Apple released iOS and iPadOS 16.3, macOS Ventura 13.2, and watchOS 9.3 today. The updates focus primarily on bug fixes and under-the-hood improvements, but there is one notable addition: Apple ID got support for hardware security keys. From a report: Once they've updated to the new software, a user can opt to make a device like a YubiKey a required part of the two-factor authentication process for their account. It's unlikely most users will take advantage of this, of course, but for a select few, the extra security is welcome. Other additions in iOS 16.3 include support for the upcoming new HomePod model, a tweak to how Emergency SOS calls are made, and a new Black History Month wallpaper. On the Mac side, hardware security key support is joined by the rollout of Rapid Security Response, a means for urgent security updates to be delivered to Macs without issuing a major software update. The watchOS update is oriented around bug fixes.

Read more of this story at Slashdot.

A developer managed to use an exploit found in iOS 16 to change the default font of the system without jailbreak. 9to5Mac reports: Zhuowei Zhang shared his project on Twitter, which he calls a "proof-of-concept app." According to Zhang, the app he developed uses the CVE-2022-46689 exploit to overwrite the default iOS font, so that users can customize the system's appearance with a different font other than the default (which is San Francisco). The CVE-2022-46689 exploit affects devices running iOS 16.1.2 or earlier versions of the operating system, and it basically lets apps execute arbitrary code with kernel privileges. The exploit was fixed with iOS 16.2, which also fixed a bunch of other security breaches found in the previous version of iOS. Since iOS has its own font format, the developer performed the experiment using only a few fonts, including DejaVu Sans Condensed, Serif, Mono, and Choco Cooky. And in case you're wondering, Choco Cooky is the weird font that used to come pre-installed by default on Samsung smartphones. Now you can finally have it on your iPhone. Zhang explains that the process should be safe for everyone, since all changes are reversed after rebooting the device. Still, the developer recommends users trying out the app to back up their devices before replacing the default system font. He also details that the change only affects some of the text on iOS, as other parts of the system use different fonts. More details about the project, including its source code, are available on GitHub.

Read more of this story at Slashdot.

Apple has decided to call the software that will run on its upcoming AR/VR headset "xrOS," an update from the original "RealityOS or "rOS" naming the company was planning on, according to Bloomberg. MacRumors reports: The name change comes as Apple begins to prepare for the launch of the headset, which is expected at some point in 2023. The headset will feature its own operating system, much like the Apple TV and the Apple Watch, and it will have a dedicated App Store. "XR" is meant to stand for extended reality, which pertains to both augmented and virtual reality. Rumors indicate that the headset Apple is working on will be "mixed reality" like the Microsoft HoloLens, supporting both augmented and virtual reality capabilities. Augmented reality augments what the user is seeing in the real world, while virtual reality is an entirely digital experience. Apple internally referred to the headset's operating system as "rOS" during the development process, but Bloomberg suggests that xrOS is a less generic name that will allow the headset to stand out more. In addition to confirming the name change with unnamed Apple sources, Bloomberg also discovered that a shell company named Deep Dive LLC has been registering the xrOS name across several countries, and Apple could potentially be behind these filings. Apple often uses shell companies to try to secretly register for trademarks for upcoming products.

Read more of this story at Slashdot.

Developer Dan Leveille received "a sketchy voicemail from a random number about a class action lawsuit settlement..." he posted on Twitter. "I thought it was a scam and almost ignored it." But he didn't — and ended up with $8,064.88 in his Venmo account. Back in 2019 a lawsuit by U.S. developers accused Apple of "profit-killing" App Store commissions, reports TechForge Media. Apple settled that suit by agreeing to create a $100 million Small Developer Assistance Fund (for developers who sold in Apple's app store between June of 2015 and April of 2021). And this month Apple has finally started sending out those payments, Apple Insider reports: Developers had until May 20 to submit a request to an independent administrator to become a "Settlement Class Member." If they met the criteria, the developers stood to receive a payment from $250 to $30,000 in value.... Along with the fund, the settlement also introduced a number of changes to App Store policies, including modifications relating to customer and developer communication, new pricing tiers, and a promise by Apple to continue offering its 15% reduced App Store commission for at least three years.

Read more of this story at Slashdot.

