Andrew Orr's photo

Andrew Orr

Since 2015 Andrew has been writing about Apple, privacy, security, and at one point even Android. You can find him most places online under the username @andrewornot.

Get In Touch:

Articles by Andrew Orr

Link

We're Still Waiting for Sign In with Apple to Take Off

Andrew Orr ·

Sign In with Apple is a private, convenient way for Apple customers to create accounts with apps and websites. But so far only a smaller number of developers have implemented it. Apple says that if apps include other single sign-on options like Facebook and Google, they have to include Sign In with Apple. April 2020 is the deadline and it can’t come soon enough.

While other companies such as Facebook and Google already offer their own sign in buttons, those options allow app makers to access more of users’ personal information…By comparison, Sign in with Apple only shares your name and an email address with the app maker, and using your real email address is optional.

Link

Amazon Ring Surveillance Cameras Leak Customer Data

Andrew Orr ·

Romanian security company Bitdefender found that Amazon Ring doorbell cameras were leaking customer data like Wi-Fi credentials.

Bitdefender researchers have discovered an issue in Amazon’s Ring Video Doorbell Pro IoT device that allows an attacker physically near the device to intercept the owner’s Wi-Fi network credentials and possibly mount a larger attack against the household network.

At the moment of publishing this paper, all Ring Doorbell Pro cameras have received a security update that fixes the issue described herein.

You can view the whitepaper [PDF] here.

Link

This Website is Hosted on a Macintosh Color Classic II

Andrew Orr ·

This cool website is being hosted on a Macintosh Color Classic II at 33MHz. This Mac was sold from 1993 to 1995.

This website was formerly hosted on a Macinosh SE/30 – the SE/30 is a 16MHz computer built in 1989. Mine shipped with 2 megabytes of RAM, a floppy drive, and an 80-meg internal SCSI (“Scuzzy”) hard drive. It has recently been upgraded with a custom 32-bit ROM, 68 megabytes of RAM, and a 4,000-megabyte Solid-State Drive. She may not look like much, but she’s got it where it counts, kid. I’ve made a lot of special modifications myself.

A neat look back in time. Sign the guestbook while you’re there. The creator shared some info about it on Reddit.

Link

Two Twitter Employees Charged With Spying for Saudi Arabia

Andrew Orr ·

A complaint unsealed in the U.S. District Court in San Francisco revealed that two Twitter employees have been charged with spying for Saudi Arabia.

The complaint also alleged that the employees — whose jobs did not require access to Twitter users’ private information — were rewarded with a designer watch and tens of thousands of dollars funneled into secret bank accounts. Ahmad Abouammo, a U.S. citizen, and Ali Alzabarah, a Saudi citizen, were charged with acting as agents of Saudi Arabia without registering with the U.S. government.

I wonder if this is a separate incident from Saudi’s Twitter mole.

Link

Chirp Books Gives You Limited-Time Deals on Audiobooks

Andrew Orr ·

For several years now I’ve been using a wonderful service called BookBub. It sends you alerts when ebooks go on sale. You pick the genres you’re interested in and you’ll get an email or notification every day. Literally about five minutes ago I got an email from them about another service they have called Chirp. It gives you the same deals except for audiobooks.

To thank you for being a BookBub member, I want to invite you to be one of the first to access our new platform for audiobook deals, Chirp! Chirp offers audiobooks selected by the same BookBub editors you trust at up to 95% off.

I love listening to audiobooks on my daily commute, while cleaning up around the house, and even while exercising. With Chirp I can binge audiobooks and discover new authors without breaking the bank.

The best part is that there’s no subscription fee or commitment, and new deals are added daily!

Link

Leaked Internal Facebook Documents Reveal Disturbing Information

Andrew Orr ·

Today a trove of 4,000 internal Facebook documents reveal how the social media giant profits off user data and battles rivals.

Here are some of the key revelations from the document dump, including from reports published from earlier leaks:

Facebook wielded its control over user data to hobble rivals like YouTube, Twitter, and Amazon.

Facebook executives quietly planned a data-policy “switcharoo.”

Facebook considered charging companies to access user data.

Facebook whitelisted certain companies to allow them more extensive access to user data, even after it locked down its developer platform throughout 2014 and 2015.

Facebook planned to spy on the locations of Android users.

The PDF can be found here but currently it’s taking forever to load. Grab it while it’s hot.

Link

Veterans can Save $40 on Amazon Prime This Year

Andrew Orr ·

Amazon is giving veterans a discount for its Prime subscription service. The price is normally US$119 but veterans can get it for US$79.

A couple of restrictions to note before jumping on the deal: you can’t take advantage of the discount if you’re already a Prime Student subscriber. Additionally, it’s not possible to use Amazon and partner rewards points to make the subscription even cheaper.

Link

Facebook Says 100 App Developers Improperly Accessed Data From Groups

Andrew Orr ·

In another case of Facebook letting app developers access whatever data they want, 100 of them improperly accessed data from Groups despite Facebook claiming it restricted that access.

Today we are also reaching out to roughly 100 partners who may have accessed this information since we announced restrictions to the Groups API, although it’s likely that the number that actually did is smaller and decreased over time.

100 app developers you say? Why would 100,000 app developers do such a thing?

Link

Google's OpenTitan aims to Create an Open Source Secure Enclave

Andrew Orr ·

Google wants Android phones to have a Secure Enclave chip like iPhones. Its OpenTitan project aims to help design an open source one.

OpenTitan is loosely based on a proprietary root-of-trust chip that Google uses in its Pixel 3 and 4 phones. But OpenTitan is its own chip architecture and extensive set of schematics developed by engineers at lowRISC, along with partners at ETH Zurich, G+D Mobile Security, Nuvoton Technology, Western Digital, and, of course, Google.

The consortium will use community feedback and contributions to develop and improve the industry-grade chip design, while lowRISC will manage the project and keep suggestions and proposed changes from going live haphazardly.

You can view the OpenTitan Github repo here, but it’s not fully fleshed out yet.

Link

App Sale: Right Now Affinity Photo is just $9.99

Andrew Orr ·

Adobe recently released Photoshop on the iPad. If you’re not happy with it you might like to look at an alternative called Affinity Photo. Right now it’s 50% off at US$9.99, whereas after a 30-day trial Photoshop is US$9.99/mo.

Photo for iPad offers an incredibly fast, powerful and immersive experience whether you are at home, in the studio, or on the move. With meticulous attention to detail each tool, panel and control has been completely reimagined for touch. All rendering, adjustments, brushes and filters have been fully hardware accelerated using Metal. The result is an all-new way to interact with your images, with performance you will find hard to believe.

Link

Like an Addict Facebook is Chasing Even More of Our Data, Now With Facial Scans

Andrew Orr ·

Researcher Jane Manchun Wong found that Facebook is working on facial scans called “facial recognition-based identity verification.” It would ask users to upload a selfie of them looking in different directions before they can access their account.

On that same screen and later in the actual video selfie process, Facebook notes that “no one else will see” the video selfie you submit to them and says the video will be “deleted 30 days after your identity is confirmed.”

Deleted after 30 days. Based on Facebook’s past actions we can safely assume it will do the exact opposite. There’s not much room for giving them the benefit of the doubt.