GoFetch (PDF, Hacker News): GoFetch is a microarchitectural side-channel attack that can extract secret keys from constant-time cryptographic implementations via data memory-dependent prefetchers (DMPs). We show that DMPs are present in many Apple C…
Lees meerHoward Oakley: Although APFS has certainly had its moments over the last seven years, Apple’s gambles have paid off, and proved key to the success of Apple silicon Macs. Had there been no APFS, many of the fundamental technologies like Secure Boot a…
Lees meerGlenn Fleishman (Mastodon): Turned out, my kid had managed a neat trick, though they were not alone: they had filled macOS’s startup volume storage so full that the operating system was incapable of deleting files in any fashion. Instead of halting …
Lees meerHoward Oakley: Apple gives the user control over the level of security to be used, in Startup Security Utility, in Recovery. For this to work with boot volume groups (BVGs), each must have its own set of boot security policies, determined by its Loc…
Lees meerMatt Stoller (ArsTechnica): As part of the claim outside of the smartphone, the Antitrust Division asserted that “Apple’s conduct extends beyond just monopoly profits and even affects the flow of speech. For example, Apple is rapidly expanding its r…
Lees meerWojciech Kulik: To give you an idea what it means, here is a simple example. Let’s say you want to delete the current line in Xcode. You would probably use the mouse to select the line, then press cmd + x to cut it or backspace to delete it. In Neov…
Lees meerMatt Birchler: Well, nearly 2 months later and it turns out the Vision Pro replaced precisely zero of my iPad use cases, and every day I find myself thinking, “sure would be nice if I had an iPad right now.”[…]The iPad is not a good replacement for …
Lees meerKarl Bode (Hacker News, MacRumors): Oregon has officially become the seventh state (behind New York, California, Massachusetts, Colorado, Maine, and Minnesota) to pass “right to repair” legislation, making it easier and more affordable for consumers…
Lees meerBaldur Bjarnason: We have the worst job environment for tech in over two decades and that’s with the “AI” bubble in full force. If that bubble pops hard before the job market recovers, the repercussions to the tech industry will likely eclipse the d…
Lees meerQuinn: XPC is the preferred inter-process communication (IPC) mechanism on Apple platforms. XPC has three APIs:The high-level NSXPCConnection API, for Objective-C and SwiftThe low-level Swift API, introduced with macOS 14The low-level C API, which, …
Lees meerCraig Hockenberry: Your code and the App Store don’t agree about when a subscription expired. The cause of this is Apple’s StoreKit sample code. It’s likely that you have some code similar to line 246 of Store.swift:subscriptionGroupStatus = try? aw…
Lees meerJason Snell: On Thursday Apple debuted its first immersive video since the Vision Pro launched, a five-minute-long compilation of highlights from the MLS Cup playoffs late last year. Without even seeing the video, I had many questions. Why did it ta…
Lees meerThomas Claburn: Red Hat on Friday warned that a malicious backdoor found in the widely used data compression software library xz may be present in instances of Fedora Linux 40 and in the Fedora Rawhide developer distribution. The IT giant said the m…
Lees meerJoanna Stern: When you go into Settings > Privacy & Security > Journaling Suggestions, you’ll see that Discoverable by Others is enabled by default—even if you never turned on suggestions. Under the setting it says, “Allow others to detect you are n…
Lees meerMarco Arment: If I ran a website that supported Google-account login, I’d be pretty pissed at how they’re suddenly putting up an obnoxious overlay over my site’s layout.Why is this not bothering more people? Does anyone give a shit about their websi…
Lees meerThere have been a bunch of neat updates to this browser extension in the last year or so. April: [It’s] difficult to edit a long URL in the Safari address bar, especially on iPhone.[…]Select StopTheMadness from the menu. […] Tap the Edit Tab URL but…
Lees meerLorenzo Franceschi-Bicchierai (tweet, via Nick Heer): In 2016, Facebook launched a secret project designed to intercept and decrypt the network traffic between people using Snapchat’s app and its servers. The goal was to understand users’ behavior a…
Lees meerJim Dalrymple: Siri has done what no person could for 30 years: Make me stop using an Apple product. I am giving up on my 8 HomePods/minis out of the sheer frustration of trying to use Siri. I’ve been in tech for 30 years and this is one of the wors…
Lees meerFor many years, I’ve been saying “Hey Siri, remember to x” to create reminders on my iPhone (to be transferred to OmniFocus). Sometimes it would have trouble with the “x,” but it would always create a reminder. Now, this only works some of the time:…
Lees meerBrian Krebs (MacRumors, Hacker News): Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. In this scenario, a target’s Apple devices are forc…
Lees meerCabel Sasser: PSA: 1Password uses “1Password.co” for email links — instead of their usual “1Password.com” domain. Craig Hockenberry: So the “phishing link” with the .co domain was a valid link and documented as such.But I still find it inexcusable.T…
Lees meer