Trailrunner7 writes A vulnerability at the heart of Apple's Mac OS X systems—one thus far only partially addressed by Apple—opens the door to the installation of malicious firmware bootkits that resist cleanup and give hackers persistent, stealthy control over a compromised Mac. The research is the work of a reverse engineering hobbyist and security researcher named Trammel Hudson, who gave a talk at the recent 31C3 event in Hamburg, Germany, during which he described an attack he called Thunderstrike. Thunderstrike is a Mac OS X bootkit delivered either through direct access to the Apple hardware (at the manufacturer or in transport), or via a Thunderbolt-connected peripheral device; the latter attack vector exposes vulnerable systems to Evil Maid attacks, or state-sponsored attacks where laptops are confiscated and examined in airports or border crossings, for example.

Hudson's bootkit takes advantage of a vulnerability in how Apple computers deal with peripheral devices connected over Thunderbolt ports during a firmware update. In these cases, the flash is left unlocked, allowing an Option ROM, or peripheral firmware, to run during recovery mode boots. It then has to slip past Apple's RSA signature check. Apple stores its public key in the boot ROM and signs firmware updates with its private key. The Option ROM over Thunderbolt circumvents this process and writes its own RSA key so that future updates can only be signed by the attacker's key. The attack also disables the loading of further Option ROMs, closing that window of opportunity.

PC Magazine reports (as does Ars Technica) that Apple this week has pushed its first automated security update, to address critical flaws relating to Network Time Protocol: The flaws were revealed last week by the Department of Homeland Security and the Carnegie Mellon University Software Engineering Institute—the latter of which identified a number of potentially affected vendors, including FreeBSD Project, NTP Project, OmniTI, and Watchguard Technologies, Inc. A number of versions of the NTP Project "allow attackers to overflow several buffers in a way that may allow malicious code to be executed," the Carnegie Mellon/DHS security bulletin said. ... The company's typical security patches come through Apple's regular software update system, and often require users to move through a series of steps before installing. This week's update, however, marks Cupertino's first implementation of its automated system, despite having introduced the function two years ago, Reuters said.

MojoKid (1002251) writes One of the disadvantages to buying an Apple system is that it generally means less upgrade flexibility than a system from a traditional PC OEM. Over the last few years, Apple has introduced features and adopted standards that made using third-party hardware progressively more difficult. Now, with OS X 10.10 Yosemite, the company has taken another step down the path towards total vendor lock-in and effectively disabled support for third-party SSDs. We say "effectively" because while third-party SSDs will still work, they'll no longer perform the TRIM garbage collection command. Being able to perform TRIM and clean the SSD when it's sitting idle is vital to keeping the drive at maximum performance. Without it, an SSD's real world performance will steadily degrade over time. What Apple did with OS X 10.10 is introduce KEXT (Kernel EXTension) driver signing. KEXT signing means that at boot, the OS checks to ensure that all drivers are approved and enabled by Apple. It's conceptually similar to the device driver checks that Windows performs at boot. However, with OS X, if a third-party SSD is detected, the OS will detect that a non-approved SSD is in use, and Yosemite will refuse to load the appropriate TRIM-enabled driver.

Billly Gates (198444) writes "What would be unthinkable a decade ago is Visual Studio supporting W3C HTML and CSS and now apps on other platforms. Visual Studio 2015 preview is available for download which includes support for LLVM/Clang, Android development, and even Linux development with Mono using Xamarin. A little more detail is here. A tester also found support for Java, ANT, SQL LITE, and WebSocket4web. We see IE improving in terms of more standards and Visual Studio Online even supports IOS and MacOSX development. Is this a new Microsoft emerging? In any case it is nice to have an alternative to Google tools for Android development."

