Vue normale

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
Hier — 27 mars 2024Flux principal

Si Apple aime tant les bulles bleues, pourquoi le logo de l’app Messages est-il vert ?

27 mars 2024 à 17:29

Depuis 2011, Apple propose aux utilisateurs de ses produits d'utiliser iMessage, une application de messagerie connue pour ses bulles bleues. Pourtant, en 2024, l'icône de l'application Messages est verte.

À partir d’avant-hierFlux principal

Apple Criticized For Changing the macOS version of cURL

Par : EditorDavid
23 mars 2024 à 15:34
"On December 28 2023, bugreport 12604 was filed in the curl issue tracker," writes cURL lead developer Daniel Stenberg: The title stated of the problem in this case was quite clear: flag -cacert behavior isn't consistent between macOS and Linux , and it was filed by Yuedong Wu. The friendly reporter showed how the curl version bundled with macOS behaves differently than curl binaries built entirely from open source. Even when running the same curl version on the same macOS machine. The curl command line option --cacert provides a way for the user to say to curl that this is the exact set of CA certificates to trust when doing the following transfer. If the TLS server cannot provide a certificate that can be verified with that set of certificates, it should fail and return error. This particular behavior and functionality in curl has been established since many years (this option was added to curl in December 2000) and of course is provided to allow users to know that it communicates with a known and trusted server. A pretty fundamental part of what TLS does really. When this command line option is used with curl on macOS, the version shipped by Apple, it seems to fall back and checks the system CA store in case the provided set of CA certs fail the verification. A secondary check that was not asked for, is not documented and plain frankly comes completely by surprise. Therefore, when a user runs the check with a trimmed and dedicated CA cert file, it will not fail if the system CA store contains a cert that can verify the server! This is a security problem because now suddenly certificate checks pass that should not pass. "We don't consider this something that needs to be addressed in our platforms," Apple Product Security responded. Stenberg's blog post responds, "I disagree." Long-time Slashdot reader lee1 shares their reaction: I started to sour on MacOS about 20 years ago when I discovered that they had, without notice, substituted their own, nonstandard version of the Readline library for the one that the rest of the Unix-like world was using. This broke gnuplot and a lot of other free software... Apple is still breaking things, this time with serious security and privacy implications.

Read more of this story at Slashdot.

Unpatchable Vulnerability in Apple Chip Leaks Secret Encryption Keys

Par : msmash
21 mars 2024 à 17:36
A newly discovered vulnerability baked into Apple's M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday. From a report: The flaw -- a side channel allowing end-to-end key extractions when Apple chips run implementations of widely used cryptographic protocols -- can't be patched directly because it stems from the microarchitectural design of the silicon itself. Instead, it can only be mitigated by building defenses into third-party cryptographic software that could drastically degrade M-series performance when executing cryptographic operations, particularly on the earlier M1 and M2 generations. The vulnerability can be exploited when the targeted cryptographic operation and the malicious application with normal user system privileges run on the same CPU cluster. The threat resides in the chips' data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it's actually needed, the DMP, as the feature is abbreviated, reduces latency between the main memory and the CPU, a common bottleneck in modern computing. DMPs are a relatively new phenomenon found only in M-series chips and Intel's 13th-generation Raptor Lake microarchitecture, although older forms of prefetchers have been common for years. Security experts have long known that classical prefetchers open a side channel that malicious processes can probe to obtain secret key material from cryptographic operations. This vulnerability is the result of the prefetchers making predictions based on previous access patterns, which can create changes in state that attackers can exploit to leak information. In response, cryptographic engineers have devised constant-time programming, an approach that ensures that all operations take the same amount of time to complete, regardless of their operands. It does this by keeping code free of secret-dependent memory accesses or structures.

Read more of this story at Slashdot.

« Une importante menace pour les Mac » : ce voleur de mot de passe est à prendre très au sérieux

17 mars 2024 à 06:03

Un nouvelle version d'un logiciel malveillant dédié au vol de mot passe a fait son apparition. Les pirates ont amélioré leur outil pour cibler les ordinateurs Mac.

Walmart Begins Selling the Mac For the First Time

Par : msmash
15 mars 2024 à 21:30
Walmart is teaming up with Apple to sell the Mac for the first time. From a report: In a press release today, the company said that it is now selling the base model M1 MacBook Air online and in select stores for $699. The move comes a week after Apple introduced the new M3 MacBook Air and stopped selling the M1 MacBook Air itself. While Walmart has historically sold Apple devices like the iPhone, iPad, and Apple Watch, it has never sold Macs directly. Instead, it's relied on third-party partners to sell the Mac through its online marketplace.

Read more of this story at Slashdot.

Apple dévoile un nouveau MacBook Air, avec une puce M3, du Wi-Fi 6E et deux écrans

4 mars 2024 à 13:39

Quelques mois après l'iMac et les MacBook Pro, au tour du MacBook Air de passer à la nouvelle génération de puces Apple Silicon. Le nouveau MacBook Air M3 sera disponible le 8 mars à partir de 1 299 euros. Le modèle M2 reste au catalogue, à 1 199 euros.

Comment prendre une capture d’écran sur un Mac ?

26 février 2024 à 11:21

macOS intègre un outil dédié aux captures d'écran, accessible depuis plusieurs raccourcis clavier. Comment fonctionne « l'impression d'écran » sur Mac ? La réponse dans cet article.

Apple Officially Splits iTunes For Windows Into Apple Music, TV, and Devices Apps

Par : BeauHD
9 février 2024 à 00:02
An anonymous reader quotes a report from MacRumors: The Apple Music, Apple TV, and Apple Devices apps that Apple has been testing for Windows machines have officially launched, ending a long preview period and bringing an end to the iTunes app on some computers. The Apple Music, Apple TV, and Apple Devices app are part of Apple's effort to split iTunes on PC into multiple platforms to mirror how these apps work on Macs. On Windows 10 and later, PC customers can download the three separate apps to manage devices and access Apple Music and Apple TV content. Microsoft first announced plans for Apple Music and Apple TV apps for the Microsoft Store back in October 2022, so the split from iTunes has been in the works for more than a year. The Apple Music app gives Windows users a way to listen to and manage music from their iTunes library, including iTunes Store purchases, while the Apple TV app allows users to watch and manage movies and TV shows from iTunes. Both of the apps also give access to Apple's streaming services, Apple Music and Apple TV+. The Apple Devices app is designed to allow PC owners to update, back up, and restore and manage their iPhones and iPads, and sync content from their PCs. Using the standalone apps requires Windows 10 or later, and all three apps must be installed to transition away from iTunes. After the apps have been added to a PC, iTunes is used only to access podcasts and audiobooks. The iTunes library should not be deleted, because it is used by the Apple Music and Apple TV apps.

Read more of this story at Slashdot.

L’héritage d’Apple : comment le Macintosh a modelé l’expérience sur ordinateur

27 janvier 2024 à 15:22

Macintosh ordinateur

Le 1er Macintosh a été présenté le 24 janvier 1984. Quarante ans plus tard, cette gamme d'ordinateur s'est largement imposée. Retour sur les raisons d'un triomphe.

❌
❌