You didn't buy your Mac or your iPhone in order to while away the hours avoiding phishing scams and malware. Unfortunately, other people did buy theirs in order to con money or data out of you, so we have to be vigilant. That's the purpose of our three-part Pointers Special. This is how to protect your Apple device, your work, and your money -- and in this concluding edition, how to keep people from seeing what you're doing.
Do be certain to read Monday's part one
, where we covered why you shouldn't do banking on Starbuck's free Wi-Fi -- because for one thing you don't know for sure it's the coffee shop's network, or one belonging to that suspicious fella next to you with a hat -- and Wednesday's part two
about passwords, downloading, and the unexpected threat from your own family.
You've seen the warnings on websites that say you shouldn't save your password if you're using a public computer. You shouldn't. Yet even if you're in your own home's panic room, and nobody else knows the passcode -- or can get by the high-tech retina scan entry system you installed -- there are still times when you should act as if your machine is public.
That's because later on, when you come to upgrade to Panic Room 2.0 and install a newer, faster computer, the old one you chuck out or sell on Craigslist will still have immensely important information on it. You're thinking that you can erase the hard disk, and you're right -- but we've done this ourselves: we've taken an apparently-erased disk, and restored the contents as if by magic. That was a long time ago, it was on a Mac Classic, and the previous owner popped back to tell us something just as his files appeared on the screen.
Anyway. It's harder to do now, but not substantially so. What you can do to help prevent us embarrassing ourselves in front of you is to securely erase the drive. Before you do that, though, you have to make the single most important backup of your life, but you knew that. You also have to sign out of iCloud, which you may not have even thought of. Sign out of both iCloud and Messages, then within iTunes from the menubar, choose Store, and then Deauthorize This Computer.
Quick question: did you ever register your Mac with Apple Support? We'll take that as um, no, possibly, can't remember. Go to supportprofile.apple.com
and sign in with your Apple ID. That'll show you a list of your registered devices: if you can see your soon-to-be-ex one listed there, click to remove it.
Now you get to erase the disk. Reboot your Mac, and hold down the Command and R keys: that restarts the machine into OS X Recovery. That includes Disk Utility: use that, select the name of your hard drive, and then click on Security Options. Pick to securely erase, and then back on the Disk Utility main screen, choose Mac OS Extended (Journaled) as the format. Click erase. This will take a little while (one pass), or a few days (35-pass). We're not kidding about that, by the way.
We can't remember what we got from that fella's old Mac Classic, apart from a broken nose, but today we could make a fair stab at what we'd get from yours. One key thing would be your internet browser history. Maybe we're just not criminally-minded enough to grasp all the problems a history can cause, or perhaps we're just searching for an example that doesn't involve your having visited sites of a, um, nervous disposition.
Try this. If someone can see your browser history, they can see when you go on your bank accounts. If you go to a lot of sites that require logging in, Safari and other browsers will not only remember that for you, they will remember the login details, and enter them automatically. That is brilliantly handy for you today, but an appallingly horrible prospect for the next time someone steals your Mac.
You can wipe your browser history. You've probably been able to do that since the start of internet browsing, but it's perhaps exactly that long since you ever bothered. For it used to be that you wiped everything or nothing: you couldn't remove one site from your list. The loss of your entire browser history, and the fact that you had to remember to do it, meant you never quite got around to doing so.
Things have changed. Now clearing your history in Safari is a matter of choosing Clear History…, the last option in the History menu and then picking what you want to lose. It's still not the same as being able to say you don't want anyone to know how long you spend on microsoft.com looking for support answers, but it's much better than it was. Now you can elect to clear the entire history of everything, but alternatively just where you've browsed in the last hour, all of today, all of today and yesterday too.
Do this instead, though: proactively decide that you're not going to leave any interesting breadcrumb trail in your browser history. Choose before you browse, rather than going back to erase later. Choose Private Mode.
This is now a feature on just about every browser -- Chrome calls it Incognito, Internet Explorer calls it InPrivate Browsing -- but it did start with Safari. While in the browser, hold down Command and Shift, and tap N. That gets you a new browser window, but it is in private mode. In a curiously un-Apple kind of way, the new window will clearly tell you this, but you can't always see the full explanation: it doesn't wrap around.
