Just a week after the iOS 10.0.3 update (see “iOS 10.0.3 Fixes Cellular Connectivity Issues,” 17 October 2016), Apple has rolled out iOS 10.1. You can install the roughly 200 MB update via Settings > General > Software Update or through iTunes.
The major addition in this update is the addition of Portrait mode in the Camera app for iPhone 7 Plus users. Portrait mode focuses on faces while blurring backgrounds to create a depth effect in photos. Glenn Fleishman took a deep dive into this feature in an iOS beta in “Behind the iPhone 7 Plus’s Portrait Mode” (24 September 2016). Although iOS 10.1 is now out for everyone, Apple is still labeling the Portrait mode feature as a beta.
iOS 10.1 includes a few fixes for Camera and Photos: People names are now included in iCloud backups, the display of wide color gamut photos has been improved in the grid views of the Photos app, a bug causing blurred or flashing screens when opening the Camera app has been fixed, and a bug that caused Photos to quit when turning on iCloud Photo Library has also been fixed.
Another notable change in iOS 10.1 is that you can now replay bubble and screen effects in Messages — tap Replay under a message to see the effect again. Note that Replay appears only on received messages, not messages you sent with an effect.
In iOS 10.1, Messages effects play even if you have Reduce Motion enabled, which could cause some people discomfort. The update also fixes issues that could lead to incorrect display of contact names, blank white screens, missing Report Junk options, and video messages with missing audio.
Japanese mass transit users may want to update to iOS 10.1 right away, since Maps now provides transit directions for every major train, subway, ferry, and national bus line, as well as for local bus systems in Tokyo, Osaka, and Nagoya. Also, sign-based transit navigation includes more detailed underground maps, and you can now compare transit fares for alternate routes.
Apple Watch owners see some changes in iOS 10.1 too. Apple added Distance and Average Pace to the workout summaries in the Activity app for wheelchair-based workouts. The update also fixes bugs that:
iOS 10.1 features a number of miscellaneous updates, including improved Bluetooth connectivity, better AirPlay Mirroring performance, improved sharing from Safari to Messages, fixes for Mail formatting (we hope this fixes a few recent quirks with emailed TidBITS articles), a fix for Today View widgets not loading when launched, a fix for alarms that wouldn’t go off, and a resolution for a bug that prevented restoring from iCloud backups. See the release notes for a full list.
Last, but far from least, iOS 10.1 includes 12 security fixes for a variety of vulnerabilities.
Read and post comments about this article | Tweet this article
While iOS 10.1 comes with release notes as long as your arm (see “iOS 10.1 Adds Portrait Mode for iPhone 7 Plus, Fixes Numerous Bugs,” 24 October 2016), the other operating system updates Apple pushed out today are far more modest, primarily fixing bugs and addressing security vulnerabilities.
macOS 10.12.1 Sierra -- Foremost among the three is macOS 10.12.1, which is the first update since the major release of Sierra. Its changes include:
Improved compatibility with Fujitsu’s ScanSnap scanning software (see “ScanSnap Conflicts with Sierra Easily Avoided,” 3 October 2016). Fujitsu hasn’t yet commented on how this fix affects the various Sierra problems suffered by the ScanSnap software and PDFs created with it.
The addition of an automatic smart album in Photos for Depth Effect images taken on an iPhone 7 Plus
Improved compatibility with Microsoft Office when using Desktop and Documents folder syncing
A fix for bugs that may prevent Mail from updating when using a Microsoft Exchange account and that could cause Mail to display unnecessary password prompts for AOL accounts
Another bug fix that could cause text to paste incorrectly when using Universal Clipboard
Improved reliability of Auto Unlock with Apple Watch
General bug fixes that improve security and stability in Safari, and the return of Safari’s accessibility option to “Never use font sizes smaller than” when displaying fonts on Web pages
Elimination of a “Filter Failed” error when printing to some Canon printers
A fix for a bug that could prevent Grapher files from opening
For enterprise users, improved reliability of System Image Utility and imagetool when creating network disk images
Elimination of 16 security vulnerabilities
macOS 10.12.1 is a 584 MB update available via Software Update; a standalone download isn’t yet available. Our take is that it’s probably worth downloading sooner rather than later for Sierra users, given that this is Sierra’s initial bug fix update. If you haven’t yet updated to Sierra but are planning to soon, hold off for another week to make sure 10.12.1 hasn’t introduced some new problem.
watchOS 3.1 -- For those who have updated to watchOS 3.0, the new watchOS 3.1 might address a few nits, but it’s far from earth-shattering. The main change is a new option to replay bubble and full-screen effects in Messages. Plus, Messages effects can now play even if Reduce Motion is enabled.
