In 2013, Apple made the iLife and iWork suites free for new Mac and iOS device buyers, and the company has now made the apps free for everyone. In other timely news, dates and locations for the roaming MacTech Pro events have been announced, and Apple has released its tenth annual Environmental Responsibility Report with some bold goals. Looking back, you can take a trip down memory lane with the Internet Archive’s new Mac emulator, which lets you run dozens of classic Mac apps in a Web browser. Back in the present, Geoff Duncan joins us to examine your options for maintaining privacy when bringing digital devices into the United States. Finally, you can save 30 percent on Letter Opener for macOS Mail from Creative in Austria, which helps Mac users deal with winmail.dat email attachments. Notable software releases this week include EagleFiler 1.7.6, Parallels Desktop 12.2.0, and Lightroom CC 2015.10 and Lightroom 6.10.
Once upon a time, Apple used to charge for nearly all its software, and especially productivity apps like the iLife and iWork suites. However, back in 2013, Apple made those apps free with the purchase of any new Mac or iOS device (see “New Free iLife and iWork Apps Share across Devices and Platforms,” 22 October 2013).
Now, with no announcement or fanfare, Apple has made the current iLife and iWork apps entirely free for all users. Just to be clear, the change affects the following apps:
- GarageBand for macOS (requires 10.10 Yosemite) and iOS (requires iOS 10.2)
- iMovie for macOS (requires 10.11.2 El Capitan) and iOS (requires iOS 9.3)
This is good news for holdouts who haven’t purchased a new eligible Apple device since 2013 but are running a supported version of the operating system and would like copies of the iLife and iWork apps. And it makes explaining the pricing easier for Apple.
Why didn’t Apple just make these apps free for everyone in the first place? The answer likely lies deep within Apple’s accounting department. Back in 2013, Apple made iLife, iWork, and OS X 10.9 Mavericks free and bundled them with every new Mac and iOS device sold. That move enabled the company to delay recognition of a portion of its sales receipts. That’s because the product (a Mac or iOS device) wasn’t “fully delivered” without updates to the software — it’s a “subscription accounting” approach. In its Q4 2013 financial quarter, Apple delayed recognition of $900 million in revenue, in essence hiding that money from the quarterly report (see “Apple Q4 2013 Results See
Lower Profits Again,” 28 October 2013).
That may answer the question of why Apple is now making these apps free for everyone. According to Daniel Eran Dilger of AppleInsider, the deferred revenue trickles back into Apple’s reported revenues over 2 years for iOS and 4 years for the Mac. It has been about 4 years since this deferral likely began, implying that Apple has finally cleaned the associated deferred revenue off its books.
In the end, this change doesn’t mean much. Any effects from iLife and iWork becoming free — on competing apps, on Apple’s revenues, and on the perceived value of Apple hardware, for instance — have already taken place. Most people who want to use the iLife and iWork apps have likely either bought copies already or purchased new hardware since October 2013. We suspect that sales to owners of older Macs and iOS devices have dropped to the point where it was no longer worthwhile for Apple to bother charging for the apps anymore.
Congratulations to Edward Minot at edminot.com, Joyce Mastboom at csuohio.edu, Michael Riccio at webdeck.com, Zachary Braff at gmail.com, and Tonya Dale at gmail.com, whose entries were chosen randomly in the last DealBITS drawing and who each received a copy of Creative in Austria’s winmail.dat decoding utility Letter Opener for macOS Mail.
If you didn’t win but still need a tool to decode winmail.dat files automatically, Creative in Austria is offering a 30 percent discount off Letter Opener for macOS Mail through 30 April 2017, dropping the price from $39.99 to $27.99. To take advantage of this exclusive discount for TidBITS readers, use coupon code TIDBITS when ordering.
Thanks to the 196 people who entered this DealBITS drawing, and good luck in future drawings!
As our TidBITS Content Network starts to gain traction with Apple consultants and resellers, I’m becoming increasingly aware of all the excellent resources available to Apple-focused IT professionals. MacTech’s regional event series, called MacTech Pro, has nine events this year, with seven remaining in cities around the country.
