Author Archives: mike

Stay Alert! Voice Phishing Used in Recent Ransomware Attacks

All it took for MGM Resorts International to be compromised with ransomware was a quick phone call, which some now call “voice phishing” or “vishing.” An attacker using LinkedIn information to pose as an employee asked MGM’s help desk for a password change, after which they were able to install ransomware. MGM is now up to $52 million in lost revenues and counting. Two takeaways. First, if you call support for a manual password reset, expect to be asked for a lot of verification, such as a video call where you show your driver’s license. Second, if you receive a call at work from an unknown person asking you to do anything involving money or account credentials, hang up, verify their identity and authorization, and proceed accordingly only if they check out.

(Images by iStock.com/1550539 and HT Ganzo)

Tired of Nonstop Cookie Popups? Dismiss Them Automatically with These Extensions

The European Union has for many years required that websites—at least those serving European users—gain informed consent before storing the personal data of those users. That data includes cookies, which are bits of information stored in Web browsers that websites can read and write. Cookies are widely used for remembering login information, saving user account information, maintaining a shopping cart, and other legitimate purposes. However, they’re also used to target advertising at you by tracking your behavior across websites, which many people consider to be an abuse of user privacy. Hence the EU’s ePrivacy Directive, which resulted in the proliferation of cookie consent popups like this one.

Websites that rely on advertising or user tracking prefer that everyone click Accept All, but because of the EU requirement for informed consent, they have to tell you more about the cookies they use, explain why they want to use them, and allow you to reject types of cookies. Clicking Customize in the cookie consent popup above presents this expanded view. So many details!

On the one hand, thanks to the EU for working to safeguard user privacy. Without laws like the ePrivacy Directive and the overarching General Data Protection Regulation (GDPR), the Web would be even more of a sausage factory that grinds up and sells our personal data.

On the other hand, could cookie consent popups on nearly every website be any more annoying?!? While it’s a nice idea that we provide informed consent for cookies, few people have the time and inclination to read all this and make an informed decision. If you’re like us, you’re probably mashing Reject All as fast as you can. And even that is more effort than you’d prefer to expend.

Happily, there are Web browser extensions that can simplify your life, responding to cookie consent popups automatically using preferences you set once. Why can’t Web browsers do this themselves? They could, and the privacy-focused Brave does, but the W3C’s Platform for Privacy Preferences working group’s recommendations for standardizing behavior around privacy were ignored by browser makers and dropped back in 2006.

Two browser extensions we’ve tested successfully in multiple Mac browsers are Consent-O-Matic and Super Agent. They work by learning how to interact with the common consent popups (many of which come from Consent Management Platforms like Osano and CookieYes) and automatically clicking the switches to match your preferences. More specifically, the Hush extension blocks cookie consent popups in Safari on the iPhone, iPad, and Mac.

Consent-O-Matic

The open-source Consent-O-Matic is free from privacy researchers at Aarhus University. It comes as a Chrome extension that works with Google Chrome (and other Chromium browsers like Arc, Brave, and Edge, shown below), as an add-on for Firefox, and as an extension for Safari on the Mac and Safari in iOS and iPadOS. Consent-O-Matic works reasonably well on the Mac; in testing, it wasn’t effective enough in Safari on the iPhone and iPad to be worth installing. Installation and interface vary by browser—the Chrome extension is shown below.

By default, Consent-O-Matic allows no cookies, though we recommend enabling the Preferences and Functionality option and, if you’re feeling generous toward websites, the Performance and Analytics option. The first option improves your experience on any site where it’s helpful for it to remember information about you, and the second allows the website admins to collect metrics on how the site is being used. If a site doesn’t work correctly with Consent-O-Matic enabled, you can turn off the extension for just that site. In the Display preferences, you can choose whether Consent-O-Matic minimizes consent popups or hides them entirely, and on the About screen, you’ll see how many clicks it has saved you.

