Category: Apple Insider

Apple Card

Apple Card launched in 2019 and quickly became one of the most successful launches for a credit card to date. And since then, it has retained its lofty status among owners, even as Goldman Sachs itself has tried to distance itself from Apple’s co-branded card.

But Apple has more good news, announcing on Thursday that it has once again earned J.D. Power’s number one spot for the “best co-branded credit card for customer satisfaction with no annual fee,” as part of the annual U.S. Credit Card Satisfaction Study.

“Since the start, we’ve been committed to delivering tools and services that help users live healthier financial lives, and it’s been rewarding to see customers using and finding value in the benefits of Apple Card,” Apple’s vice president of Apple Pay and Apple Wallet, Jennifer Bailey said.

“We are honored that Apple Card has been recognized as a leader in customer satisfaction. In partnership with Goldman Sachs, we are continuously working to expand the value users receive from Apple Card, most recently with the launch of Savings, and we look forward to continuing to develop tools and services that put our users and their financial health first.”

And despite the strained relationship between Apple and Goldman Sachs, Liz Martin, Goldman Sachs’s head of Enterprise Partnerships, said, “With Apple Card, we have had a shared focus on delivering a great experience and providing value to our customers since the beginning.”

The hyper-specific category has some real contenders. J.D. Power notes the Hilton Honors American Express Card ranked second behind Apple/Goldman Sachs, with Amazon Prime Rewards Visa Signature Card with Chase and PayPal’s Cashback Mastercard with Synchrony Bank tied for third.

Apple Card customers were gifted another perk in 2023, with Apple and Goldman Sachs launching a dedicated savings account. That appears to be a success as well, with customers depositing upwards of $10 billion in just three months.

This cheap device can spoof an Apple TV

Walking around a conference dedicated to hacking devices and software typically means seeing all sorts of real world attacks, albeit in a specialized setting. And as some attendees discovered this year, it can also mean personal data is potentially up for grabs at any given moment.

Take, for example, a research project put together by Jae Bochs shows just how easy it is to take advantage of Apple’s own utilization of Bluetooth Low Energy, or BLE, to try and nab a user’s information. Bochs’s project had a couple of purposes, the first being to remind folks that simply using Control Center to disable Bluetooth doesn’t actually get the job done.

The second was to simply have a laugh as Bochs walked around the conference, stood in lines, and visited vendors. They did try to remember to turn their device off if they stopped to have a chat with someone, though, according to TechCrunch.

The device is a combination of several elements, like a Raspberry Pi Zero 2 W, a Linux-compatible Bluetooth adapter, a couple of antennas, and an external battery. All told, Bochs says it costs around $70, which means a relatively inexpensive device can quickly cause some specific havoc on Apple devices within 50 feet.

It comes down to communication between devices, which at this point Apple relies heavily on for its ecosystem. By tapping BLE, devices like iPhones can talk to one another when they get within a set range, which can then prompt “proximity actions.”

The device causes these actions, so as Bochs walked around the conference he was able to send a prompt to nearby iPhones asking them to auto-fill their password into a nearby Apple TV. Despite the fact there wasn’t an Apple TV near them.

Luckily, Bochs’s device wasn’t built to attain any personal information, even if someone did tap on the prompt and insert their password for some reason. However, he does say there is a possibility where that could happen.

“If a user were to interact with the prompts, and if the other end was set up to respond convincingly, I think you could get the victim’ to transfer a password. There’s an issue known for a few years where you can retrieve phone number, Apple ID email, and current Wi-Fi network from the packets.”

Apple is aware of the issue, and has been since 2019. However, Bochs does not expect the company to do anything about it because so little information can be shared through this process, and it’s an integral feature to the Apple ecosystem as a whole.

Bochs does suggest Apple could offer a better prompt for users, letting them know what’s happening when they tap the Bluetooth icon in Control Center.

This is all about situational awareness. Bluetooth isn’t known for being particularly great for security purposes, but in this particular situation it comes down to knowing your environment.

As Bochs notes, this particular moment is for the laughs, because it’s an Apple TV prompting for a password at a hacker convention. It’s obviously not any one person’s personal Apple TV, so if you see this or similar while out, obviously don’t input your password.

