The MacValley blog


Welcome to the MacValley blog, your first stop for all the latest MacValley news and views.


Tom Briant

The MacValley blog

Editor: Tom Briant


Click here to email Tom

Click here for Tom's profile



To search the blog posts please use the box below

Thursday, January 18, 2018

Senior Correspondent Arnold Woodworth's Weekly Web Wrap-up for January 18, 2018

A man's life was saved by his iPhone after he used the Siri feature to tell his fiancée that he was having a stroke.

When Rob Belt began seeing double and felt 'like he had downed 10 pints', he managed to muster the strength to ask his smartphone to call for help.
Apple iOS 11.2.2 Release: Should You Upgrade?
Apple iOS 11.2.2 Verdict:
Install If You Run iOS 11, Hold If You’re Running iOS 10
Apple iOS 11.2.2 Release Has A Nasty Surprise
iOS 11.2.2 is throttling performance by as much as 50% ...  users were not just subjectively reporting their iPhones and iPads felt slower, but were able to demonstrate it with before and after benchmark scores.
Is Apple slowing down your old iPad or MacBook too? Tech giant reveals whether ALL of its old gadgets are at risk.
Apple says: "This power management feature is specific to iPhone and does not apply to any other Apple products.”
That means your old iPad, MacBook or Apple Watch won't be impacted by any of the processor-throttling software updates currently targeting old iPhone models.
Apple made a section of the App Store to highlight apps that offer free trials 
Be sure to double check if a subscription is annual, monthly, or weekly
For those who want to test out an app before making a purchase, Apple is now promoting a new section in the App Store, “Try it for Free,” that highlights apps that offer a free trial period before you have to pay for a subscription.
As of this writing, there are only four apps being offered in the section.
There is also the usual peril of free trials — accidentally forgetting to cancel the trial before it starts charging you, if you don’t end up wanting the service.
24 hidden iPhone settings you should know about
Apple iMac Pro review – this superbly designed workstation is most powerful Mac ever
iMac Pro Review – Is It Worth the Money?
This review was written by a power user who really needs a powerful computer for the kind of work he does.
His new iMac Pro — WAY — outperforms his MacBook Pro.  He spends much less time waiting for it to complete tasks.
He wrote:
“Rather unscientifically, I started editing a project I had logged on my MacBook Pro to see if I would immediately feel the difference. I did. Oh, boy, did I feel it! The iMac Pro is designed for exactly my types of workflow.”
“As you may have heard, the iMac Pro can’t be opened up by the end user. This seems to have got some people rather cross, which I must say I find amusing. The last thing I am interested in is ripping apart my computer and swapping out components. Upgrading is of no concern to me, nor to most small businesses. Besides, it’s not 1977 and I don’t spend my evenings at a home brew computer club!”
iMac Pro vs 27-inch iMac
Should you buy a 27in iMac, or the iMac Pro? We compare the two machines on design, features, specs and value for money
This article gets into the technical details when comparing the two computers.
The iMac Pro is a far more powerful machine. But do you really require that much power? If you're editing 8K RED video, H.264 4K footage, or 50Mp RAW stills, perhaps you do. If you're just looking for a superfast Mac, even if you're a gamer, the iMac Pro is probably overkill.
The Pro machine is seriously expensive, and you need to think long and hard about how much processing power you really need.

Apple ID login now required to check AppleCare warranty coverage for your devices
What happens when an iPhone X is dropped
It holds up surprisingly well when dropped from 3 feet high (pocket high) or 5 feet high (selfie high)
Android makers want to copy the iPhone X’s Face ID, but it’s not that easy
Android Smartphones Try — and Fail — to Mimic Face ID
Apple’s star presence no longer overshadows Consumer Electronics Show (CES)
The Apple ecosystem is no longer the star of CES — instead, things like Amazon’s Alexa voice platform, and now Google’s assistant voice platform, are the clear ecosystem winners of CES.
It is easy, and correct, to say that CES was not, or never was, a measure of the health of Apple’s products. It is, however, incorrect and dangerous to miss that CES had been, for some time, a barometer for the health of Apple’s ecosystem.
We can’t ignore the fact that Apple’s ecosystem, which used to be on display at CES, is no longer, and that competitors’ ecosystems are now the ones that dominate the show. How this plays in the market, we aren’t sure, but we need to keep a close eye on these new dynamics.

