Updating Mac OS/OSx

Its fairly simple to update the OS on a Mac from the App store. However updates can go wrong and or you can end up with software you rely on not working following an update due to incompatibility, leaving a restore as the only option. I’m very sceptical of any update to a completely new operating system. Fools rush in to discover problems, usually serious.

Caution and preparation is the best approach.

  1. Firstly if the operating system is a brand new release then WAIT! The rule “Never install version one of anything” applies, no matter how much of a good idea it may be, it can mean trouble. Wait until version .2 or .3 or even .4. Apples QA once irreproachable, is now not good and defects often shipped. Allow early adopters to discover problems and wait until Apple ships the later, re-worked versions with fixes.
  2. Check all your installed software will be work with your new OS. This can verified by visiting the various software vendors websites and checking your version works with your new OS or update accordingly.
  3. Next perform a backup, whilst Time Machine may do, its strongly advised to have a separate, independant backup using Carbon Copy Cloner or Super Duper. These superb programes will clone your boot disc and data to a separate USB connected disk from which you could perform a full restore if required.
  4. Decide on the installation type if you wish to perform a regular install where the OS is replaced leaving software and data intact or a completely clean install – which replaces everything with the new OS.

The update procedure:

Whilst your new OS can simply be downloaded and installed from the App store, Ive always found the best way to perform an update is from a bootable USB. This does not rely on internet bandwidth and provides more control. Whats more it’s extremely useful to retain a bootable USB disk with your OS on it.

To create a bootable USB pen drive of your operating system you need an 8Gb or 16Gb drive. It’s really easy and exteremely handy if you have to update more than one Mac:

  1. First download and install the appropriate version of DiskMaker X for your operating system.
  2. Download the version of OS or OSx required, if you don’t already have it just search for OS version direct download of .dmg – where version is 10.13 or other desired version.
  3. Connect up your pen drive then start up diskmakerX and follow the instructions. Be aware all data on the target pen drive will be erased during the process.
  4. Once you’ve created your new boot disk, plug it in, re-boot.
  5. Press and hold R until prompted, select the USB drive to boot from and follow installation instructions.

Good luck.

Hacking not needed

To access your bank account…

About 10 years ago a company called hak5 produced a WiFi gadget called a pineapple the intended market being for penetration and security testers, but anyone can buy one for around $100. The way the device works is simple, just connect it to your laptop & it scans for wireless access points and mimicks them. Then it scans for clients wanting to connect, offers connection but then forces http only connections (as opposed to https) even when https is demanded. All data passing through the pineapple is made available to the operator. Yup, thats everything including any log on details…

Hopefully, you’ve just sussed that the pineapple is the perfect ‘man in the middle’ attack and you dont have to be in Sainsburys or any other public WiFi place for an attack to succeed.

This is because your laptop or phone retains WiFi credentials if it can detect a public wifi network, such as that presented by the pineapple then it will attempt to connect to it.

Oh fuck! This really is fairly serious…

So how do you prevent this?

  1. When using a public WiFi connection, accept that everyone can see everything so never use your credit card or access your bank account or do anything remotely sensitive security-wise that involves a log-in.
  2. Avoid open networks – use only those that are WPA encrypted as the pineapple cannot impersonate them and check for https as opposed to http in public WiFi spaces, if you dont see a https connection then switch off WiFi.
  3. Use a VPN as a pineapple cannot sniff the traffic.
  4. Avoid public wifi and remove from settings any that you do, on a Mac its:
    1. System preferences
    2. Network
    3. Advanced
    4. Select any where security = none & click minus sign
  5. The browser add in HTTPS Everywhere It will force https where available so may assist in defeating such an attack.

Further reading here I intend to do some testing with iStumbler soon.

Mac in your business?

The Mac is achieving acceptabiliy in business. Privacy issues, update failures and security concerns regarding Windows 10 mean other OSs such as Mac offer a better alternative. For years creative professionals in graphic design used nothing but Macs, a superior solution for rendering, image editing and also for musicians. Stability and simplicity make Mac a good choice for smaller businesses without in house IT support. It’s a matter of choice, would you rather swim at a pool with ozone filtered water clean enough to drink or at the local sewage works ? I thought so, with the later your’e going to get a fairly serious virus. Out of the box Mac security is fairly good and can be improved dramatically with a little effort. Furthermore, It’s easy to recover should things go wrong, providing you have made a back-up!

