An anonymous reader writes: "DDoS-for-hire services, also known as DDoS booters, or DDoS stressors, are abusing macOS systems to launch DDoS attacks," reports ZDNet. "These attacks are leveraging macOS systems where the Apple Remote Desktop feature has been enabled, and the computer is accessible from the internet, without being located inside a local network, or protected by a firewall. More specifically, the attackers are leveraging the Apple Remote Management Service (ARMS) that is a part of the Apple Remote Desktop (ARD) feature. When users enable the Remote Desktop capability on their macOS systems, the ARMS service starts on port 3283 and listens for incoming commands meant for the remote Mac." Hackers have figured out a way to bounce traffic off these ports and carry out DDoS attacks with the help of internet connected Macs. Nearly 40,000 macOS systems are currently connected online and can be used to send out DDoS attacks.

Microsoft today announced that Windows Virtual Desktop has hit worldwide general availability. As a result, you can deploy and scale your Windows desktops and apps on Azure "in minutes," the company said today. From a report: Think of Windows Virtual Desktop as a tool for deploying and scaling Windows desktops and apps on Azure with built-in security and compliance. The Azure-based service provides a virtualized multi-session Windows 10 experience and Office 365 ProPlus virtual desktop on any device. The Windows Virtual Desktop client is available on Windows, Mac, Android, iOS, and HTML 5. Windows Virtual Desktop also supports Windows Server Remote Desktop Services (RDS) desktops and apps in a shared public cloud. Microsoft announced Windows Virtual Desktop in September 2018, but only in private preview.

Developer Riley Testut is launching an alternative to Apple's App Store, called AltStore, that theoretically lets you "push the boundaries" of iOS without either jailbreaking or worrying that Apple will pull access. Engadget reports: AltStore works by fooling your device into believing that you're a developer sideloading test apps. It uses an app on your Mac or Windows PC to re-sign apps every seven days, using iTunes' WiFi syncing framework to reinstall them on your device before they expire. You only need a free Apple ID (a throwaway will do) to install apps that Apple would never allow, such as Testut's Delta emulator for Nintendo consoles.

In theory, there's not much Apple can do to easily shut things down. It could take down individual accounts, but you could just create another Apple ID if needed. Also, iOS only looks for an excessive number of app provisioning profiles, not the number of apps you have installed. So long as AltStore manages those profiles, Apple doesn't know if you're running one app or twenty. Testut told The Verge that measures to block AltStore would break key functionality for developers or iTunes syncing. AltStore is available in preview form now, with a formal launch due on September 28th. "People who back Testut's Patreon will also have the option to install almost any app, not just those in the store," the report adds.

A faulty Google Chrome update is likely to blame for the issue Monday that resulted in Mac Pro workstations being rendered unusable at a number of Hollywood studios. "We recently discovered that a Chrome update may have shipped with a bug that damages the file system on MacOS machines," the company wrote in a forum post. "We've paused the release while we finalize a new update that addresses the problem." Variety reports: Reports of Mac Pro workstations refusing to reboot started to circulate among video editors late Monday. At the time, the common denominator among impacted machines seemed to be the presence of Avid's Media Composer software. The issue apparently knocked out dozens of machines at multiple studios, with one "Modern Family" reporting that the show's entire editing team was affected. Avid's leadership updated users of its software throughout the day, advising them to back up their work and not to reboot their machines.

The real culprit was apparently a recent release of Google's Keystone software, which is included in its Chrome browser to automatically download updates of the browser. On computers that had Apple's System Integrity Protection disabled, the update corrupted the computer's file system, making it impossible to reboot. System Integrity Protection is an Apple technology that is meant to ensure that malicious software doesn't corrupt core system files. Google advised affected users on how to uninstall the Chrome update, and also suggested that most users may not be at risk at all. "If you have not taken steps to disable System Integrity Protection and your computer is on OS X 10.9 or later, this issue cannot affect you," the forum post reads. A possible connection to Chrome was first detailed on the Mr. Macintosh blog Tuesday afternoon. As for why several Hollywood studios were hit the hardest, one theory suggests it's because many of the video editors had to disable System Integrity Protection in order to work with external audio and video devices that are common in professional editing setups.

