Taking a look back at another week of news and headlines from Cupertino, this week’s Apple Loop includes a massive iPhone mistake in iOS, the latest hardware and software leaks around the iPhone 11, why the new iPhone will not be cheaper, an embarrassing update to iOS 12.4, who is listening to Siri’s search requests, a new MacBook Pro keyboard idea, Apple’s tiny nod to independent repairers, and unboxing the Apple Card.
Apple Loop is here to remind you of a few of the very many discussions that have happened around Apple over the last seven days (and you can read my weekly digest of Android news here on Forbes).
Apple’s Lack Of iPhone Security Exposed
Although it was patched in February, Google’s Project Zero has disclosed a security exploit in iOS that had been left open for over two years. By ‘daisy chaining’ together a number of small exploits it has been possible to gain full access to an iPhone simply by having the device visit a target web page through the Safari web browser. This could have affected a huge number of users. Arguably every user of an iPhone running iOS 10 through to iOS 12.1.4 was vulnerable. Andy Greenberg and Lily Hay Newman report:
On Thursday evening, Google’s Project Zero security research team revealed a broad campaign of iPhone hacking. A handful of websites in the wild had assembled five so-called exploit chains, tools that link together security vulnerabilities, allowing a hacker to penetrate each layer of iOS’s digital protections. The rare and intricate chains of code exploited a total of 14 security flaws, targeting everything from the browser’s “sandbox” isolation mechanism to the core of the operating system known as the kernel, ultimately gaining complete control over the phone.
They were also used anything but sparingly. Google’s researchers say the malicious sites were programmed to assess devices that loaded them, and to compromise them with powerful monitoring malware if possible. Almost every version of iOS 10 through iOS 12 was potentially vulnerable. The sites were active since at least 2017, and had thousands of visitors per week.
As the launch of the iPhone 11 grows ever closer (it’s set for Tuesday September 10th) the leaks are building up. That leaves no genuine hardware surprises for Tim Cook to reveal on the stage, but it does help set expectations and I’m sure the hand-picked crowd will cheer the tweaked edges . I reported on some of the details earlier this week:
Does the fact that the camera hump will have a smoother edge in glass and not in metal negate the awkward and ugly design that has been used to mount the camera? Not for me; the lack of symmetry is still on show, the madness of pushing for a thinner phone above everything else is still present, and the whole lens assembly still looks like an Ikea induction hob.
But by blending the camera hump and the rear glass and presumably color matching the two levels – along with the removal of the Apple logo from the rear of the handsets – Apple will be hoping this is enough to energise Apple’s geekerati into cheerleading the cutting-edge changes to the tired design first introduced in 2017 before the expected launch on September 10th.
How To Turn Things Invisible With Your iPhone
The real iPhone surprises are likely to be in software and how these elements work with the hardware. The beta release of iOS 13.1 has exposed one potential show-stealing feature for the camera – the ability to create travelling mattes and transparency layers for your vides in real time.
Earlier this week Apple released a point update to the beta of iOS 13. Tucked away inside the code of iOS 13.1 are some notes regarding the video encoding software. The new version of the iOS operating system will support encoding HEVC videos with an alpha channel…
The alpha layer is an additional layer of information in the video that allows areas of a frame to be marked as invisible, transparent, or lifted out of the frame for effects work. No doubt the stereoscopic ability to calculate the depth of different objects in the field of view will be used to lift out elements that are wanted and elements that are not wanted.
A Cheaper iPhone Offers Users No Benefit
What may come as a surprise is the cost of the three iPhone 11 handsets. Not the retail price, because that’s going to stay the same (Apple is not going to take any steps that reduces the average revenue per customer), but in a cheaper build cost. With higher margins, Apple can maintain revenue levels on lower sales. Forbes’ Gordon Kelly reports:
JP Morgan says the bill of materials for the iPhone 11 has been reduced by between $30 and $50 and with the bill of materials for Apple’s flagship iPhone XS Max priced at only $433 that’s a lot (7-12%). JP Morgan pegs a lot of this on a reduction in memory prices, but Apple has also cancelled a major iPhone XS feature this year which will undoubtedly help iPhone 11 prices.
So why won’t users enjoy the savings as well? It’s political. JP Morgan says that Apple will use the reduced costs to absorb the threat of 10% tariffs being placed on Chinese electronics (the vast majority of iPhones are made in China) in the ongoing trade war between China and the United States. That said, even then Apple may not play fair.
