Apple – Page 11

Microsoft brings an official Copilot app to macOS for the first time

AI, Apple, Tech / Mike M. / February 28, 2025

It took a couple of years, but it happened: Microsoft released its Copilot AI assistant as an application for macOS. The app is available for download for free from the Mac App Store right now.

It was previously available briefly as a Mac app, sort of; for a short time, Microsoft’s iPad Copilot app could run on the Mac, but access on the Mac was quickly disabled. Mac users have been able to use a web-based interface for a while.

Copilot initially launched on the web and in web browsers (Edge, obviously) before making its way onto iOS and Android last year. It has since been slotted into all sorts of first-party Microsoft software, too.

The Copilot app joins a trend already spearheaded by ChatGPT and Anthropic of bringing native apps to the macOS platform. Like those, it enables an OS-wide keyboard shortcut to invoke a field for starting a chat at any time. It offers most of the same use cases: translating or summarizing text, answering questions, preparing reports and documents, solving coding problems or generating scripts, brainstorming, and so on.

Copilot uses OpenAI models like GPT-4 and DALL-E 3 (yes, it generates images, too) alongside others like Microsoft’s in-house Prometheus. Microsoft has invested significant amounts of money into OpenAI in recent years as the basis for Copilot and basically everything in its AI strategy.

Like Apple’s own built-in generative AI features, Copilot for macOS requires an M1 or later Mac. It also requires users to run macOS 14 or later.

Microsoft brings an official Copilot app to macOS for the first time Read More »

Apple pulls end-to-end encryption in UK, spurning backdoors for gov’t spying

Apple, data privacy, data protection, Encryption, end to end encryption, Online Privacy, Policy, united kingdom / Kelly Newman / February 23, 2025

“We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy,” Apple said. “Enhancing the security of cloud storage with end-to-end encryption is more urgent than ever before.”

For UK Apple users, some data can still be encrypted. iCloud Keychain and Health, iMessage, and FaceTime will remain end-to-end encrypted by default. But other iCloud services will not be encrypted, effective immediately, including iCloud Backup, iCloud Drive, Photos, Notes, Reminders, Safari Bookmarks, Siri Shortcuts, Voice memos, Wallet passes, and Freeform.

In the future, Apple hopes to restore data protections in the UK, but the company refuses to ever build a backdoor for government officials.

“Apple remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in the future in the United Kingdom,” Apple said. “As we have said many times before, we have never built a backdoor or master key to any of our products or services, and we never will.”

Apple pulls end-to-end encryption in UK, spurning backdoors for gov’t spying Read More »

Apple, Lenovo lead losers in laptop repairability analysis

Apple, laptops, Lenovo, Macbooks, right to repair, Tech / Kelly Newman / February 21, 2025

“When consumers can easily access information on how to fix devices, it makes it easier for people who can’t afford the latest and greatest technology to still be able to access the tools they need,” Nersisyan added.

Apple lags but shows some improvement

Apple’s MacBook repairability scores placed it at the lowest grade of the US PIRG’s list, save for Lenovo.

US PIRG laptop repairability scores — Credit: US PIRG

However, Apple’s overall repairability score improved from 4.3 last year to 5.1 this year. It gained a quarter of a point in this year’s score because it supported right-to-repair legislation in California within the last year. Apple’s support was a divergence from previous repairability stances from Apple, which had fought right-to-repair efforts for a decade before its about-face on California legislation starting in August 2023. Some have suggested that the change was due to Apple wanting input in legislation that, at the time, seemed likely to pass (California’s bill did eventually pass). Apple has also made notable self-repairability efforts lately, though, including launching and expanding a Self Service Repair program.

Still, Apple has room to grow, with the manufacturer earning the lowest total disassembly score (97)—besides Lenovo, whose score (14) only included one device. Apple also had the lowest disassembly average score (4.9 versus an average of 7.4) out of brands examined. Last year, Apple had an average disassembly score of 4.

In a deeper breakdown of the scores below, Apple’s disassembly scores improved compared to 2024 (9.7 versus 8), as did its parts pricing score (10.9 versus 9.8). However, parts availability declined (13.2 versus 12.8), per US PIRG.

Overall, Apple wasn’t able to compete with Asus and Acer, last year’s and this year’s winners. According to the report, “Asus and Acer continue to manufacture the most repairable laptops due largely to their ease of disassembly.”

Looking ahead, tariffs and other things impacting laptop availability and pricing, like the supply-chain disruptions witnessed during the COVID-19 pandemic, could drive demand for more easily repairable PCs.

