Tag Archives: Apple iMac

Apple Is Wrong. You Need To Cover Your MacBook Camera!

Mac Camera Cover Guide : Why Apple Is Wrong!

Apple recently advised everyone not to cover the camera of their Mac laptops, and rely instead on the camera indicator light.

Find out why Apple is WRONG, and why you need to physically cover your Mac computer’s camera!

 

Mac Camera Cover : What Is It For?

Cybersecurity specialists have long advocated covering the built-in camera of your computers, not just MacBook laptops or Mac desktops, with a camera cover of some sort.

This prevents hackers from taking over that camera, and secretly recording you. This has implications beyond just recording your embarrassing moments for blackmail.

With access to your laptop camera, hackers can determine when you are away from home, who lives at your home, who you are working with, and even where you currently are.

 

Apple : Don’t Use A Camera Cover For Your Mac

In their recent HT211148 tech advisory, they asked Mac laptop (MacBook, MacBook Air, MacBook Pro) users not to use any camera cover.

Recommended : Warning : Using A Camera Cover Can Damage Your MacBook!

Instead, they recommended that you use these two built-in features for your privacy :

A. The Green Camera Indicator Light

Apple points out that your Mac computer has a camera indicator light that glows green whenever the camera is active.

They also claimed that the camera is designed not to activate unless its indicator light is also turned on.

B. The Camera Access Control

As an additional measure built into macOS Mojave or later, you must give an app permission before it can use your Mac computer’s camera.

To view which apps has access to your Mac computer’s camera, and to revoke any app’s access :

  1. On your Mac, choose Apple menu  > System Preferences, click Security & Privacy, then click Privacy.
  2. Select Camera.
  3. Select the tickbox next to an app to allow it to access your camera.Deselect the tickbox to turn off access for that app.If you turn off access for an app, you’re asked to turn it on again the next time that app tries to use your camera.

 

Why Apple Is Wrong, And You Need To Cover Your Mac Camera!

Apple fans may hate us for this, but they are wrong. You must physically cover your Mac computer’s camera to protect yourself.

Hackers Always Disable The Indicator Light

Mac computers are not the only ones to feature an indicator light for their built-in cameras. Most computers with a built-in webcam have such an indicator light.

It is, therefore, SOP for hackers to disable the indicator light after gaining control of the camera. Camfecting attacks won’t work if you are aware that the camera is turned on…

Apple asserts that the camera and its indicator light on Mac computers are wired in series, so the camera won’t work if the indicator light is turned off.

However, a 2013 Johns Hopkins University paper showed how it was possible to disable the indicator light of a Mac computer’s webcam, even though the camera module had a “hardware interlock”.

This isn’t just an obscure research subject. The FBI has the capability to covertly activate a computer’s camera without triggering the indicator light, according to Marcus Thomas, the former assistant director of FBI’s Operational Technology Division.

The only ways to prevent such attacks would be to either turn off your computer, or physically cover the camera.

Hackers Won’t Ask You For Permission

Security researcher Ryan Pickren showed in April 2020 how seven flaws in Apple Safari can let malicious websites hijack your camera and microphone to spy on you.

All you have to do is click on a link, and it lets the malicious website gain access to your webcam without asking for permission.

So much for the Mac Camera Access Control feature…

You May Not Notice The Light

Even if the camera indicator light is not disabled, it doesn’t mean you will immediately realise when the light turns on.

By the time you realise the green light is actually glowing, it may already be too late.

This is partly because it emits a steady glow, and doesn’t blink. Of course, a blinking light is bloody irritating, but we are more likely to notice it than a static green glow.

The only way to prevent that is to physically cover the camera.

Hackers Can Turn On Sleeping Or Hibernating Computers

Don’t assume that just because your Mac computer is sleeping or hibernating, hackers cannot access its camera.

They can potentially wake your computer, turn on the camera and record from it, with the indicator light turned off.

Security researcher Pedro Vilaça showed in 2015 how it was possible to remotely “root” and take over a Mac computer after it wakes up from sleep mode of 30 seconds or longer.

Irrespective of the method used, once hackers gain control of your computer, they can turn on its Wake On LAN (WOL) feature to remotely wake up your computer, like what the Ryuk ransomware does.

The only way to prevent that is to turn off your computer, or physically cover the camera.

