Intego Mac Security Podcast

68 Vulnerabilities Patched! – Intego Mac Podcast Episode 335

Posted on by

Apple’s latest macOS release patches 68 vulnerabilities, and that’s a lot. The latest GarageBand update contains a quiet and un-noted security fix. Prevent your IP address from being detected in messaging apps; why that’s a good idea. And we share some speculation on future iPads that Apple might have in the pipeline.


If you like the Intego Mac Podcast, be sure to follow it on Apple Podcasts, Spotify, or Amazon.

Intego Mac Premium Bundle X9 is the ultimate protection and utility suite for your Mac. Download a free trial now at intego.com, and use this link for a special discount when you’re ready to buy.

Get Apple security news delivered straight to your inbox, for free. Intego’s twice-monthly newsletter will keep you informed about Apple-related privacy and security, along with tips and tricks for getting the most out of your Mac or iPhone. Subscribe for free—no strings attached.


Transcript of Intego Mac Podcast episode 335

Voice Over 0:00
This is the Intego Mac Podcast—the voice of Mac security—for Thursday, March 14 2024.

This week’s Intego Mac Podcast security headlines include: Apple’s latest macOS release patches 68 vulnerabilities, and that’s a lot. The latest GarageBand update contains a quiet and un-noted security fix. Preventing your IP address from being detected and why that’s a good idea. And speculation on future iPads Apple just might have in the pipeline. Now, here are the hosts of the Intego Mac Podcast. Veteran Mac journalist, Kirk McElhearn, and Intego’s Chief Security Analyst, Josh Long.

Kirk McElhearn 0:48
Good morning, Josh. How are you today?

Josh Long 0:50
I’m doing well. How are you, Kirk?

Apple patched an unusually large number of vulnerabilities in the latest macOS update

Kirk McElhearn 0:52
I’m doing just fine. I don’t know if this is a record. But we had 68 vulnerabilities patched across all of Apple’s operating systems. Last week, we were talking about what iOS and iPadOS and there were four vulnerabilities patched a measly for vulnerabilities. And then we got macOS, watchOS and TV OS and visionOS updates. Let’s not forget visionOS. And homeOS actually is called homeOS or audioOS. For a total of 68 vulnerabilities. Have we ever had that many vulnerabilities patched in a single update cycle?

Josh Long 1:21
We have. But this is a pretty big number. So is this that specific number of 68 is how many vulnerabilities are named vulnerabilities and the MacOS Sonoma update. And there’s actually a whole bunch of other things Apple does this a lot where they put a whole section of additional recognitions, they call it at the bottom. And so there’s a bunch of other things that basically that means they didn’t assign a CVE number to it. But nevertheless, they improved security or privacy in some way based on feedback given by some of these researchers that the credit there. So but 68 is a pretty big number of CVS for any update. And Apple, of course, did go back and update the iOS and iPadOS 17.4 Release Notes to mention several other vulnerabilities. And they did. As we mentioned last week, they said, there’s more that we’re going to add to the release notes soon. And so they did and it went from four vulnerabilities that were listed to now 40, CVS on iOS and iPadOS 17.4. And they also had four additional recognitions. Now there are 17 for the iOS update that came out last week.

Kirk McElhearn 2:38
But this pales in comparison to a Microsoft Patch Tuesday, right?

Josh Long 2:43
Well, in this particular case, this patch Tuesday or Microsoft, they had 60 vulnerabilities that were patched, as opposed to the 68 and macOS cinema. So that could be a good or bad thing. Depending on your perspective. From one perspective, you could say, well, Apple’s doing a great job of patching more vulnerabilities than Microsoft is. Or you could also look at it as well, maybe that means Mac’s are more vulnerable than Windows, which is not really the case. They’re probably roughly vulnerable, I would say, but at the very least, it’s an interesting statistic that Apple had more patches this week for its desktop operating system than Microsoft did.