“When [laptops and electronics] cost more or are harder to get, I’d expect shoppers to want to keep them in use for as long as possible and value their repairability,” Gutterman said.

Apple, Lenovo lead losers in laptop repairability analysis Read More »

Microsoft demonstrates working qubits based on exotic physics

Apple, Computer science, Majorana, Physics, quantum computing, quantum mechanics, quasiparticles, Science / Mike M. / February 20, 2025

Microsoft’s first entry into quantum hardware comes in the form of Majorana 1, a processor with eight of these qubits.

Given that some of its competitors have hardware that supports over 1,000 qubits, why does the company feel it can still be competitive? Nayak described three key features of the hardware that he feels will eventually give Microsoft an advantage.

The first has to do with the fundamental physics that governs the energy needed to break apart one of the Cooper pairs in the topological superconductor, which could destroy the information held in the qubit. There are a number of ways to potentially increase this energy, from lowering the temperature to making the indium arsenide wire longer. As things currently stand, Nayak said that small changes in any of these can lead to a large boost in the energy gap, making it relatively easy to boost the system’s stability.

Another key feature, he argued, is that the hardware is relatively small. He estimated that it should be possible to place a million qubits on a single chip. “Even if you put in margin for control structures and wiring and fan out, it’s still a few centimeters by a few centimeters,” Nayak said. “That was one of the guiding principles of our qubits.” So unlike some other technologies, the topological qubits won’t require anyone to figure out how to link separate processors into a single quantum system.

Finally, all the measurements that control the system run through the quantum dot, and controlling that is relatively simple. “Our qubits are voltage-controlled,” Nayak told Ars. “What we’re doing is just turning on and off coupling of quantum dots to qubits to topological nano wires. That’s a digital signal that we’re sending, and we can generate those digital signals with a cryogenic controller. So we actually put classical control down in the cold.”

Microsoft demonstrates working qubits based on exotic physics Read More »

Microsoft warns that the powerful XCSSET macOS malware is back with new tricks

Apple, Biz & IT, macOS, malware, Security, Xcode, xcsset / DJ Henderson / February 19, 2025

“These enhanced features add to this malware family’s previously known capabilities, like targeting digital wallets, collecting data from the Notes app, and exfiltrating system information and files,” Microsoft wrote. XCSSET contains multiple modules for collecting and exfiltrating sensitive data from infected devices.

Microsoft Defender for Endpoint on Mac now detects the new XCSSET variant, and it’s likely other malware detection engines will soon, if not already. Unfortunately, Microsoft didn’t release file hashes or other indicators of compromise that people can use to determine if they have been targeted. A Microsoft spokesperson said these indicators will be released in a future blog post.

To avoid falling prey to new variants, Microsoft said developers should inspect all Xcode projects downloaded or cloned from repositories. The sharing of these projects is routine among developers. XCSSET exploits the trust developers have by spreading through malicious projects created by the attackers.

Microsoft warns that the powerful XCSSET macOS malware is back with new tricks Read More »

“NokiApple LumiPhone 1020 SE” merges Windows Phone body with budget iPhone guts

Apple, hackintosh, iphone se 3, Lumia 1020, Tech, windows phone / DJ Henderson / February 18, 2025

Remember the Lumia 1020? It’s back—in iPhone SE form.

The Lumia 1020 was a lot of smartphone in July 2013. It debuted with a focus “almost entirely on the phone’s massive camera,” Ars wrote at the time. That big 41-megapixel sensor jutted forth from the phone body, and Nokia reps showed off its low-light, rapid-motion camera abilities by shooting pictures of breakdancers in a dark demonstration room. The company also offered an optional camera grip—one that made it feel a lot more like a point-and-shoot camera. In a more robust review, Ars suggested the Lumia 1020 might actually make the point-and-shoot obsolete.

Front of the Lumia 1020, showing a bit of Windows Phone square grid flair. Casey Johnston

The Lumia 1020 contained yet another cutting edge concept of the day: Windows Phone, Microsoft’s color-coded, square-shaped companion to its mobile-forward Windows 8. The mobile OS never got over the users/apps, chicken/egg conundrum, and called it quits in October 2017. The end of that distant-third-place mobile OS would normally signal the end of the Lumia 1020 as a usable phone.

But there was a person named /u/OceanDepth95028 who saw beyond, and where others thought, “LOL,” this person thought, “Why not?” And this person looked at the Lumia 1020 and saw a third-generation iPhone SE inside of it. And then this person made that phone, and it booted. And the person saw that it was good, and they posted the tale to Reddit’s r/hackintosh.

