Apple may have another Gatekeeper security flaw on its hands. Researcher Filippo Cavallarin has detailed a macOS vulnerability that he said would let attackers install malware without the usual permission request. As Gatekeeper considers network shares to be ‘safe’ locations that don’t require permission checks, an intruder just has to trick the user into mounting one of those shares to run the apps they like. A maliciously crafted ZIP file with the right symbolic link could automatically steer you to an attacker-owned site, for example, and it would be easy to trick someone into launching a hostile app — say, a virus masquerading as a document folder.
This morning, the Supreme Court decided to allow iPhone owners to proceed with a lawsuit against Apple. The plaintiffs claim that Apple has a monopoly through the App Store. Apple tried to argue that developers are the ones who pay Apple’s commission, so they would need to file a lawsuit on the issue. But the Supreme Court has ruled that the case may continue as is. In a statement, released to CNBC this afternoon, Apple says it is confident it will prevail when the facts are presented.
The introduction of Screen Time in iOS 12 was ostensibly a boon for parents and anyone else wanting to keep a lid on device use, but there are concerns that it’s cracking down on apps that compete with that feature. The New York Times and Sensor Tower have learned that Apple has either pulled or requested feature limitations for “at least” 11 of the 17 most popular parental control and screen time apps, and leaders at those developers claim it’s trying to discourage apps that rival Screen Time’s functionality. The creators of two apps, Kidslox and Qustodio, filed an EU competition complaint on April 25th.
In a ploy to keep people paying for apps, Apple will let developers offer discounted subscriptions to current and recent subscribers. Until now, developers could only offer freebies and introductory discounts to new users, which means that they couldn’t easily incentivize lapsed subscribers to re-join. As more apps turn to subscription models over one-time purchases, this change will likely go over well with developers and users alike.
Following the controversy over Facebook and Google‘s misuse of enterprise certificates to distribute apps outside of Apple’s App Store, TechCrunch reports that dozens of gambling and pornographic apps used the same process to sidestep Apple’s normal restrictions. Engadget reached out to Apple for comment regarding the report and will update this story if we hear back.
A recent report by TechCrunch and The App Analystrevealed that some major companies use an analytics tool that secretly record every swipe and tap you make within their applications. Now, Apple has started telling developers to remove that screen-recording code if they don’t want their apps yanked from the App Store. See, most of the applications that use the tool don’t ask for permission to record your activities and your screen. That goes against the tech giant’s App Store Review Guidelines, which (as a spokesperson explained to TechCrunch) “require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity.”
When an app says it’s collecting data for technical support or analytics purposes, it seems innocuous but a report by TechCrunch and The App Analyst found a number of iOS applications that went much further without informing users. The apps mentioned, including Air Canada, Abercrombie & Fitch, Expedia, Hotels.com and others used analytics software from a company called Glassbox that embeds “session replay” tech to show them exactly what users are doing.
Whatever buttons are pushed or information is entered is recorded, and worse, while the feature can be configured to prevent recording of sensitive data like credit card numbers, they didn’t always block it out fully. By using man-in-the-middle software to intercept data going to Glassbox’s servers, The App Analyst showed how this happens in Air Canada’s app, where it could screenshot credit card info and user passwords.
Google has banned dozens of Android apps downloaded millions of times from the official Play Store after researchers discovered they were being used to display phishing and scam ads or perform other malicious acts.
A blog post published by security firm Trend Micro listed 29 camera- or photo-related apps, with the top 11 of them fetching 100,000 to 1 million downloads each. One crop of apps caused browsers to display full-screen ads when users unlocked their devices. Clicking the pop-up ads in some cases caused a paid online pornography player to be downloaded, although it was incapable of playing content. The apps were carefully designed to conceal their malicious capabilities.
“None of these apps give any indication that they are the ones behind the ads, thus users might find
The new Gmail. It’s very white. [credit:
Ron Amadeo ]
Google is pushing a big redesign to the mobile Gmail app on Android and iOS. The update was announced yesterday, and after spending some time with the new app, we’re going to comb through the finer details and see what has changed between New Gmail and Old Gmail.
For now the release is only out on Android, but like the old Gmail design, it should look identical on iOS. If you’re on Android, you want Gmail version 9.x (the old design is Gmail 8). If the Play Store isn’t serving you the update and you’re into sideloading, APKMirror has a safe download. The iOS version is still wending its way through the App Store approval process and should be out sometime this week.
The new design is a good match for the new desktop Gmail design that came
It looks like Apple will soon allow users to gift in-app purchases to friends and family thanks to a recent change to the company’s App Store Guidelines. First spotted by MacRumors, the updated text shows developers can allow people to buy in-app purchases for one another. That includes everything from ongoing subscriptions to one-off boosts. Apple’s policy previously barred such gifts.
This contraption is actually several gadgets in one. It’s a dog treat dispenser, 1,080p video camera with night vision and a barking sensor, which means it will let you know if your dog starts barking and you can check what’s going on using the accompanying app on your iPhone.
The video camera provides a 160-degree wide angle view, so you should be able to see what your dog is doing – and there’s a speaker in the system, which lets you talk to
Be careful what you install an app for, c/o Flickr
Popular Mac App Store apps have been secretly gathering sensitive user dataand uploading it to servers in China and elsewhere, building vast troves of data in places that may not provide the same level of protection as we expect. This is a Very Bad Thing.
What are they doing with this data?
We don’t know what is happening with this data once it is collected. It’s conceivable that this information could be analysed alongside other collections of data to provide insights into a person’s identity, online activity, or even political beliefs. Cambridge Analytica and other dodgy behavioural modification companies taught us this.
The fact is we don’t know what is happening to the data that is being exfiltrated in this way. And in most cases we are not even aware this is taking place.
Engadget has been around for 14 years and counting, which means our archives contain a veritable treasure trove of technology history. From notable reviews and news to the more mundane or ridiculous finds from across the internet, there’s a lot to explore here. “This Day in Engadget History” will take you on a historical voyage as we look at what made the headlines in years past. Join us, won’t you?
It’s definitely been a while since anyone seriously needed to jailbreak their iPhone. While undoubtedly some people still do, it seems like there’s little need now that we’ve seen the tenth anniversary of the iOS App Store. There are plenty of apps these days and a whole different OS (Google’s Android) for those who want something a little more customizable.
Having a bad app or two on your iOS device can really affect your relationship with your iPhone or iPad. If an app is poorly written or buggy, it can reduce battery life, take up more local storage than necessary, and even cause your device to crash or lock up frequently. Today we’ll look at how you can identify those troublesome apps so that you can look for