Day: October 6, 2020

Apple’s Surprising MacBook Pro Problem – Forbes

Security researchers are reporting a significant flaw in Apple’s T2 security chip that has a wide-ranging impact on the MacOS platform, especially the latest MacBook Air and MacBook Pro machines. With the issue located in the read-only memory portion of the T2, the flaw is effectively unpatchable, leaving user data exposed.

Key Speakers At Apple's Worldwide Developer Conference

Philip “Phil” Schiller, senior vice president of worldwide marketing for Apple Inc., displays the … [+] new MacBook Pro laptop computer while speaking at the Apple Worldwide Developers Conference in San Francisco, California, U.S., on Monday, June 11, 2012. Apple Inc. is releasing a fresh lineup of computers and software tools to woo consumers and keep developers making applications amid accelerating rivalry from Google Inc., Microsoft Corp. and, now, Facebook Inc. Photographer: David Paul Morris/Bloomberg *** Local Caption *** Phil Schiller

BLOOMBERG NEWS

As first described by Belgian security firm IronPeak, it is possible to gain control over the core Operating System. This could facilitate data extraction, allow keylogging software or malware to be installed, and any number of other potential uses. The exploit relies on code previously used to jailbreak the iPhone X handsets. Mahit Huilgoi has more details at iPhoneHacks:

“The exploit is called check8 and was developed initially for iPhone X. Interestingly, the iPhone X is powered by A10 processor, and the T2 chip is also modeled after the A10 processor. Typically, the T2 chip throws a fatal error whenever it gets a decryption call. However, the attackers can circumvent the check with the help of a blackbird vulnerability. The worst part is that sepOS/BootROM is Read-Only memory, which means Apple will not be able to patch this without changing the hardware.”

Recommended For You

Because of the physical nature of the flaw in the T2 chip – the exploit is in the read-only memory of the chip – this is not a security issue that can be patched by a firmware update. Apple will no doubt be re-engineering the chip so that Macs rolling out of the factory in the near future will have patched hardware.

The physical nature of the exploit also means that any attacker is going to need to physical access to your machine to take control of the T2 chip (although remote programs could be installed so that access may be a one-time requirement). That puts Apple’s mobile Macs at a higher risk, especially the MacBook Pro given its target market is more likely to be carrying sensitive information at a personal, enterprise, or governmental basis while travelling.

The impact on the individual is huge. MacOS, as it stands today, has issues. IronPeak sums up the state of the platform as they see it:

“TL;DR: all recent macOS devices are no longer safe to use if left alone, even if you have them powered down.

“The root of trust on macOS is inherently broken; They can bruteforce your FileVault2 volume password; They can alter your macOS installation; They can load arbitrary kernel extensions; Only possible on physical access.”

As with all flaws, the route to exploit and maintain the attack will define just how serious a threat user data is exposed. Will Strafach, CEO of the security focused GuardianApp system, notes on Twitter some of the limitations that will need to be explored:

“What is proven: with physical access to such a computer and time to reboot into DFU to apply checkm8, one can boot arbitrary code on the T2. What is not proven: any sort of useful persistence. property lists on the Data partition could be modified, which is not great, but there is no evidence yet that one can persist unauthorized code through a full and proper reboot.”

Not discounting the severity of the actual exploit, the perception of the actual exploit may have a larger impact. Apple places great value in its message of security, and providing a safe working environment for consumers using its devices. This is laid out in details through the ‘Apple Platform Security’ section of its website. The existence of a potentially significant security exploit in Mac hardware that users need to be aware of, does not sit easily next to this message.

Apple has been approached for comment.

Now read more about the challenge to Apple’s new ARM-powered world offered by Microsoft’s Surface Pro X…

Best Monitor for Mac mini 2020 – Best gaming pro

Greatest
Monitor for Mac mini
iMore
2020

When you’re searching for a large-screen show to go together with your Mac mini, you’ve got come to the proper place. Your greatest guess is the LG UltraFine 4K show, our greatest monitor for Mac mini, because of its versatility and worth. It is excellent for most individuals, although there are different screens you may as well think about, relying in your scenario or price range. Listed below are the perfect screens for Mac mini.

This is a workhorse 4K monitor that works completely with the Mac mini. Although it does not have the Apple design aesthetic, the great things is all on the within. Identical to an Apple model monitor, the entire monitor’s controls can be found within the settings part of your Mac.

