Intego Mac Security Podcast

Tom Cruise Is in the Heating Ducts – Intego Mac Podcast Episode 327

Posted on by

Apple issues an security patch for its Magic Keyboard. It turns out that Google Chrome’s Incognito Mode is not so incognito. AppleCoin, more invoice phishing, and Amazon delivery hacks: they’re all scams in this week’s ScamWatch. And app sideloading is coming to iPhones in EU countries.

  • Magic Keyboard Firmware Update 2.0.6
  • Apple Releasing iOS 17.3 Next Week With These New Features
  • Apple GPU security flaw in iPhone 12 and M2 MacBook Air
  • LeftoverLocals: Listening to LLM responses through leaked GPU local memory
  • Apple Watch drops blood oxygen features to dodge the import ban
  • Apple May Sell Series 9 and Ultra 2 Watches Without Blood Oxygen App in U.S. Amid Patent Dispute
  • Apple iPhone global market share reaches top spot in 2023
  • App Store to Be ‘Split in Two’ Ahead of EU iPhone Sideloading Deadline
  • PSA: Warn your non-techy friends about fake AppleCoin ads
  • Grieving mother falls victim to Amazon one-time password ‘scam’
  • “Geek Squad” Email Scam Sends Fake Invoices Using HousecallPro Servers
  • Google fixes first actively exploited Chrome zero-day of 2024
  • Google quietly updates Chrome’s incognito warning in wake of tracking lawsuit
  • Am I Unique?
  • Beeper Mini users find Macs banned from iMessage network
  • Sosumi

  • If you like the Intego Mac Podcast, be sure to follow it on Apple Podcasts, Spotify, or Amazon.

    Have a question? Ask us! Contact Intego via email if you have any questions you want to hear discussed on the podcast, or to provide feedback and ideas for upcoming podcast episodes.

    **Intego Mac Premium Bundle X9** is the ultimate protection and utility suite for your Mac. Download a free trial now at, and use this link for a special discount when you’re ready to buy.

    Transcript of Intego Mac Podcast episode 327

    Voice Over 0:00
    This is the Intego Mac podcast—the voice of Mac security—for Thursday January 18 2024. This week’s Intego Mac podcast security headlines include: Apple issues an urgent security patch for, of all things, its Magic Keyboard. Turns out Google Chrome’s Incognito Mode is not so incognito. AppleCoin, invoice phishing, and Amazon delivery hacks. They’re all scams in this week’s Scam Watch. And app sideloading is coming to iPhones in EU countries. Now here are the hosts of the Intego Mac podcast. Veteran Mac journalist, Kirk McElhearn and Intego’s Chief Security Analyst, Josh Long.

    Kirk McElhearn 0:49
    Good morning, Josh, how are you today?

    Josh Long 0:51
    I’m doing well. How are you, Kirk?

    Apple updates Magic Keyboard firmware

    Kirk McElhearn 0:52
    I’m doing just fine. You know, I was really surprised that I got an update to my keyboard. We update Apple devices all the times our Macs, our iPhones or iPads or watches but keyboard updates are rare Apple issued a Magic Keyboard firmware update number 2.0 point six. Now, I bought this keyboard in let’s see may 2021. It’s the first update that it’s had. When the announcement came out, I checked in the firmware was 1.6. And the update is 2.0 point six, which means there have been updates to I guess keyboards that they’re shipping. But they didn’t issue to update existing keyboards. And this is interesting dapples description says an attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic. And this kind of makes me think we’ve talked about the evil made attack when a maid goes into a hotel room and accesses a laptop. But this isn’t the keyboard for the laptop. This is the keyboard on its own that you use with an iMac or a Mac mini. This is something that happens in an office when Tom Cruise is in the heating vents above the office after he’s extracted the Bluetooth pairing key and he’s able to see the keystrokes that someone below him is typing to get this secret password.

