Toronto’s Sick Kids Hospital Pwned By Ransomware…. But The Ransomware Provider Apologizes And Provides Free Decryption Software

Posted in Commentary with tags on January 3, 2023 by itnerd

We do indeed live in strange times. I say that because just before the holidays The Hospital For Sick Children which is also known as Sick Kids Hospital in Toronto was pwned by ransomware:

The Hospital for Sick Children (SickKids) is currently responding to a cybersecurity incident affecting several network systems and has called a Code Grey – system failure. The code went into effect at 9:30 p.m. on Sunday, December 18, and is ongoing.

The safety and well-being of our patients and their families is our top priority. All patient care is continuing and there is currently no evidence that personal information or personal health information has been impacted.

Upon learning of this incident, we immediately activated the hospital’s incident management command centre and launched an investigation to determine the nature and scope of the incident. At this time, the incident appears to have only impacted a few internal clinical and corporate systems, as well as some hospital phone lines and webpages. Downtime procedures have been activated where needed.

Now that’s pretty bad. But there is a plot twist. The ransomware used was LockBit which is ransomware as a service. Or put another way, if you pay LockBit, you can use their ransomware to pwn your target. The thing is that that according to Bleeping Computer, LockBit has terms of service, and whomever launched this attack on Sick Kids violated those terms of service:

As first noted by threat intelligence researcher Dominic Alvieri, two days after SickKids’ latest announcement, the LockBit ransomware gang apologized for the attack on the hospital and released a decryptor for free.

“We formally apologize for the attack on sikkids.ca and give back the decryptor for free, the partner who attacked this hospital violated our rules, is blocked and is no longer in our affiliate program,” stated the ransomware gang.

As for the terms of service the “partner” violated, here they are:

While the ransomware operation allows its affiliates to encrypt pharmaceutical companies, dentists, and plastic surgeons, it prohibits its affiliates from encrypting “medical institutions” where attacks could lead to death.

“It is forbidden to encrypt institutions where damage to the files could lead to death, such as cardiology centers, neurosurgical departments, maternity hospitals and the like, that is, those institutions where surgical procedures on high-tech equipment using computers may be performed,” explains the ransomware operation’s policies.

The stealing of data from any medical institution is allowed per the policies.

According to the ransomware gang, as one of its affiliates encrypted the hospital’s devices, they were removed from the operation, and a decryptor was offered for free.

I have to admit that I have never heard of this sort of thing happening. But here we are. And what makes this even more puzzling is this:

However, this does not explain why LockBit did not provide a decryptor sooner, with patient care being impacted and SickKids working to restore operations since the 18th.

Furthermore, LockBit has a history of encrypting hospitals and not providing encryptors, as was seen in its attack against the Center Hospitalier Sud Francilien (CHSF) in France, where a $10 million ransom was demanded, and patient data eventually leaked.

The attack on the French hospital led to referring patients to other medical centers and postponing surgeries, which could have led to significant risk to patients.

I am going to go out on limb and suggest that the attack on the French hospital might have attracted a lot of unwanted attention on the operators of LockBit. Thus when the Sick Kids incident happened, the LockBit operators might have decided that they quickly needed to walk that back. Regardless, this is one of those rare good news stories in a space where all I tend to report on is bad news.

1 Comment »

A Microsoft Teams Phishing Email #Scam Is Making The Rounds

Posted in Commentary with tags on January 3, 2023 by itnerd

Happy new year! And three days into the new year I have my first phishing scam that you need to be aware of. This one is the first that I have personally seen that leverages Microsoft Teams and starts with an email:

So let’s unpack this. If you look at the reply to address, it’s from a domain registered in Switzerland which is a bit different. That may be to gain your confidence if you’re paying attention to that sort of thing, which you should be. Or it could be a “throwaway domain” which the scammer is using. As from who it is sent from:

Well, that’s a bit suspect. Since this doesn’t match the reply to address, this is clearly a scam. But let’s see how far this goes.

If you click on the words “View / Download Sent File From Email Attachment”, which by the way you should never, ever do, you get this:

Well, someone spent a lot of time and effort putting this together as it looks like Microsoft would created. I also note that this web page has your email address automatically added and all you have to do is type in your password. That’s because the link that I referred to earlier has your email address embedded in it and there’s no way to change it on the web page. Thus this implies that this could be a targeted phishing attack called “spear phishing”. But what is clear is that the attack is to get your Office 365 credentials at the very least. There’s likely more to it than that. But I can’t tell you what that “more” is as when I typed in various bogus passwords, I get this error message:

Now it could be that it has captured your Office 365 credentials and someone is going to try them right away to pwn your Office 365 account, or it could be doing something more sophisticated. For example I can see a scenario where these are checked against Office 365 in real time. I’m thinking that it’s more likely the former. But given how phishing attacks have evolved over the last year, anything is possible.

