Posted in Commentary with tags Apple on July 22, 2015 by itnerd
The security issues in OS X keep mounting as ZDNet has reported that German researcher Stefan Esser has found a very, very bad vulnerability:
The new features exploitable by the vulnerability are based upon the dynamic linker dyld and environment variable DYLD_PRINT_TO_FILE, which enables error logging to an arbitrary file.
“When this variable was added the usual safeguards that are required when adding support for new environment variables to the dynamic linker have not been used. Therefore it is possible to use this new feature even with SUID root binaries,” Esser explained.
“This is dangerous, because it allows to open or create arbitrary files owned by the root user anywhere in the file system. Furthermore the opened log file is never closed and therefore its file descriptor is leaked into processes spawned by SUID binaries. This means child processes of SUID root processes can write to arbitrary files owned by the root user anywhere in the filesystem.”
This, in turn, allows for privilege escalation and PC hijacking to take place.
Lovely. Based on his description, it sounds like this is something that should have been caught during the QA process. Of course that assumes that this was designed with security in mind in the first place. It’s not clear which side of the fence this lands on. It’s also not clear if Apple might be aware of the issue because it is apparently fixed in the OS X 10.11 (El Capitan) betas. But it is not fixed in either OS X 10.10.4 or the 10.10.5 beta. Thus your guess is as good as mine as to if a fix is coming for this.
Posted in Commentary with tags Apple on July 21, 2015 by itnerd
Users earlier today reported in various ways (Twitter, Facebook, etc) that many of Apple’s cloud services were down or inaccessible. These included the App Store, Apple Music, iTunes Store, Apple TV and Software Updates. As of now, the Apple Status Page shows things to be up and I can log into everything including iCloud. But the page notes there were issues earlier today which confirms what users were seeing.
Did you have issues today using Apple’s cloud services? If you did, please post a comment and describe what you experienced.
Posted in Commentary with tags Apple on July 11, 2015 by itnerd
A group of Retina MacBook Pro owners are calling on Apple to remedy issues with their screens. Dubbed “Staingate”, the issue at hand is that the coatings on the screens become permanently damaged. The problems manifest in splotches, streaks and other surface anomalies attributed to faults in the antireflective coating applied to a Retina MacBook’s display surface.
There is currently a website called Staingate.org and a related Facebook community that seem to be tracking this issue and early data indicates that the issue seems to be limited to recent-generation MacBook Pro with Retina display models, in particular those built in 2013.
Apple has not commented yet. But apparently Apple is either refusing service under warranty and dismissing it as a cosmetic issue, or owners say they have been offered a repair even out of warranty.
Posted in Commentary with tags Apple on July 3, 2015 by itnerd
I’ve run Apple’s latest OS updates for both iOS and OS X and I’ve got further reactions about each. Let me start with OS X 10.10.4:
I’ve noted that there are new Nvidia driver that come as part of this update. My testing indicates no performance improvements of note. Thus I have to assume that the only fix is a security related one as noted here.
The update trashed about 60% of the albums in Photos. The photos were still there, but some of the albums were not. I had to spend an hour recreating them which was not cool. There was a fix in OS X10.10.4 to fix bugs in Photos. Thus I am wondering if I had one of those bugs and I didn’t know it.
WiFi seems a hell of a lot less flaky. I’ve had some degree of stability since OS X 10.10.3, but 10.10.4 is the first version that I could call “normal”. It took Apple long enough to fix that.
CPU usage is way down. I’m guessing that’s a side effect of using the rock solid “mDNSResponder” service that has been around since early versions of OS X and dumping the “discoveryd” service that they tried to introduce in OS X 10.10. The reason why I say that is that the latter was known for increasing CPU usage.
Now over to iOS 8.4. The big change was the Music app that now includes Apple Music. But I also note the following:
WiFi is MUCH, MUCH BETTER in iOS 8.4. If you’ve had WiFi issues with your iDevice, this update may be the cure to what ills your iDevice.
Bluetooth in my car seems to be much better as well. I can consistently connect via Bluetooth to the GTA Car Kits Pure Bluetooth device with only the occasional hiccup. Seeing as connecting to in car systems via Bluetooth has been a problem since iOS 8 appeared, this also may be the cure to another long standing issue.
One thing I really like is that when connected to Bluetooth, you now have the option to change the device that music play through via a control that appears in the “now playing” screen of the Music app.
It seems that U2’s Songs Of Innocence has made an appearance on my iPhone in the “Recently Added” section of my Music app despite the fact that I did not add it. Oddly enough, it is NOT in my library on my MacBook Pro. After doing some detective work, I’ve determined that it is in iCloud someplace as it disappears when I put the iPhone into airplane mode. So it’s good that it is not occupying space. Keep in mind that this is the same album that set off a bit of a firestorm last year when it was force fed to iDevices everywhere without the consent of their users.
