Vulnerability in Safari Allowed Unauthorized Websites to Access iOS and macOS Webcams →

April 3, 2020 · 23:55

Ryan Pickren:

This vulnerability allowed malicious websites to masquerade as trusted websites when viewed on Desktop Safari (like on Mac computers) or Mobile Safari (like on iPhones or iPads).

Hackers could then use their fraudulent identity to invade users’ privacy. This worked because Apple lets users permanently save their security settings on a per-website basis.

If the malicious website wanted camera access, all it had to do was masquerade as a trusted video-conferencing website such as Skype or Zoom […]

[…] Apple considered this exploit to fall into the “Network Attack without User Interaction: Zero-Click Unauthorized Access to Sensitive Data” category and awarded me $75,000.

My Photography (78) — Paneláks, Wałbrzych, Poland, 2003

April 2, 2020 · 13:04

Now that I’m looking through all of my older DSLR photos, I can see how much work I put into experimenting with long exposures at various times of day — something which I avoided doing on film (I was too impatient to wait for the film to be developed and it wasn’t exactly cheap back then either, to just throw away 24 or 36 shots on a simple cityscape).

This shot above was taken in Wałbrzych, in southwestern Poland, presenting the wonderful architecture of paneláks1 (a word which I just learned today) and that white monstrosity, called a church by some.

Shot with Canon 300D + EF-S 18-55 mm f/3.5-5.6: 18mm, f/3.5, 5s, ISO 100.

  1. In Poland, they are called “bloki” (blocks) or “wielka płyta” (the great panel).

How Rob Lost Control of His Bank Accounts to a Phone Scammer →

April 1, 2020 · 14:32

Rob Griffiths, on Robservatory:

Yesterday, instead of having a productive afternoon at home, I had the privilege of sitting at the bank for a couple of hours, resolving a problem completely of my own doing: I fell for a phone scammer. My wife and I had to close our accounts—which were in excess of 25 years old—and set up new ones. I then spent hours updating our various bill paying services, Quicken account access, etc.

Do yourself a favor, and don’t be me. I never thought I’d be “that guy” either, as I keep current on scams, look for signs of fishiness on phone calls, etc. Still, they got me, and it was painful—not necessarily in terms of financial loss (we’re out $500 for maybe 60 to 90 days while they investigate), but in terms of time: Time to fix what I did, and even more time spent beating myself up over my stupidity.

I have a strict rule — I do not give out any personal data or passwords to anyone, especially over the phone, even if I know it’s the bank calling me. I will either ask to call them back, to make sure I’m dialling the correct number, or I’ll go down to their branch personally.

Luckily Rob should pull through this one fine — he’s out some $500, which he’ll probably get back. It could have been much worse.

My Photography (77) — University of Wrocław, Wrocław, Poland, 2003

April 1, 2020 · 14:24

This was one of my first proper long exposure shots ever. A DSLR made this so much easier, especially since small exposure corrections were so easy to do, at practically no cost — all I needed was some more space on my CF card. I was so proud of this photo at the time, that I actually went to a lab and had it transferred onto a slide. I later presented it to our local photography group and they couldn’t believe it was a digital photo. And it has only 6 MP at that, from a JPG (I hadn’t yet switch to RAW at this time)!

Shot with Canon 300D + EF-S 18-55 mm f/3.5-5.6: 21mm, f/8, 5s, ISO 100.

These Aren’t the Star Wars Editions You Are Looking For →

April 1, 2020 · 09:06

Drew Stewart, for Wired:

Nearly eight years ago, Disney gave George Lucas $4 billion for what is arguably the biggest film franchise in the world. Since then, Disney has released an additional five Star Wars films, raking in almost $6 billion worldwide at the box office. In those intervening years, the Mouse House also launched its own streaming service, Disney+, which now offers fans new 4K restorations of the original Star Wars trilogy and its prequels. Having those films all in one place, a place where the new films will also one day live, is a huge selling point for the streaming service—but it could be so much more massive […]

These aren’t the versions that were nominated for 17 Academy Awards, including Best Picture. These movies didn’t change the world. They’re not the phenomena that upended the way movies were made from that moment on. Moreover, these aren’t the movies that fans want to see. Look at the comments on any article about the aforementioned Skywalker box set. Half of them are people asking if they’re going to include the theatrical cuts, and the other half are people saying how they’re not going to buy the sets because they already downloaded a fan restoration of those original movies.