Super Agent

Super Agent seems to focus its paid plans on its version for the iPhone and iPad, but we didn’t find it effective enough there to install. On the Mac, however, Super Agent is free and works well, perhaps a bit more so than Consent-O-Matic. It’s available as a Chrome extension for Google Chrome and other Chromium browsers, as a Firefox add-on, and as a Safari extension. Installation and interface vary by browser—the Chrome extension is shown below.

Your first task in Super Agent is to set your preferences for cookies to accept. Again, we recommend enabling Functional cookies; turn on Performance cookies if you wish. Leave Advertising and Other cookies off.

Although it’s not required, you can create a Super Agent account and enable the Consent Trail switch to see a list of the sites whose cookie consent popups Super Agent filled out for you. It’s end-to-end encrypted so that only you can see the data, but if you’re particularly concerned about privacy, don’t turn it on.

Hush

What about the iPhone and iPad, or those who care only about Safari on the Mac? We recommend Joel Arvidsson’s Hush, which bills itself as a nag blocker. It’s a free download from the App Store, and once it’s on your device, you enable it in Settings > Safari > Extensions > Hush (iOS/iPadOS) or Safari > Settings > Extensions (Mac).

That’s it. From then on, it silently blocks cookie consent popups—it doesn’t attempt to register your preferences like Consent-O-Matic and Super Agent. As a result, it might cause problems if a site requires that you accept some cookies for it to function correctly. We haven’t encountered such a site yet, but it’s not impossible. If that happens on an iPhone or iPad, tap the AA button in the Safari address bar and then Turn On Content Blockers; on the Mac, choose View > Reload Without Content Blockers.

The Web is an ever-evolving place, so there’s no guarantee that these extensions will respond to or block every cookie consent popup. But you can report missed sites to the Content-O-Matic and Super Agent developers, and Joel Arvidsson releases regular updates to block more nags and fix partially broken websites.

If you use only Safari for Web browsing, Hush could be all you need on all your Apple devices. Those who rely on other Web browsers on the Mac can pick either Consent-O-Matic or Super Agent to supplement Hush on the iPhone and iPad.

(Featured image by iStock.com/Pla2na)

Keep a USB Keyboard and Mouse for Troubleshooting

Steve Jobs famously railed against cable clutter, and it’s now easy to use a desktop Mac with a wireless keyboard and mouse, either from Apple or another manufacturer. That’s fine for regular usage, but Bluetooth keyboards and mice aren’t always sufficient. Batteries wear out, pairing can fail, and wireless interference can cause lags or spurious inputs. Plus, if you need to boot into macOS Recovery, wireless input devices may not work. We recommend keeping an extra USB keyboard and mouse—preferably from Apple, but any brand will work—to use in case you have problems with your wireless versions. If you don’t have a keyboard and mouse left over from an old Mac, a friend or family member may be happy to give you theirs, or you can probably find them for next to nothing at a local reuse store.

(Images by iStock.com/Jeffrey Glas and RafalStachura)

Want to Password-Protect a PDF? Follow These Best Practices

We periodically field questions about password-protecting a PDF to prevent the wrong people from reading it. Lawyers want to ensure that drafts of legal documents don’t fall into the wrong hands, financial advisers want to keep confidential financial information private, and authors want to prevent their writing from being shared broadly on the Internet. Others don’t worry so much about a document being read but want to ensure that it can’t be changed or printed.

PDF provides options for password-protecting documents for just these reasons, and you can add such protection to your PDFs in both Apple’s Preview and Adobe Acrobat. We’ll explain how to do that, but before we do, we want to share some best practices to increase the likelihood that your PDFs will remain protected as you wish.

Also, if you’re looking for a comprehensive solution to protecting lots of documents for a wide variety of situations, you’d be better off investigating document digital rights management systems along the lines of LockLizard and Vitrium.

Best Practices for Password-Protecting PDFs

There’s no such thing as perfect security, especially when you want to share information with others rather than just keeping it as your own secret. But you can increase the security of shared documents with these best practices.

