Encryption

Serious Flaws In iMessage Crypto Allow For Message Decryption (onthewire.io) 43

Reader Trailrunner7 writes: New research from a team at Johns Hopkins University shows that there are serious problems with the way Apple implemented encryption on its iMessage system, leaving it open to retrospective decryption attacks that can reveal the contents of all of a victim's past iMessage texts. The iMessage system, like much of what Apple does, is opaque and its inner workings have not been made available to outsiders. One of the key things that is known about the system is that messages are encrypted from end to end and Apple has said that it does not have the ability to decrypt users' messages. The researchers at JHU, led by Matthew Green, a professor of computer science at the school, reverse engineered the iMessage protocol and discovered that Apple made some mistakes in its encryption implementation that could allow an attacker who has access to encrypted messages to decrypt them.The team discovered that Apple doesn't rotate encryption keys at regular intervals (most encryption protocols such as OTR and Signal do). This means that the same attack can be used on iMessage historical data, which is often backed up inside iCloud. Apple was notified of the issue as early as November 2015 and it rolled out a patch for the iMessage protocol in iOS 9.3 and OS X 10.11.4.
DRM

Cory Doctorow On What iPhone's Missing Headphone Jack Means For Music Industry (fastcompany.com) 394

Rumors of Apple's next iPhone missing a headphone jack have been swirling around for more than a year now. But a report from WSJ a few weeks ago, and another report from Bloomberg this week further cemented such possibility. We've talked about it here -- several times -- but now Cory Doctorow is shedding light on what this imminent change holds for the music industry. Reader harrymcc writes: Fast Company's Mark Sullivan talked about the switch with author and EFF adviser Cory Doctorow, who thinks it could lead to music companies leveraging DRM to exert more control over what consumers can do with their music.From the article:"If Apple creates a circumstance where the only way to get audio off its products is through an interface that is DRM-capable, they'd be heartbreakingly naive in assuming that this wouldn't give rise to demands for DRM," said Doctorow. If a consumer or some third-party tech company used the music in way the rights holders didn't like, the rights holders could invoke the anti-circumvention law written in Section 1201 of the Digital Millennium Copyright Act (DMCA). Steve Jobs famously convinced the record industry to remove the DRM from music on iTunes; is there really any reason to believe the industry might suddenly become interested in DRM again if the iPhone audio goes all digital? "Yes -- for streaming audio services," Doctorow says. "I think it is inevitable that rights holder groups will try to prevent recording, retransmission, etc." Today it's easy to record streamed music from the analog headphone jack on the phone, and even to convert the stream back to digital and transmit it in real time to someone else. With a digital stream it might not be nearly so easy, or risk-free."Doctorow shares more on BoingBoing.
Republicans

Cracking The Code On Trump Tweets (time.com) 330

jIyajbe writes: From Electoral-Vote.com: "A theory has been circulating that the Donald Trump tweets that come from an Android device are from the candidate himself, while the ones that come from an iPhone are the work of his staff. David Robinson, a data scientist who works for Stack Overflow, decided to test the theory. His conclusion: It's absolutely correct. Robinson used some very sophisticated algorithms to analyze roughly 1,400 tweets from Trump's timeline, and demonstrated conclusively that the iPhone tweets are substantively different than the Android tweets. The former tend to come later at night, and are vastly more likely to incorporate hashtags, images, and links. The latter tend to come in the morning, and are much more likely to be copied and pasted from other people's tweets. In terms of word choice, the iPhone tweets tend to be more neutral, with their three most-used phrases being 'join,' '#trump2016,' and '#makeamericagreatagain.' The Android tweets tend to be more emotionally charged, with their three most-used phrases being 'badly,' 'crazy,' and 'weak.'" reifman adds: In an excellent forensic text analysis of Trump's tweets with the Twitter API, data geek David Robinson demonstrates Trump authors his angriest, picture-less, hashtag-less Android tweets often in the morning, while staff tweet from an iPhone with pictures, hashtags and greater joy mostly in the middle of the day. Robinson's report was inspired by a tweet by artist Todd Vaziri. As for why Robinson decided to look into Trump's tweets, he told TIME, "For me it's more about finding a really interesting story, a case where people suspect something, but don't have the data to back it up. For me it was much more about putting some quantitive details to this story that has been going around than it was about proving something about Trump's campaign."
Desktops (Apple)

