IOS

iOS 11's Misleading 'Off-ish' Setting For Bluetooth and Wi-Fi is Bad for User Security (eff.org) 162

Last month, we covered a story about how turning off Wi-Fi and Bluetooth in iOS 11's Control Center doesn't really turn off Wi-Fi and Bluetooth. EFF has called the situation bad for user security. From the report: Instead, what actually happens in iOS 11 when you toggle your quick settings to "off" is that the phone will disconnect from Wi-Fi networks and some devices, but remain on for Apple services. Location Services is still enabled, Apple devices (like Apple Watch and Pencil) stay connected, and services such as Handoff and Instant Hotspot stay on. Apple's UI fails to even attempt to communicate these exceptions to its users. It gets even worse. When you toggle these settings in the Control Center to what is best described as "off-ish," they don't stay that way. The Wi-Fi will turn back full-on if you drive or walk to a new location. And both Wi-Fi and Bluetooth will turn back on at 5:00 AM. This is not clearly explained to users, nor left to them to choose, which makes security-aware users vulnerable as well. The only way to turn off the Wi-Fi and Bluetooth radios is to enable Airplane Mode or navigate into Settings and go to the Wi-Fi and Bluetooth sections. When a phone is designed to behave in a way other than what the UI suggests, it results in both security and privacy problems. A user has no visual or textual clues to understand the device's behavior, which can result in a loss of trust in operating system designers to faithfully communicate what's going on.
Businesses

Uber's iOS App Had Secret Permissions That Allowed It to Copy Your Phone Screen, Researchers Say (gizmodo.com) 91

To improve functionality between Uber's app and the Apple Watch, Apple allowed Uber to use a powerful tool that could record a user's iPhone screen, even if Uber's app was only running in the background, security researchers told news outlet Gizmodo. From a report: After the researchers discovered the tool, Uber said it is no longer in use and will be removed from the app. The screen recording capability comes from what's called an "entitlement" -- a bit of code that app developers can use for anything from setting up push notifications to interacting with Apple systems like iCloud or Apple Pay. This particular entitlement, however, was intended to improve memory management for the Apple Watch. The entitlement isn't common and would require Apple's explicit permission to use, the researchers explained. Will Strafach, a security researcher and CEO of Sudo Security Group, said he couldn't find any other apps with the entitlement live on the App Store. "It looks like no other third-party developer has been able to get Apple to grant them a private sensitive entitlement of this nature," Strafach said. "Considering Uber's past privacy issues I am very curious how they convinced Apple to allow this."
Security

Apple Addresses a Bug That Caused Disk Utility in macOS High Sierra To Expose Passwords of Encrypted APFS Volumes (macrumors.com) 85

Joe Rossignol, writing for MacRumours: Brazilian software developer Matheus Mariano appears to have discovered a significant Disk Utility bug that exposes the passwords of encrypted Apple File System volumes in plain text on macOS High Sierra. Mariano added a new encrypted APFS volume to a container, set a password and hint, and unmounted and remounted the container in order to force a password prompt for demonstration purposes. Then, he clicked the "Show Hint" button, which revealed the full password in plain text rather than the hint. [...] Apple has addressed this bug by releasing a macOS High Sierra 10.13 Supplemental Update, available from the Updates tab in the Mac App Store.
Google

Google Debuts Its $400 Google Home Max Speaker To Rival Apple's HomePod (techcrunch.com) 60

In addition to the Pixel 2 and Pixel 2 XL, Google debuted a $400 speaker, called Home Max, that looks to compete directly with Apple's recently announced HomePod. The Home Max is a larger Google Home that features stereo speakers and more premium looks and materials. It's expected to go on sale in December in the U.S. TechCrunch reports: It can tune its audio to its own space, analyzing the sound coming from the speaker using its built in microphones to determine the best equalizer settings. This is called Smart Sound, and it evolves over time and based on where you move the speaker, using built-in machine learning. It has Cast functionality, as well as input via stereo 3.5 mm jack. Home Max can output sound that's up to 20 times more powerful than the standard version of Home, Google says, and it has two 4.5 inch woofers on board with two 0.7 inch custom-built tuners. It can sit in either vertical or horizontal orientation, and it comes in both 'chalk' and 'charcoal.' Of course, this bigger speaker also includes a noise isolating array that makes it work even in open rooms with background noise, and it's Assistant-enabled, so you can use it to control your music playback via voice, or manage your smart home devices, set yourself reminders, alarms, and timers and much more. Google also launched a budget-friendly Google Home Mini that features the Google Assistant but in a smaller form factor. 9to5Google reports: Google touts the Home Mini as having a powerful speaker with "crisp" 360 degree sound. The Mini can also be connected to any Chromecast wireless speaker, but there is no 3.5mm jack like Amazon's Echo Dot. In the center, there are four white lights that note when the Home Mini is listening or responding. Besides saying the "Ok, Google" hotword, users can tap on the Home Mini to issue a command. Google also retained the Home's original button for disabling the microphone with a toggle next to the charging port. The Google Home Mini will be go on sale later this month for $49, with pre-orders starting today.
EU

