wiredmikey writes: An abundance of iOS exploits being submitted to be sold should alarm iPhone/iPad users, according to the CEO of exploit acquisition firm Zerodium. The company announced that it was no longer buying certain types of iOS exploits in the next two to three months [including local privilege escalation, Safari remote code execution, and sandbox escape exploits] due to a surplus. And the company expects prices to drop in the near future.

"iOS Security is fucked," Chaouki Bekrar, CEO of Zerodium said on Twitter, noting that they are already seeing many exploits designed to bypass pointer authentication codes and a few zero-day exploits that can help an attacker achieve persistence on all iPhones and iPads. "Let's hope iOS 14 will be better," he added.

Bekrar said that only pointer authentication codes — which provide protection against unexpected changes to pointers in memory — and the difficulty to achieve persistence "are holding [iOS security] from going to zero."

An anonymous reader shares a report: China is ready to take a series of countermeasures against a US plan to block shipments of semiconductors to Chinese telecom firm Huawei, including putting US companies on an "unreliable entity list," launching investigations and imposing restrictions on US companies such as Apple and suspending the purchase of Boeing airplanes, a source close to the Chinese government told the Global Times. The Trump administration on Friday moved to block shipments of semiconductors to Huawei from global chipmakers. The US Commerce Department said it was amending an export rule and the Entity List to "strategically target Huawei's acquisition of semiconductors that are the direct product of certain US software and technology," according to a statement on its website. "China will take forceful countermeasures to protect its own legitimate rights," if the US moves forward with the plan to bar essential suppliers of chips, including Taiwan-based TSMC, from selling chips to the Chinese tech giant, the source told the Global Times in an exclusive interview.

Apple has purchased virtual reality company NextVR, Apple confirmed to CNBC. From the report: The purchase is further evidence of Apple's plans to enter virtual reality and related augmented reality technologies as a new product category, although the company has not announced firm plans or a new hardware product, aside from AR software for iPhones. An Apple spokesperson provided the the company's boilerplate statement when it makes an acquisition: "Apple buys smaller technology companies from time to time, and we generally do not discuss our purpose or plans," the spokesperson said.

The Newport Beach, California startup previously focused on broadcasting and producing live and recorded events in virtual reality, like sporting events and concerts. The company had a deal with the NBA to broadcast virtual reality highlights of the 2019 NBA Finals, for example. Apple did not specify a price or terms for the transaction, but 9to5Mac, an Apple-focused website that first broke the news, estimates the transaction to be worth $100 million.

9to5Mac has learned more exclusive details about Apple's upcoming over-ear headphones, dubbed the "AirPods Studio," including specifications and settings. From the report: One of the key features of regular AirPods is ear detection, which automatically pauses the song when you take the earphones off. We've learned that AirPods Studio will have a similar feature, but it will work in a different way. Instead of ear detection, Apple is working to include sensors that can detect whether the headphones are on your head or neck. Based on this, we assume that AirPods Studio will play or pause content when they detect being placed on your head. Neck detection can be used to keep the headset turned on while the music is paused, just like when you take just one of the AirPods out of the ear.

Another new sensor will be able to detect left and right ears to automatically route the audio channels. That means there's likely no right or wrong side to use AirPods Studio, whereas current headphones have fixed left and right channels. Just like the AirPods Pro, Apple's new headphones will have Active Noise Cancellation and Transparency Mode. Users will be able to easily switch between the two modes to reduce external noise or to hear the ambient sound.

As AirPods Studio are expected to be mainly focused on professional users, pairing the earphones with a Mac or iOS device will unlock custom equalizer settings, with low, medium, and high frequency adjustments available, sources told us. According to a Bloomberg recent report, Apple's own-brand over-ear headphones will be available in at least two variations of the headphones -- one using leather fabrics and another with lighter materials to fitness use cases. Bloomberg also said Apple is testing a new modular design with exchangeable magnetic ear pads. [...] As for the price, rumors suggest that it will cost $349.

Belkin International, the company that makes iPhone charging cables and home routers, has started making what it calls "low-cost" ventilators at manufacturing plants in Providence, Rhode Island. USA Today reports: These are sub-$200 units aimed for emergencies and less severe cases of COVID-19, compared to more full-featured units that cost in the tens of thousands of dollars. "This is one of the most urgent humanitarian crises we have experienced in our lifetimes and the number one responsibility for each of us in this moment is the care and compassion for others in need," said Chet Pipkin, CEO and founder of Belkin. "It was obvious there's a critical need for ventilators and not just for the short term," says Pipkin. "We have no excuse not to get prepared." It's looking to make at least 10,000 ventilators.

