Desktops (Apple)

Apple Could Use ARM Coprocessors for Three Updated Mac Models ( 119

According to a Bloomberg report, Apple could be working on three new Mac models for this year. From a report: All three of them could feature an ARM coprocessor to improve security. Apple isn't switching to ARM chipsets altogether. There will still be an Intel CPU in every Mac, but with a second ARM processor. Currently, the MacBook Pro features a T1 chip while the iMac Pro features a T2 chip. On the MacBook Pro, the ARM coprocessor handles the Touch ID sensor and the Touch Bar. This way, your fingerprint is never stored on your laptop's SSD drive -- it remains on the T1 secure enclave. The Intel CPU only gets a positive response when a fingerprint is validated. The iMac Pro goes one step further and uses the T2 to replace many discrete controllers. The T2 controls your stereo speakers, your internal microphone, the fans, the camera and internal storage.
Open Source

Are the BSDs Dying? Some Security Researchers Think So ( 196

itwbennett writes: The BSDs have lost the battle for mindshare to Linux, and that may well bode ill for the future sustainability of the BSDs as viable, secure operating systems, writes CSO's JM Porup. The reason why is a familiar refrain: more eyeballs mean more secure code. Porup cites the work of Ilja von Sprundel, director of penetration testing at IOActive, who, noting the "small number of reported BSD kernel vulnerabilities compared to Linux," dug into BSD source code. His search 'easily' turned up about 115 kernel bugs. Porup looks at the relative security of OpenBSD, FreeBSD and NetBSD, the effect on Mac OS, and why, despite FreeBSD's relative popularity, OpenBSD may be the most likely to survive.
Operating Systems

Apple Prepares MacOS Users For Discontinuation of 32-Bit App Support ( 180

Last year, Apple announced that macOS High Sierra "will be the last macOS release to support 32-bit apps without compromise." Now, in the macOS High Sierra 10.13.4 beta, Apple is notifying users of the impending change, too. "To prepare for a future release of macOS in which 32-bit software will no longer run without compromise, starting in macOS High Sierra 10.13.4, a user is notified on the launch of an app that depends on 32-bit software. The alert appears only once per app," Apple says in the beta release notes. Ars Technica reports: When users attempt to launch a 32-bit app in 10.13.4, it will still launch, but it will do so with a warning message notifying the user that the app will eventually not be compatible with the operating system unless it is updated. This follows the same approach that Apple took with iOS, which completed its sunset of 32-bit app support with iOS 11 last fall. Developers and users curious about how this will play out will be able to look at the similar process in iOS for context. On January 1 of this year, Apple stopped accepting 32-bit app submissions in the Mac App Store. This June, the company will also stop accepting updates for existing 32-bit applications. iOS followed a similar progression, with 32-bit app submissions ending in February of 2015 and acceptance of app updates for 32-bit apps ending in June of 2015.
Desktops (Apple)

Ask Slashdot: What's the Fastest Linux Distro for an Old Macbook 7,1? 248

Long-time Slashdot reader gr8gatzby writes: I have an old beautiful mint condition white Macbook 7,1 with a 2.4Ghz Core 2 Duo and 5GB RAM. Apple cut off the upgrade path of this model at 10.6.8, while a modern-day version of any browser requires at least 10.9 these days, and as a result my browsing is limited to Chrome version 49.0.2623.112.

So this leaves me with Linux. What is the fastest, most efficient and powerful distro for a Mac of this vintage?

It's been nearly eight years since its release, so leave your best thoughts in the comments. What's the best Linux distro for an old Macbook 7,1?

'Text Bomb' Is Latest Apple Bug ( 60

An anonymous reader quotes a report from the BBC: A new "text bomb" affecting Apple's iPhone and Mac computers has been discovered. Abraham Masri, a software developer, tweeted about the flaw which typically causes an iPhone to crash and in some cases restart. Simply sending a message containing a link which pointed to Mr Masri's code on programming site GitHub would be enough to activate the bug -- even if the recipient did not click the link itself. Mr Masri said he "always reports bugs" before releasing them. Apple has not yet commented on the issue. On a Mac, the bug reportedly makes the Safari browser crash, and causes other slowdowns. Security expert Graham Cluley wrote on his blog that the bug does not present anything to be particularly worried about -- it's merely very annoying. After the link did the rounds on social media, Mr Masri removed the code from GitHub, therefore disabling the "attack" unless someone was to replicate the code elsewhere.

