Intego Mac Security Podcast

Credential Stuffing, Pig Butchering, Security Keys for Your Apple Account, and the New Mac mini – Intego Mac Podcast Episode 277

Posted on by

This week’s threats involve credential stuffing and pig butchering, and we examine whether you should use security keys to protect your Apple ID account, and why the new Mac mini is a “maxi” computer.

Transcript of Intego Mac Podcast episode 277

Voice Over 0:00
This is the Intego Mac Podcast (the voice of Mac security) for Thursday, February 2, 2023.

This week’s Intego Mac Podcast security headlines include what you need to know about credential stuffing attacks, and pig butchering, a method that’s been used to weaponize some crypto apps in Apple’s App Store. Apple’s new security keys feature is now available for all its latest operating systems. Who should and shouldn’t use this super secure Apple ID account login method. And we’ll take a mini look at Apple’s new M2 Mac mini. Now here are the hosts of the Intego Mac podcast, veteran Mac journalist, Kirk McElhearn, and Intego’s Chief Security Analyst, Josh Long.

Kirk McElhearn 0:49
Good morning, Josh, how are you today?

Josh Long 0:51
I’m doing well. How are you, Kirk?

Kirk McElhearn 0:52
I’m doing very well. So we’ve got a lot of news today. Why don’t we start with an Apple Maps privacy bug that may have allowed apps to collect your location information?

A serious Apple Maps privacy bug has been fixed

Josh Long 1:03
Well, the headline pretty much says it all. Thankfully, this is something that Apple did patch last week. So in iOS 16.3, one of the listed vulnerabilities was “an app may be able to bypass privacy preferences, a logic issue was addressed with improved state management” is how Apple says that they they fixed this. And apparently this was specifically a bug in Apple Maps. So at least we know that it has been patched. So as long as you’ve got iOS 16.3, this should not be an issue. But there was a period of time when third party apps might have been able to collect location data without your permission, apparently.

Kirk McElhearn 1:41
I don’t know how Apple Maps works. But different apps can use Apple Maps. It’s not like it’s embedded in the app. It’s like they’re calling up a browser or something. Right?

Josh Long 1:50
Actually, I don’t know. I don’t know exactly how how the technology of it works. But that is true. I have seen that before, where when I’m using a third party app, it’ll pull up information that looks very much like Apple Maps. So I guess there must be an API, an application programming interface for developers to do something like that.

What is a credential stuffing attack? PayPal and Norton LifeLock Password Manager have been hit.

Kirk McElhearn 2:11
Okay, we have two stories about credential stuffing attacks. And the first thing we need to know is what is a credential stuffing attack? And does it only happen on Thanksgiving?

Josh Long 2:22
No, it’s not that kind of stuffing, that would be tasty. No, a credential stuffing attack. This has kind of been coming up a lot in the news lately. So we thought it would be worth reviewing this. So credential stuffing is basically…when you hear about all these password breaches that happen all the time, database breaches, user databases get accessed and now all of a sudden, there’s password data and usernames and and things that are out there and available to hackers in the public. Right. So what a credential stuffing attack does is it takes that existing exposed data, and it attempts to reuse those same usernames and passwords or email addresses and passwords to log into other services. And so recently, both PayPal and also Norton LifeLock Password Manager have announced that they detected in early December, somebody was attempting credential stuffing attacks. And apparently they did a bunch of these before they were caught. And so PayPal and Norton have both notified customers that you may have been impacted by this and you may need to change your password.

KeePass is another problematic password manager

Kirk McElhearn 3:31
We’ve had a lot of problems with password managers lately, in particular LastPass that we talked about, recently, another password manager called KeePass–“keep” “pass” K-E-E capital P-A-S-S. They had a vulnerability that allowed local attackers or malware to export passwords. Now, that means that this is a vulnerability that decrypts your passwords and exploits them right?