So how did it learn how to go outside of their zone to medical supplies? "We felt a responsibility to be helpful to others," he says, but acknowledges that Belkin didn't have the expertise to design a ventilator. "We reached out to the network," and found experts to guide the way. The University of Illinois at Urbana-Champaign's Grainger College of Engineering had the design, and Belkin also consulted with Carle Health of Urbana, Illinois, for what's being called the FlexVent. It's under production now, but pending the review and approval of its Emergency Use Authorization application by the Food and Drug Administration. Belkin's pitch: the FlexVent will be used as a single-use emergency ventilator that can provide constant-flow, pressure-cycled ventilation automatically to patients in respiratory distress.

Spotify CEO Daniel Ek reiterated previous gripes he's had with Apple during an interview this week, saying its platform is still not open enough to third-party apps like the Sweden-based music streamer. But according to the cofounder of high-end speaker and home audio company Sonos, Spotify operates an even-more closed ecosystem than Apple. From a report: In a tweet posted Wednesday, Sonos cofounder John MacFarlane said it was "solid irony" that Ek was criticizing Apple's platform. "Having worked closely with both Apple and Spotify, I would say it's more significantly more difficult to work within Spotify's 'closed' ecosystem than Apple's," he wrote. "Respect and appreciate both companies, but 'open' Spotify is not." Sonos products for the most part rely on third-party services like Spotify and Apple Music to stream music, podcasts, and audiobooks through the Sonos app. Industry analysts and commentators have suggested in recent years that Apple buy Sonos to boost its struggling HomePod smart speaker business.

An anonymous reader quotes a report from AppleInsider: Apple has been hit with a class-action lawsuit claiming that the company concealed the so-called "stage lighting" issue experienced by some 2016 MacBook Pro owners. Dubbed "stage lighting" due to abnormal backlighting patterns emanating from the bottom of an impacted MacBook Pro's display, the problem was tied to stress or tearing on the laptop's cable when the lid was opened and closed repeatedly. Apple eventually launched a repair program for the issue in 2019 and quietly fixed the underlying culprit in the next generation of MacBook.

On Wednesday, Los Angeles resident Mahan Taleshpour lodged a complaint in the U.S. District Court of the Northern District of California alleging that Apple was aware of the defect in its product and failed to disclose the issue to consumers. The plaintiff claims that his 2016 15-inch MacBook Pro experienced stage lighting effects in January 2020, but he was left responsible for the full cost of the display repair due to the fact that the repair program only covers 13-inch MacBook Pro models released in 2016. He added that the cost to repair the display was quoted as $850, adding that he's been unable to repair the device since the COVID-19 outbreak. [...] The plaintiff is seeking an official disclosure about the "defective nature" of the display cables, restitutions for MacBook Pro repair costs or economic losses, an expansion of AppleCare and repair program service to 15-inch models, and legal fees.

Apple's platforms like the iPhone are set to open up more, Spotify CEO Daniel Ek said Tuesday. The firm has criticized Apple in the past, taking legal action against what it perceives as unfair treatment of third-party services. From a report: "Long term, we do expect Apple to open up," Ek told Bloomberg in a TV interview. "We're very encouraged about being able to now finally use Siri as a way of building in voice support and also being available to build products for the Apple TV and Apple Watch, something that we haven't been able to do until very recently." It's a bold claim, particularly as Apple is famed for maintaining close control over its platforms. The iPhone only officially supports downloading apps through its App Store, for example, and developers have to abide by strict rules that can leave firms giving a percentage of user subscription fees to Apple.

Last year, Apple accused a cybersecurity startup based in Florida of infringing its copyright by developing and selling software that allows customers to create virtual iPhone replicas. Critics have called the Apple's lawsuit against the company, called Corellium, "dangerous" as it may shape how security researchers and software makers can tinker with Apple's products and code. From a report: The lawsuit, however, has already produced a tangible outcome: very few people, especially current and former customers and users, want to talk about Corellium, which sells the eponymous software that virtualizes iPhones and Android devices. During the lawsuit's proceedings, Apple has sought information from companies that have used the tool, which emulates iOS on a computer, allowing researchers to probe potential iPhone vulnerabilities in a forgiving and easy-to-use environment.

"Apple has created a chilling effect," a security researcher familiar with Corellium's product, who asked to remain anonymous because he wasn't allowed to talk to the press, told Motherboard. "I don't know if they intended it but when they name individuals at companies that have spoken in favor [of Corellium], I definitely believe retribution is possible," the researcher added, referring to Apple's subpoena to the spanish finance giant Santander Bank, which named an employee who had Tweeted about Corellium. Several other cybersecurity researchers expressed fear of retribution from Apple for using Corellium.