Although the speakers vary by city, each MacTech Pro event covers the same ground, with sessions on:
- Creating a Storage Strategy: Integrating Solutions for Cloud, Local, Network with Access, Archive, and Backup in Mind
- Deployment Methods: Files, Configurations, and Directory Services
Scripting Python: Solo and Playing with the Other Kids
Group Discussion: Limited Time, Limited Resources. Best Practices to Optimize You
Internet of Things and Home Automation
Security: Don’t Be the Low-Hanging Fruit for a Hacker
macOS Troubleshooting: Console Is Your Friend
The Tools You Should Know
In 2017, the remaining MacTech Pro events are:
- May 3 in Atlanta — Session Chair: Bob Garst
- May 24 in Washington, DC — Session Chair: Will O’Neal
- June 28 in Denver — Session Chair: Weldon Dodd
- July 26 in New York — Session Chair: Christopher Holmes
- August 9 in Orlando — Session Chair: Tim Hassett
- August 30 in Chicago — Session Chair: Ben Greiner
- September 27 in San Francisco — Session Chair: TBA
Although each MacTech Pro event normally costs $499, TidBITS readers can register for just $299 and get a free subscription to MacTech Magazine as well. Educational and non-profit pricing is $199. All registrations include lunch.
As with the add-ons at MacTech Conference, if you are interested in the Watchman Monitoring Proactive Support Professional Certification, that course takes place the evening before each MacTech Pro event and costs an additional $249.
Although my schedule hasn’t firmed up yet, I’m hoping to be able to attend at least the 26 July 2017 event in New York City to network with the participants.
PCE/macplus emulates a Macintosh 128K through Macintosh Classic, so we’re talking about a 9-inch, black-and-white screen here. The Internet Archive’s Mac Software Library has a package showing off System 6.0.8’s System Startup and System Additions disks and a more interesting one for System 7.0.1 that includes a variety of apps, including BBEdit, HyperCard, Microsoft Word, Microsoft Excel, and more. Remember, you have to double-click quickly to open folders and launch apps, and selecting an item from a menu requires you to hold the mouse button
down after clicking the menu title.
As amusing as it can be to fool around with those old apps, the real fun comes with the games of the 1980s. Dark Castle, Airborne, and Wizardry are all there for you to play, along with my favorite, Lode Runner. Give them a try!
For those who remember them, the apps are worth visiting for nostalgic reasons alone. However, more interesting are what projects like this promise for the future of digital preservation. It’s increasingly hard to keep ancient hardware running, and unstable media renders long-term access to software and data questionable at best.
If the massive computing power of modern machines enables full emulation of older hardware, and files can be moved into the cloud while their floppy disks can still be read, perhaps we won’t lose nearly as much old data to bit rot as we would have otherwise. There isn’t much of a business model around loading of data and apps from long-stored floppies, but kudos to groups like the Internet Archive and the RetroWeb Vintage Computer Museum for showing that it can still be done. And if you’re interested in playing with your old apps and files, check out the Macintosh Garden for information on setting up your own emulator.
Now, if you’ll excuse me, I have another level of Lode Runner to attempt.
Over a decade ago, Apple established a set of environmental health and safety policies to not only “Meet or exceed all applicable environmental, health and safety requirements,” but also, “Where laws and regulations do not provide adequate controls… adopt… standards to protect human health and the environment.” Those words, by the way, can be found in Appendix D of Apple’s 2017 Environmental Responsibility Report, issued this week. The 56-page PDF report looks very much like an Apple product: a clean, attractively spare document featuring lots of white space, beautiful photos, and a not inconsiderable amount of data
inside. Unlike many Apple products, while this year’s report reveals what Apple has most recently accomplished, pundits won’t need to speculate where Apple plans to go in the future.
That’s because Apple has explicitly revealed its goals, with its environmental intentions coming in the form of “bold questions” asked by Apple’s Lisa Jackson, Vice President of Environment, Policy and Social Initiatives, in the report’s opening statement:
- “Can we power a global business with the sun, wind, and water?”
- “Can we get 100 percent of our supply chain to move to 100 percent renewable energy?”
“Can we one day stop mining the earth altogether?”
“Can we use only 100 percent recycled and responsibly sourced paper in our packaging?”
“Can we improve on the world’s best materials?”
Of course, it’s in any company’s interest to post softball questions in such a progress report, but Apple does at least try to answer them honestly, if the three third-party assurance and review statements in Appendix C of the report can be trusted.
