The ability to boot from an external drive on an Apple Silicon Mac may not be an option for much longer, with the creation and use of the drives apparently being phased out by Apple, according to developers of backup tools. Apple Insider reports: Mike Bombich, the founder of Bombich Software behind Carbon Copy Cloner, wrote in a May 19 blog post that the company will continue to make bootable backups for both Intel and Apple Silicon Macs, and will "continue to support that functionality as long as macOS supports it." However, with changes in the way a Mac functions with the introduction of Apple Silicon, the ability to use external booting could be limited, in part due to Apple's design decisions.

The first problem is with macOS Big Sur, as Apple made it so macOS resides on a "cryptographically sealed Signed System Volume," which could only be copied by Apple Software Restore. While CCC has experience with ASR, the tool was deemed to be imperfect, with it failing "with no explanation" and operating in a "very one-dimensional" way. The second snag was Apple Fabric, a storage system that uses per-file encryption keys. However, ASR didn't work for months until the release of macOS 11.3 restored it, but even then kernel panics ensued when cloning back to the original internal storage.

In December, Bombich spoke to Apple about ASR's reliability and was informed that Apple was working to resolve the problem. During the call, Apple's engineers also said that copying macOS system files was "not something that would be supportable in the future." "Many of us in the Mac community could see that this was the direction Apple was moving, and now we finally have confirmation," writes Bombich. "Especially since the introduction of APFS, Apple has been moving towards a lockdown of macOS system files, sacrificing some convenience for increased security." [...] While CCC won't drop the ability to copy the System folder, the tool is "going to continue to offer it with a best effort' approach." Meanwhile, for non-bootable data restoration, CCC's backups do still work with the macOS Migration Assistant, available when booting up a new Mac for the first time.

Apple today released macOS Big Sur 11.4, the fourth major update to the macOS Big Sur, operating system that launched in November 2020. From a report: The new macOS Big Sur 11.4 update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences. macOS Big Sur 11.4 lays the groundwork for two upcoming Apple Music features: Spatial Audio with Dolby Atmos and Lossless Audio, both of which will be available on the Mac. It also adds support for Apple Podcasts subscriptions, and fixes a number of bugs. Apple today also released iOS and iPadOS 14.6, marking the sixth major updates to the iOS and iPadOS operating systems that initially came out in September 2020. From a report: The iOS and iPadOS 14.5 updates can be downloaded for free and the software is available on all eligible devices over-the-air in the Settings app. To access the new software, go to Settings - General - Software Update. iOS 14.6 introduces support for several previously announced features. It lays the groundwork for the Apple Music Spatial Audio with Dolby Atmos and Lossless Audio functionality, but these new Apple Music capabilities aren't expected to launch until June. The update also adds support for Apple Card Family for sharing Apple Cards, it introduces new Podcast subscription options, and it adds new AirTags capabilities, in addition to addressing several bugs.

Apple's software engineering head Craig Federighi had a tricky task in the Epic v. Apple trial: explaining why the Mac's security wasn't good enough for the iPhone. From a report: Mac computers have an official Apple App Store, but they also allow downloading software from the internet or a third-party store. Apple has never opened up iOS this way, but it's long touted the privacy and security of both platforms. Then Epic Games sued Apple to force its hand, saying that if an open model is good enough for macOS, Apple's claims about iOS ring hollow. On the stand yesterday, Federighi tried to resolve this problem by portraying iPhones and Macs as dramatically different devices -- and in the process, threw macOS under the bus.

The second difference is data sensitivity. "iPhones are very attractive targets. They are very personal devices that are with you all the time. They have some of your most personal information -- of course your contacts, your photos, but also other things," he said. Mobile devices put a camera, microphone, and GPS tracker in your pocket. "All of these things make access or control of these devices potentially incredibly valuable to an attacker." That may undersell private interactions with Macs; Epic's counsel Yonatan Even noted that many telemedicine calls and other virtual interactions happen on desktop. Still, it's fair to say phones have become many people's all-purpose digital lockboxes. The third difference is more conceptual. Federighi basically says iOS users need to be more protected because the Mac is a specialist tool for people who know how to navigate the complexities of a powerful system, while the iPhone and iPad are -- literally -- for babies.

