Category Archives: apple
OS X Server includes a VPN service. It is very easy to setup VPN, but if you Google fu, you might find different methods, which can be confusing. This post will show you one method, that clears the confusion and should have you up and running in quick time.
In this example, we are going to use a Mac Mini with OS X Server 5.0.x that has already been setup as a .local server. We will be configuring the server using the L2TP/IPSec tunnelling protocol. This isn’t as secure as OpenVPN, but IPSec encryption/decryption occurs at the kernel level with added advantage of multi-threading over OpenVPN. So, it’s a secure enough starting point.
Note: OS X Server 5.0.x supports OS X Yosemite v10.10.5 or OS X El Capitan v10.11.1.
Follow my instructions below, and you will be up and running in about 15 minutes.
Change .local server to .private to use VPN (if you haven’t already):
- Launch Server.app > Edit host name
- Click > Next then Check option > Local Network and VPN > Next
- Edit Host Name: example.private (edit the ‘example’ server name)
- Click > Finish
Apple iOS devices* support a useful data security feature called ‘Erase Data’. This feature if enabled (and you use a passcode), will erase all your iOS data after 10 failed passcode attempts. Enabling this feature should be a priority, especially if you lose your device.
The 10 times failed passcode attempts is consecutive, not cumulative and performs the same data erase as General > Reset > Erase all content and settings. Here is how you enable ‘Erase Data’:
- Open > Settings > Tap > ‘Passcode’ option (see note below)
- Turn the toggle on next to ‘Erase Data’
- Confirm the change and tap > Enable button
Note: If you use Touch ID, this option is called ‘Touch ID & Passcode’
IMPORTANT: In the event, you accidentally erase your iOS device, it’s a good idea to regularly backup your device in iTunes, so you can recover your data.
How do you recover your data to your iOS device?
The encryption key will be deleted on the device when using the ‘Erase Data’ feature. You will then be forced into recovery mode to continue with restoring your iOS device, which can be done from a recent iTunes backup. If you don’t backup up your iOS device, your device will be restored as new.
Apple launched OS X Yosemite and El Capitan with a little known security feature called ‘Stealth Mode’. This feature was added to the Firewall and would be useful to enable if you use your Mac on unsecured or public networks.
When you enable Stealth Mode, your Mac’s firewall will hide your OS X Yosemite and OS X El Capitan computer from ping scans that attempt to discover system information or look for open ports which might have vulnerabilities. Stealth Mode protects both Yosemite and El Capitan Mac OS X users from packet requests from a closed TCP and UDP network as well as from hackers and malware.
How to enable Stealth Mode
- Navigate to > System Preferences
- Click > Security & Privacy > Firewall
- Click the lock to make changes – enter your OS X password
- Click > Turn On Firewall
- Click Firewall Options… > Click the ‘Enable stealth mode’ checkbox
Alternatively you might want to use Terminal to enable Stealth Mode:
/usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on
Turn off Stealth Mode as follows:
/usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode off
My suggestion is only enable Stealth Mode when you use unsecured or public networks, as it’s not required for use (and can cause problems) on private networks.
Once you redeem iTunes Gift Cards or iTunes Gifts on iOS (tested on iOS 9.x), your updated balance will appear in your iTunes Store account. When you purchase content, iTunes will deduct funds from the credit until it is depleted.
Note: You can also do the following through iTunes, the Mac App Store or the iBooks Store.
Checking your balance on iOS:
- Tap iTunes Store, App Store or iBooks
- In iBooks, tap Featured at the bottom of the screen
- Scroll to the bottom of page
- If you are signed in, tap Sign-In and enter your Apple ID and password
- If you have a credit balance, you’ll see it below your Apple ID*
*If you are not in credit, the credit balance will not be visible.
If you have insufficient store credit to purchase content, iTunes does not prompt you with a notification reminder upon clicking to purchase. Permitting customers to purchase content without notifying them at checkout that their iTunes payment credit or debit card is about to be debited the outstanding difference, could be perceived as deliberate by design.
Mac OS X 10.11 or later doesn’t support the “Secure Empty Trash” feature. This was removed as it actually didn’t securely delete files placed in the Trash. Apple also identified an issue with guaranteeing secure deletion of Trash files on some systems, such as those with flash storage.
Apple responded by removing the “Secure Empty Trash” option from OS X 10.11 or later versions. You could use FileVault if you are worried about your privacy. Alternatively, you can use the Mac Terminal app to securely remove files using the ‘srm’ command. Securely deleted files or folders uses a 35-pass erase (Gutmann algorithm), which complies with the US DoD 5520.22-M standard.
As with my previous posts, using Terminal can be dangerous, so you should only use this, if you are familiar with the command line. Repeat the following steps to use the ‘srm’ (see NOTE below) command to securely delete files or folders as and when you want:
- Locate the file(s) in OS X Finder
- Open Spotlight > Type “Terminal” and hit the return key to open Terminal app
- Copy the following syntax to delete a file