Kbase Archive

Tim Cook’s Response to the FBI’s iPhone encryption hack request

You’ve probably seen this already, but just in case you missed, it, here’s Tim Cook’s open letter to Apple’s customers regarding the FBI’s demand that they create a “backdoor” that would compromise the iPhone’s encryption so that they can access what they believe to be valuable information about the San Bernardino terrorist attack and the terrorists themselves on an iPhone 5c that was recovered after the tragedy occurred.

Not that my personal opinion matters, but I 100% support Apple’s decision to refuse and to fight this demand. A backdoor like this can’t exist in a vacuum, once it exists at all. Once rung, a bell can’t be unrung.

The letter is here: https://www.apple.com/customer-letter/ and I’ve pasted it below for your convenience.

February 16, 2016

A Message to Our Customers

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.

This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.

The Need for Encryption

Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.

All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.

Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us.

For many years, we have used encryption to protect our customers’ personal data because we believe it’s the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.

The San Bernardino Case

We were shocked and outraged by the deadly act of terrorism in San Bernardino last December. We mourn the loss of life and want justice for all those whose lives were affected. The FBI asked us for help in the days following the attack, and we have worked hard to support the government’s efforts to solve this horrible crime. We have no sympathy for terrorists.

When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

The Threat to Data Security

Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.

In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

A Dangerous Precedent

Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.

The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.

We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.

While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.

Tim Cook

This is why you shouldn’t muck around with your fonts

Bad things happen when you don’t fully understand the implications of adding/moving/replacing/deleting fonts on your Mac.

Yes, that San Francisco font is pretty and you may prefer it over Helvetica Neue, but if you are bad at following the directions you found on that random site on the Internet, this is what happens.

Save yourself the headache — Contact us before all of your dialog boxes end up looking like this 🙂



Fake Paypal phishing email of the day

This is an easy one. The scammers put no effort at all into hiding their nefarious intentions.

I’m confident none of you would ever fall for this! But someone will. And if they click on the link, they’ll arrive at a page that looks very similar to Paypal’s own website. But it’s not. And they’ll attempt to login to their own Paypal account. But when they submit their username and password, they won’t be logged in. Instead, they’ll have just given their credentials over to the scammers, who will surely use it for evil, not good.

If you receive an email that pretends to be from Paypal, but isn’t, please report it to Paypal’s Fraud Department. Then delete the email and move on with your day, after patting yourself on the back for refusing to be fooled.

Giving new life to your older MacBook Pro

With rare exception, current generation Apple laptops can’t be upgraded – or even repaired after accidental damage – in any meaningful or easy way after purchase. That’s the tradeoff we’ve made for wanting our Macs to be thinner, lighter and sleeker. To accomplish that, displays are fused to the glass, proprietary Solid State Drives (SSDs) store all our files, RAM (memory chips) is soldered directly to the logic board and even the batteries are glued to the case. This trend started with the original MacBook Air and through the introduction of the MacBook Pro with Retina Display and it’s now the rule, rather than the exception.

And yet, as recently as the 2009 Macworld Expo, Steve Jobs himself said, “Our pro customers want accessibility: […] to add memory, to add cards, to add drives.” He was introducing the “Unibody” MacBook Pro that day. And he was right!

If you still have one of those Unibody MacBook Pros, made between Early-2009 and Mid-2012 (or an older 2006-2008 Aluminum model), you’re probably struggling to keep up with the demands of newer operating systems and newer technologies on the web, etc. Your computer is slow. Just watching a YouTube video can be a chore. The machine drags, the fans start racing, your super-fast Internet connection feels wasted because the video may download fast, but the playback is still choppy and the audio stutters. But you have a distinct advantage over owners of newer MacBook Pros because you can install a few hardware upgrades and make your 6/7/8 year old Mac perform almost as well as a new one, for only a fraction of the cost.

mbp-upgradesUpgrading your RAM to the maximum it will support (8GB-16GB, depending on the exact model) will cost you an average of $75-$150 for the RAM itself. It’s not even difficult to install on your own and the tools you’ll need to pop the bottom case off for installation aren’t expensive either. But the real life-changer will be replacing your internal storage (which is probably a 5400RPM platter-based hard drive) with an SSD/Flash drive. For under $500 you upgrade up to a 1TB SSD that will really make your Mac fly. While replacing your hard drive is almost as simple as installing RAM, I’d still recommend professional installation since there’s a bit more to it than just popping the old drive out and the new one in. There are more screws and more steps and more things that can go wrong. Although you’ll pay an average of $150-$200 to have a professional take care of this for you, it’s worth it for the peace of mind. And the end result is that for about $800, tops, you can have your older MacBook Pro performing almost as well as a new $2500 model. Both the battery and the Superdrive can also be replaced if you’ve got a few more $$ to spend.

