Instagram has not used a chronological feed for years now, making it difficult to determine when you've seen all of the new content on the social network.
Instagram may be planning to fix this issue with a new "You're All Caught Up" feature that's designed to notify users when all unseen posts from the last 48 hours have been viewed.
The feature was first noticed by TechCrunch, and an Instagram spokesperson confirmed that it is being tested and will show up for a limited number of users.
Instagram did not, however, share details on how it works and whether it includes every single post from the people you follow or just the best ones that its algorithm has decided to display.
The new "You're All Caught Up" text is part of Instagram's pledge to offer a Usage Insights feature that will let users know just how much time they're spending in the Instagram app.
"We're building tools that will help the IG community know more about the time they spend on Instagram - any time should be positive and intentional. Understanding how time online impacts people is important, and it's the responsibility of all companies to be honest about this. We want to be part of the solution. I take that responsibility seriously," Instagram CEO Kevin Systrom wrote on Twitter last week.
Intel, Google, and Microsoft today disclosed a new variant of the Spectre design flaw and security vulnerability that impacts millions of computers and mobile devices from a range of manufacturers.
Called Variant 4, or the Speculative Store Bypass, the vulnerability is similar to Spectre, taking advantage of the speculative execution mechanism of a CPU to allow hackers to gain access to sensitive information. Variant 4 was demonstrated by researchers in a language-based runtime environment.
CVE-2018-3639 - Speculative Store Bypass (SSB) - also known as Variant 4
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
According to Intel, the new vulnerability has a "moderate" severity rating because many of the exploits that it uses have already been addressed through mitigations that were first introduced by software makers and OEMs in January for Meltdown and Spectre. Intel is, however, releasing a full mitigation option that will "prevent this method from being used in other ways."
This additional mitigation for Variant 4 has been delivered in beta form to OEM system manufacturers and system software vendors, and Intel is leaving it up to its partners to decide whether or not to implement the extra measures. Intel plans to leave the mitigation set to off by default because of the potential for performance issues.
This mitigation will be set to off-by-default, providing customers the choice of whether to enable it. We expect most industry software partners will likewise use the default-off option. In this configuration, we have observed no performance impact. If enabled, we've observed a performance impact of approximately 2 to 8 percent based on overall scores for benchmarks like SYSmark(R) 2014 SE and SPEC integer rate on client1 and server2 test systems.
The Spectre and Meltdown family of vulnerabilities affect all modern processors from Intel, ARM, and AMD, but Intel has faced more scrutiny over the design flaw due to its high-profile position in the processor market. Apple's iOS and Mac devices are affected by these vulnerabilities, but Apple has historically been quick to patch them.
Prior to when Spectre and Meltdown were initially discovered, for example, Apple had already implemented some patches and has since addressed known Meltdown and Spectre vulnerabilities with little impact to performance on Macs or iOS devices. As mentioned above, many of the exploits in Variant 4 have been previously addressed by Apple and other manufacturers in already-existing software patches.
Spectre and Meltdown-related vulnerabilities are hardware-based and therefore must be mitigated rather than outright fixed, but future Intel chips will not be as vulnerable. Intel has said that its next-generation Xeon Scalable processors (Cascade Lake) and its 8th-generation Intel Core processors will feature redesigned components to protect against some Spectre and Meltdown flaws.
Apple today updated its Clips video app for iOS devices to introduce new soccer assets ahead of the 2018 FIFA World Cup, set to kick off in Russia on June 14.
Apple has added new soccer graphics that can be added to video clips, and there's a new soccer label and a soccer-related background poster that includes customizable text elements.
Today's Clips update comes several months after the launch of Clips 2.0, a new version of the app that introduced 360-degree selfie scenes, a feature limited to the iPhone X and its TrueDepth camera.
Clips, for those unfamiliar with the app, is a video editing app designed to allow users to combine several video clips, images, and photos with voice-based titles, music, filters, and graphics to create enhanced videos that can be shared on social media sites.
Clips can be downloaded from the App Store for free. [Direct Link]
Sonos today introduced several new speaker bundles, which are designed to allow customers to purchase more than one Sonos speaker at a discounted price.
The new bundles range in price from $379 to $1,899 depending on the products included, with discounts up to $157 on the highest priced bundles.
A two room set that includes two Sonos One speakers is priced at $379, for example, down from the regular price of $398 that the speakers would cost when purchased separately.