Some of the benefits, myths and issues: In 2006 I got rid of all the PCs in my business. Vulnerabilities, failed updates, device drivers (sigh!) and inconsistencies caused huge frustration and since then have been Mac based. I really like the simplicity of the Mac OS, its a better choice with greater compatibility, providing excellent value as most of my Macs have lasted over 10 years. The mini is brilliant and probably best value. It just works.

Its not Microsoft! Major benefit as there are over 300,000 exploits for Microsofts operating system and not getting any better. Despite the hype, the buzz and hysteria Windows remains a big fat vulnerable target with MS stating they wont fix issues with Outlook not helping. Despite being promised ‘a ground up re-write’ almost every version of Windows is rammed full of legacy code which is not good.

It wont spy on you: I find it hard to believe that people use Windows 10 with all its data slurping and telemetry for the greater good. Forced updates that fail due to lack of testing don’t help and both of these are a good reason to dump windows forever.

The GUI is consistent! another benefit, OSx & OS are easy to master and the user interface is a model of consistency, no more oh no what have they mucked now? The Mac OS looks and works more or less as it did 10 years ago.

There are no drivers! they are installed again OSx & OS just does what it says on the tin, easy to use, simple to configure and a drag and drop UI that actually works.

But it’s not compatible is it? A myth of mis information and totally incorrect, your Mac will actually read more file formats out of the box. Firstly, lets not forget it’s Microsoft who can’t adhere to their own standards in docx with errors in its own ODF format. Pages, Numbers & Keynote will open, read, write and save as their Microsoft equivalents. Preview the Mac PDF viewer also opens about 30 different file formats, some I’ve never heard of. There’s also Ability Office which is free so no budget sucking Office365 subscription required.

Although Office360 might be more apropriate based on current outages.

For the truly paranoid for file compatibility theres Office for Mac 2019 with Word, Excel Powerpoint & OneNote. But again, buy the software don’t subscribe as its always much cheaper long term.

If you really do need Windows, theres VM Ware Fusion for the very few aplications with no Mac equivalent it runs windows on your Mac like another program. Theres also Boot Camp but Windows on ‘bare metal’ is unpredictable and best avoided or Parrallels. However, I consider VM Fusion the best way to run Windows on a Mac or a PC. It integrates well into Mac OS and it’s very easy to recover when Windows BSODs and wont re-start.

Issues – sorted: There are very few programs with no Mac equivalent like Microsoft Access which is not widely used although I still support a few databases created in it. There are programs with which you can view your tables and queeries but you can’t modify your code. See here (external link) for Access alterantives on a Mac. If you need something that wont run on a Mac then VM Fusion solves that problem.

I hate spam

I think spammers and spambot blog posters should be shot. I deploy a very effective way to reduce the latter to zero. Bots get nowhere on this site, if a bot is detected Anti-spam by Cleantalk stops it in its tracks following which the operators IP address is blocked. Regrettably, e-mail spam is more persistent and seems to be increasing. Did Mr Gates not say it would be a thing of the past with their not so clever SPDF DNS strings – which was nothing to do with spam anyway?

This post may help you control and reduce spam.

Currently, I have a spam filtered e-mail box, with virus scanning that works quite well. But with just a strength of filtering 1-10, with actions: ‘Indicate in subject line’ or ‘delete imediately’ when a spam mail is detected, it’s effectiveness is limited. There is also a white/black list for friends/spammers. You also can also add *@somespammer.com to block an entire mail domain but it’s time consuming to configure.

Recently the ability to block entire domain extensions has been added. For example if you dont want any mail from Russia and to be honest its usually loaded with malware then just add *@.ru to your block list. So now you can dump mail from all those crappy domains like *@.bid *@.icu *@.date and so on. Excellent, that is all.

As a standard feature of every mailbox, I would like: block by IP with a plug-in RBS facility, block by country. Thanks for nothing, ICANN. It’s important to control spam as many people insist (aaagh!) on using vulnerable mail clients such as Outlook – But it has a calendar, you know? WTF, it’s a total horrid, nasty half baked POS. Making it the hackers favourite attack vector of choice.

