Security researcher Trevor Spiniolas has discovered a vulnerability "capable of locking iOS devices into a spiral of freezing, crashing, and rebooting if a user connects to a sabotaged Apple Home device," reports The Verge. From the report: The vulnerability [...] can be exploited through Apple's HomeKit API, the software interface that allows an iOS app to control compatible smart home devices. If an attacker creates a HomeKit device with an extremely long name -- around 500,000 characters -- then an iOS device that connects to it will become unresponsive once it reads the device name and enter a cycle of freezing and rebooting that can only be ended by wiping and restoring the iOS device. What's more, since HomeKit device names are backed up to iCloud, signing in to the same iCloud account with a restored device will trigger the crash again, with the cycle continuing until the device owner switches off the option to sync Home devices from iCloud.

Though it's possible that an attacker could compromise a user's existing HomeKit-enabled device, the most likely way the exploit would be triggered is if the attacker created a spoof Home network and tricked a user into joining via a phishing email. To guard against the attack, the main precaution for iOS users is to instantly reject any invitations to join an unfamiliar Home network. Additionally, iOS users who currently use smart home devices can protect themselves by entering the Control Center and disabling the setting "Show Home Controls." (This won't prevent Home devices from being used but limits which information is accessible through the Control Center.)

Apple hit a market cap of $3 trillion during intraday trading on Monday, tripling its valuation in under four years. Apple broke the barrier when its share price hit $182.86. From a report: The milestone is mostly symbolic but it shows investors remain bullish on Apple stock and its ability to grow. Apple showed annual growth across all of its product categories in its fourth-quarter earnings, with revenue up 29% year-over-year. While the iPhone is still the biggest sales driver, Apple's services business grew 25.6% year-over-year and delivered more than $18 billion in revenue during the quarter. And analysts see plenty of room to run. In December, for example, Morgan Stanley's Katy Huberty raised the firm's price target on Apple from $164 to $200, and maintained the equivalent of a buy rating, arguing that new products like virtual reality and augmented reality headsets aren't yet baked into the share price. Huberty also said she expects Apple's App Store revenue to outperform Morgan Stanley's forecasts for the quarter and for Apple to ship 83 million units during the December quarter, 3 million more than anticipated.

Indian antitrust watchdog on Friday ordered an investigation into Apple's business practices -- in particular, the company mandating iPhone app developers to use a proprietary payments system -- in India, where the American firm commands less than 2% of the smartphone market. From a report: The Competition Commission of India, which ordered the Director General to conduct the probe within 60 days, said it is of the prima facie view that the mandatory use of Apple's in-app payments system for paid apps and in-app purchases "restrict[s] the choice available to the app developers to select a payment processing system of their choice especially considering when it charges a commission of up to 30% for app purchases and in-app purchases."

According to a new report from The Information, Apple has increased its reliance on Chinese partners, both as a way of cutting costs as well as to "curry favor with Beijing." 9to5Mac reports: Today's report from The Information comes on the heels of a separate report from the publication earlier this month in which it described a so-called secret deal between Apple CEO Tim Cook and Chinese government officials. Through this deal, Apple reportedly committed to investing more than $275 billion in China over five years.

The report details that Foxconn, which is headquartered in Taiwan, is on the verge of being unseated as Apple's top supplier by Luxshare, which is headquartered in China: "Luxshare has the potential to unseat Foxconn as Apple's top supplier. The Chinese company already exceeds Foxconn's main publicly listed unit in terms of market capitalization, though Foxconn generated roughly $105 billion from Apple in 2020 -- more than 10 times Luxshare's haul. But in terms of valuation, Luxshare has also eclipsed major Apple contractors such as Quanta Computer, Pegatron and Wistron, all of which are headquartered in Taiwan. Foxconn has become increasingly concerned about Luxshare's meteoric rise, including its significantly higher net profit margin, going so far as to form a task force to study the company, Reuters previously reported."