Apple Said To Plan First Pro Laptop Overhaul in Four Years (bloomberg.com) 304

It's been a while since Apple upgraded most of its computer lineups. It has come to a point, where it's being advised that the Cupertino-based company should stop selling the dated inventories. But the wait will be over later this year, says Mark Gurman, the reporter with the best track record in Apple's ecosystem. Reporting for Bloomberg, Gurman says that the company will be overhauling its MacBook Pro laptop line for the first time in over four years, packing it with a range of interesting features. From the report: The updated notebooks will be thinner, include a touch screen strip for function keys, and will be offered with more powerful and efficient graphics processors for expert users such as video gamers, said the people, who asked not to be named. The most significant addition to the new MacBook Pro is a secondary display above the keyboard that replaces the standard function key row. Instead of physical keys, a strip-like screen will present functions on an as-needed basis that fit the current task or application. The smaller display will use Organic Light-Emitting Diodes, a thinner, lighter and sharper screen technology, KGI Securities analyst Ming-Chi Kuo said earlier this year. Apple's goal with the dedicated function display is to simplify keyboard shortcuts traditionally used by experienced users. The panel will theoretically display media playback controls when iTunes is open, while it could display editing commands like cut and paste during word processing tasks, the people said. The display also allows Apple to add new buttons via software updates rather than through more expensive, slower hardware refreshes. [...] Apple is using one of AMD's "Polaris" graphics chips because the design offers the power efficiency and thinness necessary to fit inside the slimmer Apple notebook, the person said.
IOS

Zero-Day Hunters Will Pay Over Twice as Much as Apple's New Bug Bounty Programme (vice.com) 29

Joseph Cox, writing for Motherboard: Last week, Apple finally joined other technology giants and announced a bug bounty programme, where hackers can submit details of previously unknown vulnerabilities in Apple systems and devices, and get paid for sharing them with the company. But Apple is not going to be without competition. On Wednesday, established bug-hunting company Exodus Intelligence launched its own new acquisition programme for both vulnerabilities and exploits. And when it comes to iOS bugs, the company is offering up to more than double Apple's maximum payout. While Apple's highest bounty is $200,000, Exodus is advertising a maximum of $500,000 for vulnerabilities affecting iOS 9.3 or above. Exodus provides details of vulnerabilities and working exploits to customers who pay a subscription fee of around $200,000 per year, according to Time. Those customers could be on the defensive side -- such as antivirus vendors who want to plug newly discovered holes -- or part of an offensive team using the exploit to target systems themselves. On its site, Exodus emphasises the former, writing that it "works with the research community to find these attacks first and make them available to security vendors and enterprises, allowing them to deploy defenses before their adversaries can attack."
Android

Chrome Is Nearly Ready To Talk To Your Bluetooth Devices (engadget.com) 151

Jon Fingas, writing for Engadget: Don't look now, but your web browser is about to become aware of the devices around you. After months of testing, Google has switched on broader experimental support in Chrome and Chrome OS for Web Bluetooth, which lets websites interact with your nearby Bluetooth gear. You could use a web interface to control your smart home devices, for instance, or send data directly from your heart rate monitor to a fitness coach. At the moment, trying Web Bluetooth requires the stars to align in just the right way. You'll need a pre-release version of Chrome 53, and you'll naturally want to find (or create) a website that uses the tech in the first place.
Businesses

Report: Apple Watch 2 Coming Late 2016 With GPS, Faster Processor and Better Waterproofing (9to5mac.com) 159

