Yeah, I'm one of them. The iOS keyboard has slowly become so bad that it's easier to dictate instead, and my partner does the same while driving via CarPlay. This is horrible to read about.
> Even worse, this particular exploit would also allow the app to request DoAP audio on-demand, bypassing the need to wait for the user to talk to Siri or use dictation.
Simple kill switches would be nice to see but I doubt Apple would ever implement something like that.
I agree with your take!!
If you scroll to the "Full TCC Bypass on macOS" portion, you can see that this bug allows folks to turn on an Airpod and direct that audio to a macOS device. This could enable what is known as a Tempest Attack[0,1]
>BTLEServerAgent did not have any entitlement checks or TCC prompts in place for its com.apple.BTLEAudioController.xpc service, so any process on the system could connect to it, send requests, and receive audio frames from AirPods. This exploit would only work on macOS, because the more restricted sandbox of iOS prevents apps from accessing most global mach services directly.
Stuff like that are why I hate Bluetooth in general, and I'm on the fence if either my laptop OR phone will be Apple products when I replace them.
(They seem to cater to people who replace their devices every year and camp out outside the Apple store for new Apple stuff like nerds rather than the folks who didn't want to spend every weekend messing with kernel drivers and thus adopted what I will continue to refer to as "shiny BSD" even though they long since changed the name from OSX to macOS.)
-- [0] https://en.wikipedia.org/wiki/Tempest_(codename)#Public_rese... [1] http://m6rqq6kocsyugo2laitup5nn32bwm3lh677chuodjfmggczoafzw[...
Basically whenever I just want to get my thoughts out and I'll be the only person reading it, so I don't worry about typos because I can always figure out what I meant.
It's a godsend in terms of speed. I type fast but my brain still goes faster. But I definitely speak faster than I can think.
It only works privately in an office or at home though, obviously. Not helpful on the subway.
Can physical microphones be removed from Apple devices by a repair shop, while still allowing use of wired/wireless headsets?
We need Purism-style hardware kill switches for microphones, cameras and radios.
Yes, this is what I do. The mike is actually still in the laptop but it's disconnected from the motherboard. On a 2021 M1 Macbook pro all you need to do is pop off the back cover and disconnect one cable on the right side of the motherboard. All in all takes about 10 minutes of work.
I actually just learned this exists on new iPad models too, with any MFi-compliant case!
I know this isn’t strictly relevant, since the vulnerability discussed here is during active use, just thought you might find it interesting.
https://support.apple.com/en-ca/guide/security/secbbd20b00b/...
> and then receive a reply in the form of "here's what I found on the web...
Really made me chuckle. As a non-Apple user who has to put up with Homepods, this rings so very true.
I suggest people do what I do, load a profile that disables Siri - easily created using the Apple Configurator tool (under "Restrictions" untick "Allow Siri").
N.B. I've never looked closely under Settings on the phone itself, there may well be Siri off option there ? But I just load profiles as I find its easier for hardening.
I'm reminded about the Apple Music passage in the After Steve book, where Apple tried to fuck over musicians just because they thought they could get away with it (zero royalty payments during Apple Music trials, so the trial was 100% subsidized by labels and artists), before walking it back. The executives are clearly far more concerned with bad PR, and not guided by values or principles.
I agree it’d be nice to have a choice for how it works on your device, but current behavior would still be a good default.
There's really no basis for this beyond its reflexive repetition on messageboards. You might as well type 'million dollar logout CSRF' in every vulnerability report thread.
The Google Pixel series seems pretty solid for reliability. I have a Pixel 7 Pro and it's been really good so far in terms of software and build quality. I strongly prefer it to my iPhone 13 Pro, which I'm currently selling off.
But iPhone vs Samsung Galaxy? iPhone wins by a mile. I never got used to the custom interface Samsung loaded onto those phones, and hated that it included Samsung-specific apps that just duplicated those already available by default on stock Android.
Remote MDM? Lol nightmare using apples gear. Warranty services? Also a nightmare. Fleet level warranty support? Ahahhahhaha have fun paying folks like IBM out the kazoo. No thanks.
iPhones are rock solid if you played w Fischer price toys as a kid and only ever plan to be on the public consumer end of the game, making calls and using apps someone else has decided are ok for you. Go up the line to fleet rollout or bulk purchasing/warranty work or running custom line of business apps. Ahahhahhaha have fun w apple I've done the work when I was w/ ibm, I refuse to touch it these days.
And accelerometers and ...