Cybercriminals Can Trick You With A Fake Blackmail

Even if cybercriminals are unable to access your camera, they can still trick you into believing they somehow took compromising photos or videos from it.

They send out thousands of spam emails every day to trick people into believing they have been caught on camera.

People who don’t use a camera cover can be convinced into believing that their webcams were somehow compromised, and tricked into paying up to avoid exposure.

The only way to prevent that is to physically cover the camera.

 

The Best Way To Cover Your Mac Computer Camera

While we strongly advise you to cover your Mac computer camera, that does not mean you should risk damaging your display.

Laptop Computers (MacBook, MacBook Air, MacBook Pro)

According to Apple, we should not use any camera cover that is more than 0.1 mm thick. That basically rules out any camera cover, because it is impossible to make one that thin.

They also advise again using anything that leaves an adhesive residue. So that means cellophane tape (Scotch tape) and packaging tape should be avoided.

So here are the best options for you to consider, based on your requirements :

  1. If you don’t intend to use the camera at all
    a) Use your laptop in clamshell mode, with a separate monitor, keyboard and mouse
    b) Cover the camera with masking tape, which is gentle and leaves no residue
  2. If you plan to use the camera
    – Cut a small piece of sticky note, so that there is an adhesive part and a non-adhesive part.
    – Alternatively, cut a piece of masking tape, and fold part of it to create a non-adhesive portion.
    – Cover the camera with the adhesive part
    – You can then use the non-adhesive portion to pull it off whenever you need to use the camera

Desktop Computers (iMac, iMac Pro)

Desktop computers like the iMac or iMac Pro don’t have to worry about damaging their displays with camera covers of any thickness.

We therefore recommend using a proper camera cover that slides to let you use the camera whenever you want to, and physically cover it whenever you don’t.

Just make sure the camera cover does not use excessively strong adhesive, or leaves a residue that will require using solvent to remove, which could damage the display coating!

 

Recommended Reading

Go Back To > Computer | Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The 12/12 Machines Sale – What Deals Can You Expect?

KUALA LUMPUR, 11 DECEMBER 2017 – Machines Sdn Bhd (Machines) today announced that it will be holding the first 12/12 Machines sale – its first ever sale held completely on its online store. We share with you the Apple devices and products that will be offered at great discounts starting tomorrow!

 

The 12/12 Machines Sale

For 12 days, from 12 December 2017 until 24 December 2017, Machines will be offering great savings on the Apple Watch (priced from RM999), iPad Pro (priced from RM1,599), MacBook Air (priced from RM2,999), MacBook (priced from RM3,999), Macbook Pro (priced from RM6,999), and other items with discounts of up to 80% off retail prices.

“As the countdown to Christmas nears, we want to give our customers an opportunity to find the perfect gift for their loved ones – or for themselves,” said Andrew Cheng, Director of Machines. “We chose to hold the sale online to give our customers the best deals without having to brave the holiday crowds”.

All purchases from the Machines online store come with free delivery to customers in Peninsular and East Malaysia. Customers have the option of home delivery or can opt to collect their purchases from selected Machines stores. Payment can be made via online transfer or locally issued credit cards (terms and conditions apply)

[adrotate group=”2″]

All products are in their original packaging and come with a one (1) year manufacturer warranty from the date of purchase. In addition, smartwatches purchased during the sale are also eligible for the Machines Protection Plan – a two-year extended warranty that protects products against accidental damage.

While the sale prices will only be applicable starting from 12 December 2017, customers are currently able to browse the available products on the Machines online store.

When you are ready to purchase, visit https://machines.com.my/collections/1212.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Apple Rushed Out macOS Root Bug Fix & It Shows…

Lemi Orhan Ergin did not give Apple any forewarning when he publicly revealed the massive macOS root bug on Twitter. He basically exposed a zero-day vulnerability for hackers to use, while Apple rushed on a bug fix. The good news is Apple just issued the root bug fix in Security Update 2017-001.

This is really fast work, but it also showed their sloppiness. Hopefully, the bug fix does not introduce additional bugs!

 

macOS Security Update 2017-001

[adrotate group=”2″]

Apple released macOS Security Update 2017-001 just a day after the macOS root bug was revealed. They also gave us more information on the bug that caused so much ruckus around the world (and rightly so).

  • The bug only affected macOS High Sierra 10.13.1.
  • The bug did not affect computers running macOS Sierra 10.12.6 or earlier.
  • They confirmed that it allowed an attacker to “bypass administrator authentication without supplying the administrator’s password“.

