Representatives from Match (aka Tinder), Spotify and Tile got in front the US Senate overnight and spilled their guts about all the ways Apple has tried to fuck them over. Spotify highlighted how they had to increase their price from $9.99 to $12.99 (due to Apple's insistence on a 30% cut), but Apple launched Apple music at $9.99, undercutting Spotify because they don't have to pay themselves a 30% commission. Tile accused Apple of making it difficult to enable location permissions that make Tile's app more useful, but not applying those same permissions by default to Apple's very similar app shipped with iOS.
You've probably heard of Cellebrite - the infamous hardware and software kit allowing spooks, cops and dictators to extract data out of smartphones they've got physical access to. Moxie Marlinspike (the head honcho at Signal) found one on the street when he was out for a walk (*wink*) and discovered that Cellebrite's software is full of vulnerabilities that can be relatively easily exploited if one of the apps a Cellebrite user extracts data from contains a file designed to do so. An issue that might allow defense lawyers to question the legitimacy of evidence obtained by Cellebrite. Oh and he also found that Cellebrite is redistributing and incorporating Apple's DLLs into its own product. Oops.
A ransomware group calling themselves REvil is blackmailing Apple to the tune of US$50m, claiming it will release schematics and images it pilfered from Quanta (who make the computers for Apple) on a regular basis until someone (either Quanta or Apple) pays up. Quanta confirmed they were taken advantage of and that they refuse to pay up, leaving the ball in Apple's court. To show they're serious, REvil has released some of their illicit bounty, giving us a taste of what might come in the upcoming Apple Silicon 14" and 16" MacBook Pros. MagSafe for power is back. The SD card slot is back. There's a dedicated HDMI port. A TouchBar is nowhere to be seen. I like what I see, thank you degenerate, opportunistic hackers.
Have you heard about Federated Learning of Cohorts (aka FLoC)? It's a new "feature" in Chrome that Google is using as a way for advertisers to target users without resorting to 3rd party cookies, which have been depreciated lately because they're a privacy mess. FLoC takes the last week of your browsing history and lumps you with similar users around the world and assigns that group an ID that is then shared with basically anyone who wants to see it. I don't know enough about it to say if it's a shitshow or not, but the EFF isn't impressed and they're generally on the right side of history when it comes to this stuff.
📻 When The Shit Hits The Fan - Circle Jerks
😎 The Sizzle is curated by Anthony "@decryption" Agius and emailed every weekday afternoon.
💬 Did you know that The Sizzle has a Slack group? Join in and chat with other subscribers like you.
💳 Paid subscriber looking to manage your billing info? Visit the customer portal.
The Sizzle is created on Wathaurong land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.