Josh Long 3:56
Okay, so what researchers have claimed is that by simply modifying a line in this KeePass apps configuration file, that they can easily obtain clear text versions of all passwords stored in that database. So this is a problem, of course, if you have physical access. But does it go beyond that? Is there any way that some bad guy could potentially export all of your passwords? Well, theoretically, if you had a malware infection, then you wouldn’t necessarily have to have a bad guy sitting down at your computer and doing something malicious there, right? Somebody could potentially write some malware that specifically is designed to just enable this change in the configuration file and then export all of your passwords and exfiltrate those to an attacker controlled server.

Kirk McElhearn 4:51
That doesn’t sound very good.

Josh Long 4:52
No, and interestingly, KeePass is a fairly popular password manager and it’s completely open source. So it’s been around for a while it’s available on a lot of platforms. And so a fair number of people probably are using this password manager. It’s a little bit concerning that at least at first, the KeePass development team has kind of said, Yeah, we don’t really think this is an actual issue because it does require physical access to a device on which the software is running. Hopefully, they will rethink that because clearly there are other ways and this is definitely going to be something that malware is going to start including, right. Why wouldn’t they? If you’ve already got access to somebody’s computer, why not just check and see if they’ve got KeePass installed? Because then now you can just steal all their passwords to that’s pretty fun.

Pig butchering is a hacking technique

Kirk McElhearn 5:43
Okay, so we now go from credential stuffing to pig butchering. This is not the Josh and Kirk cooking show. Pig butchering is some new technique that has allowed some crypto scam apps to infiltrate the Apple App Store and Google Play. Pig butchering? I mean, who comes up with this kind of terminology?

Josh Long 6:02
I don’t know, this one’s really gross. I don’t like this term. But basically what this type of scam is, is they’re trying to take down these crypto bros, you know, people who are really into cryptocurrency. So they’re trying to take advantage of people who might be interested in downloading the very latest new crypto apps that might be available. So allegedly, what was happening is that some scammers were targeting victims on Facebook and Tinder. I don’t understand Tinder, that was kind of surprising to me. Tinder is a dating app. And they were targeting users of these platforms and convincing them to download these fraudulent apps and invest large amounts of money. Well, it turns out these were scam apps.

Kirk McElhearn 6:49
Okay, so that’s a social engineering thing. But one of the problems here is that these apps were submitted for App Store review, and they were approved. And before review, they were pointing to a benign server and they had normal behavior. And after review, they started connecting to a different server, I want to know how the app review allows this. There’s obviously in the code, here’s the server we’re connecting to, how could they have changed this?

Josh Long 7:16
Well, there’s a number of ways that a developer can potentially work around things like this. Now, you know, Apple will tell you that you have to design your apps in a way that there’s no way that you can have deceptive, self changing code and things like that. You’re not supposed to be able to update an app so that after it gets past the review process, and now does something different. Well, there’s a number of potential ways that a developer could do something like this, for example, maybe there could be something that looks kind of benign, that maybe it’s checking for a remote server or particular file on a remote server. And then if that file is missing, or file has been added, then it changes to trigger a different server to use or something like that. There’s a number of different potential ways that something like this could happen. So these apps got past the review process they got in the App Store. And this is a good reminder that just because something is in the App Store does not mean that it is perfectly safe to use. It could be a scam app that somehow slipped past Apple’s review process. Don’t assume that just because something’s in the App Store means it’s safe. By the way, both of these apps have been removed from the App Store at this point.

Kirk McElhearn 8:32
I think this is also a good reminder that cryptocurrency is a Ponzi scheme. But that’s a topic for another podcast. Okay, this is gonna make you happy, OpenCore Legacy Patcher… do you have your OpenCore Legacy Patcher T-shirt yet? I think you should have an honorary one. It now supports Macs all the way back to 2008, and mid-2007 iMacs like yours.