Kirk McElhearn 3:21
Okay, so before we started recording, you did one of your rants that you’ve been doing for about two years now about certain, what would you call the certain Unix executables that are in the operating system that haven’t been updated? And in particular, LibreSSL.

Josh Long 3:34
Right. Yeah, Unix executables. And other open source components that are included with macOS, sometimes don’t get patched very quickly.

Kirk McElhearn 3:43
But wait, “very quickly”. This is two years. That’s not just a snail’s pace here.

Josh Long 3:47
Yeah. So the really big problematic one is LibreSSL. So this is the the SSL stack, it’s basically what’s used for all of the secure communications from the operating system, they rely on this stack. So this is really important and underlying component in the operating system. And for whatever reason, Apple is, as of this Friday, it will be two years since this version of LibreSSL came out that still to this day, even after this latest round of patches, still included in macOS Sonoma. So this is really odd.

Kirk McElhearn 4:26
Okay, but you did say that there’s a possibility that they might have done some sort of workaround, so they don’t need to patch it?

Josh Long 4:32
Well, this is something that I’m trying to I’m trying to see if I can can find a way to test this theory to see maybe Apple might have patched these vulnerabilities using some other workaround right. Rather than update the software. Maybe they just put other mitigations in place. But I haven’t found evidence for that yet. One interesting side note on this is that there are a couple of components now that Apple has patched according to their release notes, but hasn’t updated the version number. So Z lib is one that I’ve mentioned in the past, that Apple gave a CVE number and said we address this vulnerability. But yet, there’s still an old version of Z lib included in macOS Sonoma. Same thing with file command line utility that is mentioned in the latest release notes. And they say they patched the vulnerability from 2022. Interesting, it took them so long. And yet the version of file that’s included with macOS Sonoma, it’s still the same as previous versions of macOS cinema. So either they didn’t patch it or mitigated it through some other method. Or maybe they went back and like retrofitted a patch for some old version to keep the old version in place, for some reason. It’s very weird. But in any case, with those LibreSSL vulnerabilities, there are four of them that we know of, that exist in that version of LibreSSL, two of them have a CVSS score, which is a way of rating vulnerabilities for how severe they are of 9.8 out of 10. So these are extremely severe critical vulnerabilities. And Apple apparently still hasn’t patched them and has never mentioned any of these four vulnerabilities anywhere on its site.

Kirk McElhearn 6:18
9.8 out of 10, that’s a pretty sexy vulnerability.

Josh Long 6:21
It’s pretty significant. Yeah. So I will be writing about this later this week. And I will try to identify if I can find a way to do so to see whether maybe Apple has other mitigations in place for these LibreSSL vulnerabilities. But at the very least, it certainly looks like Apple is leaving us all vulnerable. Everybody who’s using the latest fully patched, quote unquote, operating system may not actually be fully patched, which is kind of concerning.

GarageBand app updated with a seemingly clandestine security fix

Kirk McElhearn 6:49
Okay, so there was another update this week. And they really didn’t say in the notes to this update that there was a security fix, even though there was.

Josh Long 6:58
That’s right. So I actually installed this update, I saw that the App Store app on my Mac was prompting me and said, Hey, there’s an update available for GarageBand. And I said, Okay, fine. And I looked at the at the brief description of the update. And it just said that includes stability improvements and bug fixes is recommended for all users. That’s all it said. Most of the time, if there’s a security patch included in there, they will specifically say, for security content in this app, make sure to reference this apple security Release Notes page. And they didn’t do that. So I just assumed, okay, well, it’s a bug fix whatever. So I went ahead and installed it. And then I got a text message from Kirk A little while later saying, hey, there’s a vulnerability that got fixed in this update. And I was like, Really, and I checked, and Apple’s security Release Notes page, sure enough lists a single vulnerability that was patched in this latest GarageBand update. So it’s kind of weird that they didn’t really make that obvious, but there is a vulnerability that has been patched. So make sure you install that from the Mac App Store.

