Apple changes iOS SDK rules to accept Lua but restrict Flash

Posted by:
Date: Monday, June 14th, 2010, 05:01
Category: iPhone, News, Software

applelogo_silver

Something about this reminds me of when the cool kids wanted to keep the nerds out of the clubhouse, if only on principle.

According to AppleOutsider, Apple has changed its iOS SDK rules for iPhone developers have relaxed the restriction of section 3.3.2 pertaining to interpreted code, enabling Apple to forbid Flash and other middleware platforms while still enabling popular game engines and libraries.

When the 3.3.2 rules were first published, the restriction stated that iOS apps must be originally written in Objective-C, C, C++ or JavaScript, and that “no interpreted code may be downloaded or used in an Application except for code that is interpreted and run by Apple’s Documented APIs and built-in interpreter(s).”

Apple’s goal seemed to be limited to stopping third parties from shifting iPhone developers from using Apple’s own Xcode development tools and instead making them dependent upon their own middleware meta-platforms.

The most obvious example of this was Adobe’s efforts to turn its Flash Professional CS5 application into a product that could export iPhone apps, facilitating cross platform development centered on Flash as a platform rather than Apple’s own Cocoa Touch.

Apple’s 3.3.2 restriction made it clear the company would refuse to sell such apps in its iTunes Store.

Strangely enough, the wording of the restriction appeared to also target any iOS apps that might include any interpreted code, including a large number of games that make use of general purpose, reusable code engines or libraries to expedite development.

Adobe has argued that any iOS restrictions on development with its Flash tools would also halt the use of popular game engines or libraries such as Unity 3D and Lua. Such a situation would imperil many popular iPhone games that Apple has already approved (and often singled out for targeted promotion), including Tap Tap Revenge and Rolando.

The latest modifications to the 3.3.2 section indicate Apple won’t be forced to dump popular, existing titles just to block middleware meta-platforms as a threat to iOS development. The most recent wording of the iOS SDK, published by Matt Drance of Apple Outsider, articulates an additional option Apple can invoke when choosing to approve apps:

“Notwithstanding the foregoing, with Apple’s prior written consent, an Application may use embedded interpreted code in a limited way if such use is solely for providing minor features or functionality that are consistent with the intended and advertised purpose of the Application.”

Drance notes, “these new terms seem to acknowledge that there’s a difference between an app that happens to have non-compiled code, and a meta-platform.”

Apple shows signs of implementing TRIM features in latest 13″ MacBook Pro notebook

Posted by:
Date: Monday, June 14th, 2010, 04:12
Category: hard drive, MacBook Pro, News

This is sort of unexpected but interesting.

Per AnandTech, the current-run 13″ MacBook Pro notebook may be showing that Apple is implementing TRIM support for solid-state drives in Mac OS X. Attaching an SSD to the 2010 system will show an entry for “TRIM support” that doesn’t exist on the Core i5 or i7 MacBook Pros or earlier models. The support appears very rough and incorrectly flags TRIM-capable drives as lacking support.

TRIM is considered important to the future of SSDs, as it will keep them running at peak speed for most of their useful lifespan. Older SSDs often slow down over time as more of the drive space is used and the system has to erase more and more junk data, such as deleted but not missing files, before it can write new information. TRIM aggressively erases these areas so that they’re truly empty in advance of when new content needs to be written.

Microsoft’s Windows 7 and Windows Server 2008 operating systems currently support TRIM, but Apple so far hasn’t had native support and has seen less benefit from faster SSDs as a result. Adding the feature would let Macs use the full features of modern SSDs and could lead to significant storage updates for the for any Mac offering SSDs as a build-to-order option.

Stay tuned for additional details as they become available.

FBI to investigate AT&T/iPad security breach

Posted by:
Date: Friday, June 11th, 2010, 09:33
Category: iPad, News

When embarrassingly hacked, call the FBI.

Per Reuters, the Federal Bureau of Investigation said Thursday that it has begun a probe into an AT&T security breach that exposed the email address of over 100,000 registered iPad owners.

“The FBI is aware of these possible computer intrusions and has opened an investigation to address the potential cyber threat,” FBI spokesman Jason Pack said.

The move comes one day after AT&T acknowledged that a security flaw on its website made it possible for hackers to query its database and uncover the email addresses of customers who had registered to use its mobile broadband service on their iPhone 3G.

