Intego Mac Security Podcast

Attack Surfaces – Intego Mac Podcast Episode 350

Posted on by

Apple drops one of its financial services that it only introduced last year. More countries can now participate in Apple’s self-service repair program. Installed Chrome browser extensions could be more dangerous than Google is letting on. And in a new white paper, Apple declares its dedication to long-range privacy and security using some “squishy” language and we have some thoughts.

  • About the security content of AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8
  • Apple abruptly abandons “buy now, pay later” service amid regulatory scrutiny
  • EU Users Won’t Get Apple Intelligence, iPhone Mirroring, or the New SharePlay Screen Sharing Features This Year, Thanks to the DMA
  • Apple expands Self Service Repair Diagnostics support to Europe
  • Apple Diagnostics for Self Service Repair
  • Longevity, by Design
  • Risk of installing dodgy extensions from Chrome store way worse than Google’s letting on, study suggests
  • Amazon’s new AI-powered Alexa might cost up to $10 per month

  • If you like the Intego Mac Podcast, be sure to follow it on Apple Podcasts, Spotify, or Amazon.

    Intego Mac Premium Bundle X9 is the ultimate protection and utility suite for your Mac. Download a free trial now at intego.com, and use this link for a special discount when you’re ready to buy.

    Get Apple security news delivered straight to your inbox, for free. Intego’s twice-monthly newsletter will keep you informed about Apple-related privacy and security, along with tips and tricks for getting the most out of your Mac or iPhone. Subscribe for free—no strings attached.


    Transcript of Intego Mac Podcast episode 350

    Voice Over 0:00
    This is the Intego Mac Podcast—the voice of Mac security—for Thursday, June 27 2024. This week’s Intego Mac podcast security headlines include: Apple drops one of its financial services that it only introduced last year. More countries can now participate in Apple’s self service repair program. Installed Chrome browser extensions could be more dangerous than Google is letting on. And in a new white paper, Apple declares its dedication to long range privacy and security using some “squishy” language and we have some thoughts. Now here are the hosts of the Intego Mac podcast. Veteran Mac journalist, Kirk McElhearn. And Intego’s Chief Security Analyst, Josh Long.

    Kirk McElhearn 0:51
    Good morning, Josh. How are you today?

    Josh Long 0:53
    I’m doing well. How are you, Kirk?

    AirPods firmware update being rolled out by Apple

    Kirk McElhearn 0:54
    I’m a little bit annoyed because I’m waiting for a security update from one of my Apple devices. And I haven’t gotten it yet. What’s happened? Why can’t I get this update?

    Josh Long 1:04
    I think you’re talking about the new AirPods firmware update that just came out this week? (Yep.) Yeah. How are you supposed to tell by the way that you have a firmware update available or that it has installed?

    Kirk McElhearn 1:17
    You can’t tell. Actually, the only thing you can find out is the current version of firmware. So I’m on my iPhone, and I’m using my AirPods pro right now. And if I go into settings, and then I tap at the very top where it says my AirPods Pro, scroll all the way down to the bottom about version. It says that my version is 6 F 7, the latest firmware update is 6 F 8. So my AirPods Pro are at risk.

    Josh Long 1:43
    Wow. Okay, interesting. So and there’s no way to force it to update or prompted or whatever.

    Kirk McElhearn 1:50
    No, you can’t force it, it will just happen when Apple decides it wants to issue the update.

    Josh Long 1:55
    Well, let’s talk about what that vulnerability is. So Apple says that there was one vulnerability that has been fixed in this firmware update. And they say that the impact is, when your headphones are seeking a connection request to one of your previously paired devices. An attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones, which is like, okay, that doesn’t sound like the end of the world. But I guess also not something you really want other people to do. So they classified it as a security update. So eventually, you should get those firmware updates on various devices, a couple of different AirPods models and also beats models that get this particular firmware.

    Kirk McElhearn 2:39
    I kind of think it means that someone could like send you messages to your headphones, a kind of Tom Cruise thing. Right. And so you hear a ring in your headphones, because Tom Cruise has sent a fake phone call something like that, maybe.

    Josh Long 2:54
    And so then you’re distracted, because now you’re looking down at your phone to see who’s calling you. And meanwhile in the background, Tom Cruise’s sneaking around and you didn’t notice him.

    What happened to Apple’s “Pay Later” service?