Apple today has shared a revised version of its iOS Security Guide, dated January 2018. The new document, which comes in at 78 pages long includes new details on Apple Pay Cash, Face ID, and more…
The document explains in detail how Apple features work and how they're protected.
Apple releases new iPhone and Mac updates to help protect against Spectre
• Apple has released security updates for iOS, MacOS, and Safari that help protect against Spectre.
• Spectre is one of two security flaws that were discovered in chips last week, which affect numerous devices running Intel and ARM components. 
• Amid releasing updates for both the Spectre and Meltdown flaws, Apple urges users not to download applications from sources outside of the App Store.
New MaMi macOS malware is hijacking DNS settings
• A new macOS malware called MaMi can hijack DNS settings, install root certificates, and otherwise compromise macOS machines. Its attack vector is currently unknown.
• Not all antivirus engines can detect MaMi yet, so keep your definitions up to date and run regular scans to ensure none of your machines are infected.
When initially discovered, there wasn't a single anti-malware app that recognized MaMi as malicious. As our sister site ZDNet points out, that number has changed: As of this writing 27 of the 59 antivirus platforms on VirusTotal recognize MaMi.
DNS-hijacking malware sneaks past anti-virus and creeps into Apple macOS
At the time of writing, it doesn't look like anti-virus tools will defend Macs against the malware. However, now that it's been brought to light we would expect updates to be pushed put for macOS security tools to defend against the malware.
Macs are generally less vulnerable to malware than Windows machines but as they grow in popularity we can expect malware to keep trying to pry open Cupertino's slick software.
Meltdown and Spectre CPU flaws: How to protect your Mac and iOS devices
Spectre affects all iOS, macOS, and tvOS. WatchOS is unaffected by the Meltdown and Spectre flaws.
What’s Apple doing to fix it?

Well, there isn’t really a real fix. These exploits rely on flaws baked right into the very design of the CPUs themselves. The best Apple or anyone can do is mitigate the risk, and Apple is already taking steps to do so. In December, Apple released macOS 10.13.2, iOS 11.2, and tvOS 11.2 with mitigations to lessen the risk, and iOS 11.2.2 also "includes security improvements to Safari and WebKit to mitigate the effects of Spectre." Additionally, Safari 11.0.2 includes mitigations against Spectre on macOS. Apple says more mitigations are on the way.
How can I protect my device from attack?

Update your OS

This is the obvious answer, but it’s also the best one. As we said, there is no real fix for Meltdown or Spectre, just ways to make exploits harder to pull off. Apple has already begun taking steps to protect users, but they will only be effective if they’re installed.
If you receive this link, DON’T click on it — DON’T even point at it: Terrifying ‘text bomb’ is causing Apple devices to crash
A malicious link being sent around will freeze your iPhone — even if you don't click on it
• A software developer discovered a bug that lets anyone send you a malicious link on iMessage that can crash your phone.
• Because the bug lies in the link preview, it can freeze the iMessage app without you even clicking on it.
• Called "chaiOS," the bug affects phones running iOS 10 or later.
The bug is capable of crashing iMessage altogether, and in some cases, forcing you to restore your phone to factory settings.
Another macOS password prompt can be bypassed with any password
In System Preferences, you can unlock the App Store preference pane by typing any password. Apple has reportedly already fixed the bug in beta versions of the next macOS High Sierra update.

