23david23

Q: TextEdit using the Internet?

Does TextEdit use the Internet for any reason when I create a new document or edit an old one?  The reason I ask is because I had begun to suspect that coworkers were somehow reading my TextEdit projects so I started typing short paragraphs that would be sure to get the attention of certain random people with whom I work.  Sure enough, my little essays were getting back to them and I was receiving hostile feedback in regard to specific things I typed about.  This is stuff I did on my home Mac which is not in any way used for work.  I have the firewall turned on and have even taken the machine in to have it checked for key loggers or other malware.  It all came back negative.  File Sharing is turned off.  Anyone have any ideas what might be going on?

iMac, OS X El Capitan (10.11.1), 2.7 GHz Intel Core i5, Memory: 8 GB 1333 MH

Posted on Jan 8, 2016 12:26 PM

Close

Q: TextEdit using the Internet?

  • All replies
  • Helpful answers

Page 1 Next
  • by a brody,

    a brody a brody Jan 9, 2016 11:38 AM in response to 23david23
    Level 9 (66,889 points)
    Classic Mac OS
    Jan 9, 2016 11:38 AM in response to 23david23

    You sure you aren't using the Notes application?  It looks just like TextEdit on the surface.  And it does work with your iCloud shared account.  If you type something in Notes, and you leave your iCloud account logged in at work, they may be able to see what you type and saved on your Notes software.

     

    One thing I would be careful of, use a more secure iCloud password than you have presently, and log out from your iCloud account when you are leaving work.

    Don't leave your password in plain sight at work.   Find a place to keep it under lock and key physically.    And don't use a password that is a word in any language (remove all vowels), and mix numbers and letters and symbols.

     

    TextEdit has no networking capability, except if you share files, or turn on screen sharing on your Mac and allow yourself to remote in from work to your Mac.

  • by a brody,

    a brody a brody Jan 9, 2016 11:40 AM in response to 23david23
    Level 9 (66,889 points)
    Classic Mac OS
    Jan 9, 2016 11:40 AM in response to 23david23

    Also note, you posted this to the Snow Leopard forum.  There is no "notes" application in Snow Leopard per se.   Being your signature says you have 10.11, suggests you should post this question in the El Capitan forum.   If you are using Snow Leopard, there may be something else enabled.

     

    OS X El Capitan

  • by AlecZ64,

    AlecZ64 AlecZ64 Jan 9, 2016 11:49 AM in response to 23david23
    Level 1 (23 points)
    Mac OS X
    Jan 9, 2016 11:49 AM in response to 23david23

    If you're in fact running El Capitan and not Snow Leopard, yes, TextEdit has the option of saving to iCloud. But I'm guessing you aren't doing that by accident AND allowing coworkers to log into your iCloud.

  • by 23david23,

    23david23 23david23 Jan 9, 2016 12:11 PM in response to a brody
    Level 1 (9 points)
    Desktops
    Jan 9, 2016 12:11 PM in response to a brody

    I appreciate your reply.  It is definitely TextEdit that I'm using and, as I mentioned in my first post, this computer is my own personal computer that I use at home.  Everything I do on my computer is my own personal stuff.  I don't even use a computer at work.  But iCloud might be the problem except that I don't see TextEdit listed in the iCloud list of apps.

     

    Ya see, in about 1999 when I got my first Mac, someone at work gave me a floppy disk (yes, it was that long ago!) saying it was free Juno email software.  When I got home I inserted it into the drive but nothing came up but a little guy with a smiley face.  I clicked on it, nothing happened so I removed it and forgot about it until in about March of 2003 when it became obvious that everything I did on my HOME computer was being accessed by these coworkers.  I took it in to have it checked for spyware but nothing showed up.  Now I am on my 3rd Mac (I am now running El Capitan, btw) and they are still confronting me about my Internet activities plus whatever I write in TextEdit.  I can tell you details if you want to know but it would be a long story and it would have to be a private message.

     

    This is weird, I know, but I think they somehow have access to my Internet connection (DSL) somewhere between my house and the phone company.  There apparently is no spyware on my computer (I had it checked, remember) but yet they know EVERYTHING I do online and even not online, i.e., TextEdit.  I'm at an impasse and even the sheriff's office does not know what to do to help.

