daring-rss

I never even owned a smartphone with a hardware keyboard, but as soon as I saw this I wanted one: Clicks is a new $139 hardware keyboard case for the iPhone 14 Pro, 15 Pro, and 15 Pro Max (that one will cost $159 — Max phones have max prices). One of the creators of the project is Michael “MrMobile” Fisher, who, of course, created a YouTube video for the project. (One of his co-creators is CrackBerry Kevin — so there are some serious “hardware phone keyboard aficionado” bona fides on the team.)

I don’t know how much I’ll wind up using it but it looks fun, useful, and clever — and I’m just a sucker for upstart indie hardware projects. Clicks is even a great name. There’s no Bluetooth involved — it connects via Lightning or USB-C, just like any hardware keyboard can via a cable. If you’ve never connected a hardware keyboard to an iPhone before, you might be surprised how many keyboard shortcuts there are (Command-Space for Spotlight, Space and Shift-Space for paging down and up in Safari, Command-H to go to the Home screen, and more.)

You’ll never guess which color I pre-ordered.

 ★ 

I never even owned a smartphone with a hardware keyboard, but as soon as I saw this I wanted one: Clicks is a new $139 hardware keyboard case for the iPhone 14 Pro, 15 Pro, and 15 Pro Max (that one will cost $159 — Max phones have max prices). One of the creators of the project is Michael “MrMobile” Fisher, who, of course, created a YouTube video for the project. (One of his co-creators is CrackBerry Kevin — so there are some serious “hardware phone keyboard aficionado” bona fides on the team.)

I don’t know how much I’ll wind up using it but it looks fun, useful, and clever — and I’m just a sucker for upstart indie hardware projects. Clicks is even a great name. There’s no Bluetooth involved — it connects via Lightning or USB-C, just like any hardware keyboard can via a cable. If you’ve never connected a hardware keyboard to an iPhone before, you might be surprised how many keyboard shortcuts there are (Command-Space for Spotlight, Space and Shift-Space for paging down and up in Safari, Command-H to go to the Home screen, and more.)

You’ll never guess which color I pre-ordered.

Read More 

Apple’s 2023 year in review, with Callsheet developer Casey Liss.

Sponsored by:

Memberful: Monetize your passion with membership. Start your free trial today.
Squarespace: Make your next move. Use code talkshow for 10% off your first order.

 ★ 

Apple’s 2023 year in review, with Callsheet developer Casey Liss.

Sponsored by:

Memberful: Monetize your passion with membership. Start your free trial today.
Squarespace: Make your next move. Use code talkshow for 10% off your first order.

Read More 

I stumbled across an old note where I’d stashed some favorite quotes from Keith Richards; figured I’d append a few of them to my post from a few weeks ago on his 80th birthday.

 ★ 

I stumbled across an old note where I’d stashed some favorite quotes from Keith Richards; figured I’d append a few of them to my post from a few weeks ago on his 80th birthday.

Read More 

For at least a few years, I’ve been mildly annoyed by the fact that my iCloud Photo Library reported containing something like “50,783 Photos, 3,643 Videos, 2 Items”. The counts for photos and videos weren’t the problem — the problem was the “2 Items”. What were they?

Caleb Hailey had the same problem, and posted a super-simple solution to Mastodon: a custom smart album for Photos for Mac with a dozen or so criteria like this:

Filename does not include “.jpeg”
Filename does not include “.png”
Filename does not include “.heic”

and so forth. A few minutes of busy work and I found my culprits: two AAC audio files that were each just a few seconds long, and seemingly empty. I have no idea how or when they got into my Photos library but I’m delighted to have them gone.

Worth pointing out: You don’t need to build up a list every single filename extension that’s an image or video that you do want to keep in Photos. Once I built up a list of excluded filename extensions that whittled the list of matching items to 32, I just went through the items visually. The two AAC files stuck out like sore thumbs.

Also worth pointing out: You cannot create smart albums in Photos on iPadOS or iOS. Only MacOS. (Same thing goes for smart mailboxes in Apple Mail.) Apple still treats the iPad and iPhone as baby computers.

See also: A similar problem I had back in 2016, in which I had five unnamed items in my Photos library that could not be synced to iCloud. The solution to that one was also a smart album — and thus also a problem that could only be solved using a Mac.

