While prepping an app for submission that still supports iOS 6 & 7, we discovered a bug when the app in run under iOS 8. There was a change to EKEventViewController that leaves behind some UI when the view is dismissed. So we had to use the default method for presenting the view.
The way we tested for iOS 6 and 7 last year was to check the version with:
OS X bash Update 1.0 is now available and addresses the following:
Bash Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: In certain configurations, a remote attacker may be able to execute arbitrary shell commands Description: An issue existed in Bash’s parsing of environment variables. This issue was addressed through improved environment variable parsing by better detecting the end of the function statement. This update also incorporated the suggested CVE-2014-7169 change, which resets the parser state. In addition, this update added a new namespace for exported functions by creating a function decorator to prevent unintended header passthrough to Bash. The names of all environment variables that introduce function definitions are required to have a prefix “__BASH_FUNC<” and suffix “>()” to prevent unintended function passing via HTTP headers.
OS X bash Update 1.0 may be obtained from the following webpages:
* Open Terminal * Execute this command: bash –version * The version after applying this update will be: OS X Mavericks: GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin13) OS X Mountain Lion: GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin12) OS X Lion: GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin11)
The latest annoyance in Xcode had me stumped for a bit but @smappsoft set me straight. When trying to build and app under iOS 8, the build succeeds but the app doesn’t launch. Saying “process launch failed: Security” and not much else.
Turns out that the build was successful but your shiny new iOS 8 device doesn’t “trust” your profile.
Security: 1, Developer: 0
So to solve this new cryptic behavior, launch the app on your device (which you just installed) and you will get a trust prompt asking you to approve an “Untrusted App Developer”. This is Gatekeeper asking you to confirm your trust of the developer (yourself).
Once you’ve completed this trust you can happily install apps from Xcode.
I can here you say, “Everybody knows this already.” However for those of you who don’t (non developers, artists maybe) there are the sizes needed to create new screen shots for iTunesConnect app metadata and marketing. Apple hasn’t produced an iOS 8/iPhone 6 transition guide and the Mobile HIG hasn’t been updated, yet.
iPhone 6 – 755 x 1334
iPhone 6 Plus – 1242 x 2208
The iPhone 6 Plus also has landscape mode so you may want to create screen shots for that mode as well.
This was a first. I just rebooted the OSX server to free up the Time Machine volume – after getting the ubiquitous “volume is in use error”.
When Time Machine on my Mac next ran, I got this weird error “The network backup disk does not support the required AFP features”. This was the first time that I’ve seen this error. I googled around for the error, and even on the Drobo web site. I didn’t get any useful information… so I logged onto the server to look for errors.
There were no messages in the Server app’s Alerts pane. There was nothing unusual in the Drobo Dashboard. However I did notice that Time Machine was switched to “off”. WTF? A service on the OSX service that was NOT running after a reboot? Perish the thought! (I reboot my servers about once or twice a year. A properly running Unix server should never “need” a reboot.)
So I turned Time Machine back “On” in the Server’s app. There were no existing Time Machine volumes set up in the pane. So I had to direct the Time Machine back to the folder that I had set up on the Drobo to store the backups. Very strange indeed.
When the backup tried to run on the Mac again, I had to go into the Time Machine preferences and choose “Add or Remove Disk” to reconnect the back up. It’s running once again…
This is why I also use Background Backup to backup all my Macs. I never have issues with that service. You get what you pay for.
There’s been a lot press lately about people’s online if being leaked or hacked. Some blame the online service providers, such as Apple’s iCloud or retail stores lackadaisical storage of credit card data. Let’s be honest with ourselves, that type finger pointing or product bashing doesn’t serve anyone. While I realize that you are busy starring in movies or running a successful business, being aware of what needs to happen will help you do or find someone to help you out. The only person or persons who can protect your online interests is yourself. So here are some things you should already be doing or at the very least be preparing to do.
Start using encrypted email. Nearly every email host on the planet offers some type of SSL encryption. Check your email settings, or hire an expert to check, and make sure that the SSL protection in ON. It also needs to be set to “on” for both incoming and outgoing email on all of your devices. SSL, or secure socket layer, encrypts your email as it leaves your device and delivers it to your mail service provider. That means that no one can intercept and read the contents of your email messages, coming or going. This does not mean that it’s OK to send sensitive information, like passwords, credit card details or even a spreadsheet. However if you do, then you can be sure that the data sent will be encrypted. Next you’ll need to make sure that the people you are communicating with are also encrypting their email.
Use a password management application. I personally recommend iPassword from AgileBits. A good password management app will keep track of your passwords, integrate into your web browsers, help store security questions, generate secure passwords that meet or exceed the required types that your provider suggests. It will also keep track of what passwords you have used on the various web sites. AgileBits is even making this functionality available to iOS 8 applications so that developers can utilize it’s functionality in their own apps. You can here more about AgileBits in our latest podcast: MTJC Podcast Episode 5
Create stronger passwords. This is the most important way to protect yourself online. You can no longer rely on your own methods for creating passwords. Again it may seem annoying to create hardened passwords but it is only a matter of time when some script out there cracks your password. If you use common worlds or phrases, you are only fueling the fire. The scripts that attempt to break your passwords will start with the basics, common words and phrases. No there is not a little man or whiz kid trying to crack your password. It is a script running on a remote server. In fact, once your password is cracked it goes onto a list server to be exploited later. There are so many already compromised users and servers that the exploiters don’t need to attack you today. So change your passwords regularly. Best practices recommend using a combination of uppercase and lowercase letters and numbers as well some punctuation or special charters (aka high ascii). There are plenty of password checkers online like: https://howsecureismypassword.net – This site shows you how many seconds it would take to crack your password. A simple password with a common word and number would be cracked in seconds. More complex passwords would take hours. Ideally you want a password that would take years to crack.
