Intego Mac Security Podcast

Apple’s Bungled Rapid Security Response – Intego Mac Podcast Episode 300

Posted on by

Apple issued a rapid security response, to patch a vulnerability that has been exploited in the wild, and had to pull it a few hours later. We also discuss Meta’s Threads, more Scamazon issues, and, for our 300th episode, we look at how the security and privacy landscape has changed in the six years of this podcast.


If you like the Intego Mac Podcast podcast, be sure to rate and review it on Apple Podcasts.

Intego Mac Podcast

Have a question? Ask us! Contact Intego via email if you have any questions you want to hear discussed on the podcast, or to provide feedback and ideas for upcoming podcast episodes.


Transcript of Intego Mac Podcast episode 300

Voice Over 0:00
This is the Intego Mac Podcast–the voice of Mac security–for Thursday, July 13 2023.

This week’s Intego Mac podcast security headlines include: Apple’s second Rapid Response Security update breaks the web for some users. What happened? Speaking of rollouts, how is Meta’s Threads social media platform doing? Amazon isn’t doing a thorough job on tracking and eliminating product scams on its pages. And it shows. And in honor of our 300th episode, we have some brief observations on differences in the state of security and privacy since the podcast began almost six years ago. Now, here are the hosts of the Intego Mac podcast. Veteran Mac journalist, Kirk McElhearn, and Intego’s. Chief Security Analyst, Josh Long.

Kirk McElhearn 0:53
Good morning, Josh, how are you today?

Josh Long 0:55
I’m doing well. How are you? Kirk?

Kirk McElhearn 0:56
I’m doing really well. We are Wednesday, July 12. It is the second day of Amazon Prime Day. See? They lie already. They say it’s Prime Day. It’s really Prime Days, right? It’s two days. I don’t know about you, but I bought a lot of stuff on Prime Day I bought cat food. Okay, we buy most of our cat food in bulk from Amazon, we buy these big boxes with 96 pouches of cat food and a bunch of them were like 10 pounds, or it’s a big saving because cat food has gone up in price like 25% In the past year. So I’ve got boxes and boxes of cat food coming on Friday. What about you? What did you buy?

Josh Long 1:31
I didn’t buy a whole lot. As I’ve mentioned before, and we talked about last week, there’s services and sites that you can use and apps that will track when things actually go on sale. So you don’t have to be too concerned about watching sales like a hawk, the one thing that I bought was a LifeStraw, which is a thing that you can easily filter water, I just bought a personal one. The kind of thing where like you’re going camping, or you’re in some emergency situation, and you fill an empty water bottle with some polluted water. And you can get clean water through it. It’s not particularly easy to use. I haven’t used it yet. But I’ve heard they’re kind of useful. So I thought it’d be worth having one on hand for emergency purposes.

What was the problem with the Apple’s most recent Rapid Security Response update?

Kirk McElhearn 2:15
And you mentioned this to me before the show, and I had never heard of it. And I thought you know, this would be really good to have if water gets cut off for any reason. So I ordered one too. And we’re both going to have LifeStraws in a few days. We want to talk about Apple’s delayed security response. That was was it Monday that this came out this Rapid Security Response? Everyone update this as urgent and then wait, wait, stop, we’re gonna pull it because there’s a problem.

Josh Long 2:39
Yeah, Rapid Security Response, or you might call it “rushed” security response. Because it seems like Apple may have put this out there a little too fast without doing very much testing. First, what happened is they released this Rapid Security Response update. By the way, this is only the second Rapid Security Response that Apple has released ever since this feature, you know, became available to the general public, they did test some Rapid Security Responses with the betas of macOS Ventura and iOS 16.

Kirk McElhearn 3:14
But I think what they were testing was the process and not actual fixes, right? So they were testing the process to make sure it works. And here they released something, which actually was resolving an in the wild vulnerability, and it broke a bunch of websites. So this was a WebKit vulnerability and a number of websites stopped working.