“NokiApple LumiPhone 1020 SE” merges Windows Phone body with budget iPhone guts Read More »

Apple teases launch for “the newest member of the family” on February 19

Apple, IPhone / Beth Washington / February 14, 2025

Big news for people who prefer their product announcements to be pre-announced: Apple CEO Tim Cook says that the company has something brewing for Wednesday, February 19. Cook referred to “the newest member of the family,” suggesting a launch event focused on a single product rather than multiple refreshes throughout its product lineup.

Most rumors point to the “family” being the iPhone and the “newest member” being an updated version of the entry-level iPhone SE. Last refreshed in March of 2022 with the guts of late 2021’s iPhone 13, the SE is the only iPhone in Apple’s lineup that still ships with large display bezels and a Home button. And it’s one of just three models (along with the iPhone 14 and 14 Plus) to still include a Lightning port.

Previous reporting has suggested that the next-generation iPhone SE could replace both the current SE and the iPhone 14 series in the iPhone lineup, since the new phone is expected to ship with an iPhone 14-style design with an edge-to-edge display and a notch cutout. The old SE and the 14 series have already been discontinued in the EU, where new phones are all required to use a USB-C port.

Apple does have other products it could announce alongside (or instead of) a new entry-level iPhone, if it wanted to. Rumors and references in macOS have all pointed to an early 2025 launch for new M4 MacBook Airs, and the rumor mill also thinks that a new Apple TV box, new HomePod products, and even new AirTags could all come at some point in 2025. High-end Mac desktops like the Mac Studio and Mac Pro are also long overdue for an update, though we reportedly won’t see those refreshes until closer to the middle of the year.

Apple teases launch for “the newest member of the family” on February 19 Read More »

Apple TV+ crosses enemy lines, will be available as an Android app starting today

Apple, Apple TV, culture / Mike M. / February 13, 2025

Apple is also adding the ability to subscribe to Apple TV+ through both the Android and Google TV apps using Google’s payment system, whereas the old Google TV app required subscribing on another device.

Apple TV+ is available for $9.99 a month, or $19.95 a month as part of an Apple One subscription that bundles 2TB of iCloud storage, Apple Music, and Apple Arcade support (a seven-day free trial of Apple TV+ is also available). MLS Season Pass is available as a totally separate $14.99 a month or $99 per season subscription, but people who subscribe to both Apple TV+ and MLS Season Pass can save $2 a month or $20 a year on the MLS subscription.

Apple TV+ has had a handful of critically acclaimed shows, including Ted Lasso, Slow Horses, and Severance. But so far, that hasn’t translated to huge subscriber numbers; as of last year, Apple had spent about $20 billion making original TV shows and movies for Apple TV+, but the service has only about 10 percent as many subscribers as Netflix. As Bloomberg put it last July, “Apple TV+ generates less viewing in one month than Netflix does in one day.”

Whether an Android app can help turn that around is anyone’s guess, but offering an Android app brings Apple closer to parity with other streaming services, which have all supported Apple’s devices and Android devices for many years now.

Apple TV+ crosses enemy lines, will be available as an Android app starting today Read More »

Apple now lets you move purchases between your 25 years of accounts

Apple, apple accounts, iCloud, iTunes, Mac, me.com, MobileMe, Tech / 9u50fv / February 13, 2025

Last night, Apple posted a new support document about migrating purchases between accounts, something that Apple users with long online histories have been waiting on for years, if not decades. If you have movies, music, or apps orphaned on various iTools/.Mac/MobileMe/iTunes accounts that preceded what you’re using now, you can start the fairly involved process of moving them over.

“You can choose to migrate apps, music, and other content you’ve purchased from Apple on a secondary Apple Account to a primary Apple Account,” the document reads, suggesting that people might have older accounts tied primarily to just certain movies, music, or other purchases that they can now bring forward to their primary, device-linked account. The process takes place on an iPhone or iPad inside the Settings app, in the “Media & Purchases” section in your named account section.

There are a few hitches to note. You can’t migrate purchases from or into a child’s account that exists inside Family Sharing. You can only migrate purchases to an account once a year. There are some complications if you have music libraries on both accounts and also if you have never used the primary account for purchases or downloads. And migration is not available in the EU, UK, or India.

Apple now lets you move purchases between your 25 years of accounts Read More »

Report: iPhone SE could shed its 10-year-old design “as early as next week”

Apple, Tech / Beth Washington / February 9, 2025

Gurman suggests that Apple could raise the $429 starting price of the new iPhone SE to reflect the updated design. He also says that Apple’s supplies of the $599 iPhone 14 are running low at Apple’s stores—the 14 has already been discontinued in some countries over its lack of USB-C port, and it’s possible Apple could be planning to replace both the iPhone 14 and the old SE with the new SE.

