Apple Updates App Store Guidelines, Calls Out ‘Creepy’ Apps for Exclusion

Apple today updated its App Store review guidelines ahead of the launch of iPhone 6 and iOS 8, adding sections for new features such as extensions, HealthKit, HomeKit and TestFlight. Additionally, Apple tweaked its introductory remark to specifically call out “creepy” apps as unwelcome in the App Store.

We have over a million Apps in the App Store. If your App doesn’t do something useful, unique or provide some form of lasting entertainment, or if your app is plain creepy, it may not be accepted.

The new guidelines, primarily in sections 25 through 28, outline what use of the new features would get an app rejected from the App Store. For instance, extensions must provide some functionality and must remain functional without network access. Keyboard extensions can only collect user data for improving the functionality of the keyboard and nothing else.

The sections for both HealthKit and HomeKit include guidelines for user data, with apps using HomeKit not allowed to collect any sort of user data for advertising and data mining while HealthKit is only allowed to collect data without a user’s permission. TestFlight guidelines include limitations on distribution and compensation for beta testers.

Additionally, Apple added some notes to its Metadata section for the App Store’s new app previews feature, noting that apps may only use video screen captures for previews and that app previews cannot display personal information without permission.

iOS 8 will be included on the iPhone 6 this September and likely launch a few days earlier for current devices.

.CPlase_panel display:none;

Hackers Using Law Enforcement Tools to Access iCloud Backups Unprotected by Two-Factor Authentication

Earlier today, Apple issued a press release stating that an iCloud/Find My iPhone breach had not been responsible for the leak of several private celebrity photos over the weekend, instead pointing towards a “very targeted attack on user names, passwords, and security questions” hackers used to gain access to celebrity accounts.

The company did not divulge specific details on how hackers accessed the iCloud accounts, leading Wired writer Andy Greenberg to investigate the methods that hackers might possibly have used to acquire the stolen media.

Greenberg visited Anon-IB, a popular anonymous image board where some of the celebrity photos first originated, and discovered that hackers openly discuss exploiting software designed for law enforcement and government officials. Called ElcomSoft Phone Password Breaker (EPPB), the software in question lets hackers enter a stolen username and password to obtain a victim’s full iPhone/iPad backup.

“Use the script to hack her passwd…use eppb to download the backup,” wrote one anonymous user on Anon-IB explaining the process to a less-experienced hacker. “Post your wins here ;-)”

Acquiring just a user name and password allows hackers access to content on iCloud.com, but with the accompaniment of the ElcomSoft software, a complete backup can reportedly be downloaded into easy-to-access folders filled with the device’s contents.

According to security researcher Jonathan Zdziarski, who spoke to Wired, metadata from some of the leaked photos is in line with the use of the ElcomSoft software and possibly the iBrute software, which exploited a vulnerability in Find My iPhone to allow hackers unlimited attempts to guess a password. Apple has, however, patched the exploit, and has suggested iBrute was not a factor in the attacks.

As noted by TechCrunch, using ElcomSoft’s software to download an iPhone’s backup successfully circumvents two-factor verification as the two-factor authentication system does not cover iCloud backups or Photo Stream.

Apple’s press release pointed towards two-factor authentication as a way to prevent similar hacking attempts, but it appears enabling two-factor authentication would not stop iCloud backup hacks conducted with the Phone Password Breaker if an Apple ID and password could be obtained. Two-factor verification can, however, make it much more difficult for hackers to acquire a user’s login credentials in the first place, preventing many attacks.

The ElcomSoft software does not require any credentials to purchase and while it costs $399 to purchase, it is also available on bittorrent sites. This gap in security has been known for quite some time, with ElcomSoft’s own CEO pointing towards the lack of two-factor authentication for iCloud backups back in May of 2013.

Apple has explored expanding two-factor authentication to some iCloud services, but an official expansion of the security feature has not yet been introduced.

.CPlase_panel display:none;

China Mobile Begins Accepting Preorders for Unreleased iPhone 6 [iOS Blog]

Chinese carrier China Mobile has begun taking preorders for the upcoming iPhone 6 ahead of the device’s official launch, reports China Daily. Available at China Mobile Beijing, the preorder campaign appears to be aimed at drumming up interest for Apple’s new devices.

On a website, China Mobile Beijing allows users to choose between the 4.7 and 5.5-inch iPhone 6, but the carrier does not offer images of the device or a potential release date. A China Daily source has suggested Chinese customers may receive the iPhone 6 as early as mid-month, however, which would be in line with previous rumors and past device release timelines.