Variety also suggests that the hardware dongles used for licensing Avid may have played some role in the shut-downs.

tearmeapart writes (edited to add more details): Cloudflare is opening up its security and speed-focused mobile VPN service called WARP and WARP Plus to the general public. WARP is a mobile app for Android and Apple to establish a VPN to CloudFlare's huge global network. Cloudflare is promising:
1. No user-identifiable log data to disk;
2. No selling browsing data;
3. No need to provide any personal information
4. Regularly get audited. This is the second time Cloudflare is launching Warp. The VPN builds on Cloudflare's existing mobile app 1.1.1.1, which encrypts domain name system connections. But Warp goes beyond this protection to encrypt the whole journey from your device to a web server and back -- even if the website itself still isn't offering HTTPS web encryption. And all of this happens quickly, without draining your battery, and without complicated setup. In an interview with Wired, Cloudflare CEO Matthew Prince said: Yeah, what we thought was going to be easy back in April turned out to be a lot harder than we expected. We had been testing this primarily in San Francisco and Austin and London, which is where the teams that were working on this are based. But as soon as users started to get anywhere that didn't have a fairly reliable internet connection, just all hell broke loose. The report adds: In describing the hurdles Cloudflare faced getting Warp off the ground, John Graham-Cumming, the company's chief technology officer, and Dane Knecht, its head of product strategy, note that many of the challenges came from dealing with interoperability issues between mobile device models, operating system versions, and different mobile network and Wi-Fi configurations around the world. For example, Warp is built on a newer secure communication protocol for VPNs known as WireGuard, which isn't ubiquitous yet and therefore isn't always natively supported by devices. The team also faced challenges dealing with web protocols and standards that are implemented inconsistently across different wireless carriers and internet service providers around the world. Cloudflare's 1.1.1.1 focuses on encrypting DNS connections specifically, but Warp aims to encompass everything in one protected tunnel. Keeping everything together as data traverses the labyrinth of servers that make up the internet, including Cloudflare's own massive network, was tough. Warp is free to use without any bandwidth caps or limitations. But Warp Plus, which is being offered through a monthly subscription fee, offers a "faster version of Warp that you can optionally pay for. The fee for Warp Plus varies by region and is designed to approximate what a McDonald's Big Mac would cost in the region. On iOS, the Warp Plus pricing as of the publication of this post is still being adjusted on a regional basis, but that should settle out in the next couple days. Warp Plus uses Cloudflare's virtual private backbone, known as Argo, to achieve higher speeds and ensure your connection is encrypted across the long haul of the Internet. We charge for it because it costs us more to provide," the company said in the blog post.

A possible computer virus attack has knocked out Mac Pro workstations for many film and TV editors across Los Angeles. According to Variety, the issue -- which is causing the workstations to refuse to reboot -- is widespread among users of Mac Pro computers running older versions of Apple's operating system as well as Avid's Media Composer software. From the report: Avid said in a statement that it was aware of the issue: "Avid is aware of the reboot issue affecting Apple Mac Pro devices running some Avid products, which arose late yesterday. This issue is top priority for our engineering and support teams, who have been working diligently to determine and resolve the root cause. As we learn more, we will immediately publish information -- directly to our customers and via our community forums and social media platforms -- in order to resolve this issue for all affected customers and prevent any further issues."

"A lot of L.A. post shops and people out on shows having their Macs slowly crash," reported video post-production consultant Matt Penn on Twitter. Freelance film editor Marcus Pun reposted a message from a popular Avid Facebook user group, advising users not to turn off their workstations. Other users reported that multiple computers at their company were affected by the issue, with social media chatter indicating that a number of different companies, and even major shows like "Modern Family," were affected by the issue. UPDATE: The issue appears to be caused by a Google Chrome update gone haywire.

dryriver writes: For the benefit of those who are not much into 3D technologies, as far back as the year 2000 and even earlier, there was excitement about "Web3D" -- interactive 3D content embedded in HTML webpages, using technologies like VRML and ShockWave 3D. 2D vector-based Flash and Flash animation was a big deal back then. Very popular with internet users. The more powerful but less installed ShockWave browser plugin -- also made by Macromedia -- got a fairly capable DirectX 7/OpenGL-based realtime 3D engine developed by Intel Labs around 2001 that could put 3D games, 3D product configurators and VR-style building/environment walkthroughs into an HTML page, and also go full-screen on demand. There were significant problems on the hardware side -- 20 years ago, not every PC or Mac connected to the internet had a decently capable 3D GPU by a long shot. But the 3D software technology was there, it was promising even then, and somehow it died -- ShockWave3D was neglected and killed off by Adobe shortly after they bought Macromedia, and VRML died pretty much on its own.