Other fixes address bugs that could:
As much as it might be hard to imagine security issues affecting an Apple Watch, those problems are real, and watchOS 3.1 addresses eight security vulnerabilities.
The update, which you find in Watch > General > Software Update on your iPhone, is a 61.7 MB download, but remember that your Apple Watch must be in range of your Wi-Fi–connected iPhone, connected to its charger, and charged to at least 50 percent. Note that the update will likely take longer than you expect, so allot at least an hour for it.
tvOS 10.0.1 -- Apple also released tvOS 10.0.1, which you can install on your fourth-generation Apple TV by navigating to Settings > System > Software Updates > Update Software.
It’s tough to say whether there are any new features in tvOS 10.0.1, because Apple doesn’t provide release notes for minor tvOS updates. So far, the update doesn’t seem to include any new features — see “tvOS 10 Adds Dark Mode and More” (13 September 2016). However, tvOS 10.0.1 does boast ten security fixes, so we recommend installing the update soon. After all, we wouldn’t want compromised Apple TVs to start being recruited into botnets!
Read and post comments about this article | Tweet this article
We’re gearing up for MacTech Conference 2016 in Los Angeles from November 16th through 18th (with pre-conference workshops on 15 November 2016). Although MacTech Conference is one of the preeminent events for Apple-focused IT professionals, techs, and consultants, it’s also notable for coming up with some of the most unusual events for attendees.
MacTech has announced that the keynote speaker for this year’s conference will be NASA engineer Marshall Smith, whose full, business-card busting title is:
Marshall Smith, NASA Headquarters
Director, Cross-Program Systems Integration
Chief Engineer, Exploration Systems Development
Human Exploration and Operations Mission Directorate
Setting aside my suspicion that MacTech invited Smith because he tells great space geek stories, the ostensible reason he’s keynoting MacTech Conference is that it’s his job to foster collaboration across organizational cultures, geographical distance, and the public/private divide. In his talk, Smith will explain NASA’s general roadmap and specific overall goal of sending people to Mars, and use that as a launchpad for sharing his insights, ideas, and personal perspectives on the collaborative efforts that are necessary for NASA’s human exploration objectives to succeed. We may not all be enabling actual rocket science, but the lessons he’s learned about getting different organizations to work together at the enterprise level should translate to many other fields.
After the keynote, MacTech Conference will feature a full lineup of sessions given by speakers from around the world, including Take Control authors Joe Kissell and Charles Edge. For those looking for even more in-depth training, MacTech Conference offers a variety of pre-conference workshops, such as “DNS Deep Dive,” “Home Automation Workshop: Apple Style,” “System and Workflow Automation Workshop,” “Wi-Fi Design & Troubleshooting,” and “Introduction to Munki.” The DNS workshop is especially relevant, given last week’s distributed denial of service attack on Dyn (see “Massive DDoS Attack Blocks Access to U.S. Web Sites,” 24 October 2016). Plus, with HomeKit finally gaining some momentum, the home automation workshop will help anyone who consults on, secures, and supports home automation setups.
Tonya and I will once again be hosting the Take Control TechUp, a three-part Apple trivia game show that involves the entire conference. In the first phase, we pose increasingly tricky questions to all attendees in order to select ten semifinalists. They then come up on stage and take turns trying to win points by answering more questions or getting a big laugh from the audience. Finally, the top two semifinalists face off in a head-to-head lightning round. It’s a ton of fun, and someday I’ll figure out a good way to reuse all the questions I’ve developed over the years.
Pre-registration pricing for the three-day conference costs $1399 through 28 October 2016 ($1599 afterward) and includes breakfast, lunch, and dinner, along with break food and evening activities. However, TidBITS readers can save $200, dropping the price to $1199 for now. The pre-conference workshops cost an additional $399, but are $299 for TidBITS readers.
For those who make their livings selling, installing, or supporting Apple products, we hope to see you there!
Read and post comments about this article | Tweet this article
Amazon may be the most popular online retailer in the United States, known for its low prices, fast shipping, and excellent customer service. But the company has a serious issue with counterfeiting.