     

    Anyway, thanks again for your reply.  I'll have to look more into iCloud to see if that is how they are accessing my stuff... but iCloud wasn't even available in 2003. 

  • by 23david23,

    23david23 23david23 Jan 9, 2016 12:14 PM in response to AlecZ64
    Level 1 (9 points)
    Desktops
    Jan 9, 2016 12:14 PM in response to AlecZ64

    Thanks for your reply.  Please read my reply to 'a brody', above.  Thanks again.

  • by steve359,

    steve359 steve359 Jan 9, 2016 12:59 PM in response to 23david23
    Level 6 (14,032 points)
    Jan 9, 2016 12:59 PM in response to 23david23

    People often use default settings for their wireless networks.  The name of the network is a default ("ATT2817", for example).  They do not use the highest level of encryption, and the password is guessable ("mypassword").

     

    I suggest a network name like "RubberPaddedWalls" instead of "BillandJaney".  The wireless password should be something like "t^h3Sz$nuo!jl7".

     

    Few are worthy of being hacked by outsiders, but these measures deter most of the casual trollers.

  • by AlecZ64,Helpful

    AlecZ64 AlecZ64 Jan 9, 2016 3:26 PM in response to 23david23
    Level 1 (23 points)
    Mac OS X
    Jan 9, 2016 3:26 PM in response to 23david23

    Well, that is very frightening. It doesn't sound like a man-in-the-middle attack, more like custom-made spyware that isn't being detected. If I were you, I'd save my stuff, reformat my Mac's bootup disk, reinstall OS X, and manually put all my files back in. You could also try using a different (and freshly installed) computer and seeing if they see what you type on that too.

     

    What Steve said is also right. Someone could be going to your house and snooping your wireless traffic, but it sounds unlikely... I don't know your situation, though.

     

    That's leaving out the legal issues about your coworkers blatantly accessing your private information.

  • by 23david23,

    23david23 23david23 Jan 9, 2016 3:32 PM in response to steve359
    Level 1 (9 points)
    Desktops
    Jan 9, 2016 3:32 PM in response to steve359

    Thanks, Steve.  I have done everything that you said here and more.  I think there are some evil geniuses in this world.  I am 100% stumped.  I have gone so far as to use the MAC address filter and a very long password of illegible gibberish.  Also have made my wifi signal invisible.  But I still believe they are into the actual phone/DSL circuit somehow.  This is a small town in the middle of nowhere with a lot of 'good ol' boys' and it wouldn't surprise me at all if one of these miscreants has a brother-in-law who works for the phone company who has done something to my line.  But it's all speculation on my part.  All I know is they drop details of my "stuff" on me every chance they get.

  • by 23david23,

    23david23 23david23 Jan 9, 2016 3:39 PM in response to AlecZ64
    Level 1 (9 points)
    Desktops
    Jan 9, 2016 3:39 PM in response to AlecZ64

    It is highly illegal what they are doing.  The sheriff's office heard me out and they see my point about what I have typed and the responses I get but they said there was not much they could do unless they start stealing from me pr damaging my property.  Very frustrating.  Since 2003, no one I have talked with about this has a clue of what might be going on.  Just the one line-guy from the phone company said that that disk they gave me in 1999 may have given them the route my communications take on their way to the main switching building in town.  They were also privy to my corded phone calls - nothing to do with my computer - until I cancelled my land line.  Now I only use Skype  which is supposed to be encrypted, and it seems to be, and my cell phone.

     

    Thanks, all, for the replies.  This problem will likely never get resolved.

  • by a brody,

    a brody a brody Jan 10, 2016 1:08 PM in response to 23david23
    Level 9 (66,889 points)
    Classic Mac OS
    Jan 10, 2016 1:08 PM in response to 23david23

    iCloud in its inception was called iTools, and part of the old Mac OS 9.    So it has been around since 1999 in some format or another.    If you are saving your notes file to your iDisk, or to any remote server, that is open for other people.    One thing you can do is track incoming and outgoing internet traffic with a software called Little Snitch.  It will slow down your internet connection, but you will see if applications are "phoning home." that you may not be aware of and what traffic they may be doing.    Another is Etrecheck, which will give you a copy of all processes background and otherwise that are installed on your machine.   You can copy/paste its results to the board here, and we can see if there is a known program that might be hacking your system.

