Apple said its TV+ original video subscription service will launch Nov. 1 for $4.99 a month, undercutting the price of rival offerings. From a report: The Cupertino, California-based technology giant made the announcement at a Tuesday event focused on new versions of the iPhone. The service will be free for one year with purchases of new Apple devices, Apple Chief Executive Officer Tim Cook said on stage. The TV+ service is entering a crowded field that already includes Netflix Inc., Amazon.com Inc., Hulu and AT&T's HBO. In November, Walt Disney plans to launch a Disney+ streaming service, with a giant catalog of titles, for $6.99 a month. Netflix's entry-level subscription is $8.99 a month in the U.S. Netflix and Disney shares fell after the announcement on Tuesday, while Apple stock climbed.

Last week, Apple published a statement in which it disputed Google's Project Zero team's findings about the worst iOS attack in history. Alex Stamos, adjunct professor at Stanford University's Center for International Security and Cooperation and former CSO at Facebook, writes on Twitter: Apple's response to the worst known iOS attack in history should be graded somewhere between "disappointing" and "disgusting". First off, disputing Google's correct use of "indiscriminate" when describing a watering hole attack smacks of "it's ok, it didn't hit white people." The use of multiple exploits against an oppressed minority in an authoritarian state makes the likely outcomes *worse* than the Huffington Post example a former Apple engineer posited. It is possible that this data contributed to real people being "reeducated" or even executed. Even if we accept Apple's framing that exploiting Uyghurs isn't as big a deal as Google makes it out to be, they have no idea whether these exploits were used by the PRC in more targeted situations. Dismissing such a possibility out of hand is extremely risky.

Second, the word "China" is conspicuously absent, once again demonstrating the value the PRC gets from their leverage over the world's most valuable public company. To be fair, Google's post also didn't mention China. Their employees likely leaked attribution on background. Third, the pivot to Apple's arrogant marketing is not only tone-deaf but really rings hollow to the security community when Google did all the heavy lifting here. I'm guessing we won't hear Tim talk about how they are going to do better on stage next week. Dear Apple employees: I have worked for companies that took too long to publicly address their responsibilities. This is not a path you want to take. Apple does some incredible security work, but this kind of legal/comms driven response can undermine that work. Demand better. Michael Tsai raises further questions about the way Apple framed its statement: "A blog," rather than "a blog post"? I love how Apple is subtly trying to discredit Project Zero by implying that it's a mere blog. And let's be sure everyone knows it's affiliated with Google, the privacy bad guys, even though it's a responsible, technically focused group. Apple says: "First, the sophisticated attack was narrowly focused, not a broad-based exploit of iPhones 'en masse' as described."
Project Zero literally referred to "a small collection of hacked websites" that received "receive thousands of visitors per week." And it does seem like a particular subpopulation was targeted "en masse." The sites in question were on the public Internet; it wasn't links being sent to target particular individuals. Apple is blaming the messenger for things it didn't even say.

Apple adds: "The attack affected fewer than a dozen websites that focus on content related to the Uighur community."
Oh, I get it. Most people would consider "fewer than a dozen" to be "a small collection." But in Apple-speak, there were "a small number" of corrupt App Store binaries causing crashes, and "a small number" of MacBook Pro users experiencing butterfly keyboard problems, not to be confused with the "very small number" of iPhones that unexpectedly shut down. So, yeah, I can see why Apple wants people to know that this "small collection" doesn't mean "millions." Although there are apparently 10 million Uigurs in China. Apple adds: "Google's post, issued six months after iOS patches were released[...] It's great that Project Zero reported this in a responsible way, because now we can downplay it as old news.

