Apple

apple-hits-“all-time-high”-smartphone-market-share,-takes-#1-spot-for-2023

Apple hits “all-time high” smartphone market share, takes #1 spot for 2023

Apple, Tech / /

Eww Android phones, who would want those? —

Apple beat all the Android OEMs while selling dramatically more expensive phones.

The Apple logo takes corporeal form outside an Apple store.

Market research firm IDC has released some stunning smartphone market share numbers for 2023. The number one smartphone OEM is now Apple. The IDC says Apple hit an “all-time high market share” number for 2023 and that Apple has “the number 1 spot annually for the first time ever.” The analyst group says this represents “a sort of shifting of power” in the smartphone market.

That all-time high market share puts Apple at 20.1 percent for 2023, a 3.7 percent growth over 2022. Nearly everyone on Team Android is way down, with Samsung now in second place after losing 13.6 percent in 2023 for 19.4 percent market share on the year. Chinese firm Xiaomi is down 4.7 percent for 12.5 percent market share, and Oppo (the parent company of OnePlus) dropped 9.9 percent and is fourth, with 8.8 percent of the market. Next up is “Transsion,” a company that is definitely not a household name but is big in emerging markets like Africa. Transsion is a big winner, with 30 percent growth from 2022 to 2023. With 8.1 percent market share, it takes the fifth spot.

The IDC's market share charts for 2023.

Enlarge / The IDC’s market share charts for 2023.

Apple is usually not first in sales because the average iPhone purchase is much more expensive than an average Android phone. Samsung’s cheapest phones can be had for about $50, and while you can get a wildly expensive foldable that costs a lot more than an iPhone, Samsung’s bestselling models are often the midrange “A” series, which are in the $200–$450 range. Other Android manufacturers are in the same boat, with low-volume halo products and high-volume cheap devices.

According to Omdia’s top-10 model sales list for 2023, Apple’s bestselling phone—and the bestselling phone model in the world—was the $1,100 iPhone 14 Pro Max. The world’s second bestselling phone is the $1,000 iPhone 14 Pro. Third is the iPhone 14, which cost $800 for most of 2023. Apple’s cheapest phone is the iPhone SE at $429, but that model doesn’t sell well. The point is that Android manufacturers usually win these market share charts by selling cheap and midrange phones, but Apple was able to take the top spot while existing only in the mid-to-premium phone space. The industry lingo for this is “average sell price” (ASP), and for Q2 2023, the IDC has the average Android phone at $250, while the average iPhone costs $949.

In 2020, Apple was fourth in market share behind Samsung, Huawei, and Xiaomi, which made sense given Apple’s more expensive product line. In 2023, Apple beat all these Android OEMs while selling dramatically more expensive products. The IDC’s Nabila Popal wraps up the numbers by saying, “Apple’s ongoing success and resilience is in large part due to the increasing trend of premium devices, which now represent over 20% of the market, fueled by aggressive trade-in offers and interest-free financing plans.”

Apple hits “all-time high” smartphone market share, takes #1 spot for 2023 Read More »

supreme-court-denies-epic-v.-apple-petitions,-opening-up-ios-payment-options

Supreme Court denies Epic v. Apple petitions, opening up iOS payment options

App Store, Apple, Apple v Epic, epic, fortnite, gaming, Google, Policy, Supreme Court, Tech / /

Epic v. Apple —

Most of Epic’s arguments are moot now, but one point will change the App Store.

Fortnite characters looking across the many islands and vast realm of the game.

Enlarge / Artist’s conception of iOS developers after today’s Supreme Court ruling, surveying a new landscape of payment options and subscription signaling.

Epic Games

The Supreme Court declined to hear either of the petitions resulting from the multi-year, multi-court Epic v. Apple antitrust dispute. That leaves most of Epic’s complaints about Apple’s practices unanswered, but the gaming company achieved one victory on pricing notices.

It all started in August 2020, when Epic sought to work around Apple and Google’s app stores and implemented virtual currency purchases directly inside Fortnite. The matter quickly escalated to the courts, with firms like Spotify and Microsoft backing Epic’s claim that Apple’s App Store being the only way to load apps onto an iPhone violated antitrust laws.

The matter reached trial in May 2021. The precise definitions of “games” and “marketplace” were fervently debated. Epic scored a seemingly huge victory in September 2021 when a Northern California judge demanded that Apple allow developers to offer their own payment buttons and communicate with app customers about alternate payment options. An appeals court upheld that Apple’s App Store itself wasn’t a “walled garden” that violated antitrust laws but kept the ruling that Apple had to open up its payments and messaging.

Today’s denial of petitions for certiorari means that Apple has mostly run out of legal options to prevent changes to its App Store policies now that multiple courts have found its “anti-steering” language anticompetitive. Links and messaging from developers should soon be able to send users to alternative payment options for apps rather than forcing them to stay entirely inside Apple’s App Store, resulting in a notable commission for Apple.

