WireLurker: Yet Another iOS Malware threat that you don’t have to worry about

November 8, 2014 at 6:27 pm (Apple, Current Events, iDevices, iPhone/iPod Touch) (, , , )

Get ready to start defending your common sense practices again with regard to your iDevices.  A Computerworld magazine screams, “Panic!” regarding “Horrible Apple iOS virus; vectored via USB: WireLurker is ‘new brand of threat’”. I’m sure Chicken Little is running around somewhere with his cute little hardhat in place to protect said cute head from the fallout of the latest malware threat.  As usual, the majority of users need not worry.  

This latest malware threat is called WireLurker, a catchy name for this critter that spreads via “trojanized/repackaged OS X applications” found on a third-party Mac app store in China.  The Maiyadi App Store has nearly 500 apps that have been infected, and those infected apps have been downloaded over 350,000 times.  The app store is quite popular because it allegedly offers popular Mac apps for free.  Step right up and get your infected copy of Angry Birds, The Sims, and more. 

Remember, if it seems too good to be true, it probably is.  Saving a buck or two is just not worth it when it comes to the well-being of your iDevices, not to mention you’re cheating developers out of their hard-earned money.  What makes this malware different from others is that WireLurker can hop from an infected OS X computer to a non-jailbroken iDevice via USB. However, the user still has to trust the computer and approve the installation.  Nothing new here, kids.  As long as you don’t say, “Ok, I trust you, now let’s go ahead and continue to install and run the free version of this app that I know I should have paid for but I didn’t”, you should be ok. Is it really worth the risk to save two bucks and cheat the developer out of the money he should have gotten for making this cool app? As long as you use common sense, only download apps from the Apple store, and don’t download software from third party sites (especially in China), you should be just fine.  

Permalink Leave a Comment

1Password App Extension Coming in iOS 8

August 6, 2014 at 9:48 am (1Password, Apple, Applications, Current Events, iDevices, iPhone/iPod Touch, Productivity) (, , , )

One of the really cool things announced at Apple’s WWCD this year was the addition of app extensions for iOS 8 (iOS is the operating system that runs our iDevices).  When you log in to an app on an iDevice, you have to do the copy and paste dance of going to 1Password (or your notes or wherever you have your login info), go back and forth between the screens a couple of times, until you submit the info and successfully log in to the app…unless you use the same password for everything, but you don’t do that, right?  Because that’s just wrong, and setting yourself up for a world of hurt.  So, the announcement about app extensions was fantastic!  Because now, you won’t have to do that do-si-do anymore.  There is a short video at 1Password’s blog where you can get a look at the coolness of it.  More info will be coming soon, but I can’t wait for this feature.  Be sure to let your favorite app developers know that you want them to use the 1Password extension with their apps. 

Permalink Leave a Comment

Where do you keep your Passwords? No More Sticky Notes!

June 8, 2014 at 11:31 am (1Password, Apple, Applications, Current Events, iDevices, iPhone/iPod Touch, Productivity, Products, shareware) (, , , , )

I realize I’ve been hyping the fantastic 1Password app quite a bit lately.  There’s a good reason for that.  It’s the best.  If you care anything about your data, you owe it to yourself to protect it.  That means using 1Password. 

 

Friends frequently ask me what 1Password is, what it does, why they need it, and many other questions.  I’d gotten my “elevator spiel” down to about a minute or so, but I was afraid of being inconsistent, or leaving out something important, (especially with all the new features added recently), or just freezing up (it happens sometimes). But, now there is something even better. 


Now there is a real video, complete with snazzy soundtrack, that can be clicked and watched again and again. Keep watching until you realize that you cannot go another minute without the muscle that 1Password provides.   

 

Enjoy this brief video, then head on over to 1Password and pick up a copy today.  


Permalink Leave a Comment

Apple iDevices Held for Ransom Down Under: Don’t Reuse Those Passwords, Mate

May 29, 2014 at 2:13 pm (1Password, Apple, Applications, Current Events, iDevices, iPhone/iPod Touch) (, , , )

Something interesting happened in Australia recently when Mac, iPhone, and iPad users were hacked using Apple’s Find My iPhone feature to lock devices and send ransom messages to the owners. They demanded a $50 “unlock fee” to be paid via PayPal payment from the owners. 