A two room pro set, which includes two of the Sonos Play:5 speakers, is priced at $899, almost $100 off the separate pricing.
Sonos has options for multi-room speaker setups and entertainment arrangements that include the Playbase and the Playbar, along with more expensive setups designed for vinyl records.
All of the new speaker bundles can be viewed and purchased on the Sonos website.
Sonos is one of Apple's main competitors, with the Sonos One, which includes support for Amazon's Alexa voice assistant, designed to compete with the HomePod. Sonos first introduced bundles when the HomePod launched, selling two of the Sonos One speakers for $349, the same price as the HomePod. The new bundle that includes two Sonos One speakers is more expensive than that original deal, but, along with other offerings, allows for Sonos equipment to be purchased at a discounted price.
Note: MacRumors is an affiliate partner with Sonos and may earn commissions on purchases made through links in this article.
Our next exclusive partner sale is debuting this week, and it allows our readers the chance to save on nine Apple accessories from well-known company RavPower. The products on sale focus on power delivery for your Apple devices, with Qi mats, Lightning cables, portable battery packs, and more available at a discount.
All of RavPower's products included in the sale are on Amazon, so if you're interested in any of the accessories simply add one to your cart, proceed to the checkout screen, enter the relevant promo code into the Gift cards & promotional codes field, and then click "Apply." As usual, Amazon Prime customers can get free two-day shipping on all orders.
In the list below you'll find every RavPower product offered in the sale, all of which will remain active through 11:59 p.m. PT on June 15, 2018. Note that only one code can be used per order, so if you'd like to order more than one type of item, you'll need to place separate orders. Prices listed below also exclude additional taxes.
Note: MacRumors is an affiliate partner with RavPower. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.
Apple yesterday shared a new Animoji karaoke ad on its Korean YouTube channel to highlight the newly released "Citizen Kane" single from Korean indie group HYUKOH.
As with previous Animoji karaoke songs Apple has shared, the new spot features Apple's Animoji characters lip syncing to the new song.
HYUKOH's "Citizen Kane" single comes ahead of the planned release of the group's newest album on May 31.
Apple first adopted Animoji karaoke for two ads that were created for the 2018 Grammys, with Apple's characters singing "Redbone" by Childish Gambino and "Stir Fry" from Migos.
Animoji karaoke is a concept that was conceived by iPhone X users back in November of 2017 shortly after the release of the new device. People discovered that Apple's 3D emoji characters that are designed to mimic facial expressions and emotions could be used for lip syncing to songs, and for a short period of time, Animoji karaoke took over the internet.
Animoji are limited to iPhone X users because the front-facing TrueDepth camera is required to create the depth map that's used to animate them with a person's facial expressions, but in the future, Animoji will be available on additional devices. The next-generation iPad Pro, which is rumored to be adopting the TrueDepth camera, is likely to be the next device that will support Animoji.
Since the launch of the iPhone X, Apple has added four new Animoji characters, including the dragon, bear, skull, and lion, two of which are used in the new Animoji karaoke ad.
Apple is planning additional updates to Animoji karaoke in iOS 12, with rumors suggesting Apple will add more new Animoji characters. Apple is also said to be planning an overhauled Animoji interface and Animoji integration in FaceTime. Animoji support for FaceTime would allow users to use Animoji characters during FaceTime calls.
Former United States President Barack Obama and former first lady Michelle Obama have signed a multiyear production deal with Netflix that will see the two producing television shows and films for the service, reports The New York Times.
Though Netflix had been in negotiations with the Obamas for several months, Apple was rumored to be interested in working with the duo had the Netflix deal fallen through. Apple has been developing a slew of original television shows, and a deal with Michelle and Barack Obama would have been a big win.
Obama's deal with Netflix will allow for him to create content that will reach millions of people both in the United States and internationally through a new production company he created alongside Michelle Obama called "Higher Ground Productions."
According to Netflix, the Obamas will create "scripted series, unscripted series, docu-series, documentaries, and features" that are meant to highlight the issues and themes the president worked on during his eight years in office.
"One of the simple joys of our time in public service was getting to meet so many fascinating people from all walks of life, and to help them share their experiences with a wider audience. That's why Michelle and I are so excited to partner with Netflix -- we hope to cultivate and curate the talented, inspiring, creative voices who are able to promote greater empathy and understanding between peoples, and help them share their stories with the entire world."
