Learn How You Can Adjust Web Site Behavior with Safari’s Site-Specific Settings

/in , , , , , /by

Although macOS 10.13 High Sierra was light on new features, it did bring one welcome addition to Safari—site-specific settings. Imagine that you regularly visit a blog that you prefer to read using Safari’s Reader view. Rather than invoke it each time you visit, you can now set Safari to use Reader automatically on that site. Similarly, if there’s a site whose text is too small, Safari can remember your page zoom setting for that site. Neat, eh?

Here’s how to make the most of Safari’s site-specific settings. First, load a site whose settings you’d like to customize. Then, choose Safari > Preferences and click Websites in the toolbar. You see a list of general settings in the sidebar at the left, followed by any plug-ins you’ve installed. For each setting or plug-in, you can set what happens when you visit the site you just loaded—or, if you have a bunch of sites open in different tabs, you can customize the behavior for any open site. Here are your options.

Reader

Reader view displays an article as a single page that’s formatted for easy reading, without ads, navigation, or other distractions. It’s such a significant change that it’s off by default—you enable it by clicking the Reader button to the left of the URL in the address bar. To turn it on for all of a site’s articles, in Safari’s Websites preferences, select Reader and choose On from the pop-up menu next to the site name.

Content Blockers

Another way of seeing fewer Web ads is to install a Safari content blocker. Choose Safari > Safari Extensions to open Safari’s Extension Gallery, and then scroll down slightly to find the page’s Search field, where you can search for blocker. There are lots—look for one like Adguard AdBlocker that supports Safari’s content blocking API. Once you’ve installed one, select Content Blockers in the Websites preferences. By default, Safari blocks ads on all sites, so choose Off from the pop-up menus for sites whose ad content you want to see.

Auto-Play

Little is more annoying than sites that play a video when a page loads, distracting you from the text you want to read. Even worse are those sites—Macworld, we’re looking at you—that auto-play videos that aren’t even related to the page. Safari squelches auto-playing videos by default, but for sites like YouTube, you might want to allow videos to play. You can also choose to stop only videos that have sound.

Page Zoom

It’s easy to hit Command-Plus to zoom in on a page, increasing the text and graphics proportionally, but who wants to do that every time you visit a page sporting barely readable words? With the Page Zoom setting, Safari will use your preferred zoom every time you visit a particular site. In fact, you don’t have to do anything other than set a zoom level with Command-Plus when you’re viewing a site because Safari remembers it automatically, as you can see in the Configured Websites section for Page Zoom. To tweak it manually, choose a zoom level from the site’s pop-up menu.

Camera & Microphone

Apart from Web conferencing services, you’re unlikely to run across many sites that want to access your Mac’s camera and microphone. That’s why the Camera and Microphone settings default to asking you whenever a site wants permission to record you. If you find it irritating to be asked constantly by a site you use often, choose Allow from the pop-up menu for that site. And if a site asks repeatedly but you never want to allow it, choose Deny to stop the prompts.

Location

Most Web sites that ask for your location want to determine how close you are to particular stores. If that’s information you’re interested in sharing, let them see where you are, by all means. And if you’re using a mapping service that wants your location, it’s entirely reasonable to set its pop-up menu to Allow. But if a site keeps asking and it feels creepy, set it to Deny.

Notifications

Are there sites whose new posts you’d like to know about right away? If they support Web notifications and you give them permission, they can post push notifications that appear on-screen and in Notification Center, just your other notifications.

The Notifications preferences look different from the others because they show only sites that have asked for permission in the past. Safari remembers your choice, and if the site gets annoying later, you can always take back permission by changing the Allow pop-up menu to Deny. And if you never want to be prompted for push notifications—they can be distracting—uncheck the “Allow websites to ask for permission to send push notifications” checkbox at the bottom of the pane.

Plug-ins

It’s impossible to know what plug-ins you’ve installed, but Safari is configured to make sites ask for permission to use a plug-in each time you visit. That’s the safest setting, but for any given site and plug-in, you can use the pop-up menu to give the site access (choose On) or not (choose Off). And if you can’t even remember what a plug-in does, you can deselect its checkbox to disable it.

That’s it! Some of Safari’s site-specific settings work without any interaction from you, such as your page zoom and notification preferences. Others require a tiny bit of configuration, but that’s a small price to pay for the Web working more the way you want.

Having Trouble Switching Apps on the iPhone X? Try This.

/in , , , , , /by

Since the iPhone X lacks a Home button to press twice for the app switcher, you’ll need to switch apps in a new way. To bring up the app switcher, swipe up from the bottom of the screen to about halfway, and then pause until the app thumbnails appear. Then you can scroll through your launched apps by swiping horizontally and switch to an app by tapping its thumbnail. While in the app switcher, you can also force-quit a frozen app: press a thumbnail to get a red minus button and tap that button. Alternatively, you can skip the app switcher entirely. Instead, swipe right on the very bottom of the screen to switch to the previous app—swiping left switches to the next app.

