Warning: Suspicious User in the Users folder! Don't Panic?

Unless you physically glue up the ports on your computer, remove the wireless chips and all the other input capabilities, no matter how careful you are, it’s still possible to get caught out by unwanted surprises.

I was doing a bit of routine maintenance on my MacBook Pro over the weekend and I noticed an unusual item in the Users folder of my primary disk. At my local supermarket an “Unexpected Item In The Bagging Area” is the grocery shopper’s equivalent of an air raid warning, and is met with shivers, sweaty palms, red faces, and an overwhelming sense of wanting to go and hide in a deep hole. On a Mac, an unexpected User in the Users folder is even worse.

To make it worse, the unexpected user went by the name “tsninja”. Having any sort of ninja lurking, uninvited, on your computer does not bode well, and I immediately started panicking. How long had it been there, how did it get there, what was it doing there, and most importantly, what the heck had it been doing while it had been there.

What sane person creates a User account called 'tsninja'?

Let’s just add some context before going any further. I take precautions. I have firewalls in place, Little Snitch is installed and configured, I don’t spend my time surfing ‘adult’ sites, I have Malwarebytes set up to scan the laptop every day, the computer is protected with ultra-strong passwords and TouchID, and has never been accessible to members of the general public. In other words, it’s about as secure as it can be, within reason. But something had created this intruder user and I wanted to find out what.

Donning my best deerstalker, I began to investigate. Google didn’t proffer any useful indicators. I ran Malwarebytes again but it came up clean. I ran EtreCheck but nothing untoward there. I guess the smartest thing to have done now, would have been to attempt to delete the ‘fake’ user and get on with my life, but I couldn’t let it lie.

So I started to dig down into the tsninja folder, and this is what I found:

User folder tsninja appears to contain MS-Team configuration data

This didn’t look much like a normal User folder. A little further investigation on the internet suggested that the files at the lowest level of folders were configuration data for Microsoft Azure, and everything in the entire tsninja folder was timestamped on the same date and at the same time. Sure enough, I’d installed Microsoft Teams (for research purposes) at about the same time according to the system logs. By this time, some of the panic was beginning to seep away, but I really wanted a second opinion.

I asked some chums on the Mac To The Future (MTTF) Facebook group if they’d encountered anything similar. I got a response pretty quickly saying that they’d used MS-Teams for about six months but couldn’t reproduce the issue. I checked my fiancee's laptop because we’d also installed MS-Teams on her MBA. Nothing was showing up on her machine either. Signs of panic were beginning to reappear. My MTTF FB chums weren’t making any reassuring noises.

I decided to try a brute force experiment. I deleted the whole ‘tsninja’ folder. Interestingly it just let me!  Usually attempting to delete a Users folder would require a password at the very least. Anyhow it was gone, for now.

I relaunched MS-Teams and although it appeared to have to found a glitch it ran as expected. But lo and behold, as soon as I quit the programme, the ‘tsninja’ folder had reappeared in the Users directory. That was too much of a coincidence. But why was it showing up on my system but no-one else’s?

My only guess is that I had set my system up as the host for a Team, with my MBP effectively acting as a server, whereas my fiancée was a member of that team. The guys I was talking to on MTTF were also in a similar situation; they were members of other teams.

Ultimately, we collectively came to the solution that it is just shoddy programming by Microsoft. Despite (or maybe because of) Apple’s guidelines about where application support data files should be stored, Microsoft have a history of doing their own thing. In this instance, it’s cost me a bit of time trying to track down the root cause of the problem, and a few more ageing lines. And despite sending messages to the MS-Team product support people, they have declined to reply although I have now joined the MS-Teams community and started the discussion there. I’ll report back on any updates.

For now, I'm comfortable with my own explanation, and I'm not batoning down the hatches. But seriously, for a professional programmer writing business application software, creating a user folder called tsninja and sticking it in a reserved space should be a disciplinary offence. It's childish and unnecessary, and it's cost me a couple of lost days and an uncomfortable night. Time to grow up Micrsoft!