The report explains that Apple's move to shift more of its business to Chinese companies is part of Tim Cook fulfilling his $275 billion pledge to the Chinese government: "In shifting more business to Chinese companies, Cook, the architect of Apple's supply chain in China, is fulfilling his pledge to Beijing to expand its domestic tech industry, which will help the country reduce its reliance on companies based outside the mainland, including Taiwan -- a country China considers a renegade region. A year after Cook signed the economic agreement with China, Luxshare became the first Chinese company to secure a final assembly contract for a major Apple product, the AirPods, ending the dominance of Taiwanese firms. Apple's moves also might win over more Chinese consumers, which at times have shunned Apple in favor of local brands like Huawei based on nationalism. Apple generates nearly 20% of its revenue from the country." The report goes on to mention that Apple helped Luxshare manufature AirPods in 2017. "The AirPods were Luxshare's first major assembly contract for Apple, catapulting the company into the upper echelons of Apple suppliers that handle, pack and ship finished goods," reports The Information.

South Korea's government wants Google and Apple to block new and existing play-to-earn (P2E) games, saying such games should not receive an age rating to get listed on their respective app stores. From a report: The country's Game Management Committee in the Ministry of Culture, Sports, and Tourism said in an official letter called its request "reasonable" as money gained from P2E games could be considered prizes. In Korea, prizes from gaming are allowed to be only around US$8.5 at a time. The ministry's move comes after game developer SkyPeople's P2E title, Five Stars for Klaytn, was blocked from getting a rating it required to get listed in April this year.

An anonymous reader quotes a report from CNBC, written by Todd Haselton: Apple's decision to ditch Intel paid off this year. The pivot allowed Apple to completely rethink the Mac, which had started to grow stale with an aging design and iterative annual upgrades. Following the divorce from Intel, Apple has launched far more exciting computers which, paired with an ongoing pandemic that has forced people to work and learn from home, have sent Apple's Mac business soaring. It wasn't always a given. When Apple announced its move away from Intel in 2020, it was fair to question just how well Apple could power laptops and desktop computers. Apple has used in-house chips for iPhones and iPads but had been selling Intel-powered computers for 15 years. It wasn't clear how well its macOS desktop software would work with apps designed to run on Intel chips, or whether its processors would offer any consumer benefits and keep up with intensive tasks that people turned to MacBooks to run. Those fears were quickly quelled.

The first M1 Apple chip was launched in 2020 in a MacBook Air laptop. It was more powerful than Intel's chip while offering longer battery life and enabling a fanless design, which helped keep Apple's new MacBook Air even quieter. It proved to be an early success. In April 2021, CEO Tim Cook said during the company's fiscal second-quarter earnings call that the M1 chip helped fuel the 70.1% growth in Apple's Mac revenue, which hit $9.1 billion during that quarter. The growth continued in fiscal Q3, when Mac revenue was up 16% year over year. That quarter, it launched the all-new iMac, which offered a redesigned super-thin metal body that looks like a screen propped up on a stand. It's slimmer than the Intel models that came before it, while offering other benefits, like a much better webcam, great speakers and a much sharper display than the models it replaced. And Apple made the launch more exciting by offering an array of colors for the iMac, which it hadn't done since it shipped the 1999 iMac. There was a slowdown in fiscal Q4, when Mac revenue grew just 1.6%, as Apple, like all manufacturers, saw a slowdown from the burst of sales driven by the start of the pandemic and dealt with supply chain woes. But fiscal Q4 sales didn't include revenue from its most exciting new computer of the year.

Apple's fiscal Q1 earnings in January will give an indication of how well all its new computers are selling. But it's clear the move from Intel has allowed Apple to move full speed ahead with its own chip development, much like it does for iPhones and iPads, the latter of which has yet to be matched by any other tablet on the market. It's no longer beholden to delays that plagued Intel, which started to lag behind AMD with its new 7nm chips. And Apple has full control over its "stack," which means it can design new computer hardware and software together, instead of letting the power of another company's chips dictate what its computers can and can't do.

Apple has put the southern India factory of Foxconn on probation following protests from workers over subpar food and accommodation conditions, a concern both the firms acknowledged and pledged to address. From a report: The iPhone maker didn't say how long the probation will last, but an Apple spokesperson in India told TechCrunch that the firm "will ensure our strict standards are met before the facility reopens." Foxconn's factory in the state of Tamil Nadu employs about 17,000 people. Protests erupted in the factory last week after hundreds of women who work at the plant and live in one of the hostels had to be treated for food poisoning and more than 100 were hospitalized, according to earlier local media reports.

