Kibbles & Bytes Blog

  • MAC TREAT #155: iOS Keyboard Secrets

    If you are among the prestigious ranks of “day one” iOS device users, you likely glide over the virtual keyboard on your device of choice with a smug confidence. While no level of practice can seemingly thwart the partly useful, mostly annoying, auto correct feature of iOS 4–I’ve had to “de-dudeify” my own vocabulary as “Yo” is perpetually replaced with “To”–there are a few hidden secrets to the keyboard you may not be familiar with.

    *ALL CAPS*

    Are you looking to get a point across? Has your landlord still not replaced that leaky faucet? Many irate iOS users have resorted to not “shouting” their angry emails as iOS 4 seemingly requires an individual shift tap for each uppercase character not immediately following a period. However, iOS does contain a cleverly hidden caps lock feature. To enable it, simply double tap the shift button (up arrow) on your device’s keyboard. The key will then turn blue indicating the feature is active. To disengage, tap the shift key once more.

    *Slip ‘n’ Slide*

    Less secret and more productivity pro-tip, this iOS easter egg will delight even the most efficient tappers. If you need to quickly insert a single digit numeral or punctuation mark into an email or text, there’s a shortcut that eliminates the need to manually switch between keyboards. While typing, slide your finger to the “123” key in the lower left and keep it held down–the keyboard will automatically switch to numerals and punctuation. With your finger held down, slide to the desired key and release. The number or punctuation mark you selected will be inserted into the body of your message and the keyboard will automatically revert to its primary form. This tip is especially useful when entering number-laden Wi-Fi passwords.

    *Add an Accent*

    Many US based iOS users rely on their device’s default English keyboard for the majority of their typing needs. This can become problematic, however, in situations involving inviting friends for a Bánh mì or reminding a significant other to get Ben & Jerry’s and *not* Häagen-Dazs at the grocery store. If you’d like to umlaut and accent your texts, simply press and hold the desired character to see, and select from, all of its variations.

  • _Dear Friends,_

    It seems that one second it was mud season and there were no leaves on the trees and suddenly, I blinked my eyes and all the trees have full foliage, the apple tree outside my window is covered with blossoms and the Green Mountains are green again. It is still too muddy in my garden to plant anything, but the seedlings Grace has started are doing well and we can start moving them outside to harden them up.

    We had a very successful eWaste Recycling Event in Montpelier last Saturday. The event was held at National Life, which sits up on a hill overlooking the state capital building with its golden dome. The road leading up to their building is probably a couple of miles long, and from 8:30 am to 1:00 pm the traffic was backed all the way down to Route 2. It was the first time we had done a collection event in Montpelier and I did not know how successful it would be, but the event was a smashing success.

    Thanks to Apple, all of the ewaste recycling logistics were taken care of, so the Small Dog team handled traffic control and worked the long line of cars, handing out coupons for discounts at our stores, little plastic dogs and OS X keyboard shortcuts. It was great to talk with the customers and even though many had to wait for over an hour to reach the point where their ewaste was removed from the car, all were happy and thankful for the effort.

    Tomorrow, we hold a similar event at the Mall of New Hampshire in Manchester, NH and I’ll be there again with the Small Dog team to both demonstrate our commitment to the PLANET portion of our mission and also to talk to customers and enjoy the goodwill.

    I took a short trip to New York on Tuesday, and on the way home I sat next to a gentleman on the plane who had a new iPad. We struck up a conversation after I asked him about his Smart Cover as a ploy to talk about our Hammerhead cases. It turns out that he is a good customer of ours who had recently converted his office from a PC setup to Mac-based with ten Macs and a Mac mini server. He was raving about our personnel and the savings he had achieved by moving to Mac. We decided he should do a testimonial for us someday! Talking about customer loyalty and his experiences was a great way to make short work of the flight.

    Speaking of Hammerhead (the brand, not the dog), I am pleased to announce that we have been granted the ® registered trademark status for Hammerhead products!

  • !http://blog.smalldog.com/images/2385.jpg!:http://www.smalldog.com/wag20626/at_dr

    *Save over $50 + Free Shipping* on Canon LBP-6000 Laser Printer–just click above to see details!

    Because we want to give you the best deals AND stay in business, Deal Retriever deals are valid for one week only. Quantities are limited; offers good while supplies last.

  • Defending against MACDefender

    Recently, a new form of malware has been making the rounds and causing distress among Mac users. While surfing the web—typically Google Images—a…

  • Free eWaste Recycling: May 21st

    Live near Manchester, NH? Have some tech stuff to recycle? We’re holding a FREE eWaste Event in New Hampshire this year, so come on down!

