Matt Shockley (tweet, Medium): TCC stores these user-level entitlements in a SQLite3 database on disk at $HOME/Library/Application Support/com.apple.TCC/TCC.db. Apple uses a dedicated daemon, tccd, for each logged-in user (and one system level daemo…
Lees meerCsaba Fitzl: On macOS Mojave Gatekeeper only verifies executables, which are run with the open command or the user double clicks. It won’t verify files, that are executed through other means like, directly executing a binary ./myapp regardless of th…
Lees meerCsaba Fitzl (tweet): This is a rather old vulnerability I found in TeamViewer back in 2020, and reported it through VCP/iDefense. TeamViewer fixed the vulnerability last November[…] The TeamViewer macOS client used a PrivilegedHelperTool named com.t…
Lees meerAlex Grebenyuk (tweet): Pulse is a powerful logging system for Apple Platforms. Native. Built with SwiftUI. Record and inspect network requests and logs right from your iOS app using Pulse Console. Share and view logs in Pulse macOS app. Logs are re…
Lees meerManton Reece: I’ve been thinking a lot lately about the longevity of Micro.blog and where we need help to continue to grow the platform and community. As we approach 4 years since the public launch, there are some parts of the platform and supportin…
Lees meerDave Scocca: I have an iTunes library of almost 15,000 songs, mostly ripped from my CDs but with a number of iTunes store purchases. I have a 256 GB iPhone to allow me to have my music with me, and my new-ish Civic has CarPlay. It used to be great–I…
Lees meerDerek Wise (Hacker News): Apple is often brought up when talking about right to repair, usually in reference to their anti-repair practices. In response to a Cameo request, Steve Wozniak spoke for almost 10 minutes on the importance of right to repa…
Lees meerDan Moren: Nice as it would be if Apple’s new system could simply import all your codes from Authy—or other apps like Google Authenticator—it doesn’t seem as though that’s an option for that at present, which isn’t entirely surprising given the secu…
Lees meerBrian Krebs (Hacker News): But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can’t or won’t upgrade to the latest o…
Lees meerJon Reid: Once or twice in my career, I’ve written an abstract test suite as a superclass, where the subclasses provide some sort of factory method. Then all the test cases in that suite get repeated for the specific instances. I do this all the tim…
Lees meerInternal Tech Emails: Panic’s @cabel shares App Store thoughts with Phil Schiller Some of these sentences seem very familiar, so I wonder if this e-mail has been published before, though I can’t seem to find the link. In any event, what a good commu…
Lees meerInternal Tech Emails has an interesting letter from Microsoft’s Ben Waldman that discusses negotiations over ClarisWorks (Apple agreed not to advertise their own product and instead preload a video promoting Microsoft Office), QuickTime, and Interne…
Lees meerSam Henri-Gold: today’s vibe: scrapped WWDC 2014 intro film feat. Larry David, JB Smoove, and Evan Spiegel See also: YouTube. John Gruber: One joke that might have played as funny in 2014 but wouldn’t in 2021 is the central conceit of the video — th…
Lees meerRuben Santamarta (PDF): IOActive has documented our detailed attack paths and component vulnerabilities to describe the first plausible, detailed public attack paths to effectively reach the avionics network on a commercial airplane from either non-…
Lees meerYev Pusin: Our latest version is pretty great: It cranks up the speed—letting you upload at whatever rate your local system can attain—all while reducing stress on key elements of your computer by an order of magnitude. […] We’ve also re-architected…
Lees meerFrancisco Tolmasky: I think the @AppStore may represent a “Closing of the Frontier” moment (in the American history “Frontier Thesis” sense) that may in part explain the dramatic slowdown in UI and UX innovation in iOS (and even more so in iPadOS) f…
Lees meerRian Hunter (via Hacker News): I do not agree with GitHub’s unauthorized and unlicensed use of copyrighted source code as training data for their ML-powered GitHub Copilot product. This product injects source code derived from copyrighted sources in…
Lees meerMohammed Abubakar: For starters, it’s an assistant that can help you with better code suggestions, but it has been recently brought to notice that the AI is leaking API keys that are valid and still functional. First reported by a SendGrid engineer,…
Lees meerMark Gurman: Just a few years after completing the multibillion-dollar Apple Park headquarters in Cupertino, California, Apple Inc. is ramping up efforts to decentralize out of Silicon Valley. I’m told that executives at the highest levels of the co…
Lees meerTim Hardwick: Two months ago, Audacity was acquired by Muse Group, which owns other audio-related projects including the Ultimate Guitar website and the MuseScore app. According to Fosspost, changes to the privacy policy section on the Audacity webs…
Lees meerIvan Mathy (via Matt Birchler): Sometimes you need to do something, and it’s just way easier to Google something like “json formatter online” and paste your data into whatever the first result is. It’s not your fault Xcode prints out escaped strings…
Lees meer