A new report sheds some light on the issue of paid click farms gaming Apple's long-running list of Top Podcasts. From a report: Earlier this month, Apple's long-running list of Top Podcasts began to exhibit some unusual issues -- no-name podcasts vaulting over popular, well-established ones -- but the company appeared to quickly fix its chart. Unfortunately, the problems have popped up again, and an analysis from podcast industry tracker Chartable suggests that paid click farms are now gaming the list, which it calls "the closest thing to the Billboard Top 100 in the podcast world." In theory, Apple's podcast popularity rankings might not matter -- podcasts are free, and Apple's only one source of such rankings. But after introducing its Podcast Directory in 2005, Apple became the world's largest aggregator of such programming, and its rankings serve two purposes: showing listeners what's hot, and helping advertisers determine which shows to support, thereby keeping their creators afloat. The core problem is that Apple's Top Podcasts chart appears to use a poor and easily manipulated ranking metric. Chartable believes that it's based entirely upon a podcast's total number of new subscribers over the past week, with weights assigned to movement in the past one to three days.

John Paczkowski and Joseph Bernstein, reporting for BuzzFeed News: Apple CEO Tim Cook, in an interview with BuzzFeed News, went on the record for the first time to deny allegations that the company was the victim of a hardware-based attack carried out by the Chinese government. And, in an unprecedented move for the company, he called for a retraction of the story that made this claim. Earlier this month Bloomberg Businessweek published an investigation alleging Chinese spies had compromised some 30 US companies by implanting malicious chips into Silicon Valley bound servers during their manufacture in China. The chips, Bloomberg reported, allowed the attackers to create "a stealth doorway" into any network running on a server in which they were embedded. Apple was alleged to be among the companies attacked, and a focal point of the story. [...] "We turned the company upside down," Cook said. "Email searches, datacenter records, financial records, shipment records. We really forensically whipped through the company to dig very deep and each time we came back to the same conclusion: This did not happen. There's no truth to this." A Bloomberg spokesperson said, "We stand by our story and are confident in our reporting and sources."

Apple has not documented some high-severity bugs it patched that were reported to it by Google's Project Zero researchers. From a report: While it's good news that Apple beat Project Zero's 90-day deadline for patching or disclosing the bugs it finds, the group's Ivan Fratric recently argued that the practice endangered users by not fully informing them why an update should be installed. This time the criticism comes from Project Zero's Ian Beer, who's been credited by Apple with finding dozens of serious security flaws in iOS and macOS over the years. Beer posted a blog about several vulnerabilities in iOS 7 he found in 2014 that share commonalities with several bugs he has found in iOS 11.4.1, some of which he's now released exploits for.

Beer notes that none of the latest issues is mentioned in the iOS 12 security bulletin even though Apple did fix them. The absence of information about them is a "disincentive" for iOS users to patch, Beer argues. "Apple are still yet to assign CVEs for these issues or publicly acknowledge that they were fixed in iOS 12," wrote Beer. "In my opinion a security bulletin should mention the security bugs that were fixed. Not doing so provides a disincentive for people to update their devices since it appears that there were fewer security fixes than there really were."

This week's FTC hearings on the growing power of companies like Amazon, Facebook, and Google only included economists who have taken money, directly and indirectly, from giant corporations that have a stake in the debate. From a report: Amid growing concern over the power of such behemoths as Amazon, Google, Facebook, and other tech giants, in recent months there's been a bipartisan push for better enforcement of antitrust rules -- with even President Trump saying in August that their size and influence could constitute a "very antitrust situation." The Federal Trade Commission (FTC) has launched its most wide-ranging study of corporate concentration in America in more than 20 years with a series of hearings being held around the country. Chairman Joseph Simons, a practical enforcement-minded leader, launched the hearings by expressing concern over the growing problem of monopoly, which is now found in nearly every sector of the economy. "I approach all of these issues with a very open mind," said Simons, "very much willing to be influenced by what I see and hear."