An anonymous reader writes: Apple analyst KGI's Ming-Chi Kuo says the Apple Watch 2 is right around the corner. The analyst says the Watch will arrive in late 2016 and will likely be announced alongside the iPhone 7 in September. It will reportedly feature a GPS, barometer, better waterproofing, as well as a new internal SoC for faster performance. Those looking for a fresh new design may be disappointed as KGI does not expect the physical design of the watch to change at all. The Apple Watch 2 will essentially be an 'iPhone S' update, where it keeps the same physical design with improved internal specifications. In addition to the updated Apple Watch 2, Apple is expected to update the original Apple Watch with a new SoC to improve CPU and GPU performance. The price of the Apple Watch in general should be cut even further than it already has. The original Apple Watch could receive more than a $50 reduction in its pricing, possibly pushing it below the $200 mark. We should know more in early September when Apple unveils the iPhone 7.
Government

Iran Bans Pokemon Go Over 'Security Concerns' (usatoday.com) 71

An anonymous reader writes: Iran has become the first country to ban Pokemon Go, the mobile game where users (aka Pokemon trainers) roam the physical world in search for digital creatures known as Pokemon. The country cites security concerns for the reason behind the ban. "Any game that wants to operate nationwide in Iran needs to obtain permission from the ministry of culture and Islamic guidance, and the Pokemon Go app has not yet requested such a permission," Abolhasan Firouzabadi, the head of Iran's supreme council of virtual space, told the Isna news agency. The Guardian reports that Iranian officials feel that the game can create problems for the country and its people. Iranian authorities use smart filtering software, a system that affects connectivity speeds and in many cases has replaced more traditional mechanisms for blocking internet services, the Guardian reported.
AI

Apple Acquires Machine Learning and AI Startup Turi (geekwire.com) 14

An anonymous reader quotes a report from GeekWire: Machine learning and artificial intelligence startup Turi has been acquired by Apple in a deal characterized as a blockbuster exit for the Seattle-based company, formerly known as Dato and GraphLab, GeekWire has learned. The acquisition reflects a larger push by Apple into artificial intelligence and machine learning. It also promises to further increase the Cupertino, Calif.-based company's presence in the Seattle region, where Apple has been building an engineering outpost for the past two years. Multiple sources with knowledge of the deal confirmed that Turi has been acquired. Sources close to the deal pegged the purchase price at around $200 million, marking a huge outcome for the original investors and early shareholders. Apple's plans for Turi's technology are not clear, but the company has been making a broad push into artificial intelligence through an expansion of its Siri personal assistant and related technologies. Turi lets developers build apps with machine learning and artificial intelligence capabilities that automatically scale and tune. Its products -- which include the Turi Machine Learning Platform, GraphLab Create, Turi Distributed, and Turi Predictive Services -- are largely designed to help large and small organizations make better sense of data. Use cases include recommendation engines, fraud detection, predicting customer churn, sentiment analysis, and customer segmentation.
Japan

Kids Can Now Learn To Code With Pocky, the Delicious Japanese Snack (theverge.com) 51

Dami Lee, writing for The Verge: Even if you didn't grow up in Asia, chances are you've had this ubiquitous Japanese snack before. Walk into most grocery stores in America and you'll find a box of Pocky, and in multiple flavors like strawberry and green tea if your supermarket is fancy. With over dozens of flavors and variations, there's a Pocky for all occasions! There's a Pocky for Men. Now, there's Pocky for kids, with an educational aspect. Pocky's maker, Glico, has made a game called Glicode (Like if Wilco made a coding game called Wilcode) that gets kids coding by having them arrange actual cookies and snacks, then snapping a photo to translate them into digital commands. Glico's other products like Almond Peak chocolates and Biscuit Cream Sands are also featured in the game, representing "if" and "sequence" commands, respectively. It's a lot like Apple's Swift Playgrounds, with simple programming tasks commanding a funny-looking blob to walk around on platform blocks. The app is only available on Android for now.
Microsoft

