newsletter banner

ISSUE 19.47.F • 2022-11-21 • Text Alerts!Gift Certificates
Look for our BONUS issue on November 28!

In this issue

PATCH WATCH: When should you retire your Apple device?

FROM THE FORUMS: Be watchful for scams in the forums

Additional articles in the PLUS issue • Get Plus!

PUBLIC DEFENDER: Will PayPal fine you $2500 for trading artistic nudes?

ONENOTE: Why would you use OneNote at all?

FREEWARE SPOTLIGHT: Gourmet Recipe Manager — Organizing your stolen recipes

Your Ad Here!

75% OFF on WinX Media Management Bundle
(Lifetime License)

This must-have media management bundle includes WinX DVD Ripper Platinum, WinX DVD Copy, WinX Video Converter Deluxe and WinX MediaTrans.

Highlights: Rip encrypted DVDs, clone DVD disc, convert/download/compress/edit video, and manage iPhone.
75% OFF to get lifetime license – lowest price + free lifetime upgrade guarantee.

Go to the bundle page now >


When should you retire your Apple device?

Susan Bradley

By Susan Bradley

Apple’s recent releases encourage new hardware.

There are several people at my office who constantly purchase the latest iPhone or iPad, turning in their old devices in the process. I’m not that adventurous — I don’t recommend updating quite that fast.

However, I do recommend an upgrade if your phone is an older model, such as iPhone 8. Why? Because the best security is provided on the newest hardware, and because Apple has become more like Microsoft in requiring newer hardware to protect against snooping, zero days, and other risks.

I’m far from the only one who thinks this way. As noted in the Center for Internet Security (CIS) benchmarks, if you have users that are high-value targets, or think you might be one,

Physical security exploits against iOS devices are rarely demonstrated within two years of the release of the underlying architecture. For users whose physical iOS device(s) may be targeted, it is prudent to use the most recently released architecture.

You want the following devices, or a later model:

  • iPhone 13 and iPhone 13 Mini using the Apple A15 Bionic processor
  • iPhone 13 Pro and iPhone 13 Pro Max using the Apple A15 Bionic processor
  • iPad Mini 8.3″ using the Apple A15 Bionic processor
  • iPad 10.2″ using the Apple A13 Bionic processor
  • iPad Air 10.9″ using the Apple A14 Bionic processor
  • iPad Pro 11″ and 12.9″ using the Apple M1 processor

A “high-value target” is defined as a user who may be likely to experience a physical-level device attack. These individuals include politicians, journalists, activists, members of the military, civilian government personnel, business executives, and wealthy individuals. But even if you aren’t in one of those groups, a newer device will provide a better, more pleasing user experience and improve your security posture. It’s also the case that applications get updates to take advantage of the higher performance and new features of newer devices, which tends to make them slow down on older devices.

There are other reasons for new hardware, amongst them longer battery life; larger form factors, with displays that allow better readability; and better cameras. These things are not discussed as much after the initial marketing buzz dies down, but we rely on these pocket-sized devices for so much these days that updates become desirable. That’s especially true with the cameras — smartphones have almost entirely destroyed the consumer market for small cameras and camcorders. The smartphone cameras keep getting better and better, with manufacturers investing heavily in them.

I certainly don’t recommend updating this type of hardware every year, because that can be an expensive proposition. However, I do not keep iPhones or iPads for as long as I do Windows desktops and laptops.

Reviewing your settings

Whether you are a high-value target or not, there are some settings you may want to check. At the top of my list is personalized advertising. Launch the Settings app and navigate to Privacy and Security | Apple Advertising, then set Personalized Ads on or off, as you prefer.

Whenever you get a new device, review its permissions and settings. The migration from one iPhone or iPad to a newer version is usually easy and thorough; but if you don’t check, you can’t be sure Apple did exactly what you prefer. Apple provides an iPhone User Guide with a section on Security & Privacy, which I recommend as a roadmap for performing a complete security check. It is comprehensive and includes such things as managing the information you share with people and applications, protecting email addresses, using iCloud Private Relay to browse more safely, and putting the phone in lockdown mode.

If you visit the iPhone User Guide, you’ll notice a dropdown at the top to select the appropriate version of iOS. As of this writing, that dropdown includes only iOS 16, 15, and 14. That should be a clue.

Recommendations for consumer and home users

In iOS 16, a new option called “Install System and Data Files” (Settings | General | Software Update) lets users enable automatic security updates independently of iOS updates. This will allow you to get security-only updates while pushing off the major updates. By default, this option is enabled — and I recommend keeping it so.

Recommendations for business users

More and more firms are starting to deploy Apple devices in a Microsoft network. In the last quarter, Mac hardware sales increased while Windows-based hardware decreased. Microsoft realizes this as well and, slowly, has been offering more and more tools and techniques to control Apple iPhones, iPads, and Macs in a domain setting. Microsoft’s Intune continues to get more and more features to manage and control Macs. For example, you can remotely wipe a device, should someone leave the firm and you need to redeploy the operating systems. There are several excellent online videos showcasing selective wipe as well as remotely erasing a device.

Apple silicon changes

Be aware that Apple devices with Apple silicon have different manageability capabilities, as compared to those with Intel chips. As Nathaniel Strauss writes:

On a Mac with Apple silicon, the device reboots into the recoveryOS, where the only options are to restart, [shut down], activate, or erase the Mac. To activate the Mac, select an administrator user and provide the password. This activation step requires an internet connection.

Strauss goes on to warn that:

On Intel Macs running Big Sur the lock command still works as it has in the past. On Apple silicon though, instead of the lock command locking the Mac, it boots to recovery. Once in recovery, to get back to the installed OS with user data [intact], an admin account must authenticate. However, anyone can still choose to erase the disk and set the Mac up as new. Not much of a theft [deterrent]. The lock command has always been tied to EFI (and UEFI), and with EFI being gone on Apple silicon, Apple declined to port the feature over to the new boot process.

