Capacities up to 56TB and speeds up to 1527MB/s
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$348 $298
SAVE $50

$170 $110
SAVE $60

$300 $175
SAVE $125

$999 $879
SAVE $120

$400 $310
SAVE $90

$2098 $1298
SAVE $800

$1499 $1149
SAVE $350

$322 $242
SAVE $80

$1499 $1149
SAVE $350

$1299 $949
SAVE $350

$180 $140
SAVE $40

$1299 $949
SAVE $350

$500 $500
SAVE $click

$180 $156
SAVE $24

$130 $100
SAVE $30

$3498 $2998
SAVE $500

$1699 $1149
SAVE $550

$280 $230
SAVE $50

$1899 $1499
SAVE $400

$4499 $3499
SAVE $1000

$2198 $1998
SAVE $200

$3998 $3498
SAVE $500

$1799 $1699
SAVE $100

$18599 $16599
SAVE $2000

$1149 $849
SAVE $300

$650 $450
SAVE $200

$199 $119
SAVE $80

$280 $200
SAVE $80

$1399 $1049
SAVE $350

$1199 $779
SAVE $420

$250 $220
SAVE $30

$1699 $1149
SAVE $550

$195 $125
SAVE $70

$79 $49
SAVE $30

$120 $30
SAVE $90

$198 $148
SAVE $50

$3899 $1499
SAVE $2400

$2999 $1999
SAVE $1000

$1699 $849
SAVE $850

$1698 $1198
SAVE $500

$1149 $849
SAVE $300

$1399 $1049
SAVE $350

$1498 $998
SAVE $500

$2797 $2497
SAVE $300

$280 $230
SAVE $50

$899 $549
SAVE $350

$420 $170
SAVE $250

$1699 $1149
SAVE $550

$3397 $3097
SAVE $300

OWC Envoy Express

World’s first Thunderbolt 3 M.2 NVME SSD enclosure.

Super fast, bus-powered, 3.3 oz, DIY easy, rugged and compact!


See also OWC Express 4M2
√ No more slow and noisy hard drives!

Apple M1 Macs: Single-Core Performance is Awesome, Multi-Core Lags the Professional Intel Macs

re: OWC ANNOUNCES PRODUCT COMPATIBILITIES WITH NEW APPLE M1 MACS
re: Thoughts on Apple’s Transition away from Intel CPUs to Apple ARM, macOS Big Sur

The Apple M1 chip is quite an accomplishment, an engineering tour de force with impressive single-core performance. Ditto for GPU performance. The foregoing based on the performance benchmarks I found at MacRumors.com.

But dig a bit deeper, and it’s can be seen that new Apple M1 Macs lag well behind what a high-end Intel-based iMac or Mac Pro or MacBook Pro can do on multi-core performance. Still, that the 2020 Mac mini M1 can nearly match the 2017 iMac Pro 8-core is impressive indeed—at a small fraction of the cost.

Also, the severe memory constraints of the first crop of Apple M1 Macs is simply unacceptable for my workflow, and for many professionals. Though just fine for most users.

So for those needing performance and not keen on paying for it (a current Intel-based Mac), wait 6 to 12 months for an Apple M1 Mac offering:

  • Minimum of 64GB memory (128GB or more is better).
  • At least 50% more CPU cores or faster clock speeds.
OWC Accelsior 4M2 PCIe SSD
6000 MB/sec!
Mac or PC.


Ideal for Lightroom, Photoshop, video.
Capacity up to 16TB!
OWC Envoy Express

World’s first Thunderbolt 3 M.2 NVME SSD enclosure.

Super fast, bus-powered, 3.3 oz, DIY easy, rugged and compact!


See also OWC Express 4M2
√ No more slow and noisy hard drives!
OWC Thunderblade Thunderbolt 3 SSD

Blazing fast, up to 16TB.

YEE HAH!



√ No more slow and noisy hard drives!

First Iteration of Apple M1 Macs: 16GB memory Limit Puts Hard Ceiling on Potential Uses

re: OWC ANNOUNCES PRODUCT COMPATIBILITIES WITH NEW APPLE M1 MACS
re: Thoughts on Apple’s Transition away from Intel CPUs to Apple ARM, macOS Big Sur

The Apple M1 chip is quite an accomplishment, an engineering tour de force. But it remains to be seen just what Apple can achieve when it comes to a serious professional-grade machine, laptop and destkop, which means a minimum of 128GB memory capability for desktops, and 64GB for laptops.

