Leaderboard

Really? My 10yr old cheapo pos netgear wifi router had very reasonable support for a guest SSID with isolated networks. Google/Nest Wifi certainly does support the, I struggle to imagine any contemporary mesh wouldn't support this?? https://kb.netgear.com/31579/How-do-I-set-up-a-guest-network-on-my-Orbi-WiFi-System https://www.tp-link.com/us/support/faq/1460/ The benefit of doing this in a managed switch is you can have guest VLANs a even on the wired network, and then use 802.1X authentication on trusted devices, and any rogue unauthenticated device that is plugged into an RJ45 gets dumped onto an isolated guest VLAN. But honestly life is too short to be messing about with machine certificates on a home network, anyone that is doing this more power to you.

If you are thinking of Octopus, PM me for a referal code that will get you £50 credit.

In legal terms a court letter is deemed delivered next working day if a First Class postage was used and proof of postage was obtained from the Post Office counter (a free service). So what's good for a court is good for a member of the public or a solicitor. Picked that up from helping people fight parking speculative invoices.

You can hire chimney scaffolding, not something I've ever done or would want to do though. This is the sort of thing builders have used in the past for me. https://fossewayhire.com/type27p/chimney-scaffold/

So you need something measuring the inverter output and then putting exactly that much power to the TS immersion? You could do as above and put the diversion CT around the inverter output +ve wire so that it tries to divert exactly the solar amount. Problem is what then happens to any excess PV- this wouldn't then allow you to go back to 'normal' diversion without manually moving the CT back to your main incomer. But as you're effectively choosing to import energy to get your tank hot sooner, I go back to my previous point about just boosting the immersion when the sun is shining and getting the TS hot ASAP. Or if you don't need the TS hot immediately, turn off the oil boiler until the end of the afternoon. Might struggle if you're calling for heating from it and only using an immersion though.

I started at the ridge, fixed a strip of AT membrane in place with a batten (start of service void) then worked down the wall. All single handed. It does feel like trying to put up a massive tent from the inside. Scaffold down the middle to work from and reach the ridge, worked from planks and trestles lower down. If the service void battens don't line up with the self adhesive joints, tape with proper AT tape.

With PV, you could take a statistical approach. If it has produced for say 10 seconds, then you can look at the probability it will produce for the next 10 seconds. Then, after a minute, take that probability and use it to predict the next minute, while still gathering data at the 10 second interval. You could make it posh and start to predict power due to time of year i.e angles and altitude, length of day. It would not respond to variation as such, but may allow import limiting i.e. disconnect heavy loads from grid while still allow them to use PV power. Some kind of signal controlled grid isolator on, say, the immersion heater would be needed. This would allow other loads to draw from the grid while the PV is dedicated to one task. While also allowing any excess loads i.e.vacuum cleaner or kettle, to be still powered by excess PV i.e. greater that 2.8 kW

What I have done, takes about half an hour to set it up, but once up, life is easy. 600 quid well spent and it fits easily in the back of the C-Max.

Yes don't try DIYing a chimney repair. It may look from the ground that you can just stand on the ridge and do it, with your safety ropes, but have you ever been up on the ridge of a roof? You will likely find the chimney is a lot larger and taller than you expected and the pots are monsters. It really does need a proper platform to work from.

pay someone. There is no way you can do that using ropes as you will get them caught on the scaffold, plus you need to scaffold either side of the join which means on your neighbours property. Also, if you remove that join and make it watertight on your side and the neighbours leaks, you are liable !! And your insurers won’t help you as you will have caused wilful damage by neglect. For the sake of probably £1500 tops, it’s a couple of days job - probably longer to get the scaffold up and down !

Newark Copper will custom make whatever you want including much thicker insulation.

No issues, mine is also at the highest part of the system.

My hot water is off overnight then comes on at 6:30 at 50 C for showers. At 10:00 I drop the required temperature to 40 C and keep it there until 16:00 when it is set back up to 50 C. In both cases the "hysteresis" is set to 5 C so the water is not heated until it drops more than 5 C below the set temperature. All this is done using the scheduling function of my Therma V controller; you can choose your own times and values to suit If you wanted to wire-in another controller for DHW you would need a mains voltage to logic converter; somebody on this forum has done this. The main benefit of using another controller is that the Therma V controller does not have a 'Holiday' function and you need to delete (or modify) all programs in order to stop the DHW heating when away. At this time of year I use spare electricity from my solar PV to heat the water via my immersion heater. This is set to cut-out at about 72 C so on a sunny day I get enough hot water to last quite a while.