Microsoft Swaps Toy Gun Emoji For Revolver -- Days After Apple Does the Opposite (arstechnica.co.uk) 331

The pistol emoji has become a heated topic of debate among people. Apple's decision to replace the gun with a toy pistol is getting a mixed response. Amid all this, Microsoft has announced it is replacing the toy gun emoji with a symbol for a real revolver. ArsTechnica reports: This emoji change is part of the Windows 10 Anniversary Update, which is rolling out now. The move has surprised some, as Microsoft and Apple had been seen as allies in an effort to dial down violence in emoji generally. In June it emerged that the two had successfully lobbied to have a sports rifle removed from the latest collection of emoji, as it was felt that two firearm symbols would be too many.Microsoft says it is only trying "to align with the global Unicode standard." The issue is that despite Apple's thought on the matter, when an iPhone (or iPad or a Mac) user sends a water pistol emoji, people with devices running non-Apple OS are only going to see a regular pistol. The article adds: Analysts had been worried that without standardisation between platforms, intent for violent emoji could be misunderstood. For instance, if someone sent an acquaintance a message using their iPhone offering to come around with some friends and some waterguns, that acquaintance might well misunderstand the thrust of the message if they were using an Android phone and saw a series of pistols.Emojipedia, an emoji reference website has a good suggestion: Apple: Don't change the pistol emoji. At least not today. Hide it. Unicode does not depreciate emojis, but there is no requirement to show all approved emojis on the keyboard. The pistol emoji could be removed from the iOS emoji keyboard without causing any cross platform compatibility issues.
Bug

Apple Announces Bug Bounty At Black Hat With Maximum $200,000 Reward (threatpost.com) 39

msm1267 quotes a report from Threatpost: Apple closed out Black Hat today with a long-awaited announcement that next month it will launch a bug bounty. The Apple Security Bounty will be an invitation-only program, open to two dozen researchers at the outset, said Ivan Krstic, head of security engineering and architecture. The maximum payout is $200,000 and five classes of bugs in iOS and iCloud are in scope. Apple said the maximum reward will be $200,000 for vulnerabilities and proof-of-concept code in secure boot firmware components. It will also pay $100,000 for the extraction of confidential material protected by its Secure Enclave Processor, $50,000 for code execution flaws with kernel privileges or unauthorized access to iCloud account data on Apple servers, and $25,000 access from a sandboxed process to user data outside that sandbox.
Portables (Apple)

Apple Should Stop Selling Four-Year-Old Computers (theverge.com) 472

It's been a while since Apple upgraded its MacBook Air, MacBook Pro, and Mac Pro models. Four years, one month, and twenty-four days, to be exact, in case of the MacBook Pro. Apple is inexplicably still selling the exact same models for its Mac line that it introduced in 2012. Pretty much every Windows OEM has had an Intel Skylake-powered processor in its laptops for more than a year now, but Apple's computing lineup is still shipping with the three-to-four years old processor, and graphics card. Things have gotten so bad, that MacRumors' Buying Guide, which is considered to be an "online institution" among Apple nerds, has flagged all of Apple laptops as "Don't Buy" In a column, The Verge's Sam Byford says that Apple should stop selling the old laptops. He writes: Apple iterates quickly and consistently in mobile because the rate of technological progress is so much more dramatic in that arena. The company does amazing work to keep its iPhones and iPads ahead of competitors, performance-wise. Simple Intel processor upgrades are less important to laptops these days, however, and I'm finding this 2012 MacBook Pro fine to work from right now -- faster than my 2015 MacBook, at least, which is enough for my needs. But that doesn't mean it isn't unconscionable for Apple to continue to sell outdated products to people who may not know any better. Is the company really saving that much money by using 2012 processors and 4GB of RAM as standard? Even an update to Intel's Haswell chips from 2013 would have brought huge battery life improvements. Apple is bound by the whims of its suppliers to a certain extent, and it may not always make sense for the company to upgrade its products with every single new chip or GPU that comes out. But there's a certain point at which it just starts to look like absent-mindedness, and many Mac computers are well past that point now. [...] If Apple doesn't want to keep its products reasonably current, that's its prerogative. But if that truly is the case, maybe it shouldn't sell them at all.It's also ironic, coming from a company whose executive not long ago made fun of people who had five years old computer. Folks at Accidental Tech Podcast also discussed the same recently.
Operating Systems