There have been reports that the 2020 iPhone SE cannot be used without a microphone:
The other day in a hurry and driving somewhere, I ended up w/ both Apple Maps and Google Maps open, simultaneously giving me directions.
"Hey Siri, close Google Maps"
"To close an application, swipe up from the bottom of the phone..."
To paraphrase a quote from Steve Jobs, if your voice assistant asks you to touch the screen, you blew it.
Gold.
My only other use of Siri usually involved phrases like "stop", "go away", "close", "fucking close!", "you stupid fcking * ** close the **** thing" when Siri would pop up out of nowhere and interrupt whatever I was actually doing. I had it turned off, but occasionally somehow it's back on, listening.
Other actual attempts at using it have been no better than 50% effective, so it wasn't worth the trouble. And I was speaking very clearly and articulately.
I've observed a friend (a Googler who had Google-fied his house) have frequent useless conversations with the Google assistant, so maybe 50% is the best you can hope for. No experience with Alexa, but I'd be too scared to even turn it on; I might end up with three refrigerators delivered the next day.
I do have an older iPhone 10 and maybe it's just not up to the task of running Siri? But if so they should disable it rather than put on this extremely amateur feeling show.
For what it's worth we have an Echo Dot in the house and I find it to be both orders of magnitude more responsive and more likely to actually do what I asked for. No unwanted refrigerators have arrived as of yet.
How, after all these years, is it still so stunted? There are Telegram bots with better interaction.
“Get directions to the nearest gas station.”, “What’s the score of the Giant’s game?”, “Play Master of Puppets”, “What is 4’3” in centimeters?” And many, many more.
big mistake. Turns out I say "Hey Sarah" a hundred times a day, and all my iDevices pipe up and simultaneously say "Yeah?" "WHAT'S UP" "HEY OVER HERE" "Hi it's me Siri what do you need?"
Siri is a better option than the alternative "voice assistants" on the market, but they're all bad in my book, and I don't want any of them.
I briefly enabled so I could text mum to say when I was nearly home. Avoids sneaking a traffic light text. Turns out it was waaaaaaaay more distracting and time consuming to get siri to text a single word, so back into the box it went
I try to use Siri for the same things, but she suuuuuuucks. If I ask her to play a song, 9 out of 10 times it will do something idiotic- like I say "hey siri play tears in heaven on spotify", she might reply "now playing tears in heaven by a shitty kazoo cover band". If I say "navigate to the closest olive garden", it would say "navigating to olive garden corporate headquarters, estimated travel time 43 hours 12 minutes." But never mind, I can see the olive garden I was looking for, it's at the end of the street I'm on.
These are artificial examples because I can't remember specifics right now, but trust me - the real examples were just as dumb.
She's great at setting timers or alarms though! And I can reliably use her to pause, skip, or adjust volume when I'm showering or something.
My dad on the other hand loves his full size HomePod stereo pair and uses them frequently, almost entirely for playing music with voice commands. I think there are other things he might find it useful for but I haven't shown him those yet.
Just like HDD failures, it is not a question of if but when.
Aside from setting a timer, I've not seen Siri do anything more useful in 9 years. You haven't missed anything.
"Siri, timer, one hour thirty"
"Timers can't be set for a time of day, so I set your Timer alarm for 1:30"
Every damn time. Siri hates Brits.
My mother loves using Siri, she always uses it when she wants to look things up. It seems quite useful for people who aren't proficient at typing quickly, easier to ask Siri.
That's literally the only thing.
When I try typing "Play [song] on repeat", it never understands that; it plays it, but not on repeat.
There's zero excuse due to mishearing me, since I'm typing everything. Siri is just defective, and I think it's a great measure of how dysfunctional Apple and poorly-run is. Why are all of Apple's AI and online-service efforts amateur hour?
I haven't bothered yet to add a open/close sensor so the current open state is lost if I use the remote. I have to invert the actions when this happens. Annoying but I only need to use it this way occasionally.
My "integration" with Siri is to set up an iOS shortcut and use Siri to trigger it.
Even if by another party that could have found it before?
Are you saying that this particular bug would not be worth more than $7000 in one of these markets, or are you questioning the very existence of these markets?
Google The NSO Group for an example, and that’s just private entities. nation state actors are a whole other market for such things.
Apple has since extended this helpful "innovation" to the power button, which no longer turns off iPhones, requiring a faraday bag to block WiFi/BT/UWB radios from communicating while iPhone is "powered off".
