Apple has removed a controversial feature from the macOS operating system that allowed 53 of Apple's own apps to bypass third-party firewalls, security tools, and VPN apps installed by users for their protection. From a report: Known as the ContentFilterExclusionList, the list was included in macOS 11, also known as Big Sur. The exclusion list included some of Apple's biggest apps, like the App Store, Maps, and iCloud, and was physically located on disk at: /System/Library/Frameworks/NetworkExtension.framework/Versions/Current/Resources/Info.plist.

Its presence was discovered last October by several security researchers and app makers who realized that their security tools weren't able to filter or inspect traffic for some of Apple's applications. Security researchers such as Patrick Wardle, and others, were quick to point out at the time that this exclusion risk was a security nightmare waiting to happen. They argued that malware could latch on to legitimate Apple apps included on the list and then bypass firewalls and security software.

Intel CEO Bob Swan is set to step down effective Feb. 15. From a report: VMWare CEO Pat Gelsinger will take over the position, sources told CNBC. Intel's stock was up about 13% in premarket trading following the news. VMWare's stock was down nearly 5%. Swan was named CEO in January 2019 after serving as interim CEO for seven months. During Swan's tenure, Intel has suffered blows from competitors. Over the summer, Intel reported that its latest generation chips would be delayed while AMD's were already shipping inside laptops. Apple announced in the fall that it would use its own proprietary chips in its Mac computers, breaking a 15-year partnership with Intel for its chip supplies.

When a user attempts to load a Flash game or content in a browser such as Chrome, the content now fails to load and instead displays a small banner that leads to the Flash end-of-life page on Adobe's website. While this day has long been coming, with many browsers disabling Flash by default years ago, it is officially the end of a 25-year era for Flash, first introduced by Macromedia in 1996 and acquired by Adobe in 2005. Mac Rumors reports: "Since Adobe will no longer be supporting Flash Player after December 31, 2020 and Adobe will block Flash content from running in Flash Player beginning January 12, 2021, Adobe strongly recommends all users immediately uninstall Flash Player to help protect their systems," the page reads. Adobe has instructions for uninstalling Flash on Mac, but note that Apple removed support for Flash outright in Safari 14 last year.

Adobe first announced its plans to discontinue Flash in 2017. "Open standards such as HTML5, WebGL, and WebAssembly have continually matured over the years and serve as viable alternatives for Flash content," the company explained. Adobe does not intend to issue Flash Player updates or security patches any longer, so it is recommended that users uninstall the plugin.

An anonymous reader quotes a report from ZDNet: Security firm Intezer Labs said it discovered a covert year-long malware operation where cybercriminals created fake cryptocurrency apps in order to trick users into installing a new strain of malware on their systems, with the obvious end goal of stealing victims' funds. The campaign was discovered last month in December 2020, but researchers said they believe the group began spreading their malware as early as January 8, 2020. Intezer Labs said the hackers relied on three cryptocurrency-related apps for their scheme. The fake apps were named Jamm, eTrade/Kintum, and DaoPoker, and were hosted on dedicated websites at jamm[.]to, kintum[.]io, and daopker[.]com, respectively.

The first two apps claimed to provide a simple platform to trade cryptocurrency, while the third was a cryptocurrency poker app. All three apps came in versions for Windows, Mac, and Linux, and were built on top of Electron, an app-building framework. But Intezer researchers say the apps also came with a little surprise in the form of a new malware strain that was hidden inside, which the company's researchers named ElectroRAT. Intezer researchers believe the malware was being used to collect cryptocurrency wallet keys and then drain victims' accounts. To spread the trojanized applications, Intezer says the hackers posted ads for the three apps and their websites on niche cryptocurrency forums, or they used social media accounts. Because of a quirk in the malware's design, which retrieved the address of its command and control server from a Pastebin URL, Intezer believes this operation infected around 6,500 users -- the total number of times the Pastebin URLs were accessed.