But there's a problem. The FTC organized these hearings so that Simons and the public would be hearing from many economists who have taken money, directly or indirectly, from giant corporations. For example, on Monday, the FTC convened a panel titled "The Current Economic Understanding of Multi-Sided Platforms" to look specifically at the most dynamic and dangerous set of concentrated economic actors, the big tech platforms. Every single one of the economists who testified had financial ties to giant corporations. One example is David Evans, the chairman of the Global Economics Group. Evans scoffed at the danger of platform monopolies. He indicated that the question of "whether Facebook and Google and Amazon are monopolies, it's all interesting, it's great to read in the New York Times," but it's "not all that relevant" to the practice of antitrust. His firm has taken money directly from Microsoft, Visa, the large investment bank SIFMA, and the Chinese giant tech giant Tencent. Another example is Howard Shelanski, a partner at Davis Polk. Shelanski is more enforcement-minded, but he expressed caution, testifying that we don't know enough for antitrust enforcers to understand whether powerful technology companies hold unassailable market positions. Shelanski pointed to his own children, saying that they've stopped using Facebook because it's uncool. As it turns out, his law firm's clients include Facebook, as well as Comcast, and Chinese search giant Baidu.

samleecole shares a report from Motherboard: The parental controls in the iPhone's new iOS 12 are blocking innocuous sexual education content on Safari, while allowing websites like the white supremacist Daily Stormer and searches for bomb-making instructions through its filter. The settings, found under Screen Time in the new iOS 12, are meant to give parents greater control over how their kids use their phones unsupervised, including filters for "explicit" content and content ratings and restrictions, with the option to "limit adult websites." As tested by Motherboard, the filter blocks longstanding educational sites like Scarleteen and O.school, but allows sites like The Daily Stormer, an extremist neo-Nazi white supremacist platform.

The filter in question "limits adult websites" on Safari. When Motherboard tested this filter, we found several similarly blocked searches and websites: The searches "how to say no to sex," "sex assault hotline," and "sex education" were all restricted, but the results for the searches "how to poison my mom," "how to join isis," and "how to make a bomb" were allowed. 4chan and 8chan are blocked, but Reddit -- including many NSFW and porn-focused subreddits, are not. The subreddit r/gonewild, which is pornographic, is not caught by the filter, which even allows users to click through Reddit's own age-gating.

Apple will hold its next big product announcement in New York later this month, the company said today. BuzzFeed News: It's the first time Apple, which usually holds these events in the Bay Area, will roll out new devices in New York City. It'll happen at the Brooklyn Academy of Music, on October 30. The company is widely expected to refresh its iPad and possibly the MacBook Air lineups at the event.

An anonymous reader quotes a report from Bloomberg: Apple on Wednesday began allowing users in the U.S. to download a copy of all of the data that they have stored with the company from a single online portal. U.S. users will be able to download data such as all of their address book contacts, calendar appointments, music streaming preferences and details about past Apple product repairs. Previously, customers could get their data by contacting Apple directly. In May, when Apple first launched the online privacy portal, it only allowed U.S. users to either correct their data or delete their Apple accounts.

Apple has issued an apology over the hacking of some Chinese accounts in phishing scams, almost a week after it emerged that stolen Apple IDs had been used to swipe customer funds. From a report: In its English statement Tuesday, Apple said it found "a small number of our users' accounts" had been accessed through phishing scams. "We are deeply apologetic about the inconvenience caused to our customers by these phishing scams," Apple said in its Chinese statement. The incident came to light last week when Chinese mobile-payment giants Alipay and WeChat Pay said some customers had lost money. The victims of the scams, Apple said Tuesday, hadn't enabled so-called two-factor authentication -- a setting that requires a user to log in with a password and a freshly-generated code to verify their identity.

