Oy with the POODLEs already!

Plus: The Return of Camera Roll, and the debut of Yosemite

SO THERE I was, in the midst of crafting one of my typically droll and yet diabolically clever headlines for this post, when the perfect title was dropped right into my lap. Well, right into my Inbox, to be precise. Long-time client and Gilmore Girls fan Regina just happened to send along a completely unrelated email with that very subject line, which–according to the unparalleled resources of the Urban Dictionary–“can be used to shut up a person that is talking non-stop about a certain subject.”

Given that the primary focus of this missive is POODLE, an acronym for the latest security exploit capable of bringing the Internet to its knees, I feel well within my rights to assert that this expression can also be used to “shut up an Internet that is afflicted non-stop with certain security vulnerabilities.” As in: “Heartbleed? iCloud celebrity hack? Shellshock? And now POODLE? Oy with the POODLEs already!”

Ah, if only a well-turned phrase would serve to dispose of these technological threats… So just what is POODLE? Like Heartbleed, it’s a vulnerability in the system that encrypts information sent between devices and/or across the Internet, so that data like passwords and credit card numbers are protected from prying eyes. The POODLE vulnerability exists specifically in the Secure Sockets Layer (SSL) 3.0 protocol, which was superseded by the newer and more secure TLS (Transport Layer Security) protocol a while back.

UNFORTUNATELY, a small percentage of Web sites–and other devices that encrypt data, like routers–still use SSL 3.0 instead of TLS, and most Web browsers are set to “fall back” to SSL when they talk to a server if they can’t find TLS running, so that they can still conduct an encrypted “discussion.” When that happens, the POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability in SSL can be exploited by a hacker, and the no-longer-secure data can be decrypted and accessed.

So what can we do about this? Fortunately, as of this past Monday it’s pretty simple. Just run Software Update from the Apple menu, and it will deliver Security Update 2014-005, which prevents your Mac from using SSL in Safari, even if a server is offering it to you.

Firefox is also safe as long as you’re using version 33.0 (go to “About Firefox” from the FireFox menu to check/update). Google Chrome is still vulnerable as of this writing, per my visit to the POODLE Test site just a moment ago. And for anyone using 10.7 “Lion,” 10.6.8 “Snow Leopard,” or older, Apple is not providing a patch ;-(

APPLE HAS, however, provided a few other goodies in the past week. Namely, the iOS 8.1 update which, due to, er, popular demand, brings back the Camera Roll album. Not only that, it brings back the My Photo Stream album as well, if only to vex and confuse those of us who still don’t quite understand why Photo Stream photos are different on all our devices, and why they sometimes go away but other times stay forever.

Since Photo Stream will soon be replaced by the iCloud Photo Library, now available to try in a beta (test) version, there’s no point dwelling on the nitty gritty details. Suffice to say that those of you now using iOS 8 should definitely upgrade to 8.1 ASAP, since it squashes a lot of other bugs as well.

Should any of you out there feel adventurous enough to try out the iCloud Photo Library, it can be activated in Settings–>Photos & Camera on your iDevice. I’ll be curious to hear your experiences with it, so please feel free to share them in the comments below. For me, so far so good but I have only a few dozen photos up there at this point.

APPLE HAS ALSO released “Yosemite,” aka OS X 10.10, and in the process eliminated “Mavericks” 10.9. So if you haven’t yet upgraded to 10.9, it’s no longer an option. But trust me, you weren’t missing anything. While Mavericks brought little more than tabbed Finder windows (and major printing/email issues for some), Yosemite offers Handoff and Continuity features for iDevice users, as well as some other nifty stuff, like the ability to annotate email attachments and to sign documents with your trackpad.

I touched on Handoff and Continuity a few posts back, but just to review, these features enable iDevice users to do things like start an email on your iPad and finish it up on your iMac, or take a call from your iPhone on your MacBook Air. In fact, you can even initiate a phone call from your Mac, as long as your iPhone is nearby. For my money, Handoff and Continuity have the potential to be the most valuable features to come along in a new OS since 2007, when Time Machine debuted way back in Mac OS X 10.5.

