An anonymous reader quotes a report from The Register: AI can reverse engineer machine code and find vulnerabilities in ancient legacy architectures, says Microsoft Azure CTO Mark Russinovich, who used his own Apple II code from 40 years ago as an example. Russinovich wrote: "We are entering an era of automated, AI-accelerated vulnerability discovery that will be leveraged by both defenders and attackers."

In May 1986, Russinovich wrote a utility called Enhancer for the Apple II personal computer. The utility, written in 6502 machine language, added the ability to use a variable or BASIC expression for the destination of a GOTO, GOSUB, or RESTORE command, whereas without modification Applesoft BASIC would only accept a line number. Russinovich had Claude Opus 4.6, released early last month, look over the code. It decompiled the machine language and found several security issues, including a case of "silent incorrect behavior" where, if the destination line was not found, the program would set the pointer to the following line or past the end of the program, instead of reporting an error. The fix would be to check the carry flag, which is set if the line is not found, and branch to an error.

The existence of the vulnerability in Apple II type-in code has only amusement value, but the ability of AI to decompile embedded code and find vulnerabilities is a concern. "Billions of legacy microcontrollers exist globally, many likely running fragile or poorly audited firmware like this," said one comment to Russinovich's post.

German publishers and advertising groups are urging regulators to fine Apple over its App Tracking Transparency (ATT) system, arguing it unfairly restricts access to advertising data while allowing Apple to remain the central gatekeeper -- without subjecting its own apps to the same restrictions. If Germany's antitrust authority does rule against Apple, the company could face fines of up to 10% of its global revenue. 9to5Mac reports: One of the countries investigating whether ATT is anticompetitive is Germany. Last year, in an attempt to appease the country's antitrust watchdog, the company proposed several changes to the framework's rules. From Reuters' original coverage of Apple's changes proposals: "Apple had agreed to introduce neutral consent prompts for both its own services and third-party apps, and to largely align the wording, content and visual design of these messages, said Andreas Mundt, head of Germany's Bundeskartellamt. The company also proposed simplifying the consent process so developers can obtain user permission for advertising-related data processing in a way that complies with data protection law." [...] At the time, German regulators launched a consultation with industry publications to determine whether the proposals addressed their concerns. As it turns out, the answer was a hard no.

As Reuters reported today: "Apple's proposed changes to its app tracking rules do not resolve antitrust issues in the mobile advertising market, associations representing German publishers and advertisers said on Tuesday as they urged the country's antitrust authority to slap a fine on the U.S. tech giant. [...] 'The proposed commitments would not change the negative effects of the App Tracking Transparency Framework,' Bernd Nauen, chief executive of the German Advertising Federation, said in a joint letter signed by the trade bodies. 'Apple would remain the data gatekeeper and would continue to decide who gets access to advertising-relevant data and how companies can communicate with their end customers,' he said."

An anonymous reader quotes a report from Wired: While TikTok operates in the United States under new ownership, Apple has deployed technical restrictions to block iOS users in the United States from downloading other apps made by the video platform's Chinese parent organization ByteDance. ByteDance owns a vast array of different apps spanning social media, entertainment, artificial intelligence, and other sectors. The leading one is Douyin, the Chinese version of TikTok, which has over 1 billion monthly active users. While most of those users reside in China, iPhone owners around the world have traditionally been able to download these apps from anywhere without using a VPN, as long as they have a valid App Store account registered in China.

That's not true anymore. Starting in late January, iPhone users in the U.S. with Chinese App Store accounts began reporting that they were encountering new obstacles when they tried to download apps developed by ByteDance. WIRED has confirmed that even with a valid Chinese App Store account, downloading or updating a ByteDance-owned Chinese app is blocked on Apple devices located in the United States. Instead, a pop-up window appears that says, "This app is unavailable in the country or region you're in." The restriction appears to apply only to ByteDance-owned apps and not those developed by other Chinese companies.

The timing and technical specifics suggest the restriction is related to the deal TikTok agreed to in January to divest Chinese ownership of its U.S. operations. The agreement was the result of the so-called TikTok ban law passed by Congress in 2024, which also barred companies like Apple and Google from distributing other apps majority-owned by ByteDance. The Protecting Americans from Foreign Adversary Controlled Applications Act states that no company can "distribute, maintain, or update" any app majority-controlled by ByteDance "within the land or maritime borders of the United States."

