Re: El Capitan - New Security Improvements

2015-10-07 Thread Ronni Brown 
Hi Stephen,

Yes, you are correct in your reply to Michael. El Capitan has nothing to do 
with violating Anti-Trust laws!
As I mentioned previously "Apple especially in El Capitan is doing everything 
possible to keep your System (& you) Safe”. 

I have not experienced any problems whatsoever since upgrading my MacBook Pro 
to El Capitan OS X 10.11. 
As always though I took the time to carefully do all the preparation of my 
MacBook Pro and BACKUPS (Bootable & Time Machine), prior to downloading and 
installing.
Everything went very smoothly and after the installation progress completes the 
setup screen appeared - Sign in Apple ID - Setup iCloud - verify my Identity - 
verify code sent to iPhone. Then the ‘Setting Up your Mac’ screen completes and 
your Login Screen appears, type login password and you are running El Capitan.
Mail opened and downloaded messages from my five (5) email accounts. I then 
went about checking all my important applications and no problems.

If you are thinking of upgrading to El Capitan Stephen, please make sure that 
you do the Preparation and backups & a bootable backup prior to installing.
It is most important to Update ALL your Applications and any plugins and check 
they are El Capitan compatible BEFORE you install.

I haven’t had time to write instructions How to Prepare for El Capitan but this 
set of instructions is very similar to what I did.
I always disconnect any external drives, disconnect anything connected  to my 
Mac. Turn OFF Time Machine, Turn OFF Automatic backups.

6 Steps to Prepare a Mac for the OS X El Capitan Update - 
<http://osxdaily.com/2015/09/29/prepare-mac-os-x-el-capitan/ 
<http://osxdaily.com/2015/09/29/prepare-mac-os-x-el-capitan/>>

Cheers,
Ronni

17" MacBook Pro 2.3GHz Intel Quad-Core i7 
2.3GHz / 16GB / 1TB 840 EVO SSD

OS X El Capitan 10.11


> On 7 Oct 2015, at 9:14 AM, Stephen Chape <chap...@bigpond.com> wrote:
> 
> Hi Michael,
> Looks to me like this is to do with personal security rather than anti-trust 
> as with Microsoft.
> At least that’s the way I read it.
> 
> And thank you Ronni for the very detailed list of important info.
> I feel I may update to El Capitan later today if time permits.
> 
> 
>> On 6 Oct 2015, at 6:05 pm, Michael Hawkins <michael.hawk...@mjhawkins.com.au 
>> <mailto:michael.hawk...@mjhawkins.com.au>> wrote:
>> 
>> Thinking back to the prosecution against MicroSoft in the late 1990s decade 
>> which indirectly lead to Microsoft injecting cash into Apple to keep Apple 
>> afloat as a competitor to MicroSoft (and thus offer an alternative to 
>> Windows), I wonder why this apparent requirement that users must use iCloud 
>> and two Apple devices as well as use only Apple software doesn’t violate USA 
>> anti-trust laws.
>> 
>> Cheers,
>> 
>> Michael.
>> 
>> 
>>> On 6 Oct 2015, at 3:30 pm, Ronni Brown <ro...@mac.com 
>>> <mailto:ro...@mac.com>> wrote:
>>> 
>>> Hello WAMUGers who are contemplating upgrading to OS X 10.11 El Capitan,
>>> 
>>> I thought I would post about the New Security Improvements for members who 
>>> might not be fully aware of the changes.
>>> Take note of the changes to Two-Factor Authentication in iOS 9 and OS X 
>>> 10.11 El Capitan.
>>> 
>>> El Capitan - New Security Improvements
>>> 
>>> There are new security improvements in El Capitan that should protect Mac 
>>> users from malware, but unfortunately it may also mean that some of the 
>>> software utilities you use no longer work.
>>> 
>>> System Integrity Protection: Also called “rootless,” this feature makes an 
>>> El Capitan Mac more resistant to attacks and malware, but it also limits 
>>> what power users can do to their systems—unless they disable it.
>>> 
>>> What Rootless means in OS X El Capitan?
>>> 
>>> In OS X 10.11 El Capitan, System Integrity Protection, also known as 
>>> rootless, will prevent the modification or removal of certain system files 
>>> even by administrative overrides. This means that no user, application, or 
>>> process will be able to write files or modify files in the root System 
>>> folder or the /bin, /sbin, and /usr directories, which are hidden by 
>>> default in OS X’s Finder. The /usr/local folder will still be accessible 
>>> though.
>>> 
>>> By locking down the core system Apple will scupper the attempts of any 
>>> malware to gain access to files, folders, running processes (software that 
>>> manages tasks in the background) and system apps, such as the Finder and 
>>> Dock. 
>>> This might lead