Craig Federighi is currently testifying during the Apple vs. Epic lawsuit. While facing questioning from Apple's lawyers, Federighi made some interesting comments about security, particularly noting that the Mac currently has a level of malware that Apple "does not find acceptable." 9to5Mac reports: One of Federighi's goals is to paint the iPhone ecosystem, including the App Store and lack of side-loading support, as a secure and trusted environment for users. To do this, it appears that part of Federighi's strategy is to throw the Mac under the bus. Judge Yvonne Gonzalez Rogers, who is presiding over the Epic vs. Apple case, asked Federighi about why the Mac can have multiple app stores, but not the iPhone. "It is regularly exploited on the Mac," Federighi explained. "iOS has established a dramatically higher bar for customer protection. The Mac is not meeting that bar today." "Today, we have a level of malware on the Mac that we don't find acceptable," Federighi added.

The Apple executive also pointed to Android as another example of a platform with multiple app stores that suffers from security problems. "It's well understood in the security community that Android has a malware problem," he explained. "iOS has succeeded so far in staying ahead of the malware problem." Federighi added that Apple is essentially playing "an endless game of whack-a-mole" with malware on the Mac and has to block "many instances" of infections that can affect "hundreds of thousands of people" every week. Since last May, Federighi testified there have been 130 types of Mac malware, and one of them infected 300,000 systems. When asked whether side-loading would affect security on iOS, Federighi said things would change "dramatically. No human policy review could be enforced because if software could be signed by people and downloaded directly, you could put an unsafe app up and no one would check that policy," he said.

Apple is preparing to release several new Mac laptops and desktops with faster processors, new designs and improved connectivity to external devices, accelerating the company's effort to replace Intel chips and leapfrog rival PC makers. From a report: The overhaul encompasses a broad range of Macs, including Apple's higher-end laptop, the MacBook Pro; the laptop aimed at the mass market, the MacBook Air; and its desktop computers, the Mac Pro, iMac and Mac mini, according to people familiar with the matter. Redesigned MacBook Pros are expected to debut as soon as early this summer, said the people, who requested anonymity to discuss an internal matter, followed by a revamped MacBook Air, a new low-end MacBook Pro and an all-new Mac Pro workstation.

The company is also working on a higher-end Mac mini desktop and larger iMac. The machines will feature processors designed in-house that will greatly outpace the performance and capabilities of the current M1 chips, the people said. Apple plans to launch the redesigned MacBook Pros in 14-inch (code name J314) and 16-inch screen (J316) sizes. They'll have a redesigned chassis, magnetic MagSafe charger and more ports for connecting external drives and devices. Apple is also bringing back the HDMI port and SD card slot, which it nixed in previous versions, sparking criticism from photographers and the like.

A newspaper in Austin, Texas shares the story behind a cult-classic videogame, the 1985 Macintosh shareware game "Cap'n Magneto."

It was the work of Al Evans, who'd "decided to live life to the fullest after suffering severe burn injuries in 1963" at the age of 17. Beneath the surface, "Cap'n Magneto" is a product of its creator's own quest to overcome adversity after a terrible car crash — an amalgamation of hard-earned lessons on the value of relationships, being an active participant in shaping the world and knowing how to move on... "Whether I was going to survive at all was very iffy," Evans said. "The chance of me living to the age of 28 or 30 was below 30% or something like that." Regardless of how much time he had left, Evans said he refused to let his injuries hold him back from living his life to the fullest. He would live his life with honesty, he decided, and do his best to always communicate with others truthfully. "I wasn't going to spend the next two years of my life dorking around different hospitals. So I said what's the alternative?" Evans said...

To float his many hobbies and interests, however, Evans knew he had to make money. In addition to doing work as a graphic designer and a translator, he picked up computer programming, which opened his eyes to a digital frontier that allowed for the creation of new worlds with the stroke of a keyboard. When he realized the technical capabilities of the Macintosh — the first personal computer that had a graphics-driven user interface and a built-in mouse function — Evans said he set out to build a world that could marry storytelling and graphics. With the help of his wife Cea, Evans created his one and only computer game: "Cap'n Magneto."