OpenCore Legacy Patcher now works to run macOS Ventura on older Macs

Josh Long 8:55
That’s right. As a reminder, OpenCore Legacy Patcher is a third party utility that allows you to be able to run the latest version of macOS on much older hardware than Apple officially supports. So if you have a Mac now all the way back to 2008, and even that one particular 2007 iMac that I have if you’ve upgraded the hardware, then you can run macOS Ventura now. You don’t have to only upgrade to macOS Monterrey, which also wasn’t [officially] supported on that hardware.

Netflix is cracking down on password sharing

Kirk McElhearn 9:31
Okay, Netflix has said several times in the past year that they were going to cut down on password sharing, because apparently—I don’t do this—apparently people share their Netflix passwords with friends and family and people around the world. One of the problems with sharing passwords is if you’re using the same password on Netflix as you use for everything else, then that’s already dangerous because you’ve given the password out. But Netflix is doing this because people are freeloading right. So they’re going to start blocking devices that aren’t at the same location. And they’ve got a number of ways that they figure out how to do this. It has to do with IP address, et cetera. There are problems if you use a VPN, just normally, like you have a VPN on your Mac right now. And if you want to watch something on Netflix that could cause a problem. When you’re traveling, apparently, you can request a temporary code from Netflix when you sign in to a hotel, Smart TV, company, laptop, etc, to have access to your account for seven consecutive days. What if you spend half the time on the road, right? If you sign into your home Wi Fi at least once every 31 days on your devices, this will make them trusted devices. Netflix will remember them and leave them unblocked. And this is going to be a disaster, there’s going to be a disaster, not for people who are sharing their password in the wrong way. But for people who travel for business for pleasure, families who are in two locations, what about a family that’s divorced, and there’s the kids in one house and the kids…. I think this is going to be a disaster for Netflix.

Josh Long 11:00
Yeah, this is probably not going to be well received. And we kind of already knew that that was coming right? Netflix had been teasing for a while that they were going to make changes like this. And they were coming up. And I understand Netflix’s reasoning, right? Like they’re claiming that they’re losing a bunch of money. And the more people they can get to sign up the better, right? I mean, you can sign up for what? I think 6.99 a month, which includes ads, if I’m not mistaken.

Kirk McElhearn 11:27
Yeah. But that’s with ads and SD, it’s not even HD it’s, you know, poor quality. So we don’t want that. That’s so 2000. That’s so, you know, old.

Josh Long 11:38
Yeah, that’s not a great experience. So here’s another scenario. And there’s many, many, many scenarios like this. But another one is, let’s say you’ve got a college student, right? They they live at home, most of the time, they’re away at college, they’re not going to be home every 31 days, but they are part of your household, right? They haven’t permanently established a new residence somewhere else. They’re just temporarily going off to college and coming back home, right? Those individuals who are students, right, who are going off to college, they would be locked out potentially of these accounts. Now there are potential workarounds for this.

Kirk McElhearn 12:14
Well, can I suggest one? if you set up a VPN in your home and you log into that VPN, then that will be the address that Netflix sees. So whether you’re traveling at college, or anyplace else, you’ll be able to use it.

Josh Long 12:28
Exactly. My thoughts exactly. This is a little bit tricky to set up, depending on your home network and what router you have. Sometimes this functionality may be built into your router to sort of enable remote users to VPN into your home network. There are potentially other ways to do this that are a little bit more complicated. Hopefully, your router supports this, if you have somebody in that scenario, who’s frequently away from home, maybe you’re traveling a lot for business for more than 31 days at a time, sometimes. This is something that you’ll probably want to look into. Because you’re not going to want to pay for an extra Netflix account. That’s very annoying.

Kirk McElhearn 13:08
I don’t even want to pay for one Netflix account. I mean, I’ve mentioned a long time ago, I re-up my Netflix account for a month, every now and then, when there’s interesting things to watch, then I cancel it. I’m not gonna pay every month. And it’s been four or five months since I’ve paid and every time I look to see if there’s anything worthwhile it’s like, not worth it to just watch those two movies to pay for another month. So….

