Skip to content
Thoughtful, detailed coverage of everything Apple for 33 years
and the TidBITS Content Network for Apple professionals
Show excerpts

#1400: CES gadgets & gizmos, WPA 3, iOS devices disabled from incorrect passcodes

This week’s issue of TidBITS focuses on the CES show in Las Vegas. Our roving correspondent Jeff Porten was once again on the floor to bring you his annual assortment of unusual gadgets, gizmos, and services. Outside of CES, Glenn Fleishman shares the details of WPA3, a new security standard for Wi-Fi that promises to make Wi-Fi connections both more secure and easier. Finally, Josh Centers explains what to do when your iOS device gets disabled from too many incorrect passcode entries. Notable software releases this week include Quicken 4.6.8, EagleFiler 1.8.2, and LaunchBar 6.9.4.

Glenn Fleishman 3 comments

WPA3 Promises Better Wi-Fi Security with Less Effort

The Wi-Fi Alliance, which certifies Wi-Fi products, has announced WPA3, a major upgrade to Wi-Fi security that will appear in 2018 and take care of known flaws while simultaneously requiring less effort on your part. Among other things, it will eliminate the nasty KRACK vulnerability and secure open Wi-Fi networks. (See “Wi-Fi Security Flaw Not As Bad As It’s KRACKed Up To Be,” 17 October 2017.)

The Wi-Fi Alliance is a trade group that dates back nearly 20 years. It has long been responsible for keeping all the cats in the local wireless networking bag, preventing forks and proprietary standards that have plagued other technologies. Almost 15 years ago, the Wi-Fi Alliance worked to recover from the terrible flaws in its original network encryption standard, WEP, by getting the whole industry to switch to the far more secure WPA2.

WPA2 encrypts traffic passed over the Wi-Fi wireless local area network to prevent anyone without the network passphrase or an enterprise login from being able to decipher the flow of data. On an enterprise network, even devices on the same Wi-Fi network can’t see each other’s data. It’s supposed to work that way on passphrase-only Wi-Fi networks too, like what you have in your home, but flaws in the protocol allow someone with the network’s shared password and a simple cracking tool to access data from other network users.

While the WPA2 standard was largely designed well, it hasn’t changed in 15 years, which is a long time in the security world. Last year, a security researcher discovered a major flaw that he dubbed KRACK. It could allow someone in proximity to a Wi-Fi network to recover certain kinds of otherwise protected data. Major vendors, including Apple, released patches for Wi-Fi adapters and routers, but older hardware that is unpatched or unpatchable remains vulnerable, and the repairs were more bandages than curative surgery.

The new WPA3 fixes the fundamental flaw related to KRACK by replacing the four-way handshake between a Wi-Fi device and a base station that turned out to be vulnerable. Precise details of WPA3’s redesigned method of establishing a secure connection aren’t yet available.

The new WPA3 standard also adds the following:

  • Even when a user picks a weak passphrase — like pass1234 — WPA3 will process it without user involvement so that the password can’t be extracted via brute-force attacks that rely on iterating through short, common, and dictionary-based passwords.
  • WPA3 provides better security for devices with limited input methods, like printers, to join a network securely. That was supposed to be the job of WPS (Wi-Fi Protected Setup), but it never reached its potential, and the WPS spec has security flaws.
  • Encryption key length in WPA3 rises from 128 bits to 192 bits to meet a level of protection required for U.S. government use.
  • Joining a password-free network will now securely set up an encrypted connection.
  • All connections will now be protected from other users of the same network, something that’s reliably available only with enterprise connections today.

These last two points are a major improvement for public Wi-Fi networks. Unsecured networks are convenient because businesses and institutions don’t have to provide a Wi-Fi password to everyone who walks in. However, eliminating the need for a password also means that users send their traffic across unprotected connections that can be intercepted by anyone nearby with a Wi-Fi sniffer. With WPA3, Wi-Fi providers won’t have to choose between convenience and security.

The Wi-Fi Alliance also said it’s upping its game with WPA2, adding more tests of how WPA2 is implemented by companies to provide better consistency and security.