"I really wanted to write a good game, and I definitely think it was that," Evans said...

Australia-based gaming historian, author and journalist Richard Moss says, "What really marked it as different, though, was that the alien speech, once ungarbled by a tricorder item that players had to find, would be spoken aloud through the Mac's built-in speech synthesizer and written on-screen in comic-style speech bubbles," Moss said. "And unlike most role playing games of the time, every character you'd meet in the game could be friendly and helpful or cold and dismissive or aggressive and hostile — depending on a mix of random chance and player choice...."

With "Cap'n Magneto," Evans said he wanted to make sure that players could befriend the non-playable alien characters that the hero encounters. Though the game is beatable without their help, it is significantly easier with the help of allies. A reality in which everyone was an enemy, to Evans, was simply dishonest.

"That doesn't reflect the game of life, you know? Some people, well, most people actually, are probably pretty friendly," he said.
35 years after its release, Evans — now 75 years old — received a message on Facebook informing him that the game was still being played — but no one could finish it because the built-in "nagware" required payments that couldn't be completed.

That problem has finally been fixed, and long-time Slashdot reader shanen now shares the web site where the full game can finally be downloaded.

An anonymous reader quotes a report from The Register: A dozen Wi-Fi design and implementation flaws make it possible for miscreants to steal transmitted data and bypass firewalls to attack devices on home networks, according to security researcher Mathy Vanhoef. On Tuesday, Vanhoef, a postdoctoral researcher in computer security at New York University Abu Dhabi, released a paper titled, "Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation" [PDF]. Scheduled to be presented later this year at the Usenix Security conference, the paper describes a set of wireless networking vulnerabilities, including three Wi-Fi design flaws and nine implementation flaws. Vanhoef, who in 2017 along with co-author Frank Piessens identified key reinstallation attacks (KRACKs) on the WPA2 protocol (used to secure Wi-Fi communication), has dubbed his latest research project FragAttacks, which stands for fragmentation and aggregation attacks.

The dozen vulnerabilities affect all Wi-Fi security protocols since the wireless networking technology debuted in 1997, from WEP up through WPA3. [...] In total, 75 devices -- network card and operating system combinations (Windows, Linux, Android, macOS, and iOS) -- were tested and all were affected by one or more of the attacks. NetBSD and OpenBSD were not affected because they don't support the reception of A-MSDUs (aggregate MAC service data units). [...]

Patches for many affected devices and software have already been deployed, thanks to a nine-month-long coordinated responsible disclosure overseen by the Wi-Fi Alliance and the Industry Consortium for Advancement of Security on the Internet (ICASI). Linux patches have been applied and the kernel mailing list note mentions that Intel has addressed the flaws in a recent firmware update without mentioning it. Microsoft released its patches on March 9, 2021 when disclosure was delayed tho Redmond had already committed to publication. Vanhoef advises checking with the vendor(s) of Wi-Fi devices about whether the FragAttacks have been addressed. "[F]or some devices the impact is minor, while for others it's disastrous," he said.

"Chromium-based web browser Opera is all set to fully integrate with blockchain domain name provider Unstoppable Domains," reports TechRadar, "in a bid to provide millions of its users with decentralized web access." Opera users will now be able to access decentralized websites hosted via the InterPlanetary File System (IPFS) using Unstoppable Domains' popular .crypto NFT addresses from the Opera browser. This will include platforms such as iOS, Android, Windows, Mac or Linux. Right now, Opera has over 320 million monthly active users across its offerings, following the addition of a crypto wallet to its browsers in 2019.

Unstoppable Domains was launched in 2018 and provides domain names to users with no renewal fees. Users of Unstoppable Domains are granted full ownership and control when they claim a domain because it is minted as an NFT on the Ethereum blockchain. Domain names such as .crypto replace complex wallet addresses for payments across over 40 cryptocurrency wallets and exchanges in addition to accessing the decentralized web through Opera.