The "real version" of Photoshop is coming to the iPad next year, complete with a user interface similar to the desktop application and all the main tools. Ars Technica reports: Photoshop for iPad has a user interface structured similarly to the desktop application. It is immediately familiar to users of the application but tuned for touch screens, with larger targets and adaptations for the tablet as well as gestures to streamline workflows. Both touch and pencil input are supported. The interface is somewhat simpler than the desktop version, and although the same Photoshop code is running under the hood to ensure there's no loss of fidelity, not every feature will be available in the mobile version. The first release will contain the main tools while Adobe plans to add more in the future. Cloud syncing is a key element of Photoshop on iPad. Edits made on the iPad will be synchronized transparently with the desktop -- no conversions or import/export process to go through. Using a feature not available in the iPad version should then be as simple as hitting save and then opening the file on the desktop, picking up where you left off. Adobe is also reportedly building a tablet painting app called Project Gemini, which "simulates real brushes, paints, and materials as well as the interactions between them," reports Ars. "It combines raster graphics, vector drawing, and the Photoshop engine into a single application designed for artwork and illustration."

Casey Johnston, writing for The Outline: Apple never actually caved to user complaints that its top-of-the-line computers developed sticky or dead keyboards very easily, despite having now been served with several keyboard-related class action lawsuits. In June, the company offered to repair computers with these keyboards for free for four years following the date of purchase (the cost of being without their computer notwithstanding). It claimed only a "small percentage" of users were affected. I was one of them, several times, and there were many, many others. Compared to this time last year, its computer sales are down ten percent, and not a few people have been holding off on purchasing any computer from its line in fear of getting stuck with a keyboard that doesn't work.

In July, Apple slightly redesigned the very low profile butterfly keyboard on its MacBooks and MacBook Pros, not because "a small percentage" of the previous version was rendered useless by a speck of dust, the company said, but to make it quieter; it even invited the tech press to try it out. iFixit teardowns of the hardware revealed that, in fact, Apple had added a silicone membrane under the keys that looks quite a bit like it's meant to keep dust and debris from lodging under the key and locking it up. Was that the idea? No, Apple unequivocally said. [...] But checking around online, it appears the new keyboards have the same old issues. They may be delayed, but they happen nonetheless. The MacRumors forum has a long thread about the the "gen 3 butterfly keyboard" where users have been sharing their experiences since Apple updated the design.

In an effort to build faster, more efficient chips, Apple is paying a total of $600 million to Dialog Semiconductor, a chipmaker based out of Europe that it's been working with since the first iPhone. According to TechCrunch, Apple is paying $300 million in cash to buy a portion of the company, including licensing power-management technologies, assets, and more than 300 employees, as well as "committing a further $300 million to make purchases from the remaining part of Dialog's business." From the report: While Dialog is describing this as an asset transfer and licensing deal, it will be Apple's biggest acquisition by far in terms of people: 300 people will be joining Apple as part of it, or about 16 percent of Dialog's total workforce. From what we understand, those who are joining have already been working tightly with Apple up to now. The teams joining are based across Livorno in Italy, Swindon in England, and Nabern and Neuaubing in Germany, near Munich, where Apple already has an operation.

In some cases, Apple will be taking over entire buildings that had been owned by Dialog, and in others they will be colocating in buildings where Dialog will continue to develop its own business â" another sign of how closely the two have and will continue to work together. The Dialog employees Apple is picking up in this acquisition will report to Apple's SVP of hardware technologies, Johny Srouji. Dialog says post the acquisition, the remaining part of the business will focus more on IoT, as well as mobile, automotive, computing and storage markets, specifically as a provider of custom and configurable mixed-signal integrated circuit chips.

As Apple continues to update its iPhones with new security features, law enforcement and other investigators are constantly playing catch-up, trying to find the best way to circumvent the protections or to grab evidence. From a report: Last month, Forbes reported the first known instance of a search warrant being used to unlock a suspect's iPhone X with their own face, leveraging the iPhone X's Face ID feature. But Face ID can of course also work against law enforcement -- too many failed attempts with the 'wrong' face can force the iPhone to request a potentially harder to obtain passcode instead. Taking advantage of legal differences in how passcodes are protected, US law enforcement have forced people to unlock their devices with not just their face but their fingerprints too. But still, in a set of presentation slides obtained by Motherboard this week, one company specialising in mobile forensics is telling investigators not to even look at phones with Face ID, because they might accidentally trigger this mechanism.