There are other 'deal killers' for me with the M1 Macs: software compatibility. It will be half a year before we have a stable and reliable Java for M1 Macs. And other development tools may lag as well, having to run in emulation for quite some time.

All of the Apple M1 Macs are limited to 16GB memory. This is fine for email and web browsing and low-grade usage. But it’s not sufficient for photographers or videographers. Claims about performance are misleading twaddle if/when the OS is force into compressed memory and/or virtual memory paging by an artificially low memory limit, though this unhappy situation is partially mitigated by a fast internal SSD.

OTOH, Apple knows their market, and these machines which are low end to many of us are just great for 95% of the Mac-buying public and even for light usage (think travel) where memory won’t be a limiting factor (small photo catalogs, relatively small Photoshop files, etc).

Mac mini: 16GB for the M1 vs 64GB for the Intel model. Not that I can recommend the Mac mini at all, it being the most unreliable Mac I have ever used (can take me 10-20 minutes to get the on any kind of port to sync up), and it cannot boot a usable OS for a real server setup (won’t mount volumes until user logs in, remote access won't work, etc).

MacBook Pro 13" — 16GB M1 vs 32GB for the Intel model—nothing “pro” about it.

MacBook Air 13" — 16GB. Presumably perfect for the traveler doing light stuff.

It’s clear that 16GB is pathetic even for a college student of some majors though—my daughter running a Linux VM with ciruit design software on a MacBook Pro with only 16GB is feeling the pain. No “pro” Mac should have less than 32GB memory.

See also: WHY ARE THE MEMORY OPTIONS SO LIMITED ON APPLE’S NEW M1 MACS?

View all handpicked deals...

Lexar 128GB Professional 2000x UHS-II SDXC Memory Card
$170 $110
SAVE $60

Black Friday Deals at OWC

Thank you for buying through links or ads on this site—it matters to me—thanks!

OWC Black Friday Deals (preferred vendor for all things computerish)

B&H Photo Black Friday Deals including regular flash deals plus wishlists, top deals and deal finder, all updated daily.

Amazon.com @AMAZON for everything else.

OWC Black Friday Deals

Up to 1527MB/s sustained performance

Apple Spyware in macOS Big Sur Cannot be Disabled (“sneak.berlin: Your Computer Isn’t Yours”)

Welcome to the Brave New World @AMAZON of Apple macOS Big Sur. Or is it “macOS Big Sure”, as in “we are sure we know all about when and where you use your Mac”?

The propaganda that Apple has been promulgating about respecting user privacy and security are now laid bare for the world to see. All goodwill that Apple has EVER generated with respect to privacy is obliterated by this new spyware in macOS Big Sur. Bound into the innards of macOS Big Sur so securely that programs like Little Snitch cannot block it.

Totalitarian states will just love this new spyware “feature”.

Has this spyware has been backported? Meaning, did recent security updates to macOS Mojave really bake-in spyware as part of the update? Dunno, but this may have been going on for two years.

sneak.berlin by Jeffery Paul: Your Computer Isn't Yours

12 November 2020

...in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didn’t realize this, because it’s silent and invisible and it fails instantly and gracefully when you’re offline, but today the server got really slow and it didn’t hit the fail-fast code path, and everyone’s apps failed to open if they were connected to the internet.

Because it does this using the internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level and ISP-level geolocation, and allows for a table that has the following headings:

Date, Time, Computer, ISP, City, State, Application Hash

Apple (or anyone else) can, of course, calculate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, cracking or reverse engineering tools, whatever.

This means that Apple knows when you’re at home. When you’re at work. What apps you open there, and how often. They know when you open Premiere over at a friend’s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.

Well, it’s not just Apple. This information doesn’t stay with them:

This data amounts to a tremendous trove of data about your life and habits, and allows someone possessing all of it to identify your movement and activity patterns. For some people, this can even pose a physical danger to them.

...

...If you’ve the most efficient high-res laptop in the world, you can’t turn this off.*

Let’s not think very much right now about the additional fact that Apple can, via these online certificate checks, prevent you from launching any app they (or their government) demands be censored.

...

Was Apple really this wantonly incompetent, or did they get caught and now realize they got caught Toobinating things?

The good news is that Apple has, just today, publicly committed, presumably in response to this page, to:

  1. deleting the IP logs
  2. encrypting the communication between macOS and Apple to prevent the privacy leak
  3. giving users an option of disabling these online checks that leak what apps you’re opening and when.

