It’s governmental alphabet soup in this week’s issue of TidBITS! Adam Engst starts out by looking at the fuss caused by the FTC’s ruling that Apple owes up to $32.5 million in response to inadvertent in-app purchases by children. Then Josh Centers covers President Obama’s proposed reforms to the NSA’s intelligence-gathering programs and how various organizations grade his proposals. Next up, Geoff Duncan explains why a U.S. Court of Appeals has thrown out the FCC’s net neutrality rules, and the potential consequences for major Internet companies, small startups, and us. On the Take Control front, all our current books are half off this week, and the latest gaming-centric chapter of Josh’s forthcoming “Take Control of Apple TV” is now available for TidBITS members. If you’ve ever forgotten your administrator password, Alicia Katz Pollock suggests five ways to reset it, but beware what that does to your login keychain. Finally, in his latest FunBITS installment, Josh reviews UMoove Experience, which brings head-tracking to mobile gaming. Notable software releases this week include Typinator 5.8, Mailplane 3.1.2, Final Cut Pro X 10.1.1, and TextExpander 4.2.1.
Save 50% in Take Control’s Post-Holiday Ebook Sale
We felt like having a sale, but couldn’t find a good hook for it. Sure, last week in 1559 Queen Elizabeth I was crowned, in 1919 the Boston Molasses Disaster flooded Beantown’s streets, and in 2001 Wikipedia first came online, but a Queen Molasses Wikipedia mashup is just silly. So no hooks, just a straightforward 50-percent-off sale on all Take Control ebooks.
Through 25 January 2014, you can add any number of our ebooks to your Take Control library for 50 percent off. All books are DRM-free and available in PDF, EPUB, and Mobipocket (Kindle) formats, so you can read wherever, whenever, and on whatever device you like.
Some recent titles deserve special mention:
- This week, we plan to release a minor update to “Take Control of Your Passwords,” Joe Kissell’s best-selling title of 2013, and anyone who buys it during the sale will get the update for free. It and his “Take Control of Your Online Privacy” are must-reads in today’s age of high-profile password thefts from large companies, software that can guess 350 billion passwords per second, and revelations that the NSA may have weakened the Internet encryption technologies we use to protect our data. Stay safe out there!
- Last week, we updated “Take Control of CrashPlan Backups,” so it’s an ideal time to learn about Code 42’s popular Internet backup system, which we use and recommend for protecting data against disasters — fire, flood, theft — that will affect both your invaluable data and your local backups.
Two weeks ago, we released an update to “Take Control of 1Password,” the immensely popular password manager from AgileBits, and author Joe Kissell’s favorite in that field. If you’ve been wanting to bring coherence to your passwords with 1Password, now’s the time.
In December 2013, we published the second edition of Joe’s essential “Take Control of iCloud” and updated Sharon Zardetto’s “Take Control of iBooks” to help you manage your life in the iCloud and build your virtual library in iBooks on the Mac and in iOS.
Did you just get a new Mac, or will you be getting one soon? If your upgrade to 10.9 Mavericks includes switching from an older Mac (or Windows PC) to a new Mac, note that “Take Control of Upgrading to Mavericks” covers this scenario and offers valuable advice about migrating your user account.
Is your photo library expanding faster than you can manage it? In “Take Control of Your Digital Photos on a Mac,” Jeff Carlson offers time-tested tips and a custom workflow to help you import photos, judge them, apply keywords and other metadata, set up smart albums, and protect your irreplaceable images, whether you use iPhoto, Aperture, Lightroom, or Photoshop Elements.
We’ve used LaunchBar for years, and we love it even more after delving into its deep feature set while working on Kirk McElhearn’s “Take Control of LaunchBar.” Reading this book will teach you how to slice through clumsy interfaces to perform common Mac tasks with just a few keystrokes.
We’ve gone on long enough, but there are more gems available for 50 percent off in our catalog, making this a great time to stock your Take Control library with the ebooks that you can turn to for help in 2014. And remember, we don’t expect you to read cover to cover; instead, use the Table of Contents and Quick Start section to jump instantly to the topics that explain what you want to know.
Thanks for your continued support, and the many useful questions and kind comments you’ve sent over the years. And please, if you would do us a quick favor, spread the word about this sale to your friends and colleagues!
FTC Ruling in Apple In-App Purchase Case Generates Controversy
Cast your mind back several years to the days of iOS 4, when there was a flurry of news items about parents who had purchased iOS apps for their kids, only to discover that a 15-minute password caching policy was enabling those kids to make in-app purchases without parental oversight. I first wrote about it in “Be Aware of iTunes Password Caching” (14 July 2010) and Glenn Fleishman suggested some solutions in “Avoid Unwanted App Store and In-App Purchases” (5 October 2010), but it took roughly eight months before Apple fixed the problem, as I noted in “iOS 4.3 Now Prevents Inadvertent In-App
Purchases” (11 March 2011).
In that time, the complaints piled up, to the point where the Washington Post wrote about an 8-year-old who had racked up a $1,400 bill, the Washington State Attorney General complained about it to Apple, members of Congress criticized the company, and the then-chairman of the U.S. Federal Trade Commission promised to look into the situation. A class-action suit was filed in April 2011, and in February 2013, Apple settled that suit by agreeing to give affected customers a $5 iTunes gift card, a credit if the amount in question was over $5, or cash if
the amount exceeded $30. The total amount involved was never revealed.