    Kirk McElhearn 3:06
    Exactly. And it’s the other guy who’s actually making the call. A while back, we talked about the Google graveyard of all the features that Google has killed over the years. And this I think it was 120 or something at the time. Apple cancels features removes features abandons them regularly. After years, something just disappears. But Apple just shut off a feature that they only introduced, if I’m not mistaken, last October. So what eight months ago.

    Josh Long 3:34
    This abandoned feature is buy now pay later, which was a function of the Apple card, I believe, is that how that worked.

    Kirk McElhearn 3:44
    I think that you could use the Apple card to get a buy now pay later loan as a BNPL was what this is being called. And basically, I’m kind of surprised that Apple even watch this because so this is the kind of feature you can buy something and pay it over three or four months, right with no interest. And this is extremely common. Over here in Europe, there’s a company named Klarna, which is a Swedish company that has most of the market. Amazon here even offers that for certain products over you know a given value. What happened is that there is a new regulation going into effect, which involves the Truth in Lending Act that according to the Ars Technica Article stipulates that BNPL lenders must provide consumers some key legal protections and rights that apply to conventional credit cards. These include the right to dispute charges and demand a refund from the lender when returning a product purchase with the Buy Now pay later on. So buy now pay later wasn’t regulated by credit cards before the same things going on over here in the UK and probably other countries. It’s grown so quickly, that the regulations are catching up. It’s kind of weird because you know that Apple had these big ideas of becoming a bank in some way. And the Apple card and Apple Pay and that them pulling back from this so quickly without even trying To find a way to, I don’t know, work around the new regulation suggests that this is just that they’ve changed their mind that they don’t want this kind of problem.

    Josh Long 5:08
    Right. That’s what I find interesting about this. And the feature was actually called Apple Pay Later, that was the official name for this service. But yeah, it’s interesting to see this going away. So quickly, it almost seems like maybe Apple didn’t anticipate some of the potential, you know, legal or monetary challenges that they might face with implementing such a feature. So unfortunately, it’s going away. If you have been using that you won’t be able to any longer.

    Some new iOS features won’t be available for EU users right away

    Kirk McElhearn 5:36
    But if you have a current Buy now pay later won’t, you will be able to pay it off on whatever the duration you would take, and you just won’t be able to take out new ones. I’ve used this to buy several things. As I said, Amazon offers it and other companies offer it. And if I’m buying something that’s a little bit expensive, and I can pay over three months with 0% interest, I’m happy to do that. You may have bought an iPhone with 0% interest over 24 months. That’s how they sell them over here. That’s how they really want to get people to commit to an iPhone. And that’s totally different. That’s a proper loan involves a credit check, credit rating, you know, all of that where it’s a buy now pay later doesn’t. So it’s pretty easy to get a buy now pay later plan compared to getting an actual loan, but it’s also you also have less protection. So I guess maybe Apple shouldn’t try to become a bank. Maybe it’s not their like core competency? I don’t know. (Yeah, that definitely seems to be the case.) Speaking of Apple in the EU, Apple has claimed that EU users will not get Apple intelligence, iPhone Mirroring or the new Share play screen sharing features this year. And John Gruber, of Daring Fireball says thanks to the DMA. What I understand is that Gruber is kind of misinterpreting what’s going on. And I think that iPhone mirroring, for example, the new rule in the EU for the large companies. So this is Apple, Microsoft, Google and everything is that competitors should be able to have access to certain features. And I think Apple is worried that they should have to provide iPhone mirroring access to Windows, or Android phone access to the Mac. Right? This isn’t about privacy or anything like that. This is more about okay, share play screen sharing Well, they’ve got to make it available for Android phones and Windows PCs. And Apple doesn’t want to do that.

    Josh Long 7:20
    And the DMA by the way, that’s the digital markets act. So this is the same new legislation that requires Apple to have third party app stores, for example, on iPhone, there’s a number of things that have changed in the EU because of this digital markets act. And so, Gruber’s interpretation is that all of these features are not going to be available because of that. What I think is interesting about this is just the fact that Apple intelligence, which is like a core feature, like it’s the one of the main reasons to upgrade to iOS 18. Obviously, other than security updates, you’re not really getting a whole lot out of iOS 18 If you’re not getting Apple intelligence features, and I know there are people out there who actually care about placing the icons exactly where they want them on their home screen. But aside from that, I mean, those are not like critical features that people are just going to be dying to upgrade for right. I’m sure there will probably be new emojis too. They didn’t really talk about that at WWDC. But typically every year, they add some new emojis and so people will want to upgrade for that, I suppose. But the main thing, the big thing that Apple announced at WWDC is Apple intelligence. And it’s really, as of when it launches in the fall in beta, it’s only going to be available in US English, which is going to be kind of problematic for I think a lot of the world not just for the EU.

