A new patent application from Apple, titled "Electronic Devices with Flexible Displays," describes how the company could prevent foldable smartphone displays from getting damaged in extreme temperatures. "While at or in the region of typical temperatures hospitable to humans, folding systems may work fine, but adhesives and other elements used in a device's production may become more resistant to flexing at cold temperatures, which could cause unwanted wear or damage to the display if attempted in such conditions," reports AppleInsider. "To mitigate the cold temperature, Apple simply suggests there should be some way to warm up the area of the display panel where the bend takes place." From the report: As part of Apple's solution, an onboard temperature sensor is used to determine how warm the device is, and whether or not there is any danger to allowing the screen to be flexed by the user. The warming process itself can be performed by a heating element located near to the section that bends the most, with heat conductors transferring the warmth to where it is required. A heating element may not be practical to add to such a device, which has led to Apple suggesting an alternative, namely using the heat generated by illuminating the screen. To do this, a screensaver could be used that concentrates most on the bent section, such as by making it brighter and lit up more than the rest of the screen.

As the heating process could take time to complete, Apple notes there is a danger of the display being flexed before it is safe to do so, something it has also considered. Aside from warning the user on an attempt to bend, Apple believes the use of a latching mechanism to keep the device closed while folded may be worth investigating, both as a mechanical latch and by the folded device being held shut by magnets. When the temperature of the area is relatively safe, the latching system can be disengaged and the user will be free to open the device once again. The patent application does not seem to answer the question of how to prevent the user from folding up an unfolded device, but it could be feasible some form of locking mechanism could be used when the smartphone is flat.

Bismillah writes: Researchers have published the results of exploring how vulnerable Thunderbolt is to DMA attacks, and the answer is "very." Be careful what you plug into that USB-C port. Yes, the set of vulnerabilities has a name: "Thunderclap." "Thunderbolt, which is available through USB-C ports on modern laptops, provides low-level direct memory access (DMA) at much higher privilege levels than regular universal serial bus peripherals," reports ITNews, citing a paper published from a team of researchers from the University of Cambridge, Rice University and SRI International. "This opens up laptops, desktops and servers with Thunderbolt input/output ports and PCI-Express connectors to attacks using malicious DMA-enabled peripherals. The main defense against the above attacks is the input-output memory management unit (IOMMU) that allows devices to access only the memory needed for the job to be done. Enabling the IOMMU to protect against DMA attacks comes at a high performance cost however. Most operating systems trade off security for performance gains, and disable the IOMMU by default."

"Apple's macOS uses the IOMMU, but even with the hardware defense enabled, the researchers were able to use a fake network card to read data traffic that is meant to be confined to the machine and never leave it," the report adds. "The network card was also able to run arbitrary programs at system administrator level on macOS and could read display contents from other Macs and keystrokes from a USB keyboard. Apple patched the vulnerability in macOS 10.12.4 that was released in 2016, but the researchers say the more general scope of such attacks remains relevant."

Developers and Intel officials have told Axios that Apple is expected to move its Mac line to custom ARM-based chips as soon as next year. "Bloomberg offered a bit more specificity on things in a report on Wednesday, saying that the first ARM-based Macs could come in 2020, with plans to offer developers a way to write a single app that can run across iPhones, iPads and Macs by 2021," reports Axios. "The first hints of the effort came last year when Apple offered a sneak peek at its plan to make it easier for developers to bring iPad apps to the Mac." From the report: If anything, the Bloomberg timeline suggests that Intel might actually have more Mac business in 2020 than some had been expecting. The key question is not the timeline but just how smoothly Apple is able to make the shift. For developers, it will likely mean an awkward period of time supporting new and classic Macs as well as new and old-style Mac apps. The move could give developers a way to reach a bigger market with a single app, although the transition could be bumpy. For Intel, of course, it would mean the loss of a significant customer, albeit probably not a huge hit to its bottom line.