    Josh Long 2:07
    So this is a variation of the evil made attack. It’s clever, it does require physical access, that’s an important part. So in order to initiate this, this whole exchange and be able to then intercept, whatever is coming or being typed into the keyboard, then you have to have physical access to set all that up in the first place. But that’s a very common scenario, like you talked about in a workplace. You know, very likely, people are using Bluetooth keyboards in a in a workplace and custodial crews have access and several other people probably have access to all the rooms in the building. So it’s entirely possible that somebody could sneak in there and hack your Bluetooth keyboard. However, Apple’s got you covered because we do have this new Magic Keyboard firmware update 2.0 point six that just came out. Now this is not something that you can check for manually. This is something that apparently your keyboard will get on its own. If you haven’t turned on your Apple Bluetooth keyboard in a while, go ahead and turn it on, make sure that it’s paired with your Mac. Hopefully nobody is spying on you. While you’re doing that, and it should get the update on its own.

    Kirk McElhearn 3:19
    We don’t know exactly how this works. We don’t have any information. But I’m assuming that someone can connect a device to the lightning port on the keyboard and extract the pairing key. Now I say lightning port, maybe the new ones have a USBC port, but I doubt it. Because I think the Magic Mouse still has a lightning port, it’s moot. The fact is that if someone does have physical access, they can get the hearing key. While they can’t get access to the Mac, which is locked in they don’t have the password. But what happens is once they get their parent key, well, they can get the password for the Mac, if they’re in heating vent right above, you know, within within 50 or 60 feet of your keyboard. We will have some security updates next week because apparently Apple is releasing iOS 17.3 Which also means that they’re going to release all the other operating systems 17.3 will talk about the stolen device protection for iPhone. There aren’t many other important features Apple Music collaborative playlist they’re talking about. So there will be new security updates. We have no idea what and we’ll let you know as soon as we know, right?

    Josh Long 4:18
    Yep. And there’s a new wallpaper don’t forget about the new wallpaper. That’s an advertised feature as well.

    A GPU flaw affects some Apple devices

    Kirk McElhearn 4:24
    Well. I’ll be honest, I kind of liked the new watch band. So this was announced also with a new black unity SportBand for the Apple Watch and the wallpaper as a similar theme to the watchman nice looking watch band. I have too many watch bands for the Apple Watch already, so I won’t buy it. But if you need a new Apple watch band, it’s a good time to get one. We have a flaw affecting the iPhone and the M2 MacBook Air and it could be affecting other devices. We’re not sure yet. This has something to do with Apple’s GPU. So that’s the graphics processing unit. We used to call that the video card when it was a separate card. Now it’s just an element on the chip.

    Josh Long 4:58
    Right. There’s a whole bunch have different GPUs graphic processing units that are affected by this. So you’ve got Apple Qualcomm AMD imagination, this flaw is called leftover locals, this could be more useful for an attacker, if they already have some amount of existing access, they could use this in a chain of attacks. So this could be one thing that they do, in combination with exploiting other vulnerabilities to maybe extract data from memory. We’ll link in the show notes to an article that covers this a little bit more in detail, as well as the original blog post, which goes into great detail. And interestingly enough, they actually talk about how you can potentially listen into LLM large language model responses through leaked GPU local memory. That’s how they frame it in the original piece. I guess you could use this to spy on people’s LLM sessions as well, if they’re interacting with a chatbot on their machine.

    Kirk McElhearn 5:58
    it’s important to know that GPUs which were originally graphics cards are for some reason, the tool of choice for a large language model and AI things. I think they process things in a different way. And that’s why GPUs have gone up in price they’re hard to get. It’s a totally new approach to computing. I don’t understand anything about the difference between the CPU and a GPU. But it is a big deal that GPUs are extremely powerful and they use for this sort of thing along with cryptocurrency mining, that’s another thing they’re optimized for.

    Josh Long 6:27
    Yep, exactly. So right now, there’s not a patch for it. It’s just kind of something that is known. And we’ll see whether we get updates, maybe firmware updates, possibly for Apple devices to address this.