“This issue was escalated to the highest levels of the company and was corrected by Tuesday,” the carrier said. “We are continuing to investigate and will inform all customers whose e-mail addresses may have been obtained.”

The attack on AT&T’s web servers resulted in at least 114,000 iPad 3G users’ emails being leaked to Goatse Security hackers when batches of iPad ICC-IDs were entered via specially formatted HTTP requests.

The group automated requests of the email address information for a wide swath of ICC-ID serial numbers using a script. Although the exploit revealed the addresses of several prominent government and corporate officials, no other information was revealed as part of the breach.

A representative for Goatse Security stated that it ‘hasn’t heard from law enforcement and that it didn’t do anything illegal, so doesn’t see why it would.’

Stay tuned for additional details as they become available.

AT&T reveals customer protection plan for recent iPhone 3GS buyers

Posted by:
Date: Friday, June 11th, 2010, 08:42
Category: iPhone, News

3gs.jpg

For those of you who recently snagged an iPhone 3GS at the old price of US$199 for the 16GB model or US$299 for the 32GB model (the two models having been lowered to US$149 and US$199, respectively with a US$99 8GB model being the last to go), AT&T is said to be offering a “one-time Customer Price Protection” plan, giving credit for the difference.

Per modmyi.com, customers who purchased a 3GS between May 7th and the 14th are said to have until June 14th to visit their AT&T store and claim US$50 off the cost of a 16GB phone, or $100 off of a 32GB model. For those who made a purchase between May 15th and June 7th, a 30-day window should be in effect. Alternately, customers within either timeframe (including buyers of the iPhone 3G) can go without a discount and trade in towards an iPhone 4.

A new flyer reveals that AT&T plans to open its retail locations at 7AM on June 24th iPhone 4 launch. Some restrictions apply, namely that new AT&T customers will only be able to buy one phone and activate one line on that day. Existing subscribers will be able to buy one phone per active number.

Stay tuned for additional details as they become available.

Adobe releases Flash Player 10.1.53.64

Posted by:
Date: Friday, June 11th, 2010, 03:52
Category: News, Software

adobelogo

Late Thursday, Adobe officially released Flash Player 10.1.53.64, the newest version of its multimedia software for Mac OS X. The new version, a 7.4 megabyte download, offers a slew of security fixes detailed here with full (and extensive) release note changes documented here.

The new version is available for free and requires Mac OS X 10.5 or later to install and run.

QuickerTek releases Apple Juicz external battery for iPad

Posted by:
Date: Thursday, June 10th, 2010, 10:31
Category: Accessory, iPad, News

Accessory maker QuickerTek has announced a new line of external batteries via its
Apple Juicz for iPad. The unit, a 9400mAh lithium polymer battery is claimed to be rated for over 2000 charge cycles with the web site claiming that the battery pack adds an additional 20 hours of usage time for the iPad with each charge.

The pack features advanced safety circuitry with failsafe protection, temperature and charge/discharge controls and automatic cell balancing. Per iPodNN, the Apple Juicz can fully recharge an iPad in three hours, while a second USB port can charge a second device such as an iPhone or iPod touch. It can power any USB-chargeable device, but has special circuitry guaranteeing compatibility with Apple’s range of products.

The battery is housed in a machined aluminum case with an anodized finish. The design also integrates a 10-LED gauge that allows users to quickly view the remaining battery power.

The Juicz for iPad is now shipping for US$250 and includes a year’s warranty with parts and labor.

AT&T web site hacked, iPad 3G user emails leaked

Posted by:
Date: Thursday, June 10th, 2010, 04:23
Category: Hack, iPad, iPhone, News

attlogo

A good hack can be seen in one of two ways:

1. It keeps a company on its toes and aware of what might come at it.

2. It’s less-than-wonderful news that makes you wonder how your information was exploited and makes a lot of people slam their heads against their desks in frustration.

Per Gawker, a group of black hat hackers have exploited a security flaw on AT&T’s web servers which enabled them to obtain email addresses from the SIM card addresses of iPad 3G users.

The breach described the event as “another embarrassment” for Apple and outlined a variety of high profile individuals whose email addresses were obtained by automated script attacks on AT&T’s web server based on their iPad 3G SIM addresses (ICC ID).

