Following the introduction of the iPhone 12 mini, iPhone 12, iPhone 12 Pro, and iPhone 12 Pro Max, Apple has released iOS and iPadOS 14.1 golden master betas for developers, with the iOS 14.1 update presumably coming pre-installed on the new iPhones at launch. The new updates are available for download from Apple’s developer portal. Earlier today, these software releases were positioned as…
Apple Event deals continue to pour in, with B&H Photo delivering the lowest price available on Apple’s 16-inch MacBook Pro. Save $320 to $400 while supplies last.
Even the high-end 8-core 16-inch MacBook Pro with a Core i9 processor, 16GB of RAM, a 1TB SSD and AMD Radeon Pro 5500M 4GB GPU is on sale, with B&H knocking $400 off the premium model in Space Gray.
There are perks to shopping at B&H too, with free expedited shipping on the MacBook Pros within the contiguous U.S. and no interest financing when paid in full within 12 months with the B&H Financing Card, or a sales tax refund in qualifying states with the Payboo Card.
Quantities are limited and the offers may sell out at any time.
Top 16-inch MacBook Pro Prime Day deals
AppleInsider and Apple authorized resellers are also running additional exclusive deals on hardware that will not only deliver the best Apple prices on many of the items, but also throw in bonus discounts on AppleCare, software and more. Here are some of the offers:
The security researchers that found a vulnerability in Apple’s T2 chip have developed an exploit using a clone of an internal debugging cable that can hack a Mac without user action.
Earlier in October, the checkra1n team developed the unfixable vulnerability that essentially allows an attacker to jailbreak the T2 security chip in a Mac. Once they do, all types of malicious attacks can be carried out on an affected macOS device.
Now, the team has demoed a real-world attack that takes advantage of a technique similar to one leveraged by specialized USB-C cables used internally by Apple for debugging.
As depicted in a YouTube video, and accompanying blog post, the exploit causes a machine to shut down once the cable is plugged in. From there, it’s placed into DFU mode and checkra1n is run to achieve a root SSH session. A second video posted to the team’s YouTube account showed that the attack was successfully carried out by modifying the Apple logo at boot.
The attack is carried out by software reverse engineered from specialized debug probes, which are used by Apple and known under internal code names such as “Kong,” “Kanzi,” or “Chimp.” These cables work by allowing access to special debug pins within a USB port for the CPU and other chips.
These “Chimp” or “Kanzi” cables have leaked from Cupertino and Apple retail in the past. Security researcher Ramtin Amin created an effective clone of the cable, dubbed a “Bonobo” and used in the video. Combined with the checkra1n team’s exploits, it allows for this type of attack to be carried out.
Although the video demonstration shows them modifying the Apple logo, the team notes that the same exploit can be used to replace a device’s EFI and upload a keylogger. That’s possible because a mobile Mac’s keyboard is connected directly to the T2 chip.
The proof-of-concept exploit was disclosed by checkra1n security researchers Rick Mark, Mrarm, Aun-Ali Zaidi, and h0m3us3r. The team also announced that a version of the cable will soon be available for sale.
As noted earlier, these specialized debug cables can sometimes be found in the wild. With a commercial clone soon to be available, there’s a good chance that most Mac models on the market with a T2 chip could be vulnerable.
Of course, the attack requires direct physical access to a Mac, which rules out most types of scenarios for the average user.
However, users who may find themselves targeted by nation-states or cybercriminals should ensure that they have keep their Mac safe by maintaining physical security of the device.
Apple is knocking a little extra off the price of its base model MacBook Air today so if you’ve been sleeping on getting a new machine, today’s a good day to wake up. The new MacBook Air is packing 256GB of built-in storage and, more importantly, a new scissor-switch design that won’t gum up as easily. When we reviewed it earlier this year, we called it a “return to form,” with a pretty high score of 87 out of 100. This is, after all, the MacBook that most people want to buy, today at a price that’s really rather compelling.
Head on over to the page and you’ll see that it’s priced at $899, but there’s listed coupon that, when applied, knocks an additional $50 off. That’s a better deal than the one offered up last month, which cost $899, for the same 10th-gen Core i3 CPU and 8GB RAM. It’s worth adding that this deal doesn’t appear to be limited to Prime Members, so even if you didn’t leave out brandy and cookies for Jeff Bezos, you can still snag the discount.
The MacBook Air has, for years, been Apple’s most affordable laptop, with exactly what you need to get work done and little else. It had, however, languished at the bottom of Apple’s affections between 2012 and 2018, when the company finally gave it an improved design. That included a new retina display, TouchID and two USB 3.1 ports with Thunderbolt 3, alongside the mainstay 3.5mm audio port. The new additions didn’t affect its weight, however, coming in at a barely-bag-troubling 2.8 pounds.
Follow @EngadgetDeals on Twitter for the latest tech deals and buying advice.
An international regulator is showing five unannounced Apple Mac models running macOS Big Sur, although unusually, the new listing also includes multiple Macs and iOS devices that have previously been registered.
Four new entries in the Eurasian Economic Commission’s regulatory database together list a total of 64 Apple devices — though only five have not appeared before. It’s unusual to see so many re-listings, and the EEC database does not explain them, but the new devices are required to be listed before they can go on sale.
All five of the entirely new entries are Macs listed, in translation, as “personal computers of the Apple trademark, and spare parts for it.” They are running “macOS software version 11.0.” These new devices have the model numbers A2348, A2438, A2439, A2337, and A2338.
Also listed and not yet released are Macs with macOS Big Sur model numbers A2147, A2158, and A2182. These three were previously listed on the EEC database in June 2019.
Given that this original date comes before the release of macOS Catalina, it’s possible that the re-listings are all to do with the devices now being registered as coming with macOS Big Sur installed.
Extract from the EEC database showing four new sections, each containing very many repeat listings — but some new Macs
Similarly, the EEC database shows 39 iOS devices as being new, but all are either existing devices or if they are yet to be released, have previously been listed. The nine iOS devices that have yet to be released were all listed in June 2020.