    The iOS Files app will be getting new features under iOS 18

    Kirk McElhearn 8:47
    Well, and also, as we discussed recently, I’ll put a link in the show notes, you won’t be able to get it unless you have an iPhone 15 or 15 Pro, or becoming iPhone 16 models or any M1 Max, but most people were worried about this on mobile, I want to just mention briefly, a couple of features that are coming to the files app in iOS 18. They’re actually quite interesting. The first one is that the files app will be able to format disks. So if you connect, say an external SSD via USB C to your iPhone or your iPad, you’ll be able to format it using the files app. Another feature, this doesn’t affect everyone. But if you store files in iCloud Drive, I can’t drive or delete these files every now and then because it thinks you don’t need them. And you’ll now be able to, I was gonna say right click tap and hold on a file or a folder and tell the files app to keep it downloaded to not delete it for you. And this can be really useful if you have a big file and you don’t want to have to redownload it. But also there are some apps that store a lot of files in a folder that you can’t watch correctly unless all the files can be read. So it slows things up. Finally, and this is like why didn’t they have this before you can tap and hold a file or folder and you can choose compress to create a zip archive.

    Josh Long 9:57
    Yes, but as you pointed out Have, you can’t do this. And also add a password to that zip archive, right. So you’re you’re creating a zip archive. But if you want to create a password protected zip archive that’s not built into the files app yet, well…

    Kirk McElhearn 10:14
    But that’ll be for iOS 19. Come on. I don’t know if there are any third party apps that can do that there probably are, that can access the files app and create a password protected zip archive. But already creating a zip archive to send someone a bunch of files can be more practical than trying to send an entire folder, which will take up more space or whatever.

    Josh Long 10:34
    It is kind of interesting that we’re finally getting features like this on iOS, because Android is had like full file system access. And you know, you can download apps from the Google Play Store that give you access to the whole file system if you want. And well, we don’t have that yet. But at least we’re getting maybe a step closer to that I don’t think Apple will ever give people a full access to the file system on iOS. But at least they’re giving us some features that have been missing for a long time.

    Apple expands Self Service Repair program to Europe

    Kirk McElhearn 11:03
    Okay, more Apple in Europe, Apple is expanding their self service repair diagnostic support to Europe. And we talked about this last year, when the self service repair system came out that you could rent two big boxes of hardware from Apple that weighed like 70 pounds with devices to take your iPhone apart and put a new screen and whatever. And all because you want to change your own screen on your iPhone and not have someone else do it. Now this was initially only in the US. And now apparently it’s expanded to 32 European countries. So not just the European Union. And Apple also said it’s going to expand to Canada soon. Now this is obviously Apple planning ahead for the European Union to attack them for right to repair. And there are four states I think in the US who’ve passed laws. What did you say New York, Michigan, California and Oregon. And there are more and more who are doing this. And Apple doesn’t have a choice anymore, that they have to kind of do this. And it’s a complicated process, because they’ve built up, I want to say a supply chain of doing their own repairs, and not letting anyone else do it.

    Josh Long 12:07
    Right. You know, anything that has to do with being able to repair your own devices, the more that Apple does in this regard, I think the better I think it’s a wonderful thing for those who have the technical know how and just need the availability of the parts and the tools that they need to be able to do this themselves. I think it’s a great thing.

    Kirk McElhearn 12:27
    In Apple’s press release for this, which I will link to in the show notes. They mentioned something called Apple diagnostics for self service repair. And I had heard about this before this launch last year, you go on safari, and you click a link, I’ll put a link in the show notes. And you can choose an iPhone, a Mac or a studio display, you enter your serial number, and you have to put the device in diagnostics mode. Now there’s instructions of how to do this. And what this does is it runs the software that Apple uses to diagnose hardware problems. I guess it sends it over the internet runs it on your device and incentive report back so it can tell you what repairs are needed. That’s pretty clever.

    Josh Long 13:03
    You know, this reminds me a lot of something that Microsoft used to do way back in the day like used to be able to do a lot more in the browser with like ActiveX controls on Windows. And this sounds sort of like that, like because you have to use Safari, of course to do this. So they’re using Apple technologies to allow this diagnostic process to happen. But it’s it’s kind of cool. I like the idea of being able to do things that you wouldn’t expect that you could do in a browser. It’s being used for for good and not for evil. So that’s cool.

