The IT Nerd

Change sometimes sucks. But sometimes change is something that is needed to move the world forward. Today, I’m going to give you one of those changes.

At present, when you try to run an app that hasn’t been signed and notarized by Apple, you’ll get this error message:

This is meant to protect you from spyware, malware, etc. Which is fine. But there was always a way around this. If you held down the control key and then clicked on the app, you would get this:

Choosing Open would allow you to open the app. And by extension, also expose you to getting pwned by something nasty. That ability is about to go away as according to this note the upcoming macOS Sequoia will take away this ability. This will stop users from accidentally pwning themselves by running an unsigned app. And there is a way to get around this if forever reason you want to run an unsigned app. You can navigate to System Settings –> Privacy & Security to allow the app to run.

Now let me be clear, I do not recommend that you ever run unsigned, and un-notarized apps. Ever. It’s too big of a risk. And at the same time, I also want to say that even signed and notarized apps have some amount of risk associated with them as some sort of threat actor could leverage the fact that their evil app is signed and notarized to launch an attack. But this change is a good one as it will make macOS more secure in the long run. Even if a handful of users aren’t going to be happy with this change.

A quick primer before I get into the weeds. An Apple Account allows you to put money into it so that you can buy things like apps, music, etc. without having to use your credit card or PayPal to do it. You can even use it to buy stuff at the Apple Store either in store or online. And if you receive an App Store or Apple Store gift card, the amount of that gift card is added to that Apple Account.

Up until iOS 17.6 coming out, there was no separate card in the Wallet app that showed your balance. At least not in Canada as this was a US only thing as far as I know. But since iOS 17.6 came out, this has appeared for myself and for my wife, and for other Canadian iOS users I’ve spoken to. Here’s how you add an Apple Account Card if you wish to do so:

Go to the Wallet app and click on “Add Apple Account”.

You will then get this screen. Click Continue.

You will see this screen, and it should show your Apple ID as well as your Apple Account balance. I’ve redacted both in this screenshot. Click Next.

This screen indicates that the card is being added. It took me less than a minute for it to be added. When successful, you should see this:

If you get this screen, you’re good to go.

Is this something that you are going to do? If so, I’d love to know why in the comments below.

From the “I didn’t have this on my BINGO card” department comes this Apple note that details that there’s new firmware available for AirPods. And when I say AirPods, I mean the following AirPod models:

• AirPods (2nd generation and later)
• AirPods Pro (all models)
• AirPods Max
• Powerbeats Pro
• Beats Fit Pro

This update fixes a security issue with your AirPods that seems to be pretty pervasive given that it covers most of the AirPods that Apple has made along with the Beats Fit Pro and Powerbeats Pro which clearly must have some AirPods tech in them. The issue is that there seems to have been a bug that allowed an attacker within Bluetooth range to spoof the details of a device you’ve previously connected your headphones to, allowing the attacker to gain access to your headphones. This new firmware fixes that bug.

In terms of updating your AirPods, Apple doesn’t provide a way to do that easily. Apple says that they will eventually update themselves when in range of your iPhone. But I have had success force updating using this method that YouTube creator Zollotech describes in this video:

My advice would be that you should update them as that now that this is out there, someone will try to replicate this.

The AP is reporting that Apple is the first target of EU’s new digital competition rules aimed at big tech called the Digital Markets Act:

European Union regulators on Monday leveled their first charges under the bloc’s new digital competition rulebook, accusing Apple of preventing app makers from pointing users to cheaper options outside its App Store.

The European Commission said that according to the preliminary findings of its investigation, the restrictions that the iPhone maker imposes on developers using its mobile App Store had breached the 27-nation bloc’s Digital Markets Act.

The rulebook, also known as the DMA, is a sweeping set of regulations aimed at preventing tech “gatekeepers” from cornering digital markets under threat of heavy financial penalties. The commission opened an initial round of investigations after it took effect in March, including a separate ongoing probe into whether Apple is doing enough to allow iPhone users to easily change web browsers, and other cases involving Google and Meta.

Ted Miracco, CEO, Approov had this to say:

    “Apple is likely to continue its public relations efforts to highlight the changes it has made and to argue that its practices are in line with the DMA. This includes claims that over 99% of developers would pay the same or less in fees under the new business terms. However on MacBooks, developers can distribute software directly to users without going through Apple, avoiding any fees. The 30% fee on iPhone apps is Apple’s commission for distribution through their App Store platform. This allegedly covers costs like payment processing, hosting, and review processes, yet all of these functions are safely completed by alternative solutions on the MacBook. In the end, while regulations like the DMA and DMCC aim to foster competition and fairness, the intrinsic culture of Apple and its pursuit of market dominance will ensure that the primary efforts will be at circumventing regulatory frameworks in their quest for growth.”

No wonder Apple isn’t bringing Apple Intelligence to the EU when it starts rolling out. They can’t afford to get into fights with the EU that will likely be never ending. Though the cynic in me says that’s retaliation for stuff like this. It will be interesting to see how this fight plays out because Google and Microsoft have gone up against the EU and lost. thus you have to wonder if Apple will be next.