Microsoft is building a universal Outlook client for Windows and Mac that will also replace the default Mail & Calendar apps on Windows 10 when ready. This new client is codenamed Monarch and is based on the already available Outlook Web app available in a browser today. From a report: Project Monarch is the end-goal for Microsoft's "One Outlook" vision, which aims to build a single Outlook client that works across PC, Mac, and the Web. Right now, Microsoft has a number of different Outlook clients for desktop, including Outlook Web, Outlook (Win32) for Windows, Outlook for Mac, and Mail & Calendar on Windows 10. Microsoft wants to replace the existing desktop clients with one app built with web technologies. The project will deliver Outlook as a single product, with the same user experience and codebase whether that be on Windows or Mac. It'll also have a much smaller footprint and be accessible to all users whether they're free Outlook consumers or commercial business customers. I'm told the app will feature native OS integrations with support for things like offline storage, share targets, notifications, and more. I understand that it's one of Microsoft's goals to make the new Monarch client feel as native to the OS as possible while remaining universal across platforms by basing the app on the Outlook website.

An anonymous reader shares a report: Malware operators who want to know the location of the victims they infect usually rely on a simple technique where they grab the victim's IP address and check it against an IP-to-geo database like MaxMind's GeoIP to get a victim's approximate geographical location. While the technique isn't very accurate, it is still the most reliable method of determining a user's actual physical location based on data found on their computer. However, in a blog post last month, Xavier Mertens, a security researcher with the SANS Internet Storm Center, said he discovered a new malware strain that is using a second technique on top of the first. This second technique relies on grabbing the infected user's BSSID. Known as a "Basic Service Set Identifier," the BSSID is basically the MAC physical address of the wireless router or access point the user is using to connect via WiFi. You can see the BSSID on Windows systems by running the command: netsh wlan show interfaces | find "BSSID" Mertens said the malware he discovered was collecting the BSSID and then checking it against a free BSSID-to-geo database maintained by Alexander Mylnikov.

Fast Company's technology editor harrymcc writes: After years of growing technical irrelevance and security concerns, the Flash browser plug-in will reach the end of the road on January 12 when Adobe blocks its ability to display content. The web will survive just fine. But there's a huge library of old Flash games — some of them quirky, interesting, and worth preserving. Over at Fast Company, Jared Newman wrote about several grassroots initiatives that will allow us to continue to enjoy these artifacts of the Flash era even after Flash is history.
Some tips from the article:

• If you have a Windows PC, the best way to replay old Flash content is with FlashPoint, a free program with more than 70,000 web games and 8,000 animations, most of which are Flash-based. (Experimental Mac and Linux versions are also available, but are complicated to set up....)

• Conifer lets you run a legacy browser with Flash support on a remote machine, insulating you from any security issues...

• The Internet Archive has made thousands of Flash games and animations playable online in modern web browsers through emulation, so you can play the Helicopter Game or watch Peanut Butter Jelly Time in their original forms.

• Ruffle is the underlying emulation software that The Internet Archive is using. You can also install it as a standalone program or browser extension...

• Newgrounds has released its own Flash Player for Windows that safely loads content from its website, so you still get the full experience of using Newgrounds proper.

But the article opens with a sentence reminding us that "After all the challenges of 2020, there's one thing we can all look forward to in the new year: Adobe Flash Player will finally be dead."

A computer repair shop owner cited in a controversial New York Post story is suing Twitter for defamation, claiming its content moderation choices falsely tarred him as a hacker. From a report: John Paul Mac Isaac was the owner of The Mac Shop, a Delaware computer repair business. In October, the New York Post reported that The Mac Shop had been paid to recover data from a laptop belonging to Joe Biden's son Hunter, and it published emails and pictures allegedly from a copy of the hard drive. After the Post's sourcing and conclusions were disputed, Facebook and Twitter both restricted the article's reach, and Twitter pointed to its ban on posting "hacked materials" as an explanation. Mac Isaac claims Twitter specifically made this decision to "communicate to the world that [Mac Isaac] is a hacker." He says that his business began to receive threats and negative reviews after Twitter's moderation decision, and that he is "now widely considered a hacker" because of Twitter.

The Verge reports: Firefox's latest update brings native support for Macs that run on Apple's Arm-based silicon, Mozilla announced on Tuesday. Mozilla claims that native Apple silicon support brings significant performance improvements: the browser apparently launches 2.5 times faster and web apps are twice as responsive than they were on the previous version of Firefox, which wasn't native to Apple's chips...