Obama has said that he does not plan to use Netflix to wage a public campaign against current president Donald Trump or to fight against conservative media outlets.
While Apple did not secure a deal with the Obamas, the company has more than a dozen original television shows in the works at the current time. Most of the shows are dramas, with one real estate-related docu-series in the works. Apple does not have any politically-oriented shows planned, and is said to be aiming to keep its content family friendly.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Note-taking app Evernote was updated over the weekend with a new feature that allows you to connect your Bluetooth headphones to the app and use them to record audio and transcribe voice-to-text notes. The company says that as long as the headphones have a microphone they will work, so if you own AirPods or BeatsX you'll be able to use the wireless earphones to quickly jot down notes and reminders using your voice and Evernote.
To use the feature, make sure your Bluetooth headphones are on and connected to the iPhone, which you can double check in the Settings app > Bluetooth. Next open Evernote, tap the large "+" button at the bottom of the screen to create a new note, then tap the microphone icon at the bottom right of the keyboard on iOS. As long as your headphones are connected, Evernote will now route audio from the headphone's microphone instead of the iPhone, so you can transcribe notes or save audio files without needing to hold your iPhone up to your mouth.
If your bluetooth headphones also have a microphone (*cough* Apple AirPods *cough*), you'll be happy to know you can now use them to record audio into Evernote.
The version 8.12 update also brings a tweak to the note list view so you can better keep track of where you are in your notes, with month and year designators staying pinned at the top of the screen as you browse. The company also cleaned up the sharing menu, brought back the Context feature for Premium and Business users, and fixed a handful of bugs.
Evernote previously debuted full "Hey Siri" support last September, allowing iPhone owners to use phrases like "Hey Siri, add 'I should bring pizza' to my Meeting Ideas note in Evernote." The app has long supported voice notes and transcribing features on iOS with the iPhone and iPad's built in microphones, but the new addition of Bluetooth headphone support should make note-taking easier for many users.
Evernote is free to download on the iOS App Store [Direct Link], while Evernote Premium runs for $7.99 monthly, or $69.99 annually, and comes with more monthly storage space, unlimited devices, and more.
A questionable new report from Apple's supply chain claims that the company's rumored "low-priced" version of the HomePod will be placed under the Beats by Dre brand instead of the expected Apple branding. The report comes from Chinese news site Sina, which also says the $199 speaker will have MediaTek as the supplier, a change from Apple's decision to give Inventec sole supplier duties on the first HomePod (via LoveiOS).
Reports about a cheaper HomePod began appearing quickly after news of lackluster sales for the first version of the speaker emerged earlier this year, with former KGI Securities analyst Ming-Chi Kuo and other industry watchers predicting a low-cost speaker priced between $150 and $200. What's new in this week's report is the idea of a Beats-branded version of the HomePod, but it's unclear exactly what form the speaker would take, what features it would carry over from the $350 version of the speaker, and where Sina is sourcing the news from in the first place.
It seems unlikely that Apple would somehow combine the HomePod and Beats brands into one product, and due to all of this it's important to take the new report with a dose of skepticism. Beats last updated its Pill line of speakers with the Pill+ in 2015, which ran for $230 at launch but nowadays is priced closer to $130 when purchased on sale. Pill devices lack persistent "Hey Siri" functionality, likely due to their lack of constant AC power, so it also seems unlikely that Apple would extend that feature beyond its own line of devices, currently including the iPhone, iPad, HomePod, and Apple Watch.
In his prediction, Ming-Chi Kuo said that Apple is "mulling" a "low-cost version" of the HomePod in an effort to boost short-term shipments. Apple's main selling point on the $350 HomePod is its high-quality audio playback, with reviewers agreeing that the speaker blows other smart speakers out of the water in terms of audio performance, but Siri's performance, the lack of certain languages, and Apple's walled garden ecosystem (particularly excluding any music service besides Apple Music) left many to wonder if the price was actually justified.
As a point of comparison, two of Apple's rivals sell entry-level versions of their smart speakers for as low as $50 in the United States, including Amazon's Echo Dot ($49.99) and Alphabet's Google Home Mini ($49.00). The smaller, cheaper devices allow users to expand features of the connected speaker system into other rooms around their home, without having to spend a lot of money on purchasing the base speakers multiple times.