EU Takes Ireland To Court For Not Claiming Apple Tax Windfall (reuters.com) 192

Philip Blenkinsop, reporting for Reuters: The European Commission said on Wednesday it was taking Ireland to the European Court of Justice for its failure to recover up to 13 billion euros ($15.3 billion) of tax due from Apple, a move labeled as "regrettable" by Dublin. The Commission ordered the U.S. tech giant in August 2016 to pay the unpaid taxes as it ruled the firm had received illegal state aid, one of a number of deals the EU has targeted between multinationals and usually smaller EU states. "More than one year after the Commission adopted this decision, Ireland has still not recovered the money," EU Competition Commissioner Margrethe Vestager said, adding that Dublin had not even sought a portion of the sum.
Android

Google Is Latest Company To Ditch Headphone Jack In Its Newest Smartphones (cultofmac.com) 391

When launching its original Pixel smartphone, Google mocked the iPhone 7's missing headphone jack in its marketing material. According to Cult of Mac, Google won't be doing the same for the Pixel 2. "The company has decided to remove the aging port from its latest handsets," reports Cult of Mac. "A new leak reveals that the lineup will rely solely on USB-C for wired connectivity." From the report: Incredibly reliable leaker Evan Blass has published pictures and details of Google's upcoming Pixel 2 smartphones on VentureBeat. He has also confirmed that neither device will feature a headphone jack, which means users will have to rely on a USB-C adapter or Bluetooth. It also means Google will no longer be able to put out Pixel ads that take sly swipes at the iPhone's missing port. Blass says both Pixel handsets will be powered by a Snapdragon 835 chipset -- the same one found in the Galaxy S8, the LG V30, and other 2017 flagships -- not a faster Snapdragon 836 processor as originally planned. Other features are said to include 12-megapixel cameras, 4GB of RAM, and 64GB or 128GB storage options. The smaller Pixel will pack a 5-inch 1080p display with a 16:9, while its larger sibling will pack a 6-inch Quad HD display with an 18:9 aspect ratio. Is the lack of a headphone jack a deal-breaker, or do you think the Pixel's other features, like stock Android and front-facing stereo speakers, will make up for it?
Intel

Former Intel CEO Paul Otellini Dies At 66 (engadget.com) 48

An anonymous reader quotes a report from Engadget: Paul Otellini, Intel's previous CEO, died in his sleep on Monday, the company announced this morning. He was 66. Otellini served as Intel's fifth chief executive from 2005 through 2013, and leaves behind a legacy of the company's dominance in x86 processors. Notably, he also worked with Apple as it moved away from PowerPC chips and adopted Intel's wares. After retiring in 2013, Otellini revealed one major regret during his tenure: not working hard enough to get Intel's chips in the iPhone. Consequently, Intel mostly missed on the smartphone revolution.

Otellini joined Intel in 1974 and served various roles throughout his career, including chief operating officer from 2003 to 2005. He would go on to spend almost 40 years at the company. He was an intriguing choice as CEO, since he was the company's first non-engineer to hold that role.

