The MacValley blog


Welcome to the MacValley blog, your first stop for all the latest MacValley news and views.


Tom Briant

The MacValley blog

Editor: Tom Briant


Click here to email Tom

Click here for Tom's profile



To search the blog posts please use the box below

Tuesday, October 25, 2016

Senior Correspondent Arnold Woodworth's Weekly Web Wrap-up for Tuesday 10-25-2016

Apple squashes bugs with Mac OS Sierra, Apple Watch and Apple TV updates

For the most part, it's just bugfixes, but the iPhone 7 Plus gets the nifty new Portrait Mode for its camera.

WatchOS 3.1 should let you replay the cool effects in the Messages app on your Apple Watch, in addition to squashing some bugs.

tvOS 10.0.1 includes general performance and stability improvements.

iOS 10.1 fixes issue that lets Apple iPhones get hacked by just receiving a picture

Similar issues affects Macs and Apple TV, and all of Apple’s products have received the new update

Apple issues macOS Sierra 10.12.1 update

Apple on Monday released an update to macOS Sierra. Version 10.12.1 is now available for Mac users for download through the App Store app. (It’s a good idea to back up you Mac before installing the update.) The update is 1.25GB.

WatchOS 3.1 update is now available for Apple Watch users

The WatchOS 3.1 update brings small changes to the device, mostly focusing on fixing bugs.

IBM announces 100,000 Macs at Jamf 2016

Very interesting video that compares using Macs in the corporate world vs. using Windows PCs.

Deep dive: The Apple Watch Series 2 delivers on last year’s promise

This year's Apple Watch Series 2 -- unveiled last month when the iPhone 7 was previewed -- builds on last year's model and addresses most, but not all, of the issues early adopters faced. With the inclusion of GPS, a faster system architecture, better water resistance and support for more activity profiles -- including swimming and wheelchair support -- the Series 2 turns the Apple Watch into a more complete fitness band. And the system's overall responsiveness, in concert with watchOS 3, largely delivers on last year's first-generation promise.

How Google embarrassed Apple

This week didn't look good for Apple.

Google's new Pixel phone launched to positive reviews, largely because of the phone's new digital helper called Google Assistant.

Assistant is noticeably smarter and more capable than Siri, a stark embarrassment for Apple, which had a five-year head start on Google.

I expect Apple to improve Siri soon, but for now, Google Assistant is clearly in the lead.

The iPod turns 15: a visual history of Apple's mobile music icon
A look back at 15 years of iPod history

To iPod on its 15th birthday: Thanks for revolutionizing digital music

The World-Shaking iPod Just Turned 15 Years Old

Apple's first music player seems like a relict of the past, but it's impact should not be overlooked.

The iPod turned 15 years old yesterday [2016-10-23]. To recognize this monumental day, we took a stroll through the Entrepreneur archives, only to come across a 2006 article, Age of the iPod, which looks at the undeniable success of the portable music player from its birth in 2001 to 2006.

Why I Bought an Apple iPod Nano in 2016

The author also wrote about his experience with it.

The difference between iPhone users and Android users

after explaining briefly that I was the editor of a tech news site, I would ask iPhone users “why do you use an iPhone?” and Android phone users “why do you use an Android phone?”

I made sure to never mention a rival platform at all. It’s subtle, but the question “why do you use an iPhone and not an Android phone?” is a bit leading compared to simply asking, “why do you use an iPhone?”

In about three months I ended up asking 219 different people this question, including 112 iPhone users and 107 Android users.

So, how many Android users mentioned their disapproval of Apple or of the iPhone among in their response? 51.

Of the 112 iPhone users I polled, a total of six people said something negative about Android or about a specific Android phone manufacturer. Not a single person make a negative blanket statement about Android users in general.

Here's the one thing keeping me from dumping my iPhone for Google's Pixel
Apple is strategically using iMessage lock-in to keep customers from moving to Android, which is bad news for would-be iPhone switchers.

The Google Pixel is the first Android phone that I'd happily swap for my iPhone. In fact, that's exactly what I would have done this week, without missing a beat.

Well, except for one, and it's a doozy. Everything about the Pixel experience "just works," except for its lack of support for Apple's iMessage.

iPhone 7 Plus vs. Pixel XL camera showdown: Low-light video comparison

The 10 best paid iPhone apps on sale for free – as of 2016-10-25

11 paid iPhone apps on sale for free – as of 2016-10-24

The internet is still actually controlled by 14 people who hold 7 secret keys

Every three months since 2010, some — but typically not all — of these people gather to conduct a highly secure ritual known as a key ceremony, where the keys to the internet's metaphorical master lock are verified and updated.