This has become too funny. After going absolutely looney tunes because of Apple Intelligence and its association with OpenAI, then getting spanked by OpenAI, Elon is getting flack on Twitter. As in his own social media platform. Let me illustrate:

For starters he got community noted over the fact that what he said was factually incorrect. But it didn’t stop there. He then got trolled by Twitter users:

I think you get the point.

Elon at this point looks like a major loser because he did his “ready, fire, aim” thing that he’s known for. The fact that he calls himself an engineer and didn’t even get the basic facts right about Apple’s association with OpenAI shows that perhaps he is a loser. Thus he’s deserving of getting trolled by Twitter users. While I wish this would make him do some self reflection and alter his behaviour as a result, I’m asking for too much as Elon isn’t that sort of guy. Otherwise he would have done that sort of self reflection years ago, and we would not be talking about this as a result.

I swear, this will be fun to watch.

You might recall that Elon Musk went absolutely insane on Twitter after the Apple Intelligence announcement because of the involvement of OpenAI. As part of that he was saying things that at first glance do not seem to be true. Well, OpenAI has decided to return fire via Fortune Magazine:

A top OpenAI executive defended her company against Elon Musk, a day after the billionaire CEO described the integration of OpenAI’s chatbot technology into Apple iPhones as “creepy spyware.”

“That’s his opinion. Obviously I don’t think so,” Mira Murati, chief technology officer at OpenAI, said on stage at Fortune’s MPW dinner in San Francisco on Tuesday. “We care deeply about the privacy of our users and the safety of our products.”

And:

In her answers on Tuesday, Murati hammered home the idea that OpenAI is intensely focused on user privacy and security. “We’re trying to be as transparent as possible with the public,” she said, adding that “the biggest risk is that stakeholders misunderstand the technology.”

I seriously think that this has less to do about what Apple and OpenAI are doing, along with user safety, and more to do with the fact that Elon isn’t involved. Or he’s afraid that this will destroy his Grok AI because of the scale of Apple and Open AI. So he’s being as mature as a two year old as a result. Although I will concede this point. By Murati saying that “We’re trying to be as transparent as possible with the public” does leave some room for doubt. Another thing to point out is that using OpenAI’s ChatGPT4 is a choice. As in every time Apple Intelligence feels that the query would benefit from using ChatGPT4, it will ask you. And Apple Intelligence removes user identifiable data from any query involving ChatGPT4. Which means that Elon’s rants aren’t valid. Thus it might be in everyone’s interest to ignore Elon .

On Monday at WWDC, Apple announced Apple Intelligence which is Apple’s spin on AI. You can read the marketing fluff here. But if you want a FAQ that will answer all your questions, this should help you. But the bottom line is that it’s supposed to be truly useful while being truly private. In fact Apple spent a lot of time talking about the privacy aspects of Apple Intelligence and how the company is open to having people verify its claims. To get another perspective on this, Kevin Surace, Chair, Token & “Father of the Virtual Assistant” had this to say:

Apple has taken a “privacy and security first” approach to handling all generative AI interactions that must be processed in the cloud. No one else comes close at this point, and no one else has spelled out with full transparency how they intend to meet that high bar. More information can be found here: https://security.apple.com/blog/private-cloud-compute/.

Note that, at least for now, this is for Apple hardware product users who must trust that what they say to the AI is private to them and can never be stolen or learned from. It’s possible that some enterprises will evaluate the strength of this and allow their employees to use Apple devices with Apple Intelligence without fear.

Apple didn’t exactly state what silicon they used here. Is it a custom GPU cluster they designed or their own M4 processors, which include a neural engine and substantial GPU resources? But in typical Apple fashion, they have vertically integrated everything and taken ownership of its security from top to bottom. It’s impressive and ahead of AWS, Microsoft, and Google cloud offerings for LLMs thus far, even if it is just in support of Apple Intelligence features.

Apple has set the bar for absolute privacy and security of generative AI interactions. Everyone else will need to scramble now to meet this bar. This may allow enterprises to trust the Apple infrastructure for routine Apple Intelligence interactions, even those that include some corporate data.

Apple has developed its own foundation models that are very impressive but don’t yet beat out GPT-4. They publish their comparisons here: https://machinelearning.apple.com/research/introducing-apple-foundation-models. While Apple has not said what its partnership with OpenAI entails, they hint that when GPT-4 (or GPT-5 perhaps) is required for more accuracy, they will use it. To ensure absolute privacy, they would need to host it themselves in their Private Cloud Compute. They didn’t state that yesterday, so I suspect that the ink is still drying on those agreements with details to be worked out. But bouncing out to GPT-4 anytime won’t work. They suggested there would be an opt-in to that, so perhaps users give up some privacy when they opt to use GPT-4. How safe is OpenAI? They do provide various levels of private operation, but no one really knows how safe, secure, and non-sharing it actually is. While Apple has published an extensive security white paper, OpenAI has a short ChatGPT Enterprise privacy note, which certainly isn’t convincing Elon Musk it’s safe.