Did you notice anything about either OS? Please post a comment and share your thoughts.
Posted in Commentary with tags Apple on July 1, 2015 by itnerd
Apple released a lot of software updates yesterday. Now some of these updates were to support the launch of Apple Music, but there were other things that Apple did not advertise. Let me give you a rundown.
iOS 8.4
The main purpose of iOS 8.4 was to support the launch of Apple Music, but Apple had some other fixes under the hood including the following for iBooks:
Browse, listen and download audiobooks from inside iBooks.
Enjoy the all-new Now Playing feature, designed specifically for audiobooks.
Books that are Made for iBooks now work on the iPhone in addition to the iPad.
Find and pre-order books in a series right from your library.
Improves accessibility of widgets, glossary and navigation in books made with iBooks Author.
New default Chinese font.
New setting to turn off Auto-Night theme in your library.
Resolves an issue that may have prevented Hide Purchases from working.
Resolves an issue that may have prevented downloading books from iCloud.
There’s also these important fixes:
Fixes an issue where receiving a specific series of Unicode characters causes device to reboot. This was a issue that surfaced a few weeks ago.
Fixes an issue that prevented GPS accessories from providing location data. This was a Bluetooth related issue and I suspect that there are other Bluetooth issues that were fixed as I note that the issues that I reported when I wrote a how to guide on fixing iOS related Bluetooth issues with cars are much less prevalent in my case. I will continue to test things on this front.
Fixes an issue where deleted Apple Watch apps could re-install.
One other fix that I have noted is that WiFi seems way more stable on my iPhone than it has been in the past.
OS X 10.10.4
The latest iteration of OS X Yosemite brings significant fixes under the hood. Some of which Apple did not publicize. Let me start with the ones that they did publicize:
• Improves networking reliability
• Improves Migration Assistant reliability
• Addresses an issue that prevented some external displays from functioning properly
• Improves the reliability of upgrading iPhoto and Aperture libraries to Photos
• Improves reliability when syncing photos and videos to iCloud Photo Library
• Addresses an issue that could cause Photos to unexpectedly quit after importing some Lecia DNG files
• Resolves an issue that could delay outgoing email messages in Mail
• Fixes an issue where a website could prevent the user from navigating away by presenting repeated JavaScript alerts in Safari
For enterprise customers, this update does the following:
• Addresses an issue where OS X systems bound to directory services could stop responding under certain conditions
• Adds the ability to create mobile accounts with the createmobileaccount tool
• Fixes an issue in Profile Manager that could allow a user to install pre-release software even when the setting is disabled
Let me focus in on the “Improves networking reliability” part. When Yosemite was released, Apple replaced a very stable process that handled networking functions called “mDNSResponder” with a new service called “discoveryd” which proved to be the source of instability when it came to Bluetooth and WiFi. With 10.10.4, they’ve returned to “mDNSResponder” in hopes of bringing stability back to wireless connections. It’s early days yet, but the results seem to be mixed thus far. I have noted that things in my case are a bit better. I will continue to test things on my end.
The other unpublicized fix is the introduction of third party TRIM support for SSD drives. Now I wrote a story on Apple not supporting TRIM on SSD drives that they don’t make. I’ll copy something out of that story to explain what TRIM is:
TRIM allows the OS to tell the SSD which parts of the SSD no longer contain valid data due to erases either by the user or operating system. This means that the SSD could write data faster because it didn’t have to figure out what parts of the drive are free and what wasn’t.
Now you can enable TRIM on a non Apple SSD drive if you dare. Here’s how you do it:
BACK UP YOUR DATA
Open the Terminal
Type “sudo trimforce enable”
You’ll then be presented with a very scary message that warns you that you may lose data if you enable this command if the drive is unsupported. Simply answer yes.
Done. Declare victory and have a beer.
Now the reason that the scary message appears is due to the fact that different SSD brands implement TRIM in different ways. Therefore you may have something weird happen and you may lose data as a result. But at least Apple has clued in that they restrict the use of SSDs in their computers.
iTunes 12.2
The sole purpose of iTunes 12.2 is to support the launch of Apple Music. I did not note anything else in my testing.
GarageBand 10.1
Apple updated GarageBand adding new features and a huge amount of new content for musicians and sound makers to work with. Here’s a full list of what’s new:
10 new Drummers that produce beats in a variety of electronic music and Hip Hop styles including House, Trap, Techno, Dubstep and more.
