According to code seen by 9to5Mac, Apple is set to roll out rich system-wide support for mouse cursors with iOS 14. From a report: Apple added rudimentary compatibility with external mice in iOS 13 Accessibility settings, but iOS 14 (iPadOS 14) will make it mainstream. The iOS 14 build also referenced two new Smart Keyboard models in development. The changes coming to the software will bring most of the cursor features you recognize from a Mac desktop experience to iOS. One difference may be that the pointer disappears automatically after a few seconds of not touching the connected mouse or trackpad, a concession to the touch-first experience of the iPad. It would reappear when the user attempts to move the cursor again.

This includes support for multiple pointers depending on what is being hovered over, like switching from a standard arrow pointer to a pointing hand when hovering over links. It is possible these APIs could then automatically translate over to Mac apps using Catalyst, which currently lacks an API for changing mouse cursor type. Apple is also developing support for Mac-like gesture, like tap with two fingers to right-click.

"New academic research published last month looked at the phone-home [telemetry] features of six of today's most popular browsers and found that the Brave browser sent the smallest amount of data about its users back to the browser maker's servers," reports ZDNet: The research, conducted by Douglas J. Leith, a professor at Trinity College at the University of Dublin, looked at Google Chrome, Mozilla Firefox, Apple Safari, Brave, Microsoft Edge (the new Chromium-based version), and the Yandex Browser.

"In the first (most private) group lies Brave, in the second Chrome, Firefox, and Safari, and in the third (least private) group lie Edge and Yandex...." [T]he professor found evidence that Chrome, Firefox, and Safari all tagged telemetry data with identifiers that were linked to each browser instance. These identifiers allowed Google, Mozilla, and Apple to track users across browser restarts, but also across browser reinstalls...

[T]he most intrusive phoning-home features were found in the new version of Microsoft Edge and the official Yandex Browser. According to Prof. Leith, both used unique identifiers that were linked to the device's hardware, rather than the browser installation. Tracking users by hardware allows Microsoft and Yandex to follow users across installations and potentially link browser installs with other apps and online identities. The professor said that Edge collected the hardware UUID of the user's computer, an identifier that cannot be easily changed or deleted without altering a computer's hardware. Similarly, Prof. Leith also found that Yandex transmitted a hash of the hardware serial number and MAC address to its backend servers.

"As far as we can tell this behaviour [in Edge and Yandex] cannot be disabled by users," the professor said.
The article also points out that Brave was the only browser that didn't use search autocomplete functionality to collect and send back information on a user's visited web pages. (Even though this can be disabled in Firefox, Chrome, and Safari, it's on by default.)

But Edge and Yandex "also sent back information about visited web pages that did not appear to be related to the search autocomplete feature, suggesting the browsers had other ways to track users' browsing habits."

Ten years ago, David Wang pulled off a remarkable trick, installing Android on the first-generation iPhone. Now Wang and his colleagues at cybersecurity startup Corellium are doing it again with the ostentatiously titled Project Sandcastle. From a report: And Forbes got an exclusive hands-on look at their Android for iPhone product ahead of its public release scheduled for later this Wednesday. The timing is sure to have Apple fanboys rubbernecking: Corellium is in the middle of being sued by Apple. As previously reported by Forbes, in August last year, Corellium was taken to court over Apple claims the startup breached copyright laws by creating software versions of the iPhone for security and testing. The case took a surprise turn late last month when Apple subpoenaed Spanish banking giant Santander and the $50 billion U.S. military and intelligence contractor L3Harris.

But Corellium has lofty ambitions for Project Sandcastle, saying that it'll actually show how Apple's walled garden, which it has fiercely protected since launching its flagship phone in 2007, can be deconstructed and taken over by others' software. "Project Sandcastle is about having fun building something new from the sand -- from the literal silicon of the hardware," said Corellium CEO Amanda Gorton, in a statement sent to Forbes. "Apple restricts iPhone users to operate inside a sandbox, but users own that hardware, and they should be able to use that hardware the way they want. So where sandboxes create limits and boundaries on the hardware that users own, sandcastles provide an opportunity to create something new and wonderful from the limitless bounds of your imagination."

