of apps on the Apple store have NEVER been downloaded!
The goal is to get the controls of smart devices to scale like the web scaled.
The smart device sends a bluetooth code to bring up its web page. It is a discovery service for the devices in your immediate environment.
It has to be decentralized.
Discover - Rank - Interact
It is not a Google product — it is a web product.
Bluetooth LE sends out an advertising packet, once each second.
The packet is a URL, e.g. “http://coke.com/v/23432” from a coke machine.
A phone comes by and checks what is nearby, e.g. the coke machine.
These physical devices create the physical web.
Bus stops, vending machines, restaurants, groceries, home controls, etc.
But it only shows you things when you ask to be shown.
Users can opt-in to letting the system gather anon. data.
Your past behavior will be used to rank the most interesting things for you.
It is like QR codes, only broadcast over Bluetooth LE.
The web site, e.g. http://coke.com, can send instructions to a vending machine, that you have paid with ApplePay, and you want a Diet Coke.
simple web: smart device sends you a link to the web
triangular web: the web server tells the smart device what you want.
direct connect: your phone talks to the web server, and also to the smart device.
The project is on Github, with more than 3400 developers watching, participating.
physical web is available on the Apple iOS store.
1. Odd email problem with Apple Mail on my computer, Mavericks.
Outbox items are not being sent.
This might be a known problem with Gmail, where the SMTP server keeps dropping off the list.
Maybe check the Taking Control of Apple Mail book.
Some big providers, e.g. Comcast, are not letting mail work except on their network.
2. My old printer is not working under Yosemite. It is a Canon.
Apple Support may be able to help — call the support number.
Try generic printer driver.
Keep checking the Canon site for new driver downloads.
3. When I use Siri to initiate a phone call over a bluetooth headset, it drops the headset just as the call starts.
Check your preferences, and make sure you preference is to use the headset for phone calls.
4. QEMU - running Windows programs on Mac. http://wiki.qemu.org/Main_Page
5. Best practices for Time Machine backup:
external drive direct connect is the best, using Thunderbolt.
WiFi network drives allow multiple machine backups.
6. Under Yosemite, can I have an app start up automatically?
Yes -- under Users account, set up in login items.
and also by using contextual menu on a Dock icon.
7. How do I uninstall MacKeeper?
Go to www.thesafemac.com for instructions.
Also try "App Delete" or "App Zapper".
Do not trust the MacKeeper provided uninstaller.
Pages by Michael Cohen
Author of Take Control of Pages
Why was Pages rewritten by Apple?
— because the market is now been led by iDevices as opposed to desktops or laptops.
— Apple wishes to have continuity of appearance and operation between iOS and Mac OS X.
Part of the cross compatibility is that Pages will recognize when a given device does not have a font which is used in a document, make the appropriate substitution, but without changing the original font assignment.
Alas, we lost newspaper style column flows, mail merge, and other utilities.
So many people are complaining that “Pages was dumbed down”, but this is unfair. Pages remains a sophisticated document authoring tool. The new Pages is not stupid.
1. Bluetooth keypad (LMP) is not communicating with my Mac. The connection was lost suddenly. The battery is fine. It will not pair with the computer.
— try leaving the battery out for more than 24 hours, to clear out residue data in the memory.
— in the Mac, tell it to forget the given bluetooth device, and discover it fresh.
2. If I have 5 GB in Dropbox, when I install Dropbox on my iOS device, will it take up 5 GB? Can I selectively sync only certain folders of the Dropbox?
— yes, you can choose, on each device individually, which folders will be sync’ed.
— we will investigate.
NEWS January 26, 2015
REMINDER: FEB MEETING WILL BE THE 4TH MONDAY OF THE MONTH
FEB 23, 2015
Dave Peck on VPN software and use.
What is CloaK?
Keeps you safe when you are connected to WiFi networks in the wild.
It is a easy to use VPN.
Three freelancing software developers put it together.
They wanted to make a VPN that was Mac-like and Mac-friendly
Why should you care?
Unprotected WiFi can be dangerous.
For example, Firesheep is a FireFox plug-in that allows snooping of communications on a WiFi network.
It would even automatically log in to Facebook as some one else when a log-in was detected on the network.
Cloak provides value where HTTPS is not in use.
