How to add spaces to the MacOS Dock

The Dock on Apple’s iMacs and Macbooks is one of the most famous user interface elements in the computing world. It’s ever present and gives you quick access to your important apps and files.

But wouldn’t it be nice to have some spaces in the Dock to separate those icons into groups?

Here’s how to do it:

  1. Open Terminal
  2. Type in: defaults write com.apple.dock persistent-apps -array-add ‘{“tile-type”=”small-spacer-tile”;}’
  3. Press Enter.
  4. Type in: killall Dock 
  5. Press Enter.

This will create a space at the right hand end of your dock and you can drag it anywhere you’d like.

To remove the space just right-click on it and click “Remove from Dock”.

 

How to fix Microsoft Teams “Sign in with a different Microsoft account” loop

If you’re trying to sign into Microsoft Teams on a Mac and you’re seeing a window that says that you’re already signed into a different account then you’re probably getting frustrated when you click on “Sign in with a different Microsoft account” and the link does nothing but loop the same window.

The fix is easy.

This problem happens because Teams is pulling account information from iCloud Keychain and it so happens to be the wrong account information. I’m not sure why the loop happens and this might be a bug.

Here’s how to fix the issue:

  1. Close Microsoft Teams.
  2. Open OneNote or another Microsoft app like Word or Excel.
  3. Sign out of all of your accounts in the app.
  4. Close the Microsoft App.
  5. Open iCloud Keychain and delete all keychain entries that are found when searching for “office”, “teams”, and “microsoft”. Warning: You do this step at your own risk. Make sure that you’re not deleting any keychain entries that are needed.
  6. Delete the following folder: ~/Library/Application Support/Microsoft/Teams
  7. Open OneNote or another Microsoft app like Word or Excel (not Teams).
  8. Sign into the account that you’d like to use with Teams.
  9. Then open the Microsoft Teams app and you’ll see a prompt that will allow you to sign into Teams with the right account.

And that’s it! 🙂

 

Remove client IP address in Office 365 (Exchange Online)

Office 365 (Exchange Online) does not remove the user’s private IP address (x-originating-ip) from the header of sent emails. This causes a privacy risk that allows all recipients to easily see your home IP address by checking the email headers.

Fortunately it’s pretty easy to configure Office 365 to remove your client IP address from emails before sending them out.

The following instructions are for Office 365 Business subscriptions. Office 365 Home and Outlook.com already remove the private IP address automatically so you don’t have to do anything.

How to remove IP addresses from all emails sent by Outlook or other mail clients through Office 365/Exchange Online

  1. Go to the Exchange Admin Center (outlook.office.com/ecp)
  2. Click on mail flow
  3. Click on rules
  4. Create a new rule
  5. Copy the conditions and actions listed below:

I also recommend selecting the “Defer the message if rule processing doesn’t complete” to make sure that the rule removes the IP address from all outgoing emails.

This will hide your private IP address, the only email address attached to the email will be the public IP address of Office365/Exchange Online mail servers.

 

Sieve filters that will increase ProtonMail security

In addition to encryption and two-factor authentication ProtonMail also incorporates the Sieve programming language which can be used to filter your emails with greater customization.

You can check the ProtonMail website for Sieve rules that allow you to customize your email filters to better organize your mailbox, however in this article I’ll be going over the rules that I’ve added to my ProtonMail account so that I’m protected against security threats and phishing attacks.

Rule #1: Detect emails that are not encrypted using SSL/TLS

ProtonMail’s main claim to fame is it’s OpenPGP end-to-end encryption. However this encryption only works when you’re emailing with other ProtonMail users or other users who are using PGP.

If you’re just emailing with your Mom who uses Gmail then the email will not be PGP encrypted. Instead it will be SSL/TLS encrypted. This level of encryption provides security from eavesdroppers who might be listening in on the connection between you and the Gmail servers that your Mom uses for her email.

But what if someone you communicate with doesn’t use an email service that encrypts using SSL/TLS? The email will be sent in plain text exposing it’s data to the internet.

