All about Security, News and Incidents on Apple products

All about security, news and events on Apple products. Apple is with time permeated with more and more security vulnerabilities. Hence I post this new thread.

APPLE, SECURITY
New macOS zero-day bug lets attackers run commands remotely bleepingcomputer.com | Today

Security researchers disclosed today a new vulnerability in Apple's macOS Finder, which makes it possible for attackers to run arbitrary commands on Macs running any macOS version up to the latest release, Big Sur.

 

“iPhone Storage Almost Full” Bug Plaguing Users After Updating to iOS 15, iPadOS wccftech | today

 

Apple fixes another zero-day used to deploy NSO iPhone spyware bleepingcomputer.com | Sept 23, 2021
Apple has released security updates to fix three zero-day vulnerabilities exploited in the wild by attackers to hack into iPhones and Macs running older iOS and macOS versions.

---------------------------------------------------------------------------------

Your Outdated iPhone May Still Get Security Updates htg.com | SEP 23, 2021

All of these older Apple devices were unable to upgrade to iOS 13 and beyond. However, it appears as though Apple hasn’t completely given up on them, as the company releasing iOS 12.5.5 is a sign that Apple still cares about people who prefer to hold on to their older devices.

--------------------------------------------------------------------------------

Researcher drops three iOS zero-days that Apple refused to fix bleepingcomputer.com | Sept 24, 2021

Proof-of-concept exploit code for three iOS zero-day vulnerabilities (and a fourth one patched in July) was published on GitHub after Apple delayed patching and failed to credit the researcher.

 

Apple Accused Of Ignoring Three 0-Day Vulnerabilities And Skirting Bug Bounties hothardware - Sat, Sep 25, 2021

Like many big tech companies including Microsoft and Google, Apple has a bug bounty program that pays big bucks for newly-discovered security vulnerabilities. The fees for confirmed reports of issues range from $25,000 for "limited" unauthorized control of an iCloud account, to a cool million bucks for a zero-click remote chain with full kernel access without requiring user interaction. Of course companies build good will by following through on their promises of payment in these programs. When a researcher feels ignored, however, that can break trust in the program and leave vulnerabilities unpatched and exposed.

 

Hackers can use AirTags to steal your Apple account — what you need to know tomsguide.com | Sept 29, 2021

Apple's AirTags make it easy to phish people and steal their Apple accounts, a security researcher says.

Bobby Rauch, a Boston-area cybersecurity consultant, said in a blog post today (Sept. 28) that Apple makes it too easy to sneak malicious code into the online messages that AirTag owners can leave for anyone who finds their lost tracking discs.

 

Yet another one for the "most secure" mobile platform.

Security Experts Warn of Apple Pay Express Transit Hack That Enables Large Unauthorized Visa Payments From Locked iPhones - MacRumors

So, even when your phone is LOCKED they can rip off your visa in wallet. NICE!

 

The hit's keep coming...Now, iOS 15 messages bug will delete your photos and videos.

iOS 15 Messages Bug Causes Saved Photos to Be Deleted - MacRumors

 

NEWS
Intel asked Apple users what they want in a laptop. The answer? A PC pcworld.com | Today

Intel video gets Apple customers to admit they basically want a PC.

New knock-down from Intel vs. Apple. Yep, nothing new here.

 

Love it, They all thought it was apple coming out with all of these "new" technologies. lemmings gonna lem.

 

Apple silently fixes iOS zero-day, asks bug reporter to keep quiet bleepingcomputer.com
Apple has silently fixed a gamed zero-day vulnerability with the release of iOS 15.0.2, on Monday, a security flaw that could let attackers gain access to sensitive user information.

 

APPLE HOLIC
Experts call Apple's CSAM scheme 'a dangerous technology' computerworld.com

"The surveillance and control capabilities provided...can potentially be abused by many adversaries, from hostile state actors through criminals to users’ intimate partners," experts warn.

 

Bro @Spartan@HIDevolution Will you buy the new special Polishing Cloth from Apple? Only $19. This is a steal

Apple Will Sell You a Polishing Cloth for $19

Yep, the polishing cloth come in fresh white and have the rotten Apple logo. Apple have even posted a massive list on what type Apple product this small piece of cloth can be used on. Run and buy But don't use it as a mouse pad.

 

Apple go the opposite way of Dell Alienware. Add more more I/O ports for their newest Macbooks.

MacBook Pro with M1 Pro / Max: Apple brings back extreme performance and more connections computerbase.com | 10/18/2021

Yep. Apple go the totally opposite way of the other well known US brand as Dell Alienware. Who could imagine this a few years ago. @Mr. Fox @Ashtrix Isn't it amusing? Apple goes the same route (The bellwether for thin and slim design) but now offer more. Not less as Dell. Is less more or more less?

Apple is bringing back familiar connections
The rumors that Apple will bring back the ports they are familiar with from older notebooks have come true after even the most expensive configurations had to get along with a maximum of four Thunderbolt ports, which annoyed many professionals. Both new MacBook Pro are equipped with 3 × Thunderbolt 4, HDMI, SDXC card reader, 3.5 mm jack and third generation MagSafe.

*OFFICIAL* Alienware X Series Owners Lounge and Discussion


http://forum.notebookreview.com/thr...eaving-alienware.829424/page-13#post-11099066

 

Taking a look at their prices for wide selection of ports I think they are charging much more than an iPhone. Don't know how they managed 140W over TB4/USBC if its return of MSI/Dell battery boost everyone will have sour taste.

 

I have already ordered my new MacBook Pro, and now I feel like a fool for buying the MacBook Pro 2019 in August 2020. I felt confident the improvement would not be enough to entice me, and I was wrong. Oh well. I will get plenty for my current Mac.