Josh Long 13:31
Exactly. We’re at that point, too. I’ve been saying for a while, I’ve been telling my wife you know, we probably should cancel Netflix and she’s like, but there’s this one show. And so she finished that show. We’re putting it on hold for a while.

Kirk McElhearn 13:41
Okay, we’re gonna take a break. When we come back, we’re going to talk about the new Mac mini and we’re going to tell you everything you need to know about using security keys to protect your Apple ID account on your iPhone, iPad and Mac.

Voice Over 13:54
Protecting your online security and privacy has never been more important than it is today. Intego has been proudly protecting Mac users for over 25 years. And our latest Mac protection suite includes the tools you need to stay protected. Intego Mac Premium Bundle X9 includes VirusBarrier, the world’s best Mac anti-malware protection, NetBarrier, powerful inbound and outbound firewall security, Personal Backup, to keep your important files safe from ransomware, and much more to help protect, secure, and organize your Mac. Best of all, it’s compatible with macOS Ventura and the latest Apple silicon Macs. Download the free trial of Mac Premium Bundle X9 from today, when you’re ready to buy, Intego Mac Podcast listeners can get a special discount by using the link in this episode show notes at That’s, and click on this episode to find the special discount link exclusively for Intego Mac podcast listeners. Intego, world-class protection and utility software for Mac users made by the Mac security experts.

Apple’s now allows the use of security keys

Kirk McElhearn 15:10
A new feature in Apple’s latest operating systems is the ability to use security keys to protect your Apple ID account. And many times we have talked about two factor authentication where you have your username and your password and a code and the code could be sent by SMS—ooh, unsecure—or Apple system where it sends to another one of your trusted devices. A security key is a different way of having that second factor, it’s an actual key that you plug into the back of your computer. Or there are some that work with NFC that you can hold it up to your phone, and it works like that. It’s got a cryptographic key inside and it’s probably unbreakable. And the difference is that if you set a security key on your Apple ID account and someone gets access to one of your other Apple devices, somehow, they still can’t use that to get into other devices. Because codes won’t be sent anymore, they won’t be able to generate codes, you’ll have to have that key. This is a really advanced security feature. And I definitely recommend that very few people should use this.

Josh Long 16:11
That’s interesting. Okay, so I know we kind of briefly talked about this before. But I think your logic for why very few people should use this is that now your only backup option is another key if you lose your key. Apple does make you set up at least two keys. And I think you can do what up to six, if I’m not mistaken, you can set up a maximum of six keys. Yeah. So if you if you lose your primary key, you’ve got to have your secondary, your backup key somewhere else. If you lose both of them, and you only have two, then you’re in trouble, because now Apple can’t help you in any way to get access to your account. So they say.

Kirk McElhearn 16:49
Yeah, they cannot help you. It’s not a question of “so they say”. This is a cryptographic key and they don’t have it. In Apple’s documents, they talk about two different cases for when this is useful. In a support document, they say that “this is an advanced security feature designed for people who want extra protection from targeted attacks, such as phishing, or social engineering scams.” But in the press release, when they announced it they said, “this feature is designed for users who often due to their public profile face concerted threats to their online accounts, such as celebrities, journalists and members of government.” That’s two totally different use cases. The first one is talking about phishing. And the second one is talking about, you know, state sponsored targeted attacks.

Josh Long 17:33
Right. So I mean, it could potentially be used for either purpose, I guess? Although it really seems like this is more likely something for the latter scenario, right? The state sponsored attacks. Because generally speaking, if somebody’s trying to phish you, you know, or, or get access to your account through some social engineering scam, I don’t really see why you would necessarily need security keys.