  • Use strong passwords: All PDF passwords should be longer than 12 characters and include uppercase and lowercase letters, numbers, and punctuation, without using dictionary words or well-known number/letter substitutions. A plethora of online PDF unlocking tools can remove weak passwords, and passwords should be strong enough to withstand brute force and dictionary attacks from a determined attacker who could bring significant computing resources to bear.
  • Focus on Document Open passwords: PDFs can have two passwords: the Document Open password that users must enter to open the document and a Permissions password that restricts actions like editing, printing, and copying. Even if you mainly want to restrict actions, it’s worth setting a Document Open password because the Permissions password’s restrictions can be bypassed by third-party utilities or by screenshots and Live Text.
  • Share passwords out of band: When sharing a protected PDF with someone, send them the password via a different communications channel. So, if you email the PDF, give them the password via Messages or a voice call. That way, if an attacker gains access to the PDF, they won’t also have the password sitting next to it.
  • Educate recipients: When you share a user password with someone else, they can give it to anyone they want and, depending on how you set things up, remove the protection from the document. In short, your document security is only as strong as your recipients want it to be, so make sure to communicate your wishes to them.
  • Watermark documents: Along those lines, it may be worth adding a header/footer or watermark that identifies the document as Confidential or Draft to clarify why it shouldn’t be shared.
  • Avoid online tools: Numerous websites offer PDF utility functions, such as adding passwords, watermarking, merging and splitting, conversion, and more. There’s no harm in using them with documents you don’t care about, but if you’re concerned enough to password-protect a PDF, don’t upload it to a website with unknown security and document retention policies.
  • Clear metadata: Passwords protect PDF content, but not necessarily metadata that might include the author’s name, employer, and keywords.
  • Use Adobe Acrobat: Apple’s Preview is a decent PDF app and offers basic password-protection capabilities, but for more protection capabilities and options, use the full-featured Adobe Acrobat. Preview is OK for those who need to protect an occasional PDF, but Acrobat is a better choice if protecting PDFs is essential for your situation.

Password-Protect a PDF Using Preview

It’s easy to add password protection to a PDF with Preview. Apple recommends a slightly fussier approach that involves setting the permissions during an export, although we didn’t find that it made any difference. Apple is likely trying to get you to make a copy so you don’t password-protect your original, but it’s easier to duplicate the file in the Finder first with File > Duplicate. Here’s the simple method:

  1. With a copy of a PDF open in Preview, choose File > Edit Permissions to display the permissions dialog.
  2. Select Require Password To Open Document, and enter the desired Document Open password twice.
  3. Deselect desired checkboxes in the Permissions section to restrict those activities.
  4. Enter the Owner (Permissions) password twice at the bottom of the dialog. It should be different from the Document Open password. Either will open the document, but only the Owner (Permissions) password will allow the document to be printed, copied, or edited as per those checkboxes.
  5. Click Apply and save the document.

Password-Protect a PDF Using Adobe Acrobat

Adobe has extensive instructions on password-protecting PDFs using Acrobat in different scenarios, but the basics are still simple.

  1. With a copy of a PDF open in Acrobat, choose File > Protect Using Password to open the password dialog.
  2. Select Viewing to add a Document Open password or Editing to add a Permissions password.
  3. Enter the password, and retype it to confirm it.
  4. Click Apply and save the document.

For a simple Document Open password, you’re all done, but if you want to set specific printing, editing, and copying restrictions, follow these steps:

  1. Choose Edit > Protection > Security Properties to open the Document Properties dialog with the Security tab selected.
  2. Next to Security Method (which should be set to Password Security), click Change Settings to open the Password Security – Settings dialog.
  3. In the Permissions section, select the desired options to restrict printing, editing, and copying text in various ways.
  4. Click OK and, when prompted, confirm the passwords you’ve entered.
  5. Dismiss the Document Properties dialog and save the document.

Password-protecting a PDF can be helpful when you want to ensure a PDF containing sensitive information can’t be viewed or edited by the wrong people. Make sure to use strong passwords since weak passwords are so easily removed!

(Featured image based on an original by iStock.com/Thitichaya Yajampa)

With Storms Increasing, Protect Your Tech Gear from Damaging Power Fluctuations

It has been a tough year for extreme weather events. While the connection between weather and technology may seem tenuous, heat waves, high winds, and lightning strikes can play havoc with all sorts of powered and networked electronic devices.