 ★ 

For at least a few years, I’ve been mildly annoyed by the fact that my iCloud Photo Library reported containing something like “50,783 Photos, 3,643 Videos, 2 Items”. The counts for photos and videos weren’t the problem — the problem was the “2 Items”. What were they?

Caleb Hailey had the same problem, and posted a super-simple solution to Mastodon: a custom smart album for Photos for Mac with a dozen or so criteria like this:

Filename does not include “.jpeg”
Filename does not include “.png”
Filename does not include “.heic”

and so forth. A few minutes of busy work and I found my culprits: two AAC audio files that were each just a few seconds long, and seemingly empty. I have no idea how or when they got into my Photos library but I’m delighted to have them gone.

Worth pointing out: You don’t need to build up a list every single filename extension that’s an image or video that you do want to keep in Photos. Once I built up a list of excluded filename extensions that whittled the list of matching items to 32, I just went through the items visually. The two AAC files stuck out like sore thumbs.

Also worth pointing out: You cannot create smart albums in Photos on iPadOS or iOS. Only MacOS. (Same thing goes for smart mailboxes in Apple Mail.) Apple still treats the iPad and iPhone as baby computers.

See also: A similar problem I had back in 2016, in which I had five unnamed items in my Photos library that could not be synced to iCloud. The solution to that one was also a smart album — and thus also a problem that could only be solved using a Mac.

Read More 

When Charlie Munger — Warren Buffet’s longtime partner at Berkshire Hathaway — died last month at 99, I mentioned that a new edition of Poor Charlie’s Almanack was about to be published by Stripe Publishing (a subsidiary of the very same Stripe of e-payments renown).

The hardcover edition is out, but Stipe has also made the entire book available on this marvelous website. The site is beautiful, fun, and clever, and reminds me greatly of the web edition of The Steve Jobs Archive’s Make Something Wonderful. Both are damning condemnations of the state of e-books.

Regarding Make Something Wonderful, Sebastiaan de With wrote:

It’s hard to capture the delight of a real book, but this website
does a fantastic job coming close. Lots of delightful, thoughtful
little details.

I say “ebook” because it isn’t a word used anywhere on the
website, likely for good reason: there are no good ebooks. The
ePub file lacks all the delight of the beautiful website. Books on
Apple Books are objectively worse than their written counterparts.
This might be nicer.

Kindle editions are even more primitive, design-wise. Compare the Kindle preview of Poor Charlie’s Almanack to the website edition. It’s like comparing a matchbook to a blowtorch. With the e-book editions — Kindle, Kobo, Apple Books, whatever — you can merely read these books. With the web editions, you experience them.

 ★ 

When Charlie Munger — Warren Buffet’s longtime partner at Berkshire Hathaway — died last month at 99, I mentioned that a new edition of Poor Charlie’s Almanack was about to be published by Stripe Publishing (a subsidiary of the very same Stripe of e-payments renown).

The hardcover edition is out, but Stipe has also made the entire book available on this marvelous website. The site is beautiful, fun, and clever, and reminds me greatly of the web edition of The Steve Jobs Archive’s Make Something Wonderful. Both are damning condemnations of the state of e-books.

Regarding Make Something Wonderful, Sebastiaan de With wrote:

It’s hard to capture the delight of a real book, but this website
does a fantastic job coming close. Lots of delightful, thoughtful
little details.

I say “ebook” because it isn’t a word used anywhere on the
website, likely for good reason: there are no good ebooks. The
ePub file lacks all the delight of the beautiful website. Books on
Apple Books are objectively worse than their written counterparts.
This might be nicer.

Kindle editions are even more primitive, design-wise. Compare the Kindle preview of Poor Charlie’s Almanack to the website edition. It’s like comparing a matchbook to a blowtorch. With the e-book editions — Kindle, Kobo, Apple Books, whatever — you can merely read these books. With the web editions, you experience them.

Read More 

Juli Clover, MacRumors:

MacRumors has shared multiple details on the iPhone 16’s
design, including the unveiling of a new button that is
planned for the devices, the Capture Button. While we’ve
known the name and location of the button, the internal
information that we’ve obtained does not detail what it will be
used for.

According to Bloomberg’s Mark Gurman, the Capture Button will be
able to record video. In this week’s Power On newsletter,
Gurman says that the iPhone 16 models will include a “new
dedicated button for taking video.” […]

The Capture button will be a capacitive button with haptic
feedback rather than a mechanical button, and it is expected to
include a force sensor that can recognize pressure. The location
of the button may make it easy to trigger, but if it is activated
via pressure, it could be that holding it down will launch into
the camera and allow video recording to start.