Get a Finger on your Passwords

If you're anything like me, you probably have passwords set up for several hundred accounts, web pages, payment cards and suchlike. All have different rules regarding password composition, some use emails as usernames, others need non-email usernames, and some make you change passwords on a regular basis. All of which makes managing accounts a complete nightmare unless you break the cardnial rule of security management and write everything down! Or use some software to help you.

I've used 1Password on my Macs to manage all my 'secrets' since it was first released, and have all those secrets synced onto my iOS devices (although I find 1Password on iOS a pain in the backside to use because of Apple's rules on how apps are allowed to play with each other).

It'll be interesting to see the fate of 1Password with the release of Mavericks later in the year when Keychain for iCloud takes centre stage. Of course, 1Password will continue to have a place for folk using earlier versions of OS X, but I can see a slew of software tools disappearing as Mavericks incorporates their ideas and functionality (TotalFinder, Tags, Punkanea are others that spring instantly to mind). Such is progress but resilient developers will find other opportunities to tout their talents and skills.

In fact 1Password may well continue to exist and flourish under Mavericks, simply because not everyone will want to trust all their most confidential information and data to Apple. Even I have reservations about moving to Keychain for iCloud until the technology is more established and initial bugs ironed out. I simply can't afford to have a situation where OS X has generated passwords (which I can't remember) and which I might not be able to access because of an iCloud glitch. I could indeed see a situation where I will use 1Password as a failsafe backup system, but we shall see. Experiences with iMatch for iTunes make me a little wary about failsafe syncronisation...

There has been quite a lot of noise recently about Apple using fingerprint security on new versions of the iPhone and iPad. The noises started to get louder when Apple bought Authentec (reportedly for $356M in 2012), who make fingerprint scanners and the accompanying TrueSuite software package.

I bought a pair of Upek scanners last year and use them alongside TrueSuite for OS X. Previously, prior to becoming a fully fledged Mac user, I used the Microsoft fingerprint scanner for Windows and was really pleased with the way it worked. That experience is now shared on the Mac - there is something reassuring about using a physical method to access my passwords which doesn't involve me having to remember anything. Of course this type of security is illusory since as soon as the fingerprint scanner is removed anyone who can type (as knows what the passwords are) can access the system.

UPEK Fingerprint Scanner

I'm sure much will be written about KeyChain for iCloud in the next few months and especially after its universal release, and I look forward to playing with it myself. In the meantime I have one request to website designers and businesses - if you don't need to put password access to your websites please don't. Having to remember a gazillion passwords is bad enough - having to remember them when there's nothing to protect is just mean!

A Gaggle of Gizmos

In this post I'll be taking a look at a few of the "life enhancing" gadgets recently installed at Apple Harvest HQ; some big, some small (in both size and price) but all valuable additions to the business.

Apple Harvest HQ - Main Office

Mobee Magic Feet

In my last post I mentioned the Mobee Magic Feet gizmo which had just been delivered. There's a plethora of Magic Mice, Magic Trackpads and Apple Keyboards at Apple Harvest HQ, which potentially could mean splashing out a lot of cash each year on batteries or having the inconvenience of constantly having spare batteries on charge, so I've long been a fan of the Mobee induction chargers for Apple input devices (see post - Two New Toys from Feb 2011).

The Magic Feet charger is the latest in the family and allows you to charge up to three devices at once. It also adds an extra 4 USB 2.0 ports to your system which, in my view, is never a bad thing. The charger comes in emaculate packaging like all Mobee products, and looks like it was developed in the Apple packaging lab in Cupertino.

At Apple Harvest HQ there was a void in the main office. A solitary Magic Mouse charger was in place but the Magic Trackpad was still battery operated as was the spare Magic Mouse. (The main office is the only place where you won't find an Apple keyboard. Instead there's a Logitech solar powered K750-Mac keyboard which has similar 'green' credentials, and is an absolute joy to use!) The Magic Feet device has filled the void perfectly and the main office is now battery free.