They use deliberately confusing language here to lead you into conflating Gatekeeper with Notarization, so that you will believe that the connections are currently encrypted, while not lying. The Gatekeeper OCSP checks described in this post (“Gatekeeper performs online checks”) are not encrypted. (The notarization ones, which aren’t relevant here, are.)

Apple’s spin doctors are among the best in the world, and my hat’s off to them.

...It sucks that they’ve let the NSA, CIA, your ISP, et al slurp up this unencrypted pattern-of-life data off the wire for the last 2+ years, and they’re still going to transmit the data (encrypted) to Apple in realtime, on by default every single mac, but at least the 0.01% of mac users who know about it now can turn it off, so Apple will only get a realtime log of what apps you open, when, and where for the other 99.99% of mac users. Cool.

This is, sadly, about as close as you can possibly get to a “we fucked up” from Apple PR: they’re deleting their IP logs, encrypting their shit, and letting you turn it off. This is great, but they have remained totally silent on the fact that their OS apps will still bypass your firewall and leak your IP and location past your VPN on Big Sur and how they’re still not fixing the key escrow backdoor in iMessage’s encryption so Apple sysadmins and the FBI can keep seeing your nudes and texts in iMessage.

...

In short, the knowledgeable user can have better privacy, but no one else will and Apple has not committed to real privacy. Shame on Apple, and this all falls on Tim Cook.

Related: your iCloud backups that not private , iMessage is not private

In other news, Apple has quietly backdoored the end-to-end cryptography of iMessage. Presently, modern iOS will prompt you for your Apple ID during setup, and will automatically enable iCloud and iCloud Backup.

iCloud Backup is not end to end encrypted: it encrypts your device backup to Apple keys. Every device with iCloud Backup enabled (it’s on by default) backs up the complete iMessage history to Apple, along with the device’s iMessage secret keys, each night when plugged in. Apple can decrypt and read this information without ever touching the device. Even if you have iCloud and/or iCloud Backup disabled: it’s likely that whoever you’re iMessaging with does not, and that your conversation is being uploaded to Apple (and, via PRISM, freely available to the US military intelligence community, FBI, et al—with no warrant or probable cause).

See also: Apple dropped plan for encrypting backups after FBI complained - sources:

...the company did not want to risk being attacked by public officials for protecting criminals, sued for moving previously accessible data out of reach of government agencies or used as an excuse for new legislation against encryption.

“They decided they weren’t going to poke the bear anymore,” the person said, referring to Apple’s court battle with the FBI in 2016 over access to an iPhone used by one of the suspects in a mass shooting in San Bernardino, California.

...Apple’s iCloud, on the other hand, can be searched in secret. In the first half of last year, the period covered by Apple’s most recent semiannual transparency report on requests for data it receives from government agencies, U.S. authorities armed with regular court papers asked for and obtained full device backups or other iCloud content in 1,568 cases, covering about 6,000 accounts.

..Had it proceeded with its plan, Apple would not have been able to turn over any readable data belonging to users who opted for end-to-end encryption.

...

With FISA court abuses a national scandal, Apple is cooperating?



Deals Updated Daily at B&H Photo

OWC ANNOUNCES PRODUCT COMPATIBILITIES WITH NEW APPLE M1 MACS

A fast handy travel drive that s crushproof, waterproof, fast and bootable!

OWC Envoy Pro Elektron USB-C SSD
one of many OWC products

OWC ANNOUNCES PRODUCT COMPATIBILITIES WITH NEW APPLE M1 MACS

THUNDERBOLT ACCESSORY LEADER CONFIRMS CURRENT THUNDERBOLT (USB-C) LINE WORKS WITH NEW MAC MODELS

Woodstock, IL – November 12, 2020 – OWC®, the premier zero-emissions Mac and PC technology company, and a respected provider of MemoryExternal DrivesSSDsMac & PC docking solutions, and performance upgrade kits announced today that its current line of Thunderbolt (USB-C) external storage and docks are compatible with Apple's new M1 Macs shipping next week. 

OWC has the Thunderbolt storage solutions you need to move large amounts of data in seconds or add multiple ports to your laptop with award-winning docks.

OWC Thunderbolt (USB-C) Storage
Whether you're building your own drive with the OWC Envoy Express, need the rugged protection of the Envoy Pro EX SSD or the peace of mind of having all your data backed up to a ThunderBay RAID, OWC storage solutions harness the speed of Thunderbolt with capacities up to 128TB.  