You can get more details on the root bug in our dedicated article – The macOS High Sierra Root Bug Explained!

 

How Do I Download The Root Bug Fix?

The macOS root bug fix is now available for download via the App Store. If it doesn’t appear yet, just click on the Updates icon to refresh.

Please note that this bug fix will reset and disable the root user account.  If you need to use the root user account, you will need to re-enable it, and change its password, after applying the update.

 

Terminal Users, Watch Out!

If you’re using Terminal to update though, you may face some complications due to Apple’s sloppiness. Chai discovered that Apple accidentally used a space instead of the version number.

This is not an issue if you are downloading the patch through the App Store. But if you’re applying the patch via Terminal, you need to add a space.

softwareupdate -i “Security Update 2017-001- “

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The macOS High Sierra Root Bug Explained! Rev. 2.0

The Internet is abuzz with the shocking revelation that now everyone can hack an Apple computer… as long as it’s using the latest macOS High Sierra operating system. Let us explain what’s going on, and share with you the workaround for the macOS High Sierra root bug.

Updated @ 2017-11-30 : Added a new section on the Apple bug fix (Security Update 2017-001) [1], and additional information on the root bug [2].

Originally posted @ 2017-11-29

 

What Is Root User?

If you are the primary user of a MacOS X system, you have an administrator account with administrator privileges. This gives you more privileges and access than a standard user account. However, that is not the highest access level possible.

There is a Mac superuser account called “root” that gives you elevated read and write privileges to hidden or protected areas of the system. With the Mac root user account, you can even access files in other user accounts.

In fact, it gives you such God-like powers, you can modify or even delete critical system files. In fact, a Mac root user can use the rm -rf * command to delete the contents of every mounted drive in the computer, until macOS crashes when a crucial file or folder is deleted.

So this Mac root user account should only remain disabled unless you really, REALLY need to use it.

Suggested Reading : The Mac Root User Login & Password Guide

 

The macOS High Sierra Root Bug Updated!

On Tuesday, 28 November 2017, Turkish software developer Lemi Orhan Ergin revealed the macOS High Sierra root bug. With a few simple steps, anyone can gain elevated root user privileges in any computer running macOS High Sierra! Here is a summary of what we know about the root bug :

  1. The root bug exploit requires a computer running macOS High Sierra, with multiple user accounts.
  2. When prompted for a username and password, use these steps to gain root user access without any password :
    • Type “root” as the username and leave the password field blank.
    • Just click “Unlock” twice.
  3. The root bug cannot be exploited remotely, unless screen sharing is enabled.
  4. The root bug was introduced in macOS High Sierra 10.13.1. Earlier versions of macOS were not affected.
  5. Apple confirmed that the bug was due to “a logic error… in the validation of credentials“.
  6. Apple also confirmed that the bug would allow an attacker to “bypass administrator authentication without supplying the administrator’s password“.
  7. Several security researchers successfully replicated the bug.

 

How Serious Is This Root Bug?

The macOS High Sierra root bug is EXTREMELY serious, because it allows a hacker to easily bypass all of the macOS operating system’s security protections.

It doesn’t matter if you encrypted your computer, and secured it with an extremely long and complex password. Anyone who gains root user privileges using this bug can access (read, copy or move) the files in any user account (even those of an administrator) without knowing the password.

What’s even more troubling is that the root bug works even with a disabled root user account. This means the vast majority of Apple computers running on High Sierra are compromised, as the root user account is disabled by default.

 

How To Fix The Root Bug?

Unlike other security researchers, Lemi Orhan Ergin did not forewarn Apple before publicly revealing the bug, on Twitter no less. He basically exposed a zero-day vulnerability for hackers to use, while Apple rushes to fix the bug.

1. Install macOS Security Update 2017-001 New!

Apple just released Security Update 2017-001. This update will remove the root bug and improve credential validation. INSTALL THIS UPDATE NOW!

Note : This bug fix will reset and disable the root user account.  If you need to use the root user account, you will need to re-enable it, and change its password, after applying the update.