Re: El Capitan - New Security Improvements

2015-10-06 Thread Neil Houghton 
Hmmm,

Having recently travelled overseas when we just bought local SIM cards and
changed them out as we moved ­ how could two-factor verification work in
this scenario. If my ³trusted device² is associated with a particular
trusted phone number, it will be uncontactable when the SIM is changed. If I
can just sign-in to my account via the new SIM, then it might work ­ but
wouldn¹t that just be one-factor verification.

Also if, say, my iPhone is lost or stolen ­ will find my phone still work
with a different SIM in it and let me ³wipe it² - that would be good ­ but
then am I locked out of my MacBook if my trusted device/trusted phone number
are gone ­ that would leave me totally cut-off and would be bad.

Or am I missing something obvious here?

It seems to me that the fingerprint ID provides a more foolproof security
measure ­ but no doubt has its own problems - what happens when you pick up
that red-hot bit of metal and singe off your fingerprint  ;o)



Cheers



Neil
-- 
Neil R. Houghton
Albany, Western Australia
Tel: +61 8 9841 6063
Email: n...@possumology.com





on 6/10/15 15:30, Ronni Brown at ro...@mac.com wrote:

> Hello WAMUGers who are contemplating upgrading to OS X 10.11 El Capitan,
> 
> I thought I would post about the New Security Improvements for members who
> might not be fully aware of the changes.
> Take note of the changes to Two-Factor Authentication in iOS 9 and OS X 10.11
> El Capitan.
> 
> El Capitan - New Security Improvements
> 
> There are new security improvements in El Capitan that should protect Mac
> users from malware, but unfortunately it may also mean that some of the
> software utilities you use no longer work.
> 
> System Integrity Protection: Also called ³rootless,² this feature makes an El
> Capitan Mac more resistant to attacks and malware, but it also limits what
> power users can do to their systems‹unless they disable it.
> 
> What Rootless means in OS X El Capitan?
> 
> In OS X 10.11 El Capitan, System Integrity Protection, also known as rootless,
> will prevent the modification or removal of certain system files even by
> administrative overrides. This means that no user, application, or process
> will be able to write files or modify files in the root System folder or the
> /bin, /sbin, and /usr directories, which are hidden by default in OS X¹s
> Finder. The /usr/local folder will still be accessible though.
> 
> By locking down the core system Apple will scupper the attempts of any malware
> to gain access to files, folders, running processes (software that manages
> tasks in the background) and system apps, such as the Finder and Dock.
> This might lead to some changes in third party apps you use regularly, for
> instance, prior to El Capitan Dropbox showed sync status in the Finder,
> luckily this won¹t be gone completely, Apple has added generic code to support
> it.
> 
> How will Rootless effect app developers?
> 
> Kernel extensions will still be allowed, but developers will need a valid
> certificate from Apple to get them cryptographically signed.
> 
> However developers of programs like SuperDuper! were busy trying to adapt to
> the new way of working. SuperDuper needs to read everything on a drive to
> perform a clone and, to restore or write anywhere. Which could make it
> impossible to restore a volume without disabling System Integrity Protection.
> 
> Update Note: Update SuperDuper! has now released SuperDuper 2.8(v96) and
> available for automatic upgrade! SuperDuper 2.8(96) is El Capitan compatible.
> 
> How will Rootless effect me in OS X El Capitan?
> 
> These new security measures are designed to avoid the circumstances where a
> user is fooled by some malware and types in their password, allowing a Trojan
> horse to install.
> 
> When you update to El Capitan any non-Apple files in those directories will be
> removed. This might mean that some of the software you use no longer works,
> but it¹s perhaps worth it if it removes horrors lucking within.
> 
> What this means is that it will no longer be the case that a superuser, or
> root, can do anything to the system. Root is something that is fundamental to
> Unix. However, because it is possible to have this root power on Unix (on
> which OS X is based) OS X is vulnerable to attack if a malicious user gains
> root access.
> 
> Can I disable Rootless in OS X El Capitan?
> 
> It is possible to disable this protection, however I would certainly NOT
> recommend you do and therefore won¹t post to WAMUG mailing list how to disable
> Rootless. Apple especially in El Capitan is doing everything possible to keep
> your System (& you) Safe, so why break it?
> 
> Changes to two-factor verification for Apple ID
> 
> € Two-factor authentication: Apple has beefed up security by a

El Capitan - New Security Improvements

2015-10-06 Thread Ronni Brown 
Hello WAMUGers who are contemplating upgrading to OS X 10.11 El Capitan,

I thought I would post about the New Security Improvements for members who 
might not be fully aware of the changes.
Take note of the changes to Two-Factor Authentication in iOS 9 and OS X 10.11 
El Capitan.