We assumed the story had faded away, but it turns out that the FTC continued to investigate, and last week announced that Apple has agreed to refund consumers for those inadvertent in-app purchases, to the tune of at least $32.5 million. But if the class-action settlement had already resulted in refunds, why was the FTC still involved?
In a recent memo from Apple CEO Tim Cook to all Apple employees, Cook acknowledged the issue and revealed that Apple set out to refund all affected customers in 2013, presumably in response to the class-action suit. Apple sent email about this to 28 million customers, and followed up with postcards when email bounced, and ended up processing 37,000 claims (large numbers, but only a 1.3 percent success rate). Cook was clearly bothered by the FTC ruling, saying that it “smacked of double jeopardy,” but he said that since Apple was already going to do everything the consent decree required, it wasn’t worth a long and distracting legal
Was Apple really so virtuous, though? Why did it take Apple eight months to address the problem technically and a class-action suit before it got around to refunding customers, with no public statements about the topic in that time? In other situations, Apple has acted far more quickly — both technically, in response to security vulnerabilities like Flashback (see “Apple Releases Flashback Malware Removal Tools,” 12 April 2012), and publicly, as with the problems with iOS 6’s Maps app (see “Examining Maps in the Wake of Tim Cook’s Apology,” 28 September 2012). I can’t see that Apple deserves praise for handling this situation in
a timely fashion.
On the other side of the equation, is the FTC really standing up for consumer rights in a useful way? Apple did fix the technical problem long ago, and independently pursued refunds to affected customers, and yet the FTC persisted in the investigation that resulted in the consent decree, through multiple commission chairs. Perhaps that’s just the way things work in government agencies, though the four FTC commissioners were far from unanimous in the decision. Commissioner Joshua D. Wright issued a dissenting opinion, saying:
This is a case involving a minuscule percentage of consumers – the parents of children who made purchases ostensibly without their authorization or knowledge. There is no disagreement that the overwhelming majority of consumers use the very same mechanism to make purchases and that those charges are properly authorized. The injury in this case is limited to an extremely small – and arguably, diminishing – subset of consumers.
Much has also been made of the $32.5 million settlement. Although it’s supposed to go to consumers who were harmed by Apple’s poor interface, it’s unknown how much will actually be so spent, given that only 37,000 people responded to Apple’s offer for refunds of the full 28 million-customer pool and have presumably already been compensated. Monies left over from the $32.5 million will go to the FTC itself, though not for the holiday party fund. Instead, the money will be used to cover administrative expenses related to the refunds and for “informational remedies regarding In-App Charges by children.” Anything left over after that will be deposited in the U.S. Treasury. Draw your own conclusions as to what this could mean in
light of the controversy over Apple’s taxes (see “Apple Grilled Over Tax Practices,” 24 May 2013).
There have also been numerous catty insinuations about FTC Chair Edith Ramirez, who was previously a partner at Quinn Emanuel Urquhart & Sullivan in Los Angeles, a law firm that has represented HTC, Samsung, and Google against Apple in a variety of intellectual property suits. Before her appointment to the FTC in 2010 (she was a law school classmate of President Obama’s at Harvard, and adds welcome diversity to the FTC), Ramirez was not involved in any of those cases, so far as I can tell, so there’s no evidence that she would be biased against Apple (her clients included Mattel, Disney, and Northrop Grumman). And remember, the entire thing started under her predecessor, Jon Leibowitz, after a complaint from U.S. Representative Edward Markey.
Speaking of Google, Consumer Reports (among others) points out that Google Play, the main Android app store, suffers from the same problem that originally tripped up Apple, caching account passwords for 30 minutes and allowing unfettered in-app purchases in that time. The FTC declined to say if it had received equivalent complaints about Google Play, or if it was investigating further. Google responded to the Consumer Reports writer with a standard PR non-statement. But more may happen: law firm Lieff Cabraser Heimann & Bernstein is investigating claims that Google engages in deceptive marketing practices with regard to in-app purchases and promises a free case review for anyone who was so harmed.
In the end, the entire issue leaves me with a sour taste. Had Apple responded more quickly to the problems with a public statement, technical fix, and customer refunds, none of this would have happened. But happen it did, and it seems that once the millstones of government are set in motion, they grind inexorably to a conclusion, regardless of whether common sense would have moved on to more pressing issues long ago.
Chapter 10 of “Take Control of Apple TV” Available
Last week I said that the Apple TV isn’t just for entertainment, thanks to its AirPlay-powered presentation capabilities, so it’s a bit ironic for this week’s pre-release chapter of Josh Centers’s “Take Control of Apple TV” to be about games that are designed specifically for the Apple TV. No, there aren’t games you can install on the Apple TV itself, but thanks to AirPlay, you can play iOS games on the big screen via an iPhone, iPad, or iPod touch. With many games, that might not be a win, if you have to be looking at the device to know where to put your fingers, but a handful of games have been designed to be played on the Apple TV, with proper attention to using the full size of the screen and controls appropriate to
In Chapter 10, “Play Games on Apple TV” Josh offers capsule reviews of those games that are designed explicitly to be played on a large screen TV via AirPlay to the Apple TV. Since the fast response time required by games sometimes runs afoul of network or processing delays, Josh also provides a number of tips aimed at reducing latency so you’ll enjoy the best possible gaming experience.