An anonymous reader writes: Microsoft today announced plans to open source .NET, the company's software framework that primarily runs on Windows, and release it on GitHub. Furthermore, Microsoft also unveiled plans to take .NET cross-platform by targeting both Mac OS X and Linux. In the next release, Microsoft plans to open source the entire .NET server stack, from ASP.NET 5 down to the Common Language Runtime and Base Class Libraries. The company will let developers build .NET cloud applications on multiple platforms; it is promising future support of the .NET Core server runtime and framework for Mac and Linux. Microsoft is also making Visual Studio free for small teams.

msm1267 writes WireLurker is no more. After causing an overnight sensation, the newly disclosed family of Apple Mac OS X malware capable of also infecting iOS devices has been put to rest. Researchers at Palo Alto Networks confirmed this morning that the command and control infrastructure supporting WireLurker has been shut down and Apple has revoked a legitimate digital certificate used to sign WireLurker code and allow it to infect non-jailbroken iOS devices.

Researchers at Palo Alto Networks discovered and dubbed the threat WireLurker because it spreads from infected OS X computers to iOS once the mobile device is connected to a Mac via USB. The malware analyzes the connected iOS device looking for a number of popular applications in China, namely the Meitu photo app, the Taobao online auction app, or the AliPay payment application. If any of those are found on the iOS device, WireLurker extracts its and replaces it with a Trojanized version of the same app repackaged with malware.

Patient zero is a Chinese third-party app store called Maiyadi known for hosting pirated apps for both platforms. To date, Palo Alto researchers said, 467 infected OS X apps have been found on Maiyadi and those apps have been downloaded more than 350,000 times as of Oct. 16 by more than 100,000 users.

fyngyrz (762201) writes It would seem that no matter how you configure Yosemite, Apple is listening. Keeping in mind that this is only what's been discovered so far, and given what's known to be going on, it's not unthinkable that more is as well. Should users just sit back and accept this as the new normal? It will be interesting to see if these discoveries result in an outcry, or not. Is it worse than the data collection recently reported in a test version of Windows?

HughPickens.com writes Erik Karjaluoto writes that he recently installed OS X Yosemite and his initial reaction was "This got hit by the ugly stick." But Karjaluoto says that Apple's decision to make a wholesale shift from Lucida to Helvetica defies his expectations and wondered why Apple would make a change that impedes legibility, requires more screen space, and makes the GUI appear fuzzy? The Answer: Tomorrow.

Microsoft's approach with Windows, and backward compatibility in general, is commendable. "Users can install new versions of this OS on old machines, sometimes built on a mishmash of components, and still have it work well. This is a remarkable feat of engineering. It also comes with limitations — as it forces Microsoft to operate in the past." But Apple doesn't share this focus on interoperability or legacy. "They restrict hardware options, so they can build around a smaller number of specs. Old hardware is often left behind (turn on a first-generation iPad, and witness the sluggishness). Meanwhile, dying conventions are proactively euthanized," says Karjaluoto. "When Macs no longer shipped with floppy drives, many felt baffled. This same experience occurred when a disk (CD/DVD) reader no longer came standard." In spite of the grumblings of many, Karjaluoto doesn't recall many such changes that we didn't later look upon as the right choice.

An anonymous reader writes: With the release of OS X 10.10 Yosemite, Ars Technica has posted one of their extremely thorough reviews of the OS's new features and design changes. John Siracusa writes that Yosemite is particularly notable because it's the biggest step yet in Apple's efforts to bring OS X and iOS together — new technologies are now being added to Apple's two operating systems simultaneously. "The political and technical battles inherent in the former two-track development strategy for OS X and iOS left both products with uncomfortable feature disparities. Apple now correctly views this as damage and has set forth to repair it." Yosemite's look and feel has undergone significant changes as well, generally moving toward the flat and compact design present in iOS 7 & 8. Spotlight and the Notifications Center have gotten some needed improvements, as did many tab and toolbar interfaces.

Siracusa also takes a look a Swift, Apple's new programming language: "Swift is an attempt to create a low-level language with high-level syntax and semantics. It tackles the myth of the Sufficiently Smart Compiler by signing up to create that compiler as part of the language design process." He concludes: "Viewed in isolation, Yosemite provides a graphical refresh accompanied by a few interesting features and several new technologies whose benefits are mostly speculative, depending heavily on how eagerly they're adopted by third-party developers. But Apple no longer views the Mac in isolation, and neither should you. OS X is finally a full-fledged peer to iOS; all aspects of sibling rivalry have been banished."