Josh Long 3:33
If you have already installed this Rapid Security Response update, and you haven’t been noticing any problems with any websites that you’re visiting, then don’t worry about it. You don’t necessarily have to remove it or anything. They released it Monday, and later in the day, they took it back. So it’s no longer available to download. If you are having problems, there is a way to roll it back. This was a fix for one particular WebKit vulnerability that’s being actively exploited in the wild they say. Not a lot of additional details beyond that. Interestingly, this patched a WebKit vulnerability. WebKit, as we mention a lot, is the rendering engine for rendering pages in Safari, but it’s used across the operating system. So used for a lot of other things too. Apple did release a Safari update for macOS, Big Sur and Monterey at the same time, the same day that they released the Rapid Security Response for macOS Ventura and iOS and iPadOS 16. And what’s interesting is Apple hasn’t pulled that update. So ironically, even though you’re missing a whole bunch of other patches that are not made available for the previous operating systems, at least on this one thing that’s currently being actively exploited. If you happen to be on an older operating system, you currently are protected, even though you can’t get the Rapid Security Response as of when we’re recording this, and possibly by the time we release this episode tomorrow, maybe they’ll come out with the B version, the re-released version of the Rapid Security Response that fixes the vulnerability and doesn’t break websites.

Kirk McElhearn 5:15
Well, when they released the remastered version, we’ll see. I’ll put a link in the show notes to an Apple support document which says if you applied Rapid Security Response iOS 16 point 5.1 Blah, blah, blah here’s how to remove it. So the steps to remove it are actually quite simple. So we’ll let you know how to do it. You know, Josh, this is our 300th episode. (Oh, yeah.) That’s a lot. (Right.) Congratulations on reaching 300. That’s a big milestone. (Yeah, not bad.) It’s nearly six years.

Brief observations on the state of security and privacy on the posting of our 300th episode.

Josh Long 5:42
Yeah. So we’re not quite at six years, but but we’re getting pretty close to that. Another 12 episodes, and it will be 52 x 12, which is 312. So our 312th episode will officially be our sixth year.

Kirk McElhearn 5:56
We were we were thinking of talking about what’s changed since, say, Episode 200, or even since the very beginning. And it’s hard to think back just two years because there hasn’t been that much that’s changed. But if we do think back six years, a whole lot of stuff has changed. I mean, if we were to go back and look at what we had done in the some of the earliest episodes, and I’m not going to bother now, and I don’t recommend that anyone do it. The security landscape is very different. Security and privacy. And Apple really started doubling down on privacy in this six year period. Six years ago they weren’t doing all of this advertising around privacy that they’ve been doing in the past few years. I don’t know what happened around that time that made Apple focus on that. Could it be that iPhone sales started flattening and Mac sales started flattening? So they needed another way to sell the devices? Or could it just be that more people were using computers and were more concerned about security and privacy?

Josh Long 6:50
It could be. There’s a number of things that could have prompted this. But I think Apple was really trying to differentiate itself from Google, in particular, because iPhone sells a lot of units. At the same time, though Android really has bigger market share. Apples one of the biggest brands overall in terms of phone sales, because the only way to get iOS is to get an Apple device. With Android, it’s spread out over a lot of different manufacturers, but they have a much bigger percentage of the market share Google does with Android, that is. I think that was probably one of the big things Apple saw an opportunity there, they knew that Google didn’t have quite as good of a reputation on privacy. And so it was an easy opportunity for Apple to come in and say we’re the hero, like come to us if you want to protect your privacy.

Kirk McElhearn 7:40
So I lied, I did go back to the earliest episodes. And just to point out where we were in the security landscape, Apple had just introduced Face ID on the iPhone at that time. So we talked about Face ID and how it works. They had just introduced the new APFS file system, which was actually quite a big deal. Again, most people don’t think about it. But under the hood, it’s made an awful lot of changes. We talked about iOS apps and privacy and one of the early episodes. So I don’t think that much has actually changed over time. It’s just the bad guys have gotten smarter. The good guys have been more focused on letting people know about security and privacy issues.

Josh Long 8:19
A couple of things I think that are worth pointing out that I feel have changed a lot in that time period. One is we have a lot more Mac malware a lot more frequently, where there’s new families of Mac malware. We’ve seen a lot more nation state attacks than we’ve ever seen before that are targeting Macs. And on that same line, we’ve seen more targeting of iPhones from nation state threat actors with iPhone malware. That’s not something we had really been seeing a whole lot of, or at least if it was going on, it wasn’t as common knowledge. Maybe that’s kind of stuff was going on behind the scenes, and we just weren’t aware of it. But now we know that there have been a lot more nation state attacks on iPhones, you know, zero click, you know, remote exploits and things like that. Which is the whole reason why Apple is finally gone to this whole Rapid Security Response thing. That’s the whole reason for that feature is they want to make sure they’re protecting people as soon as possible. As soon as these things are known to be actively exploited in the wild. Good on Apple for trying to improve the speed at which they’re putting things out. I do hope that they do a little bit better quality assurance checking the next time that they release a Rapid Security Response.