Apple has set the bar for absolute privacy and security of generative AI interactions. This may allow enterprises to trust the Apple infrastructure for routine Apple Intelligence interactions, even those that include some corporate data. This is a world-class effort, one where they are inviting security experts to poke holes in their approach. I’d say it appears as rock solid as anything we have seen.

All data to the cloud is encrypted, so a simple man-in-the-middle attack won’t work. From what they are saying, one would have to break into their network, but they don’t even have any debugging tools enabled in runtime—no privileged runtime access. They even took major precautions against actual physical access (basically breaking into the data center). They state that they have made this so secure and so encrypted with no storage of your information that it isn’t a target. I’d say this is state-of-the-art from the silicon to the outer doors of the facility.

Apple is stating that they are using their own foundation models in the network and the devices. That’s first and foremost. Then they note a partnership with OpenAI, to be used only when required, and they will also use the best of breed models. They seem to be hedging their bets here. OpenAI is a bit of a black box. But I suspect either Apple will host it themselves or demand a very private instance for their users, and users have to opt-in to its use. They failed to give us more details on the partnership, so time will tell, but it’s clear Apple takes privacy and security seriously, and they realize the hesitancy when they mention OpenAI. My bet is they will do this right, and it won’t be an issue.

While I don’t trust any company completely, I trust Apple more than I trust most companies. Thus I will be taking a dive into the Apple Intelligence pool when it comes out. If it improves Siri, that alone would be worth it. But in all seriousness, the privacy first approach is a win in my mind for users.

From the “what drugs is this guy smoking” department comes a tweet storm from Elon Musk in regards to Apple integrating OpenAI’s Chat GPT 4 into their operating systems that are due to be released this fall. The TL:DR is that he’s so upset by this that he’s threatening to ban iPhones and other Apple devices from his companies:

Elon Musk is threatening to ban iPhones from all his companies over the newly announced OpenAI integrations Apple announced at WWDC 2024 on Monday. In a series of posts on X, the Tesla, SpaceX and xAI exec wrote that “if Apple integrates OpenAI at the OS level,” Apple devices would be banned from his businesses and visitors would have to check their Apple devices at the door where they’ll be “stored in a Faraday cage.”

His posts seem to misunderstand the relationship Apple announced with OpenAI or at least attempt to leave room for doubt about user privacy. While Apple and OpenAI both said that users are asked before “any questions are sent to ChatGPT,” along with any documents or photos, Musk’s responses indicate he believes OpenAI is deeply integrated into Apple’s operating system itself and therefore able to hoover up any personal and private data.

In iOS 18, Apple said people will be able to ask Siri questions, and if the assistant thinks ChatGPT can help, it will ask permission to share the question and present the answer directly. This allows users to get an answer from ChatGPT without having to open the ChatGPT iOS app. Photos, PDFs or other documents you want to send to ChatGPT get the same treatment.

Musk, however, would prefer that OpenAI’s capabilities remain bound to a dedicated app — not a Siri integration.

Responding to VC and CTO Sam Pullara at Sutter Hill Ventures who wrote that the user is approving a specific request on a per-request basis — OpenAI does not have access to the device — Musk wrote, “Then leave it as an app. This is bullshit.”

Pullara had said that the way ChatGPT was integrated was essentially the same way the ChatGPT app works today. The on-device AI models are either Apple’s own or those using Apple’s Private Cloud.

Meanwhile, replying to a post on X from YouTuber Marques Brownlee that further explained Apple Intelligence, Musk responded, “Apple using the words ‘protect your privacy’ while handing your data over to a third-party AI that they don’t understand and can’t themselves create is *not* protecting privacy at all!”

He even replied to a post by Apple CEO Tim Cook, wherein he threatened to ban Apple devices from the premises of his companies if he didn’t “stop this creepy spyware.”

“It’s patently absurd that Apple isn’t smart enough to make their own AI, yet is somehow capable of ensuring that OpenAI will protect your security & privacy!” Musk exclaimed in one of many posts about the new integrations. “Apple has no clue what’s actually going on once they hand your data over to OpenAI. They’re selling you down the river,” he said. While it’s true that Apple may not know the inner workings of OpenAI, it’s not technically Apple handing over the data — the user is making that choice, from the sound of things.

I have a feeling that this is all a smokescreen for the fact that Apple is working with OpenAI and not with him and his Grok AI. I say that because Apple during the WWDC keynote where this was announced did say that it was open to integrating other AI’s, and that OpenAI was the first one. And I am going to guess that his AI isn’t on Apple list. So he’s having a tantrum and throwing his toys out of the stroller like a two year old. Which is typical for Elon as he seems to have the emotional maturity of a two year old. My advice is to completely ignore Elon as clearly he’s lost the plot here.