While this bug is nowhere as serious as the infamous root login bug, as John Gruber wrote, this one is quite embarrassing. What’s wrong with password prompts and macOS?
How a researcher hacked his own computer and found 'worst' chip flaw
This article is not nearly technical enough to explain “how”.  But it’s still some interesting history.
Intel recalled a major chip in 1995 and turned them into keychains inscribed by the CEO — and the message speaks to Intel's current crisis
Intel recalled the Pentium P5 chip in 1995 that produced errors for certain calculations.
The recalled chips were turned into keychains for Intel employees.
The keychains had an inscription from former Intel CEO Andy Grove that became the company's mantra, and also applies to Intel's current chip crisis.
The mantra is:
"Bad companies are destroyed by crises; good companies survive them; great companies are improved by them."
Here's When Apple Will Hand Over Chinese iCloud Data to Comply With Local Laws
In an e-mail to affected customers on Wednesday, Apple said that it will hand over Chinese iCloud data center operations to Guizhou on the Cloud Big Data (GCBD) on February 28. The move will ensure iCloud data owned by Chinese users will remain inside the country’s borders. But Apple was quick to note in the e-mail, which was obtained by 9to5Mac, that it will maintain the same security and encryption protocols and will not build a “backdoor” that would allow a third-party to access user data.
Apple transfers iCloud operation in China to a local government-backed firm
US technology giant Apple confirmed last week that iCloud services in mainland China will soon be operated by a Chinese company in a move to comply with the cybersecurity law enacted in June last year.
Apple's move was made to comply with the newly enacted cybersecurity law in China, which came into force in June last year and demands that data belonging to Chinese citizens and organisations shall be stored within the country and operated by local Chinese companies.

Apple will be one of the first US companies to comply with the Chinese law. Other US companies with business exposure in China, including Amazon, Microsoft, and IBM, have also entered similar agreements
Facebook will now show you more posts from friends and family than news
Facebook said it plans to alter its algorithm to favor content from friends and families over publishers and brands. In a post published yesterday (Jan. 11), CEO Mark Zuckerberg wrote the company’s objective was no longer primarily to surface “relevant content” for Facebook’s 2 billion users, but to prioritize meaningful social interactions that benefit them.
Twitter Engineer Admits to Banning Accounts that Express Interest in God, Guns, and America
Twitter direct messaging engineer Pranay Singh admitted to mass-banning accounts that express interest in God, guns, and America, during a Project Veritas investigation.
How the legal battle around loot boxes will change video games forever
Just a few weeks ago, Belgium’s Gambling Committee took up the most controversial gaming question of the season: are loot boxes gambling? Yes, they said. 

Loot boxes are, in short, virtual boxes with random contents that you purchase through video games with real money.
The debate over loot boxes has been one of the most divisive and furious that gaming has seen in years, and certainly one of the most important stories for the industry in 2017. Billions of dollars are on the line here — especially as legislators and regulators in more countries have started to speak up.
For years, microtransactions have become more and more prominent in gaming as a way of supplementing income for developers, or replacing the revenue gained by selling units — hence “free to play” games that are free to download and play, but make money by selling you small-ticket items or downloadable content in the game itself.
The unparalleled outcry from players, fans, press, and politicians about loot boxes in Star Wars Battlefront II signaled that we were at a breaking point. A flagship title of perhaps the world’s most profitable and famous IP was monetizing through microtransactions and loot boxes so pervasively that it felt openly exploitative.
What caused the game industry to charge so recklessly toward this precipice? Why risk doing something that would invite legal battles and government scrutiny above and beyond anything that the industry endured during the darkest days of the last generation’s culture wars? Inescapably, the answer is money.
US government pushed tech firms to hand over source code
Obtaining a company's source code makes it radically easier to find security flaws and vulnerabilities for surveillance and intelligence-gathering operations.
It's not uncommon for tech companies to refer to their source code as the "crown jewel" of their business.
Given to a rival or an unauthorized source, the damage can be incalculable.
The Foreign Intelligence Surveillance Court (FISC), created in 1979 to oversee the government's surveillance warrants, has authorized more than 99 percent of all surveillance requests.
FISA orders are so highly classified that simply acknowledging an order's existence is illegal, even a company's chief executive or members of the board may not be told. Only those who are necessary to execute the order would know, and would be subject to the same secrecy provisions.
Last year, antivirus maker and security firm Kaspersky later found evidence that the NSA had obtained source code from a number of prominent hard drive makers -- a claim the NSA denied -- to quietly install software used to eavesdrop on the majority of the world's computers.

No comments:

Post a Comment



Blog Archive