LANSHARKS.NET – Apple, Internet and Network Consulting Services

Fixing Macs and Networks Since 1990

Using Quad9’s Free Service to Protect Your Mac Online

The internet is ripe with scams, malware and phishing attempts. A common method for hackers to obtain your important usernames/passwords is to set up a site which looks *very* similar to your financial institution’s or webmail login. If you don’t notice the address is slightly different than the actual site (i.e. www.citibank.com vs. www.citiibank.com), you may be fooled into providing your credentials at a fake site. The scammers then use the credentials you entered to log in to the real site and drain your bank account, read your personal email, etc.

To help prevent these types of scams, I recommend a free service from a company called Quad9, as a filter for malware and fraudulent sites. A bit of background first, but if you’re already convinced you can skip to the Setup Guide.

When your computer wants to connect to anything on the internet (a web server, send/receive email, update your calendar, etc.), it first needs to do a “Domain Name Service” (DNS) lookup. The internet works on numerical “IP Addresses,” which look something like 69.27.37.10. But numbers are hard for us humans to remember, so we use named entities instead. Rather than having to remember the numerical IP address for Google’s search page, we just enter www.google.com and the computer does a DNS lookup to find the IP address for that particular server. Think of DNS as the “directory information” or “411” of the internet. Here’s a short video describing how DNS works: https://www.youtube.com/watch?v=kURzoJ0Qj9o

By default, most computer users’ DNS lookups are handled by the DNS server at their ISP. This generally works fine, except:

1. The DNS server at your ISP will resolve any domain name your computer asks for. Therefore, if you enter www.infectmycomputerwithmalware.com, the ISP’s name server will diligently do the lookup and point your computer to the IP address of the server which serves that website. There is no filtering or anything to protect your computer from visiting some of the dark and crusty locations on the internet, which may be ripe with malware, viruses and other bad stuff.

2. Most ISPs look at the sites you visit (not the actual pages, but the internet addresses), based on your DNS queries. So if you visit www.iwantanewmazzerati.com, expect to see some advertising for new sports cars soon. This data is then sold to advertisers and used for who-knows-what marketing and other purposes.

I use and am a big fan of Quad9. Quad9 works in tandem with IBM’s security databases and financial companies who keep lists of known-bad-news and look-alike domains. The Quad9 DNS servers will not allow your computer to resolve the name of a known-malicious or look-alike domain to an IP address which your computer would then connect with. So even if you enter www.bankofamerrica.com (note the misspelling with a second “r”), your browser won’t be directed to a fraudulent site asking for your login/password or whatever malicious content is served at that site. In addition, Quad9 doesn’t collect, track or sell any of your DNS searches.

Using Quad9 is particularly helpful in preventing email scams which may point your computer to a website which looks exactly like that of a site you use regularly.

The setup of Quad9 takes literally 2 minutes to enter 9.9.9.9 in your DNS server settings in System Preferences > Network > Advanced.

Setup Guide: https://www.youtube.com/embed/NM4AdfEnAmY?autoplay=1

I can’t recommend this simple step strongly enough. Let me know if you have questions or need a hand. Feel free to share this with those who may benefit.

Kirk out

P.S. I also urge you to enable two-factor authentication at any site where it is offered, particularly for financial institutions.

MacOS 11 “Big Sur” Observations

UPDATE: 3/9/2021:

I remain unimpressed with the stability of Big Sur. Many users (myself included) are reporting kernel panics when waking from sleep and trouble using external displays with laptops.

In addition, the update process introduced in Big Sur was supposed to *reduce* install time, but has actually done exactly the opposite. Given the number of bugs and requisite updates being released, updates are taking upwards of 45 minutes each, longer if you don’t have a fast internet connection. Details here: https://eclecticlight.co/2021/02/28/last-week-on-my-mac-users-are-losing-out-against-big-surs-sealed-system/

Another problem with Big Sur is the cryptographically signed system volume. This was designed as a security mechanism, but in daily use it means that your Carbon Copy Cloner bootable backup must be erased each and every time the operating system is updated – a problem Apple introduced in Big Sur.

