Airtags bring objects into apple's 'where is?'-network'wo ist?'-netzwerk

Apple has introduced an in-house object tracker: The roughly mint-sized "AirTag" can be attached to a keychain or a bag, for example, and can thus help to find the items at any time – even if they should get lost on the road.

The AirTags use Bluetooth and ultra-wideband (UWB) technology and can be engraved for more personalization, including emojis, Apple said.

The AirTags are available in Apple’s "Where is?"-network and are to be integrated accordingly uber the "Where is?"-Let app be found pre-installed on iPhones and iPads. If an AirTag is lost, it sends out a signal via Bluetooth that virtually all iPhones and iPads listen for by default. According to the manufacturer, the network now comprises nearly 1 billion devices.

Against bruteforce: apple relies on improved secure enclave in iphone chips

Apple has quietly improved the key security element of its in-house chips: in new iPhones, iPads, Macs and Apple Watches released from fall 2020, the sealed-off coprocessor responsible for locking tasks is "Secure Enclave" will be combined with a secure storage component ("Secure Storage Component"), according to updated support documents from the manufacturer.

Counter Lockboxes against Bruteforce Attacks

As new protection technology comes in the second generation of the security chip now "Counter Lockboxes" to use, which keep the entropy value needed to decrypt password-protected user data, as the manufacturer explains in the so far English-only document on the security of Apple platforms. In order to access user data, the coupled Secure Enclave must derive the correct password value from the password set by the user and the Secure Enclave identifier (UID).

The user password could not be learned by unlocking attempts made by a unit other than the paired Secure Enclave, the document continued. If the limit for attempts to enter a password is exceeded (on the iPhone, ten attempts are usually possible to enter the correct device code), the protected data is automatically deleted.

Watchos 7.3 is more responsive, homepod os 14.4 interacts better

Apple rolled out several more updates to its operating systems on Tuesday night. After first iOS and iPadOS 14.4 were released, which provided several detail improvements and bug fixes, updates for Apple Watch, HomePod and Apple TV were also added.

watchOS 7.3 comes with a new watch face for Black History Month in the US, which has also been featured in a special edition of the computer watch. It is determined by the colors of the Pan-African flag and rough numbers, but it changes during the day and can be configured with further complications. The 1-channel ECG function, which has been working in Germany, the U.S. and other countries since the Apple Watch Series 4, is now finally available in Japan, the Philippines, Thailand and Mayotte. In these regions, there is also a notification in case of irregular heart rhythm.

News on the Apple Watch

Furthermore, the so-called Time-to-Walk feature has been integrated into Apple’s Fitness+ subscription service. This provides audio backgrounds of celebrities for walks, but is not yet available in this country. A fix is available for the Control Center and Notification Center, which sometimes became unresponsive when Zoom was enabled. In addition, at least one kernel security hole – which was also present in iPadOS and iOS – has been plugged, with Apple announcing that more disclosures are likely to come here.

Ipad: special rights for zoom app

Apple usually guards private APIs, whose use by external developers is not officially approved, heavily: For example, the company is said to have special tools in its App Store review, which inform the reviewer exactly about such occurrences. However, it seems that Apple also makes exceptions here. The company apparently also gives special rights to particularly popular apps from time to time.

Practical private API

This has now come to light in the course of a code investigation carried out by developer Jeremy Provost. The beneficiary of Apple’s special treatment is said to be the video chat provider Zoom. It is about the split view of the iPad, which is used for multitasking. Since Zoom gets access to a private iPad camera API, the tool can also access the camera when the iPad is in said multi-window mode. So the user can also access other apps while zooming, for example for notes. Something like this is otherwise only possible with Apple’s own FaceTime service.

The feature is implemented via so-called Entitlements. Developers have to apply for this from Apple for certain critical functions "" – such as access to the HomeKit network or iCloud. This is an open process. But besides these "public entitlements" there are also private. They are known for example from Apple’s CarPlay vehicle integration. But there is currently no process for the function used by Zoom. "com.apple.developer.avfoundation.multitasking-camera-access" is therefore reserved for selected developers – in this case apparently only Zoom alone. The video conferencing service confirmed to Provost that they had received approval from Apple.

Secure enclave in iphone allegedly 'unpatchable' cracked'unpatchbar' geknackt

According to reports from Asia, security researchers have managed to find flaws in Apple’s central security chip for iOS and iPadOS devices, the Secure Enclave, that cannot be patched by the manufacturer.

The security coprocessor has been installed since the iPhone 5s, and it has been on board the iPad since the fifth generation, the first-generation Air, the iPad mini 2 and the iPad Pro. The technology is also used in Apple TV devices, the HomePod and the T security chips of Macs. However, only devices with the SoCs A7 to A11 Bionic are affected, hardware from 2018 onwards – i.e. e.g. iPad mini 2 and iPad Pro – is affected.B. iPhone XS, XS Max and XR or even current iPad Pros – is not vulnerable.

Sensitive data in the coprocessor

The security chip is used to store sensitive information. These include hashes for biometric data – face for Face ID devices, fingerprint for Touch ID hardware – closure keys, and credit card-related info for Apple Pay. The Secure Enclave is sealed off from the operating system, so attackers usually can’t take it over.

Macos 10.15.6, watchos 6.2.8 and tvos 13.4.8 available

Owners of Mac, Apple Watch, Apple TV and HomePod should take a look at the software update of their device: In the night to Thursday, Apple has in addition to iOS 13.6 and iPadOS 13.6, Apple also distributed fresh updates for these products.