As always, Chapter 1, “Introducing Apple TV,” is available for everyone to read, to see what “Take Control of Apple TV” is slated to cover. In a few more weeks, it will be available in PDF, EPUB, and Mobipocket (Kindle) formats, and TidBITS members can save 30 percent on this and all other Take Control titles. In the meantime, TidBITS members can read and comment on the following chapters:
- Chapter 2, “Set Up Your Apple TV”
- Chapter 3, “Control Your Apple TV”
- Chapter 4, “Discover What’s on Offer”
- Chapter 5, “Master AirPlay”
- Chapter 6, “Apple TV at the Movies”
- Chapter 7, “Rock Out with Apple TV”
- Chapter 8, “View Photos & Home Movies”
- Chapter 9, “Present with Apple TV”
We hope our TidBITS members have been enjoying this early look at “Take Control of Apple TV,” and if you haven’t yet joined the TidBITS membership program, this early access is only one of a number of perks we provide to thank you for your support. We don’t have the deep pockets of a corporate media behemoth, so support from our readers provides the majority of our funding and makes it possible for us to keep bringing you TidBITS each week. To get a sense what the TidBITS membership program means to us, see “Support TidBITS in 2014 via the TidBITS Membership Program” (9 December 2013).
Grading Obama’s Proposed NSA Reforms
In a speech that tried hard to defend the actions of the U.S. intelligence community while simultaneously admitting that some of those actions were unnecessary and egregious, President Obama on 17 January 2014 announced modest reforms to NSA spying practices revealed by former NSA contractor Edward Snowden.
President Obama began by comparing the National Security Agency to the Sons of Liberty, an American revolutionary group famous for the 1773 Boston Tea Party, and one of whose members, Paul Revere, famously warned of incoming British troops. Ironically, Revere’s legendary midnight ride would have most likely been stopped by the British if they had possessed the NSA’s metadata collection capabilities. Even more ironically, the American Revolution was kicked off in part by overly broad general warrants that gave British troops nearly unlimited power to search for contraband. It’s all about intelligence.
While the president called on history to defend the NSA, he also employed it to point out why government surveillance must be carefully managed, saying, “I would not be where I am today were it not for the courage of dissidents like Dr. King, who were spied upon by their own government.” Martin Luther King, Jr. was illegally wiretapped by the FBI, with the blessing of Attorney General Robert F. Kennedy and FBI Director J. Edgar Hoover. The FBI recorded tapes of King reportedly cheating on his wife, and sent the evidence to King’s home, along with a threatening letter. It’s a dark reminder of the government’s treatment of the man who would go on to win the Nobel Peace Prize and be
awarded the Presidential Medal of Freedom and the Congressional Gold Medal posthumously, along with being honored with a U.S. federal holiday.
Despite President Obama applauding dissidents like King, he expressed colder feelings toward Edward Snowden, the man responsible for the leaks that led to the announced reforms. “I’m not going to dwell on Mr. Snowden’s actions or his motivations. I will say that our nation’s defense depends in part on the fidelity of those entrusted with our nation’s secrets. If any individual who objects to government policy can take it into their own hands to publicly disclose classified information, then we will not be able to keep our people safe, or conduct foreign policy,” Obama said.
In contrast to his opinions of Snowden’s actions, Obama said, “we needed a more robust public discussion about the balance between security and liberty.” Of course, it’s impossible to know what sort of discussion would have occurred without Snowden’s leaks.
All that being said, the president announced a number of broad reforms for the NSA, including:
- Increased executive branch oversight of intelligence activities to account for alliances, trade and investment relationships, the concerns of American companies, and civil liberties, including annual reviews of sensitive targets.
- Greater transparency, including annual reviews to declassify verdicts of the FISA court that could have broad impacts on privacy.
Additional restrictions on activities conducted under Section 702, which lets the federal government intercept the communication of foreign targets.
Fixed periods of secrecy for the FBI’s national security letters and increased transparency in allowing communications companies to disclose more about these orders.
An end to the bulk collection of metadata about telephone records as the program currently exists, and exploration of alternatives that would allow the government to access the same information without retaining it, either by having companies retain the information or passing it to a third party. Congress will be consulted, and the president expects a report on alternatives by 28 March 2014, the date the current metadata plan will be up for reauthorization.
Effective immediately, the government will pursue telephone calls only from numbers that are two steps removed from numbers associated with a terrorist organization, instead of three.
Increased privacy protections for foreign nationals, including foreign leaders. “Given the understandable attention that this issue has received, I’ve made clear to the intelligence community that unless there is a compelling national security purpose, we will not monitor the communications of heads of state and government of our close friends and allies,” Obama said.
Asking Congress to establish a panel of advocates outside government to provide an independent voice in cases before the FISA court.