El Capitan - New Security Improvements

There are new security improvements in El Capitan that should protect Mac users 
from malware, but unfortunately it may also mean that some of the software 
utilities you use no longer work.

System Integrity Protection: Also called “rootless,” this feature makes an El 
Capitan Mac more resistant to attacks and malware, but it also limits what 
power users can do to their systems—unless they disable it.

What Rootless means in OS X El Capitan?

In OS X 10.11 El Capitan, System Integrity Protection, also known as rootless, 
will prevent the modification or removal of certain system files even by 
administrative overrides. This means that no user, application, or process will 
be able to write files or modify files in the root System folder or the /bin, 
/sbin, and /usr directories, which are hidden by default in OS X’s Finder. The 
/usr/local folder will still be accessible though.

By locking down the core system Apple will scupper the attempts of any malware 
to gain access to files, folders, running processes (software that manages 
tasks in the background) and system apps, such as the Finder and Dock. 
This might lead to some changes in third party apps you use regularly, for 
instance, prior to El Capitan Dropbox showed sync status in the Finder, luckily 
this won’t be gone completely, Apple has added generic code to support it.

How will Rootless effect app developers?

Kernel extensions will still be allowed, but developers will need a valid 
certificate from Apple to get them cryptographically signed.

However developers of programs like SuperDuper! were busy trying to adapt to 
the new way of working. SuperDuper needs to read everything on a drive to 
perform a clone and, to restore or write anywhere. Which could make it 
impossible to restore a volume without disabling System Integrity Protection.

Update Note: Update SuperDuper! has now released SuperDuper 2.8(v96) and 
available for automatic upgrade! SuperDuper 2.8(96) is El Capitan compatible.

How will Rootless effect me in OS X El Capitan?

These new security measures are designed to avoid the circumstances where a 
user is fooled by some malware and types in their password, allowing a Trojan 
horse to install.

When you update to El Capitan any non-Apple files in those directories will be 
removed. This might mean that some of the software you use no longer works, but 
it’s perhaps worth it if it removes horrors lucking within.

What this means is that it will no longer be the case that a superuser, or 
root, can do anything to the system. Root is something that is fundamental to 
Unix. However, because it is possible to have this root power on Unix (on which 
OS X is based) OS X is vulnerable to attack if a malicious user gains root 
access.

Can I disable Rootless in OS X El Capitan?

It is possible to disable this protection, however I would certainly NOT 
recommend you do and therefore won’t post to WAMUG mailing list how to disable 
Rootless. Apple especially in El Capitan is doing everything possible to keep 
your System (& you) Safe, so why break it?

Changes to two-factor verification for Apple ID

• Two-factor authentication: Apple has beefed up security by adding two-factor 
authentication for your Apple ID in El Capitan and iOS 9. 

Apple’s current “two-step” system requires users to specify a trusted device or 
trusted phone number to which a four-digit code can be sent which you can use 
to confirm your identity. Without both the password and verification code you 
won’t be able to access your account.

Apple has posted an explanation of its plans for two-factor authentication in 
El Capitan and iOS 9, here 
<https://developer.apple.com/support/two-factor-authentication/>. 
Similar to the existing system, users will set up at least one iOS and OS X 
device as “trusted devices.” These devices appear in a list in your Apple ID 
account and can be removed from there. They can be found in OS X in iCloud 
system preferences, by clicking Account Details, and in iOS 9 in Settings > 
iCloud > Account. You also have to verify at least one phone number.

Following set up, whenever you sign in with your Apple ID on a new device or 
browser, you will need to also verify your identity by entering your password 
plus a six-digit verification code that will be displayed automatically on any 
Apple devices you are already signed in to that are running iOS 9 or OS X El 
Capitan. If you don’t have one of your trusted Apple devices handy, you can 
receive the code on your phone via a text message or via phone call instead.