Apple will now allow push notifications to be used for advertising, so long as users agree to receive the ads first. From a report: Apple updated its App Store guidelines today with a change to its traditionally strict restrictions around push notifications. Apple has long banned apps from using notifications for "advertising, promotions, or direct marketing purposes," but that changes today. Apps can now send marketing notifications when "customers have explicitly opted in to receive them." Users must also be able to opt out of receiving the ads.

The latest "feature drop" for Google's Pixel line of Android phones includes the ability to "firmly press" on the screen "to get more help from your apps more quickly." If that sounds familiar, it's because it's a lot like iPhone's 3D Touch, which Apple stopped supporting in all of its 2019 iPhones. The Verge reports: "Firmly press" sets off alarm bells because it sounds a lot like the iPhone's 3D Touch, which enables different actions depending on how hard you press on the touchscreen. It was a beloved feature for some people because it gave faster access to the cursor mode on the iPhone's keyboard (I think long-pressing the space bar works fine for that, but I get that people love it). It's also gone on the latest versions of the iPhone -- Apple has seemingly abandoned it because the hardware to support it was too expensive/thick/complex/finicky/whatever. But now, it seems that Google has done the same thing for the touchscreen that it does with the camera: use its software algorithms to make commodity parts do something special. That is a very Googley thing to do, but not quite as Googley as the fact that there was virtually no information about this feature to be found anywhere on the internet beyond a speculative note over at XDA Developers.

After a few hours of back and forth, I finally got more details from Google. Here's what this feature does, according to Google: "Long Press currently works in a select set of apps and system user interfaces such as the app Launcher, Photos, and Drive. This update accelerates the press to bring up more options faster. We also plan to expand its applications to more first party apps in the near future." Essentially, this new feature lets you press harder to bring up long-press menus faster. In fact, Google's documentation for Android's Deep Press API explicitly says it should never do a new thing, it should only be a faster way to execute a long press. The answer to why it only works in certain apps is that a lot of Android developers aren't using standard APIs for long press actions. Because Android. Okay, but how does it work? It turns out my hunch was correct: Google has figured out how to use machine learning algorithms to detect a firm press, something Apple had to use hardware for.

John Gruber spotted this announcement on decades old Apple news aggregation site MacSurfer's website: Dear MHN Readers:

Not seeing a viable future with subscriptions, MacSurfer and TechNN will cease operations effective immediately. Please allow a few weeks to process forthcoming refunds. If need be, subscription inquiries can be addressed to the Publisher at the bottom of the Homepage. Thanks kindly for your support, and thanks for the memories... Further reading: Adios, MacSurfer.

According to a report from The Information, Apple plans to introduce a trackpad-equipped keyboard attachment for the iPad Pro alongside its new iPad Pro models sometime this year. Ars Technica reports: This would make Apple's iPad Pro compete more directly with Microsoft's Surface lineup, with 2-in-1 convertible laptops, and with various Chrome OS devices. Apple's iPad has sold well in the marketplace, but power users often complain that its interface is not always suitable for heavy duty work. According to The Information's source, the new keyboards would be made by Foxconn, a major manufacturing partner to Apple that operates primarily in China. The report did not provide much insight on how the spread of the coronavirus might affect this product's launch, though there have been other reports of supply-line problems with Foxconn and other Apple partners in China that may impact the launches of Apple products planned for 2020.

Numerous rumors previously suggested that the iPad Pro refresh was due in the next couple of months, but the coronavirus-related supply struggles have led to uncertainty about Apple's plans. The refreshed tablet is surely still coming, but the timeline is unclear. But if this report is true, it looks like this update could be about more than just nicer cameras and faster processors.

Apple has agreed to pay up to $500 million to settle litigation accusing it of quietly slowing down older iPhones as it launched new models, to induce owners to buy replacement phones or batteries. From a report: The preliminary proposed class-action settlement was disclosed on Friday night and requires approval by U.S. District Judge Edward Davila in San Jose, California. It calls for Apple to pay consumers $25 per iPhone, which may be adjusted up or down depending on how many iPhones are eligible, with a minimum total payout of $310 million. Apple denied wrongdoing and settled the nationwide case to avoid the burdens and costs of litigation, court papers show. Friday's settlement covers U.S. owners of the iPhone 6, 6 Plus, 6s, 6s Plus, 7, 7Plus or SE that ran the iOS 10.2.1 or later operating system. It also covers U.S. owners of the iPhone 7 and 7 Plus that ran iOS 11.2 or later before Dec. 21, 2017.

