News and Help The plan is to collate any news in this document. I’ll then archive the content to another document so we can still access it but we only need to access the same document for all the new news.

August 2020

Apple Updates, Improvements and Company News macOS Catalina 10.15.6 includes improvements to Apple News, a new option to optimise video streaming on HDR-compatible Mac notebooks for improved battery life, improvements to USB mouse and trackpad handling, and a fix for an issue that could cause the software update process to change the computer's name. 10.15.6 and the corresponding security updates for Mojave and High Sierra address a variety of serious vulnerabilities.

Safari 13.1.2 is part of Catalina 10.15.6 and is also available for Mojave and High Sierra. It addresses 11 security issues, some of which can be remotely exploited to execute arbitrary code. iOS 13.6 brings the much-heralded digital car keys feature (initially for very recently made BMWs, and including key sharing via Messages and a 'power reserve' allowing keys to be used up to five hours after the phone's battery runs out).

iOS 13.6 and iPadOS 13.6 include Apple News improvements (including audio news), a 'symptoms' category in the Health app, and various changes and fixes relating to software updates, iCloud Drive, Wi-Fi calling, and other features. The updates also address a total of 29 issues that could be variously exploited to execute arbitrary code, view sensitive information, and allow cross-site scripting, among others. watchOS 6.2.8 supports the digital car key feature on Series 5 or newer, and addresses various security issues and other bugs.

There is no indication at this stage that tvOS 13.4.8 delivers anything other than patches for security and other bugs. iOS 12.4.8 and watchOS 5.3.8 delivers unspecified bug and security fixes.

HomePod 13.4.8 delivers "general improvements for stability and quality."

A second developer beta of macOS Big Sur was released in early July. The public beta should be out by our August meeting. The second developer betas of iOS 15 and iPadOS 14 also appeared.

Universal binary support in Big Sur doesn’t just cover ARM and Intel CPUs – Apple has documented that ARM64, 32-bit PowerPC, 64-bit PowerPC, i386 and x86_64 code can be included in an app. Furthermore, each of these supports subtypes, so it’s possible to include code optimised for specific CPU models, just as fork TenFourFox does for G3, G4 and G5 PowerPC. iPhone, iPad or Apple Watch buyers now have the option of paying for AppleCare+ coverage month by month. Those who pay upfront can switch to monthly payments after their initial 24 or 36 months are over.

We previously mentioned Apple’s independent repair shop program for businesses that repair . It gives them access to genuine parts plus official tools and manuals. The program has now been extended to Europe and Canada. There’s no word of when it might reach Australia.

Branding valuation company BrandZ’s list of the world’s most valuable brands put Apple in second place for the fifth consecutive year. Apple’s brand was valued at $352.2 billion, behind Amazon’s $415.8 billion. The next eight places were taken by Microsoft, Google, Visa, Alibaba, , FaceBook, McDonald’s, and MasterCard.

According to industry analyst Gartner, Mac shipments increased by 5.1% year-on-year during the second quarter of 2020. Apple took an estimated 6.7% of the PC market, coming in fourth behind Lenovo, HP and Dell.

The iPhone 11 has gone into production at a Foxconn plant near Chennai, apparently primarily for sale in India. Apple reportedly plans to open an online Apple Store for India this quarter, to be followed by physical Apple Stores starting with Mumbai.

Bloomberg’s 2019 Pay Index says Apple CEO Tim Cook was the second-highest-paid CEO in the US. His $US133.7 million pay was mostly in the form of stock awards, as his base salary was ‘just’ $US3 million, with $US7.7 million in bonuses. Cook was way behind Tesla CEO Elon Musk, who ‘earned’ $US595.3 million.

Apple is reportedly increasing MacBook Pro production over the next few months to meet increased demand.

Apple has applied for a patent for a scheme for interacting with an electronic device through a mix of eye movements, blinks and stares, possibly in combination with other controls such as a touchpad or speech recognition.

Apple is being sued by headphone maker Koss, which claims AirPods and Beats wireless headphones infringe five patents on wireless headphones.

The European Commission’s General Court has annulled a 2016 ruling that said Apple had to pay €13 billion ($21 billion) in back taxes to the Republic of Ireland. Apple and Ireland took the case to the General Court, arguing that the Commission was wrong in determining the tax arrangement to be unfair. Apple’s shares rose 1.6% on the news, but one further appeal can be made by the EC.

