Apple is "likely" to announce its long-rumored mixed-reality headset as soon as January 2023, Apple analyst Ming-Chi Kuo has reiterated. MacRumors reports: In a detailed post on Medium, Kuo explained that Apple's headset will be a "game-changer" for the augmented-reality and virtual-reality market. Describing some of the headset's functionality, Kuo said that while Apple has repeatedly touted its focus on AR, the headset will "offer an excellent immersive experience" and a "video see-thru" mode. The headset is expected to boost demand for immersive gaming and multimedia entertainment experiences.

Kuo said that the device is "the most complicated product Apple has ever designed," leading Apple to use components from many of its existing suppliers. Kuo also believes that Apple will be an industry leader in the headset space, has "significant competitive advantages," and does not need to join the Metaverse Standards Forum. Notably, Kuo thinks that rivals will race to imitate Apple's headset once it launches, "leading the headset hardware industry to the next stage of rapid growth."

"The most impactful change to come out of WWDC had nothing to do with APIs, a new framework or any hardware announcement," writes Jordan Morgan via Daring Fireball. "Instead, it was a change I've been clamoring for the last several years -- and it's one that's incredibly indie friendly. As you've no doubt heard by now, I'm of course talking about iCloud enabled apps now allowing app transfers." 9to5Mac explains how it works: According to Apple, you already could transfer an app when you've sold it to another developer or you would want to move it to another App Store Connect account or organization. You can also transfer the ownership of an app to another developer without removing it from the App Store. The company said: "The app retains its reviews and ratings during and after the transfer, and users continue to have access to future updates. Additionally, when an app is transferred, it maintains its Bundle ID -- it's not possible to update the Bundle ID after a build has been uploaded for the app."

The news here is that it's easier for developers to transfer the ownership of apps that use iCloud. Apple said that if your app uses any of the following, it will be transferred to the transfer recipient after they accept the app transfer: iCloud to store user data; iCloud containers; and KVS identifiers are associated with the app.

The company said: "If multiple apps on your account share a CloudKit container, the transfer of one app will disable the other apps' ability to read or store data using the transferred CloudKit container. Additionally, the transferor will no longer have access to user data for the transferred app via the iCloud dashboard. Any app updates will disable the app's ability to read or store data using the transferred CloudKit container. If your app uses iCloud Key-Value Storage (KVS), the full KVS value will be embedded in any new provisioning profiles you create for the transferred app. Update your entitlements plist with the full KVS value in your provisioning profile." You can learn more about the news via this Apple Developer page.

Tapping on images of traffic lights or deciphering squiggly text to prove you are human will soon be a much less common nuisance for iPhone users, as iOS 16 introduces support for bypassing CAPTCHAs in supported apps and websites. From a report: The handy new feature can be found in the Settings app under Apple ID > Password & Security > Automatic Verification. When enabled, Apple says iCloud will automatically and privately verify your device and Apple ID account in the background, eliminating the need for apps and websites to present you with a CAPTCHA verification prompt.

CNN reports that Apple workers in Towson, Maryland have voted to form the first-ever labor union at one of Apple's U.S. stores: The landmark union election concluded on Saturday evening with 65 workers voting for the unionization and 33 against it, a nearly two-to-one margin in favor of the union, according to a preliminary tally from the National Labor Relations Board.

The victory for union organizers at the Apple store in the Towson Town Center, a mall near Baltimore, comes amid a broader wave of workplace activism that has emerged in the wake of the Covid-19 pandemic. The US labor market has tipped much more strongly in favor of workers over the past two years. There are now roughly twice as many job openings as there are unemployed people looking for work, leaving employers scrambling to fill jobs... That has made employees who are dissatisfied with their jobs more willing to demand better working conditions, including through unionization.

The major issue driving the organizing vote was workers wanting to have a say in the way the store is run, said Christie Pridgen, a technical expert at the store and one of the organizers. Pridgen, 34, said she's worked at the store for more than 8 years. "Compensation is important, considering the cost of living in general and inflation, but the bigger thing is having a say," she told CNN Business Saturday night after the vote. "That was the most important thing to me." Pridgen said workers having a say in hours and scheduling and being involved in establishing safety protocols during the pandemic were the big issues. "We wanted a say in the policies that affect our lives," she said, adding that she wasn't surprised by the outcome of the vote, but was relieved.