Tim Cook Says Power Management Feature In Older iPhones Will Be Able To Be Turned Off In Future Update ( 162

In an interview with Rebecca Jarvis of ABC News, Apple CEO Tim Cook touched on the ongoing controversy over power management features in older iPhones. He says that a future update will allow customers to turn off the power management feature that has caused older iPhones to slow down. Mac Rumors reports: According to Cook, when the power management features were first introduced in iOS 10.2.1, Apple did explain what was going on, but following the controversy, he believes Apple should have been clearer. The company did indeed mention that the shutdown issue was caused by uneven power delivery and explained that its power management system had been tweaked, but there was no clear notice that it could cause devices to operate more slowly at times. Cook says Apple "deeply apologizes" to customers who thought the company had other motivations. Apple is introducing better battery monitoring features in a future iOS update, and Cook says Apple will also allow customers to turn off the power management feature, which is new information that the company has not previously shared. The majority of the interview was focused on the announcements that Apple made today. The company plans to contribute $350 billion in the U.S. economy over the next five years, as well as issue employees a bonus of $2,500 of restricted stock units following the introduction of the new U.S. tax law.

PC Market Still Showing Few Signs of Life ( 218

An anonymous reader writes: It was another rough quarter for the global PC market, as fourth quarter unit sales dropped 2%, according to preliminary results from Gartner. In the U.S. things were even bleaker, with sales down 8%. HP was the only big name maker to post a sales increase in the U.S. and globally. It also passed Lenovo to grab the top spot globally and increased its lead in the U.S. over Dell. Apple saw Mac sales globally up 1.4%, but in the U.S. sales were down 1.6%. Dell gained less than 1% globally but fell more than 12% in the U.S. Lenovo sales dipped slightly globally, but its market share increased slightly, to 22% of the worldwide market.
Desktops (Apple)

macOS High Sierra's App Store System Preferences Can Be Unlocked With Any Password ( 58

A bug report submitted on Open Radar this week reveals a security vulnerability in the current version of macOS High Sierra that allows the App Store menu in System Preferences to be unlocked with any password. From a report: MacRumors is able to reproduce the issue on macOS High Sierra version 10.13.2, the latest public release of the operating system, on an administrator-level account by following these steps: 1. Click on System Preferences. 2. Click on App Store. 3. Click on the padlock icon to lock it if necessary. 4. Click on the padlock icon again. 5. Enter your username and any password. 6. Click Unlock.

As mentioned in the radar, System Preferences does not accept an incorrect password with a non-administrator account. We also weren't able to unlock any other System Preferences menus with an incorrect password. We're unable to reproduce the issue on the third or fourth betas of macOS High Sierra 10.13.3, suggesting Apple has fixed the security vulnerability in the upcoming release. However, the update currently remains in testing.


Nvidia's GeForce Now Windows App Transforms Your Cheap Laptop Into a Gaming PC ( 100

The GeForce Now game streaming service that Nvidia announced for the Mac last year is finally coming to Windows PCs. According to their website, the service lets you stream high-resolution games from your PC to your Mac or Windows PC that may or may not have the power to run the games natively. Starting this week, beta users of the GeForce Now Mac client will be able to install and run the Windows app. Tom Warren reports via The Verge: I got a chance to play with an early beta of the GeForce Now service on a $400 Windows PC at CES today. My biggest concerns about game streaming services are latency and internet connections, but Nvidia had the service setup using a 50mbps connection on the Wynn hotel's Wi-Fi. I didn't notice a single issue, and it honestly felt like I was playing Player Unknown's Battlegrounds directly on the cheap laptop in front of me. If I actually tried to play the game locally, it would be impossible as the game was barely rendering at all or at 2fps. Nvidia is streaming these games from seven datacenters across the US, and some located in Europe. I was playing in a Las Vegas casino from a server located in Los Angeles, and Nvidia tells me it's aiming to keep latency under 30ms for most customers. There's obviously going to be some big exceptions here, especially if you don't live near a datacenter or your internet connectivity isn't reliable. The game streaming works by dedicating a GPU to each customer, so performance and frame rates should be pretty solid. Nvidia is also importing Steam game collections into the GeForce Now service for Windows, making it even more intriguing for PC gamers who are interested in playing their collection on the go on a laptop that wouldn't normally handle such games.