Last November, Apple announced a $US2.5 billion affordable housing fund for California, made up from $US1 billion in affordable housing investments, $US1 billion in mortgage assistance for first-time buyers, and $US300 million worth of Apple-owned land. So far, this has involved a contribution to “the construction of over 1,000 new units of deeply-affordable and supportive housing for the community’s most vulnerable populations across Silicon Valley”, and “mortgage and down payment assistance to hundreds of first-time home buyers to date, with additional benefits for teachers, veterans, and firefighters.” Newly announced are a plan to build “more than 250 new units of affordable housing across the Bay Area, as well as a mortgage and down payment assistance fund and an affordable housing investment support program,” and “a new project in Santa Clara that will create 80 new units, designed for seniors who are currently homeless or at risk of falling into homelessness.” Apple announced it will be carbon-neutral by 2030. Its pledge covers itself and suppliers. Apple also unveiled Dave, a robot designed to extract precious metals from Apple devices.

Apple Future Developments

The new Tom Hanks movie Greyhound was so successful that Apple is reportedly planning to release a first-run movie each month on Apple TV+. (Stephen recommends Greyhound to anyone who doesn’t dislike war movies.)

Tipsters predict a September announcement for the iPhone 12, but with at least some models not shipping until October. They also predict a 13-inch MacBook Pro and a 24in iMac with ARM CPUs will ship by the end of the year. An ARM MacBook Air is tipped for late 2020/early 2021. The latest version is that Apple will unveil the iPhone 12, the Apple Watch 6 and a new iPad on 8 September, with updated Intel iMac configurations to be released any day now.

A purported Apple leaker claims the ARM MacBook and ARM MacBook Pro will cost around $US799 and $US1,099 respectively (that’s about $US200 less than their Intel equivalents), and will be announced on 27 October. The same source suggests the iPhone 12 models will be more expensive than their iPhone 11 equivalents. Previous tips suggested the prices would be similar to the iPhone 11.

The rumour mill suggests all four models of the iPhone 12 will support both the sub-6GHz and mmWave 5G networks, but 2021’s iPhone 13 will only support the band that’s most common in the country where it is sold. That could be an issue as international travel returns to its previous levels.

Looking further ahead, periscope lenses, which use mirrors to provide a much greater optical zoom without a corresponding increase in thickness, are tipped for the 2022 iPhones (iPhone 14?). Such lenses are already used in the Huawei's P30 Pro smartphone, released last year. Apple filed a related patent in 2016.

Regulatory filings made by Apple in various countries has revealed that iPhone 12 batteries will have capacities around 10% less than their iPhone 11 counterparts. 5G and 120Hz ProMotion displays are more power-hungry than 4G and previous iPhone displays, suggesting that iPhone 12 battery life may well be down on that of the iPhone 11. However, a later rumour says the A14 chip is being made with a 5-nanometer (5nm) process, and consequently will use up to 30% less power than its predecessor despite being up to 15% faster.

Apple has indicated that ARM-based Macs will support Thunderbolt via USB-C.

The graphics performance of ARM-based Macs could match or exceed that of Intel-based Macs with discrete GPUs, according to Apple. This is apparently due to the way the on-chip ARM GPU renders a small area of an image at a time (reducing the memory bandwidth needed) and by deciding which pixels are hidden before rendering the area.

Chipmaker TSMC is reportedly preparing 80 million A14 chips for the next-gen iPhone 12, and expects production of Apple’s ARM chips will grow significantly in the second half of 2021.

An iPad Pro with mini LED display is tipped for the first quarter of 2021. Such displays have high brightness and contrast ratios, and have a wider operating temperature range than other technologies.

The next AirPods are tipped to physically resemble AirPods Pro rather than the current AirPods.

Apple’s rumoured AR glasses are being tipped for early 2022 release, following a report claiming that their semi-transparent lenses have “passed the prototype stage and entered trial production”, supposedly at Foxconn. Rumours/leaks suggest they will include a for making phone calls and talking to Siri, an accelerometer for giving commands by moving your head, but not (at least in the first version) a camera.

There are vague rumours that Apple is developing an ARM-based games console. If they’re true, let’s hope it does better than the mid-90s PowerPC-based that was abandoned when returned to the company in 1997.