In July 2016, CNBC reported on rampant counterfeiting of name brands by third-party Chinese sellers. The problem caused sandal maker Birkenstock to walk away from Amazon entirely.
Then, in August, Amazon tried to put a stop to counterfeit goods by making third-party merchants pay a $1500 fee to sell major-brand products. However, that requirement apparently hasn’t helped much, since Apple is now taking legal action against Amazon supplier Mobile Star, claiming that nearly 90 percent of Apple-branded accessories sold on Amazon are fake.
This lawsuit isn’t just a matter of Apple being offended. Using these cheaply made knockoff accessories can result in all sorts of problems: poor performance, electric shocks, and even fires and explosions.
Unfortunately, it can be tough to identify counterfeit products. Price isn’t necessarily an indicator, since the knockoffs are often priced the same as legitimate Apple products to aid in the deception.
While Amazon has been complicit in allowing counterfeit products to be sold, Amazon itself hasn’t been selling fakes. Rather, it’s third-party merchants selling via Amazon who are foisting the phony products off on customers. For that reason, some people have recommended steering clear of the “Fulfillment by Amazon” program that merchants can employ to have their products stored in and shipped from Amazon’s warehouses. That’s easier said than done, since so much of Amazon’s inventory comes from those third-party sellers. Personally, I haven’t had any problems with such products. I prefer Anker’s PowerLine+ Lightning cables to Apple’s, and Anker sells them directly via Amazon.
Another tip-off can come from reviews. TidBITS publisher Adam Engst was recently looking to buy an Apple Thunderbolt cable that looked entirely legit, but when he scrolled down to the reviews, a number of reviewers warned that they had received a counterfeit product. Reviews can be bought, so be sure to read a few of them, of various star ratings, before making a purchase.
The only sure way to get authentic Apple products is to buy them directly from Apple, as Adam ended up doing with the Thunderbolt cable, or from an authorized Apple reseller.
We hope that Apple’s lawsuit encourages Amazon to strengthen its anti-counterfeiting program. It’s bad enough to pay full price for knockoff sandals, but knockoff electronics can damage expensive equipment and cause injuries.
Read and post comments about this article | Tweet this article
If you had any problems reaching Web sites on 21 October 2016, it likely wasn’t the fault of your Internet service provider, router, or computer. In the United States, it was the Internet itself that was partially broken.
The reason requires a bit of explanation. Mainstream news outlets reported that sites like Netflix and CNN were down (and I wonder how CNN reporters felt about posting a story on a Web site that couldn’t be reached), but that wasn’t quite true. The sites themselves were fine, it was that your computer didn’t know where to find them. If you picture these major sites as stores on a highway, the stores were still open, but the signs giving you directions to find them had been taken down.
In the Internet’s case, those signs are the Domain Name System, or DNS, which assigns memorable names to the numeric addresses that actually identify Internet locations. Go to http://www.cnn.com, and you’re relying on DNS to tell your browser that it’s actually 188.8.131.52; www.cnn.com by itself is meaningless to your browser and the Internet in general until the numeric IP address is retrieved.
DNS is extremely fast — a lookup that takes a tenth of a second is considered slow — and widely distributed. When you visit a domain, your Mac or iPhone first asks itself, “Do I already know where that domain is?” (That is, has your device visited it recently?) If not, the device queries the DNS servers that are entered in the network settings of your System Preferences or iOS Settings. Those servers do much the same thing, asking other DNS servers as needed — all of which results in your Mac or iPhone finding out where any domain is almost instantly, when everything is working properly.
Note that functional DNS servers are the second thing you need for this to work. The first is enough Internet bandwidth to reach those DNS servers in the first place.
Picture what happens if a major DNS server goes down. Millions of computers turn to DNS for more information every second. They’re relying on it either to have that domain memorized from a recent visit or to pass along the DNS request. If a DNS server can’t be reached within a reasonable amount of time, the request “times out” and your computer tries again with the next DNS server in its list; your Internet settings probably include two or more different servers to check. But if none of these DNS servers can come up with the information, you’re stuck.
If all of your DNS servers are at the same ISP, a network attack could take them all down, preventing you from loading any Web sites you hadn’t visited recently. Plus, if the DNS servers of a major Web site were attacked, that site would be unreachable unless you knew its numeric IP address.