An anonymous reader quotes a report from TechCrunch: Apple has confirmed its plans to close retail stores in the Eastern District of Texas -- a move that will allow the company to better protect itself from patent infringement lawsuits, according to Apple news sites 9to5Mac and MacRumors which broke the news of the stores' closures. Apple says that the impacted retail employees will be offered new jobs with the company as a result of these changes. The company will shut down its Apple Willow Bend store in Plano, Texas as well as its Apple Stonebriar store in Frisco, Texas, MacRumors reported, and Apple confirmed. These stores will permanently close up shop on Friday, April 12. Customers in the region will instead be served by a new Apple store located at the Galleria Dallas Shopping Mall, which is expected to open April 13. "The Eastern District of Texas had become a popular place for patent trolls to file their lawsuits, though a more recent Supreme Court ruling has attempted to crack down on the practice," the report adds. "The court ruled that patent holders could no longer choose where to file." One of the most infamous patent holding firms is VirnetX, which has won several big patent cases against Apple in recent years.

A spokesperson for Apple confirmed the stores' closures, but wouldn't comment on the company's reasoning: "We're making a major investment in our stores in Texas, including significant upgrades to NorthPark Center, Southlake and Knox Street. With a new Dallas store coming to the Dallas Galleria this April, we've made the decision to consolidate stores and close Apple Stonebriar and Apple Willow Bend. All employees from those stores will be offered positions at the new Dallas store or other Apple locations."

For some reason, Apple's website where you can manage your Apple ID (appleid.apple.com) is blocking users of Linux browsers from accessing it. From a report: Having access to the website is important to manage things such as payment information, two-factor authentication, and other account details. Even though the number of Linux users accessing the website must be relatively small compared to other operating systems, some iPhone users who use Linux on the desktop noticed the issue. This behavior was first explained by user Alexander Martin on Mastodon. He discovered that when the browser reports itself as being a Linux browser, Apple's website will block the access by throwing a "Bad Gateway" error.

Mark Gurman, reporting for Bloomberg: Apple wants to make it easier for software coders to create tools, games and other applications for its main devices in one fell swoop -- an overhaul designed to encourage app development and, ultimately, boost revenue. The ultimate goal of the multistep initiative, code-named "Marzipan," is by 2021 to help developers build an app once and have it work on the iPhone, iPad and Mac computers, said people familiar with the effort. That should spur the creation of new software, increasing the utility of the company's gadgets.

Later this year, Apple plans to let developers port their iPad apps to Mac computers via a new software development kit that the company will release as early as June at its annual developer conference. Developers will still need to submit separate versions of the app to Apple's iOS and Mac App Stores, but the new kit will mean they don't have to write the underlying software code twice, said the people familiar with the plan. In 2020, Apple plans to expand the kit so iPhone applications can be converted into Mac apps in the same way. Further reading: Tim Cook, in April 2018: Users Don't Want iOS To Merge With MacOS.

An anonymous reader quotes a report from Reuters: Qualcomm is urging U.S. trade regulators to reverse a judge's ruling and ban the import of some Apple iPhones in a long-running patent fight between the two companies. Qualcomm is seeking the ban in hopes of dealing Apple a blow before the two begin a major trial in mid-April in San Diego over Qualcomm's patent licensing practices. Qualcomm has sought to apply pressure to Apple with smaller legal challenges ahead of that trial and has won partial iPhone sales bans in China and Germany against Apple, forcing the iPhone maker to ship only phones with Qualcomm chips to some markets. Any possible ban on iPhone imports to the United States could be short-lived because Apple last week for the first time disclosed that it has found a software fix to avoid infringing on one of Qualcomm's patents. Apple asked regulators to give it as much as six months to prove that the fix works.