 

While it wasn’t immediately evident how these hackers gained access to the devices, it was soon ascertained that they obtained the information from a data breach. Because many people reuse passwords, it is likely that the hackers found people who used the same passwords for the accounts from the data breach and their Apple ID, which then allowed them control of  the iDevices. 

 

Apple made a brief statement to let people know that iCloud was not compromised.  They also advised those affected to change their passwords. They can also go to their local Apple store or call Apple Care if they need additional assistance. 

 

This reinforces the sensibility of utilizing two-step authentication whenever possible, and reminds users to never reuse the same password across accounts. It also reiterates the need to use a good password manager such as 1Password to create strong passwords for all your accounts. Until next time, be safe with those passwords folks. Friends don’t let friends reuse passwords.  


Permalink Leave a Comment

The Heartbleed Bug, 1Password, Watchtower, and You

April 18, 2014 at 6:58 pm (1Password, Apple, Current Events, iDevices) (, , , , , )

Anyone who has spent any time with me knows that 1Password is one of my favorite applications.  It ranks right up there with Evernote, TextExpander, and Dropbox for must-have, can’t live without applications for Mac and iDevices alike (and even Android and Windows folks are covered).  1Password has long been my go-to app for password management, secure note storage, software license info, and general account and login information. It even helps me complete online orders quickly, easily, and securely. 

 

Heartbleed logo

 There was a new bug discovered recently called Heartbleed.  This bug is of the electronic variety, not the pesky outdoor variety…although both have the potential to be particularly troublesome.  The Heartbleed bug affects most all of us in one way or another.  It has been shown to be a serious vulnerability with SSL encryption, which is used to provide security over the internet for many applications such as instant messaging, web applications, email, and some virtual private networks (VPNs). SSL is the ’s’ in https, or to break it down a little more, it is what usually keeps your information secure and is shown by the little padlock icon in your browser’s address bar.  Without getting too technical, the Heartbleed bug essentially allows the bad guys to access what the user thought was their secure data, such as account user names, passwords, and possibly even the actual content. 

 

In order to fix it and recover, the owners of the services and the service providers must patch the vulnerabilities and distribute new versions that clients will implement generally by upgrading their software. Additionally, users should change their passwords, 

 

Most everyone is affected in some way, largely because of the widespread popularity of OpenSSL. In addition to being used by many social networking sites, blogging sites, ecommerce sites, and even some government sites, OpenSSL is also used for mail and chat servers, and VPNs (virtual private networks). It is very difficult to detect because the bug leaves no trace of abnormalities in the user logs. 


Dave Teare, co-founder of AgileBits, and developer of the aforementioned awesome password management software, 1Password, released a newsletter to users to inform them of the Heartbleed bug, and to let them know how 1Password can help them defend themselves. 

 

1Password was not affected by Heartbleed because it uses a different type of encryption. The data within 1Password is completely safe.  However, you will need to change your password for any websites that were affected.   

 

1P logo

 1Password makes it incredibly easy to change your passwords. They have a terrific feature that enables you to do something called a security audit. With a click of a button, it tells you which of your passwords are weak, which are duplicates (bad!), and which are older (6-12 months, 1-3 years, 3+ years) which is especially good if you use time sensitive passwords or work somewhere that requires they be changed monthly or quarterly.  I could never keep up with the timing on those when I worked at Apple, and it never failed that I would have to change my password at the most inconvenient time.   

 

One of the most common questions after Heartbleed was publicized was, “Which passwords do I need to change?” but part of the problem was that folks didn’t know whether a particular site had patched (or fixed) their vulnerability without going to every single website for which they had an account.  Talk about a huge time suck.  I could have spent a few days just checking websites.  Then, I would have had to note which sites were fixed, and which sites I needed to follow up with if they had not been patched.  Surely there was an easier way, right?  Yep, and the wonderful folks at 1Password helped us with that. 

 

Watchtower

 Enter 1Password Watchtower. Talk about slick!  I am so loving this new feature.  It will let you know the status of the websites affected by Heartbleed.   For example, it will let you know if you need to avoid the site until it is fixed, if it has been fixed and you need to change your password (see example screen grab), or if it was never vulnerable and therefore not affected, so you don’t have to change your password for that particular site.   The danger of reusing passwords (using the same password for multiple sites) is because if you use a password on a site that was vulnerable, the bad guys could have accessed your user name and password.  Then they could go to a site that wasn’t vulnerable on its own, but they didn’t need it to be vulnerable, because you had already handed them your user name and password on one of the other sites. Does that help to better explain why it’s such a bad idea to use the same user name and password for everything?  Here is more information on the new Watchtower service.  