It's a major Apple update day, as the company is rolling out new versions of its iPhone, iPad and Mac operating systems. While iPhone users at large have already had a taste of iOS 16, this will be the first time that most folks will get their hands on iPadOS 16 and macOS Ventura. From a report: Apple delayed the release of iPadOS 16 amid reports suggesting it needed more time to polish up the Stage Manager multitasking feature (which we felt was unrefined in an early iPadOS 16 beta). In fact, Apple said it was skipping a public release of iPadOS 16 and going straight to version 16.1 -- just in time for the company's latest iPad Pro and entry-level iPad shipping this week. The latest version of the iPad operating system will include many of the same updates as iOS 16, including significant changes to Mail, Safari, Messages and other key apps. There are more collaboration-centric features, while the Weather and Clock apps are finally coming to iPad. External display support for Stage Manager will arrive within the next couple of months. Also later this year, Apple will release a collaborative productivity iPad app called Freeform. It seems like a souped-up whiteboard where users can sketch out ideas with Apple Pencil. The company says you'll be able to attach just about any kind of file to the canvas, including images, videos, audio, PDFs, documents and URLs, and preview the content inline.

Read more of this story at Slashdot.

Longtime Slashdot reader lazyeye writes: The 53rd release of OpenBSD, version 7.2, has officially been released. Support for new platforms such as the Ampere Altra, Apple M2 chip, and support for Lenovo ThinkPad x13s and other machines using the Qualcomm Snapdragon 8cx Gen 3 (SC8280XP) SoC are now included, along with various kernel improvements. The announcement with all the details are available at the link [here] from the openbsd-announce mailing list.

Read more of this story at Slashdot.

Last Friday, Google announced the release of KataOS, a security-minded operating system focused on embedded devices running ambient machine learning workloads. As Phoronix notes, it uses the Rust programming language and is "built atop the seL4 microkernel as its foundatin." From Google's Open-Source Blog: As the foundation for this new operating system, we chose seL4 as the microkernel because it puts security front and center; it is mathematically proven secure, with guaranteed confidentiality, integrity, and availability. Through the seL4 CAmkES framework, we're also able to provide statically-defined and analyzable system components. KataOS provides a verifiably-secure platform that protects the user's privacy because it is logically impossible for applications to breach the kernel's hardware security protections and the system components are verifiably secure. KataOS is also implemented almost entirely in Rust, which provides a strong starting point for software security, since it eliminates entire classes of bugs, such as off-by-one errors and buffer overflows. The current GitHub release includes most of the KataOS core pieces, including the frameworks we use for Rust (such as the sel4-sys crate, which provides seL4 syscall APIs), an alternate rootserver written in Rust (needed for dynamic system-wide memory management), and the kernel modifications to seL4 that can reclaim the memory used by the rootserver. KataOS code is being worked on via GitHub under the AmbiML umbrella.

Read more of this story at Slashdot.

AmiMoJo shares a report from MacRumors: iOS 16 continues to leak data outside an active VPN tunnel, even when Lockdown mode is enabled, security researchers have discovered. Speaking to MacRumors, security researchers Tommy Mysk and Talal Haj Bakry explained that iOS 16's approach to VPN traffic is the same whether Lockdown mode is enabled or not. The news is significant since iOS has a persistent, unresolved issue with leaking data outside an active VPN tunnel. According to a report from privacy company Proton, an iOS VPN bypass vulnerability had been identified in iOS 13.3.1, which persisted through three subsequent updates. Apple indicated it would add Kill Switch functionality in a future software update that would allow developers to block all existing connections if a VPN tunnel is lost, but this functionality does not appear to prevent data leaks as of iOS 15 and iOS 16. Mysk and Bakry have now discovered that iOS 16 communicates with select Apple services outside an active VPN tunnel and leaks DNS requests without the user's knowledge. Mysk and Bakry also investigated whether iOS 16's Lockdown mode takes the necessary steps to fix this issue and funnel all traffic through a VPN when one is enabled, and it appears that the exact same issue persists whether Lockdown mode is enabled or not, particularly with push notifications. This means that the minority of users who are vulnerable to a cyberattack and need to enable Lockdown mode are equally at risk of data leaks outside their active VPN tunnel. [...] Due to the fact that iOS 16 leaks data outside the VPN tunnel even where Lockdown mode is enabled, internet service providers, governments, and other organizations may be able to identify users who have a large amount of traffic, potentially highlighting influential individuals. It is possible that Apple does not want a potentially malicious VPN app to collect some kinds of traffic, but seeing as ISPs and governments are then able to do this, even if that is what the user is specifically trying to avoid, it seems likely that this is part of the same VPN problem that affects iOS 16 as a whole.