Apple has issued unusual and significant stock bonuses to some engineers in an effort to retain talent, looking to stave off defections to tech rivals such as Facebook owner Meta Platforms. From a report: Last week, the company informed some engineers in silicon design, hardware, and select software and operations groups of the out-of-cycle bonuses, which are being issued as restricted stock units, according to people with knowledge of the matter. The shares vest over four years, providing an incentive to stay at the iPhone maker. The bonuses, which came as a surprise to those who received them, have ranged from about $50,000 to as much as $180,000 in some cases. Many of the engineers received amounts of roughly $80,000, $100,000 or $120,000 in shares, said the people, who asked not to be identified because the program isn't public. The perk was presented by managers as a reward for high performers.

An update to Tumblr's iOS app censors a long list of tags to comply with Apple's strict safety guidelines. From a report: The platform explains that it's changing iOS users' ability to access sensitive content, affecting their experience when it comes to searching for content, scrolling through the "Stuff for You" and "Following" sections of the dashboard, and could even prevent access to blogs that are flagged. Tumblr says it has to "extend the definition of what sensitive content is" to "remain available within Apple's App Store," and it seems that Tumblr stretched it pretty far. Tags are what make posts searchable on Tumblr; posts with censored tags won't appear on a users' dashboard, nor will they show up on the platform's search page. A Twitter thread brought attention to some of the absurd tags that ended up getting filtered out on iOS, including the tag "submission." The interesting part, though, is that Tumblr applies that tag automatically when a post is submitted and then published to a blog on the platform. Users on iOS who receive a submission to their blog won't even be able to view it since the "submission" tag is already added, as shown in a post by one Tumblr user.

Apple has reportedly hired Andrea Schubert, Meta's communications and public relations lead for its augmented reality (AR) products, according to Bloomberg reporter Mark Gurman in his Power On newsletter. The Verge reports: Schubert's LinkedIn page indicates that she's been working for Meta for nearly six years. "Meta, with Oculus, has been the market leader in headsets, so such a hire makes sense as Apple nears its launch," Gurman explains. On both Black Friday and Cyber Monday this year, Meta's Oculus Quest 2 was one of the top-selling products. Not to mention that Meta's Oculus app topped the App Store in the US on Christmas Day, and became the number one free app on the Google Play store today, a potential sign that a significant amount of people received the headset as a gift this holiday. According to Apple analyst Ming-Chi Kuo, the company's AR headset could launch sometime in 2022, featuring 8K displays and "Mac-level" computing power. It may also cost a whopping $3,000 and be geared largely for developers at launch.

The Dutch antitrust authority has found that Apple's rules requiring software developers to use its in-app payment system are anti-competitive and ordered it to make changes, Reuters has reported, citing people familiar with the matter, in the latest regulatory setback for the iPhone maker. From the report: Apple's app-store payment policies, in particular its requirement that app developers exclusively use its payment system where commissions range between 15% and 30%, have long drawn complaints from developers. The Dutch investigation into whether Apple's practices amounted to an abuse of a dominant market position was launched in 2019 but later reduced in scope to focus primarily on dating market apps. They included a complaint from Match Group, owner of the popular dating service Tinder, which said Apple's rules were hindering it from direct communications with its customers about payments.

The Justice Department is still months away from deciding whether to sue Apple or file a new suit against Google over antitrust concerns, POLITICO reported Thursday, citing two people familiar with the discussions -- a question facing new financial complications after the collapse of President Joe Biden's social spending bill. From a report: DOJ antitrust prosecutors had earlier aimed to wrap up their probes of the two tech giants by Dec. 31, culminating years of scrutiny by the department into Apple's App Store and Google's command of the online ad market. But now the decision on going to court is likely to come in March or later because of continued discussions about where to file and who will make the call, the two people told POLITICO. They spoke anonymously to discuss internal DOJ deliberations. Another major concern for the department is the likely expense of a court battle with the two companies, each of which has a market value exceeding $1 trillion. That issue became more fraught this week when Sen. Joe Manchin (D-W.Va.) torpedoed Democrats' Build Back Better package, which would have given DOJ a $500 million boost for antitrust enforcement.

Render creator Ian Zelbo has shared a trio of high-quality product renders of Apple's upcoming AR/VR headset that's expected to arrive in the fourth quarter of 2022. "The renders are based on earlier reporting from The Information and showcase the device in crisp 8K images," reports Screen Rant. "Zelbo's previously done renders for AirTag, iPhone 13, and other Apple gadgets leading up to their release -- all of which have been incredibly representative of the final product." From the report: Assuming Apple's headset actually looks like this, it could be one of the best-designed gadgets in the niche so far. The front of the headset is taken up entirely by curved glass, with the frame touting a sleek (likely aluminum) construction. Behind that glass is a mesh fabric cushion -- not unlike the cushions used for the earcups on AirPods Max. That AirPods Max inspiration is also seen with the oval button on top of the headset.

