Always strive to learn something useful. --Sophocles

Apple announced their new M4 Mac Mini. The Mini is a pretty awesome computer: connect a monitor, plug it in, link up a keyboard and mouse, link it up to your WiFi, and you have a very powerful small desktop.

The stupid design move? THE POWER BUTTON IS ON THE BOTTOM OF THE CASE!

You're going to have cables plugged into the back. Definitely power, your monitor, maybe a couple of USB cables. That's going to have tension. And it might be in a location that's inconvenient to actually lift up the damn thing. Not to mention, people make accessories designed to stack on top of it, or for it to be stacked on top of.

LET'S INVALIDATE ALL OF THAT!

Whoever designed this 'button on the bottom' needs a really serious smack upside the head, and whoever approved it two or three.

'Oh! You can reboot your computer from the keyboard!' Uh, welcome to reality! Sometimes you can't, and you have to reach for the proverbial big red switch! (for those of you who didn't work with the original IBM PC back in the mid 1980s, the power button was literally a big red toggle, hence the term)

Stupid Design Move #2: Apple has a mouse that people really like, I am not among them. It's known as the Magic Mouse - heaven forbid it have a conventional name. The cool thing about it is that the top is actually a track pad! My dislike for it is that I don't like the ergonomics, it's too small and flat, I want a mouse with a bit more heft/volume. Anyway, the first generation ran off of a pair of AAA batteries. The previous generation was rechargeable, but they made a stupid mistake: the cable plugged into the bottom of the mouse at a right angle! You had to flip the mouse onto its top and it was unusable while it charged. It was widely hoped that they would fix that by moving the cable jack to the top with the new redesign.

That hope was dashed with this week's reveal that the port is still on the bottom of the mouse, it is still unusable while charging.

There's a huge number of crazy smart people at Apple, and some amazing product design there. But that doesn't always prevent some really stupid decisions from being made. I'm planning on buying a Mac Mini when it comes time to replace my iMac, which hopefully won't be any time soon. I hope they realize their folly and move the power switch to the back where it belongs when that time comes.

https://appleinsider.com/articles/24/10/29/apple-stuck-the-mac-mini-power-button-on-the-bottom

This is being thrown against high-value targets: AI startup owners, cryptocurrency fund managers, computer security consultants, etc. The odds of this being targeted against average shlubs is quite low as it requires some resources to be deployed, but that doesn't mean it can't happen. Regardless, it's always good to be aware.

In this case, MFA stands for multi-factor authentication. When you sign on to iCloud on a PC and it sends a six-digit number to your phone to authenticate in your PC browser, that's MFA.

What this attack is doing is flooding the target with dozens and dozens of Reset Password notification messages, exploiting a rate limit flaw. By rate limit, we mean limiting how many messages of a specific type that can be sent within a certain time frame. Normally if you (the account owner) request a password reset, a reasonable rate limit would be a message every 15-30 seconds, not more often than that. You wouldn't allow a flood of messages. These particular crooks have found a way to induce a flood.

The result is the classic Allow/Deny result. Clicking Deny gets you another message. Clicking Allow is not catastrophic, it pops up the MFA number entry screen. Eventually you get a call from "Apple Support" with the correct (spoofed) phone number, and they'll be able to verify pretty much all your information, because they've bought it from a data broker - one of the resources they have to deploy, which is why it's more of a targeted attack than a wide-spread one.

And this is the biggest giveaway - Apple Support will NEVER call you, unless YOU initiate a support call for them to call you back!

The only way to truly block this attack at the moment is to change the phone number, and we all know what a PITA that would be! I suppose you could temporarily buy a burner phone, change the outgoing message on your prime phone to say 'This number is temporarily out of service, if you need to contact me, drop me an email and I'll call you back' and notify your true emergency contacts and employment contacts.

It's believed Apple will be looking at fixing the rate limit that's allowing this bombing attack to take place, but Apple is typically pretty tight-lipped about these things.

The article is an interesting read to see what people are going through right now.

In a way, what this is is a moderately sophisticated social engineering attack with a good amount of resources behind it. And if the victim falls for it and enters the reset code, they've surrendered the keys to their iCloud account to the criminals and potentially can see ALL their devices wiped and reset: phone, watch, iPad, laptops. But not before the information is sucked out of them.

https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/

A Federal appeals court blocked the import ban of Apple Watches on December 27 following an appeal by Apple to the court and to the ITC, allowing Apple to temporarily resume sales of the Watches on its web site until at least January 10 when presumably the ITC might be able to hear Apple's appeal. President Biden did not act on the appeal on his desk before his deadline, allowing the ban to go into effect.

