Category: Apple

Apple Urgently Patches Actively Exploited Vulnerabilities

Posted on by galaxy-admin

The timing of this Apple’s urgent security update is sure to raise some questions as it’s happening in the same time frame as the Pegasus hacks. According to the reports, the spyware tool turned mobile phones of journalists, activists, and others into portable surveillance devices, granting complete access to sensitive information stored in them. 

The most recent 0-day bug patch that was released this Monday was in the line of 13 releases that Apple has made since the start of this year. Apple has fixed these vulnerabilities for all of their offerings including iOS, iPadOS, and macOS for which Apple claims that the flaw was actively being exploited, until after Apple released the patch. 

The update fixes a memory corruption issue (CVE-2021-30807) in the IOMobileframeBuffer component, which is a kernel extension for managing the screen framebuffer. In essence, the flaw could be abused to execute arbitrary code with kernel privileges. 

Apple claims that in addition to addressing the issue, they have also improved memory handling. Further details about the exploit have not been disclosed to prevent ill-usage of the information for more severe attacks. An anonymous researcher has been credited by Apple for discovering and reporting the vulnerability. 

Here are the other 0-day vulnerabilities that Apple has patched in this year alone including CVE-2021-30807 update —

  • CVE-2021-1782 (Kernel) – A malicious application may be able to elevate privileges
  • CVE-2021-1870 (WebKit) – A remote attacker may be able to cause arbitrary code execution
  • CVE-2021-1871 (WebKit) – A remote attacker may be able to cause arbitrary code execution
  • CVE-2021-1879 (WebKit) – Processing maliciously crafted web content may lead to universal cross-site scripting
  • CVE-2021-30657 (System Preferences) – A malicious application may bypass Gatekeeper checks
  • CVE-2021-30661 (WebKit Storage) – Processing maliciously crafted web content may lead to arbitrary code execution
  • CVE-2021-30663 (WebKit) – Processing maliciously crafted web content may lead to arbitrary code execution
  • CVE-2021-30665 (WebKit) – Processing maliciously crafted web content may lead to arbitrary code execution
  • CVE-2021-30666 (WebKit) – Processing maliciously crafted web content may lead to arbitrary code execution
  • CVE-2021-30713 (TCC framework) – A malicious application may be able to bypass Privacy preferences
  • CVE-2021-30761 (WebKit) – Processing maliciously crafted web content may lead to arbitrary code execution
  • CVE-2021-30762 (WebKit) – Processing maliciously crafted web content may lead to arbitrary code execution

Like any security vulnerability this one is not to be taken lightly considering the threats Apple devices have been exposed to lately. We highly recommend that you move quickly to update your devices to the latest version to avoid exposing your device to attacks associated with the flaw.

About Galaxy

We specialize in delivering end-to-end software design & development services. Our mobile team and UI/UX designers are creative problem-solvers with a decade of experience in all facets of digital and interactive design. We create compelling and human-focused experiences delivered through clean, and minimalist UI. Click here for a free consultation!

Apple WWDC 7 June 2021 Keynote Highlights

Posted on by galaxy-admin

Apple knows how to make an entrance and the opening keynote of the WWDC 2021 that took place on 7th June was no different. It had everything for Apple’s line of devices from watchOS to macOS.

Although there were no new product announcements in this opening keynote, there are a few products that are awaiting upgrade like Macs with Apple M1X or M2 processors, which we can expect later this year. 

Highlights From Apple’s June WWDC 

The clear focus of this keynote was shared experiences and privacy. Here are some of the software updates planned for the autumn event that Craig along with the team showcased. 

iOS 15

The phones are getting bigger and more powerful so the software should follow suit. The next-gen iOS 15 brings powerful sharing and interoperability-rich features. As usual, it will also feature some tweaks to the interface and crucial security fixes.

Here are some of the iOS 15 features that were previewed ahead of the Autumn event: 

  • FaceTime Links
  • Interactive Memories within Photos
  • Keys & ID cards in Wallet
  • New night mode for Apple Maps
  • Notifications Summary
  • Live text
  • Focus
  • Enhanced offline Siri support

While a pre-release beta was made available for developers as the keynote came to a close, public beta is promised in July.  

iPadOS 15

iPad offers a different utility than that of iPhones and considering its significant user base it made sense that it had its OS and so it got it not long back in 2019. Both the platforms have similarities but the announcements made were hinting towards a more refined aesthetic and UX for iPadOS. 