If this comes true — and I hope it does — the button might default to shooting video, but I’d bet the house it will be configurable, like this year’s Action button. When using an iPhone as a camera, the main thing I miss from dedicated cameras is a hardware shutter button. With dedicated cameras, the shutter button can be pressed halfway to set exposure and focus, and only captures on a full press. A force-sensitive Capture button could work similarly.

You can set the iPhone 16 Pro’s Action button to act as a shutter button for the Camera app, but it’s in the wrong location on the frame of the phone. I don’t want to press a shutter button with my left thumb, I want to press it with my right index finger. (You can orient the Action button to be on the top right by holding the iPhone horizontally with camera at the bottom, but that feels awkward to me.)

 ★ 

Juli Clover, MacRumors:

MacRumors has shared multiple details on the iPhone 16’s
design, including the unveiling of a new button that is
planned for the devices, the Capture Button. While we’ve
known the name and location of the button, the internal
information that we’ve obtained does not detail what it will be
used for.

According to Bloomberg’s Mark Gurman, the Capture Button will be
able to record video. In this week’s Power On newsletter,
Gurman says that the iPhone 16 models will include a “new
dedicated button for taking video.” […]

The Capture button will be a capacitive button with haptic
feedback rather than a mechanical button, and it is expected to
include a force sensor that can recognize pressure. The location
of the button may make it easy to trigger, but if it is activated
via pressure, it could be that holding it down will launch into
the camera and allow video recording to start.

If this comes true — and I hope it does — the button might default to shooting video, but I’d bet the house it will be configurable, like this year’s Action button. When using an iPhone as a camera, the main thing I miss from dedicated cameras is a hardware shutter button. With dedicated cameras, the shutter button can be pressed halfway to set exposure and focus, and only captures on a full press. A force-sensitive Capture button could work similarly.

You can set the iPhone 16 Pro’s Action button to act as a shutter button for the Camera app, but it’s in the wrong location on the frame of the phone. I don’t want to press a shutter button with my left thumb, I want to press it with my right index finger. (You can orient the Action button to be on the top right by holding the iPhone horizontally with camera at the bottom, but that feels awkward to me.)

Read More 

Being really good at competing is not anticompetitive.

There’s a lot to catch up on since last I wrote about Beeper. Long story short, they’ve been playing — and no surprise, losing — the cat-and-mouse game with Apple. What I had been seeing during the week before Christmas is that Beeper Mini half-worked: messages from Beeper Mini on Android would go through to Messages on an Apple device, but from any Apple device, you could get one message through to an Android device running Beeper, but only one. After that, messages sent from an iMessage user on an Apple device to a user running Beeper Mini would silently fail. I’m guessing that behind the scenes, after that initial message from an actual Apple device to a Beeper client would go through, Apple would determine that the Beeper device was illegitimate and blacklist the device ID.

Regardless of details, half-working interop for a messaging service might as well be not working at all.

So Beeper effectively threw in the towel. Or maybe better put, half threw in the towel on their half-working app:

Each time that Beeper Mini goes “down” or is made to be unreliable
due to interference by Apple, Beeper’s credibility takes a hit.
It’s unsustainable. As much as we want to fight for what we
believe is a fantastic product that really should exist, the truth
is that we can’t win a cat-and-mouse game with the largest company
on earth.

With our latest software release, we believe we’ve created
something that Apple can tolerate existing. We do not have any
current plans to respond if this solution is knocked offline.

Their current “solution” requires Beeper Mini users to either (a) own — or, I swear, rent — an old iPhone (6, 6S, 7, 8, or X), jailbreak that phone, install Beeper’s software on the old jailbroken iPhone, and then leave that old jailbroken phone powered on and connected to Wi-Fi continuously; or (b) have Beeper Cloud — their desktop app — installed and running on a Mac, or run a command-line tool to, on a weekly basis, to regenerate a new iMessage registration code. Only with a jailbroken iPhone can you register your Android device’s phone number as an iMessage ID; if you’re using or borrowing a Mac to generate a registration key, Beeper Mini will only work using an Apple ID account, with an email address as your ID. Beeper’s own explanation for this rigmarole:

Here’s the backstory. When you sign in to iMessage on Beeper, we
need to send identification information called “registration data”
from a real Mac computer. We have, up until now, used our own
fleet of Mac servers to provide this. Unfortunately, this has
proven to be an easy target for Apple because thousands of Beeper
users were using the same registration data.