The law was primarily aimed at TikTok, which has more than 100 million users in the U.S. and had been the subject of years of debate in Washington over whether its Chinese ownership posed a national security risk. But ByteDance also has dozens of other apps that at some point were also removed from Apple's and Google's app stores in the U.S.. Now it seems like the scope of impact has reached even more apps that are not technically designed for U.S. audiences, such as Douyin, the AI chatbot Doubao, and the fiction reading platform Fanqie Novel.

Apple has removed the 512GB RAM configuration for the Mac Studio, leaving 256GB as the new maximum. The remaining 256GB upgrade has also increased in price and now faces longer shipping delays as demand grows "due to consumers seeking machines suitable for running local AI agents," reports MacRumors. From the report: The Mac Studio starts with 36GB RAM, but there were upgrades ranging from 48GB to 512GB, with the higher tier upgrades limited to the M3 Ultra chip. Now there are options ranging from 48GB to 256GB, with wait times into May for the 256GB upgrade. Apple has also raised the price for the 256GB RAM upgrade option. It used to cost $1,600 to go from 96GB to 256GB on the high-end M3 Ultra machine, but now it costs $2,000. 512GB was $4,000 when it was available.

Continuing its product launches this week, Apple today announced the "MacBook Neo," an all-new, low-cost Mac featuring the A18 Pro chip. It starts at $599 and begins shipping on Wednesday, March 11. MacRumors reports: The MacBook Neo is the first Mac to be powered by an iPhone chip; the A18 Pro debuted in 2024's iPhone 16 Pro models. Apple says it is up to 50% faster for everyday tasks than the bestselling PC with the latest shipping Intel Core Ultra 5, up to 3x faster for on-device AI workloads, and up to 2x faster for tasks like photo editing. The MacBook Neo features a 13-inch Liquid Retina display with a 2408-by-1506 resolution, 500 nits of brightness, and an anti-reflective coating. The display does not have a notch, instead featuring uniform, iPad-style bezels.

It is available in Silver, Indigo, Blush, and Citrus color options. The colored finishes extend to the Magic Keyboard in lighter shades and come with matching wallpapers. It weighs 2.7 pounds. There are two USB-C ports. One is a USB-C 2 port with support for speeds up to 480 Mb/s and one is a USB-C 3 port with support for speeds up to 10 Gb/s. There is also a headphone jack. The MacBook Neo also offers a 16-hour battery life, 8GB of unified memory, Wi-Fi 6E and Bluetooth 6 connectivity, a 1080p front-facing camera, dual mics with directional beamforming, and dual side-firing speakers with Spatial Audio.

Security researchers say a highly sophisticated iPhone exploitation toolkit dubbed "Coruna," which possibly originated from a U.S. government contractor, has spread from suspected Russian espionage operations to crypto-stealing criminal campaigns. Apple has patched the exploited vulnerabilities in newer iOS versions, but tens of thousands of devices may have already been compromised. An anonymous reader quotes an excerpt from Wired's report: Security researchers at Google on Tuesday released a report describing what they're calling "Coruna," a highly sophisticated iPhone hacking toolkit that includes five complete hacking techniques capable of bypassing all the defenses of an iPhone to silently install malware on a device when it visits a website containing the exploitation code. In total, Coruna takes advantage of 23 distinct vulnerabilities in iOS, a rare collection of hacking components that suggests it was created by a well-resourced, likely state-sponsored group of hackers.

In fact, Google traces components of Coruna to hacking techniques it spotted in use in February of last year and attributed to what it describes only as a "customer of a surveillance company." Then, five months later, Google says a more complete version of Coruna reappeared in what appears to have been an espionage campaign carried out by a suspected Russian spy group, which hid the hacking code in a common visitor-counting component of Ukrainian websites. Finally, Google spotted Coruna in use yet again in what seems to have been a purely profit-focused hacking campaign, infecting Chinese-language crypto and gambling sites to deliver malware that steals victims cryptocurrency.