Moving to the headset's strap, there's clear inspiration taken from the Apple Watch's sport band. It appears to have the same silicon design, loops, and metal clasp. The back of the headband also bears a resemblance to Apple's AirTag Loop accessory thanks to its open design. Not only does the whole package look good, but it should also result in a very comfortable wearing experience. If the face cushion and head strap are even half as comfortable as the products they're inspired by, that's worth getting excited for.

Apple plans to add a 48-megapixel camera lens to the iPhone next year, followed by a periscope lens in 2023, according to analyst Ming-Chi Kuo. MacRumors reports: In a research note today with TF International Securities, obtained by MacRumors, Kuo said these iPhone camera upgrades over the next two years will help to boost Taiwanese manufacturer Largan Precision's market share, revenue, and profit. Kuo did not provide any further details, but he has previously claimed that the 48-megapixel camera will be limited to iPhone 14 Pro models and allow for 8K video recording, up from 4K currently. These high-resolution 8K videos would be suitable for viewing on Apple's AR/VR headset that is expected to launch next year, he said.

Kuo also previously claimed that iPhone 14 Pro models may support both 48-megapixel and 12-megapixel output, which would likely be achieved with a process known as pixel binning. Already in use on some Android smartphones, like Samsung's Galaxy S21 Ultra, pixel binning could allow iPhone 14 Pro models to shoot 48-megapixel photos in bright conditions and 12-megapixel photos in low-light conditions to preserve quality. Further ahead, Kuo reiterated his belief that at least one iPhone 15 model will gain a periscope lens in 2023, paving the way for significantly increased optical zoom. This lens would have folded camera optics, where light absorbed by the image sensor is bent or "folded," allowing for increased optical zoom while maintaining a compact design appropriate for smartphones.

Apple announced that it has officially released Swift Playgrounds 4. The tech giant first announced the upcoming launch of the new software at WWDC earlier this year. From a report: With this latest launch, the software now lets users build iPhone and iPad apps with SwiftUI directly on their iPad. It also allows you to preview apps in real time as you make changes to your app. Apple notes that developers are now able to upload their finished app to the App Store with its "App Store Connect" integration. "Swift Playgrounds is the best and easiest way to learn how to code," Apple said in a blog post. "Code is immediately reflected in the live preview as you build apps, and you can run your apps full screen to test them out. A new open project format based on Swift packages can be opened and edited in Swift Playgrounds for iPad, as well as within Xcode on Mac, offering you even more versatility to develop apps across iPad and Mac."

Apple is rebuilding Apple Music as a full native app with the first beta of macOS Monterey 12.2. 9to5Mac reports: Back in 2019, when Apple introduced macOS Catalina, the well-known iTunes was replaced by the Music app to better reflect the company's strategy on iOS and tvOS. However, although under a new name, the Music app on macOS retained the iTunes backend, which was basically a bunch of web content loaded into an app. While this works for most users, having web content within apps makes the experience less fluid. Luckily Apple is finally changing this with macOS Monterey 12.2 beta, which includes some big changes to the Music app backend.

As first noted by Luming Yin on Twitter, Apple Music in macOS 12.2 beta now uses AppKit -- which is macOS' native interface framework. 9to5Mac was able to confirm based on macOS code that the Music app is now using JET, which is a technology created by Apple to turn web content into native apps. Some parts of the Music app were already native, such as the music library. But now Mac users will notice that searching for new songs in Apple Music is much faster as the results pages are displayed with a native interface instead of as a webpage. Scrolling between elements has also become smoother with the beta app, and trackpad gestures are now more responsive.

wiredmikey shares a report from SecurityWeek: Security researchers at Google's Project Zero have picked apart one of the most notorious in-the-wild iPhone exploits and found a never-before-seen hacking roadmap that included a PDF file pretending to be a GIF image with a custom-coded virtual CPU built out of boolean pixel operations. If that makes you scratch your head, that was exactly the reaction from Google's premier security research team after disassembling the so-called FORCEDENTRY iMessage zero-click exploit used to plant NSO Group's Pegasus surveillance tool on iPhones.