OWC Thunderbolt (USB-C) Docks
Need more ports? OWC provides the solutions you need to get the job done. On the go and need something that slips into your pocket? The OWC Thunderbolt 3 mini Dock lets you connect up to two 4K displays, two USB-A devices, and Ethernet. Want to build a workstation for your new MacBook Pro? With a single cable, the Thunderbolt 14-port dock lets you connect displays, drives, audio, mics, and headphones – all while charging your laptop.

"OWC Thunderbolt (USB-C) solutions are 100% compatible and ready for the new Apple M1 Macs," said Larry O'Connor, CEO and Founder of OWC. "From our flagship 14-Port Thunderbolt Dock, Flex 8, and our amazingly fast and portable Envoy Pro EX, to workhorses like the ThunderBay 4 and 8, and digital centerpiece OWC Elite Pro Dock, you can enjoy the full performance and benefit of our entire Thunderbolt lineup on these new Macs—and every Mac with Thunderbolt—via USB-C."

Pricing & Availability
OWC's full line of award-winning Thunderbolt (USB-C) products are available now at MacSales.com.


Up to 1527MB/s sustained performance

OWC Announces Envoy Pro Elektron The Fastest, Toughest Mini-Sized USB-C Bus-Powered SSD

A fast handy travel drive that s crushproof, waterproof, fast and bootable!

OWC Envoy Pro Elektron
USB-C SSD

OWC Announces Envoy Pro Elektron The Fastest, Toughest Mini-Sized USB-C Bus-Powered SSD

Small enough to fit in your pocket, this USB-C bus-powered drive is crushproof and dustproof with up to 1011MB/s in real-world speeds

OWC®, the premier zero-emissions Mac and PC technology company, and a respected provider of MemoryExternal DrivesSSDsMac & PC docking solutions, and performance upgrade kits, announces the new OWC Envoy Pro Elektron USB-C Bus-Powered SSD. This new portable drive puts pro-grade speeds, dust and waterproof ruggedness, and universal compatibility in the palm of your hand.

The OWC Envoy Pro Elektron is the fastest, toughest mini-sized SSD in the universe. Pocket-sized tiny, this USB-C bus-powered drive is crushproof, dustproof waterproof for editing/saving personal and work files anywhere at up to 1011MB/s real-world speed. That's like transferring 91 high res photos* per second or a 5GB movie in less than five seconds. The sleek, cool running aircraft-grade aluminum storage solution with drive status LED operates silently without a power adapter. With the included USB-C cable and Type-A adapter, the OWC Envoy Pro Elektron is plug and play compatible with Macs or PCs produced over the last decade, current models, and well into the future; as well as iPad Pro and Chromebook tablets.

OWC Envoy Pro Elektron Highlights:

  • Superfast for all: save, backup, and edit personal and work files with up to 1011MB/s real-world performance
  • OWC Aura SSD powered: advanced NVMe technology delivers up to twice as fast performance compared to other portable SSDs
  • Universally compatible: Plug and play with Thunderbolt and USB Macs or PCs produced over the last decade, current models, and well into the future, as well as with devices like the iPad Pro and Chromebooks
  • Built like a tank: Crushproof, dustproof and waterproof IP67 rated
  • Tiny: pocket-sized to go anywhere easily
  • Bootable: start working and launch apps in seconds
  • Informative: LED for at a glance confirmation of power and activity status
  • Cool: heat-dissipating aircraft-grade aluminum housing for silent, throttle-free performance
  • Connected: included USB-C cable with Type A adapter plugs into to any machine anywhere
  • Worry-free: 3 Year OWC Limited Warranty 

 “With technology, we always want to go smaller, faster, lighter and rugged and the OWC Envoy Pro Elektron does just that,” said Larry O’Connor, CEO, and Founder of OWC. “This pocket-sized, tiny, crushproof, dustproof, and waterproof drive provides superfast, pro-grade speeds and up to 2.0TB capacity in the palm of your hand so you can edit and save wherever, whenever with virtually any Mac, PC or tablet.”

Pricing & Availability

The OWC Envoy Pro Elekton is available now through MacSales.com in capacities of 240GB and 480GB starting at $99.00 with 1.0TB and 2.0TB shipping in early and mid-November.

OWC Envoy Pro Elektron
Fast and cost effective way to backup!