While Obama outlined a laundry list of reforms, many of the details are unsurprisingly vague, and many of the reforms are in the hands of a contentious Congress.
How do Obama’s proposals compare to the recommendations of his own advisory panel? The Verge performed an in-depth analysis, and gave the president a C overall, with high marks for additional high-level oversight, and low marks for preventing the NSA from further weakening encryption standards.
The Electronic Frontier Foundation created a scorecard of its own, which unsurprisingly has tougher standards. The EFF gave Obama’s reforms 3.5 points of 12 (29 percent — a low F for those wanting to compare to The Verge’s grade), with high marks for reform of the FISA court, and low marks for failing to protect whistleblowers, not releasing evidence to defendants, undermining Internet security, and reduced data retention.
While the president has repeatedly reassured Americans that the government isn’t spying on their phone calls, he failed to mention the recently revealed Dishfire program that collects 200 million text messages per day. In an era when mobile phone companies practically give away voice minutes, how relevant are phone calls to privacy compared to email, text messages, and the myriad forms of Internet communication? And then there’s the revelation that the NSA can use radio waves to spy on
computers that aren’t even connected to the Internet.
To be fair, President Obama is in a situation where he can please no one. But at the same time, these programs pose significant threats to privacy and civil liberties, while being of questionable value. The New America Foundation, a non-partisan think tank, analyzed 225 terrorism charges and found that the vast majority of cases were brought about by old-fashioned detective work, not mass surveillance.
There’s no denying that our intelligence community is necessary for security in this modern world, but it’s becoming increasingly clear that it’s a community in need of oversight. There’s a clear problem when Congressional representatives have to ask a private security expert about intelligence activities because they can’t get answers out of the NSA. America’s intelligence operatives need to be capable of responding to threats, but at the same time, they must be accountable to our duly elected representatives for their actions.
Net Neutrality Is Down, but Not Out
On 14 January 2014, the U.S. Court of Appeals for the District of Columbia issued an 81-page ruling declaring that net neutrality rules set out by the U.S. Federal Communications Commission are invalid. Those rules had been designed to prohibit network operators and ISPs from either favoring or discriminating against particular forms of Internet traffic. Basically, all lawful Internet communication had to be treated with equal priority, even if the ISPs didn’t like that traffic, and even if that traffic supported competitors. Without net neutrality requirements, ISPs like Comcast, AT&T, Sprint, Time Warner,
and Verizon (which initiated this lawsuit) could decide to block or inhibit services they don’t like, or grant special treatment to services they do like or for which they’re paid extra.
Internet and consumer advocacy groups responded with calls to action and warnings that Internet access in the United States could soon change for the worse. Conversely, many ISPs and network operators contend that eliminating regulation gives them new ways to make money and build new, innovative services that benefit consumers — and they pledge to uphold the basic spirit of the net neutrality rules anyway.
The reality is more complex. Our Internet service won’t change overnight, but unless the FCC finds new ways to mandate net neutrality requirements, ISPs may well start leveraging their positions as Internet gatekeepers to extract more money from Internet and media companies — and, ultimately, from us.
How Did We Get Here? — In 2005, the FCC adopted a four-part Internet “policy statement” on net neutrality that (in very brief terms) said consumers were entitled to access any lawful Internet content and services that they liked, and to connect any legal device to the Internet connection so long as it didn’t harm the network. These policy points were in a legal grey area: they weren’t enforceable rules, but they formed a basis for FCC rules and policies going forward. (I wrote about the topic for TidBITS back then; see “The War Over
Neutrality,” 15 May 2006.)
The policy statement was tested in 2007, when the Associated Press confirmed Comcast was interfering with the popular peer-to-peer file-sharing service BitTorrent. The FCC sanctioned Comcast, but Comcast appealed to the courts, claiming its actions were just reasonable traffic management, and, besides, a mere policy statement didn’t give the FCC the legal authority to tell Comcast what to do.
Comcast won that case, leaving the FCC scrambling. For a few years the agency abandoned rule-making and tried to reach side agreements with network operators. That didn’t work out: even in closed-door meetings, mobile and broadband companies wouldn’t agree to net neutrality principles, and in 2009 rivals Google and Verizon made a controversial separate proposal. That idea muddied the water so much the FCC gave up and went back to rule-making: in 2010, it issued the Open Internet Order, enshrining its earlier net neutrality principles in a
framework the agency believed was legally enforceable.
The Open Internet Order came with two twists. First, it required operators to disclose their network management practices (like blocking services) so consumers could make informed decisions. Second, the net neutrality provisions applied only to wireline Internet access. Mobile Internet — 2G, 3G, 4G, LTE, and all that — was mostly exempted, under the theory that the industry was too new and fast-changing to be meaningfully regulated by the much slower FCC. Mobile providers couldn’t block lawful applications, but they could otherwise manage their networks however they liked.
Verizon and other companies immediately launched a legal challenge to the Open Internet Order, while at the same time pledging to support net neutrality principles. And on 14 January 2014 that challenge paid off: the Court of Appeals for the District of Columbia said wireline broadband providers are basically free to do what they like with their networks, just like wireless providers.
