Repair File Sharing After Security Update 2017-001 for macOS High Sierra 10.13.1

November 30, 2017 · 06:13

Apple pushed a security update for the huge High Sierra vulnerability yesterday, introducing a bug while they were at it. You should install the update as soon as possible and then do this, if File Sharing isn’t working:

Open the Terminal app, which is in the Utilities folder of your Applications folder.

  1. Type sudo /usr/libexec/configureLocalKDC and press Return.
  2. Enter your administrator password and press Return.
  3. Quit the Terminal app.

John Gruber summarized the problem, which seems to have been around for a few months now:

So the exploit was floating around, under the radar, for weeks at least, but it seems as though no widespread harm came of it.

Personally, I’d call this much too optimistic — people could have been hacked without them even realizing it.


macOS High Sierra Has a Huge Vulnerability — Change Your Root Password ASAP

November 29, 2017 · 10:47

Lemi Orhan Erhin disclosed a huge vulnerability in macOS High Sierra yesterday, allowing anyone to log onto a Mac with root access.

Please follow the instructions here to enable the root account and set its password to something complicated1, which you should safely save in 1Password (or whatever password manager you’re using).

  1. Please don’t use password or 123456.

Serenity Locked Locked Herself Out of Her Smart Home →

November 29, 2017 · 08:50

Serenity Caldwell:

In my bleary-eyed early-morning state, I grabbed my car keys from their front ring and went outside to grab the package, closing the door behind me and thinking nothing of it. I didn’t have my phone, Apple Watch, or even a sweater.

When I brought the package back up and attempted the door, that’s when the realization set in. My fancy smart lock had automatically locked said door behind me — and I didn’t have a key on my car ring or smart device to help me out.

The rest of the story is priceless — must read!


The Surface BEAST →

November 28, 2017 · 11:43

Blair Bunting:

For me the Surface Book 2 was the MacBook Pro that we had all wanted/expected from Apple, it just wears a different logo. While other reviews will read off the spec sheets and talk about the 17 hour battery life and GX yadda yadda yadda processor, they sometimes forget that we (the creative professionals) use these as tools. What Microsoft has done with the Surface Book 2 is make a system void of gimmicks, because gimmicks don’t hold up in the working world. Our jobs will not benefit from being able to tap an emoji on a scroll bar, they will benefit from the ability to get work done. As a photographer, it feels extremely odd to say this, but I sincerely feel that the Surface Book 2 is not only a strong contender for the laptop to own, but actually the clear cut choice of the computer to have on set.

I am so tempted by the Surface Book, just to use it with Lightroom. Switching out my MacBook Pro would however completely kill my workflow. And I definitely couldn’t live with it for writing — Windows is still missing crucial software and keyboard shortcuts. This doesn’t change the fact that the Surface Book is much more attractive than the MacBook at this point, while the iPad Pro is still lacking in software.


Make The Touch Bar Optional →

November 28, 2017 · 11:30

Jason Snell makes some valid points:

In any event, Steven Aquino’s piece makes it clear that nobody should make blanket statements about the Touch Bar succeeding or failing. But where does it go from here? Does it get better, so more people embrace it? Does it become an option, rather than a mandatory feature? Does it fade away? Only Apple knows.

Make the Touch Bar optional, then everyone can order the one they want.

Personally, I will not buy a Touch Bar MacBook anymore — I already had one (two technically) and I breathed a sigh of relief after returning it.


Hacker Decrypts Apple’s Secure Enclave Processor Firmware →

November 28, 2017 · 09:03

iClarified:

Hacker xerub has posted the decryption key for Apple’s Secure Enclave Processor (SEP) firmware.

The security coprocessor was introduced alongside the iPhone 5s and Touch ID. It performs secure services for the rest of the SOC and prevents the main processor from getting direct access to sensitive data. It runs its own operating system (SEPOS) which includes a kernel, drivers, services, and applications […]

Decryption of the SEP Firmware will make it easier for hackers and security researchers to comb through the SEP for vulnerabilities.