However, out in the real world a similar prompt could pop up, which means the individual needs to be aware what personal devices are being carried, like an AirTag or pair of AirPods Pro. If a random device starts prompting you for a password, the safe bet is to ignore it entirely, especially if you don’t recognize it.

As a reminder, the only way to fully disable Bluetooth or Wi-Fi is to do so in the Settings app.

Developers involved in the beta can grab the latest builds via the Apple Developer Center, and by updating any set-top boxes already running the beta. Public beta versions of milestone releases usually arrive shortly after the developer counterparts, and the public can try them out via the Apple Beta Software Program when they become available.

The sixth beta replaces the fifth, released on August 8. The fourth was seeded on July 25, and the third was provided on July 5.

The new build is number 21J5339b, taking over from 21J5330e.

The main new feature of tvOS 17 is FaceTime, with the use of Continuity Camera on a nearby iPhone“>iPhone bringing the communications app to the Apple TV. The iPhone provides the camera and microphone, while the television offers the display and speakers.

Continuity Camera does more work in tvOS, with it powering the new karaoke experience in Apple Music by displaying a live video feed as a background for the lyrics.

Control Center occupies less space than before, and it’s more information-dense as well. There’s new options for game controllers, accessibility settings, and other controls within the menu system.

Two new Aerial screensavers showing the Monument Valley and California’s coastal redwoods have been added.

Other changes in tvOS 17 include Fitness Plus customizable workout plans, VPN options, and the ability to locate a missing Apple TV remote using an iPhone.

AppleInsider and Apple strongly advise users don’t install beta operating systems, or beta software in general, on to “mission-critical” or primary devices, as there is the chance of issues that could result in the loss of data. Testers should instead use secondary or non-essential hardware and ensure they have sufficient backups of their critical data at all times.

[Netflix]

An app that acted as a game controller for Netflix games was discovered on August 8, sparking rumors of an introduction of its games platform to televisions. In a Monday announcement, Netflix confirmed the rumors were true.

After making mobile games a part of the Netflix experience, the streamer advised it was rolling out a “limited beta test” to a small number of members in Canada and the United Kingdom, on a select number of smart TVs and via PC and Mac through the Netflix website.

Two games will be provided for the trials, with Night School Studio’s “Oxenfree” and “Molehew’s Mining Adventure” available to play by the selected members. Players will also be able to use the controller app when using a smart TV, though they could also use a keyboard and mouse when using the desktop.

Netflix is using the test to shake down its game-streaming technology and controller app before a wider launch. Eventually, it will be available on Amazon Fire TV, Chromecast with Google TV, Nvidia Shield TV, Roku devices and TVs, LG and Samsung smart TVs, and Walmart ONN, with other additional devices to be added “on an ongoing basis.”

One big name missing from the list is the Apple TV, and the omission may be due to Netflix’s existing troubles running its gaming service on mobile. Due to App Store rules that prevent apps from becoming third-party app storefronts that also affect game-streaming services, Netflix’s mobile games are offered separately to the main Netflix app, rather than as part of it.

It is likely that the same problem could occur for the Apple TV app, with Netflix made to release separate apps for the games rather than using its main Netflix video-streaming app as the hub.

Oleap Pilot

If you make a lot of calls for work or personal matters, then a headset is good to have. They help you hear the people you’re talking to and isolate your voice from background noise while speaking.

However, headsets are not only for calls but also for music and media consumption. With the integrated media controls, you can listen to your favorite music in between calls.

Although the Oleap Pilot excels in audio output within a lightweight build, the price for the headset is heavy.

When it comes to design, the Oleap Pilot differs from most traditional headsets. While those drape over your head, the Pilot goes behind it.

Weighing only 33 grams, the Pilot becomes unnoticeable when worn. It rests comfortably around your ears and stays in place when moving your head.

The Pilot is 7.8 x 5.79 x 2.72 inches and can fit a variety of head sizes. The back has a lot of space, so compatibility is not an issue.

Oleap Pilot mute button

On the right side of the headset is a dedicated red mute button. This allows you to mute or unmute yourself with a single press. Holding it down also invokes Siri.