An anonymous reader writes New malware targeting Mac machines, opening backdoors on them and roping them into a botnet currently numbering around 17,000 zombies has been spotted. The malware, dubbed Mac.BackDoor.iWorm, targets computers running OS X and makes extensive use of encryption in its routines, Dr. Web researchers noted. What's even more interesting is that it gets the IP address of a valid command and control (C&C) server from a post on popular news site Reddit. The malware is capable of discovering what other software is installed on the machine, opening a port on it, and sending a query to a web server to acquire the addresses of the C&C servers.

jones_supa (887896) writes Apple has released the OS X Bash Update 1.0 for OS X Mavericks, Mountain Lion, and Lion, a patch that fixes the "Shellshock" bug in the Bash shell. Bash, which is the default shell for many Linux-based operating systems, has been updated two times to fix the bug, and many Linux distributions have already issued updates to their users. When installed on an OS X Mavericks system, the patch upgrades the Bash shell from version 3.2.51 to version 3.2.53. The update requires the OS X 10.9.5, 10.8.5, or 10.7.5 updates to be installed on the system first. An Apple representative told Ars Technica that OS X Yosemite, the upcoming version of OS X, will receive the patch later.

The recently disclosed bug in bash was bad enough as a theoretical exploit; now, reports Ars Technica, it could already be being used to launch real attacks. In a blog post yesterday, Robert Graham of Errata Security noted that someone is already using a massive Internet scan to locate vulnerable servers for attack. In a brief scan, he found over 3,000 servers that were vulnerable "just on port 80"—the Internet Protocol port used for normal Web Hypertext Transfer Protocol (HTTP) requests. And his scan broke after a short period, meaning that there could be vast numbers of other servers vulnerable. A Google search by Ars using advanced search parameters yielded over two billion web pages that at least partially fit the profile for the Shellshock exploit. More bad news: "[T]he initial fix for the issue still left Bash vulnerable to attack, according to a new US CERT National Vulnerability Database entry." And CNET is not the only one to say that Shellshock, which can affect Macs running OS X as well as Linux and Unix systems, could be worse than Heartbleed.

Nerval's Lobster (2598977) writes Given the hundreds of thousands of apps currently on offer, it's hard for any one app (no matter how well designed) to stand out on Apple's App Store, much less stay atop the bestseller charts for very long. In an August 10 blog posting, former Apple executive Jean-Louis Gassée offered Apple CEO Tim Cook some advice: Let humans curate the App Store. 'Instead of using algorithms to sort and promote the apps that you permit on your shelves, why not assign a small group of adepts to create and shepherd an App Store Guide,' he wrote. 'A weekly newsletter will identify notable new titles, respond to counter-opinions, perhaps present a developer profile, footnote the occasional errata and mea culpa.' Whether or not such an idea would effectively surface all the good content now buried under layers of Flappy Bird rip-offs is an open question; what's certain is that, despite Apple's rosy picture, developers around the world face a lot of uncertainty and competition when it comes to making significant money off their apps. Sure, some developers are making a ton of cash, but the rising tide doesn't necessarily float all boats. If you had the opportunity, how would you revamp/revise/upgrade/adjust/destroy the App Store to better serve the developers who put apps in it?

jjoelc (1589361) writes One year after their last release "Luna", Elementary OS (a Linux distribution with a very heavy emphasis on design and usability which draws a lot of comparisons to Mac OS X) Has released the public beta of their latest version "Freya." Using core components from Ubuntu 14.04, "Freya" sports many improvements including the usual newer kernel, better hardware support and newer libraries.Other updates include a GSignon-based online accounts system, improved searches, Grub-free uEFI booting, GTK+ 3.12, an updated theme, and much more. This being a beta, the usual warnings apply, but I would also point out that the Elementary OS Team also has over $5,000 worth of bugs still available on Bountysource which can be a great way to contribute to the project and make a little dough while you are at it.