Cult of Mac published a very helpful article  that walks one through the process of resetting affected passwords quickly and easily.  They have also listed links to the password reset page of popular websites such as Facebook, Google, Amazon, Instagram, IFTTT, and many others. Using the Security Audit feature, you simply start at the top of the list and follow the step-by-step instructions to change your password.  Once you’ve finished with that website, just go to the next one on the list until you’ve finished all of them.  How much time it takes will obviously vary depending on how many passwords you need to change, but it really is a fairly quick and painless process.  Plus, it should go without saying that now you will have peace of mind that your login information is safe again. 

If you don’t already have it, pick up 1Password today and get started on your path to a safer online experience.  Then, next time your friends are freaking out because “ACME Data” got breached, you can say, “Meh, I have 1Password. Not worried.” and keep on watching your videos.


For more information about Heartbleed, 1Password, and Watchtower, head over to 1Password’s website.  Their terrific blog has all the latest information about things that would be rocking your world in a bad way, were it not for 1Password keeping things in balance.  Cheers!


Permalink Leave a Comment

Start Your New Year with Day One

January 1, 2014 at 6:43 pm (Applications, iDevices, iPhone/iPod Touch, Personal, Productivity, shareware, writing) (, , , , , )

Happy New Year!  Another year beginning, another year ending, resolutions to make, resolutions to break.  I’m not being pessimistic, just realistic.  In the past couple of weeks with the old winding down and getting ready to give way to the new, I’ve had several friends ask me if I still journal, and if so, what app I use.  

I have always jotted down thoughts here and there, since I was a kid and got my “First Diary”.  You remember those, right?  They were little books with a cardboard flap and a couple of flimsy keys that anyone with a pair of scissors or a paperclip could get into; but we were young, so we thought it was locked up tight.  But, how things have changed.  Well, sort of.  They still make those for the kiddies, but our adult selections are so much better.  Most of the ones you actually write in no longer have locks, and are made of leather, pleather, vinyl, card stock, etc. and can be found ruled, as a grid, or blank.   

Day One Icon

But, for those who have transitioned to the digital world, (wait for it…), there’s an app for that. (You had to know it was coming). Actually, there are a lot of apps for that now, and quite a few good choices. But the one that has won my heart is the award-winning Day One.  It is a truly wonderful app for Mac, and there is a universal companion app, which is an excellent standalone app in its own right, for the iPhone and iPad. 

It is incredibly easy to get started, and you won’t even have to read any how-to guides to get up and running.  Their tag line is “Record life as you live it”, and the app’s design makes it easy to do just that. The interface is simple, clean, and minimalistic. Data that is automatically entered includes date and time, location, weather, photo EXIF, activity (walking, biking, running), and music playing. There is tagging and Markdown support, as well as customized reminders that you can set to be sent daily or weekly at certain times. The app really shines with its organizational abilities, as you can view past entries using the calendar, maps, photos, timeline, and more. Day One’s Mac version has a nifty little Menu Bar quick entry feature where you can (just like it sounds) make an entry right from the Menu Bar without opening the application. That’s great for a quick notation, or even a longer one when you’re not attaching a photo. Automatic backups keep your data safe as well.

Your entries can be synced from your Mac to and across your iDevices using iCloud or Dropbox.  I will say that I tried to use iCloud, and I really wanted to use it to save my rapidly filling Dropbox space.  But, I kept having issues with it, and in the end, it was just easier to disable iCloud syncing and go with Dropbox.  I haven’t had the first issue since the switch.  

Entries can be shared by emailing to friends and family or posting to social media sites such as Twitter and Facebook. Day One also creates individual webpages at dayone.me for any entires you want to publish. I’ve seen examples of it used for almost anything you can imagine, for typical writing and journaling, for research, for reviewing books, movies, and other media, as a work journal and timekeeper, as a travel and mileage log, as a prayer book and inspirational guide, and much more. 

I must say that it is a joy to use Day One.  I use it for jotting quick notes about events or captioning a photo, as well as making more personal longer entries or capturing special events. I’ve also been using it to log geocaching adventures, as well as ideas for my own devious geocaches to hide.  Give it a try and let me know what you think.  

