The Skeleton-Key Edition Saturday, August 25, 2018

Security Flaws Inadvertently Left T-Mobile And AT&T Customers' Account PINs Exposed, by Nicole Nguyen, BuzzFeed

Apple’s online store contained the security flaw that inadvertently exposed over 77 million T-Mobile customers’ account PINs. The website for Asurion, a phone insurance company, had a separate vulnerability that exposed the passcodes of Asurion’s AT&T customers.

Apple and Asurion fixed the vulnerabilities after BuzzFeed News shared the security researchers’ findings. Apple declined to provide further comment on the record, stating only that the company is very grateful to the researchers who found the flaw. Asurion spokesperson Nicole Miller said, “Asurion takes customer security and privacy very seriously, and as such we have an ongoing, layered security program in place to prevent security issues. We are investigating the researcher’s concerns, but have immediately implemented measures to address these concerns to ensure customers’ accounts are safe.”

Phone Numbers Were Never Meant As ID. Now We’re All At Risk, by Lily Hay Newman, Wired

In recent years, more and more companies and services have come to rely on smartphones to confirm—or "authenticate"—users. In theory, this makes sense; an attacker might get your passwords, but it's much harder for them to get physical access to your phone. In practice, it means that a single, often publicly available, piece of information gets used both as your identity and a means to verify that identity, a skeleton key into your entire online life. Hackers have known this, and profited from it, for years. Companies don't seem interested in catching up.

CloudKit Outage Sees Some Apps Experience (Temporary) User Data Loss, Apple Working On Fix, by Benjamin Mayo, 9to5Mac

There appears to be some prolonged issues with Apple’s CloudKit service today, which Apple offers to developers as a way to store user data and sync across devices. Several developers have reported to us that they have seen data for their apps temporarily wiped in the last 24 hours as the CloudKit service experiences some form of outage.


Brydge 12.9 Series II Keyboard: This Is The One... At Least For Now, by Jason Snell, Six Colors

Brydge has built a second-generation 12.9 Keyboard, and it worked perfectly for me right out of the box. There are a few minor changes here and there, including very slightly reduced key travel, but it’s still an excellent keyboard more reminiscent of the MacBook Air or the Magic Keyboard than Apple’s more recent-generation laptops. I think I like the feel of the Brydge 12.9 Series II even more than the original.

5 Meditation Apps To Help You Find Your Peace, by Hayden Field, Entrepreneur

Looking to get in touch with your inner zen but don’t know where to begin? We’ve laid out five of the best meditation apps to try.


The Open Plan Office Sucks–it’s Also Good For You, by Jesus Diaz, Fast Company

At least that’s what a new study, published in the British medical journal Occupational and Environmental Medicine this month, suggests. The research is part of a $3.3 million, U.S. General Services Administration-funded project called “Wellbuilt for Wellbeing,” studying how workplace design affects health. According to the authors, workers in open plan offices tend to move around more, as opposed to people in cubicles and private offices. The former ended up less stressed, while the latter were more anxious and unhappy at the end of the day.


Apple Worried About Constitutional Changes In Considering North Carolina Campus, by Roger Fingas, AppleInsider

Apple, though interested in putting a new campus in the state, is concerned about North Carolina politicians "meddling with constitutional amendments for political influence," according to one report.

As Apple Music Starts Composing Its India Song, It Bets Big On Independent Musicians, Indie Bands, by Anuj Bhatia, Indian Express

For a company that is beyond the number game, Apple did something different with its music streaming service, focusing on the independent music scene and encouraging new artists to launch their tracks on Apple Music first. The local strategy it adopted in India is not only keeping music listeners hooked to Apple Music but also shaping the careers of many upcoming singers and musicians.

In India, Apple is stressing on the localised flavour, where people like to listen to music in their own language.

The Four Ways That Ex-internet Idealists Explain Where It All Went Wrong, by Tim Hwang, Technology Review

Both Optimism and Pessimism make the mistake of assuming that the internet has inherent features, but like any technology conceived of and built by humans, it is shaped by human struggles, by the push and pull of a multitude of interests and schools of thought. What’s needed is a coalition around a New Optimism—one that celebrates what’s working, is honest about what isn’t, and articulates a path forward grounded not so much in technological fixes as in a richer understanding of trust, identity, and community.