Change your passwords regularly. It may seem to be annoying but rotating your passwords on a regular basis is always a good idea. I personally change critical passwords every 90 days or so. You can set up or ask your providers and/or IT guys to set up a password policy that prompts you to change your passwords. Once again use a password management app, see above, to keep track of your passwords.
Create different passwords for each site. In general I change up my passwords on every site. Initially I used a shorthand to distinguish each variation. Now I use 1Password to keep track of the passwords and even allow 1Password to suggest new passwords with it’s Password Generator feature. The simple trick here is that if you use the same passwords in more than one place, then you open yourself up to a multisite exploit.
Use a secure online storage. If you must keep your data in the cloud, make sure you are using a secure service. It goes without saying that you should use secure passwords to access these. In previous point we suggested using password management to keep track of your passwords. No more sticky notes or pieces of paper stuffed under your keyboard. Yes, I’m looking at you. Despite what you may have heard, services like DropBaox, Google Drive and iCloud, do use state of the art encryption to protect you from yourself. They are using better than military grade encryption, Advanced Encryption Standard (AES) with 256-bit or 128-bit key length at least. In theory it would take trillions of years to decrypt your data without the correct key or password. It doesn’t help if your password is the name of your niece’s new puppy. The bottom line is, if the information is too important to lose, then do not store it online. There are tools out three that anyone can buy to get at your online data. I personally recommend that you sync or back your devices up to a computer at home, not online (Sorry, iCloud!)
Enable 2-step verification for all of your online services. As mentioned in our podcast, MTJC Podcast Episode 5, 2-step verification uses a secondary device to authenticate you when you set up your account. If someone attempts to compromise your data, they won’t get far without the secondary confirmation. Often the online service will ask for your cell phone and send you a txt msg with an additional code to verify your account. So along with your password only you will need to supply the second code to access your stuff. That would keep the bad guys out. You can read about 2-step authentication with Google here: Google 2-step authentication and with Apple’s iCloud here: How to step up Two Factor Authentication on iCloud
Modify your online privacy settings. Go into Facebook, Twitter, LinkedIn and whatever online social network tools you use and check your “privacy settings“. While it’s tempting to be popular by making yourself as public as you can, you must by now be aware that there are many people out there who are looking the exploit you. Maybe they are after your credit card or banking information. Maybe they are after your private photos. Maybe they are simply out to drive traffic to their web site, and get more money from advertisers. When I was a kid, the boogy man hid behind doors and under my bed. Now the boogy man is a well respected business man running web services in Eastern Europe, China and South Asia. You need to visit your privacy settings and make sure your postings go to people you know and trust. While you’re at it, take a look at the Applications that you’ve allowed to access your online data. Delete or disable the connected apps that you don’t need.
Now that you know the items you need to check, you’ll be better prepared to start protecting yourself. If you haven’t already started using these methods, at least add them to your TO DO list. As the sergeant on Hill Street Blues used to say, “Let’s be careful out there.”
Our 5th installment of the More Than Just Code podcast is now available. In this episode we discuss the impact of the leaked nude celebrity photos, apparently stolen from their private iCloud accounts. Beyond the social issue of these lady’s privacy violations, we discuss the nerd’s perspective of how to access and strengthen your passwords with apps like AgileBits’ 1Password app for desktop and mobile devices. We also touch on 2-factor authentication for online accounts.
Mark sent in some photos of a mystery building that Apple has set up on De Anza College in Cupertino, near where the Sept 9th Apple Press Conference will be held. We all speculate on what products will be revealed and what their impact will be. Will it be a new iPhone 6, iWatch or AppleTV.
Jaime brings forth an new example of iOS 8’s extensibility in the form of a custom keyboard from Minuum. Mark brings up Swing Copters again and Tim dives right in. Aaron praises and laments the Overcast podcast app. Tim discusses the new Star Wars Commander app and compares it to Clash of Clans.
[button link=”https://itunes.apple.com/ca/podcast/mtjc-podcast-podcast-about/id906987516?mt=2″ bg_color=”#cf93cf”]Listen to the Podcast Here[/button]
The third installment of More Than Just Code is out. In this episode, we dig into what it costs to develop an app, from the developers perspective. We add in some specific challenges and benefits for remote working – the access to skilled developers and app creationists vs the benefits of working in an office environment; complete with pin-ball foosball tables and BBQs.
We discuss the latest game installment from Dong Nguyen creator of Flappy Birds. How the app, Swing Copters, is being introduced and how and why Flappy Birds works and went viral. This leads us to Tom Hanks (and @AppleStore) getting behind Hanx Writer for iPad. Aaron then climbs the soapbox the explain how the Other App Store promotes and perpetuates the class differences between large interests and indie developers.