How do I safely get and use the Threads app?

Kirk McElhearn 9:32
Yeah. And just to go back to what you’re saying about the zero click exploits. I don’t think we had those six years ago. I think that’s something that was developed around that time or was developing around that time. And that there have been all sorts of reaction when you think about Lockdown Mode. And all of the advanced hardening features in iOS. These have all come in the last five or six years. We’re not going to get nostalgic, we’re going to keep talking about the future. We’re going to start talking about Threads for Instagram. Threads is Instagram’s Twitter. Here’s how to manage your privacy and security settings. In last week’s episode, I mentioned that I was preparing an article about security and privacy settings, which I drafted and put on the blog. And Josh expanded it into a novella about everything you can do with Threads. Here’s how to set it up. Here’s how to manage security and privacy. Here’s how to follow people unfollow, mute, and block and everything. So we have this 3000 word article, which will tell you everything about using Threads.

Josh Long 10:27
Well, okay, it’s not literally everything, but it at least gives you enough information to get started. The main thing to know and we might have covered this a little bit last week, but basically, you need to have Instagram. And then once you have Instagram, then you can download this. Be very careful when you’re searching the App Store for this because it’s called “Threads an Instagram app,” that’s the correct one, it’s got a black logo. And it doesn’t exactly look like an “at” sign. It’s sort of like it’s supposed to look like a thread. Some people think it looks like a few number sixes all mashed together. And that’s the only one that you can actually get into the Threads social network from. And the reason we bring this up is because there is an app a sort of lookalike scam app that charges a lot of money for a subscription for something that is meant to look like it’s the actual thread social network app, but it’s not. It’s called “Threads for Insta”. And it’s still in the iOS App Store. And it’s available in the EU, which as we mentioned last week, Threads the social network app is not actually available in the EU. So if you live in an EU country, and you’re searching for Threads, it’s entirely possible that you could come across this Threads for Insta, which is, you know, the fake app, and think that you’re actually getting the social network when you’re really not. We’ll have a link to an article on the Mac security blog talking about this fake app in the show notes.

Kirk McElhearn 11:59
Okay. And you found a bug on Threads didn’t you?

Josh Long 12:03
Yeah. This was kind of a fun thing that I happened to come across. So I think it was Apple Insider posted something the other day where they accidentally had a typo. And there’s no edit feature yet on Threads. Instead of leaving the typo there. They deleted that post and reposted it with the typo corrected. There were a couple of people who had commented one of the person commented before me. And I made a cheeky comment, “Edit button when?”, and I noticed that that post was gone then off of Apple Insiders Threads account> I went into my Replies, because I was curious to see whether my reply was still there and just detached from it. And what I found was that I could still view the deleted original post in the Threads app, which is obviously not intended. I suspect what’s going on there is that the original post was probably cached in my app. Because if I tried to go to it on the web, it didn’t work. And also if I force-quit the app and then tried it again, I couldn’t see the original posts that no longer existed.

Kirk McElhearn 13:08
On Twitter, you see something like if someone posts a tweet, you see “This tweet is no longer available”, something like that. I don’t know if there’s a cache. Remember, they have these content delivery networks all around the world. So they have to update in real time. So there can be a delay. But it sounds more to you like yours was caching. I wouldn’t worry about it too much. It’s a it’s an interesting bug. But as we discussed last week, this was probably rushed out in a hurry. There are a lot of features missing. And there are going to be a lot of changes.

Josh Long 13:36
Not to mention, like if somebody puts up a controversial post or something and you want to like keep it for later take a screenshot right? I mean, that’s like the easier thing to do, then respond to it and hope that it shows up cash to you know, in your replies. By the way, another point about this if you do happen to discover anything juicy or than what I found, I would suggest not reporting it necessarily because if you want to apply for a bug bounty, Meta does not currently include Threads in its bug bounty program. Facebook, yes. Instagram, yes, Threads. No. I would say if you find some really juicy stuff, just wait and report it later.

Kirk McElhearn 14:15
Okay, we’re gonna take a break. When we come back, we’re going to talk about some more interesting security news.