"I knew I wasn't alone in being frustrated," she said.
"An Apple spokesperson declined to comment on the vote."

From the MacRumors blog earlier this week: Germany's Federal Cartel Office, the Bundeskartellamt, has initiated proceedings against Apple to investigate whether its tracking rules and anti-tracking technology are anti-competitive and self-serving, according to a press release. The proceeding announced will review under competition law Apple's tracking rules and specifically its App Tracking Transparency Framework (ATT) in order to ascertain whether they are self-preferencing Apple or being an impediment to third-party apps...

Introduced in April 2021 with the release of iOS 14.5 and iPadOS 14.5, Apple's App Tracking Transparency Framework requires that all apps on âOEiPhoneâOE and âOEiPadâOE ask for the user's consent before tracking their activity across other apps. Apps that wish to track a user based on their device's unique advertising identifier can only do so if the user allows it when prompted.

Apple said the feature was designed to protect users and not to advantage the company... Earlier this year it commissioned a study into the impact of ATT that was conducted by Columbia Business School's Marketing Division. The study concluded that Apple was unlikely to have seen a significant financial benefit since the privacy feature launched, and that claims to the contrary were speculative and lacked supporting evidence.
The technology/Apple blog Daring Fireball offers its own hot take: In Germany, big publishing companies like Axel Springer are pushing back against Google's stated plans to remove third-party cookie support from Chrome. The notion that if a company has built a business model on top of privacy-invasive surveillance advertising, they have a right to continue doing so, seems to have taken particular root in Germany. I'll go back to my analogy: it's like pawn shops suing to keep the police from cracking down on a wave of burglaries....

The Bundeskartellamt perspective here completely disregards the idea that surveillance advertising is inherently unethical and Apple has studiously avoided it for that reason, despite the fact that it has proven to be wildly profitable for large platforms. Apple could have made an enormous amount of money selling privacy-invasive ads on iOS, but opted not to.

An anonymous reader quotes a report from ZDNet: The memory of "Batterygate" continues to be a thorn in Apple's side. In case you need a reminder, "Batterygate" refers to a 2016/17 scandal where Apple added an undocumented battery throttling capabilities to iOS 10.2.1 designed to slow the performance of the iPhone if the battery was deemed to be worn. It also came with unexpected side effects, causing handsets to reboot in cold weather or when the battery's charge level was low. The feature was initially rolled out to iPhone 6, iPhone 6s, and iPhone SE and later expanded to include the iPhone 7, 7 Plus, 8, 8 Plus and iPhone X models.

This latest UK-based multimillion-pound legal claim has been launched by Justin Gutmann, a consumer rights campaigner, and alleges that Apple deliberately misled users, and rather than roll out a battery recall or replacement program; the company instead pushed out this feature to cover up the fact that older iPhone batteries were not able to cope with the new power demands put on them.

Apple did eventually roll out a $29 battery replacement program, a program that saw the company carry out 11 million battery replacements in 2018, compared to the 1 to 2 million that would normally be carried out in a year. This resulted in Apple issuing a profit warning in January 2019, the company's first since 2002. If Apple loses, the company could be forced to pay damages of more than $950m to the 25 million people who purchased affected iPhones. Following the US settlement in March 2020, Apple agreed to settle a class-action lawsuit over the same issue, paying out $25 per iPhone, with the total capped at $310m. "We have never -- and would never -- do anything to intentionally shorten the life of any Apple product or degrade the user experience to drive customer upgrades," Apple said in a statement on Thursday. "Our goal has always been to create products that our customers love, and making iPhones last as long as possible is an important part of that."