WPA3 will start appearing in hardware in 2018, but WPA2 will remain available for compatible devices for some time to come — almost certainly for several years, given its installed base. Unfortunately, most devices that run WPA2 likely can’t be updated to WPA3, possibly apart from some more recent devices that were designed with an idea of what hardware features WPA3 would require.

That means that WPA2 will remain the weakest link in Wi-Fi security until WPA3 is supported by every device you use and all the base stations to which you connect. As we saw with the transition from WEP to WPA2, which involved the interim WPA standard, that can be a long process.

Josh Centers 17 comments

What to Do If Your iPad Gets Disabled By Too Many Passcode Entries

I gave my mother an iPad for Christmas. She had a Mac in the past, but after it died, she started using an old netbook running Windows XP that I had left lying around her house. The Asus 1000HE, dating from the first days of the Obama administration, was literally wheezing and I didn’t even want to imagine what security vulnerabilities its copy of the long-abandoned Windows XP had.

The iPad was her first iOS device, and she was thrilled, especially with Touch ID. But I failed to explain that Touch ID would require her to enter her passcode every few days. And when we had set up the iPad, she had insisted on an alphanumeric passcode. So when it prompted her for a passcode, she entered her Apple ID password. And again. And again.

Until finally, the tablet seized up, displaying this message: “iPad is disabled; connect to iTunes.”

After I ranted about this situation on Twitter and in our TidBITS Slack team, I discovered that most techies don’t even know that this is something that happens, because they don’t forget their passcodes!

Alas, I know this problem all too well because I have a tech-addled toddler who likes to use the iPad Lock screen as a drum, so he disables his iPad regularly. And before you ask, no, this feature is not related to the Erase Data feature in Settings > Touch ID & Passcode that erases the data on your iOS device after 10 incorrect passcode entries. This is a built-in security feature that cannot be disabled.

How many incorrect passcode entries it takes before the iPad locks is up for debate. Apple’s support document says six. In my testing, that isn’t true. It took only five tries with random passcodes to disable my iPad for 1 minute. However, Apple seems to have measures in places to prevent accidental disabling. I tried 1111 as a passcode over 20 times without disabling the iPad. I then entered 9874 another 20 times with no problems. But after that it took only three random passcodes, without entering the right passcode to reset the count, to disable the iPad.

Once you kick off the process, it works like this: the device is disabled for 1 minute. There is no way to bypass it being disabled — you just have to sit in time out like a naughty child. Once that time is up, you get one chance to get the passcode correct or your device is disabled for 5 minutes. Get it wrong again and it’s disabled for 15 minutes! The next failure disables it for another 15 minutes. After that, 1 hour. Get it wrong one more time, and you won’t be able to get in directly on the device ever again. Your only solution at that point is to erase all content and settings and restore from backup.

As I’ve worked on my test devices to replicate this behavior, I’m amazed at how persistent my mother was in entering the wrong passcode. But I think one of the design mistakes Apple made here was in not explaining why the iPad is disabled. The more technically adept will likely figure out what’s happening quickly, but it’s not necessarily obvious to a less experienced user what’s going on.

A more helpful message would be “iPad is disabled for five minutes for your security. Please verify that your passcode is correct and try again.” At the very least, that would ensure that the user had been told explicitly what they had done wrong.

How I Fixed It — If your iOS device is disabled, the main way to fix it is to use iTunes to erase it and restore from backup. So instead of this being a simple confusion I could clear up over the phone, I had to head to her house with my MacBook Pro in tow. To add insult to injury, since my MacBook Pro only has Thunderbolt 3 ports and her iPad only came with a Lightning to USB cable, I had to dig out an adapter.

(To those who would point out that I could have loaded iTunes on my old netbook, no, that wouldn’t have worked because the current version of iTunes requires at least Windows 7.)

If the device has been synced with iTunes, erasing and restoring is reportedly a relatively painless process. But since her iPad had never been synced to my MacBook Pro, I first had to enter recovery mode by connecting it to iTunes and holding the Sleep/Wake button and the Home button until I saw the Connect to iTunes screen. That technique works on all iPads, iPod touches, and older iPhones. If you have an iPhone 7 or later, the process is slightly different:

  • iPhone 7 and iPhone 7 Plus: Press and hold the Side and Volume Down buttons until you see the Connect to iTunes screen.
  • iPhone X, iPhone 8, and iPhone 8 Plus: Press and release the Volume Up button, press and release the Volume Down button, and then press and hold the Side button until you see the Connect to iTunes screen.