Here are some of the iPadOS 15 features that were previewed ahead of the Autumn event: 

  • Larger Widget size for a bigger screen
  • App Library
  • Multitasking control menu
  • System-wide Quick notes
  • Swift Playgrounds is a fun way to learn to code on an iPad

iPadOS 15 is also intended to solve the stability issues of iPadOS 14.

macOS Monterey

The macOS 12 is now called Monterey. Craig showcased a host of new features along with the futuristic Universal Control and its crazy ability to utilize a single trackpad or mouse to move across mac and other Apple devices for interoperability. 

Here are some of the ‘Monterey’ features that were previewed ahead of the Autumn event: 

  • Shortcuts on macOS
  • AirPlay to mac
  • Spatial Audio
  • Redesigned Safari
  • Universal Control

watchOS 8

This update for watchOS 8 is about health and primarily mindfulness. It features a new Mindfulness app that integrates the existing Breathe app with a refreshed UI alongside a new Reflect experience which suggests mindful concepts to practice. 

Here are some of the watchOS 8 features that were previewed ahead of the Autumn event: 

  • Dynamic portrait photo face
  • Mindfulness app
  • Memories on Photos
  • Directly share photos with messages

tvOS 15

Although there were no updates that were geared towards tvOS, there are a few to accompany other devices like new multi-window security camera views for HomeKit-enabled cameras, Spatial Audio for compatible AirPods, and Watch Together support for iOS 15’s Share Play.

Other Updates

AirPods – AirPods were showcased with a new feature called Conversation boost that helps reduce ambient noise and provides boosted vocals for the hearing impaired. Also, AirPods are now a part of Find My network. 

iCloud+ –  This is more of an iCloud rebrand than an update but there are some new benefits like Encrypted online browsing and Hide my Email with unlimited temporary emails.

Conclusion

With this update Apple stands to change sharing, communication, and privacy for the Apple ecosystem, making it even more fluid, consistent, and tight-knit. All that was showcased in the keynotes was exciting but Universal Control stood out for us. We can’t wait to see it in action and catch that Minority Report feels. 

P.S.

We are pretty well-skilled with Apple iOS development. Get in touch with us here if you need a partner to help build, migrate, or scale your Apple projects.

AirTag | New addition to Apple’s Ecosystem

Posted on by galaxy-admin

2021 also turned out to be a year of virtual events and product releases. Apple has been dominating the scene lately after the virtual launch of the iPhone 12. The ‘Spring Loaded’ event on April 20th had some exciting and colorful announcements for Apple aficionados. 

AirTag was announced in Apple’s tight-knit ecosystem to keep track of things utilizing Apple’s large network of devices. AirTag will enable users to locate lost or stolen items through the Find My app on their iPhone, iPod touch, or iPad.

In contrast to their rival Tiles; AirTag is circular. Tiles and AirTag offer similar features. However, AirTag is backed up by a colossal existing network of millions of Apple devices. It also comes equipped with ultra-wideband tech, the same as iPhone 12 and other recent devices. 

Read on to find out all there’s to know about these exciting little circular trackers.

Apple AirTag Pricing

  • $29/£29 for one AirTag
  • $99/£99 for four AirTags

The Apple AirTag will cost $29 in the US or $99 for four in the US. It’s Apple so there are add-ons to buy along with AirTag like Hermes key ring, bag charm, and luggage tag. 

AirTag Specifications

  • 31.9 mm (1.26 in) Thickness : 8 mm (0.31 in)
  • 11 g (0.39 oz)
  • IP67 protection
  • User-removable CR2032 battery(Claimed to last about a year)
  • Personalization available

With personalization, you can customize your AirTag with an emoji or a name. 