Malware developers are always trying to outdo each other with creations that are stealthier and more advanced than their competitors'. At the RSA Security conference last week, a former hacker for the National Security Agency demonstrated an approach that's often more effective: stealing and then repurposing a rival's code. From a report: Patrick Wardle, who is now a security researcher at the macOS and iOS enterprise management firm Jamf, showed how reusing old Mac malware can be a smarter and less resource-intensive approach for deploying ransomware, remote access spy tools, and other types of malicious code. Where the approach really pays dividends, he said, is with the repurposing of advanced code written by government-sponsored hackers. "There are incredibly well-funded, well-resourced, very motivated hacker groups in three-letter agencies that are creating amazing malware that's fully featured and also fully tested," Wardle said during a talk titled "Repurposed Malware: A Dark Side of Recycling." "The idea is: why not let these groups in these agencies create malware and if you're a hacker just repurpose it for your own mission?" he said.

To prove the point, Wardle described how he altered four pieces of Mac malware that have been used in in-the-wild attacks over the past several years. The repurposing caused the malware to report to command servers belonging to Wardle rather than the servers designated by the developers. From there, Wardle had full control over the recycled malware. The feat allowed him to use well-developed and fully featured applications to install his own malicious payloads, obtain screenshots and other sensitive data from compromised Macs, and carry out other nefarious actions written into the malware.

An iPhone app built by controversial facial recognition startup Clearview AI has been blocked by Apple, effectively banning the app from use. From a report: Apple confirmed to TechCrunch that the startup "violated" the terms of its enterprise program. The app allows its users -- which the company claims it serves only law enforcement officers -- to use their phone camera or upload a photo to search its database of three billion photos. But BuzzFeed News revealed that the company -- which claims to only cater to law enforcement users -- also includes many private sector users, including Macy's, Walmart, and Wells Fargo. Clearview AI has been at the middle of a media -- and legal -- storm since its public debut in The New York Times last month. The company scrapes public photos from social media sites, drawing ire from the big tech giants which claim Clearview AI misused their services. But it's also gained attention from hackers. On Wednesday, Clearview AI confirmed a data breach, in which its client list was stolen.

Apple is working on an iPad keyboard that includes a built-in trackpad, reports The Information, citing a person familiar with the company's product roadmap. From a report: Apple has reportedly been experimenting with trackpads for the iPad for a "number of years." Some of the prototypes have featured capacitive keys, though it is not known if this feature is in the finished product. The Information's source says that the keyboard will be made from materials similar to those in Apple's current Smart Keyboard Folio designed for the iPad Pro. Apple is preparing the keyboard for mass production at the current time, and is expected to release the new accessory alongside the next version of the iPad Pro.

Apple is trying really, really hard to always come off as the good guys. From a report: According to Rian Johnson, director of Knives Out, Apple won't let villains use iPhones on-screen. Apple is so obsessed with how the public conceptualizes its products that the company has taken steps to ensure none of the bad guys ever use its phones in movies. Johnson told Vanity Fair in an interview, "Also another funny thing, I don't know if I should say this or not... Not cause it's like lascivious or something, but because it's going to screw me on the next mystery movie that I write, but forget it, I'll say it. It's very interesting. Apple... they let you use iPhones in movies but -- and this is very pivotal if you're ever watching a mystery movie - bad guys cannot have iPhones on camera."

New submitter John Trumpian shares a report from Reuters: The U.S. Supreme Court on Monday refused to hear Apple's bid to avoid paying about $440 million in damages for using patent licensing firm VirnetX's internet security technology without permission in features such as FaceTime video calling. The justices rejected Apple's appeal in the long-running case in which a federal jury in 2016 found that Apple had infringed VirnetX's patents and awarded $302 million. A judge later increased that amount to $439.7 million including interest and other costs.

The case dates back to 2010 when Nevada-based VirnetX filed suit in federal court in the Eastern District of Texas accusing Cupertino, California-based Apple of infringing four patents for secure networks, known as virtual private networks, and secure communications links. VirnetX said Apple infringed with its FaceTime and VPN on Demand features in products such as the iPhone and iPad. The U.S. Court of Appeals for the Federal Circuit in Washington, which specializes in patent disputes, upheld the judgment against Apple last year.

