Mac Gaming, Crypto Credit Cards, iOS 15, with Jeff Butts - ACM 553

Bryan Chaffin and Jeff Butts talk about the current state of Mac gaming, with Jeff focusing on improved Mac support at Steam. They also dive deeper into crypto credit cards where you can either spend your crypto and/or earn cryptocurrency rewards like Bitcoin on your purchases. And, Jeff has been deep into iOS 15 betas, and he talks about some of his favorite new features.

‘SolarWinds’ Hackers Used iOS Zero Day Against Government Officials

The Russian hackers behind the SolarWinds attack used an iOS zero day to steal credentials from Western European governments.

Attacks targeting CVE-2021-1879, as the zero-day is tracked, redirected users to domains that installed malicious payloads on fully updated iPhones. The attacks coincided with a campaign by the same hackers who delivered malware to Windows users, the researchers said.

Google published a blog post about zero-days here, and you can read coverage from Ars Technica at the link below.

How Apple Arcade Shows an OS Merger Isn’t Wise

Alex Blake of Digital Trends writes how the nature of Apple Arcade shows the pitfalls of merging iOS and macOS.

You see, Apple Arcade is a showcase for all that’s wrong with taking two very different operating systems and mashing them together into a mixed-up medley where no one wins. Because developers have to make games that work on the tiniest iPhone and the largest iMac, they are forced into compromises that weaken the games on both platforms.

I see his point and I think I agree with him. No one wins except maybe the lowest common denominator. Maybe the more powerful M1 chip would change that, but probably not. iPadOS apps haven’t yet taken full advantage of the chip, as one example.

WebKit Flaw Crashes Safari, Could Lead to Further Exploits

A WebKit flaw on iOS and macOS can cause Safari to crash and could lead to further malicious attacks.

The vulnerability stems from what security researchers call a type confusion bug in the WebKit implementation of AudioWorklet, an interface that allows developers to control, manipulate, render, and output audio and decrease latency. Exploiting the vulnerability gives an attacker the basic building blocks to remotely execute malicious code on affected devices.