According to the U.S. Patent and Trademark Office, Apple has filed a patent for an "Electronic accessory device." It describes a "thin" accessory that contains traditional laptop hardware like a large display, physical keyboard, GPU, ports and more -- all of which is powered by an iPhone or iPad. The device powering the hardware would fit into a slot built into the accessory. AppleInsider reports: While the accessory can take many forms, the document for the most part remains limited in scope to housings that mimic laptop form factors. In some embodiments, for example, the accessory includes a port shaped to accommodate a host iPhone or iPad. Located in the base portion, this slot might also incorporate a communications interface and a means of power transfer, perhaps Lightning or a Smart Connector. Alternatively, a host device might transfer data and commands to the accessory via Wi-Fi, Bluetooth or other wireless protocol. Onboard memory modules would further extend an iOS device's capabilities. Though the document fails to delve into details, accessory memory would presumably allow an iPhone or iPad to write and read app data. In other cases, a secondary operating system or firmware might be installed to imitate a laptop environment or store laptop-ready versions of iOS apps. In addition to crunching numbers, a host device might also double as a touch input. For example, an iPhone positioned below the accessory's keyboard can serve as the unit's multitouch touchpad, complete with Force Touch input and haptic feedback. Coincidentally, the surface area of a 5.5-inch iPhone 7 Plus is very similar to that of the enlarged trackpad on Apple's new MacBook Pro models. Some embodiments also allow for the accessory to carry an internal GPU, helping a host device power the larger display or facilitate graphics rendering not possible on iPhone or iPad alone. Since the accessory is technically powered by iOS, its built-in display is touch-capable, an oft-requested feature for Mac. Alternatively, certain embodiments have an iPad serving as the accessory's screen, with keyboard, memory, GPU and other operating guts located in the attached base portion. This latter design resembles a beefed up version of Apple's Smart Case for iPad.
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
BrianFagioli quotes a report from BetaNews: As more and more consumers buy Mac computers, evildoers will have increased incentive to write malware for macOS. Luckily, users of Apple's operating system that choose to use Google Chrome for web surfing will soon be safer. You see, the search giant is improving its Safe Browsing initiative to better warn macOS users of malicious websites and attempts to alter browser settings. "As part of this next step towards reducing macOS-specific malware and unwanted software, Safe Browsing is focusing on two common abuses of browsing experiences: unwanted ad injection, and manipulation of Chrome user settings, specifically the start page, home page, and default search engine. Users deserve full control of their browsing experience and Unwanted Software Policy violations hurt that experience," says Google. The search giant further explains, "The recently released Chrome Settings API for Mac gives developers the tools to make sure users stay in control of their Chrome settings. From here on, the Settings Overrides API will be the only approved path for making changes to Chrome settings on Mac OSX, like it currently is on Windows. Also, developers should know that only extensions hosted in the Chrome Web Store are allowed to make changes to Chrome settings. Starting March 31 2017, Chrome and Safe Browsing will warn users about software that attempts to modify Chrome settings without using the API."
An anonymous reader quotes a report from 9to5Mac: AOL announced today that it is starting to cut off third-party app access to its Instant Messenger service. As first noticed by ArsTechnica, AOL began notifying users of at least one third-party app, Adium, that it would become obsolete starting on March 28th. At this point, it's unclear whether or not all third-party applications will be rendered useless come March 28th, but the message presented to Adium users seemed to strongly imply that: "Hello. Effective 3/28, we will no longer support connections to the AIM network via this method. If you wish to use the free consumer AIM product, we invite you to visit http://www.aim.com/ for more information." What this likely means is that AOL is shutting down the OSCAR chat protocol that is used to handle AIM messages. The service will, however, continue to be available via AOL's own chat app that is supported on macOS, Windows, iOS, and Android.