Epic’s goals to see Fortnite restored to the App Store or see third-party stores or sideloading on iPhones remain unfulfilled. This is not the case with Epic’s antitrust suit against Google, which in mid-December went strongly in Epic’s favor. With a unanimous jury verdict against Google, a judge this month will determine how to address Google’s violations—potentially including Epic’s request that it and other developers be allowed to issue their own app stores and payment systems on Android devices.

Tim Sweeney, CEO of Epic Games, wrote in a thread on X (formerly Twitter) that the Supreme Court’s denial means the “battle to open iOS to competing stores and payments is lost in the United States” and that it was a “sad outcome for all developers.” Sweeney noted that as of today, developers on Apple’s platforms can “tell US customers about better prices on the web.” And he noted that regulatory and policy actions around the world, including the upcoming EU Digital Markets Act, may have further impact.

Apple has yet to comment on today’s Supreme Court decision.

Supreme Court denies Epic v. Apple petitions, opening up iOS payment options Read More »

apple-airdrop-leaks-user-data-like-a-sieve-chinese-authorities-say-they’re-scooping-it-up.

Apple AirDrop leaks user data like a sieve. Chinese authorities say they’re scooping it up.

AirDrop, Apple, Biz & IT, cryptographic hashes, privacy, Security / /
Apple AirDrop leaks user data like a sieve. Chinese authorities say they’re scooping it up.

Aurich Lawson | Getty Images

Chinese authorities recently said they’re using an advanced encryption attack to de-anonymize users of AirDrop in an effort to crack down on citizens who use the Apple file-sharing feature to mass-distribute content that’s outlawed in that country.

According to a 2022 report from The New York Times, activists have used AirDrop to distribute scathing critiques of the Communist Party of China to nearby iPhone users in subway trains and stations and other public venues. A document one protester sent in October of that year called General Secretary Xi Jinping a “despotic traitor.” A few months later, with the release of iOS 16.1.1, the AirDrop users in China found that the “everyone” configuration, the setting that makes files available to all other users nearby, automatically reset to the more contacts-only setting. Apple has yet to acknowledge the move. Critics continue to see it as a concession Apple CEO Tim Cook made to Chinese authorities.

The rainbow connection

On Monday, eight months after the half-measure was put in place, officials with the local government in Beijing said some people have continued mass-sending illegal content. As a result, the officials said, they were now using an advanced technique publicly disclosed in 2021 to fight back.

“Some people reported that their iPhones received a video with inappropriate remarks in the Beijing subway,” the officials wrote, according to translations. “After preliminary investigation, the police found that the suspect used the AirDrop function of the iPhone to anonymously spread the inappropriate information in public places. Due to the anonymity and difficulty of tracking AirDrop, some netizens have begun to imitate this behavior.”

In response, the authorities said they’ve implemented the technical measures to identify the people mass-distributing the content.

  • Screenshot showing log files containing the hashes to be extracted

  • Screenshot showing a dedicated tool converting extracted AirDrop hashes.

The scant details and the quality of Internet-based translations don’t explicitly describe the technique. All the translations, however, have said it involves the use of what are known as rainbow tables to defeat the technical measures AirDrop uses to obfuscate users’ phone numbers and email addresses.

Rainbow tables were first proposed in 1980 as a means for vastly reducing what at the time was the astronomical amount of computing resources required to crack at-scale hashes, the one-way cryptographic representations used to conceal passwords and other types of sensitive data. Additional refinements made in 2003 made rainbow tables more useful still.

When AirDrop is configured to distribute files only between people who know each other, Apple says, it relies heavily on hashes to conceal the real-world identities of each party until the service determines there’s a match. Specifically, AirDrop broadcasts Bluetooth advertisements that contain a partial cryptographic hash of the sender’s phone number and/or email address.

If any of the truncated hashes match any phone number or email address in the address book of the other device, or if the devices are set to send or receive from everyone, the two devices will engage in a mutual authentication handshake. When the hashes match, the devices exchange the full SHA-256 hashes of the owners’ phone numbers and email addresses. This technique falls under an umbrella term known as private set intersection, often abbreviated as PSI.

In 2021, researchers at Germany’s Technical University of Darmstadt reported that they had devised practical ways to crack what Apple calls the identity hashes used to conceal identities while AirDrop determines if a nearby person is in the contacts of another. One of the researchers’ attack methods relies on rainbow tables.

Apple AirDrop leaks user data like a sieve. Chinese authorities say they’re scooping it up. Read More »

iphone-survives-16,000-foot-fall-after-door-plug-blows-off-alaska-air-flight-1282

iPhone survives 16,000-foot fall after door plug blows off Alaska Air flight 1282

airplane accident, airplanes, Alaska Airlines Flight 1282, Apple, Boeing, Boeing Co. 737 Max 9, drop test, IPhone, ntsb, Seanathan Bates, Tech / /

the ultimate drop test —

Still-working iPhone is one of two discovered after the airline accident, says NTSB.

The iPhone that fell from Alaska Airlines flight 1282, discovered by Seanathan Bates under a bush on the side of the road.

Enlarge / The iPhone that fell from Alaska Airlines flight 1282, discovered by Seanathan Bates under a bush on the side of the road.