How to Change Web Search Engine Preference in Web Browser, or iPhone/iPad

Reader James G writes:

Phone did the auto update to iOS 14.1 last night. It switched my Safari search engine from DuckDuckGo to Google. *********. I wonder if Apple and Google have a financial relationship. Back to DuckDuckGo now, but I wonder how many of my other privacy related settings they undid.

A recent WSJ article stated that Google pays to Apple an estimated $8 billion to $12 billion per year to make Google the default seach engine on macOS and iOS (“traffic-acquisition costs”). Heck, I’d do it for half that.

The choice of search engine can have a huge impact on search results you see, particularly for controversial topics or those the big seach giants want you to not see. This is easily seen by searching with different search engines.

Here’s where to try a different search engine. What I’d like to see Apple do is to offer an option to search with multiple engines, and give me an intermixed listing from all, for a more balanced view of the world*.

* I cannot blame Apple for skipping past that idea given the gargantuan payoff—any CEO who gave away that kind of money would and should be fired ASAP. But... next time Apple spouts-off about your privacy and working hard for you—remember that it’s all about the money.

Change seach engine in macOS Safari
Change seach engine in iOS

Up to 1527MB/s sustained performance

Apple iOS 14 is Buggier Than Ever Before, macOS Crapalina Remains a Buzzing Turd-Pile

My iPhone has been doing all sorts of strange things, including mis-drawn screens, crashes, etc. Yesterday I had to reboot it to make it behave. All of this started suddenly upon updating to iOS 14 (with the latest bandaid updates).

macOS Catalina regularly crashes, even forgetting the longstanding bugs that hurt my work every day, and surely will never be fixed. The dual display wakeup problem remains a daily headache, so I have to set the display sleep delay to at least 10 minutes to minimize the headache, but at least I have mastered the voodoo key sequence timing to avoid it 90% of the time (ESC-ENTER-ESC-ENTER-... until it syncs up).

A long-ago acquaintance writing for TidBits summarizes things nicely for what I term Apple Core Rot.

Written a year or so ago, this article applies even more to iOS 14.

Six Reasons Why iOS 13 and Catalina Are So Buggy

Overloaded Feature Lists Lead to Schedule Chicken

...managers play “schedule chicken” since no one wants to admit in the departmental meeting that their part of the project is behind... products on an annual release schedule, like iPhones and operating systems, must ship in September, whatever state they’re in...

Crash Reports Don’t Identify Non-Crashing Bugs

...Unfortunately, the crash reporter can’t catch non-crashing bugs. It’s blind to the photos that never upload to iCloud, the contact card that just won’t sync from my Mac to my iPhone, the Time Capsule backups that get corrupted and have to be restarted every few months, and the setup app on my new iPhone 11 that got caught in a loop repeatedly asking me to sign in to my iCloud account, until I had to call Apple support. (These are all real problems I’ve experienced.)

Less-Important Bugs Are Triaged

...bugs that are rare or not terribly serious—those that cause mere confusion instead of data loss—are continually pushed to the back burner by the triage system.

Regressions Get Fixed. Old Bugs Get Ignored

...Remember what I said about changes causing new bugs? If an engineer accidentally breaks a working feature, that’s called a regression. They’re expected to fix it.

But if you file a bug report, and the QA engineer determines that bug also exists in previous releases of the software, it’s marked “not a regression.” By definition, it’s not a new bug, it’s an old bug. Chances are, no one will ever be assigned to fix it.

Automated Tests Are Used Sparingly

...Apple doesn’t do a lot of automated testing. Apple is highly reliant on manual testing, probably too much so.

Complexity Has Ballooned

...it’s practically impossible to create a comprehensive test suite.

Looking Forward

In an unprecedented move, Apple announced iOS 13.1 before iOS 13.0 shipped, a rare admission of how serious the software quality problem is...

MPG: “lack of automated tested” = software development incompetence. It’s not a “fad” to use automated tests; I was using them 30 years ago and use it to this day.

Complexity is the enemy both security and realiability. So what does Apple do? Add more complexity, without automated testing. This guarantees garbage quality releases, which is why they are getting worse.

OWC Thunderbolt 3 Mini Dock for Ethernet, USB, HDMI

The about $119 OWC Thunderbolt 3 Mini Dock could be super handy for laptop users looking for core connectivity since all recent models have no ethernet or USB-A ports.