As usual, my advice is that if you get one of these emails, delete it. Don’t click on anything. Just delete it and move on with your life.

Leave a comment »

Guest Post: EU businesses fined over €830 million for GDPR violations in 2022, Meta paid over 80%

Posted in Commentary with tags on January 3, 2023 by itnerd

The latest data analyzed by Atlas VPN reveals that as of December 2022, companies paid a total of €2.83 billion in 1401 cases for violating various data protection laws.

Out of that, GDPR fines in 2022 total €832 million, which is 36% lower than the €1.3 billion paid in 2021.

However, last year stands out not in the total sum fined but in the severity of the charges imposed on a single entity — Meta.

The data for the analysis was extracted from Enforcementtracker. Note that not all cases are made public.

While the heftiest sum charged for violations was recorded in Q3 of 2021, the third quarter of 2022 was also significant, as businesses were penalized €430 million. 

Meta fined hundreds of millions repeatedly

Distinctively, the majority of the penalties in 2022 were paid by a single tech behemoth – Meta. 

The Data Protection Commission (DPC), an authority for GDPR enforcement in Ireland, imposed a €405 million fine for Meta Platforms Ireland Limited (Instagram) on September 5th, 2022. 

Two issues were found with the processing of personal data pertaining to child users of Instagram. 

The children’s email addresses and phone numbers were publicly exposed when using the Instagram business account function, and Instagram profiles of kids were public-by-default.

Another hefty sum of €265 million was penalized to the same entity on November 25th, 2022, when the DPC declared that Meta had infringed two articles of the EU’s data protection laws after details of Facebook users from around the world were scraped from public profiles in 2018 and 2019.

Moreover, the DPC issued a “reprimand and an order” forcing Meta to “bring its processing into compliance by executing a range of specified remedial activities within a specific deadline”. 

Meta complied and made the adjustments within the required timeframe.

To date, Meta has paid around €1 billion for GDPR violations.

To read the full article, head over to: https://atlasvpn.com/blog/eu-businesses-fined-over-%E2%82%AC830-million-for-gdpr-violations-in-2022-meta-paid-over-80

Leave a comment »

Apple AirTags Help To Catch Untied Airlines Lying About Missing Luggage

Posted in Commentary with tags on January 3, 2023 by itnerd

Airlines really need to improve how they handle passenger baggage. I say that because with the invention of the Apple AirTag, they’re going to be caught out if they are not telling the truth about how passenger baggage is handled by them. Case in point is this situation with United Airlines. Valerie Szybala thought she made the right choice when she accepted United Airlines’ offer to deliver her delayed luggage. But apparently, United lied about where her bags were. As a result she took matters into her own hands and documented the experience on Twitter.

I encourage you to read the entire thread as it really documents some really shady behaviour by United Airlines. Szybala repeatedly informs customer support that she has found the location of the luggage because of her AirTags. When support finally acknowledges this, they still repeat that she is wrong, the “bag is safe at the Delivery services distribution center.” But what is worse is the fact that there were other bags there. Which means that other United passengers have had their bags meet a similar fate. Another point is the fact that whoever was at the keyboard of the United Airlines Twitter account did a horrible job of customer relations. The thing that really gets on my nerves is the United Airlines employee saying “calm down” which is just the absolute worst thing that they could say.

United Airlines has yet to publicly comment on the case of the missing luggage, beyond Szybala’s initial interaction with United’s customer support chat. In a statement to The Independent, United Airlines said:

“We are working with our baggage delivery vendor to understand the details of this situation.”

That’s a BS response. But not surprising as United Airlines is in deep trouble here and they know it. It will be interesting to see how they do respond because the way this story has gone viral, it won’t be going away. In the meantime, I would recommend that if you’re in the Apple ecosystem, I would buy AirTags and put them into everything when you are travelling across town or around the world. Because as evidenced this example, you can’t be too careful.