    Kirk McElhearn 13:36
    Okay, we’re gonna take a break. When we come back, we’re going to talk a little bit more about Apple’s right to repair.

    Voice Over 13:44
    Protecting your online security and privacy has never been more important than it is today. Intego has been proudly protecting Mac users for over 25 years. And our latest Mac protection suite includes the tools you need to stay protected. Intego’s Mac Premium Bundle X9 includes Virus Barrier, the world’s best Mac anti-malware protection, Net Barrier, powerful inbound and outbound firewall security, Personal Backup to keep your important files safe from ransomware. And much more to help protect, secure and organize your Mac. Best of all, it’s compatible with macOS Sonoma, and the latest Apple Silicon Macs. Download the free trial of Mac Premium Bundle X9 from intego.com today. When you’re ready to buy, Intego Mac Podcast listeners can get a special discount by using the link in this episode’s show notes at podcast.intego.com. That’s podcast.intego.com and click on this episode to find the special discount link exclusively for Intego Mac Podcast listeners. Intego. World class protection and utility software for Mac users made by the Mac security experts.

    Apple boasts of its devices’ longevity, while limiting the number of operating system updates they can receive

    Kirk McElhearn 15:00
    Today when Apple announced the new right to repair in Europe, they also released a white paper entitled “Longevity. By Design”. And they discuss how Apple devices are made to last. And designing for longevity is a company wide effort. And it talks about, let’s see, 40% more value retained an iPhone over competitors, product lifespan five plus years old, the age of hundreds of millions of iPhones still in use, we’ll get to that in a second, hundreds of millions of iPhones are still in use that are five years old or older. And that’s a problem. And see, this sounds like the kind of white paper that they’ve written for the European Union. Right. And that’s why I mentioned earlier that the right to repair in Europe is probably trying to stave off some sort of regulatory attack from the European Union. And they’re talking about here’s a pull quote, repair ability is repairability, or reparability. How do you say that Josh?

    Josh Long 15:53
    I don’t know, I guess I would say repairability.

    Kirk McElhearn 15:57
    Okay. Repairability is an essential component of longevity, yet optimizing for repairability alone may not yield the best outcome for our customers or the environment. That sounds like a PowerPoint of like some management consultant coming into a business that sounds like it means absolutely nothing. But they do go through this whole thing talking about environmental impact and access to repair services. But then they talk about safety, security and privacy. And that’s what caught our attention. Because we’ve mentioned recently that Apple in an obscure regulatory document in the UK committed to providing updates for Apple devices for a minimum of five years. And this is from the first date of sale. Now, if you were listening closely and weren’t distracted, about two minutes ago, we mentioned that there are hundreds of millions of iPhones that are five years old or older still in use. You see, the thing is, those devices aren’t getting update. Now, this has been Josh’s crusade for as long as I can remember on episode 350 of the podcast, and I think at least 100 times he’s talked about this, the fact that Apple does not update the current operating system minus two. So we’re at iOS 17. They update some security fixes for iOS 16. But rarely, anything before that, even though there was an iOS 12 update last year wasn’t there.

    Josh Long 17:17
    In January of 2023. Yeah, that’s the thing is like when there are updates, they’re few and far between for previous versions of iOS, on the Mac OS side, they do pretty regularly offer updates for the two previous Mac OS versions. However, as we’ve pointed out, many, many times, it’s only a handful of updates that they’re recording back to the previous operating systems. So you get all the patches, if you have the latest operating system on both Mac OS and iOS, same thing for iPad OS. And if you have a previous operating system, well, you might get some updates occasionally. But you’re they’re not patching all known vulnerabilities. Typically what they’ll patch is all the known, actively exploited in the wild vulnerabilities, and maybe a handful of others. But there’s no promises. There’s no guarantees. And Apple doesn’t really even say what they’re gonna patch or not. For older operating systems, it’s kind of you get what you get.