On Sunday, game developer Seanathan Bates discovered a working iPhone that fell 16,000 from Alaska Airlines flight 1282 on Friday. Flight 1282 suffered an explosive decompression event when a door plug blew off the plane. No one was injured during the incident. The iPhone wasn’t injured, either—still unlocked and with a torn charging cable connector plugged in, it appeared largely undamaged and displayed information that matched the flight.

“Found an iPhone on the side of the road,” wrote Bates in a post on X. “Still in airplane mode with half a battery and open to a baggage claim for #AlaskaAirlines ASA1282 Survived a 16,000 foot drop perfectly in tact!”

The discovery location of the iPhone that fell from Alaska Airlines flight 1282.

Enlarge / The discovery location of the iPhone that fell from Alaska Airlines flight 1282.

After the discovery, Bates contacted the NTSB, who took possession of the device and told him the iPhone was actually the second phone that had been found from the flight. During a press conference on Sunday, NTSB chair Jennifer Homendy confirmed that two people had discovered cell phones that fell from flight 1281. The other cell phone was discovered in someone’s yard.

The decompression event started when a door plug used to cover an unused exit door on the Boeing 737 Max 9 unexpectedly detached from the plane. Rapid decompression can suck passengers and objects violently out of an aircraft due to air pressure differences. While no people fell out of the plane, the loose iPhone apparently got ripped away while charging. “In case you didn’t see it, there was a broken-off charger plug still inside it! Thing got *yankedout the door,” wrote Bates in his X post.

The iPhone that fell from Alaska Airlines flight 1282 had a ripped charging connector still plugged into it.

Enlarge / The iPhone that fell from Alaska Airlines flight 1282 had a ripped charging connector still plugged into it.

iPhones surviving harrowing drops from sky-heights aren’t unheard of. In May, AppleInsider reported on a skydiver’s iPhone that survived a 14,000 fall from a plane. Given air resistance that limits an object’s descent speed and landings in a soft spot like moist dirt or mud, the survivals aren’t entirely surprising. Landing on a hard surface would likely be a different story, however.

At the time of the iPhone’s discovery, the search was still on for the missing door plug, but the plug has since been found. Compared to the apparent ease of discovering two small cell phones first, a Hacker News commenter quipped, “Boeing needs ‘Find My Door.'”

No word yet on whether the iPhone has been reunited with its owner.

iPhone survives 16,000-foot fall after door plug blows off Alaska Air flight 1282 Read More »

apple-vision-pro-will-launch-feb-2,-preorders-start-jan.-19

Apple Vision Pro will launch Feb. 2, preorders start Jan. 19

Apple, headset, Mixed Reality, vision pro / /

The future is soon —

Package includes 256GB storage and two headstraps; prescription lenses run $149.

The Dual Loop Band as seen on a model head.

Enlarge / The Dual Loop Band as seen on a model head.

Apple

Apple’s highly anticipated mixed-reality Vision Pro headset will be available starting on February 2 at US retail Apple locations and on the Apple Store website, the company announced this morning. Preorders for the $3,499 “spatial computing” headset will start on January 19 at 5 am PST.

  • The “Dual Loop Band” offers a separate option for holding the Vision Pro securely on your face.

    Apple

  • The flexible Solo Knit Band will also be included in the Vision Pro box.

    Apple

  • A close-up of the “soft textile” light seal included in the box, which “comes in a range of shapes and sizes.”

    Apple

The stock model of the Vision Pro will include 256GB of storage, which can be used to store existing iOS apps or apps made specifically for the Vision Pro’s new spatialOS. The package will include the flexible Solo Knit Band seen in previous marketing materials, as well as a newly revealed “Dual Loop Band,” which adds a portion that goes over the top of the skull. Apple says the extra included band will “give users two options for the fit that works best for them.”

Here are the other items included in the Vision Pro box, according to Apple:

  • Light seal
  • Two light seal cushions
  • Apple Vision Pro cover
  • Polishing cloth
  • External battery

    USB-C charge cable
  • USB-C power adapter

For those needing corrective lenses while inside the Vision Pro, Apple says Zeiss “Readers” will be available for $99, while prescription Optical Inserts will run $149. Both options attach magnetically to the device to give an unobstructed view and allow for eye tracking while in Vision Pro.

What can this thing do, again?

In its press release announcing the launch details, Apple highlighted the availability of “more than 150” movies and TV shows that can be viewed in 3D on the device. The company also mentions Vision Pro’s support for “new spatial games,” including Game Room, What the Golf?, and Super Fruit Ninja, which “take advantage of the powerful capabilities of Apple Vision Pro to transform the space around players, offering unique and engaging gameplay experiences.”

Web pages and

Enlarge / Web pages and “flat” iOS apps can be placed around the mixed reality room on floating monitors in Vision Pro.

Apple

Aside from those visionOS-enhanced experiences, Apple’s release talks up Vision Pro’s support for 2D productivity apps, including “Fantastical, Freeform, JigSpace, apps from Microsoft 365, and Slack.” Vision Pro users can also view streaming services like Apple TV+, Disney+, and Max, which can be viewed “on a screen that feels 100 feet wide with support for HDR content” or play more than 250 Apple Arcade titles on the device.

