Calls from scammers pretending to be from Apple and Amazon have been appearing lately. In the case of Apple, some of them mention suspicious iCloud activity.
In both scenarios, the scammers say you can conveniently press 1 to speak with someone (how nice of them!). Or they give you a phone number to call. Don’t do either. It’s a scam. They’re trying to steal your personal information, like your account password or your credit card number.
Twitter announced on Wednesday that its mobile app now supports physical security keys for iPhone and Android. The company added support for these keys in 2018 but people could only use them in a browser. But switching to the WebAuthn protocol brings the method to mobile devices.
Now anyone with a security key set up on their Twitter account can use that same key to log in from their mobile device, so long as the key is supported. (A ton of security keys exist today that work across different devices, like YubiKeys and Google’s Titan key.)
An engineer for Amazon Web Services was able to run Windows on ARM on an M1 Mac, and it’s faster than Microsoft’s Surface Pro X.
According to Geekbench 5 results, Windows ARM running on the M1 chip is faster than Microsoft’s Surface Pro X, which is a great deal. The version running on the M1 Mac scored a single-core score of 1288 and a multi-core score of 5449, which obliterates the Surface’s single-core score of 765 and multi-core score of 3014.
Google’s security firm Project Zero published a report on Tuesday detailing an iPhone Wi-Fi exploit that Apple patched earlier this year in iOS 13.5. It’s a long, 30,000 word blog post, but ArsTechnica has a good breakdown.
Beer developed several different exploits. The most advanced one installs an implant that has full access to the user’s personal data, including emails, photos, messages, and passwords and crypto keys stored in the keychain. The attack uses a laptop, a Raspberry Pi, and some off-the-shelf Wi-Fi adapters.
Apple has released a tool for owners of its Pro Display XDR screen that lets users calibrate their display for specific color workflows.
Every Pro Display XDR undergoes state-of-the-art factory calibration with laboratory grade instrumentation. Pro Display XDR Calibrator enables in-field recalibration of Pro Display XDR for specific color workflows that may require custom calibration. Recalibration with this utility requires one of the following spectroradiometers: Photo Research SpectraScan PR-740, PR-745 or PR-788; Colorimetry Research CR-300
A UNIX command line tool called “ls” can be used to bypass Mac privacy protections like TCC (Transparency, Consent, and Control) and the sandbox. This provides unauthorized access to file metadata in directories that are supposed to be protected
I continue to believe that macOS “security” is mainly theater that only impedes the law-abiding Mac software industry while posing little problem for Mac malware. It doesn’t take a genius hacker to bypass macOS privacy protections: calling “ls” is a script kiddie level attack.
It affects macOS Big Sur, Catalina, and Mojave.
As Arielle Pardes points out, you’d think some of the tech companies were merging with the amount of features they’re copying from one another. This market is so free you guys.
Does your head hurt? Mine does, as do my thumbs, which now have three times as many platforms to scroll for short-form and ephemeral videos. I am overwhelmed with content and underwhelmed by features—at least until the next big thing comes along, and everyone lunges to copy that.
I have definitely noticed this when it comes to Facebook, if only because I don’t like Facebook. They’ve copied all they could from Snapchat. In my opinion, Mark Zuckerberg wants Facebook to be as ubiquitous as WeChat is in China. All interactions, all commerce must flow through Facebook because Mark Zuckerberg can’t conceive of a different business model. Or, he can conceive but he doesn’t care. Why should he? We reward him by using his services.
Victoria Song advises that we should reexamine our digital file system and maybe reduce, reuse, and recycle our content.
Look, 2020 was supposed to be my year. I set out with what I thought were pretty reasonable New Year’s resolutions—one of which was to spend less time on my screens. And then the pandemic hit. During the endless hours that ensued, I noticed something: My digital filing system was a goddamn mess.
I’m taking this opportunity to shamelessly recommend my system of personal information management. It does use a series of structured folders but more importantly it creates a consistent way to write file names.
Developer John Evelyn created a hand-drawn, first-person shooting game for Apple Arcade called The College Atlas. In this interview he shares his story.
In broadly creative terms, and on a more positive note, there is a dizzyingly big market out there and the last 20 years have seen a huge diversification in terms of what kinds of games players will engage with. In decades gone by, I think I would have been laughed off the face of the Earth for my extremely low-poly approach – not to mention lack of scores or traditional narrative structure – but not now.