    Kirk McElhearn 18:22
    Not only that the five years that Apple was committing to or from the date of first sale. Now, if you look at the Apple website, right now you can buy an iPhone 15, that’s last year’s model, you can buy an iPhone 14, that’s the 2022 model. And you can buy an iPhone 13, which is the 2021 model. In 2024, you can buy an iPhone 13, which is guaranteed to get two more years of software updates. That doesn’t mean it’s only going to get two years. Because if I will get my chart of the iPhone 13 and software compatibility, it looks like it’s going to be compatible with the current version of iOS for a couple more years, but still committing to five years from first date of sale rather than last date of sale. Which interestingly, Amazon does that when he talks about their Kindle sakes commit I believe, to seven years from the last date of sale. But talking about the first date of sale is not as generous as it sounds. Right.

    Josh Long 19:14
    Right. And comparing this to other companies. So like, for example, Google has its Pixel phones. And as of last year, starting with the pixel eight line of Android phones, you can get seven years from the initial date of sale of both main operating system updates and security updates. They’re committing to both of those things, not just well, you’ll get like an older OS version, but we’ll still patch everything security wise. No, they’re saying you’ll get the full updates for a full seven years from the first date of sale. And Google only sells the pixel seven and newer at this point. So they only go back one year whereas Apple goes back two years. First, it seems as though Google is doing a much better job here. They’re offering more years, and they’re not selling these devices for as long.

    Kirk McElhearn 20:07
    One exception with Apple is that the iPhone SE, is not updated every year. So the second generation came out in 2018, the third generation came out and 2022. So these are devices that are sold for longer than any other phone.

    Josh Long 20:23
    Right. Typically. And that’s probably what we’ll see again here, because, well, it’ll be I guess, roughly the same as Apple’s been selling the iPhone 13 models, right, because they still do have a base iPhone 13 that they’re selling as like an cheaper older model. And that came out September 2021, the SC third generation came out March 2022. And it’s not likely to be replaced until roughly about March timeframe next year. That’s what we’re kind of expecting right now from the fourth generation se. So there’ll be about the same amount of time. But think about that. So assuming that Apple is going to stop selling the iPhone 13, as soon as the 16 comes out in the fall, right. That’s how many years that’s going to be three years that it was sold after the initial date of sale. So if you were to buy an iPhone 13 in August 2024, you might get two years of operating system updates. That’s not really great.

    Kirk McElhearn 21:30
    To be fair. To be fair, I’ve got a spreadsheet that I made. And I don’t see any iPhone model that’s gotten less than five years, the Apple Watch is a little bit different, the first Apple Watch, so he only got four years of updates. So it depends on the device, iPads are different, they tend to last a little bit longer, they tend to get a little bit more. And Mac’s obviously much different because what are we getting Mac’s back to 2018 2017 2018 are compatible with this year as Mac OS Sequoia.

    Josh Long 21:58
    Right. But again, we’re talking about from initial date of sale. So if you happen to buy an Apple product at the very tail end of when Apple is still selling it, that could be kind of a problem if you’re not planning on upgrading to the next model in a year or two.

    Many Chrome browser extensions likely contain vulnerable software frameworks

    Kirk McElhearn 22:14
    Okay, there are lots of dangerous extensions in the Google Chrome Store. And a trio of researchers looked at 125,000 extensions, and this went up through 2023. And they found some really stunning numbers, like 1/3 of them are using JavaScript libraries that are out of date with known vulnerabilities.

    Josh Long 22:32
    Right, right. So there’s a disconnect between what Google is saying on one side there, they say less than 1% of all installs from the Chrome Web Store were found to include malware. Is it something to brag about, like, less than 1%? I mean, that’s kind of bad. Like, if it’s close to 1%, then you’re saying that about one out of like, every 100 Chrome extensions that are being installed include malware, that’s crazy.

    Kirk McElhearn 23:01
    No, no, no one out of every 100 installs. Right. So remember, maybe there’s one extension that has 100 million installs. And another extension that has malware that has a million, right, so it’s one out of 100 installs, it’s not extensions, which is Google’s way of saying, Well, what are the extensions are okay, it’s just a tiny bit that aren’t. But maybe there’s actually 40,000 that aren’t good, that just aren’t installed a lot. But they are still in the Chrome Store, and people can still download them and install them.