An anonymous reader quotes a report from Softpedia: It's finally here! After so many months of development and hard work, during which over 6,600 bugs have been patched, the Wine project is happy to announce today, January 24, 2017, the general availability of Wine 2.0. Wine 2.0 is the biggest and most complete version of the open-source software project that allows Linux and macOS users to run applications and games designed only for Microsoft Windows operating systems. As expected, it's a massive release that includes dozens of improvements and new features, starting with support for Microsoft Office 2013 and 64-bit application support on macOS. Highlights of Wine 2.0 include the implementation of more DirectWrite features, such as drawing of underlines, font fallback support, and improvements to font metrics resolution, font embedding in PDF files, Unicode 9.0.0 support, Retina rendering mode for the macOS graphics driver, and support for gradients in GDI enhanced metafiles. Additional Shader Model 4 and 5 shader instructions have been added to Direct3D 10 and Direct3D 11 implementation, along with support for more graphics cards, support for Direct3D 11 feature levels, full support for the D3DX (Direct3D Extension) 9 effect framework, as well as support for the GStreamer 1.0 multimedia framework. The Gecko engine was updated to Firefox 47, IDN name resolutions are now supported out-of-the-box, and Wine can correctly handle long URLs. The included Mono engine now offers 64-bit support, as well as the debug registers. Other than that, the winebrowser, winhlp32, wineconsole, and reg components received improvements. You can read the full list of features and download Wine 2.0 from WineHQ's websiteS.
An anonymous reader writes: Swedish hardware hacker Ulf Frisk has created a device that can extract Mac FileVault2 (Apple's disk encryption utility) passwords from a device's memory before macOS boots and anti-DMA protections kick in. The extracted passwords are in cleartext, and they also double as the macOS logon passwords. The attack requires physical access, but it takes less than 30 seconds to carry out. A special device is needed, which runs custom software (available on GitHub), and uses hardware parts that cost around $300. Apple fixed the attack in macOS 10.12.2. The device is similar to what Samy Kamker created with Poison Tap.
Apple has launched Single Sign-on, a service designed to make logging into TV apps much less annoying. It "allows cable subscribers to sign in once with their cable credentials to gain access to all cable-restricted content in iOS and tvOS apps," writes Juli Clover via MacRumors: Single Sign-on is limited to the United States, and according to a support document, is available for the following providers: CenturyLink Prism, DirecTV, Dish, GVTC, GTA, Hawaiian Telecom, Hotwire, MetroCast, and Sling. While Single Sign-on was introduced and tested in the tvOS 10.1 and iOS 10.2 betas, the feature was remotely released today to all iOS 10 and tvOS 10 devices. Using Single Sign-on does not require one of the betas, and is instead immediately available to all iPhone and Apple TV users running iOS 10 or tvOS 10. With Single Sign-on, customers with a supported provider will use the Settings options in iOS or tvOS to sign in with their cable credentials. From then on, when accessing a supported app that requires a cable subscription, the app will ask to use the saved sign-on credentials. Most cable channels and content providers offer individual apps on the Apple TV and iOS devices, but still require cable authentication before users can access content. Prior to Single Sign-on, customers were required to enter their credentials in each individual app, a frustrating and time-consuming process.
An anonymous reader writes:Apple has released the open source Darwin code for macOS 10.12 Sierra. The code, located on Apple's open source website, can be accessed via direct link now, although it doesn't yet appear on the site's home page. The release builds on a long-standing library of open source code that dates all the way back to OS X 10.0. There, you'll also find the Open Source Reference Library, developer tools, along with iOS and OS X Server resources. The lowest layers of macOS, including the kernel, BSD portions, and drivers are based mainly on open source technologies, collectively called Darwin. As such, Apple provides download links to the latest versions of these technologies for the open source community to learn and to use.
