eXtensions - Saturday 7 September 2019



advertisement


Cassandra - Weekend Review: Changes to Apple Operating Systems; Insecurities, Uighurs and Apple; Return of Fetch; the USB-4 Standard


By Graham K. Rogers



Cassandra



Apple will announce the new iPhones in a few days and there is some anticipation that there will be one more thing (or more). There has been more than the usual criticism of iOS 13 which is expected in the next weeks; and Apple has also been under fire over tone deaf comments regarding insecurities found by Google. Catalina means 64-bit apps only, but one I thought was gone may have been resurrected; and USB-4 was announced this week.


With the iPhone announcements expected in a few days, rumors and expectations are running high. The AppleTV Events app has been updated. It will also be streamed live on YouTube. It is thought by many that as well as 3 iPhone models, Apple will announce the next version of the Apple Watch. There has also been some noise about a tracking device that is being called (nominally) the Tile. This appears to be a small accessory that can be attached to an object that will allow the user to track its whereabouts, presumably if it is lost or stolen.

I saw an image that (speculatively) implied that it could be connected to a key chain through a hole in one corner; but some items do not have convenient rings to connect things to. A couple of year back I had some of the earliest Beacons that used Bluetooth technology to send messages to anyone using an app that identified the beacon and allowed communication. I also put one in a suitcase and it sent me a warning when the case was arriving at the luggage carousel at an airport. Those beacons had one side that could adhere to a surface and this would be useful for such a tracking device.


keychain iBeacon

Losable keys; and a set of iBeacons


Apple has also been experimenting lately with a way to allow devices that are stolen or lost to hitch a ride on any nearby WiFi signal, so the device does not have to be logged in. With the small amount of data sent at any connection moment, the location can be sent back to the user. The idea is sound, but if Apple is not ready, or the device does not work correctly, there will be no announcements and it will be as if it never existed.

There is, however, already a tracking device called Tile, and the rumors are putting some pressure on the company, Michael Potuck (9to5 Mac) reports: "In the face of the impending competition, Tile has sent out products like the Bose Soundsport earphones with its embedded tech to the media with a note about its expanding business and more." In a Tweet later, Mark Gurman wondered if this rumoured Apple device would be an outright purchase (say $30) or a subscription.


Several sites report that Apple is likely to include sleep tracking in the next version of the Apple Watch update, although this seems to be concerned more with the software than the hardware, so may well run on the current Apple Watch 4 (or earlier versions). Guilhermo Rambo (9to5 Mac) mentions that some people like to charge their watches at night, but I use mine for heart-rate tracking with the Cardiogram app on my iPhone, so tend to charge my watch when I shower instead. As for sleep tracking I run that with the iPhone app, Sleep Cycle, which also integrates with the Health App.


Updating macOS
Updating macOS


As new iPhones are being released, new versions of iOS will be coming soon as will a new release of macOS: Catalina. I am sort of dreading both of these for different reasons. There are two versions of iOS: iPhone and iPad; so I may have different options on the various devices I use. I am particularly not looking forward to the changes in Photos on iOS as the brief look I have had of the interface does not please me, particularly as it appears to remove Black & White controls. I had also seen reports of some problems with loading RAW files transferred via iCloud; but late beta releases may have fixed that.

On the other hand, maybe not if a report from Brandon Russell (iMore) is true. A lot of beta testers are not happy with the quality of late beta versions of iOS 13 and we are fast approaching what should be a release day. One developer quoted in the article suggests we may be in for a rough ride over the next couple of months, while Russell notes that already there is a beta release of iOS 13.1.


With recent criticism of insecurities in iOS, following information from Google (Apple patched the exploit) and from other security-related commentators online, the iPhone seems to be more of a risk than Android. Apple needs to nip this in the bud if it is not already too late. A press release from Apple about the Google-discovered problems tried to pour oil on the waters but was seen as (at best) insensitive by many online, particularly the second and third paragraphs:

. . . the sophisticated attack was narrowly focused, not a broad-based exploit of iPhones "en masse" as described. The attack affected fewer than a dozen websites that focus on content related to the Uighur community. Regardless of the scale of the attack, we take the safety and security of all users extremely seriously.

Google's post, issued six months after iOS patches were released, creates the false impression of "mass exploitation" to "monitor the private activities of entire populations in real time," stoking fear among all iPhone users that their devices had been compromised. This was never the case.

Commentators like Alex Stamos bridled at the apparent dismissal of the seriousness of the insecurity, by the use of fewer than a dozen websites that focus on content related to the Uighur community as if the minority group (struggling for survival against the Chinese government) are no less important than Jews, Palestinians or Blacks facing discrimination and violence round the world. Stamos wrote in a Tweet, "Apple's response to the worst known iOS attack in history should be graded somewhere between "disappointing" and "disgusting". Adding, "First off, disputing Google's correct use of "indiscriminate" when describing a watering hole attack smacks of "it's ok, it didn't hit white people."