Amazing comparison of all the changed and added scenes in the Original Trilogy, including an explanation of how and why they came to be.

I recently rewatched all the Star Wars movies, including Harmy’s Despecialized Editions, and Episodes IV, V, and VI are just so much better without the subsequent changes. If you’re a fan of Star Wars, search the internets for them — they’re a must-see.

Dark Sky Acquired by Apple →

March 31, 2020 · 23:26

Adam Grossman:

Today we have some important and exciting news to share: Dark Sky has joined Apple.

Our goal has always been to provide the world with the best weather information possible, to help as many people as we can stay dry and safe, and to do so in a way that respects your privacy.

There is no better place to accomplish these goals than at Apple. We’re thrilled to have the opportunity to reach far more people, with far more impact, than we ever could alone.

The iOS apps will remain without change, Android and Wear OS are being shut down by July, and the API isn’t accepting new sign-ups but will continue to function without change through the end of 2021.

My Photography (76) — Leo, Wrocław, Poland, 2003

March 31, 2020 · 11:23

I bought my first DSLR in 2003 — the Canon 300D with its EF-S 18-55 mm f/3.5-5.6 kit lens — and was amazed at the quality of the shots it took. This was one of the first reasonably priced (or so I tell myself) DSLRs and it had a huge 6 MP sensor (3072×2048 px). Despite all of this, the photos themselves hold up surprisingly well today — the shot above is a JPG straight from the camera, slightly sharpened due to it being resized and compressed for the web.

The model was Leo, my beloved Chow-Chow, who passed at the age of 16, many years ago now. I still miss him.

Shot with Canon 300D + EF-S 18-55 mm f/3.5-5.6: 42mm, f/5, 1/50 s, ISO 100.

My Photography (75) — Elephants Butts, Udawalawe National Park, Sri Lanka, 2020

February 27, 2020 · 10:42

Udawalawe National Park in southern Sri Lanka is home to 500-600 elephants. We were lucky enough to see three newborns and around 30 different ones in total. These older females, as seen above, were leading a herd of around eight or ten elephants, including two newborns. It was a sight to behold!

Shot with Sony A7R II + Zeiss ZF 100 mm f/2 Makro-Planer T*: f/5.6, 1/200 s, ISO 100.

John Gruber on ARM Macs →

February 13, 2020 · 06:00

John Gruber, on Daring Fireball:

[…] The ARM revolution for notebook PCs is coming, whether Apple is ready or not.

(I think they’re ready.)

We all know John likes to slyly pass on insider tidbits from time to time. Is this one of those? Are ARM Macs coming this year, or do we still have a way to go? Either way, I’m really curious how an A-series chip will perform in a larger form factor, without all the thermal and power constraints of an iPad or iPhone.

15 Million Steps in Pedometer++

February 7, 2020 · 12:38

I have been using Pedometer++ since it’s debut on the iPhone 5S. I don’t think I’ve ever had it lose any significant amount of data and since every new iPhone was restored from a backup of an older model, it’s count should be pretty accurate. I continue to use it today, on both my iPhone 11 Pro and Apple Watch Series 4. The counter recently displayed 15 million steps.

It took me a little over 6 years and now, dear Underscore David Smith, I need a new goal.

Wacom Drawing Tablets Track the Name of Every Application That You Open →

February 6, 2020 · 07:54

Robert Heaton:

I suspect that Wacom doesn’t really think that it’s acceptable to record the name of every application I open on my personal laptop. I suspect that this is why their privacy policy doesn’t really admit that this is what that they do. I imagine that if pressed they would argue that the name of every application I open on my personal laptop falls into one of their broad buckets like “aggregate data” or “technical session information”, although it’s not immediately obvious to me which bucket […]

Wacom’s privacy policy does say that they only want this data for product development purposes, and on this point I do actually believe them. This might be naive, since who knows what goes on behind the scenes when large troves of data are involved. Either way, while I do understand that product developers like to have usage data in order to monitor and improve their offerings, this doesn’t give them the right to take it.

Sad and unacceptable.