Top spots in App Store search results are some of the most fought over real estate in the online economy. The store generated more than $50 billion in sales last year, and the company said two-thirds of app downloads started with a search. But as Apple has become one of the largest competitors on a platform that it controls, suspicions that the company has been tipping the scales in its own favor are at the heart of antitrust complaints in the United States, Europe and Russia. From a report: Apple's apps have ranked first recently for at least 700 search terms in the store, according to a New York Times analysis of six years of search results compiled by Sensor Tower, an app analytics firm. Some searches produced as many as 14 Apple apps before showing results from rivals, the analysis showed. (Though competitors could pay Apple to place ads above the Apple results.) Presented with the results of the analysis, two senior Apple executives acknowledged in a recent interview that, for more than a year, the top results of many common searches in the iPhone App Store were packed with the company's own apps. That was the case even when the Apple apps were less relevant and less popular than ones from its competitors. The executives said the company had since adjusted the algorithm so that fewer of its own apps appeared at the top of search results.

The Times's analysis of App Store data -- which included rankings of more than 1,800 specific apps across 13 keywords since 2013 -- illustrated the influence as well as the opacity of the algorithms that underpin tech companies' platforms. Those algorithms can help decide which apps are installed, which articles are read and which products are bought. But Apple and other tech giants like Facebook and Google will not explain in detail how such algorithms work -- even when they blame the algorithm for problems. [...] On Aug. 21, Apple apps ranked first in 735 of roughly 60,000 search terms tracked by Sensor Tower. Most of the tracked searches were obscure, but Apple's apps ranked first for many of the popular queries. For instance, for most of June and July, Apple apps were the top result for these search terms: books, music, news, magazines, podcasts, video, TV, movies, sports, card, gift, money, credit, debit, fitness, people, friends, time, notes, docs, files, cloud, storage, message, home, store, mail, maps, traffic, stocks and weather. In July this year, the company pushed some changes to its app store algorithm to handicap its apps to help other developers, it told The New York Times.

An anonymous reader shares a report: Apple Music doesn't work on traditional Linux distributions like Ubuntu or Fedora. It does, however, work on Windows, macOS, iOS, and Android. Chromebook users can take advantage of the Apple Music Android app from the Play Store. Traditional Linux users, however, are sadly left out of the party. This week, this changes, as Apple Music finally comes to the web -- in beta. This is something many other streaming music services, such as Spotify and Google, already offer. Better late than never, eh? This means traditional Linux users can finally enjoy Apple Music by simply visiting a website.

An anonymous reader quotes a report from Forbes: Own a rifle? Got a scope to go with it? The government might soon know who you are, where you live and how to reach you. That's because Apple and Google have been ordered by the U.S. government to hand over names, phone numbers and other identifying data of at least 10,000 users of a single gun scope app, Forbes has discovered. It's an unprecedented move: never before has a case been disclosed in which American investigators demanded personal data of users of a single app from Apple and Google. And never has an order been made public where the feds have asked the Silicon Valley giants for info on so many thousands of people in one go.

According to a court order filed by the Department of Justice (DOJ) on 5 September, investigators want information on users of Obsidian 4, a tool used to control rifle scopes made by night vision specialist American Technologies Network Corp. The app allows gun owners to get a live stream, take video and calibrate their gun scope from an Android or iPhone device. According to the Google Play page for Obsidian 4, it has more than 10,000 downloads. Apple doesn't provide download numbers, so it's unclear how many iPhone owners have been swept up in this latest government data grab. The Immigration and Customs Enforcement (ICE) department is seeking information as part of a broad investigation into possible breaches of weapons export regulations. It's looking into illegal exports of ATN's scope, though the company itself isn't under investigation, according to the order. As part of that, investigators are looking for a quick way to find out where the app is in use, as that will likely indicate where the hardware has been shipped. ICE has repeatedly intercepted illegal shipments of the scope, which is controlled under the International Traffic in Arms Regulation (ITAR), according to the government court filing. They included shipments to Canada, the Netherlands and Hong Kong where the necessary licenses hadn't been obtained. The two companies must hand over names, telephone numbers and IP addresses of anyone who downloaded the scope app from August 1, 2017, to the current date. The government also wants to know when users were operating the app.

