The Magic Behind Apple’s Notification Sounds

Now that the 13 part series “Online Security” is done, it’s time to get back to other interesting topics like Sound and nobody does Sound like Apple. Even the earliest Apple II computers had sound generation. I remember my amazement when I heard Scott Joplin’s “The Entertainer” played on the Apple Music Synthesizer in 1978.

Fast forward to 2001 and the first iPod was released. Then in 2002 Apple was the first computer manufacturer to own a music software company when they purchased Emagic, the makers of Logic Pro. From this, Apple created the super popular consumer version, GarageBand. In 2003, the iTunes Store opened, selling tracks for $0.99 and seven years later Apple was the world’s largest music retailer.

Mostly recently in November 2016, I wrote the post, “Acoustics – Apple’s Future is ‘Ear’” refuting the negative publicity around the new AirPods and sure enough six months later, they are another smash hit. However even with these successes, Apple is still a relentless innovator and will soon release the HomePod, “a powerful speaker that sounds amazing, adapts to wherever it’s playing, and together with Apple Music, gives you effortless access to one of the world’s largest music catalogs. All controlled through natural voice interaction with Siri.”

So what do humble Notification sounds have to do with these blockbuster products? To me, they are the true measure of a commitment to excellence and form an integral part of the “personality” of iDevices. Keep in mind that at one point during the Super Bowl, over 380,000 text messages were sent EVERY SECOND. That’s a lot of “Note” notifications. Apple even dedicated a session at their recent World Wide Developers Conference to “Designing Sound.”  In a fun twist, the presenter actually played “Note” live at 15:25 in the video.

He also played the “Chord” notification used in the Calendar at 16:45. Spoiler alert, it’s a Kalimba! The entire presentation is fascinating and demonstrates how serious Apple is about the high quality of its design ethic.

At 18:30, he also goes on to provide an introduction to creating your own appropriate notifications using simple tools such as iOS Voice Recorder and GarageBand including how to avoid the pitfalls associated with improperly created sounds like noise and truncated endings.

If you have a few free minutes, capture sounds that catch your attention and make notifications from them. My wife and I heard a wonderful ringtone while we were in Cuba and now it is her iPhone ringtone. It’s a fun, creative way to personalize something that quickly becomes a part of your personal soundscape!

Online Security Part 13 – Summary and Final Thoughts

After almost five months, we have arrived at the last part of this series and what a long, strange trip it has been. If you’ve made it this far, I hope you found this series interesting and useful. There are literally thousands of other suggestions for staying safer online, but the best seem to stay just short of paranoia while implementing reasonable security methods. For example, it’s worth providing one final reminder that ALL emails are insecure and links in them should be considered unsafe. Use bookmarks; type the site name; Google the site name (but don’t click on the ad please); etc. Think before you click! Never open attachments from unknown sources or click on suspicious looking pop up messages. Even if you recognize the name of the sender, if the email seems to come from “out of left field,” check the email address of the sender to see if it is real. You can protect yourself from many attacks by staying aware.

As far as anti-virus programs go, if good, layered security practices are used, the basic software that comes with a recent computer can be sufficient, i.e. Windows 10 Defender + Firewall and MacOS Internal Security + Firewall. The Wikipedia article on Anti-Virus software points out in the section “Issues of Concern” that anti-virus solutions can be as bad as the viruses they are supposed to be protecting against.

Where can you get help that isn’t a scam in itself? Malwarebytes seems to be one of “the good guys” and their forums are a VERY active source of support. Piriform also seems to be legit with good software for removing malware called CCleaner. When a strange message pops up, doing a Google image search for “fake virus warnings” can also be helpful.

Again, the key is to not be too paranoid or too complacent. People who write articles about security make money when others click on their links, so it literally pays to scare people into clicking and reading. Keep in mind that most people are not important enough to get hacked and if they were, a dedicated hacker, like a professional burglar, would be able to do it. The risks are in opportunistic hacking, i.e., leaving the back door open. The hacker thinks, “If I infect 1,000 computers and one person pays, great, that was a success.”