  • by 23david23,

    23david23 23david23 Jan 16, 2016 10:04 AM in response to a brody
    Level 1 (9 points)
    Desktops
    Jan 16, 2016 10:04 AM in response to a brody

    Thank you again for your assistance.  I ran EtreCheck as you suggested.  I ran the suggested Malwarebytes ANTI-MALWARE for Mac, too, but it only removed a couple of adware apps which I know are not the problem.  Otherwise, this is the result:

     

    EtreCheck version: 2.7.2 (232)

    Report generated 2016-01-16 10:43:03

    Download EtreCheck from http://etrecheck.com

    Runtime 2:33

    Performance: Excellent

     

    Click the [Support] links for help with non-Apple products.

    Click the [Details] links for more information about that line.

    Click the [Scan for adware] links for help removing adware.

     

    Problem: Other problem

    Description:

    Co-workers of mine seem to have access to everything I do and look at on my iMac.

     

    Hardware Information:

        iMac (27-inch, Mid 2011)

        [Technical Specifications] - [User Guide] - [Warranty & Service]

        iMac - model: iMac12,2

        1 2.7 GHz Intel Core i5 CPU: 4-core

        8 GB RAM Upgradeable - [Instructions]

            BANK 0/DIMM0

                4 GB DDR3 1333 MHz ok

            BANK 1/DIMM0

                4 GB DDR3 1333 MHz ok

            BANK 0/DIMM1

                Empty  

            BANK 1/DIMM1

                Empty  

        Bluetooth: Old - Handoff/Airdrop2 not supported

        Wireless:  en1: 802.11 a/b/g/n

     

    Video Information:

        AMD Radeon HD 6770M - VRAM: 512 MB

            iMac 2560 x 1440

     

    System Software:

        OS X El Capitan 10.11.2 (15C50) - Time since boot: about 3 days

     

    Disk Information:

        ST31000528AS disk0 : (1 TB) (Rotational)

            EFI (disk0s1) <not mounted> : 210 MB

            Macintosh HD (disk0s2) / : 999.35 GB (830.59 GB free)

            Recovery HD (disk0s3) <not mounted>  [Recovery]: 650 MB

     

        HL-DT-STDVDRW  GA32N   ()

     

    USB Information:

        Apple Inc. FaceTime HD Camera (Built-in)

        Mitsumi Electric Apple Optical USB Mouse

        Apple Inc. BRCM2046 Hub

            Apple Inc. Bluetooth USB Host Controller

        Logitech Logitech USB Headset

        LaCie P'9221 Mobile Drive 500.11 GB

            EFI (disk1s1) <not mounted> : 210 MB

            Time Machine (disk1s2) /Volumes/Time Machine : 499.76 GB (91.26 GB free)

        Apple Computer, Inc. IR Receiver

        Apple Card Reader

     

    Thunderbolt Information:

        Apple Inc. thunderbolt_bus

     

    Gatekeeper:

        Mac App Store and identified developers

     

    Adware:

        Adware infection possible. [Scan for adware]

     

    Kernel Extensions:

            /Library/Application Support/MacKeeper/AntiVirus.app

        [not loaded]    com.zeobit.kext.AVKauth (2.3.2 - SDK 10.7) [Support]

        [not loaded]    com.zeobit.kext.Firewall (2.3.2 - SDK 10.7) [Support]

     

            /System/Library/Extensions

        [not loaded]    com.Cycling74.driver.Soundflower (1.5.1) [Support]

     

    Launch Agents:

        [loaded]    com.google.keystone.agent.plist [Support]

        [running]    com.machangout.glims.agent.plist [Support]

        [running]    com.opendns.osx.DNSCryptMenuBar.plist [Support]

        [loaded]    com.teamviewer.teamviewer.plist [Support]

        [loaded]    com.teamviewer.teamviewer_desktop.plist [Support]

        [running]    net.culater.SIMBL.Agent.plist [Support]

     

    Launch Daemons:

        [loaded]    com.adobe.fpsaud.plist [Support]

        [running]    com.anonymizer.deltavpn.DeltaVPNInstaller.plist [Support]