    *Our 2nd annual New Hampshire event will be held on Saturday, May 21st at the Mall of New Hampshire in Manchester, NH.*
    “*View website here.*”:http://www.smalldog.com/ewastenh

    This event is completely free and is “all-you-can-ewaste!” Stop by the Food Court parking area at the Mall of New Hampshire between 9:00AM and 2:00PM. (While the vast majority of electronics are recyclable and will be accepted, there are a few exceptions–namely kitchen appliances and air conditioners.)

    *Make sure we can take it–see our list of accepted materials on either page.* Read more about our “*ewaste collection programs here!*”:http://www.smalldog.com/ewaste

  • Are You Using Adequate Protection?

    Do you ever wonder if the data on your hard drive is truly protected from technological intruders? Apple has produced a variety of resources that can protect your files from unwanted hard drive peepers. However, just how secure are these methods of file protection?

    First, let’s look at the most common form of user file protection: the administrator password. Created when Mac OS is initially installed, this password prevents unauthorized users from accessing the files on your account… or does it? A simple click in the Reset Password Utility after booting from the Mac OS DVD proves otherwise. As long as the DVD is the correct version of Mac OS, it can boot any system with the corresponding OS. Resetting the password only requires entering a new one, which becomes the new administrator password. So basically, all anyone would need to access an account that is simply password protected is the correct version of Mac OS installation DVD (this can also be accomplished using a string of commands in Single User mode–no DVD needed!). One thing to note is that the Keychain Access utility will not be viewable with this new password.

    Now is when all the extra-protected Mac users say “Hah! everyone knows that. That’s why all my files are heavily protected by a firmware password.” In which case the intruder would pull out one stick of RAM, and boot the computer, bypassing the firmware password.

    Now the real heavy hitters come out. FileVault is a file encrypting tool that works on the corresponding user’s home folder, encrypting it when the user is logged out. Nothing is for sure, but as far as the research I have done, FileVault is basically un-hackable. Knowing this, if you decide to use FileVault on your account, you had better remember that password.

    So, are you using adequate protection? The first question I asked myself while trying to accurately answer this was: Do I really care if someone could potentially have access to my files? The answer is no. So in short, am I protected from potential technological intruders? Nope, not really, my information may be easily hacked into. However, is my protection adequate enough for the sensitivity of the files on my hard drive? Totally. Not satisfied? Well, if you truly believe the data on your hard drive is sensitive enough to warrant it, then FileVault it up.

  • Apple Testifies on iOS Privacy Issues

    Last Wednesday, Apple VP Bud Tribble joined Google’s Alan Davidson in a U.S. Senate panel on mobile privacy. Prompted largely by the recent controversies surrounding Apple’s purported collection and usage of user data from its mobile iOS platform, Tribble–armed with a “*formal letter*”:http://markey.house.gov/docs/apple_letter_to_ejm_05.06.11.pdf (opens a PDF) from Apple–testified on the exact details of the company’s iOS location database.

    In an effort to further demystify public rumors and accusations engulfing the issue, Tribble reiterated that the iOS location database merely aids Apple devices in locating themselves–not tracking users.

    Though the severity of the issue was somewhat misconstrued in initial reports, Tribble expanded on Apple’s stance citing last week’s iOS 4.3.3 update. In this instance, simply clarifying the ways in which customer data is collected and used was not adequate for the company.

    The prompt release of 4.3.3 indicates Apple seeks to allow iOS users a greater breadth of options regarding location data. While the update provided a substantial fix to many legitimate issues, Tribble also reported Apple will make more drastic modifications to the location cache in the next major release of iOS.

    On this note, Tribble stated:

    bq. “The local cache is protected with iOS security features, but it is not encrypted. Beginning with the next major release of iOS, the operating system will encrypt any local cache of the hotspot and cell tower location information.”

    After Tribble’s through testimony on Apple’s take on user privacy, he and Davidson responded to questions on third-party applications’ collection and usage of personal data. Raising the strict and rigorous iTunes app approval policies in defense, Tribble was also quick to mention iOS 4’s built-in safeguard mechanisms to alert users to which 3rd party apps have access to–and have recently accessed–their personal information.

    Throughout all of the controversies, statements and rebuttals surrounding the ostensible collection of personal location data, one theme echos: user choice. Location-enhanced mobile applications are as much of a luxury as they are a byproduct of the times we live in. Users exchange their location for things like enhanced functionality, location-based offers and driving directions.