Beeper Cloud (Mac version) and old iPhones can now generate unique
registration data just for you. This 1:1 mapping of registration
data to individual user, in our testing, makes the connection very
reliable. If you use Beeper Mini, you can use your Mac
registration data with it as well, and Beeper Mini will start to
work again. Beeper needs to periodically regenerate this data even
after you’ve connected, roughly once per week or month, so the Mac
needs to be switched on regularly.

These hoops, I think will relegate Beeper Mini to relative obscurity, even if Apple takes no further action to counter it.

The iMessage Lounge

Any take on this entire saga that treats Apple’s stance or actions as controversial, in the least, (see below for more on that), is deeply misguided. I think the fundamental misunderstanding is over just what iMessage is. It’s being talked about as though iMessage is merely a format or protocol, and that Beeper reverse-engineering the protocol is akin to, say, reverse engineering a document file format. iMessage is much more than a protocol — it’s a service. It requires servers (both for delivering messages and for the exchange of encryption keys), bandwidth, content moderation for spammers, and more. Apple’s iMessage infrastructure handles billions of messages per day — trillions per year — with unlimited full-resolution image and video attachments. iMessage has also proven to be extremely fast and reliable. Beeper itself glosses over this, in one of their updates yesterday:

Q: “But you guys are making money off Apple’s servers!”

A: We stopped charging for Beeper Mini on Dec 11, and Beeper Cloud
has always been free to use. Additionally, Beeper Mini users
chat with paying Apple customers on the other side of the
conversation! If Apple proposed some way for us to reimburse
them for the (minuscule) infrastructure costs of enabling
paying iPhone customers to text Android users, we’d be happy to
comply with that.

Apple has never revealed the costs of running iMessage, but I suspect there are very few companies in the world who would consider the cost “minuscule”, and Beeper is not one of those companies. (Also, Beeper Mini users can just as easily use iMessage to message other Beeper Mini users — there’s nothing in Beeper Mini that requires someone in each chat to be using an actual Apple device.)

Here’s the analogy I’ve been thinking best applies. American Express operates Centurion Lounges at a few dozen airports around the world, exclusively for the use of their Platinum Card holders. Other premium credit cards offer similar access to other lounges. If you have an American Express Platinum Card, you just show up, show them your card and boarding pass, and you’re in. You get free Wi-Fi; free food (pretty good); free beverages (including a full-service bar); and comfortable seats, tables, and desks. They even have showers for travelers on extended trips. They’re great — and a cut above even most airlines’ own lounges for their premium frequent travelers. Centurion Lounge access is presented as a free benefit, but, of course, there’s no more such a thing as a free premium lounge as there is a free lunch: the cost of the lounges is baked into the annual fees Platinum Card holders pay.

iMessage is like a Centurion Lounge. It’s a free premium messaging service, exclusively for the use of people who own iPhones, iPads, and Macs. SMS, in this analogy, is like waiting for your plane out in the public airport terminal: not as nice, the Wi-Fi is worse, there’s no free food or drinks, but it’s available to everyone.

iMessage users in a group chat who are annoyed by Android-owning group members relegating the conversation to SMS are like a group of friends travelling together — some of whom have Amex Platinum Cards, some of whom don’t — who need to wait in the public terminal if the group wants to wait for their flight together.1

Like any analogy, it’s not perfect. Centurion Lounges allow cardholders to pay $50 to bring guests. iMessage has no “guest access” — you either have an Apple device, and with it, access to iMessage, or you don’t get to use iMessage. But I think the analogy basically works. Centurion Lounges are a perk for Amex Platinum Card holders; iMessage is a perk for Apple device owners. (Now that Apple runs its own credit card, it’s not outlandish to think that they might eventually offer Apple Card holders access to premium airport lounges.)

If Beeper were granting its users free access to Centurion Lounges, I’m not sure how anyone could defend it, because everyone can see how a premium airport lounge costs a lot of money to run: leasing the space, hiring staff, and all the free food and beverages. But that’s exactly what Beeper is doing with iMessage: granting free access to a premium perk intended solely for Apple’s device owners while they’re using those Apple devices.