        [loaded]    com.anonymizer.deltavpn.DeltaVPNOpenVPNHelper.plist [Support]

        [running]    com.anonymizer.deltavpn.GreenlightInterrogator.plist [Support]

        [running]    com.anonymizer.deltavpn.L2TPConfigurator.plist [Support]

        [loaded]    com.anonymizer.deltavpn.OpenVPN.plist [Support]

        [loaded]    com.google.keystone.daemon.plist [Support]

        [running]    com.machangout.glims.loader.plist [Support]

        [running]    com.opendns.osx.DNSCryptConfigUpdater.plist [Support]

        [loaded]    com.teamviewer.Helper.plist [Support]

        [loaded]    com.teamviewer.teamviewer_service.plist [Support]

        [running]    com.zeobit.MacKeeper.AntiVirus.plist [Support]

        [failed]    net.tunnelblick.tunnelblick.startup.vpnbook--us1--udp53.plist [Support]

        [loaded]    net.tunnelblick.tunnelblick.tunnelblickd.plist [Support]

     

    User Launch Agents:

        [failed]    com.adobe.ARM.[...].plist [Support]

        [failed]    com.jdibackup.ZipCloud.autostart.plist [Support] [Details]

        [failed]    com.jdibackup.ZipCloud.notify.plist [Support] [Details]

        [running]    com.zeobit.MacKeeper.Helper.plist [Support]

        [failed]    net.tunnelblick.tunnelblick.LaunchAtLogin.plist [Support]

        [loaded]    uk.co.markallan.clamxav.freshclam.plist [Support]

     

    User Login Items:

        smcFanControl    Application  (~/Downloads/smcfancontrol_2_4/smcFanControl.app)

        iTunesHelper    Application  (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

        PandoCalendar    Application  (/Applications/PandoCalendar.app)

        Canon IJ Network Scanner Selector EX    Application Hidden (/Applications/Canon Utilities/IJ Network Scanner Selector EX/Canon IJ Network Scanner Selector EX.app)

        Typinator    Application  (/Applications/Typinator.app)

        Mail    Application  (/Applications/Mail.app)

        Google Drive    Application  (/Applications/Google Drive.app)

        Skype    Application Hidden (/Applications/Skype.app)

        iLauncherHelper    UNKNOWN Hidden (missing value)

        OpenDNS Updater    Application Hidden (/Applications/OpenDNS Updater.app)

        Stickies    Application  (/Applications/Stickies.app)

        Dave.pastor    Pastor Document  (~/Documents/Pastor 1.8.2/Dave.pastor)

     

    Other Apps:

        [running]    com.apple.xpc.launchd.oneshot.0x1000000b.EtreCheck

        [running]    com.eidac.smcFanControl2.13792

        [running]    com.google.GoogleDrive.8992

        [running]    com.macility.typinator2.68192

        [running]    com.opendns.OpenDNS_Updater.84512

        [running]    com.opendns.osx.DNSCryptProxy

        [running]    com.pandasystems.pandocalendar.84832

        [running]    com.skype.skype.146272

        [loaded]    com.vimov.weatherhd.mac.menulauncher

        [running]    jp.co.canon.cijscannerregister.16992

        [running]    jp.co.canon.ij.CNSSelectorAgent.93792

        [running]    net.mehlau.pastor.63392

     

    Internet Plug-ins:

        Flip4Mac WMV Plugin: Version: 3.2.0.16   - SDK 10.8 [Support]

        FlashPlayer-10.6: Version: 20.0.0.267 - SDK 10.6 [Support]

        QuickTime Plugin: Version: 7.7.3

        Flash Player: Version: 20.0.0.267 - SDK 10.6 [Support]

        EPPEX Plugin: Version: 3.0.5.0 [Support]

        Default Browser: Version: 601 - SDK 10.11

        Silverlight: Version: 5.1.40416.0 - SDK 10.6 [Support]

     

    User internet Plug-ins:

        Google Earth Web Plug-in: Version: 7.0 [Support]

     

    Safari Extensions:

        AdBlock

        TinEye

        Cookie Stumbler

        InvisibleHand

        StartPage HTTPS

     

    3rd Party Preference Panes:

        DNSCrypt  [Support]

        Flash Player  [Support]