OWC Thunderbolt 3 Mini Dock

Features:

  • Connect two 4K displays via two HDMI 2.0 ports 
  • HDCP 2.2 compatible for effortless streaming of 4K UHD content
  • Supports HDMI precision multi-channel audio (LCPM, DTS, and Dolby Digital)
  • One Gigabit Ethernet port with PXE Boot and Wake-on-LAN support
  • Connect a portable drive, flash drive, or card reader via one USB 3 5Gb/s port1
  • Charge small mobile devices and most smartphones via USB 3 port2
  • Connect a keyboard or mouse via USB 2 port
  • Bus-powered and portable
  • Integrated 7.2-inch Thunderbolt 3 cable
  • Thunderbolt certified for macOS and Windows machines

If Ethernet is not needed and one HDMI port suffices, the about $55 OWC USB-C Travel Dock is preferable, because it has more and faster USB-A ports, an SDXC card reader, a USB-C port and pass-through charging.


OWC Thunderbolt 3 Dock
Ideal for any Mac with Thunderbolt 3


Dual Thunderbolt 3 ports
USB 3 • USB-C
Gigabit Ethernet
5K and 4K display support plus Mini Display Port
Analog sound in/out and Optical sound out

Works on any Mac with Thunderbolt 3

If Apple Can’t Get the Basics Right, How Can you Expect Security? — “We Hacked Apple for 3 Months: Here’s What We Found”

Apple cannot get the basics right.

Apple T2 Chip: Unfixable Security Flaw that Gives Attacker Full Control

But security is among the most difficult challenges of software development—far more difficult than ordinary features.

We Hacked Apple for 3 Months: Here’s What We Found

Between the period of July 6th to October 6th myself, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes worked together and hacked on the Apple bug bounty program.


During our engagement, we found a variety of vulnerabilities in core portions of their infrastructure that would've allowed an attacker to fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victim's iCloud account, retrieve source code for internal Apple projects, fully compromise an industrial control warehouse software used by Apple, and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources.

There were a total of 55 vulnerabilities discovered with 11 critical severity, 29 high severity, 13 medium severity, and 2 low severity reports. These severities were assessed by us for summarization purposes and are dependent on a mix of CVSS and our understanding of the business related impact.

As of October 6th, 2020, the vast majority of these findings have been fixed and credited. They were typically remediated within 1-2 business days (with some being fixed in as little as 4-6 hours).

MPG: should give anyone pause. Then consider state actors.



Deals Updated Daily at B&H Photo

Apple T2 Chip: Unfixable Security Flaw that Gives Attacker Full Control

If you have a castle with nuclear proof walls and a mile-deep moat... well, just fly a helicopter in, or wait till someone there does a DoorDash.

Or... let sloppy engineering do the work for you, as in this case—it’s a brain-dead screwup by Apple.

The vaunted Apple T2 chip on systems with an Intel process and Apple T2 chip apparently can be rooted with a relatively straightforward attack, child’s play for a state actor, and maybe for any good hacker. All you have to do is to get someone to plug in a USB-C cable or flash drive or whatever.

Crouching T2, Hidden Danger

Let’s talk about that thing nobody’s talking about. Let’s talk about a vulnerability that’s completely exposing your macOS devices while most are declining to act nor report about the matter. Oh, and did I mention it’s unpatchable?

...

Intel vs Silicon

This blog post only applies to macOS systems with an Intel processor and the embedded T2 security chip. Apple silicon systems will run completely on a set of Apple-designed ARM processors and thus will use a different topology based on e.g. the A12 chip. Since the A12 chip seems to have fixed this issue (to be confirmed), it’s highly likely the new Apple Silicon machines will not be vulnerable. And while the new upcoming Intel Macs at the end of year will probably receive a new hardware revision of the T2 chip (e.g. based on the A12), we are still stuck with this vulnerability on Macs between 2018 and 2020.

...

Debugging vulnerability

Apple left a debugging interface open in the T2 security chip shipping to customers, allowing anyone to enter Device Firmware Update (DFU) mode without authentication... Using this method, it is possible to create an USB-C cable that can automatically exploit your macOS device on boot(!)

...

Once you have access on the T2, you have full root access and kernel execution privileges since the kernel is rewritten before execution. Good news is that if you are using FileVault2 as disk encryption, they do not have access to your data on disk immediately. They can however inject a keylogger in the T2 firmware since it manages keyboard access, storing your password for retrieval or transmitting it in the case of a malicious hardware attachment.

•  The functionality of locking an Apple device remotely (e.g. via MDM or FindMy) can be bypassed (Activation Lock).