Apple's virtual WWDC event will start on June 22, Apple said today. It will be hosted in the Apple Developer app and the Apple Developer website and it will be free for all developers. Apple does plan to hold a keynote event, presumably on June 22 when WWDC begins.

Apple and Alphabet's Google on Monday said they would ban the use of location tracking in apps that use a new contact tracing system the two are building to help slow the spread of the novel coronavirus. From a report: Apple and Google, whose operating systems power 99% of smart phones, said last month they would work together to create a system for notifying people who have been near others who have tested positive for COVID-19, the disease caused by the coronavirus. The companies plan to allow only public health authorities to use the technology. Both companies said privacy and preventing governments from using the system to compile data on citizens was a primary goal. The system uses Bluetooth signals from phones to detect encounters and does not use or store GPS location data. But the developers of official coronavirus-related apps in several U.S. states told Reuters last month it was vital they be allowed to use GPS location data in conjunction with the new contact tracing system to track how outbreaks move and identify hotspots.

As predicted, the proprietary locking system Apple rolled out with its 2018 MacBook Pros is hurting independent repair stores, refurbishers, and electronics recyclers. A combination of secure software locks, diagnostic requirements, and Apple's new T2 security chip are making it hard to breathe new life into old MacBook Pros that have been recycled but could be easily repaired and used for years were it not for these locks. From a report: It's a problem that highlights Apple's combative attitude towards the secondhand market and the need for national right to repair legislation. "The irony is that I'd like to do the responsible thing and wipe user data from these machines, but Apple won't let me," John Bumstead, a MacBook refurbisher and owner of the RDKL INC repair store, said in a tweet with an attached picture of two "bricked" MacBook Pros. "Literally the only option is to destroy these beautiful $3,000 MacBooks and recover the $12/ea they are worth as scrap."

As Motherboard has reported previously, without official Apple diagnostic software, newer MacBooks cannot be repaired or reset. "By default you can't get to recovery mode and wipe the machine without a user password, and you can't boot to an external drive and wipe that way because it's prohibited by default," Bumstead told Motherboard in an email. "Because T2 machines have no removable hard drive, and the drive is simply chips on the board, this default setting means that a recycler (or anyone) can't wipe or reinstall a T2 machine that has default settings unless they have the user password."

Sooner than expected, Apple has announced a new 13-inch MacBook Pro with a Magic Keyboard. It features optional Intel 10th Gen processors and starts at $1,299. In one sense, it is a minor spec-bump upgrade for the existing lineup of 13-inch MacBook Pros. But it also represents the end of an era: Apple no longer sells any new laptops with the much-maligned butterfly keyboard mechanism. From a report: Apple has moved relatively quickly to cycle out the butterfly keyboard from its lineup. The 16-inch MacBook Pro was announced in November 2019, followed by a refreshed MacBook Air with Magic Keyboard this past March. In the span of six months, Apple has completely swapped out its entire laptop lineup with models that use better scissor-switch keyboards. Compare that to the five years it spent trying to make the butterfly keyboard mechanism work since the 2015 MacBook (now discontinued). As with the last MacBook Pro, Apple is sticking with Thunderbolt 3 / USB-C connectors, two or four of them in total (plus a headphone jack). The Touch Bar also remains for better or worse, alongside a Touch ID fingerprint sensor and -- praise be -- a real, physical Esc key. The RAM can be upgraded to 32GB and the storage can be specced all the way up to 4TB. Apple says that 10th Gen Intel processors have a turbo boost up to 4.1Ghz and that the new Intel Iris graphics support the Pro Display XDR at full 6K resolution.

Today Apple CEO Tim Cook shared some heartfelt remarks in a virtual commencement address to the graduating seniors at Ohio State, reports CNET. "Those of us who can look back on this time and remember inconveniences and even boredom can count themselves lucky." "I hope you wear these uncommon circumstances as a badge of honor. Those who meet times of historical challenge with their eyes and hearts open — forever restless and forever striving — are also those who leave the greatest impact on the lives of others..."

Cook went on to describe how lucky he felt when he was hired to work at Apple in 1998 with Steve Jobs, as well as the heartbreak when Jobs died. "But fate comes like a thief in the night. The loneliness I felt when we lost Steve was proof that there is nothing more eternal, or more powerful, than the impact we have on others," Cook told the graduates...