Anything that causes power fluctuations—spikes, surges, sags, brownouts, and blackouts—can hurt your tech gear. Protecting your most vulnerable devices doesn’t have to be expensive, but don’t be complacent because you plug your Mac into a cheap surge protector you’ve had since college. And note that many power strips offer no surge protection at all.

First off, why are power fluctuations problematic? There are two scenarios:

  • Too little power: Sags and brownouts are drops in voltage; a sag is a short-term dip, whereas brownouts last longer. Blackouts are complete power outages. Although they’re less damaging than surges, sags and brownouts can cause electronic devices to behave erratically or crash, and the fluctuation in voltage—particularly when coming back from an outage—can stress components. Losing power entirely will cause you to lose any unsaved work and possibly end up with document or even drive corruption.
  • Too much power: Spikes and surges are sudden, brief increases in voltage; the difference is that spikes are shorter than surges. Either way, the excessive power can degrade or damage sensitive electronic components, reducing lifespan or causing immediate failures.

The best solution to these scenarios is an uninterruptible power supply (UPS). Put simply, a UPS is a big battery into which you plug your Mac and other peripherals. It then plugs into a wall outlet and monitors the incoming power. If the power surges, falls below a certain threshold, or fails outright, the UPS switches the power source to its internal battery. This happens so quickly that your Mac never even notices.

If your gear is plugged into a UPS when a blackout hits, you get some time to save your work and shut down gracefully, ensuring that you don’t lose data or flirt with drive corruption. A UPS also protects against spikes and surges, filtering out the excess voltage so it can’t harm the devices plugged into it. The downsides to UPSes are that they’re an extra expense, their batteries need replacing every few years, and they take up space under your desk. For a home or small office UPS, consult Wirecutter’s recommendations.

If power outages are rare in your location, you may prefer to rely on a surge protector instead of a UPS. As the name implies, surge protectors filter out voltage spikes and surges so they won’t damage your gear. Surge protectors are smaller and less expensive than UPSes, and while they don’t have batteries to fail, their protection circuitry degrades over time, so they should be replaced every few years as well. Better surge protectors alert you or stop working entirely when they can no longer provide protection. Again, Wirecutter has good recommendations.

If most of your expensive tech gear is battery-powered, you could forgo even a surge protector. Outages aren’t an issue, and a MacBook or iPhone power adapter will protect against most sags, brownouts, spikes, and surges. The power adapter may incur damage, but it’s inexpensive to replace.

One final thought. No UPS, surge protector, or power adapter can protect against a direct lightning strike. Lightning is too fast and too powerful—it’s millions or even hundreds of millions of volts. Even turning your equipment off isn’t sufficient because lightning that has traveled miles through the air to hit the ground can easily jump across an open switch. If lightning strikes are common in your area, unplug your most expensive devices entirely during severe storms.

To sum up:

  • For a desktop Mac and peripherals, a UPS is a worthwhile investment if you ever suffer from power outages. Also, consider a UPS for essential networking gear—cable modems, routers, switches, and network-attached storage.
  • If power outages are extremely rare, or for equipment that doesn’t need to remain on during an outage, get a good surge protector. If it doesn’t automatically disable itself when it’s no longer effective, write the date on the bottom and replace it in a few years.
  • Although there’s no harm in doing so, it’s not necessary to plug battery-powered device chargers into a surge protector or UPS. A spike or surge may damage them, but they’ll probably sacrifice themselves to protect your gear.
  • When in doubt during severe storms, unplug your most valuable equipment to protect against a direct lightning strike.

(Featured image by iStock.com/HardRockShotz)

What Should You Do about an Authentication Code You DIDN’T Request?

We strongly encourage using two-factor authentication (2FA) or two-step verification (2SV) with online accounts whenever possible. The details vary slightly, but with either one, after you enter your password, you must enter an authentication code to complete the login. Although it’s always best to get such codes from an authentication app like 1Password (which enters codes for you), Authy, or Google Authenticator, many websites still send codes by the less secure SMS text message or email. They’re better than nothing.