"We assess this to be one of the most technically sophisticated exploits we've ever seen," Google's Ian Beer and Samuel Grob wrote in a technical deep-dive into the remote code execution exploit that was captured during an in-the-wild attack on an activist in Saudi Arabia. In its breakdown, Project Zero said the exploit effectively created "a weapon against which there is no defense," noting that zero-click exploits work silently in the background and does not even require the target to click on a link or surf to a malicious website. "Short of not using a device, there is no way to prevent exploitation by a zero-click exploit," the research team said.

The researchers confirmed the initial entry point for Pegasus was Apple's proprietary iMessage that ships by default on iPhones, iPads and macOS devices. By targeting iMessage, the NSO Group hackers needed only a phone number of an AppleID username to take aim and fire eavesdropping implants. Because iMessage has native support for GIF images (especially those that loop endlessly), Project Zero's researchers found that this expanded the attack surface and ended up being abused in an exploit cocktail that targeted a security defect in Apple's CoreGraphics PDF parser. Within Apple's CoreGraphics PDF parser, the NSO exploit writers abused Apple's implementation of the open-source JBIG2, a domain specific image codec designed to compress images where pixels can only be black or white. Describing the exploit as "pretty terrifying," Google said the NSO Group hackers effectively booby-trapped a PDF file, masquerading as a GIF image, with an encoded virtual CPU to start and run the exploit. Apple patched the exploit in September and filed a lawsuit seeking to hold NSO Group accountable.

Long-time Slashdot reader ttyler shares a tweet from NBC News tech reporter Zoe Schiffer: Tim Cook just sent out an email delaying Apple's return to work to a date 'yet to be determined. He also said the company is giving every corporate employee $1,000 to spend on home office equipment. MacRumors adds: There is no word on when employees will be expected to go back to work, and for now, those who are able to do so will continue to work from home. The delay will be welcome news to Apple employees who have been dreading the return to corporate offices, but Apple does plan to have employees come back at some point. Apple executives have made it clear since the beginning of the pandemic that employees will eventually need to return work. "Video conference calling has narrowed the distance between us, to be sure, but there are things it simply cannot replicate," Cook said back in June.

When it is safe for employees to return to the office, Apple is planning for a hybrid work schedule. Employees will be expected to be in the office three days a week, but will have the option of working from home for two days a week. Apple also plans to allow employees to work remotely for up to one month per year, giving them more time to travel and be closer to loved ones. Because employees will need to continue to work from home, Cook said that Apple is giving every corporate employee $1,000 to spend on home office equipment.

Apple has quietly nixed all mentions of CSAM from its Child Safety webpage, suggesting its controversial plan to detect child sexual abuse images on iPhones and iPads may hang in the balance following significant criticism of its methods. From a report: Apple in August announced a planned suite of new child safety features, including scanning users' iCloud Photos libraries for Child Sexual Abuse Material (CSAM), Communication Safety to warn children and their parents when receiving or sending sexually explicit photos, and expanded CSAM guidance in Siri and Search. Following their announcement, the features were criticized by a wide range of individuals and organizations, including security researchers, the privacy whistleblower Edward Snowden, the Electronic Frontier Foundation (EFF), Facebook's former security chief, politicians, policy groups, university researchers, and even some Apple employees.

The U.K.'s antitrust watchdog has given the clearest signal yet that interventions under an upcoming reform of the country's competition rules will target tech giants Apple and Google -- including their duopolistic command of the mobile market, via iOS and Android; their respective app stores; and the browsers and services bundled with mobile devices running their OSes. From a report: So it could mean good news for third-party developers trying to get oxygen for alternatives to dominant Apple and Google apps and services down the line. Publishing the first part of a wide-ranging mobile ecosystem market study -- which was announced this summer -- the Competition and Markets Authority (CMA) said today that it has "provisionally" found Apple and Google have been able to leverage their market power to create "largely self-contained ecosystems"; and that the degree of lock-in they wield is damaging competition by making it "extremely difficult for any other firm to enter and compete meaningfully with a new system." "The CMA is concerned that this is leading to less competition and meaningful choice for customers," the watchdog writes in a press release. "People also appear to be missing out on the full benefit of innovative new products and services -- such as so-called 'web apps' and new ways to play games through cloud services on iOS devices."