•  A firmware password does not mitigate this issue since it requires keyboard access, and thus needs the T2 chip to run first.

•  Any kernel extension could be whitelisted since the T2 chip decides which one to load during boot.

•  If the attack is able to alter your hardware (or sneak in a malicious USB-C cable), it would be possible to achieve a semi-tethered exploit.

While this may not sound as frightening, be aware that this is a perfectly possible attack scenario for state actors. I have sources that say more news is on the way in the upcoming weeks. I quote: be afraid, be very afraid.

I’ve reached out to Apple concerning this issue on numerous occasions, even doing the dreaded cc tcook@apple.com to get some exposure. Since I did not receive a response for weeks, I did the same to numerous news websites that cover Apple, but no response there as well. In hope of raising more awareness (and an official response from Apple), I am hereby disclosing almost all of the details. You could argue I’m not following responsible disclosure, but since this issue has been known since 2019, I think it’s quite clear Apple is not planning on making a public statement and quietly developing a (hopefully) patched T2 in the newer Macs & Silicon.

...

MPG: why is Apple not commenting or responding?



Up to 1527MB/s sustained performance

Why Doesn’t Apple Safari Work on Important Web Sites?

A certain major news site is unusable in Apple Safari on macOS unless Javascript is disabled. But Javascript is pretty much indispensible on most all sites, so that is not really a solution. I’ve tried everything I can think of. It’s remarkable that a major site would give up traffic by such bad design.

But maybe it’s more than that—maybe it’s Apple. A really important site to me for the past 8 weeks is PurpleAir.com, due to all the forest fires and hazardous smoke. But when I click through to the map at PurpleAir.com, all I get is a blank page in Apple Safari.

One workaround that sometimes works if I go to the map page directly is that I get "Failed to initialize WebGL” and I can then click on Use alternate map. So generally I am forced to use Google Chrome.

Below, today is a good day for us at AQI 56 or so... last week was 4-5 horrible days confined inside at a hazardous AQI of 180 or so.

Air Quality Index (AQI) map, PurpleAIr.com



Up to 1527MB/s sustained performance

Viewing Processes and Memory in macOS Activity Monitor

Diagnosing system issues often begins with Activity Monitor (/Applications/Utilities).

By default, only the current user processes are shown (pretty much useless). To view all processes in Activity Monitor, choose View => All Processes. To see what processes are using CPU time, click on %CPU to sort so that the greatest usage is sorted at top (ditto for real memory and other useful metrics).

The two most useful metrics are %CPU and Real Mem along with Disk and Network statistics.

Below, real work is being done by 'java' (actually IntegrityChecker). That’s what you want to see when you want a job done fast—lots of CPU cores in use. But when something like accountsd just sits around and constantly chews up CPU cycles, that’s a useless major drag on system performance.

  • Quit applications not in use, as many applications chew up enough CPU so that in total the system runs hotter and slower. For example, Dreamwaver and Photoshop will chew up 3% of a CPU each for hours on end.
  • In general, dthere is little you can do about daemon processes, as in most cases they just get respawned if force-killed. You just have to live with bad design.
  • Sorting by name can be helpful, but a vendor may use all sorts of names without the vendor name (very annoying), such as "Core Sync" and "CCX Process" from Adobe, so it’s hard to pin down all the crapware associated with any particular application.
  • Clicking the Inspect ("i") icon at top will let you see open files and ports, revealing where the process lives.
  • Drag the column dividers to change column width. You might need to do this—there is a forever bug in Catalina that can make the Process Name column as wide as the screen—scroll right and drag the darn thing to get it back to reasonable size.
  • Control-click (right click) to add or remove columns.
Activity Monitor showing %CPU, sorted by highest first



Deals Updated Daily at B&H Photo

Reader Comment: accountds Running Wild, Viewing Processes and Memory

See also: Viewing Processes and Memory in macOS Activity Monitor

Hans V writes:

Following the troubles you and your readers have with the diminishing stability of MacOSX, I wonder if more of your readers have been bitten by "accountsd running wild" bug?

It happened twice here and is very annoying. For me it is not yet clear how to surely stop it. The best I could think of was a bit of fiddling with some mail accounts and hoping it will go away on the next restart. I am very much interested in your and your readers experience with this nasty bug.

MPG: accountsd is a macOS daemon process (demon process?!) required for macOS to function. It has had problems in the past as well. Clearly buggy, 'hope' is not a plan but seems to be about as good as anything for accountsd. Still, it’s worth trying:

  • Signing out of iCloud.
  • Rebooting or logging out and logging back in.
  • Resetting SMC and.or NVRAM.