Cloak prevents passive snooping.
What is a VPN?
virtual private network
Every byte will be encrypted before it is sent from the local client.
A special VPN server receives the encrypted data, unwraps it,
and forwards it alone.
How is this different from TOR?
How does it affect workplace snooping?
What about other platforms?
We love our Apple devices, which is why when we first built Cloak we built it for Macs, iPhones, and iPads. But we haven't forgotten Android, Windows, and Windows Phone — and perhaps someday in the future, we'll have more to say about them!
How many Cloak accounts do I need?
One! You can use one Cloak account with as many devices (Macs, iPhones, iPads, etc.) as you like.
(We only ask that you keep it to one account per person.)
Do you support Yosemite?
Of course. We're all about Apple.
Do you support iOS 8?
Try for free for 30 days.
$9.99 per month for unlimited service.
$2.99 for 5 GB per month.
Given how much of our daily life and business is conducted online, the question isn’t really if you can afford to sign up for Cloak — it’s if you can afford not to.
Dan Moren, Macworld
SSL is pretty much broken - so people should be using TLS.
POODLE was an attack that caused a client browser to downgrade from SSL to TLS.
The terms SSL and TLS are often used interchangeably or in conjunction with each other (TLS/SSL), but one is in fact the predecessor of the other — SSL 3.0 served as the basis for TLS 1.0 which, as a result, is sometimes referred to as SSL 3.1.
It used to be believed that TLS v1.0 was marginally more secure than SSL v3.0, its predecessor. However, SSL v3.0 is getting very old and recent developments, such as the POODLE vulnerability have shown that SSL v3.0 is now completely insecure (especially for web sites using it). Even before the POODLE was set loose, the US Government had already mandated that SSL v3 not be used for sensitive government communications or for HIPAA-compliant communications. If that was not enough … POODLE certainly was. In fact, as a result of POODLE, SSL v3 is being disabled on web sites all over the world and for many other services as well.
SSL v3.0 is effectively “dead” as a useful security protocol. Places that still allow its use for web hosting as placing their “secure web sites” at risk; Organizations that allow SSL v3 use to persist for other protocols (e.g. IMAP) should take steps to remove that support at the soonest software update maintenance window.
Subsequent versions of TLS — v1.1 and v1.2 are significantly more secure and fix many vulnerabilities present in SSL v3.0 and TLS v1.0. For example, the BEAST attack that can completely break web sites running on older SSL v3.0 and TLS v1.0 protocols. The newer TLS versions, if properly configured, prevent the BEAST and other attack vectors and provide many stronger ciphers and encryption methods.
Cloak includes “Overcload”, which makes sure that when you change networks, no communication is made until the security has been established.
Cloak provides security for the immediate network, but not for the global network — The NSA can still get you.
Open Source Corner
Treat icons on a web page like styled text.
The iconic font and CSS toolkit
Font Awesome gives you scalable vector icons that can instantly be customized
— size, color, drop shadow, and anything that can be done with the power of CSS.
Free, as in Speech
Font Awesome is completely free for commercial use. Check out the license.
One Font, 519 Icons
In a single collection, Font Awesome is a pictographic language of web-related actions.
Q & A
1. Got a new MacBook Pro. Having trouble connecting Firewire 400 drives via an adapter. Does not work with USB either. The drive is a 5.25 with its own power supply. The drive works fine with older computers under Firewire 400.
We suspect the adapter is not good, but as USB is not working, something deeper might be going on.
Perhaps the bridge chips in the cables?
2. Any experiences with upgrading from Mavericks to Yosemite?
Most experiences seem to be good.
Read “Taking Control of Upgrading to Yosemite”
3. How to use AirDrop on a Mac?
4. Does iPhoto work on Yosemite?
Yes. But bear in mind the Photos will replace iPhoto and Aperture.
5. Demo Handoff.
6. Recurring directory corruption on internal hard disk.
Very intricate problem — we can only recommend AppleCare. Something is actively damaging your disk — perhaps a third party hardware, like one of the external drives.
svmug December 15, 2014
Our annual solstice pot luck holiday goodies meeting.
WireLurker - lesson: do not install unsigned applications.
MSFT Office for Mac, and IE as well
Adobe Flash has another problem - please do updates.