This 24-inch show suits proper into the pocket of fairly priced and wonderful high quality should you do not thoughts the boxy black look. As for the worth, you will get two of them for nearly the worth of 1 LG UltraFine 5K Show (see beneath).

That is additionally our favourite USB-C monitor of the yr for MacBooks

Professionals:

  • Two Thunderbolt three ports
  • Twin-screen full 4K show assist
  • Helps 85W charging
  • Simple to arrange

Cons:

  • No digital camera or mic
  • No legacy ports

Greatest Total

LG UltraFine 4K

Twin-screen full 4K assist

Hook up two for an attractive, brilliant, and handy workflow on your Mac laptop computer.

This LG monitor helps USB-C and Thunderbolt. The Thunderbolt three prices the Mac mini, and the three USB-C ports provide 5Gbps downstream. Its 27 inches huge, which is in regards to the dimension of Apple’s bigger iMac, and has an analogous P3 vast shade gamut with 500 nits brightness. For full 5K decision on a bigger show, the UltraFine 5K is your excellent selection.

Its largest downfall is that it does not fairly have that Apple aesthetic. LG has designed a lovely Edge-Arcline base for a few of its screens, which seems higher with Apple merchandise. The UltraFine 5K, sadly, nonetheless has that huge, boxy black base.

Professionals:

  • As much as 5K decision
  • Designed for Apple
  • Thunderbolt three and USB-C
  • Constructed-in audio system, digital camera, and mic

Cons:

  • No Apple aesthetic
  • No legacy ports

Greatest Premium

LG UltraFine 5K

Full 5K show plus assist for USB-C

In case your workflow contains each a Mac mini and an iPad Professional, that is the monitor you need.

Although we continued to be impressed with LG’s UltraFine 5K, it is the 34WK95U-W that wins our hearts. This 5K monitor has a 5120×2160 decision, 34-inch show, a Thunderbolt three port, an HDMI port, a DisplayPort port, and a few USB-A ports. It is extra versatile than the UltraFine, and that is ultra-fine with us.

Professionals:

  • Professional-quality expertise
  • Nano ISP shade 5K show
  • USB hub
  • Versatile enter choices

Cons:

  • No built-in digital camera or microphone
  • Poor built-in speaker high quality

Greatest for Widescreen



LG 34WK95U-W Nano-ISP UltraWide

One other stunning selection

Use LG’s UltraWide monitor together with your Mac and daisy chain it with a second 4K monitor.

The long run is curved, and LG is the pioneer of bending the show guidelines. This 38-inch UltraWide monitor has a 21:9 ratio with split-screen assist and is ideal for graphic designers and professional picture and video editors. The show has a USB-C information switch port, two USB-A ports, plus a few HDMI ports and a DisplayPort port.

Professionals:

  • Nicely-designed
  • Simple setup
  • Versatile ports
  • Good built-in audio

The ZenScreen is a favourite across the iMore workplace for its unbelievable portability. It is a 15.6-inch display with a USB-C connector. You may rotate between panorama and portrait mode, and it is appropriate with Thunderbolt three. When you want a second display whenever you’re headed for the espresso store, this takes up simply the correct amount of house with out being a burden in your portability.

Professionals:

  • Weighs lower than 2 kilos
  • Extremely-slim at solely 8mm thick
  • Comes with its personal cowl
  • 60Hz refresh fee

Cons:

  • Doesn’t cost your laptop computer
  • No HDMI assist

Greatest on a price range



ASUS ZenScreen

As transportable because it will get

The ZenScreen is ASUS’s very transportable monitor with a USB-C port, a great-looking IPS panel, and extra.

Backside line

Selecting the correct second display on your Mac mini is a tough one. It is necessary to think about how a lot room you may have in your desk, what you intend to make use of your Mac laptop computer for, and the way a lot you possibly can afford. That is why the LG UltraFine 4K is our greatest monitor for Mac mini this yr because it’s the proper match for most individuals. At 24-inches, it is huge, however not too huge. It is bought an unbelievable 4K display decision and quite a lot of versatile ports for connecting all method of peripherals.