Conspicuously absent from Google's report is any mention of who the original surveillance company "customer" that deployed Coruna may have been. But the mobile security company iVerify, which also analyzed a version of Coruna it obtained from one of the infected Chinese sites, suggests the code may well have started life as a hacking kit built for or purchased by the US government. Google and iVerify both note that Coruna contains multiple components previously used in a hacking operation known as "Triangulation" that was discovered targeting Russian cybersecurity firm Kaspersky in 2023, which the Russian government claimed was the work of the NSA. (The US government didn't respond to Russia's claim.)

Coruna's code also appears to have been originally written by English-speaking coders, notes iVerify's cofounder Rocky Cole. "It's highly sophisticated, took millions of dollars to develop, and it bears the hallmarks of other modules that have been publicly attributed to the US government," Cole tells WIRED. "This is the first example we've seen of very likely US government tools -- based on what the code is telling us -- spinning out of control and being used by both our adversaries and cybercriminal groups." Regardless of Coruna's origin, Google warns that a highly valuable and rare hacking toolkit appears to have traveled through a series of unlikely hands, and now exists in the wild where it could still be adopted -- or adapted -- by any hacker group seeking to target iPhone users. "How this proliferation occurred is unclear, but suggests an active market for 'second hand' zero-day exploits," Google's report reads. "Beyond these identified exploits, multiple threat actors have now acquired advanced exploitation techniques that can be re-used and modified with newly identified vulnerabilities."

Today, Apple updated the MacBook Pro and MacBook Air with support for its new M5 chips. It also unveiled a pair of all-new Studio Display XDR monitors. Longtime Slashdot reader jizmonkey shares details about the M5 Pro and M5 Max chips, which look to be fairly major updates from the previous generation: Apple announced its newest CPUs today, which it claims has the fastest single-threaded performance in the world. Both the M5 Pro and M5 Max have eighteen-core designs, versus twelve or fourteen in the M4 Pro and fourteen or sixteen in the M4 Max. However, the number of higher-performing cores has been reduced significantly. In the older M4 designs, the chips had eight, ten, or twelve "performance" cores and four "efficiency" cores. In the M5 design, there are now only six higher-performing cores (now called "super" cores) and twelve lower-performing cores (now called "performance" cores). [Apple positions this "reduction" as a redesigned architecture with new core types.] The maximum amount of RAM remains the same at 128GB for the M5 Max (64GB for the M5 Pro), and GPU performance has increased. [The M5 Pro features up to a 20-core GPU, while the M5 Max scales up to 40 cores, each equipped with a Neural Accelerator. Apple also says the new architecture delivers over 4x peak GPU compute for AI compared to the previous generation, along with up to 35 percent faster performance in ray-traced graphics workloads.] Laptops with the new chips are available to order starting tomorrow and will be delivered starting March 11. As for the new XDR monitors, MacRumors highlights some of the key features in its reporting: Apple today introduced an all-new Studio Display XDR monitor with a 27-inch screen, mini-LED backlighting, 5K resolution, peak brightness of 2,000 nits for HDR content, up to a 120Hz refresh rate, Thunderbolt 5, and more. The new Studio Display XDR replaces Apple's former Pro Display XDR, which has been discontinued. Going forward, there are now two Studio Display models.

Both new Studio Display models have the same overall design as the original model. Both models have a 12-megapixel Center Stage camera, but it now supports Desk View on the new models. Both models also feature an upgraded six-speaker system, with Apple advertising "30 percent deeper bass" compared to the previous model. Only the higher-end Studio Display XDR received a 120Hz refresh rate, mini-LED backlighting, increased brightness, and faster 140W pass-through charging. The regular Studio Display still has a 60Hz refresh rate and up to 600 nits of brightness. Both models have 27-inch displays with a 5K resolution.

The new Studio Displays can be pre-ordered starting Wednesday, March 4, ahead of a Wednesday, March 11 launch. In the U.S., the regular Studio Display continues to start at $1,599, while the Studio Display XDR starts at $3,299.

Apple has reportedly asked Google to look into "seting up servers" for a Gemini-powered upgrade to Siri that meets Apple's privacy standards. The Verge reports: Apple had already announced in January that Google's Gemini AI models would help power the upgraded version of Siri it delayed last year, but The Information's report indicates Apple might lean even more on Google so it can catch up in AI.