It would be tempting to remove the chimney altogether IMO. Your neighbours phone line is an issue with that, and they may not agree. I would get up there on a roof ladder first and gave a detailed look at it.

Nice one bud. That's a stroke of luck being able to get that job nipped so quick👍

I started myself and done a room...was long but today my mate helped who runs a company and brought 7 guys with him. Done full house nearly in a day. Maybe done 90% which has saved me maybe 2 months.

The diverter I use is a DIY build from a kit called a MK2 Diverter. I uses 2 CT clamps, one on the input to the meter and uses this to diverter any excess to a 3KW immersion heater and a second CT on the feed wire to the immersion heater to record the excess it sends to the immersion heater. It can handle up to 6kw so you can add a second immersion heater and the whole kit is controlled by a Arduino chip. So it can be reprogrammed to a different diversion strategy as long as you can keep to 2CT clamps. Here are the list of programs already available. https://mk2pvrouter.co.uk/downloads.html I have never used mine for anything other than the standard setup ie feeding a second immersion heater fed from the bottom of the hot water tank so its unlikely ever to trip the thermostat to stop it heating water. However I did read a thread recently which may include the answer to your need. https://community.openenergymonitor.org/t/arduino-based-mk2-pv-diverter-being-resurrected/11713/2 To quote from the thread The user whom I helped had just two systems - I think battery and water heating, and his problem was the two systems oscillated, stealing power from each other alternately. I suggested that he ran the wire feeding his immersion heater backwards through the grid c.t. of the other system, so its current in the main cable was cancelled out. So it knew nothing about the immersion heater, while the immersion PV system saw the battery charger as part of the normal house load, which automatically had priority. That solved the problem.

Think the turndown on an ASHP is 3 - 4 to 1. If you have a 5 kW heat pump you getting down to 1.5kW. Think the best boiler can do 17 to 1. But it starts at 30 plus kW, so can come down to sub 2 kW. That's why it important not to over spec a heat pump.

Put a standard render expansion bead at that joint.

I'm currently paying £14 per sqm for boarding and skimming. They have excluded window and door openings from the calculations. It includes installation of acoustic insulation in stud walls (not everywhere, just bathrooms and bedrooms). The skim finish looks excellent and there are slopes where the bedroom walls go into the ceilings (dormer windows) which I assume is more difficult. They also tidy up as they go, scraping plaster snots off the floor and bagging board offcuts. So I'm happy to pay a decent rate for premium work.

I'd heard that a slight thicker slab will act more like a slow release heatstore but never experienced in practice so could not comment further. Here's some prelim prices I had for screed if it helps for comparison, I think these are a bit on the high side though

Hire / buy an alloy scaffold tower that will get you to roof level. Million times better.

I sized my roof ladder so it sticks out beyond the roof by 2 feet or so, the angle of the ground ladder means the top will be enough in over the roof for a safe pass even using a standoff. You can position the standoff on a lower rung so the ladder only just misses the guttering. On the roof ladder I wrapped the bars that rest on the slates with pipe insulation to reduce risk of snapped slates as your weight does get concentrated on the one closest to you as you move up and down the ladder,

I power all my IP cameras using 'poor man's' PoE combiners/splitters like these that are just passive devices that utilise the spare cores of 10/100 Ethernet wiring to transmit power alongside the data: I've had around dozen in use for over 15 years without a single issue. To cut down on the number of PSUs required I double (actually triple or more) multiple cameras from one PSU (making sure to remain well within its current capacity limit of course).