In a rare move, Apple has released a statement to comment on the attacks on iPhone users revealed by Google last week. From a report: Last week, Google dropped a bombshell in the form of a long, detailed analysis of five chains of iOS vulnerabilities discovered by its security teams. Google didn't say who was behind the attacks, nor who was targeted, but described the attack as "indiscriminate," and potentially hitting "thousands" of people. Apple disagrees. Friday, Apple published a brief press release that disputes some relatively minor details that Google released about the attacks. Namely, that the attacks lasted for a shorter amount of time and that they were less widespread than Google reported.

"First, the sophisticated attack was narrowly focused, not a broad-based exploit of iPhones 'en masse' as described. The attack affected fewer than a dozen websites that focus on content related to the Uighur community." Apple wrote. "Google's post, issued six months after iOS patches were released, creates the false impression of 'mass exploitation' to 'monitor the private activities of entire populations in real time,' stoking fear among all iPhone users that their devices had been compromised. This was never the case. Second, all evidence indicates that these website attacks were only operational for a brief period, roughly two months, not 'two years' as Google implies," the statement continued.

Apple is reportedly developing in-display fingerprint technology for as early as its 2020 iPhones, according to Bloomberg. "The technology is in testing both inside Apple and among the company's overseas suppliers, though the timeline for its release may slip to the 2021 iPhone refresh, said the people, who asked not to be identified discussing private work." From the report: Apple introduced fingerprint scanning on iPhones in 2013, following its acquisition of AuthenTec Inc., a pioneer in the field. Integrated into the iPhone's home button, the Touch ID system was used for unlocking the device, approving payments and authorizing app downloads -- and it gave Apple a technological edge with its speed and reliability. Touch ID was replaced with face-scanning sensors in 2017 with the iPhone X launch. Branded as Face ID, the new face authentication again put Apple ahead of the competition with a more robust and secure implementation than rivals. The upcoming fingerprint reader would be embedded in the screen, letting a user scan their fingerprint on a large portion of the display, and it would work in tandem with the existing Face ID system, the people familiar with Apple's plans said. The report also mentions Apple is working on its first low-cost iPhone since the iPhone SE: That could come out as early as the first half of 2020, the people said. The device would look similar to the iPhone 8 and include a 4.7-inch screen. The iPhone 8 currently sells for $599, while Apple sold the iPhone SE for $399 when that device launched in 2016. The new low-cost phone is expected to have Touch ID built into the home button, not the screen. Nikkei reported plans for a cheaper iPhone earlier this week.

Developers have come to accept that, without warning, Apple can make their work obsolete by announcing a new app or feature that essentially copies their ideas. Some apps have simply buckled under the pressure. The Washington Post: Clue, a popular app women use to track their periods, has risen to near the top of Apple's Health and Fitness category. It could be downhill from here. Apple plans this month to incorporate some of Clue's core functionality such as fertility and period prediction into its own Health app that comes pre-installed in every iPhone and is free, unlike Clue, which earns money by selling subscriptions and services in its free app. Apple's past incorporation of functionality included in other third-party apps has often led to their demise. Clue's new threat shows how Apple plays a dual role in the app economy: provider of access to independent apps and giant competitor to them.

Developers have come to accept that, without warning, Apple can make their work obsolete by announcing a new app or feature that uses or incorporates their ideas. Some apps have simply buckled under the pressure, in some cases shutting down. They generally don't sue Apple because of the difficulty and expense in fighting the tech giant -- and the consequences they might face from being dependent on the platform. The imbalance of power between Apple and the apps on its platform could turn into a rare chink in the company's armor as regulators and lawmakers put the dominance of big technology companies under an antitrust microscope. When Apple made a flashlight part of its operating system in 2013, it rendered instantly redundant a myriad apps that offered that functionality. Everything from the iPhone's included "Measure" app to its built-in animated emoji were originally apps in the App Store.