Sony is threatening to sue reporters who pass along stolen information.
United Air Lines has purchased iPhone 6+ for flight attendees.
An "antique" market has developed for first generation iPhones and classic iPods.
iOS 8.1.2 has been released
-- a member reports that the update 'bricked' some iPhones, apparently older models.
Reminder: January and February 2015 meetings will be on the fourth Monday of each month. Jan. 26 and Feb 23
eBook price fixing case was ruled in favor of Apple, but is now in appeal. It could go to the Supreme Court.
Why password managers are important
Do you use the same password for more than one site?
It is a common mistake. The problem is that if some one gets your password from one site, they will have it for your other sites as well.
You need to use unique passwords for each site.
But will need help to generate the passwords, and help to remember the passwords.
That is the purpose of password managers.
1Password: AES 256 bit encryption, convenient and simple
-- with browser integration
Create a strong password for the master password, but it needs to be memorable.
Recommendation: use four random words: "correct horse battery staple"
supported browsers: safari chome firefox opera
Look at the blog, for apps that love 1Password
BAckup data using the 1Password emergency kit.
Use the security audit to find duplicate passwords, weak passwords, old passwords.
Use the Watchtower to fetch information on which web sites have been hacked.
• Apple Gives New Contract to Samsung for Chip Manufacturing
November 17, 2014
The Korea Times reports that Apple has given a new contract to Samsung, whereby Samsung will manufacture 80% of iPhone and iPad chips, staring in the year 2016.
This past year, Apple had switched to chips made by the Taiwan Semiconductor Manufacturing Company (TSMC), leaving Samsung only a small fraction of this business. The effect on Samsung was devastating - profits fell significantly.
Why was the new deal signed? Speculation is that TSMC was not able to meet the specifications and chip yield required by Apple.
However, Samsung's own smartphone business continues to suffer, but not because of Apple. Samsung's market is low cost smartphones, where the competition is Xiaomi and Lenovo. Both of these companies are able to undercut Samsung pricing for smartphones.
Apple OS Updates
Mac OS X 10.10.10
improves WiFi connectivity
Eric Jhonsa, SA News Editor
• BMO's Keith Bachman reports seeing improved U.S. iPhone 6 (NASDAQ:AAPL) supplies. "Whereas the iPhone 6 Plus was very hard to find a few weeks ago, supply has improved ... Whereas Apple stores were sold out of virtually all iPhone 6 models a few weeks ago, retail stores now appear to have almost half of the iPhone 6 models across the various carriers available for walk-in."
• Bachman does note there's still "virtually no available stock of iPhone 6 at carrier partner stores, such as AT&T and Verizon." However, online wait times at carrier stores have fallen in half to ~10 days.
• Apple has added UnionPay, China's dominant payment-processor, as an App Store payment option. UnionPay credit/debit card holders will be able to link their cards with their Apple IDs, something Internet software/services chief Eddy Cue calls "one of the most requested features from [Apple's] customers in China." Quartz notes the agreement could pave the way for an Apple Pay deal.
• While TSMC (NYSE:TSM) is manufacturing Apple's 20nm A8 processors, Samsung has been expected to supply a large portion (if not all) of Apple's A9 processors, leveraging a 14nm FinFET (3D transistor) process it's developing with Globalfoundries.
Eric Jhonsa, SA News Editor
• Intel (NASDAQ:INTC) has officially launched its MICA smart bracelet (previous). The device is priced at $495, and aimed at women. It features a 1.6" OLED display, and delivers texts, e-mails, and Facebook/Google notifications over AT&T's 3G network. Two years of free data is bundled.
• Much like Qualcomm wth its Toq smartwatch, it doesn't look as if Intel's goal is to challenge Apple and Samsung's wearables, but to provide a proof-of-concept for OEMs looking to create similar hardware running on Intel processors. Intel began shipping its low-power Quark CPUs this year, and has also developed Atom CPUs meant for embedded devices.
• Meanwhile, Intel has shared more details Knights Landing, an upcoming 14nm product for its Xeon Phi co-processor line (used in HPC/supercomputer systems), and added Knights Hill, a successor product that will use a 10nm process, to its roadmap.
