An anonymous reader writes: The Apple Watch's release date has arrived: retailers around the world have quietly begun putting them on their shelves, and customers are beginning to receive their shipments. Reviews have been out for a while, including thoughtful ones from John Gruber and Nilay Patel. Apple has published a full user guide for the software, and iFixit has put up a full teardown to take a look at the hardware. They give it a repairability score of 5 out of 10, saying that the screen and battery are easily replaced, but not much else is. Though Apple designated the watch "water-resistant" rather than "waterproof", early tests show it's able to withstand a shower and a swim in the pool without failing. Ars has an article about the difficulty of making games for the Apple Watch, and Wired has a piece detailing its creation.
Trailrunner7 writes: For years, Apple has enjoyed a pretty good reputation among users for the security of its products. That halo has been enhanced by the addition of new security features such as Gatekeeper and XProtect to OS X recently, but one researcher said that all of those protections are simple to bypass and gaining persistence on a Mac as an attacker isn't much of a challenge at all. Gatekeeper is one of the key technologies that Apple uses to prevent malware from running on OS X machines. It gives users the ability to restrict which applications can run on their machines by choosing to only allow apps from the Mac App Store. With that setting in play, only signed, legitimate apps should be able to run on the machine. But Patrick Wardle, director of research at Synack, said that getting around that restriction is trivial. "Gatekeeper doesn't verify an extra content in the apps. So if I can find an Apple-approved app and get it to load external content, when the user runs it, it will bypass Gatekeeper," Wardle said in a talk at the RSA Conference here Thursday. "It only verifies the app bundle. If Macs were totally secure, I wouldn't be here talking," Wardle said. "It's trivial for any attacker to bypass the security tools on Macs."
New submitter BronsCon writes: A recently disclosed flaw in iOS 8 dubbed "No iOS Zone" allows an attacker to create a WiFi hot spot that will cause iOS devices to become unstable, crash, and reboot, even when in offline mode. Adi Sharabani and Yair Amit of Skycure are working with Apple for a fix; but, for now, the only workaround is to simply not be in range of such a malicious network.
An anonymous reader writes: iTunes users who still run Windows XP started to experience connectivity issues this week. As documented in an Apple Support Communities thread, they can't log into the iTunes store, meaning functions like buying content, watching already purchased movies and TV shows, playing DRM-protected content, backing up, updating, and syncing all do not work.
An anonymous reader writes: Apple is sending out invites to random registered developers, giving them the chance to buy an Apple Watch with guaranteed delivery by the end of the month. "Special Opportunity for an Expedited Apple Watch Order," the invite email states. "We want to help give Apple developers the opportunity to test their WatchKit apps on Apple Watch as soon as it is available. You have the chance to purchase one (1) Apple Watch Sport with 42mm Silver Aluminum Case and Blue Sport Band that's guaranteed to ship by April 28, 2015."
mrflash818 writes: A new report from analytics service SourceDNA found that roughly 1,500 iOS apps (with about 2 million total installs) contain a vulnerability that cripples HTTPS and makes man-in-the-middle attacks against those apps easy to pull off. "The weakness is the result of a bug in an older version of the AFNetworking, an open-source code library that allows developers to drop networking capabilities into their apps. Although AFNetworking maintainers fixed the flaw three weeks ago with the release of version 2.5.2, at least 1,500 iOS apps remain vulnerable because they still use version 2.5.1. That version became available in January and introduced the HTTPS-crippling flaw."
An anonymous reader writes: Researchers from Skycure demonstrated a novel attack at the RSA 2015 conference that affects iPhones and other iOS devices. The attack, which takes advantage of new and previously announced vulnerabilities, locks iPhones into a never-ending reboot cycle effectively rendering them useless. Skycure CEO Adi Sharabani explained that this attack began when Skycure researchers bought a new router and were messing around with its network settings. In doing so, they discovered a particular configuration that caused apps in iPhones connected to that router to crash whenever they launched.
Nerval's Lobster writes Perhaps developers are increasingly overjoyed at the prospect of building iOS apps with a language other than Objective-C, which Apple has positioned Swift to replace; whatever the reason, Swift topped Stack Overflow's recent survey of the "Most Loved" languages and technologies (cited by 77.6 percent of the 26,086 respondents), followed by C++11 (75.6 percent), Rust (73.8 percent), Go (72.5 percent), and Clojure (71 percent). The "Most Dreaded" languages and technologies included Salesforce (73.2 percent), Visual Basic (72 percent), WordPress (68.2 percent), MATLAB (65.6 percent), and SharePoint (62.8 percent). Those results were mirrored somewhat in recent list from RedMonk, a tech-industry analyst firm, which ranked Swift 22nd in popularity among programming languages (based on data drawn from GitHub and Stack Overflow) but climbing noticeably quickly.