So, options: to process mail before downloading, there is an excellent program called mailwasher which you can use to examine the contents of your inbox, toggle good/spam, set friends etc. However it dosn’t actively prevent or reduce the stuff arriving. You just see less of it. It’s very good at what it does. Mailwasher is for PC only, Firetrust promised me a Mac version but sadly, none yet.

Mailbox filters: Most e-mail client support the use of filters, I use Thunderbird. By far the best mail client I’ve ever used and simple to configure a filter, on the menu it’s: Tools > Message filters the rest is obvious. Whilst this works well, it dosn’t stop rubbish arriving…

Then there is Spamcop which is a reporting service. I was rather pessimistic about this, but thought I’d give it a try. With Spamcop the idea is you copy and paste the message header and body text and submit it. Spamcop then analyses and produces a message sent to the abuse@spamdomain administrators of the relevant domain, who should act on it…

Knowing the pump and dump tactics of spammers, I was even more pessimistic but decided to give it a go anyway. At the start of April (ha ha) I started reporting and after a week or 10 days, the volume of spam recieved reduced. A month later it had diminshed significantly.

Update 14/05/2019: This really does work! I’m now getting very little spam now, so I reduced the filtering strength to allow more through to report. Anything that reduces spam has to be a good thing!

Mac Myths and other nonsense

I hear a lot of complete nonesense about Apple Macs:

  1. Macs are more secure – Maybe but attention required: As I no longer trust anything to be honest. I’d say out of the box, Macs are similar to Windows (ish). Although fundamental differences between Mac OS & Windows make Mac OS harder to break providing its configured accordingly. Windows has demonstrably poor security with Edge, IE & Outlook favourite hackers targets. Anyone installing ‘Adobe Flash Player’ makes any PC or Mac much less secure. Without a lengthy explanation installing flash scores a good 9/10 on the stupidity scale. If you must watch flash videos with buggy software, as Adobes software is legendary for security holes, at least install ‘Click to Flash‘ into Firefox so you have to grant flash permissions to run. You need to check firewalls are configured and permissions set on personal directories and perhaps consider using file encryption. I also consider a good antivirus like Sophos security suite is required whilst NoScript hardens your web browser but thats basic common sense. For further information on improving Mac security here.
  2. Macs are more expensive – Myth: I really don’t get this, people will spend thousands because a car does an extra 3 miles to the gallon, but shun a Mac with excellent longevity. I typed this article on an 8 year old MacBook Pro which looks and works like new. Five years was overtime for a PC, even buying top of the range at a similar price point to Apple. Second hand PCs are near worthless whilst Macs retain some value. Accountants fail dismally, they see bottom line but cannot comprehend through life value. My 12 year old Mac Pro is in daily use, that’s excellent value. Further more, if you have to faff around with your PC because something won’t work, or all too often an update failed, then it’s poor value. If I had a pound for every every hour wasted on a PC, I’d be a rich man.
  3. Macs are more restrictive – Myth: This is total, utter crap, just mis-information my Mac is much more flexible than any PC Ive ever owned – Wake up, smell the coffee. Mac apps my be a little different, that is all. Much easier to install and manage the Mac offers massive choice with better file format compatibility out of the box. Whats more virtually all software is written cross platform for Mac, PC and generally Linux too. PDF? create, edit, save, print and read them out of the box without Adobes bug riddled software. You also get Pages and Numbers with MS file compatibility out of the box. Whilst not as powerfull as Office, I’ve never found them lacking with Keynote being exceptional, it’s superior to Power Point in every respect. For another good Office choice, try Ability Office.
  4. Fact: There are a very small number of aplications without a Mac equivalent, MS Access is one, just load VM Fusion and run Windows in the safety of a virtual machine. It provides a better environment with more control over Windows than running it ‘bare metal’. VM Fusion has been my choice for many years. VM Fusion overcomes the PC to Mac upgrade for the paranoid, as the old PC can be exported to a virtual machine and run on the Mac.
  5. Fact: Mac software is better written My opinion, reached after many years, with more consistency and less crashes – IT JUST WORKS! And above all, my blood pressure just seems lower.
  6. But I have to learn a new operating system? Just like each new version of Windows with all its faults. Why bother? why not use one that works? Every time Microsoft update Windows it’s a cock up of ‘what have they done with…’or my printer wont print because no drivers work. Simple stuff you relied on gets re-invented by Microsoft but something fails – the latest victim being Paint. Paint is 34 years old and appeared in Windows 1.0 . It’s one of those simple programs that is very good at specific jobs and dosn’t occupy much space. So why do Microsoft have to replace it with paint 3D? Is creating problems that previously diddn’t exist a USP for Microsoft? MS, please leave paint alone! Guess what? those moronic monkey fiddlers at Microsoft have even mucked up textedit, what the hell for, leave the fekking things alone, just create another aplication you utter morons! Its another perfectly good programme that needs preserving from the likes of the imbecile mentality of ‘everything must be messed up for the hell hole of the Microsoft Store’ they must implement. If it does a good job leave things alone, if you must create an ‘improved’ version create someting else. Here, the Mac user interface is a model of consistency which reigns supreme. Looking back to the Panther, Tiger, Leopard era, it hasn’t really changed that much. Meanwhile Microsoft can’t decide but removes choice, stupidily forcing the much hated Windows 8 GUI upon users and removing the start button and populare rising menu – sigh. Classic Shell to the rescue, it provides a better GUI like XP or W7.
  7. Search: “We may never get MS search as good as Spotlight”. So said a Microsoft exec and Spotlight remains supremely good for finding files efficiently and does a fine job. I turn off the way it searches the Internet – I have duckduckgo.com because Bing is crap and Google horribly intrusive with a severe invasion of privacy.
  8. Device drivers: Apple got this right and never seems to fail as most drivers are supplied with the OS. With Windows it’s the archillies heel and your PC will BSOD because of device drivers at some point, usually quite badly. Microsoft retains the gold standard for failing consistently in this area if they analysed half of the data they slurp they would have sorted it long ago, bit oh no, that would mean fixing something. In 14 years I’ve only had to download two device drivers or kext files for Mac: For SMART monitoring of USB connected drives with DriveDX and for a 1998 Epson scanner, yes you read that right: Over 20 years old and still supported on a Mac, what excellent value? Value, if you want value for the love of God, give a PC with Windows 10 a very wide berth.