Ransomware: Should You Be Worried, and What Protective Steps Should You Take?

/in , , , , , /by

Malware makes headlines regularly these days, and although Macs are targeted far less than Windows PCs, Mac users still need to remain vigilant. A particularly serious type of malware is called “ransomware” because once it infects your computer, it encrypts all your files and holds them for ransom.

Luckily, despite the virulence of ransomware in the Windows world, where there have been major infections of CryptoWall and WannaCry, only a few pieces of ransomware have been directed at Mac users:

  • The first, called FileCoder, was discovered in 2014. When security researchers looked into its code, they discovered that it was incomplete, and posed no threat at the time. 
  • The first fully functional ransomware for the Mac appeared in 2016, a bit of nastiness called KeRanger. It hid inside an infected version of the open source Transmission BitTorrent client and was properly signed so it could circumvent Apple’s Gatekeeper protections. As many as 6500 people may have been infected by KeRanger before Apple revoked the relevant certificate and updated macOS’s XProtect anti-malware technology to block it.

     

  • In 2017, researchers discovered another piece of ransomware, called Patcher, which purported to help users download pirated copies of Adobe Premiere and Microsoft Office 2016. According to its Bitcoin wallet, no one had paid the ransom, which was good, since it had no way of decrypting the files it had encrypted.

Realistically, don’t worry too much. But it’s likely that malware authors will unleash additional Mac ransomware packages in the future, so we encourage you to be aware, informed, and prepared.

First, let’s explain a few key terms and technologies. Apple’s Gatekeeper technology protects your Mac from malware by letting you launch only apps downloaded from the Mac App Store, or those that are signed by developers who have a Developer ID from Apple. Since malware won’t come from legitimate developers (and Apple can revoke stolen signatures), Gatekeeper protects you from most malware. However, you can override Gatekeeper’s protections to run an unsigned app. Do this only for apps from trusted developers. Even if you never override Gatekeeper, be careful what you download.

Apple’s XProtect technology takes a more focused approach, checking every new app against a relatively short list of known malware and preventing apps on that list from launching. Make sure to leave the “Install system data files and security updates” checkbox selected in System Preferences > App Store. That ensures that you’ll get XProtect updates. Similarly, install macOS updates and security updates soon after they’re released to make sure you’re protected against newly discovered vulnerabilities that malware could exploit.

Also consider running anti-malware software like Malwarebytes Premium or Mac Internet Security X9. That’s not absolutely necessary, like anti-malware solutions are for Windows, but doing so can provide peace of mind, particularly if you regularly visit sketchy parts of the Internet or download dodgy software.

Although regular backups with Time Machine are usually helpful, KeRanger tried to encrypt Time Machine backup files to prevent users from recovering their data that way. Similarly, a bootable duplicate updated automatically by SuperDuper or Carbon Copy Cloner could end up replacing good files with encrypted ones from a ransomware-infected Mac, or a future piece of ransomware could try to encrypt other mounted backup disks as well.

The best protection against ransomware is a versioned backup made to a destination that can be accessed only through the backup app, such as an Internet backup service like Backblaze (home and business) or CrashPlan (business only). The beauty of such backups is that you can restore files from before the ransomware encrypted them. Of course, that assumes you’ve been backing up all along.

If you ever are infected with ransomware, don’t panic, and don’t pay the ransom right away. Contact us so we can help you work through your options, which might entail restoring from a backup or bringing files back from older cloud storage versions. There are even descriptors for some Windows ransomware packages, and such utilities might appear for hypothetical Mac ransomware as well.

To reiterate, there’s no reason to worry too much about ransomware on the Mac, but letting Apple’s XProtect keep itself up to date, staying current with macOS updates, and using an Internet backup service will likely protect you from what may come.

Five Things You Should Never Do with Passwords (and Three You Should)

/in , , , , , /by

Passwords are the bane of our modern existence. Nearly anything you want to do, it seems, calls for a password. As the Internet’s reach extends beyond computers and into phones, TVs, appliances, and even toys, we have to enter passwords with increasing frequency and in ever more annoying ways.

To make dealing with passwords easier and more secure, everyone should use a password manager like 1Password or LastPass. Such apps generate random long passwords like kD*SSDcCl7^6FN*F, store those passwords securely, and automatically enter them for you when you need to log in to a Web site. They are essential in today’s world.

You’ll still need a few passwords you can remember and type manually—for instance, the master password for your password manager and your Apple ID password. Make sure those passwords are at least 12 characters, and we recommend going to at least 16 characters.

If you’re unsure of the best way to create a strong password, try taking the first letter of each word in a sentence you can remember, and also change a few words to digits. Then “Now is the time for all good men to come to the aid of the party!” becomes a password along the lines of Nitt4agm2c2ta0tp!. So that no eavesdroppers learn your password, avoid saying your sentence out loud whenever you enter it! Or, combine four or five unrelated dictionary words, like correct-horse-battery-staple, that add up to at least 28 characters. (Don’t use the examples in this paragraph!)