    Apple removes blood oxygen level feature from Apple Watch

    Kirk McElhearn 6:41
    So we’ve talked about the Apple Watch patent issue about the blood oxygen sensor, Apple is going to according to The Verge dropped the blood oxygen features to dodge the import ban. Basically, they’re going to turn it off, I guess what they’re doing is reinstalling, the OS on the Apple Watch nine and Apple Watch Ultra two that they’ve going to put back on sale, whether they’ve already put back on sale, or that whatever the next update is going to remove the features to check blood oxygen, we’re not sure we’re not entirely sure whether this affects only newly sold watches or existing models of those watches. We were discussing before the show, why is it only these two models and why not the other ones back to the Apple Watch six, which also gives some sort of estimation of the bought oxygen level. Not really sure. We’re waiting for final information from Apple, I saw something interesting on Facebook, in an Apple Watch group, some people were saying, Oh, well, I’m just not going to update my Apple watch anymore. And that’s kind of risky to not update. First of all, you don’t get fixes for bugs and all that. But you don’t get security updates. To be fair, you don’t really browse the web on your Apple Watch. But but but you can get emails and look at them. And they could exploit vulnerabilities which might be able to access your iPhone. So as Josh will probably tell you right now, but he said before the show, if you really need a pulse oximeter go buy one, because they’re a lot more accurate.

    Josh Long 8:08
    Yeah. And they’re not terribly expensive either. I think you can find them for about 30 bucks. If you shop around online. If you need accurate information about your blood oxygen saturation, then you should be using a pulse oximeter anyway. And there’s not really any reason why you need that functionality in your Apple Watch. It’s a nice to have, because you’re wearing your watch all the time. And you don’t really want to have a pulse oximeter on the end of your finger all the time. But it’s not really a necessary feature like I would much rather have security updates and not have the blood oxygen saturation estimated, you know, here may not be accurate. By the way, we’ve talked many times about how Kirk’s blood oxygen readings from his Apple Watch are never accurate. They always show like that he’s in the 80s, which doesn’t make any sense.

    Kirk McElhearn 8:55
    My latest reading today was 88%. I would be blue and gasping for breath if it was 88%.

    Josh Long 9:00
    Yeah, it’s not accurate. By the way, I checked with my my wife the other day, who has a Series Nine, that hasn’t gotten this potential update that might get pushed out to it. And hers, I think showed 93%. So which which is also very low, like you would expect it to be 98% Usually, or somewhere around there for a healthy person.

    Who sells more phones globally, Apple or Samsung?

    Kirk McElhearn 9:22
    Yeah, I don’t know what it is. I don’t have tattoos. I’ve seen that people who have tattoos in that part of their wrist have trouble and some of them actually, the the heart rate sensor doesn’t work either. I think it’s because of the metal in the ink in tattoos of certain tattoos. I don’t believe that they’re optimized with dark skin. And this is a problem with pulse oximeter is in general, that they’re only tested on white people. It’s kind of like Apple adds this little gadget and people think it’s really going to be useful. And then they’re checking every now and then. Oh my God, my blood oxygen is really like a 99% I’m so tough and then if it goes down, they get worried. It’s like they call those people that worried well, who have too many things. means to make them worried about potentially being sick. So don’t worry about it, update your Apple Watch. If you’re in the US, you’re going to lose a feature. Big deal. There was an interesting milestone in 2023. Apple has the lead in global market share for phones. Now this is interesting, because for a long time, it was Samsung and Samsung sells about 87 different models of phones that range in price from 50 bucks to 1000 bucks. And they’ve got all different types of phones, and they’ve got folding phones, and they’ve got flip phones, and they’ve got everything and yet Apple’s global market share has reached the number one spot in 23. And that’s just with, I want to say one phone, yes, they’re selling the Pro and the non Pro and the previous year. But still, it’s not they don’t have this wide range of phones from $100 to $1,000.

    Josh Long 10:49
    This is actually pretty interesting to see. I think Samsung had held the number one slot for something like 13 years if I’m not mistaken, to see Apple actually making that number one slot globally. That’s, that’s really a good sign for apple that a lot of people are really interested in buying iPhones.

    Kirk McElhearn 11:08
    It’s worth noting that Apple’s market share grew 3.7% last year and Samsung’s dropped 13.6%. That’s a huge drop. That’s not something that’s easy to explain. I don’t know enough about the smartphone market of phones other than the iPhone, but that’s a huge drop. Maybe people don’t want to buy Samsung’s anymore. Who knows?

