AMD announces upcoming Richland chips, boasts new features, no word as to whether they’ll find their way into Apple products

Posted by:
Date: Tuesday, March 12th, 2013, 08:50
Category: Hardware, News

amd_logo_27739

There’s no guarantee that they’ll be in the next MacBook Pro or MacBook Air that you buy, but there’s cool AMD stuff on the horizon.

Per Engadget, AMD has announced that it’s planning to release a fresh batch of low-power APUs just 11 months after Trinity. Known as “Richland”, this generation won’t be vastly different at the silicon level, as it’s built on the same 32nm process as Trinity, has the same number of transistors and offers very similar compute performance in terms of raw GFLOPs. However, there are some noteworthy upgrades in attendance, including a move to Radeon HD 8000M graphic processors, which are claimed to deliver a 20-40 percent increase in “visual performance” in higher-end models, plus power-saving tweaks that should provide over an hour of additional battery life while watching 720p video.

The top-end quad-core A10-5750M is claimed to beat a laptop Core i7 by over 50 percent in terms of 3DMark performance, and even a dual-core A6-5350M is said to have a 20 percent advantage. There’s no sign of any all-round computing benchmarks, however, or even real-world gaming frame rate comparisons, so it’ll be up to later benchmarking efforts somewhere down the line.

Richland should arrive in regular-shaped notebooks (with TDPs between 20 and 35 watts) starting next month, while ultra-thin notebooks (17 watts or less) and desktop parts should get here by the summer. By then, we’ll be a lot closer to the launch of AMD’s Kaveri APUs, which are to due to ship before the end of this year and should represent a more radical leap than Richland. And in the midst of all this, there’s also Intel’s upcoming Haswell architecture, which is set to debut sometime this year.

Stay tuned for additional details as they become available.

Security firm Skycure illustrates possible hacking attacks through iOS’ use of Provisioning Profiles

Posted by:
Date: Tuesday, March 12th, 2013, 07:41
Category: iOS, iPhone, News, security, Software

In the words of assorted security analysts, Apple may be setting itself up for a malware fall thanks to its Provisioning Profiles.

Per The Next Web, while iOS users have been relatively safe from malware on their devices, researchers from security company Skycure say they’re concerned about a feature of iOS that could be used by malicious actors to read information, passwords and even encrypted data from devices without customers knowledge. They’ve detailed the new vulnerability in a presentation at the Herzliya Conference and a company blog post.

It’s worth noting at the beginning that Skycure’s product, still in development, is a mobile firewall with a cloud component designed to secure devices against attacks just like these. This isn’t all that unusual, though, as many security firms like Sophos and Intego produce research reports along with consulting and security products.

Provisioning Profiles (mobileconfigs) are small files installed with a single tap on iOS devices. They essentially function as instruction lists which can alter many settings, including network configurations and they’re used by thousands of companies around the world including app developers, corporations with IT departments and more.

Their use is officially approved by Apple and there is nothing innately malicious about any given profile. But, if put to the right uses, they do open up the ability to read usernames and passwords right off of a screen, transmit data that would normally be secure (over HTTPS) to a malicious server where it can be read and a lot more.

In a demonstration, Skycure’s CTO Yair Amit and CEO Adi Sharabani sent the author to a website where a link was offered. A provisioning profile was presented, installed and led to a screen that looked a lot like a phishing attempt, which requires an action on the part of a user in order to infect or grant access to a hacker.

After the profile was installed, Sharabani demonstrated that he could not only read exactly which websites the author had visited, but also scrape keystrokes, searches and login data from apps like Facebook and LinkedIn. To be perfectly clear, this is not a vulnerability within iOS, instead it uses standardized frameworks to deliver a profile that has malicious intent.

iOS has typically been far more secure than other platforms because of its heavy use of curation on the App Store, but also because it has been built from the ground up to use sandboxing. This means that apps are cordoned off, unable to reach outside of their data box or to affect any other apps that have not given them explicit permission to do so.

Provisioning Profiles step outside of that protection and can do things like route all of a victim’s traffic through a third-party server, install root certificates allowing for interception and decryption of secure HTTPS traffic and more.

Sharabani provides a couple of scenarios by which people could be convinced to install what seems like a harmless provisioning profile, only to be a victim of a traffic re-routing attack:

- Victims browse to an attacker-controlled website, which promises them free access to popular movies and TV shows. In order to get the free access, “all they have to do” is to install an iOS profile that will “configure” their devices accordingly.

- Victims receive a mail that promises them a “better battery performance” or just “something cool to watch” upon installation.

