
Mac OS X Sandbox Security Hole Uncovered

Gunkerty Jeb writes "Researchers at Core Security Technologies have uncovered a security hole that could allow someone to circumvent the application sandbox restrictions of Mac OS X. The report of the vulnerability, which affects Mac OS X 10.7x, 10.6x and 10.5x, follows Apple's announcement earlier this month that all applications submitted to the Mac App store must implement sandboxing as of March 1, 2012. Sandboxing, Apple has argued, limits the resources applications can access and makes it more difficult for malware to compromise systems. Researchers at Core however revealed Nov. 10 that they had warned Apple in September about a vulnerability in their sandboxing approach. According to Core's advisory, several of the default predefined sandbox profiles fail to 'properly limit all the available mechanisms.' As a result, the sandboxing restrictions can be circumvented through the use of Apple events."

Army Plots Its Smartphone Strategy

gManZboy writes "What kind of smartphone should a soldier have? Ahead of the impending expiration of two communications contracts, the Army's 5th Signal Command is prepping for the possibility of buying thousands of mobile devices. An RFI asks for BlackBerrys, 'emerging smartphones included but not limited to 4G devices such as Androids [and] iPhones,' tablet computers, and wireless broadband access devices. Also in the Army mobile vision: an apps marketplace."

iOS App Acoustically Measures Distances Up To 25 Meters

n01 writes "A recently published app for the iOS platform uses the propagation of sound waves to measure distances of up to 25 meters in a dual device mode. The technique works through repeatedly sending a chirp signal from the master device to which the other (reflector) device synchronizes itself and then replies in a similar fashion. A novel combination of techniques has been engineered to enhance the robustness in noisy environments, such as using an optimum-autocorrelation-signal and semi-automatic frequency calibration together with an averaging over multiple cycles."

Sony Racing Apple To Develop 'a New Kind of TV'

PolygamousRanchKid writes with an excerpt from SlashGear about Sony's efforts to reinvent the television set — a task many suspect Apple is focused on as well. Quoting: "'There's a tremendous amount of R&D going into a different kind of TV set,' CEO Howard Stringer told the WSJ (in a paywalled article). ... [W]hat Apple and Sony agree on is that the traditional TV paradigm must evolve if the segment is to become profitable again. A new model is 'what we’re all looking for,' Stringer confirmed, suggesting that 'we can’t continue selling TV sets [the way we have been]. Every TV set we all make loses money.'"

What's Keeping You On Windows?

tearmeapart writes "It may be time again for another discussion/flamewar on the reasons why a lot of us are (still) using Microsoft. The last big discussion on Slashdot was close to 10 years ago, and a lot has changed since then: Windows XP and 7 have proven to be stable (and memories of Windows ME are mostly gone.) There are many more distributions for Linux, especially commercial options. Distributions like Ubuntu and CentOS have made GNU/Linux more friendly. Options for word processing, spreadsheets, etc. have grown. Apple and their products have changed considerably, though their philosophy hasn't. Microsoft Silverlight came and is on the way out. Wine and solutions like Transgaming have matured. So... why are a lot of us still using Windows? What would it take for us to switch?"

Kindle Fire Will Be Hotter Than iPad This Holiday

zacharye writes "Amazon's upcoming Kindle Fire could be the hottest tablet on the market this holiday season, with demand that may even surpass Apple's blockbuster slate, the iPad 2. Results from a recent survey published by electronics shopping guide Retrevo.com suggest that more consumers are interested in purchasing Amazon's upcoming tablet than Apple's tried and true iPad. As a result, the site speculates that the Kindle Fire represents Apple's first real competition in the tablet space."

Charlie Miller Circumvents Code Signing For iOS Apps

Sparrowvsrevolution writes "At the SysCan conference in Taiwan next week, Charlie Miller plans to present a method that exploits a flaw in Apple's restrictions on code signing on iOS devices, the security measure that allows only Apple-approved commands to run in an iPhone's or iPad's memory. Using his method, an app can phone home to a remote computer that downloads new unapproved commands onto the device and executes them at will, including stealing the user's photos, reading contacts, making the phone vibrate or play sounds, or otherwise using iOS app functions for malicious ends. Miller created a proof-of-concept app called Instastock that appears to show stock tickers but actually runs commands from his server, and even got it approved by Apple's App Store." Update: 11/08 02:54 GMT by U L : Not unexpectedly, Apple revoked Miller's developer license.

Apple Faces Temporary iPhone, iPad Ban In Germany

An anonymous reader writes "A regional court has temporarily banned Apple from marketing or supplying iPhones and iPads in Germany, following a suit brought about by Motorola. However, Apple said that the judgement 'does not affect our ability to do business or sell products in Germany at this time.' This may have something to do with the respondent in the case being Apple Inc, the US parent company, and not Apple GmbH, the company's local subsidiary."

Cringely's Lost Jobs Interview: Coming To a Theater Near You

A few weeks ago, Robert X. Cringely revealed that a long-lost, hour-long interview he conducted of Steve Jobs in 1995 had been found. Now, it seems the lost tape has found its calling: the movies. Says the linked Economic Times story: "The interview will be shown at Landmark theaters in 19 cities around the country beginning Nov 16."

