|February 2021 Newsletter
Our macOS dilemma
We find ourselves in a dilemma. macOS 10.14.6 Mojave, the operating system that we've used and recommended for awhile now, will no longer receive security updates starting this fall. Since having a secure operating system is the foundation for computer security itself, we won't be able to recommend it after that time. We're on the clock!
The hot mess that's been macOS 10.15 Catalina prompted us to hold back a full-throated recommendation. Our current advice in a nutshell: Use Catalina if you need it to run other software or if it comes on your new Mac, but otherwise, the advantages it offers are outweighed by the comparative reliability of Mojave. In other words, don't upgrade to Catalina if you don't have to.
We haven't said this just to be troublesome. Allow me to paraphrase many of the Catalina problems identified by one developer
using the latest Catalina version (10.15.7):
- Less reliable, with frequent user interface freezes.
- More frequent need to restart the Mac (every few days)
- More Kernel Panics (a state where the Mac effectively says, "I have no idea what's going on. Please reboot me.")
- Problems syncing iPhone to Mac over wifi
- Problem restarting the Finder
- Intermittent errors (our favorites) connecting to other Macs via file sharing
- Network drives in Finder are considerably slower
- Random Finder freezes for 30-60 seconds. (Note that there is some evidence to suggest this may be Chrome-related.)
- Music app issues with album art
- TV app occasionally doesn't show content
- Image Capture unable to delete photos from iPhone after import
- Mail app slow to display messages
- Mail rules fail to move messages
- Mail messages disappear and are deleted when dragged and dropped between mailboxes
- Mail search is broken; results incorrect
- iMessage no longer reliably syncs the read status with iPhone
- FaceTime crashes when used in conjunction with iPhone
- File transfers via Screen Sharing are considerably slower
So that's awesome. Throw in the fact that Catalina won't run 32-bit apps—meaning a lot of old software won't run at all—and I hope it's clear why we've told everyone to sit tight with Mojave.
macOS 11 Big Sur
In the meantime, Apple has release macOS 11 Big Sur. The new OS has issues inherent in all new operating systems. So far it appears to be going better that Catalina was a similar stage—we'd take 11.2 over 10.15.2 in other words—so there is some room for optimism.
Importantly, though, the Mail app bug that deletes messages when you move them still exists in Big Sur (as of 11.2). Maybe our solution will be to recommend Big Sur and a third-party email program.
Like many professional services industries—medicine, law, etc.—Apple Consultants have professional training responsibilities and associated materials. We use the roughly 1000-page macOS Support Essentials book to learn about each new version of macOS. For as long as I can remember it has been released each January. Big Sur's Support Essentials book won't be out until mid-March.
Now maybe that is a Covid-related delay, but I think it more likely that Big Sur—particularly in conjunction with the new M1-series Macs—means that there is a level of complexity and change that we've not seen in awhile.
From this mid-February vantage point here's what we think the path forward looks like: Some time in the spring or summer we will begin recommending Big Sur. We're going to try our best to make this painless, but operating system upgrades always involve a little bit of pain—a learning curve if nothing else. But by then Apple will likely have squashed most of the Big Sur bugs.
For those people with Macs that can't run Big Sur—they top out at Catalina—we'll recommend either Catalina or a new Mac. Any Mac that can't run Big Sur is near end of life—moving from Mojave to Catalina buys you one extra year if you want it. We're generally fans of getting maximum value for your computing dollar, so if Catalina is right for you, we'll be onboard with that. If it's time for a new Mac, we can help with that too.
Crazy, random slowdowns? It may be Chrome
We've experienced a few occasional, random Mac slow downs and perhaps you have too. We'll be doing something on the Mac—doesn't matter what—and all of a sudden the Mac is unresponsive. We can move the cursor around, but we can't click anywhere that has an effect. And the Mac stays like this for 30-60 seconds before returning to normal.
If you've experienced this, well, first of all: You're not the only one. We've experienced it firsthand and received reports on it as well.
