November 30, 2017

The University of Chicago Press:

The first volume of the History of Cartography was published in 1987 and the three books that constitute Volume Two appeared over the following eleven years. In 1987 the worldwide web did not exist, and since 1998 book publishing has gone through a revolution in the production and dissemination of work. Although the large format and high quality image reproduction of the printed books (see right column) are still well-suited to the requirements for the publishing of maps, the online availability of material is a boon to scholars and map enthusiasts.

On this site the University of Chicago Press is pleased to present the first three volumes of the History of Cartography in PDF format. Navigate to the PDFs from the left column. Each chapter of each book is a single PDF.

Even though I’m directionally challenged, I love maps, especially ancient ones. While this is not a light read, check it out for the map illustrations alone.

Cheng Ting Feng, Nikkei:

Apple is designing its own main power management chips for use in iPhones as early as in 2018, cutting dependence on Dialog Semiconductor, according to industry sources, as shares in the U.K. developer plunged as much as 19% in afternoon trade in Frankfurt.

Seems a natural move, if true. Part of the process of reducing dependency, where possible.

This is a Popular Science article from a few months ago, but I came across it last night, found it fascinating.

Rob Verger, Popular Science:

The device has functioned as a swim tracker since it became water-resistant in 2016, but with its latest operating system, it presents a more granular metric: set detection. It knows when you rest at the pool’s edge and then uses that information to divide the workout into sets of laps, showing you how far and long you swam in each, what stroke, and your rest time.

And:

Apple built its own algorithms to discern the stroke of swimmers of all skill levels, as well the calories they’re burning. The process involved gathering data from more than 700 swimmers and over 1,500 swim sessions. And Apple gathered even more data from people swimming in place (in an “endless” pool) while wearing a mask that descended from the ceiling.

And:

The watch uses the gyroscope and accelerometer to track the motion of your strokes, but in open water, it can leverage another sensor: the GPS chip. If you’re swimming in the ocean or a lake, your watch uses that to determine how fast and how far you go. But GPS signals don’t travel through H2O. Luckily, people are likely to do freestyle in open water and for that stroke, your arms regularly break the surface. Apple sets the GPS chip in acquisition mode for the whole swim. It looks for the satellite signal each time your hand rises from the water. “We’re trying to catch it every single time,” says Ron Huang, Apple’s director of engineering for location and motion services.

I absolutely love the effort that Apple puts in to get things like this to work. This is Apple at its best. Read the article. As I said, it’s fascinating.

Billboard:

It’s been three and a half years since Jimmy Iovine left his role as CEO of Interscope Geffen A&M to run Apple Music, but that doesn’t keep him from thinking about the problems facing labels today — or the rest of the industry for that matter.

Over a dinner recently at NeueHouse Hollywood in Los Angeles with Iovine and Allen Hughes, who directed the four-part documentary series, The Defiant Ones — which focuses on storied careers of Iovine and Dr Dre., his partner in developing Beats Electronics — a handful of journalists lobbed questions at and shared their thoughts with the iconic exec.

This was a fascinating read. Not too long, and completely Jimmy.

Just a little taste:

It’s not the price point that’s the problem for streaming services. It’s the free alternatives that are undermining the system in a way film and television streaming platforms are not forced to manage. He pointed to Netflix as a prime example, spending $6 billion on original content in 2017, while charging customers $9.99 or $11.99 for unlimited access to its unique offerings — including TV and film they exclusively license. Meanwhile in contrast, by and large, all music digital streaming platforms offer the same material.

And:

Put yourself in Kansas without a job and YouTube is free, Pandora is free, Spotify is free…. If there’s a restaurant down the street with the exact same food as this restaurant that’s on a mountain with a view, only this one’s for free, a lot of people are gonna eat there. They’ll use paper towels, they don’t give a shit about napkins.

A great read, well worth your time.