> With iOS 15, your iPhone is still traceable through the Find My network even when the device is powered off. It seems that with iOS 15, the phone is not really fully ‘powered off’, it stays in a low-power state and acts like an AirTag, allowing any nearby iOS device to pick up the Bluetooth signal and send back its location.
https://www.androidpolice.com/google-pixel-phones-struggling...
That is a complete dealbreaker for me for Android. Also, Google.
1. Pleco
2. Wechat
3. Kindle app
Pleco (a dictionary) and Kindle (an ebook reader) work fine offline. Why wouldn't they?
Wechat, of course, can't do anything offline, because it's communication software. It is not even clear what "use wechat offline" would mean.
Android itself obviously works equally well whether you're connected to the Internet or not. What do you mean by becoming "almost a brick"?
https://www.theverge.com/2021/6/7/22522993/apple-siri-on-dev...
All I know is what I experienced: it got less reliable with the switch and stopped handling stuff it handled perfectly before, then got better with a newer phone.
How could I have been such a fool!???
In case you are earnestly somehow unaware, Sarah is among the most popular feminine given names of all time, with Hebrew origin but also popular with Christians, Muslims, nonreligious people in areas influenced by those religions, and in just about every country and culture influenced by any of those. It's hard to even think of a culture which doesn't use the name Sarah in some form; I'm drawing a complete blank; where are you from? Alpha Centauri?
"Sorry, I don't have a headset right now, we'll have to talk later". It's not that "frustrating", really.
“Oh, you know, I’m a bit paranoid about my microphone being hacked so I disconnected the microphone internally. If you give me 10 minutes, I can put it back together real quick”
Not the vibe I personally wanna be giving friends and colleagues.
"How do you say Thank You in Dutch?" => "I can't translate into Dutch yet."
Oh come on, there are only half a dozen online translators which can do it.
Some mid-upper level manager in Apple should be ashamed. And every exec above them in the line to the top.
Oh no, that's awful. I mostly translate between Spanish and English, it didn't occur to me that Siri was less capable than Apple's own Translator app, it makes no sense.
But I use siri daily for things like:
- Setting and stopping alarms and timers: ("Hey siri - set alarm for tomorrow morning at 9:25" / when the alarm goes off: "Hey siri stop")
- Turning on and off my lights. Its a delight every time to say "hey siri goodnight" when I go to bed and see all the lights in the house turn off.
I have a running theory that you can tell how long any FAANG bug will stick around by just imagining a 25 year old tech dude in the bay area. If Dave the bay area tech dude will never encounter the bug, you're in for a bad time.
For example, google maps used to give terrible directions at roundabouts (traffic circles). That makes sense because there's no traffic circles in the bay area. All the people who could fix the problem weren't aware there was a problem at all. Dave is terrified of roundabouts, so of course it took about a decade for directions at roundabouts to improve.
A corollary of this is that modern software works well proportionally to how closely your setup matches that of the average bay area tech dude. Everything works best if you have a new phone (preferably an iPhone), fast computer and you speak english. Woe be to you if your computer is old and slow, or you use a right-to-left language, if you're blind or you have a bad internet connection.
Macos feels laggy and slow on a slow internet connection because of course it does. Bay area tech bros are never in that situation! What would Dave know about slow internet?
A moody teenager rips a poster of Jobs off their bedroom wall.
Option 1 is a reasonable explanation based on the behavior that arguably works best for 99% of users .
Option 2 is a “data grab” with no evidence or theories about who is grabbing what data and for what purpose.
One possible motive: a billion dollars of AirTag revenue, https://macdailynews.com/2022/06/20/apple-estimated-to-sell-...
"Oh, you disabled Bluetooth and left it that way? Well, we know better so we're going to turn it back on without your knowledge or approval. You're welcome."
I don't buy the convenience excuse either otherwise the behavior could be disabled if desired.
I would happily pick $7,000 clean money over $50,000 dirty.
> In each product with a hardware microphone cutoff, one or more lid sensors detect the physical closure of the lid or case using some physical property (for example, a Hall effect sensor or a hinge angle sensor) of the interaction. For sensors where calibration is necessary, parameters are set during production of the device and the calibration process includes a nonreversible hardware lock out of any subsequent changes to sensitive parameters on the sensor. These sensors emit a direct hardware signal that goes through a simple set of nonreprogrammable hardware logic. This logic provides debounce, hysteresis, and/or a delay of up to 500 ms before disabling the microphone. Depending on the product, this signal can be implemented either by disabling the lines transporting data between the microphone and the System on Chip (SoC) or by disabling one of the input lines to the microphone module that’s allowing it to be active—for example, the clock line or a similar effective control.