As Americans famously learned from one of their senators, the Internet isn’t a truck, it’s a series of tubes. Many laughs were had about that analogy, but it wasn’t entirely wrong: the ephemeral-seeming Internet is based on the physical network of wires, wireless, and fiber connections that connect everything to everything else. Each of these connections can handle only so much traffic.
If bad guys wanted to attack you electronically, they could try attacking your home routers or computers, looking for a vulnerability that would let them in. But it’s much easier to attack your bandwidth: by sending more traffic to your connection than it can handle, your router becomes overwhelmed. Legitimate requests get swamped in all of the junk traffic — none of your requests get out, and no genuine traffic can get in. This is called a “denial of service” (DoS) attack — the attack traffic isn’t trying to do anything, it’s causing damage just by existing. It’s like being hit with a firehose — water is not normally harmful, but it is when it’s being sprayed at you at high speed.
A DoS attack from a single computer is easy to detect and block. But when the attack comes from thousands or millions of computers simultaneously, it’s a major problem. This is called a “distributed denial of service”, or DDoS. That’s what happened Friday to Dyn, a company that provides managed DNS service for major Web sites. As of Friday evening, three waves of DDoS attacks had been launched against Dyn.
Where do you find thousands or millions of computers to coordinate a DDoS? For that, you use a “botnet,” which is a network of compromised computers (sometimes called “zombies”) that have been taken over by malware, sometimes invisibly, so that they continue to work but also respond to requests for attacks from the people running the botnet. Historically, these computers have been desktop computers running old, insecure operating systems. Then mobile phones were added to the mix. Today, it’s also the Internet of Things, those network-connected devices that do stuff for you while not being full computers. The teddy bear webcam that watches your infant could be contributing to a botnet, if its security features were easily circumvented. Bad guys can build their own botnets or rent them by the hour to save themselves a lot of work. This rental market provides another incentive for botnet purveyors to increase the size of their botnets.
These botnets can unleash huge DDoS attacks. Internet connections are measured in bits per second; according to Akamai’s State of the Internet report, an average U.S. home connection ranges between 10.2 and 24.3 million bits per second. Meanwhile, the DDoS attack on security journalist Brian Krebs’s Web site was measured at 620 billion bits per second, while a subsequent attack on a French provider was over 1 trillion. Those kinds of numbers can bring down entire networks.
There’s not much that can be done about DDoS attacks. If you’re targeted by one personally, you have to rely on your ISP to help you fix it. If you run a business that might be targeted repeatedly (for purposes of extortion, for example), there are companies that sell attack protection products, including DDoS mitigation. You’re most likely to be affected the way you were last Friday: some major company crucial to the Internet’s functioning gets attacked, and associated sites become unreachable. But it’s a serious problem for any organization that’s targeted directly.
Looking forward, I believe we need two major attitudinal changes in government and business policy. The first is that we are still far too complacent with major companies shipping computers and Internet of Things devices that are overly vulnerable to being compromised and added to a botnet. Microsoft took significant heat from its corporate and government customers around the turn of the century, and now the company has one of the strongest security programs in the industry (see “Apple’s Security Past Defines Its Future,” 27 January 2011).
All operating system providers should be openly criticized for security holes that they allow to reach the public. Even more attention should be focused on Internet of Things device manufacturers, using public shaming if that’s enough to turn the tide, and with legislation if that’s what’s necessary to build a more secure Internet. We can’t expect the average consumer to determine whether a particular manufacturer makes secure devices; that should be the job of industry groups and regulators.
The second is something I’ve been thinking about since this year’s political hacks (see “On Hacking During the U.S. Presidential Campaign,” 6 September 2016). The United States is widely believed to have the most powerful cybersecurity attack and defense capabilities in the world. Why then is the general public usually left on its own? Numerous U.S. agencies are dedicated to providing security aid to technical experts, but they do little to help individuals learn about these problems and protect themselves. Are you absolutely sure that you’ll never click a link in a phishing email? I’m not.
Attacks such as the one on Dyn demonstrate that we have both collective and individual problems with cybersecurity. It’s entirely possible that these cybersecurity issues could lead to national security concerns. In my opinion, we should ask ourselves why we have the political will to build military cyberweapons and defenses, but still leave most individual Americans to fend for themselves.