On the left side is a microphone that can be adjusted to any position within a 180-degree arc.

Further back are media controls to change the volume and current track, play or pause music, and answer or end calls.

Oleap Pilot media controls

A small light behind the controls will also confirm if the headset is on with a blue light, or charging with a red light. The light will blink occasionally but won’t stay on continuously.

A USB-C port can be found under the Pilot for charging.

The Oleap Pilot allows you to connect up to two devices to it via Bluetooth. It will also announce which device it is connected to when turning it on.

To combat any environmental noise around you, the Pilot has ENC (Environmental Noise Cancellation) built in. This eliminates noise up to 50 dB due to a special three-microphone ENC.

Built-in pop-fillers also reduce the noise of surrounding winds when on a call.

Oleap Pilot curved open-ear design

Two 16mm dynamic drivers and an incorporated BassLeap algorithm deliver deep sound and bass. It reinforces bass tones and produces greater sound of up to 105 dB.

Three tuning holes and one sounding hole from the dipole structure minimize noise leakage when the volume is increased. This ensures that your conversation stays private when around other people.

The Pilot can withhold 15 meters of space between it and your device without them disconnecting. This allows you to move around the room and still stay connected to your call.

The Oleap Pilot has an extensive battery life that offers multiple hours of talk and playback time.

The headset can produce up to ten hours of talk time and 16 hours of playback time on a single charge. You can also get five hours of talk time with just ten minutes of charging.

Turning on the Pilot will tell you its current battery status, which ranges between low, medium, and high.

The Oleap Pilot provides significant sound quality for calls and listening to music — especially for a headset that is not in-ear.

What impressed us the most was how well bass tones were outputted. They were rich and full, didn’t get muffled down, and we could feel the thump in our ears when it occurred during a song.

When using FaceTime or switching between songs, lag was nowhere to be found. However, it did appear when changing the volume from either device.

Oleap Pilot microphone

Due to the adjustable design of the microphone, it can pick up your voice without it being shoved in your face.

When testing this out on multiple FaceTime calls, the recipients were able to hear us clearly with no complaints of distortion or cutting out.

While a charging cable is included with the Oleap Pilot, you can also purchase an optional charging stand with it.

Oleap Pilot charging stand

The charging stand is circular with two indents to place the Pilot on. One side houses the charging port while the other magnetically attaches to the Pilot.

Underneath is an anti-slip material that prevents the charging stand from moving. This eliminates any fear of the stand and headset falling if accidentally bumped.

A protruding USB-C plug is located on the right side that connects to the Pilot. To get it to charge, you have to slightly push down on the Pilot to secure the connection.

USB-C on charging stand

Like the Pilot, the charging stand receives power through a USB-C connection.

There is no status light on the stand to tell you if it is receiving power or the battery status for the Pilot.

The Oleap Pilot benefits both business and personal tasks in a lightweight design. It provides a deep audio experience and hones in on your voice while in noisy environments.

Both earpieces wrap nicely around your ears and stay stationed when moving your head. With the open-ear design, your ears will not get sore from wearing these for an extended period.

Oleap Pilot

Even though the speakers are not in-ear, they still produce fulfilling audio output with impressive bass. Its incorporated technology minimizes distant environmental noises but still allows you to hear the space close to you.

While the Pilot performs well, its major downside is the price; which may be too expensive for most people. Almost $160 is too much for a headset, especially since the charging stand will cost you an additional $50 on top of that.

This headset is great for people — especially those who work from home — who attend many calls and virtual meetings. It ensures great sound quality on either end of the call, and long-lasting comfort.

If you are in the market for a comfortable headset that blocks out surrounding noise, then the Oleap Pilot is a great option to choose. However, if you just need regular headphones, we recommend looking at other options at a lower price point.

You can purchase the Oleap Pilot on Amazon for $158.99. It comes in black.

You can also purchase the Oleap Pilot, with the charging stand, from Amazon for $208.98.

Intel logo

The new threats are called “Downfall” and “Inception,” and both rely on speculative execution in a similar way as the Meltdown and Spectre bugs, respectively. They are both described as being of “medium” severity, with Downfall impacting Intel chips and Inception targeting AMD processors.