Firefox's support of Apple's Arm-based processors follows Chrome, which added support for Apple's new chips shortly after the M1-equipped MacBook Pro, MacBook Air, and Mac mini were released in November.
Firefox 84 will also be the very last release to support Adobe Flash, notes ZDNet, calling both developments "a reminder of the influence Apple co-founder Steve Jobs has had and continues to exert on software and hardware nine years after his death." Jobs wrote off Flash in 2010 as successful Adobe software but one that was a 'closed' product "created during the PC era — for PCs and mice" and not suitable for the then-brand-new iPad, nor any of its prior iPhones. Instead, Jobs said the future of the web was HTML5, JavaScript and CSS.

At the end of this year Google Chrome, Microsoft Edge and Apple Safari also drop support for Flash.

Senior Apple execs recently reflected in an interview with Om Malik what the M1 would have meant to Jobs had been alive today. "Steve used to say that we make the whole widget," Greg Joswiak, Apple's senior vice president of Worldwide Marketing told Malik.

"We've been making the whole widget for all our products, from the iPhone, to the iPads, to the watch. This was the final element to making the whole widget on the Mac."
ZDNet also notes that Firefox 84 offers WebRender, "Mozilla's faster GPU-based 2D rendering engine" for MacOS Big Sur, Windows devices with Intel Gen 6 GPUs, and Intel laptops running Windows 7 and 8. "Mozilla promises it will ship an accelerated rendering pipeline for Linux/GNOME/X11 users for the first time."

Firefox now also uses "more modern techniques for allocating shared memory on Linux," writes Mozilla, "improving performance and increasing compatibility with Docker."

And Firefox 85 will include a new network partitioning feature to make it harder for companies to track your web surfing.

Microsoft is rolling out an update today that brings native support for Apple's M1 chip to the Windows productivity suite. "The apps getting the updates are Word, Excel, Outlook, PowerPoint, and OneNote," reports The Verge. "Notably absent, however, is Teams." From the report: The updates are making the apps universal ones -- meaning these versions will run on both Intel and Apple Silicon Macs, so any upcoming updates or features will be coming at the same time for both platforms. [...] Office users who have automatic updates turned on should have the new versions sometime today, and anyone else can update it through the Mac App Store or Microsoft's AutoUpdate software (depending on if you downloaded Office through the App Store or directly from Microsoft). Outlook users will get not only native Apple Silicon support, but support for iCloud accounts as well, allowing them to sync their email, contacts, and calendars to the app if they use Apple's service to store them. Teams isn't included in today's rollout of updates, but Microsoft says they're working on it. No timeline is available, though.

Apple is planning a series of new Mac processors for introduction as early as 2021 that are aimed at outperforming Intel's fastest. From a report: Chip engineers at the Cupertino, California-based technology giant are working on several successors to the M1 custom chip, Apple's first Mac main processor that debuted in November. If they live up to expectations, they will significantly outpace the performance of the latest machines running Intel chips, according to people familiar with the matter who asked not to be named because the plans aren't yet public. Apple's M1 chip was unveiled in a new entry-level MacBook Pro laptop, a refreshed Mac mini desktop and across the MacBook Air range. The company's next series of chips, planned for release as early as the spring and later in the fall, are destined to be placed across upgraded versions of the MacBook Pro, both entry-level and high-end iMac desktops, and later a new Mac Pro workstation, the people said.

[...] The current M1 chip inherits a mobile-centric design built around four high-performance processing cores to accelerate tasks like video editing and four power-saving cores that can handle less intensive jobs like web browsing. For its next generation chip targeting MacBook Pro and iMac models, Apple is working on designs with as many as 16 power cores and four efficiency cores, the people said. While that component is in development, Apple could choose to first release variations with only eight or 12 of the high-performance cores enabled depending on production, they said. Chipmakers are often forced to offer some models with lower specifications than they originally intended because of problems that emerge during fabrication. For higher-end desktop computers, planned for later in 2021 and a new half-sized Mac Pro planned to launch by 2022, Apple is testing a chip design with as many as 32 high-performance cores.

