Good Reads for August, 2019

Originally published at: https://appletalk.com.au/2019/08/good-reads-for-august-2019/

Every month, we’ll be bringing you a handful of hastily handpicked, if slightly longer, reads about the wonderful world of Apple. Whether they’re explainers on the current state of play when it comes to iOS zero-day security exploits, what happens when you’re locked out of Apple’s walled garden, or ways Apple could be better dealing with providing user information without resorting to the alert hammer for every potential security/privacy issue, they’ll all tell a story that probably won’t have already been shared in the daily news cycle. All I know is, bring your own Instapaper account, because this is Good Reads.

  • Wired has a brand-new article on Google’s disclosure of long-standing websites hacking iPhones. By performing complex exploit chains that work on several different versions of iOS, these websites have been silently compromising iOS devices for years, with the idea being that we now know of a serious security issue we don’t really think about when we think of traditional hacking of any kind, iPhone or otherwise. But given the prevalence of the web on basically any device you can connect to the internet, maybe it’s time we did. It’s an eye-opener, for sure.

The attack is notable not just for its breadth, but the depth of information it could glean from a victim iPhone. Once installed, it could monitor live location data, or be used to grab photos, contacts, and even passwords and other sensitive information from the iOS Keychain.

  • Quartz’s Luke Kurtis was locked out of his Apple ID earlier this month, and as it turns out, that’s actually a huge inconvenience. Especially when you’ve given hundreds, if not thousands of dollars, to Apple in iTunes and App Store purchases over the years, and your account is now locked out because you fell victim to an iTunes Store gift card scam. That’s a lot of platform lock-in to be concerned about if you ever need to pack up and move to a new Apple ID, which thankfully wasn’t the outcome here after telling some people about what happened.

Apparently all she had to do was to escalate this to Apple’s internal security team who, because she had vetted my account, would re-enable everything within 24 hours. She stressed that if that did not happen to get back in touch with her and she’d work with me on the next steps to get it taken care of. Great.

  • Riccardo Mori points out an article from last month about the increasing scourge number of security alerts Apple has been adding to macOS. Recent macOS releases are worse than their older counterparts, with macOS 10.14 Mojave and macOS 10.15 Catalina being the main culprits for what we’re deeming the "alert hammer", otherwise known as the tendency for Apple to put any and all kinds of security issues behind an alert. It’s well worth reading the linked piece to get a feel for how bad the issue is, and you’ll quickly realise that it bears a striking similarity to Windows’ UAC all over again. There’s got to be a better way, right?

Everything I’m reading about Catalina, the experiences of those valiant people trying out the beta, and the technical observations of the more expert users and Mac developers, gives me the impression that Catalina is perhaps the first version of Mac OS that is more useful to Apple rather than their users, if you get my drift.

  • One of my favourite Steve Jobs quotes of all time is when he’s talking about the personal computer as being a bicycle for the mind. Steven Sinofsky’s take on the quote in 2019 is that there’s still key takeaways that we can apply today, despite the original advice being shared in the 1980s. If anything, some of the concepts alluded to by Jobs in his original interview, and the idea that personal computers can somehow further humanity as a whole, are even more applicable now than they were then, even though they went on to shape Apple’s ethos and culture for years to come.

Jobs then goes on to discuss the democratization of computing. When asked about being too dependent, he describes the difference between centralized computing and the PC. Then he is back to SciAm and the Condor. PCs free humans to be creative and work at conceptual level.

  • It’s not strictly related to Apple, but once in a while I like to share something that isn’t. The Verge has the story of Dragonfly Futurefön, a crowd-funded device from 2014 that is more tragedy than fairytale. You probably know where this is going, as the story of broken promises and failed Kickstarters is nothing new. But imagine if instead of being a complete and utter failure, the Dragonfly Futurefön was as wildly successful as its Indiegogo campaign suggested? Would we all be using split-screen, foldable phones with full-size keyboards today? Would the iPhone have faded into obscurity basically overnight? We’ll never know, but it’s fun to think about.

The Futurefön’s page showed a sleek, palm-sized touchscreen that slotted into a laptop dock, then folded flat and flipped open again, revealing a second screen and a full-sized laptop keyboard. It could run both Windows and Android, and its creator, a startup called IdealFuture, promised to replace your phone, laptop, and tablet at an incredible price of $799.

1 Like

Interesting reading at Wired… But why cant we have a list of sites to avoid? And how come ist always and only the google researchers who find these iOS exploits?