Note : Apple rushed out this update so quickly that they accidentally used a space instead of the version number. You can read more about this in our article – Apple Rushed Out macOS Root Bug Fix & It Shows…

This is not an issue if you are downloading the patch through the App Store. But if you’re applying the patch via Terminal, you need to add a space.

softwareupdate -i “Security Update 2017-001- “

2. Enable Root User With Your Own Password

[adrotate group=”2″]

If you cannot apply Apple’s bug fix yet, you can block this root bug by enabling the root user account, and setting a password for it.

It’s not so straightforward, so we created a step-by-step guide for you – The Mac Root User Login & Password Guide.

3. Use Additional Encryption

Alternatively, you can opt to move your sensitive data to encrypted containers or drives using third-party encryption utilities like VeraCrypt. Hackers may use the High Sierra root bug to gain access to the encrypted containers or drives, but without the correct password, the actual data won’t be accessible.

4. Physically Protect Your Apple Computer

The good news is the High Sierra root bug generally requires physical access to your Apple computer. Until this bug is fixed, you should make sure your Apple computer is never left unsupervised.

Keep it in a locked room or bag, whenever you are not using it. If no one can get to it, they cannot use the bug to gain root access.

5. Disable Screen Sharing

The High Sierra root bug can be exploited remotely if Screen Sharing is enabled. So make sure you disable Screen Sharing.

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Mac Root User Login & Password Guide

Want to have elevated God-like privileges to your Mac OS X system? Then you need to be a Mac root user. In this guide, we will teach you how to enable the root user account in OS X, change the password, and disable it.

For experienced users or power users, you can use Terminal to quickly make these changes :

[adrotate group=”2″]

If you are an inexperienced user, you can use the GUI method, which has more steps but does not require keying in commands.

 

What Is The Mac Root User?

If you are the primary user of a MacOS X system, you have an administrator account with administrator privileges. This gives you more privileges and access than a standard user account. However, that is not the highest access level possible.

There is a Mac superuser account called “root” that gives you elevated read and write privileges to hidden or protected areas of the system. With the Mac root user account, you can even access files in other user accounts.

In fact, it gives you such God-like powers, you can modify or even delete critical system files. So this Mac root account should only remain disabled unless you really, REALLY need to use it.

OS X High Sierra currently has a root bug that allows practically root access in a few simple steps. Therefore, Apple advises you to enable the Mac root account, with your own password, until they fix the bug.

Suggested Reading : The macOS High Sierra Root Bug Explained

 

How To Enable The Mac Root User / Change Password (Terminal Method)

Requisite : You need to be logged into an administrator account.

Please note this method is used to both enable the root account, and to change its password. The single command line of sudo passwd root both changes its password, while enabling the root account.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Utilities, and select Terminal.

Step 3 : Type sudo passwd root and press Enter.

sudo passwd root

Step 4 : You will be asked for your administrator password, not the new root password. Key in your administrator password and hit Enter.

Step 5 : Now key in the new root password, and hit Enter. Then retype the new root password for verification, and hit Enter.

That’s it! You have successfully enabled the Mac root account, with a password of your choice. To use it, you need to log off your administrator account.

[adrotate group=”1″]

 

How To Disable The Mac Root User (Terminal Method)

Requisite : You need to be logged into an administrator account.

Step 1 : In Terminal, type dsenableroot -d and press Enter.

dsenableroot -d

Step 2 : Key in your administrator password (not the root user password), and hit Enter.

If you succeed, you will see the notification : ***Successfully disabled root user.

Next Page > How To Enable The Mac Root User Account (GUI Method)

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How To Enable The Mac Root User Account (GUI Method)

Requisite : You need to be logged into an administrator account.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Users & Groups.

Step 3 : In the Users & Groups screen, click on the lock and key in your administrator name and password.

Step 4 : Click on Login Options.

[adrotate group=”1″]

Step 5 : Click on the Join… (or Edit…) button next to Network Account Server.

Step 6 : Click on the Open Director Utility… button.

Step 7 : Click on the lock, and key in your administrator name and password.

Step 8 : In the Directory Utility menu bar, select Edit and click on Enable Root User.

Step 9 : Now, key in the password you want, and a second time for verification, and click OK.

That’s it! You have successfully enabled the Mac root user account, with a password of your choice. To use it, you need to log off your administrator account.

Next Page > How To Change The Mac Root User Password

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How To Change The Mac Root User Password (GUI Method)

Requisite : You need to be logged into an administrator account, and have the root user account enabled.

If you have just enabled the root user account, and are still in the Directory Utility screen, skip ahead to Step 8.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Users & Groups.