On powering a global business with sun, wind, and water, Apple reports that 96 percent of the electricity that powers its global facilities comes from renewable resources, and that its carbon footprint was 29.5 million metric tons for fiscal 2016, down from 38.4 million metric tons the year before. Moreover, the company says that 100 percent of the power it consumes in the United States for data centers already comes from renewable sources.
As for its supply chain moving completely to renewable resources, Apple reports that, between Apple-initiated energy audits and training, “efficiency improvements made by suppliers avoided more than 150,000 metric tons of carbon dioxide equivalents.” The company has installed “485 megawatts of wind and solar projects across six provinces of China” and plans to deliver 2 gigawatts of clean power in China alone by 2020, and 4 gigawatts of such power worldwide. (To see what these and other numbers mean, try entering them into the EPA’s Greenhouse Gas Equivalencies Calculator.)
How about reducing its reliance on mining? Apple hasn’t been as successful at that but reports that it is increasing the use of recyclable materials like aluminum and tin (100 percent of the solder on the iPhone 6 main logic board comes from recycled tin). Results from Liam, Apple’s research and development project on disassembly technologies, are helping to increase the yield of recyclable materials from its products.
When it comes to packaging materials, Apple reports that in fiscal 2016 it “used 131,000 metric tons of fiber, of which 62 percent was recycled, 38 percent was virgin fiber from responsibly managed sources, and less than 1 percent was virgin fiber that did not comply with our sustainable fiber specification.” Apple is also stepping up partnerships with groups like the Conservation Fund and the World Wildlife Fund to increase the number of acres of sustainable forest from which it obtains such fiber.
Finally, Apple has invested heavily in environmental testing to reduce the amount of toxic materials in its products. Apple’s Cupertino Environmental Testing Lab, which uses plasma mask spectroscopy and ion, liquid, and gas chromatography among other tools and techniques to identify toxic materials, has grown twenty-fold since its establishment in 2006. The company even manufactures artificial sweat so it can measure the amount of nickel leaching from Apple Watch cases to help reduce exposure to customers who are allergic to nickel (Apple has created a video explaining why it makes its artificial sweat). Other toxic materials that Apple has eliminated from its products include
beryllium, mercury, PVC and phthalates, arsenic, and lead.
To be sure, this report is designed to show Apple’s efforts in the best possible light. Moreover, no manufacturer that operates at Apple’s scale can avoid causing some environmental degradation. Nonetheless, at a time when national and world leaders seem to have become less concerned with global environmental issues, it is heartening to see a corporation of Apple’s size and influence make environmental protection a fundamental — and well-funded — corporate goal.
Many travelers have had the experience of showing documents and answering questions while crossing an international border. But these days most of us carry smartphones, tablets, and computers that can contain or access tremendous portions of our daily lives.
Sure, some data is innocuous, like snapshots of yesterday’s lunch or last week’s sports scores. But some of it can be deeply sensitive, including banking and financial information, medical histories, dossiers of our friends and acquaintances, private conversations — even records of where we have been.
As tensions rise over border and immigration issues (think walls, immigration bans, and terror threats), and as we become more dependent on our devices, demands to examine the contents of digital devices are becoming more common at the U.S. border and other border crossings around the world.
What would you do if a border agent wanted you to unlock your device? Or if they demanded passwords to your social media, email, or banking services?
If these questions give you even a moment’s pause, it’s best to give some thought to crossing into the United States before you actually get there.
What Can Border Agents Do? — Contrary to some popular opinion, the U.S. Constitution does apply at U.S. border crossings, so U.S. citizens have rights of free speech and association, freedom from unreasonable searches and seizures, and freedom from forced self-incrimination.
However, U.S. border agents also have broader powers than U.S. police officers, including the ability to conduct warrantless searches of vehicles, luggage, and other possessions. Put another way: in the United States a police officer can’t pull you over, then search and disassemble your car unless they have probable cause and a warrant approved by a judge. However, a border officer can, no warrant needed.
U.S. border agents have these extended capabilities because courts have held the government’s interest in maintaining border integrity is more important than an individual’s privacy. In legal terms, these extended searches are considered “routine,” and are meant to enable border agents to enforce trade and import laws, to prevent dangerous people from entering the country, and to ensure entrants are authorized and properly documented.