This first rule will alert you when an incoming email is not using SSL/TLS encryption. This will allow you to be careful with your reply knowing that the message will be readable to whoever might be listening on the internet.

require "fileinto";

# Put all mails that have been sent without TLS/SSL into the spam folder and apply the no TLS label

if header :is "x-pm-transfer-encryption" "none" {
    fileinto "NO TLS/SSL";
    fileinto "Spam";
}

The rule will apply the “NO TLS/SSL” label (you’ll need to create this) and then file the message into the spam folder for you to review.

Rule #2: Detect emails that fail anti-spoofing checks

Email is a standardized service and incorporates several checking mechanisms in the background to try to prevent anti-spoofing and anti-phishing attacks from malicious actors that try to impersonate the people that you communicate with.

Two of those technologies are SPF and DKIM. You can use a search engine to get a better understanding of these. A rule that I find useful is one that will alert me when an email fails SPF or DKIM. This helps me to avoid responding to emails that might be impersonation attacks.

require ["fileinto", "imap4flags"];

# mark emails that have failed basic anti-spoofing

if anyof(
      header :contains "Authentication-Results" "dkim=fail",
      header :contains "Authentication-Results" "spf=fail",
      header :contains "Authentication-Results" "spf=none") {
      fileinto "AUTH-FAIL!";
      fileinto "Spam";
stop; 
}

Emails that either fail SPF or DKIM, or emails that have no SPF (also a risk), will be labeled with “AUTH-FAIL!” (make this label first) and then filed into spam for you to review.

Note: You may wish to remove the spf=none rule. I include it because most people that I communicate with are using an email platform that includes SPF but if you’re communicating with people on older platforms or with people who have not setup SPF on their custom domain then you may find too many emails being caught by this.

Note 2: You may find newsletters triggering this rule.

Rule #3: Block impersonation attacks on your trusted contacts

The final rule is used on an individual contact. If you communicate regularly with a friend and would like to increase the level of confidence that an email has actually come from her and not from someone pretending to be her then the following rule will try to alert you to impersonation attacks:

require ["fileinto", "imap4flags", "envelope", "include"];

# check for mismatch between sender values for contact1

if allof(
    address :is "from" "contact1@domain.com",
    exists "reply-to",
    not header :is "reply-to" "contact1@domain.com")
     {
          fileinto "PHISHING!";
          fileinto "Spam";
          stop; 
     }  
elsif allof (
   address :is "from" "contact1@domain.com")
     { 
         fileinto "Contact1";
     }

Simply replace “contact1@domain.com” with the email address of your friend.

This will compare the “from” field in the header of the email with the “reply-to” field. A mismatch between these two values will suggest that someone is trying to pretend to be your friend.

A side-benefit here is that the rule will label legitimate emails with the name of your contact.

What else?

I recommend that you implement all three rules in the order listed in this article to be protected by all three checks. This will ensure that emails arriving to your inbox are encrypted using SSL/TLS, have passed SPF and DKIM, and your contacts are not being impersonated.

As always: you use these at your own risk and no rule or safe guard provides 100% protection. There are other attacks that these rules will not catch.

What rules are you guys using to increase security and safety with ProtonMail? Post them in the comments below.

 

5 reasons why you should use ProtonMail for your email

This is Part 1 of a two part series. Click here to to read Part 2: 5 Reasons why you should NOT use ProtonMail for your email.

You send an email to your spouse expressing your thoughts about last week’s visit to your relatives. You are not diplomatic in this email but rant about the drama that occurred over dinner because her uncle wouldn’t stop talking about politics.

Or maybe you send a copy of your driver’s license to a potential employer so that they can run a background check on you.

Can you think of an email that you’ve sent in the past that would cause you personal, professional, of financial harm if it was exposed to the world?

This is not a thought experiment. It’s an extremely real and urgent issue. In 2016 Yahoo reported that it’s servers had been breached and the account information of millions was potentially exposed: https://en.wikipedia.org/wiki/Yahoo!_data_breaches

We live in a world where we not only constantly send sensitive information over the internet but we also keep all of that information permanently sitting online. All of the emails that you’ve ever sent are sitting in the sent folder of your Google or Yahoo or Outlook account and when those services are hacked (and it is a question of when, not if) it is not only your current emails that will be exposed but your entire history of emails.

