Happy Surprise with an OS Update – iOS 10.3

Many times when you do an OS update, you get a bad surprise. You may find out that some of your apps are incompatible, or the new OS slows down your device, or it takes up valuable storage space on your hard drive.

When I upgraded to iOS 10.3 I had a surprise, but it was a good surprise — I gained storage space. When upgraded my 16 GB iPhone 6, I went from about 1 GB of free space to over 3 GB free.  When I upgraded my iPad, I freed up over 2.5 GB of storage space. What was it that gave me the extra space?

Say Hello to APFS

With iOS 10.3, Apple introduced a new file system. Gone was HFS+, a file system that has been around since 1998. In its place is APFS, the Apple File System. The file system is the organizing principle behind placing data on your hard drive. Apple has jury-rigged HFS+ over the years to adapt to Macs, iPods,  iPhones, iPads, and Apple Watches. Apple created the new system from the ground up. It includes many improvements beyond the more efficient use of drive space. If you want to find out more, here’s a Cult of Mac article with more details.

The new file system comes automatically with the iOS 10.3 update. This improvement, as well as other features in the new OS, make it a desirable update. For some reasons you may not want to do the update, see the GottaBeMobile website for an article that has eight reasons to install the update (the storage improvement is one), and four reasons you may want to hold off.

WordPress Patches Security Bugs in 4.7.3

Running a WordPress site (like this site)?  Make sure you update to WordPress 4.7.3 (like this site.) According to WordPress, the update fixes six important security bugs, including three cross-site scripting bugs that could allow hostile code to run on your WordPress site. The update also includes  39 regular maintenance releases. If you have automatic updates enabled (like this site) then you have probably been updated. If not, you want to go to your dashboard and do a manual update.

Find Out More

See the WordPress support bulletin for more details on the bugs, and credit to the people who reported them.

What bugs get fixed in the iOS 10.2.1 Update?

There are quite a few security bugs fixed in the iOS 10.2.1 update that Apple released on January 23. iPad and iPhone users should install this right away to patch a number of security holes. These include a bug that allowed malicious content to be loaded via a bad Contacts card, a couple of bugs in the kernel that would allow bad code to be run, and a number of fixes to the WebKit. You can read Apple’s list of bug details at https://support.apple.com/en-us/HT207482, According to Wired Magazine, “iOS 10.2.1, though, protects against a wide range of potentially devastating attacks.”  This is a bug fix release, it doesn’t add any new features to iOS.

Router Flaw Leaves Big Hole in Cyber Defenses

According to this article at Ars Technica, routers supplied by a number of European Internet providers leave an open port that would allow outside access. The reason for the open port was probably so that the ISPs could perform maintenance and upgrades. An unintended consequence is that attackers could exploit this open port to do bad things. Attacks on “Internet of Things” is one exploit that seems to be happening.

The port in question is 7547. If you manage your own router, you may want to check if this port has been left open or not. Router manufacturers such as Linksys, D-Link and Netgear are not mentioned (Zyxel and Speedport are mentioned) but it wouldn’t hurt. At the very least, I hope you aren’t still using the default manufacturers password for your router. Given the large number of routers out there (and not wanting to specify which one I use) the only advice is to “Read your manual”.


Shop for Routers

Does Pokémon Go Create a Privacy Breach?

Yes, it does appear that initially Pokémon Go  could cause privacy problems, since it asks iOS for full access to a user’s Google account. (And Google has lots of information about you.) But independent tests seem to show that they only info that gets collected is your user ID and email address. The developer, Niantic, is changing the app so that it only asks for the basic information. So, it doesn’t appear that you have to worry about privacy issues – you only have to worry about stepping in front of a car or falling down an open manhole while walking down the street staring at your phone. Note that the Android version did not ask for all the privileges, so it doesn’t need fixed. See more details about this at Ars Technica.

Disaster Scams

Bad guys will take advantage of natural disasters, such as the recent earthquakes in Japan and Ecuador, to send out emails that allegedly have links to sites where you can donate to help the victims. In reality this may be a scam, and you may be donating to the bank accounts of these scammers. Not only that, following these links may also download malicious content to your computer. US-CERT has a number of steps you can take to stay safe – with possibly the number one step being not to follow a link that is an unsolicited email.