Binance announced support for Unstoppable Domains on Wednesday. This gives customers easy NTF domain names like “username.wallet.”
Andrew Orr
Since 2015 Andrew has been writing about Apple, privacy, security, and at one point even Android. You can find him most places online under the username @andrewornot.
Articles by Andrew Orr
macOS Finder Bug Lets Certain Files Run Arbitrary Commands
Researcher Park Minchan reported a bug within macOS Finder that lets certain files execute commands. It affects all versions of macOS up to Big Sur.
A vulnerability in the way macOS processes inetloc files causes it to run commands embedded inside, the commands it runs can be local to the macOS allowing the execution of arbitrary commands by the user without any warning / prompts.
Originally, inetloc files are shortcuts to an Internet location, such as an RSS feed or a telnet location; and contain the server address and possibly a username and password for SSH and telnet connections; can be created by typing a URL in a text editor and dragging the text to the Desktop.
Claris Brings 'ECF Records Manager' to K-12 Schools
On Tuesday, Claris International announced the general availability of ECF Records Manager. It’s an app created to help K-12 schools and libraries meet the requirements of a new US$7 billion federal program to support remote learning.
The FCC’s ECF Program provides more than $7 billion in funding to help K-12 schools and libraries address the homework gap by purchasing tools and services that support remote learning. This program also requires schools and libraries to keep specific device or equipment data as well as user, usage and service information and “any and all” records related to applications for funding and reimbursement payments. Required data and documents must be kept for at least 10 years.
70% of People use the Same Password for Multiple Websites
A report of a survey (n=1,041) reveals that 70% of respondents said they reuse the same password for multiple websites.
The numbers above from our recent survey of 1,041 adults age 18 or older in the US say it all. A full 70% of the respondents admitted they use the same password for more than one thing—sometimes (25%), most of the time (24%), or all of the time (21%). If you don’t know why that’s bad, read on: When someone gets your password for just one service, they have your password for everything. Since most online accounts assign your email address as a username, it doesn’t take Mr. Robot to crack that code.
One of our recurring tips for Security Friday is to use a password manager. This helps you easily create unique, secure passwords for anything.
iPhones Could Detect Autism, Depression, Cognitive Decline One Day
A report on Tuesday claims that Apple is working on technology that could help iPhones detect your depression, autism, and more.
Here's Why iPhone 13 120Hz ProMotion Display Matters
Rebecca Isaacs has written a helpful explainer about the iPhone 13’s 120Hz display and why it matters for customers.
One of the major selling points of this technology is that it allows you to dynamically vary refresh rates based on what you’re doing. For instance, basic web browsing can be handled at an undemanding 10Hz to 60Hz, while gaming can take advantage of the full of 120Hz. The Apple Watch can even hit a low of 1Hz with the always-on screen.
Shocking Report Reveals How Apple 'Undermines' Third-Party Repair Efforts
A report on Tuesday reveals how Apple undermines third-party repair efforts. Eight training videos were leaked.
New Apple Card Security Feature Lets You Change Your CVV
Apple is enabling an Advanced Fraud Protection feature for Apple Card customers. It lets you regularly change your CVV.
Crypto Miners Most Detected Malware Type in 2021
A report on Tuesday found that crypto-mining malware was the most detected malware type in the first half of 2021.
The most active cryptocurrency miner in the first half of 2021 was MalXMR, with 44,587 detections. MalXMR is a crypto-mining malware that exploited EternalBlue for propagation and abused Windows Management Instrumentation (WMI). During the infection, high CPU utilization can be noticed with powershell.exe or schtasks.exe.
Pluggin a service I use: NextDNS. There’s a toggle you can turn on to “Prevent the unauthorized use of your devices to mine cryptocurrency.”
MOFT's Launches MagSafe Accessories for iPhone 13 Called 'Snap Set'
Accessory maker MOFT is launching Snap Set, a suite of MagSafe-compatible accessories for iPhone 12 and iPhone 13.
Alaska Health Service Attacked by Nation-State Cyber Attacker
The Department of Health and Social Service (DHSS) disclosed that it was the victim of a sophisticated cyberattack from a nation-state level actor.
Citing an investigation conducted together with security firm Mandiant, DHSS officials said the attackers gained access to the department’s internal network through a vulnerability in one of its websites and “spread from there.”
Officials said they believe to have expelled the attacker from their network; however, there is still an investigation taking place into what the attackers might have accessed.
Developer of 'Apollo' Reddit Client Announces App to Kill Google AMP Pages
Christian Selig, creator of the best Reddit client on iOS, has released two new apps. Achoo is an HTML viewer and inspector, and Amplosion redirects you away from Google’s contentious AMP web pages. Achoo HTML Viewer & Inspector: Achoo allows you to easily view the HTML for the webpage you’re viewing in Safari. It shows the HTML (as well as any inline CSS and JavaScript) with beautiful and fast syntax highlighting. You can share the HTML you’re viewing, allowing you to easily inspect it on an external device of your choosing, or send it to a friend, or simply copy it to your clipboard. Amplosion: Amplosion automagically redirects AMP pages/links to their normal counterparts within Safari using an easy and elegant Safari extension. It’s completely open source, so with this transparency you can verify everything about the extension. Both of these take advantage of the new Safari extension system on iOS 15 | iPadOS 15
Grain Cooperative 'New Cooperative Inc' Hit with BlackMatter Ransomware Attack
Cyber gang BlackMatter has attacked Iowa-based grain cooperative New Cooperative Inc with ransomware, successfully shutting down its systems.