Kirk McElhearn 17:59
Well, imagine someone sends you a link that takes you to a fake Apple ID login page, and you enter your name and password. And you’re waiting for a code to come that says you’re gonna get a code. And well, you’re not gonna get the code because you’re using a security key. And the fake website will have your name and password, but they won’t be able to do anything with your account, because they need the security key. If you enter the security key, the fake website won’t be set up to recognize that security key. So it does protect you from phishing even the most even the cleverest phishing, but who needs to be protected? Do you need to be protected? I know you felt that as a security researcher, you could be targeted, certainly valid. I think, though, that this is the kind of risk like the Advanced Data Protection feature we talked about recently, people might be tempted to turn it on because it sounds cool. But then if something goes wrong, they’re really in trouble. I would suggest if you really want to do this get six keys They’re about 50 bucks each, you can maybe buy six for you know, a package for 200 or something like that. You keep one with you, you put one in the car, you put one in the safe deposit box, you give one to family member you put one in your in your office in a safe… you put them all over the place. Now, of course the risk is the more keys are out there, the more possibility is of someone stealing them, but they still need your name and password along with the key.

Josh Long 19:22
Yeah, if you do get multiple keys, you do have to then be responsible for making sure that all of those keys are kept in a secure place, right? If you just have one of these keys, presumably you’re probably going to keep one with you on your keychain. Well, make sure you don’t put your keys in some place or somebody else can grab them right and run off with them or else you might lose one of your keys. And that’s not a good thing. You do have to be really careful about where you’re putting your keys now if you’re choosing to go with this option.

Kirk McElhearn 19:51
I can see someone like, I don’t know, President Biden. He’s got his iPhone and he’s got his Apple ID and he’s got a security key. And his chief of staff has another of the six, and the secret service guy has a security key, and the head of security has a security key. It’s like, you know, security keys all the way down. So they’ve got six of them, and there’s always someone who’s got one. But if you can’t get a hold of one, then you can’t log into a new device. So if you’ve lost your key, I don’t know you’re in California right now in an undisclosed location. Let’s say you lose your key on a trip to New York and you get there. You can’t get into your device until you get that key, someone who can maybe FedEx you a key that you kept in California, but you’ll be stuck in a point where you just can’t access your account. Obviously, in normal usage, you don’t need to re-sign into your account. But let’s say you’ve lost your iPhone, you need to set up a new one. It’s a real impediment.

Josh Long 20:41
Yeah, I agree. It feels like this is probably more trouble than it’s worth. It’s worth kind of weighing the pros and cons and looking at what does this actually protect me from? versus, you know, what do I think this might be protecting me from right. You kind of have to differentiate between what seems like it might be a good feature and what actually is the best option for you for your particular scenario.

Apple’s new Mac Mini is an impressive little computer.

Kirk McElhearn 21:06
Okay. Apple’s new Mac mini is actually an impressive little computer. If you will get the Mac mini, it kind of looks the same as the previous Mac mini, which looked the same as the one before it which looked the same as the one before it going back for 10 years. Same shape, same size, little slab. Okay, that’s only silver, this time, you can’t get Space Gray, with just this little tiny computer. It’s small, and it’s quiet. And it was one of the first Mac’s to get the M1 chip going back two years ago, September, October 2020. And it’s now been updated to the M2 and the M2 Pro chips, which is a very interesting choice, because we’ve got the Mac Studio, which has M1 Max and M1 Ultra chips. And that was a little bit expensive for most people. It starts at $2,000. The Mac mini, which starts as low as $599, you can get this configured in the mid 1000s. They have a configuration at 1300, which is pretty powerful, which isn’t quite a Mac Studio, but it’s much more powerful than the previous Mac mini. It’s kind of a…it’s like a sliding scale now from the Mac minis to the Mac Studio on the desktop.

Josh Long 22:16
Yeah, this is very interesting from the perspective of looking at, you know, Apple’s whole desktop lineup, right? They’ve still got the Mac Pro with an Intel processor, a Xeon processor, right, that we talked about is really outdated.