If the LG is only a bit out of your vary, the ASUS ZenScreen actually is the subsequent neatest thing and it is transportable! On the opposite finish, think about the at all times spectacular LG UltraFine 5K. The monitor is highly effective and delightful too!

And notice, any of those screens will nearly actually be appropriate with any upcoming Apple Silicon Mac mini as effectively.

Credit — The group that labored on this information

We could earn a fee for purchases utilizing our hyperlinks. Learn more.

Chrome 86 brings password protections for Android and iOS, VP9 for macOS Big Sur – VentureBeat


Google today launched Chrome 86 for Windows, Mac, Linux, Android, and iOS. Chrome 86 brings password protections for Android and iOS, VP9 for macOS Big Sur, autoupgrades for insecure forms, File System Access API, focus indicator improvements, and a slew of developer features. You can update to the latest version now using Chrome’s built-in updater or download it directly from google.com/chrome.

With over 1 billion users, Chrome is both a browser and a major platform that web developers must consider. In fact, with Chrome’s regular additions and changes, developers have to stay on top of everything available — as well as what has been deprecated or removed. Chrome 86, for example, deprecates support for FTP URLs, starting with 1% of users and ramping up to 100% by Chrome 88.

Security improvements on Android and iOS

Chrome for Android and iOS now tells you if the passwords you’ve asked Chrome to remember have been compromised. Chrome sends an encrypted copy of your usernames and passwords to Google, which checks them against lists of credentials known to be compromised. Because they are encrypted, Google cannot see your username or password, the company claims. If you have a compromised password, Chrome will take you directly to the right “change password” form.

The last part works if the website in question has set a well-known URL for changing passwords (such as domain.com/change-password). The purpose of the URL is to redirect users to the actual change password page. For more information, see “Help users change passwords easily by adding a well-known URL for changing passwords.”


You can’t solo security
COVID-19 game security report: Learn the latest attack trends in gaming. Access here


Google also announced today it plans to bring Safety Check, first introduced in Chrome 83, to mobile. In addition to handling compromised passwords for you, Safety Check also flags whether Google’s Safe Browsing service is turned off and your Chrome version is up-to-date.

Android

Chrome 86 for Android is rolling out slowly on Google Play. The changelog isn’t available yet — it merely states that “This release includes stability and performance improvements.”

We do know, however, that Chrome for Android now has Google’s Enhanced Safe Browsing, which the company brought to Chrome for desktop earlier this year. Safe Browsing protects over 4 billion devices by providing lists of URLs that contain malware or phishing content to Chrome, Firefox, and Safari browsers, as well as to internet service providers (ISPs). Enhanced Safe Browsing takes that a step further with more proactive and tailored protections from phishing, malware, and other web-based threats. If you turn it on, Chrome proactively checks whether pages and downloads are dangerous by sending information about them to Google Safe Browsing.

If you’re signed in to Chrome, Enhanced Safe Browsing will further protect your data in Google apps you use (Gmail, Drive, etc.) “based on a holistic view of threats you encounter on the web and attacks against your Google Account.” Of those users who have enabled checking websites and downloads in real time, Google says its predictive phishing protections see a roughly 20% drop in users typing their passwords into phishing sites.

iOS

Chrome 86 for iOS meanwhile is out on Apple’s App Store with the usual “stability and performance improvements.” Here is the full changelog:

  • You can now make Chrome your default browser.
  • You can check if your saved passwords have been compromised and, if so, how to fix them. Go to Chrome settings > passwords > check passwords.
  • You now have more sharing, opening and other options when you tap and hold on Bookmarks, history, recent tabs, and read later.
  • You’ll see improvements to the personalized stories on your new tab page.
  • If you have “Make searches and browsing better” turned on, Chrome will offer some additional protection by checking known phishing websites with Google in real time.

Google also promises that the next Chrome for iOS release will add more password features. There will be a biometric authentication step before autofilling passwords — you’ll be able to authenticate using Face ID, Touch ID, or your phone passcode.

Chrome for iOS autofill

You will soon also be able to autofill saved login details into other apps or browsers.

VP9 for macOS Big Sur

Chrome 86 brings the VP9 video codec to macOS Big Sur whenever it’s supported in the underlying hardware. VP9 is the successor to VP8, both of which fall under Google’s WebM project of freeing web codecs from royalty constraints.