M3 MacBook Air improves RAM configuration

Kirk McElhearn 8:02
Okay, it’s some sort of weird thing, that specially crafted file could lead to whatever and GarageBand is not your usual target. It’s usually the web browser, that’s the target. So I wouldn’t worry too much. But do update your GarageBand. We just want to mention something briefly about the new M3 MacBook Airs. Because if regular listeners remember, I bought an M2 MacBook Air a year and a half ago when it first came out. And I bought it with 16 gigabytes of memory, but 256 gigs of storage. And the first thing I noticed was that it was really slow. And it turned out that Apple was using slower SSDs for some reason, when it was 256 gigabytes instead of 512. I think what it is, is with the 512 gigabyte SSD, it’s to 256 gigabyte units that work in parallel, so it’s faster. And they were using just a single unit for the 256. A number of people have pointed out that in the M3 MacBook Air, even the 256 gigabyte is using two units, so 228 gigabyte units. And so it has roughly the same speed as the 512. The reason why this is important is you may not need a lot of storage on a MacBook Air, you may only use it for simple things and have stuff in the cloud. And yet, if you want it to be faster, you would have to pay that extra $200 to go up to 512 gigabytes of storage. And that’s well at the starting price of 1099 on the 13 inch MacBook Air now, that’s what 17 18% That’s a big tax to pay when you don’t need to storage, but you just want something that’s a little bit faster.

Josh Long 9:40
So that’s really interesting. So this is not something that you know, Apple doesn’t say if you pay more for storage, you’ll also get faster disk speeds. So there’s no indication anywhere of that on it on Apple site. There’s no benchmarks, no nothing. And so you wouldn’t know this if there weren’t third parties that were doing this kind of testing to verify this. So it is good to know that even if you get the base model of the MacBook Air with the M3 chip, now you’ll get faster speeds. Even if you don’t upgrade beyond the 256 gigs.

Kirk McElhearn 10:12
It’s kind of like they’re saying the M3 is an even faster processor. And if they are tumbling, it will the slower SSD. Because this affects a lot of things. It’s not just reading, writing to disk, but it’s also virtual memory. So if you don’t have a lot of memory in your Mac, then you would hit this sort of speed bump, whenever anything’s happening. I’ve seen some articles recently suggesting that maybe eight gigabytes is enough for average users of a Mac. And I don’t disagree. Now I’m thinking back to the M1 MacBook Air That I bought with eight gigabytes. And it was fine. But I never did photo editing, video editing anything complicated, but it was fine for most uses. And you know, going from eight to 16, that’s 200 bucks as well. So if you’re just an average user using a Mac, to browse the web and do basic things, I wouldn’t get carried away and think you have to spend the extra $200 for the memory and now you don’t have to spend $200 for a faster SSD. So that’s good to know. So this is our weekly segment, fraud apps in the App Store stealing cryptocurrency, isn’t it? We should have like a logo and a theme song for this yet another app stole what is $120,000 from a bogus cryptocurrency app? And I just want to say that you’re just asking for it right? If you’re dealing with cryptocurrency, you’re just asking for it, I can imagine that there are legitimate apps run by legitimate what are they called exchanges? But why would you mess around with third party apps to think you’re gonna get something better when you’ve just got too many risks of getting scammed.

Bitcoin scam apps continue to appear and linger in the App Store

Josh Long 11:42
And this is this is a really an ongoing problem. So Apple has a tendency to not place enough attention on what is going into the App Store. And by the way, this particular app was called LeatherWallet and Hiro H I R O, Bitcoin. And that was the name of this particular app that allegedly stole $121,000 from somebody. So kind of a kind of a problem. But I think the the bigger problem here, the broader issue is that Apple doesn’t do a good job of reviewing apps that regardless of the category, and you would think that for financial apps, in particular, that Apple would put a little bit more effort into vetting them to make sure that they’re legitimate. Because, again, we’ve seen this with loan apps, we’ve seen this with crypto apps, this happens all the time. And it’s it’s pretty much like every week, like we could have a story on this every week if we wanted to. Because these apps are just constantly being added to the App Store. And this particular one was in the app store for two weeks, apparently, before Apple took it down. So very problematic. For sure.

