apple-list February 2016

apple-list@lists.umanitoba.ca

2 participants
5 discussions

by Wayne Billing

Hi. Seems a few Apple machines have been affected by security update ""Incompatible Kernel Extension Configuration Data version 3.28.1”. Apple has repaired the problem so new updates should not be affected but some people are reporting that they’ve received the “broken Configuration Data update”. This configuration file/version can interfere with the working of your Ethernet card. If the Ethernet connection on your Mac stopped working recently, you can follow these steps to restore it. …from: https://support.apple.com/en-us/HT6672 If the Ethernet connection on your Mac stopped working recently If the Ethernet connection on your Mac stopped working recently, check System Information to find out which version of "Incompatible Kernel Extension Configuration Data” is installed. If you have version 3.28.1, you need an update. If you can connect to WiFi, your Mac will update to version 3.28.2 automatically, or you can follow the steps below to restore it manually. First, check your version number: 1. While pressing the Option key, select System Information from the Apple menu. 2. Expand the Software section and select Installations. 3. Click on the Software Name column header to sort the list alphabetically. 4. Look for “Incompatible Kernel Extension Configuration Data.” 5. If the most recent version installed is 3.28.1, then follow the steps below. If you can connect to WiFi, follow these steps to update to version 3.28.2: 1. Open the Terminal app. 2. Type this command to update to the current version of the “Incompatible Kernel Extension Configuration Data” kernel extension: sudo softwareupdate --background 3. Quit Terminal and restart your Mac. If you can't connect to WiFi, follow these steps to update to version 3.28.2: 1. Follow the instructions<https://support.apple.com/kb/HT201314> to restart your Mac in OS X Recovery. After your Mac restarts, go to step 2. 2. Select Disk Utility from the list of OS X Utilities. 3. Select your drive from the list of internal drives in the sidebar. The default name is "Macintosh HD." Your drive might have a different name or location, if you renamed or moved it. 4. If the drive name is gray, then your drive might be protected by FileVault. Select File > Unlock from the Disk Utility menu, and enter your FileVault password. 5. Select File > Mount in Disk Utility to mount your drive, if it's not already mounted. 6. Quit Disk Utility. If you'd like to be able to copy and paste the command required in Step 8, select Get Help Online from the OS X Utilities list to open Safari and view this article on Apple's support site at support.apple.com/kb/HT6672<http://support.apple.com/kb/HT6672>. Quit Safari before you go to the next step. 7. Launch the Terminal app from Utilities > Terminal. 8. Type (or copy and paste) this command as one line in Terminal. In the example below, the drive name is “Macintosh HD," and there's a space between Macintosh and HD. If your Mac's drive name is different, adjust the text: rm -rf “/Volumes/Macintosh HD/System/Library/Extensions/AppleKextExcludeList.kext” 9. Quit the Terminal app. 10. Select Restart from the Apple menu. 11. After your Mac restarts, your Ethernet connection should work. 12. Open the Terminal app and type this command to update to the current version of the “Incompatible Kernel Extension Configuration Data” kernel extension: sudo softwareupdate --background 13. Quit Terminal and restart your Mac. Alternatively, if you confirmed that your Mac has Incompatible Kernel Extension Configuration Data version 3.28.1, you can also follow the instructions<https://support.apple.com/kb/HT201314> to restart your Mac into OS X Recovery mode, and then select Reinstall OS X. You can reinstall OS X on your drive without reformatting it.