As if we don't already have enough devices that can listen in on our conversations, security researchers at Israel's Ben Gurion University have created malware that will turn your headphones into microphones that can slyly record your conversations. TechCrunch reports: The proof-of-concept, called "Speake(a)r," first turned headphones connected to a PC into microphones and then tested the quality of sound recorded by a microphone vs. headphones on a target PC. In short, the headphones were nearly as good as an unpowered microphone at picking up audio in a room. It essentially "retasks" the RealTek audio codec chip output found in many desktop computers into an input channel. This means you can plug your headphones into a seemingly output-only jack and hackers can still listen in. This isn't a driver fix, either. The embedded chip does not allow users to properly prevent this hack which means your earbuds or nice cans could start picking up conversations instantly. In fact, even if you disable your microphone, a computer with a RealTek chip could still be hacked and exploited without your knowledge. The sound quality, as shown by this chart, is pretty much the same for a dedicated microphone and headphones. The researchers have published a video on YouTube demonstrating how this malware works.
An anonymous reader quotes a report from Network World: As Phil Schiller explained during today's event, Apple's new MacBook Pros feature four Thunderbolt 3 USB Type-C ports, and conveniently, each of these can be used to charge the machine. Now, USB-C is incredibly versatile, and Apple will use the advanced port for power charging, HDMI and much more. However, with USB-C the only game in town, you might reasonably be wondering: How in the world do I connect my iPhone to my sleek new MacBook Pro? The frustrating answer is that you won't be able to do so out of the box. Instead, you'll have to buy a dongle. This is especially frustrating because many people use their notebooks for a) charging purposes when an outlet isn't necessarily handy and b) for transferring photos and other data. Now, you might reasonably state that you can just rely upon the cloud for items like data transfer, but there's no getting around the fact that Apple's efforts in the cloud still leave much to be desired. How much will it cost to connect your iPhone to your brand new MacBook Pro? Well, Apple sells a USB-C to Lightning cable on its website for $25. While this is undoubtedly frustrating, we can't say that it's entirely unexpected given Apple gave us a preview of its preference for USB-C when it released its 12-in. MacBook last year. Still, it's a funky design choice for a decidedly Pro-oriented device where the last thing a prospective consumer would want to do is spend some extra cash for a dongle after spending upwards of $2,399. Lastly, while we're on the topic of ports, it's worth noting that the new MacBook Pros also do away with the beloved MagSafe connector.
An anonymous reader writes: "A team of scientists from two U.S. universities has devised a method of bypassing ASLR (Address Space Layout Randomization) protection by taking advantage of the BTB (Branch Target Buffer), a component included in many modern CPU architectures, including Intel Haswell CPUs, the processor they used for tests in their research," reports Softpedia. The researchers discovered that by blasting the BTB with random data, they could run a successful collision attack that reveals the memory locations where apps execute code in the computer's memory -- the very thing that ASLR protection was meant to hide. While during their tests they used a Linux PC with a Intel Haswell CPU, researchers said the attack can be ported to other CPU architectures and operating systems where ASLR is deployed, such as Android, iOS, macOS, and Windows. From start to finish, the collision attack only takes 60 milliseconds, meaning it can be embedded with malware or any other digital forensics tool and run without needing hours of intense CPU processing. You can read the research paper, titled "Jump Over ASLR: Attacking Branch Predictors to Bypass ASLR," here.
An anonymous reader quotes a report from Motherboard: First the headphone jack, now the USB port? Rumor has it that Apple may get rid of the USB 3.0 port and the Magsafe port (where the charger plugs in) on the next generation of MacBooks. Japanese tech site Macotakara, which accurately predicted that Apple would kill the headphone jack on the iPhone 7, now also claims that the USB port is on the way out. The move would be similar to Apple's latest 12-inch MacBook and its streamlined profile. There's also word that Apple may discontinue the 11-inch MacBook Air to focus instead on the 13-inch laptop. Discontinuing the 11-inch MacBook Air would also potentially boost sales on the 12-inch MacBook. If these rumors are in fact true, then the new MacBooks will have only a USB-C and Thunderbolt 3 ports. Both of these ports are about the size of the part of an iPhone charger that plugs into the phone. But since most laptop accessories still plug in via the USB port, Apple owners might have to use an adaptor, or upgrade their technology. Meanwhile, the new MacBooks would likely be charged through the USB-C port or Thunderbolt 3 port. Currently, Apple already sells a USB-C dock with other USB and HDMI ports for $79. The USB-C port uses USB 3.1 Standard, according to PCWorld, which will connect to a wide variety of accessories, such as external hard drives, cameras, and printers. The USB 3.1 can also transfer data between the host computer and the peripheral accessories at a speed of 10 gigabits per second, which is twice as fast as the USB 3.0. Apple is expected to reveal the new Macs at an October 27th event in Cupertino, California.
