Apple (PDF, via Ivan Krstić): Unless otherwise noted, this documentation covers the following operating system versions: iOS 17.3, iPadOS 17.3, macOS 14.3, tvOS 17.3, and watchOS 10.3. Apple: Topics added: Cryptex1 Image4 Manifest Hash (spih) Cryptex1 Generation (stng) BlastDoor for Messages and IDS Lockdown Mode security About App Store security WidgetKit security I thought I must have missed last year’s update, but it looks like the previous revision was in December 2022. Apple: Certain instructions on ARM64, including but not limited to those described in Arm Architecture ..read more

Adam Kohler and Christopher Lopez: The downloaded DMG contains an application bundle. Normally, macOS applications instruct the user to drag such apps into the /Applications folder. But in this case, it tells the user to right-click on it and click Open. […] Looking into the upd file in the original bundle, we found that it is signed adhoc with no developer ID. This means that Gatekeeper will initially stop the app from running and require the user to manually allow it. […] The application then creates a new copy of upd, renames it DumpMediaSpotifyMusicConverter, and places it in a hidden fol ..read more

Eswar: A new local privilege escalation vulnerability has been discovered in macOS which could allow any user to escalate their privileges to root by mounting filesystems using “diskutil” command line utility. This new vulnerability has been assigned with CVE-2023-42931 and the severity is yet to be categorized. […] If a user has mount privileges on the macOS, then the user needs to find a file which has the following conditions. Owned by root when mounted in “owners” mode; Considered owned by myself when mounted in “noowners” mode; Not protected by SIP. […] After creating this suidshell bi ..read more

Caleb Basinger: We don’t buy apps through the App Store. Rather, we purchase licenses in bulk—one for every employee or device—through Apple’s Apps and Books program, part of Apple Business Manager and Apple School Manager. […] The only problem is that Apps and Books doesn’t support in-app purchases or in-app subscriptions. That means we can’t access the features we need with the licenses we buy that way. […] Without altering your existing app on the App Store, you could use the same code-base to create a second, fully paid premium version of it that includes all the features we need. You cou ..read more

Federico Viticci: In iOS 17, you can create a contact poster, which is essentially a combination of a profile picture and artwork that will represent you when calling other people on the phone, FaceTime, and other apps compatible with the CallKit framework. […] When a call comes in from one of my friends who’s created a contact poster on iOS 17, I like that I can see a little bit of their personality and taste in the poster they’ve chosen for themselves. Just like profile pictures before, you can choose to automatically share your poster with your contacts; you can either accept someone else ..read more

Maxime Chevalier: What I’ve concluded, based on experience, is that positioning your project as an alternative implementation of something is a losing proposition. It doesn’t matter how smart you are. It doesn’t matter how hard you work. The problem is, when you build an alternative implementation, you’ve made yourself subject to the whims of the canonical implementation. They have control over the direction of the project, and all you can do is try to keep up. In the case of JITted implementations of traditionally interpreted languages, there’s a bit of a weird dynamic, because it’s much fas ..read more

OSXDaily (tweet): One of the worst things about the MacBook Air and MacBook Pro is the shiny key issue. If you’re unfamiliar, the image above demonstrates the beginning stages of the shiny key development on my otherwise beautiful six month old MacBook Air, visible mostly on the shift key, but “A” and “S” are also beginning to display the hallmark worn key shine. The shiny keys are unmistakable, and the wear occurs after routine use of MacBook keyboards. For some users they develop within weeks(!) and for others it can take a year or more to appear, but it seems that virtually every MacBook u ..read more

Jeremy Reimer (via Adam Engst): PLATO was an educational system that began in 1960 and was nearing its fourth iteration. It was responsible for many computer firsts, such as the first flat-screen plasma display, which launched in 1972 with PLATO IV. These touch-enabled, 512×512 graphical displays looked like they came from the future. And while it couldn’t talk to ARPANET, every PLATO user at every terminal could communicate with each other all over the world. […] CBBS was instantly popular and spawned dozens of imitators. Since long-distance charges applied for calls outside one’s hometown ..read more

Apple (Hacker News): Built using second-generation 3-nanometer technology, M4 is a system on a chip (SoC) that advances the industry-leading power efficiency of Apple silicon and enables the incredibly thin design of iPad Pro. It also features an entirely new display engine to drive the stunning precision, color, and brightness of the breakthrough Ultra Retina XDR display on iPad Pro. A new CPU has up to 10 cores, while the new 10-core GPU builds on the next-generation GPU architecture introduced in M3, and brings Dynamic Caching, hardware-accelerated ray tracing, and hardware-accelerated mes ..read more

Apple (Hacker News): Final Cut Pro for iPad 2 transforms iPad into a multicam production studio with Live Multicam, giving users the power to speed up their shoot by allowing them to connect and preview up to four cameras all at once, all in one place. To support Live Multicam, Final Cut Camera — an all-new video capture app — comes to iPhone and iPad, letting creators wirelessly connect and remotely direct each video angle with powerful pro controls. Final Cut Camera also works as a standalone professional video capture app on iPhone and iPad. External project support gives users the flexibi ..read more