One of the best ways to keep malware from infecting your computers is to avoid visiting websites designed to do just that. No one intentionally visits loadmetogetinfected.com, but malware authors employ all sorts of tricks to lure unsuspecting users into viewing malicious sites. Various tools can help, but the easiest free technique is called DNS filtering.

DNS, which is short for Domain Name System, is the Internet technology that maps human-readable computer names like www.apple.com to the numeric IP address of Apple’s server, 17.254.0.91. Every time you click a link to visit a new Web page, your Mac queries a DNS server to learn the IP address associated with the domain name embedded in the link—it all happens seamlessly and instantaneously in the background.

Typically, your Mac will automatically use the DNS servers specified by your Internet service provider. However, you can change your DNS servers manually, and one good reason to do so is to take advantage of DNS servers that look at your Mac’s DNS requests and refuse to resolve names associated with malicious sites. Such DNS filtering is great since it protects you from malicious sites without you having to do anything special. Such sites simply won’t load at all.

One more thing. DNS filtering can also block porn sites. That’s helpful if you want to avoid accidentally loading adult content or to ensure that those in your office don’t, in order to reduce the chances of a sexual harassment complaint. As with malicious sites, filtered adult sites just won’t load.

Setting up DNS filtering is easy. All you have to do is replace your current DNS server addresses with the IP address of a particular public DNS service—the steps are later in this article. The two providers we recommend are Quad9 and Cloudflare, both of which are free and run by reputable companies. Of the two, Quad9 is more focused on user privacy, but Cloudflare offers additional DNS filtering capabilities that may be useful.

The options are:

• Quad9 malware blocking: 9.9.9.9 with a secondary of 149.112.112.112
• Cloudflare malware-only blocking: 1.1.1.2 with a secondary of 1.0.0.2
• Cloudflare malware and adult content blocking: 1.1.1.3 with a secondary of 1.0.0.3

You should always enter the secondary DNS server in case the primary server goes down. Otherwise, you wouldn’t be able to connect to any sites at all.

However, don’t mix in other DNS servers. If you use Cloudflare’s adult content filter as your primary DNS server with your ISP’s DNS server as a secondary, when Cloudflare refuses to resolve an adult site, macOS will drop down to the secondary ISP server, which will resolve it happily, thus eliminating the utility of the Cloudflare’s filtering.

One final note before you get started. Apple’s iCloud Private Relay service (in beta in macOS 12 Monterey, iOS 15, and iPadOS 15) sends all your traffic through two proxy servers, which prevents DNS filters like Quad9 and Cloudflare from working. That’s unfortunate since iCloud Private Relay is a useful way to hide your IP address and browsing activity from your network provider and the websites you visit. Apple is clear about this limitation, noting in its various DNS server interfaces:

DNS requests are being routed by iCloud Private Relay for this network. Turn off Private Relay to manually configure DNS settings.

If you need to turn off iCloud Private Relay on the Mac, open System Preferences > Apple ID and deselect the checkbox next to Private Relay. On an iPhone or iPad, open Settings > Your Name > iCloud > Private Relay and flip the switch to Off.

Set Up DNS Filtering in macOS

To use DNS filtering on the Mac, follow these steps, which should work in any version of macOS. We’re using Quad9 as the example here, but replace the primary and secondary IP addresses as desired if you want to use one of the Cloudflare filters.

1. Open System Preferences > Network, and select the adapter you use (likely Wi-Fi or Ethernet) in the sidebar.
2. Click the Advanced button, and in the sheet that appears, click DNS.
3. Click the button under the DNS Servers list and enter 9.9.9.9.
4. Click the button again and enter 149.112.112.112.
5. Click OK to dismiss the Advanced preferences, and click Apply.
6. Close the Network preference pane.
   

It’s difficult to perform a real-world test to tell if Quad9 or Cloudflare’s malware blockers are active since there’s no way to know which sites they block. However, Quad9 provides a test page at on.quad9.net that should help. If you use Cloudflare’s adult content filter, you can tell if it’s working because your Web browser will refuse to load adult sites.