A change Apple is making to improve privacy in an upcoming version of its iPhone operating system has alarmed an unlikely group of software makers: developers of privacy-focused encrypted messaging apps. The Information (paywalled): They warn the change, which is already available in public test versions of iOS 13, could end up undermining the privacy goals that prompted it in the first place. The Information previously reported that the technical change Apple is making to its next operating systems, iOS 13, has sparked concern at Facebook, which believes it will have to make significant modifications to encrypted messaging apps like Facebook Messenger and WhatsApp to comply. But a much wider group of developers of encrypted messaging apps -- including Signal, Wickr, Threema and Wire -- is scrambling to overhaul their software so that key privacy features continue to work. Apple told The Information on Wednesday in a statement that it is working with the developers to resolve their concerns. "We've heard feedback on the API changes introduced in iOS 13 to further protect user privacy and are working closely with iOS developers to help them implement their feature requests," an Apple spokesperson said.

PatentlyApple has spotted several patents that suggest Apple is playing with the idea of making the Apple Watch's band identify users via their wrist's skin texture and arm hair. TechCrunch reports: The first patent describes a sensor built into the Watch or the watch's band that could use infrared to build a thermal image of your wrist and its identifying traits (like skin texture/arm hair) to identify who is wearing it -- sort of like a fingerprint, but from your wrist. Unlike most of Apple's other devices, the Apple Watch doesn't currently have any sort of built-in biometrics for unlocking -- there's no thumbprint sensor for Touch ID, or camera for Face ID. Unlocking your Apple Watch means poking at the screen to punch in a PIN (or, if you've configured it to unlock when you unlock your phone, doing that). A sensor setup like this could make the unlocking process automatic without the need to unlock your phone.

The second granted patent describes a Watch band that can adjust itself on the fly -- think Nike's self-tightening shoes, but on your wrist. If the Watch detects that it's sliding while you're running (or if the aforementioned thermal sensors need a closer look at your wrist skin) tensioners in the device could tighten or loosen the band on command. Finally, a third granted patent tinkers with the idea of a Watch band with built-in light-up indicators -- like, say, a notification light for incoming texts, or a meter that fills up to tell you at-a-glance how much distance you've got left on your run, or a stripe that glows yellow when you've got something on your calendar in the next hour. All of this can already be done on the Watch's screen, of course -- this would just allow for it without having to power up the entire display.

Ryan Bigg: I recently upgraded from a 2015 MacBook Pro to a 2018 MacBook Pro. So I've been using this computer as a work computer for almost 3 months now and, my god, the keyboard drives me mental. Even writing this blog post now on the train and there's:
duplicated "o's" that I've had to go back and fix, or missing ones -- guess how fun it is to write a book about a Toy Robot with this particular problem
double spaces -- or no spaces
a Command key that registers 9 out of every 10 times
words like "times" that inexplicably get spelled like "timies", or "about" that gets spelled like "abouot"

Apple is all about the thinness of their laptops. I do not particularly care about the thinness of this device. For the most part, it sits on one of two desks that I use or it sits on my lap on the train. Maybe I use it on the couch from time-to-time. I do not care about the thinness of this device while I am using it. I only care about it when I store it away, in my backpack. This keyboard has a key travel distance that, I am sure, is measured in microns or perhaps nanometers. It feels like I am typing on a concrete slab. Key presses inexplicably duplicate. Or don't register at all. All for thinness. This keyboard is a catastrophic engineering failure, designed by a company that should know better. A company with more money in the bank than several countries combined. This keyboard would be, by far, the part of the MacBook Pro that is used the most by everybody who owns one, and it is so poorly engineered for the pursuit of thinness. The author is a junior engineering program lead at Culture Amp, an analytics platform that specializes in staff surveying and analytics.