Speed up your Mac!

Macs require very little maintenance, however if you’ve upgraded your OS a few times and installed and removed different software, it may be time to check whats running and prune out unused software. Usual rules: Back up your Mac first! All information is offered ‘as is’ with no liability see our terms

  1. Remove any un-wanted aplications: Go to the aplications folder and drag any unwanted aplications to the recyle bin and thats it! However it may be desirable to remove all traces of a program using knock knock which will show you what’s persistent.
  2. Update your aplications: I’m undecided here, it makes sense to use the latest vesion of a program unless it’s version specific for your operating system or there are other reasons for retaining an older version. However later versions can sometimes be more demanding.
  3. Check your start-up programs: Click System Preferences > Users & Groups. Select your account and click the Login Items button. Check the apps loading are the ones you want.
  4. Repair disk permissions – not required with later OS – Run disk utility, select your HDD & click repair permissions and allow to run.
  5. Run Onyx – This is very deep cleaning software so be sure to BACK UP YOUR DATA FIRST and read and understand the instructions and FAQ then download the correct version of Onyx for your Mac OS. Onyx is very powerful software that performs maintenance operations on your Mac, each OS has its own version so it’s essential to use the correct version, be aware of what you are instructing it to do and let each sequence complete.
  6. Avoid files and folders on the desktop: Your Mac indexes anything on the desktop so minimising these and creating aliases to folders located under documents will help.

Speed up your hardware: Change your rotating disc to an SSD and add more ram. I changed my MacBook Pro 2011 to 16Gb of memory and it made a huge difference. Following this I fitted a Corsair MX500 SSD and again, there was a significant improvement.

Other updates I have performed involve changing a 2014 MacBook Pro retina from an AHCI drive to a Samsung 970 EVO NVMe using a carrier. The improvement was dramatic. Unfortunately, RAM is hard wired from 2013 so cannot be changed, but the NVMe blade installation worked very well.

Most iMacs, older MacBook Pros and Mac Minis are straight forward to upgrade, but check first to see if your Mac can be upgraded as later models have hard wired components. An SSD with more ram will usually boost performance dramatically.

