Archive for Apple

Apple Takes Action Again To Remove More Zoom Related Vulnerabilities From Macs Everywhere

Posted in Commentary with tags on July 16, 2019 by itnerd

According to The Verge, Apple has  pushed a second silent security update to Macs via their XProtect functionality to address further vulnerabilities related to the Zoom video conferencing app for macOS which I reported on last week.

Much like the last silent security update that I covered, Apple removed software that was installed by RingCentral and Zhumu, two video conferencing apps that relied on technology from Zoom and were also found to have the same vulnerabilities that Zoom has. You might recall that I only mentioned one of them previously. So the existence of another white labeled version of the Zoom software is not surprising, but it is troubling as I have to wonder how many variants of this are out there. Thus it’s also not surprising that Apple told The Verge that it plans to fix the vulnerability for all of Zoom’s partner apps. Which means that you can expect more of these XProtect updates to come.

 

Advertisements

Apple Actually Is Shipping A SLOWER SSD In The New MacBook Air Versus The Previous One

Posted in Commentary with tags on July 15, 2019 by itnerd

The new 2019 MacBook Air with a True Tone display, upgraded keyboard and a price cut has been out for a week already. All of that sounds great. But it’s not all good. Consomac confirms an unfortunate drawback: the SSD is slower than the previous 2018 model. Yes you read that correctly. It has a SLOWER SSD:

The French site conducted some tests on the new 2019 MacBook Air using Blackmagic Disk Speed Test and it achieved speeds of 1.3 GB/s read and 1 GB/s write. Compare it to the 2018 MacBook Air, which achieved 2 GB/s read and 0.9 GB/s write. Apple’s newer laptop improved slightly on the writing side, but its performance downgraded by 35% on the reading side. That can be attributed to a slower SSD Apple included in the new MacBook Air.

Wow. At a time when SSD prices are plummeting and speeds are increasing exponentially, Apple shipping an inferior drive to what they had in the last revision takes some balls to do. Apple seriously has to explain this because there’s truly no excuse for this and it really is yet another reason why Apple is losing the plot.

Office365, Google Docs, And iWork Verboten From Some German Schools

Posted in Commentary with tags , , , , on July 15, 2019 by itnerd

Privacy regulators in Germany have ruled out the use of Office 365, Google Docs or Apple’s iWork suite citing privacy concerns over the way these cloud services work. TNW reports the following:

Microsoft’s cloud services has run into a fresh roadblock in Germany, after the state of Hesse ruled it is illegal for its schools to use Office 365 citing “privacy concerns.”

The Hesse Commissioner for Data Protection and Freedom of Information (HBDI) ruled that using the popular cloud platform’s standard configuration exposes personal information about students and teachers “to potential access by US authorities.”

And:

The use of cloud applications by schools is generally not a data protection problem. Many schools in Hesse are already using cloud solutions. Whether, for example, the learning platform or the electronic class book: Schools can use digital applications in compliance with data protection, as far as the security of the data processing and the participation of the pupils is guaranteed.

The core issue is that telemetry data is sent out of Germany to the US, and this can include personal data.

This information can include anything from regular software diagnostic data to user content from Office applications, such as email subject lines and sentences from documents where the company’s translation or spellchecker tools were used.

Collection of such information is a violation of GDPR laws that came into effect last May.

And what makes the situation worse is that switching away from Microsoft to a Google or Apple solution is not possible:

What is true for Microsoft is also true for the Google and Apple cloud solutions. The cloud solutions of these providers have so far not been transparent and comprehensibly described. Therefore, it is also true that for schools the privacy-compliant use [of these alternatives] is currently not possible.

Thus schools have to run local copies of these apps and store data locally. Although the ruling has so far been made by only one state in Germany, it seems likely that the same issue would apply across the country. That means that Microsoft, Google and Apple will have to address this quickly to avoid a blanket ban across Germany.

Apple Takes Action To Remove That Zoom Web Server Which Has Been Shown To Be A Security Risk

Posted in Commentary with tags , on July 11, 2019 by itnerd

I guess that Apple felt that the security risks posed by the Zoom video conferencing software and the response by Zoom to fix the issue was too great to ignore as TechCrunch is reporting that Apple has pushed a silent update to remove the Zoom web server that is at the center of this controversy. As in the one that was installed by Zoom without user consent and seems to do some sketchy things.