The attack occurred on or around Friday, according to Allan Liska, senior threat analyst at the cybersecurity firm Recorded Future Inc. The ransomware gang, which goes by the name BlackMatter, is demanding a $5.9 million ransom, Liska said.
New Cooperative confirmed that they had been attacked and said they had contacted law enforcement and were working with data security experts to investigate and remediate the situation.
Apple Releases iPadOS 15 With Widgets, Quick Note, App Library, and More
iPadOS 15 brings some features found in iOS 14, like App Library and Widgets, but also introduces new features.
Apple Releases iOS 15 With Live Text, Shared With You, Focus, and More
Apple has officially released iOS 15 for customers on Monday, bringing plenty of fresh new features and quality-of-life upgrades.
Here's How Much Your Car Knows About You
Jon Callas, the Electric Frontier Foundation’s director of technology projects, explained what data newer cars, especially Tesla, collect from you.
“All of these things are at least theoretically able to be logged,” cautioned Callas. “And there is a port that you can connect something to — and there’s lots of hardware and software that you can connect to your car and get all sorts of telemetry information about how the car is running — and just like there are people who hack their computers there are people who hack their cars.”
M1 Reverse Engineering Document Published for Research
Maynard Handley, one of the developers of Apple’s QuickTime, has published a 350-page PDF about his work in reverse engineering the Mac M1 chip.
Here's How to Force Files to Download on iOS
Redditor u/kevingrabher wrote about a shortcut that can force files in iCloud Drive to download. This helps you keep important files handy for offline access. Here are the steps: Open the Shortcuts app and create a new shortcut. Add Action “Get Contents of Folder” (*). Press the triangle icon and enable “Recursive.” Add Action “Get Details of Files.” Set the detail variable to “File Size” (if not set by default). In the first action you’ll probably want to choose Ask Every Time, so you can download a different folder each time.
This iPhone 13 Case Gives you a Digital Business Card to Share
Nomad Goods has prepared a line of iPhone 13 cases that have an NFC digital business card. Simply tap the back of Sport Case to another phone to share your contact info, social media, and more. The company partnered with Popl, the leader in digital business card technology. Download the Popl app to get started here.
Do You Have 100 Terabytes of Free Storage? Download the Universe
Researchers have prepared the Uchuu simulation of the universe, the most detailed ever made so far. It contains 2.1 trillion “particles” in a space 9.6 billion light-years across.
The simulation models the evolution of the universe across more than 13 billion years. It doesn’t focus on the formation of stars and planets but instead looks at the behavior of dark matter within an expanding universe. The detail of Uchuu is high enough that the team can identify everything from galaxy clusters to the dark matter halos of individual galaxies. Since dark matter makes up most of the matter in the universe, it is the main driver of galaxy formation and clustering.
“Fortunately, if you don’t have that much spare change, you can access the data online. The Uchuu team has their raw data on skiesanduniverses.org, so you can explore their virtual universe all you want.”
Photo by Guillermo Ferla on Unsplash
FTC Reveals its Study on Acquisitions From Big Tech
The Federal Trade Commission will change the way it scrutinizes acquisitions from Big Tech. On Friday it released the findings of its decade-long study on deals that weren’t reported.
The FTC reviewed 616 transactions valued at $1 million or more between 2010 and 2019 that were not reported to antitrust authorities by Amazon, Apple, Facebook, Google and Microsoft. 94 of the transactions actually exceeded the dollar size threshold that would require companies to report a deal. The deals may have qualified for other regulatory exemptions. 79% of transactions used deferred or contingent compensation to founders and key employees, and nearly 77% involved non-compete clauses. 36% of the transactions involved assuming some amount of debt or liabilities.
5 Decentralized Services for VPN, Web Browsing, Messaging, and More
One of the promises of blockchain is that it will enable Web3. While it may not be here yet, there are decentralized services you can use today.
Apple Once Threatened to Remove Facebook From App Store Over Human Trafficking
On Friday a report claims that Apple once threatened to remove Facebook from the App Store in 2019. The cause was human trafficking. (Original, paywalled report here).
The BBC published a sweeping undercover investigation of the practice, prompting Apple to threaten to remove Facebook from its store, the paper said.
An internal memo found that Facebook was aware of the practice even before then: A Facebook researcher wrote in a report dated 2019, “was this issue known to Facebook before BBC inquiry and Apple escalation?,” per the Journal.
Do the right thing, Apple: Remove Facebook.
PopSockets Announces its First iPhone Case, 'PopCase'
On Friday PopSockets announced a new addition to its product line. It’s creating an iPhone case for the first time starting at US$50.