AppleInsider:

With the introduction of the iPhone X and Face ID, some are concerned that Apple’s new biometric system is not as secure or easy to use as the legacy fingerprint-based Touch ID. AppleInsider digs deeper to explain why you shouldn’t fear facing the future.

I went into the iPhone X launch with some preconceived notions about Touch ID having some convenience advantages over Face ID.

As this article points out, the convenience advantage lies with Face ID, and Face ID is only going to get better over time. It is the future. Good read.

UPDATE: Looks like Apple’s re-issue of Security Update 2017-001 most likely addressed the file sharing issue, so there’s nothing you need to do on your end. [H/T, Bryan Lee]

If file sharing stops working, go to this Apple Support knowledge base article.

Short story even shorter, you’ll go to Terminal and enter this line:

sudo /usr/libexec/configureLocalKDC

Follow with your admin password, when prompted, and you should be good to go. This is all a bit of a mess, but kudos to Apple for their rapid response here.

High Sierra root login bug was known weeks ago, if not longer. What should have happened?

John Gruber, in this Daring Fireball post:

It’s natural to speculate how a bug as egregious as the now-fixed High Sierra root login bug could escape notice for so long. It seems to have been there ever since High Sierra 10.3.0 shipped on September 25, and may have existed in the betas through the summer.

And:

More insidious though, is the notion that it might not have escaped notice prior to its widespread publicization yesterday — but that the people who had heretofore discovered it kept it to themselves.

Here’s a link to a thread in Apple’s Developer Forums. Scroll down to the post dated November 13th. From that post:

If you’re unable to login at startup using username: root and empty password, then login with your existing account (standard user).

Again, head over to System Preferences>Users & Groups. Click on the Lock Icon. When prompted for username and password, type username: root and leave the password empty. Press enter. This might throw an error, but try again immediately with the same username: root and empty password. This should unlock the Lock Icon.

There it is, in all its glory. This was a known issue a full two weeks ago. And well enough known that someone pulled it out as a recommendation for someone else. In other words, this was not discovered two weeks ago, it was already old hat. It’s possible this was discovered back in September, when High Sierra first shipped.

I get how a bug can sit there, undiscovered, for a long time. But (and this is my two cents) once it’s known, find a way to quietly and privately communicate this to Apple. There are many ways to do that. Filing a radar is the obvious first path, but what do you do if that does not get the attention of the right people?

Going to Twitter might seem the exact wrong approach, but I think that’s actually a pretty effective path, provided you do so without revealing any of the details in public. I’ve found that a tweet to @AppleSupport always yields a response. Start by saying you’ve got a significant security bug, but one whose details you don’t want to reveal in a public forum. I’ve no doubt the @AppleSupport mechanism will quickly offer you a path to start a private DM chat.

That’s my take. File a radar, then follow with an @AppleSupport tweet, but keep the details private. Give Apple a chance to fix this before word gets out. This isn’t about Apple’s reputation, this is about minimizing the misuse of a security breach.

UPDATE: Or, as Kirk McElhearn points out, check out the official Contact Apple About Security Issues support page.

November 29, 2017

Smithsonian Magazine:

Of the handful of companies that have come to define technology in the 21st century, including Amazon, Facebook and Google, only Apple depends on selling its own hardware. And Ive’s mark is on everything Apple builds, from the airy, minimalist chic of its 497 retail stores to seminal devices like the iPhone and iPad, and newer pieces like the Apple Watch and the upcoming HomePod speaker.

It’s clear from my recent interview with Ive—he’s sitting on a sofa in a suite at the Carlyle Hotel in Manhattan—that his artistic impulses haven’t changed much since childhood: He has always sought to make things that aren’t just beautiful but are supremely functional as well.

I always love interviews with Ive.

TechCrunch:

The team behind Pixelmator is releasing a brand new app today called Pixelmator Pro. As the name suggests, it is a more powerful, refreshed version of the company’s original image-editing app. You can buy it today for $60 on the Mac App Store or try it for free.