Mockup of 4.7 and 5.5-inch iPhone 6 depicted with iPhone 5s

China Mobile’s preorder campaign also confirmed rumors that Apple will release larger screens for the device as buyers are asked to choose either a 4.7-inch version or a 5.5-inch one. The iPhone 5S has a 4-inch screen.

The program is available only in Beijing and, as of Tuesday evening, had attracted more than 33,000 orders. It remains unclear when the buyers can get the device. A person familiar with the matter told China Daily the first iPhone 6 could be distributed to Chinese customers as early as mid-month.

As of Tuesday evening in China, the campaign had garnered more than 33,000 orders, pointing towards strong interest in the iPhone 6. Analysts have predicted that the launch of the iPhone 6 could see a massive spike in upgraders and Android switchers, due to its larger display and redesigned chassis.

China Mobile, the world’s largest mobile carrier with more than 700 million subscribers, first began carrying the iPhone in January of 2014, after extended negotiations with Apple. Apple CEO Tim Cook called inking a deal with China Mobile a “watershed” moment,” allowing the company to reach millions of new customers and significantly expand its presence in China.

As it marks an opportunity for significant growth, China has become an increasingly important market for Apple. Tim Cook visited the country multiple times in 2013 and Apple has opened several retail stores in China in 2014, including locations in Wuxi, Chongqing, and Beijing.

Apple is expected to introduce the iPhone 6 at a September 9 media event, which may also include the debut of its wearable device and a payment initiative. Though Apple is expected to preview both the 4.7 and 5.5-inch iPhone 6 models, it is unclear if both devices will be available to launch at the same time due to production difficulties with the larger phone.

.CPlase_panel display:none;

Apple Discussing Mobile Payments Partnership With Nordstrom

Nordstrom may be one of Apple’s first merchant partners when Apple launches its upcoming mobile payment initiative, reports Bank Innovation. Apple is said to be in talks with Nordstrom about its payments service, suggesting Nordstrom could be one of the first retailers to support payments via iPhone.

The “talks” Nordstrom and Apple have been engaged are related to payments — but the extent of those talks is unclear. Apple was looking for a clothing brand with a large physical reach, our source said, but also with an established and high-end brand. With a strong brick-and-mortar presence, but with a focus on digital innovation as well, our source said Nordstrom was a “great” pick for Apple.

Nordstrom is a logical partner for Apple, as its retail stores already use Apple’s iPhones and iPads as point-of-sale systems. According to Nordstrom employees, Apple’s mobile point-of-sale systems are purchased directly from Apple and were updated to work with ‘the most recent iPhones” just a few weeks ago. Bank Innovation suggests that Nordstrom’s current point-of-sale systems, which are said to be the same as Apple’s own in-store EasyPay systems, may possibly be compatible with Apple’s upcoming mobile payment service.

Earlier this year, a report suggested Apple was speaking with several high-profile retail store chains about a mobile payment service, in order to retailer gauge interest and explore possibilities for a unified payment service, and Nordstrom may have been included in these talks.

EasyPay mobile payments concept by Ricardo Del Toro
In addition to partnering with retailers, Apple is also said to have signed deals with American Express, MasterCard, and Visa for its mobile payments initiative, which will likely leverage technologies like NFC, Bluetooth, and iBeacons, in addition to Touch ID, Apple’s fingerprint-sensing security technology.

According to reports, Apple’s payments service will allow iPhone owners to use their devices to make payments both online and in retail stores. Apple is expected to announce its mobile payments initiative during its September 9 media event.

.CPlase_panel display:none;

Apple Begins Inviting AppleSeed Members to Test iCloud for Windows Beta [Mac Blog]

Apple today began sending out invitations to AppleSeed members, inviting them to test the iCloud for Windows beta, which includes access to iCloud Drive. An iOS 8/Yosemite feature, iCloud Drive allows users to store any document in iCloud.

Content stored in iCloud Drive can be accessed from any iOS device, Mac, or PC, via the new iCloud for Windows beta. AppleSeed testers receiving invites to the iCloud for Windows beta must be running Windows 7 or later, and Apple does not recommend installing the pre-release software on “personal-critical and/or business-critical systems.”