Set Up DNS Filtering in iOS and iPadOS

The steps for setting up DNS filtering in iOS and iPadOS are a bit different. For this example, we’ll use the Cloudflare malware filter, but again, you should replace the IP addresses below with the filter you want to use.

1. Open Settings > Wi-Fi and tap the button next to your current Wi-Fi network.
2. Scroll down and tap Configure DNS, which is probably set to Automatic.
3. On the Configure DNS screen, tap Manual.
4. In the list of DNS servers, tap the red delete buttons next to any entries there.
5. Tap the green Add Server button and enter 1.1.1.2.
6. Tap the green Add Server button again and enter 1.0.0.2.
7. Tap Save in the upper-right corner.
   

That’s it! You should have no trouble using either Quad9 or Cloudflare, but if you need to revert to your previous DNS servers, it’s easy to do. On the Mac, just delete the manual entries you created—macOS will automatically use the DNS servers provided by your ISP. On an iPhone or iPad, select Automatic in the Configure DNS screen to replace the manually entered DNS servers with those from your ISP. In either case, if you’re not going to use DNS filters, it’s worth turning on iCloud Private Relay. We hope that Apple adds DNS filtering options to iCloud Private Relay so you could additionally choose to filter out malicious sites and adult content.

(Featured image by iStock.com/Funtap)

Shortly after the start of the COVID-19 pandemic, Apple made it so your Apple Watch could unlock your Face ID-enabled iPhone when you were wearing a mask. Starting in iOS 15.4, the company has taken the next step and enabled Face ID on the iPhone 12 and later to work even when you’re wearing a mask. If you didn’t already set up Face ID with a mask after updating to iOS 15.4, go to Settings > Face ID & Passcode and enable Face ID with a Mask. You’ll have to run through the Face ID training sequence again, and more than once if you sometimes wear glasses, but it’s quick and easy. Face ID may not work quite as well when you’re wearing a mask, and it doesn’t support sunglasses, but it’s way better than having to enter your passcode whenever you’re masked.

(Featured image by iStock.com/Prostock-Studio)

With the recent release of macOS 12.3 Monterey and iPadOS 15.4, Apple shipped Universal Control, the last major technology promised in its 2021 operating system upgrades. Universal Control enables you to use the keyboard and mouse or trackpad attached to one Mac to control up to three other Macs or iPads—you can even copy and paste or drag items between devices. It’s a great way to make more of your Apple devices while staying on task—no longer do you need to stop using your Mac to accomplish something on your iPad, and if you have both an iMac and a MacBook Air, it becomes trivially easy to use them simultaneously.

Universal Control can simplify grabbing a file from your MacBook Air while using your iMac, or it might make it easy to check something in an iPad-only app without switching from your familiar Mac keyboard and trackpad. For those who would benefit from more screen space, Universal Control simplifies keeping a Web browser window open on one Mac while you’re writing about it on another.

First, make sure all the Macs and iPads you want to use with Universal Control meet its system requirements. macOS 12.3 and iPadOS 15.4 are essential, and most (but not all) Macs and iPads that can run those versions are compatible. All the devices must be signed in to the same iCloud account, that account’s Apple ID must have two-factor authentication enabled, and no device can be sharing its Internet or cellular connection. Bluetooth and Wi-Fi must be turned on, and Handoff must be ​​enabled in System Preferences > General on the Mac and in Settings > General > AirPlay & Handoff on the iPad. That may sound like a lot, but most of those are defaults.

Apple says everything must be within 30 feet (10 meters), but in nearly all cases, you’ll want the devices to sit next to one another so you can easily see what you are doing on all the screens.

The only trick with setting up Universal Control is that it must be initiated from a Mac. Open System Preferences > Displays, click the Universal Control button, and in the dialog that appears, enable all three switches. Only the first one is necessary; the other two make connecting in the future easier.

After you click Done, you’ll return to the Displays preference pane, where any available Macs and iPads should appear, much like they were external monitors. If they don’t show up, click the Add Display pop-up menu and select the device you want to control under “Link Keyboard and Mouse.” You can also select them in Control Center, after clicking Displays. As long as you’ve selected “Automatically reconnect to any nearby Mac or iPad,” you shouldn’t have to repeat this step.