"The unprecedented attack on Apple iPhones revealed by Google this week was broader than first thought," reports Forbes: Multiple sources with knowledge of the situation said that Google's own Android operating system and Microsoft Windows PCs were also targeted in a campaign that sought to infect the computers and smartphones of the Uighur ethnic group in China. That community has long been targeted by the Chinese government, in particular in the Xinjiang region, where surveillance is pervasive.

Google's and Microsoft's operating systems were targeted via the same websites that launched the iPhone hacks, according to the sources, who spoke on the condition of anonymity. That Android and Windows were targeted is a sign that the hacks were part of a broad, two-year effort that went beyond Apple phones and infected many more than first suspected. One source suggested that the attacks were updated over time for different operating systems as the tech usage of the Uighur community changed...

The attacks appear to form part of a mass surveillance operation taking place on Uighur civilians, who've faced various forms of persecution in Xinjiang. Surveillance cameras are scattered across the region and facial recognition is prevalent.

As promised, popular RSS reader NetNewsWire, which changed ownership last year, has released v5.0. From a blog post: NetNewsWire 5.0 is shipping! In case you haven't been following along until just now: NetNewsWire is an open source RSS reader for Mac. It's free! You can just download it and use it. No strings. It's designed to be stable, fast, and free of bugs. It doesn't have a lot of features yet, and that's because we prioritized quality over features. We will be adding more features, of course, but not quickly. We're also working on an iOS app.

Following an Apple notice that a "limited number" of 15-inch MacBook Pros may have faulty batteries that could potentially create a fire safety risk, multiple airlines have barred transporting Apple laptops in their checked luggage -- in some cases, regardless of whether they fall under the recall. From a report: Bloomberg reported Wednesday that Qantas Airways and Virgin Australia had joined the growing list of airlines enforcing policies around the MacBook Pros. In a statement by email, a spokesperson for Qantas told Gizmodo that "[u]ntil further notice, all 15 inch Apple MacBook Pros must be carried in cabin baggage and switched off for flight following a recall notice issued by Apple." Virgin Australia, meanwhile, said in a "Dangerous Goods" notice on its website that any MacBook model "must be placed in carry-on baggage only. No Apple MacBooks are permitted in checked in baggage until further notice."

Both Singapore Airlines and Thai Airways also recently instituted policies around the MacBook Pros. In a statement on its website over the weekend, Singapore Airlines said that passengers are prohibited from bringing affected models on its aircraft either in their carry-ons or in their checked luggage "until the battery has been verified as safe or replaced by the manufacturer." Bloomberg previously reported that airlines TUI Group Airlines, Thomas Cook Airlines, Air Italy, and Air Transat also introduced bans on the laptops. The cargo activity of all four is managed by Total Cargo Expertise, which reportedly said in an internal notice to its staff that the affected devices are "prohibited on board any of our mandate carriers."

An unprecedented iPhone hacking operation, which attacked "thousands of users a week" until it was disrupted in January, has been revealed by researchers at Google's external security team. From a report: The operation, which lasted two and a half years, used a small collection of hacked websites to deliver malware on to the iPhones of visitors. Users were compromised simply by visiting the sites: no interaction was necessary, and some of the methods used by the hackers affected even fully up-to-date phones.

Once hacked, the user's deepest secrets were exposed to the attackers. Their location was uploaded every minute; their device's keychain, containing all their passwords, was uploaded, as were their chat histories on popular apps including WhatsApp, Telegram and iMessage, their address book, and their Gmail database. The one silver lining is that the implant was not persistent: when the phone was restarted, it was cleared from memory unless the user revisited a compromised site. However, according to Ian Beer, a security researcher at Google: "Given the breadth of information stolen, the attackers may nevertheless be able to maintain persistent access to various accounts and services by using the stolen authentication tokens from the keychain, even after they lose access to the device."