Reorg Puts Panos Panay in Charge of Windows →

February 6, 2020 · 02:07

Mehedi Hassan:

What is more interesting, however, is rumours that Panos Panay was reportedly looking for a new role — either inside, or outside of Microsoft. Apparently, Panay considered a leave of absence from Microsoft and might have even considered joining Apple. Mary Jo Foley was unable to confirm this with more sources, so the credibility of this remains uncertain.

I hope Microsoft deviates from the route they have taken (similarly to what Apple is doing) and refrains from charging exorbitant prices for RAM and SSD upgrades. If not then they should at least be industry standard off-the-shelf parts, so users can upgrade them themselves. This is one of the aspects of Apple’s hardware I loathe — I don’t like to feel screwed.

My 2020 Hackintosh Hardware Spec — Core i9-9900K & Aorus Master Z390 on OpenCore

January 28, 2020 · 10:03

I built my last hackintosh in 2014 and it was overdue for an update. Since Apple recently updated their iMac with Core i9s and skipped the T2, this is probably the last time I’m building this sort of computer, before MacOS is locked down forever. Unfortunately, nothing in their lineup fits my needs, hence I chose to go down the hackintosh route once again.

Continue reading →

MacOS 10.15 Catalina Bug: LG 5K Display Resets to Maximum Brightness Every Reboot →

January 23, 2020 · 02:18

John Gruber on Daring Fireball:

A DF reader — also a professional photographer — wrote to me about this bug last week. He (the DF reader) was using a $6,000 new 16-inch MacBook Pro. I say _was_, past tense, because after a few days he returned it because this brightness issue was no small thing for him, because he sets his display brightness _precisely_ using a display calibrator. Doing this several times per day every day quickly drove him mad.

Is this the worst bug in the world? Not even close. It’s a paper-cut bug. No data loss, no crash, not something sort of thing where something doesn’t even work — just an annoyance. But no one wants to use a tool that gives you half dozen paper cuts every day. And MacOS 10.15 is chockablock with paper-cut bugs. And it’s not like the LG 5K Display is some obscure unsupported display — it’s the one and only external 5K display sold by Apple itself.

I finally made up my mind today to update to Catalina. I have since backtracked and will continue waiting for them to fix all the bugs, so maybe I’ll reconsider an upgrade in another 3 months or so.

Apple Dropped Plan for Encrypting iCloud Backups →

January 21, 2020 · 15:11

Joseph Menn, reporting for Reuters:

More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee.

Under that plan, primarily designed to thwart hackers, Apple would no longer have a key to unlock the encrypted data, meaning it would not be able to turn material over to authorities in a readable form even under court order.

In private talks with Apple soon after, representatives of the FBI’s cyber crime agents and its operational technology division objected to the plan, arguing it would deny them the most effective means for gaining evidence against iPhone-using suspects, the government sources said.

When Apple spoke privately to the FBI about its work on phone security the following year, the end-to-end encryption plan had been dropped, according to the six sources. Reuters could not determine why exactly Apple dropped the plan.

“Legal killed it, for reasons you can imagine,” another former Apple employee said he was told, without any specific mention of why the plan was dropped or if the FBI was a factor in the decision.

That person told Reuters the company did not want to risk being attacked by public officials for protecting criminals, sued for moving previously accessible data out of reach of government agencies or used as an excuse for new legislation against encryption.

If this is true, then Apple’s pro-privacy campaign is only true if you refrain from using iCloud. Unfortunately, iCloud Backup is the only automatic backup system supported by iOS, although you can go back to making local and secure iTunes backups instead. We of course have no real clue whether our particular backups were accessed or not, but I assume nobody is searching people’s data who stay away from legal trouble.

That said, Apple should definitely introduce end-to-end encryption for iCloud backups, or educate its users about the dangers of using iCloud Backup at the very least.

The Apple Archive by Sam Henri Gold →

January 17, 2020 · 09:35

Sam Henri Gold created The Apple Archive and it contains the most amazing collection of videos, photos, PDFs, screenshots, and other memorabilia, published since Apple’s conception. Make sure to go check it out (click the title of this post to get there) and if you like what you see, you can help Sam keep the lights on by donating some money — it costs him around 456 USD per year to keep the site running.