PCMag.com's lead mobile analyst calls Qualcomm "a little too unbothered by Apple's M1 Macs" Qualcomm executives brushed off a question about Apple's new M1-based Macs during a question-and-answer session at the company's Snapdragon Summit today, where Qualcomm announced a new flagship smartphone chipset but no upgrades to its year-old chips for PCs... In general, reviews of Qualcomm-powered laptops such as the Microsoft Surface Pro X have celebrated the devices' long battery life, but lamented problems with third-party apps that were originally coded for Intel processors. That stands in stark contrast to Apple's new M1-based Macs, which don't seem to be slowed down as badly by older software...

"It's a great validation of what we've been doing for the past few years and [Qualcomm's product line] is just going to get stronger and stronger as we broaden our scope," said Alex Katouzian, Qualcomm SVP for mobile. Katouzian made sure to subtly call out ways in which Qualcomm's always-connected PCs are superior to Apple's newest Macs. The Macs lack 4G connectivity and still have poor-quality, 720p front-facing cameras... Katouzian also pointed out that (presumably unlike Apple) Qualcomm addresses "many tiers...and many price points" with its 7c, 8c, and 8cx laptop chipsets, letting Windows laptop makers drive prices well below the MacBook Air's $999 list price.

The core problem with Qualcomm's always-connected PC strategy is one that Qualcomm itself can't fix. While Qualcomm could, and probably will, soon announce a laptop chip that's based on the new Snapdragon 888 and has a level of raw power closer to Apple's M1, it's really down to Microsoft, as well as peripheral and app makers to solve the platform incompatibilities that have frustrated PC reviewers.
Hot Hardware cites Microsoft's promises of changes come in future updates to Windows 10, arguing that "with the arrival of x64 emulation and a growing library of native Arm64 apps, Windows 10 on Arm is going to be an even more powerful platform." From a performance perspective, while running Windows 10 on Arm, these [Snapdragon 8cx] chips may currently be at a disadvantage to the Apple M1, but some day in the not so distant future that might not be the case. We have no doubt that Qualcomm is likely working on a new Windows PC-centric SoC that is based on Snapdragon 888 or similar architecture. Qualcomm has promised a 25 percent uplift in CPU and a 35% lift in GPU performance over the Snapdragon 865, with the Snapdragon 888, which already offers a big boost over the previous gen Snapdragon 855/8cx. So, Qualcomm has the potential to put up a strong showing against the Apple M1, whenever its next-generation Snapdragon PC chip launches.
That may be, but John Gruber at Daring Fireball argues that currently "M1 Macs embarrass all other PCs — all Intel-based Macs, including automobile-priced Mac Pros, and every single machine running Windows or Linux." Those machines are just standing around in their underwear now because the M1 stole all their pants. Well, that just doesn't happen, your instincts tell you. One company, even a company like Apple, doesn't just embarrass the entire rest of a highly-competitive longstanding industry. But just because something hasn't happened — or hasn't happened in a very long while — doesn't mean it can't happen. And in this case, it just happened... M1 Macs completely upend what we can and should expect from PCs. It's a breakthrough along the lines of the iPhone itself in 2007.

An Amazon Web Services (AWS) virtualization engineer has shown what Windows 10 on Arm could be like if Microsoft licensed its Arm-based OS to the public rather than just to Windows 10 manufacturers. From a report: With Apple's new M1 Arm-based system on chip, Mac users who need to use Windows 10 can't run Microsoft's Arm-based version of Windows using Apple's Bootcamp. The key obstacle is that Microsoft doesn't license Windows 10 on Arm to any entities other than its own Surface group and Windows 10 on Arm OEMs like HP, Asus and Lenovo. Technically, there's nothing stopping owners of the M1 MacBook Air, MacBook Pro 13-inch or Mac mini from running Windows 10 on Arm, as Apple's software engineering chief Craig Federighi recently pointed out. [...]