I have no concerns as I use the cheaper, and more easily fixed Linux and MS OS's. I think the reason that Crapples seem less affected by malware and viruses is that the operators don't fiddle as they generally have no understanding of IT. They like the very basic features on offer, and don't have the imagination to use any other applications. List of Mac viruses, malware and security flaws Wondering how many viruses exist for the Mac? Here is a list recent Mac malware attacks, viruses for Apple computers, and security threats that Mac users have suffered By Karen Haslam Editor, Macworld JUL 22, 2021 6:32 AM PDT Despite Apple’s best efforts, Mac malware does exist, we describe some cases below. However, before you panic, Mac malware and viruses are very rarely found “in the wild”. From time to time you will hear of big profile trojans, malware, and ransomware that is targetting the Windows world, very rarely is this a threat to Macs. For example, the WannaCry/WannaCrypt ransomware that bought the NHS to its knees in May 2017 was only targetting Windows machines and therefore no threat to Macs. Luckily Apple has various measures in place to guard against such threats. For example, macOS shouldn’t allow the installation of third-party software unless it’s from the App Store or identified developers, as per the Security & Privacy settings, that you can access in System Preferences > Security & Privacy > General. If you were to install something from an unknown developer Apple would warn you to check it’s authenticity. In addition Apple has its own built-in anti-malware tool. Apple has all the malware definitions in its XProtect file which sits on your Mac, and everytime you download a new application it checks that none of those definitions are present. This is part of Apple’s Gatekeeper software that blocks apps created by malware developers and verifies that apps haven’t been tampered with. For more information read: how Apple protects you from malware. In 2020 malware on the Mac actually decreased, however, as you will see if you read on, Macs are not completely safe from attacks. To stay safe, we recommend you read our best Mac security tips and our round up of the best Mac antivirus apps, in which we highlight Intego as our top pick. Another thing to note is that the M1 Chip that Apple started using in Macs in November 2020 is considered more secure than Intel processors. However, malware has already been found on the M1 Mac, dubbed Silver Sparrow we have more information below. But if you are simply curious to know what Mac viruses are out there, or have been seen “in the wild” in this article we will endeavour to give you a complete list. We’ll start off with a list of what Malwarebytes says were the top Mac malware threats in 2020. Apparently these accounted for 99% of Mac malware detections. OSX.Generic.Suspicious 80.65% OSX.FakeFileOpener 13.19% OSX.ThiefQuest 1.96% OSX.BirdMiner 1.37% OSX.SearchAwesome 1.05% OSX.FakeAV 0.74% OSX.Honkbox 0.22% OSX.Dummy 0.15% OSX.Adwind 0.1% OSX.KeRanger 0.1% We’ll run through the above detections in the article below, but we’ll start off with the most recent Mac Malware. XLoader As we explain in Notorious XLoader malware now affects Macs – one of the most prevalent pieces of Windows malware has been confirmed to run on macOS. Check Point security researchers claimed in July 2021 that a Mac version of the XLoader malware had been around for some time. XLoader is a relatively new variant of the infamous Formbook, a program used to steal login credentials, record keystrokes, and download and execute files. XcodeSpy A Trojan hidden in Xcode projects in GitHub had the potential to spread among the Macs of iOS developers. Once installed a malicious script runs that installs an “EggShell backdoor”. Once open the Mac’s microphone, camera and keyboard can be hyjacked and files can be send to the attacker. The malware has been found in a ripped version of TabBarInteraction. Read more here: New Mac malware targets iOS developers Silver Sparrow Security firm Red Canary discovered malware targeting Macs equipped with the M1 processor. The malware is dubbed Silver Sparrow, and uses the macOS Installer Javascript API to execute commands. At the time of writing it’s unknown to what extent Silver Sparrow poses a threat. But worryingly, according to Malwarebytes, Silver Sparrow has already infected 29,139 macOS systems in 153 countries, most of the infected Macs are in the US, UK, Canada, France and Germany. It is unclear how many of these are M1 Macs. More details here: What you need to know about Silver Sparrow Mac malware. Pirri/GoSearch22 There is already adware targetting the M1 Mac. Based on Pirri and known as GoSearch22 it has been specially compiled for Apple’s ARM platform. Infected Macs will see unwanted adverts. More information here: M1 Macs face first recorded malware. Generic.Suspicious These accounted for more than 80% of cases, but rather than being one rampant case of malware, this is Malwarebytes name for any detection that was deemed to be suspicious behaviour. This could be an attempt to run concealed Python or a shell code, for