You can get more information about Day One at its website here.  The Desktop version for Mac is available thru the Mac App Store for $9.99 and the Universal version for iPhone, iPad, and iPod Touch is $4.99. Now go jot down all your resolutions, then use Day One to write about them. Once you start using it, you’ll be likely to continue.  Enjoy!

Permalink Leave a Comment

Cool Stuff that Siri can do for You

June 12, 2013 at 12:48 pm (Apple, How-to, iDevices, iPhone/iPod Touch, Productivity) (, , , , )

You may already be a seasoned professional when it comes to using Siri, but there are always more goodies you can add to your bag of tricks. When Siri first became available on the iPhone, one of the first things I asked was “What can you do for me?” and Siri tossed up a handful of suggestions. Back then, they were fairly simple things like calling people, sending texts, and setting reminders. Siri has evolved in the nearly two years that we have been using her assistance. There are a lot more things you can outsource Siri to do for you now. 

Here are just a few:

Say/Ask This:                                          To Do This:

Call (Mike / my brother)               Call a person (by name or relationship)

Launch ‘Facebook’                        Launch (app of choice)

Tell Malissa I’m on my way           Sends text to (person) with your message

Set up a meeting at 9am              Adds a meeting onto your schedule

Did the Broncos win today?         Checks and reports team scores 

Give me directions to Selmer       Gives directions to any named place

Tweet a message                          Tweets a message to post to Twitte

What movies are playing?            Tells what movies are playing nearby

Play brandi carlile                          Plays (singer) or (playlist) that you request

Remind me to pay bills                 Sets a reminder based on your request

Email Nik about the trip                 Sends email to (person) about (subject)

What’s today’s weather?                Tells you the weather forecast 

What’s apple’s stock price             Tells you company’s stock price

Wake me tomorrow at 9am           Sets an alarm for 9am 

What’s Nancy’s address?               Gets (person’s) address

Note that i need to buy milk          Adds a note to buy milk

Search the web for xxx                  Searches web for (chosen topic)

Define (word)                                  Looks up and gives definition of (word)

Find a good Sushi place                Lists nearby Sushi (or other) restaurants

In addition to the above commands, you can also have Siri help with punctuation and a few emoticons (oh, come on. You knew it was only a matter of time). 😉  Speaking punctuation such as “new paragraph”,  “new line”, “cap”, “period”, “full stop”,  or “(other desired punctuation mark)”,  will get the desired results most of the time.  Some emoticons  work, such as “smiley” or “smiley face”, “frowny” or “frowny face”,  and “wink face”. 

There is occasionally a glitch if Siri doesn’t understand you.  Get some practice by speaking normally, being sure to enunciate your words properly.  The more you use it, the more accurate your results will be.

Most of those listed above are, believe it or not, fairly basic uses of Siri.  She has evolved quite a bit in the past couple of years.  Some of the even more impressive tasks Siri can help you manage now include the following:  search other web browsers (Bing, Yahoo, Wikipedia) for information; update your social network status on Facebook, Twitter, or Google+ via SMS (must set up ahead of time);  see and set calendar appointments for a certain day;  tell you what actors were in a particular movie; set or delete alarms; list flight times;  restart springboard/finder;  and more.  Calculations and other “fact-type” questions are searched using Wolfram Alpha. It is also integrated with Remember the Milk and other applications, to make those apps even easier to use. 

Many folks are aware that Siri also has some nifty little Easter Eggs, as well as a rather wicked (programmed) sense of humor.  There are at least a few blogs dedicated to these chuckle-inducing experiences, along with some dedicated to funny “oops” moments when a word is misspelled or misunderstood, yielding some unpredictable and often hilarious results. 

I tried a few questions early on, several of them the same that many others have also tossed at our able silicon-based assistant. Just a few samples:

Siri StarWars 2

Q:  “What can you tell me about ‘Star Wars (1977)’?”  
A:   “It’s about a couple of really nice robots who get mixed up in a silly intergalactic war”.  

Q:  “Define supercalifragilisticexpialidocious”  
A:   “The sound of that is something quite atrocious”.

Q:  “Who is on first?”
A:   “Correct. Who is on first.”  

 Q:  “What is the meaning of life?” 
 A:  “All evidence to date points to chocolate” (“42” is another hilarious answer).