But Microsoft's reluctance to create a license for Windows 10 on Arm for end users hasn't stopped creative engineers from putting together a working example of what things could be like if it did. AWS principal engineer Alexander Graf did just that, using the open-source QEMU virtualization software for Windows on Arm. QEMU emulates access to hardware such as the CPU and GPU. [...] "Who said Windows wouldn't run well on #AppleSilicon? It's pretty snappy here," Graf wrote in a tweet. Graf previously worked on the Kernel Virtual Machine (KVM) for Linux distribution SUSE for over a decade. Now he's a KVM developer at AWS, which this week announced new Mac instances for AWS Elastic Compute Cloud (EC2) based on Nitro System, an AWS hypervisor for EC2 instances. [...] A developer using the handle @imbushuo on Twitter has posted Geekbench versions 4 and 5 scores that compare Windows 10 on Arm on an M1 computer with the Microsoft-made Surface Pro X. Windows on an M1 got a single-core score of 1,288 and multi-core score of 5,685 whereas the Surface Pro X's scores were roughly 800 and 3,000 in those respective benchmarks.

Joe2020 writes: Famous developer Hector Martin who put Linux on the PS4 now wants to port Linux to the new Apple M1, and he wants to do it with the help of crowdfunding by making it his full-time job. One can find his official pledge for support here. "Since these devices are brand new and bespoke silicon, porting Linux to run on them is a huge undertaking. Well beyond a hobby project, it is a full-time job," the developer explains.

"The goal is to bring Linux support on Apple Silicon macs to the point where it is not merely a tech demo, but is actually an OS you would want to use on a daily driver device. To do this, there is a huge amount of work to be done. Running Linux on things is easy, but making it work well is hard. Drivers need to be written for all devices. The driver for the completely custom Apple GPU is the most complicated component, which is necessary to have a good desktop experience. Power management needs to work well too, for your battery life to be reasonable," the dev explains. Martin says he hopes to have enough donations to purchase the new Apple Silicon-powered devices and hire other people to help with the job.

Slashdot reader NoMoreACs also shared the news via Mac Rumors.

AWS today opened its re:Invent conference with a surprise announcement: the company is bringing the Mac mini to its cloud. These new EC2 Mac instances, as AWS calls them, are now available in preview. They won't come cheap, though. From a report: The target audience here -- and the only one AWS is targeting for now -- is developers who want cloud-based build and testing environments for their Mac and iOS apps. But it's worth noting that with remote access, you get a fully-featured Mac mini in the cloud, and I'm sure developers will find all kinds of other use cases for this as well. Given the recent launch of the M1 Mac minis, it's worth pointing out that the hardware AWS is using -- at least for the time being -- are i7 machines with six physical and 12 logical cores and 32 GB of memory. Using the Mac's built-in networking options, AWS connects them to its Nitro System for fast network and storage access. This means you'll also be able to attach AWS block storage to these instances, for example.

Developer Alexander Graf has successfully virtualized the Arm version of Windows on an M1 Mac, proving that the M1 chip is capable of running Microsoft's operating system. From a report: Currently, Macs with the M1 chip do not support Windows and there is no Boot Camp feature as there is on Intel Macs, but support for Windows is a feature that many users would like to see. Using the open-source QEMU virtualizer, Graf was able to virtualize the Arm version of Windows on Apple's M1 chip, with no emulation. Since the M1 chip is a custom Arm SoC, it is no longer possible to install the x86 version of Windows or x86 Windows apps using Boot Camp, as was the case with previous Intel-based Macs. However, he said in a Tweet that when virtualized on an M1 Mac, "Windows ARM64 can run x86 applications really well. It's not as fast as Rosetta 2, but close."

Programmer Abdullah Diaa has put together a website to help determine if your favorite apps work on Apple Silicon yet. An anonymous reader shares a report from The Next Web: ... [P]lease say hello to Is Apple silicon ready? The idea behind the site is simple: it shows you if specific apps will work on laptops and desktops with Apple's in-house chip. Easy to get your head around, right? It shows you a list of software and, if they have native M1 support, they're given a green tick.

Here's an image that shows you what's going on far clearer than lots of words could. As you can see, the site also shows you if the app you're after has Rosetta 2 support. Effectively, Rosetta 2 is an emulator, allowing a large number of apps designed for Intel machines to run on Apple Silicon. If this is supported, you will still be able to use that software on an M1-toting machine. Further reading: Linus Torvalds Would Like To Use An M1 Mac For Linux, But...

