The MacValley blog


Welcome to the MacValley blog, your first stop for all the latest MacValley news and views.


Tom Briant

The MacValley blog

Editor: Tom Briant


Click here to email Tom

Click here for Tom's profile



To search the blog posts please use the box below

Tuesday, January 19, 2016

Senior Correspondent Arnold Woodworth's Weekly Web Wrap-up for January 18, 2016

Apple iPad Pro review: Apple's big, bold iPad has your laptop in its sights
The Apple iPad Pro is a stunning machine. It looks fantastic and, once you get over just how big it is, the size becomes a benefit, with its immersive screen and a giant playground of real estate for apps to exploit.
The iPad Pro marks another major inflection point: it ends the whole "iPads are only for consumption” debate ...... for most people the iPad Pro is more than enough creation tool.
How to back up and restore your Apple Watch
This how-to walks you through how to back up your watch software to your iPhone, and then restore the backup to a new watch.
15 years of iTunes: A look at Apple’s media app and its influence on an industry
Why So Much Apple Commentary Is So Clueless
I blame it on the story arc that every editor understands instinctively and every cub reporter quickly learns: What’s up must come down. When the world’s most valuable company—and Wall Street’s most widely held stock—is at the top of its game, it must have nowhere to go but south.
Apple has admitted iOS 9.2 is causing a battery problem for both the iPhone 6S and iPhone 6S Plus.
For now, Apple has a temporary fix.

New study shines light on one of the iPhone's biggest advantages over Android

Android fragmentation is an issue that continues to rear its ugly head. Time and time again we see problems arise that call Google's Android strategy into question, and fragmentation has to be at the top of the list for consumers.


Apple Keeps Leaving Macs Open To Malware -- But Whitehat Hackers Have Your Back

Apple employed a Gatekeeper for its Macs to do one job: keep unsigned, unverified software out. It might be time to fire Gatekeeper, or hire a new one, as its failures have again been shown up by Patrick Wardle, ex-NSA staffer and head of research at bug hunting firm Synack.

Wardle is presenting his findings at the Shmoocon conference today in Washington D.C. He is releasing a tool, Ostiarius, on his Objective-C website that will help fill the gap Apple left open by checking all file executions and blocks unisigned code originating from the Web.

Gatekeeper flaw remains exploitable four months after its discovery

A security researcher says flaws in Apple's Gatekeeper application validation system remain available to exploit, despite Apple patching some vectors he disclosed on September 30  in security updates released in November and December.

Until Apple addresses this, Wardle suggests Mac users only download applications from the Mac store where possible, and otherwise be careful what they download from the internet. If you have to download an app from outside the Mac store, he said, make sure it's served over an encrypted connection (meaning the file is served over the HTTPS, a standard that's becoming increasingly important). At the very least, it will prevent an attacker from inserting malicious code inside a legitimate app on its way to your computer.

New York looks to outlaw sale of encrypted smartphones
A proposed bill in New York doesn't demand backdoors in smartphones but will seek to ban the sale of smartphones whose encryption can't be bypassed by the manufacturer.

How to find out everything Facebook knows about you
you can't opt out of ads on Facebook without opting out of Facebook itself.
to see a fully tally of what Facebook thinks you like, you need to find a tool called Ad Preferences.
This tool is not easy to find.

This stunning map shows the flow of traffic across the globe using the anonymous network Tor

The map shows:
*The use of Tor has been steadily increasing since about 2008.
*Nearly all traffic is between Europe and the U.S.
*Tor traffic to Japan started to become significant around March of 2013,
peaked around April of 2015 and then declined a lot.
*Occasionally there is a brief (i.e., a few days) spike in Tor traffic to a specific place,
such as Hong Kong, Australia or Brazil.

The mobile revolution is over. Get ready for the next big thing: Robots
I've lived through three of these revolutions.
*The PC revolution
*The internet revolution
*The mobile revolution
when a revolution ends, that doesn't mean the revolutionary technology goes away.
Everybody still has a PC. Everybody still uses the internet. 

It simply means that the technology is so common and widespread that it's no longer revolutionary. It's taken for granted. 
So: The mobile revolution is over.  the smartphone is normal now. Even boring. It's not revolutionary.
Neil deGrasse Tyson and futurist Ray Kurzweil on what will happen to our brains and everything else
Ray Kurzweil says that - in the future - our brains will be connected directly to the internet and “the cloud”.
Wireless connections to “the cloud” will expand our human brains.
Mike Hearn, a major Bitcoin developer, says the Bitcoin currency is a failed project.

He wrote:
"Despite knowing that Bitcoin could fail all along, the now inescapable conclusion that it has failed still saddens me greatly. I will no longer be taking part in Bitcoin development and have sold all my coins."

Why has Bitcoin failed? It has failed because the community has failed. What was meant to be a new, decentralised form of money that lacked "systemically important institutions" and "too big to fail" has become something even worse: a system completely controlled by just a handful of people.

If you haven't heard much about this, you aren't alone. One of the most disturbing things that took place over the course of 2015 is that the flow of information to investors and users has dried up.

In the span of only about eight months, Bitcoin has gone from being a transparent and open community to one that is dominated by rampant censorship and attacks on bitcoiners by other bitcoiners. This transformation is by far the most appalling thing I have ever seen, and the result is that I no longer feel comfortable being associated with the Bitcoin community.

What Everybody Misunderstands About Privacy Pioneer David Chaum's Controversial Crypto Plan

Cryptography and privacy enthusiasts reacted to Chaum's statements with shock, disbelief, and-in some cases-outrage.

Chaum's suggestions are not to be taken lightly. He's an inventor of key concepts undergirding identity-cloaking software such as the Tor web browser, a bulwark of the crypto community.

Many technologists have a "knee jerk" reaction to the phrase "back door" access to encrypted data.

"I agreed to allow the term 'backdoor' to be used in the article to refer to access in general, not as deliberate weakening of a system," Chaum told Fortune. "This probably was my big mistake."

companies possess doorways of their own ...... to spy on users.  Even companies that purport to uphold strong, end-to-end encryption can do this.

However concerned you are about this possibility likely depends upon your level of paranoia.

Count Chaum among the unsettled.

Chaum got to work formulating an alternative. In his scheme, such a company would instead have to enlist third party contractors (think data centers) operating independent infrastructure across multiple jurisdictions, all of whom would have to work in unison to have any chance at undermining the integrity of the system. This dispersion of control serves to limit, ideally, the potential for abuse. Imagine the two-man rule for nuclear missile launches, but with added complexity and greater division of power. It takes unanimous agreement and simultaneous key-turns to meddle with or unmask a user.

One of the true powers of Chaum's system is its obstruction of traffic analysis.

Two-factor authentication is an important way to help keep your online accounts safe — but it's not perfect.
if the attacker is able to smuggle rogue software onto a user's smartphone, the hacker can defeat two-factor.
The malware affects Android smartphones, and it is called Android.Bankosy. It specifically targets two-factor authentication codes delivered by automated phone call.

No comments:

Post a Comment



Blog Archive