Once I connected to the iPad via iTunes, recovery was as simple as clicking the Restore iPad button. You may see a prompt that says there was a problem with your device that requires it to be updated or restored. If so, click the Restore button on that window.

Note that restoring your device requires iTunes to download the latest version of iOS, regardless of whether or not it’s installed on your device already. And also note that your iOS device will remain in restore mode for only 15 minutes, so if the download takes longer than that, you’ll have to enter that mode again. So having a fast Internet connection is key during the restore process. Unfortunately, my mother didn’t have a particularly good Internet connection at the time, so I had to go home to my fiber connection, restore the iPad, and then bring it back.

I later learned that there is another solution to this problem that’s easier, doesn’t require a Mac with iTunes, and can be initiated remotely: Find My iPhone, also known as Find My iPad (the name changes per device). You’ll need another computer or iOS device for this, but if you open the built-in Find My iPhone app, either in iOS or on iCloud, choose the disabled device, and tap Erase iPad, you can erase the device. However, if Find My iPad wasn’t enabled and you don’t have access to a Mac with iTunes, you’ll have to drive to an Apple Store to get it fixed. That’s right — the last-ditch solution is to take your disabled device to the Genius Bar and get Apple to reset it.

Note too that if Find My iPad is enabled, that turns on Activation Lock. So, when you’re setting the device up again, you’ll have to log in with the previous Apple ID credentials that were associated with the device to prove that it’s not stolen.

Thankfully, this story had a happy ending. I’d set up my mother’s iPad to back up to iCloud and restoring that backup brought back all of her apps, already logged in, so it didn’t take long to get back up to speed. I worked with her to set up a new numeric passcode and even turned on two-factor authentication for her Apple ID at her request. That was a few weeks ago, and so far, so good.

Further Thoughts — During this minor drama, I learned a few things about setting up iOS devices for others. Don’t set up an alphanumeric passcode, even if they request it. Make them come up with a numeric passcode. It’s just too easy to mix up the passcode and Apple ID password. Also, whatever security measures you set up, be sure to explain them thoroughly.

I also have a few suggestions for how Apple could improve this feature. First, let us turn it off! I don’t even see why it exists — iOS already has a feature that will wipe the device if the passcode is entered incorrectly enough times. I understand and appreciate Apple’s dedication to security, but some devices need less than others. My mom’s and son’s iPads have nothing on them that’s more sensitive than what kind of YouTube videos they like — a six-digit passcode is more than enough security on its own. And on top of that, I can wipe these devices remotely with Find My iPhone.

Worse, this feature can render a device completely useless and potentially cause a user to lose data, if the device wasn’t set to back up or its backups were failing for some reason. I’ve never seen a non-optional security feature that could brick a consumer-level device even if an authorized user could later authenticate themselves.

At least in theory, someone with access to your iPhone or iPad could lock it in this way just to be annoying. There should always be a way for an authorized user to gain access to a disabled device without having to turn to another device or computer, perhaps by entering your Apple ID credentials.

Jeff Porten 6 comments

CES 2018: CES Unveiled Gives a Duck

For the media, CES started on 8 January 2018 this year with a bunch of press conferences, followed by CES Unveiled, the mini-CES that precedes the main show.

The usual rules for my CES coverage apply: there are several events I’m covering, including CES Unveiled, where journalists are wined and dined in smaller venues. Products that appear in these events get more coverage, somewhat independently of their actual news value, because fewer things clamor for attention, and the food and open bar attract thousands of journalists. My stories from these events are separated out so you can apply appropriate grains of salt. Likewise, if any booth gives me something more valuable than a T-shirt, that’s noted with ?.