Apple Updates macOS and iOS To Address Spectre Vulnerability ( 67

Days after Apple disclosed how it would be dealing with the Meltdown bug that affects modern computers, it's pushed out fixes for the Spectre exploit as well. From a report: iOS 11.2.2 includes "Security improvements to Safari and WebKit to mitigate the effects of Spectre," the company writes on its support page, while the macOS High Sierra 10.13.2 Supplemental Update does the same for your Mac laptop or desktop. Installing this update on your Mac will also update Safari to version 11.0.2.

iMac Pro Teardown Highlights Modular RAM, CPU and SSD Along With Redesigned Internals ( 128

Popular repair site iFixit has acquired an iMac Pro and opened it up to see what's inside. They tore down the base iMac Pro with an 8-core processor, 32GB of RAM, and a 1TB SSD. Mac Rumors reports the findings: iFixit found that the RAM, CPU, and SSDs in the iMac Pro are modular and can potentially be replaced following purchase, but most of the key components "require a full disassembly to replace." Standard 27-inch iMacs have a small hatch in the back that allows easy access to the RAM for post-purchase upgrades, but that's missing in the iMac Pro. Apple has said that iMac Pro owners will need to get RAM replaced at an Apple Store or Apple Authorized Service Provider. iFixit says that compared to the 5K 27-inch iMac, replacing the RAM in the iMac Pro is indeed "a major undertaking."

Apple is using standard 288-pin DDR4 ECC RAM sticks with standard chips, which iFixit was able to upgrade using its own $2,000 RAM upgrade kit. A CPU upgrade is "theoretically possible," but because Apple uses a custom-made Intel chip, it's not clear if an upgrade is actually feasible. The same goes for the SSDs -- they're modular and removable, but custom made by Apple. Unlike the CPU, the GPU is BGA-soldered into place and cannot be removed. The internals of the iMac Pro are "totally different" from other iMacs, which is unsurprising as Apple said it introduced a new thermal design to accommodate the Xeon-W processors and Radeon Pro Vega GPUs built into the machines. The new thermal design includes an "enormous" dual-fan cooler, what iFixit says is a "ginormous heat sink," and a "big rear vent."
Overall, iFixit gave the iMac Pro a repairability score of 3/10 since it's difficult to open and tough to get to internal components that might need to be repaired or replaced.
Desktops (Apple)

Intel Memory Access Design Flaw Partially Addressed by Apple in macOS 10.13.2 [Unconfirmed] ( 49

An anonymous reader shares a report: A serious design flaw and security vulnerability discovered in Intel CPUs has reportedly already been partially addressed by Apple in the recent macOS 10.13.2 update, which was released to the public on December 6. According to developer Alex Ionescu, Apple introduced a fix in macOS 10.13.2, with additional tweaks set to be introduced in macOS 10.13.3, currently in beta testing. AppleInsider also says that it has heard from "multiple sources within Apple" that updates made in macOS 10.13.2 have mitigated "most" security concerns associated with the KPTI vulnerability. A Bloomberg reporter pointed out that Apple has not officially commented on the story.
Desktops (Apple)