The Big Sur beta contains various references that some have interpreted as a signal that FaceID is coming to macOS.

Softbank is reportedly considering selling its Arm Holdings subsidiary, and there are suggestions that Apple might be a buyer. GPU maker Nvidia is also said to be interested. Historical note: Advanced RISC Machines formed Arm Holdings in 1990 as a joint venture with Apple, Acorn Computers (where the ARM design originated), and chipmaker VLSI Technology.

Software iWork (Numbers, Pages, Keynote) has been updated for macOS, iOS and iCloud. Changes include adding captions and titles to images, videos, shapes, and other objects; playing YouTube and Vimeo videos within documents; playing the presentation within a window (useful for Zoom); and (as foreshadowed last month) importing an Author book to work on it in Pages.

GarageBand has been updated. Version 10.3.5 for macOS delivers the usual unspecified bug fixes, while version 2.3.8 for iOS also adds support for external USB drives, Dark Mode, and the share sheet. iOS 13.5.1 users are reporting battery drain issues relating to Apple Music, even when the app is not actually in use. There’s no clear indication that iOS 13.6 fixes the issue.

The new H.266 VVC (Versatile Video Coding) codec approximately halves the size of video files or streams for a given quality. This is particularly important given the growing use of streaming UHD (4K) video, 360-degree video images, and screen-sharing. The first software will be released this coming spring, and chips supporting VVC are under development.

Another Facebook SDK stuff-up caused popular apps including Spotify, Pinterest, and Tinder to crash on iOS, even when users who aren’t Facebook users. The problem was fixed in a few hours.

Experience with the Big Sur developer beta suggests that you may need 50GB or more free space to install the new OS. And if you’ve only got just enough room for it, the first update may fail due to lack of space due to the way the Signed System Volume is secured and because the existing version of the operating system is kept as a snapshot.

A technology preview of VMware Fusion using macOS’s Hypervisor framework has been released. The change means it does not need kernel extensions, which have been deprecated. Parallels Desktop already uses the Hypervisor framework.

The free Enplug Art cloud app turns your Apple TV (or similar from other manufacturers) into a virtual art gallery “with curated works from LACMA, the Metropolitan Museum of Art, the Getty Museum and more.”

The QEMU emulation and virtualisation software potentially allows the use of Intel virtual machines on ARM Macs. macOS 11’s Rosetta 2 software will take care of running most Intel Mac applications, but not virtual machines.

The .js app (released via GitHub) emulates a 900 running Mac OS 8.1. Various games and demos are preinstalled, including Oregon Trail, Duke Nukem 3D, Civilization II, Alley 19 Bowling, Damage Incorporated, Dungeons & Dragons, Photoshop 3, Premiere 4, Illustrator 5.5, StuffIt Expander, and the Apple Web Page Construction Kit. The developer warns “it's not the best nor the most performant way to emulate an old Macintosh. It is, however, a quick and easy way to experience a bit of nostalgia if you're not trying to do anything serious with it.”

Germany’s Fraunhofer Institute (perhaps most famous for inventing the MP3, AAC and VVC codecs) investigated 127 home routers sold in Europe and concluded “There is no router without flaws. 46 routers did not get any security update within the last year. Many routers are affected by hundreds of known vulnerabilities. Exploit mitigation techniques are used rarely, which makes matters even worse. Some routers have easy crackable or even well known hard- coded passwords.” “AVM does a better job than the other vendors regarding most of the security aspects… ASUS and Netgear do a better job on some aspects than D-Link, Linksys, TP-Link and Zyxel.” AVM’s FritzBox routers are sold in Australia.

Microsoft has added background blurring to the iOS version of Skype, bringing it into line with desktop versions.

Fujitsu has updated ScanSnap Manager to V7, providing compatibility with Catalina. Currently supported scanners are the ScanSnap iX100, iX500, iX1500, S1100, S1100i, S1300, S1300i, S1500, S1500M and SV600.

Chrome 84 includes protection from “abusive notifications” by blocking notifications from untrustworthy sites.

The Catalina bug that prevented disk cloning software making bootable clones (until the developers created their own workarounds) has been fixed in macOS 10.15.6.