Hardware !== clunky obvious tactile contraptions
Anyway, I actually have an answer for you, at least for apple portable computers — most new macs come with a sophisticated lid angle sensor used to detect the display angle with high precision. (Previous models used more conventional Hall effect sensors which didn’t live to apples standards for a hardware cut off
Why is it importable to know the precise angle of the display in relation to the top case of the computer? Because you can detect when it’s closed with a high degree of confidence!
> How is the T2 connected to the laptop lid, where does the contact breaks?
So, your comment clearly indicates that you have very little experience with apple products and industrial design and engineer. You also made no effort to look into the matter see if you could find an answer yourself (it took me 4 mins of googling to connect the new LAS to the mic cutoff when computer is closed.
So you made a spurious allegation that apple was lying, when pushed on it, you followed up with an even more nonsensical comment that made your lack of hardware experience more obvious.
And after all of that, rather than having the self-awareness to drop the matter, or at very least, do some of your own research, you instead decide to sign off by accusing apple of misleading their users.
Super weird.
This isn't just a SV thing, though. I downloaded a well-regarded weather app from a country in Europe that has pretty consistent humidity. The app didn't even show humidity. People have trouble seeing outside their bubble. SV just happens to have outsized influence, for now.
$25,000. App access to a small amount of sensitive data normally protected by a TCC prompt.
In this case you get a misleading prompt, the access requires additional interactions. It's a serious bug and I'm all for reporters of serious bugs getting bigger bounties from companies that have more cash than they know what to do with. But simply dropping a random number in every single one of these threads is just noise, not even advocacy or technical discussion.
Edit: NEVER MIND, that's correct, sorry. Why the heck does the article put the most dangerous part only at the end, and not include it in the tl;dr or anywhere else at all...??
>The top payouts in each category are reserved for high quality reports and are meant to reflect significant effort, and as such are applicable to issues that impact all or most Apple platforms
It seems like the researcher put in significant effort, the demonstration was gold plated, or comparable exploits require far greater amounts of time and work to uncover.
The platform coverage seems broad enough to tick that box.
I would be very interested to read the internal report on how the $7k bounty figure was arrived at.
I suppose that won't happen, as it would wreck the Find My network if it depends solely on Bluetooth.
Not that elegant of course, but sort of makes it possible.
For security this is probably something that could be brought in to lockdown mode for people who want absolute security over convenience.
> wreck the Find Me network if it depends solely on Bluetooth
Find Me presumably uses all identifiable radios, including BT, UWB, Wi-Fi.
I worry about requiring switches in the same way one can require a universal standard for power delivery. (The EU did that recently... good move IMO, though I can understand the delay since discussions about amperages and whatnot do take time.[0])
Maybe requiring anyone who wants to contract with the US government to offer such a model, and that said model be available for consumer purchase as well, would be a simple solution.
They sometimes won't let say, Russia, buy the same stuff as say... Canada... but that's usually stuff like night vision goggles. The exact same phone or laptop, just slightly larger with more switches shouldn't have any... I think the word is "export controls"?
Please keep in mind, I am not a lawyer, and I'm very stupid -- I only have a master's degree -- so sometimes the things I say are wrong... please only credit me for the times I'm right. Thx!
I'm off to do more drugs now... have a nice Thursday!!
- Greg from Pennsylvania
[0] https://www.npr.org/2022/10/07/1127543116/eu-mandate-for-a-s...
Well, let's try to conceive it. Our state level actor is now in possession of an exploit that lets them eavesdrop on a target when they text-dictate or activate Siri, while wearing particular Apple headphones. After getting the target to install a specific malicious app from the App Store. And to run it. And to give it Bluetooth permission. And to make sure to restart it whenever they reboot their phone or the phone kills it for any reason. The value of this as state-level actor surveillance malware feels a lot closer to $0 than $7000 to me but I'm happy to hear a different conception of how this might work.
Remember, at the end of the day the sale is to the government and they have big pockets and less common sense.
Shadowy brokers are buying up impractical exploits by mistake seems like an essentially unfalsifiable claim.
The idea does have some benefit though. For example, if you enable “Express Transit” for Apple Pay and your phone runs out of battery, you still will be able to tap-to-pay for a subway / bus ride home. The payment NFC subsystem is also separate and has its own battery reserve.
So, not off then.
The same button in Control Center previously Turned Off the Bluetooth radio.
The button does not do what it (a) claims to do, (b) previously did.