Voice Over 14:23
Protecting your online security and privacy has never been more important than it is today. Intego has been proudly protecting Mac users for over 25 years. And our latest Mac protection suite includes the tools you need to stay protected. Intego’s Mac Premium Bundle X 9 includes Virus Barrier, the world’s best Mac anti-malware protection, Net Barrier, powerful inbound and outbound firewall security, Personal Backup to keep your important files safe from ransomware. And much more to help protect, secure and organize your Mac. Best of all, it’s compatible with macOS Ventura, and the latest Apple silicon Macs. Download the free trial of Mac Premium Bundle X 9 from intego.com today. When you’re ready to buy, Intego Mac Podcast listeners can get a special discount by using the link in this episode’s show notes at podcast.intego.com. That’s podcast.intego.com and click on this episode to find the Special Discount Link exclusively for Intego Mac Podcast listeners. Intego. World class protection and utility software for Mac users made by the Mac security experts.

What is a scam loan app and what does it do?

Kirk McElhearn 15:38
Okay, we have talked about scam apps in the App Store many times and there are a number of scam loan apps in the App Store. And this is an India that threatened to send fake nudes to contacts. What’s a fake nude?

Josh Long 15:52
I assume that they’re talking about AI generated nudes of somebody.

Kirk McElhearn 15:57
Right so in this article, we’re linking to a nine to five Mac Here’s a quote from someone “My friend’s sister use an app named ‘White Kash’ K-A-S-H to take a loan and now they’ve access to her contact list. They’re also threatening to send her nude pics they morphed her face to her contact list.” You know there’s software that easily puts your face on someone else. We’ve seen these deep fakes that were pretty clumsy in past years, but they’ve gotten really good. What was the film clip we saw with Robert Downey and Back to the Future, something like that. If they can do that in video, they can do that with anyone’s face. I want to know why someone gets an app from the App Store to take out loans to start with. That already seems a little bit scammy. But I mean, finance in India is very different from here, you know, the access to banks is different. What can we do? I mean, we’ve been talking about this for a while Apple isn’t doing anything about this. Or they’ll do it when there’s been enough social media buzz and enough articles. And then they’ll remove a couple of these apps. But in the meantime, the App Store’s like a flea market, the App Store is getting like Amazon, we’ll talk about Amazon in a second, where you really can’t trust a lot anymore.

Josh Long 17:01
Yeah. There is an App Store review process, right? First of all, if you have any overt malware, it’s not going to get past even the automatic part of the review process. Then there’s a human review. Normally, I mean, you would expect that the human review process is going to catch most of the junk, the stuff that’s an obvious scam. The thing is, I think there’s enough apps that are kind of in this gray area where it’s not necessarily super obvious to the reviewer at the time that they’re reviewing it that this is a clear scam app, that it’s just ripping off somebody or designed to trick people into thinking that it’s something else, or that it’s going to have some other negative effects. They don’t find anything, you know, that’s a big red flag right away. But once people start using these apps, and they get further into it, then they might encounter some problems. And that’s something that the review process may not catch. So you get some of these apps, the Threads for Insta thing that we mentioned before, has like subscriptions that have outrageous prices on them for something that, again, is not actually the social network you probably think you’re getting when you download this app. And in other cases, I don’t know what was going on with this developer. Like, the app company threatening to create fake nudes of somebody because they were complaining about the app. I’ve never heard of that. That’s pretty crazy.

Kirk McElhearn 18:25
I think what we need to understand is is two things going on one, it can be an app, which is a scam, like the Threads for Insta. And the other it could be an app, that the app itself isn’t causing problems, but it’s what’s outside the app. So for some reason the person granted access to their contacts, the app has to request that on an iPhone and the person granted access, you should never do that. Never give access to your contacts in any app, maybe your Calendar app if you trust it, because it will need it if you want to add invitations to calendar events, things like that. Or an email app, you’ll need to do that. But don’t do that for any other app. But this means that the company behind it is just nefarious. It’s not the app itself, that’s nefarious. So there’s not a lot we can do.

Josh Long 19:07
It’s worth mentioning this isn’t any better on the Android side of things. Just this last week, there was a story about some spyware apps in the Google Play Store that were sending information to a remote server in China. There’s probably worse things happening on the Android side of things. Not to mention that of course you can sideload apps and that like opens up a whole can of worms. It’s not any better on Android, at least we should say that.

Amazon continues to allow scammers to subvert their product review process.