• Knights Landing, which succeeds the current Knights Corner in 2H15, is said to deliver a 3x improvement in single-thread performance. It includes up to 16GB of memory, can work either as a co-processor or a standalone processor, and relies on a new interconnect fabric (called Omni-Path) that Intel promises will deliver better performance and require fewer switches than the widely-used InfiniBand - that makes it a potential challenge for Mellanox (NASDAQ:MLNX).
• The product takes aim at Nvidia's (NASDAQ:NVDA) leading position in the HPC co-processor market. Today, Nvidia unveiled the Tesla K80, a high-end HPC co-processor said to deliver 8.7 teraflops of single-precision throughput (74% above the prior-gen K40). The K80 sells for $5,000, and contains two of Nvidia's new (28nm) GK210 GPUs.
Apple Pay's 3-Week Report Card Shows A Promising Start
Nov. 17, 2014 7:26 PM ET | 3 comments | About: Apple Inc. (AAPL)
By Aman Jain
Apple Pay is garnering decent number of users on a per store basis, but without NFC-enabled smartphones, the growth will be limited for now.
Apple (NASDAQ:AAPL) Pay service has witnessed a decent start, with Whole Foods (NASDAQ:WFM) telling The New York Times it received 150,000 transactions in the three weeks following the launch of the service. Though the number is not extraordinary, it is substantial for a single store to garner such numbers from a brand new service with limited device support.
Apple Pay making inroads
Other merchants have not yet released their statistics, but are indicating that the numbers are decent. According to the report, Walgreens' (NYSE:WAG) mobile payments increased two-fold and McDonald's (NYSE:MCD) is receiving half of its mobile payments through Apple Pay now.
Apple Pay was released on October 20th as a part of the iOS 8.1 update, and since then, the service has been in swing, with McDonald's and Walgreens seeing the most number of Apple Pay payments. At McDonald's 14,000 U.S. locations, 50% of all tap-to-pay transactions were done with Apple Pay. Walgreens, with its 8,000 drugstores, says the number of mobile payments has doubled since Apple Pay was enabled.
Some merchants are seeing little-to-no change with the release of the payment service from Apple. Toys "R" Us said that there has not been any notable surge in its mobile payment numbers, and cash and credit options are still more popular than Apple Pay.
Rival services noticing surge
The success of Apple Pay cannot be ensured just yet, and much depends on the additional hardware support and cooperative retailers. The payment service from the iPhone maker is not showing startling numbers, but it is encouraging greater use of other tap-to-pay services such as Google (NASDAQ:GOOG) (NASDAQ:GOOGL) and Softcard, as both the services noted that they have seen a surge in usage over the past few weeks.
The NY Times report noted that a lot of service usage depends on the strength of the Apple brand and the easy-to-use features of pay service. Apple Pay service needs the NFC feature, but a substantial part of the population in the United States does not have NFC-enabled mobile, which makes it difficult to garner a whole lot more NFC payments. However, with a growing number of customers buying the iPhone 6, companies are now ready to offer the payment feature.
HTTP header, X-UIDH, is injected into your requests to an web site.
The web site can use server side processing to identify you via this header.
When you are using a connection via an ISP account Hotspot or home modem, your identity can be associated with your requests by attaching the X-UIDH header. This is done in route by the ISP — you have no control over this from your client computer.
At the destination web site, this X-UIDH value can be read. The destination server can send the value back to the ISP, to query for the associated user information. This will typically be for a fee paid to the ISP by the site owners or by a third party “Ad Exchange”. The site owners or any third party they work with can track what you look at, for how long, and how frequently.
Because the same X-UIDH value is attached to your requests for all web sites, the data can be consolidated to build a full profile of your web usage.
This only works if you are connected via your ISP account, not if, for example, you are using a public WiFi at your local library. It also only works for unencrypted connections, but most consumer oriented sites are only encrypted for the purpose of monetary transactions or sometimes for delivery of protected content.
You can choose to use public connections, but that is inconvenient, and in some cases, risky. You try a proxy service, but that is not easy.
The Perma Cookie technique is known to have been used only by AT&T and Verizon. AT&T has indicated that while it ran a test of Perma Cookies, it is not using such at the time of this report. Verizon seems to be actively using Perma Cookies.
State Department hacked on Sunday. It is said that only unclassified email and documents were compromised.