The best and easiest by far is the Classic Mac Pro 5.1 where it is extremly easy to access all components. The MacPro construction is outstanding quality and very modular. Upgrades I have undertaken include:

  1. Change boot disc to NVMe on a PCi-e card – for blistering speed
  2. Add more disks as the MacPro can take 4 internal plus two from the e-sata bus and up to 4 NVMe blades with a suitable raid card
  3. Add more ram – 32Gb being a usefull amount for the MacPro
  4. Add obscene amounts of ram!
  5. Adding PCi-e card for USB 3.0 and 3.1 ports
  6. Adding PCi-e card for USB-C Thunderbolt ports
  7. Adding PCi-e card for SSD disc
  8. Change graphics card

Other Mac Pro 5.1 upgrades include changing processors and processor tray to go to dual CPU. The classic Mac Pro has lots of potential to make it a superbly capable and powerful machine for years to come.

Finally, when you have completed your upgrades, download GeekBench and see how much you have improved your Mac! My bench marks here

All information is offered ‘as is’ with no liability please see our terms


Windows on your Mac

Many users prefer Windows 7 over versions 8.0 and 10 which remain unfit for business due to numerous problems, regrettably misguidance and bullying from Microsoft with forced updates brings the threat of Windows 10 ever closer. It’s a good time to consider alternatives:

VM Fusion provides a way to preserve any version of Windows you wish to run by converting your PC to a virtual machine or create a new installation of Windows on your Mac. VMWare Fusion runs most versions of Windows: XP, Vista, 7, 8.1, 10 – see compatibility here and other operating systems such as linux without re-booting. You can install your windows software and isolate it from external interference, preventing Microsoft from forcing updates for example. This is very important where systems depend on specific versions of software or operating system requirements.

For example: As well as a systems analyst and network engineer, I’m a VBA programmer for Microsoft Access. In 2006 Macs replaced all my PCs since then, I’ve used successive versions of VM Fusion from Version 1 to 10 to run various versions of Windows: 2000 and 2003 server, XP and 7 on my Macs. Windows loads in its separate space like another programme and I can quickly and easily switch spaces to my word processor or spreadsheet running under the Mac OS. I keep my databases in a secure strong encrypted vault on the Mac from which XP reads once the vault is opened. In all this time, I’ve had just one irrecoverable (from Windows) BSOD about 8 years ago which took a minute to recover from the last Fusion snap shot.

VM Ware Fusion provides many benefits:

  1. Permits different versions of Windows to run on one Mac – very useful for testing or overcomming specific system requirements.
  2. Permits use of ‘Windows only’ software, such as Microsoft Access.
  3. Isolate your Windows installation from interference by Microsoft.
  4. Easily recover from a snapshot if problems occur.
  5. Share your data ie read & write to Mac from Windows.
  6. No other device drivers are required.
  7. It makes running Windows SO much easier and controlled.

Requirements:

Any modern Mac with sufficient disc space and ram will run VM Fusion, each VM requires about 40Gb of HHD space. For the later versions of Windows I’d allocate 4Gb or more to ensure they run reasonably well, with XP I use 2Gb but 1Gb will do. Microsofts recomendations are the absolute minimum, so don’t starve your guest OS.

With Fusion you can harness the full power of the Mac, allocating multiple processor cores and allocate resources as you see fit. The more ram you have the better and yes, you can adjust it later although you may be forced to re-activate Windows.

Next, download and install VM Ware fusion on your Mac, I prefer version 10 as due to issues with Fusion 11 – it’s a bit too new for my liking and V10 works fine – see the version compatibility grid for detail. The current license initiates either version 10 or 11. Once Fusion is installed, you can create a new virtual machine, import your virtual machine or virtualise an existing PC and import it to your Mac. Just follow the installation instructions, the choice is yours!

See this Youtube video below for further information (no association)


Backup your VM: If your VM is important then it’s adviseable to create an independant backup as well as take snapshots. A snapshot is exactly what it says: on the fusion menu Virtual Machine >Snapshots… > Snapshots or Take Snapshot. To copy a VM go to the Virtual Machines folder under Documents locate your VM – the file will be named with the file extension: .vmwarevm ie windowsXP.vmwarevm and will be several gigabytes in size then copy your virtual machine to a seperate drive.

Restore your VM: If your Windows VM BSODs as is often the case with an incorrect driver and refuses to start, restore your VM from a snapshot. On the Fusion menu its Virtual Machine > Snapshots… > Restore snapshot.

Improve Mac Security

Out of the box, the Mac is reasonably secure, improving your web browser security with add ons and installing a good Antivirus package will increase security significantly.