Finally, if you’re reading this and still don’t have a backup system in place, just remember “To go forward, you must backup!!!” $60 is a small price to pay or maybe you want to retake that photo of you with your dog from 20 years ago. You could borrow the neighbor’s dog and regrow those sideburns…

Online Security Part 12 – General Scams

If the wide variety of threats from malware, weak passwords, public Wifi, and mobile security weren’t enough, there are now scammers taking advantage of people by offering personalized service. For example, while ransomware was discussed in Part 2, some crooks distribute malware that includes a “tech support” number to call. Other criminals call users proactively, especially targeting the elderly and non-tech savvy, offering “free” support. This support includes stealing credit card numbers and installing additional malware at no extra charge. By the way, “Windows technical support” is never going to call with a warning about a virus!

“Social engineering” scams are not limited to malware. Here is a short list of the worst ones lately (and they’re changing all the time):

  • Job Offer Scams – A $75k / year job working from home based on an email interview! Wow! Oh, but they need $472 to cover the cost of (fill in the blank) or they need your banking information to setup direct deposit.
  • Reshipping Scams – Getting paid to reship products, but the goods are stolen and the payment never arrives.
  • Payment / Overpayment Scams – That ugly velvet painting of Elvis sold online for $50! But the stupid buyer accidentally sent you a check for $500… “Please refund the balance. Here’s my Western Union account.” When you refund the overpayment, they reverse the original payment.
  • Shipping Scams – A “valuable package” is stuck in customs, just send $100 to “release it.” PayPal has a whole page of their FAQ devoted to these crazy schemes.
  • Friend Help Scams – If a 90 year old relative is stuck in Venezuela and needs $500 to get home, that’s probably a hacked email account.
  • Mystery Shoppers, Free Vacations and All “Too Good to Be True” Scams – If it sounds too good to be true, then it is.
  • Technical Support Scams – Your browser cannot tell that you have a virus. It can however tell you that you have visited a “malicious site.” That is a legitimate warning.
  • App Store Scams – Signing up for a free trial of X triggers a prompt to subscribe. Tap the button to approve it by mistake and… “You will pay $99.99 for a 7-day subscription starting Jun 9, 2017.”

By the way, Robocallers are at the core of many of the scams above. I’ve started using Nomorobo, which is a great service to prevent Robocallers from getting through (there are many other options though).

Despite the length of this post, almost all of these scams boil down to using common sense: please send $500 to this Western Union account and you too can own the Brooklyn Bridge! LOL

Online Security Part 11 – To Go Forward You Must Backup

This silly quote used to be a trademark of the Dantz Corporation, the creators of one of the first backup solutions I used in the 1990’s called Retrospect. Those were the bad old days of tape backups costing thousands of dollars in hardware and software. Today it typically costs less than $60 to protect a computer’s priceless data such as photos, correspondence, and financial documents. That’s the price of a 1 TB portable USB external hard drive and the software is free with all modern computers. The process of setting up a backup system is also simple so if you’re not backing up your computer, stop what you are doing, visit your local office supply store or electronics store, and buy one.

Welcome back. If you are using an Apple laptop or desktop computer, plugging the drive into a free USB port should automatically pop-up a window asking something similar to, “Do you want to use My Backup (1 TB) to back up with Time Machine?” Time Machine is Apple’s name for their free, built-in backup solution and “My Backup” is the name of the drive you just plugged in (so it might be different). It takes a couple hours for the first full backup to complete, but after that Time Machine works invisibly behind the scenes making a copy of every changed file every hour. This is not only great for recovering from rare major issues like a hard drive crash, but also for more common issues like an inadvertently deleted file.

Amazingly, if you ever have to do a complete restore, it puts a computer back to the exact state it was in when the last snapshot was taken. It really is like a time machine! More details can be found on Apple’s support website (and the website 9to5Mac), but it is obviously super simple to setup and very powerful to use.

