News+: How to Stay Safe and Secure Online

· · Link

In the latest issue of Mac Format magazine, Adam Banks writes a guide on how to stay safe online. This is a PDF version and on page 66.

Using a Mac makes you safer than average when going online. That’s partly because of Apple’s efforts to secure the operating system; partly because the Mac App Store gives you somewhere to get most of your third-party software safely. It’s also partly because bad actors – in the security industry sense, not the Hollyoaks sense – tend to be less interested in targeting macOS. But that doesn’t mean either you or your Mac can’t get fooled. Know your way around the common risks and basic protections to keep yourself out of harm’s way.

This is part of Andrew’s News+ series, where he shares a magazine every Friday to help people discover good content in Apple News+.

Bypassing macOS Security With Synthetic Clicks

· · Link

Security researcher Patrick Wardle found he can bypass macOS security by using synthetic clicks built with AppleScript.

Typically apps are signed with a digital certificate to prove that the app is genuine and hasn’t been tampered with. If the app has been modified to include malware, the certificate usually flags an error and the operating system won’t run the app. But a bug in Apple’s code meant that that macOS was only checking if a certificate exists and wasn’t properly verifying the authenticity of the whitelisted app.

Mr. Wardle refers to this as a “second stage” attack, because the hacker or malware needs access to your Mac to exploit this bug.

EVE Online Makes it Easier for Mac Gamers Running Wine

· · Link

EVE Online is an MMO where gamers can build and pilot spaceships and explore the universe. Today the company will start using direct upstream Wine versions for its Mac client.

On rollout, Mac users will no longer need to run a wrapper to execute a 32-bit client on their native 64-bit operating systems, which will allow the EVE client to make better use of system resources and resolve a number of long standing issues that pilots who are playing on Mac experience.

Using upstream Wine will also improve the speed at which updates will reach our pilots who’re playing on Mac, with a multitude of Mac compatibility improvements becoming available to all Mac users with this single release.

 

Will Marzipan Apps Be Locked to the Mac App Store?

· · Link

Dave Mark brought up a good question regarding Jason Snell’s article, which is about how the Mac won’t be locked down like iOS with the introduction of Marzipan apps.

Will I be able to download a Marzipan app from a developer’s site and just run it on my Mac? Or will Marzipan restrict apps to the Mac App Store?

I have a feeling they will be restricted to the MAS. If Mark Gurman is right, Apple plans to merge iPhone, iPad, and Mac apps into a single download. After that, the two App Stores could be merged. Locking Marzipan apps would be the logical first step down that road.

Bloomberg WWDC Leak Highlights: Updated Maps, Health, Apple Watch Audio Books, Reminders, More

· · Link

The Apple Crystal Ball

Bloomberg’s Mark Gurman got the goods on Apple’s WWDC software plans. Highlights include several improvements to Maps that I’m looking forward to. Apple is also improving the Health app, Reminders, adding audio book support to Apple Watch, a standalone app for the Apple Watch App Store on the watch itself, new Watch complications and faces, improved share sheet in iOS, combined Find my Friends and Find My iPhone, improved iMessage, an updated Books app with a reward system, and much more. There’s a ton of information in this piece, and it’s a good read.

This Concept Video Reimagines the macOS Desktop

· · Cool Stuff Found

German video editor Thomas Weinreich created a concept video that gets rid of the desktop metaphor on macOS. Replacing it is a user interface similar to what we get with the iPad. Windowed apps are replaced by full screen apps that can be displayed into multi-window Split Views. Like Ben Lovejoy said,  it seems like maybe it could be similar to what Apple is thinking of. However, I personally don’t believe the rumors of a macOS/iOS hybrid. Additionally, this concept paradigm doesn’t make sense on Macs that don’t have touchscreens. The macOS desktop metaphor might be aged, but I think it makes sense for devices that use a mouse or trackpad. What do you think?

Apple Security Tool Unveiled at RSA Conference 2019

· · Link

The RSA Conference is a series of computer security conferences. This year, security researcher Patrick Wardle announced a new tool for Macs called GamePlan.

…GamePlan, a tool that watches for potentially suspicious events on Macs and flags them for humans to investigate. The general concept sounds similar to other defense platforms, and it hooks into detection mechanisms—has a USB stick been inserted into a machine? has someone generated a screen capture? is a program accessing a webcam?—Apple already offers in macOS. But GamePlan, cleverly written with Apple’s GameplayKit framework, collects all of this data in a centralized stream and uses the videogame logic engine to process it.

I use a couple of Mr. Wardle’s security tools. I look forward to downloading GamePlan.