Black Friday App Store Deals [24/11/2017]

November 24, 2017 · 14:31

Many more apps have gone on sale today, appending the ones I posted yesterday.


Black Friday App Store Deals [23/11/2017]

November 23, 2017 · 14:54

I know what I’m getting. Do you?

  • 2Do – Mac
    $49.99 → $24.99 | €54.99 → €27.99 | 239.99 PLN → 119.99 PLN

 


Gutenberg 1.7.0 Editor for WordPress — First Look →

November 20, 2017 · 06:40

Angelika Borucka:

WordPress 5.0 will soon be a thing and it might feature a brand new content editor, that will take place of the good old TinyMCE—Gutenberg. It’s still in development and the first digit in the version number doesn’t mean it actually left the beta stage.

I got curious, so I’ve installed the beta plugin from WordPress repository to check it here. Let’s see!

This is actually pretty cool and I’d wish they hurry and ship it, bug free hopefully.


Apple’s Statement on the HomePod’s Delay →

November 18, 2017 · 11:49

“We can’t wait for people to experience HomePod, Apple’s breakthrough wireless speaker for the home, but we need a little more time before it’s ready for our customers. We’ll start shipping in the US, UK and Australia in early 2018.”

Kudos to Apple for not releasing the HomePod in beta, but having said that, this is their second delay in recent history. The AirPods did turn out to be fantastic however, so I’m sure they’ll figure this one out. What worries me more is that Siri is not progressing as fast as she should be and the competition is already on their second gen devices. Not something they can’t recover from, but with this device debuting in only three countries, it sounds as if it’s Apple’s new hobby.


Amazon Key’s Camera Can Be Disabled by a Third Party →

November 18, 2017 · 11:38

Thuy Ong, writing for The Verge:

Now security researchers have found that the camera can be disabled and frozen from a program run from any computer within Wi-Fi range, reports Wired. That means a customer watching a delivery will only see a closed door, even if someone opens the door and goes inside — a vulnerability that may allow rogue couriers to rob customers’ homes.

This is exactly why I wouldn’t want to sign up for Amazon Key. While I understand that Amazon will try to make everything as secure as possible, everything can be hacked.

Amazon’s team clarified how they verify their drivers:

Every delivery driver passes a comprehensive background check that is verified by Amazon before they can make in-home deliveries, every delivery is connected to a specific driver, and before we unlock the door for a delivery, Amazon verifies that the correct driver is at the right address, at the intended time.

We have had multiple examples of insufficient background checks in law enforcement circles over the past few years and I seriously doubt Amazon can do better. Someone will always slip through the cracks. And that’s just the people behind the whole operation — the system can still be hacked.


Amazon Key →

November 18, 2017 · 11:29

From Amazon’s press release:

Amazon Key allows customers to have their packages securely delivered inside their home without having to be there. Using the Amazon Key app, customers stay in control and can track their delivery with real-time notifications, watch the delivery happening live or review a video of the delivery after it is complete.

No. Way. Why would anyone want to compromise the sanctity of their own home?1

  1. I wrote this short comment a day after the press release went up, but didn’t post it — I felt it wasn’t relevant to Europe. I changed my mind because of recent developments.

Microsoft Could Fix The Surface Book 2 By Slowing The Machine Down →

November 16, 2017 · 16:19

Tom Warren, writing for The Verge:

One issue I did run into with the Surface Book 2 is the power supply. Microsoft has only supplied a 102-watt charger with a machine that has an Nvidia GTX 1060 inside. Most similar laptops are gaming ones that have 150-watt or even 200-watt power supplies. There are two batteries inside the Surface Book 2, one in the base and one in the tablet portion (screen) itself. The base battery discharges too quickly with the supplied charger, meaning the Nvidia card (located in the base) will disconnect in the middle of a long gaming session at maximum performance even if you’re plugged in.