HughPickens.com writes Lee Hutchinson writes at Ars Technica that platform loyalty is a powerful thing, as two roommates in Tulsa, Oklahoma stabbed each other with broken beer bottles in a debate over the relative merits of Android versus iPhones. Tulsa police were called to Evergreen Apartments at 1 a.m after a woman found a man covered in blood, stumbling around the parking lot and found that two roommates had been drinking and arguing over their mobile phones. The two men broke beer bottles and stabbed each other with them and one of the men smashed a bottle over the back of the other man's head. "In over 35 years as a cop, this is one of the oddest reasons I've seen for assault," says Maj. Rod Hummel. According to Channel 8 News, police had no comment when asked which phone was in fact better.
An anonymous reader writes During this week's episode of John Gruber's podcast, The Talk Show, Gruber sat down with Joanna Stern of the Wall Street Journal to talk all things Apple Watch. About two hours and 9 minutes into the podcast, both Gruber and Stern began lamenting the poor performance they saw with third-party Apple Watch apps. 'It makes me question whether there should be third party apps for it at all yet,' Gruber noted. The pair also took umbrage with what they perceived to be a poor design choice for the Apple Watch app screen, with both noting that the app icons were far too small to be practical.
SternisheFan sends news that Los Angeles Unified School District is asking Apple for a refund of the district's effort to equip students with iPads. The project was budgeted at around $1.3 billion to equip its 650,000 students, though only about 120,000 iPads have been purchased so far. After the program went bad, the FBI launched an investigation into their procurement practices. The iPads weren't standalone education devices — they were supposed to work in conjunction with another device carrying curriculum from a company named Pearson. But the district now says the combined tech didn't meet their needs, and they want their money back. Lawyers for the local Board of Education are looking into litigation options. They've also notified Apple and Pearson they won't pay for any new products or services.
SternisheFan sends this quote from the Washington Post: Gaioz Nigalidze's rise through the ranks of professional chess began in 2007, the year the first iPhone was released. In hindsight, the timing might not be coincidental. On Saturday, Nigalidze, the 25-year-old reigning Georgian champion, was competing in the 17th annual Dubai Open Chess Tournament when his opponent spotted something strange. "Nigalidze would promptly reply to my moves and then literally run to the toilet," Armenian grandmaster Tigran Petrosian said. "I noticed that he would always visit the same toilet partition, which was strange, since two other partitions weren't occupied." Petrosian complained to the officials. After Nigalidze left the bathroom once more, officials inspected the interior and say they found an iPhone wrapped in toilet paper and hidden behind the toilet. "When confronted, Nigalidze denied he owned the device," according to the tournament's Web site. "But officials opened the smart device and found it was logged into a social networking site under Nigalidze's account. They also found his game being analyzed in one of the chess applications." Nigalidze was expelled from the tournament, which is still ongoing and features more than 70 grandmasters from 43 countries competing for a first-place prize of $12,000. The Georgian's career is now under a microscope. His two national titles are under suspicion.
An anonymous reader writes The launch of the Apple Watch has got off to a good start, with an estimated 1 million pre-orders in the U.S. on Friday. "According to Slice's Sunday report, which is based on e-receipt data obtained directly from consumers, 957,000 people preordered the Watch on Friday, with 62% purchasing the cheapest variant, the Apple Watch Sport. On average, each buyer ordered 1.3 watches and spent $503.83 per watch."
Trailrunner7 writes When it was revealed late last month that a Chinese certificate authority had allowed an intermediate CA to issue unauthorized certificates for some Google domains, both Google and Mozilla reacted quickly and dropped trust in CNNIC altogether. Apple on Wednesday released major security upgrades for both of its operating systems, and the root certificate for CNNIC, the Chinese CA at the heart of the controversy, remains in the trusted stores for iOS and OS X. The company has not made any public statements on the incident or the continued inclusion of CNNIC's certificates in the trusted stores.
An anonymous reader writes A lawsuit between Apple and Google could drastically change the power balance between patent holders and device makers. "The dispute centers on so-called standard-essential patents, which cover technology that is included in industry-wide technology standards. Since others have to use the technology if they want their own products to meet an industry standard, the companies that submit their patents for approval by standards bodies are required to license them out on 'reasonable and non-discriminatory',(paywalled) or RAND, terms." If Apple wins, the understanding of what fees are RAND may decrease by at least an order of magnitude.