Cheers,
Ronni

13-inch MacBook Air (April 2014)
1.7GHz Dual-Core Intel Core i7, Turbo Boo

Re: El Capitan - New Security Improvements

2015-10-06 Thread Brian Risbey 
Hi Ronni
Great article.

Changes to two-factor verification for Apple ID
Is this why I can't log into iCloud and iTunes since upgrading to El Capitan? 
All my other 0S 9.0 devices can (So, proving my password works) but not my 
MacBookPro 17"(4.1)?  These both 'hang' after entered in password.
I need to set it as a trusted device and set up the two part verification...?

Brian
Sent from my iPhone6 Plus
iOS 9.0 

> On 6 Oct 2015, at 15:30, Ronni Brown  wrote:
> 
> 
> Changes to two-factor verification for Apple ID
-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe -

Re: El Capitan - New Security Improvements

2015-10-06 Thread Brian Risbey 
Hi All,

Changes to two-factor verification for Apple ID

So after reading Ronni's update, I read through my list of devices on my iPhone 
in iCloud Settings and 'none can receive the verification' ... ( can't remember 
the exact sentence)

Brian

On 6 Oct 2015, at 16:36, Brian Risbey  wrote:

Hi Ronni
Great article.

Changes to two-factor verification for Apple ID
Is this why I can't log into iCloud and iTunes since upgrading to El Capitan? 
All my other 0S 9.0 devices can (So, proving my password works) but not my 
MacBookPro 17"(4.1)?  These both 'hang' after entered in password.
I need to set it as a trusted device and set up the two part verification...?

Brian
Sent from my iPhone6 Plus
iOS 9.0 



Brian
Sent from my iPhone6 Plus
iOS 9.0 
> On 6 Oct 2015, at 15:30, Ronni Brown  wrote:
> 
> 
> Changes to two-factor verification for Apple ID

-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe - -- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe -

Re: El Capitan - New Security Improvements

2015-10-06 Thread Brian Risbey 
Hi All

So, I checked my iCloud account, all up to date… then I read "and you need to 
log on using a PC or a Mac", very clever, my MacBookPro freezes when I enter 
the password, 
very “Catch 22”

Brian



On 6 Oct 2015, at 4:47 PM, Brian Risbey  wrote:

Hi All,

Changes to two-factor verification for Apple ID

So after reading Ronni's update, I read through my list of devices on my iPhone 
in iCloud Settings and 'none can receive the verification' ... ( can't remember 
the exact sentence)

Brian

On 6 Oct 2015, at 16:36, Brian Risbey > wrote:

Hi Ronni
Great article.

Changes to two-factor verification for Apple ID
Is this why I can't log into iCloud and iTunes since upgrading to El Capitan? 
All my other 0S 9.0 devices can (So, proving my password works) but not my 
MacBookPro 17"(4.1)?  These both 'hang' after entered in password.
I need to set it as a trusted device and set up the two part verification...?

Brian
Sent from my iPhone6 Plus
iOS 9.0 



Brian
Sent from my iPhone6 Plus
iOS 9.0 
On 6 Oct 2015, at 15:30, Ronni Brown > 
wrote:

> 
> Changes to two-factor verification for Apple ID

-- The WA Macintosh User Group Mailing List --
Archives - >
Guidelines - >
Settings & Unsubscribe - >
-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe - 

-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe -

Re: El Capitan - New Security Improvements

2015-10-06 Thread Stephen Chape 
Hi Michael,
Looks to me like this is to do with personal security rather than anti-trust as 
with Microsoft.
At least that’s the way I read it.

And thank you Ronni for the very detailed list of important info.
I feel I may update to El Capitan later today if time permits.