(The “Mirror or Extend to” section of the Add Display pop-up menu is where you select devices to use as external displays for your Mac. Macs running Monterey appear here courtesy of AirPlay, as do Apple TVs; iPads appear thanks to Apple’s Sidecar technology.)

Drag the device screen icons to match where they sit on your desk. The screenshot above indicates that you’d move the pointer from the double-screen iMac to the right to control the MacBook Air and down from the middle of the iMac screens to control the iPad.

When your pointer moves to another device’s screen, everything you do from then on will affect apps on that Mac or iPad, with one caveat. After the pointer moves to another device, you usually need to click once to create “focus,” which means specifying which window should receive subsequent clicks and keystrokes. If you forget to do this (it will become second nature quickly) and start typing, keystrokes will go to the previous device.

To help you move data between your devices, Universal Control offers two additional features beyond clicking and typing:

• Copy and paste: As you might expect, you can copy data on one device with Command-C, move the pointer to another device, and paste it into an app on the second device with Command-V.
• Drag and drop: Alternatively, you can drag files and other types of data from one device to another. This works well between Macs, and you can also move data between Macs and iPads in many situations, such as dragging an Apple Pencil sketch from an iPad and dropping it in a graphics app on the Mac. If a drag doesn’t work, try copy and paste or fall back on sharing the data via AirDrop or iCloud Drive.

Keep in mind that once you’ve turned it on, Universal Control has no concept of primary and secondary devices. In practice, you’ll probably use one keyboard and pointing device to control everything, but that’s not necessary. You can use a trackpad and keyboard connected to any device to control any other device, switching whenever you’d like.

Since Apple labels Universal Control as a beta, you may experience occasional dropouts or rough edges. If it loses track of a device, try putting the device to sleep and waking it again, and if that doesn’t work, open the Displays preference pane and select the device from Add Displays again.

Controlling one Mac from another is extremely fluid because the pointer and keyboard act exactly as expected. However, if you haven’t previously used a trackpad and hardware keyboard with an iPad, you may find its approach somewhat surprising. It’s a hybrid between a traditional pointer and a touchscreen, so the pointer is attracted to Home screen icons and many other controls, transforming it into a selection highlight. Either way, Universal Control just works. Give it a try!

(Featured image by Apple)

Do you need to be careful about how much data you use with your iPhone or iPad, either via cellular or Wi-Fi? That could be true for those with Internet data caps, people using an international plan while traveling, and anyone in an area with slow data speeds. To reduce your data usage, turn on Low Data Mode, which you can do separately for cellular and Wi-Fi. For cellular, look in Settings > Cellular > Cellular Data Options, where you can either enable Low Data Mode for LTE/4G or take one more step into Data Mode for 5G. If you’re using two plans with a dual SIM iPhone, you can set each one separately. For Wi-Fi, go to Settings > Wi-Fi and tap the i button next to the desired Wi-Fi network and then tap Low Data Mode. Apple lists what you can expect to change in Low Data Mode. If you need a similar capability for the Mac, check out TripMode.

(Featured image by iStock.com/Created_by_light)

If you’re thinking about buying a new Mac, you’re almost certainly planning to get one that uses a chip from Apple’s M1 family—the M1, M1 Pro, M1 Max, and M1 Ultra. Only the Mac Pro and one Mac mini configuration still rely on Intel CPUs, and they will likely be discontinued before the end of 2022. That’s not a bad thing—the M1 chips offer astonishing performance combined with low power consumption. But the move from Intel chips to Apple silicon has changed the game when it comes to one decision: how much memory to get.

That’s because Apple completely rearchitected how M1-based Macs incorporate memory. On Intel-based Macs that have separate CPU and GPU chips, each chip has its own memory. For instance, the base level Mac Pro comes with 32 GB of RAM on user-replaceable memory sticks, while its Radeon Pro graphics card has 8 GB of memory. The main advantage of this approach is that you can install more system memory if you need it—up to 1.5 TB at purchase time or later—and you can opt for one or even two video cards with up to 64 GB of memory. But that sort of flexibility was available only for the Mac Pro, Mac mini, and now-discontinued 27-inch iMac—with Apple’s laptops, you couldn’t upgrade memory because it was soldered onto the logic board, not socketed.

