Apple Addresses Bash Bug With New Patch
No more command line input or complicated workarounds: Apple has released a downloadable patch for fixing the bash “Shellshock” bug.
The patch is available not only for OS X Mavericks v10.9.5., but also older versions of Apple software: OS X Lion v10.7.5, OS X Lion Server v10.7.5, and OS X Mountain Lion v10.8.5. There is currently no fix for machines running test versions of Yosemite.
Last week, an Apple spokesperson said that “The vast majority of OS X users are not at risk to recently reported bash vulnerabilities.” However, the company acknowledged it was working on the bash patch released Monday.
See also: New Security Flaws Render Shellshock Patch Ineffective
Security researchers recently discovered that bash, a UNIX command shell and language included in OS X, includes a 22-year-old vulnerability that allows hackers to sneak prompts in as variable names with the computer being none the wiser. As researchers discover more and more related flaws, new reinforced patches have been released every day.
Photo by Steven Tom
from ReadWrite http://ift.tt/1v0ltGI
via
New Security Flaws Render Shellshock Patch Ineffective
Your system is still vulnerable to the Shellshock bug, even if you’ve patched it. Security researchers have found new flaws in bash, rendering previous patches ineffective.
See also: How To Detect And Patch This Big, Bad Unix Bash Shellshock Bug
The bash shell is an omnipresent command-line interpreter used by default in Unix and Linux, and by extension, Apple’s OS X software. The shell itself is decades old, and it turns out the bug has been present for the last 22 years without detection.
Linux stewardship company Red Hat released a series of fixes to patch up the eight or so versions of bash that were vulnerable. On Friday, Red Hat released a second round of patches to resolve newly discovered security flaws, and those discoveries keep coming.
See also: The Bash Bug Makes Every Mac Vulnerable; Here's How To Patch It
Google security researcher Michal "lcamtuf" Zalewski has been tweeting as he uncovers increasingly serious vulnerabilities in the bash shell. He recommends Red Hat security researcher Florian Weimer’s still-unofficial patch.
At the moment, the only people who need to worry about patching the Shellshock bug right away are system administrators and people with who have tweaked the advanced Unix settings on machines running OS X or Linux.
“The vast majority of OS X users are not at risk to recently reported bash vulnerabilities," Apple said.
Photo via Shutterstock
from ReadWrite http://ift.tt/YFXeD2
via
Amazon Doubles Down On The Connected Home
Amazon is quietly staffing up its Silicon Valley-based hardware lab as it gears up to create and test new connected home gadgets.
Lab126, the Amazon division behind hardware products like the Kindle Fire, will bring its full-time payroll to at least 3,757 in the next five years, Reuters reports in an exclusive story.
With this plan, detailed in an obscure government document, CEO Jeff Bezos’ plan to focus on hardware is affirmed. This despite lagging Kindle Fire sales and investors’ criticism of Amazon’s constant spending on long term pie-in-the-sky projects.
See also: Amazon Gets Serious About Hardware With 6 New Tablets
Anonymous sources told Reuters that Amazon will be investing $55 million into Lab126’s activities in an effort to prepare smart home devices to compete against Google and Apple.
Google, Apple, and now Amazon are all racing to create the ultimate platform for the Internet of things. In an era when dishwashers, refrigerators, and security systems have the potential to become self aware, technology companies all want to get in on the next big market.
The mobile phone industry has taught us that the device that ends up on top won’t only support the company’s products, but third party applications as well. As Amazon doubles down on the Internet of Things, it will need to work out a product that not only centralizes all the connected home devices, but streamlines the process better than anyone else.
Photo of Jeff Bezos by Steve Jurveston
from ReadWrite http://ift.tt/Y73vaS
via
5 New iOS 8 Features Developers Need To Get Their Heads Around
The latest iteration of Apple’s operating system is finally here, just a few short days before the iPhone 6 itself—both versions—makes its actual appearance.
Developers have had access to iOS 8 since June so they could explore new features, test their apps, and see what’s changed. If you're just catching up now, here are some of the biggest changes you'll encounter as a developer when you start working with iOS 8.
Adaptive User Interface
It’s time to start thinking differently about user interfaces.
In iOS 7 and previous versions, developers needed to consider different ways users might encounter their apps—primarily the landscape (horizontal) and portrait (vertical) views. The introduction of Auto Layout, a tool to simplify the process of fitting apps to screens, in Apple's developer suite Xcode minimized that particular headache.
See also: Hold Up! Here's Why You Might Want To Postpone That iOS 8 Upgrade
Now, says Step Christopher, iOS team manager and instructor at Big Nerd Ranch, Apple wants to change the way developers think about designing apps completely. "Apple no longer wants us to be thinking of specific screen modes,he said during a demo. "Instead they want us to target general sizes and let them flow out to the different devices and orientation as appropriate."
Christopher thinks this means that soon Auto Layout may be the only, or at least most way to design apps for Apple products. “If you’re not using Auto Layout it’s something you need to get up to speed on very quickly,” he said.