Important security updates have been released for Adobe Photoshop (critical), Adobe Bridge (critical), Adobe Download Manager (critical), Adobe Prelude (critical), Adobe Media Encoder (critical), Adobe Genuine Service, Adobe ColdFusion, Chrome (critical), Firefox (twice, one high priority), Microsoft Office (important), VMware Fusion, TenFourFox

Hardware

Apple hardware manufacturer Foxconn is reportedly investing $US1 billion in its facility in India, reportedly at Apple’s request. The expansion is expected to result in more iPhone models being built in India, for local and export sales.

There are reports of AirPods Pro developing a rattling noise that seems to be linked to noise cancellation. It is thought to be a hardware issue.

Thunderbolt 4 provides “a truly universal cable connectivity experience”, according to Intel. It “always” delivers 40Gbps speeds, with data, video and power flowing over a single connection. It complies with USB4, DisplayPort and PCI Express (PCIe), and is fully compatible with prior generations of Thunderbolt and USB products. Cables can be up to 2m long. Thunderbolt 4 certification requirements include: Video: Support for two 4K displays or one 8K display. Data: PCIe at 32 Gbps for storage speeds up to 3,000 MBps. Support for docks with up to four Thunderbolt 4 ports. PC charging on at least one computer port (for notebooks requiring less than 100W). Wake computer from sleep by touching a keyboard or mouse connected to a Thunderbolt dock. There are no optional features – a computer, accessory or cable is either Thunderbolt 4 or it isn’t. All computers, accessories and cables must be certified, and cable manufacturers will be audited for quality. Thunderbolt 4 cables will show the Thunderbolt logo accompanied by the digit 4 on the connectors. The first Thunderbolt 4 equipped computers and accessories should ship this year.

Samsung’s new 870 QVO SATA SSDs come in 1, 2, 4 and 8 TB versions.

Western Digital is shipping its Gold 16TB and 18TB CMR (conventional magnetic recording) drives, and is preparing to ship a 20TB Ultrastar SMR (shingled magnetic recording) drive. The Gold nine-platter drives are currently the highest capacity widely-available individual hard drives. (Somewhat like SSDs, SMR drives can’t write to a single sector at a time – a much larger ‘zone’ has to be rewritten in order to change the contents of a sector. This means more wear on the drive, and the drive’s controller has to do a lot more work to match the performance of a CMR drive.)

Developers seeking significant improvements in AI computers are returning to analogue computers. Think the Antikythera machine or Alan Turing's enigma decoding machine. These devices work very differently and may provide significant speed boost with the compromise of accuracy. Analogue computers are not good calculators.

Security/Privacy

Some Macs have been hit by the ThiefQuest ransomware, but security firm SentinelOne has released a free decryptor app. ThiefQuest has other malware functions, so it is essential to do a full cleanup as well as decrypting affected files. macOS’s XProtect has been updated to detect more variants of ThiefQuest.

The widely reported ‘hack’ of several prominent individuals’ and companies’ Twitter accounts as part of a Bitcoin scam is believed to have been carried out with the aid of someone inside the company. Affected accounts included Apple, Uber, Jeff Bezos, Joe Biden, Warren Buffett, Bill Gates, Elon Musk, Barack Obama and Kanye West. The scam invited people to send Bitcoin to an address on the promise that twice as much would be returned. If you believed that, you probably deserved to do your dosh.

Apple co-founder Steve Wozniak is suing YouTube for failing to promptly take down videos that used his name in Bitcoin scams similar to those on Twitter.

Security researchers discovered an unsecured shared by several VPNs that exposed millions, possibly more than 20 million users’ private data including email addresses, home addresses, clear text passwords and IP addresses. Affected services included UFO VPN, Fast VPN, Free VPN, Super VPN, Flash VPN, Secure VPN and Rabbit VPN. Two of those issued identical statements blaming COVID-19 for staff shortages that allowed firewall misconfigurations to go undetected. If the only thing between the data and the outside world was a firewall, you might question the competence of the people running these services.

German academic researchers have identified a new type of vulnerability in PDF readers. The approach is to trick someone into signing a document that contains multiple layers. A different layer can then be brought to the top, changing the visible content without breaking the signature. So someone might sign a subordinate’s leave request, but the document could be subsequently rearranged to show a purchase order. Or the destination of an authorised payment could be changed to a different account. The vulnerability is supposed to have been fixed in the latest versions, but affected Mac software includes Acrobat Reader, Acrobat Pro, Foxit Reader, Foxit PhantomPDF. At least 18 PDF programs for Windows are at least partly affected.