    Josh Long 11:28
    They’re actually really good. They do have a lot of people buying them.

    Apple will allow app sideloading on iPhones in EU countries

    Kirk McElhearn 11:32
    Okay, one more bit of news before the break. Apparently Apple is going to split their app store into to satisfy the European Union’s requirement to allow third party app stores or side voting apps as what we like to say. So getting apps from other sources. So they’re going to split it into an EU store and a rest of the world store. Now we speculated about this many times when we said it would make sense for Apple to do this around the world. But apparently they’re going to cling on that you’ll have to take this app store out of my cold dead hands kinds of thing. But of course, since the technology is now available, since they’re prepared to split the App Store and to every other country could say if you can do it there, you can do it here.

    Josh Long 12:12
    Not only that, but this also implies that there will probably be ways that you can hack your phone to behave as though it were in the EU and have that additional functionality added even if you live outside of the EU, I would definitely expect that that’s probably something you’ll see tutorials about within the next couple of months after this new EU exclusive AppStore rolls out.

    Kirk McElhearn 12:37
    Well, you’ll need to have a payment method in the EU, you will need to have an Apple ID that’s linked to that region to one country in the EU. It’s not as simple as just taking your phone and going through a VPN.

    Josh Long 12:50
    You’re probably right about that. Most likely Apple is going to do something like that to try to as accurately as possible, tie it to the EU and limit it to the EU for now.

    Kirk McElhearn 13:00
    Okay, we’re going to take a break we’re going to talk about some more news that doesn’t involve Tom Cruise.

    Voice Over 13:06
    Protecting your online security and privacy has never been more important than it is today. Intego has been proudly protecting Mac users for over 25 years. And our latest Mac protection suite includes the tools you need to stay protected. Intego’s Mac Premium Bundle X 9 includes Virus Barrier, the world’s best Mac anti-malware protection, Net Barrier, powerful inbound and outbound firewall security, Personal Backup to keep your important files safe from ransomware. And much more to help protect, secure and organize your Mac. Best of all, it’s compatible with macOS Sonoma, and the latest Apple Silicon Macs. Download the free trial of Mac Premium Bundle X 9 from today. When you’re ready to buy, Intego Mac Podcast listeners can get a special discount by using the link in this episode’s show notes at That’s and click on this episode to find the Special Discount Link exclusively for Intego Mac Podcast listeners. Intego. World class protection and utility software for Mac users made by the Mac security experts.

    AppleCoin is not an Apple-sanctioned cryptocurrency

    Kirk McElhearn 14:21
    So should we call this segment Intego Scam Watch? Sure. Can we get some reverb on that? Intego Scam Watch because we’ve been paying attention to these scams and we know that for a lot of users. The scams are more of a threat than malware. In fact, because they use social engineering they come in through your email. They make you think something is really happening and you’re worried and you’re dangerous and you react. It’s an emotional thing. We’ve got three scams to talk about today. The first one is fake AppleCoin ads. AppleCoin. When I read this, I was surprised because I haven’t seen this. And I didn’t know that there was this thing called AppleCoin which apparently is supposed to be a form of cryptocurrency and it kind of looks like the back of an air tag and if it’s cryptocurrency then it’s not actually a piece of metal So, but anyway, there have been ads for this AppleCoin and this kind of follows a 2022 event that was streamed on YouTube and attracted 70,000 viewers. They’re trying to get you to buy AppleCoin and the EDD has the little apple logo says AppleCoin and it has Apple Pay coin right in your phone. Be sure to get absolutely free tokens to your wallet before listing on exchanges. Guys, Apple will never do cryptocurrency I will stake my reputation on that there are some things that Apple just doesn’t want to touch.

    Josh Long 15:39
    So if you see an advertisement on social media for something called AppleCoin, or anything that implies that Apple is endorsing any kind of cryptocurrency, don’t believe it. It’s not it’s not real, it’s a scam. Make sure you report anything that you see if it’s an ad or reply to a post. Make sure you report it as a scam.