For now, the HomePod still lacks a few features Apple announced prior to the speaker's launch, namely AirPlay 2 support and multi-room audio, both pegged for release through a firmware update sometime later in 2018. Although there have been many reports about a cheaper HomePod, none have yet hinted at a potential launch window for the rumored lower-cost speaker.
After retaining the #3 spot on the Fortune 500 list for the past two years, in 2018 Apple has dropped one place and now sits at #4 on the list of the top U.S. corporations based on gross revenue. Apple's displacement on the list came due to Exxon Mobil rising from #4 in 2017 to #2 in 2018.
The full top five spots were Walmart at #1, Exxon Mobil at #2, Berkshire Hathaway at #3, Apple at #4, and UnitedHealth Group at #5. Other technology companies on the list include Amazon at #8, AT&T at #9, Verizon at #16, Alphabet at #22, and Microsoft at #30.
Fortune broke down Apple's spot on the list, mainly citing the "overall saturation of smartphones" as a potential reason for the company's inability to rise higher in the rankings. Fortune discussed similar problems for Apple in the company's profile last year, stating at the time that "Apple finally appeared to hit a wall" in reference to its reliance on iPhone sales.
Apple took a small step back, from No. 3 to No. 4, despite a 6% gain in annual sales, but it led the way in profits with more than $48 billion in net income. In short, the Apple juggernaut continues at tremendous scale and despite the overall saturation of smartphones, which make up the vast majority of the company’s sales and profits. In an unusual move, Apple introduced three new phones, the upgraded iPhone 8 and 8 Plus, as well as the redesigned iPhone X (pronounced “ten”), powered by facial-recognition technology. Services likes Apple Pay and Apple Music continued to rise too.
Going back eight years, Apple's previous rankings include 5th place in 2015 and 2014, 6th place in 2013, 17th place in 2012, 35th place in 2011 and 56th place in 2010. This year marks 24 years that Apple has been on the Fortune 500 list, with $229.2 billion of revenue and $48.3 billion of profits in the 2017 fiscal year. Although it lags behind the companies in revenue, Apple still beats the top three Fortune 500 companies in terms of annual profits, with Walmart at $9.9 billion, Exxon Mobil at $19.7 billion, and Berkshire Hathaway at $44.9 billion.
Illustration app Procreate today updated its Procreate Pocket iPhone app to version 2.0, which developer Savage describes as "reengineered from the ground up" and "an entirely new app." Procreate Pocket 2 is powered by Silica-M, the same graphics engine that powers Procreate for iPad, as well as Apple's own Metal technology.
Savage says that with the upgraded technology boost in version 2.0, Procreate Pocket can now create canvases with rich P3 color depth, and users can choose from 136 hand-made brushes that include pencils, inks, wet painting, and digital-only abstract effects. Procreate Pocket also now includes "almost every Procreate feature from iPad," like ColorDrop, QuickLine, Perspective Guides, Layer Masks, custom brush creation, and more.
The developer specifically optimized Procreate Pocket 2 for iPhone X users, with features that take advantage of 3D Touch and haptic feedback.
"We literally threw the Procreate Pocket 1.0 codebase away and started fresh. Every pixel and every line of code is new, and we're so happy to finally bring Silica-M to our iPhone users," said James Cuda, CEO and co-founder of Savage.
The app is also gaining two new features not yet available on iPad, including Brush Set export and import, allowing artists to easily share their creations through online marketplaces or expand their own libraries with thousands of custom brushes from other users. The second addition is a 30 second time-lapse export, which uses a custom built algorithm to remove non-essential frames from any time-lapse and offers a shortened version that can easily be shared on social media.
Procreate Pocket 2 is available today on the iOS App Store as a free update for existing users, and those who haven't downloaded the app yet can do so for $4.99 [Direct Link].
Some third-party calendar apps (Fantastical, for example) allow you to view all your upcoming events as a vertical list. Many users find this sort of viewing mode beats staring at the regular calendar interface, since it provides a quick at-a-glance summary of their entire schedule over the coming days and months.
On the face of it, Apple's Calendar for macOS lacks an equivalent feature. However, there is one way to force a list view that includes all your events, which we've detailed below. The trick even works with iCal going back at least to OS X Mountain Lion, which makes us wonder why Apple doesn't make the option a bit more obvious.
How to View All Events as a List in Calendar
Launch the Calendar app on your Mac.
Click the Calendar button.
Select which calendars you want to include in the list view using the checkboxes.
Click the Search field in the upper right corner of the Calendar window and type two double quotes ("") to generate a list of all upcoming events.