Here’s a direct quote from an email I received from a client of mine last month, after I maxed out his RAM at 8GB and installed a new 1TB SSD running Mac OS X 10.10.x Yosemite into his Late-2008 MacBook Pro 15″ (a 2.53GHz Core 2 Duo – a machine that Apple now officially classifies as “Vintage.”)

Laurie, you are the best! My Mac runs like a Ferrari now! I want to see if I can get it to run for ten more years!

He is a real “car guy” so he recognizes appreciates vintage beauty paired with fast speeds and smooth performance.

If you’re interested in hearing about what upgrade options are available for your own “vintage” Mac, get in touch and we’ll prepare a complimentary no-obligation quote for you.

Weird iOS 9.1 bug when searching contacts

I was setting up a new iPhone 6s for a client today and I noticed something strange… After restoring from the iTunes backup of her “old” iPhone and activating her SIM card, I went to test that the Phone and Messages apps were working as expected. So I opened the Phone app on her iPhone, tapped on Contacts and started typing MY name so that I could make a test call to myself from her phone. But searching came up with 0 results, even when I just typed the letter “L.” So I went back to the Home Screen and opened up the full Contacts app and tried searching for myself from there. Again, no results. Typing any letter at all still gave no results, but I could clearly see there were hundreds of contacts there in the list (including me).

My first thought was that something was corrupt in the backup I restored the new phone from, which was an older iPhone, still running iOS 7.x. Still, I went through some standard troubleshooting steps before I did anything drastic like restoring the phone to factory settings and manually reconfiguring everything. First, I rebooted the phone. That didn’t work. Then I added a new contact and searched for it. That didn’t work. I was on the verge of trying “Reset All Settings” to see if that helped, but I knew the client really didn’t have the time for me to go through and adjust all her settings back the way she likes them. So I decided to ignore the issue for the moment and test the phone by calling it instead of having it call me. So I grabbed my own iPhone (also a 6s, which I updated to iOS9.1 last night) and searched for my client’s name and – you guessed it – no results!

Aha! It’s not a problem with her iPhone. It’s a problem with IOS 9.1. A quick Googling revealed that others have experienced the same issue in the past 24 hours and the fix for most of them was incredibly simple. To fix the issue, try this:

  1. Open the Contacts app from your iPhone’s home screen
  2. Then click on the word “Groups” in the upper left corner of the main contacts screen
  3. Then click the word “Done” in the upper right corner, which will take you back to the main Contacts list.
  4. Now REPEAT those steps in the Contacts section of the Phone app (yes, I had to do it in both places, on both of our phones in order for it to stick.)



That’s it. No need to check any groups on or off, since the groups you want to see contacts from should already be set the way you’ve always had them. Although if they’re not, go ahead and make your adjustments while you’re there.

If you’re seeing the same bug and this fix doesn’t work for you, let me know and I’ll offer some other suggestions!

Apple updates for El Capitan 10.11.1, iTunes 12.3.1, WatchOS 2.0.1, iOS 9.1

Get ’em while they’re hot. BUT, if you don’t already have El Capitan installed (or iOS 9 installed), there may be a good reason why you shouldn’t, so don’t just go installing a new OS without chatting with me about it first. This round of bug fixes is welcome and appreciated, but there are still some issues on both OS X and iOS that could make your life harder instead of easier. When in doubt, ask me before installing new operating systems.

OS X El Capitan 10.11.1 Update
Oct 21, 2015
The OS X El Capitan 10.11.1 update “improves the stability, compatibility, and security of your Mac, and is recommended for all users. This update…”

iTunes 12.3.1
Oct 21, 2015
“Improves overall stability and performance.” i.e. Makes iTunes less crashy

iOS 9.1
Oct 21, 2015
“Includes new features, improvements and bug fixes, including…” You’ve heard about the new middle finger emoji, right? Well there’s taco emoji too!

Apple WatchOS 2.0 – 2.0.1
Oct 21, 2015
“Contains new emoji characters, performance improvements, and bug fixes, including…” What do you mean you don’t even have an Apple watch yet??


Browser pop-up security scams

Ars Technica posted yesterday about an issue that many of my clients have been and/or will be plagued by: Those nasty, scary-looking “CRITICAL SECURITY ALERT” pop-up ads that take over your web browser (Safari, Chrome, Firefox, etc) in order to get you to call some toll-free phone number so that they can save you from the horrible virus/trojan/malware that’s infected your system. If you call the number, the scammers will usually tell you that your computer is infected in some way and you’re at great risk. They’ll use frightening words like Virus! Trojan! Malware! Spyware! Infected! Firewall! Malicious attack! Security compromised! Danger! Risk! But really, the only thing you’re at risk of at this point is of being scammed and the only danger is to your credit card.