    Invoice phishing scammers abuse a new legitimate invoicing service

    Kirk McElhearn 15:59
    A couple of months ago, we talked about the scam emails that said they were coming from Geek Squad which is what something that BestBuy uses, it’s like an extended warranty service. Just before we started recording, I got a new email from Geek Squad and the previous invoices were sent using QuickBooks. So they came from the domain People had set up accounts on QuickBooks, and they were using them to generate invoices. This one came from a domain called Housecall Pro. Housecall Pro is a service that lets you manage your home businesses and and handle scheduling, dispatching invoicing and payment collection. So the scammers have moved on from Intuit. And it could be that Intuit has been cracking down on these invoices. But they’ve now found another company which have you ever heard of Josh, I’ve never heard of them.

    Josh Long 16:46
    I have not heard of it before, but we looked it up. And apparently it’s also a legitimate invoicing service that is now once again being abused by these fake invoice scammers. So now we’ve seen QuickBooks, we’ve seen PayPal, and we’ve seen house call pro all being used and exploited to send fake invoices out to people on mass, that’s kind of a problem, make sure to watch for any kind of invoices that you don’t expect, and that you don’t think that you actually signed up for a service because more than likely, it’s a scam. And they’re just trying to trick you into calling a call center. And then they’ll walk you through a process and maybe hack your computer or who knows what they may actually try to steal money from your bank account by tricking you into logging into your bank to look for a transaction and then they tell you, Oh yeah, you don’t really need to hang out by your computer, just call me back in a little while just leave your computer on go, you know, do something else for a little while and call me back in a little bit. And in the meantime, they’ve maintained their connection to your computer. And now they’ll actually transfer some money out of your account. These are various things that can potentially happen with these types of scams. So be very careful because they can either steal your money or infect your computer and neither one of those is a good thing.

    Scammers are misusing Amazon delivery codes to steal packages

    Kirk McElhearn 18:13
    So today we have a trifecta in scams. And this one was in The Guardian this week, the Guardian is a British newspaper, grieving mother falls victim to Amazon one time password scam, we’ll skip the bit about grieving mother, she had ordered a MacBook Air and she was having it delivered to her father house. And here, when Amazon sends something to you that is of a certain value, they send you an email with a six digit code kind of like a one time code that you get over messages, kind of like a one time code that you get via text message that you have to give to the driver in order for them to give the package. The last time I got one of these was I bought a Lego set that was about 65 pounds. So $80 $90 not that expensive. And I think Amazon is choosing specific, either valuable items or other items. Because if you shake a box with a Lego set, you can tell what’s inside, right? And maybe they’re often stolen. So the driver came up, gave the package got that six digit code, when to tap it into a scanner said oh, the scanner is not working. I can’t give it to you. He took it back and left with it. Now it was marked delivered because he put the code into the scammer, and the person did not have the MacBook Air. Now the article says that Amazon issued a refund and promising investigation after Guardian money intervened. That’s the Guardian Service, consumer type thing. But I’m going to make a suggestion if you are in a country where Amazon uses these codes. Take a picture of the driver and the package when they deliver. Don’t give someone a code and then let them take a package back. Don’t ever do that. But even don’t trust them any. I don’t want to disable the Amazon drivers because a lot of them are good. But there are a lot of bad ones. I could tell stories but we don’t have time.

    Josh Long 19:48
    Now this is something that as Kirk was saying this only certain regions of the world do this kind of thing where they send you a code that you have to give to the driver here in California anyway, drivers Just you know, leave something on your porch. I’ve never in the past several years anyway, I’ve never interacted with an Amazon driver.

    Kirk McElhearn 20:08
    If you ordered a MacBook Air, they will leave it on your porch.

    Josh Long 20:11
    Now, that’s a good question. But I don’t know. And in that particular case, but other things of some value that I order from Amazon, they just leave things that have certainly cost more than, like, say $100 in a package. So yeah, I don’t know, maybe there’s a higher threshold. Either that or they just don’t do that in California for some reason, I don’t know.