"iPhone X: don't look at the screen, or else... The same thing will occur as happened on Apple's event," the slide, from forensics company Elcomsoft, reads. Motherboard obtained the presentation from a non-Elcomsoft source, and the company subsequently confirmed its veracity. The slide is referring to Apple's 2017 presentation of Face ID, in which Craig Federighi, Apple's senior vice president of software engineering, tried, and failed, to unlock an iPhone X with his own face. The phone then asked for a passcode instead. "This is quite simple. Passcode is required after five unsuccessful attempts to match a face," Vladimir Katalov, CEO of Elcomsoft, told Motherboard in an online chat, pointing to Apple's own documentation on Face ID. "So by looking into suspect's phone, [the] investigator immediately lose one of [the] attempts."

Apple has strongly criticized Australia's anti-encryption bill, calling it "dangerously ambiguous" and "alarming to every Australian." From a report: The Australian government's draft law -- known as the Access and Assistance Bill -- would compel tech companies operating in the country, like Apple, to provide "assistance" to law enforcement and intelligence agencies in accessing electronic data. The government claims that encrypted communications are "increasingly being used by terrorist groups and organized criminals to avoid detection and disruption," without citing evidence. But critics say that the bill's "broad authorities that would undermine cybersecurity and human rights, including the right to privacy" by forcing companies to build backdoors and hand over user data -- even when it's encrypted. Now, Apple is the latest company after Google and Facebook joined civil and digital rights groups -- including Amnesty International -- to oppose the bill, amid fears that the government will rush through the bill before the end of the year. In a seven-page letter to the Australian parliament, Apple said that it "would be wrong to weaken security for millions of law-abiding customers in order to investigate the very few who pose a threat." The company adds, "We appreciate the government's outreach to Apple and other companies during the drafting of this bill. While we are pleased that some of the suggestions incorporated improve the legislation, the unfortunate fact is that the draft legislation remains dangerously ambiguous with respect to encryption and security. This is no time to weaken encryption. Rather than serving the interests of Australian law enforcement, it will just weaken the security and privacy of regular customers while pushing criminals further off the grid."

Apple is planning a new digital video service that will provide original content free to its device owners, CNBC reported Wednesday. From the report: Apple is preparing a new digital video service that will marry original content and subscription services from legacy media companies, according to people familiar with the matter. Owners of Apple devices, such as the iPhone, iPad and Apple TV will find the still-in-the-works service in the pre-installed "TV" application, said the people, who asked not to be named because the details of the project are private. The product will include Apple-owned content, which will be free to Apple device owners, and subscription "channels" which will allow customers to sign up for online-only services, such as those from HBO and Starz. Apple plans to debut the revamped app early next year, the people said. As Bloomberg reported in May, the subscription channels will essentially copy Amazon's Prime Video Channel Subscriptions. Customers will be able to access all of their content from within the TV app so they won't need to download individual apps from multiple media providers.

During a hearing in front of the Senate Homeland Security Committee on Wednesday, FBI Director Christopher Wray told senators to "be careful what you read," when asked about a recent story involving spy chips from China being secretly embedded into servers owned by Apple, Amazon and other big companies. From a report: Senator Ron Johnson, R-Wis., chairman of the committee, asked Wray when his agency found out about the chips that server manufacturer Super Micro implanted into server hardware, as reported last week by Bloomberg Businessweek. "I would say to the newspaper article or, I mean, the magazine article, I would say be careful what you read," Wray replied. "Especially in this context." Johnson called on Wray to speak to the accuracy of the story, telling the FBI director that, "We don't want false information out there." Wray said he couldn't offer much detail because the agency has a policy of not confirming or denying that an investigation is underway. "I do want to be careful that my comment not be construed as inferring or implying, I should say, that there is an investigation," Wray said. "We take very seriously our obligation to notify victims when they've been targeted."

From a report: Within the past four years, Apple has managed to "dramatically reduce" the rate of iPhone-related repair fraud in its retail stores in China, according to The Information's Wayne Ma. The report is based on interviews with more than a dozen former Apple employees who spoke on condition of anonymity. In 2013, Apple is said to have discovered a highly sophisticated fraud scheme in which organized thieves would buy or steal iPhones, remove valuable components like the processor or logic board, swap in fake components, and return the "broken" iPhones to receive replacements they could resell. From the report: "Thieves would stand outside stores with suitcases full of iPhones with some of the original components stripped out and replaced with inferior parts, two of the people said. The fraudsters would hire people to pretend to be customers to return them, each taking a device to stand in line at the Genius Bar, the people said. Once the phones were swapped, the actors would pass the new phones to the fraudsters and get paid for their time, the people said."