Microsoft, Google, Apple Could Be Requested To Actively Block Pirated Downloads, Says Report (torrentfreak.com) 207

Popular operating systems by Microsoft, Apple, and Google could possibly soon nuke torrents downloaded (PDF, non-English language) from The Pirate Bay and other websites that offer copyright infringing content, warns a report published by Black Market Watch and the Global Initiative against Transnational Organized Crime. The report adds that the aforementioned companies are in an ideal position to deter piracy, and could be requested by the authority to put a system in place to block pirated content on the operating system level. Via a TorrentFreak report: "Other players that possess the potential ability to limit piracy are the companies that own the major operating systems which control computers and mobile devices such as Apple, Google and Microsoft," one of the main conclusions reads. "The producers of operating systems should be encouraged, or regulated, for example, to block downloads of copyright infringing material," the report adds. The report references last year's Windows 10 controversy, noting that these concerns were great enough for some torrent sites to block users with the new operating system. While Sweden doesn't have enough influence to make an impact on these global software manufacturers, applying pressure through the international community and trade groups may have some effect.
Operating Systems

LibreOffice 5.2 Officially Released (softpedia.com) 103

prisoninmate writes from a report via Softpedia: LibreOffice 5.2 is finally here, after it has been in development for the past four months, during which the development team behind one of the best free office suites have managed to implement dozens of new features and improvements to most of the application's components. Key features include more UI refinements to make it flexible for anyone, standards-based document classification, forecasting functions in Calc, the spreadsheet editor, as well as lots of Writer and Impress enhancements. A series of videos are provided to see what landed in the LibreOffice 5.2 office suite, which is now available for download for GNU/Linux, Mac OS X, and Microsoft Windows operating systems.
Facebook

Apple Makes Slight Progress On Diversity While Its Rivals Are Making Practically None (macrumors.com) 241

The workforce at Apple is still predominately white and male, reveals the diversity report the company released Wednesday. But that doesn't mean that its efforts to improve diversity haven't yielded improvements. This is the third year that the Cupertino giant has released its diversity numbers and the balance is improving, although a bit slowly. From a MacRumors report: Its overall workforce, including tech, non-tech, and retail jobs, is 68% male and 32% female as of June 2016, a slight change from a 69%-31% split in 2015. Apple's race and ethnicity breakdown among U.S. employees is 19% Asian, 9% Black, 12% Hispanic, 2% Multiracial, 1% Other, and 56% White, representing a 2 percent increase in White employees and a 1 percent increase in both Asian and Hispanic employees compared to last year's data. Females represent 37% of Apple's global new hires, while U.S. underrepresented minorities represent 27% of global new hires. Apple defines underrepresented minorities as "groups whose representation in tech has been historically low -- Black, Hispanic, Native American, Native Hawaiian, and Other Pacific Islander."Washington Post compares Apple's progress to other Silicon Valley giants, claiming that rest of the industry is mostly sitting idle. (Alternate source: Reuters) From the report: At Facebook, black and Hispanic employees make up 2 and 4 percent of the employee base. Despite commitments to diversity, neither Google nor Facebook have made a dent in those numbers since they first announced them in 2014.
IOS