    Kirk McElhearn 20:32
    So if you are worried about this, again, this is here in the UK, you can have Amazon packages delivered to other places. In my case, it’s the local post office, or in some places is the Amazon locker. So supermarkets have lockers in front of them? Do they do that in the US? Yeah, they do have lockers in the US as well. So if you’re expecting something valuable, and especially if you you’re not at home all day, like me, I work from home might be a good idea to get things delivered like that. So it’s Google time. We’ve only got two things about Google today. We have a lot of things about Google last year. And I think when we got to the end of the year, was it eight zero day Chrome vulnerabilities in 2023?

    Google’s Chrome browser gets its first security update for 2024

    Josh Long 21:09
    Yes, that’s correct. It was eight zero day vulnerability, so actively exploited vulnerabilities that affected Google Chrome as well as all of the other chromium based browsers. So Microsoft Edge brave of all the opera etc.

    Kirk McElhearn 21:23
    Well, we have the first zero day Chrome vulnerability of 2024. Yay, can we get an applause sound back there, too.

    Josh Long 21:30
    We already have one, and we’re only halfway through January.

    Kirk McElhearn 21:33
    Now, if it continues at this frequency, we could have a total of 24 in the year, but I don’t think it’s going to be one every two weeks.

    Josh Long 21:40
    It doesn’t always work out that way. We had some like, they tended to be like kind of in clumps, I noticed that they’re kind of tended to be clustered together throughout the past year. So we’ll see how it goes this year. The main thing you need to know as always is if you have Chrome or any other chromium based browser, you need to make sure to check for updates. So do that now. If it prompts you to update, make sure to install that update right away.

    Google Chrome’s Incognito Mode won’t prevent tracking and never has

    Kirk McElhearn 22:05
    Okay, Google recently settled a lawsuit that accused them of illegally tracking users even after they had activated Chrome’s Incognito Mode, according to The Verge. And they have changed the language about the Incognito Mode, they have added a sentence that says this won’t change how data is collected by websites you visit and the services they use, including Google. What’s the point of Incognito Mode if you’re not really incognito, and they’re collecting all this data about you?

    Josh Long 22:30
    Okay, it’s always been fairly clear, maybe not always. But certainly for a long time, it’s been fairly clear, if you actually read the text in the Incognito window, it’s, it’s fairly clear that you can still be tracked in certain ways. The whole point of Incognito Mode is so that your local browser doesn’t store the history of the sites that you’ve been when you’re in incognito. That’s pretty much it. You can still sign into your Google account when you’re in Incognito Mode. And if you do, well, guess what, Google still has access to all the Google sites that you visited, and your Google search history and everything else. While you were in that browsing session. It doesn’t do what some people might assume that it does. But if you actually read the fine print, I feel like it’s been kind of clear about that already.

    Kirk McElhearn 23:16
    Yeah, I think people have been led to believe that it’s more than it is because private browsing is how Apple calls it and Safari. And that word private is kind of related to the word privacy, which is a big weighted word for Apple. So understand that if you want real privacy, well, don’t use the internet, then you’ll be saved.

    Josh Long 23:37
    Well, yeah, that’s actually true, right? Because no matter what you do, there are ways that people can track you online. There’s cookies, even if you disable all cookies, which is going to break websites. By the way, even if you do all kinds of extreme things, there are still ways that people can track you from one site to the next. Kirk has mentioned before a website called, which is a great website to go to. If you think that you have wonderful, perfect privacy online, you’ll quickly realize that your browser profile might actually be unique or very close to unique. And there may be very few other people in the entire world who have a browser profile that looks exactly like yours. Now you might think, Well, I’m using Google Chrome, everybody uses Google Chrome. So therefore, I should look the same as everyone else. But the thing is, you’re using Google Chrome on a Mac, if you’re using a particular version of Google Chrome, you might have particular fonts installed. There’s actually a whole bunch of other things that websites can tell about you.

