Category: Security

When Clients Improve My Practice

As you probably have guessed many of my weekly updates are based on client situations.  However, there are times when I interact with a client and that situation actually helps to enlighten my perspective about something related to technology or makes me remember a forgotten tip that could be quite relevant. 

Here are a couple of points I want to share.

-The “Apple keychain password manager” is not a terrible one.  It’s quite good for basic needs. This manager will allow you to sync passwords between Mac, iPhone, and iPad.  Sorry, but it doesn’t work in Windows.  You will be able to fill in passwords in Safari on all of the devices and in multiple apps that support password managers on your iOS / iPad devices.  If Windows is involved in any way or you want a better password manager, I still recommend Last Pass or 1Password.  I don’t like that there is seemingly no way to export or print passwords from the Apple password manager, but it is certainly better than no password manager.  Google also has a version of this that syncs with Chrome and Android phones, but I trust Google less with my passwords than Apple. 

-I think it’s really important to have a second browser on your computer, loaded up with an ad-blocker of course.  On Sunday night, a client told me that a website would print better in the alternate browser.  Another reason to have access to browser number 2 is that you want to multi task — certain websites will be open in browser 1 (remember you can have more than one — right now I have like 15 open in various tabs) and others will be open in browser 2.  Finally, your first browser may get corrupted.  A lot of infections these days stay within the browser and do not spread to the computer.  Having that second browser can help you get work done or just use your computer safely until you have a chance to contact a tech like me for help.  Edge is the default browser in Windows these days (which most people don’t use).  Chrome is the #1 browser in the world by use.  Safari is the default browser on the Mac.  Other browsers you can use include Google Chrome, Firefox, or Brave.  Those are my top 3 choices in no order.  Brave is kind of cool because they block ads by default.  It was created by one of the founders of Firefox.  Fire up your alternate browser at least once a month so it updates (though it may happen automatically). 

Be Careful Before Clicking

My advice for you this week is to be very careful about clicking links or attachments that come in an email or other form of electronic message.   If you are expected these items, that is one thing.   But if the attachments or links seem out of the blue — this is a red flag!  They can easily create a malware infection on your device.    In terms of links, one thing that you can often to depending on the email program or devices is point to the link or press and hold on it (iOS) to reveal the true websites.  You may be able to right click on the link (computer) and copy the link address.  Then you could paste the address in Word or another word processor so that you can see it in print before clicking on it.  Not a bad idea.   If the true address doesn’t match what you are looking for — steer clear.  

Additionally, decide very carefully whether you want to click on ads you see in your browser.   You shouldn’t really see that many of them because I have installed an ad blocker in the browser for nearly all of you.   Go to a well known technology news site — cnet.com .  Unfortunately, they are known for displaying a ton of ads.  If you see a lot of ads on their page, it means that you do not have an ad blocker installed.  Being properly protected against malicious ads should be something to add to your list for our next visit.

On Yahoo.com Keep Ads Blocked Always

I had a lengthy appointment with a client yesterday.   They had a fake anti-virus scam pop up that took over their computer.   They panicked in the moment over several days — did not call me (big mistake) — and gave the scam outfit (without even knowing the company name or location) $900 in Apple gift cards purchased from local pharmacies.    There is a lot to this story that I won’t get into here but…..

It is very likely that it all started when reading an article on Yahoo News.  A bad ad injected scripts into their browser which triggered downloads and other things.  Yahoo may not have screened the ad carefully or the ad may have been provided by a 3rd party.   The client’s guard was down, in part because, the ad blocker was turned off. 

One may say — well I didn’t click the ad!  It doesn’t matter.  The mere fact that a malicious ad loads in the first place is the vector for attack. 

I am fairly certain that I have installed ad blockers in your browsers.  On Safari for the Mac, I prefer Ad Block Plus (with acceptable ads turned off).   On Chrome or Firefox, I like uBlock Origin (ideally) or Ad Block Plus (with acceptable ads turned off).  It is always good to have multiple browsers available for use on your computer should Browser A get corrupted. 

Some content providers, increasingly, want you to turn off an ad blocker temporarily.  I have had to do this when watching TV episodes on NBC.com.  A few years back Yahoo said they were not going to let you use Yahoo Mail in the web browser if you blocked ads.  They seem to have backtracked a bit.  

My client’s experience was not the first time I have come across a bad ad injected through a Yahoo.com page.  


Bottom line:  DO NOT EVER EVER TURN THE AD BLOCKER OFF ON A YAHOO.COM PAGE.   If they say you can’t use the page otherwise, accept it and move on.  You can still access your Yahoo Mail on a smartphone or on the computer via an e-mail program like Apple Mail, Outlook, Thunderbird, etc.

If you see ads on Yahoo.com, it means your ad blocker is not installed or not working.

Urgent Windows Update

It’s been a long time since I had an urgent Windows Update message for you.   As you may nor may not remember me telling you — Microsoft puts out monthly security updates every 2nd Tuesday of the month.   By letting your computer simply go to sleep (plugged in for a laptop) you computer should just automatically install the updates.  You never really need to Shut Down your computer (unless you are going on an airplane or will be away for a week or more).    Anyway, sometimes the automatic update system fails or you may be in the habit of shutting your computer off.


Microsoft really wants to make sure you have this week’s update.  It’s so urgent that this story hit the mainstream news last night.   Here is what you need to do.


Click your Start Menu

Go to Settings

Go to  Update & Security

Check For Updates

Restart if and when asked.