Read more of this story at Slashdot.

Samsung has confirmed the first third-party smart TV makers to ship with its Tizen operating system (OS), with several manufacturers preparing to launch Tizen-powered TVs this year across Europe and Australasia. From a report: Tizen, for the uninitiated, is a Linux-based OS hosted by the Linux Foundation for more than a decade, though Samsung has been the primary developer and driving force behind the project, using it across myriad devices, including smartwatches, kitchen appliances, cameras, smartphones and TVs. Although Samsung has essentially abandoned Tizen in smartphones and smart watches, TVs have remained fertile ground for Tizen to flourish, chiefly due to the fact that Samsung is the biggest selling TV maker globally. But while recent figures from Dataxis show that Tizen's market share in 2020 was roughly one-third in terms of installation base, the number has been slowly creeping downward with the likes of Android TV and Roku edging upward.

Read more of this story at Slashdot.

A new version of a quarter-century-old window manager shows that there's still room for improvement and innovation, even in established, mature tools. The Register reports: IceWM is [...] a traditional stacking window manager allowing you to open, move, and resize windows. It's relatively simple, easy, and quick to learn. By default, it also provides an app launcher and an app switcher, using the familiar Windows 95 model: a hierarchical start menu and a taskbar. If you do a minimal install of openSUSE, you get IceWM. It's also one of the defaults in the lightweight antiX and Absolute Linux distros. With such a relatively simple remit, it's good to see that development is still going on. Version 2.0 appeared late in 2020, removing a legacy protocol and adding a new image rendering engine. Now version 3.0 is out with a whole new feature: tabbed windows. Reminiscent of one of The Reg FOSS desk's favorite OSes, the late and great Be OS, tabbed windows turn the title bar into a tab that is less than the full width of the window. In IceWM 3, this allows you to attach windows together to form one entity that can be moved and sized in a single operation â" but the contents of the different windows can be accessed individually using each one's tab. In other words, it works like browser tabs, but the different windows don't need to be from the same parent application. "IceWM's new tabbed windows are the sort of relatively simple improvement to the very well-established metaphor of window management that this vulture really likes to see: small, elegant, and yet helpful," adds The Register's Liam Proven. "We feel that there's plenty more room for improvement within this space. For instance, very few window managers offer the choice of where the title bar (or tab) is located; on a widescreen, placing them on the side, as wm2 and wmx do, would save valuable vertical pixels."

Read more of this story at Slashdot.

"This Monday, the first set of patches to enable Rust support and tooling was merged for Linux 6.1," writes Slashdot reader sabian2008, sharing an update from longtime kernel developer Kees Cook: The tree has a recent base, but has fundamentally been in linux-next for a year and a half. It's been updated based on feedback from the Kernel Maintainer's Summit, and to gain recent Reviewed-by: tags. Miguel is the primary maintainer, with me helping where needed/wanted. Our plan is for the tree to switch to the standard non-rebasing practice once this initial infrastructure series lands. The contents are the absolute minimum to get Rust code building in the kernel, with many more interfaces[2] (and drivers -- NVMe[3], 9p[4], M1 GPU[5]) on the way. The initial support of Rust-for-Linux comes in roughly 4 areas: - Kernel internals (kallsyms expansion for Rust symbols, %pA format) - Kbuild infrastructure (Rust build rules and support scripts) - Rust crates and bindings for initial minimum viable build - Rust kernel documentation and samples Further reading: Linux 6.0 Arrives With Support For Newer Chips, Core Fixes, and Oddities

Read more of this story at Slashdot.

Apple is bringing Stage Manager, a new multitasking system exclusive to iPads with the M1 chip, to a number of older devices. Engadget reports: Probably the biggest change Apple announced with iPadOS 16 earlier this year is Stage Manager, a totally new multitasking system that adds overlapping, resizable windows to the iPad. That feature also works on an external display, the first time that iPads could do anything besides mirror their screen on a monitor. Unfortunately, the feature was limited to iPads with the M1 chip -- that includes the 11- and 12.9-inch iPad Pro released in May of 2021 as well as the M1-powered iPad Air which Apple released earlier this year. All other older iPads were left out. That changes with the latest iPadOS 16 developer beta, which was just released. Now, Apple is making Stage Manager work with a number of older devices: it'll work on the 11-inch iPad Pro (first generation and later) and the 12.9-inch iPad Pro (third generation and later). Specifically, it'll be available on the 2018 and 2020 models that use the A12X and A12Z chips rather than just the M1. However, there is one notable missing feature for the older iPad Pro models -- Stage Manager will only work on the iPad's build-in display. You won't be able to extend your display to an external monitor. Apple also says that developer beta 5 of iPadOS 16. is removing external display support for Stage Manager on M1 iPads, something that has been present since the first iPadOS 16 beta was released a few months ago. It'll be re-introduced in a software update coming later this year.