The attacks, Sharabani stated, can be configured to use a VPN, APN proxy or a wireless proxy (WiFi), so just because you’re not on a WiFi network doesn’t mean that the profile can’t send your traffic to a third-party. This also means that (unlike a VPN, where there is an indicator in your status bar), you could also be affected by the hack without your knowledge. Of course, you would still have had to install a profile in the first place.

For the third attack scenario, Skycure came up with a list of cellular carriers that ask clients to install a special profile that configures their device to work with that network’s data servers. Of course, those sites could end up being compromised to deliver corrupted profiles, but it’s bound to be harder to do if it’s the carrier’s own servers doing the distribution.

As of now, no evidence has been found of a Provisioning Profile attack in the wild. And, to be extremely blunt once again, you are not at risk at all if you don’t install any profiles to your device, period. And if you have to, make sure that those profiles are from a trusted source and are verified. You should also only download and install profiles from ‘secure’ HTTPS links.

The disclosure of the issue, Sharabani says, is really about raising awareness, rather than starting a panic. While the attacks can be powerful and harmful, the Provisioning Profile attack, much like phishing, relies on user ignorance. Just as you wouldn’t type your password into a page provided as a random link, don’t install profiles from websites that you don’t know and avoid them completely if at all possible.

Because of the deep integration of Provisioning Profiles into the workflows of IT departments and other companies, it’s unlikely that they’ll be going away any time soon. So the best defense for now is knowledge and care.

Stay tuned for additional details as they become available.

Lawmakers drafting bipartisan bill that would allow for cell phone unlocking after contract terms have been met

Posted by:
Date: Tuesday, March 12th, 2013, 07:30
Category: iPhone, Legal, News

Well, maybe SOME aspects of the government sort of work.

Per AppleInsider, U.S. Senator Al Franken and members of the Senate Judiciary Committee have introduced bipartisan legislation that would allow users to legally unlock their smartphone once their contract subsidy has concluded.

The Democrat from Minnesota announced on Tuesday that the “Unlocking Consumer Choice and Wireless Competition Act” would restore an exemption to the Digital Millennium Copyright Act and allow users to unlock their cell phone once their contract expires.

Joining Franken were Judiciary Committee Chairman Sen. Patrick Leahy (D-Vt.), Judiciary Committee Ranking Member Sen. Chuck Grassley (R-Iowa), Sen. Orrin Hatch (R-Utah), and Sen. Mike Lee (R-Utah).

The senators defined the bill as a “narrow and common sense proposal” that they believe will promote competition and improve consumer choice.

The bill was prompted by a Library of Congress ruling made in late 2012 that determined cell phone unlocking would be removed as a legal exemption from the Digital Millennium Copyright Act. As of Jan. 26, 2013, unauthorized unlocking of all newly purchased phones became illegal. “This bipartisan legislation will quickly allow consumers to unlock their current phones instead of having to purchase a new one.” — Sen. Al Franken

“Right now, folks who decide to change cellphone carriers are frequently forced to buy a new phone or risk the possibility of criminal penalties, and that’s just not fair for consumers,” Franken said. “This bipartisan legislation will quickly allow consumers to unlock their current phones instead of having to purchase a new one. I support this commonsense solution to save consumers money.”

Last week, President Barack Obama’s administration also came out in support of legalizing the unlocking of cell phones and tablets. Their endorsement was given in response to a White House petition created by Sina Khanifar, which to date has received nearly 115,000 signatures.

Khanifar said he frequently travels from Europe to San Francisco, Calif. Those international trips have made cell phone locking not only a nuisance, but also a financial burden.

“Anyone who travels internationally, and most people do at some point, you won’t be able to take your cell phone with you,” he said. “Trying to use it with the existing roaming fees that carriers charge is almost impossible because they’re so exorbitant.”

The proposed Senate bill would alleviate those issues for consumers like Khanifar. A similar bipartisan bill is also expected to be introduced in the House of Representatives this week.

“It just makes sense that cell phone users should be able to do what they want with their phones after satisfying their initial service contract,” Hatch said. “This bill reinstates that ability, while also ensuring that copyrights are not violated.”

Stay tuned for additional details as they become available.

Early iPhone prototype photo gallery posted

Posted by:
Date: Monday, March 11th, 2013, 07:27
Category: Hardware, iPhone, Pictures

It may not be an exclusive picture of the next-gen iPhone, but it’s interesting to know where the iOS devices you love come from.

Per Ars Technica, a photo gallery has been released of a prototype of the original 2007 iPhone, complete with a 5″x7″ display and a variety of tacked-on ports that were used in testing.


iphoneprototype2

It’s sort of a Frankenstein mish mash of ports and parts, but it became the device that’s most likely sitting in your pocket right now.

