Over the weekend Apple confirmed that the iMac Pro has been discontinued. Devices will continue to be sold until supplies run out.
Mac
Mac App Electrum Wallet With Backdoor Spotted in Wild
An Electrum wallet with a backdoor has been spotted in the wild by ConfiantIntel. They noticed that it’s another example of a piece of malware notarized by Apple. Link to tweet thread below.
These fake wallets were introduced during a Malvertising attack our security team discovered early this week, involving the hacking of a Major SSP. The hackers redirected the victims to https://electrum-4.github[.]io/ asking them to install an update of the electrum wallet.
In a separate tweet, it looks like one of Patrick Wardle’s tools can detect it.
Satechi Releases USB-C Multi-Port Adapter
Satechi announced on Thursday the launch of a USB-C multi-port dock. It has USB-C PD charging, HDMI and VGA display ports, USB-A data ports, SD card slots, and Gigabit Ethernet, with two detachable USB-C cables – perfect for on-the-go or docked at your desk. Compatible devices include: 2020/2019/2018/2017/2016 MacBook Pro, 2020/2018 MacBook Air, 2020/2018 iPad Pro, 2019/2017 iMac, iMac Pro, 2015/2016/2017 MacBook, Microsoft Surface Laptop 3/Surface Pro 7/Go, Google PixelBook Go, ChromeBook, Samsung Galaxy Tab Pro S, HP Spectre Convertible, Razer Blade, Huawei Matebook and more USB-C devices. It costs US$99.99 but with the code MULTIPORT20 you can get 20% off. Valid until March 15.
M1 Support Coming to Open Source Email Client ‘Thunderbird’
In the latest beta version of Thunderbird the company added a welcome surprise in the notes: Future support for Apple’s M1 Macs. These notes apply to Thunderbird version 87 beta 1 released February 26, 2021. What’s New: Native support for macOS devices built with Apple Silicon CPUs; New user interface for adding attachments; Clicking on an already-selected pill in the recipient list will now allow editing the address; Copying a large message to an IMAP server would sometimes prematurely display a time-out error; OpenPGP: Messages with a high compression ratio (over 10x) could not be decrypted; and other fixes and improvements.
NASA’s Perseverance Rover Runs on a Modified iMac G3 Processor
Apparently the Perseverance rover is running on a modified PowerPC 750 processor which was also used in the original iMac G3 from 1998.
Run Virtual Machines on M1 Macs With ‘UTM’
UTM is an app I recently discovered that lets you run virtual machines on M1 Macs. It uses Apple’s Hypervisor virtualization framework to run ARM64 operating systems on Apple Silicon at near native speeds. On Intel Macs, x86/x64 operating system can be virtualized. In addition, lower performance emulation is available to run x86/x64 on Apple Silicon as well as ARM64 on Intel. For developers and enthusiasts, there are dozens of other emulated processors as well including: ARM32, MIPS, PPC, and RISC-V. Under the hood of UTM is QEMU, a decades old, free and open source emulation software that is widely used and actively maintained. While QEMU is powerful, it can be difficult to set up and configure with its plethora of command line options and flags. UTM is designed to give users the flexibility of QEMU without the steep learning curve that comes with it. Mac App Store Link
CleanMyMac X Gets Redesign and M1 Mac Support
On Thursday MacPaw announced a redesign of its CleanMyMac X app as well as native support for Apple’s new M1 Macs.
Amazon’s Mac Cloud Supports macOS Big Sur on EC2
Amazon announced on Wednesday that customers of its Mac-in-the-cloud service can start running macOS Big Sur images on EC2 instances.
Firefox 86 Introduces ‘Total Cookie Protection’ Privacy Feature
Firefox 86, introduced recently by Mozilla, adds a new privacy feature called Total Cookie Protection.
Total Cookie Protection works by maintaining a separate “cookie jar” for each website you visit. Any time a website, or third-party content embedded in a website, deposits a cookie in your browser, that cookie is confined to the cookie jar assigned to that website, such that it is not allowed to be shared with any other website.