Common Carriers — The heart of the matter comes down to the concept of “common carriers.” Basically, common carriers get special privileges like local service monopolies, the ability to assign phone numbers, collect taxes, charge interconnection fees, etc. In exchange, common carriers are more tightly regulated: they can’t discriminate and must accept any (legal) goods or content for transport at uniform rates. That’s how telephones have been treated in the United States since 1934, because phone service is considered an essential lifeline. Similar principles regulate public utilities and some transport services like shipping and pipelines.
Today, many people would consider the Internet as important (or more so!) than old-school phones, but broadband companies have successfully resisted being classified as common carriers. (Instead, they’re “information services.”) However, the court found that the FCC’s Open Internet Order amounted to regulating Internet providers as if they were common carriers. The court felt the FCC couldn’t have it both ways, so it struck down the net neutrality provisions.
What’s left? The court did preserve the Open Internet Order’s transparency requirements. Technically, broadband providers are free to discriminate against (or favor) particular customers or content, but they must disclose how they do so.
What Will ISPs Do? — For years, big broadband operators like Verizon have looked at companies like Google and Netflix as freeloaders. After all, broadband operators spend millions (and billions!) of dollars on networks, only to have Internet companies make mega-bucks off those facilities without so much as a by-your-leave. Network operators look at those companies’ balance sheets and think, “You know, some of that money should have been ours.”
With net neutrality requirements once again gutted, ISPs can try to take away Internet companies’ “free lunch.” They probably won’t block Netflix, Hulu, Steam, Playstation Network, or Xbox Live; transparency requirements are still in place, so outright blocks would be a public relations disaster. As such, virtually all major players have pledged they won’t block their customers’ access to any lawful content, applications, or services on the Internet.
However, merely providing access to services is not the same as providing non-discriminatory access. AT&T has already announced Sponsored Data, a plan to collect fees from content providers (such as Netflix, Hulu, Amazon, and perhaps rivals like Comcast) in exchange for exempting those services from customers’ mobile data caps. Mobile networks were never subject to neutrality requirements, but since wireline broadband is now exempt it’s a good bet that most ISPs are drawing up similar pay-to-play schemes. (Comcast had already been splitting hairs with a bandwidth-cap-dodging arrangement for its Xfinity app for Xbox.) ISPs
could bill it the other way too, charging consumers directly for preferential access to services (say, guaranteeing support for multiple HD video streams), or offering a low-latency “fast lane” that could appeal to gamers.
If these plans don’t generate the kind of revenue the ISPs want, they probably won’t degrade service performance — again, transparency rules still apply — but they could simply choose not to build out or upgrade systems that mainly carry those non-paying “freeloaders.” Maybe companies like Google, Microsoft, Apple, Amazon, and Netflix can afford preferential access, but high-bandwidth startups (like Aereo, Fanhattan, Imgur, and Cameo) may not have pockets deep enough to compete.
Where Do We Go from Here? — The FCC has a few options for bringing back net neutrality requirements. The commission could ask Congress for authority to regulate broadband operators more fully, or the FCC could — all by itself — rule that broadband operators are common carriers and, therefore, subject to tighter regulation.
Right now, neither of those paths look likely. The U.S. Congress has essentially been deadlocked for years, and net neutrality splits Democrats and Republicans neatly on party lines. Further, companies like Verizon, AT&T, Comcast, and Time Warner are major political players; according to the Center for Responsive Politics they each spend millions every year on lobbying and backing candidates that support their views. The FCC also seems unwilling to declare broadband operators common carriers: new FCC Chairman Tom Wheeler appears to prefer a wait-and-see approach, acting only if discriminatory practices appear,
although he recently suggested the FCC might seek another legal basis for net neutrality that avoids classifying broadband providers as common carriers. Of course, if that happens, network operators would probably challenge it. Again.
The bottom line for most Americans is that the landscape of Internet access will become more complicated over the next few years, as broadband providers work to wring revenue from both content providers and subscribers. On one hand, consumers might benefit as ISPs compete to offer the most compelling deals; on the other hand, there are plenty of places in America with poor broadband service and little or no competition, and the Internet’s next generation of killer apps may never get off the ground if they can’t afford pay-to-play deals.
Five Ways to Reset a Lost Administrator Password
This article is over four years old and some details have changed.
For up-to-date help, read “Three Ways to Reset a Lost Admin Password in High Sierra” (5 July 2018).
Several years ago, I was helping a client upgrade her Mac running Mac OS X 10.5 Leopard, but she couldn’t remember her administrator password. Because she also couldn’t find the original system CDs that shipped with her iMac, I had to resort to some advanced techniques few home users would ever be able to figure out.
Starting with 10.7 Lion, you could still call on all those options, but Apple added a method so easy that even an inexperienced user can do it — the Apple ID-based password reset. Let’s explore all the options to reset a password. Which you should use depends on the specific version of Mac OS X, and how the Mac is set up.
But first, there’s an important caveat about any of these methods, related to the login keychain.
Reset Login Keychain Password — No matter which of these methods you use to reset a forgotten administrator password, it won’t update the password protecting the account’s login keychain, which stores all of the user’s passwords. Since the keychain is protected by the now-forgotten administrator password, there’s no way to get back into it. Newer versions of Mac OS X may prompt about this problem at startup; otherwise you’ll need to delete the keychain and start it over again, using these steps:
- Open Keychain Access from
/Applications/Utilities, and choose Keychain Access > Preferences (Command-,).