"Researchers at MIT have discovered an unfixable vulnerability in Apple Silicon that could allow attackers to bypass a chip's 'last line of defense'," writes the Apple Insider blog, "but most Mac users shouldn't be worried." More specifically, the team at MIT's Computer Science & Artificial Intelligence Laboratory found that Apple's implementation of pointer authentication in the M1 system-on-chip can be overcome with a specific hardware attack they've dubbed "PACMAN." Pointer authentication is a security mechanism in Apple Silicon that makes it more difficult for attackers to modify pointers in memory. By checking for unexpected changes in pointers, the mechanism can help defend a CPU if attackers gain memory access.... The flaw comes into play when an attacker successfully guesses the value of a pointer authentication code and disables it.

The researchers found that they could use a side-channel attack to brute-force the code. PACMAN echoes similar speculative execution attacks like Spectre and Meltdown, which also leveraged microarchitectural side channels. Because it's a flaw in the hardware, it can't be fixed with a software patch.

[A]ctually carrying out the PACMAN attack requires physical access to a device, meaning the average Mac user isn't going to be at risk of exploit. The flaw affects all kinds of ARM-based chips — not just Apple's. The vulnerability is more of a technological demonstration of a wider issue with pointer authentication in ARM chips, rather than an issue that could lead to your Mac getting hacked.
MIT has made more information available at the site PACMANattack.com — including answers to frequently asked questions. Q: Is PACMAN being used in the wild?
A: No.
Q: Does PACMAN have a logo?
A: Yeah!
The MIT team says their discovery represents "a new way of thinking about how threat models converge in the Spectre era." But even then, MIT's announcement warns the flaw "isn't a magic bypass for all security on the M1 chip." PACMAN can only take an existing bug that pointer authentication protects against, and unleash that bug's true potential for use in an attack by finding the correct PAC. There's no cause for immediate alarm, the scientists say, as PACMAN cannot compromise a system without an existing software bug....

The team showed that the PACMAN attack even works against the kernel, which has "massive implications for future security work on all ARM systems with pointer authentication enabled," says Ravichandran. "Future CPU designers should take care to consider this attack when building the secure systems of tomorrow. Developers should take care to not solely rely on pointer authentication to protect their software."
TechCrunch obtained a comment from Apple: Apple spokesperson Scott Radcliffe provided the following: "We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these techniques. Based on our analysis as well as the details shared with us by the researchers, we have concluded this issue does not pose an immediate risk to our users and is insufficient to bypass operating system security protections on its own."

Apple's M1 chips have an "unpatchable" hardware vulnerability that could allow attackers to break through its last line of security defenses, MIT researchers have discovered. TechCrunch reports: The vulnerability lies in a hardware-level security mechanism utilized in Apple M1 chips called pointer authentication codes, or PAC. This feature makes it much harder for an attacker to inject malicious code into a device's memory and provides a level of defense against buffer overflow exploits, a type of attack that forces memory to spill out to other locations on the chip. Researchers from MIT's Computer Science and Artificial Intelligence Laboratory, however, have created a novel hardware attack, which combines memory corruption and speculative execution attacks to sidestep the security feature. The attack shows that pointer authentication can be defeated without leaving a trace, and as it utilizes a hardware mechanism, no software patch can fix it.

The attack, appropriately called "Pacman," works by "guessing" a pointer authentication code (PAC), a cryptographic signature that confirms that an app hasn't been maliciously altered. This is done using speculative execution -- a technique used by modern computer processors to speed up performance by speculatively guessing various lines of computation -- to leak PAC verification results, while a hardware side-channel reveals whether or not the guess was correct. What's more, since there are only so many possible values for the PAC, the researchers found that it's possible to try them all to find the right one.

Apple announced on Friday that it's once again updated its rules about how Dutch dating apps can use third-party payment systems, after the company had "productive conversations with the Netherlands Authority for Consumers and Markets (ACM)." From a report: The updated rules give developers more flexibility about which payment systems they use, change the language users see when they go to pay, and remove other restrictions that the previous rules put in place. While the rules aren't wide-reaching (again, they only apply to Dutch dating apps), they do show what Apple's willing to do to comply with government regulation -- which it could be facing a lot more of as the EU and US gear up to fight tech monopolies, and potentially even force the company to ditch the iPhone's Lightning port.