8 years, 1 month

INTEREST: Apple: We tried to help FBI; iCloud password changed

by Wayne Billing

…from: http://arstechnica.com/tech-policy/2016/02/apple-we-tried-to-help-fbi-terro… Apple: We tried to help FBI terror probe, but someone changed iCloud password Exec: No other country has asked Apple for what US is asking for now. by Cyrus Farivar<http://arstechnica.com/author/cyrus-farivar/> - Feb 19, 2016 8:05pm CST On Friday, an Apple executive explicitly confirmed what was stated in a government court filing<https://www.documentcloud.org/documents/2715997-Apple-iPhone-Access-MOTION-…> earlier in the day: that in the early hours of the San Bernardino terrorism investigation, county officials may have inadvertently compromised their ability to access the data on the seized iPhone 5C. Earlier this week, Apple was given an unprecedented court order<http://arstechnica.com/tech-policy/2016/02/judge-apple-must-help-fbi-unlock…> to create custom firmware for the iPhone 5C that was used by Syed Rizwan Farook. That new firmware would remove a possible automatic wipe feature on the phone if a passcode is incorrectly entered 10 times and would remove a delay between passcode attempts intended to make brute-force entry more difficult. If Apple does comply, it would allow the government to enter PIN codes in rapid succession until it gained access to the phone. Apple CEO Tim Cook has publicly said it will resist this attempt, calling it a significant “overreach.” A court hearing has been scheduled<https://www.documentcloud.org/documents/2716342-Apple-iPhone-Access-Schedul…> for March 22, 2016, in nearby Riverside, California. During the Friday call, the unnamed Apple executive said the company has been diligently working with the FBI to try to aid the terrorism investigation. After days of working with the FBI, Apple proposed one final attempt to recover roughly six weeks of data that was locked on the phone. The idea was to force the iPhone 5C to auto-backup to Farook’s iCloud account. With a legal court order, Apple can and does turn over iCloud data. For some reason, Farook had not backed up the phone for roughly six weeks prior to the attack. The executive said Apple does not know whether the auto-backup was disabled or enabled, but he did say that the previous iCloud backups, which were handed over to investigators, were sporadic. Apple suggested that the FBI take the iPhone 5C, plug it into a wall, connect it to a known Wi-Fi network and leave it overnight. The FBI took the phone to the San Bernardino County Health Department, where Farook worked prior to the December 2, 2015 attack. When that attempt did not work, Apple was mystified, but soon found out that the Apple ID account password had been changed shortly after the phone was in the custody of law enforcement, possibly by someone from the county health department. With no way to enter the new password on the locked phone, even attempting an auto-backup was impossible. Had this iCloud auto-backup method actually functioned, Apple would have been easily able to assist the FBI with its investigation. The executive only revealed this detail to reporters now because it had thought it was under a confidentiality agreement with the government. Apple seems to believe this agreement is now void since the government brought it up in a public court filing. Given that this iCloud backup tactic could not even be attempted, the Department of Justice pulled out all the stops, and asked a judge to order that Apple re-write the firmware. The Apple executive also made a point of saying that no other government—not even China or Russia—has ever asked what American prosecutors have asked the company to do this week. On the call, Apple's press representative refused to articulate why the company would not go on the record with its call with journalists. Also on Friday, the House Committee on Commerce invited both FBI Director James Comey and Apple CEO Tim Cook to testify on the issue of encryption.