What happens now is anyone's guess. I think Apple was pretty blatant in stealing the tech for monitoring blood oxygen and should be punished, whether it rates a ban or a whomping huge fine, I don't know.

https://www.engadget.com/the-apple-watch-import-ban-is-paused--for-now-183332952.html

Apple lost a law suit regarding them stealing tech and poaching employees from a medical device maker, and an import ban was levied as part of the punishment. Christmas Eve is the last you'll be able to buy an Apple Watch 9 or an Ultra 2 at the brick and mortar Apple Stores for the foreseeable future, unless things change, which could happen.

I posted about this a few months ago. Apple met with Masimo ages ago to look at their tech, and after that, hired a bunch of engineers and an executive. Masimo filed two complaints about Apple's intellectual property theft with the International Trade Commission. In October, the ITC ruled in favor of Masimo, resulting in the import ban for the Apple Watches which violate Masimo's tech and patents. The ban can be vetoed by President Biden, but we're down to literally the final hours and he's had since October to do it, such a veto of the ban is looking a little unlikely.

Apple shouldn't have stolen the tech and poached the people, they should have sweetened the pot and struck a deal.

https://gizmodo.com/apple-watch-ban-patent-lawsuit-masimo-1851108141

The Woz, 73, suffered a "small capillary leak" before giving a speech at a forum. He experienced dizziness and was unable to walk. The leak was discovered via MRI, he stayed in the hospital 24 hours on a gurney, which would not be a lot of fun, and was not allowed to roll to his side. I assume they thought the additional blood pressure from rolling over might have exacerbated the leak, possibly causing a full-blown rupture?

He returned home and is reportedly feeling good and has cancelled forthcoming speaking engagements in Dubai, Colombia, and Azerbaijan.

Woz was the engineer who invented the Apple I and Apple II computers and founded Apple Computers with Steve Jobs in 1976 along with Ronald Wayne - now THERE is a trivia question for you! Jobs, of course, passed away in 2011. Another amusing bit of trivia: the company was founded on April 1!

https://arstechnica.com/gadgets/2023/11/steve-wozniak-suffers-minor-stroke-in-mexico-city-before-scheduled-talk/

First up, Western Digital is splitting off its flash memory business.

In 2016, WD - traditionally a hard disk drive maker - purchased flash memory maker SanDisk. SD is known for making USB flash drives and compact flash cards for cameras, smart phones, and other devices. If you look back at 2016, the purchase makes sense: solid state drives were booming, and WD wanted to grow in that direction. But the pandemic utterly disrupted the hard drive and SSD industries and the flash memory side of the business has been suffering.

Now here's the interesting bit. An activist investor started pressuring WD to split off the business, and now they are! Their fortunes will rise and fall as they may, independent from one another. And, I guess, investors will be able to gobble up more stock from each of them?

https://www.reuters.com/technology/western-digital-separate-into-two-companies-2023-10-30/


Apple released their new CPU architecture, the M3 chip. And it has an interesting memory characteristic: it has 25% less memory bandwidth!

There's some curious things going on here, and it's a little too early to know exactly what's up. The chip was just announced yesterday, and the computers are not yet available though they can be ordered now. This is the third ARM M-series chip that Apple has developed in-house and they are screamers. I bought an M2 MacBook Pro earlier this year and am quite happy with it. This M3 chip? It's a bit puzzling. They are comparing the specs of the M3 against the M1, not the M2. And gee whiz, Batman, it's faster than the M1! The numbers would not be nearly as dramatic against the M2.

But the memory numbers are pretty firm: if you have processes that require LOTS of memory access, you may not get the performance out of an M3 system that you would out of an M2. The reason why this limit is in place is unclear, it may have to do with chip limitations or yield. Things will be revealed when actual units ship and are subjected to rigorous testing and labs outside of Apple's purview can get to the bottom of this strangeness.

It's going to be interesting to see what's going on here.

https://www.macrumors.com/2023/10/31/apple-m3-pro-less-memory-bandwidth/

I admit I'm an Apple fan - to a degree. They do a great job of integrating their products, and that is very useful to me. Their hardware is very high-end, but you do pay a direct price for that. They have excellent customer support. And you pay a price for that. And I'm willing to pay that, because I'm sick and tired of having to fix lousy products myself! I've been doing it for too long.