We find the list view makes it easier to copy multiple events and paste them into other apps in chronological order. For example, to copy several contiguous events, hold the Shift key, click the two outlying events bordering a given period, right-click (or Ctrl-click) an event in the selection, and select Copy from the contextual dropdown menu. You can then paste the events (including their details) straight into a document in date order.
To copy non-contiguous events in your calendar, simply perform the same action but hold down the Command key instead of Shift. (Note that you can also open multiple event info boxes using the same method - just select Get Info from the contextual dropdown menu.)
ZDNet reports that a server used by an app for parents to monitor their teenagers' phone activity has leaked tens of thousands of login credentials, including the Apple IDs of children.
The leaked data belonged to customers of TeenSafe, a "secure" monitoring app for iOS and Android that allows parents to view their child's text messages and location, call history, web browsing history, and installed apps.
The customer database was reportedly stored on two servers hosted by Amazon Web Services, where it remained unprotected and accessible without a password. The discovery was made by a U.K.-based security researcher specializing in public and exposed data, and the servers were only taken offline after ZDNet alerted the California-based company responsible for the TeenSafe app.
"We have taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted," said a TeenSafe spokesperson told ZDNet on Sunday.
The information in the exposed database included the email addresses of parents who used TeenSafe, the Apple ID email addresses of their children, and children's device name and unique identifier. Plaintext passwords for the children's Apple ID were also among the data set, despite claims on the company's website that it uses encryption to protect customer data.
Compounding the lax security is the app's requirement that two-factor authentication is turned off for the child's Apple account so that parents can monitor the phone without consent. This means a malicious actor could potentially access a child's account using the login credentials that were stored on the exposed server.
TeenSafe counts over a million parents as customers, although the database was reportedly limited to 10,200 records gleaned from the past three months of customer usage. The company said it would continue to assess the situation and provide additional information to customers as soon as it became available.
Google recently introduced a new Google News app with an entirely updated interface and a range of new features that put it on par with Apple's own News app, including a "For You" recommendation section and "Full Coverage" headlines that present a story from multiple angles.
We went hands-on with Google News to check out the new features and to see how it compares to Apple News, the built-in news app that's available on the iPhone and the iPad.
The Google News app is a reimagining and revamp to the existing Google Newsstand Play app that was previously available via the iOS App Store. It's been entirely overhauled though, with a simple, clean interface that's fairly similar to the look of Apple News with a dedicated navigation bar at the bottom.
Google News does, however, have an additional section for quickly selecting news categories like U.S., World, Business, and Technology.
Both apps feature a "For You" section based on personalized recommendations. Apple's draws in information from the categories and news sites you choose to follow, while Google presents a selection of stories that become more tailored over time based on what you choose to read and what you favorite.
In each app, you can search for different news sites, blogs, and topics and add them to your coverage lists to impact "For You." Google's For You section highlights a list of five top stories and then provides supplemental stories at the bottom of the list, while Apple organizes For You into top stories, trending stories, top videos, and then recommendations based on channels and topics.
Apple News features a "Spotlight" section that features curated news selected by Apple News Editors, which highlights interesting news topics that you might not have otherwise seen.
Google News doesn't have a similar feature, but it has its own unique offering in the form of the "Headlines" section that aggregates the top news stories at the current time. In the headlines section, major stories have a "Full Coverage" option that lets you see the same story from multiple news sites so all of the angles are covered.
Google also has a dedicated "Newsstand" tab that lets you subscribe to paid and free news sources and a range of magazines using payment information stored in your Google Play account. Apple doesn't have a similar feature right now, but such an option is said to be in the works following its acquisition of magazine subscription service Texture.
Have you checked out Google News? Do you prefer it over Apple's own news app? Let us know in the comments.
Apple has resumed offering financing options in the United Kingdom after eliminating the option earlier this year. Apple has a new financing page on its UK website, outlining its Barclays financing plan.
While the financing page specifically focuses on the Barclays financing options, when checking out, customers can choose installment payments through Barclays or PayPal Credit.
To use the Barclays financing option, customers in the UK must make a purchase over £399. There is no interest for the first 12 months, with purchases split into reasonable monthly payments. PayPal Credit is available for purchases over £99, but there is no interest free option.
It is not clear why Apple temporarily stopped offering financing in the United Kingdom, but full financing is now available once again. The company made the same change to financing in Canada in June of 2017, but has not yet reimplemented the financing options in that country.