So should you upgrade to Yosemite now? Well… if you’re already using Mavericks 10.9, and your Mac has slowed down appreciably since upgrading, or if it has caused problems with your Apple Mail program (especially if you’re a GMail user), I would go for it.

FOR THOSE USING Mountain Lion 10.8 or who have had no issues with Mavericks, I would at least wait until Yosemite 10.10.1 shows up, which is typically  within a month or two after the initial version release. So far I have not seen any of the horror stories that often accompany a brand-new system, but since your mileage may vary, discretion is probably the better part of valor here.

As with iCloud Photo Library, any early adopters of Yosemite are encouraged to share their experiences below.

(Shell)shock and awe, coming around the Bend

ANOTHER WEEK, another set of crises for Apple to weather. On the heels of August’s celebrity photo iCloud hack comes the Shellshock vulnerability, freshly discovered on Sep. 24 and rivaled only by this spring’s Heartbleed bug as the Vulnerability With The Most Compelling Monicker so far this year. At virtually the same moment, reports of the new iPhone 6 Plus bending after spending an extended period of time in users’ pockets began to surface on various forums.

Let’s begin with Shellshock. Also known as the Bash bug, it’s a legitimate issue present in most UNIX-based operating systems, of which Mac OS X is one. The name “Shellshock” arises from the area of the vulnerability, specifically the Bourne Again Shell (bash), a program used to issue commands to the system. If the bug is present, an attacker could potentially take over control of the shell, and thus the entire operating system.

FOR THE AVERAGE Mac user, however, it’s unlikely to become a real problem unless he or she has messed with some advanced UNIX settings from the command line. Still, Apple has taken it seriously and has issued downloadable patches (see end of article) for Mac OS X 10.9, 10.8 and 10.7. A future OS X security update will push the proper patch to your Mac shortly if you don’t apply it now.

There’s a way to test your Mac for the bug, but it involves using the Terminal app to run a UNIX command; if you’re all about that sort of thing, then check out Lifehacker’s instructions and dive right in. Otherwise, just download and install the appropriate patch below (go to About This Mac from the Apple menu if you’re not sure which version of Mac OS X you’re using).Those of you still running OS X 10.6 are unfortunately out of luck, as Apple stopped issuing security updates for Snow Leopard late last year.

ON TO THE iPhone 6 and the debate over whether, well, whether this whole “bendable” thing is worth debating. According to Apple, in a statement made to the Wall Street Journal and other media outlets on Sep. 25th, the company has received only nine complaints of the iPhone 6 plus bending under normal use. On the other hand, a quick Web search reveals all sorts of references to angry users, YouTube videos of folks bending their phones until they snap, and most recently two 15-year-old boys who actually recorded themselves on video bending–and breaking–an iPhone 6 Plus in the Norwich, CT Apple Store.

Are the new iPhone 6 models particularly vulnerable to bending under normal use? The first few days of reports and YouTube videos were often compelling, but for the most part on the unscientific side, while Apple on Sep. 25th invited the medis to its “torture-test” facility and demonstrated the various stress tests they perform on the iPhones to ensure durability, in an effort to show how tough the phones actually are.

SO WHO TO believe? On September 26th, no less an authority than Consumer Reports weighed in on the debate by publishing the results of their own stress tests on not only the new iPhones, but the iPhone 5, LG G3, Samsung Galaxy Note 3, and HTC One (M8) as well. I’ll let you read the results for yourself, but to sum up:

  • “Significant force” was required to damage any of the phones tested; the testers deemed them all to be “pretty tough”
  • The iPhone 6 Plus turned out to be stronger than the iPhone 6
  • The iPhone 5 was approximately twice as strong as either iPhone 6 model
  • The most durable phone was the Samsung Galaxy Note 3; the least durable was the HTC One (M8)
  • “While nothing is (evidently) indestructible, we expect that any of these phones should stand up to typical use.”