Over 100 EDM and Hip Hop-inspired synthesizer Patches featuring the new Transform Pad Smart Control for sound morphing
Record the movements of software instrument Smart Controls to capture performances of effect and tone adjustments
1,000 new Apple Loops from a variety of popular instruments and genres including EDM, Hip Hop, Indie, Disco, Funk, and Blues
Share directly from GarageBand to Apple Music Connect
Adds support for Force Touch trackpad
Resolves an issue which prevented the export of long recordings
Contains multiple enhancements to Accessibility
There’s also a update to GarageBand for iOS.
Since a lot of these updates focus around Apple Music, I’ll direct you to a YouTube video posted by MacRumors that has a walkthrough of Apple Music:
Be sure to look at the full list of countries on Apple’s website. iTunes users can access Apple Music for free for a three month trial period. After that, an individual subscription is $9.99 and a family subscription with support for up to 6 users is $14.99.
Posted in Commentary with tags Apple on June 30, 2015 by itnerd
If you have an iPad Air 2 or iPad mini 3 with cellular connectivity, you also got an Apple SIM card preinstalled. This allowed users to choose cellular data plans from carriers in the US and the UK, but nowhere else on the planet. That changed today with the announcement that Apple SIM via new Apple partner GigSky is expanding to 90 Countries including Canada:
GigSky today announced that it will offer cellular data plans for iPad travelers with Apple SIM in more than 90 countries and territories. With Apple SIM installed, iPad customers can conveniently view and select these short-term data plans directly on their iPad, avoiding the hassle of buying a local SIM when they travel. US and UK customers have the added benefit of choosing from these short-term data plans at home. iPad Air 2 and iPad mini 3 Wi-Fi + Cellular models in the US and UK come with Apple SIM pre-installed. Apple SIM is also available at select Apple Retail Stores for individual purchase.
Exact prices are listed on GigSky’s website and vary based based on the country, data amount and length of plan. It’s worth checking out if you travel with your iPad and don’t want to strictly rely on WiFi, but you don’t want to go broke either.
You might remember that Apple teamed up with a bunch of publishers to raise eBook prices, and Apple had been appealing again and again and again the fact that they were found guilty. Well, today a federal court ruled that Apple orchestrated a conspiracy to raise eBook prices and as a result now owes $450 million:
By a 2-1 vote, the 2nd U.S. Circuit Court of Appeals agreed with a lower court judge that the conspiracy violated federal antitrust law, and that the judge acted properly in imposing an injunction to prevent a recurrence.
Writing for the majority, Circuit Judge Debra Ann Livingston said that by organizing the conspiracy, “Apple found an easy path to opening its iBookstore,” while ensuring that marketwide prices rose to a level that Apple and the publishers wanted.
But wait! We’re not done yet. It is entirely possible that Apple will yet again appeal. So you may want to watch this space to see what they do next.
UPDATE: Reuters has a story with a statement from Apple that says this:
“While we want to put this behind us, the case is about principles and values,” Apple said. “We know we did nothing wrong back in 2010 and are assessing next steps.”
I think that translates to “we’re going to appeal.”
This will further put this little spat in the rear view mirror for Apple and focus on the release of Apple Music next week. Oh, in case you were wondering what artists get paid to have their music streamed on Apple Music, The New York Times has a great article on that that spells everything out. It definitely worth a read.
Posted in Tips with tags Apple on June 23, 2015 by itnerd
Since getting the GTA Car Kits Pure Bluetooth Kit last week, I’ve had some intermittent problems pairing my iPhone 6 to the car kit. The core symptom is the iPhone 6 would pair, but not completely. I could make and receive phone calls via the car kit, but music would not stream. I knew that the car kit wasn’t the cause as a reboot of my iPhone would temporally fix the issue. Plus my wife’s iPhone 6 was fine. Thus it had to be my phone. Bluetooth problems in relation to car infotainment systems seem to have surfaced when iOS 8 appeared. Even though Apple acknowledged the problem and issued a fix in iOS 8.1, the problems still persist in iOS versions up to 8.3 if you do Google searches on the issue.
Now this is not new for me as I’ve been hired by car owners to dealerships to assist in pairing iOS devices to the infotainment systems in cars because for whatever reason, things go sideways with a process that should be very simple. Based on those experiences, I’ve come up with a list of things to try if you’re having problems pairing or using a iOS device in your car that consistently work for me:
Confirm that the issue is not the car: The quickest way to do that is to reboot the iOS device. If it instantly pairs and works properly, then you know that the car is not responsible. Another way to do this is to turn off and on Bluetooth on the iOS device in question. But I find that the reboot option is far more effective at isolating the problem.
Try forgetting the device: Once you’ve confirmed that the iOS device is the problem, try going into Settings –> Bluetooth and find the name of the infotainment system in the list. Click the “i” and then click on “Forget This Device”. That deletes the profile from your iOS device. Then simply pair it up again and see if it pairs properly.