example. FakeFileOpener Malwarebytes uses the name FakeFileOpener to describe apps that advertise PUPs (Potentially Unwanted Programs). These tend to be system optimizers. You might see a pop up suggesting that you don’t have software to open an app, for example, offering to help you locate such an app on the web. Or you might see a warning that you have been infected with a number of viruses inviting you to use an app such as Advanced Mac Cleaner, Mac Adware Remover or Mac Space Reviver. ThiefQuest (aka EvilQuest) ThiefQuest, which we discuss here: Mac ransomware ThiefQuest / EvilQuest could encrypt your Mac (Updated), was Ransomware spreading on the Mac via pirated software found on a Russian torrent forum. It started appearing in June 2020. It was initially thought to be the Mac ransomware – the first such case since 2017, except that it didn’t act like ransomware: it encrypted files but there was no way to prove you had paid a ransom and no way to subsequently unencrypted files. It turned out that rather than the purpose of ThiefQuest being to extort a ransom, it was actually trying to obtain the data. Known as ‘Wiper’ malware this was the first of its kind on the Mac. LoudMiner (aka Bird Miner) This was a cryptocurrency miner that was distributed via a cracked installer for Ableton Live. The cryptocurrency mining software would attempt to use your Mac’s processing power to make money. It started to appear in 2019. SearchAwesome OSX.SearchAwesome is a kind of adware that targets macOS systems. This malware was detected in 2018 and can intercept encrypted web traffic to inject ads. FakeAV This is a generic name for any type of malicious software pretends to offer antivirus for macOS. GravityRAT GravityRAT is an infamous Trojan on Windows, which, among other things, has been used in attacks on the military. The GravityRAT Trojan can upload Office files, take automatic screenshots and record keyboard logs. GravityRAT uses stolen developer certificates to bypass Gatekeeper and trick users into installing legitimate software. The Trojan is hidden in copies of various legitimate programs developed with .net, Python and Electron. We have more information about GravityRAT on the Mac here. XCSSET malware As of August 2020 this Mac malware is spread through Xcode projects posted on Github. The malware – a family of worms known as XCSSET – exploit vulnerabilities in Webkit and Data Vault. They seek to access information via the Safari browser, including login details for Apple, Google, Paypal and Yandex services. Other types of information collected includes notes and messages sent via Skype, Telegram, QQ and Wechat. More information here. OSX/Shlayer In February 2018 Mac users were being warned of a variant of adware that is infecting Macs via a fake Adobe Flash Player installer. Intego identifed it as a new variant of the OSX/Shlayer Malware, while it may also be refered to as Crossrider. In the course of installation, a fake Flash Player installer dumps a copy of Advanced Mac Cleaner which tells you in Siri’s voice that it has found problems with your system. Even after removing Advanced Mac Cleaner and removing the various components of Crossrider, Safari’s homepage setting is still locked to a Crossrider-related domain, and cannot be changed. Malwarebytes warns: “If you see a message in your web browser telling you that Adobe Flash Player needs to be updated, it’s almost certainly a scam.” If you do need to install or update Flash visit Adobe’s website. Since 31 December 2020 Flash Player has been discontinued by Adobe and it no longer supported, so you can be sure that if you see anything telling you to install Flash Player please ignore it! You don’t need it because nobody is using Flash anymore. It’s likely that you will come across the fake installer on BitTorrent sites, notes Intego. Intego VirusBarrier detects the various apps that would be installed by the fake Flash installer. These include a Chumsearch Safari Extension, Advanced Mac Cleaner, MyShopCoupon+, mediaDownloader, and MyMacUpdater. Unfortunately Shlayer does seem to keep reemerging. The most recent emergence wass a little worrying as it was appearing in Google search results. Intego discovered this new Trojan had been specifically designed to circumvent MacOS Catalina’s security measures because it launches an installation guide that guides the user through the steps necessary to install it. Intego reckons that one in ten Mac computers is infected with the so-called Shlayer virus! You can read more about this incident here. OSX/CrescentCore This Mac malware was found on several websites, including a comic-book-download site in June 2019. It even showed up in Google search results. CrescentCore was disguised as a DMG file of the Adobe Flash Player installer. Before running it would check to see if it inside a virtual machine and would looks for antivirus tools. If the machine was unprotected it would install either a file called LaunchAgent, an app called Advanced Mac Cleaner, or a Safari extension. CrescentCore was able to bypass Apple’s Gatekeeper because it had a signed developer certificate assigned by