The 'App' You Can't Trash: How SIP is Broken in Apple's High Sierra OS ( 164

A reader shares a blog post that talks about why Mac running High Sierra 10.13.2 (and other versions near it) refuses to let users uninstall some third-party applications easily. For instance, when users attempt to uninstall BlueStacks, an Android emulator, the Finder shows this warning: "The operation can't be completed because you don't have the necessary permission." The blog post looks into the subject: The moment that we see the word permission, all becomes clear: it's a permissions problem. So the next step is to select the offending item in the Finder, press Command-I to bring up the Get Info dialog, and change the permissions. It does, though, leave the slight puzzle as to why the Finder didn't simply prompt for authentication instead of cussedly refusing. Sure enough, after trying that, the app still won't go and the error message is unchanged. Another strange thing about this 'app' is that it's not an app at all. Tucked away in a mysterious folder, new to High Sierra, in /Library/StagedExtensions/Applications, its icon is defaced to indicate that the user can't even run it. Neither did the user install it there. Trying to remove it using a conventional Terminal command sudo rm -rf /Library/StagedExtensions/Applications/ also fails, with the report Operation not permitted.


Apple Will Replace Old iPhone Batteries Regardless of Diagnostic Test Results ( 191

After apologizing to customers for slowing older iPhones down as the batteries degrade, Apple has started offering battery swaps for $29. This has led to some confusion as Apple did not clarify how it qualified batteries as eligible for the discounted replacement, as the Apple Genius Bar uses a diagnostic test to check whether a battery can retain 80 percent of its original capacity at 500 complete charge cycles. According to Mac Rumors, Apple has confirmed that they will replace the battery if your iPhone 6 or later even if it passes a Genius Bar diagnostic test. From the report: Apple has since independently confirmed to MacRumors that it will agree to replace an eligible battery for a $29 fee, regardless of whether an official diagnostic test shows that it is still able to retain less than 80 percent of its original capacity. The concession appears to have been made to mollify the anger of customers stoked by headlines suggesting that Apple artificially slows down older iPhones to drive customers to upgrade to newer models. Anecdotal reports also suggest that customers who paid $79 to have their battery replaced before the new pricing came into effect on Saturday, December 30, will receive a refund from Apple upon request.

macOS Exploit Published on the Last Day of 2017 ( 62

An anonymous reader shares a report: On the last day of 2017, a security researcher going online by the pseudonym of Siguza published details about a macOS vulnerability affecting all Mac operating system versions released since 2002, and possibly earlier. Siguza did not notify Apple in advance, so at the time of writing, there is no fix for this flaw. Despite the doom and gloom, the vulnerability is only a local privilege escalation (LPE) flaw that can only be exploited with local access to a computer or after an attacker has already got a foothold on a machine. The vulnerability grants root access to an attacker. The issue affects the IOHIDFamily macOS kernel driver, a component that handles various types of user interactions. Siguza said he read about various flaws in this component and took a look at it to find new ways to compromise iOS, Apple's mobile operating system, where IOHIDFamily is also deployed. The expert says he found the LPE flaw in the IOHIDFamily code specific to macOS versions only. In a tweet, Siguza said, "My primary goal was to get the write-up out for people to read. I wouldn't sell to blackhats because I don't wanna help their cause. I would've submitted to Apple if their bug bounty included macOS, or if the vuln was remotely exploitable.
The Courts

Italian Clothing Company Defeats Apple, Wins the Right To Use Steve Jobs' Name ( 172

An Italian clothing company that uses the name "Steve Jobs" as its brand will be able to continue using the moniker after winning a multi-year legal battle, reports Italian site la Repubblica Napoli. Mac Rumors reports: Brothers Vincenzo and Giacomo Barbato named their clothing brand "Steve Jobs" in 2012 after learning that Apple had not trademarked his name. "We did our market research and we noticed that Apple, one of the best known companies in the world, never thought about registering its founder's brand, so we decided to do it," the two told la Repubblica Napoli. The Barbatos designed a logo that resembles Apple's own, choosing the letter "J" with a bite taken out of the side. Apple, of course, sued the two brothers for using Jobs' name and a logo that mimics the Apple logo. In 2014, the European Union's Intellectual Property Office ruled in favor of the Barbatos and rejected Apple's trademark opposition. While the outcome of the legal battle was decided in 2014, Vincenzo and Giacomo Barbato have been unable to discuss the case until now, as their claim on the brand was not settled until 2017. The two told la Repubblica Napoli that Apple went after the logo, something that may have been a mistake. The Intellectual Property Office decided that the "J" logo that appears bitten was not infringing on Apple's own designs as a letter is not edible and thus the cutout in the letter cannot be perceived as a bite. The report goes on to note that the company plans to produce electronic devices under the Steve Jobs brand.