Leave a comment »

Apple Is “Concerned” About iPhone Sales…. Here’s How I Would Fix That

Posted in Commentary with tags on January 2, 2023 by itnerd

The days of Apple being able to release an iPhone and having it sell like crazy are clearly over. I say that because on top of Apple having the iPhone 12 mini and iPhone 13 mini being sales flops, reports surfaced that the iPhone 14 Plus is facing similar sales headwinds. This is a big problem for Apple as they are addicted to iPhone sales like a crack user addicted to…. well crack. But I do have a solution for this which I’m going to share with you. But before I get to that, some background.

Once upon a time, you only had one iPhone. And your choice was how much storage you wanted to get with it. That made the purchasing process simple. But then Apple decided that it wanted to go downmarket and offer a cheaper iPhone. That was the iPhone 5C. Then Apple wanted to compete with Android phones that had a bigger size option. That debuted with the iPhone 6 and 6 Plus. Then Apple decided to be in every possible phone price category possible. That’s when you started to see iPhones like the iPhone XR and the iPhone SE. Then the iPhone Mini made an appearance after people said that iPhones were too big.

The thing is, that’s problem number one. Problem number two is pricing. Take the iPhone SE for example. It’s more expensive than cheap Android phones, many of which come with bigger OLED screens with above 60 Hz refresh rates. Or take the iPhone 14 Plus. Why buy that if you can get a “Pro” iPhone for not much more money? Here’s a different look at that. Take what Apple did this year with the iPhone 14 lineup. Two phones had last year’s A series processor in it. The “Pro” phones had the new A series hotness. But the pricing was exactly the same which makes no sense. If Apple really wanted to go that route, what why should have done is lower the price of the iPhone 14 and 14 Plus so that there was more of a separation between the two. Because many people I have spoken to feel that Apple was not only trying to “force” people to buy the “Pro” models, but they were also trying to maximize the profits of those who bought the non-“Pro” models by using tech that they had already paid down last year.

The bottom line is that Apple has created a product and pricing strategy that makes zero sense. And now it’s coming back to bite them in the posterior. But this is fixable. And here’s what I would do to fix it:

  1. Starting with the iPhone 15, sell only the “Pro” versions: What this does is get rid of the confusion of having four models and takes away the perception that Apple is profiting off of tech that they have already paid down. Thus Apple needs to only sell what would be the iPhone 15 Pro and Pro Max in 2023. That way consumers are choosing the size of phone they want and the storage that they need. And they all the latest and greatest tech as part of the deal.
  2. The entry level iPhone 15 needs to start well below $1000 USD: While Apple was the first company to make a $1000 smartphone, that’s no longer sustainable. To better compete with Android phones like Samsung’s flagships, they need to drop what would be the iPhone 15 Pro to about $900 USD. That way it makes the iPhone a far more compelling option.
  3. Apple needs to blow up the iPhone SE and start from scratch: The iPhone SE is a bit of a joke in the line up at the moment. Because at $449 USD with what it comes with, the only thing compelling about it is the processor. Everything else isn’t that great and is not competitive with cheap Android phones. Thus Apple needs to redo the iPhone SE to make it sub $400 and give it a bigger screen (5.8″ would be a good size. Bonus points if they could go OLED but that might be a bit of a stretch) for starters along with Face ID. Also, they need to improve the camera hardware enough so that it can be more of a compelling value. All of this can be done by reaching into the parts bins of previous iPhones to put something together. They just have to be willing to pull that trigger.
  4. Sell previous models to fill in the gaps: To fill in the gap between the iPhone SE and the iPhone 15 Pro, Apple can continue to sell the previous models like the iPhone 14 and the iPhone 13 at steep discounts. That way they can hit the price points that they need to.

Simplifying the lineup and introducing more value would go a long way in terms of Apple’s issues with the iPhone. And if they wanted some extra credit, they should copy and paste a version of this into their laptop lineup as that’s starting to have the same look and feel of Apple’s iPhone lineup. For example, if you get a M2 MacBook Air with 16GB of RAM and 512GB of storage, you’re within spitting distance of a 14″ MacBook Pro in terms of price. And the MacBook Pro is much better computer. So why buy the MacBook Air? But what do you think? Am I out to lunch here, or are there further Tweaks to be made here? I’d love it if you leave a comment and share your thoughts below.

Leave a comment »

Twitter Is Being Sued For Not Paying Rent

Posted in Commentary with tags on January 1, 2023 by itnerd

I suspect that in the coming days, this will be a story that repeats itself. I say that because as you might be aware, Twitter isn’t paying rent in the buildings that it occupies on the orders of Elon Musk. At the time, I said this:

If Elon wants to get sued out if existence, this is a great way to do it. Not paying your rent and not paying severance at the very least will be expensive. And I am pretty sure that in the worst case, some government or law enforcement agency would investigate this to see if it’s illegal.

