10 Features in macOS Catalina You Need to Know

· · Cool Stuff Found

MacMost has a good video on YouTube where he shares 10 macOS Catalina features. They’re smaller features that don’t get the same attention or shoutout by Apple, but they’re good to know. The first one he mentions is a feature that I noticed but was annoyed about. When you hover or long-click the green fullscreen button in Safari, it now brings up a menu window to enter full screen or tile the window to the left or right. While it makes this capability more obvious it also adds an extra step, when just dragging the window by the green button was faster. In any case the video is pretty helpful and you can watch it here.

iMessage and Safari Make iPhones Less Secure

· · Link

Andy Greenberg writes about security problems in iMessage and Safari, saying that these products make iPhone less secure.

“If you want to compromise an iPhone, these are the best ways to do it,” says independent security researcher Linus Henze of the two apps…He and other iOS researchers argue that when it comes to the security of both iMessage and WebKit—the browser engine that serves as the foundation not just of Safari but all iOS browsers—iOS suffers from Apple’s preference for its own code above that of other companies.

Apple is in a tough position. If a company isn’t great at security, they could get a third-party to audit its software. But that would create a huge target.

Google Privacy Sandbox Probably Won't Protect Your Privacy

· · Link

Advertising company Google wants to build a “Google privacy sandbox” as a way to improve personalized ads while attempting to remove the “personalized” part.

The goal of these proposals is to promote a dialog on ways browsers could advance user privacy, while still ensuring publishers can earn what they need to fund great content and user experiences, and advertisers can deliver relevant ads to the right people and measure their impact.

Or, if you want to support websites with ads while also protecting your privacy, stick to Safari.

News+: How to Stay Safe and Secure Online

· · Link

In the latest issue of Mac Format magazine, Adam Banks writes a guide on how to stay safe online. This is a PDF version and on page 66.

Using a Mac makes you safer than average when going online. That’s partly because of Apple’s efforts to secure the operating system; partly because the Mac App Store gives you somewhere to get most of your third-party software safely. It’s also partly because bad actors – in the security industry sense, not the Hollyoaks sense – tend to be less interested in targeting macOS. But that doesn’t mean either you or your Mac can’t get fooled. Know your way around the common risks and basic protections to keep yourself out of harm’s way.

This is part of Andrew’s News+ series, where he shares a magazine every Friday to help people discover good content in Apple News+.

AdGuard 3 Brings DNS Privacy, 250,000 Filter Rules, Premium Features

· · Cool Stuff Found

AdGuard is a content blocker for iOS that lets people block trackers and ads in Safari. Its AdGuard Pro app eventually got pulled from the App Store because of new VPN rules. AdGuard 3 brings some of those Pro features to the regular app, and some of them are locked behind a premium subscription. But Pro users can get a free 6-month license key. AdGuard 3 fixes a key issue with Safari. Safari’s maximum limit for content blockers is 50,000 rules. AdGuard now works around this by combining five blocks into one, each separately enabled in Settings and each with 50,000 rules. It also supports DNS-over-TLS and DNS-over-HTTPS. You can read more in the blog post. App Store: Free (Offers In-App Purchases)

AdGuard 3 Brings DNS Privacy, 250,000 Filter Rules, Premium Features

Apple Thwarts Sensor Fingerprinting With iOS 12.2

· · Link

A study called “SensorID: Sensor Calibration Fingerprinting for Smartphones” examined sensor fingerprinting techniques against smartphones. It found that Micro Electro Mechanical Systems (MEMS) are inaccurate in small ways that make them unique. But Apple thwarted this technique in iOS 12.2 and used the researchers’ suggestion to add random noise to the analog-to-digital converter output and removing default access to motion sensors in Safari.

We demonstrate that our approach is very likely to produce globally unique fingerprints for iOS devices, with an estimated 67 bits of entropy in the fingerprint for iPhone 6S devices. In addition, we find that the accelerometer of Google Pixel 2 and Pixel 3 devices can also be fingerprinted by our approach.

Why Does Apple Allow Pervasive App Tracking?

· · Link

In the future, I hope Apple puts restrictions on the kind of app tracking developers use. We already have Safari’s Intelligent Tracking Prevention. I’d like to see that for the App Store.

SDKs present a solution to Apple’s pesky tracking restriction for advertisers. They can connect who you are between apps, provided the developer of each app uses the same SDK and the advertiser is able to use signals to figure out who you are. If we look at the top 200 apps on the iOS App Store, it’s interesting to see how broad the reach of most SDKs actually is.

With Safari 12.1 You Can No Longer Disable Click Tracking

· · Link

Click tracking, a.k.a. hyperlink auditing, is an HTML standard that can be used to track clicks on web sites. Previous versions of Safari used to let you disable this, but Safari 12.1 changes that.

Despite several months notice from me, Apple shipped Safari 12.1 last week to the public with no way to disable hyperlink auditing. I hope to raise awareness about this issue, with the ultimate goal of getting hyperlink auditing disabled by default in Safari. Apple claims that Safari is supposed to protect your privacy and prevent cross-site tracking, but hyperlink auditing is a wide open door to cross-site tracking that still exists.