Luckily I’ve not seen this issue, but reports online of this problem make it clear that Apple has messed things up once again. It’s a damaging problem because it can seriously impair the usability of a computer, particularly a 2-core or 4-core machine—as it continuously consumes CPU time and other resources.

The number of Apple background daemon processes has skyrocketed over the past few years. Many of them are unwanted crapware that run even if the functionality they are designed for is completely disabled. A good example is 'airportd' for the Apple Airport—which I do not even have. Yet Apple always runs it, and it just gets respawned if force-killed. There are many such crapware daemon processes that run even when they are never needed.

Ditto for the huge mess of crapware daemon processes that Adobe introduces even when nothing is running or has run for hours or days.Adobe alone sometimes chews up entire gigabyte of memory—doing nothing useful. I’ve reported the problem and responded with particulars, but the issue remains, as do total system crashes when using Photoshop.


Apple Core Rot: Apple Has Lost Me as a Customer

Barring something really compelling that has solid potential to improve my workflow, I will avoid buying any new Apple hardware for as long as I can. The 2019 Mac Pro and 2019 iMac 5K will serve me well for years to come.

Nor will I update macOS on my existing machines to a major release, unless and until macOS offers something compelling (vanishingly small chance of that, as proven over the past 8 years).

No, I am not going to switch to Linux or Windoze—the transition costs and ongoing issues would be too painful to contemplate. It’s far more troublesome and difficult than most readers understand, nor do I believe that Linux or Windoze will in the end be any better—they’ll have plenty of their own problems.

The 2019 Mac Pro is something I enjoy (when it works) and despise (when it does not) every single day. On balance, it has been a huge waste of money, and if Apple offered me a refund, I’d jump at the chance.

Dana N writes:

Like you, I have suffered the demise of Apple hardware and OS over the years. So much so that I after using Apple exclusively since the Apple IIe, I built a a PC. Not so much as for my daily ride but more as a tool that works just as well as a Mac for image editing, video editing and 3D rendering but is way faster at a fraction of the cost. If you are interested in my journey, I did a write up here: https://nine-volt.com/blogs/news/building-a-mac-pro-killer-for-a-less-than-one-third-of-the-price

MPG: no argument that a machine built for specific tasks need not be a Mac—if most time is just spent in Photoshop or similar, then it’s a purpose-built workstation. While my situation is too broad to contemplate a PC as a specific tool like that, it makes a lot of sense for some people.

The good news is that with Thunderbolt 3 or Thunderbolt 4, access to all the good stuff is just as available (or more so) at OWC. See their Thunderbolt offerings for example.


Make an Old Dog Run Like a Young Puppy
with an OWC SSD

SATA, USB3, Thunderbolt, internal upgrades and PCIe SSD options for Mac or PC.
View All OWC SSDs...

Apple Core Rot: macOS Mojave Supplemental Update

The accelerating unprofessionalism of the software development process at Apple is hurting everyone. This, from the world’s most profitable company in history.

Apple could invest in proper software development practices, which means testing before shipping botched updated to customers on a fixed calendar schedule that guarantees problems.

It starts to smack of not just incompetence but greed and contempt for customers. The users whose machines were turned into unusable paperweights are fully expendable.

Rush a release out, and let the suckers (er... customers) report the worst bugs, then fix half of them over 6 months, repeat ad nauseum.

But now that modus operandi has been extended and expanded: issue minor updates, then rush-out a supplemental update to fix the bugs in the bug fix. Except that the bugs are not all fixed, and many never will be*.

New MPG rule: do not install any Apple update of any kind until a minimum of two weeks passes. Extend that to 6 months for the yearly major releases.

* In my dual-display setup on my 2019 Mac Pro, I deal multiple times per day with losing one of my displays when the machine sleeps, this has been so since macOS Crapalina was released. I have to jump through hoops to get it syncing up and working again. I’d have a nice income if Apple paid me $10 every time the problem occurred.

Bug fixes for the bug fixes


OWC ROVER PRO wheels for Mac Pro

No tools or hassle… just place your Mac Pro’s factory feet into the Rover Pro’s polished stainless-steel housings and secure with a few hand twists.

When you’re done moving your Mac Pro around, the Rover Pro makes it just as quick and easy to convert back to the factory feet for stationary use.


MacPerformanceGuide.com

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__