Kirk McElhearn 12:51
We’ll link to an article on Apple Insider, which says that people had been aware of the scam for a while. And there were reports that Bitcoin developer hero, the one named in the title had contacted apple. But how do you do that you’re a developer, you contact apple and say someone’s falsified my app and you go through some sort of automated, you know, contact form. And you don’t know whenever anyone’s going to read it. You know how it is when you send anything to any customer service at any company? And why would Apple be any different?

Josh Long 13:19
Yeah. And in fact, a lot of times, what these companies will do is they will post on social media and say, just want to make sure you guys are aware or they’ll post a blog post, maybe that’ll does the same thing. And they’ll say we want to make sure that all of our users are aware that we do not have an official app in the App Store. So if you do go looking for it, you’re going to get something that doesn’t come from us. And we have no idea what it’s going to do. But it’s it’s definitely a scam because we had nothing to do with it. By the way, there’s another example this that’s still in the App Store. as of the moment we’re recording this, an app that claims to be from pancake swap. If you search for pancake swap all one word. In the app store, you’ll find an app that appears to be from the actual company called pancake swap, which is a decentralized finance, aka another crypto related company. And yet, there’s an app in the App Store. And it’s not the real app, it doesn’t come from the company, they don’t have an official app in the App Store. I look just a quick search to see if this is something that’s happened before because I kind of seem to remember a pancake spot being something that had been faked before. And sure enough, there have been multiple cases of this in the past. Even just in February, there was another example of a fake pancake swap app. And I found a social media posts from them from 2022 where the same thing had happened. So this happens all the time. Why isn’t Apple doing more about this?

Kirk McElhearn 14:43
Well, you said earlier some people tried to post on social media, but Apple support no longer has a Twitter account. If you mentioned Tim Cook or someone else on Twitter, what are the odds that someone’s going to see it? Now I have heard from people that if you email Tim Cook and you can find his email address on the way If he’s not going to read your email, most likely, but people will read those emails other people on his team. So if you are a developer and you can’t get any traction, it’s a good thing to try.

Josh Long 15:11
Yeah, well, I imagine Tim Cook’s gonna get an awful lot of emails if everyone just decides to do that.

Kirk McElhearn 15:17
So I’m sure he does, but he has a team that reached with these emails, and so someone might pay attention anyway, we’re gonna take a break. When we come back, we’re going to talk about GE another scam with emails impersonating a bank. And then we’re gonna talk about new iPads, which we’re still waiting for after all these years.

Voice Over 15:36
Protecting your online security and privacy has never been more important than it is today. Intego has been proudly protecting Mac users for over 25 years. And our latest Mac protection suite includes the tools you need to stay protected. Intego’s Mac Premium Bundle X9 includes Virus Barrier, the world’s best Mac anti-malware protection, Net Barrier, powerful inbound and outbound firewall security, Personal Backup to keep your important files safe from ransomware. And much more to help protect, secure and organize your Mac. Best of all, it’s compatible with macOS Sonoma, and the latest Apple Silicon Macs. Download the free trial of Mac Premium Bundle X9 from intego.com today. When you’re ready to buy, Intego Mac Podcast listeners can get a special discount by using the link in this episode’s show notes at podcast.intego.com. That’s podcast.intego.com and click on this episode to find the special discount link exclusively for Intego Mac Podcast listeners. Intego. World class protection and utility software for Mac users made by the Mac security experts.