> On 6 Oct 2015, at 6:05 pm, Michael Hawkins <michael.hawk...@mjhawkins.com.au> 
> wrote:
> 
> Thinking back to the prosecution against MicroSoft in the late 1990s decade 
> which indirectly lead to Microsoft injecting cash into Apple to keep Apple 
> afloat as a competitor to MicroSoft (and thus offer an alternative to 
> Windows), I wonder why this apparent requirement that users must use iCloud 
> and two Apple devices as well as use only Apple software doesn’t violate USA 
> anti-trust laws.
> 
> Cheers,
> 
> Michael.
> 
> 
>> On 6 Oct 2015, at 3:30 pm, Ronni Brown <ro...@mac.com 
>> <mailto:ro...@mac.com>> wrote:
>> 
>> Hello WAMUGers who are contemplating upgrading to OS X 10.11 El Capitan,
>> 
>> I thought I would post about the New Security Improvements for members who 
>> might not be fully aware of the changes.
>> Take note of the changes to Two-Factor Authentication in iOS 9 and OS X 
>> 10.11 El Capitan.
>> 
>> El Capitan - New Security Improvements
>> 
>> There are new security improvements in El Capitan that should protect Mac 
>> users from malware, but unfortunately it may also mean that some of the 
>> software utilities you use no longer work.
>> 
>> System Integrity Protection: Also called “rootless,” this feature makes an 
>> El Capitan Mac more resistant to attacks and malware, but it also limits 
>> what power users can do to their systems—unless they disable it.
>> 
>> What Rootless means in OS X El Capitan?
>> 
>> In OS X 10.11 El Capitan, System Integrity Protection, also known as 
>> rootless, will prevent the modification or removal of certain system files 
>> even by administrative overrides. This means that no user, application, or 
>> process will be able to write files or modify files in the root System 
>> folder or the /bin, /sbin, and /usr directories, which are hidden by default 
>> in OS X’s Finder. The /usr/local folder will still be accessible though.
>> 
>> By locking down the core system Apple will scupper the attempts of any 
>> malware to gain access to files, folders, running processes (software that 
>> manages tasks in the background) and system apps, such as the Finder and 
>> Dock. 
>> This might lead to some changes in third party apps you use regularly, for 
>> instance, prior to El Capitan Dropbox showed sync status in the Finder, 
>> luckily this won’t be gone completely, Apple has added generic code to 
>> support it.
>> 
>> How will Rootless effect app developers?
>> 
>> Kernel extensions will still be allowed, but developers will need a valid 
>> certificate from Apple to get them cryptographically signed.
>> 
>> However developers of programs like SuperDuper! were busy trying to adapt to 
>> the new way of working. SuperDuper needs to read everything on a drive to 
>> perform a clone and, to restore or write anywhere. Which could make it 
>> impossible to restore a volume without disabling System Integrity Protection.
>> 
>> Update Note: Update SuperDuper! has now released SuperDuper 2.8(v96) and 
>> available for automatic upgrade! SuperDuper 2.8(96) is El Capitan compatible.
>> 
>> How will Rootless effect me in OS X El Capitan?
>> 
>> These new security measures are designed to avoid the circumstances where a 
>> user is fooled by some malware and types in their password, allowing a 
>> Trojan horse to install.
>> 
>> When you update to El Capitan any non-Apple files in those directories will 
>> be removed. This might mean that some of the software you use no longer 
>> works, but it’s perhaps worth it if it removes horrors lucking within.
>> 
>> What this means is that it will no longer be the case that a superuser, or 
>> root, can do anything to the system. Root is something that is fundamental 
>> to Unix. However, because it is possible to have this root power on Unix (on 
>> which OS X is based) OS X is vulnerable to attack if a malicious user gains 
>> root access.
>> 
>> Can I disable Rootless in OS X El Capitan?
>> 
>> It is possible to disable this protection, however I would certainly NOT 
>> recommend you do and therefore won’t post to WAMUG mailing list how to 
>> disable Rootless. Apple especially in El Capitan is doing everything 
>> possible to keep your System (&

Re: El Capitan - New Security Improvements

2015-10-06 Thread Peter Crisp 
Brian, thanks for being the Guinea pig for the rest of us. I'm not having any 
issues with my osx currently so will hold off for the moment.

I keenly watch this to read of the fix.