Apple’s third-generation iPhone SE is nearly three years old, but its design (including its dimensions, screen size, Home button, and Lightning port) hearkens all the way back to 2014’s iPhone 6. Put 2017’s iPhone 8 and 2022’s iPhone SE on a table next to each other, and almost no one could tell the difference. These days, it feels like a thoroughly second-class iPhone experience, and a newer design is overdue.

Other Apple products allegedly due for an early 2025 release include the M4 MacBook Airs and a next-generation Apple TV, which, like the iPhone SE, was also last refreshed in 2022. Gurman has also said that a low-end iPad and a new iPad Air will arrive “during the first half of 2025” and updated Mac Pro and Mac Studio models are to arrive sometime this year as well. Apple is also said to be making progress on its own smart display, expanding its smart speaker efforts beyond the aging HomePod and HomePod mini.

Report: iPhone SE could shed its 10-year-old design “as early as next week” Read More »

UK demands Apple break encryption to allow gov’t spying worldwide, reports say

Apple, Policy / 9u50fv / February 8, 2025

The United Kingdom issued a secret order requiring Apple to create a backdoor for government security officials to access encrypted data, The Washington Post reported today, citing people familiar with the matter.

UK security officials “demanded that Apple create a backdoor allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud,” the report said. “The British government’s undisclosed order, issued last month, requires blanket capability to view fully encrypted material, not merely assistance in cracking a specific account, and has no known precedent in major democracies.”

Apple and many privacy advocates have repeatedly criticized government demands for backdoors to encrypted systems, saying they would harm security and privacy for all users. Backdoors developed for government use would inevitably be exploited by criminal hackers and other governments, security experts have said.

The UK is reportedly seeking access to data secured by end-to-end encryption with Apple’s Advanced Data Protection, which prevents even Apple from seeing user data. Advanced Data Protection is an optional setting that users can enable for iCloud backups, photos, notes, and other data.

“Rather than break the security promises it made to its users everywhere, Apple is likely to stop offering encrypted storage in the UK,” The Washington Post paraphrased its sources as saying. “Yet that concession would not fulfill the UK demand for backdoor access to the service in other countries, including the United States.”

Apple opposes UK snooping powers

The Technical Capability Notice was reportedly issued by the UK Home Office under the Investigatory Powers Act (IPA). The 2016 law is nicknamed the Snoopers’ Charter and forbids unauthorized disclosure of the existence or contents of a warrant issued under the act.

“Apple can appeal the UK capability notice to a secret technical panel, which would consider arguments about the expense of the requirement, and to a judge who would weigh whether the request was in proportion to the government’s needs. But the law does not permit Apple to delay complying during an appeal,” the Post wrote.

UK demands Apple break encryption to allow gov’t spying worldwide, reports say Read More »

DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers

AI, Apple, Biz & IT, DeepSeek, Encryption, iOS, privacy, Security / Shannon Garcia / February 7, 2025

Apple’s defenses that protect data from being sent in the clear are globally disabled.

A little over two weeks ago, a largely unknown China-based company named DeepSeek stunned the AI world with the release of an open source AI chatbot that had simulated reasoning capabilities that were largely on par with those from market leader OpenAI. Within days, the DeepSeek AI assistant app climbed to the top of the iPhone App Store’s “Free Apps” category, overtaking ChatGPT.

On Thursday, mobile security company NowSecure reported that the app sends sensitive data over unencrypted channels, making the data readable to anyone who can monitor the traffic. More sophisticated attackers could also tamper with the data while it’s in transit. Apple strongly encourages iPhone and iPad developers to enforce encryption of data sent over the wire using ATS (App Transport Security). For unknown reasons, that protection is globally disabled in the app, NowSecure said.

Basic security protections MIA

What’s more, the data is sent to servers that are controlled by ByteDance, the Chinese company that owns TikTok. While some of that data is properly encrypted using transport layer security, once it’s decrypted on the ByteDance-controlled servers, it can be cross-referenced with user data collected elsewhere to identify specific users and potentially track queries and other usage.

More technically, the DeepSeek AI chatbot uses an open weights simulated reasoning model. Its performance is largely comparable with OpenAI’s o1 simulated reasoning (SR) model on several math and coding benchmarks. The feat, which largely took AI industry watchers by surprise, was all the more stunning because DeepSeek reported spending only a small fraction on it compared with the amount OpenAI spent.