If you were to stretch out the new window long enough, what it says in full is: "Private Browsing Enabled: Safari will keep your browsing history private for all tabs in this window. After you close this window, Safari won't remember the pages you visited, your search history, or your AutoFill information."
You can also just choose New Private Window from Safari's File Menu. On iOS, tap the Safari button to show you all your current pages and there'll be a Private button at bottom left. Handy for when you just need to visit one site you don't want public, while your normal course of sites are fine (even useful) being in your browser history.
If you're thinking that you never do anything online that you wouldn't be happy your mother knowing, ask yourself that again -- and this time, for "mother" read "Facebook." You've already seen how Facebook seems to magically have adverts for exactly the products you've been searching for. Stop it knowing what you're searching for, and you won't get the ads. Or at least not so many, or at least not so specifically targeted.
Private Browsing is most useful for you sitting there at your Mac. It stops people being able to look back at what you've done -- but it would be good to also stop them being able to see what you're doing while you're doing it. Enter VPN.
The Virtual Private Network is an idea, a technique, where everything that comes into or goes out of your computer or iOS device is encrypted, and so nobody else can see what you're doing. VPN companies often refer to this as your having a tunnel through to where you want to go online.
There are free services like Opera for iPhone
that are just there to do VPN's other function of spoofing the internet into thinking you're in a different country. For anything more serious -- anything -- look at VPN providers like NordVPN
, and expect to pay out some cash.
Once you've got through that pain, you can relax for a year or so, until you have to pay again. In the meantime, you can send sensitive information like passwords and account details over VPN to wherever you need. Make sure you really need it, though: no technology is "foolproof" secure. There is just too much going on when you connect to the internet: whatever your solution, there's a risk.
There really could be too much going on when you're connected to the internet. Some of it is down to you: you've written that email, you now expect the internet to carry it home. However, any app you have can send any information anywhere, and if that happens, it's not going to be trivial.
Go get Little Snitch
or a similar app, like Radio Silence
and run them on your Mac. They will spot everything that gets sent or received. Little Snitch has been around the longer, and is to this as Biro is to pens. Still, here's Radio Silence:
It's not the clearest or easiest-to-follow information, but you get used to it -- and what it tells you is when something is going on that you don't want. It'll show you, for instance, things you expect, like Adobe Creative Cloud, phoning home to see that you're a legitimate customer before it launches. You'll see apps like the Reeder RSS news app checking up on your favourite sites for you.
Whatever the app, whatever it's doing, you can stop it in Little Snitch or others. They're net monitoring tools, and they are specifically for seeing how much data is being sent or received by your apps. Get one of those, and update it regularly.
Speaking of upgrades
In Wednesday's edition
of this series, MacNN
editor Charles Martin spoke about how often we get prompted to upgrade apps -- and how sometimes, it's a con. The short answer is that if it's an upgrade you want, go to the app and look for a Check for Updates option. It'll be in the Application menu, the File or Edit one, wherever there are Preferences. Sometimes they're in the Window menu: you'd think this would be standardized by now, but it isn't.
What is effectively a standard is that if the app says yes, there is an update available, then it is correct and you should update. Always update.
Even if you happen to be a security expert, you're not a hundred security experts, or a thousand of them. We don't know how many people Apple has working on security, but it's more than one. Which means a hugely important thing you can do is follow their lead: when Apple or a developer updates something, take that update. Keep everything up to date, always.
That's a pain, and sometimes it's a real pain, as your Mac or your iPhone keep on nudging you to do it. Yet it's less of one than having to recover lost data later.
Also, it's something you can do to keep on top of problems and every time you are reminded like this, take a look at what Little Snitch is telling you is going on. Take a look at Private Browsing. We're not saying be vigilant, we're not saying you should give up your day job in order to nurse your Mac, but both you and we need to be more on our guards than we have ever had to be before.
-- William Gallagher (@WGallagher