The original partnership announcement said that "the next generation of Apple Foundation Models will be based on Google's Gemini models and cloud technology," and that the models would "help power future Apple Intelligence features," including "a more personalized Siri." While the announcement noted that Apple Intelligence would "continue to run on Apple devices and Private Cloud Compute," it didn't specify if the new Siri would run on Google's cloud. Apple's Private Cloud Compute is not only underpowered but it's also underutilized in its current state, notes 9to5Mac, "with the company only using about 10% of its capacity on average, leading to some already-manufactured Apple servers to be sitting dormant on warehouse shelves."

Apple today announced the iPhone 17e with support for MagSafe and an upgraded A19 chip. The base model also gets a bump to 256GB of storage at $599, and Apple is equipping the device with its new scratch-resistant Ceramic Shield 2 glass that's supposedly 3x more durable than the 16e. Macworld reports: MagSafe would normally mean significantly faster wireless charging speeds too: the 16e is capped at 7.5W, whereas recent iPhones can wirelessly charge using MagSafe at up to 22W or even 25W. Unfortunately the iPhone 17e has not been given access to the full extent of MagSafe's powers in this regard, and has a limit of 15W. That's the same as MagSafe on the iPhones 12 through 15, and remains an improvement on the 16e, but is still disappointing. [...]

It was also expected that the 17e would get a new processor, as this is a standard upgrade for almost every refresh of almost every Apple product. The iPhone 16e came with an A18 chip; the 17 has an A19, which, according to Apple, "delivers exceptional performance for everything users do." Of course that depends on the user and their needs, and it's important to point out that, just like last year, Apple has chosen to use "binned" units of the chip in order to save money. Binned chips have failed manufacturing tests in some minor way and don't have the full complement of cores. [...]

And although the cameras are still disappointingly few in number -- one on the front and one on the back -- the wording for the portrait mode has been updated from "Portrait mode with Depth Control" (the same as on the iPhone 12) to "Next-generation portraits with Focus and Depth Control" (same as on the iPhone 17). This appears to highlight the fact that you can change the focus point. The 17e is available in white, black, and soft pink starting at $599.

Apple's iPhone and iPad running iOS 26 and iPadOS 26 have become the first consumer mobile devices cleared for NATO-restricted classified data. No special software or settings are required. MacRumors reports: Apple's devices are the first and only consumer mobile products that have reached this government certification level after security testing and evaluation by the German government. iPhones and iPads running iOS 26 and iPadOS 26 are now certified for use with classified data in all NATO nations.

In an announcement of the security clearance, Apple touted its security features: "Apple designs security into all of its products from the start, ensuring the most sophisticated protections are built in across hardware, software, and Apple silicon. This unique approach allows Apple users to benefit from industry-leading security protections such as best-in-class encryption, biometric authentication with Face ID, and groundbreaking features like Memory Integrity Enforcement. These same protections are now recognized as meeting stringent government and international security requirements, even for restricted data."

Apple's forthcoming touch-screen MacBook Pro models -- the company's first-ever laptops to support touch input -- will feature the iPhone's Dynamic Island at the center top of their OLED displays and a new interface that dynamically adjusts between touch and point-and-click controls, according to a Bloomberg report citing people familiar with the plans.

The 14-inch and 16-inch models, code-named K114 and K116, are slated for release toward the end of 2026 and won't be part of Apple's product announcements in the first week of March. The redesigned interface brings up a contextual menu surrounding a user's finger when they touch a button or control, and enlarges menu bar items when tapped, adapting the available controls based on whether the input is touch or click.

Apple does not plan to position the machines as iPad replacements or describe them as touch-first; the physical design retains the full keyboard and large trackpad of the current MacBook Pro. Last year's Liquid Glass redesign in macOS Tahoe, which added more padding around icons and touch-optimized sliders in the control center, was partly groundwork for this shift.

According to Bloomberg's Mark Gurman (paywalled), Apple is reportedly developing AI-powered smart glasses, a wearable pendant, and camera-equipped AirPods that connect to the iPhone and use "visual context" to let Siri perform real-world actions. The Verge reports: Apple is reportedly aiming to start production of its smart glasses in December, ahead of a 2027 launch. The new device will compete directly with Meta's lineup of smart glasses and is rumored to feature speakers, microphones, and a high-resolution camera for taking photos and videos, in addition to another lens designed to enable AI-powered features.

