Maccast 02.26.2011 - Show #386
V Opening
V Opening Music
* Music is Say Anything by Manda and the Marbles
V Sponsor
V Audible
* Get a 14-day free trial of the Audible Listener Gold Membership, includes a free audiobook download
* Over 100,000 titles to choose from
* Works on hundreds of devices. iOS, Android,
* You can get the Steve Jobs biography, or any other book of your choice.
* Great compliment to your podcast listening.
V News
V Apple pushes sandboxing seadline
* once again extending the sandboxing deadline for all App Store apps, this time to June 1.
* Initially, all applications were to be sandboxed by November 2011; in November, that deadline was extended to March 2012; and now, the deadline has been pushed yet again.
V Apple noted that the recent release of Mac OS X 10.7.3 introduced additional "entitlements," to do things like access files, send and receive Apple Events, use hardware resources like a FireWire port or FaceTime camera, or connect to the Internet.
* A potential issue though is that apps using those entitlements won't run properly if the user hasn't updated from an earlier version of 10.7
* In 10.6 though the apps would run without the sandboxing.
* Apple is encouraging developers to file bugs against sandboxing entitlements that they feel are missing
V New Apple data center in OR
V new data center on a 160-acre lot in Prineville, Oregon
* The deed for that land was signed the same day that Oregon passed a tax break for corporations wanting to build data centers
* land was reportedly purchased for $5.6 million form Crook County
* A February 15th filing first identified Apple, Inc. as the purchaser of the land, and Apple later confirmed the purchase is for a new ”green" data center
V Apple may go with smaller dock
* Apple is reportedly replacing its current “Dock” connector for iPhone, iPad, and iPod touch for a smaller “Micro Dock,” at least according to the blog iMore
* They don't offer any details about what the connector would look like or if it would support old dock via an adapter.
* Since the connector is standardized and hasn't changed since the original iPod it seems unlikely.
V Apple's multiple mobile processors
* Remember the images last week of the supposed iPad 3 board with an Apple A5X processor?
* Now it seems that there could be multiple new processors on the way and which one you get may depend on the device
* 9to5 did a deep dive into the code strings on iOS 5.1 BETA and found processor references to chips labeled "S5L8945X" and "S5L8950X". The current A5 processor is a "S5L8940X".
* So does this mean one is an A5X and another the rumored A6? Who knows.
* Some speculation is that an A6, especially if it's the rumored Apple quad core, would have significant power requirements, so Apple may need a lower power upgraded chip for smaller devices like the iPhone or iPod Touch.
* Of course the idea that smaller device may need a smaller chip also continues to fuel speculation of a smaller iPad.
V Rumors are still strong that Apple will announce it's next generation of iPad at a special event on March 7th.
* At least one rumor late this weekend says the new iPads may be in the US by the 9th
* A Chinese site posted images of a shipping manifest of products scheduled to arrive in the US no later than March 9th.
* According to once source a Foxconn executive claimed the shipment contained Apple "latest products". Rather vague as it could simply mean the latest Foxconn shipment for Apple and not iPad 3's, but here's hoping.
V 9to5 Mac has also reported on the severely constrained supplies of Apple TV 2s and thinks a refresh around the iPad 3 announcement may be imminent
* Updated processors to support 1080p video content
V AT&T pays for throttling
* Matt Spaccarelli, sued AT&T in small claims court after the wireless carrier throttled his data connection when he hit 1.5GB of throughput on his unlimited data plan.
* He argued that AT&T throttled him at 1.5 to 2 GB even though their current $30/mo plan offers 3GB of data, the same price he pays for unlimited
* Matt sued in small claims because a clause in the AT&T contract prohibits customers taking their complaints to a class action. Leaving the option for arbitration or small claims.
V AT&T was represented by a local area sales manager, Peter Hartgrove
* He argued in court that his employer has the right to modify or cancel customers’ contracts if their data usage adversely affects the network.”
* Pro-tem Judge Russell Nadel of the Ventura Superior Court in Simi Valley in southern California ruled in Spaccarelli's favor awarding him $850, based on $85/mo for the 10 months left on his contract
* AT&T could appeal the case, but my guess is it's unlikely.
* More worrisome for AT&T is that Matt's case could set a precedence and help the plaintiff's in other similar cases
V iOS tops in mobile ads
* According to inMobi iOS accounted for 35% of their network ad impressions in January up from 23.2% in October
* Androids impressions were down 3.2% in the same period.