Microsoft is currently investigating this issue, and believes I have a faulty power supply. The company says the “Surface Book 2 is designed to supply enough power to maintain and charge, even under heavy load (including gaming).” I didn’t notice the discharge with apps that rely on the GPU, but most productivity apps simply use graphics power in short bursts rather than long periods like in games. I suspect the 102-watt charger isn’t enough for full performance gaming sessions, which will disappoint many who were hoping to use this as a gaming laptop alongside work tasks. I’ll update this review if the replacement charger makes a difference.

I have also tested with an old 65-watt Surface Book charger and the base still drains too quickly during gaming. I’ve also tested with a Surface Dock, rated at around 90 watts, and this still doesn’t hold the base charge to keep up while gaming. In all scenarios I also tested with the recommended “best battery life” setting, but the base still failed to charge properly during heavy gaming loads. If a replacement charger doesn’t work, Microsoft could potentially fix this in software by reducing the GTX 1060 clock speeds further and slowing the machine down.

Or… you know… they could just supply a more powerful charger.


Users Report Battery Drain With YouTube App on iOS 11 →

November 13, 2017 · 22:20

Benjamin Mayo:

There are many reports to the YouTube customer support account on Twitter complaining about battery drain when running the app on iOS 11. The company is apparently ‘actively working to fix this’.

The YouTube app appears to have some bugs on iOS 11, affecting all iPhones and iPads, causing the devices to run very warm when watching videos.

This is happening on my iPad Pro 10.5”, but it doesn’t get warm at all — the battery drain is through the roof though. Using YouTube through Safari solves this problem though.


The Case for RSS →

November 12, 2017 · 13:55

David Sparks:

If you are thinking about using RSS, I have a little advice. Be wary feed inflation. RSS is so easy to implement that it’s a slippery slope between having RSS feeds for just a few websites and instead of having RSS feeds for hundreds of websites. If you’re not careful, every time you open your RSS reader, there will be 1,000 unread articles waiting for you, which completely defeats the purpose of using RSS. The trick to using RSS is to be brutal with your subscriptions. I think the key is looking for websites with high signal and low noise. Sites that publish one or two articles a day (or even one to two articles a week) but make them good articles are much more valuable and RSS feed than sites that published 30 articles a day.

This is precisely why I have three categories of RSS feeds in Feedly: Must Read, Important, and Casual. Your mileage may vary, but this system works for me — I always have just the right amount of reading to catch up on and more available, should I need it and have the time to go through it.


Modern Tech Product Reviews Are Flawed →

November 12, 2017 · 11:51

Thom Holwerda, on OSNews:

Nobody forced The Verge or whomever else to publish a review within 24 hours. The initial embargo rush is important for the bottom-line, I get that, but it still feels rather suspicious. What can you really learn about a product in just 24 hours? Can you really declare something “the best damn product Apple ever made” after using it for less than a day? At what point does writing most of the review in advance before you even receive the product in the first place, peppering it with a few paragraphs inspired by the 24 hours, cross into utter dishonesty?

I usually write my initial impressions within a day or two, but my full reviews are after at least two weeks of using a device, otherwise I never label them as such and make it abundantly clear for how long I used a device.

Seeing “hands-on reviews” after 5 minutes with an iPhone angers me to no end. This “trend” seems to get worse and worse every year. Ultimately it’s the readers job to point this out to the author, which is pretty easy today, with all the Twitters and internets at our disposal.


Apple Financial Results — FY Q4 2017 →

November 3, 2017 · 10:02

Apple PR:

Apple today announced financial results for its fiscal 2017 fourth quarter ended September 30, 2017. The Company posted quarterly revenue of $52.6 billion, an increase of 12 percent from the year-ago quarter, and quarterly earnings per diluted share of $2.07, up 24 percent. International sales accounted for 62 percent of the quarter’s revenue.

Apple sold:

  • 46.7 million iPhones (45.5 million in FY Q4 2016)
  • 10.3 million iPads (9.2 million in FY Q4 2016)
  • 5.4 million Macs (4.8 million in FY Q4 2016)