Data Storage

High Sierra's Disk Utility Does Not Recognize Unformatted Disks (tinyapps.org) 135

macOS 10.13's Disk Utility 17.0 (1626) does not recognize raw drives, reads a blog post, shared by several readers. From the post: Diskutil does recognize the drive. We'll use it to perform a quick, cursory format (e.g., diskutil eraseDisk JHFS+ NewDisk GPT disk0) to make the disk appear in Disk Utility, where further modifications can more easily be made. Plugging in an unformatted external drive produces the usual alert, "The disk you inserted was not readable by this computer. Initialize... | Ignore | Eject", but clicking Initialize just opens Disk Utility without the disk appearing. There's an option in Disk Utility to view "all devices," but clicking that doesn't show raw disks, the blog post adds.
Android

Ask Slashdot: Why Would Anyone Want To Spend $1,000 on a Smartphone? 487

Last month, Apple CEO Tim Cook said the $1,000 sticker price for the base model of iPhone X, the latest flagship smartphone from the company which goes on sale next month, is "a value price for the technology that you're getting." An anonymous reader writes: I simply don't understand why anyone would want to spend such amount on a phone. Don't get me wrong. Having a smartphone is crucial in this day and age. I get it. But even a $200 phone, untethered from any carrier contract, will let you install the apps you need, will allow you to take good pictures, surf the web, and listen to music. That handset might not be as fast as the iPhone X or Samsung's new Galaxy Note 8, or it might not be able to take as great pictures, but the difference, I feel, doesn't warrant an additional $800. The reader shares a column: When considering a purchase, comparing the value a product will add to our lives, and its cost is wise. Subjective perceptions affect how we value possessions, but let's consider the practical value of how we use smartphones. Smartphones aren't used for talking as often as the phones that preceded them were. In fact, actual "phone" use ranks below messaging, web surfing, social media and other activities that dominate smartphone usage. Furthermore, statistically we use only six core apps regularly. [...] My point is, smartphones have't changed all that much relatively speaking. Sure they're bigger, faster, more powerful and have awesome cameras. But the iPhone X is fundamentally the same device the earlier iPhones were, and provides the same basic and sought after functions. It's a glass-covered rectangular slab mostly used for messaging, web-surfing, music and social media activity. An individual's perception of self, financial resources, desired or actual social position and love for tech will likely play a role in his perception of the value of a $1,000 smartphone.
Government

Steve Wozniak: Net Neutrality Rollback 'Will End the Internet As We Know It' (siliconbeat.com) 215

An anonymous reader quotes Silicon Beat: Apple co-founder Steve Wozniak penned an op-ed on Friday with a former Federal Communications Commission chairman, urging the current FCC to stop its proposed rollback of Obama-era net neutrality regulations. In the op-ed published by USA Today, Wozniak and Michael Copps, who led the FCC from 2001 to 2011, argued the rollback will threaten freedom for internet users and may corrode democracy... "Sometimes there's a nugget of truth to the adage that Washington policymakers are disconnected from the people they purport to represent," they wrote. "It is a stirring example of democracy in action. With the Internet's future as a platform for innovation and democratic discourse on the line, a coalition of grassroots and diverse groups joined with technology firms to insist that the FCC maintain its 2015 open internet (or 'net neutrality') rules."
In the joint letter, Wozniak and Copps write that "We come from different walks of life, but each of us recognizes that the FCC is considering action that could end the internet as we know it -- a dynamic platform for entrepreneurship, jobs, education, and free expression."

"Will consumers and citizens control their online experiences, or will a few gigantic gatekeepers take this dynamic technology down the road of centralized control, toll booths and constantly rising prices for consumers? At stake is the nature of the internet and its capacity to transform our lives even more than it already has."
Businesses

Apple is Really Bad At Design (theoutline.com) 366

Joshua Topolsky, writing for the Outline: Once upon a time, Apple could do little wrong. As one of the first mainstream computer companies to equally value design and technical simplicity, it upended our expectations about what PCs could be. "Macintosh works the way people work," read one 1992 ad. Rather than requiring downloads and installations and extra memory to get things right (as often required by Windows machines), Apple made it so you could just plug in a mouse or start up a program and it would just... work. Marrying that functionality with the groundbreaking design the company has embodied since the early Macs, it's easy to see how Apple became the darling of designers, artists, and the rest of the creative class. The work was downright elegant; unheard of for an electronics company. [...] But things changed. In 2013 I wrote about the confusing and visually abrasive turn Apple had made with the introduction of iOS 7, the operating system refresh that would set the stage for almost all of Apple's recent design. The product, the first piece of software overseen by Jony Ive, was confusing, amateur, and relatively unfinished upon launch. [...] It's almost as if the company is being buried under the weight of its products. Unable to cut ties with past concepts (for instance, the abomination that is iTunes), unable to choose clear paths forward (USB-C or Lightning guys?), compromising core elements to make room for splashy features, and executing haphazardly to solve long-term issues. [...] Pundits will respond to these arguments by detailing Apple's meteoric and sustained market-value gains. Apple fans will shout justifications for a stylus that must be charged by sticking it into the bottom of an iPad, a "back" button jammed weirdly into the status bar, a system of dongles for connecting oft-used devices, a notch that rudely juts into the display of a $1,000 phone. But the reality is that for all the phones Apple sells and for all the people who buy them, the company is stuck in idea-quicksand, like Microsoft in the early 2000s, or Apple in the 90s.
Iphone