- In newer versions of Mac OS X, you’ll see a button labeled Reset My Default Keychain in the General pane. If you have that button, click it to remove the old keychain and create a new one with the new password.
- If that button is not present, choose Edit > Keychain List (Command-Option-L), select the login keychain, and click the minus button to delete it.
- Open Keychain Access from
- Quit Keychain Access and restart the Mac. A new login keychain will start collecting and storing the passwords for Wi-Fi networks, email accounts, Web sites, and other logins as they occur.
If you can’t work with Keychain Access because of something like Messages Agent constantly asking for the forgotten login keychain password, you’ll have to resort to the command line, with these steps:
- Reboot into Single User mode by restarting the Mac and holding Command-S while the system comes back up. Numerous lines of status messages will scroll by.
- Once you have a command-line prompt, enter this command to mount the root Mac OS X drive as writable, so you can make changes to the filesystem:
mount -uw /
- Figure out the shortname of the account you want to reset by looking through the list that results from typing this command:
- Now enter this command to delete that account’s login keychain, replacing shortname appropriately:
- Restart the Mac by typing:
When the Mac comes back up, Mac OS X should create a new login keychain.
Now let’s move on to resetting the password!
1: Use the Command Line — In early versions of Mac OS X, the command line was the best way to reset a forgotten administrator password. Even now, command-line password reset remains available, making it the most universal approach that will work in any situation. If you’re not turned off by typing highly specific commands, follow these steps:
- Make a note of the user account shortname by opening the Home folder (in the Finder, choose Go > Home) and checking the folder name at the top of the window. If you can’t get into the account at all, you can determine the shortname later on.
- Reboot into Single User mode by restarting the Mac and holding Command-S while the system comes back up. A lot of arcane status messages scroll by, and leave you with a command-line prompt.
- Mount the root Mac OS X drive as writable, so you can make changes to the filesystem, with this command:
mount -uw /
- For those running 10.7 Lion, 10.8 Mountain Lion, or 10.9 Mavericks, enter this command at the prompt to load Open Directory (which manages user accounts) manually, since it was deprecated in Lion:
launchctl load /System/Library/LaunchDaemons/com.apple.opendirectoryd.plistSkip this step if you’re running 10.6 Snow Leopard or earlier.
- If you don’t know the shortname of the account you want to reset, look through the list that results from typing this command:
- Next, enter the following command, replacing “shortname” with the desired account’s shortname:
dscl . -passwd /Users/shortnameIf you get this error message, you may ignore it:
launchctl: Couldn’t stat
No such file or directory nothing found to load
- Type in the new password.
- Restart the Mac by typing:
2: Use One Account to Reset Another — Since 10.4 Tiger, if a Mac had multiple administrator accounts, you could log into one account to reset the password in another. This remains possible, and is one of the reasons that many people who are responsible for the Macs of less-experienced users will often create a separate administrator-level account for troubleshooting. Here are the steps you need to follow to use this approach, assuming you have the necessary access:
- While logged in an administrator account in which you know the password, open the Users & Groups pane of System Preferences (it was called Accounts before 10.7 Lion).
- Select the name of the user whose password you want to change, and click the Reset Password button. (You may need to click the lock icon in the lower left of the window and enter an administrator password to be able to make changes.)
- Enter the new password, the same password again for verification, and a hint in case it’s forgotten again.
3: Use the Installer CD or DVD — Up through 10.6 Snow Leopard, if the Mac had only the original administrator account, and resetting the password via the command line was too scary, you could use the original Mac OS X Install disc instead. (Actual snow leopards may be endangered, but installer discs went extinct with 10.7 Lion, so this method is only for older Macs.) Here’s how:
- With the Mac turned off, power it up, insert the disc immediately, and hold down the C key to make the Mac boot from the disc’s version of Mac OS X.
- From the Utilities menu at the top of the screen (or the Installer menu in 10.3 Panther), choose Reset Password.
- Select the hard disk volume, and the name of the original administrator account. (Stay away from the Root account.)
- Enter the new password, and then click Save.
- Quit the Mac OS X Installer, and restart the Mac normally.
Apple provides a support document with more details, along with instructions for Mac OS X 10.1 through 10.3, should you run into such an ancient setup.
4: Use the Recovery Partition — Starting with 10.7 Lion, which was sold only through the Mac App Store, the installer disc was replaced by the Recovery partition, a small chunk of the boot disk that contains a stripped-down version of Mac OS X and essential utilities. To reset the administrator password when running Lion or later:
- Restart the Mac while holding down the Option key, and double-click the icon for the Recovery partition. A Mac OS X Utilities screen appears.
- Choose Utilities > Terminal.
- In Terminal, type
resetpassword. Rather unusually for a task performed from the command line, a graphical Reset Password window appears.
- Select the startup volume at the top of the window, and then choose a user account from the pop-up menu. In the fields below, enter the new password, confirm it, and add an appropriate hint.
- Click Save, and then choose Restart from the Apple menu.
