Posts in Linked

Apple Addresses the Meltdown and Spectre Exploits With Additional Mitigations to Come

In a support article, Apple has acknowledged that the recently-disclosed Meltdown and Spectre exploits, which affect virtually every CPU in computers, mobile devices, and other platforms, also impact every Mac and iOS device. Although there are no known exploits of the vulnerabilities, Apple advises that users proceed with caution and download apps from trusted sources only.

Mitigations to defend against Meltdown have already been shipped by Apple in iOS 11.2, macOS 10.13.2, and tvOS 11.2. watchOS is unaffected by Meltdown. Development of mitigations for both exploits is ongoing and new defenses will be released to each Apple OS as they become available.

The support article published by Apple provides a high-level explanation of how each exploit works. If there’s any good news to be found in the widespread concern caused by these exploits it’s that Apple says the recently-released mitigations have no measurable impact on performance:

Our testing with public benchmarks has shown that the changes in the December 2017 updates resulted in no measurable reduction in the performance of macOS and iOS as measured by the GeekBench 4 benchmark, or in common Web browsing benchmarks such as Speedometer, JetStream, and ARES-6.

Apple’s support document also reveals that Spectre can be exploited in web browsers, including Safari, using JavaScript. Apple is working to address the problem with an update to Safari that will be released in the coming days. Apple says that:

Our current testing indicates that the upcoming Safari mitigations will have no measurable impact on the Speedometer and ARES-6 tests and an impact of less than 2.5% on the JetStream benchmark.

The gravity of the exploits, which affect virtually all computing platforms, cannot be understated, but it’s reassuring that the initial mitigations released and those coming in the days ahead should have little or no impact on performance. It’s also worth noting that this is probably not the last we’ll hear about Meltdown and Spectre. As Apple notes:

We continue to develop and test further mitigations within the operating system for the Spectre techniques, and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS. 

Permalink

Apple Announces Record Holiday App Store Sales

During the week beginning on Christmas Eve, the App Store sold $890 million of apps to a record number of customers. In a press release today, Apple revealed that on New Year’s Day alone, customers bought another $300 million of apps.

“We are thrilled with the reaction to the new App Store and to see so many customers discovering and enjoying new apps and games,” said Phil Schiller, Apple’s senior vice president of Worldwide Marketing. “We want to thank all of the creative app developers who have made these great apps and helped to change people’s lives. In 2017 alone, iOS developers earned $26.5 billion — more than a 30 percent increase over 2016.”

That’s a big increase over 2016 and with the tenth anniversary of the App Store on the horizon, the App Store is closing in on a big milestone. Since the App Store launched in July 2008, developers have earned over $86 billion. If App Store sales continue to grow at a pace similar to 2017, developer earnings should top $100 billion just in time for the anniversary.

Apple also stated that over 2,000 ARKit-enabled apps are available in the App Store, contrary to estimates by research firm Apptopia that fewer than 1,000 ARKit apps are available.

Permalink

Explaining the Roles of the iMac Pro’s T2 Chip

Jason Snell, writing for Macworld:

Before the iMac Pro was released, there was a lot of speculation that it was part of a trend toward creating a “hybrid Mac” that is driven by both an Intel processor and an Apple-designed ARM chip like those found in other Apple devices. The iMac Pro is definitely a hybrid of a sort, but probably not the one people were expecting. With the T2, Apple is using its chip-design prowess to take more control over parts of the Mac hardware that were previously outsourced to other controllers, and reaping the benefits of integrating them all together.

The iMac Pro isn’t running iOS apps, but it does get to take advantage of most of the work Apple has done to bolster the security of iOS devices and enhance the quality of photos and video taken by iPhone cameras. Apple will almost certainly continue to push this technology into more future Mac models, because it allows Apple to use the work it’s already done on iOS to improve the features and security of the Mac.

For years, the advancement of the Mac has been tied closely with the evolution of iOS. Many of the hallmark macOS features dating back to Lion originated on the iPhone and iPad, and came to the Mac – in part – to provide greater feature parity between the differing platforms.

While the iPhone’s influence on the Mac has previously played out primarily in the realm of software, that influence is clearly extending to hardware now. The 2016 MacBook Pro took the first step with its T1 chip powering the Touch Bar, but the T2 is another significant step forward. Though its benefits are largely invisible to the average user, Snell’s overview of the T2 and its extensive reach throughout the system makes clear that the Touch Bar was just the beginning of ARM-enhanced Macs.

Permalink

Connected, Episode 174 – 2017 In Review: I’ve Been Sitting on That Joke for Months

We grade our predictions for 2017 before setting off on a trip down memory lane of the last twelve months of Apple news.

In the annual ‘year in review’ episode of Connected, we go through all the most important Apple and tech news from 2017 and discuss how they played out. This was a fun one to record. You can listen here.

Sponsored by:

  • Hover: Show the world what you’re passionate about with 10% off your first purchase
  • Casper: Start sleeping ahead of the curve. Get $50 off with the code ‘CONNECTED’.
  • Pingdom: Start monitoring your websites and servers today. Use offer code CONNECTED to get 30% off.
Permalink

Pythonista 3.2 Syncs Scripts with iCloud, Supports Open-in-Place via iOS 11’s Files App

For a long time, Apple’s App Store review guidelines prohibited apps from downloading executable code from the Internet. The company’s original stance resulted in IDEs that couldn’t sync scripts and programs across multiple devices – a serious limitation for the emergent movement of programmers embracing the iPad Pro as a portable workstation.