Well a lawsuit has been filed over Twitter not paying rent:

Twitter Inc. was sued for failing to pay $136,250 in rent for its office space in San Francisco.

The landlord, Columbia Reit – 650 California LLC, says it notified Twitter on Dec. 16 that it would be in default on its lease for the 30th floor of the Hartford Building in five days unless the rent was paid. The tenant failed to comply, Columbia Reit said in the complaint, filed Thursday in state court in San Francisco.

Twitter hasn’t paid rent on its headquarters, or any of its other global offices, in weeks, the New York Times reported on Dec. 13. The company was also sued earlier this month for refusing to pay for two charter flights.

Twitter, which doesn’t have a media department, didn’t respond to a request for comment.

Lawsuits are expensive and I think that Elon is about to find out that it would have been cheaper to pay rent than to not pay rent and dare landlords to sue him. And now that lawsuit number one has been filed, I fully expect others to come thick and fast. And Elon will want to reexamine his life choices as a result.

Leave a comment »

My Favourite Tech Of 2022

Posted in Commentary on January 1, 2023 by itnerd

Because I cover and review tech, I come in contact with a lot of products. But only a handful of them really got my attention over the last 12 months. So in no particular order, here’s what caught my eye in 2022:

Apple Watch Ultra: Finally, Apple addressed most of the criticisms that many Apple Watch users had. There’s a new design that looks completely different from every other Apple Watch. There’s longer battery life and a bigger screen. And most importantly, it’s more durable. While it’s not a “Garmin killer”, it does give an incentive for Apple Watch users not to defect to Garmin if they need a more sports focused Apple Watch.

TCL 50″ Class 5-Series 4K QLED Dolby Vision HDR Smart Roku TV – Model 50S535-CA: Good TV’s don’t have to cost a lot. And the TCL Class 5-Series TV is an example of that. You get a TV with real HDR hardware in it along with the Roku TV platform at a good price. That makes this TV a good option for those who want good picture quality and don’t want to spend a pile of money to get it.

Mujjo Full Leather Case For iPhone 14 Pro: You could argue that an iPhone case is an unusual addition to this list. But this is a very well crafted and well designed iPhone case that adds some stile to your iPhone. It’s pretty clear that a lot of time and attention went into this case. Which means that you’ll get a lot of positive comments every time you’re seen with it.

Ekster Carbon Fibre Cardholder: This isn’t tech as such as it falls into the everyday carry end of the spectrum. But having a cardholder that is super light and super stylish for daily use is really great for me as I don’t notice that the cardholder is in my pocket. As a result, I’ll never go back to the “dad wallet” again.

Kensington Pro Fit Ergo Vertical Wireless Mouse and DeltaHub Carpio 2.0: These two items have changed how I work at my desk. I say that because this combination has taken away the stress on my wrist that I’ve had when using your typical traditional mouse. If you’re someone who has had wrist issues when using mice, I highly recommend giving this combo a try as it’s worked wonders for me and it might do the same for you.

Is there a particular piece of tech that caught your attention in 2022? Please leave a comment and share your thoughts.

Leave a comment »

2022: Year In Review

Posted in Commentary on December 31, 2022 by itnerd

At this time of year I like to look back over the past 365 days and pick out the stories that really got my attention. This year has been only marginally better than 2021, which is another way of saying that the focus on the entire planet was still understandably elsewhere. Having said that, here’s what happened in tech this year:

