Apple's New MacBook Disconnects Microphone "Physically" When Lid is Closed

Posted by on
 October 31, 2018  Mohit Kumar Apple introduces a new privacy feature for all new MacBooks that "at some extent" will prevent hackers and malicious applications from eavesdropping on your conversations. Apple's custom T2 security chip in the latest MacBooks includes a new hardware feature that physically disconnects the MacBook's built-in microphone whenever the user closes the lid, the company revealed yesterday at its event at the Brooklyn Academy of Music in New York. Though the new T2 chip is already present in the 2018 MacBook Pro models launched earlier this year, this new feature got unveiled when Apple launched the new Retina MacBook Air and published a full security guide for T2 Chip yesterday. "This disconnect is implemented in hardware alone, and therefore prevents any software, even with root or kernel privileges in macOS, and even the software on the T2 chip, from engaging the microphone when the lid is closed,...

What is Phishing?

Posted by on
Related imageWhat do you think is more likely to happen? A) Having a hacker steal your credit card information over the Internet and charging thousands of dollars on it the next day, or B) getting tricked online by a simple letter in your email box from a con man?
The answer is B—online con artists and tricksters are more likely to weasel money from us than hackers are. Even though hackers make more headlines these days with serious breaches of security, everyday computer users—like you, your sweet grandmother or your naive twenty-something—are more likely to get burned online by a convincing con artist.
How can con artists still trick people? Because they are very good at what they do and have been for thousands of years, long before the Internet came around. They use trickery and lies to gain your trust and steal your money. (Think of Adam and Eve and the serpent.)
If you don't know what to be on the lookout for, an online con artist can fool you when your guard is down. But if you learn some of their tactics and tricks, you can fend off their scams and save yourself—or your parent or grandparents—from a lot of trouble.

Gone phishing.

One of the tactics they use is called "phishing," an old, online con that's still a major problem even though people think they're smart enough not to fall for a scam.
PhishingInstead of using a rod and reel with a sardine on a hook to net a catch, the tricksters use misleading emails to attract your attention and lure you into their scheme. If you take the bait, the outcome could cost you thousands of dollars and a lifetime of regret and embarrassment.
One of the aspects that most of us like about the Internet—anonymity—is something that an online scam artist will use to their advantage. A con artist can pretend to be anybody they want to be. They don't need elaborate disguises as the characters on Mission Impossible do or false ID badges and credentials like the ones in Ocean's 11.
When it comes to phishing, all they need are an angle and a whole bunch of email addresses. They usually don't have a lot of technical savvy like a hacker does...they only need a low level of writing and computer-design skills to create emails and fake websites that look legitimate enough to fool you.

What a does a "phish hook" look like?

The typical scam at play these days works something like this:
  • You receive an email letter from your bank or credit card company that says your account has been compromised or that you need to update your information...or it will be closed.
  • But it's not really from your bank. It's from a phisher hoping to catch you off guard with a very sneaky scam. They're savvy enough to use simple graphics (bank logos, etc.) to make it look legit.
  • The fake email conveniently includes a link you can click on to resolve the problem ASAP, which you're told you need to do. If you do it, you're whisked to a Web page the con artist has designed and controls...he's reeling you in. On that page, you're asked to update your account information...username, password, etc.
  • If you send/submit the update, you will have provided the phisher with all he needs to steal money, your identity or both.

"Spear phishing."

Sometimes the phisher's goal isn't to steal account information—it's to gain access to a company's or government agency's private network. So instead of targeting a broad audience with a wide net, they'll target a select group of individuals with a message that appears to have come from either a coworker or a department within that organization, such as Human Resources or the payroll department. That's spear phishing.

How to stay safe.

Whether you're at home or at work, maintain a healthy attitude of doubt whenever you're asked to provide any kind of account information or are instructed to update your username and password. Take a long, close look at the source and verify that it's legitimate before you do anything.
That ounce of prevention could be worth the weight of your money.