My Special Aflac Duck — Leading off my coverage is possibly the best thing I’ve ever seen at any CES: a stuffed animal with robot technology that Aflac will give away for free to any child suffering from cancer. Children care for the Aflac Duck, similar to the old Tamagotchi virtual pets, with a mobile app. The child is told the duck is also suffering from cancer, and it has a hookup for its “chemotherapy treatment.” The idea is that the child can get somewhat distracted from the pain of a chemo treatment by treating the duck at the same time, which Aflac claims measurably lessens the pain the child
experiences. For children too young to be verbal, it comes with seven emoji disks that the child places on the duck to communicate their mood to the duck — and of course, to their family and doctors; the duck reads an RFID chip in the disk and responds accordingly. Aflac’s robot duck is in testing now at an Aflac cancer clinic and is expected to ship in late 2018. Sign up at the company’s Web site, which also has a shop with ancillary items including T-shirts and small plush toys. At the risk of being called a softie, I’m tearing up as I write this.

MyManu Clik+ Translation Earbuds — A big thing this year is wireless earbuds, which I’ll generally be reviewing on the basis of “better or cheaper than Apple’s AirPods?” MyManu Clik+ earbuds have a neat trick: they connect to your phone and can translate 37 different languages. You may have heard that Google has something like this; the problem is, Google’s Pixel Buds don’t work fully with iPhones and haven’t gotten great reviews. I’ll have no idea if MyManu’s are any better until I get a review unit in a
few months. Shipping in March 2018 for $249 initially, eventually rising to $320.

Lizn Hearpieces — Alternatively, if your problem is that you can’t hear languages you do speak in a noisy environment, Lizn Hearpieces might help. They’re a pair of earbuds that act as a standard Bluetooth headset and microphone, with Siri integration, but they can switch into a mode where instead they filter ambient sound. White noise around you gets reduced, and any sound coming from directly in front of you gets intensified and sharpened. Shipping in March 2018 for $199, and pre-orders are being taken now.

Jabra Elite 65t Earbuds — Meanwhile, if your issue is hearing people on the phone, Jabra’s Elite 65t earbuds provide 50 percent noise reduction during calls. The other end will hear you better too, because there are four different mics in the earbuds picking up your voice. If you just want to listen to music all day, they’re good for 15 hours on a charge. You can pre-order them for $170 via an exclusive arrangement with Best Buy, and they ship next month. I’ll refer you to this Engadget review by a guy
who used a beta version for a week; he liked them.

Air by Crazybaby (NANO) Earbuds — Rounding up the night’s Bluetooth earbuds, Crazybaby makes the list with the Air by Crazybaby (NANO), notable for being the first ones I’ve seen, at $99, that are less than $100. They come in a range of colors like the iPod nano and sport a 12-hour battery life; the microphone is compatible with a bunch of voice assistants, including Siri. Pre-order now; expected to ship in two months.

Noveto Sowlo Virtual Headphones — Maybe you just want a headset which doesn’t actually exist. That wacky idea is possible with Noveto Sowlo, a soundbar that somehow shapes the audio waveform directionally so you hear it, but other people can’t. The demo showed how it worked: a camera recognized my face and mapped where my ears were in three dimensions, then a soundbar beneath the monitor fired the audio from a first-person shooter game straight at me. The rep, standing a few feet to my right, claimed he couldn’t hear it. I took a step to the left, and the volume dropped off significantly, but it wasn’t silent. It
would work well for a couple on a couch, but not if they’re snuggling. The product will likely be a separate soundbar which you connect to any monitor. Shipping by the end of 2018 with a target price around $200.

Coravin Wine Preservation Opener — Maybe after you stop listening to your nonexistent headphones, you’d like a glass of wine without opening the bottle. Yep, that’s what the Coravin does. It works this magic with a device you slot over the top of the bottle; a needle plunges through the cork, allows you to pour the wine, and simultaneously pumps argon into the bottle so the remaining wine never makes contact with the air. Remove the Coravin, and the cork automatically reseals. For screwtop caps, you replace it after the first glass with a reusable cap Coravin provides — the argon is heavier than air, so it rests in the bottle
while you swap caps. Currently available for $199, with a beefier model made of heavier materials for $299 (although the Web site seems to list them all in pricier “packages”); replacement argon capsules cost $9 each in three-packs, and are good for a few bottles of wine each. In September 2018, Coravin will release the Model Eleven, which is faster and easier to use, with app integration and an LCD screen telling you wine details — but those improvements will set you back $999. If you have to ask if a fancy corkscrew is worth a grand, you can’t afford it.