        Flip4Mac WMV  [Support]

     

    Time Machine:

        Skip System Files: NO

        Mobile backups: OFF

        Auto backup: YES

        Volumes being backed up:

            Macintosh HD: Disk size: 999.35 GB Disk used: 168.76 GB

        Destinations:

            Time Machine [Local]

            Total size: 499.76 GB

            Total number of backups: 165

            Oldest backup: 7/29/13, 6:10 AM

            Last backup: 1/16/16, 9:47 AM

            Size of backup disk: Too small

                Backup size 499.76 GB < (Disk used 168.76 GB X 3)

     

    Top Processes by CPU:

             2%    fontd

             2%    WindowServer

             1%    kernel_task

             0%    Dock

             0%    Google Drive

     

    Top Processes by Memory:

        739 MB    kernel_task

        467 MB    softwareupdated

        287 MB    com.apple.WebKit.WebContent(3)

        262 MB    mds_stores

        229 MB    Skype

     

    Virtual Memory Information:

        2.22 GB    Free RAM

        5.78 GB    Used RAM (2.78 GB Cached)

        0 B    Swap Used

  • by a brody,

    a brody a brody Jan 24, 2016 7:07 PM in response to 23david23
    Level 9 (66,889 points)
    Classic Mac OS
    Jan 24, 2016 7:07 PM in response to 23david23

    Malwarebytes is in fact Adware.   You need to remove this.

    MacKeeper is also Malware.

     

    http://discussions.apple.com/docs/DOC-3036

     

    All Zeobit software should be removed.

     

    SMC Fan Control is overkill, but not related to your problem:

     

    kmb kmbp: How to deal with MacBook Pro and MacBook heat?


    Teamviewer is probably the open gateway allowing people into your machine if screen sharing is enabled.  Make sure this software is removed.

     

    net.tunnelblick.tunnelblick.LaunchAtLogin.plist - is another possible culprit.   Anything which establishes a VPN tunnel is a security risk if not properly administered.

    Espetially if it makes your machine the server.   Be sure you are not sharing your screen with another computer.  Same with any Remote Desktop.   Remove any Remote Desktop logins from your work machine to avoid it from bouncing into your home machine.


    Don't leave your office with any open network gates, and don't leave your computer for a bathroom break with those network gates open.






  • by jkbull,

    jkbull jkbull Jan 25, 2016 3:10 AM in response to a brody
    Level 1 (86 points)
    Jan 25, 2016 3:10 AM in response to a brody

    Regarding Tunnelblick: it is true that a VPN that is not set up or administered properly can allow information to be "leaked", however, removing "net.tunnelblick.tunnelblick.LaunchAtLogin.plist" will not have any effect. It will be recreated the next time you launch Tunnelblick.

     

    If you want to remove Tunnelblick, do it by following the instructions at Uninstalling Tunnelblick. If you attempt to remove Tunnelblick some other way you risk leaving parts of it still installed on your system.

  • by pinkstones,

    pinkstones pinkstones Jan 25, 2016 4:30 AM in response to a brody
    Level 5 (4,209 points)
    Safari
    Jan 25, 2016 4:30 AM in response to a brody

    a brody wrote:

     

    Malwarebytes is in fact Adware.   You need to remove this.

    MacKeeper is also Malware.

     

    http://discussions.apple.com/docs/DOC-3036

     

    All Zeobit software should be removed.

     

    SMC Fan Control is overkill, but not related to your problem:

     

    kmb kmbp: How to deal with MacBook Pro and MacBook heat?


    Teamviewer is probably the open gateway allowing people into your machine if screen sharing is enabled.  Make sure this software is removed.

     

    net.tunnelblick.tunnelblick.LaunchAtLogin.plist - is another possible culprit.   Anything which establishes a VPN tunnel is a security risk if not properly administered.

    Espetially if it makes your machine the server.   Be sure you are not sharing your screen with another computer.  Same with any Remote Desktop.   Remove any Remote Desktop logins from your work machine to avoid it from bouncing into your home machine.


    Don't leave your office with any open network gates, and don't leave your computer for a bathroom break with those network gates open.






     

    Malwarebytes is not malware.  It's a malware-removal tool, nothing more.  Please do not spread misinformation.

Page 1 Next