In December the ACM announced a ruling that Apple had to let dating apps use payment services besides the one built into iOS, after the regulator received a complaint from Match Group, the company behind dating services like Tinder, Match.com, and OkCupid. Since then, Apple has proposed a variety of solutions for complying with the order, which the regulator has said aren't good enough. In May, the ACM said that Apple's most recent rules, the ones prior to the Friday update, were improvements over its past ideas, but that they still didn't comply with Dutch and European laws. There's been increasing pressure for Apple to comply: even while the company works on changes, it's been racking up tens of millions of Euros in fines.

The UK's Competition and Markets Authority (CMA) has concluded that Google and Apple "hold all the cards" when it comes to mobile phones a year after taking a closer look at their "duopoly." It's now consulting on the launch of a market investigation into the tech giants' market power in mobile browsers, as well as into Apple's cloud gaming restrictions. From a report: In addition, the CMA has launched a separate investigation into Google's Play Store rules -- the one that requires certain app developers to use the tech giant's payment system for in-app purchases, in particular. The CMA has concluded after its year-long study that the tech giants do indeed exhibit an "effective duopoly" on mobile ecosystems. A total of 97 percent of all mobile web browsing in the UK is powered by Apple's and Google's browser engines. iPhones and Android devices typically come with Safari and Chrome pre-installed, which means their browsers have the advantage from the start. Further, Apple requires developers to make sure their iOS and iPadOS apps are using its WebKit engine to browse the web. That limits the incentives Apple may have to invest in Safari, the CMA said.

Apple plans to expand the lineup of laptops using its new, speedier in-house chips next year, aiming to grab a bigger share of the market, Bloomberg News reported Thursday, citing people with knowledge of the matter said. From the report: The company is working on a larger MacBook Air with a 15-inch screen for release as early as next spring, said the people, who asked not to be identified because the plans aren't public. This would mark the first model of that size in the MacBook Air's 14-year history. Apple is also developing what would be its smallest new laptop in years. The new models underscore Apple's strategy to use homegrown processors to make gains in a market led by Lenovo and HP. The company began splitting from longtime partner Intel in 2020 and announced its latest chip, the M2, at a developers conference earlier this week. Better performance and new designs have helped spur a resurgence for the Mac lineup, which accounts for about 10% of Apple's sales.

An anonymous reader quotes a report from TechCrunch: A new security feature in Apple's upcoming macOS 13 Ventura will automatically block new USB-C devices from communicating with the operating system until the accessory can be approved by the user. Apple dropped details of the new security feature in its release notes, which appears to be aimed at protecting newer Apple laptops that run its bespoke M1 or M2 chips from potentially malicious accessories.

According to Apple's description, the feature will be enabled by default and will require the user to approve a USB-C accessory before it can talk to the operating system -- essentially an on-screen pop-up asking the user for permission. Apple says this doesn't apply to power adapters, standalone displays, and connections to an approved hub -- and devices can still charge even if you don't approve the accessory. Apple says that accessories that are already connected will automatically work when updating to the new macOS software.

An anonymous reader quotes a report from Ars Technica: One of the few things that Intel Macs can do that Apple Silicon Macs can't is run operating systems written for Intel or AMD processors inside of virtual machines. Most notably, this has meant that there is currently no legal way to run Windows on an Apple Silicon Mac. Apple Silicon Macs can, however, run operating systems written for Arm processors inside of virtual machines, including other versions of macOS and Arm-compatible versions of Linux. And those Linux VMs are getting a new feature in macOS Ventura: the ability to run apps written for x86 processors using Rosetta, the same binary translation technology that allows Apple Silicon Macs to run apps written for Intel Macs.

Apple's documentation will walk you through the requirements for using Rosetta within a Linux guest operating system -- it requires creating a shared directory that both macOS and Linux can access and running some terminal commands in Linux to get it set up. But once you do those steps, you'll be able to enjoy the wider app compatibility that comes with being able to run x86 code as well as Arm code. Some developers, including Hector Martin of the Asahi Linux project and Twitter user @never_released, have already found that these steps can also enable Rosetta on non-Apple ARM CPUs as long as they're modern enough to support at least version 8.2 of the Arm instruction set. As Martin points out, this isn't strictly legal because of macOS's licensing restrictions, and there are some relatively minor Apple-specific hardware features needed to unlock Rosetta's full capabilities.