8 years, 2 months

INTEREST: Why FBI's request can affect civil rights for a generation

by Wayne Billing

Rich Mogull has twenty years experience in information security, physical security, and risk management. He specializes in data security, application security, emerging security technologies, and security management. Prior to founding Securosis, Rich was a Research Vice President at Gartner Inc (garner.com<http://garner.com>) on the security team where he also served as research co-chair for the Gartner Security Summit. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator. Rich is the Security Editor of TidBITS, a monthly columnist for Dark Reading, and a frequent contributor to publications ranging from Information Security Magazine to Macworld. He is a frequent industry speaker at events including the RSA Security Conference and DefCon. …from: http://www.macworld.com/article/3034355/ios/why-the-fbis-request-to-apple-w… Why the FBI's request to Apple will affect civil rights for a generation No legal case applies in a vacuum, and in this case the FBI needs the precedent more than the evidence. [Rich Mogull] Rich Mogull<http://www.macworld.com/author/Rich-Mogull/> | @rmogull<https://twitter.com/rmogull> Contributor, Macworld * Feb 17, 2016 11:14 AM * <http://www.facebook.com/sharer.php?u=http://www.macworld.com/article/303435…'s%20request%20to%20Apple%20will%20affect%20civil%20rights%20for%20a%20generation> * <https://twitter.com/intent/tweet?url=http%3A%2F%2Fwww.macworld.com%2Farticl…> * <https://plus.google.com/share?url=http%3A%2F%2Fwww.macworld.com%2Farticle%2…> * <https://pinterest.com/pin/create/bookmarklet/?url=http%3A%2F%2Fwww.macworld…> * <http://reddit.com/submit?url=http%3A%2F%2Fwww.macworld.com%2Farticle%2F3034…> * <http://www.macworld.com/article/3034355/ios/why-the-fbis-request-to-apple-w…> * 16 <http://www.macworld.com/article/3034355/ios/why-the-fbis-request-to-apple-w…> On Tuesday, the United States District Court of California issued an order requiring Apple to assist the FBI in accessing a locked iPhone<http://www.macworld.com/article/3034028/security/apple-ordered-to-assist-in…> (PDF<https://assets.documentcloud.org/documents/2714001/SB-Shooter-Order-Compell…>)—and not just any iPhone, but the iPhone 5c used by one of the San Bernardino shooters. The order is very clear: Build new firmware to enable the FBI to perform an unlimited, high speed brute force attack, and place that firmware on the device. Apple is not only fighting the request<http://www.macworld.com/article/3034214/security/tim-cook-says-apple-will-o…>, but posted a public letter signed by Tim Cook<http://aos.prf.hn/click/camref:1100laKZ/destination:http://www.apple.com/cu…>and linked on Apple’s front page. Make no mistake: This is unprecedented, and [in this author’s opinion] the situation was deliberately engineered by the FBI and Department of Justice to force a showdown. This is an issue with far-reaching implications well beyond a single phone, a single case, or even Apple itself. As a career security professional, this case has chilling implications. Why now? I’ve been writing about Apple’s role in our digital civil rights since 2014<http://tidbits.com/article/15137>, and specifically addressed why Apple is at the center of the battle over encryption<http://tidbits.com/article/16210> last month on TidBITS. The short version is that Apple is one of the only companies with the technologies, high profile, and business model to both find themselves in the cross hairs, and take a strong position. Apple has a long history of complying with court orders and assisting law enforcement. Previous to iOS 8, they could extract data off devices. Even today, data in most of their online services (iCloud, excluding iMessage and FaceTime) can be provided upon legal request. This case is different for multiple reasons: * Apple is being asked to specifically create new software to circumvent their security controls. They aren’t being asked to use existing capabilities, since those no longer work. The FBI wants a new version of the operating system designed to allow the FBI to brute force attack the phone. * The FBI is using a highly emotional, nationally infamous terrorism case as justification for the request. * The request refers to the All Writs Act, which is itself under scrutiny in a case in New York involving Apple<https://www.eff.org/cases/re-order-apple-all-writs>. Federal Magistrate Judge James Orenstein of the Eastern District of New York is currently evaluating if the Act applies in these cases. That’s why this is about far more than a single phone. Apple does not have the existing capability to assist the FBI. [In this author’s opinion] the FBI engineered a case where the perpetrators are already dead. And the law cited is under active legal debate within the federal courts. The crux of the issue is should companies be required to build security circumvention technologies to expose their own customers? Not “assist law enforcement with existing tools,” but “build new tools.” The FBI Director has been clear that the government wants back doors into our devices<https://www.fbi.gov/news/speeches/going-dark-are-technology-privacy-and-pub…>, even though the former head of the NSA disagrees and supports strong consumer encryption<http://money.cnn.com/2016/01/13/technology/nsa-michael-hayden-encryption/in…>. One reason Apple is likely fighting this case so publicly is that it is a small legal step from requiring new circumvention technology, to building such access into devices. The FBI wants the precedent far more than they need the evidence, and this particular case is incredibly high profile and emotional. The results will, without question, establish precedence beyond one killer’s iPhone. The technical details The court order is quite specific. It applies only to one iPhone [5c owned by San Bernardino shooters], and requests Apple create a new version of the firmware that eliminates the existing feature that erases the iPhone after 10 failed attempts at entering the passcode. It further asks Apple to allow passcode attempts to be performed as rapidly as possible. [passcodes iphone] Apple has been prompting users to choose longer and more complicated—and harder to crack—iPhone passcodes. Beginning with iOS 8, devices are encrypted using a key derived from your passcode. This is combined with a hardware key specific to the device. Apple has no way of knowing or circumventing that key. On newer devices, the hardware key is embedded in the device and is not recoverable. Thus the passcode must be combined with the device key in a chip on the phone, and that chip rate-limits passcode attempts to make a brute force attack slower. Reading through the order, it seems the FBI thinks that a modified version of the operating system would allow them to engage in high-speed attacks, if the 10-tries limit was removed. The request indicates they likely can’t image the device and perform all the attacks on their own super-fast computers, due to that hardware key. With a four-character passcode the device could probably be cracked in hours. A six-character code<http://www.macworld.com/article/3018152/security/switch-to-six-digits-for-y…> might take days or weeks, and anything longer could take months or years. Dan Guido over at Trail of Bits posted a great explanation<http://blog.trailofbits.com/2016/02/17/apple-can-comply-with-the-fbi-court-…>: As many jailbreakers are familiar, firmware can be loaded via Device Firmware Upgrade (DFU) Mode. Once an iPhone enters DFU mode, it will accept a new firmware image over a USB cable. Before any firmware image is loaded by an iPhone, the device first checks whether the firmware has a valid signature from Apple. This signature check is why the FBI cannot load new software onto an iPhone on their own—the FBI does not have the secret keys that Apple uses to sign firmware. This opens up a few questions. Could this work on newer devices with the enhanced encryption of the Secure Enclave<http://www.macworld.com/article/2999804/security/apple-cant-decrypt-your-ip…>? How can Apple pair the device and replace the firmware in the first place? Would they be using the shooter’s computer? An over-the-air update? Apple says that all devices (with or without the Secure Enclave) are vulnerable to this kind of attack, but declined to comment on the specific technical methods, a position I initially disagreed with, but on reflection is probably the right move for reasons we will get to in a moment. Thus the FBI wants a new version of iOS, signed by Apple and installed on the device, that removes limitations on their attempts to brute-force the password. Why this matters Legal precedent is like a glacier, slowly building over time until it becomes nigh unstoppable. Major issues like this are first, and sometimes ultimately, decided on a series of small steps that build on each other. It’s the reason the NRA fights any attempts at gun control, since they fear a slow build, not a single small law. The crux of this round of the encryption debate is if companies should be forced to build tools to circumvent their customers’ security. If the answer is “yes,” it could be a small step to “should they just build these tools into the OS from the start?” I have no doubt the FBI deliberately chose the highest-profile domestic terrorism case in possibly a decade. We, average citizens, want the FBI to stop this sort of evil. We don’t necessarily see this one case as applying to our lives and our rights. Why the big deal?<http://www.theverge.com/2016/2/17/11031910/donald-trump-apple-encryption-ba…> What if the FBI could find the terrorists’ contacts and stop other attacks? What matters is if we have a right to the security and privacy of our devices and communications. But the truth is, no legal case applies in a vacuum. If this goes through, if Apple is forced to assist, it will open a floodgate of law enforcement requests. Then what about civil cases? Opening a phone to support a messy divorce and child custody battle? Or what about requests from other nations, especially places like China and the UAE that already forced BlackBerry and others to compromise the security of their customers? And once the scale of these requests increases, as a security professional I guarantee the tools will leak, the techniques will be exploited by criminals, and our collective security will decline. It really doesn’t matter if it’s the iPhone 5c or 6s. It really doesn’t matter if this is about dead terrorists or a drug dealer. It doesn’t matter what specific circumvention Apple is being asked to create. What matters is if we have a right to the security and privacy of our devices, and of our communications, which are also under assault. If we have the right to tools to defend ourselves from the government and criminals alike. Yes, these tools will be sometimes used for the worst of crimes, but they’re also fundamental to our civil rights, freedom of discourse, and our ability to protect our digital lives from the less impactful, but far more frequent criminal attacks. [It is the author’s opinion that] this situation was engineered by the FBI and Department of Justice for the maximum impact and chances of success. Apple is fighting, and as a security professional it’s my obligation to support their position, and stronger security.

