Let’s Talk Apple — Ep. 65 (January 2019)


Let's Talk Apple Logo

Panel:

The show starts with a quick run-down of developments in some of the major legal cases involving Apple, then moves on to some notable numbers and some Apple HR News. The five main stories are Apple’s Q1 2019 earnings, a good CES for Apple, the FaceTime bug, Facebook & Google breaking the rules of Apple’s Enterprise program and briefly losing their internal apps, and some encryption and privacy news. The show finishes with a quick rundown of some smaller Apple-related stories that made the news in January.

You’ll find detailed show notes below the fold, and if you enjoy this free show, please consider clicking on the donate button at the top of the left side bar – the show is free for you to listen to, but not for Bart to Produce!

MP3 DownloadRSS FeediTunes

Legal Latest
  • 🇺🇸 A federal magistrate judge in Oakland CA denied an application for a warrant to cease every phone in a building regardless of who owned it, and the right to force the owners to biometrically unlock the devices. In her ruling Judge Kandis Westmore cited both 4th and 5th amendment concerns, saying the warrant is over-broad, and that unlocking a phone by any means is testimonial (hence covered by the 5th amendment protection against self-incrimination) because our phones are effectively extensions of our brains these days. This ruling conflicts with others in different federal courts, so this issue is likely to rise up to the US Supreme Court at some stage. It has some way to go though, this was a federal district court ruling which can be appealed to the relevant circuit court, and only then can it be appealed to the supreme court who can then choose whether or not to take the case — arstechnica.com/… & nakedsecurity.sophos.com/…
  • Apple -v- Qualcomm
    • 🇩🇪 Apple got a partial victory over Qualcomm in Germany when a court in Munich rejected four Qualcomm patent claims. These claims related to search, not hardware, and relate to the same patents that recently resulted in an iPhone ban in China. These claims were separate to those that resulted in a preliminary ban on sales of the iPhone 7 & 8 in Germany last month; a final ruling on those claims is still to come — 9to5mac.com/…
    • Apple says Qualcomm refused to sell it chips for the latest iPhones — www.theverge.com/…
    • 🇺🇸 Qualcomm and the US FTC made their closing arguments in the FTC’s lawsuit against Qualcomm. Judge Lucy Koh warned that because this is such and important and complex case, it may take her longer than usual to reach a decision — appleinsider.com/…
  • 🇺🇸 Apple has lost its appeal against so-called patent troll VirnetX over FaceTime at the US Federal Circuit Court of Appeals. Apple now owes VirnetX $440M, but says it will appeal — arstechnica.com/…
  • 🇺🇸 Apple Settles Lawsuit With Biometric Sensor Company Valencell That Accused it of Stealing Technology for Apple Watch — www.macrumors.com/…
  • 🇰🇷 The Korean FTC has found Apple guilty of unfair practices in its dealings with carriers, but it will let Apple respond, and Apple has done so. Now we have to wait and see how Apple’s response is treated — www.macobserver.com/…
Notable Numbers
  • Data from Localytics shows a sharp rise in iPad and iPhone XR activations over this Christmas period as compared non-holiday activation rates (iPad up 219%, 11“ iPad Pro up 125%, iPad Mini up 108%, iPad Pro 12.9” up 99%, and iPhone XR up 88%) — info.localytics.com/…

“We determine lift in device activations by calculating percent change in new devices in the days surrounding Christmas compared with new devices in the average week for the same time period”

Apple HR News
Main Stories
  1. Apple’s 2019 Q1 Earnings
  2. A good CES for Apple
  3. A serious bug was discovered in Apple’s Group FaceTime feature. The bug allowed an attacker to remotely enable the microphone, and in some cases camera too, on a victims device. The problem seems to have been with the transition between regular FaceTime and Group FaceTime. To trigger the bug an attacker would call their victim via FaceTime, then, before the victim answered the call, add a third person to the conversation, when the conversation jumped into Group FaceTime mode, the fact that the call was not accepted was forgotten, and the victim device silently joined the group call. The third person could be anyone, including the attacker themselves! The bug was discovered by a teenager, and his mother tried extremely hard to raise the alarm, but without must success at first. When the issue finally gained media attention Apple quickly responded by promising a fix within a few days, and then shutting the Group FaceTime service down temporarily. On Friday Apple released a statement apologising for the bug, explaining that they had fixed it on the server-side, and that a software update would be released next week re-enabling the service for users. Apple also promised to improve its bug reporting process.
  4. Facebook & Google caught abusing Apple’s enterprise app program to bypass the app store and deliver data gathering apps to select users. Facebook’s app installed a new root certificate and a VPN app, giving their app access to just about everything users did on their phones. Apple temporarily pulled both companies enterprise certs, but re-instated them after negotiating with the companies.
  5. Developments in the on-going fight over privacy and encryption:
    • 🇦🇺 Australia’s controversial anti-encryption law has come into effect — www.macobserver.com/…
    • Grey-hat security firm Zerodium upped their prices for many classes of zero-day exploit, including those attacking iOS and the Mac. A remote iOS exploit is worth up to $2M now. Zerodium sell vulnerabilities to governments, and do not inform the vendors — www.macobserver.com/…
    • 🇷🇺 Russia succeeds in getting Apple to comply with its 2014 law requiring data on Russian citizens to be stored within the country. This follows a similar achievement by the Chinese government last year — www.macobserver.com/… & foreignpolicy.com/…
    • 🇬🇧 GCHQ (Britain’s equivalent of the NSA in the US) is proposing requiring tech companies to silently add agents into encrypted group calls and messages. Because companies like Apple and Facebook manage encryption keys on behalf of users, this is technically possible. For now, these are just proposals, not concrete plans — www.macobserver.com/…
    • 🇯🇵 The Japanese government are investigating ways of applying their privacy laws to international companies — www.macobserver.com/…
    • In an opinion piece in Time Magazine Tim Cook called on the US government to introduce privacy rights and to regulate data brokers — time.com/…
Quick Stories

Leave a Reply