Qualcomm brought a case against Apple at the U.S. International Trade Commission in 2017 alleging that some iPhones violated Qualcomm patents to help smart phones run well without draining their batteries. Qualcomm asked for an import ban on some older iPhone models containing Intel chips. In September, Thomas Pender, an administrative law judge at the ITC, found that Apple violated one of the patents in the case but declined to issue a ban. Pender reasoned that imposing a ban on Intel-chipped iPhones would hand Qualcomm an effective monopoly on the U.S. market for modem chips, which connect smart phones to wireless data networks. Pender's ruling said that preserving competition in the modem chip market was in the public interest as speedier 5G networks come online in the next few years.

An anonymous reader writes: Apple's new Mac products might have a serious audio glitch for professional users. The company's newest Mac products with its T2 security chip suffer from a software-related bug that leads to issues with audio performance. The issue seemingly affects devices with the T2 chip -- that includes the iMac Pro, Mac Mini 2018, MacBook Air 2018, and MacBook Pro 2018. Although Apple's T2 chip is designed to offer improved security, it's affecting users in the pro audio industry.

As CDM reports, there is a bug in macOS that leads to dropouts and glitches in audio whenever a Mac automatically updates its system clock through the system time daemon. Users have been reporting the issue across a bunch of different pro audio forums for months, and it seems like the issue has never been acknowledged by Cupertino. The issue here is pretty simple to understand, as explained by a DJ software developer on Reddit: whenever the system time daemon automatically updates the system time, it somehow sends a 'pause-audio-engine' message to the kernel, leading to dropouts and glitches in audio.

Apple is planning an "all-new" MacBook Pro design for this year, well-connected analyst Ming-Chi Kuo has said. From a report: The lineup is reportedly led by a model with a screen of between 16 and 16.5 inches, which would make it the biggest screen in a Mac notebook since the 17-inch models stopped being sold in 2012. Kuo says the lineup may also include a 13-inch model with support for 32GB of RAM; right now only the 15-inch MacBook Pro can be configured with that amount of memory.

[...] More interestingly, Kuo has the first credible details of the external monitor that will mark Apple's return to the pro display market. It's said to be a 31.6-inch 6K display with a "Mini LED-like backlight design." Apple discontinued its last monitor, the Thunderbolt Display, back in 2016; right now the best option for owners of more modern Macs is the Apple-sanctioned but imperfect 27-inch LG UltraFine 5K.

In a report published Monday, The Information [paywalled] has detailed tactics used by China's Huawei to steal Apple's trade secrets. These tactics include Huawei engineers appealing to Apple's third-party manufacturers and suppliers with promises of big orders, but instead using the opportunity to pry on processes specific to iPhone-maker's component production. From a report: According to today's report, a Huawei engineer in charge of the company's smartwatch project tracked down a supplier that makes the heart rate sensor for the Apple Watch. The Huawei engineer arranged a meeting, suggesting he was offering the supplier a lucrative manufacturing contract, but during the meeting his main intent was questioning the supplier about the Apple Watch. The Huawei engineer attended the supplier meeting with four Huawei researchers in tow. The Huawei team spent the next hour and a half pressing the supplier for details about the Apple Watch, the executive said. "They were trying their luck, but we wouldn't tell them anything," the executive said. After that, Huawei went silent.

This event reportedly reflects "a pattern of dubious tactics" performed by Huawei to obtain technology from rivals, particularly Apple's China-based suppliers. According to a Huawei spokesperson the company has not been in the wrong: "In conducting research and development, Huawei employees must search and use publicly available information and respect third-party intellectual property per our business-conduct guidelines." According to the U.S. Justice Department, Huawei is said to have a formal program that rewards employees for stealing information, including bonuses that increase based on the confidential value of the information gathered.

dryriver writes: For many older people, you use Windows, macOS, or Linux on the desktop, and Android or iOS on mobile devices. Nobody is screaming for an Android desktop PC or an iOS 17.3-inch laptop computer. But what about younger generations growing up, from a very young age, glued to devices with these two mobile operating systems running on it? Will they want to use Windows, macOS, or Linux just like us old farts when they grow older, or will they want their favorite mobile operating systems running -- in a beefed up and more robust form -- on desktop and laptop computers which they use for school, college, and/or work as well? Since we are on this topic -- could Android or iOS one day become reasonably usable desktop operating systems from an architectural standpoint? And could Google and Apple already be planning for an "Android and iOS on the desktop" computing future, without telling anyone about it publicly?

