Barkings! | The SmallDog Apple Blog

A blog about our business, our industry, and our lives. You'll find posts from everyone at Small Dog and if the dogs could blog, they'd be here too!


If you pay any attention to technology news, you’ve probably already heard of the recently discovered Meltdown and Spectre exploits that are reported to effect a majority of computer systems currently in operation, regardless of their operating system. Since the vulnerability is at it’s core, hardware-based, users of Macs, PC’s and some mobile devices are all at risk equally. The hardware in question are processors by Intel, AMD and ARM and the issue could be exploited in 3 ways known as Variants 1 and 2 (identified as Spectre) and Variant 3 (identified as Meltdown).

The way the Spectre exploit works is by taking advantage of the way your computer processor’s architecture is wired to execute code. In a very basic way, the processor’s job is to make a series of decisions very quickly and pass along the results of those decisions. To speed things up, most modern processors use a technique known as “branch prediction” to guess what the next decision it’s going to have to make is. This “speculative execution” greatly improves the speed of a processor as it can always stay a few steps ahead of the game. It’s not always correct in it’s predictions, but that doesn’t matter because the speed at which it does these predictions allows it to perform many, many of these per second.

In very simple terms, it’s all of these incorrect predictions that allow your sensitive data to be potentially revealed. When these bits of data are trashed, for just a moment, the state of your processor can be analyzed by some malicious agents and backtrack it’s way to what bits of data were used to arrive at it’s incorrect prediction. It can then exploit this method by making your processor arrive at incorrect predictions on purpose by injecting data far outside the bounds of what it expects and, in turn, grabbing more of your sensitive data with each execution.

Patches to guard against this involve an extra step every time your computer executes these kind of instructions, double checking to see if the data it’s executing lies within the bounds of what’s expected as well as separating the code and predictions into separate areas of memory. Different processor models have slightly different architectures and the exploits work in slightly different ways across them, however this is generally how things work.

Meltdown is much more clear-cut exploit. To run efficiently, data being run through different parts of your computer processor is stored in a cache as it’s passed between sections of your processor. Meltdown reads this cache and can take the information contained in it and send it off in another direction to be utilized for nefarious purposes. The fix for this involves splitting the address space for this shared memory so that the data is never complete and would appear as gibberish if it were captured, the downside to this fix is that it involves making your computer do twice the work for the same amount of processing. Fortunately, this type of shared memory space only occurs in an impactful way during specific I/O events such as disk-reads or network communication and has little effect on computationally-heavy computing such as video-editing or gaming.

New chipsets and operating-systems should be affected very minimally by any patches to eliminate these exploits, however older systems and certain cloud and virtualization computing systems could take a pretty big performance hit as they rely heavily on I/O to operate.

It’s not often that we see such a vulnerability so widespread and so tricky to fix. It’s something that has been baked into the core architecture of so many of our computer systems in slightly different ways and yet it exists almost universally between manufacturers. It’s like suddenly discovering that bare lightbulbs can steal your credit card number. Sure you can just say “use a lampshade” but lightbulbs come in different sizes and styles even though they all work pretty much the same way and even if you design a lampshade for every bare lightbulb out there, there will be slightly less light when fitted with a lampshade.

I’m never one for encouraging or promoting New Year’s resolutions unless it’s something practical and attainable. Ok, and something that you know you can follow through with! We talk a lot about data security in terms of backups here at Small Dog Electronics, but we do not talk a lot about password security. Passwords can feel like the bane of our existence some days! We need passwords for just about everything we want to do on the internet, we need them for gaming, online purchases, our banking and more. I can’t tell you how many times I’ve seen users keeping their usernames and passwords written directly on their computers, sticky notes taped to the underside of their computer, a file right on their desktop called “passwords” and more. I think I’ve probably seen every possible WRONG way you can store your usernames and passwords. I get it, it’s frustrating to forget this information and even worse when it’s a login you have to change every 3-4 months.

To make dealing with passwords a little easier and more secure, using password management software can be crucial in organization and security. We use a service at Small Dog called 1Password, There is also another service called LastPass. that works just as well. Your keychain through your iCloud account can also be used, but, if you need to securely share information with others using one of these other services can be a better solution. We like 1Password and with the frequent need to update passwords and usernames on different sites, it’s extremely functional to ensure that we don’t get locked out of accounts.

