The Tracking-Devices Edition Tuesday, May 2, 2023

Apple And Google Are Working Together To Limit AirTag Stalking, by Emma Roth, The Verge

Apple and Google have teamed up on a proposed industry specification aimed at combatting the safety risks associated with AirTags and other Bluetooth-enabled tracking devices. The companies announced Tuesday that the new standard requires the implementation of “unauthorized tracking detection and alerts” across Android and iOS devices.

The proposed specification lists a number of best practices for the creators of Bluetooth tracking devices, which are supposed to help prevent the “misuse” of location trackers that put users at risk for stalking, harassment, and theft. As outlined in the document, the unwanted tracking detection should “detect and alert individuals” when a tracker that’s separated from its owner is traveling with them and also provide instructions on how to find and disable the device.

Security Response Updates

Apple Releases Rapid Security Response Updates For iOS 16.4.1 And macOS 13.3.1, by Juli Clover, MacRumors

Apple today released Rapid Security Response (RSR) updates that are available for iPhone and iPad users running the iOS 16.4.1 update and Mac users running macOS 13.3.1. These are the first public RSR updates that Apple has released to date.

Rapid Security Response updates 16.4.1 (a) and macOS 13.3.1 (a) are designed to provide iOS 16.4.1 users and macOS 13.3.1 users with security fixes without the need to install a full software update.

What Is A Rapid Security Response (RSR)?, by Howard Oakley, The Eclectic Light Company

Since the introduction of the Signed System Volume (SSV) in Big Sur, macOS updates have been large and complex to install. This is because almost all of macOS is locked away in a read-only snapshot of your Mac’s System volume. To make even the smallest of changes in that, the update has to be installed first on the System volume, a snapshot is made of that and cryptographically sealed using a tree of hashes, then your Mac has to restart from that snapshot.


While the SSV is wonderfully secure, its security thus gets in the way of updates, so Apple has moved some components that are likely to be updated individually and more often, out of the SSV. Among these is Safari and its supporting components including WebKit. As the front line in the defence against most attacks on macOS, it’s vital that Safari can be updated more quickly and easily, but the mechanism of its storage and updating also need to be robust and not a vulnerability.

The answer comes in special disk images called Cryptexes, that are cryptographically verified and stored away from potential intruders, on the hidden Preboot volume. These were first developed for Apple’s customised iPhone, its Security Research Device, and were introduced to macOS Ventura when it was released last year. When your Mac downloads and installs an RSR, it gets one or more Cryptexes, either to replace existing ones or to supplement them.

Apple, Platform Security, And The Next Big War, by Jonny Evans, Computerworld

This is war, and make no bones about it, Rapid Security Response is an important part of Apple’s security front line. It’s the tactical fast response point at which emerging threats will be opposed by increasingly agile security response teams. As new vulnerabilities are identified, security patches will be rolled out swiftly to plug them up.

The process is clearly more complex than it sounds. The protection was announced last summer, but only saw real action this week and there were unknown initial distribution problems, which appear to have been resolved.

Security is a constant ebb and flow.


Arc Will Change The Way You Work On The Web, by Adam Engst, TidBITS

Arc’s designers have improved on the standard Web browser interface in four conceptual areas: context, persistence, visibility, and refinement. Each plays a vital role in why I describe Arc as transformative. In the sections below, I’ll explain how its unique features—or at least unique combinations of features—make it stand out.

Alfred 5.1, by Agen Schmitz, TidBITS

The release adds a new Options sheet to configure and update Automation Tasks (and enables them to be added to the Workflow Palette).

Timing 2023.3, by Agen Schmitz, TidBITS

With the new functionality, if a new time entry overlaps with existing time entries, you can either replace the existing entries or keep both in parallel.


Follow-Up On ‘Adware For Apple Services In iOS’, by John Gruber, Daring Fireball

The problem I was running into was a bug that resulted from the fact I have split Apple ID accounts: one account for iTunes and App Store purchases, and a separate account for my Apple ID.

Apple's First-Ever Store Moving To New Location: 'A New Chapter Is Coming Soon', by Joe Rossignol, MacRumors

Apple has yet to announce a grand opening date for the new location, and the current store remains open for now. On the store’s page, Apple teases that “a new chapter is coming soon,” without providing any further details.

US Judge Declares Mistrial In Apple-Masimo Smartwatch Trade Secrets Fight, by Blake Brittain, Reuters

A U.S. judge in California on Monday declared a mistrial in Masimo Corp's smartwatch trade secret lawsuit against Apple Inc after jurors failed to reach a unanimous verdict in the potential billion-dollar case.


The jury in federal court in Santa Ana had been asked to determine whether Cupertino, California-based Apple misused confidential information from Masimo related to the use of light to measure biomarkers including heart rates and blood-oxygen levels.

We All Want More Data And Better Mobile Coverage, But Is The Trade-off Our Dark, Starry Night Sky?, by Sinead Mangan and Chris Lewis, ABC News

As rocket launches become cheaper, upwards of 100,000 satellites could orbit Earth, forever changing our dark, starry skies.

For millennia humans have gazed up at the wonder of the night sky, but what we can see is rapidly changing because of our quest to be connected.

Hollywood Writers Strike Over Pay Disputes With Streaming Giants, AI Concerns, by Lucas Ropek, Gizmodo

It’s unclear how long the action could last but, until it ends, large parts of Hollywood are going to be put on pause. Nearly 12,000 writers could potentially join picket lines in the coming days, which means major disruptions to TV and streaming franchises as labor and management duke it out. A variety of issues are motivating the contentious negotiations, including AI and what WGA has called the creation of “a gig economy” due to the pressures of the streaming industry.

Bottom of the Page

I am glad that Apple has not deemed what it has done to safeguard people's safety with the usage of AirTags to be enough, and is now doing more. Good job.


Thanks for reading.