D-Link Triband Whole-Home Wi-Fi — It seems like everybody and their grandmothers are demoing mesh networking systems, which cover your entire home with a Wi-Fi signal without configuration. My intended question for all of them: “What makes your product different from the scores of others here?” So far, that’s stumped two companies. D-Link’s model doesn’t wow technically — except that mesh networking in general is pretty darned cool — but it’s an attractive pod with swappable covers in different anodized colors. Mesh Wi-Fi units work best when they’re out in a
room, which means on display; these at least look nice. It’s reasonably priced at $249 for the initial three-pack, which you can extend with more of the same or other D-Link products. Available in early 2018.

Plex Pass, Now with News — Whole-house Wi-Fi means everyone is going to want to stream their favorite videos on just about any screen bigger than an Apple Watch. I’ve used Plex for this for years. Toss tons of videos, music, and photos onto an always-on computer, point Plex at it, and it creates catalogs with movie posters and album art, then streams it to pretty much any device you can think of, locally or over the Internet. All of that is free on your Macs, although the mobile apps cost a few bucks. Where Plex makes money is its monthly, annual, or lifetime Plex Pass ?, which provides various cloud services and software upgrades
to your Plex experience, including the capability to download videos to mobile devices on-the-fly, record over-the-air live TV, and enable parental controls, along with other additional features over the base Plex experience. Plex is rolling out various streaming services as part of the Plex Pass; the newest is a customizable news channel. Point Plex at various online news video sources you watch, and either build your own playlist or let Plex’s AI figure out what you like to watch and build it for you. Plex Passes cost $5 a month or $40 a year; if you want to use Plex forever, $120 will get you a lifetime subscription.

Moodo Custom Aromatics — Once you get your movie options worked out, you’ll want the house to smell nice while you’re watching on your iPad. Enter the Moodo, a box that sits on a table and perfumes an area up to 600 square feet. It ships with three “families” of four base scents each (similar to a printer with CMYK ink cartridges), and you use prebuilt recipes or make custom scents with an app. If you have several Moodos, the app can control them all, setting the same scent across several rooms, or giving each one its own aroma. I don’t care much for perfume, but the woman standing next to me did, and she was rhapsodic. $189 gets
you the base unit and three sets of scent mixers, and additional scents cost $29.

Ujet Electric Scooter — The Ujet is a one-person scooter with a range of 100 miles (on the pricier model), and a top speed of just under 30 mph. It charges from standard AC in under 2 hours with an optional fast charger; it’s unclear how long the regular charger takes. It has a touchscreen for display and control, and Ujet sells gloves that work with it for cold weather. Ujet’s scooter caught my eye because it’s meant for urban transport and folds up for easy storage during the workday. But at 70 pounds, don’t plan on carrying it up stairs. Europeans can get one in the first half of this year, Americans have
to wait at least six months. The Ujet costs $8900 for the base model or $9990 for the long-range version.

Kuri Home Robot — If you’ve always wanted your own R2D2 with a look reminiscent of Hello Kitty, Kuri’s the droid you’re looking for. It’s equipped with a 1080p camera and uses facial recognition to roll around the house capturing video you might otherwise not think to record: kids playing, the dog doing something amusing, or the Amazon delivery guy entering your house without calling you first. Kuri’s “face” reacts to its environment, and it makes R2D2-style beeps and boops. You can hear them in this video. Of course, you control Kuri with an app. Initial units
have been shipped, and the next round of orders is scheduled for early 2018. It costs $799 now, which rises to $899 starting March 2018.

BrainCo Brain Activity Headband — Every CES brings gadget makers making dubious medical claims, which made the BrainCo booth rather refreshing in that they didn’t do that — and their Harvard affiliation didn’t hurt. They were showing the Focus 1, a headband that monitors electrical activity in the brain. Initially sold in bulk to schools, the premise is that they’d be worn by an entire classroom of students. The teacher could then see statistics afterward indicating whether the students were collectively paying attention, or which individual students were having trouble. (The current model has red
and green lights to provide immediate feedback; the company is considering removing them, as it raises privacy concerns for the child.) Students could use the Focus 1 on their own later to determine how well they’re studying. I have ADHD and asked if it was likely to be helpful; the rep said, “We’re not making claims, but we’re hoping so.” (They have an additional product in development, called the Lucy, specifically for ADHD.) The Focus 1 is shipping in China and will come to the United States “later this year,” with an individual price tag in the “low hundreds.”