Maciej Kocemba, Product Director at Opera said that the company believes in giving all people the ability to access the full web, regardless of the technology behind it.
The Opera product director was further quoted by Business Insider: "We have always supported web innovation, and the decentralized web or Web3 is the natural next wave. Making Unstoppable Domains accessible in the Opera browsers means our users can try blockchain technologies for themselves. Registering your .crypto domain, which is forever yours, is a great first step into Web3," the company's product director Maciej Kocemba said.

Opera is quickly becoming a leader in pushing for the adoption of Web 3.0, also often described as the decentralized web.

The next generation of Mac processors designed by Apple entered mass production this month, Nikkei Asia reported Tuesday, citing sources, bringing the U.S. tech giant one step closer to its goal of replacing Intel-designed central processing units with its own. From the report: Shipments of the new chipset -- tentatively known as the M2, after Apple's current M1 processor -- could begin as early as July for use in MacBooks that are scheduled to go on sale in the second half of this year, the people said. The new chipset is produced by key Apple supplier Taiwan Semiconductor Manufacturing Co., the world's largest contract chipmaker, using the latest semiconductor production technology, known as 5-nanometer plus, or N5P. Producing such advanced chipsets takes at least three months. The start of mass production came as Apple introduced new iMac and iPad Pro models using the M1. The company said the M1 offers CPU performance up to 85% faster than an iMac using an Intel chipset, and graphics performance that is twice as fast.

Apple has spent years reinforcing macOS with new security features to make it tougher for malware to break in. But a newly discovered vulnerability broke through most of macOS' newer security protections with a double-click of a malicious app, a feat not meant to be allowed under Apple's watch. From a report: Worse, evidence shows a notorious family of Mac malware has already been exploiting this vulnerability for months before it was subsequently patched by Apple this week. Over the years, Macs have adapted to catch the most common types of malware by putting technical obstacles in their way. macOS flags potentially malicious apps masquerading as documents that have been downloaded from the internet. And if macOS hasn't reviewed the app -- a process Apple calls notarization -- or if it doesn't recognize its developer, the app won't be allowed to run without user intervention.

But security researcher Cedric Owens said the bug he found in mid-March bypasses those checks and allows a malicious app to run. Owens told TechCrunch that the bug allowed him to build a potentially malicious app to look like a harmless document, which when opened bypasses macOS' built-in defenses when opened. "All the user would need to do is double click -- and no macOS prompts or warnings are generated," he told TechCrunch. Owens built a proof-of-concept app disguised as a harmless document that exploits the bug to launch the Calculator app, a way of demonstrating that the bug works without dropping malware. But a malicious attacker could exploit this vulnerability to remotely access a user's sensitive data simply by tricking a victim into opening a spoofed document, he explained.

Earlier this week, Apple unveiled the refreshed 11 and 12.9-inch iPad Pro models with a notable change: The new iPad Pro models are powered by the M1 chip, the company's in-house chipset that also powers the current-generation MacBook Pro, MacBook Air, and Mac mini. Is the company planning to put macOS on the iPad in the future or merge iPads and Macbooks? No remains the answer. Apple marketing chief Greg Joswiak, in an interview: "There's two conflicting stories people like to tell about the iPad and Mac. On the one hand, people say that they are in conflict with each other. That somebody has to decide whether they want a Mac, or they want an iPad. Or people say that we're merging them into one: that there's really this grand conspiracy we have, to eliminate the two categories and make them one. And the reality is neither is true. We're quite proud of the fact that we work really, really hard to create the best products in their respective category." Hardware chief John Ternus, in the same interview: "We're pushing to make the best Mac we can make; we're pushing to make the best iPad we can make."