Step 3 : In the Users & Groups screen, click on the lock and key in your administrator name and password.

Step 4 : Click on Login Options.

Step 5 : Click on the Join… (or Edit…) button next to Network Account Server.

[adrotate group=”1″]

Step 6 : Click on the Open Director Utility… button.

Step 7 : Click on the lock, and key in your administrator name and password.

Step 8 : In the Directory Utility menu bar, select Edit and click on Change Root Password.

Step 9 : Now, key in the new password you want, and a second time for verification, and click OK.

That’s it! You have successfully changed the Mac root user password. To use it, you need to log off your administrator account.

Next Page > How To Disable The Mac Root User Account

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How To Disable The Mac Root User Account (GUI Method)

Requisite : You need to be logged into an administrator account, and have the root user account enabled.

If you have just enabled the root user account, and are still in the Directory Utility screen, skip ahead to Step 8.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Users & Groups.

Step 3 : In the Users & Groups screen, click on the lock and key in your administrator user name and password.

Step 4 : Click on Login Options.

[adrotate group=”1″]

Step 5 : Click on the Join… (or Edit…) button next to Network Account Server.

Step 6 : Click on the Open Director Utility… button.

Step 7 : Click on the lock, and key in your administrator name and password.

Step 8 : In the Directory Utility menu bar, select Edit and click on Disable Root User.

That’s it! You have successfully disabled the Mac root user account.

Go Back To > First PageGuides | Home

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The AMD Radeon Pro 500 Series for iMac Revealed!

SUNNYVALE, Calif. — June 05, 2017 — Today AMD (NASDAQ: AMD) unveiled the high-performance, power-efficient Radeon Pro 500 series graphics, fueling beyond-UHD creativity in All-In-One computing.

 

The AMD Radeon Pro 500 Series for iMac Revealed!

Available in the updated 21.5- and 27-inch iMac, Radeon Pro 500 series graphics enable extraordinary computing experiences, including stunning gaming, immersive VR on select models*, and fluid content creation with exceptional performance and support for GPU acceleration across a range of creative applications on the Mac platform, such as Adobe Premiere Pro, After Effects, and Photoshop and the Foundry Nuke, Mari and Moo.

Moreover, Radeon Pro 500 series provides accelerated performance for the Radeon ProRender photorealistic ray-tracing rendering technology which is enabled for Autodesk Maya, and Maxon’s Cinema 4D.

Radeon Pro 500 series graphics harness up to 5.5 TFLOPS of performance, unleashing the creativity of artists, designers, photographers, filmmakers, visualizers and engineers, and aspiring creative types across high-resolution canvases in the most popular creative applications, powering through the most demanding games, and bringing fantastic worlds to life in VR.

The Radeon Pro 500 series makes use of the critically-acclaimed “Polaris” GPU architecture, delivering the perfect balance of performance and operating efficiency that makes them ideal for All-In-Ones.

“It is incredibly satisfying to see the capabilities of Radeon Pro 500 series in elegant form factors and enabling amazing content creation, gaming and VR experiences,” said Raja Koduri, senior vice president and chief architect, Radeon Technologies Group, AMD. “Radeon Pro 500 Series graphics are enabling new generations of makers with compute-accelerated creative tools and new APIs, bringing their imaginations to life in ways like never before.”

*Available on the Radeon Pro 580.

 

The AMD Radeon Pro 500 Series Graphics Cards

Here are the AMD Radeon Pro 500 Series graphics cards, and their key specifications :

[adrotate group=”2″]
  • AMD Radeon Pro 580
    5.5 TFLOPs peak performance
    36 compute units, with 2304 stream processors
    217 GB/s memory bandwidth
  • AMD Radeon Pro 575
    4.5 TFLOPs peak performance
    32 compute units, with 2048 stream processors
    217 GB/s memory bandwidth
  • AMD Radeon Pro 570
    3.6 TFLOPs peak performance
    36 compute units, with 2304 stream processors
    217 GB/s memory bandwidth
  • AMD Radeon Pro 560
    1.9 TFLOPs peak performance
    16 compute units, with 1024 stream processors
    81 GB/s memory bandwidth
  • AMD Radeon Pro 555
    1.3 TFLOPs peak performance
    12 compute units, with 768 stream processors
    81 GB/s memory bandwidth

Go Back To > Computer Hardware & Systems | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!