Pirates used Apple's enterprise developer certificates to put out hacked versions of some major apps, a report said Thursday. From the report: Illicit software distributors such as TutuApp, Panda Helper, AppValley and TweakBox have found ways to use digital certificates to get access to a program Apple introduced to let corporations distribute business apps to their employees without going through Apple's tightly controlled App Store. Using so-called enterprise developer certificates, these pirate operations are providing modified versions of popular apps to consumers, enabling them to stream music without ads and to circumvent fees and rules in games, depriving Apple and legitimate app makers of revenue. By doing so, the pirate app distributors are violating the rules of Apple's developer programs, which only allow apps to be distributed to the general public through the App Store. Downloading modified versions violates the terms of service of almost all major apps.

A new variant of the multi-stage Shlayer malware known to target macOS users has been observed in the wild, now being capable to escalate privileges using a two-year-old technique and to disable the Gatekeeper protection mechanism to run unsigned second stage payloads. Bleeping Computer reports: This new Shlayer variant unearthed by Carbon Black's Threat Analysis Unit (TAU) targets all macOS releases up to the latest 10.14.3 Mojave, and will arrive on the targets' machines as a DMG, PKG, ISO, or ZIP files, some of them also signed with a valid Apple developer ID to make them look legitimate. Shlayer samples found by TAU also use malicious shell scripts to download additional payloads just like older installments did, and, in the case of samples distributed as DMG images, will surreptitiously launch a .command script in the background after the user launches the fake Flash installer. The malicious script included in the DMG is encoded using base64 and will decrypt a second AES encrypted script which will be executed automatically after being decrypted.

One it successfully downloads the second stage malware payload, Shlayer will "to escalate privileges with sudo using a technique invoking /usr/libexec/security_authtrampoline," presented by Patrick Wardle in his Death by 1000 Installers talk at DEFCON 2017. The next step is to download extra payloads which all contain adware according to TAU and it makes sure they'll be able to run on the compromised Mac by disabling the Gatekeeper protection mechanism. After this is accomplished, all extra payloads downloaded and launched by Shlayer will be seen as whitelisted software because the OS will no longer check if they are signed with an Apple developer ID. Also, just in case the malware is not able to disable Gatekeeper on the infected Mac, some of the second stage payloads are also signed with valid developer IDs.

The SEC Wednesday charged a former Apple executive with insider trading. From a report: Gene Levoff, senior director of corporate law and corporate secretary until September, "traded on material nonpublic information about Apple's earnings three times during 2015 and 2016," according to the lawsuit filed Wednesday in the U.S. District Court of New Jersey. "Levoff also had a previous history of insider trading, having traded on Apple's material nonpublic information at least three additional times in 2011 and 2012. For the trading in 2015 and 2016, Levoff profited and avoided losses of approximately $382,000," the complaint says. Levoff's position at Apple granted him insider access to not-yet-public earnings results and briefings on iPhone sales, the complaint says. On more than one occasion, he disobeyed the company's "blackout" period for stock transactions, selling or buying stock worth tens of millions of dollars, according to the SEC.