Ars Technica went hands-on with the Vision Pro shortly after its original announcement last June, testing out its eye-tracking interface, avatar-based FaceTime calls, and immersive, 3D mixed reality content. We’re eager to get more time with the device for testing in Ars’ Orbiting HQ soon.

Apple Vision Pro will launch Feb. 2, preorders start Jan. 19 Read More »

2024-may-be-a-year-of-reckoning-for-apple’s-$85-billion-services-business

2024 may be a year of reckoning for Apple’s $85 billion services business

antitrust, App Store, App stories, Apple, big tech, monopoly, syndication / /

scrutinized —

US court cases and tougher EU regulation will pose challenges to Apple’s bottom line.

2024 may be a year of reckoning for Apple’s $85 billion services business

Apple faces a legal reckoning in 2024, with a series of regulatory decisions by US and EU authorities over the coming months set to determine the future of its $85 billion-a-year services business.

The biggest hit to the iPhone maker could come from a US antitrust trial against Google, where it emerged that the fellow tech giant had paid more than $26 billion in 2021 to make its search engine the default on Apple devices and other smartphones and browsers.

Should Google lose the case, it could be forced to stop making regular payments to Apple, which Eric Seufert, an independent analyst, estimates as being worth a quarter of annual revenues earned by Apple’s services arm.

Meanwhile, Apple and other tech giants face increasing scrutiny from the Biden administration over concerns about the dominance of its App Store, which it is already being forced to change in the EU due to legislation designed to rein in the power of Big Tech.

Together, the legal and regulatory actions spanning two of Apple’s biggest markets represent the biggest threat to the company’s business in years.

Its services arm, which includes income from the App Store, video streaming arm, and Apple Music, has steadily increased as a proportion of the company’s total revenues, which is still dominated by sales of devices such as the iPhone.

The Google trial, seen as the most significant antitrust monopoly trial in more than 25 years in Washington, will hear closing arguments in May. Should Google lose, it will almost certainly file an appeal, but such a decision would raise questions about how the two tech giants work with one another into the future.

“I think the judge was intrigued with that issue during the trial,” said Bill Kovacic, a former Federal Trade Commission chair and competition professor of law and policy at George Washington University Law School. “The question in the background was: ‘if Apple is going to have an auction for that prime placement, what should Google have done?’”

The White House is at the same time intensifying its efforts to tackle what it regards as excessive corporate power. Jonathan Kanter, head of the Department of Justice’s antitrust unit since November 2021, has made no secret of his ambition to bring cases against the biggest US companies.

His department has been probing Apple’s App Store policies for years and is now, according to Kanter, “firing on all cylinders.” The window for him to bring a case is closing, however, as the US presidential election and a potential change in administration loom. The DoJ did not respond to a request for comment on the Apple probe.

Regulators, businesses, and enforcers have for years been seeking to pry apart Apple’s iOS ecosystem, a move the tech giant has always insisted would undermine the mobile operating software’s security.

Apple, however, acknowledged recently in a filing to the Securities and Exchange Commission that it would have to make changes to its App Store in the EU, due to the bloc’s new Digital Markets Act, which has a March deadline for legal compliance from tech companies.

In the EU, Apple is preparing to allow “sideloading,” which enables iPhone users to bypass its store and download apps from elsewhere.

This will breach, for the first time, the walled-off ecosystem that the company has protected since Steve Jobs unveiled the iPhone in 2007. Apple has dragged its feet on this issue, since it maintains the practice will create security risks to its system.

Sideloading could have an impact on the App Store, where Apple charges developers as much as a 30 percent fee on digital purchases. Games account for more than half of that revenue. Google’s Play Store, which charges a similar fee, is also in the spotlight after it lost a landmark trial against Epic Games in California in December.

Apple draws between $6 billion and $7 billion in commission fees from the App Store globally each quarter, according to Sensor Tower estimates.

Competitors are pushing to earn some of that share and launch rival app stores and payment methods on Apple devices. Microsoft is talking to partners about launching its own mobile store.

Fortnite maker Epic Games, a longtime Apple foe, wants its store on iOS devices and points to its lower 12 percent fee as an incentive for consumers to switch to its platform.

While Epic broadly lost a lower court judgment into its claims against Apple in 2021, a California judge ordered Apple to put an end to App Store rules that prevent developers from steering customers outside of the store to make purchases. The appeals court upheld that injunction earlier this year. The US Supreme Court will review the case next year.

For investors, gauging the ultimate risk from the raft of regulatory and legal actions across the world is difficult. “I think there’s just a belief that there’s all this noise in the background, and ‘don’t worry about it,’” said Gene Munster, managing partner at Deepwater Asset Management.

Investors, he said, had been “lulled to sleep” by Apple’s initial wins against Epic in particular. “But I think investors should take it seriously.”

Apple declined to comment.

© 2024 The Financial Times Ltd. All rights reserved. Not to be redistributed, copied, or modified in any way.