8 years, 2 months

FYI: Apple USB-C Charge Cable Replacement Program

by Wayne Billing

…from: http://www.apple.com/support/usbc-chargecable/ Apple USB-C Charge Cable Replacement Program [USB-C charge cable] Please select a Country Asia Australia België Belgique Brasil България Canada (English) Canada (Français) 中国 Česká republika Danmark Deutschland España Eesti Ελλάδα France Hong Kong (English) 香港 India Indonesia Ireland Italia 日本 대한민국 Κύπρος Latin America América Latina Latvija Lietuva Luxembourg (English) Luxembourg (Français) Luxemburg (Deutsch) Malaysia Magyarország Malta México Nederland New Zealand Norge Österreich Polska Portugal Россия România Saudi Arabia Singapore Slovensko Slovenija Schweiz Suisse Suomi Sverige 台灣 ไทย Türkiye United Arab Emirates United Kingdom United States A limited number of Apple USB-C charge cables that were included with MacBook computers through June 2015 may fail due to a design issue. As a result, your MacBook may not charge or only charge intermittently when it’s connected to a power adapter with an affected cable. Apple will provide a new, redesigned USB-C charge cable, free of charge, to all eligible customers. This program also covers Apple USB-C charge cables that were sold as a standalone accessory. For MacBook owners who provided a valid mailing address during the product registration process or Apple Online Store purchase, Apple will send you a new cable by the end of February 2016. All other eligible MacBook owners should use the replacement process below to receive a new USB-C charge cable. Identifying an affected cable Affected cables have “Designed by Apple in California. Assembled in China.” stamped on them. New, redesigned cables include a serial number after that text. See images below. Affected cable [Affected cable detail] Redesigned cable [Redesigned cable detail] Replacement Process Please choose one of the options below to receive a new USB-C charge cable. We will need your MacBook serial number to verify eligibility for this program. Learn how to find your serial number here<https://support.apple.com/en-us/HT204356>. * Find an Apple Retail Store. Genius Bar reservation recommended. * Find an Apple Authorized Service Provider<https://locate.apple.com/>. * Contact Apple Support. Additional Information This worldwide Apple program does not extend the standard warranty coverage of the MacBook. If you believe you have paid for a replacement due to this issue, contact Apple regarding a refund. The program covers the affected USB-C charge cables until June 8, 2018. Information as of 2016-02-12