I’ll add my own $0.02 here, if I may: Thanks to a concept known as “physics,” the thinner smartphones become, the less durable they’ll be. From my own perspective, I’ve always been afraid to place a phone in my back pocket–not for fear of bending it but rather that I might crack the screen upon sitting down.

And just in “case” this isn’t patently obvious, most iPhone owners (86% according to this Business Insider survey) employ some type of protective case. In fact, the survey revealed that over 25% of the respondents used OtterBox cases, meaning that they take their protection pretty seriously.

LET’S WRAP UP by bringing a little sanity into this debate. Regardless of the “bendability,” or lack of same, of the new iPhones, resist the temptation to ride bareback and enclose your device in a protective case of some sort. Avoid putting the phone in your back pocket, even if you’re not intending on sitting down for a while. Last but not least, do not conduct any of the previously-referenced stress testing on your $700 iDevice.

AltiM@c Consulting: Proudly keeping our readers from becoming shell-shocked–or bent out of shape–since 1995.

Shellshock patch for Mac OS X 10.9 Mavericks:
http://support.apple.com/kb/DL1769

Shellshock patch for Mac OS X 10.8 Mountain Lion:
http://support.apple.com/kb/DL1768

Shellshock patch for Mac OS X 10.7 Lion:
http://support.apple.com/kb/DL1767

 

That’s two small steps for man… one giant leap for security

NOT ONLY does that bastardized quote make an appropriate lead-in to this posting, it reminds us of the fact that although we put a man on the moon way back in 1969, we still rely on passwords to protect our identity online and offline. And because it takes a concerted effort–even with the services of a password manager–to update and strengthen all those passwords, we often end up putting that task off for another day.

In the wake of the recent “celebrity photo iCloud hack,” Apple has been urging all of us to employ “two-step verification,” which as the name implies, involves a second step beyond simply entering a password in order to verify your identity when you make an iTunes store purchase or update your Apple ID account info. This isn’t a new concept; Apple and many other online services (including Google, Yahoo!, Facebook and Twitter) have offered various flavors of this security enhancement for years.

WHAT IS NEW is that Apple is now officially urging us to make use of two-step verification, in addition to strengthening our passwords. I’m all in favor of anything that makes our accounts more secure, as long as it doesn’t make our computing experience unnecessarily complicated. For most of us I feel the extra step is worth the additional protection, but read on to make sure that it’s a good option for your particular situation.

The additional “step” in two-step verification involves a unique PIN code that is sent to your cellphone via text message (or iDevice, via a “push” notification) once you’ve entered your password. At that point you’ll see a prompt to enter this code, which changes each time it’s used. So this prevents anyone from accessing your iTunes Store account or your iCloud data, even if they are able to guess your password. It’s a relatively simple process and requires only a one-time setup on Apple’s site.

KEEP IN MIND, however that if you decide to enable and use two-step verification, you must have a cell phone that can accept SMS text messages (most can) in order to set up TSV, and you must have either that cell phone (or any iDevice on which you’ve enabled Find My Phone) with you whenever you want to do any of the following:

  • Make a purchase from the iTunes Store, iBooks Store or App Store, whether on your Mac or any of your iDevices
  • Make any changes to your Apple ID info (credit card, password, etc.)
  • Sign into the iCloud Web site
  • Call Apple for help with your Apple ID

One other word of caution: Once you enable TSV, your Apple ID password is encrypted in such a way that even Apple can’t retrieve it for you. That’s why in the setup process you are prompted to create an emergency Recovery Key, which can be used in the event you forget your password. Obviously you will want to keep that in a safe place on your Mac, ideally within your password manager or in a Word document that is password-protected.

SHOULD YOU determine that two-step verification is the way to go for you, start with the setup instructions here:

Frequently asked questions about two-step verification for Apple ID:
http://support.apple.com/kb/HT5570

and then check out this Wall Street Journal article, which details how to enable TSV for many other Web sites:

Safety First! How to Sign Up for Two-Step Verification on 11 Top Online Services:
http://blogs.wsj.com/personal-technology/2014/04/11/safety-first-how-to-sign-up-for-two-step-verification-on-11-top-online-services/

If you’ve determined that you don’t want to go the TSV route, that’s perfectly fine–only if you’ve created very strong passwords for your Apple ID and any other Web properties that contain your personal or financial info.