The publication claimed that the identifying information meant that thousands of iPad 3G users “could be vulnerable to spam marketing and malicious hacking,” while also pointing out that many users have actually already published their iPad ICC ID numbers in Flickr photos. Presumably, many of them also have public email addresses and therefore already receive spam like the rest of us.

The attack on AT&T’s web servers resulted in at least 114,000 iPad 3G users’ emails being leaked to the hackers, who were coy as to whether they were planning to enable others to access the data. The security leak, which returned a user’s email address when their ICC-ID was entered via a specially formatted HTTP request, has since been patched.

The group automated requests of the email address information for a wide swath of ICC-ID serial numbers using a script. No other information was discovered.

The report suggested that having known ICC IDs would leave iPad 3G users vulnerable to remote attacks, citing the attackers involved in the security breach as claiming that “recent holes discovered in the GSM cell phone standard mean that it might be possible to spoof a device on the network or even intercept traffic using the ICC ID.”

In its report, Gawker cited telephony security experts who disputed that the ICC ID email breach was a serious issue. “Vulnerabilities in GSM crypto discovered over the years, none of them involve the ICC ID […] as far as I know, there are no vulnerability or exploit methods involving the ICC ID, ” said Emmanuel Gadaix, a mobile security consultant.

The report also noted that Karsten Nohl, a “white hat GSM hacker and University of Virginia computer science PhD,” informed them “that while text-message and voice security in mobile phones is weak,” the “data connections are typically well encrypted […] the disclosure of the ICC-ID has no direct security consequences.”

At the same time, Nohl described AT&T’s lapse in publishing the email information as grossly incompetent, saying, “it’s horrendous how customer data, specifically e-mail addresses, are negligently leaked by a large telco provider.”

On Wednesday, AT&T issued the following statement regarding the breach:
“This issue was escalated to the highest levels of the company and was corrected by Tuesday. We are continuing to investigate and will inform all customers whose e-mail addresses… may have been obtained.”

Either way, be careful out there, beware the spam and the phishing efforts that never seem to let up and if an e-mail is offering something that seems too good to be true, it probably is.

Google Chrome 5.0.375.70 out the door

Posted by:
Date: Thursday, June 10th, 2010, 04:50
Category: News, Software

google-chrome-logo

Google Chrome, Google’s new web browser, just reached version 5.0.375.70 for the Mac. The new version, an 25.2 megabyte download, offers the following the following changes:

- Medium: Cross-origin keystroke redirection. Credit to Michal Zalewski of Google Security Team.

- High Cross-origin bypass in DOM methods. Credit to Sergey Glazunov.

- High: Memory error in table layout. Credit to wushi of team509.

- High: Linux sandbox escape. Credit to Mark Dowd under contract to Google Chrome Security Team.

- High: Bitmap stale pointer. Credit to Mark Dowd under contract to Google Chrome Security Team.

- High: Memory corruption in DOM node normalization. Credit to Mark Dowd under contract to Google Chrome Security Team.

- High: Memory corruption in text transforms. Credit to wushi of team509.

- Medium: XSS in inner HTML property of text area. Credit to sirdarckcat of Google Security Team.

- High: Memory corruption in font handling. Credit: Apple.

- High: Geolocation events fire after document deletion. Credit to Google Chrome Security Team (Justin Schuh).

- High: Memory corruption in rendering of list markers. Credit: Apple.

Google Chrome requires Mac OS X 10.5 or later and an Intel-based Mac to install and run.

If you’ve played with it and have an opinion, let us know what you think in the comments.

How-To: Work around Safari 5.0 launch crashes

Posted by:
Date: Wednesday, June 9th, 2010, 05:39
Category: How-To, News

safarilogo.jpg

Since installing Safari 5.0 on Monday, my Macs have yet to catch fire and the basset hound has yet to start waltzing across the living room carpet with my cat.

This may not be the case for everyone.

Per CNET, after installing version 5.0 of the Safari browser, a few users are reporting the program crashes whenever they try to open it. Even after trying some general troubleshooting steps the browser still crashes, which could mean something small has been overlooked, but also could mean there was a problem with the installation.

The cool cats over there have offered the following advice:

“To start the troubleshooting, first determine if the problem is account-specific by either going to another existing account, but also by creating a fresh user account to try. Even if other existing accounts have similar problems, using a fresh one will ensure no modifications have been made.