Embarrassing Bug Forces Rushed Update To iOS 12
Apple has rushed out a new version of iOS 12. Version 12.4.1 has one purpose – to restore an embarrassing bug that was re-introduced in iOS 12.4 that allowed arbitrary code with system privileges. In other words the entire platform was exposed to hacks and malicious apps (in addition to the previously reported bug earlier in Apple Loop). Dan Goodin looks at sheepish fix:
The security advisory accompanying the release of iOS version 12.4.1 says it patches a kernel vulnerability that allows malicious apps to execute code that runs with the highest of privileges. (The use-after-free vulnerability was first fixed in iOS 12.3.) Then, last weekend, researchers noticed that version 12.4, released in June, was once again vulnerable. Jailbreak enthusiasts—who like the freedom that such vulnerabilities permit—quickly capitalized on the Apple developer mistake by releasing exploits that worked on fully patched devices.
Siri… Is Anyone Listening To Me?
Apple’s commitment to privacy has not extended to Siri. Earlier this week reports came in on the volume of Siri requests that were being audited by human ears for accuracy. While the feels like an obvious thing to check on, the fact that Apple had not clearly disclosed the practice sits uncomfortably alongside its marketing message of safety and protection. Gordon Kelly reports on the findings of the Irish Examiner:
“Contractors in Cork [Ireland] were expected to each listen to more than 1,000 recordings from Siri every shift, before Apple suspended the practice last month,” explains the Examiner, who got its information from “an employee who had their contract abruptly terminated this week.”
The Examiner understands that over 300 employees at the contractor, Globetech, were let go following the Guardian’s report, which puts the 1,000 recordings per shift into context. Neither Apple nor Globetech have commented on the numbers.
As the week progressed, Apple did post an apology on its website:
According to multiple former graders, accidental activations were regularly sent for review, having recorded confidential information, illegal acts, and even Siri users having sex.
“As a result of our review, we realise we have not been fully living up to our high ideals, and for that we apologise,” Apple said in an unsigned statement posted to its website. “As we previously announced, we halted the Siri grading program. We plan to resume later this fall when software updates are released to our users.”
New MacBook Keyboard Could Use Lasers
Apple’s design team has not had a lot of luck with the butterfly keyboard on the MacBook and MacBook Pro. Multiple iterations have had flaws and there is a move back to a more traditional design in the latest laptops. But there’s a new idea coming out of Cupertino. Lasers. Malcolm Owen reports:
However, Apple suggests physically making a connection within the switch isn’t necessary for a keyboard, and proposes the use of light instead. In the patent published by the US Patent and Trademark Office on Tuesday titled “Optical Keyboard,” Apple suggests just that.
Instead of an electrical connection being made by the physical motion of the keyboard, Apple proposes a system of light emitters and sensors, as well as elements on the underside of the key that can interfere with the passage of light. By pressing the key, the under-key element changes the passage of light, which can be measured and used to determine an input from a particular key.
Apple Begins To Sell Parts To Some Independent Repair Shops
With the growing voices behind the ‘Right To Repair’ campaign, Apple has announced that it will begin to provide equipment and parts to independent repair shops that will allow them to repair Apple products. This is a good step forward, but key will be the small print on what can and cannot be done, and the limits placed on other repairs. One potential gatekeeping tactic is already visible… Apple will only sell to a shop that has an Apple-certified technician who has taken Apple’s own repair course. Annie Palmer reports:
The new repair program allows big and small repair outfits to sign up and get access to parts for common out-of-warranty repairs, something that was previously restricted to Apple’s network of authorized service providers.
The move represents an about face for Apple, which typically encourages any repairs to be made by its authorized service providers and makes it difficult for users to replace aging or broken parts themselves. Additionally, the company has fought California’s proposed right-to-repair bill, which would require companies like Apple to make repair information and parts available to both device owners and independent repair shops.
And for those wondering what one of the leading indie repair shops think, here’s Louis Rossman acknowledging that this is a small but positive step.
Here’s a card. An Apple card. It’s shiny. And pretty. Enjoy Marques Brownlee unboxing a credit card:
Apple Loop brings you seven days worth of highlights every weekend here on Forbes. Don’t forget to follow me so you don’t miss any coverage in the future. Last week’s Apple Loop can be read here, or this week’s edition of Loop’s sister column, Android Circuit, is also available on Forbes.