Night mode is an automatic setting which takes advantage of the new wide-angle camera that's in the iPhone 11 and 11 Pro models. It's equipped with a larger sensor that is able to let in more light, allowing for brighter photos when the light is low.
16" MacBook Pro Now Available
Intel CEO Pledges Commitment to Security Following Meltdown and Spectre Vulnerabilities
Intel CEO Brian Krzanich today wrote an open letter to Intel customers following the "Meltdown" and "Spectre" hardware-based vulnerabilities that impact its processors.
In the letter, Krzanich says that by January 15, updates will have been issued for at least 90 percent of Intel CPUs introduced in the past five years, with updates for the remainder coming at the end of January.
For Apple customers, macOS and iOS devices have been patched with protection against Spectre and Meltdown. Meltdown was addressed in macOS High Sierra 10.13.2 and iOS 11.2, while Spectre mitigations were introduced in a macOS 10.13.2 supplemental update and iOS 11.2.2, both of which were released this week. The vulnerabilities have also been addressed in older versions of macOS and OS X.
According to Krzanich, going forward, Intel promises to offer timely and transparent communications, with details on patch progress and performance data. Because Spectre and Meltdown are hardware-based vulnerabilities, they must be addressed through software workarounds. In some cases, these software patches cause machines to perform more slowly.
Apple users do not need to worry about performance impacts. According to Apple, Meltdown had no measurable reduction in performance on devices running macOS and iOS across several benchmarks. Spectre, fixed through a Safari mitigation, had no measurable impact on most tests, but did impact performance by less than 2.5% on the JetStream benchmark. Apple says it plans to continue to refine its mitigations going further.
In addition to remaining transparent about the performance impact of the software fixes, Krzanich says Intel will commit to disclosing security vulnerabilities and sharing hardware innovations that will, in the future, prevent such attacks.
Our customers' security is an ongoing priority, not a one-time event. To accelerate the security of the entire industry, we commit to publicly identify significant security vulnerabilities following rules of responsible disclosure and, further, we commit to working with the industry to share hardware innovations that will accelerate industry-level progress in dealing with side-channel attacks. We also commit to adding incremental funding for academic and independent research into potential security threats.For those who missed the news last week, Spectre and Meltdown are serious hardware-based vulnerabilities that take advantage of the speculative execution mechanism of a CPU, potentially allowing hackers to gain access to sensitive information.
Spectre and Meltdown impact all modern processors, including those used in Mac and iOS devices, and these two vulnerabilities will continue to be an issue for the foreseeable future as addressing them entirely requires new hardware design. Apple has prevented Spectre and Meltdown from affecting customers through software updates, but all hardware and software manufacturers will need to be wary of additional speculative execution attacks going forward.
Apple customers should make sure to keep their Macs and iOS devices up to date with the latest software to remain protected from malicious attacks that might take advantage of the exploits.
[ 126 comments ]
Top Rated Comments
(View all)
24 months ago
Won't hurt them in the long run. Their stock has been great and will continue to be.
It's not as if companies really have another option. Yes AMD exists but companies aren't going to switch everything over (and AMD was vulnerable too).
Few months from now people won't even be talking about this.
It's not as if companies really have another option. Yes AMD exists but companies aren't going to switch everything over (and AMD was vulnerable too).
Few months from now people won't even be talking about this.
24 months ago
Okay, what about future processors like Ice Lake which I believe is scheduled for release next year? Should people not purchase any new Macs or Windows PCs until it’s confirmed that they’re free of this vulnerability? Will there be any compensation for customers who purchased a Mac or Windows PC with the hardware vulnerability and are now experiencing more than just a small performance degradation in their daily workflow. Just telling us about software “workarounds” that won’t impact performance “too much” isn’t good enough.
24 months ago
Great PR speech. Trust us, we'll do better next time.
How about telling us how this slipped through for so long and what changes are being made to make sure there we have minimal risk of other security holes like this. Do this, and we might believe you.
How about telling us how this slipped through for so long and what changes are being made to make sure there we have minimal risk of other security holes like this. Do this, and we might believe you.
24 months ago
As far as I understand it, AMD CPUs are only affected by Spectre V1, but Intel CPUs affected by Spectre V1, Spectre V2 and Meltdown....No Ryzen CPUs are affected by this...