But what if you receive a 2FA code that you didn’t request?

  1. Don’t panic. Although receiving the code means that someone is trying to log in to your account and has your password, the extra authentication step has done its job and protected your account from being compromised.
  2. Never share an authentication code with anyone! A hacker could attempt to break into your account, be foiled by two-factor authentication, and then email or text you with a trumped-up story about why you should send them the code. Authentication codes are short-lived, so if this is going to happen, it will happen right away.
  3. Independently from the message with the code, go to the account website, log in, and change the password. As always, make sure the password is strong, unique, and stored in your password manager. If the account used an old password that was shared with other accounts, change passwords on those accounts as well.

There are a handful of scenarios that could generate such an authentication code:

  • Stolen credentials: The most likely scenario, which the advice above addresses, is when your email address and password have been stolen, probably in a significant site breach. You can check the Have I Been Pwned site to see if your account is floating around on the “dark Web.” Password managers often perform similar checks. Changing the password on any breached sites is essential.
  • Identity theft: You started receiving authentication codes from TikTok, but you don’t remember creating a TikTok account. Someone might be trying to create an account to impersonate you but cannot complete the account creation without the authentication code. There isn’t much you can do to stop such attempts, although if an account has been created, you should be able to change the password (since it’s using your email address or phone number), log in, and either just let the account sit in your password manager or try to delete it.
  • Accidental or random triggering: If you have a common email address or phone number, someone could have accidentally entered your address or number instead of theirs while trying to create an account. It’s easy to type marsha32@example.com instead of marsha23@example.com or mistake the Boston 617 area code for the upstate New York 607 area code. If you’re sure you don’t have an account at the site in question and you only get one authentication code, you can probably ignore it.

Regardless of the cause, don’t ignore 2FA codes you didn’t request for sites where you have an account. It’s not hard to change a password, particularly if you use a password manager, and the extra piece of mind is worth the few minutes of work.

(Featured image based on an original by iStock.com/Kateryna Onyshchuk)

Erase Image Content in Preview with Copied Color Blocks

Apple’s Preview is a surprisingly capable graphics editor for making quick changes to screenshots and other illustrations, but it lacks a built-in way to delete content while leaving the background. Here’s the workaround—select a rectangle of the background color, copy it, paste it, and then move it over the undesirable content—as shown in the After screenshot below, where blue selection dots denote the pasted box. As you resize the box, press Shift to prevent it from resizing proportionally, which helps you make it the shape you want. If you need a second box of the same color, Option-drag the first box to copy it. When you save and close, your boxes will be merged into the image, permanently removing the content underneath, so make sure they’re in the right spot before moving on.

(Featured image based on an original by iStock.com/Seetwo)


Social Media: Have you ever needed to remove some content from a screenshot or other illustration? There’s no need for a fancy graphics app—you can do it quickly in Preview with this little-known trick.

Things You Need to Know Before Moving to a New iPhone

Are you among the millions of people planning to get a new iPhone 15? It’s exciting, we know, but don’t move too fast when getting started with your new iPhone, or you might cause yourself headaches. Instead, follow these instructions when you’re ready to transfer your data—and, for many people, much of your digital life—to the new iPhone. Apple also has a series of videos you can watch.