Fortunately, Apple started relaxing their rules earlier this year, allowing “apps designed to teach, develop, or test executable code” to download and run code. Pythonista, the popular Python IDE for iOS (and one of the best pro apps for iOS, period), has been updated this week with the ability to sync scripts with iCloud and edit external scripts in-place using Files’ document picker.

As someone who used Pythonista heavily for years and remembers previous rejections based on old App Store guidelines, this is fantastic news. I moved my existing script library to iCloud, which means all my code is now shared between the iPhone and iPad – no workarounds required. Pythonista now supports the iPhone X and drag and drop for importing scripts, but, even better, the app can open scripts and edit them in-place (saving changes back to the original location) just by opening them with the built-in Files picker. This feature makes it possible to, say, use Pythonista as an editor for script files stored in GitHub repositories and managed by Working Copy – all entirely on iOS, and natively integrated with Files.

Version 3.2 of Pythonista gets rid of the most annoying limitations imposed by the old Apple, another sign that the company’s approach to professional iOS software has changed over the years. While I don’t use Pythonista nearly as much as I did a few years ago (you can imagine why), I plan on playing around with Pythonista 3.2 over the next couple of weeks.

Permalink

iOS 11 X and iOS 11 Classic

In his review of the iPhone X, John Gruber astutely points out that the device effectively runs a fork of iOS 11:

There were always two things and only two things on the front face of an iOS device — the touchscreen display and the home button. In fact, the iPhone X changes iOS in more fundamental ways than even the iPad did. In terms of the role between the display and the home button, the iPad really was — and remains today — “just a big iPhone”.

The iPhone X, however, creates a schism, akin to a reboot of the franchise.

Apple hasn’t called attention to this, but effectively there are two versions of iOS 11 — I’ll call them “iOS 11 X”, which runs only on iPhone X, and “iOS 11 Classic”, which runs on everything else.

The fundamental premise of iOS Classic is that a running app gets the entire display, and the home button is how you interact with the system to get out of the current app and into another. Before Touch ID, the home button was even labeled with a generic empty “app” icon, an iconographic touch of brilliance.

This is a great way to think about the evolution of iOS going forward. As I noted last month, the iPhone X will reshape the entire iOS ecosystem over the next few years. Consequently, it’ll also make it more challenging to review a new version of iOS, as we’ll have to account for deeply different variations of the same features.

Permalink

How Far Ahead of Apple Maps Is Google Maps?

Another fantastic essay by Justin O’Beirne, this time focused on explaining one of Google Maps’ strongest advantages over Apple Maps: the ability to use data to create more data.

With “Areas of Interest”, Google has a feature that Apple doesn’t have. But it’s unclear if Apple could add this feature to its map in the near future.

The challenge for Apple is that AOIs aren’t collected—they’re created_. And Apple appears to be missing the ingredients to create AOIs at the same quality, coverage, and scale as Google.

This is a perfect example of Google’s institutional approach to data collection paying off in the long term, giving them a substantial lead over the competition. O’Beirne’s visual comparisons between Google Maps and Apple Maps are just brutal.

Yes, Apple Maps may be “prettier”, but when you’re going somewhere, or need to find a specific point of interest, I bet you don’t care about “pretty”. You just want your map to tell you where to go, or show you accurately where you’re meant to be. Google is objectively ahead here, and Apple Maps’ slow evolution is concerning. There’s an interesting parallel here between Apple Music and Apple Maps: both nicer iOS apps than Spotify and Google Maps, and both far behind in terms of intelligence of the service itself.

As I wrote earlier this year:

Speaking from personal experience, Google Maps has considerably improved in my area in the past year, while Apple Maps has remained essentially the same. Which isn’t to say that Apple Maps is bad – Google simply has an edge over local business information and they’re evolving at a faster pace than Apple. To me, Apple Maps looks and feels nicer; Google Maps seems smarter and it has modern features I’d like Apple to add.

Permalink

Twitter Now Supports Third-Party Apps for Two-Factor Authentication

https://twitter.com/TwitterSafety/status/943542421698125824

Earlier today Twitter announced that you’ll now be able to use a third-party app (such as Google Authenticator, Authy, or 1Password) for two-factor authentication instead of SMS. The company has updated their support document with instructions on how to set it up here.

This is great news as Twitter was the last service with 2FA that only supported sending codes via SMS. Switching from text messages to 1Password (which I use for one-time codes) was easy: in Twitter for iPad, I went to Settings ⇾ Account ⇾ Security, and enabled the ‘Security app’ toggle. I then selected to use another app to generate my codes and opened 1Password on my iPhone, where I hit Edit on my Twitter login item and scrolled to the OTP section. Here, I tapped the QR button, scanned the QR code Twitter was displaying on my iPad with the iPhone’s camera, and that was it.

Unless you specifically want to receive 2FA codes from Twitter via SMS, you should consider switching to a dedicated authentication app: these codes work independently from carriers and location, and they can be generated offline.

Permalink

Connected, Episode 173: The Final Robin

Round out 2017 with fake apps and an anti-wishlist.

In the final episode of Connected for 2017, we revisit the classic wish list with a twist: what are the things we’d like Apple to stop doing? You can listen here.

Sponsored by:

  • Balance Open: Find out more about Balance Open and get $2 in Ethereum.
  • TextExpander, from Smile: Communicate smarter with TextExpander. Get 20% off your first year when you tell them you came from this show.
  • Incapsula: Secure and accelerate your website. Connected listeners get one month free.
Permalink