An intriguing, improbable report reached us that said Google Chrome was to blame. Now, that's not improbable at all—Chrome is a known processor- and energy-hog. We use and recommend Safari and Firefox, so at first glance we didn't see how the problem could be Chrome. But what the report also said is that if you've ever installed Chrome, even if you're no longer using it—heck, even if you've deleted it
—you could still be having slow down problems because of Chrome. That got our attention.
When Chrome installs, it sprays files all over the place. These files include a special Google updater called Keystone. This Keystone updater installs into a place where it survives across restarts. That means even restarting your Mac will not solve this problem. It also means that even if you've deleted Chrome itself, the problem is unfixed.
To solve the slowdown issue, we have to not only remove Chrome, we've got to dig into the bowels of the macOS to remove Keystone. For advanced users, here's how you do that:
- Go to your /Applications folder and drag Chrome to the Trash.
- In the Finder click the Go menu (at the top of the screen), then click "Go to Folder...".
- Type in /Library and hit enter.
- Check the following folders: LaunchAgents, LaunchDaemons, Application Support, Caches, Preferences.
- Delete all the Google folders, and anything else that starts with com.google... and com.google.keystone...
- Go to "Go to Folder..." again.
- Type in ~/Library and hit enter. (Note the "~")
- Check the following folders: LaunchAgents, Application Support, Caches, Preferences.
- Delete all the Google folders, and anything else that starts with com.google... and com.google.keystone...
- Empty the Trash, and restart your computer.
For Sentinel members who might not feel up to this task, this is the type of thing we can handle in a 15-20 minute remote support session. We're here to help if you need us.
And we'll take this opportunity to again recommend Safari and Firefox.
Remember when we had to keep magnets away from floppy disks to avoid scrambling them? Modern storage is no longer vulnerable, but magnets and electromagnetic fields from consumer electronics can interfere with medical devices, like implanted pacemakers and defibrillators.
Although iPhone 12 models contain more magnets than prior models, Apple says they’re not expected to pose a greater risk of magnetic interference. However, after a study found that one pacemaker could be deactivated by holding an iPhone 12 near it, Apple issued a support document recommending that you keep your iPhone 12 and MagSafe accessories more than 6 inches (15 cm) away from your medical device or more than 12 inches (30 cm) away while wirelessly charging. Better safe than sorry—if you have a pacemaker, don’t put your iPhone or any other consumer electronics in a breast pocket.
Ice, ice baby
As I write this, my home has been without power or Internet for almost a week. I know I'm not alone in this. The ice storm toppled three of our large trees from our backyard into our neighborhood park. A drive through town revealed similar devastation across the city, with power and cable internet/TV lines down all over the place.
Fortunately, MacAtoZ has multiple redundancies. Although power was out at the office for a day or so, the servers that run Sentinel services are located out of region. We have continued to monitor Macs and send Sentinel-related notices despite everything.
Admittedly, something like the fact that your Mac hasn't been backed up in a week may not be your highest concern. But at the very least we hope that knowing we continue to support you and your Mac(s) means that there's one less thing you have to worry about.
Reaching out to MacAtoZ
As a company we communicate through phone calls and email.
Our main phone line (503-507-0410) is staffed during regular business hours
. If you call you talk with a person instead of machine or some interminable phone tree ("Push 1 to leave a message without swearing, push 2 to leave a message with swearing, and push 3 to report that you've gone insane"). If you're having a computer issue or need more information, our assumption has always been that you want someone else to hear your problem or answer your question if they can.
If our main team is unavailable when you call—and nowadays we are so busy serving clients that this is probable—we will return your call by the end of the next business day. Frequently, in fact usually, we're able to return the call sooner, but we don't want to overpromise and underdeliver. Importantly, we do not offer emergency or same-day service. We are simply not staffed to provide this service level, and if we attempted to do that, clients would see an enormous price increase to support it.
We also use email. If you're a client and have a question or problem, firstname.lastname@example.org is your friend.
This pops your email into our support ticketing system. Because we serve hundreds of clients, using this system allows us to handle incoming requests in the most efficient way we can. Clients are also able to use this email with quick questions about an issue. We're happen to provide a free, quick answer if we can.