Kirk McElhearn 22:30

Josh Long 22:31
Yeah, it’s really outdated at this point. There’s very, very rare niche cases where you might actually still want to get that. For most people that’s absolutely not what you want at this point. Then we’ve got the Mac Studio, which as you mentioned so these aren’t even upgraded to the M2 processors line yet. And now you’ve got the Mac mini, which is kind of the most, like, consumer-oriented one, I would say, of the three, and that one has the M2? It’s kind of weird that they didn’t do the Studio before the mini, right?

Kirk McElhearn 23:07
Yeah, the Mac mini leaped ahead of the studio, although the M1 Ultra is still the fastest chip out there. But the Mac mini took a leap ahead. Maybe the Mac Studio is going to be updated in June at the WWDC with M2 Max and Ultras and they will have M3 Max and Ultras etc. One thing that I find interesting: I bought one of the Mac minis, I bought the cheapest mode, $599, eight gigs of memory, 256-gig storage. I bought it to replace my Synology NAS which I’ve had for several years, which was annoying me, it’s so much easier to understand Mac OS on a server than it is on Synology DS thing. What I find is that even with the eight gigs, 256 it does pretty much everything I need to do without sweating. The only people who really need to spend a lot more are those who are doing video editing, with multiple displays etc. It also made me realize that my current iMac, which is from June 2021 only has eight cores, it only goes up to 16 gigs of RAM, whereas the Mac mini now they they have like 10 cores and they can go up to 32 gigs of memory with the Pro chip. So, curiously, the Mac mini took a leap ahead. And it’s better—well, relatively faster than the iMac and it’s brushing up against the Mac Studio. Yet, I’m satisfied with this iMac and I told you when I bought it I was going to try and keep it five years and I will because most of us don’t need this speed. So we’re back at this same old problem of like they’re giving us all these possibilities for faster and faster. But how many people are spending that extra money when they don’t need to?

Josh Long 24:46
Yeah, you know, for an introductory product, right? Like if you’re just getting into the Mac, right? You don’t, you’ve never used a Mac before. The Mac mini has always been that computer that you probably want if you if you’re stationary, if you don’t need a laptop, a Mac mini is a really good option, especially looking at that bottom of the barrel price. You can get, of course, PCs much cheaper than that if you really want to. But for everything that you’re getting for $599, this is actually a really good deal, considering how fast the processor is and all that. Now $599 only gets you eight gigs of RAM, which it’s not a ton, it’s, it’s perfect, right? It’s plenty if you’re just doing web browsing and email and little else. If you’re really doing a lot with it, if you’re doing any kind of like audio or video editing, or maybe you’re even doing a lot of graphics editing and things like that, you’re definitely going to want more memory. But even then, it’s 200 bucks on top of that to get 16 gigs, you’re still only at $799. That’s not terrible really.

Kirk McElhearn 25:55
Yeah, I took a look at the original presentation of the first Mac mini by Steve Jobs. I link to it in my article on the Indigo Mac Security Blog. He pointed out that it was BYODKM, which means bring your own display mouse and keyboard. Don’t forget that you’ve got to pay a little bit extra for the keyboard and the mouse. And while you can buy any kind of USB keyboard and mouse, the prices for Apple’s products are really expensive. If you want to Touch ID, you can get the Touch ID keyboard without a number pad for $149. If you want with a number pad, it’s $179. in white. If you want it in black, it’s $20 more. A mouse is $79 in white and $99 in Black, the Magic Trackpad is $129 and white, and $149 in black. So this can get really steep. Now, I would recommend buy a Logitech Bluetooth keyboard, whatever mouse or trackpad you like these are all going to work fine. Worth pointing out though: do you remember how much the original Mac mini cost?

Josh Long 26:52
Was it $499?