Apple Replaces The Pistol Emoji With A Water Gun (cnn.com) 246

Apple has a announced a number of new emoji changes on Monday, but the most controversial new change is that the pistol emoji will be replaced with a green water gun emoji in the company's upcoming iOS 10 operating system: The water gun swap is not Apple's first foray into cartoon gun control. Earlier this year the governing body in charge of emojis nixed a proposed rifle emoji. It was one of a number of possible new additions, but Unicode Consortium members Apple and Microsoft argued against the Olympics-inspired gun, according to Buzzfeed. Last year, an organization called New Yorkers Against Gun Violence started a campaign to get Apple to replace its version of the pistol emoji. It launched a site, disarmtheiphone.com, and sent an open letter to remove the firearm emoji "as a symbolic gesture to limit gun accessibility." As it stands, Microsoft is the only major software company to use a toy gun emoji instead of a pistol emoji in Windows -- Google, Samsung, Facebook and Twitter all use realistic pistol emojis. Apple's iOS 10 will be released in fall, but you can download the iOS 10 public beta to be one of the first to wield the toy gun emoji.
Microsoft

Microsoft Brings ChakraCore to Linux and OS X (cio.com) 106

An anonymous reader quotes a columnist at CIO: A few days ago I wrote about Microsoft's revival of Skype for Linux. I called it "a big deal" -- less because of Skype itself and more because it signified Microsoft's recognition that Linux is a platform worth supporting... Now the company has done it again. At Node Summit this week, Microsoft announced the availability of ChakraCore for Linux. ChakraCore is the core part of the Chakra JavaScript engine that powers Microsoft Edge and Universal Windows Platform. With this move, Microsoft is putting one of its core technologies on a competing platform. This, more than any other Linux-friendly move the company has made, is a clear departure from the Microsoft of Gates and Ballmer that used its technologies to lock users into Windows...

While Ubuntu is the primary Linux distribution that Microsoft is using to showcase its ChakraCore technologies, the company said that the support should easily translate to other modern Linux distributions.

Microsoft's blog post says the experimental implementation runs not only on x64 Linux but also on OS X.
Television

Apple's Rigid Negotiating Tactics Cost Us 'Skinny Bundles' For Apple TV, Says Report (thenextweb.com) 111

An anonymous reader quotes a report from The Next Web: According to a new report from The Wall Street Journal, the reason we don't have actual TV channels on the Apple TV is because the company tried to strong-arm networks -- and failed. Apple's Senior Vice President Eddy Cue is said to have taken the wrong approach. In one meeting, he reportedly told TV executives that "time is on my side." Cue is also accused of bluffing executives by claiming other networks -- specifically Disney and Fox -- were already signed up. The company also refused to show off the Apple TV interface, or "sketch it on the back of a napkin," as one media executive requested. Cue also tried to strike hard bargains, says WSJ. He reportedly asked that Disney put off the royalties Apple would have to pay for several years. Those 'skinny bundles' we heard so much about were what Apple was planning to build its TV experience around, too. In 2015, a bundle consisting of Fox, ESPN and Disney content was conceptualized (and priced at $30), but no agreements were ever signed. In an effort to create more original programming, Apple is scheduled to release its 'Planet of the Apps' TV show about app developers next year.
Businesses

Samsung Beat Apple In Smartphone Shipments, Profit Surges To 2-Year High (thehindu.com) 126

An anonymous reader writes: Earlier reports speculated this to be true, but now it's official: Samsung has beat Apple in smartphone shipments to lift the company to its most profitable quarter in over two years. The Hindu reports: "Riding on the strong sales of its Galaxy S7 and Galaxy S7 Edge smartphones, Samsung Electronics on Thursday declared 8.14 trillion won ($7billion) year on-year operating profit -- 18 percent in the second quarter results. Touted as bad news for Apple that saw a 15 percent decline in iPhone sales in its second quarter results announced this week, Samsung saw substantial earnings improvement led by sales of its flagship products such as Galaxy S7 and S7 edge. A streamlined mid-to low-end smartphone lineup also contributed to improved profitability for the company. According to Samsung, it shipped about 90 million handsets in the April-June period with smartphones making up more than 80 per cent of the total, the Korea Herald reported. Samsung's second-quarter smartphone shipments are estimated at about 72 million units, almost doubling Apple's iPhone shipments of 40.4 million units during the same period."

Slashdot Top Deals