  1. Update your old iPhone to the latest version of iOS. If you have an Apple Watch, update it to the latest version of watchOS. This process can take some time, so it may be best done overnight before you move data to your new iPhone.
  2. Make sure you know your Apple ID and password, and if you have an Apple Watch, its passcode. You will likely have to enter them at least once during this process.
  3. Make a backup of your old iPhone to iCloud or your Mac. (If you back up to a Mac, be sure to encrypt the backup, or else it won’t include saved passwords, Wi-Fi settings, browsing history, Health data, and call history.) Or back up to both, for safety’s sake. We prefer iCloud backups because they’re easier and don’t introduce additional variables, like flaky USB cables. Apple will even give you temporary iCloud storage to make a backup when moving to a new iPhone. To initiate an iCloud backup, go to Settings > Your Name > iCloud > iCloud Backup and tap Back Up Now.
  4. If you have an Apple Watch, you shouldn’t have to unpair it from your old iPhone to transfer it to the new one, but if the automatic transfer doesn’t work, you can unpair it manually and pair it again later. (If you take the manual route and have a cellular Apple Watch, you’ll be asked if you want to keep or remove your plan. Assuming that you’re keeping your Apple Watch to re-pair with your new iPhone, keep the plan.)
  5. You shouldn’t need to worry about transferring a SIM card. If you order through Apple and connect to your cellular carrier account during purchase, activating the new iPhone should cause it to take over your phone number. The same should be true if you purchase directly through your carrier. Besides, it’s likely that iPhone 15 models sold in the US will rely on eSIM and lack SIM trays like the iPhone 14, so only non-US users might need to transfer the SIM card from the old iPhone to the new one. Even then, it’s better to contact your carrier and get them to activate the new SIM in the new iPhone because old SIMs don’t always support all current cellular features, such as full 5G support.
  6. Transfer your data, settings, apps, and purchased content in one of these three ways. None of them will be quick, despite the first one’s name, so do the transfer when you have time:
    • Quick Start: With the Quick Start feature, content from your old iPhone copies directly from your old iPhone to your new one. We recommend this technique because it’s more likely to preserve app logins, something that’s less true when restoring from an iCloud backup. Put your iPhones next to each other (plugged into power), use the old iPhone to scan the animation on the new one, and then follow the rest of the steps.
    • iCloud: With this technique, the new iPhone will download your content from your old iPhone’s iCloud backup. Once you’ve joined a Wi-Fi network on the new iPhone and tapped the Restore from iCloud Backup button, you’ll have to select the correct backup—likely the most recent one you just made. Keep your new iPhone plugged into power the entire time to ensure that all your content syncs during this step.
    • Finder or iTunes: With this approach, you’ll restore your old iPhone’s content from a backup made to your Mac. Connect your new iPhone to your Mac using an appropriate cable, open a Finder window (or iTunes on an old Mac), select your device, click Restore Backup, and choose the appropriate backup—likely the most recent one.
  7. Perform post-transfer tasks. Ensure that you can make and receive a phone call. If necessary, pair your Apple Watch with the new iPhone. You’ll also need to pair your Bluetooth accessories—including AirPods—with your new iPhone. Plus, some app data needs to sync to your new iPhone, so open the Mail, Contacts, and Calendar apps and check if they have your data. It could take a few minutes for them to fill up. Apps may request notification permissions again, and you may need to download content and in-app purchases.
  8. Finally, and this post-transfer task is becoming increasingly important, if you use two-factor authentication with an app like 1Password, Authy, or Google Authenticator, ensure you can get your 2FA codes using your new iPhone. 1Password and Authy are good about providing access to your 2FA codes from multiple devices—just log in to your account from each device—but Google Authenticator may require some additional setup since it didn’t originally offer any way to transfer codes to a new phone.

Although Apple works hard to make the process of transferring from an old iPhone to a new one as painless as possible, some things may fail to transfer seamlessly. For that reason, we strongly recommend holding onto your old iPhone for a week or so to ensure the new one can do everything the old one could. During that time, put the new iPhone through its paces with an eye toward checking every app you need.

(Featured image by iStock.com/Jozsef Zoltan Varga)

Apple Announces iPhone 15 Lineup, Apple Watch Series 9, and Apple Watch Ultra 2

September is here, and with it, Apple’s latest iPhones and Apple Watches. At its Wonderlust event on September 12, Apple threw back the curtains on the new iPhone 15 lineup, Apple Watch Series 9, and Apple Watch Ultra 2. These devices all provide incremental improvements that make them attractive to people planning to purchase a new iPhone or Apple Watch, though they may not be irresistible upgrades for those still happy with older models. You can pre-order any of them starting September 15, with delivery and in-store availability on September 22.