Intel and AMD have both issued OS-level microcode software updates as of now, with both companies aiming to address both vulnerabilities. As reported by Ars Technica, the two companies have also confirmed that they have not identified any exploits that exist for either vulnerability.

However, it’s important that manufacturers issue their own updates to address the issues once Intel and AMD make them available. Both Downfall and Inception are risks to consumer products, server CPUs, and workstations, any of which are equipped with years-old Intel or AMD processors.

By all accounts, Downfall is the bigger of the two vulnerabilities. It’s known as “CVE-2022-40982,” and it’s outlined by Google security researcher Daniel Moghimi. He describes it as such:

“The vulnerability is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not normally be accessible. I discovered that the Gather instruction, meant to speed up accessing scattered data in memory, leaks the content of the internal vector register file during speculative execution. To exploit this vulnerability, I introduced Gather Data Sampling (GDS) and Gather Value Injection (GVI) techniques. You can read the paper I wrote about this for more detail.”

Moghimi says Downfall is a “successor” to the Meltdown vulnerability, as they both rely on speculative execution to harm affected systems.

Intel says all processors based on Skylake, Kaby Lake, Whiskey Lake, Ice Lake, Comet Lake, Coffee Lake, Rocket Lake, and Tiger Lake are all impacted by Downfall, along with other processor generations as well. That means most chips produced from 2015 and newer are affected.

Intel haunted by Spectre

However, Intel’s newest 12th- and 13th-generation chips based on Alder Lake and Raptor Lake are not affected. Meanwhile, Celeron, Pentium, and Apollo low-end CPUs are not affected, either.

Inception is also known as “CVE-2023-20569,” and it’s a descendent of the Spectre bug, and it’s described as “Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.”

Security researchers at ETH Zrich’s COSMEC group point out that this vulnerability can leak arbitrary data on a range of AMD processors, including Ryzen, EPYC, and Threadripper. The group has also published a proof-of-concept video showing off the vulnerability.

The good news is these vulnerabilities have been addressed by Intel and AMD, and neither appears to be as dangerous as the vulnerabilities they are descended from, Meltdown and Specter.

Still, if nothing else, these widespread vulnerabilities are a gentle reminder that Apple has moved away from Intel in its choice of processors. The company is now all-in with Apple Silicon, meaning it doesn’t need to worry about Intel or AMD vulnerabilities like these.

Apple silicon

It’s worth noting that there are still some vulnerabilities that can pop up, even for Apple silicon. The “PacMan” flaw was an echo of Spectre and Meltdown in 2022, for instance, albeit one that did not seriously harm any computers out in the real world.

TSMC plant

TSMC is one of the largest semiconductor manufacturers on the planet, and works with a variety of different companies for their chip needs. Of course, one of the largest partners is Apple, but TSMC has ambitions beyond the Cupertino-based company’s yearly requirements.

A new chip factory in Germany will cost upwards of $11 billion, with TSMC itself committing 3.5 billion euros, or $3.8 billion towards the effort, according to Reuters. Once the factory is up and running, it will be TSMC’s first in Europe, and just the third for the company outside of Taiwan and China.

Germany sees a path to foster a more domestic approach to semiconductor manufacturing, especially for its automotive future in a bid to stay competitive in that market. This new plant is part of a wider movement by the European Union, which recently approved the European Chips Act that offers a 43 billion euro subsidy plan to propel domestic chip making.

Germany itself will be contributing 5 billion euros to the factory that will ultimately be built in Dresden.

TSMC continues to make deals that sees the chipmaker expand beyond its home territory, a move that Apple is trying to do in its own right. The company has been trying to move beyond its China dependency for years now, with some efforts in the United States.

In that process Apple has turned to India. It has been a slow process so far, and will remain that way for quite some time, but expectations are high that Apple may see India exporting one in every five iPhones by 2025.

Apple’s manufacturing partnership with TSMC has been longstanding one, so much so that it was recently reported Apple has a “sweetheart deal” that saves the company millions of dollars because it only charges Apple for “known good dies.” However, a subsequent report based on details provided by Ming-Chi Kuo says that’s not true at all.