For this week's giveaway, we've teamed up with Southern Straps to offer MacRumors readers a chance to win a high-quality leather or nylon watch band for the Apple Watch.
Southern Straps has a wide selection of nylon Apple Watch bands, which are similar in style and design to the Woven Nylon bands that Apple sells, but in unique color combinations. Bands are available in one, two, or three colors, and each comes equipped with lugs to match gold, silver, and black Apple Watch models.
All of the nylon bands from Southern Straps are made from a single piece of nylon that's been carefully doubled over, sealed, and stitched for an ultra durable construction that's still comfortable on the wrist. A buckle that matches the lugs is included with each band to keep it tight on the wrist.
The nylon bands, which are all priced at $35, are available in both 38mm and 42mm sizes and are able to fit nearly all wrist sizes, from 14 to 25cm.
Southern Strap's leather bands are a bit more expensive at $75, but each one is made from a single piece of full-grain Italian leather that's been vegetable dyed for a rich color that will gain a unique patina with wear.
The leather straps, available in black or brown, are hand stitched with a durable wax cord in San Francisco. Like the woven bands, the leather bands are available for 38 and 42mm Apple Watch models to fit wrists sized 14cm to 25cm, with several lug colors available.
Each Southern Strap leather and nylon band is equipped with pegged spring bars to make it easier to swap out your watch band or clean it. Using this system, bands can be taken apart and rebuilt in just a few seconds. Woven bands have a lifetime warranty, while leather bands have a two-year warranty.
We have 10 Apple Watch bands to give away to MacRumors readers, with winners able to choose the band, band size, color, and lug color to match their Apple Watches. To enter to win, use the Rafflecopter widget below and enter an email address. Email addresses will be used solely for contact purposes to reach the winners and send the prizes. You can earn additional entries by subscribing to our weekly newsletter, subscribing to our YouTube channel, following us on Twitter, or visiting the MacRumorsFacebook page.
Due to the complexities of international laws regarding giveaways, only U.S. residents who are 18 years or older and Canadian residents (excluding Quebec) who have reached the age of majority in their province or territory are eligible to enter. To offer feedback or get more information on the giveaway restrictions, please refer to our Site Feedback section, as that is where discussion of the rules will be redirected.
The contest will run from today (May 18) at 11:00 a.m. Pacific Time through 11:00 a.m. Pacific Time on May 25. The winners will be chosen randomly on May 25 and will be contacted by email. The winners will have 48 hours to respond and provide a shipping address before new winners are chosen.
A group of App Store developers calling themselves "The Developers Union" today published an open letter to Apple asking the company to commit to allowing free trials for apps and a "more reasonable revenue cut."
The group says that it is first aiming to get Apple to implement free trials for all apps in the iOS and Mac App Stores by July 2019, with plans after that to advocate for other changes.
We believe that people who create great software should be able to make a living doing it. So we created The Developers Union to advocate for sustainability in the App Store.
Today, we are asking Apple to commit to allowing free trials for all apps in the App Stores by the tenth anniversary of the App Store this July. After that, we'll start advocating for a more reasonable revenue cut and other community-driven, developer-friendly changes.
The initiative is led by Brent Simmons (MarsEdit, Vesper, and NetNewsWire creator), Jake Schumacher (App: The Human Story documentary maker), Loren Morris (product designer), and Roger Ogden (software designer).
The Developers Union is not a "trade union" in the traditional sense of the word, but it is aiming to bring developers and supporters together to advocate for App Store changes.
In an interview with WIRED, the team behind The Developers Union said the aim is to gain a thousand members this week and 20,000 by early June, when the Worldwide Developers Conference takes place.
"It's a non-union union in a way," Morris, the product designer, said when reached by phone. "I'm not super interested in creating a traditional union; I'm more interested in bringing the voice of indies back into the spotlight and this is a step in that direction."
Free trials for apps in the Mac and iOS App Stores have been something that developers have wanted implemented for years. Right now, apps that offer subscriptions are able to provide customers with free trials before requiring payment, but for apps that do not have a subscription offering, there is no way for a free trial to be offered.
This is a major downside for apps that are on the more expensive side that people might not want to purchase without trying first, and it has been a major issue for Mac App Store developers in particular.
