Andrew Orr's photo

Andrew Orr

Since 2015 Andrew has been writing about Apple, privacy, security, and at one point even Android. You can find him most places online under the username @andrewornot.

Get In Touch:

Articles by Andrew Orr

Link

This Data Breach is Equal to 469,000 War and Peace Books

Andrew Orr ·

Last month we heard of the Collection #1 data breach, which contained 773 million email addresses and 21 million passwords. Now, Collections #2-#5 are here.

Despite its unthinkable size, which was first reported by the German news site Heise.de, most of the stolen data appears to come from previous thefts, like the breaches of Yahoo, LinkedIn, and Dropbox. WIRED examined a sample of the data and confirmed that the credentials are indeed valid, but mostly represent passwords from years-old leaks.

As with any data breach you can find out if your details have been leaked by visiting HaveIBeenPwned.com. My eBook copy of War and Peace is 1.8MB. The total size of the new breaches is 845GB, which equals 469,000 of those books.

Link

Be Safe on the Internet With This Security Checklist

Andrew Orr ·

The Security Checklist is an open source list of resources designed to improve your online privacy and security. Check things off to keep track as you go.

This website provides a beginner’s checklist for staying safe on the internet. This website is the result of a conversation started during a recent episode of the Design Details Podcast and a subsequent tweet by Michael Knepprath.

This is a great website that Kelly Guimont pointed my way. Even if you’re a techie and have a handle on your online privacy, you should check this out too.

Link

Apple Tells Developers to Change or Remove Screen Recording

Andrew Orr ·

A hot news item today was the revelation that some apps record your screen to learn what you do within the app. This can be used for testing and troubleshooting. Apple has responded, saying:

In an email, an Apple spokesperson said: Protecting user privacy is paramount in the Apple ecosystem. Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity.

As I said in my argued, the fact that developers know what you do within the app isn’t a big deal. The issues, as Apple noted, are: 1. Users don’t know this happens, and this isn’t disclosed in privacy policies; and 2. Sometimes sensitive data isn’t properly redacted.

Link

Apple Pay Support Comes to Over 20 Banks Worldwide

Andrew Orr ·

Aside from French banks adding support, Apple updated its list to reflect the addition of over 20 more banks.

The U.S. bank list is now so long that Apple has introduced alphabetical sub-sections to make it easier to find your bank on the list. Other new entries added to the most recently updated list include Qpay in Australia; HSBC in France; Surgutneftegasbank in Russia; Banco Mediolanum in Spain; Concord bank and UkrSibbank in Ukraine; and N26 in the UK.

Technobabylon is a Cyberpunk Game Full of Adventure
Cool Stuff Found

Technobabylon is a Cyberpunk Game Full of Adventure

Andrew Orr ·

Technobabylon is a cyberpunk game that I recently came across. I haven’t played it yet but it’s downloading as I type, due to its large, 1.4GB file size. In the city of Newton, 2087, genetic engineering is the norm, the addictive Trance has replaced almost any need for human interaction, and an omnipresent AI named Central powers the city. CEL agents Charlie Regis and Max Lao are investigating a serial Mindjacker who is tapping into the neural wiring of seemingly ordinary citizens, stealing their knowledge and leaving them dead. An agoraphobic net addict named Latha Sesame might be the next target. But when Charlie’s past comes back to haunt him, he and his partner find themselves on opposite sides of the law, with Latha’s fate in the crossfire. App Store: US$4.99

Link

Fauxtography, or Manipulating an Image to Tell a Story

Andrew Orr ·

Nice piece on photography and fauxtography by The Verge. It talks about certain automated actions in photography but I think it speaks to photo manipulation in general. Long before smartphones and Photoshop were invented, some photographers still manipulated their images in the dark room. These were under the category of fine art photography, and it helped a photographer use the picture to tell the story in their head.

For the longest time, we’ve had a seemingly clear dividing line between shots straight out of the camera (colloquially referred to as SOOC) and examples of fauxtography where the shooter has indulged in applying some after effects like filters, vignettes, recoloration, or masking and inserting objects in the frame. Phones are now stampeding over that line.

Link

iOS 12.2 Will Remove 'Do Not Track' Option

Andrew Orr ·

In the next update of iOS and macOS Apple will remove the Do Not Track option from Safari. This is okay.

Removed support for the expired Do Not Track standard to prevent potential use as a fingerprinting variable.

Before I see a headline from Forbes titled “iOS 12.2 Has a Nasty Surprise” let me say that removing Do Not Track is good. It never did anything anyway because obeying it was completely voluntary. Which of course means that every website ignored it. And now it can be used to fingerprint your browser. Good riddance.

Link

Hey You, Stop Buying Microsoft Office 2019

Andrew Orr ·

In a weird new commercial Microsoft pit Office 365 against Office 2019 in an obvious ploy to sell more subscriptions.

Unsurprisingly, in the new ads, which give the actors twins various challenges to perform in the likes of Word, Excel and PowerPoint, Office 365 beats Office 2019 every time. Yawn. The ads aren’t very good and you will cringe a few times…

Hint: You can directly buy Office 365 in the new Mac apps.

Link

AnandTech's Comprehensive iPhone XR Review

Andrew Orr ·

Andrei Frumusanu wrote a long, detailed iPhone XR review, talking about the display, battery life, and more.

The iPhone XR is an interesting product for Apple: It is clear that it aims to be a lower-cost alternative to the higher-end XS flagships. Yet at the same time it’s not directly an alternative to either the XS or the XS Max, and rather represents a model that squarely fits in-between its two higher-priced siblings.

Although the iPhone XR has been out for a while, this is still a great review to read.

Link

Security Researcher Won't Share macOS Keychain Bug

Andrew Orr ·

Security researcher Linuz Henze found a macOS Keychain bug but won’t share it with Apple out of protest.

Henze has publicly shared legitimate iOS vulnerabilities in the past, so he has a track record of credibility. However, Henze is frustrated that Apple’s bug bounty program only applies to iOS, not macOS, and has decided not to release more information about his latest Keychain invasion.

It is odd that there isn’t a macOS bug bounty but I think withholding security information isn’t the way to go.

Link

U.S. Navy Needs to Destroy 2 Tons of Hard Drives

Andrew Orr ·

The U.S. Navy has issued a solicitation asking for an appropriate service to turn 4,000 pounds of storage devices into ash.

The information stored on these devices is highly sensitive, as evidenced by the physical security requirements set forth in the solicitation. The incineration facility must have “at the minimum, secure entry, 24-hour armed guards and 24/7 camera surveillance with recordable date and time capabilities.”

Any interested destruction service has to be located within 10 driving hours of the White Sands Missile Range.

Link

What Would Happen if You Remove Apple From Your Life?

Andrew Orr ·

Kashmir Hill has experimented with cutting out tech giants from her life. In week 5 she found out what it was like to remove Apple.

In addition to abandoning all my iProducts, I am blocking myself from interacting with Apple in any way, using a custom VPN designed for me by technologist Dhruv Mehrotra. The VPN prevents my devices from communicating with the 16,777,216 IP addresses controlled by Apple, rendering iCloud and any Apple apps defunct.

It’s an interesting experiment, especially going so far as to block Apple IP addresses. I look forward to Ms. Hill’s next experiment: Blocking Amazon, Facebook, Apple, Google, and Microsoft all at once.