One might argue that if you own a Mac, you should be able to use Beeper Mini on your Android phone, because the Mac qualifies for iMessage. With Beeper’s latest update, you can even use your own Mac to generate the iMessage registration code Beeper now requires. But Centurion Lounges don’t allow cardholders entry if they don’t present their actual card. (Don’t leave home without it.) Amex sets the terms for access to its Centurion Lounges; Apple sets the terms for access to iMessage. And Apple’s terms are clear: iMessage’s only authorized client software is Apple Messages running on an Apple device.

Beeper Mini presenting itself as Messages on a Mac to gain access to iMessage is as dishonest as presenting a forged Amex Platinum Card to gain access to a Centurion Lounge. Centurion Lounges aren’t free and neither is iMessage. And in the same way you’d expect Amex to crack down on a service that granted non-cardholders access to their lounges, Apple has cracked down on Beeper.

If you prefer another analogy, imagine if Apple (finally) released an electric car and offered free charging for its own vehicles at a network of charging stations — and Beeper found a way to allow any electric vehicle to charge, for free, at those stations. Few would object to Apple closing the loopholes being exploited by Beeper. Electricity isn’t free. Neither is running a large-scale instant messaging platform.

The Anti-‘Big Tech’ Brigade

Two weeks ago, when the Beeper saga was running hot, Senator Elizabeth Warren tweeted:

Green bubble texts are less secure. So why would Apple block a new
app allowing Android users to chat with iPhone users on iMessage?
Big Tech executives are protecting profits by squashing
competitors.

Chatting between different platforms should be easy and secure.

It’s her, not me, who capitalizes “Big Tech” as though it’s an organized cabal of law-breaking public-harming bogeymen, a la Big Tobacco. Warren’s argument here is that iMessage is superior to SMS (true), and that Apple should not use the superiority of its own bespoke messaging platform as a selling point for its own devices. As though it’s somehow wrong that Tim Cook, the CEO of the company that sells iPhones, suggested to a questioner complaining about SMS limitations at a conference last year, “Buy your mom an iPhone.”

Keeping an exclusive feature exclusive is not “squashing competitors”. And chatting between different platforms is easy, secure, and free, using apps like WhatsApp and Signal.

A week later came a letter to the Department of Justice, signed by senators Amy Klobuchar (D, Minnesota) and Mike Lee (R, Utah), and representatives Jerry Nadler (D, New York) and Ken Buck (R, Colorado), reported by CBS News’s Jo Ling Kent (also on Twitter/X). From their letter:

We write regarding Apple’s potential anticompetitive treatment of
the Beeper Mini messaging application. We have long-championed
increased competition, innovation, and consumer choice in the
digital marketplace. To protect free and open markets, it is
critical for the Antitrust Division to be vigilant in enforcing
our antitrust laws. That is why together we have led efforts in
Congress to ensure the agency has the authorities, tools, and
resources necessary to police abuses of market power.

Apple is very big and powerful so we just assume this is bad.

Earlier this month, Beeper introduced Beeper Mini, an
interoperable messaging service that allows users of the Android
mobile operating system to communicate with users of Apple’s
iMessage service.

Wrong. There is only one service at hand, iMessage, and that service is and always has been a proprietary platform created and run by Apple, exclusively for owners of Apple devices such as iPhones, iPads, and Macs. Beeper Mini is an unauthorized client for iMessage, not a service unto itself.

Previously, Android users were unable to securely communicate with
iMessage users and were relegated to using decades-old,
unencrypted SMS technology.

Again, it’s as though modern end-to-end encrypted platforms such as WhatsApp and Signal — which are available free of charge on Android, iOS, MacOS, and Windows — don’t even exist, or that Apple is blocking them from the App Store. WhatsApp has over 2.7 billion active users, so it’s not exactly obscure, and these apps are among the most popular on the entire App Store.

Within days of its launch, Beeper Mini users began to
experience service disruptions. Apple admitted it took action
to disable Beeper Mini, citing security and privacy concerns
for iMessage users.

This is embarrassingly confused, and treats Beeper Mini as a peer to iMessage. But that’s not an apt description. There is only one iMessage — that’s the protocol and platform Apple runs. Beeper Mini users aren’t separate from “iMessage users”; Beeper Mini users became iMessage users. Apple didn’t take down Beeper’s rival network; they blocked access to iMessage from Beeper’s unauthorized client software. This should not be controversial in the least.