    Josh Long 23:32
    Yeah, I guess kind of what Google may be trying to say with that the way they’re wording that is, if there are malicious extensions, we find them quickly and remove them. So it’s, there’s not a lot of people installing them. And, again, that less than 1%. That number is kind of bothersome to me, but Okay, so that’s one thing. They’re talking about malware. So the difference here with these researchers, they’re talking about extensions that may be dangerous to you, not because they contain malware, but because they contain dangerous code, or outdated libraries. The way that these chrome extensions work, browser extensions, in general, are using bits of code, for example, JavaScript code. So with all of these different code libraries that are being used, there’s potentially outdated libraries that they might be using some old versions of some JavaScript libraries that they might be borrowing from somebody else, or building on some other existing extension framework or whatever. In addition to that, there’s also a platform update for these extensions. So most of the extensions of all these older extensions are on manifest v two, and now Google is trying to get everybody to move to manifest V three, this, like newer, more secure version of extensions, basically. And so these researchers are saying, Look, just in JavaScript libraries being out of date, there are are 1/3 of all of these extensions, we’ve looked at about 40,000 extensions of the 125,000, I think that they looked at, have a known vulnerability in their JavaScript library. That’s crazy. So, so people are just installing these extensions, not realizing that they’re super out of date and putting them at risk, they’re actually making you more vulnerable just because of installing these extensions. So having a lot of extensions installed significantly increases your attack surface.

    Kirk McElhearn 25:34
    “Attack surfaces”, I love that term. That’d be great term for a punk band. One thing that I found really interesting in this article is that they were talking about how long malicious extensions remain in the Chrome Web Store. If they contain malware, it’s about 380 days, if they simply contain vulnerable code is 12 140 days on average. But the longest surviving malicious extension was available in the store for eight and a half years. It was last updated in December 2013. And it was found to contain malware in June 2022, which is when they did this survey eight and a half years. So Google’s not really looking for these things they’re not doing. If you’ve been using extensions in Safari for a while, you may have noticed a year to year two, three years ago that they changed the way extensions were installed, you used to be able to download them directly from a website. Now you have to get them from the Mac App Store. An extension is bundled inside an app, the app itself may do nothing but serve as a bundle for an extension. So you may be downloading an extension for one password, for example, you download the one password extension for Safari. That’s all it is. It’s not the one Password app, and you’ll have an app on your Mac that says one password extension for Safari. But the reason Apple’s doing this is so they can vet these extensions in the Mac App Store, the notarization process code signing, etc. Google doesn’t seem to be doing that at all.

    Josh Long 26:51
    Well, I so I imagine what’s happening here is that Google is only assessing these extensions at the time that they’re submitted. And they’re probably looking specifically for malware, which is one of the things that Apple does. But the other thing that Google evidently is not doing or not doing very well, or maybe at the very least needs to go back and run these tests, again, on older extensions after some period of time of inactivity of not being updated and the extension store. But evidently, Google’s not checking for known vulnerabilities in many of these libraries. Because if a third of extensions that you can find in the Chrome Store, are vulnerable. Well, that’s a really big problem. This is something that Google needs to look at a lot more carefully, kind of like how Google needs to do a better job of looking at its advertisements on Google ads platform, and maybe not putting malware links up at the top of search results. Gosh, it seems like there’s kind of a disconnect, you know, like Google doesn’t seem to really take security seriously, a lot of the time.

    Kirk McElhearn 27:57
    Well, that would be a great pull-quote Google doesn’t take security seriously. We’ve got to go but I want to do a lightning round with one question, Josh. Yes or no? Are you willing to pay up to $10 a month for Amazon’s new AI powered Alexa? Yes or No?

    Josh Long 28:13
    No

    Kirk McElhearn 27:13
    Okay.

    Josh Long 28:14
    Emphatically no.

    Kirk McElhearn 28:16
    Okay, that’s it for this week. Until next week, just stay secure.

    Josh Long 28:21
    All right, stay secure.

    Voice Over 28:24
    Thanks for listening to the Intego Mac podcast, the voice of Mac security with your host, Kirk McElhearn and Josh Long. To get every weekly episode, be sure to follow us on Apple Podcasts, or subscribe in your favorite podcast app. And, if you can, leave a rating, a like or review. Links to topics and information mentioned in the podcast can be found in the show notes for the episode at podcast.intego.com. The Intego website is also where to find details on the full line of Intego security and utility software. intego.com.

    About Kirk McElhearn

    Kirk McElhearn writes about Apple products and more on his blog Kirkville. He is co-host of the Intego Mac Podcast, as well as several other podcasts, and is a regular contributor to The Mac Security Blog, TidBITS, and several other websites and publications. Kirk has written more than two dozen books, including Take Control books about Apple's media apps, Scrivener, and LaunchBar. Follow him on Twitter at @mcelhearn. View all posts by Kirk McElhearn →