SO THAT’S two-step verification. Unlike the moon landing, it’s not rocket science. But compared to using only a password–especially a “weak” one–it really is one giant leap for security.

Making us Pay

That’s exactly what Apple’s been doing. Seemingly lost between Tuesday’s unveiling of yet another pair of new iPhones (the 6 and 6 Plus) and the Apple Watch–which will no doubt sell by the truckload despite its hefty price tag ($349 and up) and the fact that it needs to be accompanied by an iPhone for full functionality–was the revelation that Apple has concocted a “virtual wallet” payment system to accompany its newest smartphone models.

This system works with your existing credit cards, but it’s more secure than any available payment method. It’s dead simple to use, incredibly convenient, and already supported by national chains like Macy’s/Bloomingdales, McDonalds, Subway, Walgreens, Petco, Toys “R” Us, Staples and more.

Apple calls it simply Apple Pay. I call it pretty remarkable because after seeing the demo and the ecosystem they’ve created around it, I think it truly does have the potential to change the way we pay for things. It’s not the first system to take a crack at mobile payments via a virtual wallet (see Google Wallet) but it’s the first one to come out fully locked and loaded, with retailers, banks, and credit card companies already on board.

Apple Pay is based on an already-existing technology called near field communication (NFC). Put simply, it’s a way for two devices to “talk” to each other over very short distances by establishing a temporary wireless connection. By waving your smartphone in front of an NFC enabled device at your friendly neighborhood retailer’s checkout, a credit card payment can be made in mere seconds. No need to launch an app; in fact, you don’t even need to unlock your iPhone–thanks to the Touch ID technology that Apple introduced with the iPhone 5s.

When you compare this experience to fumbling with credit cards, security codes, picture IDs and swipe card readers that never seem to get it right the first time, the advantages in terms of convenience are pretty obvious. What’s probably not as obvious are the advancements in security and privacy that are baked into this new system. Although Apple Pay can make use of any VISA, American Express or MasterCard, it never actually uses (or stores) credit card numbers or security codes on your iPhone.

Instead, a unique secure ID is encrypted and stored on your iDevice for each of your credit cards, and it is this information, along with the transaction info and a one-time security code, that is sent to your credit card company. At that point the unique secure ID is linked to your actual card no. and account, and payment is transmitted to the merchant. This means that your card number is never sent anywhere in the process of making a purchase, and because you don’t actually hand the card to the cashier, no one even sees your card number–much less any other personal info–at the point of sale.

Further, if your new “virtual wallet,” aka iPhone, is lost or stolen, you can remotely suspend all recent payments and wipe the device from any other iDevice or Web browser using Find My Phone. That’s not really new, but consider this: Because the credit card numbers and other info for each card are not stored in the iPhone, and because–in theory, at least–you left your actual wallet at home, you don’t need to call up and cancel all your credit cards. You just import their info into your replacement iDevice, and you’re back up and running. Or buying, as the case may be.

Apple’s demo of Pay at Tuesday’s press event made it seem almost impossibly simple, convenient and secure. And it just might be all that when it comes on line this fall. As you may have already guessed, this revolutionary payment system requires the purchase of the new iPhone 6 or 6 Plus. So now that Apple has made us Pay, Apple is going to make us… pay.

Or, to paraphrase the official motto of the Commonwealth of Virginia: Sic semper Appleus.

A brief note on security, or, what else is new?

Regarding the recent “celebrity photo iCloud hack,” which most of you have probably heard of by now, it appears after much investigation and finger pointing that there is no inherent security flaw in the iCloud system, and that these were isolated attacks specifically directed at the iCloud accounts of female celebrities (Kirsten Dunst, Jennifer Garner, Kate Upton etc.) in hopes of discovering compromising images to post online. The attacks were conducted using common “brute force” hacking techniques; in other words, sending password after password at the account in rapid succession until the correct one was discovered.

