Makes it possible for an attacker to possibly decrypt email sent using PGP or S/MIME
The attack is called Efail and some of the flaws it exploits have been around for almost a decade.
In order for the attack to work the attacker first needs to have access to the original encrypted text of the the senders email.
That text is then embedded into unviewable parts of an email and combined it with HTML code.
HTML, is typically a link or image with the cipher text in the URL and the URL is coming from an attacker controlled server.
The recipients email client then receives and decrypts that hidden ciphertext and "errors" on the attacker-controlled server saving the decrypted text into the attacker servers error logs for retrieval.
It effects Apple Mail on Mac and iOS and Mozilla Thunderbird (likely other clients?)
If you are concerned about the attack the best thing to do is to stop suing PGP and SMIME from inside your Mail client.
Receive and send the ciphertext, but decrypt it outside your Mail client.
I would expect patches to come soon. Baffling that these things are not patched until they are publicly exposed.
AppleInsider also noted this week a new malware called 'mshelper' that popped up on Apple's support forums and on Reddit.
Can be a cause of high processor usage and fans running constantly.
You can check for it's existence on your system using the Activity monitor.
Seems to be a trojan, so as always be cautious about what apps you install and get them from legitimate sources
Installs a LaunchDsemon and file inside Application Support. `pplauncher`
A web service ironically called TeenSafe stored unencrypted account information for users and it was hacked.
The service claimed it was "a secure, encrypted way" for Parents to track their teens cell phone activities including messages and location data.
Oddly enough you had to disable 2-factor authentication on your teens device for the service to work.
over 10,000 records were compromised and they included iCloud logins, device identifiers and the email addresses of parents. no user generated content was exposed in the breach (photos, messages, location data). Though with the login of course you could access some of that via iCloud.
iPhone could get 'Fall' colors
An analyst at Rosenblatt Securities is thinking that Apple may bring back colors, like the had with the iPhone 5c, for the rumored LCD iPhone.
The idea would be to make that model even more distinct from the "flagship" models.
They say the colors would be "bright" and include blue, yellow, and pink options to appeal to the "younger" consumer market.
Considering 82 percent of teens in the US own and iPhone and 84 percent plan on their next phone being an iPhone, according to Piper Jaffery, appealing to that market is probably a good idea.
Why are the rumors about the iPhone SE so "hazy"
Mac Otakara says it's because Apple still designing it and there are many prototypes being considered.
Just like we discussed last week everything from an iPhone X-esque clone to just a glass-back and wireless charging.
I'm still in the latter camp due to the SE's price point and market position.
The one thing the latest report seems to confirm is that the SE 2 will not be here "soon", expect it with the rest of the line up in the Fall.
Cook acknowledges Apple's 'interest' in original content
Cook appeared on "The David Rubenstein Show" on Bloomberg Television and discussed a number of things from tariffs to immigration, but that's boring so we're gonna focus on what he said about entertainment.
He, for the first time publicly I think, confirmed that Apple is, "very interested in the content business" and that they will, "be playing in a way that is consistent with our (sic) brand,"
Not quite as definitive as we are making original content with some awesome Hollywood folks, but I'll take it.
He did conclude with, "We're not ready to give any details on it yet. But it's clearly an area of interest."
He also shared that Apple Music now has 50 million paid subscribers and that Apple is adding about 4 million new paid subscribers a month to the service.
One show not coming to an Apple TV service will be The Obamas
They had been looking to find a place to create shows about and Apple and Netflix were vying for the opportunity.
Netflix won. A multi-year deal to produce original films and series with President Obama and First Lady Michelle Obama
Details of what the shows will be were not shared, but Netflix did say they could include both scripted and unscripted series, as well as documentaries, features, and more (so ANYTHING).
Apple is selling Home Pods
Despite what you might think from your non-Siri assistant loving friends
Strategy Analytics has done their thing and analyzed the first quarter sales of HomePod and they think Apple may have sold as many as 600,000
May not seem like a lot, but it's not a bad start and Apple is historically good about having a slow start and then quickly ramping up and dominating.
If accurate that means in just a few months Apple has captured about 6 percent of the global smart speaker market with the speaking being available in just three countries.
The HomePod is also in it's own league as a "smart speaker" and more of a high end speaker with "smart" features.
There is a rumor of Apple looking at producing a "cheaper" USD $199 HomePod under the Beats brand
More likely this is an updated Beats speaker with AirPlay 2 support (something Apple has already said is coming).
The rumors that Siri will give you the scoop on WWDC is wrong.
Looks like a developer forgot to remove last years witty responses to "Tell me about WWDC"
“La la la, Siri is getting a brand new voice!”
“I’m gonna have a shiny new home! Well, not really shiny, more meshy and matte…”
Sponsor: Small Dog Electronics
Small Dog Electronics
You have a lot of choice on where to buy your Apple stuff, but unfortunately fewer and fewer of those choices are with companies who know Apple.
That's why I love having Small Dog Electronics as a sponsor, they have been around like many of us through thick and thin and THEY ARE our community.
They started in a garage over 20 years ago and haven't stopped offering great deals and items to the Apple community.
The best part is your buying from folks who care about this community. Real folks, not some nameless megacorp.
A now is the perfect time to visit smalldog.com because you have graduations happening and Father's day is right around the corner.
I know Dad wouldn't mind a second Home Pod from Small Dog
An Apple Watch would be on any Dad or Grad wishlist and Small Dog is offering $10 off an Apple Watch Band with the purchase of an Apple Watch with AppleCare+
You can also get a free printer when you buy a new Mac with AppleCare+ and a backup drive.
Having a hard time deciding? They have posted new accessory bundles to the website, perfect for any Apple fan.
And be sure to check the web site early and frequently this weekend because their famous garage sale event is happening over the memorial day weekend.
Maccast listeners can use the coupon code: 'maccast' to get $20 off an order of $100 or more. And yes, the code will work even on the bundles I just told you about.
Just make sure you visit smalldog.com and don't forget to use the code 'maccast'.
Feedback, commentary, opinions
Your thoughts on MacBook Pro Keyboard
I brought this up on the last show.
At least one person felt I was being an Apple apologist and that the keyboard on the new MacBook Pro has serious design flaws.
Oddly this person didn't own a new MacBook Pro.
Just based his opinion off of reports.
Still, many of you did write in to say that you had at least one, if not multiple (usually 2) replacements.
That's enough for me to say there are some issues with at least some keyboards
What all your reports seemed to prove is that the design has a weakness in that is it much more susceptible to dirt and dust.
Several reported having small issues that were resolved by following Apple's instructions for using compressed air to clear out debris.
Others noted that just repeatedly pressing a key can often "unstick" it? Maybe "pulverizing" the debris and dislodging it?
I also had just as many folks say they had had no issues.
Of the folks that did have repairs I asked if they had repeat issues and most, but not all said no.
I have to wonder if it depends on the date of the replacement as i have been told that Apple made some internal design changes.
That could all be hearsay though, I don't have proof.
Spring Cleaning your Mac
It's probably later then really spring, but lately many of you have been asking about what to do to keep your Mac running in tip top shape.
These days I'm finding I'm having to do less and less other then running software updates, but there are a few things I like to do just to deal with cruft.
First, I will say that if your computer seems to be running fine, then you probably don't need to do anything. You can perform these tasks and they won't hurt, but don't feel like you have to.
So your getting beachballs and things are generally running slow.
First try to see if you can find the reason.
Check the typical places like Activity Monitor to see if you have background processes taking up a lot of Memory or CPU.
Turn off and clean out any stuff that could be running in the background that you don't need.