It’s absolutely within a border agent’s purview to inspect the physical aspects of any device you are carrying, whether that is a phone, tablet, laptop, camera, or any other digital gear. This includes not just inspecting its case and controls, but also removing batteries, memory, storage, and other components.
Moreover, Customs and Border Protection (CBP) directives grant border agents the authority to examine any information “encountered” on devices. That can mean flipping through pictures on your digital camera, and (if the device is unlocked) swiping through your phone and its apps, and poking around your computer.
Many travelers are perfectly OK with this. For instance, if a border agent wants to flip through my terrible pictures (Look, a blurry thumb!) or the massive list of blocked numbers on my iPhone, I don’t particularly care: I’m nowhere near as dependent on devices as many people, and I don’t really use social media.
But my computer often contains encrypted, confidential data belonging to my clients. If border agents wanted to look through that, I might have a legal obligation to refuse. Plenty of people — especially folks like doctors, attorneys, and journalists — would be very uncomfortable with border agents flipping through patient records, correspondence, photos, financial information, and more.
Turn Off, Turn Down, or Turn a Blind Eye? — So, if you don’t want U.S. border agents going through your devices, the solution might seem easy: lock them or turn them off! That way, border agents won’t “encounter” any information during their inspections, right?
That’s true. But now imagine a border agent asks you to activate or unlock the device, or provide a code or password to do so? It’s surprisingly common. Maybe the agent wants your Facebook or Twitter password so they can examine everything about your social media presence, not just what’s public. Maybe they want your passwords to WhatsApp, iCloud, Dropbox, or your bank. Maybe these aren’t requests: maybe they’re orders.
Now things get tricky.
- If you agree, border agents can scrutinize and copy your information.
- If you refuse, border agents can seize your devices and even detain you. The CBP cannot refuse to let a U.S. citizen into the country; however, they don’t have to make it easy, quick, or pleasant. The CBP can refuse entry to both foreign nationals and lawful permanent residents. All of this increases pressure to comply.
If you lie to border agents — “Uh, I forgot my password! That’s not my phone!” — you’ve committed a crime carrying a prison sentence of up to five years.
Requests, Orders, and Consent — You can refuse to disclose passwords or unlock devices. The border agent might say “OK,” and move on to the next part of their inspection. Or, the agent may insist, perhaps suggesting that unlocking devices is in your best interest. If you unlock a device, that may constitute legal consent to being searched. With consent, border agents may search nearly any aspect of a person or their property.
If you refuse a request, border agents can escalate to an order. Agents are sometimes ambiguous about the distinction between a request and an order because implicit consent to a request gives them better legal footing. If in doubt, ask.
You can refuse an order to disclose passwords or unlock or activate devices, but border agents can seize your devices. How long can you go without your phone, computer, and the information they contain? Can you afford to replace them? Agents can also escalate the engagement to include additional officials or even detain you.
Once border agents have a device, they can copy its contents and share the data with other agencies or third parties for interpretation or forensic analysis. If the device is not unlocked, they may attempt to copy and store its data anyway, even if it’s encrypted. After all, if the government gets a password (or has/finds/buys a loophole or flaw in the software protecting the data), they may be able to decrypt it anyway. Same with any encrypted data on an unlocked device.
How long can the government hold on to data or devices? Generally, the CBP is supposed to destroy copies of data and return seized devices within five days, but retention of both can be extended almost indefinitely. Additional data about travelers and searches entered into a system called TECS — formerly known as the Treasury Enforcement Communications System — can be retained as long as 75 years. This may include passwords and other credentials revealed to
How to Protect Your Data — If for any reason you don’t want to be put in the position of disclosing your entire digital life to U.S. border agents, you need to plan ahead. If you’re already in line at a border crossing and suddenly decide you want to protect your data, it’s too late.
First, assess your risks, perhaps by making a list of potential problems if your devices were seized or information on them was accessed (and potentially copied and shared) by border officials. For instance, if you rely on your iPhone to manage your boarding passes, lodging, and car rentals — or perhaps use Apple Pay while traveling — having your phone seized by border agents could present a major problem for the rest of your trip.