Anti virus / security packages:
Several AV programmes feature a full security suite at aditional cost. They usually require OS Sierra or above. The following are worth considering:

Sophos home / premium is my preferred solution.

AVG is a very good free solution.

Avast very good as it supports older versions of Mac OSx from 10.6.8, for now. However it harvests data.

Knock Knock (Mac only) whilst not AV as such it does show you what is persitently running on your Mac and help identify those programs and their location.

Destroy advertising – I mean totally, utterly and completely:
Browser attacks are often launched from malware laden adverts, this technique was used to attack computers from adverts served from the BBCs website a few years ago. Whilst the Adblock Pro and U Block Origin are very good, the best way to destroy adverts is to use pi-hole DNS servers see: https://pi-dns.com for more. Some web sites detect add blockers and request you allow their adverts. No thanks Pi-hole blocks everything. There service also supports DNS over https in addition, but needs to be configured.

Your web browser and e-mail are popular attack vectors:
Attacks are frequently via e-mail with links to malware/phish sites, therefore it is essential to control spam and delete any received. It’s essential to learn to recognise ‘social engineering’ e-mail whilst making your web browser as resillient to attack as possible, locked down against malicious scripts, malware and hostile cookies. “Your account has been hacked…” – usually means nothing, bad spelling English and false claims make these stand out.

Mozilla Thunderbird (Tb) has long been my POP3 e-mail program, I’ve yet to see anything better.

Mozilla FireFox (FF) has been my primary web browser for many years and it supports a good choice of security ‘add ons’. These are easy to install and configure. Google Chrome is a privacy disaster, best avoided. Whilst Safari is to be honest, best left alone. I sometimes use it but flush all cookies afterwards.

I seriously hope windows users have long abandoned Edge and Internet Explorer, not fit for purpose. Microsoft were never ‘up with the hunt’ with security and the Internet.

Firefox security can be improved significantly using the add ons listed below. To search for FF add ons: In the top menu, its: Tools > Add-ons then search and install your desired add-on.

Stop browser fingerprinting: Why do companies do this? So I use the CanvasBlocker add on to prevent this unwanted activity, best known as spying.

Stop uncontrolled scripts: It is really vital to limit scripts in your browser which can connect to dozens of web sites behind your back. The No-Script add-on limits scripting activity in your browser and you have to set permissions for each site. Initially all your sites will need script permissions assigning, which can be a bit annoying but they remain and once configured No Script will only require adjustment as you visit new web sites. This add-on alone is excellent and will prevent a lot of malicious script attacks.

Ghostery: Ghostery controls tracking and advertising cookies, it already has a preconfigured database of hostile cookies and trackers and allows you to set permissions if required.

U Block Origin: Like ghostery this filters out unwanted irritating adverts that take bandwidth and waste time. There is virtually no control over advertising on the web, as the BBC discovered anyone can rent ad space and sling ransomware or anything… Can you trust the BBC? Not anymore.

Multi account containers: containers runs the selected browser tab in an isolated sandbox – nothing in and nothing out, it then deletes everything in the sand box on exit. Use containers for banking and on-line shopping or anything where improved security is highly desirable.

Smart https: This automatically changes HTTP protocol to HTTPS, where possible and if loading encounters error, reverts it back to HTTP. You might like to consider using DNS over https which Firefox supports and is being implemented in other browsers. This means DNS is resolved by encryption over port 443 as opposed to in plain text over port 53. This means that your ISPs DNS servers are not used, so it’s a bonus for both privacy and security.

Cookie AutoDelete: does just that, decide to white/grey list domains and cookies will be erased when you close the tab if set to delete. It also protects your privacy as it stops google, fb etc following every site you visit by deleting their tracking cookies.

I dont use FaceBook, you might – a disgusting invasion of privacy in my opinion, the company has lied and lied again. If you must use FB then the FF add on: F.B Purity is essential to limit FB intrusion.

Facebook Containers another nice add on for Fb users that loads Fb in its own container. When you close the tab it logs you out of FB and dumps ALL Fb cookies to help prevent their trackers following and profiling your browsing activity.