Touchpoint Stress Reducing Hand Buzzers — Speaking of dubious health claims, that’s my impression of Touchpoints. They’re a pair of small squares that you hold in your hands, wear in your pockets, or attach to optional wristbands. It doesn’t matter where they are, but for some reason, it’s very important you have one on each side. They buzz. Really, that’s all they do; it’s supposedly a special vibration frequency which reduces stress. The neuroscientist who invented them asked me to think of something stressful, then gave me the Touchpoints; they started vibrating alternately in my hands. She asked me if I was
feeling less stressed; I said, “Yes, because now I’m distracted by the buzzing, and I’m thinking about what I’m going to write instead of that stressful thing.” When I asked how she could prove it wasn’t just the placebo effect, she promised me they’d have brain scanning at their main booth. If only I had brought along a neurologist who could explain a scan to me! The buzzers are currently listed on the company’s Web site as shipping in 2–4 weeks. The models that just buzz cost $135 for a pair, whereas the ones that both buzz and talk to a phone app (saying what, I don’t know; there’s no monitoring in these devices) are $240.

Jeff Porten 9 comments

CES 2018: PEPCOM Digital Experience

Monday’s hot tip for aspiring tech journalists: when having a conversation with a booth representative, do not accidentally throw a multimillion-dollar prototype into your conference swag bag. In my defense, the prototype SSD drive was exactly the same size and shape as the USB sticks with press materials at nearly every other booth, and I was distracted by the conversation. But when the guy who handed it to me put on his “I am having a heart attack right now” face, that brought me back to Earth rather quickly.

Western Digital Storage — Western Digital’s SanDisk brand gets to go first, as it was the prototype I nearly walked off with. That was a 1 TB SSD with a USB-C connector, no larger than a standard USB stick. No details regarding release dates or price are available yet. However, SanDisk is shipping the Ultra Fit 3.1, a tiny USB-A drive which sits nearly flush with your port; sizes range from 16 to 256 GB, priced from $22 to $150. This flash drive is literally smaller than a quarter.

Anker — At the moment I approached the Anker ? booth, I was carrying one of Anker’s huge 20,000 mA batteries in my pocket, and charging my phone on the go. (I manage to forget to plug it in overnight at least twice a week.) The company’s line of batteries and chargers continues to receive incremental improvements, but their press materials neglect to mention what’s new and what’s not. At least I can report, from the booth conversation, that the 20,000 mA battery now outputs up to 30 watts, and they’ll be releasing a portable charger in Q3 2018 with two USB-C and two USB-A ports, as opposed to the 1-and-3 version out now.
Anker also announced the Zolo+ earbuds, available later this month, but at only 3.5 hours of battery life and a price point of $149, the only standout feature is a toggle that lets you filter ambient sound.

Kingston Nucleum USB-C Hub — Kingston released the Nucleum USB-C hub, which connects USB-C MacBooks to seven different ports in a small and attractive package. Notably, Kingston touts advanced engineering in the hub to make things work right: passthrough power is allocated evenly, even when every port is in use; HDMI output is 4K; and USB ports are designed to reduce electromagnetic interference that could affect Wi-Fi signals and vice-versa. About the only drawback to the design, to my eye, is that the USB-C cable that connects to the MacBook is stiff and hardwired to the Nucleum, which means it’ll
take up a bit more room in your go bag. $80 from Kingston’s site, available now.