If you use the Media Capabilities API to detect playback smoothness and power efficiency, the logic in your video player should automatically start preferring VP9 at higher resolutions. To take full advantage of this feature, Google recommends that developers encode their VP9 files in multiple resolutions to accommodate varying user bandwidths and connections.

Autoupgrading mixed content

Google has been coaxing developers to avoid HTTP in a bid to get the web to HTTPS. While Chrome users spend over 90% of their browsing time on HTTPS, Google isn’t done yet. Chrome 79 introduced a setting to unblock mixed scripts, iframes, and other types of content that the browser blocks by default. Chrome 80 started autoupgrading mixed audio and video resources in HTTPS sites by rewriting URLs to HTTPS without falling back to HTTP when secure content is not available. Chrome 81 started autoupgrading mixed images to HTTPS.

Chrome insecure form warning

Chrome 86 now autoupgrades forms that don’t submit data securely. Chrome for desktop and Android will show you a mixed form warning before you submit a non-secure form that’s embedded in an HTTPS page. Chrome 86 will also block or warn on insecure downloads initiated by secure pages for commonly abused file types. Secure pages will eventually only be able to initiate secure downloads of any type.

HTTPS is a more secure version of the HTTP protocol used on the internet to connect users to websites. Secure connections are widely considered a necessary measure to decrease the risk of users being vulnerable to content injection (which can result in eavesdropping, man-in-the-middle attacks, and other data modification). Data is kept secure from third parties, and users can be more confident they are communicating with the correct website.

Google’s ultimate goal is to ensure HTTPS pages in Chrome can only load secure HTTPS subresources. If you’re a developer looking to clean up your mixed content, check out the Content Security Policy, Lighthouse, and this HTTPS guide.

Security fixes

Chrome 86 implements 35 security fixes. The following were found by external researchers:

  • [$N/A][1127322] Critical CVE-2020-15967: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab on 2020-09-11
  • [$5000][1126424] High CVE-2020-15968: Use after free in Blink. Reported by Anonymous on 2020-09-09
  • [$500][1124659] High CVE-2020-15969: Use after free in WebRTC. Reported by Anonymous on 2020-09-03
  • [$N/A][1108299] High CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub Security Lab on 2020-07-22
  • [$N/A][1114062] High CVE-2020-15971: Use after free in printing. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-08-07
  • [$TBD][1115901] High CVE-2020-15972: Use after free in audio. Reported by Anonymous on 2020-08-13
  • [$TBD][1133671] High CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30
  • [$TBD][1133688] High CVE-2020-15991: Use after free in password manager. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30
  • [$15000][1106890] Medium CVE-2020-15973: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-07-17
  • [$7500][1104103] Medium CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im (junorouse) of Theori on 2020-07-10
  • [$7500][1110800] Medium CVE-2020-15975: Integer overflow in SwiftShader. Reported by Anonymous on 2020-07-29
  • [$7500][1123522] Medium CVE-2020-15976: Use after free in WebXR. Reported by YoungJoo Lee(@ashuu_lee) of Raon Whitehat on 2020-08-31
  • [$5000][1083278] Medium CVE-2020-6557: Inappropriate implementation in networking. Reported by Matthias Gierlings and Marcus Brinkmann (NDS Ruhr-University Bochum) on 2020-05-15
  • [$5000][1097724] Medium CVE-2020-15977: Insufficient data validation in dialogs. Reported by Narendra Bhati (https://twitter.com/imnarendrabhati) on 2020-06-22
  • [$5000][1116280] Medium CVE-2020-15978: Insufficient data validation in navigation. Reported by Luan Herrera (@lbherrera_) on 2020-08-14
  • [$5000][1127319] Medium CVE-2020-15979: Inappropriate implementation in V8. Reported by Avihay Cohen @ SeraphicAlgorithms on 2020-09-11
  • [$3000][1092453] Medium CVE-2020-15980: Insufficient policy enforcement in Intents. Reported by Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security Xuanwu Lab (腾讯安全玄武实验室) on 2020-06-08
  • [$3000][1123023] Medium CVE-2020-15981: Out of bounds read in audio. Reported by Christoph Guttandin on 2020-08-28
  • [$2000][1039882] Medium CVE-2020-15982: Side-channel information leakage in cache. Reported by Luan Herrera (@lbherrera_) on 2020-01-07
  • [$N/A][1076786] Medium CVE-2020-15983: Insufficient data validation in webUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-04-30
  • [$TBD][1080395] Medium CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora on 2020-05-07
  • [$N/A][1099276] Medium CVE-2020-15985: Inappropriate implementation in Blink. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2020-06-25
  • [$N/A][1100247] Medium CVE-2020-15986: Integer overflow in media. Reported by Mark Brand of Google Project Zero on 2020-06-29
  • [$N/A][1127774] Medium CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke on 2020-09-14
  • [$N/A][1110195] Medium CVE-2020-15992: Insufficient policy enforcement in networking. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-28
  • [$500][1092518] Low CVE-2020-15988: Insufficient policy enforcement in downloads. Reported by Samuel Attard on 2020-06-08
  • [$N/A][1108351] Low CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans (Microsoft) on 2020-07-22