Going further…

There remains the issue of web sites connecting to all manner of servers. Today, your personal information is the product and organisations like Google and Facebook etc take everything by any devious means possible. Whilst no-script controls this to a degree, a further layer can be added with Little Snitch – Mac only . This program is wonderful, it intercepts ALL outgoing traffic from your Mac and allows you to decide and block connections to servers that you consider intrusive (Google etc), un-neccessary or hostile attack sites with malware! The rule list is easy to configure or correct if you make an error. See here for an overview tutorial – it’s American, but a good introduction. I have used Little Snitch for several years and strongly reccomend it.

So next load up a site laden with tons of garbage like The Daily Fail and see how much rubbish, adverts, trackers and other crappy scripts are stopped or blocked. DM – your advert filled trash rag makes a fine testing ground :D.

Finally, if you download your e-mail then Mozilla Thuderbird is an excellent e-mail client. It can also be configured to restrict images in an e-mail as this prevents ‘pixel tracking’.

Remove the Adobe flash player plug in. In fact most Adobe software seems fairly poor security wise but Flash is a turd, rich in vulnerabities. Flash is long overdue retirement and often the hackers first choice attack vector.

Thankfully flash will be retired in December 2020 and unsupported so get rid of it now! The Internet without Flash will be a safer and better place.

Getting slightly technical
If you really want to neuter these barstewards that proliferate on the Internet with their trashy malvertising, then consider modifying your hosts file, it’s fairly simple to do and there are plenty of pre-configured host files out there. Perhaps the most popular is the MVPs one. It simply sets a large number of known crappy websites IP to 127.0.0.1 or 0.0.0.0 and thus you will never load them in the background further reading here it’s Windows related but Macs and any other OS will use a hosts file, you just need to know how to edit it, this explanation is fairly good. However, it would be a great thing if someone could write a utility to do a host file edit.

All information provided ‘as is’ with no liability see our terms

Back up your Mac

It’s not often things go wrong, but this information could save your important data and settings should the worst happen.

Time machine: for years the Mac operating system has included Time Machine (TM) as its backup program. Simply format a separate disc OS Extended (Journaled) or use a Time Capsule. Then load TM (System Preferences > Time Machine) and point it at your disc. It dutifully starts the backup and will run incremental backups as files change. There are plenty of ‘How to’ such as the Apple page on line which explain in detail if needed.

TM can soon fill up disc space so it makes sense to buy a reasonably large disc, a WD 1 Tb 2.5″ laptop disc makes a good choice, easily mounted in a caddy with no external power supply required. Don’t bother with SSDs as the interfaces cannot exploit their R/W speed.

If speed is essential and you have the new Thunderbolt USB ports then an SSD or an NVME blade is an option. However, NVMe drives will get hot during sustained high speed R/W transfers with Thunderbolt making a high quality NVMe enclosure with sufficient cooling absolutely essential. A cheap case with poor cooling may result in drive failure or the disk may slow to a crawl to await temperature drop during use.

If you have a QNAP NAS then the OS allows for the installation of a Time Machine target partition so that makes a good choice as you can increase the partition size as desired.

Time machine is very good at what it does, but there are a few limitations:

  1. Your first backup will be large so allow plenty of time to complete as it’s usually several gigabytes of data.
  2. The TM disc needs to be connected to your Mac, if you have a wireless connection this can be overcome in conjunction a Time Capsule as your target TM storage.
  3. It omits the hidden boot partition. Although you might be able to opt for ‘Internet boot’ it’s a really good idea to have a copy of the boot files to recover such as a bootable pen drive with an install copy of your OS.

Another excellent back up solution is Carbon Copy Cloner (CCC) This is afirst class utility which can ‘clone’ any selected disc including the boot disc to your designated backup disc. CCC will also clone the hidden boot partition which is something Time Machine does not do. Theres nothing like the additional security of an independant backup, particularly if it’s disconnected from your Mac.

More information on CCC and download of 30 day trial here

Create a bootable USB pen drive of your operating system on an 8 or 16Gb drive. This is really easy with the right tools, exteremly handy if you have to update more than one Mac, but very useful anyway:

  1. First download and install the appropriate version of DiskMaker X for your operating system.
  2. Download the version of OS or OSx in use, if you don’t already have it.
  3. Connect up your pen drive then start up diskmakerX and follow the instructions. Be aware all data on the target pen drive will be erased during the process.

There are plenty of ‘How to’ on line.

All information provided ‘as is’ with no liability see our terms