Ahead of offering an iCloud for Windows beta to AppleSeed members, Apple released a beta version of the software to developers. The latest version of that beta, launched on July 21, noted that iCloud Drive functionality was only available on on OS X Yosemite and iOS 8, so it appears that Windows users may be getting their first functional look at iCloud Drive with the launch of the AppleSeed beta.

iCloud Drive is expected to be officially available with the launch of iOS 8 and OS X Yosemite. While iOS 8 will likely be released to the public in September following Apple’s iPhone event, OS X Yosemite may not be available until later in the year, possibly October.

Thanks, Larry!

.CPlase_panel display:none;

Pre-Launch Adoption of OS X Yosemite 33 Times Higher Than for Mavericks

Adoption of OS X Yosemite is steadily increasing ahead of its fall launch, due to both a system-wide redesign and the introduction of a public beta for the first time. As of August, Yosemite was installed on approximately 2.6 million machines or 3.3 percent of all Macs, according to new numbers from Net Applications (via Computerworld).

For August, Yosemite powered 3.3% of all Macs, according to metrics vendor Net Applications. That was 33 times the user share of its predecessor, OS X Mavericks, in September 2013, one month before its official launch, and nearly one-third of Mavericks’ share the following month, when it was first made available to all customers.

In June, adoption rates were at 0.9 percent, jumping up to 1.2 percent in July. The 3.3 percent number comes after the introduction of the public Yosemite beta in late July, which saw as many as 1 million registered beta program members receiving access to the software. Following the launch of the beta, Yosemite’s share of global Mac traffic nearly doubled.

Though the public beta has bolstered Yosemite’s adoption numbers much higher than Mavericks adoption rates during a similar time frame last year, developer interest in Yosemite has also been high. July adoption numbers from before the public beta release suggested Yosemite beta usage was four times higher than Mavericks usage last year.

Operating system usage metrics can very widely, however, as Yosemite installation numbers from GoSquared are quite a bit different. According to GoSquared, machines running OS X Yosemite have accounted for just one percent of total Mac OS traffic over the past several hours, and 0.58 percent since launch. Though GoSquared points towards lower overall adoption numbers, it does show a fairly steady increase in Yosemite usage.

Last year, seven percent of all Mac users had installed OS X Mavericks just 24 hours after its public launch. Based on public beta numbers and high developer interest, it’s likely that Yosemite Adoption will be even more rapid following its public launch. In addition to offering a revamped look, OS X Yosemite includes several features like iCloud Drive and Continuity, allowing Macs to interact with iOS devices in new ways.

OS X Yosemite is currently available only to registered developers and those who signed up for the public beta test. The operating system, which will be provided to consumers at no cost, is expected to see its public release in the fall, possibly in October.

.CPlase_panel display:none;

Apple says iCloud wasn’t breached in celebrity photo leak

It wasn’t long at all after personal and explicit photos of some 100 celebrities started making the rounds when people started attributing the leak to a breach of Apple’s iCloud storage system. After a nearly two day long investigation, Apple has released a statement to try and clear things up — to hear the folks in Cupertino tell it, the incident was a “very targeted attack on user names, passwords and security questions” and that none of its systems were breached in the process. In other words, we’re not looking at a savvy hack exploiting a Find my iPhone security flaw so much as some very dedicated phishing and/or social engineering. Of course, that’s not to say that the pictures in question (well, the ones that weren’t taken with Android devices anyway) didn’t come from iCloud, just that hackers didn’t directly crack the sanctity of Apple’s services. You can check out the full statement after the jump for yourself.

We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud(R) or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.

To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification. Both of these are addressed on our website at http://support.apple.com/kb/ht4232.

Comments

Source: Apple

.CPlase_panel display:none;

Apple to Open New Retail Store in Atlanta on Saturday, September 6 [Mac Blog]

Georgia is set to gain its sixth Apple retail location this Saturday, with the grand opening of the new Apple Store at Atlanta’s Cumberland Mall. Located in the Cumberland district of Atlanta, the two-story mall houses more than 100 retail stores and restaurants.

The new Cumberland Mall location is the third Apple Store in Atlanta, joining two other retail stores at Lenox Square and Perimeter Mall. There are also stores in Augusta, Buford, and Alpharetta.

Apple’s Cumberland Mall store will open at 10 a.m. local time on Saturday, September 6. As is common with new store openings, employees will likely hand out T-shirts to the first customers to visit the new location. The store has already begun accepting reservations for workshops and Genius Bar appointments.

.CPlase_panel display:none;