Phishing bank scam hits home

Kirk McElhearn 16:45
Okay, as long as we’re on the subject of scams, I want to talk about an email that I received about a week and a half ago, it came from a French bank. Now I’ve mentioned many times I used to live in France and I actually had an account with this bank for many years. And it was an email saying that I had to activate some new security thing. And well, it was actually sent to the email I used to use with the bank. But I knew that my account had been canceled 11 years ago when I left France, and I kinda like to follow up on these things to see if they are scams. So I looked at the button that you click on and it had a link to something that was a c t v r dot page dot link. Now in French the word active “activer ” means activate. So if someone hovered their cursor over and they saw activate, oh, okay, well, it’s supposed to activate the security feature page that link it turns out is owned by Google. We’ll get into that in a second. Josh will explain that. But it redirected to a website with the domain. The bank is called cardiac recall. And the domain was credit hyphen agricole.fr hyphen auth. Au th.fr. So Kenanga code dot was the subdomain fr hyphen. auth.fr is the domain. Now if you look at that, and you’re not really paying attention, oh, it looks real. It’s the bank’s name. And it’s some sort of authentication thing. And it’s dot Fr. So it’s probably real well, it wasn’t it was bogus, because fr dash auth.fr is a domain which has now been disabled, or at least blocked by Google, whose domain it was registered on February 28. And for about a week, it was still working. And it’s not anymore on the day that we’re recording this on March 13. But the whole point of this is to say that this is an extremely well crafted email. The language was good, the webpage it went to look realistic, the domain looked realistic. So someone who would have seen that in their address bar might think it’s real and might be tempted to click on the thing that remember, this is a bank I did have an account with with that email address. So could it have been a data breach that somehow the email addresses of clients were breached? And that means that instead of sending an email to a million people to get 100, who have an account with that bank, they were sending it to people who have or had an account with that bank?

Josh Long 17:57
For sure. Yeah, in fact, that’s very likely the case, very likely, they had some sort of data breach at some point and emails of their clients leaked.

Kirk McElhearn 19:17
So the moral of the story is to really pay attention when you get emails like this. Banks do send emails like this occasionally, they’re very rarely things like activate the security feature. It’s more like, do you want to buy a new car, we have low interest rates, stuff like that, but banks will contact you when they have new security features that they need to activate.

Josh Long 19:35
And sometimes whether it’s a bank or other company, sometimes they’ll send like legitimate companies sometimes will send an email. And the problem there is that of course, the bad guys can also send an email that looks very similar to that and might be able to trick you into trying to reset your password but you don’t know that you’re actually going to a phishing page. So always do be very, very careful. The best thing to do in that scenario, by the way, is, if you have that company’s website bookmarked already on your computer, go to that bookmark, try to log in. And if it requires you to change your password at that point, then you know that the email may have been legitimate. But if it doesn’t require you to change your password, then that email telling you to change your password was probably phishing.

Kirk McElhearn 20:19
And this is another reason to use a password manager, whether it’s iCloud Keychain or another password manager, because if you’re taken to a website, and it’s not the right domain, it’s not going to offer to autofill the password. And so you’ve gone to your bank website through an email, and gee, it’s not auto filling my username and password, that means it’s not the right domain, because Safari has recognized it. Okay, so let’s talk about IP addresses. And you’ve got an interesting article on the Intego Mac security blog about how to avoid exposing your IP address or location and FaceTime, WhatsApp, Telegram signal, x, what’s access that Twitter thing and other apps. And what’s happening with these apps is you’re doing peer to peer communication. And in many cases, that means that your IP address is going to be visible to other people. But there are ways for most of these apps to turn that off. So for those who don’t know, what is an IP address?

How can I hide my IP address from other users that I text or message with?

Josh Long 21:11
An IP address is, you can think of it like a home address, somebody can send you something in the mail, if they know your home address. When it comes to an IP address, it’s not quite as specific about your geographic location, you know, you can’t find somebody’s home based on their IP address. Generally speaking, it would be impossible to do that. However, an IP address can often reveal a general location of where somebody is, there are some scenarios where they can tell more specifically where you are if, for example, you’re at a university, often the university’s IP addresses will be public knowledge. But generally speaking, yeah, it doesn’t reveal your home address, because it is a different thing. And it’s not that granularly assigned.