A NowSecure audit of the app has found other behaviors that researchers found potentially concerning. For instance, the app uses a symmetric encryption scheme known as 3DES or triple DES. The scheme was deprecated by NIST following research in 2016 that showed it could be broken in practical attacks to decrypt web and VPN traffic. Another concern is that the symmetric keys, which are identical for every iOS user, are hardcoded into the app and stored on the device.

The app is “not equipped or willing to provide basic security protections of your data and identity,” NowSecure co-founder Andrew Hoog told Ars. “There are fundamental security practices that are not being observed, either intentionally or unintentionally. In the end, it puts your and your company’s data and identity at risk.”

Hoog said the audit is not yet complete, so there are many questions and details left unanswered or unclear. He said the findings were concerning enough that NowSecure wanted to disclose what is currently known without delay.

In a report, he wrote:

NowSecure recommends that organizations remove the DeepSeek iOS mobile app from their environment (managed and BYOD deployments) due to privacy and security risks, such as:

Privacy issues due to insecure data transmission

Vulnerability issues due to hardcoded keys

Data sharing with third parties such as ByteDance

Data analysis and storage in China

Hoog added that the DeepSeek app for Android is even less secure than its iOS counterpart and should also be removed.

Representatives for both DeepSeek and Apple didn’t respond to an email seeking comment.

Data sent entirely in the clear occurs during the initial registration of the app, including:

organization id
the version of the software development kit used to create the app
user OS version
language selected in the configuration

Apple strongly encourages developers to implement ATS to ensure the apps they submit don’t transmit any data insecurely over HTTP channels. For reasons that Apple hasn’t explained publicly, Hoog said, this protection isn’t mandatory. DeepSeek has yet to explain why ATS is globally disabled in the app or why it uses no encryption when sending this information over the wire.

This data, along with a mix of other encrypted information, is sent to DeepSeek over infrastructure provided by Volcengine a cloud platform developed by ByteDance. While the IP address the app connects to geo-locates to the US and is owned by US-based telecom Level 3 Communications, the DeepSeek privacy policy makes clear that the company “store[s] the data we collect in secure servers located in the People’s Republic of China.” The policy further states that DeepSeek:

may access, preserve, and share the information described in “What Information We Collect” with law enforcement agencies, public authorities, copyright holders, or other third parties if we have good faith belief that it is necessary to:

• comply with applicable law, legal process or government requests, as consistent with internationally recognised standards.

NowSecure still doesn’t know precisely the purpose of the app’s use of 3DES encryption functions. The fact that the key is hardcoded into the app, however, is a major security failure that’s been recognized for more than a decade when building encryption into software.

No good reason

NowSecure’s Thursday report adds to growing list of safety and privacy concerns that have already been reported by others.

One was the terms spelled out in the above-mentioned privacy policy. Another came last week in a report from researchers at Cisco and the University of Pennsylvania. It found that the DeepSeek R1, the simulated reasoning model, exhibited a 100 percent attack failure rate against 50 malicious prompts designed to generate toxic content.

A third concern is research from security firm Wiz that uncovered a publicly accessible, fully controllable database belonging to DeepSeek. It contained more than 1 million instances of “chat history, backend data, and sensitive information, including log streams, API secrets, and operational details,” Wiz reported. An open web interface also allowed for full database control and privilege escalation, with internal API endpoints and keys available through the interface and common URL parameters.

Thomas Reed, staff product manager for Mac endpoint detection and response at security firm Huntress, and an expert in iOS security, said he found NowSecure’s findings concerning.

“ATS being disabled is generally a bad idea,” he wrote in an online interview. “That essentially allows the app to communicate via insecure protocols, like HTTP. Apple does allow it, and I’m sure other apps probably do it, but they shouldn’t. There’s no good reason for this in this day and age.”

He added: “Even if they were to secure the communications, I’d still be extremely unwilling to send any remotely sensitive data that will end up on a server that the government of China could get access to.”

HD Moore, founder and CEO of runZero, said he was less concerned about ByteDance or other Chinese companies having access to data.

“The unencrypted HTTP endpoints are inexcusable,” he wrote. “You would expect the mobile app and their framework partners (ByteDance, Volcengine, etc) to hoover device data, just like anything else—but the HTTP endpoints expose data to anyone in the network path, not just the vendor and their partners.”

On Thursday, US lawmakers began pushing to immediately ban DeepSeek from all government devices, citing national security concerns that the Chinese Communist Party may have built a backdoor into the service to access Americans’ sensitive private data. If passed, DeepSeek could be banned within 60 days.

This story was updated to add further examples of security concerns regarding DeepSeek.

Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Dan is based in San Francisco. Follow him at here on Mastodon and here on Bluesky. Contact him on Signal at DanArs.82.

DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers Read More »