5: Use Your Apple ID — Starting with 10.7 Lion, it also became possible to use your Apple ID to reset your administrator password. It’s turned on by default in the Users & Groups pane of System Preferences, but double-check to make sure.
When this feature is active, if you enter the administrator password incorrectly at the login window three times, a popover appears with the password hint and a message saying “If you forgot your password, you can reset it using your Apple ID.” Here’s how to do that:
- Click the arrow icon to open the Reset Password dialog.
- Enter your Apple ID and its password, then click Reset Password to proceed.
- Enter a new administrator password, verify it, and fill in the Hint field so that you’ll get a memory trigger the next time you forget.
- Click Reset Password, and you’re done.
If you’ve also forgotten your Apple ID password, you can reset that at Apple’s My Apple ID page. Doing so relies on having access to the email address associated with your Apple ID; if that email account could be compromised, allowing the administrator password to be reset by the Apple ID might provide a way that the physical security of your Mac could be attacked. If you’re really worried, turn the feature off in the Users & Groups preference pane.
One quirk. If you upgraded from 10.6 Snow Leopard to 10.7 Lion, you may not get the reset message after three incorrect attempts. To fix this problem while you can still access the account, open the Users & Groups preference pane, delete the affected Apple ID, and then add the same Apple ID back.
It’s also important to know that encrypting your Mac’s boot disk with FileVault 2 prevents you from using your Apple ID to reset your password (since the password is used in FileVault’s encryption). Read this Apple support document for more information about FileVault.
No Excuse for a Lost Password — Regardless of how or why an administrator password has been lost or forgotten, there are a variety of techniques that you can use to reset it and regain full access to a Mac. These techniques aren’t to be used willy-nilly, since the login keychain will be lost in the process, but whether the simple method of using an Apple ID is sufficient or you need to drop down to the command line, you should be able to get the access you need.
FunBITS: Umoove Experience Is Cool, but a Pain in the Neck
Head tracking was once an obscure technology, relegated to those with special needs and virtual reality enthusiasts. But now, thanks to products like the Microsoft Kinect, camera-based motion tracking has moved into the mainstream. With the multiple sensors and cameras in the iPhone, iPad, and iPod touch, it was only a matter of time before head tracking came to mobile gaming.
Umoove is a startup intent on bringing head and eye tracking to the small screen, and the company has released its first proof of concept to the App Store: Umoove Experience for iPhone and iPad.
The free Umoove Experience has you flying around a desert village — perhaps an homage to the classic game Magic Carpet. Gameplay is as simple as it gets. There are 14 potion bottles scattered in and around the village. Each one adds more time to the clock, and your goal is to fly around and collect all 14 before the clock runs out. (Note that the game operates only in portrait mode.)
The twist is that you control your flight not by moving the device as you might expect, but with your head, as detected by your device’s front-facing camera. Tilt your head left, right, up, or down to steer in that direction, much like a flying superhero. To speed up, place your finger on the screen, and let go to slow down.
Before you start Umoove Experience each time, you must go through a bit of training that both reminds you what to do and helps the game calibrate itself. The game shows your face via your device’s camera. Once you confirm that your face is in the sensor area, you tilt your head to move an onscreen cursor to a series of targets.
During actual gameplay, you can press the pause button in the upper-right to realign your face in the camera. This also resets your position in the air, which is handy in case you get stuck in a building. Umoove Experience is smart enough so that if it no longer detects your face, it pauses the game and gives you a chance to realign yourself.
How well does Umoove Experience work? It’s a mixed bag. For me, things begin well enough, though the controls are a bit touchy. The game starts you off facing a line of potion bottles, but I tend to veer off course before I can collect them all.
In my testing, there were two major points of failure. The first is that some directions don’t seem to register well. Aiming myself toward the ground works fine, but climbing back up doesn’t work as well. (“Pull up! Pull up!”) Fortunately, there’s no penalty for crashing into something, and you can always pause and unpause to reset your position. The second point of failure is that, after a while, Umoove Experience freaks out and my onscreen avatar flies helplessly about the screen, even though I’m keeping my iPhone perfectly still.
More generally, after only a few minutes of play, my neck starts to cramp up. Although Umoove Experience needs only small movements for input, those aren’t necessarily natural motions, and my neck muscles aren’t accustomed to the work. Plus, I find myself jerking my head around to regain control whenever the game flakes out.
Umoove Experience is clearly a proof of concept, but it holds promise for both the disabled and the mainstream gaming community. Although it could use sensitivity settings for each axis (for those whose disabilities make head movement in certain directions difficult or impossible), Umoove’s technology still works better than iOS 7’s Switch Control accessibility feature, which lets you control the interface with head movements. Whereas Umoove Experience recognizes small motions, Switch Control requires quick head flicks, making me resemble one of the Roxbury Guys from Saturday Night Live. (Cue Haddaway’s “What Is
For mainstream games, I’d caution developers to use head-tracking controls sparingly, and recommend that there always be an alternative control method. Rather than go whole hog like Umoove Experience, head tracking could add realistic accents, such as by invoking a “lean” command in a first-person shooter game to peek around corners.
