Sir Apfelot newsreel week 33, 2022

For today's Friday there is another Sir Apfelot newsreel, but before that there is a reference to important updates for Apple operating systems and Safari on the Mac. In the last few days, security gaps have been plugged, which you should not miss: Updates to macOS 12.5.1 and iOS / iPadOS 15.6.1 as well as Update to Safari 15.6.1 on macOS Catalina and Big Sur. But now we come to the Apple and tech news that I particularly noticed in calendar week 33 of 2022. Among other things, there are: Massive DDoS attack on Google Cloud, solar energy generation in space, uncertain cycleApps, MacBook Air Screen Cracks, A Look At Upcoming Apple Systems, And More.

Also included in the Sir Apfelot newsreel for calendar week 33 of 2022: massive DDoS attack on Google Cloud, solar power from space, unsafe cycle apps, TikTok can track with an in-app browser, Apple makes iOS VPNs unsafe, Ventura settings have tens of errors and more.

Also included in the Sir Apfelot newsreel for calendar week 33 of 2022: massive DDoS attack on Google Cloud, solar power from space, unsafe cycle apps, TikTok can track with an in-app browser, Apple makes iOS VPNs unsafe, Ventura settings have tens of errors and more.

Google blocks DDoS attack with 46 million hits per second

A "layer 7 DDoS attack" with 46 million hits per second was reported by a blog entry of the operator blocked by the Google Cloud. The attack not only shows how strong attackers with global networks can already attack individual sites and services. Advertising for its own services, Google also emphasizes that the attack, which lasted more than an hour, was repelled. After a steep increase in requests, there were fewer and fewer, and finally no more. In addition to the protection mechanism, this may also be due to the cost of the attack, especially if it was commissioned from a DDoS service provider, as was the case in a Post from heise online means.

ESA plans to harness solar energy from space

The sun always shines in space. And that is exactly what would give solar systems orbiting the earth an advantage over photovoltaics on earth. Accordingly, the European Space Agency ESA has plans for the so-called Space Based Solar Power (SBSP). For this purpose, numerous satellites are to be launched into space with reusable carrier rockets and connected to form a huge collector. 

This could then generate solar power XNUMX hours a day, seven days a week and send it to receiving systems on earth by means of microwaves. Although all this would be expensive and risky, it would secure part of the basic supply of European electricity grids and save costs in the long term. A summary of the plans and their analysis by consulting firms can be found in one Post from heise online.

Cycle, health and exercise apps as a security risk in the US

I also have one at heise online this week Articles found, in which an investigation of the company Mozilla (known from Firefox and Thunderbird) is processed. It is about cycle, health and sports apps with which, among other things, the period of the period can be recorded. In the USA, this is critical in that many of the apps pay little attention to data protection and can therefore show when a person is or was pregnant if the cycle is no longer entered and the corresponding data is released. 

For some time, abortion has been illegal in some US states, even if it was performed in another state where it is legal. If the app, including location data, is requested in a corresponding procedure, this is particularly critical. Incidentally, 18 out of 25 apps were classified as unsafe. You can find an overview of the examined apps as well as the respective security concerns auf dieser seite. The "Privacy not included" filter on the page helps to directly display the apps with missing security.

TikTok's in-app web browser can track everything

Last week was about the investigations of Felix Krause, who found that meta-apps such as Facebook, Instagram and Facebook Messenger theoretically limit the use of their in-appBrowser can spy. So if you open a link that appears in one of the apps and doesn't use a browser app like Safari, then the integrated web browser, which comes from Meta, takes effect. This week it is again Felix Krause who explains about another in-app browser, namely from TikTok. This also uses JavaScript code to monitor all inputs and actions. There are details about it on his blog. There will also InAppBrowser.com presented, a page that is accessed from an app and shows whether it uses the JavaScript in question.

Frequent cases of cracked displays in MacBook Air with M1 chip

Apple's community discussion forum is piling up, according to one Post from iFun, reports from users of MacBook Air with M1 chip about damaged displays. The damage, which includes cracks in the glass and display errors, is not insignificant. Some cracks go half the screen, behind only colorful stripes instead of macOS or apps. According to the iFun article, the forum discussion that started at the end of May already comprises 50 pages and shows numerous sample photos - here you come directly to the thread. It also lists the possible repair costs: between 400 and 600 US dollars. A class action lawsuit against Apple is already in the works.

VPN on iOS: Full redirection of traffic is not possible

A Virtual Private Network (VPN) is intended to ensure that Internet inquiries and the data exchanged between end devices and servers are redirected via various other servers, thereby encrypting the IP address, among other things. However, under iOS on the Apple iPhone this does not seem to be possible for all Internet connections, according to ArsTechnica (English) and heise online (German). Apple is to blame for this, as iOS actively bypasses certain connections to the VPN. This problem has been known for years and has been ignored by Apple, according to the sources.

ArsTechnica quotes (freely translated) the founder and CEO of Proton, among other statements: "The fact that this is still an issue is disappointing to say the least. We first confidentially notified Apple of this issue two years ago. Apple refused to fix the issue, so we disclosed the vulnerability to protect the public. The safety of millions of people is in Apple's hands, only they can fix this, but given the inaction of the past two years, we're not very optimistic that Apple will do the right thing."

Adjustments in upcoming system versions from Apple

It won't be long then iOS 16, macOS Ventura and other system upgrades for Apple devices rolled out. Some changes are already from current ones Beta versions known. This week there were a few updates here and there on the subject:

  • System Preferences become Preferences on the Mac: Under macOS, the system settings should be adapted to the settings of iOS and iPadOS in terms of appearance and name. @nikitonsky shows that this is accompanied by umpteen errors in this Twitter thread on. Ambiguous color schemes, non-scrollable lists, windows that are too small, crashing panes, and hidden menus are also found in a Summary listed on iFun.
  • Books app in iOS 16 with new features: The changes in the Books app under iOS 16 should be more positive. You have to get used to the new menu navigation first, one says Post from the iPhone ticker, but then you can benefit from options that have slid down from the top of the screen. Overall, everything is "tidier, but a bit nested".
  • More advertising in Apple apps on the iPhone: According to Mark Gurman, Apple plans to increase its advertising revenue from $4 billion a year to a double-digit billion figure. In addition, more advertising is to be played out in in-house iPhone apps – for example in maps. But there is still room for improvement in news, stocks, the app store and the like. In addition to maps, advertising could also appear in the Podcasts app in the future. Sources: German / English.

Do you have any other interesting news of the week in store? Then please leave a comment including a (reputable) source :)

-

Did you like the article and did the instructions on the blog help you? Then I would be happy if you the blog via a Steady Membership or at Patreon would support.

Leave a Comment

Your e-mail address will not be published.