AirTag Features

  • Find My app tracking
  • Precision Finding
  • Ask Siri to find
  • Seamless setup
  • Built-in speaker
  • IP67 Water and Dust resistance(up to 1-meter for 30 minutes)

You can easily attach AirTag to your everyday items to keep track of it. Its integration with iOS allows you to find things via the ‘Find My’ app instantly and with ease. 

How does it work?

The “U” in U1 stands for “ultra-wideband” (UWB). It’s a low-energy, short-range radio technology used for wireless data transmission. It’s more precise than Bluetooth. The distance measured between two UWB devices is more reliable as it is measured by calculating the time it takes for radio waves to pass to and fro between said devices, hence providing pinpoint precision to find things attached to the device. 

For the older devices that don’t have a U1 chip, AirTag also supports Bluetooth.

Finding with ‘Find My’

The easiest and the most Apple way to find your device would be by asking Siri when you misplace it. You can also use the ‘Find My’ app to ping the tag and quickly find something like keys via sound inside your home. 

What about when things get lost outside your home?

You can use your phone to see AirTag’s last seen location in the ‘Find My’ app. This is for more favorable scenarios like forgetting something at your friend’s place or office. AirTag is a game-changer when you misplace something or when something gets stolen. In that case, you can put the AirTag in the Lost mode and the device will utilize the wider network of other Apple devices to find your device.

This is a passive process that happens in the background; securely and privately. And when the device is found the owner gets an alert regarding the whereabouts. Everything is encrypted and happens passively, so people won’t be able to detect and steal others’ AirTags, not even Apple can’t see what’s happening.

What if someone finds my AirTag?

When someone finds your lost item with an AirTag, they can tap it via NFC and the Tag will show the owner’s contact info. They don’t necessarily have to possess an Apple device to interact with it and report it. It can be any NFC device.

What If someone involuntarily slips an AirTag to track me?

Apple has also thought of the downsides of this as well. It was one of our concerns too, what if someone misuses AirTag to track someone without their consent? Fortunately, Apple has designed AirTag with that possibility in mind. Your app will alert you in case an unknown AirTag is detected with you. You can disable them for your safety. 

We are always excited to see what Apple is going to do next. AirTag is a convenient piece of technology but the extent of its application is yet to be explored. We are also looking forward to developing iOS applications that utilize this advanced tech. Introductions such as AirTags present refreshing and creative opportunities for us to explore.   

Feel free to get in touch with us for any iOS development-related queries. We will be happy to partner with you.

Apple users say hi to App Clips (Instant Apps)

Posted on by galaxy-admin

In its first ever and one of its kind WWDC, Apple unveiled features that will define the newer generation of its system. iOS 14 update has a lot going for the home screen, navigation, Siri, accessibility, and privacy. One of the highlights of the announcement was App Clips.

In this article, we will explore this remarkable new feature of this iOS update. App Clips, which is similar to instant apps on Android lets you use an app without having to download it for one-off tasks, like booking a cab.

How is it done?

You can initiate the App Clip card to pop-up via QR codes, App Clip links, or an NFC tag. This card has an app description and the action you wish to complete; such as, hailing a cab! The card expands on clicking, giving you all the necessary information.

The main advantage of this feature is that the app works seamlessly with other apps (iMessage, Apple Maps, or Safari) as a pop-up without taking over the entire screen. This is especially handy when, say you are on the road, navigating via Maps. The App Clips will not force you to stop the navigation for looking at a food joint’s menu. Instead, it will let you browse and place orders via the App Clip.

The App clips are also compatible with Apple Pay and Sign in with Apple. Therefore, no need to reveal your sensitive information to apps that you don’t trust, as you can pay via Apple Pay.

Another advantage of App Clips is that iOS wouldn’t run them in the background. Thereby, it restricts the background access to your phone’s information that the app could collect if it was to run in the background.

App Clips will save your time as it will lead you to your task directly and will not clutter your home screen. Additionally, your data will be erased in case you do not use App Clip frequently.

Although App Clips is similar to Android’s Instant Apps, it is a new and important feature for iOS users. The beta version is now available for public testing.

There are many more engaging features that have been introduced in the iOS 14 update. Have a look!

Infographic image of Apple iOS 14 Updates

Happy Exploring!