But I also don't like a direction that Apple has taken. They've bound themselves onto this treadmill that ALL of their iPhones have to be refreshed EVERY year. Which means a new iOS EVERY year. They introduce new iPads every year, though that's not a complete line refresh annually. And they introduce new laptops every year, but again, not a top-down refresh. And they do a new MacOS every year.

And in my ever so humble opinion, this is sometimes forcing them to release things before they're truly ready for prime time. The iPhone 15 released a few months ago? Has overheating problems. And if you use wireless induction charging in a BMW or maybe a Toyota, it can zap the NFC chip - Apple says a fix coming later this year. When they released iOS 11 a few years ago, they completely screwed over hearing aid users for pretty much the entire duration of that product release.

The problem is, a lot of the tech industry is ruled by people who live by the mantra 'Move fast and break things' and go back and maybe fix it in the next iteration. I hate seeing products released that haven't been properly tested and have major flaws, just to meet a marketing deadline! Marching to this constant beat of a one year release cycle to match hardware of ever-increasing complexity is a recipe for utter doom.

My iPhone, a 13 Mini, is two hardware generations from the current version. I bought a pair for my wife and I two years ago this coming Christmas. It's running iOS 17, the latest version. But I now believe that it is not truly iOS 17. You see, they time the new iOS release with the new iPhone release, and the new iPhone will ONLY run the latest iOS, can't run the previous generation. I have a feeling that iOS 17.0 is actually iOS 16.9. I think that they're continuing to build on the previous iOS, putting on new shinies and bells and whistles, plus the stuff needed to support the new hardware in the latest generation phone, and then changing the version number to the next increment. At some point they have to fork the operating system (make a copy so maintenance engineers can make patches (fixes) for problems in the aging code base) so that the engineers working on next year's phone can get the operating system working for the newer hardware, which is software-disabled for the old phones since that hardware doesn't exist on an iPhone 13 even though iOS 18 will need to run on it.

Software development for things like this must really suck be really challenging, and I am so glad that I was never involved in it! I wrote business systems for government agencies to support populations in need, and I'm proud of what I did because it helped people. This stuff? Far beyond my ability, that's for sure. Completely different type of programming.

Also Apple TV. Watches go to v10.

iPhones are getting a couple of interesting features that I like. One is the ability to share Air Tag tracking, that'll be nice. And a live phone message transcription feature which will allow you to pick up the phone call while the message is being left if you want! Just like the old answering machines used to let you do.

Some other notable updates:
--Maps let you download segments where you know you'll be outside of cell coverage
--iPhone 14 and 15 can tie AAA Roadside Service into the Emergency SOS satellite coverage
--Improved crash detection for the iPhone 14

My Mom never understood how cell phone voice mail worked. She'd leave a message and it was along the lines of "Wayne? Are you there?" Sorry, Mom. Once you were at that stage, no, I wasn't there.

I am a bit nervous that they might yet again screw up how hearing aids work. A previous version of iOS, I think it was 13, was an utter nightmare! It was never fixed, though it was slightly improved over the course of the year. I eventually gave up and went to my iPhone 8 as it had the previous iOS on it. Finally the next version of iOS started playing well with my hearing aids again.

Makes you wonder how well they test these things.

Myself, I'm not updating devices - yet. I'll wait until they get to .1 or .2, I've been burned before and John Scalzi's new book, Starter Villain, dropped last night and I'm not going to lose the chance to continue reading it. I can wait a couple of weeks to download all these.

This link describes what appears to be all the changes:
https://www.macrumors.com/2023/09/18/apple-releases-ios-17/

MacOS will get a new release very soon.

Wait a minute. NOW we're going to have to start tipping retail employees?!!!

Now, this is a bargaining item in contract negotiations. While I can agree with many of their asks, this one? This one I would say a hard 'no' to. In the USA, we tip in restaurants because, unlike most of the civilized world, we don't believe that working in a restaurant is a respectable job and career in and of itself, and we pay those people shit. Those restaurant wage floors 'because they make it up in tips' is utter bullshit and go back to discriminatory practices against black people.

But this? Retail doesn't pay great, and really doesn't make for a career outside of management, but they're paid better than minimum wage. And Apple Store employees I expect make well above minimum wage, though I do not know it for a fact. I would think Genius Bar people are paid quite well as they require very specialized and in-depth knowledge and have to pass exams to get the job.