Despite only being released in November, sales of the M1-powered MacBook Air, MacBook Pro, and Mac mini now represent the majority of Mac sales, outperforming Mac computers powered by Intel processors, according to Apple CEO Tim Cook. MacRumors reports: Cook made the remarks during Apple's "Spring Loaded" event yesterday, where it introduced a completely redesigned 24-inch iMac powered by the M1 Apple silicon chip. Cook says that the M1 and Apple silicon "isn't just an upgrade, but a breakthrough," while touting Mac's industry-leading customer satisfaction. According to Cook, the four M1-powered Macs now outperform the five remaining Intel-powered computers in its lineup in terms of sales. During the keynote, Cook's comment went largely unnoticed but is likely to be a key point the CEO makes during Apple's upcoming earnings call, which is being held on April 28.

wiredmikey shares a report from SecurityWeek: Google late Tuesday shipped another urgent security patch for its dominant Chrome browser and warned that attackers are exploiting one of the zero-days in active attacks. This is the fourth in-the-wild Chrome zero-day discovered so far in 2021 and the continued absence of IOC data or any meaningful information about the attacks continue to raise eyebrows among security experts.

The newest Chrome update -- 90.0.4430.85 -- is available for Windows, Mac and Linux users and is being rolled out via the browser's automatic update mechanism. The vulnerability being exploited is identified as CVE-2021-21224 and simply described as a "type confusion" in the V8 Chrome rendering engine. Google credited the Jose Martinez (tr0y4) from VerSprite Inc. for reporting the vulnerability. "Google is aware of reports that exploits for CVE-2021-21224 exist in the wild," the company said, with no additional details.

At today's Spring Loaded event, Apple unveiled a new version of the iPad Pro, equipped with the M1 chip that was first introduced on the company's Mac line. TechCrunch reports: The new chip sports an 8-core CPU, with performance up to 50% faster than the A12Z Bionic found on the previous generation. There's also an 8-core GPU, which it claims is up to 40% faster. The system can be decked out to up to 16 GB of RAM and 2 TB of storage. The device further blurs the line between the company's tablet and desktop offerings, as well as improved battery life now listed as "all day." The Pro also adds Thunderbolt support to the USB-C, which allows for a number of new features including external display support and wired transfers up to 40 Gbps.

As reported, the new tablet (12.9-inch only for now) features an improved display -- Liquid Retina XDR, according to Apple's marketing terms. Among other things that brings much improved high dynamic range. The display is powered by 10,000 micro-LED. That allows for a hugely improved contrast ratio and 1,000 nits of brightness, without hammering the battery life. The 11-inch version starts at $799 and the 12.9-inch, which adds the Liquid Retina display, starts at $1,099. Pre-orders on the tablets starts April 30 and the product is set to start shipping in the second half of May -- along with a number of other products introduced at today's show.

Apple has finally given the world a dramatic new iMac redesign, aimed at the company's long-standing goal of "making the computer disappear." From a report: Naturally, the latest version of the 24-inch all-in-one desktop is built around the company's new proprietary M1 chips. The screen sports a 4.5K Retina Display, coupled with a 1080p camera -- a first for the Mac line, and a sign the company is taking both audio and video more seriously as these products are serving as a kind of life line for the work from home crowd. True Tone is, naturally, on board for better color balance, and sound have been improved with six-speaker setup.

The new devices are significantly thinner -- with overall volume reduced by half, according to the company. The rear is also flat, instead of curved. All told, the company says it's up to 85% faster than the last model, coupled with a GPU that's up to twice as fast and 3x the machine learning. Around back are two Thunderbolt ports and a new magnetic power adapter that also delivers Ethernet. The system comes in seven colors. It starts at $1,299.

Dave Knott writes: Microsoft has announced Visual Studio 2022, the next major revision of their flagship development IDE. A public beta will be arriving this summer. The most significant change, which has long been rumored, is that the entire application suite will now be 64-bit. Other major changes include:

* Performance improvements in the core debugger
* Support for .NET 6, which can be used to build web, client and mobile apps by both Windows and Mac developers, as well as improved support for developing Azure apps
* An update UI meant to reduce complexity and which will add integration with Accessibility Insights. Microsoft plans to update the icons and add support for Cascadia Code, a new fixed-width font for better readability
* Support for C++ 20 tooling. language standardization and Intellisense
* Integration of text chat into the Live Share collaboration feature
* Additional support for Git and GitHub
* Improved code search