Bug fixes in macOS Catalina

How macOS Catalina now lands at version 10.15.6. This brings a new version of the Apple News app to the US, Canada, UK and Australia. It offers more local news in various US cities, along with appropriate curation and a daily newsletter from Apple News that can be personalized. Several bugs have also been fixed. It could happen that the computer name changed abruptly after installing a software update. A bug where USB mice and other peripherals with USB 2.0 had lost the connection, should also no longer occur.

Many security fixes

Security loopholes also plugged. Apple names a total of 17 areas here. Affected are among others the audio support, WLAN, CoreFoundation, graphic drivers, ImageIO, Mail, Messages, USB-Audio, open source tools like VIM and Heimdal as well as the kernel. Various bugs allow the export of malicious code or denial-of-service attacks, some are also remotely exploitable. Next to macOS 10.15.6 Apple also provides security updates for Mojave (Security Update 2020-004) and High Sierra (Security Update 2020-004). Safari browser now reaches version 13.1.2. It is used in macOS 10.15.6 and is available separately for Mojave and High Sierra. Here several WebKit leaks are fixed.

In brief: disinformation, apple event, vaccine

Fighting systematic manipulation on the net

European media regulators want to crack down on systematic manipulation of debates on the Internet. There is a need for measures against technical online manipulation as well as for a uniformity of definitions of disinformation, the Conference of Directors of the State Media Authorities in Germany and the Group of European Regulators for Audiovisual Media Services announced. "What we need are the tools to successfully prevent problems such as hate speech on the web or disinformation, rather than just reacting to them. Our most important goal is the protection of freedom of expression", said the European representative of the media institutions, Tobias Schmid.

briefly informed by our site – briefly informed 16.09.2020: Disinformation, Apple Event, Vaccine

Apple presents new products

At its event streamed online, Apple unveiled two new iPads. First, the favorable iPad 7 will be replaced by the arguably 40 percent faster iPad 8. Apple has also given the iPad Air 4 a radical redesign along the lines of the iPad Pro with an angular frame. A USB-C replaces the Lightning connector here. The Series 6 of the Apple Watch was also shown-as well as a new, more affordable entry-level model called the "Apple Watch SE" is conducted. The main innovation of the Series 6 is the ability to measure the oxygenation of the blood. In addition, Apple wants to strengthen its service business with a bundle offer: Under "Apple One" The Group is introducing three bundles, each comprising several subscription services.

Graphical interface: vulkan officially available for apple platforms

Khronos Group has released an update to the Vulkan Software Development Kit (SDK) that officially covers Apple’s platforms. It is based on Vulkan Portability and also covers Apple Silicon. This allows developers to write cross-platform applications on Vulkan instead of implementing them natively for Apple’s own Metal graphics architecture. Vulkan applications also run on Apple Silicon via Universal Binaries.

The volcano is on metal

In September 2020, Khronos Group had released the Vulkan Portability Extension 1.0, which allows Vulkan SDK calls on hardware platforms other than those natively supported. The focus was mainly on the implementation on macOS, iOS and tvOS, since Apple does not allow Vulkan drivers for its own operating systems.

The MoltenVK open source project is a central building block of the portability layer. It provides an implementation of Vulkan 1.1 for Apple Metal and thus allows the development on Vulkan and the export on Metal. There is also the open source library gfx-portability, which provides portability via the abstraction layer gfx-hal.

Apple maps: camera trucks on the road throughout germany

Apple is sending its camera cars through Germany again: From June to September 2020, the vehicles will be "Vermengsfahrten" and "image capture" as explained by the iPhone company. The cars are to be on the road in the thirteen federal states as well as Berlin, Bremen and Hamburg, it is further said. According to the information, only shots from vehicles are planned, capturing images with "portable systems", for example in traffic zones, do not seem to be planned for Germany at present.

Apple camera cars in all states

Apple maps: camera trucks on the road throughout germany

A camera car from Apple takes pictures for the map service Look Around ("Look Around").

Apple seems to be planning to cover all major cities and all districts of the individual German states with its fleet of vehicles, as can be seen from a detailed overview. For the time being, it remains unclear how many camera vehicles will be used and how comprehensively the German road network will be mapped.

Last year, Apple was already on the road in Germany with a good 80 cars, as well as in other European countries. In addition to cameras, the vehicles were again equipped with various sensors, including light detection and ranging sensors (lidar), which can record the environment in three dimensions.

Security researchers demand more protection for iphone data

Apple and app developers don’t make enough use of the security features available in iOS. Renowned IT security experts at Johns Hopkins University are convinced of this. According to the US magazine Wired They criticized the current procedure, in some cases sharply. He was "really shocked", said crypto expert Matthew Green, because he had thought that these devices would protect "protect user data well". He wondered why there was a need for the much-demanded backdoors for law enforcement.

Gradations in security

Specifically, Green and his colleague Maximilian Zinkus, who specializes in iOS security, are concerned with the fact that hierarchical locking is simply not used in broad strokes. When an iPhone boots up, it is initially in what is called "Complete Protection"-mode before the user unlocks it. Then the unlocking takes place.

Problem Quick Access

After that a large part of the data of the system and apps ends up in the area "Protected Until First User Authentication" (protected until first user authentication). This state is less secure, according to the Johns Hopkins researchers, because the keys necessary for decoding the device data automatically move to the quick-access memory area. This is to allow applications to have faster access.