Tweet from Alex Stamos
Tweet from Alex Stamos


The thread is interesting and I note that one entry queried the timing of Google's release of the information. I had read this elsewhere. Others also wondered about this and its potential for maximum damage. Apple's tone deaf response did not help, although that "fewer than a dozen websites" comment may be just a note on how the attack was targeted and not a risk for the wider user-base. Whatever the intention, it was not well-received.

John Gruber does note that "Coverage of Google's report created the impression that only iOS users were hacked, when in fact, the Chinese government also exploited Windows and Android users, and that these exploits may have been targeting people everywhere," adding "Conspicuously unmentioned in Apple's response: "China"." Several other Apple-oriented sites commented on the Press Release with T.C. Sottek (The Verge) examining it in the light of the different interpretations of what Google and Apple claim each other is saying, with a final comment, ""Taking the safety and security of all users extremely seriously" would keep the focus on the users under attack, not the Google researchers who discovered the exploits"

All of the data that could be stolen during any such attack has value (not just to the Chinese government) and can be sold on the internet to other cyber-criminals. According to antivirus firm, Malwarebytes the malicious software is removed when the infected device is restarted. While this limits the amount of time that the device is compromised, the user risks being reinfected the next time they visit the same website if still using a vulnerable version of iOS (Leslie Sikos, Australian Science).


Catalina is a whole new barrel of fun. I am likely to delay my update of this for the first time since OS X Jaguar: I have always updated as soon as possible; but not this time. I saw some comments recently from Hoakley on The Eclectic Light Company regarding architecture on Mojave: a precursor (or warning). Now Hoakley has a comprehensive comment on the structure of Catalina and how changes may affect users.

Fetch I am already prepared for the switch from 32-bit apps. As far as I know, all the major apps I use are now updated to 64-bit; or I downloaded replacements. In one case the change was smooth, but in another of my critical apps, there is still some learning going on. Hoakley is generally positive, although it is clear that some operations - for example with scripting - will experience problems. The changes to macOS with this update are considerable and I expect there will be tears; and a great deal of gnashing of teeth too.

One of the apps I reluctantly replaced was Fetch (although I didn't delete it). I had been using this since I had my first Mac, which I think was running System 7. As I moved through 8 and 9 to OS X, so I updated to the latest version and ran the FTP software until quite recently. I did mail Jim Matthews but at the time he felt he was unlikely to be updating to a 64-bit version and the reason now seems clear from an online comment that he has on the Fetch pages.

It starts with some of the history and explains why the planned 64-bit Fetch 6 did not appear. That must have been about the time I contacted him. Now, however, he has taken another approach and is porting the current (5.7) carbon interface Fetch to Cocoa and 5.8 is in beta testing now. As much as I like the sophisticated (and expensive) Transport FTP software I switched to, if Fetch 5.8 is released I will move back to that. Best news I heard all week.


USB-C connector Several sites mentioned the release of the USB 4 standard this week that uses a USB-C type connector but has some impressive data transfer speeds. DL Cade, for example, on PetaPixel, outlines the 40Gb/sec transfer speeds that may be possible and writes that the first devices with the new standard should be appearing next year. The standard should also remove some of the confusion that some have between USB 3.2 and Thunderbolt, which both use the USB-C port.


A nice little hint from Paul Horowitz on OS X Daily concerning image rotation appeared this week. I usually do this in Photos: the default is anti-clockwise, but with the Option key this can be made clockwise. The hint however avoids the use of any app as it turns out this can be done using the Finder panel (in most display options) with a simple click. From looking at the panel, there are other options available to the user, including Markup and More (Create PDF and customize)


Finder actions Finder actions

Finder panel actions (Left); and Markup from the Finder


The article is full of other suggestions, concerning how rotation can also be accomplished in Preview, as well as batch rotation of images. There are some related links at the end of the text, including one to an item on rotation of images on iOS devices. Unfortunately, these are all anti-clockwise rotations and (even with the iPad Pro keyboard) use of the Option key does not reverse the rotation. Another useful action that is missing is "mirror", which is in Photos on the Mac. Fortunately, I have software that will do that for the rare occasions I need it.


Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs. After 3 years writing a column in the Life supplement, he is now no longer associated with the Bangkok Post. He can be followed on Twitter (@extensions_th)


advertisement



Google


Made on Mac

For further information, e-mail to

Back to eXtensions
Back to Home Page


All content copyright © G. K. Rogers 2019