Kirk McElhearn 19:32
Okay, I want to briefly talk about “Scamazon”. We talked about scammers in Episode 282, about the number of things that Amazon sells that are just outright scams. In that case it was SSDs. I noticed yesterday looking on Amazon’s Prime Day deals. I was looking for SD cards for cameras. I always buy SD cards on Prime Day because that’s when they’re cheap. And then I looked in my drawer and I have four already so I don’t need any new ones but the top one sponsored was Ratwatt SD card 982 gigabyte micro memory card, high speed, blah, blah, blah, blah, blah, blah. First of all, there’s no such thing as a 982 gigabyte memory card, it would be one terabyte, or 1024 982 is just the wrong number. Second of all, it’s 1399 terabyte SD card, you’re talking 90 100 120 pounds, right? So the Prime Day deal has 35 reviews with an average of four stars, as a couple of them pointing out that it’s trash. The same card is sold by another seller. And that has two reviews that are all negative said it only has two gigabytes of storage. Now, interestingly, I posted a tweet earlier mentioning Amazon UK, and I said, you know, here’s a screenshot, this is actually sponsored. So that means they paid for it. And they were at the top of the search results. And I explained to it and they said “Hi there, thanks for this information, we’ve escalated this to the concerned team.” Now I don’t know how concerned they are and how good their escalator is. But I’ll keep an eye on this and see if they actually do anything.

Josh Long 21:00
And as we mentioned in 282, on that episode, that this is a problem. And there’s so many things being added to the Amazon store on a daily basis, that it’s very difficult for Amazon to really even just keep up. I mean, they would have to hire a massive team of people to really carefully scrutinize every single new listing, or modified listing because remember, you can change existing listings too. It can get very complicated. And so it’s probably just cheaper for Amazon to just refund people when they decide that something I bought, it doesn’t work the way that it’s advertised or it’s a scam or whatever.

What security and privacy laws is France updating and why?

Kirk McElhearn 21:40
Okay, The Register has, as often, a clever title for an article called “Liberté, Egalité, Spyware”. France, okay, is cops snooping on phones, the French Senate put a bill through, which is basically 30 or 50 pages of amendments to existing laws, and they’re all minor things and it changes the word here and changes a couple things. Now, I’ve looked at the original French. And I follow it back the sections that are mentioned and what’s been changed and everything. Initially, they had a law that allowed them to track the location of people who were suspected of certain crimes. And this is talking about crimes that could be penalized by five years in prison or more. So basically felonies, they could use geolocation, from mobile phone providers, right from triangulation from phone masks, or from other devices. They have extended this to use all sorts of electronic surveillance. And what they say is remote activation of devices. Now we were discussing this before the show. And Josh’s logic, I think is they’re already using things like Pegasus spyware, when it’s for murder investigations and kidnappings. And that’s the kind of cases they’re talking about. Maybe this is just a way of codifying it. So if someone does get taken to court, they can’t say that the evidence was obtained illegally. But we know that they’re definitely using this sort of thing for terrorism and other types of offenses.

Josh Long 23:02
Right. And I don’t know about the French government in particular, like what types of software that they’re using. But we know that there are things like Pegasus that have been out there that are available to government agencies to law enforcement agencies. This is just spyware that you can install remotely on an iPhone, they exploit vulnerabilities to do it. So you don’t have to trick the user into downloading an app or something like that. It’s like actually remotely infecting that device using a vulnerability. There’s lots of government entities across the world who are using spyware like this, not necessarily just Pegasus. But that’s of course, the most famous example of it. I think this is one of those things where they just wanted to make it more clear that it was legal for them to do this in France.

Can hackers defeat voice authentication security systems?

Kirk McElhearn 23:52
Okay, we have an interesting article. And this is not surprising. Cybercriminals can break voice authentication with a 99% success rate. Now, I mentioned this six months ago, I think, when someone had proved that using some AI-created deep fake voice system, that they could get into banking systems over the telephone. And I mentioned at one of my banks in the past wanted me to turn on the thing where you say, “My voice is my password”. And I said, No, I’m not trusting this. Well, it looks like this is actually going to be really easy to do. It’s kind of like taking a photo of someone’s finger and making a fingerprint from it. It’s that simple. Because if you have a sample of their voice that’s even 30 seconds or a minute you can make their voice say anything.

Josh Long 24:34
Well, podcasters good luck. (Yeah, we’re just…) There’s 1000s of hours of me talking on the internet. I don’t ever want to use the system that it requires voice authentication, because it’s very clear that somebody could get into that using generated audio based on the actual voice.