Worse, if you’re a physician traveling with patient records, an attorney with confidential documents, or a journalist with sensitive information, having the government leaf through your data could represent a huge professional and ethical problem.
Honestly, for most people, the risk analysis stops here. Even people who are tremendously reliant on their smartphones, devices, and social media rarely do anything sensitive. Sure, we might not want border agents reading text messages to our friends and relatives, but it’s not really a privacy disaster if they flip through selfies or uncover a group chat planning a surprise party for the grandparents.
However, if you feel the risks are significant — perhaps you’re party to a high-profile lawsuit, planning a divorce, work with classified information, have data on your device that is legal but perhaps controversial, or have legitimate worries about your status in the current political climate — you can take some steps to protect your data.
- Take fewer (or no) devices. You can’t be asked to unlock something you don’t have. A colleague who travels regularly between Japan and the United States has stopped carrying any devices at all. Another who does a similar commute from Sweden uses a travel-only phone.
Use device encryption. iOS devices have had on-device encryption for most of your data enabled by default for years. On Macs, this means enabling whole disk encryption via FileVault, which has been available since 2011 (for assistance, see “Take Control of FileVault”).
Then, turn your devices off. A device that’s merely asleep or locked is considerably more vulnerable to having its security compromised than an encrypted device that is fully shut down. This is probably the strongest (and easiest) thing most travelers can do to protect their data — as long as you’re using strong passwords and passcodes (for details, see “Take Control of Your Passwords, Second Edition.”) Do not rely on biometric security like fingerprint readers.
Consider migrating some of your data to the cloud. In many cases, there’s no reason you need to carry your data with you on your devices: you can simply upload it to a cloud service — whether iCloud, Dropbox, or some other provider — then delete the data from your device, and re-sync with the cloud provider once you reach your destination. The process might take some time (or involve expensive data roaming charges), but it eliminates the need to physically transport your data over the border.
There are two main potential problems with this approach. The first is that deleted data on a device can often be recovered via forensic analysis. Just because you delete an item from a device doesn’t mean it can’t be recovered by an expert. Second, border agents may just demand passwords to your cloud accounts. (Remember, lying to border agents is a crime.)
Don’t know your passwords. This is perhaps the trickiest option — and takes the most planning — but an attorney I’ve worked with occasionally over the years uses it. When he has had to travel with sensitive information recently, he has encrypted it with a strong password that is too long to remember, and then sent that password in an encrypted note to his own attorney. The result is that if he is asked to unlock the encrypted data, he can truthfully reply that he does not have the password. Further, if officials demand he retrieve the note that could reveal the password, it would be protected by attorney-client privilege.
You could use a similar approach to passwords used to unlock devices, email, social media accounts, banking information, and more. But doing so requires a great deal of effort and almost certainly needs a trusted third party. (And if that third party makes a mistake, you may lose access to your accounts altogether.) Moreover, border agents may regard it as highly suspicious if a traveler doesn’t know the passwords to their own accounts or devices — and that may increase the likelihood of greater scrutiny or an escalated encounter.
If Your Devices or Information Are Taken… — If border agents seize your devices, politely insist on a property receipt. If you feel you are being mistreated by border agents or your rights are being violated, politely ask for their names, badge numbers, and agencies of the officers you encounter. Do not be rude, aggressive, or belligerent: it will never work in your favor. Also do not physically interfere with border agents: they can respond with physical force.
Want To Know More? — This article is just an overview of some issues involved with crossing the United States border with your personal data. Furthermore, I am not a lawyer, so this article should not be construed as legal advice!
Fortunately, there are more-extensive guides to these topics written by real lawyers. If this topic is of particular interest to you, I recommend them highly:
- The American Civil Liberties Union has published a detailed outline of issues surrounding border searches of devices and data. They also offer information on all manner of border crossing issues.
The Electronic Frontier Foundation recently published a guide to Digital Privacy at the U.S. Border, available both on the Web and as a printable PDF.
Plus, many of the legal issues surrounding what border agents may and may not search on devices at the U.S. border are still poorly defined, with cases still working their way through courts, and members of Congress introducing potential legislation that would require a warrant before searching digital devices.
The situation is complicated and getting more so all the time. But if you’re at all concerned about the privacy of your data while crossing the U.S. border, it’s best to be prepared before you show your passport or identification.