Read and post comments about this article | Tweet this article
Mactracker 7.6 -- Ian Page has released Mactracker 7.6 with detailed information about major Apple hardware releases from the past couple of months, including the iPhone 7 and iPhone 7 Plus, as well as Apple Watch Series 1 and Apple Watch Series 2. It also covers the most recent updates to Apple operating systems, including macOS 10.12 Sierra, iOS 10, watchOS 3, and tvOS 10. The popular encyclopedia of Apple products also adds support for Sierra, a Supported Devices list to each iOS release, photos of recent models optimized for Retina displays, and Geekbench 4 performance scores for recent models. (Free from the Mactracker Web site or the Mac App Store, 81.7 MB, release notes, 10.7+)
Read/post comments about Mactracker 7.6.
PDFpen and PDFpenPro 8.2.1 -- Smile has issued version 8.2.1 of PDFpen and PDFpenPro, which fixes a bug that prevented print preview from displaying the first page of a PDF correctly. The PDF editing apps also correct a “selected folder not writable” error when scanning in macOS 10.12 Sierra and resolve numerous issues on iMacs with 5K Retina display that are running Sierra. ($74.95/$124.95 new with a 20 percent discount for TidBITS members, $30 upgrade, free update from version 8.0, 70.4/71 MB, release notes, 10.10+)
Read/post comments about PDFpen and PDFpenPro 8.2.1.
ChronoSync 4.7 and ChronoAgent 1.6.1 -- Econ Technologies has released ChronoSync 4.7 and ChronoAgent 1.6.1, adding direct support for Amazon S3 and Google Cloud services to ChronoSync and bringing official support for macOS 10.12 Sierra to ChronoAgent. The ChronoSync synchronization and backup app also adds SFTP server support to expand backup options to additional local servers, NAS devices, and remote servers; adds a Progressive Scanning File Operation to improve resuming suspended backups; and implements a redesigned Connection Profile Architecture to improve reliability. ChronoAgent adds the capability to mount disk images on ChronoAgent Macs, fixes a bug that displayed the ChronoAgent Preference Pane icon in the Dock when running in Sierra, and fixes some minor issues with Extended Attributes. (Free updates for both apps; $49.99 new for ChronoSync with a 20 percent discount for TidBITS members, 40.9 MB, release notes, 10.8+; $14.99 new for ChronoAgent, 12.7 MB, release notes, 10.8+)
Read/post comments about ChronoSync 4.7 and ChronoAgent 1.6.1.
SpamSieve 2.9.26 -- Michael Tsai of C-Command Software has released SpamSieve 2.9.26, ensuring compatibility with Apple Mail in macOS 10.12.1 Sierra. (If you have already updated to that version of Sierra, choose SpamSieve > Install Apple Mail Plug-In to install the SpamSieve plug-in and avoid accidentally moving good messages to the spam mailbox.) The spam filtering utility makes improvements to SpamSieve’s filtering accuracy, tells Apple Mail’s junk filter when incoming messages are not junk (instead of only when they are junk), adjusts sizes of the Dock icon status indicators to deal with a font change in Sierra, and works around an OS certificate error when checking for a software update. ($30 new with a 20 percent discount for TidBITS members, free update, 13.4 MB, release notes, 10.6+)
Read/post comments about SpamSieve 2.9.26.
1Password 6.3.5 -- AgileBits released 1Password 6.3.4 with a single change that might throw you for a loop if you weren’t expecting it in the password management utility. The update “improves verification and authentication of communication with the 1Password browser extension.” After installing the update, you’ll be asked to verify 1Password’s connection to the extension via 1Password mini in the form of a six-digit code (shown in both 1Password mini and a Web browser tab). This verification opens automatically after installation if you have a Web browser open, or immediately after opening your Web browser the next time. “Take Control of 1Password” author Joe Kissell also notes that if you’re using the Bartender menu control utility, “you have to click the 1Password mini icon in Bartender — not just press the keyboard shortcut — to bring it up in order to see the code.”
A few days after the 6.3.4 release, AgileBits updated 1Password to version 6.3.5 to fix a crash that could occur when using the 1Password browser extension, resolve an issue where the 1Password browser extension authorization window failed to display due to a missing monospace font, ensure that the app properly advises you to re-enable iCloud sync when upgrading from version 4, and correctly show the browser authentication popup when using Bartender. ($64.99 new from AgileBits and the Mac App Store with a 25 percent discount for TidBITS members when purchased from AgileBits, free update, 43.9 MB, release notes, 10.10+)
Read/post comments about 1Password 6.3.5.
BusyCal 3.1.1 -- BusyMac has released BusyCal 3.1.1 with improvements and bug fixes for the calendar app. The update improves the Quick Event panel by adding a preview of the event details as you type and providing interactive Attendee and Location pickers. The new version also adds mass transit support to Travel Time, improves 24-hour time entry in the Info panel, fixes a bug related to deleting an instance of a repeating meeting on Microsoft Exchange, fixes a crash that occurred when adding attendees with arrow keys, resolves an issue that prevented un-sharing an iCloud calendar, and corrects several user interface bugs when running in macOS 10.12 Sierra. ($49.99 new, $29.99 upgrade, 11.3 MB, release notes, 10.11+)
Read/post comments about BusyCal 3.1.1.
Audio Hijack 3.3.2 -- Rogue Amoeba has released Audio Hijack 3.3.2, which corrects a critical bug when running in macOS 10.12 Sierra where deleting blocks could cause an exception in Core Animation and leave the user interface in an inconsistent state. The popular audio recording utility also improves how the app displays the disappearance of an audio device, ensures the left and right arrows work in the Sessions tab, makes adjustments so FaceTime can be captured in Sierra, and adds support for the Avaya Spark app as a VoIP input source. Additionally, Audio Hijack now requires Instant On to capture audio from iTunes due to changes made in iTunes 12.5 — a prompt will appear if necessary. ($49 new with a 20 percent discount for TidBITS members, free update, 16.2 MB, release notes, 10.9+)
Read/post comments about Audio Hijack 3.3.2.
In ExtraBITS this week, AT&T seeks to purchase Time Warner, T-Mobile pays a heavy price for data throttling, we say goodbye to Macworld founder David Bunnell, Apple reveals plans to build home automation into newly built homes, and we review Apple’s $49 iPhone 7 Plus case in 49 words.
AT&T Aims to Buy Time Warner for $84.5 Billion -- Ma Bell is back and bigger than ever! Telecom giant AT&T has made a bid to acquire Time Warner Inc. for $85.4 billion in cash and stock. Note that while this deal would give AT&T ownership of HBO, Turner Broadcasting, and Warner Brothers, it doesn’t include Time Warner Cable, which is now owned by Charter Communications and is being rebranded as Spectrum. AT&T is likely trying to place itself on an even content footing with Comcast, which purchased NBCUniversal in 2011. However, with U.S. politicians from both sides of the aisle speaking out against the merger, it’s unclear if federal regulators will approve the deal.
T-Mobile Fined $48 Million for Data Throttling -- In an agreement with the U.S. Federal Communications Commission, T-Mobile will pay a total of $48 million in customer benefits, educational donations, and fines because of throttling connection speeds for its largest data users without advance notice. Impacted customers will receive a 20 percent discount on accessories and will be eligible for an additional 4 GB of data per month. T-Mobile CEO John Legere responded in his typically bombastic fashion, tweeting that T-Mobile believes more information is good for customers. Though, apparently, it takes an FCC settlement to make that happen.
Remembering David Bunnell -- David Bunnell, the founder of PC Magazine, PC World, and Macworld, as well as Macworld Expo, has passed away. Fast Company’s Harry McCracken profiles Bunnell’s life and career, including his background as a social activist.
Apple Reveals Home Automation Plans for New Construction -- Today you purchase and install HomeKit home automation devices in existing homes, but Apple wants to go beyond retrofits by building the technology into new homes. “We want to bring home automation to the mainstream,” Greg Joswiak, Apple’s vice president of product marketing, told Bloomberg. “The best place to start is at the beginning, when a house is just being created.” According to a survey by real-estate firm Trulia, twice as many people prefer a newly built house to a pre-owned property, so perhaps the boost that home automation needs is to become standard in new construction.
49-Word Review of the $49 iPhone 7 Plus Case -- Apple’s tight-fitting iPhone 7 case features a luxurious leather exterior, a soft microfiber lining, and built-in volume and Sleep/Wake buttons. It provides decent protection without adding extraneous bulk, is easily removed, and doesn’t cover the iPhone’s stereo speakers. Best of all, it eliminates the camera bump.