Kirk McElhearn 24:51
But think about it. In the past go back 10 years we would have thought oh, hey, that’s really clever because the voice print is unique the timbre of each person’s voice is different. And we’ve learned that it’s not we’ve learned that we can replicate it. What’s next? Face ID for now is secure, we found that Touch ID might even be more secure than Face ID, because of potential identical twins, etc. But these things will be defeated as well. So we have to come up with new biometric systems that can’t be defeated.

Josh Long 25:22
And that’s a whole different challenge, right? There’s a couple of challenges here. One is making sure that whatever kind of authentication system you’re using is not easy to hack, because there are better choices out there. But then the other thing that the industry needs to be doing is looking at, okay, well, what’s more difficult to spoof? What’s exponentially more difficult than the current best things that we have now? That’s the place where the innovation really needs to happen.

Kirk McElhearn 25:50
One thing I see in futurist movies is iris scans.

Josh Long 25:54
Right. Yeah. And I don’t think that there’s any good way to spoof that yet. So right now, that’s probably one of the best technologies that’s out there. It’s not something that so far we’ve seen built in any consumer products, I imagine that the technology for that is a lot more expensive. And probably not something that’s currently practical to put in an iPhone say.

Kirk McElhearn 26:15
Well imagine the combination of the front camera and the LIDAR sensor on an iPhone. I would be surprised if Apple’s not working on that, because that is something that would be harder to spoof. My guess is that the same way that Face ID requires a bit of movement for it to work. Your Iris is always moving, your pupils are dilating, and they’re not static. So a photo wouldn’t work. And it does seem like one of the next steps that we could have in terms of authentication. That’s not intrusive, right? You can’t do a full handprint on a phone. It’s not big enough.

Josh Long 26:49
Right. I keep seeing all these rumors about Apple’s going to put Touch ID back on the iPhone. And it’s either going to be you have your hand on the back of the phone, which doesn’t work. If you have a case, or you stick your thumb like right in the middle of the screen on the front, and it’s going to be able to read your fingerprint, maybe I don’t know if maybe Apple is working on this technology. I think they might even have some patents on that. But how soon are we actually going to see something like that? I don’t know. That seems a little a little odd.

Kirk McElhearn 27:17
I bet that by Episode 400, we will have some new sort of biometric identification accessible to consumers.

Josh Long 27:25
Well, as a matter of fact, Apple already is working on iris scanning, right? Isn’t that what Optic ID is doing in the new Vision Pro headset that’s coming next year.

Kirk McElhearn 27:35
True. But the Vision Pro has a lot of cameras, right and iPhone just as the one so if they have the technology to get it to work, there’s no reason why they can’t get it to work on the iPhone. It is a bit different though. Because you can hold the iPhone at a distance and it’s going to unlock. You’d probably have to hold it in a certain position to get your iris positioned for that to work. I’m sure they’re working on it. I’m sure that people in that spaceship headquarters there. There’s a whole bunch of people in the basement with with sample iPhone prototypes, who are trying it on their eyes and seeing how far away they can get it to work.

Josh Long 28:08
You know, I just realized that’s why they have the spaceship campus. It’s because they actually house alien technology there. They’re trying to make it more welcoming to the alien invaders that they’re getting technology ideas from.

Kirk McElhearn 28:21
Interesting. The truth is in there. Okay. Until next week, Josh, stay secure.

Josh Long 28:25
All right, stay secure.

Voice Over 28:28
Thanks for listening to the Intego Mac podcast, the voice of Mac security, with your hosts Kirk McElhearn, and Josh Long. To get every weekly episode, be sure to follow us on Apple Podcasts, or subscribe in your favorite podcast app. And, if you can, leave a rating, a like, or a review. Links to topics and information mentioned in the podcast can be found in the show notes for the episode podcast.intego.com The Intego website is also where to find details on the full line of Intego security and utility software. intego.com.

About Kirk McElhearn

Kirk McElhearn writes about Apple products and more on his blog Kirkville. He is co-host of the Intego Mac Podcast, as well as several other podcasts, and is a regular contributor to The Mac Security Blog, TidBITS, and several other websites and publications. Kirk has written more than two dozen books, including Take Control books about Apple's media apps, Scrivener, and LaunchBar. Follow him on Twitter at @mcelhearn. View all posts by Kirk McElhearn →