And honestly pretty cool stuff to boot.

Some 15-inch MacBook Pro Retina users report fan issues, SanDisk SSDs could be part of problem

Posted by:
Date: Monday, March 11th, 2013, 07:29
Category: Hardware, MacBook Pro, News

Well, God invented firmware fixes for situations like these…

Per Geek.com, a number of complaints has emanated from owners of Apple’s 15-inch Retina MacBook Pro regarding overactive fans. The issue has been noted in our forums and is the subject of a lengthy thread in Apple’s discussion forums. From one report:

“My first instance of runaway fans was under the lightest of conditions, having only one browser open only a few tabs and a cool computer. The fact it was cold is what is so alarming. Out of nowhere the fans spun up to a roar, stayed there for a few minutes, then decelerated back down to idle. Every so often this happens, usually daily, and it’s horribly annoying on a high quality well engineered computer.
From the list of reports flowing in, users suspect that Apple’s recent shift to using SanDisk solid-state drives in the Retina MacBook Pro may have something to do with the issue, although it is likely a software issue rather than a hardware one.”

Apple support staff have offered mixed responses to the issue, with some customers receiving replacement machines while others have been assured that the behavior is normal. If the issue is indeed a software one as is suspected, Apple should be able to fix it relatively easily with an update pushed out to owners of the affected machines, but it is unclear whether Apple is working on a fix at this time.

Stay tuned for additional details as they become available and if you’ve seen this issue on your end, please let us know in the comments.

Mozilla VP confirms that Firefox won’t be ported to iOS until Apple relaxes web browser stipulations

Posted by:
Date: Monday, March 11th, 2013, 07:12
Category: News, Software

elfirefox

If you were hoping to see Firefox on your iOS browser, it might never happen.

Per CNET, Mozilla vice president Jay Sullivan was quoted as saying that Firefox will not be coming to iPads and iPhones until Apple decides to loosen the restrictions governing browsers iOS.

The comments, which came at a South by Southwest Interactive panel on Saturday. Sullivan says Apple’s current rules — which forbid browsers that do not use Apple’s version of WebKit — make it so that Firefox cannot build the browser it wants to for Apple’s platform.

In addition to the WebKit requirement, iOS prevents users from setting any non-Safari app as the default means of handling browsing. Apple’s Mobile Safari is the top mobile browser according to industry reports, with about 60 percent share of all mobile browser usage.

Mozilla pulled its Firefox Home app from Apple’s App Store in September of 2012. The company isn’t working on an iOS version of Firefox and, according to Sullivan, doesn’t have any plans to do so.

Another member of the panel, Dolphin Browser’s David Dehgahn, lamented Apple’s policy as inhibiting competition.

“Competition is critical to our survival,” Dehgahn said. Sullivan and Mike Taylor from Opera Software — which recently released a WebKit-based version of Opera for iOS — agreed, saying that giving consumers browser choice was necessary in order to move the mobile web forward. Users suffer, they said, under Apple’s closed system.

CNet’s report says that the panel’s moderator then performed a quick poll of the audience, asking how many of them were suffering being largely limited to Safari. Very few hands were raised.

Stay tuned for additional details as they become available.

AT&T cites support for unlocking handsets provided conditions are met

Posted by:
Date: Friday, March 8th, 2013, 13:17
Category: iPhone, News

attlogo

This might make things easier.

Per TechHive and AT&T’s company blog, in the wake of efforts being made by consumers, politicians and the the top librarian at the Library of Congress to permit unlocking your own mobile phone is a violation of the Digital Millennium Copyright Act (DMCA), AT&T has gone on the record to state that the company won’t impede these efforts and will assist where possible.

“I want to be completely clear that AT&T’s policy is to unlock our customers’ devices if they’ve met the terms of their service agreements and we have the unlock code,” vice president Joan Marsh wrote in a company blog posted Friday entitled “Bottom Line: We Unlock Our Customers’ Devices.”

“It’s a straightforward policy, and we aim to make the unlocking process as easy as possible,” she added.

Marsh explained that the company will unlock a customer’s phone as long as the carrier can obtain the unlock code for the device and the phone’s owner has had an active account with AT&T for at least 60 days, the account is in good standing, and there’s no unpaid balance on it.

“If the conditions are met, we will unlock up to five devices per account per year,” Marsh wrote.

AT&T will not unlock devices that have been reported stolen, though.

The carrier’s unlock policy is consistent with the one aired by the White House in a response to an electronic petition criticizing last year’s ruling that phone unlocking was illegal. That petition garnered more than 100,000 signatures.