Regards

Pete

> On 6 Oct 2015, at 5:53 PM, Brian Risbey  wrote:
> 
> Hi Ronni
> 
> Yes followed the link...
> Off to WAMUG meeting tonight to share tale of woe:-(
> 
> Brian
> Sent from my iPhone6 Plus
> iOS 9.0 
> 
> On 6 Oct 2015, at 17:42, Ronni Brown  wrote:
> 
> Hi Brian,
> 
> Did you click the ‘here’ link in my previous message it would have taken you 
> to this Developer Support page below.
> Two-Factor Authentication in iOS 9 and OS X El Capitan
> 
> Have a good read there as it might help you. If all fails you could follow 
> the instructions under:
> How do I regain access to my account if I can’t sign in?
> 
> "Account recovery will take a few days—or longer—depending on what account 
> information you are able to provide. The process is designed to get you back 
> into your account as quickly as possible while denying access to anyone who 
> might be pretending to be you."
> 
> Changes to two-factor verification for Apple ID
> 
> • Two-factor authentication: Apple has beefed up security by adding 
> two-factor authentication for your Apple ID in El Capitan and iOS 9. 
> 
> Apple’s current “two-step” system requires users to specify a trusted device 
> or trusted phone number to which a four-digit code can be sent which you can 
> use to confirm your identity. Without both the password and verification code 
> you won’t be able to access your account.
> 
> Apple has posted an explanation of its plans for two-factor authentication in 
> El Capitan and iOS 9, here. 
> Similar to the existing system, users will set up at least one iOS and OS X 
> device as “trusted devices.” These devices appear in a list in your Apple ID 
> account and can be removed from there. They can be found in OS X in iCloud 
> system preferences, by clicking Account Details, and in iOS 9 in Settings > 
> iCloud > Account. You also have to verify at least one phone number.
> 
> Following set up, whenever you sign in with your Apple ID on a new device or 
> browser, you will need to also verify your identity by entering your password 
> plus a six-digit verification code that will be displayed automatically on 
> any Apple devices you are already signed in to that are running iOS 9 or OS X 
> El Capitan. If you don’t have one of your trusted Apple devices handy, you 
> can receive the code on your phone via a text message or via phone call 
> instead.
> 
> 
>> On 6 Oct 2015, at 4:47 pm, Brian Risbey  wrote:
>> 
>> Hi All,
>> 
>> Changes to two-factor verification for Apple ID
>> 
>> So after reading Ronni's update, I read through my list of devices on my 
>> iPhone in iCloud Settings and 'none can receive the verification' ... ( 
>> can't remember the exact sentence)
>> 
>> Brian
>> 
>> On 6 Oct 2015, at 16:36, Brian Risbey  wrote:
>> 
>> Hi Ronni
>> Great article.
>> 
>> Changes to two-factor verification for Apple ID
>> Is this why I can't log into iCloud and iTunes since upgrading to El 
>> Capitan? All my other 0S 9.0 devices can (So, proving my password works) but 
>> not my MacBookPro 17"(4.1)?  These both 'hang' after entered in password.
>> I need to set it as a trusted device and set up the two part verification...?
>> 
>> Brian
>> Sent from my iPhone6 Plus
>> iOS 9.0 
> Cheers,
> Ronni
> 
> 13-inch MacBook Air (April 2014)
> 1.7GHz Dual-Core Intel Core i7, Turbo Boost to 3.3GHz
> 8GB 1600MHz LPDDR3 SDRAM
> 512GB PCIe-based Flash Storage
> 
> OS X Yosemite 10.10.5
> 
> -- The WA Macintosh User Group Mailing List --
> Archives - 
> Guidelines - 
> Settings & Unsubscribe - 
> 
> -- The WA Macintosh User Group Mailing List --
> Archives - 
> Guidelines - 
> Settings & Unsubscribe - 
> 
-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe -

Re: El Capitan - New Security Improvements

2015-10-06 Thread Michael Hawkins 
Thinking back to the prosecution against MicroSoft in the late 1990s decade 
which indirectly lead to Microsoft injecting cash into Apple to keep Apple 
afloat as a competitor to MicroSoft (and thus offer an alternative to Windows), 
I wonder why this apparent requirement that users must use iCloud and two Apple 
devices as well as use only Apple software doesn’t violate USA anti-trust laws.

Cheers,

Michael.