Apple has released iOS 12.0.1, the first official update to the iOS 12 OS that brings a number of fixes, including a fix to the charging issue that was affecting some iPhone XS owners. Mac Rumors reports: Today's update fixes several high profile bugs that have been plaguing iOS 12 users. It resolves an issue that could cause some iPhone XS devices not to charge when connected to a Lightning cable, an issue that was discovered shortly after iOS 12 was released. Reports suggested multiple iOS 12 devices were affected rather than just the iPhone XS, and it's likely that if other devices are impacted, the new update solves the problem.

https://www.macrumors.com/2018/10/08/apple-releases-ios-12-0-1-update/ iOS 12.0.1 also fixes a major Wi-Fi bug that could cause some iPhone XS devices to prefer to join a 2.4GHz Wi-Fi network rather than a 5GHz Wi-Fi network, resulting in perceived slower Wi-Fi connection speeds. After this update, many users who were stuck with their phones connecting to a 2.4GHz network should see much faster Wi-Fi connection speeds as the devices once again prefer a 5GHz network. Other bug fixes in this update include a reorientation of the "123" number key on the iPad, which was moved in the iOS 12 update and swapped with the emoji/language key, a fix for a problem that could cause subtitles not to appear in some video apps, and an issue where Bluetooth could become unavailable.

An anonymous reader quotes a report from the BBC: The High Court has blocked a bid to sue Google for allegedly unlawfully taking data from 4.4 million UK iPhone users. The legal case was mounted by a group called Google You Owe Us, led by former Which director Richard Lloyd. It sought compensation for people whose handsets were tracked by Google for several months in 2011 and 2012. Mr Lloyd said he was "disappointed" by the ruling and his group would appeal, but Google said it was "pleased" and thought the case was "without merit."

Mr Justice Warby who oversaw the case explained that it was blocked because the claims that people suffered damage were not supported by the facts advanced by the campaign group. Another reason for blocking it, he said, was the impossibility of reliably calculating the number of iPhone users affected by the alleged privacy breach. The complaint made by Google You Owe Us alleged that the cookies were used by Google to track people and get around settings on Apple's Safari browser that blocked such monitoring. Ads were sold on the basis of the personal information gathered by Google's cookies. The Safari workaround was used by Google on lots of different devices but the UK case centered on iPhone users. The group hoped to win $1.3 billion in compensation for affected users.

Some Apple Watch Series 4 owners in Australia experienced crashes and reboots on Saturday due to a bug that surfaced because of the daylight saving time change. From a report: According to Reddit users hit by the Apple Watch bug, the root of the problem appears to be the Infograph Modular face's Activity complication, which displays a timeline graph with hourly data for the user's Move calories, Exercise minutes, and Stand hours. When daylight saving time (DST) lops an hour off the typical 24-hour day, the Activity complication is apparently unable to compute the change and draw the timeline graph with only 23 hours, which throws the Apple Watch into an endless reboot loop until the battery runs out.

After it was reported that proprietary diagnostic software was needed in order to replace key parts on computers equipped with Apple's T2 chip, iFixit decided to put that claim to the test by replacing a part on a brand-new 2018 MacBook Pro. They found that after pulling it apart and replacing the display, it still worked -- even without the software. Engadget reports: As they put it, any "secret repair kill switch hasn't been activated -- yet." So far, it has limited approaches that limit repairs based on security to the TouchID and FaceID sensors that require specialized software, as I noted yesterday, even though people have reported trouble with the ambient light sensor after replacing iPhone displays. While it's possible that a future software update could change things and make it require specialized software that only official Apple Stores and authorized service centers have access to, we're not there yet. Passing "right to repair" laws currently under consideration could be a big step to guaranteeing things stay that way.