2024 may be a year of reckoning for Apple’s $85 billion services business Read More »

researchers-come-up-with-better-idea-to-prevent-airtag-stalking

Researchers come up with better idea to prevent AirTag stalking

AirTags, Apple, privacy, Security, stalking, syndication / /
Picture of AirTag

BackyardProduction via Getty Images

Apple’s AirTags are meant to help you effortlessly find your keys or track your luggage. But the same features that make them easy to deploy and inconspicuous in your daily life have also allowed them to be abused as a sinister tracking tool that domestic abusers and criminals can use to stalk their targets.

Over the past year, Apple has taken protective steps to notify iPhone and Android users if an AirTag is in their vicinity for a significant amount of time without the presence of its owner’s iPhone, which could indicate that an AirTag has been planted to secretly track their location. Apple hasn’t said exactly how long this time interval is, but to create the much-needed alert system, Apple made some crucial changes to the location privacy design the company originally developed a few years ago for its “Find My” device tracking feature. Researchers from Johns Hopkins University and the University of California, San Diego, say, though, that they’ve developed a cryptographic scheme to bridge the gap—prioritizing detection of potentially malicious AirTags while also preserving maximum privacy for AirTag users.

The Find My system uses both public and private cryptographic keys to identify individual AirTags and manage their location tracking. But Apple developed a particularly thoughtful mechanism to regularly rotate the public device identifier—every 15 minutes, according to the researchers. This way, it would be much more difficult for someone to track your location over time using a Bluetooth scanner to follow the identifier around. This worked well for privately tracking the location of, say, your MacBook if it was lost or stolen, but the downside of constantly changing this identifier for AirTags was that it provided cover for the tiny devices to be deployed abusively.

In reaction to this conundrum, Apple revised the system so an AirTag’s public identifier now only rotates once every 24 hours if the AirTag is away from an iPhone or other Apple device that “owns” it. The idea is that this way other devices can detect potential stalking, but won’t be throwing up alerts all the time if you spend a weekend with a friend who has their iPhone and the AirTag on their keys in their pockets.

In practice, though, the researchers say that these changes have created a situation where AirTags are broadcasting their location to anyone who’s checking within a 30- to 50-foot radius over the course of an entire day—enough time to track a person as they go about their life and get a sense of their movements.

“We had students walk through cities, walk through Times Square and Washington, DC, and lots and lots of people are broadcasting their locations,” says Johns Hopkins cryptographer Matt Green, who worked on the research with a group of colleagues, including Nadia Heninger and Abhishek Jain. “Hundreds of AirTags were not near the device they were registered to, and we’re assuming that most of those were not stalker AirTags.”

Apple has been working with companies like Google, Samsung, and Tile on a cross-industry effort to address the threat of tracking from products similar to AirTags. And for now, at least, the researchers say that the consortium seems to have adopted Apple’s approach of rotating the device public identifiers once every 24 hours. But the privacy trade-off inherent in this solution made the researchers curious about whether it would be possible to design a system that better balanced both privacy and safety.

Researchers come up with better idea to prevent AirTag stalking Read More »

appeals-court-pauses-ban-on-patent-infringing-apple-watch-imports

Appeals court pauses ban on patent-infringing Apple Watch imports

Apple, Apple Watch Series 9, Apple Watch Ultra 2, patent appeals, smartwatch, Tech / /

still on hold —

Apple pulled the Watch Series 9 and Watch Ultra 2 from sale on December 21.

Updated

Apple Watch Series 9

Enlarge / The Apple Watch Series 9 released in September 2023.

Apple

Just before Christmas, Apple pulled two of its latest smartwatches from stores. The cause was not an unwelcome visit from the ghost of mechanical timepieces past but the International Trade Commission, which found that the California-based computer maker had infringed on some patents, resulting in the ITC banning the import of said watches. Yesterday, Reuters reported that Apple filed an emergency request for the courts to lift the ban and will appeal the ITC ruling.

And today, the US Court of Appeals for the Federal Circuit granted Apple’s wish, pausing the ban while it considers the tech company’s argument.

Apple’s watch problems started back in January. That’s when a court found that the light-based pulse oximetry sensor (found on the back of the watches) infringed patents held by Masimo, a medical device manufacturer also based in California.

At the time, Apple said since Masimo was not a consumer-focused company, it chose not to collaborate or acquire the medical device maker. Masimo, for its part, said that Apple led it on in discussions then took its idea and hired away Masimo engineers.

In October, the ITC upheld the ruling of infringement and started the process to ban imports of the watches, giving US President Joe Biden’s administration 60 days to review the case and possibly veto the ruling.

But the Biden administration has chosen not to interfere, unlike in 2013 when the Obama administration vetoed a ban on iPhones and iPads during a patent dispute between Apple and Samsung. Although the ITC’s import ban on Apple Watch Series 9 and Ultra 2 models was supposed to go into effect on December 26, Apple pulled the watches from sale a few days early. The older Apple Watch SE, which doesn’t use the infringing blood oxygen sensor, remains on sale.

“We strongly disagree with the USITC decision and resulting exclusion order, and are taking all measures to return Apple Watch Series 9 and Apple Watch Ultra 2 to customers in the US as soon as possible,” Apple said in a statement.