If you are using Windows 10, Microsoft has a similar option called “File History.” By default it only backs up files in a user’s home directory, but that is still very useful. To set it up, select the Start button, select Settings > Update & security > Backup > Add a drive, and then choose an external drive or network location for your backups. You can find more information on Microsoft’s website.

Unfortunately, a single backup is not sufficient to create a robust recovery system for digital and physical disasters. Most experts recommend using something called the 3-2-1 rule. This means three copies of all data are made on two different types of media with one copy stored “somewhere else” such as “in the cloud.” For example, to keep that wonderful photo of your kids with the family dog safe, one copy would be on your computer hard drive, a second copy would be on a backup drive, and a third copy would be stored “in the cloud” through a service like iCloud, Google Photos, Dropbox, or CrashPlan.

Personally, I use a combination of Dropbox to backup critical files, iCloud Photo Library to backup photos, and a series of three backup USB external drives that I swap weekly. Is this overkill? Maybe, but the few times I have had to restore a computer from a backup, it has been a godsend, saving a day of tedious work restoring files and settings. Also, while the extra security is nice, daily benefits include photos that automatically transfer from phone to computer and Dropbox files that can be accessed from a phone or tablet anytime, from anywhere.

Finally, while there are hundreds of options available to “recover” from malware, nothing beats reformatting a hard drive and restoring files from a known, good backup. Malware is devious and many malware removal companies are devious too. This last topic will be covered in the next part of this series on online scams, but if you are still reading this and haven’t backed up yet…

Online Security Part 10 – Is a Strong, Unique Password Enough?

Once you start down the rabbit hole of online security, it can seem endless. For example, as previously explained, strong passwords require a password manager to store them and then the password manager requires an even stronger password to keep those strong passwords secure. No less than three parts of this series of articles have been dedicated to passwords, but believe it or not, there is a growing movement toward something called “two factor authentication” that makes strong, unique passwords only one of the two things needed to login to critical accounts. It is so important that Apple even briefly considered making it mandatory for iCloud accounts so it is definitely worth understanding before deciding to use it.

Unfortunately, it is a bit of a complex topic so let’s break it down into smaller parts.

  • What is it called? – The most common names are: Two-factor authentication (2FA), Multi-factor authentication (MFA), and Two-step verification.
  • Why is it used? – Email is central to other security features of accounts and can be used to reset passwords for other accounts such as banking, shopping, etc. Cloud storage accounts contain valuable resources that are synchronized across devices. Deleting something “in the cloud” can delete it everywhere. 2FA makes these and other accounts like banking more secure.
  • What is it? – 2FA requires a second step (factor) to login. These factors typically include knowledge (of a password), possession (of a smartphone), and inherence (of a fingerprint). 95% of the time a 2FA login requires entering the password and the code from a text message sent to a cellphone, but backup methods include a voice call, a code from a smart phone app tied to the account, a text message to a backup cellphone, or responding to a prompt after unlocking a cellphone with a fingerprint.
  • How it protects? – Simply put 2FA increases safety by combining something you know, the password, with something you have, the smartphone.
  • What are some dangers associated with 2FA? – A lost, stolen, broken, or hacked phone can make getting the code impossible so all 2FA systems have backup methods such as specifying a backup phone, printing a list of backup codes (recovery keys) and storing them in a physically safe place (not in a file on your computer!), or answering detailed security questions.

As an additional step, it might be a good idea to keep an encoded list of passwords on a sheet of paper in a safe place. For example:

  • Power Company – jdoe@gmail.com – *bhr18$
  • Cellphone – jdoe@gmail.com – #dcd22@

Where “*bhr18$” would stand for the real password “*beach-horse-ride18$” and “#dcd22@” would stand for “#desert-cat-drive22@” Creating strong passwords with a pattern like “place,” “animal,” and “action” can reduce confusion.

It may sound crazy to add yet another layer to the security of critical accounts, but once it is setup 2FA doesn’t add much effort to use. Both Google and Apple have excellent tutorials on setting up 2FA for their services.