> On 6 Oct 2015, at 3:30 pm, Ronni Brown <ro...@mac.com> wrote:
> 
> Hello WAMUGers who are contemplating upgrading to OS X 10.11 El Capitan,
> 
> I thought I would post about the New Security Improvements for members who 
> might not be fully aware of the changes.
> Take note of the changes to Two-Factor Authentication in iOS 9 and OS X 10.11 
> El Capitan.
> 
> El Capitan - New Security Improvements
> 
> There are new security improvements in El Capitan that should protect Mac 
> users from malware, but unfortunately it may also mean that some of the 
> software utilities you use no longer work.
> 
> System Integrity Protection: Also called “rootless,” this feature makes an El 
> Capitan Mac more resistant to attacks and malware, but it also limits what 
> power users can do to their systems—unless they disable it.
> 
> What Rootless means in OS X El Capitan?
> 
> In OS X 10.11 El Capitan, System Integrity Protection, also known as 
> rootless, will prevent the modification or removal of certain system files 
> even by administrative overrides. This means that no user, application, or 
> process will be able to write files or modify files in the root System folder 
> or the /bin, /sbin, and /usr directories, which are hidden by default in OS 
> X’s Finder. The /usr/local folder will still be accessible though.
> 
> By locking down the core system Apple will scupper the attempts of any 
> malware to gain access to files, folders, running processes (software that 
> manages tasks in the background) and system apps, such as the Finder and 
> Dock. 
> This might lead to some changes in third party apps you use regularly, for 
> instance, prior to El Capitan Dropbox showed sync status in the Finder, 
> luckily this won’t be gone completely, Apple has added generic code to 
> support it.
> 
> How will Rootless effect app developers?
> 
> Kernel extensions will still be allowed, but developers will need a valid 
> certificate from Apple to get them cryptographically signed.
> 
> However developers of programs like SuperDuper! were busy trying to adapt to 
> the new way of working. SuperDuper needs to read everything on a drive to 
> perform a clone and, to restore or write anywhere. Which could make it 
> impossible to restore a volume without disabling System Integrity Protection.
> 
> Update Note: Update SuperDuper! has now released SuperDuper 2.8(v96) and 
> available for automatic upgrade! SuperDuper 2.8(96) is El Capitan compatible.
> 
> How will Rootless effect me in OS X El Capitan?
> 
> These new security measures are designed to avoid the circumstances where a 
> user is fooled by some malware and types in their password, allowing a Trojan 
> horse to install.
> 
> When you update to El Capitan any non-Apple files in those directories will 
> be removed. This might mean that some of the software you use no longer 
> works, but it’s perhaps worth it if it removes horrors lucking within.
> 
> What this means is that it will no longer be the case that a superuser, or 
> root, can do anything to the system. Root is something that is fundamental to 
> Unix. However, because it is possible to have this root power on Unix (on 
> which OS X is based) OS X is vulnerable to attack if a malicious user gains 
> root access.
> 
> Can I disable Rootless in OS X El Capitan?
> 
> It is possible to disable this protection, however I would certainly NOT 
> recommend you do and therefore won’t post to WAMUG mailing list how to 
> disable Rootless. Apple especially in El Capitan is doing everything possible 
> to keep your System (& you) Safe, so why break it?
> 
> Changes to two-factor verification for Apple ID
> 
> • Two-factor authentication: Apple has beefed up security by adding 
> two-factor authentication for your Apple ID in El Capitan and iOS 9. 
> 
> Apple’s current “two-step” system requires users to specify a trusted device 
> or trusted phone number to which a four-digit code can be sent which you can 
> use to confirm your identity. Without both the password and verification code 
> you won’t be able to access your account.
> 
> Apple has posted an explanation of its plans for two-factor authentication in 
> El Capitan and iOS 9, here 
> <https://developer.apple.com/support/two-factor-authentication/>. 
> Similar to the existi

Re: El Capitan - New Security Improvements

2015-10-06 Thread Ronni Brown 
Hi Brian,

Did you click the ‘here 
’ link in my 
previous message it would have taken you to this Developer Support page below.
Two-Factor Authentication in iOS 9 and OS X El Capitan 


Have a good read there as it might help you. If all fails you could follow the 
instructions under:
How do I regain access to my account if I can’t sign in?

"Account recovery will take a few days—or longer—depending on what account 
information you are able to provide. The process is designed to get you back 
into your account as quickly as possible while denying access to anyone who 
might be pretending to be you."

Changes to two-factor verification for Apple ID

• Two-factor authentication: Apple has beefed up security by adding two-factor 
authentication for your Apple ID in El Capitan and iOS 9. 

Apple’s current “two-step” system requires users to specify a trusted device or 
trusted phone number to which a four-digit code can be sent which you can use 
to confirm your identity. Without both the password and verification code you 
won’t be able to access your account.

Apple has posted an explanation of its plans for two-factor authentication in 
El Capitan and iOS 9, here 
. 
Similar to the existing system, users will set up at least one iOS and OS X 
device as “trusted devices.” These devices appear in a list in your Apple ID 
account and can be removed from there. They can be found in OS X in iCloud 
system preferences, by clicking Account Details, and in iOS 9 in Settings > 
iCloud > Account. You also have to verify at least one phone number.

Following set up, whenever you sign in with your Apple ID on a new device or 
browser, you will need to also verify your identity by entering your password 
plus a six-digit verification code that will be displayed automatically on any 
Apple devices you are already signed in to that are running iOS 9 or OS X El 
Capitan. If you don’t have one of your trusted Apple devices handy, you can 
receive the code on your phone via a text message or via phone call instead.