Apple had asked the CAFC to pause the ban until US Customs and Border Protection decides whether redesigned Apple Watches no longer infringe on Masimo’s patents, a decision that should be reached by January 12. Now the court has given the ITC a deadline of January 10 to respond to Apple.

This article was updated shortly after publication to reflect the court pausing the import ban.

Appeals court pauses ban on patent-infringing Apple Watch imports Read More »

4-year-campaign-backdoored-iphones-using-possibly-the-most-advanced-exploit-ever

4-year campaign backdoored iPhones using possibly the most advanced exploit ever

0day, Apple, Biz & IT, iPhones, malware, operation triangulation, Security, spyware / /

NO ORDINARY VULNERABILITY —

“Triangulation” infected dozens of iPhones belonging to employees of Moscow-based Kaspersky.

iphone with text background

Researchers on Wednesday presented intriguing new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.

“The exploit’s sophistication and the feature’s obscurity suggest the attackers had advanced technical capabilities,” Kaspersky researcher Boris Larin wrote in an email. “Our analysis hasn’t revealed how they became aware of this feature, but we’re exploring all possibilities, including accidental disclosure in past firmware or source code releases. They may also have stumbled upon it through hardware reverse engineering.”

Four zero-days exploited for years

Other questions remain unanswered, wrote Larin, even after about 12 months of intensive investigation. Besides how the attackers learned of the hardware feature, the researchers still don’t know what, precisely, its purpose is. Also unknown is if the feature is a native part of the iPhone or enabled by a third-party hardware component such as ARM’s CoreSight

The mass backdooring campaign, which according to Russian officials also infected the iPhones of thousands of people working inside diplomatic missions and embassies in Russia, according to Russian government officials, came to light in June. Over a span of at least four years, Kaspersky said, the infections were delivered in iMessage texts that installed malware through a complex exploit chain without requiring the receiver to take any action.

With that, the devices were infected with full-featured spyware that, among other things, transmitted microphone recordings, photos, geolocation, and other sensitive data to attacker-controlled servers. Although infections didn’t survive a reboot, the unknown attackers kept their campaign alive simply by sending devices a new malicious iMessage text shortly after devices were restarted.

A fresh infusion of details disclosed Wednesday said that “Triangulation”—the name Kaspersky gave to both the malware and the campaign that installed it—exploited four critical zero-day vulnerabilities, meaning serious programming flaws that were known to the attackers before they were known to Apple. The company has since patched all four of the vulnerabilities, which are tracked as:

Besides affecting iPhones, these critical zero-days and the secret hardware function resided in Macs, iPods, iPads, Apple TVs, and Apple Watches. What’s more, the exploits Kaspersky recovered were intentionally developed to work on those devices as well. Apple has patched those platforms as well. Apple declined to comment for this article.

Detecting infections is extremely challenging, even for people with advanced forensic expertise. For those who want to try, a list of Internet addresses, files, and other indicators of compromise is here.

Mystery iPhone function proves pivotal to Triangulation’s success

The most intriguing new detail is the targeting of the heretofore-unknown hardware feature, which proved to be pivotal to the Operation Triangulation campaign. A zero-day in the feature allowed the attackers to bypass advanced hardware-based memory protections designed to safeguard device system integrity even after an attacker gained the ability to tamper with memory of the underlying kernel. On most other platforms, once attackers successfully exploit a kernel vulnerability they have full control of the compromised system.

On Apple devices equipped with these protections, such attackers are still unable to perform key post-exploitation techniques such as injecting malicious code into other processes, or modifying kernel code or sensitive kernel data. This powerful protection was bypassed by exploiting a vulnerability in the secret function. The protection, which has rarely been defeated in exploits found to date, is also present in Apple’s M1 and M2 CPUs.

Kaspersky researchers learned of the secret hardware function only after months of extensive reverse engineering of devices that had been infected with Triangulation. In the course, the researchers’ attention was drawn to what are known as hardware registers, which provide memory addresses for CPUs to interact with peripheral components such as USBs, memory controllers, and GPUs. MMIOs, short for Memory-mapped Input/Outputs, allow the CPU to write to the specific hardware register of a specific peripheral device.

The researchers found that several of MMIO addresses the attackers used to bypass the memory protections weren’t identified in any so-called device tree, a machine-readable description of a particular set of hardware that can be helpful to reverse engineers. Even after the researchers further scoured source codes, kernel images, and firmware, they were still unable to find any mention of the MMIO addresses.

4-year campaign backdoored iPhones using possibly the most advanced exploit ever Read More »

no-last-minute-reprieve,-us-ban-on-some-apple-watch-sales-now-in-effect

No last-minute reprieve, US ban on some Apple Watch sales now in effect

Apple, Apple Watch Series 9, Apple Watch Ultra 2, syndication / /

no joy for Apple —

Watch Series 9 and Watch Ultra 2 blood oxygen sensors are patent-infringing.

The Apple Watch Ultra 2.

Enlarge / The Apple Watch Ultra 2.

Apple

Apple is banned from selling the Watch Series 9 and Watch Ultra 2 in the US after President Joe Biden’s administration refused to grant a reprieve from a trade tribunal’s decision that it had infringed another company’s patents.