Marco Arment: Making the Case for Low Power Mode for Mac Laptops Again →

January 14, 2020 · 12:45

Marco Arment:

When Turbo Boost is enabled, the fans annoyingly spin up every time the system is under a heavy sustained load. Disable it, and it’s almost impossible to get them to be audible.

Marco is testing this on a 16-inch MacBook Pro with a Core i9 CPU. I have been using a Core i7 extensively for two weeks and have found that it takes longer to spin up that some of the i9s that I’ve heard of. As an example, after fully loading the CPU and GPU with a longer (30 minute), intensive task, it took 30-40 seconds before that fans spun up past 3000 rpm (that’s around the time they start to be irritating) and got up to 4800 rpm after 90 seconds (that’s around the region I cannot tolerate them any more). The case itself doesn’t seem to heat up as much as in the i9 too. So basically, for short bursts of power, lasting up to 30 seconds, the i7 doesn’t seem to spin up the fans noticeably.

Either way, I have been using Turbo Boost Switcher Pro for years and can heartily recommend it. An Apple-sanctioned Low Power Mode would be even better.

The Witcher — Interactive Map of the Continent →

January 13, 2020 · 14:53

Netflix released a wonderful interactive map and timeline of events from The Witcher. You can choose a specific point in history at the bottom of the screen (scrolling works on mobile devices too) and a small pop-up will give a short summary of what transpired in that specific point in time. If you click the pop-up itself, you’ll get a sidebar with even more information. There’s a lot of reading in there, so have fun!

My Photography (73) — Il Duomo, Firenze, Italy, 2019

January 10, 2020 · 15:40

The view from Palazzo Vechhio is truly stunning. It is unfortunately closed on rainy days but well worth standing in line and then walking up all those steps. Another great vantage point is Piazzale Michelangelo on the other side of the river.

Shot with Sony A7R II + Zeiss ZF 100 mm f/2 Makro-Planer T*: f/8, 1/250 s, ISO 100.

Netflix’s ‘The Witcher’ Dethroned ‘The Mandalorian’ as the Biggest TV Series in the World — Just Make Sure You Read The Books Too →

January 3, 2020 · 14:13

Travis Clark:

“The Witcher,“ based on the fantasy novel series by the Polish author Andrzej Sapkowski, is the most in-demand TV series in the world across all platforms, according to the data company Parrot Analytics. The company’s ranking is based on “demand expressions,“ its globally standardized TV measurement unit to reflect the desire, engagement, and viewership of a series, weighted by importance.

If you think the TV show is good, you have to read the books — they’re actually much (much!) better. Please note that some of the stories and threads from the books have been altered for the TV show — the originals not only make more sense, but the characters (Yennefer and Ciri especially) are better developed.

MacOS Catalina System Issues — I’m Not Upgrading Anytime Soon →

December 23, 2019 · 23:28

This round-up by Michael J. Tsai shows what a cluster fuck Catalina was and continues to be. I was going to update over Christmas but I’m probably going to hold out until March or longer — at this point in time there is zero benefit for me to upgrade and a lot of incentive not to (I still run a few 32-bit apps with no replacements). I’m also terrified of the new Music app replacing iTunes.

I Switched to ExpressVPN →

December 23, 2019 · 18:46

So after the recent acquisition of Private Internet Access, which I used for these past few years, I decided to switch providers. After weeks of wondering which one to choose, I settled on ExpressVPN — it seems to have the best balance of features that suit my needs.

I am not endorsing ExpressVPN at this point — it’s much too early for that — but they seem to be a solid company with proper care for our privacy. If you’d like to try them out, and use this link, you’ll get 30 days free.

Study Claims Features Like Night Shift and Dark Mode Might Actually Be Worse for Your Sleep →

December 18, 2019 · 22:34

Chance Miller:

Several years ago, Apple introduced its adaptive color temperature feature “Night Shift,” while iOS 13 includes system-wide Dark Mode.

These features are designed to change the temperature and color of your display based on what time of day it is. New research suggests, however, that features designed to reduce blue light before bedtime might not be as effective as initially thought.

I never accepted what F.lux did on Mac before Night Shift was conceived and I haven’t used the latter since it was introduced. I also have no trouble falling asleep, even while holding my iPad and reading. I do like Dark Mode though — it’s so much easier on the eyes.