Read more of this story at Slashdot.

Apple has responded to user complaints regarding an annoying pop-up in iOS 16 that asks for user permission if an app wants to access the clipboard to paste text, images, and more. From a report: The new prompt was added to iOS 16 as a privacy measure for users, requiring that apps ask for permission to access the clipboard, which may have sensitive data. The prompt, however, has become an annoyance for users as they install iOS 16, as it constantly asks for permission whenever they wish to paste something into an app. As user annoyance with the behavior boils high, Apple has finally responded, saying the constant pop-up is not how the feature is intended to work. MacRumors reader Kieran sent an email to Craig Federighi and Tim Cook, complaining about the constant prompt and advocating for Apple to treat access to the clipboard the same way iOS treats third-party access to location, camera, microphone, and more. Ron Huang, a senior manager at Apple, joined the email thread saying the pop-up is not supposed to appear every time a user attempts to paste. "This is absolutely not expected behavior, and we will get to the bottom of it," Huang said. Huang added that this behavior is not something Apple has seen internally but that Kieran is "not the only one" experiencing it. Responding to the suggestion that clipboard access should be added within the Settings app on a per-app basis, Huang said it would make a "good improvement" and added that Apple "certainly need to fix and make apps like Mail just work even without this setting, but it's nonetheless helpful for apps which users want to share data with even if they didn't initiate it." "Stay tuned," he added.

Read more of this story at Slashdot.

In an update coming to iOS 16 later this year, Apple plans to add a new "Clean Energy Charging" option in the United States. MacRumors reports: The information was shared in Apple's iOS 16 press release, and it says that clean energy charging will optimize charging times for when the grid is using cleaner energy sources. With Clean Energy Charging, Apple is aiming to decrease the carbon footprint of the iPhone. This is the first we've heard of clean energy charging, and it's not a feature that Apple has previously highlighted.

Read more of this story at Slashdot.

Apple has released an iOS 12 update users of older iPhone and iPad devices should download as soon as possible. Engadget reports: The new version of the company's 2018 operating system addresses a major vulnerability that Apple recently patched within iOS 15. According to a support document, the WebKit flaw could have allowed a website to run malicious code on your device. In its usual terse manner, Apple notes it is "aware of a report that this issue may have been actively exploited." For that reason, you should download the update as soon as possible if you're still using an iOS 12 device. That's a list that includes the iPhone 5s, iPhone 6, as well as iPad Air, iPad mini 2 and iPad mini 3. You can download iOS 12.5.6 by opening the Settings app, tapping on "General" and then selecting "Software Update."

Read more of this story at Slashdot.

The kingdom of Google's third major operating system, Fuchsia, is growing a little wider today. ArsTechnica: 9to5Google reports Google completed the rollout of Fuchsia to the Google Nest Hub Max. Along with the original Nest Hub/Google Home Hub, that puts two of Google's three smart displays on the new OS, with the one holdout being the 2nd Gen Nest Hub. The Nest Hub Max is the first device running Fuchsia that Google is currently selling -- the Home Hub only got Fuchsia after it had been discontinued. The Google smart display user interface is written in Flutter, a Google programming language designed for portability, which runs on Android, iOS, Fuchsia, and the weird cast platform Nest Hubs typically use. So it's not right to describe the user interface as "similar" after the OS swap -- it's the exact same code because Flutter runs on nearly everything. You are getting a slightly newer code version, though, and it comes with a Bluetooth menu. If you dive into the settings and hit "about device," you'll see a "Fuchsia Version" field that will say something like "6.20211109.1.3166243." It's a bit weird to do an entire OS switch to the futuristic, secretive Fuchsia project and then have basically nothing to show (or say) for it in terms of obvious improvements in performance or security. You can dive into the minutia of the Fuchsia source code, but it continues to be a mystery in terms of what practical benefits it offers consumers. Google never talks about Fuchsia, so not much is known about what, exactly, Google is accomplishing here.

Read more of this story at Slashdot.

An anonymous reader shares a report: While mostly of benefit to server administrators with large fleets of hardware, Linux 6.1 aims to make it easier to help spot problematic CPUs/cores by reporting the likely socket and core when a segmentation fault occurs, which can help in spotting any trends if routinely finding the same CPU/core is causing problems. Queued up now in TIP's x86/cpu branch for the Linux 6.1 merge window in October is a patch to print the likely CPU at segmentation fault time. Printing the likely CPU core and socket when a seg fault occurs can be beneficial if routinely finding seg faults happening on the same CPU package or particular core.

Read more of this story at Slashdot.

Google is releasing Chrome OS Flex today, a new version of Chrome OS that's designed for businesses and schools to install and run on old PCs and Macs. From a report: Google first started testing Chrome OS Flex earlier this year in an early access preview, and the company has now resolved 600 bugs to roll out Flex to businesses and schools today. Chrome OS Flex is designed primarily for businesses running old Windows PCs, as Google has been testing and verifying devices from Acer, Asus, Dell, HP, Lenovo, LG, Toshiba, and many more OEMs. Flex will even run on some old Macs, including some 10-year-old MacBooks. The support of old hardware is the big selling point of Chrome OS Flex, as businesses don't have to ditch existing hardware to get the latest modern operating system. More than 400 devices are certified to work, and installation is as easy as using a USB drive to install Chrome OS Flex.

Read more of this story at Slashdot.

We're a couple of months out from Apple officially rolling out the next major versions of its various operating systems. However, you can try out iOS 16, iPadOS 16, watchOS 9, macOS Ventura and tvOS 16 right now. Apple has released a public beta, a few weeks after it offered up the first developer betas. To access them, you'll need to sign up for the Apple Beta Software Program and follow the directions.

Read more of this story at Slashdot.

RISC OS, the operating system of the original Arm computer, the Acorn Archimedes, is still very much alive -- and doing relatively well for its age. The Register reports: In June 1987, Acorn launched the Archimedes A305 and A310, starting at $982 and running a new operating system called Arthur. At the time, it was a radical and very fast computer. In his review (PDF) for Personal Computer World, Dick Pountain memorably said: "It loads huge programs with a faint burping noise, in the time it takes to blink an eye." Arthur was loosely related to Acorn's earlier MOS, the BBC Micro operating system but looked very different thanks to a prototype graphical desktop, implemented in BBC BASIC, that could charitably be called "technicolor." Renamed RISC OS, version 2 followed in 1989 -- the same year that Sun started selling its new SPARCstation 1 (a snip at $9,200) and DEC launched the MIPS R2000-chipset-based DECstation 3100 (for $10,800). RISC OS has had a rather convoluted history, partly due to Acorn spinning out Arm, eventually pulling out of the computer market, rebranding as Element 14 and being acquired by Broadcom, where Arm co-designer Sophie Wilson still works today. And partly due to drama over the ownership of the OS post-Acorn at one point. One fork of RISC OS still supports Acorn-era Arm's odd 26-bit mode, meaning that today it mostly runs on the commercial Virtual Acorn emulator. The other branch, designed for the 32-bit mode of more recent Arm chips, is now owned by RISC OS Developments, which made it fully open source back in 2018. Development and maintenance is done by the team at RISC OS Open Ltd -- ROOL for short -- which offers downloads for a variety of current Arm hardware, such as the Titanium desktops. [...] RISC OS Developments are still working on new functionality for the OS. Notably, it recently released a new TCP/IP stack, derived from OpenBSD. Right now, the main benefit is IPv6 support. A feature more significant to most users is still in development: Wi-Fi support. Also still under development, but available to paid backers, is a new RISC OS web browser, Iris. RISC OS does come with a choice of browsers -- NetSurf and Otter -- but the plan is that the new Iris browser will be a native app, with the RISC OS look and feel, but using the WebKit engine for better compatibility with the modern web. The main remaining limitation is SMP. As an OS from the 1980s, long before the 21st-century technology of mainstream multicore processors, RISC OS practically only supports a single CPU core. Various experimental efforts are under way to address this. One has got NetBSD running on another core, and another has the experimental Genode OS running alongside RISC OS. Another effort is working on adding SMP support into the RISC OS kernel itself.

Read more of this story at Slashdot.