Google thus spent at least $72,000‬ in bug bounties for this release, a massive amount compared to its usual spend. As always, the security fixes alone should be enough incentive for you to upgrade.

Developer features

The File System Access API, first available as an Origin Trial, is now available in Chrome 86. The API lets developers build powerful web apps that interact with files on the user’s local device such as IDEs, photo and video editors, text editors, and so on.

focus indicator improvements

Chrome 86 introduces two improvements for focus indicator, a crucial feature for users who rely on assistive tech to navigate the web. The first is a CSS selector, :focus-visible, which lets a developer opt-in to the same heuristic the browser uses when it’s deciding whether to display a default focus indicator. The second is a user setting called Quick Focus Highlight, a setting that causes an additional focus indicator to appear over the active element. Importantly, this indicator will be visible even if the page has disabled focus styles with CSS, and it causes any :focus or :focus-visible styles to always be displayed.

Chrome offers Origin Trials, which let you try new features and provide feedback to the web standards community. Chrome 86 has five new Origin Trials: WebHID API, cross-screen window placement, battery-savings meta tag, secure payment confirmation, and Cross-Origin-Opener-Policy Reporting API.

As always, Chrome 86 includes the latest V8 JavaScript engine. V8 version 8.6 brings a more respectful code base, open sourced JS-Fuzzer, speed-ups in Number.prototype.toString, SIMD on Liftoff, and faster Wasm-to-JS calls. Check out the full changelog for more information.

Other developer features in this release include:

  • Altitude and Azimuth for PointerEvents v3: Adds Altitude and Azimuth angles to PointerEvents. Adds tiltX and tiltY to altitude and azimuth transformation and altitude and azimuth to tiltX and tiltY transformation, depending on which pair is available from the device. These angles are those commonly measured by devices. Altitude and azimuth can be calculated using trigonometry from tiltX, tiltY. From a hardware perspective it is easier and less expensive to measure tiltX and tiltY.
  • Change Encoding of Space Character when URLs are Computed by Custom Protocol Handlers: The navigator.registerProtocolHandler() handler now replaces spaces with “%20” instead of “+”. This makes Chrome consistent with other browsers such as Firefox.
  • CSS ::marker Pseudo-Element: Adds a pseudo-element for customizing numbers and bullets for <ul> and <ol> elements. This change lets developers control the color, size, bullet shape, and number type.
  • Document-Policy Header: Document Policy restricts the surface area of the web platform on a per-document basis, similar to iframe sandboxing, but more flexibly.
  • EME persistent-usage-record Session: Adds a new MediaKeySessionType named “persistent-usage-record session”, for which the license and keys are not persisted and for which a record of key usage is persisted when the keys available within the session are destroyed. This feature may help content providers understand how decryption keys are used for purposes like fraud detection.
  • FetchEvent.handled: A FetchEvent dispatched to a service worker is in a loading pipeline, which is performance sensitive. The new FetchEvent.handled property returns a promise that resolves when a response is returned from a service worker to its client. This enables a service worker to delay tasks that can only run after responses are complete.
  • HTMLMediaElement.preservesPitch: Adds a property to determine whether the pitch of an audio or video element should be preserved when adjusting the playback rate. This feature is wanted for creative purposes (for example, pitch-shifting in “DJ deck” style applications). It also prevents the introduction of artifacts from pitch-preserving algorithms at playback speeds very close to 1.00. It is already supported by Safari and Firefox.
  • Imperative Shadow DOM Distribution API: Web developers can now explicitly set the assigned nodes for a slot element. For information on how the new API solves these issues, see the Imperative Shadow DOM Distribution API explainer.
  • Move window.location.fragmentDirective: The window.location.fragmentDirective property has been moved to document.fragmentDirective. This is a change to the text fragments feature.
  • New Display Values for the <fieldset> Element: The <fieldset> element now supports ‘inline-grid’, ‘grid’, ‘inline-flex’, and ‘flex’ keywords for the CSS ‘display’ property.
  • ParentNode.replaceChildren() Method: Adds a method to replace all children of the ParentNode with the passed-in nodes.
  • Safelist Distributed Web Schemes for registerProtocolHandler(): Chrome has extended the list of URL schemes that can be overridden via registerProtocolHandler() to include cabal, dat, did, dweb, ethereum, hyper, ipfs, ipns, and ssb. Extending the list to include decentralized web protocols allows resolution of links to generic entities independently of the website or gateway that’s providing access to it. For more information, see Programmable Custom Protocol Handlers at are we distributed yet?
  • text/html Support for the Asynchronous Clipboard API: The Asynchronous Clipboard API currently does not support the text/html format. Chrome 86 adds support for copying and pasting HTML from the clipboard. The HTML is sanitized when it is read and written to the clipboard. This is also intended to help the replacement of document.execCommand() for copy and paste functionality.
  • WebRTC Insertable Streams: Enables the insertion of user-defined processing steps in the encoding and decoding of a WebRTC MediaStreamTrack. This allows applications to insert custom data processing. An important use case this supports is end-to-end encryption of the encoded data transferred between RTCPeerConnections via an intermediate server.

