Apple has issued a critical security patch to plug a very serious hole in part of the Mac operating system. (To be fair, this hole was not Apple-exclusive. It impacted other operating systems as well.)
Use of this exploit by bad guys requires no advanced computer knowledge and examples of it are already "in the wild." Used successfully, it allows an attacker to take over a computer.
Apple has patched this problem for the current operating system and the last two
. This means that if your Mac has OS X 10.8 Mountain Lion, OS X 10.9 Mavericks, or OS X 10.10 Yosemite, Apple has issued patches for those systems. If you've not already, go to the Mac App Store > Updates and make certain that the OS X NTP Security Update has been installed.
If your Mac is running Mac OS X 10.6 Snow Leopard or OS X 10.7 Lion, it is now imperative that you upgrade to a more recent operating system.
We've recommended against an upgrade to Yosemite because of a wi-fi issue that knocks some Macs offline until rebooted. We continue to advise users of OS X 10.8 and 10.9 to wait (probably until this is fixed in 10.10.2.)
We recommend users of 10.6 or 10.7 upgrade to Yosemite as soon as possible.
(Mountain Lion and Mavericks are no longer available from Apple.) You may or may not encounter the Yosemite wi-fi problem but that's a small concern comparatively.
Special 10.6 note:
Older PowerPC-based software does not run on later operating systems. You will lose the ability to run PowerPC software (notably AppleWorks and Office 2004) as part of any upgrade.
Please contact us (503-507-0410) or firstname.lastname@example.org if you require help with this upgrade.
Using Tor to protect your privacy
We have long recommended using a Virtual Private Network, or VPN, service whenever you use your Mac on a network that you don't control or trust. For example, if you use your laptop at Starbucks, you should be using a VPN to connect to the Internet. (We use Witopia.)
While this offers adequate protection against hackers, the latest information about National Security Agency (NSA) spying on American citizens indicates that VPNs are insufficient to protect personal privacy.
To be fully secure and private, you need to use a VPN in conjunction with a Tor web browser (instead of Safari, Firefox, etc.). As the Tor Project web site
says, "Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security."
When you use the Tor network for web browsing, instant messaging, etc., your internet connection hops through various routes in order to make detection and surveillance difficult. What we know now is that using a Tor web browser with a VPN service provides you with the best security and privacy possible
. You can download Tor software at the above Tor Project link. If you'd like help setting up a VPN or Tor browser, feel free to contact us. We'd be happy to help.
OS X 10.10 Yosemite presentation
Ty Davison, our senior Apple tech, will be giving the January presentation for the Salem Macintosh Users Group (SMUG).
This presentation features an overview of Apple's latest operating system, OS X 10.10 Yosemite, and will conclude with a question and answer period.
The SMUG general meeting will be held on January 13 at 6:45 PM at Comfort Suites Inn on Hawthorne Avenue in Salem, Oregon. Visitors are welcome. Should you decide to join SMUG, dues are only $25 per family per year.
Tip o' the day
When your Mac starts up, it typically issues a very pleasant chime. This chord indicates that the Mac has passed what is called the POST test. That's a test of the built-in hardware of the machine.
If you ever hear a series of beeps on startup, your Mac is not passing POST and a hardware issue of some kind is being detected. (Once upon a time, the POST test failure sound was a car crash, a noise that scared some users so badly that they believed their computer was about to explode. Apple wisely changed this.)
Interestingly, the POST test only occurs on startup—not during a reboot. If you're having a problem with your Mac, you should shut it down then boot it back up so that POST gets a chance to run.