An anonymous reader writes Mac OS X 10.5 Leopard users recently found that Skype no longer works on their system: despite upgrading to the latest version they still can't sign in. We got in touch with the Microsoft-owned company and after two days, we got confirmation that a solution was in the works. "We have a Skype version for Mac OS X 10.5 users which will soon be available for download," a Skype spokesperson told TNW. Unfortunately, the same can't be said for Windows Phone 7. In a support page titled "Is Skype for Windows Phone 7 being discontinued?," the Microsoft-owned company answers the question with a "yes" and elaborates that it is "permanently retiring all Skype apps for Windows Phone 7." Again, this isn't just old versions going away, or support being removed, but the apps themselves have disappeared.

New submitter David Hames (3763525) writes Would you like to test drive the newest release of the Macintosh operating system? Apple is opening up the beta for Mac OS X Yosemite starting Thursday to the first million people who sign up. Beta users won't be able to access such promised Yosemite features such as the ability to make or receive your iPhone calls or text messages on your Mac, turn on your iPhone hotspot feature from your Mac, or "Handoff" the last thing you were doing on your iOS 8 device to your Mac and vice versa. A new iCloud Drive feature is also off-limits, while any Spotlight search suggestions are U.S.-based only. Don't expect all your Mac apps to run either. Ars has a preview of Yosemite.

mpicpp (3454017) writes Apple told news website The Loop that it has decided to abandon Aperture, its professional photo-editing software application. "With the introduction of the new Photos app and iCloud Photo Library, enabling you to safely store all of your photos in iCloud and access them from anywhere, there will be no new development of Aperture," Apple said in a statement to The Loop. "When Photos for OS X ships next year, users will be able to migrate their existing Aperture libraries to Photos for OS." The new Photos app, which will debut with OS X Yosemite when it launches this fall, will also replace iPhoto. It promises to be more intuitive and user friendly, but as such, likely not as full featured as what Aperture currently offers.

An anonymous reader writes "Researchers at the Kaspersky Lab have uncovered a zero-day Adobe Flash vulnerability that affects Windows, OS X, and Linux. 'While the exploit Kaspersky observed attacked only computers running Microsoft Windows, the underlying flaw, which is formally categorized as CVE-2014-1776 and resides in a Flash component known as the Pixel Bender, is present in the Adobe application built for OS X and Linux machines as well.' Adobe has reportedly patched the bug for all platforms. Researchers first detected the bug from attacks performed on seven Syrian computers. The attacks seem to have been hosted on the Syrian Ministry of Justice website, which has led to speculation that these are state-sponsored vulnerability exploits. This speculation is further supported by evidence that one of the exploits was 'designed to target computers that have the Cisco Systems MeetingPlace Express Add-In version 5x0 installed. The app is used to view documents and images during Web conferences.'"

redletterdave (2493036) writes "Apple on Tuesday announced the OS X Beta Seed Program, which allows anyone to download and install pre-release Mac software for the sake of testing and submitting feedback before the public launch. Until Tuesday, Apple charged users $99 a year to test out new OS X software—doing so required a paid-up developer account. (Testing new iPhone software still requires a separate developer account for another $99 a year.) Now, much the same way new OS X software is now totally free to download, it's also free to try out. All you need is an Apple ID to sign up."

Trailrunner7 writes: "Apple has fixed a serious security flaw present in many versions of both iOS and OS X and could allow an attacker to intercept data on SSL connections. The bug is one of many the company fixed Tuesday in its two main operating systems, and several of the other vulnerabilities have serious consequences as well, including the ability to bypass memory protections and run arbitrary code. The most severe of the vulnerabilities patched in iOS 7.1.1 and OSX Mountain Lion and Mavericks is an issue with the secure transport component of the operating systems. If an attacker was in a man-in-the-middle position on a user's network, he might be able to intercept supposedly secure traffic or change the connection's properties."