Kirk McElhearn 21:55
So what does it mean to potentially expose your IP address? And why is this a problem?

Josh Long 21:58
Usually, when we’re talking about an IP address, we’re talking about a public IP address, meaning there’s a public IP address that comes from your internet service provider. And that’s what everyone else will see on the internet if you connect to them directly. And in the case of telecommunications apps, you know, apps that are used for calling frequently the way that they work is they’re peer to peer. So you’ll have an into an encrypted connection from one app on one device to that app on someone else’s device, wherever they may be in the world as part of that process. Because it’s a peer to peer connection, meaning one device connecting to another device and not going through some intermediary server. That also means that your public IP address is going to be exposed to the person on the other end. So if they were using some sort of technology to be able to identify what IP address you’re coming from, then they could potentially figure that out. I would say for the most part, it’s not really a big problem. But some people may be a little bit concerned that could potentially reveal your location.

Kirk McElhearn 23:04
Can you give me an example of this?

Josh Long 23:05
Yeah, so if you follow somebody on X, Twitter, and that person, maybe you don’t want them to know your exact location, your IP address could indicate that you are connecting to them from an ISP, an Internet service provider that’s in your area, that IP address, in some cases can reveal even the neighborhood where you live. And in some cases, just the city, which can be a very large geographic area. But sometimes they’re much more concentrated and more focused down to the neighborhood level. And so it may be possible for somebody to identify where you are. And if you’re trying to hide out and avoid somebody, you may not want them to know that you’re in this exact location. Same thing, if you’re connecting to them from a business or school, those IP addresses are often public knowledge, or someone can look them up and figure out where you’re calling from.

Kirk McElhearn 23:59
So in this article, you explain how to disable this or avoid IP address exposure, or reduce IP address exposure. I noticed you’ve been very creative with your synonyms here for the headers in the article. But they all come down to the same thing, you can basically make it so the person you’re speaking to or chatting with can’t find your IP address,

Josh Long 24:20
Right. So for some of these platforms, you can disable calling altogether if you want to do that. You can also in some cases, bounce your call through a server operated by the organization x is one example WhatsApp and some of these other services that we mentioned, you can bounce your call through a server that they operate and they do warn you that this will reduce the call quality but it also blocks the other party that you’re calling or that he’s calling you from being able to identify each other’s IP addresses all of the the information about that and also how to avoid leaking your IP address to anybody else by using a VPN. All the details on that are in the article.

Will Apple be releasing new iPads anytime soon?

Kirk McElhearn 24:59
Okay. Let’s do a Jeopardy question. It happened 17 months ago.

Josh Long 25:03
What is the last time that the iPad was updated?

Kirk McElhearn 25:07
Exactly, you win for $100. It’s been 17 months since Apple updated any iPad at all. They updated the iPad without modifier, so tense generation and the iPad Pro on October 18 2022. It’s like an ancient history when they did this 17 months. And we’ve talked about this recently, there’s been a lot of rumors that there’s going to be new iPads. Just before the show I checked availability of iPads on Apple’s on one. So that’s often a barometer of when things are going to be updated. If it’s hard to get if you can’t get something today, right. And they seem to be widely available. But 17 months, they’ve always staggered the updates. I remember this the iPad without modifier, there’s the iPad Air, and there’s the iPad Pro, and there’s also the iPad Mini. They’ve always staggered release of the different models, but the fact that they’ve taken so long suggests that there’s going to be some massive upgrade to the entire iPad wine. Now as it stands today, some of them use USBC. And some of them still use lightning connectors. Some of them use the first generation Apple Pencil and some of them use the second and third generation Apple Pencil, they use different size magic keyboards, what I would see Apple doing is I mean, it’s problematic that they’ve got the plane, iPad, the iPad, air and the iPad Pro, maybe reduce that to two models make them the same size. So they can use the same keyboard, make them all compatible with the same Apple Pencil, make them all USBC. And just stop making this confusing iPad product. I know, I know, you’re not a big iPad user, I have an iPad Pro and an iPad Mini. And it turns out that the iPad Mini is the one I use the most I used to think of it as like a paperback iPad, because it’s really great for doing things with a smaller space when they don’t need a full page to work on. But the iPad lineup needs to have some sort of a refresh, it needs to have some sort of a direction, which it doesn’t right now.