* The report seems to contradict sales trends of Android devices which many say are outpacing Apple.
* The numbers might reflect the common theory that while Android is outselling iOS in terms of units that's because the OS is open and simply on more devices, but many people don't use the web and data features offered by the OS.
V Apple buys Chomp
* Apple purchased App Search engine company Chomp, reportedly for $50 million
* Speculation is that Apple bought the company to help improve app discovery on the App Store
* The company also has a sophisticated analytics engine that shows what people are searching for and downloading or buying.
* My guess is that the purchase is for the latter technology.
V I tried the App and the web site and unless I am totally missing the point I'm not seeing how it's that much better at discovery than what iTunes has already
* Yeah there are sections for trending apps and items that have gone on sale, but there are lots of sites that do that. Not sure Chomp is "special" for that.
* I did a search for "Drawing" and not one of the popular iOS drawing apps came up. Mostly random drawing based games and some funky kitschy paint apps.
V Sponsor
V Smile
* PDFPen for iPad
V Now you can have the power of PDFPen on your iPad
* Make text corrections, fix typos, resize, delete, or replace images
* Fill out "fake" forms
* Add signatures
* Add mark-up, notes, etc.
V Sync between your Mac and iPad
* Support for iCloud.
* If you own PDFPen for Mac the latest version includes PDFPen Cloud Access, or you can purchase it from the Mac App Store for $0.99
V Feedback, Comments and Commentary
V Not really that "salty"
* On the last show I discussed some security concepts and specifically talked about the fact that iOS apps don;t necessarily need to upload your Address Book data "in the clear" to perform "friends" matching
* They could simply upload the email addresses and even then they could have the iOS add use a hashing algorithm to obfuscate the information before it's uploaded to the servers.
* If they use the same algorithm for all the email addresses uploaded then any two that matched could be assumed to be the same email address and therefore serve the purpose of "matching" two accounts as "friends"
* Since email addresses may be fairly easy to guess at, for example I could run through a common name dictionary adding the domains of popular email services (,, etc), I also recommended that the information be "salted" before hashing.
* Salting is the process of adding some additional data into the data being hashed before it's encrypted, but in it's purest sense that salt should be unique to each thing being hashed.
* So in my matching example using a true salting methodology would wonk because the same email would have different salts and then would therefore NOT match after being hashed.
V So the process I described would be adding the same "salt" to each email being hashed. The purpose in my example would be that:
* 1) Only the application and service would know the salt
* 2) It would be one more bit of info a hacker would need to know to be able to brut force decrypt the data
* 3) Avoids the ability to simply hash a list of generated or stolen email addresses and match them against the hacked data from the database.
* The overall point of all this is that each additional layer of complexity adds one more thing an attacker needs to know to get at your data. Even just "hashing" the data and only uploading the bits they need to do the matching would be 100 times better than the request permission upload the entire address book approach these services are taking today.
V Enable Do Not Track in Safari
* Uses the HTTP headers from the browser to tell the site the user doesn't want to be tracked by advertisers
* Added starting with Safari 5.1, but enabling it is a bit hidden
V You need to enable the developer menu
* Go to Safari > Preferences > Advanced and check the box “Show Developer menu in menu bar.”
* Then enable the "Send Do Not Track HTTP Header” from the “Developer” menu
* The setting is being moved to the Privacy pane in Mountain Lion, a much more visible location.
V So what exactly does this do?
* Advertisers will stop using cookies to craft targeted ads based on your past surfing and other online behavior.
* So they are stopping collecting data, they just won't use the data to influence the ads you see.
* I would assume they still use the data to craft demographic profiles for their advertisers.
* The setting is also only honored if a user enables it (i.e. you have to opt out).
V Automator with Ben Waldie
* Play interview with Ben
V Closing
V Podcast Marketplace
V Thanks to my sponsors
* Faronics, Deep Freeze. 5.0 released with Lion compatibility
* Circus Ponies
* Smile
V Appearance on Church Tech Geeks
* I was on the Church Tech Geeks Podcast with Timothy Gregorie a couple weeks ago
* Talked about web deasign and development
V Keep emails coming. Audio comments.
V 281-622-4269 or 281-Mac-I-Am-9
* MacCast Forum
* Follow me on Twitter