Apple. That signature was eventually revoked by Apple. But it shows that although Gatekeeper should stop malware getting through, it can be done. Again, we note that Adobe ended support for Adobe Flash on 31 December 2020, so this should mean fewer cases of malware being disguised as the Flash Player. OSX/Linker OSX/Linker came to light in May 2019. It exploited a zero-day vulnerability in Gatekeeper to install malware. The “MacOS X GateKeeper Bypass” vulnerability had been reported to Apple back in February, and was disclosed by the person who discovered it on 24 May 2019 because Apple had failed to fix the vulnerability within 90 days. OSX/Linker tried to exploit this vulnerability, but it was never really “in the wild”. OSX/NewTab This malware attempted to add tabs to Safari. It was also digitally signed with a registered Apple Developer ID. NetWire and Mokes These were described by Intego as “backdoor malware” with capabilites such as keystoke logging and screenshot taking. They were a pair of Firefox zero-days that targeted those using cryptocurrancies. They also bypassed Gatekeeper. backdoor” malware CookieMiner The CookieMiner malware that could steal cybercurrency was discovered at the end of January 2019. It was able to steal a users password and login information for their cyberwallets from Chrome, obtain browser authentication cookies associated with cryptocurrency exchanges, and even access iTunes backups containing text messages in order to piece together the information required to bypass two-factor authentication and gain access to the victim’s cryptocurrency wallet and steal their cryptocurrency. Unit 42, the security researchers who identified it, suggest that Mac users should clear their browser caches after logging in to financial accounts. Since it’s connected to Chrome we also recommend that Mac users choose a different browser. Find out more about CookieMiner Mac malware here. Mac Auto Fixer Back in August 2018 Mac Auto Fixer caused some concern among Mac users as it started popping up on Macs. It isn’t exactly malware, rather it’s what we call a Potentially Unwanted Program, which piggybacks on to your system via bundles of other software. Find out more about it, and how to get rid of it, in What is Mac Auto Fixer? Mshelper In May 2018 cryptominer app mshelper was targeting macOS. Infected users noticed their fans spinning particularly fast and their Macs running hotter than usual, an indication that a background process was hogging resources. You can expect such crypto currency miners to become more and more prevalent. MaMi In January 2018, the OSX/MaMi malware was first noticed by a Malwarebytes forum user and reported by Hacker News. In this case the malware routes all the traffic through malicious servers (those addresses), and that’s when it can intercept sensitive information. The program installs a new root certificate to intercept encrypted communications, according to Former NSA hacker Patrick Wardle. Wardle says: “Attackers can perform a variety of nefarious actions such as man-in-the-middleing traffic.” It can also take screenshots, generate mouse events, execute commands, and download and upload files, according to BGR. Dok Security analysis firm CheckPoint Software Technologies spotted a new OS X malware at the end of April 2017. Apple rushed to block it. The macOS Trojan horse appeared to be able to bypass Apple’s protections and could hijack all traffic entering and leaving a Mac without a user’s knowledge – even traffic on SSL-TLS encrypted connections. OSX/Dok was even signed with a valid developer certificate (authenticated by Apple) according to CheckPoint’s blog post. It is likely that the hackers accessed a legitimate developers’ account and used that certificate. Because the malware had a certificate, macOS’s Gatekeeper would have recognized the app as legitimate, and therefore not prevented its execution. Apple has since revoked that developer certificate and updated XProtect, it’s malware signature system. The attacker could gain access to all victim communication by redirecting traffic through a malicious proxy server, there’s more information about how the attack worked here. OSX/Dok was targeting OS X users via an email phishing campaign. The best way to avoid falling foul to such an attempt in the future is not to respond to emails that require you to enter a password or install anything. X-agent Back in February 2017 X-agent malware was discovered that was capable of stealing passwords, taking screenshots and grabbing iPhone backups stored on your Mac. The malware apparently targeted members of the Ukrainian military and was thought to be the work of the APT28 cybercrime group, according to Bitdefender. MacDownloader In February 2017 researchers found the MacDownloader software lurking in a fake update to Adobe Flash (which as we said above has now been discontinued). When the installer is run you’ll get an alert claiming that there is adware on your Mac. You’ll be asked to click to “remove” the adware, and when you enter your password on your Mac the MacDownloader malware will attempt to transmit data including your Keychain (so that’s your usernames, passwords, PINs, credit card numbers) to a remote server. Luckily the threat seems to be contained for now: the remote server it the malware tries to connect is now offline. The best way to avoid such attacks is to always check on Adobe’s site to see if there is an update to Flash you should be installing. The MacDownloader malware is thought to have been created by Iranian hackers and was specifically targetted at the US defence industry. It was located on a fake site designed to target the US defence industry (so likely not yourself). In this case the phishing attempt would have been activated via a Flash file, and since Apple has stopped Flash opening by default, again this is unlikely to have affected you. Fruitfly According to a report in January 2017, Fruitfly malware had been conducting surveillance on targeted networks for possibly two years. The malware captures screenshots and webcam images, as well as looking for information about the devices connected to the same network – and then connects to them. Malwarebytes claims the malware could have been circulating since OS X Yosemite was released in 2014. Pirrit Back in April 2016 OSX/Pirrit was apparently hidden in cracked versions of Microsoft Office or Adobe Photoshop found online. It would gain root privileges and create a new account in order to install more software, according to Cybereason researcher Amit Serper in this report. KeRanger KeRanger is still appearing on Macs despite the fact that it is extinct – Malwarebytes notes that the malware is no longer capable of encrypting files. Malwarebytes theorises that the only reason it’s still popping up is that a handful of people are testing to see if it it still detected. KeRanger is ransomware. Ransomware is, in general, a sub-category of malware that involves dodgy software sneaking itself on to your computer and then encrypting files against your wishes. You’ll then be left with two apparent options: never be able to access those files again, or pay the ‘ransom’ to decrypt them. (We discuss how to remove Ransomware here.) For a long time ransomware was a problem that Mac owners didn’t have to worry about, but March 2016 saw the appearance of the first ever piece of Mac ransomware – KeRanger – distributed along with a version of a piece of legitimate software: the Transmission torrent client. Transmission has since updated to remove this malware, and Apple revoked the GateKeeper signature and updated its XProtect system, but not before a number of unlucky users got stung. Palo Alto Network’s Claud Xiao and Jin Chen explain how KeRanger works: “The KeRanger application was signed with a valid Mac app development certificate; therefore, it was able to bypass Apple’s Gatekeeper protection. If a user installs the infected apps, an embedded executable file is run on the system. KeRanger then waits for three days before connecting with command and control (C2) servers over the Tor anonymizer network. The malware then begins encrypting certain types of document and data files on the system. After completing the encryption process, KeRanger demands that victims pay one bitcoin (about $400) to a specific address to retrieve their files. Additionally, KeRanger appears to be still under active development and it seems the malware is also attempting to encrypt Time Machine backup files to prevent victims from recovering their backup data. “Palo Alto Networks reported the ransomware issue to the Transmission Project and to Apple on March 4. Apple has since revoked the abused certificate and updated XProtect antivirus signature, and Transmission Project has removed the malicious installers from its website. Palo Alto Networks has also updated URL filtering and Threat Prevention to stop KeRanger from impacting systems.” Safari-get In November 2016 security company Malwarebytes started documenting Mac-targeted denial-of-service attacks originating from a fake tech support website. Like many Mac-targeted attacks, it depends on ‘social engineering’ or user error: you click a link in an email, and the malware is smuggled on to your Mac. This then triggers the attack. There are two versions of the attack; the one you get depends on your version of macOS. Either Mail is hijacked and forced to create vast numbers of draft emails, or iTunes is forced to open multiple times. Either way, the end goal is to overload system memory and force a shutdown or system freeze. (In fact, the real end goal is to get you to call a bogus Apple support number, whereupon you will presumably get charged to hear a fake solution by the people who caused the problem in the first place.) You can avoid this issue, fortunately, by updating macOS: Malwarebytes suspects that Sierra 10.12.2 includes a patch for this, since up-to-date machines were not affected by the problem in testing. SSL , Gotofail error This caused issues for Mac users back in 2014. The problem was with Apple’s implementation of a basic encryption feature that shields data from snooping. Most websites handling sensitive personal data use SSL (Secure Sockets Layer) or TLS (Transport Layer Security), which establishes