macOS

Apple Has Disabled Group FaceTime to Prevent Pre-call Eavesdropping

eavesdropping.jpg

A serious bug has been discovered in Apple’s Group FaceTime multi-person video chat technology. It allows someone to call you via FaceTime and then, with just a few simple steps, listen in on audio from your iPhone, iPad, or Mac while the call is ringing, before you have accepted or rejected it. To prevent the problem from being exploited, Apple says it has disabled Group FaceTime and promises a fix “later this week.”

In the meantime, if you’re still concerned (there were some reports of people being able to invoke the bug even after Apple disabled Group FaceTime), we recommend turning off FaceTime entirely in Settings > FaceTime in iOS and by launching the FaceTime app in macOS and then choosing FaceTime > Turn FaceTime Off. (Or just be quiet when a FaceTime call comes in.) Apple may be able to fix the problem without requiring users to update software; if iOS and macOS updates do prove to be necessary, we recommend that you install them sooner rather than later.

How to Unlock Your Mac with a Wave of Your Hand

Okay, with a wave of your Apple Watch. It’s magic. You walk up to your Mac, touch a key to wake it up, and upon noticing that you’re wearing your Apple Watch, it unlocks without making you enter a password. Brilliant! For some of us, it’s pretty much reason enough to get an Apple Watch.

Auto Unlock, as Apple calls this feature, lets you protect your Mac with a strong password—recommended for international spies and teenagers alike—without forcing you to type your password repeatedly. (You will have to type it the first time after you turn on, restart, or log out of your Mac.) 

To enable this protection and keep people out of your Mac when you’re away, go to System Preferences > Security & Privacy > General and select “Require password after sleep or screen saver begins.” Since your Apple Watch will be doing all the heavy lifting, feel free to set a short time span. Then select “Allow your Apple Watch to unlock your Mac.” If the stars are smiling on you, that’s all you’ll need to do.

 
 

However, it’s likely that something won’t be quite right for Auto Unlock to function properly, since it has a bunch of requirements.

First, make sure your hardware is new enough and sufficiently up-to-date. Your Mac must be from mid-2013 or later, and it must be running macOS 10.12 Sierra or later. (If you aren’t sure about your Mac, see if that checkbox labeled “Allow your Apple Watch to unlock your Mac” is present. If not, your Mac is too old.) Any model of Apple Watch will work, but it needs to be using at least watchOS 3.

Next, you need to turn on two-factor authentication. If you were using Apple’s previous two-step verification, you must switch to two-factor authentication. It adds an extra layer of security to your Apple devices and accounts, including iCloud, and is well worth doing in this day and age of password thefts. Plus, it ensures you don’t have to remember those security questions about your favorite elementary school teacher! The links earlier in this paragraph have more details, but you enable two-factor authentication in System Preferences > iCloud > Account Details > Security.

Now for the checklist. For Auto Unlock to work:

  • Your Mac must have Bluetooth turned on. Click the Bluetooth icon in the menu bar or look in System Preferences > Bluetooth.
  • Your Mac must have Wi-Fi turned on, even if you’re using Ethernet. Click the Wi-Fi icon in the menu bar and choose Turn Wi-Fi On if necessary.
 
  • Your Mac and your Apple Watch must be signed in to iCloud using the same Apple ID. Verify that in System Preferences > iCloud on the Mac, and on your iPhone in the Apple Watch app, in General > Apple ID.
  • Your Apple Watch must have a passcode enabled. On your iPhone, in the Apple Watch app, tap Passcode and then Turn Passcode On. So you don’t have to enter your passcode, enable Unlock with iPhone.
 
 
  • Your Mac must not be using Internet Sharing. Verify that in System Preferences > Sharing.
 
 

It’s a lot to check, we know, but you only have to do it once. After that, go back to System Preferences > Security & Privacy > General and select “Allow your Apple Watch to unlock your Mac.” It may prompt for your password, and there you have it.

After that, every time you wake your Mac or stop the screensaver, it will unlock automatically with your Apple Watch. If you’re not wearing the Apple Watch, or if your watch is locked (hence our recommendation of Unlock with iPhone), you can still type your password at the Mac’s login screen.

There is one small gotcha. Every time you install a macOS update, Apple disables that checkbox, presumably for some security reason. Just go back into the Security & Privacy preference pane and turn it back on. Happily, that’s nothing for the win of not having to unlock your Mac with your password multiple times per day.

How to Enter Emoji on the Mac

The only characters that are easier to type in iOS than on the Mac are emoji, those cartoon-like pictures that were created in Japan just before the turn of the century as a way of sharing pictures on mobile devices. They caught on in the United States in 2011, after Apple built an emoji keyboard into the iPhone with iOS 5 and added them to OS X 10.7 Lion. They’re most often used to pretty up chat messages, but since they’re actually font characters, you can also increase their size and use them like clip art in any Mac app.