“The White House agrees with the 114,000+ of you who believe that consumers should be able to unlock their cell phones without risking criminal or other penalties,” wrote R. David Edelmen, White House senior advisor for Internet, innovation and privacy, wrote in the Obama administration’s official response to the petition.

“[I]f you have paid for your mobile device, and aren’t bound by a service agreement or other obligation, you should be able to use it on another network,” he added.

“It’s common sense,” he continued, “crucial for protecting consumer choice, and important for ensuring we continue to have the vibrant, competitive wireless market that delivers innovative products and solid service to meet consumers’ needs.”

Stay tuned for additional details as they become available.

Apple patent explores loan, resale features for DRM-protected content

Posted by:
Date: Friday, March 8th, 2013, 08:19
Category: News, retail, Software

applelogo_silver

This could get fairly interesting, as well as get around some parts of DRM that, well, NOBODY likes.

Per AppleInsider and the United States Patent and Trademark Office, a recently published patent application details of an exhaustive Apple invention covering the resale and loan of owned digital content like e-books, music and movies, possibly portending an upcoming addition to iTunes.

The patent is outlined in three divisional applications, each titled “Managing access to digital content items,” with two filed in September of 2011, and one in June of 2012. From the most recent filing, Apple describes a system that manages the authorized transfer of owned digital content between end-users. The invention is basically a system that allows purchasers to sell or loan “used” content to other people.

Interestingly, Amazon was recently granted a patent for a nearly identical system, though the online retailer’s solution calls for a centralized marketplace while Apple’s is largely distributed. Amazon first filed for its property in 2009.

Apple’s filing provides for the authorized access to digital content, otherwise known as digital rights, to be transferred from one user to another. As an example, a first user may purchase an e-book from the iBookstore and later decide to sell that content to a second user. The original owner notifies the store that they want to sell the item, and if certain criteria are met, the user is allowed to transfer rights to the second buyer. Content itself may or may not change hands, but more importantly the rights attached to said content is managed so that the first user can no longer access the content once it is sold.

The invention decentralizes the process by taking the online store out of the equation:

“Alternatively, instead of a third party determining whether one or more criteria are satisfied, the first (or second) user’s device makes the determination and may be responsible for preventing the first user’s device from further consuming the digital content item. In some embodiments, the online store and/or the publisher of the digital content item may receive a portion of the proceeds of the transfer.”

It should be noted that the content need not reside permanently, or at all, on a user’s device, meaning the system can be cloud-based.

Key to the system’s operation is ownership history. As the “used” content is passed from one user to the next, a database is established so that the proper owner is allowed access to the item and can then choose to transfer those rights to yet another party.

Transferral of authorized access can be device-to-device through an intermediary like an online store, device-to-device without an intermediary, meaning verification must be established at a later time. In another embodiment, no device-to-device transfer is necessary.

Restrictions of transfer are a means to manage the flow of content between end users and can be set by the publisher. For example, a certain e-book may not be resold within a six month period and must have a resale price of at least US$5. The restrictions can be set on a timed basis, frequency of transfer, price and to whom the content is sold.

Proceeds are also discussed, with publishers or content makers sometimes granted rights to a portion of the resale value. These percentages are based on time and how many transfers have been completed for a particular item. Gifting is also supported, with proceeds for these transfers split between the end user and publisher.

Other embodiments deal with temporary transfers, partial transfers, delayed transfers and loans.

Eliza C. Block and Marcel Van Os are credited as inventors of all three applications, while E. Caroline F. Cranfill, Alan C. Cannistraro, William M. Bachman and Timothy B. Martin were added to the list for one of the 2011 filings.

Google Chrome updated to 25.0.1364.160

Posted by:
Date: Friday, March 8th, 2013, 07:52
Category: News, security, Software

google-chrome-logo

You can’t fault a company for regularly updating its software.

On Friday, Google released version 25.0.1364.160 of its Chrome web browser. The update, a 48.8 megabyte download, adds the following fixes and changes:

- [Fixed] High CVE-2013-0912: Type confusion in WebKit.

Google Chrome 25.0.1364.160 requires an Intel-based Mac with Mac OS X 10.6 or later to install and run. If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Mozilla releases Firefox 19.0.2 update

Posted by:
Date: Friday, March 8th, 2013, 07:33
Category: News, Software

elfirefox

Hey, an update’s an update.

On Friday, Mozilla.org released version 19.0.2 of its Firefox web browser. The new version, a 39.6 megabyte download and adds the following fixes and changes:

- Security-driven release: [Fixed] Use-after-free in HTML Editor.

Firefox 19.0.2 requires an Intel-based Mac running Mac OS X 10.6 or later to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.