Alongside the announcement, Apple revealed that iOS 17, iPadOS 17, watchOS 10, tvOS 17, and HomePod Software 17 will become available on September 18, with macOS 14 Sonoma arriving on September 26. Wait a week or two before installing this first batch of updates on essential devices to avoid any last-minute bugs, and hold off on Sonoma for a few months or until you’re confident your necessary Mac apps are compatible. Regardless of when you upgrade, make a backup right before in case an unexpected problem forces you to erase and restore.

Let’s look at each of the new products.

iPhone 15 Lineup

Last year, Apple moved to a four-part iPhone lineup that continues this year, with the 6.1-inch iPhone 15 and the 6.7-inch iPhone 15 Plus. On the high end, we get the iPhone 15 Pro and iPhone 15 Pro Max, again in those 6.1-inch and 6.7-inch sizes. The company updated the industrial design with slightly contoured corners. The iPhone 15 models come in five pastel colors with an aluminum enclosure and color-infused back glass, whereas the iPhone 15 Pro models now boast a titanium enclosure in four colors.

Along with the updated industrial design, all the iPhone 15 models share three notable changes:

  • USB-C for charging and data transfer: Driven by new European Union regulations, the iPhone 15 models all trade their Lightning port for a USB-C jack. Although it will be annoying to keep both Lightning and USB-C cables around until all Lightning devices have aged out, many Apple users already have USB-C cables and chargers for iPads and MacBooks.
  • Roadside Assistance via satellite: This extension of Emergency SOS via satellite allows anyone experiencing vehicle difficulties in a cellular dead zone to get help using satellite messaging. Apple includes access to satellite services for 2 years, and AAA membership in the US includes the roadside service. Those who aren’t AAA members will be able to purchase service separately.
  • Better Precision Finding: The iPhone 15 and new Apple Watch models all have a second-generation Ultra Wideband chip that lets users employ Precision Finding in the Find My app to locate each other accurately at a much greater range. Apple suggests you can use it to find iPhone 15-equipped friends in a crowd.

Although the iPhone 15 and iPhone 15 Plus aren’t as technologically capable as their Pro siblings, they’re more interesting than the iPhone 14 models they supplant. They receive increased performance thanks to the A16 Bionic chip from the iPhone 14 Pro, and the chip also enables computational photography improvements on top of a new 48-megapixel camera. Also inherited from the iPhone 14 Pro is the Dynamic Island, which displays alerts and Live Activities in the area surrounding the camera and sensor package at the top of the screen, eliminating the need for a notch.

Even though there’s more new on the Pro end, the iPhone 15 Pro and iPhone 15 Pro Max don’t make as significant a jump from their iPhone 14 Pro predecessors. The change everyone will notice is the new Action button that replaces the Ring/Silent switch. You can press and hold it to put an iPhone 15 Pro into silent mode or redefine it to activate Voice Memos, set Focus modes, access the camera or flashlight, enable Accessibility options, or launch a Shortcut. 

The 48-megapixel main camera gains additional computational photography capability thanks to the new A17 Pro chip underpinning the iPhone 15 Pro models, but the most noteworthy enhancement is restricted to the iPhone 15 Pro Max. A tetraprism design enables its Telephoto camera to achieve a 5x optical zoom, an unprecedented capability available only for photographers who don’t mind the 6.7-inch form factor.

Several other improvements are technically impressive but likely of interest and utility only to media professionals. The iPhone 15 Pro’s USB-C port supports USB 3 transfer speeds up to 10 gigabits per second (the iPhone 15 is limited to USB 2.0’s pokey 480 megabits per second), and support for Wi-Fi 6e will enable faster wireless transfers. Both will be welcome to those transferring large image, audio, or video files.

Pricing remains basically the same, with the iPhone 15 and iPhone 15 Plus starting at $799 and $899 for 128 GB of storage, with 256 GB and 512 GB options. The iPhone 15 Pro costs $999 for 128 GB, with 256 GB, 512 GB, and 1 TB storage options. The iPhone 15 Pro Max is $1199 for 256 GB, with 512 GB and 1 TB storage options. If those prices are too steep for your budget, the iPhone SE ($429), iPhone 13 ($599), and iPhone 14 ($699) all remain for sale.