It’s certainly interesting to think about. Do smartphones count as “external brains?”Does wearing an Apple Watch make us a cyborg? Alex Hern examines the issue, although I disagree on one part: It’s definitely not an Apple-specific phenomenon.
Without us even noticing, Apple has turned us into organisms living symbiotically with technology: part human, part machine. We now outsource our contact books, calendars and to-do lists to devices. We no longer need to remember basic facts about the world; we can call them up on demand.
Read the article, then watch this TEDTalk from cyborg anthropologist Amber Case.
South Korea’s recently launched privacy watched has announced a $6.1 million for Facebook, Reuters reported. It said the social media giant shared millions of users’ data without their permission.
The country’s Personal Information Protection Commission, launched in August this year, said in a statement it fined Facebook after a probe found that the personal information of least 3.3 million of the 18 million Facebook users in Korea were provided to operators other than Facebook without their knowledge, from May 2012 to June 2018. When someone uses another operator’s service through Facebook’s log-in, the personal information of the user’s Facebook friends were provided to other operators without their consent, the commission said. The commission said it will refer Facebook Ireland Ltd, the recipient of the fine, to the country’s prosecution for a criminal investigation.
Comcast announced that its monthly 1.2TB data cap will come to 12 more states and the District of Columbia in 2021.
[…] an update to Comcast’s website said that the cap is coming to Connecticut, Delaware, Massachusetts, Maryland, Maine, New Hampshire, New Jersey, North Carolina, New York, Pennsylvania, Vermont, West Virginia, and the District of Columbia. The cap is also coming to parts of Virginia and Ohio where it wasn’t already implemented. In all, Comcast has nearly 28 million residential Internet customers.
Plenty of people are calling this a money grab since the ISP networks seemed to handle the influx of video conferencing and remote work just fine during this pandemic, with no complaints from these companies.
Amazon Sidewalk is a new initiative by the company that creates a low-bandwidth network pooled from the personal networks of Amazon device owners.
Amazon Sidewalk is a shared network, coming later this year, that helps devices like Amazon Echo devices, Ring Security Cams, outdoor lights, and motion sensors work better at home and beyond the front door. When enabled, Sidewalk can unlock unique benefits for your device, support other Sidewalk devices in your community, and even open the door to new innovations like locating items connected to Sidewalk.
Of course, there are numerous privacy and security concerns, although Amazon does claim it has “strong encryption” without going into details.
Carriers may be hit by fines worth up to 10 percent of their revenue by the UK government for breaching its Huawei ban. It’s part of a proposed new law, reported Bloomberg News.
The Telecommunications Security Bill is meant to oversee 5G mobile and fiber networks and will include electronic equipment and software that handles internet traffic and phone calls, the Department for Digital, Culture, Media and Sport said in a statement Tuesday. Communications regulator Ofcom will be in charge of enforcement. The bill will give the government the power to implement and enforce the ban on Huawei’s 5G equipment that it announced in July. Carriers have until the end of 2020 to stop buying the gear, after the U.K. deemed the Chinese technology giant a security risk, and the companies must remove existing Huawei equipment from their 5G networks by 2027. “This will be a significant step to protect the U.K. from hostile cyber activity by state actors or criminals,” the DCMS said in the statement. “Over the past two years the government has attributed a range of cyber attacks to Russia and China, as well as North Korea and Iranian actors.”
Researchers found backdoors found in Jetstream routers that lets a hacker remotely control the router and any device connected to it. This router is sold exclusively at Walmart.
CyberNews reached out to Walmart for comment and to understand whether they were aware of the Jetstream backdoor, and what they plan to do to protect their customers. After we sent information about the affected Jetstream device, a Walmart spokesperson informed CyberNews: “Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it.”
Bad news for owners of these routers, but at least Walmart won’t sell them anymore.
In a similar situation to a Facebook scam, researchers uncovered an unsecured database with over 380 million records in a potential Spotify hacking operation.
The origins of the database and how the fraudsters were targeting Spotify are both unknown. The hackers were possibly using login credentials stolen from another platform, app, or website and using them to access Spotify accounts.
Working with Spotify, we confirmed that the database belonged to a group or individual using it to defraud Spotify and its users. We also helped the company isolate the issue and ensure its customers were safe from attack.
Larry O’Conner, CEO of Other World Computing (OWC), wrote a helpful explainer about the differences between Thunderbolt 4 used by Apple and Thunderbolt 4 used by PCs.