Evernote has sent an email to users warning of a serious bug "in some versions of Evernote for Mac that can cause images and other attachments to be deleted from a note under specific conditions." The company claims only "a small number of people" are affected, but those who have received the email will need to update their Mac app as soon as possible. The glitch occurs in the September version of the software, and less frequently in the versions released since June. TechCrunch reports: In these applications, certain sequences of events can cause an image or other attachments to be deleted from notes without warning, but text is not affected. For example, the bug can be triggered by skimming quickly through a large number of notes, Evernote says. The email explains that once the company identified the problem, it worked quickly to implement a solution and attempted to restore all lost data. The issue was under discussion in Evernote's forums earlier this month. For heavy Evernote users, the bug could have a major impact. One user in the forums posted that they had 20,000 notes in their Evernote account, as part of their PhD research. Hundreds (or maybe even thousands) of their notes may have now become corrupted, according to their post. Unfortunately for some affected users, data recovery was not possible through automated means, the company's email stated. Instead, Evernote is advising those users who are missing attachments to use Evernote's note history feature in Evernote Premium to try to recover the missing data.
An anonymous reader quotes a report from Ars Technica: Yesterday, software developer John Brooks released what is clearly a work of pure love: the first update to an operating system for the Apple II computer family since 1993. ProDOS 2.4, released on the 30th anniversary of the introduction of the Apple II GS, brings the enhanced operating system to even older Apple II systems, including the original Apple ][ and ][+. Which is pretty remarkable, considering the Apple ][ and ][+ don't even support lower-case characters. You can test-drive ProDOS 2.4 in a Web-based emulator set up by computer historian Jason Scott on the Internet Archive. The release includes Bitsy Bye, a menu-driven program launcher that allows for navigation through files on multiple floppy (or hacked USB) drives. Bitsy Bye is an example of highly efficient code: it runs in less than 1 kilobyte of RAM. There's also a boot utility that is under 400 bytes -- taking up a single block of storage on a disk. The report adds: "In addition to the Bitsy Boot boot utility, the ProDOS 2.4 'floppy' includes a collection of utilities, including a MiniBas tiny BASIC interpreter, disk imaging programs to move files from physical floppies to USB and other disk storage, file utilities, and the 'Unshrink' expander for uncompressing files archived with Shrinkit."
An anonymous reader writes from a report via Softpedia: An attacker can use a modified USB Ethernet adapter to fool Windows and Mac computers into giving away their login credentials. The attack relies on using a modified USB Ethernet adapter that runs special software, which tricks the attacked computer into accepting the Ethernet adapter as the network gateway, DNS, and WPAD server. The attack is possible because most computers will automatically install any plug-and-play (PnP) USB device. Even worse, when installing the new (rogue) USB Ethernet adapter, the computer will give out the local credentials needed to install the device. The custom software installed on the USB intercepts these credentials and logs them to an SQLite database. This attack can take around 13 seconds to carry out, and the USB Ethernet adapter can be equipped with an LED that tells the attacker when the login credentials have been stolen.