Most of the time, the scammers will tell you that they need remote access to your computer so they can show you “proof!” that your computer has been compromised. And if you agree to that they’ll direct you to a LogMeIn Rescue or TeamViewer or GoToMyPC page where you’ll download a small piece of software that will grant them access to view and control your computer (unfortunately often using the same software that *I* use for legitimate purposes to provide remote support). Once they have access they’ll open up the Terminal app on your computer and type in some commands that you won’t understand and they’ll show you the output, which will look very scary and official and technical. At that point they’ll tell you that they can help! They can fix this mess for you! They can clean up all the horrible things that have infiltrated your system and make sure it stays clean and healthy from this day forward… all for the low price of $199 (or similar number). Billed yearly for your convenience. You’ll be so worried that it won’t take much convincing and you’ll gladly read off your credit card number to them because they are doing you a great favor and you want these bugs eradicated.

Some of you have already fallen for this. That’s ok. You’re only human and these scammers really are very convincing. If I’ve been made aware of it after the fact, I’ve already helped you get the credit card charges reversed and cleaned your system of all the nasty bits the scammers leave behind (bloated and mostly unnecessary antivirus programs and spyware of their own, for example). Most of you have been suspicious enough to call me before calling them and I’ve been able to help you get rid of the obstructive pop-up and regain use of your computer without the scammy ad continuing to re-open, effectively preventing you from doing much else.

If it hasn’t happened to you yet, congratulations! But be aware that there’s a good chance you will be hit by it eventually. It’s very common now and no one is immune. Knowing how to react when it does happen to you is what counts. Here’s how:

Force quit Safari to get rid of the ad (Apple menu > Force Quit > select Safari in the list > click the Force Quit button at the bottom of that window).

When you re-open Safari, do so while holding down the SHIFT key on the left side of your keyboard. That will prevent any windows from re-opening in Safari when it opens. 

Then you can go to the File menu in Safari (upper left of the menubar) and select New Window to begin a new browsing session. If you’re still concerned that you might have clicked something nefarious earlier, are seeing other suspicious behavior or these tips aren’t working for you, get in touch and we’ll schedule a checkup and a malware and security audit. And if you want to be a good Netizen, consider reporting the scam to the FTC.



How to take a screenshot

…on your Mac:

You can take screenshots of your whole screen or just part of it. Screenshots are saved automatically as .png files on your desktop.

Take a screenshot of your whole screen

  1. Press Command (⌘)-Shift-3.
  2. Find the screenshot as a .png file on your desktop.


Take a screenshot of part of your screen

  1. Press Command (⌘)-Shift-4. You’ll see that your cursor changes to a crosshair pointer.
  2. Move the crosshair pointer to where you want to start the screenshot.
  3. Drag to select an area. To adjust the area, hold Shift, Option, or the Space bar while you drag.
  4. When you’ve selected the area you want, release your mouse or trackpad button. Or to cancel, press Escape (esc).
  5. Find the screenshot as a .png file on your desktop.
In Mac OS X v10.6 and later, the screenshots are saved as .png files on the desktop. They’re automatically named “Screen Shot (date and time).png.” You can open these screenshots with Preview or other image editing apps.

…on your iPhone, iPad, and iPod touch:

You can capture the screen on your iOS device using the Sleep/Wake and Home buttons.

Press and hold the Sleep/Wake button on the top or side of your iPhone, iPad, or iPod touch, then immediately press and release the Home button. You’ll find the screenshot in your Photos app.

Adding a Google Apps or Gmail account to your iOS device

Go to Settings > Mail, Contacts, Calendars > and click on Add Account

Tap the Google logo

Enter your email address and your email password.  Then tap “Sign in.”

Tap “Allow”

Enable or Disable services as desired.

Anything enabled here will SYNC with the same relative sections of google.com and/or any computer that’s connected to the same account.

Mail should be “on” for most people

Contacts and calendars are optional, but recommended for convenience

Notes is optional and should be disabled if you’re already using iCloud Notes. Enable it here if you’d rather have your Notes synced through your Google account instead.


Tap SAVE when you’re done.

Once the account is saved, change the “description” of the acount by tapping on the “Gmail” account you just added to edit it…

Now tap on your Account at the top of that screen…

Now enter a more meaningful and easily identifiable name in the Description field.

The Description field is what shows (only to you) in your list off Accounts in Mail, Contacts, Calendars. Since people often have multiple accounts listed there, it’s helpful to identify them for easy reference, other you end up with multiple accounts just called “Gmail” even they they are all different addresses.

Most people will benefit by using the actual email address for the description instead of the default description for any given account.


Find | Follow | Fave | Friend