Potential new clients can email us at email@example.com
Support or information request emails to specific MacAtoZ employees are likely to delay service
. In other words, if you email firstname.lastname@example.org, not only is that an address I'm not going to check on my off-days, but it also is an address that is inaccessible to the rest of the MacAtoZ team. When I do get back to work and check my email and find a support request what is the first I do? I forward it to email@example.com so that it enters our support queue. Emailing firstname.lastname@example.org will cut out the middle man and get you faster service. (That said if you have comments for a specific staff member that are not time-sensitive, you're absolutely welcome to email them.)
Unless otherwise instructed, do not call or text MacAtoZ employees directly
. Both these communication methods are interrupt-driven. In other words, they interrupt whatever we're doing (helping clients). With so many people to help and time being scarce, we cannot support these communication methods.
We help people with Apple technology. Thank you for working with us to maximize our ability to do this.
macOS 10.14.6 Mojave
. We are not crazy about macOS 10.15.7 Catalina. It's had a lot of reliability issues and still has a Mail app bug that can cause the loss of email when a user moves a lot of messages. That said, Catalina is acceptable from a security perspective. We do not (yet) recommend macOS 11 Big Sur. If it comes on your new Mac, it's unavoidable and that's fine. Just be prepared for the glitches and bugs inherent in all new operating systems. macOS 10.13.6 High Sierra (and earlier) is no longer secure. It and earlier versions should be upgraded ASAP unless your Mac never goes online.
You can see your Mac's operating system version by going to the Apple menu in the top left corner of the screen and choosing "About This Mac." Again, we DO NOT recommend macOS 11 Big Sur yet. Among other things, Big Sur has the same email bug as Catalina and issues corrupting PDFs.
Any iPhone running iOS 14 should be updated to iOS 14.4 immediately for security reasons. If you're not sure what iOS version you have, you can see your iPhone or iPad's operating system version by going to Settings > General > About > Version.
Similar to the iPhone, any iPad running iPadOS 14 should be immediately upgraded to 14.4.
. Older versions of WatchOS acceptable if necessary; upgrade if your devices (iPhone and Apple Watch) support it. You can see your Apple Watch's operating system version by going to Settings > General > About > Version. Generally, one does not have to worry about AppleWatch software security.
. tvOS 13.4.8 and tvOS 12 also acceptable. Note that earlier models of Apple TV do not run tvOS and are fine for what they do; not all channels, features, or apps will be available. You can see if there's a software update available for your Apple TV by going to Settings > System > Software Updates > Update Software. Generally, one does not have to worry about tvOS security.
- MacBook (Early 2015 or later)
- MacBook Air (Mid-2012 or later)
- MacBook Pro (Mid-2012 or later)
- Note that 2016-2019 MacBook Pro models have a higher than usual keyboard failure rate. Used 2015 models, which use a different style keyboard, may be a more reliable option. The new 2019 MacBook Pro 16" model uses a new keyboard mechanism and should be fine.
- Mac mini (Late 2012 or later)
- iMac (Late 2012 or later)
- iMac Pro (all models)
- Mac Pro (Late 2013 or newer)
These are minimum
hardware recommendations based on what is necessary to run a secure operating system (macOS 10.14.6 Mojave or macOS 10.15.7 Catalina). If your Mac does not meet these specifications—that is, it will not run Mojave or Catalina—it needs to be replaced soon unless you will not be using it online. macOS 10.13 High Sierra is no longer secure.
macOS 11 Big Sur was released in November 2020 and has its own set of system requirements.
iPhone and iPad
- iPhone 6S or newer. Older iPhones cannot run iOS 14.
- iPhone 7 models have a higher than normal failure rate over time. Given the choice, we would recommend iPhone SE (2020) model as a strong alternative to iPhone 7 models.
- iPad Air 2 or newer
- iPad mini 4 or newer
- iPad Pro (all models)
- iPad 5th generation or newer
The iPad line is made confusing by the multitude of model names and types (Air, mini, Pro, and just plain iPad). Generally speaking, devices introduced in October 2014 and later will run iPadOS. iPads that will not run iPadOS and should be replaced unless they will not be used on the internet.