Apple confirmed on Tuesday it had appealed against the earlier ruling from the US International Trade Commission, which stems from a patent dispute with health technology company Masimo.

Biden’s administration had 60 days from the ITC decision, which was handed down in October, to decide whether to allow it to take effect. The authority to decide whether to intervene was delegated by the White House to the US trade representative, Katherine Tai.

“After careful consultations, Ambassador Tai decided not to reverse the ITC’s determination and the ITC’s decision became final on December 26 2023,” Tai’s office said in a statement on Tuesday.

In a statement, Apple said it strongly disagreed with the ITC’s decision and exclusion order and was “taking all measures to return Apple Watch Series 9 and Apple Watch Ultra 2 to customers in the US as soon as possible.”

Ahead of a final decision from the White House, Apple had said it would preemptively halt sales of the affected models in the US on its website from December 21, and in physical stores from December 24.

It is exceptionally rare for the White House to wade into such cases, although the Obama administration vetoed a patent ban on iPhones and iPads in 2013 during the company’s legal dispute with Samsung.

The ruling deals a blow to Apple, which is already facing a slowdown in hardware sales this year. Earlier models of the Apple Watch remain available in the US, and Apple says the ban will have no impact on service for customers who have already bought the new models.

The case stems from a legal dispute between Apple and Irvine, California-headquartered Masimo over patents on the technology for measuring blood oxygen levels on the devices. The method, known as pulse oximetry, measures oxygen in the blood by shining light into the wrist.

Apple first introduced the technology in 2020, in an effort to draw in more consumers and give them the incentive to upgrade with new features on the device. Masimo said Apple copied its patented technology.

The US International Trade Commission ruled in Masimo’s favor, issuing a “limited exclusion order” against Apple’s products.

Masimo has separately sued Apple in federal court alleging trade secret violations. A trial in that case ended with a hung jury in May.

Apple is similarly embroiled in litigation with medical wearables company AliveCor over the heart rate monitoring technology on its watches. In December 2022 the ITC upheld a judge’s ruling that Apple violated AliveCor’s patents.

But that same month, the US Patent Trial and Appeal Board invalidated the AliveCor patents at the center of the dispute, putting any potential ban on hold pending appeals.

© 2023 The Financial Times Ltd. All rights reserved. Not to be redistributed, copied, or modified in any way.

No last-minute reprieve, US ban on some Apple Watch sales now in effect Read More »

laptops’-2023-quantum-leap:-5-computers-we’ll-still-be-talking-about-in-2024

Laptops’ 2023 quantum leap: 5 computers we’ll still be talking about in 2024

Apple, ASUS, Features, laptops, Lenovo, Tech / /
hand reaching for laptop, with blue swirls in the background

You’ll never uncover The Next Great Thing if you don’t deviate from the norm. When looking back at 2023’s laptops, we can see that many were merely refreshed designs—approaches that already work. But what happens when a company explores a design that, though not the most appealing today, might lead us to a new trend tomorrow?

You might end up with some computers that many, or even most, people aren’t currently interested in buying. But you could also end up glimpsing the designs that influence future laptops.

The laptops we’re about to look at all defied trends in some way, and we’re curious to see if they impact the laptop industry beyond 2023. We’ll also look at the challenges these ideas might face in the future—and some ways they could improve.

Lenovo’s laptop with dual 13.3-inch screens

  • A company called SZBOX is already selling a similar design, and I don’t think it’ll be the last.

    Scharon Harding

  • I was able to multitask like never before on a 13-inch-size laptop.

    Scharon Harding

  • Lenovo’s depiction of the Yoga Book 9i’s various forms. There has to be a useful idea somewhere in there, right?

    Lenovo

With the number of secondary screens already being built into laptops, Lenovo’s Yoga Book 9i, as striking as it appears, was a somewhat expected progression. But Lenovo actually pulled it off with a legitimate PC featuring most of the bells and whistles found among traditional premium laptops. With the design serving practical use cases in an improved form factor, I expect it to not only be imitated (one small firm is already selling a laptop like this) but to also give the concept of foldable-screen laptops a good run for their money.

The Yoga Book 9i, with its pair of 13.3-inch OLED screens, isn’t kicking off this list solely because it’s creative, flashy, or unique. It’s because, as detailed in our Lenovo Yoga Book 9i review, it proved itself an effective way to boost the amount of multitasking one can reasonably do on a 13-inch-size laptop. Lenovo’s revision of how to use a 13-inch chassis could improve options down the line for the many people seeking that golden area between ultra-portability and productivity potential.

On the Lenovo laptop’s 26.6 inches of cumulative screen, I was able to do the types of things that would only bring me frustration, if not a headache, on a single 13.3-inch panel. Want to take notes on a video call while monitoring your news feeds, having a chat window open, and keeping an eye on your email? That’s all remarkably manageable on a laptop with two full-size screens. And that PC is easier to lug around than a laptop and portable monitor.

What’s next?