These are just the tip of the iceberg regarding things that Siri can help you do these days.  I suspect that with iOS 7, that list will increase exponentially. I love having Siri help me make quick work of my tasks.  That gives me that much more time to spend on things that are really important.  Those are just a few that I’ve asked, and I’ve heard of or read many dozens more.  I’m glad the programmers made it a bit humorous. It makes me think they thought even more of their end user. 

What are your favorite things about Siri?  Have you had any humorous interactions with her? What would you like to see in iOS 7?  Let me know in the comments.   

Permalink Leave a Comment

You’ve Purchased HOW Many Apps???

June 18, 2011 at 1:45 am (Apple, Applications, Humor, iDevices, iPhone/iPod Touch, shareware) (, , , , , )

I stumbled across this Mac application recently after seeing one of my friends, @chartier, tweet about it and thought I’d share it with you so we can all be staggering around in disbelief at the sheer number of apps that we have purchased (and how much we’ve spent on them!). I’d been trying to find a program like this after a friend and I were discussing how many apps we’d purchased for our iDevices. After seeing David’s tweet, I decided to download it and give it a go.

The application, by WetFish Software, is called App Store Expense Monitor. It’s a free app (donations accepted).  It’s just a straightforward zip file for your Mac. Run it, and the program finds all the apps in your iTunes Mobile Applications folder. It tells you the App, Developer, Category, and Price of the apps you’ve downloaded.

AppStoreExpensesInfo

It shows the current price of the app, although you can edit the price to reflect what you actually paid for it — good for those that might have been free or that even (gasp!) cost more when you purchased it than they do now.

It can be exported as a CSV or XML file.  I did have to change the path so my Mobile Apps folder could be located, as it wasn’t quite in the standard spot. However, this was easy enough to do, as it just involved choosing the desired path and selecting it in the options.

Try it and see what you think.  You can download from their website here:  http://wetfish.de/software/osx/app-store-expense-monitor/ . I have 342 apps totaling $593.57.  Leave me a comment below and let’s compare purchases.

Permalink Leave a Comment

Get Your Cache On

April 28, 2011 at 11:06 am (Apple, Applications, Geocaching, iDevices, iPhone/iPod Touch) (, , )

Geocache

We’ve been having some nice weather this spring, and that can only mean one thing….geocaching!  Although fall is by far my favorite time for  geocaching, spring is a great time as well. It’s getting warmer, but the pesky mosquitoes, ticks, no-see-ums, and other undesirables (can you say  snakes?) haven’t come out enough to put a damper on things yet. We had a few great finds in San Francisco a few months back, and I’m still  looking for just the right place to drop off a couple of trackables that we picked up in the city by the bay. I’ve also been scouting around for some  good hiding places. It’s really no fun to be able to just walk right up to a cache…it’s a lot more fun if there’s at least a little bit of a challenge  involved.

For those who think a “real” GPS is needed, I can honestly say that my iPhone 3GS with Groundspeak’s official Geocaching app  (http://www.geocaching.com/iphone/default.aspx) has been nothing  short of amazing.  They have added some splendid updates to this app over the past several months, and it is truly all you need. Granted, if you  get way out in the boonies, you’ll probably have a hard time getting a signal. In those circumstances, maybe a dedicated GPS would be better. But, being mildly disabled, I’m not able to hike the rough terrain as I once could, so those areas are usually off-limits to me. I’ve used the Magellan GC with okay results, but I still prefer my iPhone. I can do everything I need to do right from the app, including posting photos and field notes, viewing maps (Google Earth street view, topography maps, and satellite views), recent logs, and more.

One of my favorite features is the simulated compass arrow that lets you know when you’re closing in on your find. You can just feel the adrenaline rush when it goes from 100 feet to 50 feet to 20 feet, then you engage your senses and start looking for the treasure. A couple of my favorite finds have included a small cannister attached to a piece of rebar that was stuck down inside a yellow concrete parking lot post, a test tube container hanging from a tree branch, and a piece of cable secured to a utility pole that contained a log when you unscrewed the coaxial cable connector. The “in plain sight” award goes to a modern sculpture at a local university that had a large ammo can sitting atop the same-color sculpture. If you didn’t know what you were looking for, you would easily miss it.

Geocaching is a great activity for young, old (but young at heart), and everyone in-between. It gets you outside, makes you think, and can be done alone or with others. So, get up, get out, and start hunting. Be sure to let me know in the comments what your favorite types of cache are, and what type of device you prefer. Happy Hunting!

Permalink Leave a Comment