Ming-Chi Kuo is out with a new analyst note today and the most interesting part of his forecast is that Apple will release its first Mac with an ARM processor in the first half of 2021. From a report: Kuo is predicting that one of Apple's new products to be released within the next 12-18 months will be a Mac with an in-house processor, instead of using an Intel CPU. There have been growing reports over the last couple of years about Apple making the switch to a custom-designed ARM processor for its Macs and today's report gives a concrete timeframe for when to expect that launch, which has actually held true since Kuo's prediction back in 2018. Since the coronavirus outbreak, Kuo highlights that Apple has been "more aggressive" with its funding for research, development, and production of 5nm process chips that are expected to show up in the first Macs with ARM CPUs. That's because 5nm chips will be integral to iPhone, iPad later this year, as well as Macs come 2021.

"Safari will, later this year, no longer accept new HTTPS certificates that expire more than 13 months from their creation date..." writes the Register.

Long-time Slashdot reader nimbius shares their report: The policy was unveiled by the iGiant at a Certification Authority Browser Forum (CA/Browser) meeting on Wednesday. Specifically, according to those present at the confab, from September 1, any new website cert valid for more than 398 days will not be trusted by the Safari browser and instead rejected.

Older certs, issued prior to the deadline, are unaffected by this rule.

By implementing the policy in Safari, Apple will, by extension, enforce it on all iOS and macOS devices. This will put pressure on website admins and developers to make sure their certs meet Apple's requirements — or risk breaking pages on a billion-plus devices and computers... The aim of the move is to improve website security by making sure devs use certs with the latest cryptographic standards, and to reduce the number of old, neglected certificates that could potentially be stolen and re-used for phishing and drive-by malware attacks... We note Let's Encrypt issues free HTTPS certificates that expire after 90 days, and provides tools to automate renewals.

Apple is considering giving rival apps more prominence on iPhones and iPads and opening its HomePod speaker to third-party music services after criticism the company provides an unfair advantage to its in-house products. From a report: The technology giant is discussing whether to let users choose third-party web browser and mail applications as their default options on Apple's mobile devices, replacing the company's Safari browser and Mail app, according to people familiar with the matter. Since launching the App Store in 2008, Apple hasn't allowed users to replace pre-installed apps such as these with third-party services. That has made it difficult for some developers to compete, and has raised concerns from lawmakers probing potential antitrust violations in the technology industry.

The web browser and mail are two of the most-used apps on the iPhone and iPad. To date, rival browsers like Google Chrome and Firefox and mail apps like Gmail and Microsoft Outlook have lacked the status of Apple's products. For instance, if a user clicks a web link sent to them on an iPhone, it will automatically open in Safari. Similarly, if a user taps an email address -- say, from a text message or a website -- they'll be sent to the Apple Mail app with no option to switch to another email program. The Cupertino, California-based company also is considering loosening restrictions on third-party music apps, including its top streaming rival Spotify, on HomePods, said the people, who asked not to be named discussing internal company deliberations.

Larry Tesler, a computer scientist who created the terms "cut," "copy," and "paste," has passed away at the age of 74. Gizmodo reports: Born in 1945 in New York, Tesler went on to study computer science at Stanford University, and after graduation he dabbled in artificial intelligence research (long before it became a deeply concerning tool) and became involved in the anti-war and anti-corporate monopoly movements, with companies like IBM as one of his deserving targets. In 1973 Tesler took a job at the Xerox Palo Alto Research Center (PARC) where he worked until 1980. Xerox PARC is famously known for developing the mouse-driven graphical user interface we now all take for granted, and during his time at the lab Tesler worked with Tim Mott to create a word processor called Gypsy that is best known for coining the terms "cut," "copy," and "paste" when it comes to commands for removing, duplicating, or repositioning chunks of text.

Xerox PARC is also well known for not capitalizing on the groundbreaking research it did in terms of personal computing, so in 1980 Tesler transitioned to Apple Computer where he worked until 1997. Over the years he held countless positions at the company including Vice President of AppleNet (Apple's in-house local area networking system that was eventually canceled), and even served as Apple's Chief Scientist, a position that at one time was held by Steve Wozniak, before eventually leaving the company.