The glasses won't have a built-in display, but they will allow users to make phone calls, interact with Siri, play music, and "take actions based on surroundings," such as asking about the ingredients in a meal, according to Bloomberg. Apple's smart glasses could also help users identify what they're seeing, reference landmarks when offering directions, and remind wearers to complete a task in specific situations, Bloomberg reports.

The company is reportedly planning to develop the frames for the smart glasses in-house, instead of partnering with a third-party company like Meta does with Ray-Ban and Oakley. Prototypes of the glasses use a cable to connect to a battery pack and an iPhone, but Bloomberg reports that "newer versions have the components embedded in the frame." Apple reportedly wants to make its smart glasses stand out by offering a high-quality build and advanced camera technology. The company is still working on AI-powered smart glasses with a display, though their launch "remains many years away," Bloomberg says.

Apple's plans for AI hardware don't end there, as the company is expected to build upon its Google Gemini-powered Siri upgrade with an AirTag-sized AI pendant that people can either wear as a necklace or a pin. This device would "essentially serve as an always-on camera" for the iPhone and has a microphone for prompting Siri, Bloomberg reports. The pendant, which The Information first reported on last month, is rumored to come with a built-in chip, but will mainly rely on the iPhone's processing power. The device could arrive as early as next year, according to Bloomberg.

Installing Linux on a MacBook Air "turned out to be a very underwhelming experience," according to the tech news site MakeUseOf: The thing about Apple silicon Macs is that it's not as simple as downloading an AArch64 ISO of your favorite distro and installing it. Yes, the M-series chips are ARM-based, but that doesn't automatically make the whole system compatible in the same way most traditional x86 PCs are. Pretty much everything in modern MacBooks is custom. The boot process isn't standard UEFI like on most PCs. Apple has its own boot chain called iBoot. The same goes for other things, like the GPU, power management, USB controllers, and pretty much every other hardware component. It is as proprietary as it gets.

This is exactly what the team behind Asahi Linux has been working toward. Their entire goal has been to make Linux properly usable on M-series Macs by building the missing pieces from the ground up. I first tried it back in 2023, when the project was still tied to Arch Linux and decided to give it a try again in 2026. These days, though, the main release is called Fedora Asahi Remix, which, as the name suggests, is built on Fedora rather than Arch...
For Linux on Apple Silicon, the article lists three major disappointments:

• "External monitors don't work unless your MacBook has a built-in HDMI port."

• "Linux just doesn't feel fully ready for ARM yet. A lot of applications still aren't compiled for ARM, so software support ends up being very hit or miss." (And even most of the apps tested with FEX "either didn't run properly or weren't stable enough to rely on.")

• Asahi "refused to connect to my phone's hotspot," they write (adding "No, it wasn't an iPhone").

This week Apple patched iOS and macOS against what it called "an extremely sophisticated attack against specific targeted individuals."

Security Week reports that the bugs "could be exploited for information exposure, denial-of-service (DoS), arbitrary file write, privilege escalation, network traffic interception, sandbox escape, and code execution." Tracked as CVE-2026-20700, the zero-day flaw is described as a memory corruption issue that could be exploited for arbitrary code execution... The tech giant also noted that the flaw's exploitation is linked to attacks involving CVE-2025-14174 and CVE-2025-43529, two zero-days patched in WebKit in December 2025...

The three zero-day bugs were identified by Apple's security team and Google's Threat Analysis Group and their descriptions suggest that they might have been exploited by commercial spyware vendors... Additional information is available on Apple's security updates page.
Brian Milbier, deputy CISO at Huntress, tells the Register that the dyld/WebKit patch "closes a door that has been unlocked for over a decade."

Thanks to Slashdot reader wiredmikey for sharing the article.

Apple's long-promised overhaul of Siri has hit fresh problems during internal testing, forcing the company to push several key features out of the iOS 26.4 update that was slated for March and spread them across later releases, Bloomberg is reporting.

The new Siri -- first announced at WWDC in June 2024 and originally due by early 2025 -- struggles to reliably process queries, takes too long to respond and sometimes falls back on OpenAI's ChatGPT instead of Apple's own technology, the report said. Apple has instructed engineers to begin testing new Siri capabilities on iOS 26.5 instead, due in May, and internal builds of that update include a settings toggle labeled "preview" for the personal data features. A more ambitious chatbot-style Siri code-named Campo, powered by Google servers and a custom Gemini model, is in development for iOS 27 in September.