Acronis True Image for Mac — You might be familiar with cloud backup services such as TidBITS sponsor Backblaze, which Joe Kissell recommended after CrashPlan pulled the plug (see “CrashPlan Discontinues Consumer Backups,” 22 Aug 2017). Backblaze runs on an all-you-can-eat model — you pay by the computer, and Backblaze doesn’t care how many terabytes you have attached to it. Acronis True Image for Mac is different. Acronis sells a standalone app for local backups and two metered cloud services that offer additional value-added services. In August
2017, Acronis ? added ransomware protection to their cloud backup. In the event you get attacked by someone demanding Bitcoin to decrypt your files, Acronis will detect the attack and keep copies of the files before they were affected. A standard cloud backup without this protection would likely overwrite the cloud backup with the encrypted files you can’t open. Also in the mix: backup of iOS devices and the option to use network-attached storage (NAS) as your backup target for local backups. Pricing comes in three flavors: Standard is a $50 license that’s good forever, but only for local backups; Advanced costs $50 per year for 250 GB of cloud storage and various cloud-related features; and Premium runs $100 per year for 1 TB of
storage plus additional cloud features. You can add additional storage to any cloud plan.

ZTE Axon M Dual-Screen Phone — Most of you won’t care about anything Android, but still, the fold-out dual screen on the ZTE Axon M has a wow factor worth mentioning. I was wondering how useful it would be, since almost no Android apps will be coded to understand a 6.75-inch square screen with an air gap in the middle. ZTE has thought of this; the phone can natively run one app on each side. It’s only available on AT&T, and costs $24.17 per month for 30 months (and only if you keep AT&T service). It’s been shipping since October 2017.

SquareTrade Device Protection Plans — AppleCare+ is the default way to insure your Apple gizmos against unfortunate interactions with the sidewalk, but it has its drawbacks. The biggest one is that if you miss your window to buy it while you’re still under warranty, you can’t have it. If you’re insuring an iPhone X, AppleCare+ is also kinda spendy. SquareTrade ? (a division of Allstate) will insure your iPhone, no matter which model, for $129 for 2 years, with a $99 deductible for most damage, but only $25 for shattered screens or back glass. Even better: later
this year, in some service areas, SquareTrade will send a repair guy to you to fix the screen on site. SquareTrade also has plans for MacBooks and iPads, as well as for a laundry list of other electronics. My 2016 MacBook Pro would cost $240 for 2 years (with a $75 deductible), and my iPad Air 2 would set me back $109 ($49 deductible). No need to still be under warranty when you sign up, but you have to prove that the device works.

Matrix PowerWatch X — At $249 later this quarter, the PowerWatch X seems overpriced for what’s essentially a fitness watch with notifications from your phone, but it has two killer features. First, it’s water resistant to a depth of 200 meters for you divers. Second, you never need to charge it. It converts your body heat into all the power it needs. Did you know that at rest, you radiate 100 watts of body heat? Granted, that’s not all in the wrist, but I gather the watch doesn’t need all that much. The currently available regular PowerWatch has nearly the same specs for $199, but it
doesn’t pick up phone notifications. Note: this thing is huge compared to my Pebble Time Round.

LimeBike Bicycle Rentals — Bicycle rentals have become a big thing in major cities, but expansion to new cities can be slow. Bikes have to be locked into docking stations when they’re picked up and returned, and the programs require regulatory approval and capital investment. LimeBikes are different; they have built-in locks and are locatable by GPS, so they don’t need docks. When you’re done with it, just leave it on the sidewalk or on a public rack; the next person will be directed to it by their phone’s app. I asked how the technology prevents theft, and it turns out that a locked bike that gets moved more than a few feet
sets off a loud alarm and phones the mothership. Since nothing needs to be built, LimeBike can expand to your city or college campus easily. Check their site to see if they’re in your area, and if not, sign up to be a plus-one in your area to convince them to go there. Newly announced at CES were bikes with assistive electric motors, but these are starting out this month only in Seattle, San Francisco, and Miami. Human-powered bikes cost $1 for 30 minutes; the electric ones will cost $1 every 10 minutes, plus a $1 unlock fee.