Apple executives have previously admitted the company leverages
iMessage to lock users into Apple’s ecosystem of devices and
services. Beeper Mini threatened to reduce this leverage creating
more competitive mobile applications market, which in turn a more
competitive mobile device market.

The attention to copy editing in that sentence is indicative of the amount of thought put into the letter as a whole.

Earlier this year the Department of Commerce released a report
titled Competition in the Mobile Application Ecosystem, describing
Apple as a “gatekeeper” with a “monopoly position” in its mobile
app ecosystem. The Department of Commerce observed that “antitrust
enforcement is essential for ensuring competition in the mobile
app ecosystem.” These findings are consistent with those of
numerous other antitrust enforcers and international competition
authorities.

This paragraph would make sense in a world where Apple, say, didn’t allow WhatsApp, Signal, Line, Telegram, and Messenger in the App Store. But the market for messaging apps is incredibly competitive, and Apple’s App Store hosts all of them. These four lawmakers claim to be concerned about anticompetitive behavior, but what’s actually going on is actual competition.

Being really good at competing is not anticompetitive.

Read More 

Great clip from a great comic.

 ★ 

Great clip from a great comic.

Read More 

Jason Snell, in a post from August 2022:

I wanted to do a quick follow-up on my recent post about attaching
an Apple Magic Keyboard with Touch to the underside of my
desk, because I’ve now done what I threatened to do at the
end of that piece: I’ve broken into the keyboard, removed the
important bits, and then reassembled it into a little 3-D printed
case that contains just the Touch ID button. […]

Anyway: It works. But I would really love it if Apple would just
make a Magic Trackpad with integrated Touch ID.

My desk setup: MacBook Pro with the lid closed, connected to a Studio Display, with my beloved Apple Extended Keyboard II, a mouse on the left (I’m right-handed for most things but taught myself to mouse left-handed all the way back in college, when I started getting RSI), and a Magic Trackpad on the right.

I’m happier with this setup than I’ve ever been with any Mac I’ve ever used. The downside though is that I don’t have Touch ID, because my MacBook’s lid is closed, and I don’t use Apple’s Magic Keyboard. So on workdays, I tend always to wear my Apple Watch, which gives me a lot of the same advantages as Touch ID: I can log into my sleeping Mac without typing my account password, and I can confirm many actions (like Apple Pay purchases, and moving protected files to the Trash) with a double-click of the side button on my watch.

But whenever I’m wearing one of my other watches, I really miss Touch ID. I don’t miss it enough to go through the DIY project of ripping apart a Magic Keyboard to move the Touch ID sensor into a standalone case, though. So I wish that either (a) Apple would add a Touch ID sensor to the Magic Keyboard; or (b) someone would start selling pre-assembled Touch ID sensors in a nice case, repurposed from Magic Keyboards. It’s a bit of a waste to destroy a Magic Keyboard just to repurpose the Touch ID button, but I’d happily pay for it. And while I wish Apple would add a Touch ID sensor to the Magic Trackpad, I doubt they will — that would sully the minimalist “no buttons” look of the Magic Trackpad, and, for people who use a Magic Trackpad alongside a Magic Keyboard, would give them two Touch ID buttons.

 ★ 

Jason Snell, in a post from August 2022:

I wanted to do a quick follow-up on my recent post about attaching
an Apple Magic Keyboard with Touch to the underside of my
desk, because I’ve now done what I threatened to do at the
end of that piece: I’ve broken into the keyboard, removed the
important bits, and then reassembled it into a little 3-D printed
case that contains just the Touch ID button. […]

Anyway: It works. But I would really love it if Apple would just
make a Magic Trackpad with integrated Touch ID.

My desk setup: MacBook Pro with the lid closed, connected to a Studio Display, with my beloved Apple Extended Keyboard II, a mouse on the left (I’m right-handed for most things but taught myself to mouse left-handed all the way back in college, when I started getting RSI), and a Magic Trackpad on the right.

I’m happier with this setup than I’ve ever been with any Mac I’ve ever used. The downside though is that I don’t have Touch ID, because my MacBook’s lid is closed, and I don’t use Apple’s Magic Keyboard. So on workdays, I tend always to wear my Apple Watch, which gives me a lot of the same advantages as Touch ID: I can log into my sleeping Mac without typing my account password, and I can confirm many actions (like Apple Pay purchases, and moving protected files to the Trash) with a double-click of the side button on my watch.