 

Bro @Spartan@HIDevolution the new fancy and expensive Apple Polishing Cloth seems to give zero value reviewgeek.com gave it 3 of 10. @Mr. Fox is 3 too much?

At best, it just smushes stuff around the display. My devices look no cleaner after the effort. Oh no. I spent $19 on a cleaning cloth that doesn’t even clean. I should have braced myself better after the letdown of the box. This Polishing Cloth isn’t magical. It’s not a true advancement in textile technology. It’s not even breathtaking. I spent $19 on a small piece of cloth. I’m clearly an idiot.



Apple’s $19 Polishing Cloth Review: Seriously, What The Heck?

 

I'd say anything coming from crApple that costs anything more than free is more than I'd be willing to spend. But, that's just me.

 

People are weird. Or have too much money. But they obviously lack common sense... See here In a statement to the New York Times, an Apple official, who requested not to be identified, stated that the company is not at all surprised by the Polishing Cloth's strong demand.


Apple's $19 Polishing Cloth is backordered into 2022 due to immense popularity neowin.com · Oct 29, 2021 40

Apple's revolutionary $19 Polishing Cloth that "cleans any Apple display... safely and effectively" is reportedly outpacing demand, and if you order one now, you would probably get it in 2022.

 

People put far more trust on Apple when you can get 3m cloth at 1/3rd price of Apple and cleans/polishes your idevices.
I hope Apple won't make transparent undies/shirts/trousers which changes color acc. to homescreen setups from iwatch/iphone. During forced SW update homescreen will turn transparent.

 

Say what you want but those guys are brilliant at fleecing people. Absolutely ruthless.but brilliant. And it's all legal!

 

C'mon now. We know that one is "special" because it comes from the crApple vault of overpriced garbage for silly people. Plus, it is white and will look filthy after it is used once or twice, so that makes it even better. As an added bonus, it will make you the envy of the preppy kids at Starbucks, your friends on Facepoot, and the snooty snob travelers that hang out in airport terminals even when they have no place to actually go because they enjoy the virtue-signaling masked-up way of life.

 

I'm quite worried about people's health. Can't be any good for any of them with this types of fanboyism. Apple can do this because people lack common sense and not because they are brilliant.

People after buying this magic piece of fiber cloth from Apple....

 

I don't even wear white t-shirts because it gets ruined pretty quickly esp. gravy/curry.

 

You mean dark-coloured t-shirts are better because you can spill a bit of curry and keep wearing them for a while? Not good.

 

Give them some credit. It takes some serious marketing skills to produce such a devoted user base, and they did come up with important innovations back in the two Jobs eras.

 

People won't notice it otherwise I'll more eyes looking at me.

 

Microsoft discovers macOS "Shrootless" vulnerability, patch now available neowin.com · Oct 28, 2021 28

Microsoft has revealed more details about a macOS vulnerability that it discovered and reported to Apple. A patch is now out for OS-level flaw "Shrootless" on macOS Monterey, Catalina, and Big Sur.

----------------------------------------------------

macOS Monterey Update Blamed for Bricking Older Macs tomshardware.com

macOS Monterey is throwing up bricks for unsuspecting Mac owners.
When a new major operating system update is released, you’d expect to gain new features, improved performance and the usual array of bug fixes. Instead, according to Mac Rumors, some unlucky Mac owners upgrading to the newly launched macOS Monterey wound up with bricked machines.

 

Hmmm, bricked machine owners might buy older gen M1 and Apple can show higher adoption rate on M1 chipsets.
I usually wait couple of months for new OS either phone or PC for better stability.

 

Yep, the correct way for ugrades.

Users Who Upgraded to macOS Monterey Are Complaining About Their Macs Running out of Memory, Likely Due to a Bug wccftech.com | Today

 

Well its somewhat worse than W10/W11 since Apple is in full control of Hardware/SW vertical integration.

 

Apple publishes a statement about macOS 12 Monterey upgrade issues notebookcheck.net

Apple believes that it has fixed macOS 12 Monterey for devices with a T2 security chip. The fix will be no good for a machine that bricked when attempting to install macOS 12, though.

@Spartan@HIDevolution I'm not so sure the Apple side of OS is any better than on the Windoze side. Why can't they test it on own home brewed machines before release? Too much work? @Mr. Fox

 

For bricked T2's I think Apple might compensate with M1 Macbooks and M1 Max/Pro with rebates after giving their bricked Macs.
I thought MEI firmware brick was bad, now custom tuned hardware has no rollback features or even EEPROM.

 

Fines in Italy Apple and Google for aggressive data collection borncity.de November 29, 2021 by Günter Born

​

The Italian competition authority (Autorita Garante della Concorrenza e del Mercato) has fined Google and Apple in the amount of 10 million euros (11.3 million dollars) each. The reason are violations of consumer protection. One concerns a lack of information to customers and the second concerns aggressive practices in the collection and use of consumer data.

 

When less is more....
http://forum.notebookreview.com/thr...ger-apple-m1-max.837009/page-18#post-11131821

 

Apple goes the wrong way... And rest of the sheeple will follow after the bellwether.

2022 Mac Pro With Apple Silicon Might Be Less Upgradeable Than 2019 Mac Pro

With everything soldered on the M1 Max chip, the room for upgradeability is short. We are not sure how Apple will go about this aspect if it sees fit to give pro users an option to upgrade. While performance delivery might not be a big issue for many, it can still pose an unappealing deal for people looking to retain their machine for years through upgrades.

 

50,000$ for repairs and a million for SSD/RAM max combo in near future. Most studios will back a new Mx Mac Pro and call it a day