Nothing new or innovative about that, and since the targets were specifically young, nubile female celebs, it’s probably safe to assume that none of us were affected. In the wake of these attacks, Apple has pledged to improve iCloud security, but also urges users to implement strong passwords as well as to enable two-step verification, which is generally a good idea in terms of making your Apple ID even more secure. Because TSV involves a very specific setup process and requires that you have a cellphone with you whenever you make a purchase on the iTunes Store, we’re going to explore it in a future posting to help you decide if it’s the right move for you, or if it will cause more problems than it solves.

So what’s the moral of this story? It’s two-fold:

  1. Resist the temptation to post naked selfies to your Photo Stream.
  2. Use a strong password for your Apple ID/iCloud account. If any or all of the celebs affected by this had employed strong passwords, their accounts would not have been compromised.

Finally, some of you have been asking about the Home Depot hack, which was confirmed this past Monday and potentially affects up to 60 million accounts. It really has nothing to do with your computers or iDevices, and since it had been going on undetected for at least six months, you probably already know if any cards you used there have been compromised. Just to be sure, however, check your recent statements carefully for any suspicious charges and report them to your card issuer ASAP.

Of Russian hacks and password cracks

ANOTHER DAY, another data breach and this one appears to be one of the most significant in recent memory–over a billion usernames and passwords now in the possession of some Russian hackers. Although a very interesting take on this exploit at The Verge calls into question whether said quantity of personal data was actually “hacked” or merely acquired from other criminals, the fact remains that the data is out there, and yeah, there’s probably a reasonable chance that your info is in there somewhere.

What many of us find particularly frustrating about these escapades is that the names of the sites that were compromised are usually not released for days or even weeks after the hacks occur, in the event that a site remains vulnerable after the hack is disclosed. This was the case with the recent Heartbleed bug, where many Web site operators were unconscionably slow to inform their users as to whether their sites needed patching, had or had not been patched, and exactly what information could been compromised.

In the end, we’re all left thinking, “What can I do, or what should I do, to protect myself?” Well, there isn’t much we can do to prevent these kinds of exploits, but there are two things we can do to minimize the potential risk. One is to use “strong” passwords (“un9Ayg3I1oN8” as opposed to “password”) on the Web sites that we frequent, and the other is to use unique (and strong) passwords for each site. Using strong paswords alone wouldn’t have helped much with this specific exploit, but using unique passwords would.

WHY? BECAUSE hackers know that most of us use the same 2-3 passwords for all the sites we visit. So if they capture just one, along with your email address, they may well have a way in to many of your other online accounts–some of which may contain a lot more personal information than just your name and email.

Now there’s a very good reason why–in spite of all the warnings we get each time a Web hack is publicized–most of us use the same 2-3 passwords for everything, and that’s because in order to use them, we must be able to remember them. Even working with only a few passwords can be challenging, and we’ve all had those moments wherein we type in what we think the password is, then what it might also be, then what we think it is but with an initial cap, etc. Were we all to employ strong passwords, even if they were not unique to each site, we would certainly fail at most of our login attempts.

That’s where password managers come in. Some are programs that reside on your computer; some are Web sites that store the passwords for you. Some are bare-bones and some are amazingly full-featured. But the one invaluable service they all perform is they enable you to use strong, unique passwords by remembering them for you and regurgitating them on demand. You have only to remember one “master” password to unlock the rest.

THE KEY WORD here is “enable.” It would be a truly marvelous thing were a password manager to vist all the sites you frequent, change your password on each one to something infinitely more robust like “Nim2ceWg8O9q,” and then repeat that action every three months. In the real world, of course, accomplishing that requires a little more “elbow grease,” if I may borrow an idiom from my parents’ generation.

