Howard Oakley explains App Translocation, a macOS security mechanism that protects against malicious plug-ins within benign apps but can occasionally cause first-launch crashes.
Security patches for Big Sur and Catalina. (Free, various sizes, macOS 11 and 10.15)
Patches security vulnerabilities in Big Sur and Catalina. (Free, various sizes, macOS 11 and 10.15)
Patches security vulnerabilities in Catalina and Mojave. (Free, various sizes, macOS 10.15.7 and 10.14.6)
Apple is making major changes to how it distributes iOS apps in the EU due to the European Commission’s Digital Markets Act, but the company is making it clear that it’s only doing so under duress.
If you had problems launching apps on your Mac—or if it was just behaving weirdly—around 4 PM Eastern Standard Time on 12 November 2020, here’s why.
In a move that has received little attention so far, Apple will let other makers’ products send privacy-protected “I’m lost” signals to Macs, iPhones, and iPads, as soon as year’s end.
Apple has once again released updates to all its core operating systems with a slew of shared features (Siri! Reminders!) and fixes (including worrying security vulnerabilities that are actively being exploited) and product-specific improvements (Apple Watch fallback authentication for mask-drive Face ID failures).
Apple says that the dangers of allowing customers to load arbitrary apps are too severe and that the iOS App Store is a bulwark against ransomware, device hijacking, the invasion of children’s privacy, and other problems common on Android.
Apple says future versions of macOS won’t include a number of open-source scripting languages. The impact of this change will vary depending on the audience, but it will affect more people than you might think.
macOS 10.14 Mojave brings important security and privacy improvements to the Mac, but both Apple and developers need to work harder to avoid overwhelming users with a cacophony of alerts.
At WWDC, Apple threw back the curtains on macOS 10.15 Catalina, bringing the Mac ever closer to iOS without losing sight of what makes the Mac unique. We’re particularly impressed with the work the company did on accessibility features.
A new piece of Mac malware is making the rounds. OSX/MaMi hijacks macOS’s DNS settings to intercept traffic by routing it through malicious servers. Additional capabilities, which didn’t seem to be active in the version that researcher Patrick Wardle analyzed, including taking screenshots, generating simulated mouse events, persisting as a launch item, downloading and uploading files, and executing commands. The motive, author, and how OSX/MaMi is spread are currently unknown, and when the Hacker News article was published, antivirus apps weren’t able to detect it. To see if you’re infected, check your DNS settings in System Preferences > Network, and look for the DNS servers 82.163.143.135 and 82.163.142.137. But unless you did something to bypass macOS’s Gatekeeper security, you likely have nothing to worry about since the malware’s executable isn’t signed by Apple.
As of 1 October 2018, Apple will stop paying affiliate fees on apps purchased through recommendation links. It’s a small-minded, unpleasant move that can’t benefit Apple in any significant way but will hurt many small publishers, although TidBITS won’t be affected.
In ExtraBITS this week, Apple has been hit by a double dose of bad: a new form of DNS hijacking malware that targets the Mac and another crashing link bug for Messages in both macOS and iOS.