For M1-based Macs, Apple went even further and built “unified memory” directly onto the M1 chip itself. This provides significant performance benefits for two reasons:

• Shared memory pool: The M1 chips contain CPU cores, GPU cores, and Neural Engine cores, all of which need to use memory. By creating a shared pool of memory—hence the “unified memory” name—each processor can operate on the same data in memory rather than sending it back and forth from chip to chip. That’s both faster and more efficient.
• Higher memory bandwidth: By building memory onto the M1 chips themselves, Apple could also speed up the connection between memory and the various processors. Communication between on-chip components is much faster than when data has to travel back and forth between chips across the circuitry of the logic board and graphics card, as was the case for Intel-based Macs.

The downside of unified memory is that you’re stuck with how much you choose when you buy a Mac—there’s no way to upgrade the memory later. Given that only certain Macs have particular M1 chips, figuring out how much you need gets a little complicated.

For instance, if you want a MacBook Air, you can only choose between 8 GB and 16 GB of memory. However, if you are interested in the 14-inch MacBook Pro, you can get either an M1 Pro or M1 Max, and which chip you choose determines whether you can opt for 16 GB, 32 GB, or 64 GB of memory. Here are your choices, with each chip offering two options:

• M1: 8 GB and 16 GB. Used in the MacBook Air, 13-inch MacBook Pro, Mac mini, and 24-inch iMac. The 16 GB option adds $200 to the price.
• M1 Pro: 16 GB and 32 GB. Used in the 14-inch and 16-inch MacBook Pro. The 32 GB option adds $400 to the price.
• M1 Max: 32 GB and 64 GB. Used in the 14-inch and 16-inch MacBook Pro and Mac Studio. The 64 GB option costs an additional $400, half the price per gigabyte of the M1 and M1 Pro memory upgrades.
• M1 Ultra: 64 GB and 128 GB. Used solely in the Mac Studio. The 128 GB option costs an additional $800, matching the M1 Max’s price per gigabyte.

With all that background in your head, here are some questions to guide your decision:

• What sort of user are you? For average users who use Safari, Mail, Photos, and the apps in Apple’s iWork suite, an M1 Mac with 8 GB is probably sufficient, although $200 isn’t that much more to pay for 16 GB. If you regularly work with photos, audio, or video, a Mac with an M1 Pro or M1 Max would likely be more appropriate, and the larger the files you work with, the more memory you should get. Only those with the highest performance demands, such as a video professional working with 8K video or data scientist, should consider a Mac Studio with an M1 Ultra—if you’re at that level, you probably know if you need 64 GB or 128 GB.
• How much RAM do you have now? Another way to approach the problem is to think about how much RAM your current Intel-based Mac has, and if that’s enough. (Look at the Memory Pressure graph in the Memory tab of Activity Monitor—if it’s regularly yellow or red, you need more memory.) The increased performance and efficiency of memory use on the M1 chips suggest that you can get away with the same amount or even less than you have now while still enjoying improved performance. We recommended 16 GB as the minimum for Intel-based Macs, but 8 GB seems to be an acceptable base level for M1-based Macs.
• Do you anticipate increased memory needs? The hardest part of the decision is looking into the future and thinking about whether a certain amount of memory will be sufficient in several years. It’s never a bad idea to buy more memory than you think you need now to plan for the future—just more expensive. For example, if you’re on the fence between 16 GB and 32 GB with an M1 Pro-based Mac, $400 may be a reasonable price to pay for some future-proofing.

In the end, you’ll never regret having more memory, though you may dislike paying for it now. If cost is a real problem, you’re probably better off getting more memory and less internal SSD storage, since you can always add more external storage. Regardless, feel to reach out for help choosing the right Mac and memory configuration.

(Featured image by Apple)

Although Apple has improved the built-in password management features in macOS and iOS (you can now add notes to password entries!), third-party password managers like 1Password and LastPass are still more capable. For those still getting started using a password manager, another new capability will ease the transition: Safari password export. To export a CSV file of your Safari passwords, choose Safari > Preferences > Passwords, and enter your password when prompted. From the bottom of the left-hand sidebar, click the ••• button, choose Export All Passwords, and save the Passwords.csv file to the Desktop. After you import the file into 1Password (instructions), LastPass (instructions), or another password manager, be sure to delete the exported file and empty the trash.