    Kirk McElhearn 24:39
    I’ll put a link in the show notes if you haven’t done it before. Go to I just did it again. And it says yes, you are unique among the 2,291,334 fingerprints in our entire data set. Now they’re showing Safari is only being used by 2.66% of people which isn’t a lot But it’s more that the people who are going to mi are less likely to be using Safari. English language is 76% my timezone is 30% of people, Mac OS is only 10%. So again, the people who are going to this website are more likely to be using Windows or iOS or, you know, Android or something like that. So, yes, there are plenty of ways that you can be tracked and once one gets eliminated, don’t worry, the advertisers will figure out new ways to track you.

    Users of Beeper mini banned from using Apple Messages

    Kirk McElhearn 25:30
    So I hope we are ending the Beeper mini saga today with this article pointing out that Apple has banned Beeper mini users who used Mac’s from the iMessage network. Now there was first Beeper Mini was supposed to work right away, then it was supposed to work, if you signed in with your Apple ID, then they figured out a way to make it work if you use someone’s Mac yours, or friend’s Mac. And Apple has always been spiteful, you know, there’s a sound that Apple added, I think in system seven called so sue me. Sosumi, which really means “so sue me”. And Apple has always been like that. And here they are getting back on anyone who used a Mac to try and connect to IMS. Another problem about this is you might have a friend who said, Listen, can I use your Mac to try this because I’ve just got a poor Android phone, I don’t have an iPhone, and I want blue bubbles, and you helped out your friend and you’re screwed. So I think it’s kind of sad that Apple actually did it. But you just got to don’t mess with this stuff. Apple is gonna get you.

    Josh Long 26:28
    And just for clarification, if you were running this Beeper software on your Mac, in order to forward things that are coming in through iMessage to an Android device, then apparently Apple can figure out that you’re doing that and now is going to ban your Mac from being able to access iMessage in the future. So that means that you won’t be able to get I message in the Messages app either. Presumably, that sounds like probably something you want to avoid. So yeah, just don’t use third party software to forward iMessages to your Android phone. It’s not worth it. It’s not worth it.

    Kirk McElhearn 27:06
    The whole paper money saga was quite interesting, actually, that they figured out a way to do something that they shouldn’t be doing. And then they got shut down quickly. I mean, if you remember it was I believe it on a Friday, they announced a new thing. I never got it to work with my Android phone. By the following week, when we recorded our podcast. Apple had already blocked it somehow. And then the next week, they came up with another way that Apple blocked and I guess the takeaway for Beeper is they got lots of publicity. A lot of people know who Beeper is, and maybe that’s going to be good for them. But I can’t see that it’s very valuable if the software that they were offering to sell to people that were going to charge $1 a month to use paper Mini has never worked so they look kind of like unreliable.

    Josh Long 27:52
    From Apple’s perspective in defensive Apple for a moment here. Apple can make the claim that Well, we did this for security reasons, right, because they can say Beeper was exploiting a flaw, we now understand that we have a flaw or had a flaw so we patched it. Therefore, we are preventing any third party software from trying to get a foothold into our sick, very secure iMessage system. That’s how Apple can frame this to say we’re not being anti competitive. We’re just trying to protect our users.

    Kirk McElhearn 28:25
    Okay, that’s enough for this week. Until next week, Josh, stay secure.

    Josh Long 28:29
    All right, stay secure.

    Voice Over 28:32
    Thanks for listening to the Intego Mac podcast, the voice of Mac security with your host, Kirk McElhearn, and Josh long. To get every weekly episode, be sure to follow us on Apple podcasts, or subscribe in your favorite podcast app. And, if you can, leave a rating, a like or review. Links to topics and information mentioned in the podcast can be found in the show notes for the episode at The Intego website is also where to find details on the full line of Intego security and utility software.

    About Kirk McElhearn

    Kirk McElhearn writes about Apple products and more on his blog Kirkville. He is co-host of the Intego Mac Podcast, as well as several other podcasts, and is a regular contributor to The Mac Security Blog, TidBITS, and several other websites and publications. Kirk has written more than two dozen books, including Take Control books about Apple's media apps, Scrivener, and LaunchBar. Follow him on Twitter at @mcelhearn. View all posts by Kirk McElhearn →