The Microsoft Intune team warns specifically of this issue:

A remote wipe for Apple silicon-based devices running macOS 12.0.1 or later requires a bootstrap token issued by Microsoft Intune.

Last March, Microsoft made the change to better support Apple silicon. You may need to run a GitHub script to check the status of your devices to ensure they are ready to be managed.

Patching Mac operating systems

Generally speaking, Apple devices are similar to Windows when it comes to patch management. Even though you never want to be first on a new release, you also do not want to run your devices without updates.

As an example, I am still not recommending an update to the latest version of macOS Ventura for either home or business use. There are still too many side effects with business applications (such as Teams) to be recommending it at this time. Apple tends to support releases for at least three years, but during that time the newer releases get more support than the older ones. As noted by The Eclectic Light Company:

When the current version of macOS loses its general support, and starts its two years of security-only fixes, there are still many bugs left in it, which are only likely to be fixed in the new version.

Ventura inherits the same rapid-security patch code as iOS 16. It will receive smaller security patches long before they are incorporated into the larger OS releases. I’m hoping to recommend Ventura soon, but until then, just know that the process of Apple security issues will be better on newer operating systems.

Just as with Windows releases, newer is better. But sometimes it’s a bit bumpy getting there.



Talk Bubbles Join the conversation! Your questions, comments, and feedback
about this topic are always welcome in our forums!

Susan Bradley is the publisher of the AskWoody newsletters.


Be watchful for scams in the forums

Talk Bubbles

By Susan Bradley

Last week, there was an incident in the forums that was unexpected and of some concern.

Someone (let’s codename the person “Rogue”) signed up for a Plus membership, then used it to send direct messages (DMs) to several other members. The DM contained a solicitation.

One of the members contacted got in touch with me immediately. Though there did not appear to be anything overtly problematic, our member expressed reservations about the legitimacy of the solicitation. I made a quick, initial investigation, concluding that this was some sort of scam. Here’s what I did:

  • The member sending the solicitation was immediately banned from the site and so notified. The donation will not be returned.
  • I alerted our forum moderators about this tactic.
  • I opened a new topic in the forums, Activity that is not allowed on the forum.

My actions relating to this incident make clear that I will not tolerate such behavior.

The solicitation was an offer to purchase a member’s Malwarebytes “Lifetime” license. That’s an important point here — Rogue was dangling cash. That should raise instant suspicion, just as it would if you got the same solicitation in your email. And why was the member who reported the matter suspicious? Simple, really — he doesn’t own such a license. And if he did, how would the scammer know?

There is little we can do to prevent this sort of thing. We can stop it only after we become aware. We very much appreciate our member’s alertness and his willingness to report the incident.

Also, DMs are private, which gives them an air of safety. But don’t let your instincts for secure behavior be overwhelmed with a lure. Don’t react immediately, do what research you can (check the profile of the person sending the DM), and let me know as rapidly as you can.

By the way, I will be making a change that should discourage any future Rogues. We’ve been planning the change for several months, and it will be announced in our Bonus issue next week.

Talk Bubbles Join the conversation! Your questions, comments, and feedback
about this topic are always welcome in our forums!

Shop Now!

Here are the other stories in this week’s Plus Newsletter


Brian Livingston

Will PayPal fine you $2500 for trading artistic nudes?

By Brian Livingston

PayPal, the giant online payment-processing service based in San Jose, California, put itself in hot water last month by releasing, and then disavowing, a document that threatened to deduct $2500 or more from PayPal users’ financial accounts if any of their transactions “appear to depict nudity” or “promote misinformation.”

Setting aside that vague and confusing language for a moment, PayPal’s checkered history with regulators is worth recalling. For instance, the company was recently subjected to a number of actions.



Why would you use OneNote at all?

By Mary Branscombe

If you’ve never seen the point of a digital shoebox for notes, here are some ways of putting OneNote to use that could change your mind.

From the feedback I get when I talk about OneNote, it’s clear that there are plenty of devoted fans and heavy users out there. But I also get questions asking why you should use OneNote, and what it’s good at.


Deanna McElveen

Gourmet Recipe Manager — Organizing your stolen recipes

By Deanna McElveen

First of all, I’m not a cook. That’s my husband’s job.

The few things I do cook or bake are from recipes that I nab at family gatherings from my older relatives. I decided I needed to move these recipes out of their old card file boxes, so I went looking for some free software — because I’m cheap that way.

Know anyone who would benefit from this information? Please share!
Forward the email and encourage them to sign up via the online form — our public newsletter is free!

Enjoying the newsletter?

Become a PLUS member and get it all!

RoboForm box

Don’t miss any of our great content about Windows, Microsoft, Office, 365, PCs, hardware, software, privacy, security, safety, useful and safe freeware, important news, analysis, and Susan Bradley’s popular and sought-after patch advice.

PLUS, these exclusive benefits:

  • Every article, delivered to your inbox
  • MS-DEFCON Alerts, delivered to your inbox
  • MS-DEFCON Alerts available via TEXT message
  • Total access to the archive of nearly two decades of newsletters
  • No ads
  • Identification as a Plus member in our popular forums

We’re supported by donations — choose any amount for a one-year membership.

Join Today buttonGift Certificate button

The AskWoody Newsletters are published by AskWoody Tech LLC, Fresno, CA USA.

Your subscription:

Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody,, Windows Secrets Newsletter,, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody Tech LLC. All other marks are the trademarks or service marks of their respective owners.

Copyright ©2022 AskWoody Tech LLC. All rights reserved.