(Featured image by iStock.com/metamorworks)

In today’s world, there’s no reason to remember our contacts’ phone numbers or email addresses—that’s a job for our Macs, iPhones, and iPads. This sort of data is so core to using digital devices that Apple has long provided an ecosystem-wide solution in the form of Contacts and syncing through iCloud.

Unfortunately, it’s all too common to end up with multiple cards for the same person in Contacts, either precise duplicates or versions that contain different details. Further muddying the situation, many of us have multiple contact accounts—such as from Google or Microsoft Exchange—and some contacts may be duplicated across several accounts.

This situation is sufficiently common that Apple has provided three ways to deal with duplicate contacts: manually merging selected contact cards, automatically merging duplicate cards, and linking cards replicated in multiple accounts. The first two can be done only in the Contacts app on the Mac; linking can also be accomplished on an iPhone or iPad.

Merge Contact Cards

Let’s say you’ve ended up with two or more contact cards for the same person in the same account. They’ll usually have the same name, but it doesn’t matter if the names are different. To merge them, which combines the data from each into a single card, select them in Contacts, and choose Card > Merge Selected Cards. You should now see just the single merged card.

Contacts generally does a good job of identifying data that’s identical between the cards (like the iPhone numbers above), though different labels can sometimes trip it up. When there’s a conflict, Contacts creates a new entry for it. Name conflicts are added to the note field.

Look for Duplicates

Merge Selected Cards works if you have a small number of duplicates that you can identify easily. However, many people have found themselves in situations where tens or hundreds of contacts have been duplicated, often due to a hiccup in cloud syncing or importing. To help with that too-frequent occurrence, Apple added a feature that looks at all your contact cards and merges those that it determines are duplicates.

It’s simple to use—just choose Card > Look for Duplicates. After Contacts scans all your cards, it puts up a dialog telling you how many cards it found. Click Merge to combine all the duplicates.

Although merging hundreds of cards can be stressful, it usually works very well, and it’s far faster and easier than the alternative, which is to select each set of duplicates manually and use Merge Selected Cards.

Link Contact Cards

The two previous solutions help when you have duplicate contacts in a single account. Equally annoying can be ending up with contact cards for the same person across multiple accounts. (Check to see what accounts are configured and enabled in Contacts > Preferences > Accounts.) At best, those duplicates will simply clutter your contact list; at worst, you might have to check multiple cards to find the right phone number or email address.

Apple helps you clean up your contact list by linking cards for the same contact across different accounts. (You mustn’t link cards for different people; that can result in people receiving texts meant for others and other confusions.) In essence, this works like Merge Selected Cards, but the separate contact cards remain in their accounts, with Contacts displaying just one card with the combined information.

You can also link contacts using the Contacts or Phone apps on an iPhone or iPad, although the steps are much fussier than in Contacts on the Mac:

1. Find a person who is replicated across multiple accounts, and view one of their contact cards.
2. Tap Edit, scroll to the Linked Contacts section at the bottom of the card and tap the green + button.
3. In the contact list that appears, find and tap the second card for the person—it should either be showing or require scrolling up slightly.
4. Tap Link, and in the next screen, tap Done.

If you accidentally link the wrong cards and need to unlink them, edit the linked card and click or tap the red Remove button to break the link.

Changes you make to a combined card are saved to each separate card. However, if you want to edit one of the cards but not the other, you can view and edit each one separately by clicking the account name next to Cards on the Mac or tapping the appropriate card under Linked Contacts on an iPhone or iPad.

Cleaning up your contact list may not be the most exciting thing to do, but it’s worthwhile to eliminate duplicates that could cause confusion later on.