"In every age, life has a frustrating way of reminding us that we are not the sole authors of our story. We must share credit, whether we'd like to or not, with a difficult and selfish collaborator called our circumstances. And when our glittering plans are scrambled, as they often will be, and our dearest hopes are dashed, as will sometimes happen, we're left with a choice. We can curse the loss of something that was never going to be... Or we can see reasons to be grateful for the yank on the scruff of the neck, in having our eyes lifted up from the story we were writing for ourselves and turned instead to a remade world."

Steam will no longer support SteamVR on macOS. The Verge reports: Steam introduced SteamVR for Apple computers way back in the mists of time -- 2017's Worldwide Developers Conference. As The Verge wrote then: "Valve has been working with Apple on this since last summer, which shows a high level of technical and business confidence in Apple's VR efforts." The move was announced in a short post on SteamVR's news page, laid out in a single sentence: "SteamVR has ended macOS support so our team can focus on Windows and Linux." Mac users will still have some access to the feature, however, via legacy builds. One door closes, another will surely open. Right?

Face ID was a great idea -- until large swathes of the world were forced to wear face masks, rendering it largely useless. Apple has apparently heard our pain. From a report: Users are reporting a subtle new feature in the latest developer version of iOS 13.5 that will make it easier to unlock your iPhone without having to take off your protective face mask. Videos shared on Twitter by Robert Petersen and Guilherme Rambo show that Apple devices with Face ID will jump to the backup passcode-entry screen if it detects a mask. That's not only helpful if you're unlocking your phone dozens of times a day -- which we all do -- but it's also helping to keep people safe by not forcing users to take off their masks and potentially exposing themselves to the virus.

An anonymous reader quotes a report from MacRumors: A bug has been discovered in Apple's macOS Image Capture app that needlessly eats up potentially gigabytes of storage space when transferring photos from an iPhone or iPad to a Mac. Discovered by the developers of media asset management app NeoFinder and shared in a blog post called "Another macOS bug in Image Capture," the issue occurs when Apple's Mac tool converts HEIF photos taken by iOS to more standard JPG files. This process happens when users uncheck the "Keep Originals" option in Image Capture's settings, which converts the HEIC files to JPG when copied to Mac. However, the app also inexplicably adds 1.5MBs of empty data to every single file in the process.

It's worth noting that the bug only occurs when transferring photos from Apple devices, not when importing photos from digital cameras using Image Capture. NeoFinder's team says it has notified Apple of the bug, and the developers suggest anyone plagued by the issue can try using a new beta version of the third-party utility Graphic Converter, which includes an option to remove the unwanted empty data from the JPEG files.

According to The Wall Street Journal, Apple is delaying the production ramp-up of its 2020 flagship smartphones by about a month, "as the coronavirus pandemic weakens global consumer demand and disrupts manufacturing across Asia, the heart of the consumer electronics supply chain." From the report: Apple is forging ahead with plans to release four new iPhone models later this year, people familiar with its plans say. The phones, some with 5G connectivity, will vary in price and come in three sizes -- 5.4 inches, two measuring 6.1 inches, and one at 6.7 inches, all featuring organic light-emitting diode, or OLED, screens, the people said. Apple's annual product refresh fuels the majority of iPhone sales for an entire year, making new phones the linchpin of a business segment that accounts for more than half of the company's total revenue.

Apple usually unveils new iPhone models in mid-September and begins selling them before the end of the month. To do so, it usually ramps up mass-production in the early summer, building up inventory around August. This year, while Apple would still be building some of the new phones in the July-to-September period, the mass-production ramp-up will slide back by about a month, the people said. Apple is slashing the number of handsets that it plans to make in the second half of this year by as much as 20%, one of the people said. It isn't clear whether the slashed amount for 2020 would be pushed back into 2021 for manufacturing.

The UK's coronavirus contact-tracing app is set to use a different model to the one proposed by Apple and Google, despite concerns raised about privacy and performance. From a report: The NHS says it has a way to make the software work "sufficiently well" on iPhones without users having to keep it active and on-screen. That limitation has posed problems for similar apps in other countries. Experts from GCHQ's National Cyber Security Centre have aided the effort. NCSC indicated that its involvement has been limited to an advisory role. "Engineers have met several core challenges for the app to meet public health needs and support detection of contact events sufficiently well, including when the app is in the background, without excessively affecting battery life," said a spokeswoman for NHSX, the health service's digital innovation unit.

An anonymous reader shares a report: Just when you think you've seen everything: an eight-year-old has discovered a way to watch YouTube past Apple's Screen Time limits by using the iMessage App Store. Redditor Jsmith4523 noticed that his sister was still watching YouTube, despite having used her allotted daily time on the app. It turns out she'd developed a pretty simple trick to keep browsing videos: just access YouTube through the iMessage App Store.