Mobee Magic Feet

There's not really much to say about the Magic Feet - it just works. In the earlier post I mentioned an issue about never seeing a mouse charge above 80% of capacity, and it does indeed seem that Apple's original calculations didn't take into account the battery packs used by outfits like Mobee. This is no longer the case and keyboards, trackpads and mice alike, now show batteries at full capacity after an appropriate amount of charge time. Currently the best place to go is Apple who sell it for £120. This is pricey (especially if you already have Mobee systems in place), but it was cost effective in my case since I got an extra mouse and a trackpad charging unit which would have cost over £50 on their own. Mobee still claim the unit will pay for itself within 6 months of office use or 12 months of home use. For me the blessing of no more batteries is priceless!

PNY ThinkSafe Portable Laptop Locking System

Given that the MacBook Air is a very expensive and desireable piece of kit, I find it a little bit surprising that Apple elected not to provide any way of physically protecting the laptop from theft. Software protection mechanisms have been around for a while, but systems like "Find My Mac" only take effect after a theft (or loss) and a physical cable lock like those available for use on most laptops go a long way to deter a casual thief in the first place. I have finally found a solution for the MacBook Air and while it is not perfect, it does the job.

The PNY ThinkSafe Portable Laptop Locking System (doesn't realy roll off the tongue does it?!)) consists of a slotted metal plate that you insert through the hinge of the MBA and a combination lock/steel cable which you loop around a sturdy object and attach to the plate through a small slot at the back of the laptop.

Initially it's a bit scary sliding metal objects through the MBA hinge, but once you get the knack it's easy to insert and remove and I've yet to see any damage to the MBA case (despite comments from others to the contrary).

The PNY ThinkSafe plate slips through the MBA hinge

The system comes with plates for a range of different laptops and you are provided with a 4 digit combination - you don't select your own - which you need to register on-line in case you forget it (as I realised I had when I started writing this, although luckily I remembered enough to get it open in the end!).

Make sure you remember your combination - this isn't mine!

The ThinkSafe system won't stop someone with enough time, tools and intent, but it will stop the casual opportunist thief from stealing your laptop off your table in Starbucks. And to be honest, £16 is not a huge sum to pay for peace of mind.

Go Gadgets USB Fan

It can sometimes get rather warm in the Apple Harvest HQ main office (although, thankfully, the Lenovo has now gone which has helped lower the temperature considerably). I saw this Go Gadgets USB Retro Fan on Amazon and was surprised at how positive the reviews were (4.3/5 from 73 reviewers) and decided to risk the £10 asking price. When it arrived I was even more surprised at the quality of the build, the lack of noise and the power of the fan. It even has its own on/off switch on the back and creates enough air movement to be pleasant without blowing your brains out. Highly recommended, especially now summer has finally arrived in the UK!

Go Gadgets Retro USB Fan

GMYLE Tablet Arm

Last but not least in this round up of gadets is the GMYLE Black Adjustable Swing Arm Tablet Holder Mount. As you can see from the picture space is becoming more valuable in the main office than in downtown Kowloon so anything that can alleviate the problem can and will be brought into action.

The GMYLE is a sturdy and flexible arm that clamps to the desk and allows you to put most common tablets in its adjustable grasp and swing it in or out of the way as you need. Both the iPad and iPad mini fit (in their cases) and a holder for a smartphone is also supplied should you wish to hang your phone out of the way.



To be honest, there is too much give in the arm to be able to use it to do much work on, but if you're just tapping it occasionally to access an app or run a query it's perfect.

At £32 from Amazon, it's a mid-price option, and good enough for what I needed. And the box makes for some wonderful reading!
























So that concludes this round up of glorious gadgets. For some folk, some of these may strike you as somewhat extravagant. That may well be true, but don't forget I spend a lot of time in the office so for me, each of these has its well and truly justified place at Apple Harvest HQ.