Zorro shares a report from The Wall Street Journal: Apple's plan to create a subscription service for news is running into resistance from major publishers over the tech giant's proposed financial terms (Warning: source may be paywalled; alternative source), according to people familiar with the situation, complicating an initiative that is part of the company's efforts to offset slowing iPhone sales. In its pitch to some news organizations, the Cupertino, Calif., company has said it would keep about half of the subscription revenue from the service, the people said. The service, described by industry executives as a "Netflix for news," would allow users to read an unlimited amount of content from participating publishers for a monthly fee. It is expected to launch later this year as a paid tier of the Apple News app, the people said. The rest of the revenue would go into a pool that would be divided among publishers according to the amount of time users spend engaged with their articles, the people said. Representatives from Apple have told publishers that the subscription service could be priced at about $10 a month, similar to Apple's streaming music service, but the final price could change, some of the people said.

Another concern for some publishers is that they likely wouldn't get access to subscriber data, including credit-card information and email addresses, the people said. Credit-card information and email addresses are crucial for news organizations that seek to build their own customer databases and market their products to readers. Digital subscriptions are powering growth at big publishers including the Times, whose basic monthly subscription costs $15, the Post, which charges $10, and the Journal, which charges $39. Some of those companies are skeptical about giving up too much control to Apple, or cannibalizing their existing subscriptions to sign up lower-revenue Apple users, according to people familiar with the matter.

Facebook and Google were far from the only developers openly abusing Apple's Enterprise Certificate program meant for companies offering employee-only apps. A TechCrunch investigation uncovered a dozen hardcore pornography apps and a dozen real-money gambling apps that escaped Apple's oversight. From the report: The developers passed Apple's weak Enterprise Certificate screening process or piggybacked on a legitimate approval, allowing them to sidestep the App Store and Cupertino's traditional safeguards designed to keep iOS family friendly. Without proper oversight, they were able to operate these vice apps that blatantly flaunt Apple's content policies. The situation shows further evidence that Apple has been neglecting its responsibility to police the Enterprise Certificate program, leading to its exploitation to circumvent App Store rules and forbidden categories.

An anonymous reader shares an excerpt from a Bloomberg report: Apple's new campus in Cupertino, California, is a symbol of how the company views itself as an employer: simultaneously inspiring its workers with its magnificent scale while coddling them with its four-story cafe and 100,000-square-foot fitness center. But one group of Apple contractors finds another building, six miles away on Hammerwood Avenue in Sunnyvale, to be a more apt symbol. This building is as bland as the main Apple campus is striking. From the outside, there appears to be a reception area, but it's unstaffed, which makes sense given that people working in this satellite office -- mostly employees of Apple contractors working on Apple Maps -- use the back door. Workers say managers instructed them to walk several blocks away before calling for a ride home. Several people who worked here say it's widely referred to within Apple as a "black site," as in a covert ops facility.

Inside the building, say former workers, they came to expect the vending machines to be understocked, and to have to wait in line to use the men's bathrooms. Architectural surprise and delight wasn't a priority here; after all, the contract workers at Hammerwood almost all leave after their assignments of 12 to 15 months are up. It's not uncommon for workers not to make it that long. According to 14 current and former contractors employed by Apex Systems, a firm that staffs the building as well as other Apple mapping offices, they operated under the constant threat of termination. "It was made pretty plain to us that we were at-will employees and they would fire us at any time," says one former Hammerwood contractor, who, like most of the workers interviewed for this story, spoke on condition of anonymity because he signed a nondisclosure agreement with Apex. "There was a culture of fear among the contractors which I got infected by and probably spread." Apex manages the workers it hires -- not Apple. "Following an inquiry from Bloomberg News, the company says, it conducted a surprise audit of the Hammerwood facility and found a work environment consistent with other Apple locations," reports Bloomberg.

"Like we do with other suppliers, we will work with Apex to review their management systems, including recruiting and termination protocols, to ensure the terms and conditions of employment are transparent and clearly communicated to workers in advance," an Apple spokesperson says in a statement.