Apple announced some major new features for Mail that finally bring the email app closer to parity with Gmail and other popular email clients. From a report: Perhaps the most useful will be an undo send feature, which will let you call back an email within 10 seconds of hitting the send button. A "remind me" feature will let you set a time for an email to come back to the top of your inbox. A new scheduled send feature that allows you to specify exactly when an email should go out. And Mail will even tell you when it thinks you've forgotten to include an attachment.

The European Commission, the executive arm of the European Union, is going to force smartphone manufacturers like Apple and other electronics makers to equip their devices with a standard USB-C charging port. From a report: EU lawmakers on Tuesday agreed to a single mobile charging port for mobile phones, tablets and cameras. It means equipment makers will have to comply with the new terms by 2024. "We have a deal on the #CommonCharger!" EU commissioner Thierry Breton said via Twitter. The legislation is designed to cut waste and make life easier for consumers who would theoretically be able to use one charger for multiple devices. It could have a huge impact on Apple, as the company still uses its own Lightning connector to charge iPhones. The company has recently equipped iPads and MacBooks with USB-C ports. Apple did not immediately respond to a CNBC request for comment. However, a spokesperson for the company said last September that the firm stands for "innovation and deeply cares about the customer experience."

An anonymous reader quotes a report from CNET: The next generation of CarPlay will be compatible with a variety of aspect ratios -- from portrait to landscape -- and can even adapt to multidisplay dashboards, including vehicles with digital instrument clusters or with ultrawide pillar-to-pillar displays. CarPlay will be more integrated with all the host vehicle's systems. Beyond its current navigation and media consumption functionalities, Apple CarPlay will handle traditional instrumentation like speedometer, tachometer, temperature gauges and fuel or EV battery level displays. Users will be able to adjust their climate controls, activate seat heaters, monitor air quality and even tie into Apple's smart home technologies directly from the CarPlay interface.

As with the next generation of iOS on the phone, Apple is also giving CarPlay users the ability to customize how CarPlay looks with selectable themes, backgrounds and widgets. From loud pink analog-style gauges to slick numerical displays and bar graphs, CarPlay will be able to match a wide range of vehicle interior designs and personal aesthetic tastes. Perhaps most interestingly, Apple says that this new full-fat approach to CarPlay as a complete vehicle interface will continue to be powered entirely by the connected iPhone, giving Apple an unprecedented amount of control over the vehicle's operation as well as access to data generated by each host vehicle. According to Apple, the first vehicles to support the new CarPlay update should be announced in late 2023. It lists Acura, Audi, Ford, Honda, Jaguar-Land Rover, Lincoln, Mercedes-Benz, Nissan, Porsche, Volvo and Polestar as partners that are "excited to bring this new vision of CarPlay to customers."

At this year's WWDC, Apple announced a surprising new system coming to its Metal 3 gaming API that may sound familiar to PC gamers: MetalFX Upscaling. Ars Technica reports: The system will leverage Apple's custom silicon to reconstruct video game graphics using lower-resolution source images so that games can run more efficiently at lower resolutions while looking higher-res. This "temporal reconstruction" system sounds similar to existing offerings from AMD (FidelityFX Super Resolution 2.0) and Nvidia (Deep Learning Super-Sampling), along with an upcoming "XeSS" system from Intel. Based on how the system is described, it will more closely resemble AMD's system, since Apple has yet to announce a way for MetalFX Upscaling to leverage its custom-made "Neural Engine" system.

By announcing this functionality for some of the world's most popular processors, Apple is arguably letting more game developers build their games and engines with image reconstruction -- even if MetalFX Upscaling isn't open source, unlike AMD's FSR 2.0 system. Still, these image reconstruction systems typically have temporal anti-aliasing (TAA) in common. So long as game devs keep that kind of anti-aliasing in mind with their games and engines, they'll be more likely to take advantage and thus run more efficiently on a wide range of consoles, computers, and smartphones. The report notes that Metal 3 also includes "a new 'resource-loading' API designed to streamline asset-loading processes in video games." The same Metal 3 API benefits will also come to iPadOS 16 later this year.