But overall tipping for retail? No. The fundamental problem is our screwed-up economy here in the USA that demeans jobs and tries to suppress wages. I will gladly pay more for a meal in exchange for no tipping, or none of that 'surcharge for employee healthcare and wellness' tacked on to my bill. If I find that on my restaurant ticket, it's probably the last time that I'll eat there. Add a buck to every entry, $0.50 on everything else, and make it work based on additional revenue.

https://www.businessinsider.com/apple-workers-union-in-towson-fighting-for-tipping-2023-5

https://apple.slashdot.org/story/23/05/05/2036208/unionized-apple-store-workers-want-you-to-start-tipping-them


In a related story, customers at SELF-SERVICE KIOSKS ARE BEING ASKED TO TIP! A tip is supposed to be a reward for good service, not for the privilege of us parting with our money! It's been seen at Newark Airport and sports stadiums. YOU ARE NOT BEING SERVED! Supposedly tips are being shared out, but do we know this for a fact?

No, if I tip, I want to see the person who is receiving it, and I want it to be justified. A self-serve kiosk is not justification saying that there are other people working there who will receive it.

https://www.businessinsider.com/customers-are-hesitant-to-tip-at-self-check-out-2023-5


While I am overall a big fan of unions, this is just overreach. Then again, if you don't ask for it, you won't get it, so what's the harm in asking?

And remember: Tip Your Local Librarian!

;-)

This capability is new to the 14 and will presumably be continued and improved upon in future generations. In an emergency, with some restrictions, the phone will connect to emergency services via satellite. In this case, the dude was driving across Alaska wilderness in a Snow Machine was stranded when the machine broke down. His iPhone 14 was able to make a connection, transmitting precise GPS coordinates to emergency services and he was rescued!

The satellite SOS becomes a subscription feature after an initial trial period.

I understand a future Google phone will have similar satellite SOS functionality.

I don't have a link to it, but another person was saved with an iPhone. She was at a family gathering, went home, and no one heard from her. The iPhone has a feature called Find My Friend that lets you see the general location of where other people are - they have to send you an invitation and can cancel it.

Family used Find My Friend and got a consistent, non-moving signal off the highway. Turned out she'd rolled her car off an embankment that was not visible from the road. Family were able to find her and call emergency services, though it took some work as the car was inverted in a culvert and she was rescued.

And before people start replying with "I don't want to be tracked!", regardless of whether you use a smart phone or not, your cell company has precise location data on you - it's the only way cell towers can work. If you choose not to further share your location info, that's fine. Me, I'm seriously thinking about upgrading my wife's phone when the contract is up in December to get this satellite SOS feature - a lot of the drive to the observatory has no coverage, and when she hit an elk and totaled her car a few years ago she was was in such a dead zone. Fortunately someone came upon the accident shortly after it happened and took her to a place with signal.

https://www.macrumors.com/2022/12/01/iphone-14-satellite-sos-in-action/

https://mobile.slashdot.org/story/22/12/02/2143226/iphone-14-satellite-feature-saves-stranded-man-in-alaska

Amazing stuff. The Bahrain gov't bought a hack that allows them to send a text message to an iPhone owned by a journalist, anti-government protester, cheating mistress, whoever, and the phone is compromised. You don't have to click on a link, open a document, play a video. No interaction whatsoever. Receive the message, and your phone is rooted.

They probably paid a few million bucks for it, but they're the Bahrain government - what do they care for such a tool?

Apple has been fighting these zero-click attacks and instituted a good defense, but this latest one blasts right through it. The problem is that "we" (not me) want emojis, embedded videos, photos, etc. and that requires access deeper into the phone's infrastructure, and that all by definition makes things more vulnerable. If the app only allowed messages without any frills to be sent back and forth, and you had to use emails to attach the fun stuff, then the Messages app could be completely secure. But where would be the fun in that?!

So Apple gets to play an on-going game of whack-a-mole.

They're releasing a new version of IOS, 15, probably in October, which should increase security, but that security will certainly be broken at some point and the whack-a-mole will resume.

Myself, Apple occasionally ticks me off with changes to IOS. For example, I think it was when 11 was released, they broke their podcast player, and I foolishly updated my phone literally the day I was to drive to Phoenix, a nice long 500 mile drive. The break? Let's say you want to listen to four or five Wait Wait Don't Tell Me episode. You play the oldest and the next one automatically starts. Except the program broke and it wouldn't start the next, so you're zipping down the interstate at 75 MPH and have to fumble with your phone to start it. How the hell did this not turn up in testing?

So on occasion I think about buying a flip phone that has a 4G hotspot, plus an iPod Touch to hold all my apps, music and podcasts, and data stores and go back to something resembling the late '90s.

https://www.wired.com/story/apple-imessage-zero-click-hacks/