Get ready for the iPhone 11 on September 10. Apple today sent invites to reporters for its next big product launch. It plans to introduce its newest devices and services at 10am, at the Steve Jobs Theater in Cupertino. From a report: The iPhone may be a tougher sell this year. Apple isn't expected to change the basic design of the device, making it the first time the iPhone's had the same look for three years in a row. At the same time, rivals are introducing phones with flexible screens and with 5G -- two innovations not found in Apple devices. Many people are looking toward 2020 for big iPhone changes. This year, Apple is expected to introduce three new models, replacing the iPhone XS, XS Max and XR with the rumored iPhone 11, 11 Max/11 Pro and 11R. The devices likely will include better cameras, faster processors and iOS 13. They come at a time of malaise in the smartphone market, with people holding onto their devices longer than before.

Apple said on Thursday it will start offering independent repair shops parts, tools and guides to help fix broken iPhones. From a report: The new repair program allows big and small repair outfits to sign up and get access to parts for common out-of-warranty repairs, something that was previously restricted to Apple's network of authorized service providers. The move represents an about face for Apple, which typically encourages any repairs to be made by its authorized service providers and makes it difficult for users to replace aging or broken parts themselves. Additionally, the company has fought California's proposed right-to-repair bill, which would require companies like Apple to make repair information and parts available to both device owners and independent repair shops. Apple said the new program is free to join but that shops will be required to have an Apple-certified technician who has taken a preparatory course provided by the company.

Qantas airlines is now restricting MacBook Pro laptops from checked-in luggage on concern that batteries could catch fire. All 15-inch versions of Apple's MacBook Pro must be carried in the cabin and switched off, Qantas said in a statement Wednesday. The rule went into effect Tuesday morning. "Rival Virgin Australia went further on Aug. 26, banning all Apple laptops from checked-in luggage," adds Bloomberg. From the report: Australia's two biggest airlines join a growing list of carriers and jurisdictions across the world cracking down on the portable computers out of concern some could self-combust. The models in question are some 15-inch MacBook Pros sold from September 2015 to February 2017. Apple issued the recall in June, saying "in a limited number of older generation 15-inch MacBook Pro units, the battery may overheat and pose a fire safety risk." Singapore Airlines Ltd. and Thai Airways International PCL have already stopped passengers from taking any of the affected models on their aircraft.

Apple is making changes to the way that Siri audio review, or 'grading' works across all of its devices. From a report: First, it is making audio review an explicitly opt-in process in an upcoming software update. This will be applicable for every current and future user of Siri. Second, only Apple employees, not contractors, will review any of this opt-in audio in an effort to bring any process that uses private data closer to the company's core processes. Apple has released a blog post outlining some Siri privacy details that may not have been common knowledge as they were previously described in security white papers. Apple apologizes for the issue. In a statement, the company said, "as a result of our review, we realize we haven't been fully living up to our high ideals, and for that we apologize. As we previously announced, we halted the Siri grading program. We plan to resume later this fall when software updates are released to our users -- but only after making the following changes..."

Apple has released today an iOS security update to patch a bug the company accidentally un-patched in an earlier release, introducing a security weakness that allowed hackers to craft new jailbreaks for current iOS versions. From a report: The original bug, discovered by Ned Williamson, a Google Project Zero security engineer, allows a malicious app to exploit a "user-after-free" vulnerability and run code with system privileges in the iOS kernel. iOS version 12.4.1, released today, re-patches this bug that was initially fixed in iOS 12.3 but was accidentally unpatched in iOS 12.4, last month. Sadly, Apple's blunder didn't go unnoticed and earlier this month, a security researcher named Pwn20wnd released a public exploit based on Williamson's bug that could be used to jailbreak up-to-date iOS devices and grant users complete control over their iPhones. But while users taking a risk and jailbreaking their own devices doesn't sound that dangerous, a lesser-known fact is that malware operators and spyware vendors can also use Pwn20wnd's jailbreak as well.