For a full rundown of what’s new, check out the Chrome 86 milestone hotlist.

Google releases a new version of its browser every six weeks or so. Chrome 87 will arrive in mid-November.

Twelve South launches protective SuitCase for MacBook Air, MacBook Pro – AppleInsider

The TwelveSouth SuitCase is a twill-covered shell case for MacBook Air and MacBook Pro, and is designed as a do-it-all cover for your laptop.

The SuitCase has a hard thermoformed body for impact protection and is covered in a neutral twill exterior that will blend into many environments. It is sealed with water-resistant zippers that also aid in protecting your precious Mac. SuitCase only comes in one color, a quilted light grey.

It can be carried around on its own via a retractable leather handle which allows you to forgo a heavier backpack or messenger bag for short trips or meetings.

SuitCase for MacBook from Twelve South

SuitCase for MacBook from Twelve South

Inside the SuitCase is a slim pocket for holding essentials such as papers or cables. However, the carrying case itself is too thin to hold a power brick for your Mac.

SuitCase for MacBook from Twelve South

SuitCase for MacBook from Twelve South

You’re able to work with your Mac still inside the SuitCase thanks to a suspension system that keeps the top of the case near your Mac while giving it room to breathe.

Future MacBook Pro could use deformable touchscreen keyboard instead of mechanical keys – AppleInsider

A future MacBook Pro may do away with mechanical keyboard mechanisms entirely to eliminate issues with debris, by using a force-sensitive surface on a flexible area of the MacBook’s casing to mimic the pressing of keys.

Over the years, Apple has received complaints about its MacBook Pro keyboards, especially for the butterfly mechanism, with key death being an issue among users. The ability for the mechanism to be jammed up with debris led to Apple introducing a membrane in 2018, but even that inclusion wasn’t enough for it to rethink its key mechanism usage.

The main issue is that it is practically impossible for Apple to create a keyboard that can be protected from the elements using conventional keyboard design techniques. Even if Apple internalizes most of the mechanism, there still has to be a protrusion to allow the externally-facing key to actuate, with the required holes being an entrypoint for debris.

While it is plausible to switch over to a display-style keyboard, as it has suggested in the past, this may not be desirable for end users. The result could be similar to typing on an iPad’s display, with the lack of tactile feedback likely to be an issue.

In a patent granted by the US Patent and Trademark Office on Tuesday titled “Configurable force-sensitive input structure for electronic devices,” Apple proposes that the keyboard and trackpad on devices like a MacBook could still be chained by a touch-sensitive layer. In this particular case, it would use force sensing to detect key presses, rather than typical touch-sensitive technology.