8 years, 2 months

FYI: Uninstalling Facebook app may save up to 15% of iPhone battery life

by Billing Wayne

….from: http://www.theguardian.com/technology/2016/feb/08/uninstalling-facebook-app… Uninstalling Facebook app saves up to 15% of iPhone battery life Facebook is one of the most downloaded apps on iOS but it has long been cited as a cause of fast-draining iPhone batteries <http://www.theguardian.com/technology/2015/oct/19/facebook-iphone-users-bat…>. Last year it was accused of using background tricks to stay active <https://www.reddit.com/r/iphone/comments/3kvfta/how_is_facebook_doing_so_mu…> even when it wasn’t being used. Facebook admitted bugs existed, and fixed them <https://www.facebook.com/arig/posts/10105815276466163>, but questions of the app’s impact on battery life remained. Similar concerns about Facebook’s Android app led to the discovery that deleting the app saves up to 20% of a phone’s battery <http://www.theguardian.com/technology/2016/feb/01/uninstalling-facebook-app…>. After that revelation, I set about seeing if the same was true for iPhone users. I discovered that uninstalling Facebook’s iOS app and switching to Safari can save up to 15% of iPhone battery life. Using an iPhone 6S Plus <http://www.theguardian.com/technology/2015/oct/02/iphone-6s-plus-review-bar…> for a week without the main Facebook app installed, I recorded the battery life at 10.30pm each day for a week comparing it to a daily average taken from a week with the app. I charged the phone overnight, taking it off the charger at 7.30am, and used it normally. I accessed Facebook for the same amount of time, and for the same purposes, using the social network’s excellent mobile site within Safari, as I had done using the app. I also left the Facebook Messenger app installed. On average I had 15% more battery left by 10.30pm each day. I had also saved space, because at the point I had deleted the Facebook app it had consumed around 500MB in total combining the 111MB of the app <https://itunes.apple.com/gb/app/facebook/id284882215?mt=8> itself and its cache on the iPhone. To make sure that this wasn’t an isolated incident, I also recruited several other Facebook-using iPhone owners to conduct a similar test. They all found similar results, with increased battery life when using Facebook in Safari having uninstalled the main Facebook <http://www.theguardian.com/technology/facebook> iOS app. <https://www.facebook.com/dialog/share?app_id=180444840287&href=http%3A%2F%2…> <https://twitter.com/intent/tweet?text=Uninstalling%20Facebook%20app%20saves…> <http://www.pinterest.com/pin/create/button/?description=Uninstalling+Facebo…> Spot the difference: one is the Facebook app, the other the Facebook mobile site. Photograph: Samuel Gibbs for the Guardian Using Facebook in Safari was almost as good as the app. You can even place a shortcut to Facebook in Safari on the homescreen that looks almost identical to the app’s icon (the white is a little less bright but you need eagle eyes to see). The only restriction was the Share-to function, which does not exist for websites, meaning that to share photos I had to manually hit the “post photos” button on the mobile site. Features of the app, such as Instant Articles, are also not available. Tapping a link on the Facebook mobile site opens a new Safari tab. The results will vary for the smaller iPhone 6S <http://www.theguardian.com/technology/iphone-6s>, as it has a smaller battery and shorter battery life overall, but judging by the 6S Plus experience, removing the Facebook app in preference of using the social network in Safari will extend the battery life of any iPhone. A Facebook spokesperson said the company was investigating the matter.

8 years, 2 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

apple-list February 2016