(Featured image by iStock.com/anyaberkut)

Although the Mac’s Dock shows all your running apps, it’s often not the most efficient way to switch among them. Instead, turn to the App Switcher. You may know that pressing Command-Tab switches to the last-used app, making it easy to flip back and forth between two apps. However, if you press Command-Tab and continue to hold the Command key down, the App Switcher itself appears, with icons for all running apps. When you let up on the Command key, the App Switcher disappears, and you’ll switch to the selected app. To select an app, while the Command key is down, press Tab or Shift-Tab to cycle through the apps, or hover your pointer over the desired app. You can also click the desired app to switch to it instantly, without letting up on the Command key. And if you want to dismiss the App Switcher without switching apps, press Esc.

(Featured image by iStock.com/SIphotography)

For several decades, Russia has targeted a wide variety of cyberattacks at countries with which it has had disputes. That includes the United States and other Western nations, which have recently levied unprecedented sanctions against Russia after it invaded Ukraine. President Biden has warned that “Russia could conduct malicious cyber activity against the United States” in response, encouraging the private sector to increase the protection of systems and networks. This isn’t theoretical—the US Cybersecurity & Infrastructure Security Agency lists numerous such attacks in the last five years.

It’s tempting to think that your business is too small or unimportant to be targeted in a Russian cyberattack. While that may be true of direct infiltration by individual Russian hackers, many cyberattacks are carried out indiscriminately by bots—the ultimate is the DDoS (distributed denial of service) attack that uses compromised computers and Internet-of-things devices to flood a targeted server or company with an unmanageable amount of random Internet traffic. Plus, a common hacking approach is to compromise an account on one seemingly unrelated system as a stepping stone to another, more secure system.

There’s nothing new here—we’ve been encouraging everyone to take cybersecurity seriously for years now. But the threat is now more serious than ever before. So, here’s what we suggest—if you need help with any of this, don’t hesitate to contact us.

• Be vigilant: The most common way that hackers gain entry into computer systems is through an employee opening a malicious attachment or being fooled into entering credentials into a fake website. Implement or refresh security awareness training that teaches employees how to recognize suspicious email, identify phishing attempts, and report appropriately.
• Use good password practices: Make sure that everyone uses strong, unique passwords that are created, stored, and entered using a password manager. Password managers also identify weak passwords and those that have been compromised in security breaches—ask everyone to audit their passwords and update any that aren’t secure. (But there’s no reason to change good passwords willy-nilly.)
• Implement 2FA: Whenever possible, require two-factor authentication, which provides extremely strong protection against remote intrusion given that a compromised password is no longer sufficient.
• Keep software up to date: Install all software and operating system updates on all platforms. In its security update notes, Apple often says that particular vulnerabilities are actively being exploited—it’s crucial to install such updates immediately. If you use anti-malware software (essential for Windows; less so for macOS), keep its signatures current.
• Backup regularly: Ensure that all systems are backed up regularly, and for your most important data, make sure backups are protected from ransomware encryption by storing them offline or using object locking on a cloud storage service. Be sure to test your backups regularly as well—backing up is the first step, but being able to restore is what’s necessary.
• Increase monitoring: Keep a centralized record of all employee reports of suspicious behavior to better identify attack patterns and targeted systems. Whenever possible, make sure server and network device logging is enabled so any incidents can be investigated more fully. Turn on any anomaly reporting capabilities in backup and other security-related apps.
• Plan for the worst: Develop or revisit business continuity and crisis response plans. For instance, discuss how you’d deal with losing Internet connectivity, being locked out of key online accounts, or having all your data rendered inaccessible by ransomware.

There’s no reason to panic, but the increased threat from Russian cyberattacks is a good excuse to focus more attention on digital security. The Internet makes astonishing things possible, but it also opens us up to attacks that would previously have been inconceivable. Stay safe out there.

(Featured image by iStock.com/BeeBright)

Normally, when you rotate an iPad, the screen happily flips from portrait (vertical) to landscape (horizontal) orientation as appropriate. Rotating an iPhone has the same effect in some apps, though many are written to work only in one orientation. If you ever end up in a situation where your device’s screen doesn’t rotate when you think it should, the reason is likely that Rotation Lock has been turned on in Control Center. Swipe down from the top-right corner of your screen (or up from the bottom of the screen on a Touch ID iPhone) and disable the Rotation Lock button. You can turn it on again later if you ever want to prevent the screen from rotating temporarily.

(Featured image by iStock.com/Jacephoto)