Transcript of Notes for the June 1st, 2014 ByMUG Meeting
Meeting Location: Patty Bolands, located at 101 Clarence Street.
Meeting Agenda: 1Password, VPNs (Virtual Private Networks), Migration Assistant, and Q&A.
ScanSnap: Check startup folder (PC), more RAM helps most problems.
FYI – Telestream Flip4Mac to play WMD files. As of May 2014, it’s no longer free. $5.95. Use Video Monkey to convert to m4v files fo older files. Microsoft support has ceased.
FYI – Bell Fibe, like DSL, has wicked fast speeds (up and down). Good for uploading and downloading a lot of data. Bell has charged Fibe plans and old DSL plans. Be careful and check to see if you’re getting locked in a contract, or if you’re paying month-to-month. Locked is 6 months at a reduced price.
Rogers has charged plans too, at reduced prices.
Call to match TekSavvy’s plans.
Question re: MacKeeper
Avoid MacKeeper. NEVER INSTALL. Preys on people by claiming to clean up and fix your computer, but really, all they want is your credit card number to charge you behind the scene for anything their software does.
Question re: Activity Monitor
If you don’t know what processes do on your computer, look them up on Google.
Question re: Random reboots
To find out what is causing your computer to reboot, check out the Console’s logs under Users>User Name>Library>Logs. You can scroll the files to look back in time for other instances.
Some causes of random reboots include bad memory, weird wonky USB ports and devices (try unplugging them), system extensions, and hard drives (use Disk Utility to examine it for errors based on crashes).
Note: More on the Console will be discussed at the July 2014 meeting.
Note: This topic came up because of the recent Heartbleed bug due to OpenSSL. It was a volunteer effort. Now, money is being thrown at it to improve many systems out there that have not yet been fixed.
What the Heartbleed Bug did: Nefarious people could examine ‘secure’ information by grabbing more information than entitled to grab other people’s passwords, etc., and since it didn’t show up in server logs, system administrators were unaware of the outcome. For those who reuse passwords, they could break into many of your accounts, reusing patterns, etc.
Tom heavily recommends you buy and use iPassword or another password management program. 1Password securely stores all your passwords, and even generates new, secure passwords for you upon request, so you don’t need to rely on other software or sites’ password generators. It’ll even store the answers to security questions. Generated passwords are 30 characters long, and accept sentences with punctuation and capital letters. Odd passwords are accepted.
1Password CANNOT BE HACKED.
Coffee shops are no places for banking, but it’s okay to surf and use Facebook.
Banks have horrible password policies (i.e. 7-12 characters long).
1Password (secure browser in iOS) vs iCloud Keychain for Safari.
Macs, iPhones, and iPads sync passwords between iOS and OSX, but Apple’s iCloud Keychain for Safari is good enough for most passwords.
On iOS, type “op “ before “http://“ in your web browser to open 1Password.
No secure information for other categories.
Keychain Access-Prefs (First Aid) [Keychain unlocked] No.
You can shut down Keychain in Safari when using iPassword, but Keychain is still very useful for Mail, accounts, WiFi passwords, etc. Very useful, so don’t turn off Keychain completely.
Safari > Prefs > Passwords X autofill user names & passwords.
tab: Security – Checked for All.
tab: Privacy – Remove all website data (i.e. cookies), reset settings and cookies. Delete periodically. Some sites require cookies and 3rd party cookies. There is no danger in saving cookies.
There are other ways to Private Browse.
– Surf in Private Mode: Deletes information as soon as you leave the browser. It retains no history. Nothing gets left behind. You have to log in to sites. It’s great if you’re not using your device.
– TOR (‘Dark Nets’): Places on the Internet where most people don’t go, like ICQ which used to be very common.
ALERT: Please change eBay passwords. They were compromised. If 1Password is set up, you only need to change one password for that site’s multiple services.
1Password Demo Mode
On the left site of the window:
Favorites – i.e. if you have many gmail or Facebook accounts and you want to choose one.
Logins – Password options (most of your entries will be here).
-Photos of the front or the back of credit cards and other items in your wallet in case you have them stolen.
-Enter the information of credit cards to facilitate paying online.
i.e. Use Amazon to cut saving information on the site.
Question: Why use PayPal?