Yes, Torvalds said he'd love to have one of the new M1-powered Apple laptops, but it won't run Linux and, in an exclusive interview he explains why getting Linux to run well on it isn't worth the trouble. Steven J. Vaughan-Nichols writes via ZDNet: Recently, on the Real World Technologies forum, Linux's creator Linus Torvalds was asked what he thought of the new M1-powered Apple laptops. Torvalds replied, "I'd absolutely love to have one if it just ran Linux." You may think, "what's the problem? Doesn't Linux run on practically every processor on the planet from 80386s to IBM s390x to the ARM family of which Apple's M1 chip is a child?" Well, yes, yes it does. But it takes more than a processor to run a computer.

Torvalds would like to run Linux on these next-generation Macs. As he said, "I've been waiting for an ARM laptop that can run Linux for a long time. The new Air would be almost perfect, except for the OS. And I don't have the time to tinker with it, or the inclination to fight companies that don't want to help." Aye, there's the rub. In an exclusive interview, Torvalds expanded on why he can't see porting Linux to the M1-based Macs. "The main problem with the M1 for me is the GPU and other devices around it, because that's likely what would hold me off using it because it wouldn't have any Linux support unless Apple opens up."

Still, while Torvalds knows Apple opening up their chipsets "seems unlikely, but hey, you can always hope." Even if that "wasn't an issue," Torvalds continued, "My personal hope would be more cores. Even in a laptop, I don't care about 20-hour battery life (and I wouldn't get it building kernels anyway). I'd rather plug it in a bit more often, and have 8 big cores." As for the Mac's limited RAM -- no more than 16GBs on current models -- he can live with that. "16GBs is actually ok by me because I don't tend to do things that require a lot more RAM. All I do is read email, do git and kernel compiles. And yes, I have 64GB in my desktop, but that's because I have 32 cores and 64 threads, and I do hugely parallel builds. Honestly, even then 32GB would be sufficient for my loads." That said, other developers and power users may want more from the new Macs, Torvalds thinks. "The people who really want tons of memory are the ones doing multiple VMs or huge RAW file photography and video."

Two Android applications belonging to Chinese tech giant Baidu were removed from the official Google Play Store at the end of October after they were caught collecting sensitive user details. From a report: The two apps -- Baidu Maps and Baidu Search Box -- were removed after Google received a report from US cyber-security firm Palo Alto Networks. Both apps had more than 6 million downloads combined before being removed. According to the US security firm, the two apps contained code that collected information about each user's phone model, MAC address, carrier information, and IMSI (International Mobile Subscriber Identity) number. The data collection code was found in the Baidu Push SDK, used to show real-time notifications inside both apps. Palo Alto Networks security researchers Stefan Achleitner and Chengcheng Xu, who identified the data collection code, said that while some of the collected information is "rather harmless," some data like the IMSI code "can be used to uniquely identify and track a user, even if that user switches to a different phone." The research team said that while the collection of personal user details is not specifically forbidden by Google's policy for Android apps after they reported the issue to Google, the Play Store security team confirmed their findings and "identified [additional] unspecified violations" in the two Baidu apps, which eventually led to the two apps being removed from the official store on October 28.

"Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypass content filters and VPNs..." reports Threatpost. "While users assumed Apple would fix the flaw before the OS emerged from beta into full release, this doesn't appear to have happened."

"Beginning with macOS Catalina released last year, Apple added a list of 50 Apple-specific apps and processes that were to be exempted from firewalls like Little Snitch and Lulu," explains Ars Technica: The undocumented exemption, which didn't take effect until firewalls were rewritten to implement changes in Big Sur, first came to light in October. Patrick Wardle, a security researcher at Mac and iOS enterprise developer Jamf, further documented the new behavior over the weekend. To demonstrate the risks that come with this move, Wardle — a former hacker for the NSA — demonstrated how malware developers could exploit the change to make an end-run around a tried-and-true security measure...

Wardle tweeted a portion of a bug report he submitted to Apple during the Big Sur beta phase. It specifically warns that "essential security tools such as firewalls are ineffective" under the change.

Apple has yet to explain the reason behind the change.