So what can a normal person do about this? Traditional encrypted email (the most popular of which is something called PGP) is too difficult for the average person to use and requires that both the email sender and receiver are using the same encrypted email system.

The best solution comes from a Swiss company called ProtonMail. Founded by former physics scientists this company aims to provide a simple and easy to use service that encrypts your emails and protect you against the sort of breaches that have happened with Yahoo and other companies.

Here are the 5 best reasons why you should be using ProtonMail instead of Outlook, Hotmail, Gmail, Yahoo, or any other email service.

1. ProtonMail is “double encrypted”

When you send a piece of information over the internet you run the risk of having an eavesdropper intercept that information and read it. To protect against this ProtonMail encrypts every single email that leaves your computer with something called TLS.

TLS means that your email is encrypted going from your computer to ProtonMail and then is also encrypted to the destination as long as the destination supports TLS encryption. Modern email systems like Gmail and Outlook support TLS encryption.

The problem with TLS is that this encryption uses a lock and key that is controlled by ProtonMail. So while your information will be safe from external eavesdroppers, ProtonMail can theoretically read that email if they wanted to. And that’s where the “double encryption” comes in.

The second layer of encryption kicks in if you send an email to another person who is using ProtonMail. In this case the email is first encrypted using PGP and then is encrypted further using TLS. This creates two layers of encryption for your email.

The PGP layer of encryption uses a lock and key that only you have, not even ProtonMail can read this email. When you send an email to another ProtonMail users you encrypt it using that user’s public key, and then only that user can read that email since the only thing that can open that email is their private key that only they know. The cool thing with ProtonMail is that this process of locking and opening the email happens completely automatically.

2. Email is stored encrypted

One of the best reasons to use ProtonMail is that your archive of previous emails (which can sometimes be years worth of emails) is stored using PGP encryption and can only be opened by you.

When you go to mail.protonmail.com you’re asked to put in your password and the ProtonMail website decrypts your emails. Unlike Gmail the employees at ProtonMail have no way to read your email because it is stored in their data center in an encrypted lockbox.

So if ProtonMail is hacked and data is exposed all the hackers will get is the encrypted lockbox but they will be unable to open that lockbox to actually read your emails.

So if you have a saved email that looks like this:

Hello Tim,

Thank you for those financial statements. You can go ahead and make the deal for $30,000. This is confidential information so make sure no one is told until the deal is finalized.

Regards,

Steve

Then a hacker who manages to hack in and get your encrypted ProtonMail data will only see this:

—–BEGIN PGP MESSAGE—– wcBMA2z6LoE8/CXaAQf/cm8rpOiRReBTnkN7IItUPmmsaABKzSPZ2zemeAeQtN+baDkPkDI89ONte6ZIx/ieImOIPv4C5MJABsZUg5Bwz9EB1WaKmX8/xcQ8CS8t0Zo3o+w0v3m6XNTnDUvy1urn7npJFmt0j+VwdCdBO+42mPi0h3RjyKuKBNgm+weux+KoFjl1zk80nMtP1296vzJIOl1U36AIMxmw9wHVsmTW/x0XV01yA5Z2iXCp7HQFf5I9eHxvkQEhJPo+cU5fb7TTXjNvSodowMHXGY7OO2EsSacDaCpXN7Oe/eQFwUlSWOVOnnCrHk1Oxr6xUQWYM6+Mm0sYMZEAMUr3/Bo3WTdAINLAGAGt8LV4f2qp7qKHO9k27/ZE4i2ycSZ6PXw9v4VFYYjqPcNNJxjDv5LZClywDSyeojmdESlcr4wi3VQ+Geo5sF4pSBl03gqYmd6CHWIu4m34PcLoCvSF+zaLrpKsSpXFgDDsWxgIuU/56quX0SQgvbbI/gvbC3CtMgHxeL5LKHcKijSCYGSAVHIwpU7C7iDsXt9ZrvMwpKoIyasKuoQK dlz52QERGV7xBJOx5VC1LTrl+6Z+jv9Zl2bTC+06txWSyeROJJZB7MsfzS+X3qGi BZ1zpiYJAm2LXw== =4iwN —–END PGP MESSAGE—–

Without your password it’s complete gibberish. This is why ProtonMail is so secure against hacking attempts. Even if ProtonMail is hacked the information that a hacker can steal is almost useless.