The dual-screen setup worked well for small-laptop multitasking. But the polarizing lack of an integrated physical keyboard and touchpad challenge this form factor’s longevity. Easily accessible touchscreen controls are handy, but you can’t really replicate the reliable tactility and comfort of a keyboard and touchpad with touchscreens. A super portable laptop suddenly feels less portable when you have to remember to bring its accessories.

Still, I think this design has a place in the increasingly mobile world of computing. Future designs could improve with less reflective screens, given that reflectivity is especially distracting on a dual-screen laptop where one screen can cast reflections on the other.

Moving from OLED could help improve battery life to some degree. But, as you might have guessed, a laptop with two 13.3-inch OLED displays won’t be winning any laptop battery-life contests. Further, I wonder what price improvements could be made by foregoing OLED.

But many of the creative laptop designs these days opt for OLED, due to its high image quality, flexibility, and broad market appeal from more mainstream tech implementations, like OLED smartphones and TVs. This presents an ongoing price obstacle for a laptop design that already leans niche.

Laptops’ 2023 quantum leap: 5 computers we’ll still be talking about in 2024 Read More »

apple-wants-ai-to-run-directly-on-its-hardware-instead-of-in-the-cloud

Apple wants AI to run directly on its hardware instead of in the cloud

AI, Apple, IPhone, LLMs, syndication / /

Making Siri smarter —

iPhone maker wants to catch up to its rivals when it comes to AI.

The iPhone 15 Pro.

Enlarge / The iPhone 15 Pro.

Apple

Apple’s latest research about running large language models on smartphones offers the clearest signal yet that the iPhone maker plans to catch up with its Silicon Valley rivals in generative artificial intelligence.

The paper, entitled “LLM in a Flash,” offers a “solution to a current computational bottleneck,” its researchers write.

Its approach “paves the way for effective inference of LLMs on devices with limited memory,” they said. Inference refers to how large language models, the large data repositories that power apps like ChatGPT, respond to users’ queries. Chatbots and LLMs normally run in vast data centers with much greater computing power than an iPhone.

The paper was published on December 12 but caught wider attention after Hugging Face, a popular site for AI researchers to showcase their work, highlighted it late on Wednesday. It is the second Apple paper on generative AI this month and follows earlier moves to enable image-generating models such as Stable Diffusion to run on its custom chips.

Device manufacturers and chipmakers are hoping that new AI features will help revive the smartphone market, which has had its worst year in a decade, with shipments falling an estimated 5 percent, according to Counterpoint Research.

Despite launching one of the first virtual assistants, Siri, back in 2011, Apple has been largely left out of the wave of excitement about generative AI that has swept through Silicon Valley in the year since OpenAI launched its breakthrough chatbot ChatGPT. Apple has been viewed by many in the AI community as lagging behind its Big Tech rivals, despite hiring Google’s top AI executive, John Giannandrea, in 2018.

While Microsoft and Google have largely focused on delivering chatbots and other generative AI services over the Internet from their vast cloud computing platforms, Apple’s research suggests that it will instead focus on AI that can run directly on an iPhone.

Apple’s rivals, such as Samsung, are gearing up to launch a new kind of “AI smartphone” next year. Counterpoint estimated more than 100 million AI-focused smartphones would be shipped in 2024, with 40 percent of new devices offering such capabilities by 2027.

The head of the world’s largest mobile chipmaker, Qualcomm chief executive Cristiano Amon, forecast that bringing AI to smartphones would create a whole new experience for consumers and reverse declining mobile sales.

“You’re going to see devices launch in early 2024 with a number of generative AI use cases,” he told the Financial Times in a recent interview. “As those things get scaled up, they start to make a meaningful change in the user experience and enable new innovation which has the potential to create a new upgrade cycle in smartphones.”

More sophisticated virtual assistants will be able to anticipate users’ actions such as texting or scheduling a meeting, he said, while devices will also be capable of new kinds of photo editing techniques.

Google this month unveiled a version of its new Gemini LLM that will run “natively” on its Pixel smartphones.

Running the kind of large AI model that powers ChatGPT or Google’s Bard on a personal device brings formidable technical challenges, because smartphones lack the huge computing resources and energy available in a data center. Solving this problem could mean that AI assistants respond more quickly than they do from the cloud and even work offline.

Ensuring that queries are answered on an individual’s own device without sending data to the cloud is also likely to bring privacy benefits, a key differentiator for Apple in recent years.

“Our experiment is designed to optimize inference efficiency on personal devices,” its researchers said. Apple tested its approach on models including Falcon 7B, a smaller version of an open source LLM originally developed by the Technology Innovation Institute in Abu Dhabi.

Optimizing LLMs to run on battery-powered devices has been a growing focus for AI researchers. Academic papers are not a direct indicator of how Apple intends to add new features to its products, but they offer a rare glimpse into its secretive research labs and the company’s latest technical breakthroughs.

“Our work not only provides a solution to a current computational bottleneck but also sets a precedent for future research,” wrote Apple’s researchers in the conclusion to their paper. “We believe as LLMs continue to grow in size and complexity, approaches like this work will be essential for harnessing their full potential in a wide range of devices and applications.”

Apple did not immediately respond to a request for comment.

Apple wants AI to run directly on its hardware instead of in the cloud Read More »