So you might be wondering how Apple did that. macOS has a feature called XProtect which is part of Apple’s Gatekeeper security suite that is built into macOS. It allows Apple to silently (as in no user interaction is required) deal with malware by pushing updates to any Mac that is online. These updates can quarantine or kill malware. Now to be clear, this isn’t a true antivirus product and you still need to run one despite what the Mac fanboys might say. But this is a good way for Apple to provide “herd immunity” for Mac users.

So the net result is that if you are a Mac based Zoom user and whether you ran the Zoom update or not, you’re protected from this threat. That’s great for Mac users. But given all that has transpired over the last few days, you have to question if you should be using Zoom at all.

Apple Turns Off Walkie Talkie Feature In watchOS Due To Eavesdropping Vulnerability

Posted in Commentary with tags on July 11, 2019 by itnerd

Here we go again. Much like this well publicized vulnerability from last year where you could use FaceTime to eavesdrop on others, and which left Apple with egg on their face because of the way it was handled, Apple has a similar vulnerability on its hands. In short, Apple has had to turn off the Walkie Talkie feature of the Apple Watch due to a bug that could allow users to eavesdrop on others according to TechCrunch. What’s important about to note is Walkie Talkie uses the FaceTime protocol. That makes one wonder what other bugs are hiding in there and how extensive these problems are.

Apple issued a statement noting that it was just notified about the vulnerability and has temporarily disabled the Walkie-Talkie functionality while they “quickly” fix the issue. How and when that fix will be delivered is not clear at this point. iOs 12.4 and watchOS 5.3 are in beta at this point, so my first thought is that they will likely use that as a delivery vehicle to address this bug. Or we could see a emergency patch come out to address this. There’s also the possibility that this could be a server side fix which would not require a client side software update. We’ll have to to wait and see how Apple decides to address this.

Bugs happen. I get that. But when you go around saying that you develop products that are private and secure, and you get bugs like this, it makes you look like all those statements about privacy and security are fake. Apple seriously needs to up it’s game here because clearly what I said in this article hasn’t been addressed. Which is Apple has lost the plot when it comes to making quality products.

 

Apple Releases New Notebooks…. And Expands Their #KeyboardGate Repair Program At The Same Time

Posted in Commentary with tags on July 9, 2019 by itnerd

Just a few minutes ago, Apple released new MacBook Air and MacBook Pro 13″ notebooks and announced their back to school promotions at the same time. That’s where the good news ends. The bad news is that it seems that these new notebooks still use the butterfly keyboard which is the source of long running complaints in the Mac universe. How do I know this? Well, here’s the big hint. Apple has a repair program for these keyboards which I wrote about here. Here’s a picture that I took of the models that were eligible for repair at the time:

keyboard

Now if you look at the same page today, here’s what you will see:

crap

The highlighted computers are the ones that were just released today. So once again, Apple has released computers with a known to be problematic keyboard. That does not inspire confidence and it is really perplexing. But I guess that Apple can’t or won’t redesign the keyboard and are just going to ride the butterfly keyboard as long as it can until they do a complete redesign of the MacBook Pro. And yes, Apple will fix notebooks with keyboard issues under this repair program. But let’s be honest. This program shouldn’t exist as the keyboards should simply be reliable.

That’s a pity.

My advice remains the same. Avoid any MacBook that has a butterfly keyboard. At least until Apple comes out with a notebook with a keyboard of a different design that is proven to be far more reliable. After all you don’t want to be stuck with a expensive notebook that is unreliable.

BREAKING: Apple iCloud Is Down For Many [UPDATED x7]

Posted in Commentary with tags on July 4, 2019 by itnerd

Apple is not having a good 4th of July as Apple’s system status page is noting the downtime across almost all of its iCloud services. That includes Apple Pay, Screen Time, Find My Friends, Find My iPhone among other services. And it’s trending on Twitter which is never a good thing for a company who is suffering an outage.

What’s worse is that if you want to buy something at an Apple Store, apparently you can’t:

There doesn’t seem to be any ETA for resolution. But you can be sure that Apple is trying to get things working as fast as possible as this has to be embarrassing for them.

UPDATE: About the same time that the iCloud outage happened, this happened:

UPDATE #2: Apple Pay and Apple Cash issues appear to be resolved as per the Apple Status Page.

apple pay

UPDATE #3: GameCenter issues appear to be resolved.

gamecenter

UPDATE #4: iCloud Mail issues have been resolved.

icloud mail

UPDATE #5: iCloud services are coming back online. This is the current state of play.

Staus

UPDATE #6: iCloud Reminders and iCloud Calendar are the only things that are not working. All other iCloud services have been restored.

UPDATE #7: The outage is over as all services have been restored.