Amazon Music Ending Cloud MP3 Storage, Streaming Option ( 107

Amazon is planning to retire its Music storage subscription service, the plan that enabled Amazon customers to upload their own music to the company's servers. From a report: Amazon Music Storage subscription plans, which let users upload music from their Mac or PC and stream them alongside the in-app on-demand and radio options, will be accepted until Jan. 15, 2018. Then, the service will run until January 2019, when it will be removed entirely. As of Monday this week, free plans -- which allow for 250 songs to be stored in the cloud -- are no longer able to upload new music to their MP3 locker.
Desktops (Apple)

Apple Plans Combined iPhone, iPad and Mac Apps To Create One User Experience ( 247

An anonymous reader shares a Bloomberg report: Apple's iPhone and iPad introduced a novel way of interacting with computers: via easy-to-use applications, accessible in the highly curated App Store. The same approach hasn't worked nearly as well on Apple's desktops and laptops. The Mac App Store is a ghost town of limited selection and rarely updated programs. Now Apple plans to change that by giving people a way to use a single set of apps that work equally well across its family of devices: iPhones, iPads and Macs. Starting as early as next year, software developers will be able to design a single application that works with a touchscreen or mouse and trackpad depending on whether it's running on the iPhone and iPad operating system or on Mac hardware, according to people familiar with the matter. Developers currently must design two different apps -- one for iOS, the operating system of Apple's mobile devices, and one for macOS, the system that runs Macs. With a single app for all machines, Mac, iPad and iPhone users will get new features and updates at the same time.

Maker of Sneaky Mac Adware Sends Security Researcher Cease-and-Desist Letters ( 87

Zack Whittaker, writing for ZDNet: The maker of a sneaky adware that hijacks a user's browser to serve ads is back with a new, more advanced version -- one that can gain root privileges and spy on the user's activities. News of the updated adware dropped Tuesday in a lengthy write-up by Amit Serper, principal security researcher at Cybereason. The adware, dubbed OSX.Pirrit, is still highly active, infecting tens of thousands of Macs, according to Serper, who has tracked the malware and its different versions for over a year. Serper's detailed write-up is well worth the read. [...] TargetingEdge sent cease-and-desist letters to try to prevent Serper from publishing his research. "We've received several letters over the past two weeks," Serper told ZDNet. "We decided to publish anyway because we're sick of shady 'adware' companies and their threats."

Ask Slashdot: What's the Best Way to Retrain Old IT Workers? 343

A medium-sized company just hired a new IT manager who wants advice from the Slashdot community about their two remaining IT "gofers": These people have literally been here their entire "careers" and are now near retirement. Quite honestly, they do not have any experience other than reinstalling Windows, binding something to the domain and the occasional driver installation -- and are more than willing to admit this. Given many people are now using Macs and most servers/workstations are running Linux, they have literally lost complete control over the company, with most of these machines sitting around completely unmanaged.

Firing these people is nearly impossible. (They have a lot of goodwill within other departments, and they have quite literally worked there for more than 60 years combined.) So I've been tasked with attempting to retrain these people in the next six months. Given they still have to do work (imaging computers and fixing basic issues), what are the best ways of retraining them into basic network, Windows, Mac, Linux, and "cloud" first-level help desk support?

Monster_user had some suggestions -- for example, "Don't overtrain. Select and target areas where they will be able to provide a strong impact." Any other good advice?

Leave your best answers in the comments. What's the best way to retrain old IT workers?

Slashdot Top Deals