Context Sensitivity
Today’s Apple users increasingly want smarter devices. That includes day modes and night modes for apps that adjust their brightness according to the time.
Users may also notice that more apps want to access the phone’s location data. That’s already becoming a bigger thing, but as iOS 8 makes it an easier feature for developers to include, it’ll become even more popular.
iOS 8’s new capabilities allow for context sensitivity in regard to motion, too. Since the latest Apple devices have sensors to detect altitude and movement, those sensors are now fair game for app development. New apps, or apps converted for iOS 8 could potentially deliver different displays to users who are walking than to those who are driving.
Extended Functionality
Apple didn’t just release 4,000 new APIs for developers. In iOS 8, it also made it easier to add API functionality to apps in general.
See also: How To Download And Install Apple's iOS 8 Beta
APIs allow developers to add new functionality to their apps without reinventing the wheel. However, testing the new apps has been challenging so far because developers are only able to see how they’ll look using the new software, not hardware.
Now that Apple has finally released new phones, testing how APIs work on the latest phones running iOS 8 will be a little less frustrating.
Outside The Box
The Notification Center is going to play a much larger role with apps in iOS 8. More developers may want to take advantage of the ability to display new kinds of notifications from different apps.
Some developers are even referring to one kind of new notification, which Apple calls "Today Extensions," as "widgets" since they bring some of an app’s functionality outside the app proper.
Zach Waldowski, a software developer at Big Nerd Ranch, demonstrated that adding extensions to app functionality is as simple as opening up Xcode, clicking “Application Extension” and adding it to your app.
Swift
No discussion of iOS 8 is complete without a mention of Apple’s new in-house development language, Swift.
Introduced at the World Wide Developer’s Conference, the language is designed to be simpler to use than Objective-C, while still being compatible with Objective-C. Apple hopes an easy-to-use language will encourage more developers to build on iOS 8.
See also: Apple's Swift Language Goes Pro, Reaches Version 1.0
Swift just got upgraded to version 1.0, which means it’s officially out of beta. Apps that include some—or more—Swift coding are now allowed in the app store. That gives more developers an incentive to try it out for new apps right as the new devices are coming out.
Photo by Global Panorama
from ReadWrite http://ift.tt/1tgQurx
via
This Smartphone App Helps You Park Like A Rock Star
Circling the lot for a parking space is still one of our most infuriating pastimes. Now researchers think they’ve found a solution, no shady payouts or middlemen included.
Researchers at the State University of New York at Buffalo have invented PocketParker, an app that turns a user’s smartphone into a passive sensor to track other app users. A remote computer analyzes user actions and determines whether a parking lot likely has a free space.
To test the app, researchers had 105 smartphone in Buffalo use the app for a month and a half, for a total of 10,827 car arrivals and departures. The researchers installed cameras at parking lots to check their work and determined that PocketParker is able to correctly predict the number of available parking spaces 19 times out of 20.
The researchers will present their findings at Seattle’s Ubicomp conference this week.
See also: San Francisco Tells Parking Apps To Stop Auctioning Spaces
There’s certainly a demand to make parking simpler, but so far the proposed solutions have fallen short of the mark. Monkey Parking was a short-lived app that allowed San Franciscans to buy and sell public parking spots, which they didn’t own in the first place. It’s no wonder that San Francisco’s city attorney soon sent it a cease and desist.
Monkey Parking, along with competitors like Sweetch and Park Modo, still have active websites. However, they all cost money and a free alternative like PocketParker could replace them all—without creating a new sharing economy to piss off the city, either.
Photo by Matt Page
from ReadWrite http://ift.tt/1mb9qqt
via
EFF Urges Congress To Protect Privacy In The Cloud
Despite its misleading name, the Electronic Communications Privacy Act of 1986 made it legal for the U.S. government to obtain citizens’ email without a warrant or probable cause.
Now the Electronic Frontier Foundation and 70 other civil liberties organizations, public interest groups, and companies are trying to get it revised. This week they sent two letters to the House and Senate urging lawmakers to reconsider the “archaic” act. The first promotes HR 1852, the bipartisan Email Privacy Act, and the other its Senate companion bill S. 607, the Electronic Communications Privacy Act Amendments Act of 2013.
See also: Online Privacy: The Opt-Out Revolution Is Almost Here
There are more than 260 cosponsors in the House for the Email Privacy Act, and the Senate’s counterpart is due for its final vote, the EFF wrote.
Thanks to the Electronic Communications Privacy Act of 1986, it is far easier for the government to obtain private digital information stored online than on a computer’s hard drive, something that the many digital rights organizations believe is outdated and needs to change. Significantly more of Americans' personal data is stored in "the cloud," than it was in 1986.
See also: How To Protect Yourself In The Cloud
“Updating ECPA would respond to the deeply held concerns of Americans about their privacy. S. 607 would make it clear that the warrant standard of the U.S. Constitution applies to private digital information just as it applies to physical property,” both letters read.