Apple Card

*Disclaimer:  This is not an endorsement of the Apple Card or for anyone to take on revolving lines of credit.   With that said, Apple is getting into the credit card game.   There has been an Apple Rewards Visa for years (most recently offered through Barclay’s Bank), but with the new Apple Card, the world’s most beloved technology company is taking a much greater degree of control over the process.   Let’s start with some basic facts.   Credit is being granted to customers through Goldman Sachs.   Yes, you read that right.  They are not merely an institutional investment bank anymore.  Goldman has branched into consumer finance in recent years by offering high yield savings accounts and personal loans through its Marcus brand.  The Apple Card card is a Mastercard.  Apple designed the physical card, which, apparently has a very nice titanium feel to it.   Apple was very involved in the entire process.  In fact they are saying the Apple Card is “offered by us, not banks.”   Security is the highest priority.   There will be no printed number on the card, no expiration date, and no 3 digit code.  There will be no signature on the card.  You can still use it in stores via the chip readers.   On your iPhone, iPad or Mac, you will be able to use the card with any merchant that accepts Apple Pay.   So yes, the card will only be relevant for online shopping for those of you who have one or more of those devices.  Interest rates range from pretty good for those of you who have high credit scores, to very average for those with lower scores.   A check of your Trans Union credit report is required for approval (for those of you who may have a credit freeze in place), but reports have come out that credit scores as low as 620 are getting approved.   Never have I read this much “buzz” in my life about a new credit card on the market.  Customers will be able to accumulate rewards for purchases with Apple.   Let’s see how successful Apple is with this venture.  On one hand, I don’t think they want to encourage irresponsible debt, but they are also doing things with this instrument that other banks are not.  It’s a unique card. The application has been opened up to a limited audience at this time (via the Wallet app) with general availability coming soon.

When Your Search No Longer Says Google

Massive viruses still take over entire computers or networks in the world of computing at large, but most of the “infections” I deal with in terms of my clients are confined to the browser.  That’s a good thing actually.  It means that the problem is limited in scope.   A browser redirect / hijack is as clear as day to me.  You need to know how to spot it as well.  When you search in the search box / address bar at the top of your browser (be it Chrome, Firefox, or Safari, etc)  and the results page is not  a Google page you have a problem.    Virtually 100% of my clients have Google set as their default search engine.  There is nothing wrong with that.  It is the standard option in most browsers.   However, when your search shows some weird “searchXYZ” in the address (or somewhere on the page) it means that your browser has been corrupted.   Your searches are being captured.  It’s also possible that everything you typed in your browser, including passwords and other sensitive information, has been transmitted to an unauthorized 3rd party since the date of the infection.  This is a serious situation.

You need to reset your browser and remove the offending extensions.  If you can’t do these tasks, ask for help.  At that point, Google searching should return to normal. 

With this said, there are other legitimate search engines out there. One that has come into the spotlight over the past few years is Duck Duck Go.   Unlike Google, DDG is making privacy and a lack of censorship their top priorities.   Apple has partnered with DDG by making it a default search option on the Safari browser.   When you search for places on DDG, the results come up in Apple Maps.   You don’t have to make DDG your default search engine to use it.  You can simply go to https://duckduckgo.com/ and search at your leisure.   While I still use Google for looking up local businesses and phone numbers, I am a big fan of Duck Duck Go. 

Control of Technology in the Hands of Too Few?

I am concerned about this issue and I know many of you are too.   An increasing amount of space in both traditional and online media has been given to the great power that so few companies have.  There was a big NY Times article on the subject not long ago.   We are talking about it at work.  We bemoan the technological giants with friends.  I could write a ton on the matter at hand, but I want to keep it simple, give you something to nibble on, and invite your thoughts.

As great as Google Assistant is, this story gave me cause for concern.

https://www.cnbc.com/2019/07/05/google-gmail-purchase-history-cant-be-deleted.html

When you delete an item, it should be gone.  However, Google still has access to it in this instance. 

So who I am I really talking about when I say the “technological giants” ?   Facebook, Google, Amazon, Twitter,  Apple and Microsoft. 

Consider Facebook’s power in social media and messaging.   Facebook.com, Facebook Messenger, What’s App, and Instagram!  Wow.   With the exception of traditional text messages, and Apple’s iMessage (blue messages on your iPhone) platform, that is such as large chunk of our digital experience.   Facebook owns all of it.

I like to put Apple and Microsoft in a different sub group within the powers that be.  They primarily sell stuff that we use.  Yes they engage in some data collection an analysis, but Facebook, Google, and Twitter feast off of user information.  (With the exception of some Google business services), you don’t really pay for anything from these three.  They are in the business of harvesting information for the purpose of selling ads.      Amazon is the most well known online retailer.  They also have a massive division that provides paid data management services to businesses.   Yet, they know everything about our shopping habits.  I’m sure they can share some data with manufacturers.  Their control of merchandise can make or break a new product or upstart company. 

Consider this hypothetical.  You really are a big advocate for this one diet.  And there are a couple of books that are like “the bible” for your program of eating.  However, this diet is controversial.  You don’t have any local bookstores you can go to.  Amazon is the place to buy the books for this program.  You often shop there to buy new copies for the support group you run.  Some food lobby starts putting pressure on Amazon to stop carrying these books.  A health association chimes in.  Amazon decides to stop carrying the books.  It becomes much harder to easily disseminate the required information. 

Ultimately, Amazon is a private bookstore. They can choose to carry the volumes they want.  The problem is — for some Amazon is the only choice.  They have put so many of our cherished local bookstores out of business. 

Just something to think about!   What are you going to do to combat THEIR power?  Use a VPN?   Use paid e-mail service?  What about searching on DuckDuckGo.com instead of Google?