Even with the assistance of a password manager, you must take the following steps to update your sites with a strong and unique password:

  1. Log in to the site with your current (presumably weak) password.
  2. Locate the area of the site where you can update your password.
  3. Enter your current password in the “Current Password” or “Old Password” field.
  4. Enter a much stronger one in the “New Password” field (most password managers will generate this for you).
  5. Apply the password change using the “Save,” “Update, “Apply” or similarly-named button below the password fields.
  6. Make sure the password manager updates its record for the new password (most do this automatically, or at least semi-automatically).
  7. Repeat for the remainder of your sites.

DON’T GET ME wrong–I don’t mean to give the impression that password managers aren’t worth the trouble. I use a password manager, and I feel they are extremely useful and truly the only practical way to employ strong and unique passwords across multiple Web properties. But they still require an investment of time and thought to allow them to safely and effectively “manage” your passwords.

So if this latest exploit has you thinking that it might be time to stop using “password123” for the majority of your Web accounts, you would be well-advised to employ some form of password management. Just be prepared to spend a few hours or more working up a little elbow grease in the process.

Yosemite Slam

I SUPPOSE I should refrain from slamming a new operating system before it’s even released, but I can’t help but wish that Apple would clean up the rest of the bugs and performance issues in Mavericks 10.9.x before announcing their next arrival. Nonetheless, OS X 10.10, aka “Yosemite,” was announced at the annual WWDC this past June and is due to arrive sometime in the fall of this year. The hardware requirements for Apple’s newest OS are identical to those of OS X 10.9 Mavericks and, like its predecessor, Yosemite will be a free upgrade for all.

There are, of course, a plethora of new features and a further extension of  the “minimalist” design that characterizes the current iDevice operating system, iOS 7. Yes, they remain two completely distinct operating systems, but the lines continue to blur. Many of the new features and capabilities of Yosemite center around improving the interaction between iDevices and Macs–what Apple refers to as Yosemite’s Continuity feature set.

Specifically, the “Handoff” components of the new OS will link all your Apple tech in such a way that you could start composing an email on your iMac and finish it on your iPad without missing a beat, or check out a Web site on your iPhone and be brought to the exact same spot on that site when you return to your MacBook Pro.

AND THAT’S JUST  for starters. You’ll be able to receive and respond to all text messages on your Mac, not just iMessages (the blue bubbles in the Messages app) but also standard SMS text messages (the green bubbles that heretofore didn’t appear in the Messages app on Macs). You’ll even have the ability to “hand off” phone calls from your iPhone to your Mac, essentially turning it into a giant speakerphone.

Even the new iCloud Drive feature, which brings a long-overdue “DropBox”-style service to Macs, is arguably most useful when you have an iDevice or two in addition to your Mac.

Finally, the AirDrop technology for swapping information wirelessly, which–in spite of the fact that it already exists on Macs and iDevices–has never allowed you to move your stuff between those two platforms, now makes amends for that by baking it right into Yosemite and the forthcoming iOS 8 (more on that in a moment).

Sure, there are other Yosemite features that don’t revolve around iDevices, like the option to scrawl on/annotate images or PDF attachments in Mail. But overall it sure seems like Apple is banking on the notion that most of you own at least one Mac and one iDevice, and that you’ve a hankering for them to work together far more smoothly and efficiently than they have to date.

HOWEVER, Yosemite and iOS 8 are the future, even if said future is mere months away. Mavericks 10.9 is the present, and I am compelled to state here that I still have reservations about upgrading from “Mountain Lion” 10.8 if that’s the OS you’re running and it’s working as advertised for you. In fact, the one thing that stands out to me as far as Mavericks’ new features is a penchant for breaking my clients’ ability to print to PostScript printers that worked just fine in earlier versions of the OS. So if you haven’t made the leap to 10.9 yet, I would have to recommend that you hold off for a few more months and see what Yosemite brings.

Don’t hold off on iOS 8, though, which was also previewed at the WWDC alongside Yosemite. This latest OS for iDevices brings some wonderful new stuff like iCloud Photo Library, which provides vast improvements in photo management/storage by offering a simpler and more useful alternative to the bewildering combination of Photo Stream and iCloud Photo Sharing–neither of which I can satisfactorily explain to my clients (given that I barely understand them myself).