Apple brought its iPad tablet a bit closer to the Mac computers in spirit on Monday at WWDC 2022, announcing new features for its iPadOS 16 software that add better multitasking features. From a report: The new changes to the iPad represent another key shift to the device, aiming to advance the "pro" capabilities of Apple's tablets. While Apple's added to the power and capabilities of its iPads, the software has been criticized by many reviewers, including us at CNET, for not offering enough functionality. [...] Apple also has a collaborative workspace app called Freeform, coming later this year, that will work like a giant whiteboard. Invited collaborators could can start adding stuff at the same time.

iPadOS 16 is also aiming to make better use of more advanced iPads that feature Apple's M1 chip. Metal 3 promises better graphics, but Apple's also aiming to add more desktop-like features in apps: Some will have customizable toolbars, and the Files app looks like it's finally getting a little more versatile for file management. M1 iPads are getting display scaling to create an effectively larger-feeling display, allowing more app screen space (but with smaller text and images). There's also free-form window resizing, along with external display support. Both features have been overdue on iPadOS. Stage Manager, a MacOS feature that's coming later this year, is also on iPadOS. The result looks to be windows that can overlap and be different sizes, just like a Mac.

Apple demonstrated "passkeys" at WWDC 2022, a new biometric sign-in standard that could finally kill off the password for good. TechCrunch reports: Passkeys are based on the Web Authentication API (WebAuthn), a standard that uses public-key cryptography instead of passwords for authenticating users to websites and applications, and are stored on-device rather than on a web server. The digital password replacement uses Touch ID or Face ID for biometric verification, which means that rather than having to input a long string of characters, an app or website you're logging into will push a request to your phone for authentication.

During its WWDC demo of the password-free technology, Apple showed how passkeys are backed up within the iCloud Keychain and can be synced across Mac, iPhone, iPad and Apple TV with end-to-end encryption. Users will also be able to sign in to websites and apps on non-Apple devices using an iPhone or iPad to scan a QR code and Touch ID or Face ID to authenticate. "Because it's just a single tap to sign in, it's simultaneously easier, faster and more secure than almost all common forms of authentication today," said Garrett Davidson, an Apple engineer on the Authentication Experience team.

At its WWDC event today, Apple previewed several new features coming with iOS 16, which will debut this fall after spending the summer in beta testing. An anonymous reader quotes a report from The Verge: The lock screen is at the center of Apple's iOS 16 updates, starting with the ability to customize fonts and colors used. It will be possible to add widgets and configure multiple lock screens that you can switch between by swiping across the screen. Different focus modes can also be assigned to different lock screens. Apple-supplied wallpapers get a refresh too, with animated and Pride-themed choices. Notifications appear on the lock screen differently, too. Instead of piling up across the screen, they "roll in" at the bottom of the screen. There's also a "live activities" feature to display notifications associated with an event like an Uber ride or sporting event in a single tile. There's a major update coming to messages, too: iOS 16 adds the ability to edit typos out of sent messages, recall messages that you didn't mean to send, and the ability to mark a message thread as unread so you can come back to it later. SharePlay is also coming to messages.

Apple's powerful Live Text feature will be coming to video. Additionally, there will be more actions available when you use Live Text in photos or videos. Wallet gets some expanded features too, with a way to share saved IDs securely by supplying only necessary information. It'll be easier to share saved keys, too. Apple Pay gets a new "Pay Later" feature, adding the option to split a bill into four equal payments without interest or fees. Apple Maps will get multi-stop routing in iOS 16, and six more cities will be added to the "detailed city experience" introduced in iOS 15. Apple is also adding shared iCloud photo libraries, in an effort to make it easier to share certain photos across family and friends' accounts. Up to six users can access a shared library. Photos will include sharing suggestions, and image edits and keywords will be synced for all users. There's also a new feature called Safety Check, which is aimed to protect people in abusive situations. It allows you to easily revoke access to certain information, like location, that you may have shared with someone else previously. In order to download iOS 16, you'll need an iPhone 8 or later, meaning Apple is "more or less ending support for the iPhone 6S, iPhone 7, and original iPhone SE," reports The Verge.