It might be worth upgrading from an iPhone 14 to an iPhone 15 for the 48-megapixel camera and Dynamic Island, but it’s harder to recommend an upgrade from an iPhone 14 Pro unless you find the 5x Telephoto camera indispensable. Otherwise, the older your current iPhone, the more you’ll be impressed by the new models.

Apple Watch Series 9 and Apple Watch Ultra 2

Last year brought the release of the beefy Apple Watch Ultra, so it wasn’t surprising that Apple gave us the Apple Watch Ultra 2 this year alongside the Apple Watch Series 9. They have no industrial design changes, and their improvements are driven by the increased performance and efficiency of Apple’s new S9 SiP (a package containing multiple chips).

Most notable among the changes is a new double tap gesture, which relies on the S9’s faster Neural Engine to detect when your index finger and thumb perform a double tap. watchOS 10 interprets the gesture as activating the primary button in an app, so it can be used to answer or end a phone call, stop a timer, play and pause music, snooze an alarm, take a photo, or open and scroll through the new watchOS 10 Smart Stack from the watch face. It will be available next month. 

Other S9-driven improvements include:

  • Brighter displays: The Apple Watch Series 9 can now display up to 2000 nits, and the Apple Watch Ultra 2 can go up to 3000 nits, making them more readable in bright sunlight.
  • On-device Siri: Siri requests that don’t require information from the Internet can now be processed on the Apple Watch locally, making Siri more helpful for starting workouts or setting timers when there’s no cellular or Wi-Fi connectivity.
  • More capable and accurate Siri: You can now use Siri to access Health data such as sleep hours, Activity ring progress, and more. Plus, you can use Siri to log health data such as weight, period, or medications taken. These capabilities will be available later this year. Apple also claims 25% more accurate dictation.
  • Precision Finding and HomePod integration: The second-generation Ultra Wideband chip in the S9 enables the Precision Finding feature that can direct you to a lost iPhone 15 rather than just playing a sound. Also, when you get close to a HomePod, the Apple Watch provides media controls or offers media suggestions in the Smart Stack.

Finally, both the original Apple Watch Ultra and the new model gain a new Modular Ultra watch face that uses the outermost edge of the large display to present real-time data like seconds, altitude, or depth.

The Apple Watch Series 9 starts at $399 for a 41mm aluminum GPS-only model; 45mm models are $30 more, and cellular connectivity adds $100. It’s available in pink, midnight, starlight, silver, and PRODUCT(RED). In stainless steel, pricing starts at $699 for a 41mm model and includes cellular connectivity; the 45mm models are $50 more. Some textile bands and all stainless steel bands cost an additional $50 to $300. The Apple Watch Ultra 2 remains $799 with an Alpine Loop, Trail Loop, or Ocean Band.

While undoubtedly the most capable watches Apple has ever produced, these new models don’t offer enough new to warrant an upgrade from last year’s models. They’re great for those getting started with the Apple Watch or upgrading from a much older version. Don’t forget that Apple still sells the Apple Watch SE, which lacks the Always-On display and ECG capabilities of the Series 9 but is $150 less expensive. Apple’s comparison page can help you tease out the differences.

(Featured image by Apple)

Beware Executive Imposter Scams Aimed at New Employees

We’re hearing about new hires who receive an email or text from someone claiming to be the CEO of their new company, asking the employee to carry out some small task like sharing personal information, purchasing a gift card for a client, or wiring funds to another business. The new employee, eager to make a good impression and lacking the context of what’s reasonable, is tempted to do as asked. (The scammers seemingly gather the necessary information by scraping LinkedIn for job changes and corporate titles, then cross-referencing with email addresses and phone numbers stolen in data breaches.) To reduce the chances of such a scam succeeding, train new employees during onboarding not to trust unsolicited messages from unfamiliar addresses or numbers, be wary of unusual requests, and check with a trusted source within the company before replying in any way.

(Featured image by iStock.com/Ton Photograph)