That is not correct. AMD CPUs (including Ryzen) are affected by both Specter V1 and V2:
https://www.reuters.com/article/us-cyber-microchips-amd/amd-chips-exposed-to-both-variants-of-spectre-security-flaw-idUSKBN1F0314
Spectre and/or Meltdown also affects Oracle (formerly Sun) SPARC: https://sp.ts.fujitsu.com/dmsp/Publications/public/Intel-Side-Channel-Analysis-Method-Security-Review-CVE2017-5715-vulnerability-Fujitsu-products.pdf
Spectre also affects IBM System Z mainframes, POWER8 and POWER9: https://access.redhat.com/security/vulnerabilities/speculativeexecution
Meltdown and Spectre affect certain ARM CPUs, including those used in the Nintendo Switch console: http://www.nintendolife.com/news/2018/01/cpu_exploits_meltdown_and_spectre_could_potentially_affect_nintendo_switch
Since the main criteria for Spectre vulnerability are (a) speculative execution and (b) branch prediction, it probably affects older RISC CPUs like the DEC Alpha 21264 and MIPS R10000: https://en.wikipedia.org/wiki/Alpha_21264
All of the above use out-of-order execution, speculative execution and branch prediction. Some CPUs use in-order speculative execution and branch prediction, such as the ARM A8, but are still vulnerable. A long list of ARM CPUs are affected, including A75, A73, A72, A57, A17, A15, A9, A8, R8, and R7: https://developer.arm.com/support/security-update
So CPUs with speculative in-order execution can be affected, not just the more common out-of-order type. While Intel's Itanium is mentioned as immune to Spectre, I'm not certain of that. Despite the VLIW in-order design, it heavily uses speculation and hardware branch prediction: https://en.wikipedia.org/wiki/Itanium
Itanium is a factor from a planning standpoint because the architecture is totally different from most other CPUs, yet it may still be affected. If so, this indicates how broad Spectre is and how fundamentally the problem must be approached from the standpoint of CPU redesign.
24 months ago
Total PR stunt. The severity of these vulnerabilities does not warrant this kind of apology.
24 months ago
Unless he puts his personal life savings / net worth on the line with this pledge, his commitment is empty. We know it's empty because he sold shares and added to his net worth before the 'vulnerability' became public.
Here's how you pledge Brian "NSA" Krzanich: Put your net worth in a trust and tie your distributions to a pledge that intelligence communities haven't compromised Intel hardware. If it's ever revealed that they have, you forfeit the remainder of the trust and instantly get fired by the board.
Here's how you pledge Brian "NSA" Krzanich: Put your net worth in a trust and tie your distributions to a pledge that intelligence communities haven't compromised Intel hardware. If it's ever revealed that they have, you forfeit the remainder of the trust and instantly get fired by the board.
24 months ago
Great PR speech. Trust us, we'll do better next time.
How about telling us how this slipped through for so long and what changes are being made to make sure there we have minimal risk of other security holes like this. Do this, and we might believe you.
[doublepost=1515715337][/doublepost]
Maybe I'm just tired, but I can't quite grasp the tense of this statement. The word "commit" shows up multiple times. When I read it, I can't tell if they are telling us that this is something they have been doing all this time, or if it's something new they are planning on doing. If the world's largest semiconductor company wasn't all-in on security policies before now, oh dear.
They are not committing to anything they weren't already doing.
24 months ago
Okay, what about future processors like Ice Lake which I believe is scheduled for release next year? Should people not purchase any new Macs or Windows PCs until it’s confirmed that they’re free of this vulnerability? Will there be any compensation for customers who purchased a Mac or Windows PC with the hardware vulnerability. Just telling us about software “workarounds” that won’t impact performance “too much” isn’t good enough.
1) What about future processors ... - Yes. Those processors will likely have the fix. Though I wouldn't be surprised if it was two generations from now due to how intel works on their processor development lifecycle.2) Should people not purchase any new Macs or Windows PCs ... - NO. This vulnerability is insignificant compared to the number of other fixes that impact your performance and get patched every month. Often optimizing code in one area will make the impact in a fixed area negligible. That is definitely going to be the case here.
3) Will there be compensation ... - Probably from a class action law suit somewhere. But I don't believe they should personally. This was not a case of negligence, this was a regular case of vulnerability discovery, research, and analysis.
[ Read All Comments ]
Following the release of iOS 13.2.2 on November 7, Apple has stopped signing iOS 13.2, which means downgrading to iOS 13.2 is no longer possible.
iOS 13.2 was a major update that brought support...
Logitech today announced that existing Circle 2 Home Security Cameras are being updated with HomeKit Secure Video support.
HomeKit Secure Video is designed to offer up a more secure way to...
Twelve South today announced that its new AirFly Pro accessory is now available to purchase at Apple.com and Apple Stores worldwide.
AirFly Pro
Like the classic AirFly, the Pro version allows...
Apple reseller Expercom today revealed discounts on the just-announced 16-inch MacBook Pro, offering sales on both standard models and custom configurations. In the sales, you can get as much as...
Apple today updated its online store with a new collection of Apple Watch bands, iPhone cases, and the Sony DualShock 4 controller. For Apple Watch bands, this includes three new Sport Bands:...
As was rumored over a month ago, Apple's newly announced 16-inch MacBook Pro includes a 96W USB-C power adapter in the box.
The previous 15-inch MacBook Pro included an 87W USB-C power...
Smartphone accessory maker PopSockets today announced a new version called the PopGrip Slide that will be available in exclusive colors on Apple's website and in select Apple stores around the...
Ahead of the imminent launch of Apple's new 16-inch MacBook Pro, several benchmark results have appeared on Geekbench that allegedly come from a Mac model designated "MacBookPro16,1" and,...