Foldimate Laundry Folding Machine, Again — I covered the announcement of Foldimate last year (see “CES 2017: From Laundry to Play-Doh at Showstoppers,” 9 Jan 2017), because it made my list of ludicrous things that might amuse TidBITS readers. Back then, you had to lay each item flat on a rack and put it in the machine; it wasn’t any easier or faster than folding clothes yourself. It’s a year later, the shipping date has slipped and is still 2 years away, and the price has risen to $980. On the other hand, on the redesigned model, you just clip an item of clothing to the top of
the machine, it rolls in, and out it pops folded at the bottom. Foldimate estimates you’ll fold around 10 items a minute, which is faster than I can fold on my own. The company is taking pre-orders, but late 2019 is still pretty far away.

TidBITS Staff No comments

TidBITS Watchlist: Notable Software Updates for 15 January 2018

Quicken 4.6.8 — Quicken Inc. has released version 4.6.8 of its Quicken 2017 for Mac financial management app that displays a message if a sync hasn’t completed when you try to quit and lets you sync asset accounts between two Macs. The update also doesn’t require you to re-enter credentials after clicking Edit Accounts, fixes a bug that displayed different currency symbols in the Projected Balances chart, resolves an issue where the online balance date didn’t get updated if the balance didn’t change between downloads, and addresses a handful of the top crashing issues. ($74.99 new from Quicken Web site and Mac App Store, free update from Quicken 2017, release notes, 10.10+)

Read/post comments about Quicken 4.6.8.

EagleFiler 1.8.2 — C-Command Software has released EagleFiler 1.8.2, which now allows tag names to contain spaces to improve interoperability with Finder tags. The document organization and archiving app now also improves tag auto-completion, brings back support for the macOS Share toolbar button, stops attempting to import iCloud Drive temporary files, works around a macOS bug that could cause text in the records list to be unreadably condensed, and resolves a PDFKit issue that could prevent ejecting an encrypted library. ($40 new with a 20 percent
discount for TidBITS members from C-Command Software or from the Mac App Store, free update, 20.0 MB, release notes, 10.6.8+)

Read/post comments about EagleFiler 1.8.2.

LaunchBar 6.9.4 — Objective Development has released LaunchBar 6.9.4 to fix various scripts that deal with phone numbers not working on macOS 10.13.2 High Sierra (including Call with iPhone, Call with Skype, Call with FaceTime, and Send iMessage). The keyboard-based launcher also fixes a bug introduced in version 6.9.3 where the Compose iMessage action would send a file attachment instead of a text, resolves an issue with reminder notifications not working properly in High Sierra, and addresses an issue where an empty window would become visible when using the SwitchResX screen
resolution utility. ($29 new with a 20 percent discount for TidBITS members, free update, 14.6 MB, release notes, 10.9+)

Read/post comments about LaunchBar 6.9.4.

TidBITS Staff No comments

ExtraBITS for 15 January 2018

In ExtraBITS this week, Apple is expanding iOS parental controls in response to investor pressure, and the first onscreen appearance of Mickey Mouse could soon be in the public domain.

Apple Planning More iOS Parental Controls — Responding to concerns from two large shareholders (who hold approximately $2 billion in Apple stock) over the effect mobile devices have on the mental health of children, Apple has announced that it’s planning better parental control features in future versions of iOS. Apple already offers better parental controls than most platforms, and the company said in a statement, “Apple has always looked out for kids, and we work hard to create powerful products that inspire, entertain, and educate
children while also helping parents protect them online.” That may not be sufficient for the investors, who also want Apple to create an expert advisory committee, partner with outside researchers, help educate parents about Apple’s tools, and assign a high-level executive to monitor the issue and publish annual progress reports.

Read/post comments

Mickey Mouse’s Debut Film Could Become Public Domain in 2024 — Before the 1970s, U.S. copyright terms lasted for only 56 years, but over time Congress has extended that to 95 years — the last extension being in 1998. Those extensions have been pushed primarily by Hollywood, with the joke being that Disney will do whatever it takes to keep “Steamboat Willie” — the first film featuring its signature Mickey Mouse character — from falling into the public domain. According to an article in Ars Technica, it appears that Hollywood is now giving
up on further extensions due to greater public awareness of copyright issues. So on 1 January 2019, every work of art published in 1923 will fall into the public domain, something that has been delayed for over 40 years. And unless something changes, “Steamboat Willie” will move into the public domain in 2024, though Disney would still own the trademark to Mickey Mouse.

Read/post comments