Researchers at Chinese company Tencent have identified a method for modifying the firmware in a fast charger via malware on a mobile device. If the modification ignores the normal negotiation between charger and device that determines the appropriate charging current, the charger can deliver more current than the device can handle, resulting in damage and possibly a fire. Of 35 chargers tested, at least showed this “BadPower” problem and 11 were vulnerable to a simple attack from a device that supports the fast charging protocol. The researchers advise against plugging basic 5v devices into fast chargers with a USB to USB-C cable.

Mozilla (the organisation behind Firefox) has announced a VPN service. Priced at $US4.99 a month, the VPN is now available on iOS (beta), Windows and Android, with support for macOS and Linux to follow. The WireGuard-based service is currently available in Canada, Malaysia, New Zealand, Singapore, the UK, and the US, with more to come. The VPN initially has servers in 30 countries. “We don’t log, track, or share any of your network activity. We adhere strictly to Mozilla’s Data Privacy Principles, and we only collect the most minimal data required to keep the VPN healthy and operational.”

Clearview AI (the company that has created a face recognition database by scraping social media and other sites) is the subject of a joint investigation by the Australian and UK governments. The company is also being investigated by the Canadian government.

We keep mentioning social video platform TikTok – the company’s first transparency report shows that the Indian government made the most (302) requests for information during the second half of 2019, followed by the US (107). The Australian government made two requests, neither of which were successful. Apparently the Chinese government made no requests, but then TikTok isn’t available in China – although parent company ByteDance’s similar Douyin app is.

We previously reported that several popular applications including TikTok were surreptitiously reading the iOS clipboard – a class action has been filed in California over LinkedIn’s (mis)use of this capability.

“Don't close your MacBook, MacBook Air, or MacBook Pro with a cover over the camera,” warns Apple. “If you close your Mac notebook with a camera cover installed, you might damage your display because the clearance between the display and keyboard is designed to very tight tolerances. Covering the built-in camera might also interfere with the ambient light sensor and prevent features like automatic brightness and True Tone from working.” If you must use a camera cover, Apple says it should be no more than 0.1mm thick – about the thickness of a sheet of paper.

Israeli security agency JSOF found 19 networking problems dubbed Ripple20 affecting millions of products including those from HP, Samsung, Philips and Intel. While cyber security company ESET found vulnerabilities in 3 smart home hubs. Devices impacted include baby monitors, smart door locks and smart lights. Attaches have increased with more people working from home and installing more smart devices.

Germany's Constitutional Court has ruled unconstitutional several regulations that allowed police access to data such as internet and mobile users' names and birth dates. While such access is permissible, either a concrete danger or an initial suspicion for criminal prosecution must exist. One of the complaints that led to the ruling involved the way investigators could access e-mail account passwords or the PIN numbers of mobile phones without gaining judicial approval.

General

You may have noticed your NBN connection is running faster. NBN Co is in the process of adding 15% to everyone’s speed, in line with an ACCC recommendation that users should be compensated for protocol overheads. Since these overheads consume less than 5% of the bandwidth, the result is that connections are faster – users on 50Mbps plans report seeing 53- 54Mbps as measured by Speedtest.net when they used to see around 48Mbps. The change is being rolled out progressively, and you may not see the full speed during peak times if your RSP hasn’t bought enough capacity at the POI (point of interconnection) that serves your premises.

K-pop fans are disrupting otherwise “legitimate” internet activity by occupying digital space. Predominantly impacting Twitter accounts, K-pop fans are flooding sites like Black Lives Matter, Trump re-election sites and police informer sites with their favourite fan videos and overwhelming the sites till they crash or other users simply give up.

Young American TikTok users are up in arms about White House threats to ban the social video app. The resulting anti-Trump campaigns include flooding app stores with negative reviews for the Official Trump 2020 app. The feeling seems to be that the threatened ban was motivated by the extent of the anti-Trump sentiment on TikTok, not any supposed national security issues.

Google will finance and build a private undersea fiber optic cable connecting Cornwall and New York. This is the first new Atlantic connection since 2003.