If the problem only happens in one or a few accounts, then it is likely the problem is because of a faulty setting or plug-in that resides in the local account. As a first step, try removing Safari’s preferences, which are located in the /username/Library/Utilities/ folder and are called “com.apple.Safari.plist.” Remove that file from its folder and try relaunching Safari.

You might also try clearing your Web caches, which can be done with Safari using the “Reset Safari” feature if you manage to get it open; however, if not then you can use a cache cleaning program like OnyX or Snow Leopard Cache Cleaner to remove the browser caches.

If this does not clear the problem, next try launching Safari without plugins enabled. To do this, go to the Safari preference file mentioned above and open it with a text editor. Locate the “WebKitPluginsEnabled” key and change it from “true” to “false” so it looks like the following:
WebKitPluginsEnabled

This should prevent Safari from loading plugins, so save the file and relaunch Safari to test it out. This setting can be set in the “Security” section of the Safari preferences; however, if the program will not launch then this is an alternative way to disable the plugins.

While disabling the plugins should keep Safari launching in a bare state, you can also try removing plugins manually. These are located in the following folders, so move all of them from these folders to another location and try relaunching the program.

/Library/Internet Plug-Ins/
/username/Library/Internet Plug-Ins/

If the program launches after doing this, then test each plugin (or small groups of plugins) by moving them back one by one and relaunching the browser each time.

Lastly, with plugins removed from the global library, try booting into Safe Mode and launching Safari from a fresh user account. If this still does not work, then download and reinstall Safari again, especially if you used Software Update to apply the previous update. A faulty installation can sometimes be remedied by reinstalling the program without using updaters (similar to reapplying a system “Combo” updater when OS updates cause bizarre problems. Before doing this you might consider running general maintenance procedures on your system and install it when booted into Safe Mode to ensure minimal interference from other system processes.”

If you’ve seen this issue on your end or have found a fix or workaround of your own, please let us know.

Adobe releases Photoshop Lightroom 3 for Mac OS X, Windows

Posted by:
Date: Wednesday, June 9th, 2010, 05:34
Category: News, Software

lightroomicon.jpg

On Tuesday, software giant Adobe announce the release of Photoshop Lightroom 3 for Mac OS X and Windows. Per AppleInsider, the new version includes bells and whistles such as support for DSLR video files and tethering shooting on selected cameras.

Adobe Photoshop Lightroom 3 boasts a performance architecture that Adobe said better handles growing image libraries and provides a superior raw processing engine with noise reduction and sharpening tools. The new 64-bit capable software also has new features to optimize workflows.

Adobe said Lightroom 3 was rebuilt to be fast and responsive, and the new application provides a fluid experience for photographers. Images are said to load almost instantaneously, and importing of images has been redesigned to be more intuitive, with added previews and default selections that give users quick access to sort through and find images.

Lightroom 3 also allows users to import and manage DSLR video files, as well as take advantage of tethered shooting for select Nikon and Canon cameras. It also has a new set of photographic tools for features like Luminance and Color Noise Reduction, which are said to help produce a clearer picture from high ISO or underexposed images while still preserving details.

The latest version also adds the highly requested Automatic Lens Correction feature, which improves results by allowing users to apply profiles that correct for undesirable geometric distortions, chromatic aberrations and lens vignette effects that most lenses introduce to the image.

There’s also a new straighten tool, allowing users to perfect vertical vertical and horizontal perspective, additional presets for applying more photographic adjustment styles, three new contemporary vignette styles, and a grain effect to add a more natural look with images.

Output options in Lightroom 3 have also been expanded, with new capabilities to publish collections to online sharing sites (for example, Flickr users can sync accounts to Lightroom with one click, and integration with other websites can be added through third-party plugins).

Lightroom 3 also has customizable print layouts which provide more refined control over how photographers present final images, and new watermarking features with options to modify text, size, location and style. Users can also export polished slideshows as video files with the option to add audio and title screens.

Photoshop Lightroom 3 is now for both Windows and Mac on the Adobe store and retails for US$299 for new users, and US$99 to upgrade. The app requires Mac OS X 10.5 or later and an Intel-based processor to run on the Mac end or Windows XP with Service Pack 3 or later on the PC end.