I still recommend Mojave (MacOS 10.14.x) or Catalina (MacOS 10.15.x) and am not recommending Big Sur at this time.

November 12, 2020

Apple released Big Sur – the newest operating system for the Mac today.

If you’re looking for the quick and dirty “should I install Big Sur?”, the answer is no, not yet. 

Read on for more details and information:
Big Sur leverages the changes Apple made in Catalina, when it was released last October. Catalina was the first operating system for the Mac that only supports 64-bit application software. Older 32-bit apps do not and cannot be made to run in Catalina.

In addition, Catalina requires startup disks (including bootable backups) be formatted in the new APFS format, which Apple only supports on SSD media. This means there are ramifications for your backups (i.e. you’ll need new backup drives), if/when you update to Catalina or, as of today, Big Sur.

My observations regarding Catalina remain true – here are more details from back when Catalina was released:

https://lansharks.net/2020/01/17/things-to-consider-and-know-about-catalina/

I spent much of the day yesterday arguing with the Big Sur beta installer – not a good sign for stable, hassle-free software. Today’s public release (a gargantuan 12GB download) *seems* better, and Apple released a software update only hours after the initial release – not a confidence builder for well-tested code. I’ve only had a few hours to put it through the paces – so far things seem to be working and it feels snappy on my 2018 15” MacBook Pro.

There are some pretty significant cosmetic changes in Big Sur – for those who aren’t a fan of Apple changing/moving things around, this may be a release you want to wait to install, when you have time become familiar with the new bells and whistles. Here is an excellent comparison of some of the different look and feel changes from Catalina and Big Sur:

https://www.andrewdenty.com/blog/2020/07/01/a-visual-comparison-of-macos-catalina-and-big-sur.html

Bootable backups of Big Sur now require the system volume be cloned using a new software mechanism from Apple known as ASR. The system resides on a cryptographically sealed “Signed System Volume”. That seal can only be applied by Apple; ordinary copies of the System volume are non-bootable without Apple’s seal. To create a functional copy of the macOS 11 Big Sur System volume, Carbon Copy Cloner has to use the ASR tool to copy the system, or install macOS onto the backup. The upshot is that your backup drive will need to be erased the first time you run a clone under Big Sur and your previous backup data will be lost. If this is problematic for you, you can re-run the initial backup of your Big Sur Mac to a new external hard drive. More about Carbon Copy Cloner and ASR here:

https://bombich.com/kb/ccc5/frequently-asked-questions-about-ccc-and-macos-11

So, my advice for now is to wait to download and install Big Sur. Give it and other third party software time to mature. And of course, I wouldn’t be me if I didn’t remind you to update your bootable clone backup immediately before downloading any software updates, especially new operating systems. And don’t run your backup again for a few days, until you’re certain everything is working as expected.

“Top Sites” Missing in Safari 14

Apple released Safari 14 on September 16, 2020 and introduced a new “Start Page”, replacing the previous “Top Sites” feature.

For users who used the “Top Sites” feature (a collection of up to 12 frequently used sites), the websites previously configured in Top Sites are simply gone.

For example, here is how Safari 13 looked on my laptop. These are 12 sites/tools I visit several times a day:

Here is what Safari 14 looks like now – (note ALL of the frequently visited “Top Sites” are nowhere to be found):

The website addresses are not saved anywhere in Safari 14. This can be very disconcerting for users who are used to seeing their Top Sites and even more concerning that Apple hasn’t saved the URLs for any of the sites listed in Top Sites. Most people don’t have their Top Sites addresses saved elsewhere.

If Apple’s fail with the Safari 14 upgrade impacts you, here is a way to recover the website URLs which were previously stored in Top Sites:

  1. Click on the Desktop (switches you to the Finder application)
  2. Hold down the Option key and click on the Go menu. With the Option key down, the “Library” item appears in the Go menu.
  3. Scroll through the Library folder and find the Safari folder
  4. Inside the Safari folder is a file named “TopSites.plist”.

The TopSites.plist file contains the URLs of the sites you had stored in Top Sites before upgrading to Safari 14. Copy/paste these addresses as needed and bookmark or favorite them as needed.