Josh Long 27:00
Right. And even though I personally don’t use iPads, I know a lot of people who do and people ask me for recommendations on things like this, like, you know, hey, I’ve got a really old iPad, which iPad should I buy? Which is a problem that people have to ask that question because there’s such a giant range of iPads that Apple sells. And so people often don’t really have any idea what they should be getting. And so they’ll ask their, you know, tech knowledgeable friend about that. So for the past, like six months or so I’ve been having to tell people will, you probably want to wait because Apple’s most likely going to be releasing an iPad any day now, right? Like within any anytime within the next, say six months or so, because it’s been such a long time, like Apple literally never released any iPad model at all. And the entire calendar year of 2023. That’s never happened is since the iPad first came out. And what I’ve had to tell people is either just wait, wait it out. Or if you really need a tablet right now I’ve actually told people, if you need something in the interim, maybe get an Android tablet, because I don’t really want to recommend that people buy a multi year old iPad, that’s not going to get security updates for probably quite as long. And so if I can tell them, you know, go get an Amazon tablet because they promise they’re gonna release security updates for X number of years after this model is sold in their store. I kind of have to recommend something else.

Kirk McElhearn 28:25
For right now. I’m just looking at the release dates of the different iPad models. So I talked about the 10th generation and the iPad Pro. The iPad Air was last released in March 2022. So that’s two years ago, the iPad Mini and September 2020, ones that two and a half years ago, and the iPad ninth generation that is still selling in September 2021. So we’re two and a half years for a product. I remember when the last iPad Mini came out, a lot of people were saying oh, it’s never going to be updated again. But I think there’s a real core of group of users who liked the iPad Mini. I’m going to tell you a secret though I had an iPad Mini fifth generation that I put in the kitchen, I would use it to watch the news when I’m eating lunch and I would use it for recipes when I’m cooking. Last year on Black Friday, I traded it in for 130 pounds, and I bought an Amazon Fire tablet 10 inch for 95 pounds. And given that I do almost nothing with it. I’m happy with the larger Amazon Fire tablet, which has a newer battery because mine was getting old. So I agree with you. If you’re not stuck into the Apple ecosystem, we will Amazon has a sale on Fire tablets and grab one of those. Now, with any luck Apple will announce the new iPads as soon as we finished recording so this whole segment will be moved. If not. We’ll see you next week. Until next week, Josh, stay secure.

Josh Long 29:40
All right, stay secure.

Voice Over 29:43
Thanks for listening to the Intego Mac podcast, the voice of Mac security with your host, Kirk McElhearn and Josh Long. To get every weekly episode, be sure to follow us on Apple Podcasts, or subscribe in your favorite podcast app. And, if you can, leave a rating, a like or review. Links to topics and information mentioned in the podcast can be found in the show notes for the episode at podcast.intego.com. The Intego website is also where to find details on the full line of Intego security and utility software. intego.com.

About Kirk McElhearn

Kirk McElhearn writes about Apple products and more on his blog Kirkville. He is co-host of the Intego Mac Podcast, as well as several other podcasts, and is a regular contributor to The Mac Security Blog, TidBITS, and several other websites and publications. Kirk has written more than two dozen books, including Take Control books about Apple's media apps, Scrivener, and LaunchBar. Follow him on Twitter at @mcelhearn. View all posts by Kirk McElhearn →