I am sure that some of you have seen Safari suggest a random and impossible to remember password suggestion when you need to reset a password, another reason for secure password storage. As crooks and scammers get smarter, we have to get smarter about our passwords. We might prefer to use a near to your heart password combination that you know you won’t forget, but those are often the most easily hacked.

With password management software you will still need to remember a few key passwords and usernames. Afterall, you do have to use a secure password to get into your password filing system. When you are creating passwords, always try and use a combination of numbers, letters and even characters when the sites permit it. Random and longer passwords are always recommended. You might try what I call the sentence trick when creating a new password. This is where you could have a favorite movie line or excerpt from a poem and use that as the base for your password. For example “Now is the time for more fun!” This could turn into a password “N1tt4mf!” I took the first letter of each word and changed some letters for numbers with a special character at the end.

Just as important as tips for what to do to keep your passwords secure is what NOT to do! Always enable two-step verification whenever possible. It’s a bit frustrating at times but is one tip you won’t regret for account security. When using two-step authentication and password management systems keep in mind you can still be vulnerable. You will want to avoid common habits like using the same password on multiple sites. One major benefit of password management software is it remembers your account information, so it eliminates the urge to use common passwords across multiple sites. Once you have filed your account information, discard those old sticky notes! You do not want to keep those lying around anymore.

Now, get organizing and start off 2018 a little more secure than you were!

So, you’ve just updated to the newest version of High Sierra. Perhaps you moved up to High Sierra from an earlier operating system to take advantage of the newest features and security patches. After installation, instead of your familiar desktop photo or login screen, you’re greeted with a flashing folder and there is seemingly nothing you can do about it. Enter recovery mode!

Recovery mode is a tool that’s been available to the Mac user since the introduction of OS X Lion (10.7) it’s essentially a separate partition created on install. 10.7 was the first Mac OS to eliminate physical install disks, this new partition provides access to the tools that were only previously located on recovery disks. Those tools include “Disk Utility”, used to create/erase/modify internal or external hard drives and their subsequent partitions (portions of space created on the drive for use) “Restore From Time Machine Backup” which allows you to restore your machine to a previous state that you would have stored on an external hard drive using Mac’s built-in backup software. Lastly, the most helpful tool when it comes to reinstalling an operating system that may have gotten corrupt or damaged during install “Reinstall macOS”.

To get to recovery mode, you start with the machine fully powered off. Press the power button as if turning the machine on as normal and immediately press and hold both the “command” key and “R”. Hold those keys until you either see the Apple logo or a spinning globe. If you see the Apple logo it is booting into its recovery partition, if you see the spinning globe it may ask for your WiFi password as it’s starting from an internet based recovery program.

Now, back to the main topic. You’ve suddenly been greeted with a flashing folder, so we want to get into recovery mode first (CMD+R) once at the utility screen you’ll want to choose “Reinstall macOS.” Follow the prompts. When it asks where you want to install you simply choose your main drive (typically listed as Macintosh HD unless you’ve otherwise changed it) and that should be it, just let the machine do its thing and reinstall the operating system.

If after the reinstall you’re still greeted with the flashing folder, it is a signal of a deeper lying issue and may require service. If that’s the case, bring it on by one of our stores and our talented technicians can see what they can do to bring your machine back to life!

All iPhones pick up fingerprints, and it’s all too easy to get your iPhone dirty with ink, lotion, makeup, dirt, food, and oil. If you’re faced with an iPhone that needs cleaning, resist the urge to spray it with window cleaner, rubbing alcohol, or ammonia, or, even worse, to scrub it with baking soda or Borax. That’s because all iPhones have oleophobic—oil repellent—coatings on their glass surfaces that make it easy to wipe off fingerprints. You don’t want to remove that coating any faster than it will wear off normally, and cleaning products will strip it quickly. Instead, Apple recommends a soft, lint-free cloth such as you would use for glasses or camera lenses. By the way, even though the iPhone 7 and later have some level of dust and water resistance, it’s important to avoid getting moisture in the openings—most of the time, a lens cloth should be all you need.