Will these device searches cause you to change your behavior when traveling? Let us know in our informal Twitter poll, which is open until 25 April 2017. So far, the overwhelming majority have said, yes, it will cause them to act differently.
EagleFiler 1.7.6 — C-Command Software has released EagleFiler 1.7.6, adding support for a new search option using the
x-eaglefiler custom URL scheme. You’ll be able to initiate an EagleFiler search from Alfred, LaunchBar, and other applications that support URL schemes, as well as set up a launcher app to search the current EagleFiler library or create shortcuts to open and search specific libraries. The document organization and archiving app now follows the Match Partial Words setting when highlighting search matches in the records list and in text and email records, works around a
bug in macOS 10.12 Sierra that would open the library behind an existing library’s window when using File > Open, and resolves an issue with OmniOutliner 5 (see “OmniOutliner Essentials and Pro 5.0.1,” 7 April 2017) that caused its compressed flat files to be imported as text files. ($40 new with a 20 percent discount for TidBITS members from C-Command Software or from the Mac App Store, free update, 18.0 MB, release notes, 10.6.8+)’
Read/post comments about EagleFiler 1.7.6.
Parallels Desktop 12.2.0 — Parallels has released Parallels Desktop version 12.2.0 (build 41591), addressing overall stability and performance issues as well as several bugs. The virtualization software corrects an issue where Boot Camp virtual machine applications didn’t appear in the Dock, fixes a bug that prevented dragging and dropping of files from the Mac to the Windows 10 Creators Update, resolves an issue with Web pages opening in Windows 10 Creators Update instead of on the Mac, and fixes a
bug that reinstalled Parallels Tools every time a Boot Camp virtual machine configuration was changed. ($79.99 new for standard edition, $99.99 annual subscription for Pro/Business Edition, free update, 256 MB, release notes, 10.10.5+)
Read/post comments about Parallels Desktop 12.2.0.
Lightroom CC 2015.10 and Lightroom 6.10 — Adobe has released the standalone Lightroom 6.10 and Lightroom CC 2015.10 (available as part of Adobe’s Creative Cloud) with bug fixes and support for additional cameras and lenses. The professional photo cataloging and editing applications resolve an issue with the Auto Import menu item, bring back the presets listed under Color Presets, and fix bugs related to Tone Curve (including incorrect movement when using a Wacom stylus). The updates also gain support for the Canon EOS M6, Canon EOS Digital Rebel T7i, Canon EOS 77D, and Pentax KP cameras, plus over 20
lenses. ($9.99 monthly subscription or $149 for the standalone app, free update, release notes, 10.8+ for Lightroom CC 2015.10 and 10.9+ for standalone Lightroom 6.10)
Read/post comments about Lightroom CC 2015.10 and Lightroom 6.10.
In ExtraBITS this week, Apple has apologized for erroneous email messages saying that iCloud storage or Apple Music subscriptions were discontinued, and Apple CEO Tim Cook chastised ride-sharing company Uber for spying on iPhone users.
Apple Acknowledges Weird “Discontinued” Email Messages — If you subscribe to iCloud storage or Apple Music, you may have received an odd email message from Apple saying that your subscription was discontinued last week. There was speculation at the time that the messages were sent by mistake due to a server hiccup, and that now seems likely. A few days later, Apple apologized to affected users, acknowledged that it had sent the messages in error, and confirmed that no changes to iCloud storage or Apple Music subscriptions were made. Mistakes happen — what matters is that Apple took
responsibility for it.
Tim Cook Dressed Down Uber for Spying on iPhone Users — Ride-sharing company Uber has had a rough 2017 so far, getting caught in one sleazy business practice after another. But Mike Isaac’s report in the New York Times may be the last straw for many Apple users. It turns out that Uber was using its popular app to secretly identify and track iPhones, even after the app had been deleted and the phone erased. Uber went so far as to hide that code for anyone inside a geofence surrounding Apple’s headquarters. In early 2015, Apple CEO Tim Cook summoned
Uber CEO Travis Kalanick to his office to order him to stop. Uber did, but as you’ll read in this lengthy biography of Uber founder and CEO Travis Kalanick, there have been plenty of other shenanigans since.