It is a fully native app that takes advantage of most of Apple’s native APIs. While Adobe is still struggling to release Photoshop patches for macOS High Sierra, Pixelmator Pro is already using Apple’s latest APIs.

Pixelmator Pro has all the tools you’d expect from an image processor, such as a smart selection tool, retouching tools, painting tools, all sorts of color adjustment effects and more.

Pixelmator has been teasing us for a long time about this app and it’s finally here. I’m looking forward to testing it out.

Open Culture:

The Rockford Files hit the airwaves in September 1974, and until the show ended in 1980, each episode began in the same way. During the title sequence, you’d hear a phone ring, and then an answering machine would start to play, “This is Jim Rockford. At the tone, leave your name and message. I’ll get back to you.” With each new episode, a caller would leave a different message after the beep.

The short messages told you pretty much everything you needed to know about Jim Rockford. He’s a private detective living paycheck to paycheck. He cuts corners and bends rules when he needs to. He has friends among women, and enemies among men. He’s a quintessential private dick.

How many of you will say, “Cool!” and how many will say, “Who’s Jim Rockford?”

Apple:

Join us for an Hour of Code from Dec. 4–10, and celebrate Computer Science Education Week at Apple. Whether you’re a kid or adult, beginner or developer, you can master the basics, code with Swift, program robots—and turn an hour into a lifelong love of code.

I’ve got a (new!) 12-year-old and I really wish I could get him to one of these sessions. I’ve heard a lot of good things about them.

Update to High Sierra now live, official comment from Apple

An update to High Sierra has now gone live. It addresses the root password issue we first mentioned in this post.

“Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS”, said an Apple spokesperson in a statement to The Loop.

“When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.

We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.”

The download is now available via the Mac App Store.

I find this fascinating, an extended bit of schadenfreude. And an interesting business model.

Here’s the trailer.

A well told, cautionary tale from Serenity Caldwell.

Side note: Is there a proper way to climb through a window?

Rene Ritchie’s explainer walks you through the steps you should definitely take to ensure that your Mac has a root password.

This is an ugly hack, not something I would ever do to what I consider a beautifully designed case. Especially considering that Apple is said to be shipping their own inductive AirPods case in the near future.

That said, I did find this interesting, a chance to see how to quickly and cheaply implement a Qi-compatible wireless charging solution.

The Dalrymple Report: iPhone X cameras with Shawn King

Shawn joins me this week to discuss the iPhone X cameras and how it compares to traditional cameras on the market.

Subscribe to this podcast

Brought to you by:

eero WiFi System: eero’s mesh network is simply the best WiFi system in the industry. It’s simple to set up and covers your entire home. Go to eero.com and enter dalrymple at checkout to get free shipping in the U.S. and Canada.

Nitasha Tiku, Wired:

Facebook may soon ask you to “upload a photo of yourself that clearly shows your face,” to prove you’re not a bot.

The company is using a new kind of captcha to verify whether a user is a real person. According to a screenshot of the identity test shared on Twitter on Tuesday and verified by Facebook, the prompt says: “Please upload a photo of yourself that clearly shows your face. We’ll check it and then permanently delete it from our servers.”

And:

In a statement to WIRED, a Facebook spokesperson said the photo test is intended to “help us catch suspicious activity at various points of interaction on the site, including creating an account, sending Friend requests, setting up ads payments, and creating or editing ads.”

This is somewhat reminiscent of Face ID, though presumably without the machine learning aspect, with zero 3D information (it’s a picture, after all) and, also presumably, with a much slower reaction time.

My two cents: I find it interesting that we have such a splintered approach to security. We’ve got security cams, passwords, fingerprints, iris scanning, and 3D facial mapping, all implemented with varying degrees of success by a wide variety of vendors.

Over time, there will be a tension for standards to emerge, to allow for constant verification. With the obvious dystopian potential that goes along with constant surveillance. This tension is between the requirement to verify that you are you, to validate a transaction, protect you from hackers and the like, and the desire to track you, to mine your habits.

