OS X 10.10.3 update failed to fix Rootpipe vulnerability, says former NSA staffer

A former NSA staffer says that the OS X 10.10.3 update which Apple claims fixed a significant security vulnerability has failed to do so, reports Forbes. Patrick Wardle, who now heads up research at security firm Synack, demonstrated the vulnerability in a video (without revealing exactly how it was done) to allow Apple time to issue a further fix.

The Rootpipe vulnerability allows an attacker with local access to a Mac to escalate their privileges to root – allowing them full control of the machine – without further authentication. A second security researcher confirmed the flaw …  Read more

OS X 10.10.3 adds support for NVMExpress, enabling improved SSD speeds and performance

Screen Shot 2015-04-13 at 11.31.39 AM

Apple quietly slipped support for a feature called NVMExpress into the latest version of OS X, which shipped early last week. This addition to the software enables some newer Macs using PCIe-based solid-state drives to achieve greater data transfer speeds.

Not every Mac that uses an SSD for storage will be able to take advantage of this new protocol, however. The screenshot above comes from a late 2013 MacBook Pro with a solid-state drive that doesn’t support the feature. The newest 13-inch MacBook Pros are also left out. In fact, at the moment it appears that only the 12-inch MacBook sports a support drive.

Read more

Review: Fantastical 2 for Mac graduates to a full calendar replacement w/ Yosemite widget+extension, much more

Fantastical 2 Mac 1

Fantastical’s ability to parse natural language input and create detailed appointment entries on your calendar has always been the primary reason to use it instead of or in addition to Apple’s own Calendar app on the Mac. Apple Calendar has picked up some language parsing smarts in recent updates, too, but it still doesn’t match Fantastical’s control and real-time appointment preview.

Still, I say in addition to because Fantastical for Mac has lived in the menu bar next to your clock, WiFi status, and other utilities where you can quickly access it for reference or adding an appointment from anywhere in the OS. The menu bar app includes a compact month view calendar above a streamlined, scrollable list view of appointments and reminders, but sometimes it’s nice to stretch out and view your schedule in a different context.

So when Fantastical first debuted on iPad almost a year ago putting the efficient list view next to a larger full calendar, I wrote optimistically that “the iPad’s app design could spill over into a future version of the Mac app (maybe as a dock app rather than a menu bar app).”

What Fantastical 2 for Mac actually became is even better: the same menu bar calendar users know and love (but new and improved!), and a full-sized calendar app with an optional dock icon. Both have been designed with the aesthetics of OS X Yosemite in mind and loads of under-the-hood features and improvements including the ability to actually change which calendars you see based on your location. Read more

Yosemite & iOS 8 How-to: Set up and use AirDrop

Screenshot 2014-11-10 09.30.05

With Yosemite and iOS 8 you can use AirDrop to share files between your Mac and iOS devices. This is one of the features of Continuity, which further integrates and connects your Mac and iOS devices. Continuity also includes Handoff, Instant Hotspot, iPhone Cellular Calls and SMS Relay.

Initially AirDrop allowed you to share files between two Macs or between two iOS devices. Now, AirDrop allows you to share files and information between Mac and iOS devices. It is a device-to-device transfer that works even when the devices don’t have internet access, although Wi-Fi and Bluetooth have to be turned on. This includes sharing photos, videos, music, iWork documents, notes, contacts, links, directions and location data. Many third-party iOS apps like Dropbox, Runkeeper, eBay, Deliveries, and PDF Expert support AirDrop. Apple just added support to Logic to share files via AirDrop. When receiving a file, the recipient receives a notification, allowing them to download the file.

Read more

OS X Yosemite Spotlight search ignores Mail content setting posing potential security risk

OS X Yosemite Mail

Apple’s Mac operating system is generally considered to be secure, but German security researchers have discovered what appears to be an oversight in how OS X 10.10 Yosemite’s overhauled search feature, Spotlight, handles remote content loading in messages through the default Mail app.

As Ars Technica reports, Spotlight search on OS X Yosemite appears to be overriding Mail’s security feature that prevents content stored on remote servers like images from being loaded which spammers can use to track personal information including IP address and more. Read more

Apple seeds third OS X 10.10.2 beta highlighting fixes for WiFi, Mail, & VoiceOver

Yosemite 10.10.2 beta

Apple has seeded a new build of pre-release OS X Yosemite 10.10.2 highlighting focus ares including WiFi, Mail, and VoiceOver. The third tester preview of OS X 10.10.2 brings the build number up to 14C81f following build 14C78c released earlier this month. We’ll update with any notable changes spotted in the new release for testers. Read more

Twitterrific 5 for Mac may become the first casualty in Twitter’s war on developers, but it won’t be the last

twitter-image

If you open the Mac App Store right now and do a search for “twitter,” you’ll find results just like the ones in the image above. You may recognize the official Twitter app along with some of the most popular and prolific third-party clients. Right below Twitter for Mac you’ll find Twitterrific.

Twitterrific has been around for quite a while now, and was the very first native Twitter application ever built for Mac. It was also the first app to use the word “tweet” to refer to the posts on the network, and introduced many modern staples like conversations and replies. To this day it remains a popular choice among users and has seen many major updates and redesigns. It’s currently on its fourth major version.

In December 2012, Twitterrific 5 was released for iOS devices. The Iconfactory, Twitterrific’s developers, promised that a Mac version of the updated app was in development and would include support for the new iCloud syncing feature and an all-new design. Three days shy of a year after releasing the iPhone update, however, users were given what is currently the app’s most recent update. It included only two bug fixes. The developers have noted that the 5.0 update for Mac is facing big delays.

So what’s going on here? Why has it taken two years for any more news of the update? When will the new version finally be available?

The unfortunate truth? Not even the developers know.

Read more

Apple pushes Flash Player update to address security issues

Screen Shot 2014-11-20 at 8.32.58 PM

Apple has issued a new update for Adobe’s Flash Player browser plugin. The update fixes “a recently-identified Adobe Flash Player web plug-in vulnerability,” according to Apple’s website. Users will be automatically prompted to install the update when visiting a page that uses Flash Player.

The prompt in Safari will take users to the Flash Player download page on Adobe’s website. Users who haven’t yet seen the prompt can also go there to download the update now.

Evernote for OS X updated w/ Yosemite design, performance improvements, more

Evernote this afternoon has released a major update to its OS X desktop app, making both major design enhancements for Yosemite and under-the-hood performance improvements. The update, which the company says is a total rewrite of the app, adds an entirely redesigned interface with a new, lighter color scheme, as well as new icons.

At Evernote, we believe that speed and stability are essential for productivity. That’s why we’ve completely rewritten Evernote for Mac. Everenote is significantly faster, more reliable and consumes less energy than ever before. We’ve also added a number of new features!

In addition to the design improvements, Evernote also touts a variety of new features.

Read more