For those hoping the next iPhone would ditch the Lightning port in favor of the more versatile USB-C port, you'll surely be disappointed by the latest rumor. "Japanese site Macotakara says that not only will the 2019 iPhone use Lightning, Apple will also continue to bundle the same 5W charger and USB-A to Lightning cable in the box," reports 9to5Mac. "This is seen as a cost saving measure. It seems that customers wanting faster iPhone charge times will still have to buy accessories, like the 12W iPad charger." From the report: The site explains that Lightning port is not going anywhere and Apple is resistant to changing the included accessories to maintain production costs. Apple can benefit from huge economies of scale by selling the same accessories for many generation. As such, Apple apparently will keep bundling Lightning EarPods, Lightning to USB-A cable, and the 5W USB power adaptor, with the 2019 iPhone lineup. This is disappointing as Apple began shipping an 18W USB-C charger with its iPad Pro line last fall, and many expected that accessory to become an iPhone standard too. Even if the iPhone keeps the Lightning port, Lightning can support fast-charging over the USB Type-C protocol. It's not clear if the cost savings of this decision would be passed on to consumers with lower cost 2019 iPhone pricing.

Motherboard's Joseph Cox and Jason Koebler report of the underground industry where thieves, coders, and hackers work to remove a user's iCloud account from a phone so that they can then be resold. They reportedly are able to do this by phishing the phone's original owners, or scam employees at Apple Stores, which have the ability to override iCloud locks. The other method (that is very labor intensive and rare) involves removing the iPhone's CPU from the Logic Board and reprogramming it to create what is essentially a "new" device. It is generally done in Chinese refurbishing labs and involves stealing a "clean" phone identification number called an IMEI. Here's an excerpt from their report: Making matters more complicated is the fact that not all iCloud-locked phones are stolen devices -- some of them are phones that are returned to telecom companies as part of phone upgrade and insurance programs. The large number of legitimately obtained, iCloud-locked iPhones helps supply the independent phone repair industry with replacement parts that cannot be obtained directly from Apple. But naturally, repair companies know that a phone is worth more unlocked than it is locked, and so some of them have waded into the hacking underground to become customers of illegal iCloud unlocking companies.

In practice, "iCloud unlock" as it's often called, is a scheme that involves a complex supply chain of different scams and cybercriminals. These include using fake receipts and invoices to trick Apple into believing they're the legitimate owner of the phone, using databases that look up information on iPhones, and social engineering at Apple Stores. There are even custom phishing kits for sale online designed to steal iCloud passwords from a phone's original owner. [...] There are many listings on eBay, Craigslist, and wholesale sites for phones billed as "iCloud-locked," or "for parts" or something similar. While some of these phones are almost certainly stolen, many of them are not. According to three professionals in the independent repair and iPhone refurbishing businesses, used iPhones -- including some iCloud-locked devices -- are sold in bulk at private "carrier auctions" where companies like T-Mobile, Verizon, Sprint, AT&T, and cell phone insurance providers sell their excess inventory (often through third-party processing companies.)

An anonymous reader quotes a report from Ars Technica: Apple will design its own modems in-house, according to sources that spoke with Reuters. In doing so, the company may hope to leave behind Intel modems in its mobile devices, which Apple has used since a recent falling out with Qualcomm. According to the sources, the team working on modem design now reports to Johny Srouji, Apple's senior vice president of hardware technologies. Srouji joined Apple back in 2004 and led development of Apple's first in-house system-on-a-chip, the A4. He has overseen Apple silicon ever since, including the recent A12 and A12X in the new iPhone and iPad Pro models.

Before this move, Apple's modem work ultimately fell under Dan Riccio, who ran engineering for iPhones, iPads, and Macs. As Reuters noted, that division was heavily focused on managing the supply chain and working with externally made components. The fact that the team is moving into the group focused on developing in-house components is a strong signal that Apple will not be looking outside its own walls for modems in the future. In recent years, Apple has been locked in a costly and complex series of legal battles with Qualcomm, the industry's foremost maker of mobile wireless chips. While Apple previously used Qualcomm's chips in its phones, the legal struggles led the tech giant to turn instead to Intel in recent iPhones.