With each new security standard you sign up for, opt into, important to know exactly where that data goes, what it will ultimately be used for.

Side note, here’s the Wikipedia page for CAPTCHA. Interesting acronym.

November 28, 2017

Apple working to fix “root” password issue

Apple said it is working to fix an issue that allows someone to login as a root user when they have access to your machine.

“We are working on a software update to address this issue,” an Apple spokesperson said in a statement provided to The Loop. In the meantime, setting a root password prevents unauthorized access to your Mac. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012. If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘Change the root password’ section.”

The issue was first reported this afternoon and was reproduced by Dave Mark at The Loop.

Security hole in macOS High Sierra lets anyone gain root access to a logged in machine

There’s a security hole in macOS High Sierra and we’ve verified the issue.

First reported in this tweet:

Here’s how to reproduce it:

  • Log in to your Mac, as you normally would
  • Now launch System Preferences
  • Click the Users & Groups pane
  • Click the lock to make changes but do NOT enter your normal credentials
  • Instead, change the user name to root, leave the password field blank, but click in the password field (does not appear to work if you don’t click in the password field) and click Unlock
  • If you don’t get in, change the user name to root, leave password field blank (but click in it), click Unlock again

Eventually, you will get a second Unlock dialog. Repeat this procedure with root and empty password field. This time, when you click Unlock, the admin lock will unlock and you are in.

Note that this does require you to have physical access to a machine and be already logged in to the machine. I have verified this on my machine and it does work.

While this is an issue, this would be way more of an issue if this technique allowed you to log in to a machine (perhaps a stolen one, for example), as opposed to gaining root access to a machine whose user logged in and granted access in the first place. Not nothing, but the sky is not falling.

We’ve reached out to Apple and will update this post the moment we hear back.

UPDATE: This just got a bit worse. This same technique will enable you to login to any Mac whose login options are set to “Display login window as Name and password” instead of “Display login window as List of users”.

While you wait for Apple to respond, suggest you do this:

  • Go to System Preferences / Users & Groups
  • Click the lock, login as your admin user
  • Click Login Options (bottom left)
  • Click List of users instead of Name and password

You can also follow up by entering a root password or, as others have suggested, disabling the root user. My suggestion would be to wait until Apple responds, then follow their suggested advice.

UPDATE 2: Apple said it is working to fix the issue.

Rolling Stone:

Some of the year’s best classic rock came from pop stars like Kesha and Harry Styles; some of the year’s most acclaimed pop statements came via glossier sounds from alterna-rock icons like Queens of the Stone Age, Foo Fighters, St. Vincent and Grizzly Bear. SZA melded emo self-evaluation with the sounds of modern R&B, Chris Stapleton joined classic soul to contemporary country, Jlin added experimental cutting-edge textures to Chicago dance music, Valerie June explored decades of American music and Drake pulled sounds and collaborators from all across the world. Here’s the best of a tumultuous year.

I’m officially old. Not only do I not own any of these albums, I’ve never even heard of three-quarters of the listed bands.

FiveThirtyEight:

When he died from cancer on Dec. 28, 2016, the 31-year-old Pan Pan was the world’s panda paterfamilias: the oldest known living male and the panda (male or female) with the most genetic contribution to the species’ captive population. Today, there are 520 pandas living in research centers and zoos, mostly in China. Chinese officials say more than 130 of them are descendants of Pan Pan.

Pan Pan saved his species by being really, really, ridiculously good at sex.

I bet when you woke up you didn’t think you’d be reading a really interesting story about panda sex today, did you?

Scares me just watching this. Jump to about 2 minutes in for a real closeup of the innards. That’s one brave individual.

Benjamin Mayo, 9to5Mac:

Apple began a support Twitter account early in 2016, answering customer queries and tweeting out the occasional iOS tip. It has now expanded into a dedicated Apple Support YouTube channel.