Parallels today announced the release of Parallels Desktop 16.5 for Mac with full support for M1 Macs, allowing for the Windows 10 ARM Insider Preview and ARM-based Linux distributions to be run in a virtual machine at native speeds on M1 Macs. From a report: Parallels says running a Windows 10 ARM Insider Preview virtual machine natively on an M1 Mac results in up to 30 percent better performance compared to a 2019 model 15-inch MacBook Pro with an Intel Core i9 processor, 32GB of RAM, and Radeon Pro Vega 20 graphics. Parallels also indicates that on an M1 Mac, Parallels Desktop 16.5 uses 2.5x less energy than on the latest Intel-based MacBook Air. Microsoft does not yet offer a retail version of ARM-based Windows, with the Windows 10 ARM Insider Preview available on Microsoft's website for Windows Insider program members. The ability to run macOS Big Sur in a virtual machine is a feature that Parallels hopes to add support for in Parallels Desktop later this year as well.

Cory Doctorow, writing at Wired: When we talk about social media monopolies, we focus too much on network effects, and not enough on switching costs. Yes, it's true that all your friends are already stuck in a Big Tech silo that doesn't talk to any of the other Big Tech silos. It needn't be that way: interoperable platforms have existed since the first two Arpanet nodes came online. You can phone anyone with a phone number and email anyone with an email address.

The reason you can't talk to Facebook users without having a Facebook account isn't that it's technically impossible -- it's that Facebook forbids it. What's more, Facebook (and its Big Tech rivals) have the law on their side: the once-common practice of making new products that just work with existing ones (like third-party printer ink, or a Mac program that can read Microsoft Office files, or an emulator that can play old games) has been driven to the brink of extinction by Big Tech. They were fine with this kind of "competitive compatibility" when it benefited them, but now that they dominate the digital world, it's time for it to die.

To restore competitive compatibility, we would need reform to many laws: software copyright and patents, the anti-circumvention laws that protect digital rights management, and the cybersecurity laws that let companies criminalize violations of their terms of service.

If you're wondering when Apple will hold its next event, Siri may have the answer. From a report: Ask the digital helper: "When is the next Apple event?" and it will respond with "the special event is on Tuesday, April 20, at Apple Park in Cupertino, CA. You can get all the details on Apple.com." MacRumors, which spotted the reply, says the virtual assistant is providing it in certain instances on iPhone, iPad, Mac, and HomePod. While it's an open secret that Apple is planning an event for later this month where it's expected to debut a new iPad Pro, Siri has seemingly leaked the date ahead of confirmation. We won't have to wait long to find out if the info is correct, though. Apple normally sends out invites to the press a week ahead of the proceedings, so it should make it official later today. The event itself is expected to be a virtual affair starring the iPad Pro (in two sizes) and possibly featuring the AirTags Bluetooth tracker. Apple's next premium slate reportedly features a Mini LED display on the flagship 12.9-inch model, but supply chain issues could see it ship later than planned and in limited quantities.

An anonymous reader quotes a report from ZDNet: A zero-day vulnerability in Zoom which can be used to launch remote code execution (RCE) attacks has been disclosed by researchers. The researchers from Computest demonstrated a three-bug attack chain that caused an RCE on a target machine, and all without any form of user interaction. As Zoom has not yet had time to patch the critical security issue, the specific technical details of the vulnerability are being kept under wraps. However, an animation of the attack in action demonstrates how an attacker was able to open the calculator program of a machine running Zoom following its exploit. As noted by Malwarebytes, the attack works on both Windows and Mac versions of Zoom, but it has not -- yet -- been tested on iOS or Android. The browser version of the videoconferencing software is not impacted. Computest researchers Daan Keuper and Thijs Alkemade earned themselves $200,000 for this Zoom discovery, as it was part of the Pwn2Own contest.

In a statement to Tom's Guide, Zoom thanked the Computest researchers and said the company was "working to mitigate this issue with respect to Zoom Chat." In-session Zoom Meetings and Zoom Video Webinars are not affected. "The attack must also originate from an accepted external contact or be a part of the target's same organizational account," Zoom added. "As a best practice, Zoom recommends that all users only accept contact requests from individuals they know and trust."