But whenever I’m wearing one of my other watches, I really miss Touch ID. I don’t miss it enough to go through the DIY project of ripping apart a Magic Keyboard to move the Touch ID sensor into a standalone case, though. So I wish that either (a) Apple would add a Touch ID sensor to the Magic Keyboard; or (b) someone would start selling pre-assembled Touch ID sensors in a nice case, repurposed from Magic Keyboards. It’s a bit of a waste to destroy a Magic Keyboard just to repurpose the Touch ID button, but I’d happily pay for it. And while I wish Apple would add a Touch ID sensor to the Magic Trackpad, I doubt they will — that would sully the minimalist “no buttons” look of the Magic Trackpad, and, for people who use a Magic Trackpad alongside a Magic Keyboard, would give them two Touch ID buttons.

Read More 

Dan Goodin, reporting for Ars Technica:

Researchers on Wednesday presented intriguing new findings
surrounding an attack that over four years backdoored dozens if
not thousands of iPhones, many of which belonged to employees of
Moscow-based security firm Kaspersky. Chief among the discoveries:
the unknown attackers were able to achieve an unprecedented level
of access by exploiting a vulnerability in an undocumented
hardware feature that few if anyone outside of Apple and chip
suppliers such as ARM Holdings knew of.

“The exploit’s sophistication and the feature’s obscurity suggest
the attackers had advanced technical capabilities,” Kaspersky
researcher Boris Larin wrote in an email. “Our analysis hasn’t
revealed how they became aware of this feature, but we’re
exploring all possibilities, including accidental disclosure in
past firmware or source code releases. They may also have stumbled
upon it through hardware reverse engineering.” […]

The mass backdooring campaign, which according to Russian
officials also infected the iPhones of thousands of people
working inside diplomatic missions and embassies in Russia,
according to Russian government officials, came to light in June.
Over a span of at least four years, Kaspersky said, the
infections were delivered in iMessage texts that installed
malware through a complex exploit chain without requiring the
receiver to take any action.

From the report by the Kaspersky researchers:

If we try to describe this feature and how the attackers took
advantage of it, it all comes down to this: they are able to write
data to a certain physical address while bypassing the
hardware-based memory protection by writing the data, destination
address, and data hash to unknown hardware registers of the chip
unused by the firmware.

Our guess is that this unknown hardware feature was most likely
intended to be used for debugging or testing purposes by Apple
engineers or the factory, or that it was included by mistake.
Because this feature is not used by the firmware, we have no idea
how attackers would know how to use it.

 ★ 

Dan Goodin, reporting for Ars Technica:

Researchers on Wednesday presented intriguing new findings
surrounding an attack that over four years backdoored dozens if
not thousands of iPhones, many of which belonged to employees of
Moscow-based security firm Kaspersky. Chief among the discoveries:
the unknown attackers were able to achieve an unprecedented level
of access by exploiting a vulnerability in an undocumented
hardware feature that few if anyone outside of Apple and chip
suppliers such as ARM Holdings knew of.

“The exploit’s sophistication and the feature’s obscurity suggest
the attackers had advanced technical capabilities,” Kaspersky
researcher Boris Larin wrote in an email. “Our analysis hasn’t
revealed how they became aware of this feature, but we’re
exploring all possibilities, including accidental disclosure in
past firmware or source code releases. They may also have stumbled
upon it through hardware reverse engineering.” […]

The mass backdooring campaign, which according to Russian
officials also infected the iPhones of thousands of people
working inside diplomatic missions and embassies in Russia,
according to Russian government officials, came to light in June.
Over a span of at least four years, Kaspersky said, the
infections were delivered in iMessage texts that installed
malware through a complex exploit chain without requiring the
receiver to take any action.

From the report by the Kaspersky researchers:

If we try to describe this feature and how the attackers took
advantage of it, it all comes down to this: they are able to write
data to a certain physical address while bypassing the
hardware-based memory protection by writing the data, destination
address, and data hash to unknown hardware registers of the chip
unused by the firmware.

Our guess is that this unknown hardware feature was most likely
intended to be used for debugging or testing purposes by Apple
engineers or the factory, or that it was included by mistake.
Because this feature is not used by the firmware, we have no idea
how attackers would know how to use it.

Read More