The account features highly-produced tutorial videos explaining all sorts of iOS features from how to change your wallpaper to deleting your call history.

Here’s a link to the Apple Support YouTube channel. Terrific resource, nice find from Benjamin Mayo.

Joe Rossignol, MacRumors:

At least a few hundred iPhone users and counting have complained about the word “it” autocorrecting to “I.T” on iOS 11 and later.

This is a bizarre new class of bugs. It started with autocorrect capitalizing the first letter of some words, even in The Middle of a sentence.

Then we saw a rash of autocorrects of the letter I to A[?], much to the amusement of Ohio State fans.

And now this. What’s going on here? Is this machine learning going awry? Is this the future of AI? Works most of the time, but every so often a robot goes insane and starts breaking things?

One problem with machine learning is that it creates evolving behavior, which creates a complex tree of possible behaviors, impossible to completely test.

That said, is that what’s going on here? Or is this something more mundane? It’d be good to actually know the cause of these issues. So far, mum’s the word.

Another pair of iPhone X ads from Apple

Yesterday we posted a pair of Face ID iPhone X ads from Apple. Here’s another pair.

The first one focuses on iPhone X’s ability to track your changing looks, know that it’s you, unlock even with a pretty major change.

The second one is all about the fun of Animoji. I think Animoji are going to sell an awful lot of phones for Apple.

Gabe Weatherhead, MacDrifter:

When my 10.5″ iPad Pro arrived I decided to do a little experiment. You see, I honestly believe that the iPad, iPhone, and other micro super-computers are the future of computing and I want to force myself out of old-man complacency. Five months ago I committed to that experiment and avoided using my Mac unless there was absolutely no way to do something on my iPad or iPhone. Last week I ended my experiment and I have a few opinions (big surprise).

I use my Mac, iPhone, and iPad in a mix throughout the day. My iPhone is always with me, gets all the looks when I am away from my desk. My Mac gets all my looks at my desk. And my iPad gets the rest, those times when I am bopping about, laying about, or in a car (not driving!)

[Of course, my Apple Watch gets its share of looks, no matter the device I’m using, but in my view, does not impact the Mac vs iPad argument.]

Gabe’s piece really captures my feelings about the Mac, why it is the best solution for certain (but by no means all, or even most) situations. Here’s a taste:

I do a lot of text editing, so this is a category where I feel friction the most. There’s really no comparison for me. Text editors on the Mac are more feature rich and I can edit faster than on iOS.

Friction is a perfect word. The Mac is customizable to the point where I can really get at those friction points, ease them to make my process more efficient. iOS, on the other hand, is more portable, easier to get going and, for me, always with me every second I’m awake.

Apple has found a perfect blend of devices. At least for me and my habits.

That said, read Gabe’s piece. See if it resonates for you.

[Via Six Colors]

November 27, 2017

Apple’s Face ID ads

Apple has just posted these two ads for Face ID.

It will be interesting to see how these are received by average users unfamiliar with the technology.

Studio Neat:

With the improved sensor, wider aperture, and added optical image stabilization on the telephoto lens in the iPhone X, I wanted to see if Apple’s frequency of presenting a cropped image at 2X was reduced at all. The answer: yes. But by how much?

I created a test to hopefully get a rough idea of how much light is required before an iPhone 7 Plus and iPhone X decide to switch to their respective telephoto lenses in 2X mode.

One of the things I’ve seen people talking about is the much improved low light capability of the iPhone X. This is a good description of what happens in low light with the iPhone 7 Plus and iPhone X and how the X deals with it much better.

Internal Apple video from 1994

Regardless of how much (or little) you enjoy the singing or production values, I do find this a fascinating piece of Apple history. Folks who’ve been around the Apple universe for long enough will recognize a lot of these references.

The video was originally posted in 2012, but I just came across it this morning, thought it worth sharing. Anyone recognize anyone in the video? They are ALL Apple employees.