Apple Security Chief Steps Down After iPhone Gaffe

Trailrunner7 writes "Apple's vice president of global security has reportedly stepped down, roughly two months after the surfacing of news reports that an iPhone prototype had gone missing for the second time in less than two years. John Theriault, who came to Apple from Pfizer and was a former FBI agent, has retired in the wake of controversy regarding the device's disappearance and the subsequent efforts to track it down. Apple did not return a request for comment. Nevertheless, Theriault's departure follows a public relations dustup that began when an Apple employee left the prototype at a bar in San Francisco."

How Android Phone Makers Are Missing the Marketing Boat

An anonymous reader writes "Why are Android device commercials showing giant robots and lightning bolts and not advertising features? Here is an interesting blog post of things Android device manufacturers could be doing to get ahead of Apple, but aren't." On a similar front, as a mostly happy Android user, I must admit envy for the jillions of accessories marketed for the iPhone, especially ones that take advantage of that Apple-only accessory port; maybe the Android Open Accessory project will help.

Apple's Secret Weapon To Influence Industry Pricing

Hugh Pickens writes "Nick Wingfield writes in the NY Times that Apple's present pricing strategy is a big change from the 1990s, when consumers regarded Apple as a producer of overpriced tech baubles, unable to compete effectively with its Macintosh family of computers against the far cheaper Windows PCs. Now within the premium product categories where Apple is most at home, comparable devices often do no better than match or slightly undercut Apple's prices. 'They're not cheap, but I don't think they're viewed as high-priced anymore,' says Stewart Alsop. Winfield writes that Apple uses its growing manufacturing scale and logistics prowess to deliver Apple products at far more aggressive prices, which in turn gives it more power to influence pricing industrywide, and one of Apple's pricing secrets has been it's willingness to tap into its huge war chest — $82 billion in cash and marketable securities last quarter — to take big gambles by locking up supplies of parts for years."

Hardware Running Android Fails More Than iPhone, BlackBerry Hardware

hazytodd writes "Repairs to Android smartphones cost wireless carriers $2 billion per year according to a new year-long WDS study that tracked 600,000 support calls around the globe. Android's popularity and the introduction of a number of low-cost smartphones has put a strain on the wireless business model, WDS noted in its report. 'Deployment by more than 25 OEMs and lower-cost product coming to market is leading to higher than average rates of hardware failures and, in turn, return and repair costs.'"

Spanish Firm Wins Tablet Case Against Apple

pmontra writes "A Spanish company has won a legal case against Apple and will be able to sell an Android tablet that Apple had claimed infringes on the iPad patent. It is now seeking damages from Apple for a temporary seizure of its products by Spanish customs. Furthermore they are pursuing an antitrust complaint against Apple, alleging abusive anticompetitive behavior."
The Courts

Apple Threatens Bistro Over "AppleADay" Name

itwbennett writes "In today's edition of David v. Goliath, Apple lawyers have sent cease and desist letters to a tiny health food restaurant in Luxembourg named AppleADay. For their part, the owners of AppleADay, with help from a lawerly friend, have promised that they would continue to sell only food, not computers. Of course, Apple knows as well as anyone that promises are made to be broken, having famously promised Apple Corps, the Beatles' production company, they would never get into the music business."

Apple To Require Sandboxing For Mac App Store Apps

mario_grgic writes "And so it begins: Apple will require that all Mac apps submitted to the Mac App store stick to strict sandboxing requirements. This means you must ask Apple for read or read/write entitlements for additional folders outside your Application Support folder before your app is approved. There are also restrictions on direct hardware access, communication to processes your app did not start, or even something simple as taking a screenshot. All that is needed after this to turn your Mac into an appliance is to only allow app installations from App Store."

Siri Gives Apple Two Year Advantage Over Android

Hugh Pickens writes "Gary Morgenthaler, a recognized expert in artificial intelligence and a Siri board member, says that Apple now has at least a two-year advantage over Google in the war for best smartphone platform. 'What Siri has done is changed people's expectations about what's possible,' says Morgenthaler. 'Apple has crossed a threshold; people now expect that you should be able to expect to speak ordinary English — and be understood. Siri has cracked the code.' The threshold, from mere speech recognition to natural language input and understanding, is one that Google cannot cross by replicating the technology or making an acquisition adds Morgenthaler. 'There's no company out there they can go buy.' Morgenthaler's comments echo the recent article in Forbes Magazine, 'Why Siri Is a Google Killer' that says that Apple's biggest advantage over any other voice application out there today is the massive data Siri will collect in the next 2 years — all being stored in Apple's massive North Carolina data center — that will allow Siri to get better and better. 'Siri is a new interface for customers wanting to get information,' writes Eric Jackson. 'At the moment, most of us still rely on Google for getting at the info we want. But Siri has a foot in the door and it's trusting that it will win your confidence over time to do basic info gathering.'"

Consumer Tech: an IT Nightmare

snydeq writes "Advice Line's Bob Lewis discusses the difficulties IT faces in embracing the kinds of consumer technologies business users are demanding they support. 'Let's assume the consumerization of IT is the big trend many think it is. But using consumer tech in a business environment is a very different matter from being satisfied with consumer tech in a business environment. One of IT's legitimate gripes is that we're often asked to turn consumer-grade technology into business-grade technology with a wave of our magic wands. On top of the intrinsic technical challenges, there's this: IT doesn't have anything that even resembles a methodology for performing the business analysis we need to figure out what it means to put consumer tech to productive day-to-day use.'"