Areas of a MacBook's main surface that could be defined for a keyboard or trackpad.

Areas of a MacBook’s main surface that could be defined for a keyboard or trackpad.

Apple’s system would consist of an exterior surface for the keyboard having a defined virtual key region, complete with a lighting system within the casing to illuminate the keys. Using a transparent light guide that can be deformed by pressure, the keys can be lit individually, and could feasibly be set to display many different alphabets and layouts.

The surface would include the use of deformable sections, with the casing covering the light guide then an input stack, with all capable of being deformed based on the input of the user. The input stack would consist of a drive layer and a sense layer, with a processor configured to confirm a user input once a level of capacitance from pressure reaches a desired threshold.

In effect, the pressing of a finger on a virtual key would deform the surface and generate a force, which is measured and then determined to be a key press. This value of the pressed key is then sent to the rest of the system for further use.

While the mention of a deformable layer would suggest the use of plastics and other materials, it is still entirely plausible for it to be made from metal, allowing the entire surface of the MacBook Pro to remain one material.

Furthermore, while the use of a light guide will help determine the positioning of keys and values, it is also feasible for the same guide to be used to change what areas are used for different tasks. For example, the system could swap out the keyboard layout in favor of a very large trackpad, which would be outlined by the light guide.

The stack of components used to create the deformable keyboard layer.

The stack of components used to create the deformable keyboard layer.

It doesn’t even necessarily require the elimination of physical keys, as it would be possible to simply apply a layer of keys on top of their respective virtual versions, which will detect pressure from a user typing the physical version.

The patent was filed in July 2017, and lists its inventors as John B. Morrell, Ron A. Hopkinson, Peter M. Arnold, Mikael M. Silvanto, and William F. Leggett.

Apple files numerous patent applications on a weekly basis, but while the existence of a filing indicates areas of interest for Apple’s research and development teams, it doesn’t guarantee the appearance in a future product or service.

Apple has explored the idea of alternative keyboard systems for quite some time, both in terms of retaining a mechanical keyboard and replacing it.

On the mechanical side, it has suggested new mechanisms to reduce the thickness of the components, and the use of light as part of an “optical keyboard” mechanism. A hinged mechanism could even raise the angle of the keyboard and the height of the display to make it more ergonomically sound.

Apple has also suggested the use of a hinged OLED screen as a dynamic keyboard, and a “keyless keyboard” that follows the same idea with force sensing and haptic feedback, namely actuators to vibrate the device to mimic keystrokes.

Home-built ‘MacBook Mini’ is a fun project using a Raspberry Pi – 9to5Mac

Michael Pick, whose nickname is The Casual Engineer, has created a home-built “MacBook Mini” that he calls the world’s smallest MacBook…

It’s not a Hackintosh. It’s actually running an OS called iRaspbian, but it does give a pretty convincing impression of macOS at first glance.

The machine runs on a Raspberry Pi 4, and Pick has successfully run Chrome on it.

Tom’s Hardware explains more about iRaspbian.

If you’re looking for a classic Mac experience on the Raspberry Pi, you have to check out this new Raspbian skin from Grayduck and Pi Lab. The release, known as iRaspbian, mimics the look and feel of the Apple Mac OS X operating system.

The iRaspbian image is available for the Raspberry Pi, working great on the Raspberry Pi 4. It has menus, icons, and interfaces that strongly resemble the Apple operating system whose first version debuted in 2001.

Since the new image is essentially Raspbian, you can expect to run many of the same applications as before without issue. All of your Raspbian menus and tools are accessible through the Mac OS X-themed interface. iRaspbian is also supposed to work well for streaming media and supports Steam and even Android mirroring.

For the hardware, Pick goes back in time a little, opting for a MagSafe connector and a glowing Apple logo.

Pick has previously created what he says is the world’s smallest gaming PC, and if you prefer iMacs to MacBooks, he’s created a miniature version of that too — also powered by a Raspberry Pi 4.

One of the more impressive aspects of the build is that he went to the trouble to do cutouts for each key.

Take a look at the video below for a full run-through of the build and the finished result.

FTC: We use income earning auto affiliate links. More.

Check out 9to5Mac on YouTube for more Apple news: