ExtraBITS for 12 February 2018
In ExtraBITS this week, Apple is reportedly scaling back new iOS features to focus on stability, your smart home devices could reveal more about you than you realize, and a malicious cryptominer was accidentally distributed by MacUpdate.
Will iOS 12 Be the iPhone’s Snow Leopard? — For years, Apple has stuck to a strict schedule of annual iOS releases that sport a sometimes dizzying array of new capabilities. Bloomberg’s Mark Gurman, whose sources have proven generally reliable, is reporting that Apple will be holding back some of the more ambitious features in iOS 12 to focus instead on polish and reliability. Under the new scheme, major features will be planned over a two-year period, with engineers having more leeway to delay features that need more work. That doesn’t mean iOS
12 will be devoid of new features. One of the most interesting, Gurman says, will enable developers to create apps that work on both macOS and iOS. That will likely have significant implications for Apple users.
Your Smart Home Could Be Spying On You — Gizmodo’s Kashmir Hill and Surya Mattu teamed up to learn the extent to which home automation devices report back to their manufacturers and leak personal information. Hill filled her house with smart devices, including an Amazon Echo, lights, coffee maker, TV, and even a bed. Then she had Surya monitor how much data was sent out by the devices. The results may shock you. Perhaps unsurprisingly, the worst offender was the Amazon Echo, which contacted Amazon’s servers every few minutes, even when the “Alexa” wake word and the microphone were turned
off.
Malicious Cryptominer Distributed by MacUpdate Hack — The MacUpdate site was hacked on 1 February 2018, and the attackers slipped malicious code into updates for Firefox, OnyX, and Deeper that would use CPU cycles on infected machines to mine cryptocurrency. Malwarebytes has instructions for removing the malware. Although MacUpdate removed the offending updates quickly, the moral of the story is that it’s always best to update an app from inside the app itself or via the developer’s Web site.