Tag - Gatekeeper
Starting with macOS Sierra, Apple is making it more difficult for unsigned apps to be launched. The option, present in OS X 10.11 to always allow unsigned apps to open has been stricken from Gatekeeper, limiting users by default to App Store and App Store plus identified developers. The ability by users to launch unsigned apps remains in the operating system in a different form, however.
Security firm Synack and the researcher who originally uncovered a serious (albeit largely unexploited) security flaw in Apple's protective Gatekeeper technology has revealed that the patch issued by Apple doesn't completely fix the problem, and that Macs are still vulnerable to "man-in-the-middle" type attacks until the company provides a full patch as it promised it would. Director of Research for Synack, Patrick Wardle, will demonstrate at a security conference how Mac users are still potentially vulnerable.
A security researcher planning a presentation at the Virus Bulletin Conference in Prague on Thursday has revealed that he has discovered a relatively simple way to bypass OS X's Gatekeeper security feature, potentially allowing a malicious file buried within a trusted application free reign to run unobstructed. The exploit could be used to steal passwords by modifying a legitimate app that already has Gatekeeper approval, for example. Apple is already aware of the issue and working on a fix.
Despite recent claims, a Dev Center security breach may not be why developers are being asked to re-sign Mac apps using OS X Mavericks, sources say. An alternative reason for the switch hasn't been mentioned, but unnamed sources are countering reports yesterday from other unnamed sources. In the earlier rumors, it was claimed that one or more hackers had managed to obtain not only Gatekeeper keys but "virtually every key Apple used for everything."
Apple has posted a new beta of OS X 10.9.5 for developers and AppleSeed participants, identified as build 13F18. Testing areas remain largely the same -- including Safari, graphics, Thunderbolt, and USB/USB smart cards -- but with the addition of a significant change to Gatekeeper, Apple's app-signing security feature. "Signatures created with OS X version 10.8.5 or earlier ('v1 signatures') are obsoleted and will no longer be recognized by Gatekeeper," Apple reminds the developer audience. "To ensure your apps will run on updated versions of OS X, they must be signed using the codesign tool on OS X version 10.9 or later ('v2 signatures')."
A upcoming change in the way the OS X security feature Gatekeeper works is essentially going to force developers to re-build and re-"sign" their applications and submit updates to Apple for programs that need to run in Mavericks or Yosemite. The upcoming change for security purposes only affects those running the forthcoming 10.9.5 or later, but cause cause apps that aren't updated to "break" (not launch) except through bypassing Gatekeeper, which most users will be loathe to do. The change will not force users to update their OS versions.
Complementing the release of OS X 10.8.2, Apple has also posted OS X 10.7.5, an update for Lion users. The software mainly retrofits Lion with Gatekeeper, the security technology built into Mountain Lion. By default Gatekeeper rejects unsigned apps, although restrictions can be loosened if necessary.
Apple is changing the way it rolls out OS X and even press events, a Daring Fireball report reveals. Beginning with the newly-announced Mountain Lion, OS X is moving to an annual update schedule. Apple has traditionally waited at least two years between major updates, but may want to keep pace with Windows, as well as iOS, the latter of which has always been updated once a year.
In a surprise step, Apple on Thursday gave developers a preview version of OS X Mountain Lion, the next significant update to the core OS. The new version is directly influenced by iOS 5 and includes Notification Center, Reminders, Notes, Game Center, and Twitter integration, with iCloud syncing where it's relevant. AirPlay Mirroring is also new to the Mac and shares exactly what's on screen through an Apple TV.