    Upon launching a location-enhanced app for the first time, users are presented with a splash window requesting permission to use their location. If a user prefers an app not use their location they need only select “Don’t Allow.” Location settings and permissions can be altered at any point from the “Location Services” menu under “Settings.” This menu also details apps that have requested a location within the previous 24 hours.

    In many cases, the perceived value of a given location-based app merits the use of a user’s current location. For example, the built-in Maps app can pinpoint your exact location if you find yourself lost in a big city. However, it must first be granted permission to use your current location.

    Likewise, the included Camera–like many 3rd party camera apps–can geo-tag photos for use with iPhoto’s “Places” and other similar services. While savvy iOS users should note which apps they do and do not allow location access, it is important to consider that the vast majority of apps are designed solely to convenience and benefit the end user.

    What is your current stance on this ongoing issue? Have Apple’s recents actions and testimony swayed your initial opinions? Comment on the “*blog*”:http://blog.smalldog.com/article/apple-testifies-on-ios-privacy-issues/ and let us know!

  • Defending against MACDefender

    Recently, a new form of malware has been making the rounds and causing distress among Mac users. While surfing the web–typically Google Images–a message may pop up claiming your Mac is infected with a virus and recommending that you install a security program to clean it off. The program will then automatically prompt you for your system password to allow itself to install. After entering your administrator password, the next time you start your Mac, you will receive a message stating your machine is infected with a virus, and that the only way to get rid of it is to pay to register the software. Your system might also start randomly showing adult websites and Viagra ads to further “prove” it it is infected. While some of these symptoms may seem convincing, the good news is, they are all fake–there is no virus on your Mac.

    The idea of “scareware” is not new. In the case of MACDefender, all of the warnings shown are fake; registering the program will do nothing more than remove them. Not only does MACDefender not clean anything, there was nothing to clean in the first place. This malware exists solely to dupe users into giving their credit card numbers to a scammer. For a the long time, these scare tactics were limited to Windows systems, since a “virus scanner” could install itself in the background without user intervention. A window appearing to be a legitimate Windows error screen would pop up and ask if you wanted to install a program to clean your system. Unfortunately, in this instance regardless of what you selected, your PC would already be infected. Thankfully, Macs are immune to this kind of browser exploit.

    MACDefender appears to be a different animal as it isn’t a web page made to look like an application warning, it’s actually a Mac application. Many fake warnings use very poor grammar, so they are typically easy to spot as scams. While MACDefender is better than most, it still has its share of grammatical mistakes. For example, the “About” information contains the phrase: “The largest worldwide companies trust MAC Defender their nets and security.” However professional it may look, any malware appearing on OS X is bound by its built in security model: An application cannot be installed and modify system settings without an administrator password. In order to trick you into entering your password, the application makes it sound like the only smart choice is to install it. This is the critical step. If you do *not* enter your password, the application cannot install and no harm is done. If you did register the program and entered credit card information, you should call your bank immediately to alert them to watch your account activity.

    Though any financial information given to the app unfortunately cannot be rescinded, it is at least relatively easy to remove MACDefender from your machine:

    # Open System Preferences and go to the Accounts pane.
    # Look at the login items for your account and find the listing for MACDefender. (It may also be called Mac Defender, Mac Security, Apple Security, or Mac Protector.) Select the entry and click the “-” sign to delete the it. Do not delete any other entries unless there is more than one listing for MACDefender.
    # Restart your system. The fake “warnings” should not come up.
    # Go to Applications and look for a program named one of the aforementioned titles. Drag this application to the Trash, and empty the trash.

    To help prevent an attack like this from happening again, we recommend visiting Safari preferences and unchecking “Open safe files after downloading.” This will prevent applications from automatically launching. We also suggest visiting “*Sophos*”:http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx and downloading its free Mac scanner, which will warn you the next time something like MACDefender tries to infiltrate your computer.

    To clarify a few points: Google Images is not the source of the problem. Whoever is trying to spread garbage like MACDefender is setting up web pages to spread it, and manipulating Google’s search engine to rank their sites higher. No matter what you search for, their site will appear–an attack such as this is called SEO poisoning. Second, MACDefender and its ilk are not technically viruses. A virus spreads itself without user intervention. Due to the security model built into OS X, a virus would not be able to install itself. MACDefender is considered to be malware, which can be as bad as a virus but cannot spread on its own from computer to computer. The best way to prevent malware is to pay attention to what you’re clicking on. If you go to a web page and are prompted for your system’s administrator password, you should navigate away from that page immediately.