Even though emoji have been readily accessible since 2011, many Mac users have never figured out how to enter them, since you can’t just type them on a keyboard. So, if you want to insert a 😀 in a post in Messages or a note in Mail, you need to use the Characters viewer. To bring it up in most Mac apps, choose Edit > Emoji & Symbols or use its keyboard shortcut: Command-Control-Space. When the Characters viewer first appears, it may be compressed (above left); click the square expansion icon to expand it to its full glory (above right).

The compressed view is fine, but the expanded view makes it easier to browse through the full set of emoji and search for particular emoji—you can also make the expanded version larger and see more emoji at once by dragging a corner. With Emoji chosen in the first column of the enlarged view, the second column lists emoji categories, such as Smileys & People, Animals & Nature, Food & Drink, and so on. In the compressed view, you can see the same categories by clicking the icons at the bottom. If you want a particular emoji, search for it by typing in the Search field—try “fruit” or “apple.”

You can insert an emoji from the Characters viewer in three main ways—if one method doesn’t work in a particular app, try another:

  • While the cursor is active in a text area, double-click a character in the viewer.
  • Drag a character out of the viewer and into a text area.
  • Drag a character out of the viewer to the Desktop to create a text clipping with it. Then drag that text clipping anywhere you can type.

Once you insert a character, it appears in the Frequently Used category; in the expanded version of the Characters viewer, you can also click the Add to Favorites button to add the current emoji to the Favorites category.

With many of the emoji of people, the first time you click the emoji, you’ll see a popover that lets you choose a skin tone other than the default, and macOS remembers your selection. If you wish to change an emoji’s skin tone later, click and hold until its popover appears (or use Force Touch, if you’re working with an appropriate trackpad).

One warning: If you send emoji from an Apple device to someone using a non-Apple device or operating system, they may see slightly different emoji than what you sent. The most notable example of this is Apple’s “pistol” emoji, which now looks like a green squirt gun 🔫; whereas, that emoji on other platforms generally looks like a more realistic handgun. The Unicode Consortium publishes a full list of what each emoji looks like on different platforms.

It’s easy to assume that emoji are a fad, or are used only by the young, but in reality, they’re having a profound effect on written communication. While an octogenarian may not understand that a line of dancers 💃💃💃💃💃 is meant to convey enthusiasm, a teen from China who speaks no English might get it. New York Magazine has covered the topic in depth, so give that article a read if you’re curious.

Stop Unwanted Notifications with Do Not Disturb

If you're not using the wonder that is Do Not Disturb, stop whatever you're doing and read on. Trust me, there’s nothing worse than being woken from a sound sleep by a notification from your iPhone, particularly when it’s something annoying like a robocall. On the Mac, notifications won’t generally wake you up, but they can be distracting when you’re trying to focus. Or, imagine the embarrassment if you get a text message from a snarky buddy while you’re giving a Keynote presentation. Do Not Disturb to the rescue!

In both iOS and macOS, you can engage Do Not Disturb manually at any time. That’s perfect if you want to make sure your iPhone doesn’t make noise in the theater or prevent your Mac from showing notifications while showing your latest work to your boss.

  • In iOS, either go to Settings > Do Not Disturb and toggle the Manual switch, or swipe up from the bottom of the screen to reveal Control Center and tap the Do Not Disturb button. You can also ask Siri to “Turn on Do Not Disturb.” A crescent moon icon appears in the status bar at the top of the screen when Do Not Disturb is on.

On the Mac, click the Notification Center icon in the top-right corner of the screen, scroll up to reveal the Do Not Disturb controls, and toggle the switch. For a quicker way, Option-click the Notification Center icon. In Sierra, Siri can control Do Not Disturb as well. The Notification Center icon is light gray instead of black when Do No Disturb is on.

You can turn Do Not Disturb off manually (which is a good idea if you’ve disabled it on your iPhone during a doctor’s appointment, for instance). On the Mac, it turns off automatically at midnight.

No one wants to enable Do Not Disturb manually every night. Happily, both iOS and macOS can turn it on automatically on a schedule.

  • In iOS, go to Settings > Do Not Disturb, turn on the Scheduled switch, and tap the From/To times to adjust when it should turn on and off automatically.
  • On the Mac, open System Preferences > Notifications > Do Not Disturb, select the checkbox next to the time fields, and enter from From and To times.

The Mac offers a few welcome options that automatically engage Do Not Disturb when the display is sleeping (usually a no-brainer) and when mirroring the display to a TV or projector (which should prevent notifications during presentations).

In iOS, you can choose which calls can break through Do Not Disturb’s cone of silence. On both platforms, you can allow repeated calls through — if someone wants to get in touch badly enough to try twice in quick succession, it’s probably important.

Nearly everyone should be using Do Not Disturb, so if you haven’t taken advantage of it yet, check it out now, before an errant phone call or iOS notification wakes you in the middle of the night.

What's the Deal with Two-Step Verification?

It seems that we can’t go a week without hearing about some new security breach involving tens of thousands or even millions of passwords. That’s why it’s essential that you use strong passwords of random characters (and manage them in a full-featured password manager like 1Password or LastPass or, for a more basic approach, iCloud Keychain). But many major Internet companies like Apple, Google, Facebook, and Dropbox offer an option for a higher level of security, called two-step verification.