Lead image by StockMonkeys
from ReadWrite http://ift.tt/1qrNmJA
via
Apple Is Ready To Unveil Its Big New Mobile-Lifestyle Vision
The crowds are gathering in Cupertino for what may be Apple's biggest event of the year—one in which it's expected to unveil new devices, new software and new services that basically amount to a big next step in the company's mobile-lifestyle vision.
Of course, there will be new iPhones—two of them, apparently, both much bigger than the current crop. There will be a new wristworn device, possibly dubbed the iWatch, the iTime, or something completely different. There might be other devices as well—a big new iPad, new iPods, or something else. There will likely be details on Apple's foray into payments-via-smartphone, smart-home automation and fitness and medical issues.
Most of all, though, Apple will be pitching the notion that its iDevices will be key to our future as digital denizens. Will it be a convincing argument? Only way to tell is to watch the presentation (which you can view live using Safari here).
Our ReadWrite team will be tweeting throughout the event at @RWW, so join us there. As we post our stories, we'll link them here.
Catch you all on the flip side.
Lead image by CPG Grey
from ReadWrite http://ift.tt/1qdsgyw
via
Quirky Is Reinventing Invention—Again
When Ben Kaufman started Mophie, the iPod and iPhone accessories maker, as a teenager, he had to teach himself a lot about the process of invention.
He sold Mophie in 2007 and started his next company, Quirky, with the idea of helping others like him turn their ideas into products faster—assisting with everything from refining the name and design of a product, to manufacturing it, to getting it onto store shelves.
Quirky resembles crowdfunding services like Kickstarter and Indiegogo in helping gather input for new products from interested buyers. But unlike those services, Quirky actually takes the product all the way to market. Given how many crowdfunded campaigns stumble when it comes to manufacturing, that's a crucial difference.
Now Kaufman is reinventing Quirky. He calls it "Quirky 2.0"—and it's changing almost every aspect of how Quirky's 100,000-person community collaborates on inventions.
Curious about what this involves? So am I. I'm hoping to interview Kaufman on stage at the next SXSW Interactive Festival in March 2015. Like Quirky itself, this is a community effort—I'm counting on you to vote for my panel. The deadline for votes is Friday, September 5, so I need your help.
I caught up with Kaufman by phone while he was on the road in Atlanta, courting Home Depot to stock more Quirky products on its shelves.
Vote now: We Are All Inventors Now: Q&A With Quirky's CEO
"We've been pretty focused on the same mission we've had since Day One—make invention accessible," said Kaufman. "The big change that you've probably seen, as time has gone on, as we've been able to add more experts on the Quirky team, we've been able to make a more sophisticated kind of product."
After starting with what Kaufman calls "small, plasticky kind of stuff"—cord managers and kitchen gadgets—Quirky's now turning out sophisticated gear like a smart air conditioner. It's set up a subsidiary, Wink, dedicated to smart-home products, including a namesake app to manage them.
But Quirky's ultimate product may be its Web-based collaboration tools, which can do everything from come up with names for products to figure out how to price them, based on community input.
"The next six months are going to be really big," said Kaufman. In November, the company plans to launch Quirky 2.0, which will unbundle various parts of its services. Today it primarily attracts the inventor who comes in with a concept or a sketch, Kaufman said, and hands the rest off to the community and Quirky, the company.
The next version of Quirky will still serve those inventors, but it will also help larger teams and even other companies that want to rely on community input to refine and shape products, with or without Quirky's manufacturing services.
It's a bold bet that could put Quirky at the center of many more kinds of invention. Or, like any risky new product, it could flop.
The best way to learn how Quirky 2.0 will play out? Vote for me and Kaufman to talk at SXSW Interactive 2015.
Lead photo courtesy of Quirky
from ReadWrite http://ift.tt/1AbU5qJ
via
White House Appoints Google X Exec As Chief Technology Officer
The United States’ next Chief Technology Officer will be Google executive Megan Smith, the White House announced Thursday.
With years of experience in the Google X research division, most recently as vice president, Smith has played roles in some of Google's wildest projects, from self-driving cars to delivery drones to jetpacks.
Joining Smith as U.S. deputy CTO will be Alexander Macgillivray, a former Twitter lawyer known for being an assertive defender of user privacy and freedom of speech.
See also: Twitter Loses Its Top Lawyer
Smith is be the third CTO to be appointed by the White House, but the details of her tenure remain unclear. Mostly, it appears that President Obama wants to have some of the leading minds from Silicon Valley around to help him navigate our increasingly digital world.
"Megan has spent her career leading talented teams and taking cutting-edge technology and innovation initiatives from concept to design to deployment,” Obama said in a statement. “I am confident that in her new role as America's Chief Technology Officer, she will put her long record of leadership and exceptional skills to work on behalf of the American people. I am grateful for her commitment to serve, and I look forward to working with her and with our new Deputy U.S. CTO, Alexander Macgillivray, in the weeks and months ahead."
Obama introduced the CTO position shortly after becoming president in order to fulfill a campaign promise to "to ensure that our government and all its agencies have the right infrastructure, policies and services for the 21st century."
Photo by Joi Ito
from ReadWrite http://ift.tt/1qA9Cyw
via