Now AAPL Stock: 93.4 ( -2.7 )
WhatsApp now handles over 100M calls daily
WhatsApp is celebrating that it is being used for over 100 million calls every day. In a brief notice, the Facebook-owned messaging platform advises the voice-calling feature it rolled out to its users last year now deals with an average of over 1,100 calls initiated per second. Earlier this year, it increased the security of its calls and other messages, by introducing end-to-end encryption on all platforms. http://bit.ly/292HqCX
Adele's '25' album now streaming
Recording artist Adele has "pulled a Kanye" after saying that her current album "25" would not be available for streaming. The seven-month-old record, which has yielded a number of hit singles, is now available for streaming on all the major streaming services, such as Apple Music and Spotify, as of today in most major markets, with worldwide distribution to come. Reportedly, the singer had demanded streaming be limited to paid subscribers -- a condition that has hurt some streamers with artists, who aren't paid royalties for free or trial listens . Apple pays performers its normal royalty rates during its free trial, avoiding the issue -- and having repeated success in both signing up exclusives and placing those exclusives into the top of the charts. http://ti.me/28U7NOu
SanDisk iXpand case has battery, storage
A new iPhone 6 and iPhone 6s case from SanDisk appears to be the "holy grail" of accessories: a stylish and protective case that offers both extra storage as well as the option of extra battery power as well. The iXpand Memory case offers either 32GB, 64GB, or 128GB of additional storage incorporated into the case, and an optional add-on battery pack (sold separately) adds up to an extra day or more of charge. Through the associated iXpand app, camera photos and videos can be automatically stored on the extra storage, optionally password-protected, The cost for the case is (in order of storage capacity) $60, $100, and $130. The battery pack's release data has not yet been announced, but the add-on should retail for an additional $30. http://bit.ly/291epHu
Fifth Hong Kong store to open June 30
The 46th official Apple store in what the company calls the "Greater China" region will open at 10AM local time in Hong Kong's New Town Plaza in the Sha Tin district on Thursday, June 30, according to a new page on Apple's retail website. Despite slowing growth due to economic turmoil in China, the country is still Apple's fastest-growing market. The new story will be the fifth for Hong Kong, a lucrative market for Apple thanks to the high concentration of wealth there and a thriving "gray" market. Normal store hours for the new store will be 10AM to 10PM every day. http://apple.co/291diaT
Apple Music bug bites very short songs
There appears to be a reproducible bug in the current version of iTunes -- version 12.4.1, running on OS X 10.11.5, both the current non-beta versions of the respective software -- that causes a streamed song to become "stuck" in endless buffering if the streamed item just before this happened was 60 seconds or less in length. The problem appears to stem from code in iTunes that signals the next track to start downloading one minute before the currently-playing track is done, and thus songs shorter than one minute don't trigger the download. Locally-stored music is unaffected by the bug, and the problem does not appear to exist in either the macOS Sierra developer beta or versions of iTunes earlier than 12.4, and does not affect the iOS Music app at all. http://bit.ly/291cN0l
Walmart Pay expands to 15 states
Walmart, one of the key progenitors of the failed CurrentC mobile payment system that was distinguished from Apple Pay by its ability to collect and share customer financial and buying data among its participants, has expanded the soft rollout of its alternative solution "Walmart Pay" to an additional 15 US states following a pilot program in Arkansas and Texas last month. Walmart continues to resist adding Apple Pay. The system, built into the Walmart app for iOS and Android, works with a complicated system of the camera scanning a purchase code at the register, then generating a QR code which is then scanned by the register. The system is available now in Alabama, Georgia, Indiana, Iowa, Kentucky, Louisiana, Michigan, Mississippi, Missouri, Nebraska, North Carolina, North Dakota, South Carolina, South Dakota, Tennessee, Virginia, and Washington, DC. http://apple.co/28SqZfu
Amazon refreshes entry-level Kindle
Amazon has added a new Kindle to its ebook reader range, one that is thinner and lighter than the previous entry-level model. Offering a six-inch 167-dpi touchscreen display, a doubled 4GB of storage, and an option for a white casing, the new model also adds in the ability to export highlights and notes to an email account as a PDF. Two versions of the all-new Kindle are available, priced at $80 including "Special Offers" and $100 without. http://amzn.to/28Q4c3R