Regardless, it’s clear that we’re moving into an age where our devices will be watching us, not in a creepy way, but more like an attentive hound, looking for commands.
TidBITS Watchlist: Notable Software Updates for 20 January 2014
Typinator 5.8 — Ergonis makes it easier to search through your text expansions with the release of Typinator 5.8. After typing part of an abbreviation or a word that’s included in an expansion and then pressing a hotkey that you define, Typinator displays all matching items. The update also adds new Apple events that enable third-party utilities to define new snippets, works around a cursor positioning problem in OS X 10.9 Mavericks, improves positioning of the QuickSearch input field and result list, and improves compatibility with Microsoft Word, Lotus Notes, LiveCode, PowerMail, Firestorm, Linguist, and
TextSoap. (€24.99 new with a 25 percent discount for TidBITS members, free update, 5.7 MB, release notes)
Read/post comments about Typinator 5.8.
Mailplane 3.1.2 — Uncomplex has released Mailplane 3.1.2 with improved handling of inbox refreshing and compatibility with the Streak plug-in for the Gmail-specific email client. With automatic inbox refresh, new messages appear in your inbox shortly after notification is received, and a refresh is forced if your cursor isn’t within a text field (such as the compose window or search, where a refresh might be annoying). Added to the list of plug-ins compatible with Mailplane, Streak is designed for customer relationship management, but Uncomplex suggests that it might also useful for project
management and personal to-do lists. The update also brings back attachment preview using Quick Look if Google Drive is blocked, warns you if the Inbox Type setting in preferences doesn’t match your use of Inbox Tabs (Primary, Social, etc.), and avoids a crash when attempting to download history with a text-only toolbar. ($24.95 new, free update, 17.2 MB, release notes)
Read/post comments about Mailplane 3.1.2.
Final Cut Pro X 10.1.1 — Apple has released Final Cut Pro X 10.1.1 with a handful of bug fixes and refinements. Final Cut Pro X 10.1.1 now preserves media files if an external volume is disconnected while consolidating a library. The update also resolves an issue loading content into the Music and Sound Browser, as well as a stability issue when applying a Motion effect with Scroll Text behavior. Performance improvements include faster switching between proxy and original/optimized media and improved Timeline responsiveness with very large projects. ($299.99 new in the Mac App Store, free update, 2.20 GB, release notes)
Read/post comments about Final Cut Pro X 10.1.1.
TextExpander 4.2.1 — Squashing a number of niggling issues, Smile has released TextExpander 4.2.1 with a smattering of small fixes, including resolution for one problem that caused excessive CPU use on some systems after several expansions and another that caused version 4.2 to crash on certain systems after an expansion. The update also pre-fills the URL field if Add Group from URL is selected with a URL on the pasteboard, enables you to set script snippet timeout via AppleScript, fixes a crash related to snippet content computation exceeding the 5 second limit, and restores date macro evaluation to snippets
embedded within script snippets. ($34.95 new with a 20 percent discount for TidBITS members, free update, 9.1 MB, release notes)
Read/post comments about TextExpander 4.2.1.
ExtraBITS for 20 January 2014
In this week’s ExtraBITS, the Web-based Trello collaboration tool gets a major update, music-streaming service Rdio goes free, Avatron floats a cloudless file-sharing solution via Kickstarter, and a new feature in Google Chrome makes it easy to hunt down noisy tabs.
Trello Eases Working with Multiple Boards — The Web-based Trello collaboration tool has been refreshed with a redesigned boards page — they’re now arranged in a tight grid — along with customizable backgrounds for each board. You can also star boards for quick access, and Fog Creek Software has added a boards drawer to make it easier to jump between boards. Since boards tend to map to high-level projects, many of us were having trouble moving among our large collections of boards. Some of Trello’s heavier styling elements have also been
removed, leaving a flatter look and improving performance.
Rdio Now Free on the Web — Streaming music service Rdio is now free on the Web, where it’s supported by ads. Featuring a library of 20 million tracks, Rdio lets you play whatever music you desire, or it can generate personalized “stations” like those of Pandora and iTunes Radio. Rdio Unlimited remains available for $9.99 per month, offering ad-free playback and use of the Rdio mobile app.
Avatron’s Everydisk Promises File Sharing without the Cloud — Concerned about security and privacy when using cloud services? A new Kickstarter project from Avatron Software (a TidBITS sponsor) could help you come back to earth. Based on the company’s Air Connect system for securely establishing direct connections between machines anywhere on the Internet, Everydisk aims to give you access to all your files, on all your machines, wherever you are, without ever storing them in a cloud-based service. The Kickstarter project runs through 25 January 2014 — as little as $20 will get you a year subscription to Everydisk if the project
funds, and, as always with Kickstarter, you pay nothing if the project doesn’t fund.
Google Chrome Simplifies Silencing Noisy Tabs — At last! The latest version of Google’s Chrome Web browser has added tab icons to notify you if a tab is playing audio, accessing your microphone, or being cast to a Google Chromecast. The new audio alert icon should make it easier to find and silence annoying autoplay videos, such as on sites like -cough- Macworld. The other interesting addition is a preview of the new supervised users mode (ideal for young children), which lets you see a user’s browsing history and restrict access on a per-site basis.