an encrypted connection between a server and a person’s computer so that snoopers cannot read the traffic and extract information like credit card numbers or log-in credentials. If an attacker intercepts the data, it is unreadable. However, Apple’s validation of SSL encryption had a coding error that bypassed a key validation step in the web protocol for secure communications. There was an extra Goto command that hadn’t been closed properly in the code that validated SSL certificates, and as a result, communications sent over unsecured Wi-Fi hotspots could be intercepted and read while unencrypted. This could potentially expose user password, bank data, and other sensitive data to hackers via man-in-the-middle attacks. Criminals could also supply fake data that makes it appear an authentic web service has been cryptographically verified. These kinds of attacks are known as a man-in-the-middle attack and it is a form of eavesdropping in which a hacker makes an independent connection between a client and its destination server. The hacker is then able to relay messages between them, making the client and server believe they are talking to each other over a private connection. In order for this type of attack to be possible, the attacker would have to be on the same public network. Apple quickly issued an update to iOS 7 and iOS 6, but took longer to issued an update for Mac OS X, despite Apple confirming that the same SSL/TSL security flaw was also present in OS X. Read more about the iPad and iPhone security flaw here. Apple said it had a fix ready for OS X and would release it “very soon”. The fix came late the following night. Mac Vulnerabilties Not every Mac vulnerabilty is exposed, but it is these vulnerabilities that criminals use to hack Macs. Here we’ll run through some particularly concerning cases: Meltdown & Spectre In January 2018 Apple confirmed that Macs, iPhones and iPads were affected by flaws in Intel chips. Apple was one of a number of tech companies affected. The company highlighted that: “These issues apply to all modern processors and affect nearly all computing devices and operating systems.” The Meltdown and Spectre bugs could allow hackers to steal data. Meltdown would involve a “rogue data cache load” and can enable a user process to read kernel memory, according to Apple’s brief on the subject. Spectre could be either a “bounds check bypass,” or “branch target injection” according to Apple. It could potentially make items in kernel memory available to user processes. They can be potentially exploited in JavaScript running in a web browser, according to Apple. Apple issued patches to mitigate the Meltdown flaw, despite saying that there is no evidence that either vulnerability had been exploited. Apple advises that the best way to protect yourself from these vulnerabilities is to only download and install apps from trusted sources. The company states: “Exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store.” Zoom vulnerability Zoom is a video conferencing app and in June it was revealed that it was possible for users to be added to video calls without permission and the Mac webcam activated. This was also a “Zero-day” threat, where the vulnerability had been discovered in advance, and the developer who made the software notified, but after failing to act within the alloted 90-days, the vulnerability was publicised. According to Zoom the vulnerability was theoretical. However, it could have lead to those people who used the Zoom platform for video conferencing (which includes a fair few companies as you’ll see from the post below) having their web cam accessed. Following the public disclosure of the vulnerability both Zoom and Apple addressed the vulnerability. Read about How to stop people from accessing your MacBook webcam here. Word macro viruses PC users have had to contend with macro viruses for a long time. Applications, such as Microsoft Office, Excel, and Powerpoint allow macro programs to be embedded in documents. When these documents are opened the macros are run automatically which can cause problems. Mac versions of these programs haven’t had an issue with malware concealed in macros because since when Apple released Office for Mac 2008 it removed macro support. However, the 2011 version of Office reintroduced macros, and in February 2017 there was malware discovered in a Word macro within a Word doc about Trump. If the file is opened with macros enabled (which doesn’t happen by default), it will attempt to run python code that could have theoretically perform functions such as keyloggers and taking screenshots. It could even access a webcam. The chance of you being infected in this way is very small, unless you have received and opened the file referred to (which would surprise us), but the point is that Mac users have been targeted in this way. Mac users should still be fairly safe from macros thanks to a warning that appears on the screen should a user attempt to open a document containing macros. For more information about how Apple protects your Mac from security vulnerabilities and malware read: Do Macs need antivirus software.