You choose to trust PayPal (a single high-profile site (reputable)) instead of multiple vendors.
PayPal is not a bank, and therefore is not subject to bank rules.
You can transfer money in and out of PayPal accounts, from credit and debit accounts.
Secure Notes: i.e. friends’ security code, WiFi passwords in 1Password.
Software Licenses: You can save 1password license in DropBox.
Identities: Store here – fills in online forums so they don’t save on the other site.
Watchtower: Heartbleed shows vulnerable passwords. Weak duplicates by age greater than one year old.
Safari cmd to menu bar key icon to open mini-1Password.
1Password won’t log into fake websites automatically. It will alert you to fake sites.
GMail (set up two factor authorization) Junk filters: You may never see some e-mails.
Question: iOS version of 1Password is not as robust as the MacOS X version?
Answer: iOS apps can’t pass information between each other. i.e. Safari and iPassword. iPassword has a built-in browser which is very secure.
Sync: Dropbox vs. iCloud: iCloud ties to only Apple devices. Dropbox works on other operating systems outside of the Apple eco-system, such as PCs.
Dropbox’s servers are less secure in the US, and therefore are subject to the NSA, etc.
Use iCloud if you’re only using iOS or OSX.
Local WiFi or USB (other backups/sync options)
Backups in TM in Dropbox or iCloud.
Latest update allows you to print items.
Vaults are useful if stored on a computer. Multiple vaults on the same license are okay.
Shared vaults: You can export items to share them with others.
Standby in iMessage: It is encrypted end-to-end as opposed to e-mail which is not secure.
Terminal: “Traceroute” typed in Terminal will display the full path data takes to get to a certain domain or IP address on the Internet.
1Password is often discounted, but usually goes for $50 for OSX.
There is a Mac Power Users’ discount on sale every 2-3 months.
Password Generator (Toronto, Canada)
Question: How to see previously generated passwords?
Answer: Copy and Copy to Clipboard
email@example.com: very responsive to feedback.
Option key reveals passwords.
H2: Create secure form fills. Demo available. They have demos to show many features.
In the US, banks are responsible for credit card fraud.
Unblock-US? Fake it. Worldwide IP Spoofing. Back to my Mac (encrypted remote access).
1) Remote access to office securely creates encrypted tunnel end-to-end.
2) Join 2 remote networks together.
3) Public locations i.e. Mac in public Wi-Fi – home networks
Plugin to browser encrypted to some endpoint in Canada when traveling abroad.
4) Work around geoblocking i.e. watch BBC, Hulu, etc. takes your traffic and dumps it out in the country of choice.
If on an iPad or other portable device, all traffic gets dumped, so be careful.
VPN need secure bandwidth between coffee shops.
magiccloak.com is a free Canadian proxy service.
Own VPN if router supports it at home.
Runs on OpenVPN
Macserve.org.uk iUPN (MacOS 10 Server)
Dyn.com gives you an address on the Internet provides access to home network remotely.
Setup Guest Networks: Apple Airport Extreme to provide guest access to some but not all services i.e. Internet but not local computers or printers.
Interface to configure settings already on the machine.
FileMaker to backup specific files in Dropbox.
To watch TV – Slower VPN vs. DNS Spoofing (no security) (is better, but be careful) – TV watching
BBC, Hulu vs. Netflix
Great new feature: Pixelmator now features a repair tool. Pixelmator can replace Photoshop Express. Newer codebase than Photoshop.
Use graphic converter.
Copy date —> New Mac use Spotlight to find Migration Assistant in the Utilities folder.
Choose Transfer info From —> To will restore from Time Machine or fully-functional Mac.
Ethernet between two machines is fast.
Select info to transfer.
Will overwrite existing data if it is there.
Will segregate incompatible apps.
Nothing is done to the From/Service.
Won’t bring some software licenses (store them in 1Password).
Question: Why maintain multiple versions of iWork (i.e. Pages): lost features in newest update.
iOS vs. Mac versions now have some codebase.
Confident that “lost” features will be reintroduced.
Final Cut Pro X.
Adobe Creative Cloud – MS Office 365 – Google paid apps.
Update more often when the cloud doesn’t work.
Great for IT administrators. Costs more per year.
Jon: WWDC Tomorrow (June 2nd)