Category Archives: apple
Apple iOS devices* support a useful data security feature called ‘Erase Data’. This feature if enabled (and you use a passcode), will erase all your iOS data after 10 failed passcode attempts. Enabling this feature should be a priority, especially if you lose your device.
The 10 times failed passcode attempts is consecutive, not cumulative and performs the same data erase as General > Reset > Erase all content and settings. Here is how you enable ‘Erase Data’:
- Open > Settings > Tap > ‘Passcode’ option (see note below)
- Turn the toggle on next to ‘Erase Data’
- Confirm the change and tap > Enable button
Note: If you use Touch ID, this option is called ‘Touch ID & Passcode’
IMPORTANT: In the event, you accidentally erase your iOS device, it’s a good idea to regularly backup your device in iTunes, so you can recover your data.
How do you recover your data to your iOS device?
The encryption key will be deleted on the device when using the ‘Erase Data’ feature. You will then be forced into recovery mode to continue with restoring your iOS device, which can be done from a recent iTunes backup. If you don’t backup up your iOS device, your device will be restored as new.
Apple launched OS X Yosemite and El Capitan with a little known security feature called ‘Stealth Mode’. This feature was added to the Firewall and would be useful to enable if you use your Mac on unsecured or public networks.
When you enable Stealth Mode, your Mac’s firewall will hide your OS X Yosemite and OS X El Capitan computer from ping scans that attempt to discover system information or look for open ports which might have vulnerabilities. Stealth Mode protects both Yosemite and El Capitan Mac OS X users from packet requests from a closed TCP and UDP network as well as from hackers and malware.
How to enable Stealth Mode
- Navigate to > System Preferences
- Click > Security & Privacy > Firewall
- Click the lock to make changes – enter your OS X password
- Click > Turn On Firewall
- Click Firewall Options… > Click the ‘Enable stealth mode’ checkbox
Alternatively you might want to use Terminal to enable Stealth Mode:
/usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on
Turn off Stealth Mode as follows:
/usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode off
My suggestion is only enable Stealth Mode when you use unsecured or public networks, as it’s not required for use (and can cause problems) on private networks.
Once you redeem iTunes Gift Cards or iTunes Gifts on iOS (tested on iOS 9.x), your updated balance will appear in your iTunes Store account. When you purchase content, iTunes will deduct funds from the credit until it is depleted.
Note: You can also do the following through iTunes, the Mac App Store or the iBooks Store.
Checking your balance on iOS:
- Tap iTunes Store, App Store or iBooks
- In iBooks, tap Featured at the bottom of the screen
- Scroll to the bottom of page
- If you are signed in, tap Sign-In and enter your Apple ID and password
- If you have a credit balance, you’ll see it below your Apple ID*
*If you are not in credit, the credit balance will not be visible.
If you have insufficient store credit to purchase content, iTunes does not prompt you with a notification reminder upon clicking to purchase. Permitting customers to purchase content without notifying them at checkout that their iTunes payment credit or debit card is about to be debited the outstanding difference, could be perceived as deliberate by design.
Mac OS X 10.11 or later doesn’t support the “Secure Empty Trash” feature. This was removed as it actually didn’t securely delete files placed in the Trash. Apple also identified an issue with guaranteeing secure deletion of Trash files on some systems, such as those with flash storage.
Apple responded by removing the “Secure Empty Trash” option from OS X 10.11 or later versions. You could use FileVault if you are worried about your privacy. Alternatively, you can use the Mac Terminal app to securely remove files using the ‘srm’ command. Securely deleted files or folders uses a 35-pass erase (Gutmann algorithm), which complies with the US DoD 5520.22-M standard.
As with my previous posts, using Terminal can be dangerous, so you should only use this, if you are familiar with the command line. Repeat the following steps to use the ‘srm’ (see NOTE below) command to securely delete files or folders as and when you want:
- Locate the file(s) in OS X Finder
- Open Spotlight > Type “Terminal” and hit the return key to open Terminal app
- Copy the following syntax to delete a file
OS X Server for Mavericks, Yosemite, Mountain Lion and Lion has an adaptive firewall built in that controls incoming access based on client attempts to abuse the OS X Server. The adaptive firewall in Yosemite can be controlled in OS X Server in the Access pane.This allows you to create default access rules and custom rules for specific services.
For the less technical savvy, I’d suggest enabling the adaptive firewall to generate a rule for when a user or IP address generates 10 consecutive failed login attempts. You will need > Terminal and run all the following commands on the Terminal server as an admin:
Cut and paste this code if you use OS X Server on Mavericks or Yosemite:
sudo pfctl -f /etc/pf.conf
You will see an error reporting ‘No ALTQ support in the kernel’ and it being disabled appears; please ignore it. Now cut and paste the following:
sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/serverctl enable service=com.apple.afctl sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -c sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -f
You will see the same error as above reporting ‘No ALTQ support in the kernel’ and it being disabled appears; please ignore it again.
As above and if you use OS X Server on Mountain Lion or Lion (also note the errors):