Apple Investigating Reports of iPhone 8 Plus Devices 'Splitting Open' (9to5mac.com) 106

Apple is currently investigating reports of the iPhone 8 Plus splitting open while being charged with the included cable and plug adapter. The first claim comes from a Taiwanese iPhone 8 Plus owner, who posted photos which show damage consistent with a swollen battery. The second claim is from a Japanese owner who posted similar photos of his device, which he says arrived in this state. The Next Web reports: The phone belonged to a Ms. Wu, who recently renewed her phone contract and purchased a 64GB rose gold iPhone 8 Plus. The issue emerged five days after purchasing the phone. Wu placed her phone on charge, using the supplied cable and adaptor. After three minutes, she reported seeing the front panel bulge, and eventually lift completely from the device. According to multiple Taiwanese outlets, the phone was later recovered by the carrier, and has since been shipped to Apple for analysis. 9to5Mac adds: While any incident affecting a new iPhone model is bound to attract media attention, it's worth noting the usual disclaimers. First, any device manufactured in the millions will include some faulty models -- the real news would be if this were not the case. Second, investigations into charging-related incidents often reveal that a third-party charger was used, even when an owner initially claims to have used the supplied Apple one.
Security

Apple Reports 400 Percent Rise In National Security Requests (thenextweb.com) 44

An anonymous reader quotes a report from The Next Web: Apple received a record number of national security orders this year, according to its bi-annual report published this week. The company stated it received more than 13,250 national security requests affecting over 9,000 accounts in the first half of 2017. Compared to the same period in 2015, this represents a threefold increase. National Security Requests are subpoenas by the government which oblige companies or individuals to share their data for national security purposes. The requests are usually made in the form of National Security Letters and are demanded only when it's indispensable to an investigation. The reason for this rise in numbers is still unclear. The company also revealed it provided data in 44 non-civil governmental cases, information which hadn't been revealed in its previous reports.
Security

Critical EFI Code in Millions of Macs Isn't Getting Apple's Updates (wired.com) 91

Andy Greenberg, writing for Wired:At today's Ekoparty security conference, security firm Duo plans to present research on how it delved into the guts of tens of thousands of computers to measure the real-world state of Apple's so-called extensible firmware interface, or EFI. This is the firmware that runs before your PC's operating system boots and has the potential to corrupt practically everything else that happens on your machine. Duo found that even Macs with perfectly updated operating systems often have much older EFI code, due to either Apple's neglecting to push out EFI updates to those machines or failing to warn users when their firmware update hits a technical glitch and silently fails. For certain models of Apple laptops and desktop computers, close to a third or half of machines have EFI versions that haven't kept pace with their operating system system updates. And for many models, Apple hasn't released new firmware updates at all, leaving a subset of Apple machines vulnerable to known years-old EFI attacks that could gain deep and persistent control of a victim's machine.
Iphone

Apple Recommends Children Under 13, Twins and Siblings Do Not Use Face ID On iPhone X (theguardian.com) 120

According to a security guide published Wednesday, Apple recommends that children under the age of 13 do not use Face ID on the iPhone X due to the probability of a false match being significantly higher for young children. The company said this was because "their distinct facial features may not have fully developed." They also recommend that twins and siblings do not use the new feature. The Guardian reports: In all those situations, the company recommends concerned users disable Face ID and use a passcode instead. With Face ID, Apple has implemented a secondary system that exclusively looks out for attempts to fool the technology. Both the authentication and spoofing defense are based on machine learning, but while the former is trained to identify individuals from their faces, the latter is used to look for telltale signs of cheating. "An additional neural network that's trained to spot and resist spoofing defends against attempts to unlock your phone with photos or masks," the company says. If a completely perfect mask is made, which fools the identification neural network, the defensive system will still notice -- just like a human.

Slashdot Top Deals