  • Twitter And Elon Musk: Elon Musk bought Twitter. Though he did try to weasel his way out of buying Twitter and only bought it when he was forced to. He then promptly fired all the staff and started doing things that drove advertisers running for the exits and users to other social media platforms. Most notably Mastodon. I won’t go over all the rather insane things that he’s done, but it’s exposed him as not being the genius that he and others bill him as. Not to mention that his actions at Twitter have tanked Tesla’s stock value. In 2023, I fully expect Elon to continue on the suicide mission that he and Twitter seem to be on which will eventually lead to the death of Twitter.
  • My Exit From Twitter: Seeing as I refuse to be on a platform that has swung towards hate and intolerance due to Elon’s love affair with his version of “free speech”, this will be my last official post on Twitter. From now on I can be found on Mastodon at @The_IT_Nerd@NOC.Social. If you’re as disgusted at Elon as I am, consider this your invitation to move to someplace more sane.
  • Rogers Shuts Down Canada: Early in July, Rogers had a catastrophic failure of its entire infrastructure that basically created the digital equivalent of a snow day for those who work from home, as well as taking down bank machines, payment terminals, cell phones, 9-1-1 service, and businesses across the country. As you could expect, this really got a lot of people mad including the federal government who not only demanded answers but action to ensure that this couldn’t happen again. It also forced Rogers to go on a major charm offensive to convince Canadians that they could be trusted after such a massive fiasco. I fully expect that Rogers will still have to be on that charm offensive as months later, I still have my clients and other making less than positive comments about Rogers.
  • My Exit From Rogers: Constant issues before the July outage, as well as one more outage drove my wife and I to Bell for our telco services. Now we’re not fans of Bell because of their hyper aggressive sales tactics as well as their craptastic customer service. But until Rogers gets its reliability issues under control, and actually offer a product that is competitive as what Bell has been offering for years, Bell is the better option for us.
  • The Rogers/Shaw Merger Drags On: The Rogers/Shaw merger which was supposed to close early this year has dragged on for months and even took a trip to the Competition Tribunal after the Competition Bureau opposed the deal due to the fact that it removes completion and will likely result in higher prices for Canadian Consumers. As I type this, this decision is being appealed. Thus this story will continue into 2023.
  • Apple’s China Connection Becomes A Huge Problem: Fun Fact, Apple makes a lot of their problems in China. And that became a huge problem this year as COVID lockdowns in the country limited Apple product deliveries to customers. It also didn’t help that videos of workers for Apple contract manufacturer Foxconn surfaced of workers rioting to escape the Foxconn iPhone Plant because of bad working and living conditions. That led to Apple trying to get out of China at the end of the year. We’ll see if that works for them in 2023, and we’ll also see if this creates issues for them on the balance sheet as well as in the public eye.
  • The Pwnage This Year Was Beyond Epic:Last year was a record year of everything getting pwned by threat actors. This year it was even worse. And that’s not good. I fully expect 2023 to be worse yet unless we all wrap our heads ASAP around making the digital world a safer place.

And now for some stats. The top ten countries that visited my blog in 2020 are:

  1. Canada
  2. United States
  3. United Kingdom
  4. India 
  5. Norway
  6. Australia
  7. Philippines
  8. Germany
  9. France
  10. Signapore

In all almost just over 1.3 million page views were served up this year. That’s slightly up from last year and I feel really good with that number.

And in terms of the top ten stories that were viewed this year:

  1. WARNING! A New Text Message #Scam Involving TD Bank Is Making The Rounds [UPDATED x2]
  2. Review: Bell Home Hub 4000
  3. Here’s How The Last 4 Digits Of Your Credit Card Can Be Used To Commit Fraud
  4. How To Configure PPPoE Bypass On The Bell HH4000 Hardware
  5. Revisiting How To Bypass Bell’s HH400 Hardware With Your Own Router… Along With Some Commentary About ASUS And Bell
  6. Don’t Fall For This Interac Scam That Is Delivered By Text Message [UPDATED]
  7. Hey IT Nerd! Can I Get Rid Of The Check Engine Using A Scan Code Tool?
  8. WARNING: A Geek Squad #Scam Is Making The Rounds
  9. How To Move Your E-Mail And Contacts Off The Rogers Yahoo/Oath E-Mail Platform
  10. Review: Bell Fibe 1.5 Gbps FTTH Internet

The first thing that I notice is that four of the top ten items relate to Bell. That includes two stories on how to bypass the Bell hardware to use your own gear as Bell doesn’t have a proper bridge mode in their hardware. Perhaps they need to take the hint and implement that as this is clearly something that their customers care about. Scams make up another four spots in the top ten. And surprisingly, only one story about Rogers is in the top ten. Though it’s about how to get off their email platform. Which might be a hint that their July outage related issues may still be an issue for Rogers in 2023 as you would not be looking for a way to get off their email platform if you were not looking to dump Rogers as your email provider or your telco.

Now if you have something that you think that should be on this list, leave a comment with your thoughts. Happy new year (hopefully)!