Reset the network settings: If option 2 doesn’t work, you’ll have to reset network settings. One thing that I need to warn you about is that any passwords for WiFi networks and the like will be erased and you’ll have to add them again. But the benefit of doing is that it cleans up all the network settings including Bluetooth and make some issues go away. Simply go to Settings –> General –> Reset –> Reset Network Settings and follow the prompts and wait for your iOS device to reboot. It’s also a good idea to do option 2 over again to make sure everything is cleaned up.
If all else fails, do a restore of your iOS device from iTunes: This sounds like a brute force method to solve a simple problem, but I can say that this does work if all of the above options fail to work. The process is quite simple and is detailed here. The key thing to remember is that you need to back up the contents of your iOS device. The process to do that is detailed here. You’ll need to restore from that back up once the restore is complete. Budget for about an hour or more if you have a lot of data on your iPhone. The good news is that you’ll get some space freed up in the process.
In case you were wondering what worked for me in my case, I had to go to option 4 to get this problem resolved. As I type this, there have been no issues since. But I continue to monitor the situation as I fully expect the upcoming iOS 8.4 to either make this problem manifest itself again or make things better. Thus Apple may want to invest some time and effort into fixing the issue once and for all.
Posted in Commentary with tags Apple on June 22, 2015 by itnerd
Here’s an example of the term “star power.”
Apple announced at WWDC that they were coming out with a music streaming service called Apple Music. To get you hooked, Apple was going to offer a three month free trial period. Sounds great right? Not so much if you were a music artist because Apple wasn’t going to pay you for using your music during said trial period. The rationale was that Apple was going to pay musicians much higher royalty rates than they usually get. Many musicians were not overly thrilled, and those musicians found a champion in the form of music mega star Taylor Swift. She posted an open letter to Apple that was also cross posted to Twiter that said among other things this:
I’m sure you are aware that Apple Music will be offering a free 3 month trial to anyone who signs up for the service. I’m not sure you know that Apple Music will not be paying writers, producers, or artists for those three months. I find it to be shocking, disappointing, and completely unlike this historically progressive and generous company.
And:
But I say to Apple with all due respect, it’s not too late to change this policy and change the minds of those in the music industry who will be deeply and gravely affected by this. We don’t ask you for free iPhones. Please don’t ask us to provide you with our music for no compensation.
This came after saying that her new album “1989” would not be available to stream on Apple Music which denied the service of one of the best-selling albums of the last two years.
That apparently was the tipping point for Apple who hadn’t responded to the concerns of musicians up until that point. Eddy Cue, Apple’s senior vice president of Internet Software and Services, posted this on Twitter late last night:
#AppleMusic will pay artist for streaming, even during customer’s free trial period
So, why the flip flop? Pick from any of the following:
Bad press is never good for business.
Having one of the biggest selling musicians in the history of the planet deny you access to her music may start a trend where other artists may do the same thing and that would be bad for business.
Well, according to BuzzFeed News reporter John Paczkowski was told by Mr. Cue that “Taylor Swift’s tweet today solidified the issue for us” and “we decided to make a change.” You can decide for yourself which one of those this applies to.
Whatever the reason, this story will now die down and Apple can go back to attempting to rule the musical universe starting at the end of the month.
Serious Vulnerability Found In OS X
Posted in Commentary with tags Apple on July 22, 2015 by itnerdThe security issues in OS X keep mounting as ZDNet has reported that German researcher Stefan Esser has found a very, very bad vulnerability:
The new features exploitable by the vulnerability are based upon the dynamic linker dyld and environment variable DYLD_PRINT_TO_FILE, which enables error logging to an arbitrary file.
“When this variable was added the usual safeguards that are required when adding support for new environment variables to the dynamic linker have not been used. Therefore it is possible to use this new feature even with SUID root binaries,” Esser explained.
“This is dangerous, because it allows to open or create arbitrary files owned by the root user anywhere in the file system. Furthermore the opened log file is never closed and therefore its file descriptor is leaked into processes spawned by SUID binaries. This means child processes of SUID root processes can write to arbitrary files owned by the root user anywhere in the filesystem.”
This, in turn, allows for privilege escalation and PC hijacking to take place.
Lovely. Based on his description, it sounds like this is something that should have been caught during the QA process. Of course that assumes that this was designed with security in mind in the first place. It’s not clear which side of the fence this lands on. It’s also not clear if Apple might be aware of the issue because it is apparently fixed in the OS X 10.11 (El Capitan) betas. But it is not fixed in either OS X 10.10.4 or the 10.10.5 beta. Thus your guess is as good as mine as to if a fix is coming for this.
Leave a comment »