3. ProtonMail offers two factor authentication

Just using ProtonMail with a strong password is quite secure. However to increase security further ProtonMail includes a feature called two factor authentication.

If you turn on two factor authentication then when you enter your password ProtonMail will also send a code to your cell phone that you’ll have to enter after your password. This protects your account even if someone steals or guesses your password as they would need both your password and your cell phone in order to open your emails.

It’s a very powerful security feature and if you do open a ProtonMail account I suggest that you turn it on.

4. ProtonMail does not spy on your emails or use them for advertising

This is one of the biggest reasons why I started using ProtonMail. If you’re using Gmail or some other service then your email is being constantly scanned by Google and tracked.

Here’s a quick eye-opener that will shock you: if you’re using Gmail there’s a page that you can open that will show you every purchase that you’ve ever made online. Google knows all of this about you because their system is constantly reading your emails and keeping records of everything that you’ve done online. Click on this link and see for yourself: https://myaccount.google.com/purchases

ProtonMail makes its money not by collecting your data or selling access to you but by selling subscriptions. They offer professional and business subscriptions that people pay for. This is different from Google which tends to concentrate on offering free services in exchange for your permission to track you and collect data about you.

5. It’s free

All of this security is free! If you just need a basic account for personal email you can sign up without paying anything.

Later if you decide that you need one of their extra features (such as using ProtonMail with your Outlook application) or more storage you can purchase one of the paid subscriptions. But I like the fact that you can try ProtonMail for free and it’s not a trial or limited product, it’s the real deal.

However I want to provide a balanced look at ProtonMail and no service is perfect. That’s why you should also read Part 2 of this series: 5 Reasons why you should NOT use ProtonMail for your email

 

How to change your GoDaddy subscription and plan

If you’re looking to upgrade or change your GoDaddy subscription plan for Office 365 for email or hosting or some other service just follow the instructions below.

First you need to login to your GoDaddy user portal. You can do so by going to GoDaddy.com and clicking on Sign In in the upper right corner or by clicking on the following link: https://sso.godaddy.com/?realm=idp&path=%2Fproducts&app=account

Then go to the product page and scroll down to the appropriate product. So, for example, if you wanted to change your Office 365 email service with GoDaddy you would scroll down to Email & Office and then click Manage All.

Then go the following:

  1. Find the email that you need to change and click on Options
  2. Press Select and click on the subscription that you want to change to
  3. Then click Complete Purchase

And that’s it! The change might need a little bit of time to propagate so be patient for at least half an hour or so.

 

How to automatically bulk convert multiple MP4 to MP3 on a Mac (Automated conversion)

If you have a lot of MP4 videos but you want to extract audio from these videos into MP3 files to listen to then it can be a tedious process to convert a lot of MP4s one by one.

In order to convert multiple files very quickly I’ve written an script that can convert any MP4s in a folder (no matter how many) to MP3 files. You literally just have to put your MP4s into a folder, put my script into the same folder, and then double-click on the script and let it run!

Just follow these steps:

Step 1: Install FFMPEG

Follow these instructions to install the open source and free FFMPEG. https://github.com/fluent-ffmpeg/node-fluent-ffmpeg/wiki/Installing-ffmpeg-on-Mac-OS-X

It’s a collection of libraries for audio and video that my script uses.

Step 2: Create the script file

  1. Open TextEdit on your Mac
  2. Paste in the following:

!/bin/bash
echo Welcome to theFakeGeek.com awesome .mp4 to .mp3 conversion script!
cd “${0%/*}”
mkdir mp3s
echo Now converting… sit back and relax
for f in *.mp4; do ffmpeg -i “$f” -c:a libmp3lame “mp3s/${f%.mp4}.mp3”; done
echo Done! Enjoy your mp3s!