Even more significantly, Apple is finally overhauling the way multiple Apple IDs are managed among individuals and families courtesy of the new Family Sharing options. For most of us, Family Sharing will bring an end to the heartbreak of managing purchases made under multiple Apple IDs, to Mom getting text messages intended for Dad and vice versa, and to the unintentional mingling of Junior’s contacts on his iPad with the address book on Dad’s MacBook Pro.

LET US FIRST exult in the glory of the new manner in which all your devices will handle your photos. Turn on iCloud Photo Library, and all of your fab pix and videos are stored (and backed up) on iCloud, in their original format (even RAW) so they can be accessed from anywhere. That’s it! Ah, but that amount of storage is going to cost me an arm and a leg, you say. Fear not, intrepid shutterbugs, because Apple has completely restructured their pricing for iCloud storage, veritably plummeting from the currently lofty $100/year for a mere 30GB, to an extra 20GB for the paltry sum of $0.99 per month, with 200GB going for just $3.99/mo.

It’s not only the storage that’s more convenient. When you use the Photos app on any of your devices to edit your mages, those changes will be visible everywhere. Even better, your edits are non-destructive–meaning that you can revert back to the original image if necessary. As part of all this, iPhoto on the Mac will be replaced by Photos, which will have a similar look, feel and feature set to the Photos app in iOS 8. That probably means some iPhoto features will be lost in the shuffle, but no one seems to like or even really understand iPhoto all that much, anyway…

On to Family Sharing. While I imagine that implementing this may be a bit tricky for a family of five with multiple existing Apple IDs, the basic concept is quite simple and long overdue. WIth Family Sharing. up to six family members–each with their own Apple ID–can access all purchases made under any of those IDs (assuming they’re made with the same credit card). And since the IDs are unique, each person can maintain their own set of iCloud calendars, contacts, reminders, etc. Thoughtfully, Family Sharing automatically creates a single shared Family calendar (with reminders) and a Family photo collection, assuming that there are some things you do want to share.

SO HOW EXACTLY will all of this work? Well, if Sis downloads the latest from One Direction, Dad, Mom and Junior all have immediate access to that album–regardless of whether or not it fits their particular musical tastes. And lest you fear that Junior is now free to embark on a reckless buying spree of the entire Maroon 5 catalog, rest assured that Apple has baked in what they call “Ask To Buy,” which alerts the credit card holder via text message whenever a purchase is attempted and allows for the immediate acceptance or rejection of same.

Assuming Mom is not subject to that restriction, the moment she purchases the now-classic Game of Life on the App Store, the rest of the family is free to grab it, fill their virtual plastic automobiles with virtual plastic spouse/offspring pegs, and agonize over whether or not to buy fire insurance when the opportunity arises. So whether or or not you’re a fan of this classic board game, Family Sharing represents a drastic improvement over the current “multiple Apple IDs” mess in which many have found themselves enmeshed.

LAST BUT certainly not least, iOS 8 includes two new technologies known as Health Kit and Home Kit. These are not apps but more of a central “hub” which, in the case of Health Kit, enables health information to be collected and shared among third-party apps such as those that detect your blood pressure, heart rate or glucose levels. This info could also be transmitted remotely to healthcare providers–something that could be potentially life-saving should any of those readings fall outside of their normal ranges.

Home Kit works in a similar fashion by allowing home automation apps from disparate developers to work together in such a way that you could, for example, inform Siri that “it’s bedtime,” at which point your downstairs lights would shut off, the thermostat would adjust appropriately, all the doors would lock and the garage door would close in the event it was left open. Apple has confirmed that they are partnering with companies like Cree, Texas Instruments, Kwikset, Philips, Chamberlain, and Schlage, which means that the major players in smartphone-based home automation are already on board with Home Kit.

So that’s iOS 8, coming to an iDevice near you sometime this fall. There are a few other nifty little features I could wax poetic over, but since I’ve been promising this posting for nearly a month now, let me sum it all up in as succinct a manner as possible:

iOS 8? Great.

Yosemite? Wait.