- Apple Watch Series 4, 5, or 6 or SE highly recommended.
- All versions (Series 0 through Series 6 and SE) are secure and acceptable though Apple Watch Series 0, 1, and 2 will not run the latest version of WatchOS and therefore lack both the speed and features of later Apple Watches.
- Apple TV 4K is recommended. Apple TV HD (4th generation) is fine as well.
- Older models of Apple TV do not support tvOS and cannot run Apple TV Store apps, though we are unaware of any major security issues.
A secure operating system
See Software Recommendations for details. If you're not running a secure operating system, it will be difficult to impossible to protect your data.
We recommend using Apple's built-in whole disk encryption, FileVault. It can be turned on in System Preferences > Security & Privacy.
We recommend and use Apple's built-in Time Machine backup system. You'll need an external hard drive
so that the data is automatically saved to a second location. Off-site backup remains important in mitigating the risk of fire or theft. We use and recommend Backblaze
. At a cost of $6 a month per Mac, Backblaze will encrypt then backup an unlimited amount of data from your Mac. Data has a 30-day retention window, though longer time periods are possible for an additional couple bucks.
Sentinel, Sentinel+, Sentinel Ultra, Sentinel AM
[warning: we are tooting our own horn here]
Sentinel provides professional 24/7 oversight of the health of your Mac. We're monitoring all kinds of things (RAM, hard drive, Time Machine backups, battery, etc.)—150 different data points every hour.
Sentinel+ adds maintenance and security to Sentinel's 24/7 monitoring. Sentinel+ will handle most software updates so you don't have to as well as run maintenance routines to keep things running tip-top. This is includes basic scanning and quarantine of malware.
Sentinel Ultra is our top-of-the-line, four-in-one service that includes everything in Sentinel and Sentinel+. Ultra blocks malicious web sites, filters objectionable content, protects against email phishing threats, and even increases the speed of your web surfing. It's proactive security. Ultra represents our best effort and the best tool in our arsenal to keep clients safe on the web.
Sentinel AM is our anti-malware offering. It's a $5/mo add-on for Sentinel+ or Sentinel Ultra services.
A secure web browser with ad blocking
with the free open source content blocker uBlock Origin
is our first choice. Safari with AdGuard
(and blocking cross-site tracking turned on) is another fine option. AdGuard is no longer free, but Safari extensions are getting enhanced in macOS 11 Big Sur, so we're hopeful that getting uBlock Origin (our favorite) back on Safari is just a matter of time.
There's really no good reason to use Google, Bing, or any of the other search engines. Not only does DuckDuckGo
return excellent search results, you can use commands in the search bar (like "!g"—that's exclamation point plus the letter g) to search Google anonymously. You can search other search engines anonymously too via DuckDuckGo, and DuckDuckGo won't track you. In the search engine preferences for either Safari or Firefox, you can set DuckDuckGo as your default search engine.
A Virtual Private Network
A Virtual Private Network, or VPN, is an encrypted tunnel between your Mac (or iPhone or iPad) and another computer run by the VPN company. It protects your internet traffic so that anyone who might want to spy on your traffic locally can't. We use PIA VPN
which covers multiple devices (Mac, iPad, iPhone) for about $75 a year.
A Password Manager
We consider password managers like 1Password
indispensible. Instead of having to remember lengthy passwords or reusing the handful that we can remember, we remember one password to unlock 1Password, and the program takes care of the rest. 1Password can be a little complex to set up, so we typically will help clients with that. Actual use isn't too bad though and is typically within the reach of even basic users.
A Spam Filter
Apple's built in Junk Mail filter works for most spam assuming your email address isn't widely dispersed on the internet. If you're swamped with spam email, though, SpamSieve
can rescue you.
Avoid Social Media
If you're posting to social media like Facebook, you're not just telling your friends something. You're telling Facebook, and Facebook is hardly keeping your information top secret. Want to say something privately to a friend? Use Apple Messages or Apple's FaceTime. Both are end-to-end encrypted, and not even Apple has the keys.