> On 6 Oct 2015, at 4:47 pm, Brian Risbey  wrote:
> 
> Hi All,
> 
> Changes to two-factor verification for Apple ID
> 
> So after reading Ronni's update, I read through my list of devices on my 
> iPhone in iCloud Settings and 'none can receive the verification' ... ( can't 
> remember the exact sentence)
> 
> Brian
> 
> On 6 Oct 2015, at 16:36, Brian Risbey  > wrote:
> 
> Hi Ronni
> Great article.
> 
> Changes to two-factor verification for Apple ID
> Is this why I can't log into iCloud and iTunes since upgrading to El Capitan? 
> All my other 0S 9.0 devices can (So, proving my password works) but not my 
> MacBookPro 17"(4.1)?  These both 'hang' after entered in password.
> I need to set it as a trusted device and set up the two part verification...?
> 
> Brian
> Sent from my iPhone6 Plus
> iOS 9.0 
Cheers,
Ronni

13-inch MacBook Air (April 2014)
1.7GHz Dual-Core Intel Core i7, Turbo Boost to 3.3GHz
8GB 1600MHz LPDDR3 SDRAM
512GB PCIe-based Flash Storage

OS X Yosemite 10.10.5

-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe -

Re: El Capitan - New Security Improvements

2015-10-06 Thread Brian Risbey 
Hi Ronni

Yes followed the link...
Off to WAMUG meeting tonight to share tale of woe:-(

Brian
Sent from my iPhone6 Plus
iOS 9.0 

On 6 Oct 2015, at 17:42, Ronni Brown  wrote:

Hi Brian,

Did you click the ‘here’ link in my previous message it would have taken you to 
this Developer Support page below.
Two-Factor Authentication in iOS 9 and OS X El Capitan

Have a good read there as it might help you. If all fails you could follow the 
instructions under:
How do I regain access to my account if I can’t sign in?

"Account recovery will take a few days—or longer—depending on what account 
information you are able to provide. The process is designed to get you back 
into your account as quickly as possible while denying access to anyone who 
might be pretending to be you."

Changes to two-factor verification for Apple ID

• Two-factor authentication: Apple has beefed up security by adding two-factor 
authentication for your Apple ID in El Capitan and iOS 9. 

Apple’s current “two-step” system requires users to specify a trusted device or 
trusted phone number to which a four-digit code can be sent which you can use 
to confirm your identity. Without both the password and verification code you 
won’t be able to access your account.

Apple has posted an explanation of its plans for two-factor authentication in 
El Capitan and iOS 9, here. 
Similar to the existing system, users will set up at least one iOS and OS X 
device as “trusted devices.” These devices appear in a list in your Apple ID 
account and can be removed from there. They can be found in OS X in iCloud 
system preferences, by clicking Account Details, and in iOS 9 in Settings > 
iCloud > Account. You also have to verify at least one phone number.

Following set up, whenever you sign in with your Apple ID on a new device or 
browser, you will need to also verify your identity by entering your password 
plus a six-digit verification code that will be displayed automatically on any 
Apple devices you are already signed in to that are running iOS 9 or OS X El 
Capitan. If you don’t have one of your trusted Apple devices handy, you can 
receive the code on your phone via a text message or via phone call instead.


> On 6 Oct 2015, at 4:47 pm, Brian Risbey  wrote:
> 
> Hi All,
> 
> Changes to two-factor verification for Apple ID
> 
> So after reading Ronni's update, I read through my list of devices on my 
> iPhone in iCloud Settings and 'none can receive the verification' ... ( can't 
> remember the exact sentence)
> 
> Brian
> 
> On 6 Oct 2015, at 16:36, Brian Risbey  wrote:
> 
> Hi Ronni
> Great article.
> 
> Changes to two-factor verification for Apple ID
> Is this why I can't log into iCloud and iTunes since upgrading to El Capitan? 
> All my other 0S 9.0 devices can (So, proving my password works) but not my 
> MacBookPro 17"(4.1)?  These both 'hang' after entered in password.
> I need to set it as a trusted device and set up the two part verification...?
> 
> Brian
> Sent from my iPhone6 Plus
> iOS 9.0 
Cheers,
Ronni

13-inch MacBook Air (April 2014)
1.7GHz Dual-Core Intel Core i7, Turbo Boost to 3.3GHz
8GB 1600MHz LPDDR3 SDRAM
512GB PCIe-based Flash Storage

OS X Yosemite 10.10.5

-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe - -- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe -