How can Apple have the best client-side implementation of Passkeys (Safari, macOS, & iOS) but the worst server-side implementation of Passkeys (App Store Connect, always failing) at the same time? 😔
// cc. @rmondello
=> More informations about this toot | View the thread
MakePass 4.9 with Apple Intelligence’s Image Playground support is now available in the App Store! 🎉
https://apps.apple.com/app/makepass-ai-wallet-editor/id1450989464
=> More informations about this toot | View the thread
Test cross-post from Openvibe!
https://apps.apple.com/es/app/openvibe-open-social-app/id1666230916
=> More informations about this toot | View the thread
MakePass meets Apple Intelligence’s Image Playground:
=> More informations about this toot | View the thread
(Test post for Bluesky bridge).
=> More informations about this toot | View the thread
Apple Intelligence advertisements are so weird. It’s like they are saying: this is for lazy, unprofessional people.
https://youtu.be/3m0MoYKwVTM?si=ktoedn3vVhlfbFoe
https://youtu.be/A0BXZhdDqZM?si=kZ52O7-gcQvy_256
etc.
=> More informations about this toot | View the thread
https://mastodon.social/@pvieito/113267341329277328
=> More informations about this toot | View the thread
CVE-2024-40801: How a Sandboxed Mac App Could Steal Your Private Data Bypassing TCC Protections: https://pvieito.com/2024/09/cve-2024-40801
=> More informations about this toot | View the thread
This issue is now fixed on macOS Sonoma 14.7 & macOS Sequoia 15.0! 🎉
My first CVE: CVE-2024-40801! I’ll share more details soon about this vulnerability.
https://support.apple.com/en-us/121238
=> More informations about this toot | View the thread
Happy macOS Sequoia & iOS 18 day! 🎉
All my iOS apps now support the new Dark Mode icons, enjoy!
=> More informations about this toot | View the thread
Is the EU vs. Apple theme the major schism in the Apple world since the Mac Catalyst is good vs. horrible?
=> More informations about this toot | View the thread
🎉
=> More informations about this toot | View the thread
This is a nice extra protection: in macOS Sequoia to enable an app to automate the Finder the user has to explicitly enable it in System Settings: https://developer.apple.com/documentation/macos-release-notes/macos-15-release-notes
This makes sense as an app that can automate the Finder “has” Full Disk Access.
=> More informations about this toot | View the thread
First iteration of dark-mode icons! 🎉
=> More informations about this toot | View the thread
Mac Catalyst apps like WhatsApp for Mac (when distributed outside of the App Store) seems to get the App Groups entitlement in the provisioning profile.
Apple should now allow the same for non-Catalyst macOS apps.
=> View attached media | View attached media
=> More informations about this toot | View the thread
The issue is, that a lot of "universal” macOS + iOS apps use Group Container identifiers that are not prefixed with the app developer Team ID but with “group.” (like “group.net.whatsapp.WhatsApp.shared”).
And when distributing these apps outside the App Store they are not authorized (see for example: https://github.com/sindresorhus/Actions/releases/download/v2.10.0/Actions.2.10.0.zip).
You should be able to use a provisioning profile to avoid this issue but the App Groups capability does not seems to be supported by macOS provisioning profiles:
=> More informations about this toot | View the thread
For an app be considered “authorized” it has to include the Group Container identifier in the “com.apple.security.application-groups” entitlement and meet one of the following requirements:
– Be distributed via the App Store.
– The identifier is prefixed with the app developer Team ID.
– The identifier is included in the provisioning profile.
=> More informations about this toot | View the thread
In macOS Sequoia when an unauthorized app tries to access an app group container (in ~/Library/Group Containers) the system shows a permission prompt: https://developer.apple.com/documentation/macos-release-notes/macos-15-release-notes
This is great, but…
=> More informations about this toot | View the thread
New post recapping last week's ChatGPT saga with extra details: https://pvieito.com/2024/07/chatgpt-unprotected-conversations
=> More informations about this toot | View the thread
Just for reference: Good news! The new ChatGPT version now encrypts the local chats: https://www.theverge.com/2024/7/3/24191636/openai-chatgpt-mac-app-conversations-plain-text
I continue hoping they sandbox the app in the future for improved protection.
=> More informations about this toot | View the thread
=> This profile with reblog | Go to pvieito@mastodon.social account This content has been proxied by September (ba2dc).Proxy Information
text/gemini