Kirk McElhearn 26:54
It was $499. And today’s Mac mini starts at $599. There were two Mac mini models originally: a $499 and a $599. And today we’re at $599. And this is 18 years later. So when you think about 18 years of inflation, I didn’t look up on an inflation calculator. But this is obviously…the original Mac mini would be twice the cost of the current Mac mini. Of course, all these prices have plummeted over time, every year, we get more for the same price. So it’s actually quite a good deal. So I’m running a little server, it’s whisper quiet. It’s quieter than previous Mac minis. I’ve got an external hard drive connected to it from my Plex library. And it’s fine. It’s a great little computer if you want to have one on your desktop with a proper display. Well, it’s $1599 for Apple’s Studio Display. So maybe you could get a cheaper PC display, would you like that? A PC display? That’s always made me feel uncomfortable: PC displays. I had a Dell display once back with a Mac mini years ago, a little more than 10 years ago, I had to exchange it about three times because of problems with it.

Josh Long 27:58
Yeah, that’s not good. Although I have to say that a lot of the PC manufacturers really do at this point, make some good displays, you really do have to read reviews and look into it really carefully, especially if you’re just buying it sight unseen, right? If you’re just looking to buy it online without looking at it in a store or something like that first. But you can kind of tell some of the stuff from the specs, but you really you have to you have to kind of look and see what the experts say about it. One other thing that I think is kind of fun about this Mac mini. I don’t remember if the previous models of Mac mini had this, but I noticed that you can upgrade to a 10 Gigabit Ethernet port for just 100 bucks.

Kirk McElhearn 28:38
Yeah, that’s the first time.

Josh Long 28:40
Yeah, the vast majority of people definitely do not need 10 gigabit. Most of the routers and switches and other network equipment out there does not support 10 gigabit at this point. But that’s kind of cool. I mean, it could it could be a future-proof thing. Maybe if you want to wire your home with 10 Gigabit Ethernet.

Kirk McElhearn 29:00
Yeah, I think the Mac Studio includes 10 Gigabit Ethernet, the Mac Pro, which is outdated. So there are some possibilities. But as you say the whole chain has to be 10 gigabits to get that kind of speed. Anyway, if you need a cheap desktop computer and I put cheap in air quotes because when you add the cost of the display keyboard and mouse you know it still gets up to $1,000. But you have a lot of options with the Mac mini of your configuration and don’t overspend. You probably don’t need the 32 gigs of memory unless you’re editing 8k video,

Josh Long 29:29
Right. But nevertheless Mac mini honestly with the especially with these improvements, I feel like this is a great price. So if you have a friend, relative who’s considering getting a Mac and they’re just not sure they want to spend the money to get a Mac, they feel like a Mac is too expensive, this is a great introductory Mac.

Kirk McElhearn 29:48
Okay, that’s it for this week. Until next week, Josh stay secure.

Josh Long 29:51
All right, stay secure.

Voice Over 29:54
Thanks for listening to the Intego Mac Podcast, the voice of Mac security, with your hosts Kirk McElhearn, and Josh Long. To get every weekly episode, be sure to follow us on Apple podcasts, or subscribe in your favorite podcast app. And, if you can, leave a rating, a like, or a review. Links to topics and information mentioned in the podcast can be found in the show notes for the episode The Intego website is also where to find details on the full line of Intego security and utility software:

If you like the Intego Mac Podcast podcast, be sure to rate and review it on Apple Podcasts.

Intego Mac Podcast

Have a question? Ask us! Contact Intego via email if you have any questions you want to hear discussed on the podcast, or to provide feedback and ideas for upcoming podcast episodes.

About Kirk McElhearn

Kirk McElhearn writes about Apple products and more on his blog Kirkville. He is co-host of the Intego Mac Podcast, as well as several other podcasts, and is a regular contributor to The Mac Security Blog, TidBITS, and several other websites and publications. Kirk has written more than two dozen books, including Take Control books about Apple's media apps, Scrivener, and LaunchBar. Follow him on Twitter at @mcelhearn. View all posts by Kirk McElhearn →