How to Find Out if Your Mac has ‘Silver Sparrow’ Malware
Right now we know that Malwarebytes can detect it, and other anti-malware vendors will likely be updated soon.
Mysterious ‘Silver Sparrow’ Malware Confuses Researchers
Over the weekend we got news of a mysterious piece of malware called Silver Sparrow. It has infected 30,000 machines so far and there is a version of it built for M1 Macs. But security researchers can’t figure out its purpose.
Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met.
The 2021 Apple Platform Security Guide is Here
Apple regularly shares security guides for each of its systems, and today it shared its 2021 Platform Security guide for all of its systems.
Chrome OS Passes macOS to Become Second Most Popular Desktop OS
New data shows that Chrome OS has overtaken macOS to become the second most popular desktop OS. Chrome OS rose from 6.4% in 2019 to 10.8% in 2020.
Despite the fact that macOS landed in third, viewing this as an example of Google beating out Apple directly might not be accurate. Rather, it’s likely that Chrome OS has been primarily pulling sales and market share away from Windows at the low end of the market. Mac market share actually grew from 6.7 percent in 2019 to 7.5 percent in 2020.
Safari Adware ‘GoSearch22’ Targets M1 Macs
Security researcher Patrick Wardle found a Safari adware extension called GoSearch22 has been rewritten to target M1 Macs.
The World of Apple Leaks and Measuring Apple's Success, with Ken Ray - ACM 543
Bryan Chaffin and Mac OS Ken (Ken Ray) discuss the really weird world of Apple leaks and rumors, including how to navigate them and how they try to cover them as journalists. They also talk about how to measure Apple’s success, or more specifically, how a lot of folks outside the Apple world seem to measure Apple’s success.
Apple Issues Security Update to Fix ‘Baron Samedit’ Sudo Bug
Apple has issued security updates for multiple version of macOS on Wednesday. Among other flaws, it fixes the sudo flaw known as Baron Samedit.
AirBuddy 2 - Connect AirPods to Your Mac with One Click: $8.99
We have a deal on AirBuddy 2, a Mac utility that lets you connect your AirPods to your Mac with a single click. With AirBuddy, you can also open your AirPods case next to your Mac and see the current status right away, just like it works on your iPhone or iPad. It’s $8.99 through our deal.
Homebrew M1 Support Announced in Version 3.0.0
Homebrew announced a new 3.0.0 of the package manager on Friday. Its most significant change adds support for M1 Macs.
Review: Satechi Slim X3 Bluetooth Backlit Keyboard
Satechi sent Andrew its Slim X3 Backlit Bluetooth Keyboard. He shares his thoughts on this product that launched in January.
Cloud Provider ‘Scaleway’ Launches Apple M1 SaaS in Europe
Cloud provider Scaleway announced the launch of a software-as-a-service offering based on Apple’s M1 chip.
Apple Releases macOS Big Sur 11.2, Fixing Bluetooth Reliability and Other Issues
Apple has released macOS Big Sur 11.2, and the latest version of the Mac operating system includes a number of bug fixes.
Apple has Released macOS Big Sur 11.2 RC 3 to Testers
Apple has released the third Release Candidate (RC) for macOS Big Sur 11.2 for developers and public beta testers.
Password Manager Bitwarden Adds Touch ID to Browser Extension
Password manager Bitwarden announced the addition of a couple of new features. One feature adds support for Touch ID and Windows Hello to its browser extensions.
Browser extensions will now be able to access this authentication inside the Desktop application. This allows a more streamlined integration with hardware that does not require a unique browser-level integration. Biometric authentication requires macOS users to download the Mac App Store version.
Buffer Overflow Bug Found in SUDO Dubbed ‘Baron Samedit’
Tracked as CVE-2021-3156, a heap overflow bug found in sudo and dubbed “Baron Samedit” has been found recently. It allows an unprivileged user to gain root privileges on a vulnerable machine using a default sudo configuration.
The vulnerability itself has been hiding in plain sight for nearly 10 years. It was introduced in July 2011 (commit 8255ed69) and affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1 in their default configuration.
2020-02-03: Looks like macOS is affected after all.