The people conducting the ceremony are part of an organization called the Internet Corporation for Assigned Names and Numbers. ICANN is responsible for assigning numerical internet addresses to websites and computers.

If someone were to gain control of ICANN's database, that person would pretty much control the internet. For instance, the person could send people to fake bank websites instead of real bank websites.

To protect DNS, ICANN came up with a way of securing it without entrusting too much control to any one person. It selected seven people as key holders and gave each one an actual key to the internet. It selected seven more people as backup key holders — 14 people in all. The ceremony requires at least three of them, and their keys, attend, because three keys are needed to unlock the equipment that protects DNS.

Slide Show:
5 Creative and Out There Uses of Social Media

So where can you turn to to plan your next vacation? Instagram.

Recruit top talent?  Facebook, Twitter, LinkedIn, Spotify and YouTube.

Report city updates and local crimes?  Twitter.

Teach?  Facebook

How a Bunch of Hacked DVR Machines Took Down Twitter and Reddit
And Spotify, and Github, and The New York Times.

The websites were not targeted individually. Instead, an unknown attacker deployed a massive botnet to wage a distributed denial-of-service attack on Dyn (pronounced like dine), the domain name service (DNS) provider that they all share.

“The internet wasn’t down,” Andy Ellis added. “Packets were still getting through.” Only one DNS provider was ever blocked, he said. The rest of the infrastructure still worked—even if Twitter, Reddit, Spotify, and the Times were all, for a time, essentially inaccessible.

Chinese firm admits its hacked products were behind Friday's massive DDOS attack
Botnets created from the Mirai malware were involved in Friday's cyber attack

A Chinese electronics component manufacturer says its products inadvertently played a role in a massive cyberattack that disrupted major internet sites in the U.S.

According to security researchers, malware known as Mirai has been taking advantage of these vulnerabilities by infecting the devices and using them to launch huge distributed denial-of service attacks.

Mirai works by enslaving IoT devices to form a massive connected network. The devices are then used to deluge websites with requests, overloading the sites and effectively taking them offline.

This Is The Chinese Firm Whose Cameras Took Down The Internet On Friday (2016-10-21)

while the origin of the attack is still unknown, we're getting a better idea of how the attack was executed.

The attackers hijacked CCTV cameras made by Hangzhou Xiongmai Technology Co. using malware known as Mirai.

The attack, which took down sites including Twitter, Spotify and CNN for long stretches, underscored how hackers can marshal an increasing number of online gadgets, collectively known as the Internet of Things, to disrupt the internet on an unprecedented scale.

“Mirai is a huge disaster for the Internet of Things. XM have to admit that our products also suffered from hacker’s break-in and illegal use," Xiongmai said in its e-mail.

Seems the "internet of things" has it's downsides.

Vulnerability Is the Internet’s Original Sin

On the day (perhaps not long from now) when the entire internet crashes, no one will be able to say that we didn’t see it coming. The denial-of-service attack on the morning of Oct. 21—which shut down Twitter, Spotify, Netflix, and a dozen other websites—offers a preview, in miniature and against relatively trivial targets, of how the day of doom might unfold.

The weapons amassed for this attack were, literally, toys—baby monitors, music servers, web cameras, and other home devices.

The malware was simple: a program called Mirai.

How one rent-a-botnet army of cameras, DVRs caused Internet chaos

Welcome to the Internet of Evil Things. The attack that disrupted much of the Internet on October 21 is still being teased apart by investigators, but evidence thus far points to multiple "botnets" of Internet-connected gadgets being responsible for blocking access to the Domain Name Service (DNS) infrastructure at DNS provider Dyn. Most of these botnets—coordinated armies of compromised devices that sent malicious network traffic to their targets—were controlled by Mirai, a self-spreading malware for Internet of Things (IoT) devices.

The attack on Dyn further demonstrates the potential disruptive power of the millions of poorly protected IoT devices. These items can be easily turned into a platform for attacking anything from individual websites to core parts of the Internet's infrastructure.

the worst thing about Mirai is that it leverages the horrible security decisions made by a handful of manufacturers of Internet-connected devices. And despite growing public alarm, these IoT devices and their shortcomings will likely persist on the Internet for years.

Mirai simply uses a hard-coded library of default usernames and passwords to log in to the devices it discovers. This is the equivalent of walking through a parking lot, checking for unlocked car doors, and finding the keys sitting on the driver’s seat.

Incessant Consumer Surveillance Is Leaking Into Physical Stores
Retail is on its way to a future of personalized everything—even prices.

No comments:

Post a Comment



Blog Archive