With a normal account, a bad guy has to get only one thing—your password—to break in. With an account that’s protected by two-step verification, however, breaking in becomes far more difficult. That’s because logging in requires both your normal password and a time-limited one-time password that is generated by a special authentication app or sent to you in an SMS text message or via email. What’s important about these secondary passwords is that they’re valid only for a short time and they can be used only once. You have to enter these secondary passwords only the first time that you log in on a particular device or in a particular Web browser, so they are just an occasional extra step, not a daily inconvenience.

Sites that offer two-step verification will provide setup and usage instructions, but the basics are as follows. You’ll enable two-step verification in the account settings, and then tell the site how you’ll get the one-time password when you want to log in, generally providing your phone number or email address. For services that use an authentication app like Google Authenticator, Authy, or 1Password, you’ll have to scan a QR code on screen or enter a secret key—either way, that seeds the app with a value that enables it to generate a valid one-time password every 30 seconds. Make sure to record any backup codes the site provides; they’re essential if you lose access to your phone or your email.

When it comes time to log in to a service protected by two-step verification, you’ll enter your username and password as you normally would. Then, you’ll be prompted for a one-time password, and the service will either send you one via SMS or email, or require you to look it up in your authenticator app. Since a bad guy who might have obtained your normal password would also have to intercept your text or email messages, or have stolen your mobile phone (and be able to get past its passcode), you’re far, far safer.

Most sites that use two-step verification don’t require that you enter a one-time password on every login, since that would be overkill. It’s also unnecessary to enable two-step verification for every account you might have—there isn’t much liability to someone logging in to your New York Times account since they couldn’t do anything diabolical once in. For more-important accounts—email, social media, cloud services, banking—you absolutely should use two-step verification for added protection so a bad guy can’t impersonate you to your friends, receive email-based password resets for other sites, or access your most important data.

You may also hear the term two-factor authentication, which is even more secure than two-step verification when implemented correctly. That’s because two-factor authentication combines something you know (your password) with something you have (such as a secure token keyfob that generates time-limited one-time passwords) or something that’s true of you (biometric info like a fingerprint or iris scan). It might seem like using your iPhone to get a text message or run an authenticator app qualifies, but if you end up doing everything on a single device that could be compromised, it’s not true two-factor authentication.

Regardless of the terminology, going beyond a single password, no matter how strong, significantly increases your security, and you would be well served to employ such a security technology for your most important accounts. To learn more about why strong passwords are necessary, using password managers, and even more details behind two-step verification and two-factor authentication, check out Take Control of Your Passwords.

How to Enable "Hey, Siri" in Sierra

With macOS 10.12 Sierra, Siri has finally come to the Mac, and you can ask Apple’s personal assistant for help with all sorts of tasks, such as finding and opening files, adjusting system preferences, setting reminders, getting directions, looking up words, sending or responding to email, looking for photos, and much, much more. To invoke Siri, click the Siri icon in the Dock, click the Siri icon in the menu bar, or press and hold Command-Space.

Wait! What about the hands-free “Hey, Siri” technique that we’ve become accustomed to on the iPhone and Apple Watch? Strangely, Apple didn’t build “Hey, Siri” into Sierra, perhaps to sidestep privacy concerns that your Mac would constantly be listening to everything around it (not true, regardless). Never fear, though, because there’s a way you can bring “Hey, Siri” to the Mac as well. If you have an iPhone or Apple Watch that might respond to “Hey, Siri” commands directed at your Mac, you can use a different voice trigger, like “Yo, Siri” or a different name, like “Hey, Mac.” Follow these steps:

  1. Go to System Preferences > Keyboard > Dictation. Turn Dictation on, and select the checkbox for Use Enhanced Dictation (which may cause your Mac to download additional data files).

2. Jump to System Preferences > Accessibility, and scroll down to select Dictation in the left-hand column.

3. Select Enable the Dictation Keyword Phrase, and then type your trigger word, like “Hey” or “Yo”  into the text field. 

4. Click the Dictation Commands button, select Enable Advanced Commands at the bottom, and then click the + button.

5. In the controls that appear to the right, enter a name like “Siri” or “Mac” in the When I Say field and leave the While Using pop-up menu set to Any Application.

6. From the Perform pop-up menu, choose Open Finder Items, and in the Open dialog that appears, navigate to the Applications folder, select the Siri app, and click Open.

7. Back in the Dictation Commands dialog, click Done and close System Preferences.

Now give it a try by saying “Hey, Siri” (or whatever you used for your trigger and name) and then asking a question like “What’s the weather forecast for tomorrow?” This trick works best if you pause after saying “Hey, Siri” and wait for Siri to beep encouragingly. If your question follows the “Hey, Siri” prompt too quickly, Siri tends to miss what you’ve said.

Siri is far from perfect, but it’s still pretty astonishing what we can now do with voice commands. This little trick will let you talk more naturally to Siri, without having to fuss with the keyboard or mouse.