Apple Releases Patch for ZombieLoad Flaw in Intel Chips

ZombieLoad is a serious flaw affecting almost every Intel chip since 2011. Apple, Amazon, Google, and Microsoft have issue patches for it.

The tech giant said in an advisory that any system running macOS Mojave 10.14.5, released Monday, is patched. This will prevent an attack from being run through Safari and other apps. Most users won’t experience any decline in performance. But some Macs could face up to a 40 percent performance hit for those who opt-in to the full set of mitigations.

Crazy that Intel chips have had this since 2011. This is the first time I’ve heard of ZombieLoad.

EVE Online Makes it Easier for Mac Gamers Running Wine

EVE Online is an MMO where gamers can build and pilot spaceships and explore the universe. Today the company will start using direct upstream Wine versions for its Mac client.

On rollout, Mac users will no longer need to run a wrapper to execute a 32-bit client on their native 64-bit operating systems, which will allow the EVE client to make better use of system resources and resolve a number of long standing issues that pilots who are playing on Mac experience.

Using upstream Wine will also improve the speed at which updates will reach our pilots who’re playing on Mac, with a multitude of Mac compatibility improvements becoming available to all Mac users with this single release.

 

Will Marzipan Apps Be Locked to the Mac App Store?

Dave Mark brought up a good question regarding Jason Snell’s article, which is about how the Mac won’t be locked down like iOS with the introduction of Marzipan apps.

Will I be able to download a Marzipan app from a developer’s site and just run it on my Mac? Or will Marzipan restrict apps to the Mac App Store?

I have a feeling they will be restricted to the MAS. If Mark Gurman is right, Apple plans to merge iPhone, iPad, and Mac apps into a single download. After that, the two App Stores could be merged. Locking Marzipan apps would be the logical first step down that road.

Bloomberg WWDC Leak Highlights: Updated Maps, Health, Apple Watch Audio Books, Reminders, More

Bloomberg’s Mark Gurman got the goods on Apple’s WWDC software plans. Highlights include several improvements to Maps that I’m looking forward to. Apple is also improving the Health app, Reminders, adding audio book support to Apple Watch, a standalone app for the Apple Watch App Store on the watch itself, new Watch complications and faces, improved share sheet in iOS, combined Find my Friends and Find My iPhone, improved iMessage, an updated Books app with a reward system, and much more. There’s a ton of information in this piece, and it’s a good read.

This Concept Video Reimagines the macOS Desktop

German video editor Thomas Weinreich created a concept video that gets rid of the desktop metaphor on macOS. Replacing it is a user interface similar to what we get with the iPad. Windowed apps are replaced by full screen apps that can be displayed into multi-window Split Views. Like Ben Lovejoy said,  it seems like maybe it could be similar to what Apple is thinking of. However, I personally don’t believe the rumors of a macOS/iOS hybrid. Additionally, this concept paradigm doesn’t make sense on Macs that don’t have touchscreens. The macOS desktop metaphor might be aged, but I think it makes sense for devices that use a mouse or trackpad. What do you think?

Resetting Wi-Fi, Unlocking Your Mac, & Managing Secure Boot – Mac Geek Gab 756

Are you making the most of your Apple TV? Do you know all the tricks the Finder has to offer? Are you managing Do Not Disturb effectively? Your fellow listeners have the answers, and John and Dave share and discuss them for you. Plus, your two favorite geeks answer some of your questions about Wi-Fi, Watch Unlocking, NAS, and more. Press play, listen, and enjoy learning at least five new things!

Updated Apple Devices Display 'Not Secure' in Safari

If you’ve updated to iOS 12.2 and/or macOS 14.4, you’ve probably seen a ‘Not Secure’ message in the Safari address bar. OSXDaily explains.

By seeing the ‘Not Secure” Safari message on an iPhone, iPad, or Mac you are simply being informed by Safari that the website or webpage being visited is using HTTP rather than HTTPS, or perhaps that HTTPS is misconfigured at some technical level.

Ironically, as the article points out OSXDaily is itself not secure.

Apple Security Tool Unveiled at RSA Conference 2019

The RSA Conference is a series of computer security conferences. This year, security researcher Patrick Wardle announced a new tool for Macs called GamePlan.

…GamePlan, a tool that watches for potentially suspicious events on Macs and flags them for humans to investigate. The general concept sounds similar to other defense platforms, and it hooks into detection mechanisms—has a USB stick been inserted into a machine? has someone generated a screen capture? is a program accessing a webcam?—Apple already offers in macOS. But GamePlan, cleverly written with Apple’s GameplayKit framework, collects all of this data in a centralized stream and uses the videogame logic engine to process it.

I use a couple of Mr. Wardle’s security tools. I look forward to downloading GamePlan.

German Researcher Gives Apple Details of Mojave Keychain Flaw, Despite no Bug Bounty

LONDON – Security researcher Linus Henze handed over all the detail of a macOS Keychain bug he discovered, AppleInsider reported. This is despite not receiving any money from Apple. The company does not have a bug bounty program. Mr. Henze had previously withheld the information. He wanted Apple to start offering a bug bounty for security flaws researchers bring them. He discovered an exploit which allowed apps to see passwords held in the macOS Mojave keychain.

German teenager Linus Henze has sent Apple full details of a Keychain security exploit that he demonstrated in early February, and has done so despite the company ignoring his previous conditions. Henze says that he has decided to reveal the details to Apple because the bug he’s found “is very critical and because the security of macOS users is important to me.”

Apple and Content, Marzipan, and the Executive Shuffle, with Charlotte Henry - ACM 502

Where is Apple going with its content drive? Bryan Chaffin is joined by guest-host Charlotte Henry to dive deep into original shows, services, publishing, news, and Apple’s other content ambitions. They also talk about the promise (and potential drawbacks) of Marzipan, and what Apple’s recent executive shuffling might portend.