New reader puenktli writes: Just five months after Transmission was infected with the first 'ransomware' ever found on the Mac, the popular BitTorrent client is again at the center of newly uncovered OS X malware. Researchers at security website We Live Security have discovered the malware, called OSX/Keydnap, was spread through a recompiled version of Transmission temporarily distributed through the client's official website. OSX/Keydnap executes itself in a similar manner as the previous Transmission ransomware KeRanger, by adding a malicious block of code to the main function of the app, according to the researchers. Likewise, they said a legitimate code signing key was used to sign the malicious Transmission app, different from the legitimate Transmission certificate, but still signed by Apple and thereby able to bypass Gatekeeper on OS X.
prisoninmate writes from a report via Softpedia: LibreOffice 5.2 is finally here, after it has been in development for the past four months, during which the development team behind one of the best free office suites have managed to implement dozens of new features and improvements to most of the application's components. Key features include more UI refinements to make it flexible for anyone, standards-based document classification, forecasting functions in Calc, the spreadsheet editor, as well as lots of Writer and Impress enhancements. A series of videos are provided to see what landed in the LibreOffice 5.2 office suite, which is now available for download for GNU/Linux, Mac OS X, and Microsoft Windows operating systems.
An anonymous reader writes from a report via The Next Web: The Safari browser included in Apple's iOS 10 and macOS Sierra software is testing WebP, technology from Google that allows developers to create smaller, richer images that make the web faster. Basically, it's a way for webpages to load more quickly. The Next Web reports: "WebP was built into Chrome back at build 32 (2013!), so it's not unproven. It's also used by Facebook due to its image compression underpinnings, and is in use across many Google properties, including YouTube." Microsoft is one of the only major players to not use WebP, according to CNET. It's not included in Internet Explorer and the company has "no plans" to integrate it into Edge. Even though iOS 10 and macOS Sierra are in beta, it's promising that we will see WebP make its debut in Safari latest this year. "It's hard to imagine Apple turning away tried and true technology that's found in a more popular browser -- one that's favored by many over Safari due to its speed, where WebP plays a huge part," reports The Next Web. "Safari is currently the second most popular browser to Chrome." What's also interesting is how WebP isn't mentioned at all in the logs for Apple's Safari Technology Preview.
theodp writes: The Verge reports Apple is making good on an earlier threat to create a reality TV show about app developers. An open casting call has been issued for "Planet of the Apps," with the goal of finding "100 of the world's most talented app creators" -- news which VentureBeat suggests must be making Steve Jobs' ghost weep. Apple has teamed up with Propagate, a new production company created by the producer of "The Biggest Loser." The description of the show says: "Join us on the search for the next great app in a new original series. Those selected will have the chance to receive hands-on guidance from some of the most influential experts in the tech community, featured placement on the App Store, and funding from top-tier VCs." The show is expected to be released in 2017.
Reader itwbennett writes: Researchers from Cisco Systems' Talos group have found three memory corruption errors in the widely used open-source library libarchive that can result in arbitrary code execution and can be exploited by passing specially crafted files to applications that contain the vulnerable code. "The library is used by file and package managers included in many Linux and BSD systems, as well as by components and tools in OS X and Chrome OS," writes Lucian Constantin. "Developers can also include the library's code in their own projects, so it's hard to know how many other applications or firmware packages contain it." (Original blog post) So, while the libarchive maintainers have released patches for the flaws, it will likely take a long time for them to trickle down through all the affected projects.
An anonymous reader quotes a report from Network World: Ahead of Apple's WWDC keynote this year, one of the more bizarre and sketchy rumors we saw take shape claimed that Apple was planning to deliver iMessage to Android. As is typically the case, the rumor mill took this somewhat ridiculous rumor and ran with it. The only problem is that some people were so busy trying to figure out the ramifications of iMessage hitting Android that they didn't take a step back and try and figure out if this is something Apple would even contemplate in the first place. Remember, every move Apple makes is strategic and geared towards making more money, either via device sales or software. That being the case, iMessage on Android would not only be a free app, but it would also eliminate a user-experience advantage of iOS. Interestingly enough, Walt Mossberg of The Verge asked a senior Apple executive about the rumor whereupon the nameless executive all but indicated that iMessage will never be coming to Android. Walt Mossberg writes: "First, he said, Apple considers its own user base of 1 billion active devices to provide a large enough data set for any possible AI learning the company is working on. And, second, having a superior messaging platform that only worked on Apple devices would help sales of those device -- the company's classic (and successful) rationale for years."