In addition to his contributions to some of Apple's most famous hardware, Tesler was also known for his efforts to make software and user interfaces more accessible. In addition to the now ubiquitous "cut," "copy," and "paste" terminologies, Tesler was also an advocate for an approach to UI design known as modeless computing, which is reflected in his personal website. In essence, it ensures that user actions remain consistent throughout an operating system's various functions and apps. When they've opened a word processor, for instance, users now just automatically assume that hitting any of the alphanumeric keys on their keyboard will result in that character showing up on-screen at the cursor's insertion point. But there was a time when word processors could be switched between multiple modes where typing on the keyboard would either add characters to a document or alternately allow functional commands to be entered.

Software developer Steve Streza: Over the years, Apple has built up a portfolio of services and add-ons that you pay for. Starting with AppleCare extended warranties and iCloud data subscriptions, they expanded to Apple Music a few years ago, only to dramatically ramp up their offerings last year with TV+, News+, Arcade, and Card. [...] If you don't subscribe to these services, you'll be forced to look at these ads constantly, either in the apps you use or the push notifications they have turned on by default. The pervasiveness of ads in iOS is a topic largely unexplored, perhaps due to these services having a lot of adoption among the early adopter crowd that tends to discuss Apple and their design. This isn't a value call on the services themselves, but a look at how aggressively Apple pushes you to pay for them, and how that growth-hack-style design comes at the expense of the user experience. In this post, I'll break down all of the places in iOS that I've found that have Apple-manufactured ads.

Apple said on Monday that it does not expect to meet the revenue guidance for the March quarter. In a press release, the company added: As the public health response to COVID-19 continues, our thoughts remain with the communities and individuals most deeply affected by the disease, and with those working around the clock to contain its spread and to treat the ill. Apple is more than doubling our previously announced donation to support this historic public health effort. Our quarterly guidance issued on January 28, 2020 reflected the best information available at the time as well as our best estimates about the pace of return to work following the end of the extended Chinese New Year holiday on February 10. Work is starting to resume around the country, but we are experiencing a slower return to normal conditions than we had anticipated. As a result, we do not expect to meet the revenue guidance we provided for the March quarter due to two main factors. The first is that worldwide iPhone supply will be temporarily constrained. While our iPhone manufacturing partner sites are located outside the Hubei province -- and while all of these facilities have reopened -- they are ramping up more slowly than we had anticipated.

The health and well-being of every person who helps make these products possible is our paramount priority, and we are working in close consultation with our suppliers and public health experts as this ramp continues. These iPhone supply shortages will temporarily affect revenues worldwide. The second is that demand for our products within China has been affected. All of our stores in China and many of our partner stores have been closed. Additionally, stores that are open have been operating at reduced hours and with very low customer traffic. We are gradually reopening our retail stores and will continue to do so as steadily and safely as we can.

An anonymous reader quotes a report from IEEE Spectrum: A test by Penumbra Brands to measure how much radiofrequency energy an iPhone 11 Pro gives off found that the phone emits more than twice the amount allowable by the U.S. Federal Communications Commission. The FCC measures exposure to RF energy as the amount of wireless power a person absorbs for each kilogram of their body. The agency calls this the specific absorption rate, or SAR. For a cellphone, the FCC's threshold of safe exposure is 1.6 watts per kilogram. Penumbra's test found that an iPhone 11 Pro emitted 3.8 W/kg.

Ryan McCaughey, Penumbra's chief technology officer, said the test was a follow up to an investigation conducted by the Chicago Tribune last year. The Tribune tested several generations of Apple, Samsung, and Motorola phones, and found that many exceeded the FCC's limit. Penumbra used RF Exposure Labs, an independent, accredited SAR testing lab for the tests (The Tribune also used the San Diego-based lab for its investigation). Penumbra was conducting the test, which also included testing an iPhone 7, to study its Alara phone cases, which the company says are designed to reduce RF exposure in a person. It's worth noting that when the FCC conducted a follow-up investigation they did not find evidence that any of the phones exceed SAR limits. "That said, while the Tribune and Penumbra both used off-the-shelf phones, the FCC largely tested phones supplied by the manufacturers, including Apple," adds IEEE Spectrum.

Joel Moskowitz, a researcher at UC Berkeley, says that could be because there's a systematic problem with RF Exposure Lab's testing methods, or Apple rigged the software in the provided test phones to ensure they didn't put out enough power to exceed the SAR limit. Either way, both McCaughey and Moskowitz agree that the FCC's RF exposure testing is woefully out of date, as the limits reflect what the FCC deemed safe 25 years ago.