  1. Click on Format and then Make Plain Text
  2. Now click on File and then Save
  3. Name the file mp4tomp3convert.command
  4. Save the file inside of the folder with your MP4 videos

Before you run the script be aware of the following: This script and information as provided for information purposes only and I do not guarantee use. You run the script at your own risk. Please make sure that you backup your videos and data before running the script.

And now just go to that folder and double click on mp4tomp3convert.command and your videos will be converted!

 

Solved: Can’t open email in Outlook because there is a padlock locking the email

If you see a padlock next to an email in Outlook and you cannot open the email then you have likely received an encrypted email that is secured using Office 365’s new encryption capabilities. Here’s how to open it.

If the email is in your inbox then you’ve likely been sent the email to your own email address. However please verify that it wasn’t forwarded to you from someone else. Only the original recipient can open the encrypted email.

The cause of this issue is usually that your Office 365 was logged out of Outlook or another account was mistakingly signed in. To correct the problem please do the following:

  1. Open Outlook
  2. Click on File
  3. Click on Office Account
  4. On the left side of the screen under Account sign out of all accounts.
  5. Then sign in using the account that the email was sent to. This account should also have an Office 365 license.
  6. Close Outlook
  7. Re-open Outlook
  8. Open the email

And that’s it!

Another option if that doesn’t work is to try to open the email using the web app version of Outlook. You can do this by going to outlook.office.com

 

How to install and turn on Microsoft Office Insider

In order to be the first to get the latest features for Microsoft Office (Word, Excel, PowerPoint, Outlook and more) you’ll want to become an Office Insider. People with Office Insider get new features before anyone does and fortunately it’s an easy process to enable Insider for Office.

Note: this article is for those who have an Office 365 Business subscription. If you have a Home subscription or any other type of subscription then this article is not for you. For Office 365 Home users simply open Word then click on File, then click on Account, and then click on the Office Insider button.

If you have not installed Office yet then you can go down to Step 1 and begin the process to install the insider version of Office. However if you already have Office installed then you’ll need to uninstall Office first. Make sure that you backup your data and ensure that your emails and OneDrive data are backed up and synced to the cloud.

Step 1: Download the Office Deployment Tool

The Office Deployment Tool is a special way to install Office that will allow us to specify that we want to install the Insider version.

Download the Office Deployment Tool from the Microsoft website: https://www.microsoft.com/en-us/download/details.aspx?id=49117

Step 2: Run the Office Deployment Tool

Run the Office Deployment Tool and follow the prompts to extract the files to a new folder on your desktop named “deploy”.

Step 3: Open the configuration-Office365-x86.xml file in the “deploy” folder

Inside of the deploy folder right-click on configuration-Office365-x86.xml and open in Notepad. Or click Edit.

Step 4: Edit the xml file

Inside of the xml file delete everything and instead paste the following:

<Configuration>  
<Add OfficeClientEdition=”32″ Channel=”InsiderFast”>  
<Product ID=”O365BusinessRetail”>  
<Language ID=”en-us” />  
</Product>  
</Add>  
</Configuration> 

You can change the 32 to a 64 if you need the 64-bit version of Office. However unless you have a compelling reason I recommend that you stay with 32-bit for compatibility reasons.

And then save the xml file and close it.

Step 5: Open the Command Prompt

Click on the Start Menu in the lower left corner on the screen and search for “Command Prompt”. In the results right-click on Command Prompt and select “Run as Administrator”.

Step 6: Run the install command

In the Command Prompt we want to change the directory to where your deploy folder is located. Type the following:

cd <path for your deploy folder on the desktop>

So your command should look something like cd C:/Users/Administrator/desktop/deploy

Run the Command.

Next we will begin the Office install. Please run the following command:

setup.exe /configure configuration-Office365-x86.xml

Step 7: Activate and Restart

When the Office install finishes open any Office application (such as Word). You’ll be prompted for your account username and password. Let Office activate.

Then restart your computer.

When your computer boots back up you’ll now be running the Insider version of Office!