Leave a comment »

Good News! Canada’s Competition Bureau Will Appeal Today’s Rogers – Shaw Decision

Posted in Commentary with tags , on December 30, 2022 by itnerd

This morning I was not hopeful about the chances of Canadians getting a positive outcome in terms of the Rogers – Shaw merger decision from last night. But there’s hope as news is out that the Competition Bureau is appealing the decision:

The Competition Bureau is appealing the Competition Tribunal’s dismissal of its case against Rogers Communications Inc.’s $26-billion takeover of Shaw Communications Inc., the companies said as they expressed their disappointment in the move.

The telecommunications companies said Friday that they were informed of the bureau’s intent to appeal the tribunal’s decision, released late Thursday. They said they were alsot told that the bureau will apply for an injunction to block the deal from closing until an appeal is heard.

“We are deeply disappointed that the Commissioner continues to attempt to deny Canada and Canadians the advantages that will come from these proposed transactions,” the companies said in a joint statement.

The Competition Bureau did not immediately respond to a request for comment. Commissioner of Competition Matthew Boswell said in a statement late Thursday that he was very disappointed by the tribunal’s dismissal and was carefully considering next steps.

It’s bad news for Rogers and Shaw. But it’s good news for Canadians as this is a bad deal for Canada and must be stopped. Thus I am hopeful that this deal will be stopped so that Canadians don’t end up getting shafted as a result.

Leave a comment »

Apple Has Released Advanced Data Protection…. Here’s Why Most Of Us Don’t Need To Switch It On

Posted in Commentary with tags on December 30, 2022 by itnerd

Long time readers of my blog will know that I have always argued that you should have the right to encrypt everything if you should choose to do so. But the title of this post may make you think that I have flipped to the other side of that argument. In fact, it hasn’t. Let me explain.

With the release of iOS 16.2 and related macOS, iPadOS and watchOS releases, Apple has released Advanced Data Protection. This is meant to do the following:

Advanced Data Protection for iCloud is an optional setting that offers Apple’s highest level of cloud data security. When a user turns on Advanced Data Protection, their trusted devices retain sole access to the encryption keys for the majority of their iCloud data, thereby protecting it with end-to-end encryption. For users who turn on Advanced Data Protection, the total number of data categories protected using end-to-end encryption rises from 14 to 23 and includes iCloud Backup, Photos, Notes and more.

Now your first thought is going to be “my iCloud data wasn’t end to end encrypted?” And the fact is that not all of your iCloud data was end to end encrypted. Without Advanced Data Protection turned on, iCloud end to end encrypts 14 sensitive data types such as passwords in keychain, health data, payment information, messages in iCloud, Apple card transactions, Home data, and much more. But that list goes up to 23 data types if you turn on Advanced Data Protection. You can find a list of what is and isn’t end to end encrypted here. The key thing is to look for the words “end-to-end” in the list.

So at this point, you might be thinking that more of your data is going to be end to end encrypted, this is a feature that you should turn on. Right.

Not so fast.

Here’s the thing about Advanced Data Protection that you need to know before you flip that switch. Apple makes you solely responsible for your encryption. Or put another way, because Apple will not have the keys required to recover your data, you need to set up an alternate recovery method, such as a recovery contact or recovery key in case you ever lose access to your account. And if you lose access to that alternate recovery method, you’re screwed because Apple cannot help you to get your data back. Nor can anyone else.

So with that in mind, should you turn on Advanced Data Protection? My answer would be no for the vast majority of you. And I include myself on that list. Why? Simply put, I am currently not a high value target for hackers or nation states who would see the data on my devices as being of significant value for them to acquire. And on top of the fact that Apple’s default security model works fine for me, encryption can make it harder for you to recover data should you need to as you would have to hop through extra hoops with little assistance from your local Apple Store or Apple’s phone support to help you. Thus I would argue that for the vast majority of you, Advanced Data Protection should remain turned off.

Having said that, you might want to consider Advanced Data Protection if you fall into one of these categories:

  • Politician
  • Journalist
  • Activist (human rights activist for example)
  • High probability of being a target of law enforcement

I am sure there are more categories, but I think you get the point. The fact is that these are the types of people that Advanced Data Protection was intended for because they are at high risk of getting pwned by hackers, nation states and other threat actors among other types who would want access to the data that’s in iCloud or on their iPhones or MacBooks. The other 95% of us should not touch this feature. But if you feel that you need to enable this feature, Apple has this support document that describes how to do it. But honestly, I would think long and hard before you go down that path. Because while I am glad that Advanced Data Protection is there, most of us don’t need to use it. And it may create more problems for you than it solves.

Leave a comment »

« Older Entries
Newer Entries »