Archive for June 2, 2015

Tuesday, June 2, 2015 [Tweets] [Favorites]

Swift Subscripts Support Labeled Parameters

Erica Sadun:

You use it as a labeled subscript, e.g. myArray[safe:3]. Subscripting + labels = ♥︎.

Chris Lattner:

Well of course subscripts support labeled arguments!

Web Decay Graph

Tim Bray (via John Gruber):

I’ve been writing this blog since 2003 and in that time have laid down, along with way over a million words, 12,373 hyperlinks. I’ve noticed that when something leads me back to an old piece, the links are broken disappointingly often. So I made a little graph of their decay over the last 144 months.

Mac Firmware Security Is Completely Broken

Dan Goodin:

The attack, according to a blog post published Friday by well-known OS X security researcher Pedro Vilaca, affects Macs shipped prior to the middle of 2014 that are allowed to go into sleep mode. He found a way to reflash a Mac’s BIOS using functionality contained in userland, which is the part of an operating system where installed applications and drivers are executed. By exploiting vulnerabilities such as those regularly found in Safari and other Web browsers, attackers can install malicious firmware that survives hard drive reformatting and reinstallation of the operating system.

The attack is more serious than the Thunderstrike proof-of-concept exploit that came to light late last year. While both exploits give attackers the same persistent and low-level control of a Mac, the new attack doesn't require even brief physical access as Thunderstrike did. That means attackers half-way around the world may remotely exploit it.

Pedro Vilaca:

As a general user you shouldn’t, in theory, be much worried with this bug more than you were with Thunderstrike. This is a bug more interesting to attack targeted users than mass exploitation, although a drive-by exploit is definitely feasible. There are easier and cheaper attacks available against you the general user. As a reminder the latest Mac botnet infected around 17k users just by asking them for administrator privileges. Sophisticated attacks are not required when simple things still work.

Apple Shifts to Editorially Curated Lists on App Store

Joe Rossignol:

Apple has quietly changed the way it promotes new and popular apps on the App Store, shifting from algorithmically generated lists to editorially curated content last month. TechCrunch reports that the “Games” section, for example, no longer has “New,” “What’s Hot,” or “All iPhone (Free & Paid)” categories, which have been replaced with editor curated lists such as “Best New Games” and “More Games You Might Like,” the latter based on a customer’s purchase history.

[…]

The report claims that some app developers have seen between 30% to 90% fewer organic app downloads since the changes were made, although the move away from automatically generated app lists is not expected to negatively impact most developers. In fact, editorial curation should help developers with truly useful apps gain some well-deserved exposure on the App Store, rather than clone or rip-off apps that sometimes slipped through Apple's old automated process.

Fix Your Mac With One Weird Trick

Allen Pike:

Frustrated, last week I discovered something interesting. Searching around for info on the giant WindowServer memory leak I’d seen, I came across an Apple Support forum post describing the exact same problem! It had 189,000 views and 534 replies, so I knew I’d finally found something to soothe my MacBook’s suffering.

[…]

For those who are new to the Mac platform, zapping the PRAM is an age-old tradition that goes back to the classic Mac OS days. Even as a child, I was taught that when you had weird behaviour on your Mac it was time to zap the PRAM, which would promptly do nothing. Zapping the PRAM is number one on the list of desparate stuff to try on a misbehaving Mac that usually doesn’t fix the problem, outranking the trusty disk permissions repair and the perky newcomer, resetting the SMC. Zapping the PRAM is folk magic.