When possible, take advantage of two-factor authentication on sites like Apple, Google, Dropbox, Facebook, Twitter, and more. Accounts protected by two-factor authentication essentially require that you enter a second, time-expiring password as part of the login process. You’ll get that second password via text message, authenticator app, or other notification method when you log in.

But what we really want to talk about today is what you should not do with passwords. Follow these tips to avoid making mistakes that can undermine even the security provided by a password manager.

  1. Don’t use the same password twice. This is key, because if the bad guys get your password—no matter how strong—for one site, they’ll try it on other sites.
  2. Don’t share passwords with anyone you don’t trust completely. That’s especially true of passwords to accounts that contain sensitive information or that can be used to impersonate you, like email and social media. However, sometimes you have to share a password, such as to a club blog with multiple authors. In that case…
  3. Don’t send passwords to shared sites via email or text message. If someone hacks into your recipient’s email or steals their phone, the password could be compromised. Instead, use a site like One-Time Secret to share a link that shows the password only once, after which the recipient should put the password into their password manager.
  4. Don’t write your passwords on sticky notes. Yeah, it’s a cliché, but people still do it. Similarly, don’t put all your passwords in a text file on your computer. That’s what password managers are for—if someone steals your computer, they can’t break into your password manager, whereas they could open that text file easily.
  5. Don’t change passwords regularly if you don’t have to. As long as every site has a strong, unique password, changing a password is a waste of time, especially if doing so makes you write down the password or communicate it insecurely. If you do have to update a password regularly, a password manager makes the task much easier.

We realize that it’s tempting to take the easy road and share a password with a friend via email or write a particularly gnarly one on a sticky note. But today’s easy road leads directly to identity theft and is paved with insecure password habits. You might think no one would pay attention to little old you, but times have changed, and organized crime is interested in any Internet account that can be cracked.

How to Deal with macOS Server Losing Many of Its Services

/in , , , , , /by

For many years, Apple has sold macOS Server (previously called OS X Server) for those who wanted to run various Unix-based Internet services on a Mac. Server became popular because it put an easy-to-use graphical interface on top of the Unix apps, allowing Mac users to avoid complicated configuration files and reducing the need to work at the command line.

At its peak, Server boasted 24 different Internet services, but since then Apple has pared down what it can do, such that recent versions of macOS Server offer only 13 services. Now, however, Apple has announced that, in a Fall 2018 update, it will be eliminating all but 3 services: Open Directory, Profile Manager, and Xsan storage management.

To prepare for that, Apple has done two things. First, the most popular features of Server—Caching Server, File Sharing Server, and Time Machine Server—are now part of macOS 10.13 High Sierra. Caching Server reduces Internet usage by sharing software distributed by Apple (updates and apps) and iCloud data from one Mac to other Apple devices on a local network. File Sharing Server lets you create a shared folder that multiple Macs can access. And Time Machine Server lets you specify a shared folder as a destination for Time Machine backups from other Macs on the network.

Second, new installations of the current macOS Server 5.6 and 5.6.1 hide quite a few services, including Calendar, Contacts, DHCP, DNS, Mail, Messages, NetInstall, VPN, Websites, and Wiki. If they were configured in a previous version of Server that’s being upgraded, they’ll still be available. For each of the services to be removed, Apple suggests open-source alternatives, but most don’t have Mac-specific interfaces that simplify management.

What to do? If you’re running Server now, nothing needs to change right away, or perhaps even for some time. Nothing Apple does to a future version of Server will affect your existing installation. The only problem is that you won’t get updates that could be important for security, stability, or interoperability. Contact us to see what solutions we recommend for the services you rely on.

That said, if you’re running Caching Server, File Sharing Server, or Time Machine Server now, it might be worth transitioning those to a Mac running High Sierra, though it’s safest to check with us first in case you have a usage scenario that may not transfer cleanly. The first two are easy to turn on and configure in System Preferences > Sharing; just click the checkbox next to their names in the Service list and adjust the settings in the pane to the right.

Time Machine Server is a bit more complicated. To enable it, turn on File Sharing, share a folder (likely on an external drive), and then Control- or right-click the folder from within the Sharing preference pane, choose Advanced Options, and select “Share as a Time Machine backup destination.”

If you’re not currently running Server and are looking to add calendar sharing, a mail server, or an internal wiki, we can’t recommend getting started with Server. It’s not a relationship that will end well, and we can recommend more capable alternatives. Even if you’re just looking for a way of distributing settings to Macs and iOS devices in your organization, Server’s Profile Manager often isn’t the best choice. So again, get in touch and let us know what you’re trying to achieve and we can both make recommendations and help with setup and maintenance.