You see, Thunderbolt 4 finally promises PC/Windows users all the features Thunderbolt 3 has long offered Apple users. For Mac users, full Thunderbolt capability has always been present. This has been true since the first Macs with Thunderbolt 3 (Thunderbolt USB-C). What Apple did was simply call out that they now support USB 4. This is in addition to the Thunderbolt features already standard and present.
Cryptomator is my top recommendation for file encryption and it recently shared its late 2020 development roadmap.
What’s up with Cryptomator for iOS? For the last 6-7 months, we have been hard at work on a completely new app written in Swift.
What will be so special about the rewrite? Cryptomator will be fully integrated into the Files app. This comes with many benefits like thumbnails, support for third-party apps that can edit files directly inside the vault, and many more!
Great news. What I’ve also been hoping for is the ability to access Cryptomator vaults in external storage on iOS/iPadOS, like you can on the Mac.
On Thursday, Apple defended its iOS 14 anti-tracking feature in a letter to privacy groups like the EFF, criticizing data collection practices like those used by Facebook. Naturally, Facebook responded.
[Apple] are using their dominant market position to self-preference their own data collection while making it nearly impossible for their competitors to use the same data. They claim it’s about privacy, but it’s about profit.
Fortunately, of course it’s possible to be private and profitable simultaneously. Paid apps and services hopefully incentivize developers to monetize their talent, not our attention through tracking and ads.
Popular Android messaging app Go SMS Pro has exposed millions of photos and videos, it has emerged. Cybersecurity firm Trustwave made the discovery and shared the information with TechCrunch.
Security researchers at Trustwave discovered the flaw in August and contacted the app maker with a 90-day deadline to fix the issue, as is standard practice in vulnerability disclosure to allow enough time for a fix. But after the deadline elapsed without hearing back, the researchers went public. Trustwave shared its findings with TechCrunch this week. When a Go SMS Pro user sends a photo, video or other file to someone who doesn’t have the app installed, the app uploads the file to its servers, and lets the user share a web address by text message so the recipient can see the file without installing the app. But the researchers found that these web addresses were sequential. In fact, any time a file was shared — even between app users — a web address would be generated regardless. That meant anyone who knew about the predictable web address could have cycled through millions of different web addresses to users’ files.
SiriusXM announced on Thursday its entry into the podcast market, with original programming like “Marvel’s Wastelanders.”
Original podcasts from SiriusXM that chronicle sports’ greatest rivalries, comedy’s biggest legends, country stars’ humble beginnings, and gripping first-person tales from medicine’s front lines
Plus, influential podcasts from FOX News and popular podcasts from leading creators and providers including Stitcher, NBC News, CNN, NPR, ViacomCBS, The Wall Street Journal, HBO, Wondery, ESPN, Barstool, TNT, Joel Osteen Ministries, WNYC Studios, Slate, TED, Westwood One, PRX, and many more
Apple has said that its Fitness+ service will arrive by the end of this year. MacRumors reported that the iOS 14.3 and watchOS 7.2 betas (the latest of which was released Wednesday,) indicate the service could arrive alongside those updates.
The current watchOS 7.2 beta that was released this morning has a splash screen with what’s new, and Apple Fitness+ is listed as one of the features. The first iOS 14.3 beta also had an unfinished mention of Apple Fitness+ in the Analytics portion of the Privacy settings, but it has since been removed. Given that we’re expecting iOS 14.3 and watchOS 7.2 to come out right around the beginning of December, it matches up with Apple’s late 2020 launch timeline for Fitness+.
The developers behind camera app Halide examined the iPhone 12 Pro Max photography, as well as that of the iPhone 12 mini.
We had an advanced look at the Pro Max specs, but to recap, it has: A 47% larger sensor A faster ƒ/1.6 lens; A brand-new ‘sensor shift’ stabilization system for low-light; ISO sensitivity is 87% higher; A new telephoto lens, reaching a new length of 65mm (full-frame equivalent)
I’ve been under the impression that the iPhone 12 Pro also had the bigger sensor, but it sounds like it’s limited to the Pro Max. Now I’m sad.
Pandora announced on Wednesday its holiday shows with seasonal Modes and a Soundboard Study.
Pandora has enhanced two of its most popular holiday stations, Holiday Hits and Christmas Radio. Both stations now feature Modes, a popular feature that allows you to customize your station listening experience based on a musical theme. Whether you want to tune into favorites from Christmas past or present, instrumentals or ensembles, covers or duets, Pandora has a Mode for every warm holiday feel.