I have had my new iPhone X for a couple weeks now and it is magical in so many ways. Being an old codger, it is truly future shock to be holding such a powerful device in my hand and one that instantly recognizes my face, too! There have been a lot of stories out about Face ID and my first-hand experience is that it just works. It is transparent and I lift up my iPhone and it is unlocked. Contrary, to JoJo’s report a few weeks ago, it is not just black people that it has trouble recognizing in the dark, I have to enter my passcode on occasion when I lean over in bed to see what stupid notification I got at 2AM.

What You Need to Know About Face ID

Apple’s new iPhone X does away with the Home button, which has been a fixture since the original iPhone and has long served as the Touch ID fingerprint sensor. To replace Touch ID, Apple developed a new facial recognition technology called Face ID. With Face ID, the iPhone X scans your face to authenticate you instead of using your fingerprint. It is truly amazing technology! Apple even invested in the company making the scanning lasers that make Face ID work this week.

How does Face ID work?

Freaking Magic. Well, almost. As science fiction author Arthur C. Clarke said, “Any sufficiently advanced technology is indistinguishable from magic.” Face ID is cutting-edge technology that uses Apple’s TrueDepth camera system to project over 30,000 invisible dots onto your face. Then it illuminates your face with infrared light and takes an infrared image. Finally, it translates that image into facial recognition data that are encrypted and stored within the iPhone’s Secure Enclave (the data never leaves your iPhone). Face ID updates its mathematical representation of your face overtime to keep up with how your appearance changes.

How secure is Face ID?

Extremely. Apple claims that Touch ID’s false positive rate—the number of people who would have to try logging in to your iPhone before someone would succeed randomly—is 1 in 50,000. In contrast, Apple says that Face ID’s false positive rate is 1 in 1,000,000. It can’t be fooled by a picture or a simple mask, although a high-enough quality 3D reproduction of your face might get past it, just as a sufficiently good cast of your fingerprint could fool Touch ID.

However, Face ID has trouble distinguishing between identical twins and siblings who have nearly identical features. So if you have an evil twin or even a nice twin with a sick sense of humor, stick to a Touch ID-based iPhone or your passcode! The probability of an incorrect match is also higher with children under 13, since their facial features haven’t become sufficiently distinct yet.

By default, Face ID works only when you look at the iPhone X—it can’t be unlocked by your face when you’re sleeping or in my case when I am staring at my Mac’s display with the iPhone on my desk.

How fast is Face ID?

Not quite as fast as Touch ID in current iPhones, but fast enough that you likely won’t notice. When you pick up your iPhone X so you can look at it, Face ID will, in most cases, have already recognized you.
This quick recognition is possible in part because the iPhone X can start scanning early, thanks to iOS’s Raise to Wake feature and a new Tap to Wake feature that automatically wakes the iPhone X when you touch the screen.

What if Face ID doesn’t work?

First off, things like wearing a hat, scarf, or glasses won’t confuse Face ID, nor will growing or shaving a beard. Thanks to that infrared camera, it even works in complete darkness, sorta. It does seem to have more trouble working with black people in the dark or maybe even darker skinned people. However, Face ID does fail occasionally. One reason for a Face ID failure is holding the iPhone X too close to your face—this is easy to do accidently if you’re nearsighted and not wearing your glasses. (Some sunglasses prevent Face ID from seeing your eyes, but you can work around that problem by disabling Require Attention for Face ID in Settings > Face ID & Passcode.)

To make Face ID retry a facial scan, hold the iPhone X at a normal viewing distance, tilt it away from you, and then tilt it back to your normal viewing position. If that doesn’t work, or if you want to let someone else use your iPhone, enter the passcode. Entering the passcode is always an option.

Alas, unlike Touch ID, which let you enroll up to five fingers (so family members could unlock your iPhone without using the passcode), Face ID lets you have only a single face.

Can I use Face ID for anything besides unlocking?

Oh yeah, Face ID completely replaces Touch ID, so you can use it to authenticate when you’re using Apple Pay, or the App Store or iTunes Store. Plus, apps that previously relied on Touch ID, such as the 1Password or LastPass password managers, will automatically use Face ID instead.

We hope Apple can make the hardware necessary for Face ID cheaply enough to bring it to other devices as well. Wouldn’t it be nice if you could walk up to your Mac and have it automatically unlock because it had recognized your face? Now, if it could just read my mind and do my work for me I’d be all set!

Previous Page

Search Our Archives


XML