The Developers Union is hoping to persuade Apple to expand free trials to all apps, not just those that offer a subscription-based service. Free trials also must include an authorization for payment at the end of the trial, something developers would also like to see eliminated.
Revenue sharing, another topic the group hopes to broach with Apple, could be trickier than convincing the company to implement a free trial feature. Apple currently receives a 30 percent cut of all revenue developers earn from the App Store, and the App Store makes up a huge portion of its services business.
Apple has, however, made some tweaks to its revenue split in recent years. For subscription apps where a customer maintains a subscription for more than a year, developers are entitled to an 85/15 split, with Apple taking a 15 percent cut rather than a 30 percent cut.
The Developers Union has not yet outlined specific changes it would like to see to Apple's revenue sharing scheme as the focus right now is on recruiting new members and pushing the free trial agenda.
At the current time, just over 60 apps and 50 people and are supporting The Developers Union, but more developers are likely to join as word spreads. Both developers and non-developers can sign up on the Developers Union website to support the initiative.
Robert Xiao, a computer science student at Carnegie Mellon, recently discovered a vulnerability in LocationSmart's website that made the real-time location of millions of phones readily available to anyone with the knowhow.
For background, LocationSmart is a company that collects location data of mobile customers from major carriers, including Verizon, AT&T, Sprint, and T-Mobile in the United States, and then sells it to other companies for a range of purposes, including compliance, cybersecurity, and proximity marketing.
Up until the vulnerability was discovered, LocationSmart offered a trial webpage that allowed anyone to enter their phone number, confirm the request via SMS or a phone call, and view their approximate real-time location.
LocationSmart's since-removed trial page via Krebs on Security
The problem, as Xiao discovered, was that the webpage had a bug that allowed anyone with the technical skills to bypass the phone number verification process and view the real-time location of any subscriber to most major carriers in the United States, in addition to Bell, Rogers, and Telus in Canada.
In a blog post, Xiao said the bug essentially involves requesting the location data in JSON format, instead of the default XML format:
If you make the same request with requesttype=locreq.json, you get the full location data, without receiving consent. This is the heart of the bug. Essentially, this requests the location data in JSON format, instead of the default XML format. For some reason, this also suppresses the consent (“subscription”) check.
Upon discovering the vulnerability, Xiao immediately contacted the US-CERT to coordinate disclosure, and shared details with Brian Krebs, who published a story with further details on his blog Krebs on Security.
Xiao told Krebs that he was able to obtain the approximate longitude and latitude of five different people who agreed to be tracked, coming within 100 yards and 1.5 miles of their then-current locations, all in a matter of seconds. LocationSmart plotted the coordinates on a Google Street View map.
"I stumbled upon this almost by accident, and it wasn't terribly hard to do," Xiao said. "This is something anyone could discover with minimal effort. And the gist of it is I can track most peoples’ cell phone without their consent."
Xiao said his tests showed he could reliably query LocationSmart's service to ping the cell phone tower closest to a subscriber's mobile device. Xiao said he checked the mobile number of a friend several times over a few minutes while that friend was moving. By pinging the friend's mobile network multiple times over several minutes, he was then able to plug the coordinates into Google Maps and track the friend’s directional movement.
It's not clear exactly how long LocationSmart has offered its trial service or how long it has been vulnerable. Krebs linked to an archived version of the website that suggests it dates back to at least January 2017.
When reached for comment via phone, LocationSmart's founder and CEO Mario Proietti told Krebs that the company was investigating.
"We don't give away data," Proietti said. "We make it available for legitimate and authorized purposes. It's based on legitimate and authorized use of location data that only takes place on consent. We take privacy seriously and we’ll review all facts and look into them."
A spokesperson for AT&T told Krebs that the carrier "does not permit the sharing of location information without customer consent or a demand from law enforcement," while Verizon, Sprint, and T-Mobile all pointed towards their privacy policies.
LocationSmart was already in the news prior to this relevation. The New York Times last week reported that Cory Hutcheson, a former Missouri sheriff, was charged with using a private service called Securus, which obtained data from LocationSmart, to track people's phones without court orders.
Those headlines are what prompted Xiao to poke around LocationSmart's website and ultimately discover this vulnerability. However, while the page has been taken down, it's unclear what steps will be taken next if any. At least one U.S. senator has urged the FCC to enforce stricter privacy laws on carriers.
Note: MacRumors is an affiliate partner with RavPower. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.
After 
A group of App Store developers calling themselves "