Now we are in 2019. Mobile devices like smartphones and tablets, PCs/Macs as well as Game Consoles have powerful 3D GPUs in them that could render great interactive 3D experiences in a web browser. The hardware is there, but 99% of the internet today is in flat 2D. Why is this? Why do tens of millions of gamers spend hours in 3D game worlds every day, and even the websites that cater to this "3D loving" demographic use nothing but text, 2D JPEGs and 2D YouTube videos on their webpages? Everything 3D -- 3D software, 3D hardware, 3D programming and scripting languages -- is far more evolved than it was around 2000. And yet there appears to be very little interest in putting interactive 3D anything into webpages. What causes this? Do people want to go into the 2020s with a 2D-based internet? Is the future of the internet text, 2D images, and streaming 2D videos?

Apple has confirmed Monday that it will manufacture the redesigned Mac Pro in Texas. The company said it will assemble the workstation at the same Austin, Texas plant that has produced the cylindrical Mac Pro since 2013. The reason for the move: exemptions from Trump's China tariffs for "certain necessary components" in the system. Engadget reports: Apple had received 10 out of its 15 requested exemptions for components like partial circuit boards. While Apple has a network of U.S. suppliers for its products, many of the parts for computers (and those of rivals) are still made in China -- the company wouldn't have seen much benefit from U.S. assembly if it had to pay a premium for some of the Mac Pro's key ingredients.

CEO Tim Cook (who hinted at this possibility in July) touted this as part of Apple's existing commitment to American jobs, including its recent investment into Corning. However, it's not necessarily the coup it sounds like at first blush. Apple can produce the Mac Pro stateside due to both its low volume (few people will buy a $6,000 tower for home use) and the high levels of automation at the Austin plant. This won't lead to an abundance of new jobs, and it may still be more practical to make high-volume products like iPhones and MacBooks in China even if future tariffs cut into Apple's profit margins.

Mozilla has quietly launched a new product for enterprise customers: Ability to buy paid premium support for Firefox. From a report: The premium enterprise support for Firefox costs $10 per supported installation and offers customers the ability to submit bugs privately, get critical security bug fixes, get access to a private customer portal, get access to the enterprise critical issues distribution list, and have the ability to contribute to Firefox and its roadmap. According to Mozilla, it will support Firefox installations as long as they are running on machines that meet the system requirements. Windows, Mac, and Linux based operating systems are listed in the systems requirements so all platforms should be covered by the premium support.

Google is starting to make its Chrome 77 browser update available to Windows, Mac, iOS, and Android this week. While there are many visual changes to Chrome this time, Google is introducing a new send webpage to devices feature. From a report: You can right-click on a link and a new context menu will appear that simply lets you send links to other devices where you use Chrome. If you're using Chrome on iOS you'll need to have the app open and a small prompt will appear to accept the sent tab. The feature has started showing up on Windows, Android, and iOS versions of Chrome, but it doesn't appear to be enabled in the macOS variant just yet. Chrome has long supported the ability to browse your open and recent tabs across multiple devices, but this send to device feature just makes things a little quicker if you're moving from browsing on a PC or laptop to a phone or vice versa.

Apple's Arcade video game subscription service is launching on September 19 for $4.99 per month for up to six members in your family. "There will be new games released every month, and will have perks like game guides and sneak peeks," reports Gizmodo. "In addition to a new Frogger, Apple also demoed new games Sayonara Wild Hearts and Shinsekai Into the Depths." From the report: Thanks to the little Apple did share ahead of its September 10 event, we knew that Arcade would launch with more than 100 different games, including a new Sonic the Hedgehog game and the revamped Frogger. Apple also said in March that Arcade wouldn't have ads or require additional purchases and that games would be available offline and playable on an iPhone, iPad, Apple TV, or Mac. And rather than releasing as a dedicated app, Arcade will release within the App Store as a new tab.

An anonymous reader shares a report: When Microsoft bought 6Wunderkinder, the developer of Wunderlist, in 2015, officials said they planned to shut down that task-management app at some point and replace it with its own To Do app. That move still hasn't happened. But this week, Microsoft is rolling out a redesign of To Do that attempts to make it look more like Wunderlist. On September 9, Microsoft introduced the redesigned To Do, which has smaller headers and more colors. The app is more customizable now with a variety of backgrounds, "including the beloved Berlin TV tower that was a feature in Wunderlist." The app can sync across Mac, iOS, Android, Windows and the Web. And it integrates with Microsoft work or school email accounts; hosted email accounts like Outlook, Hotmail or Live; Microsoft Planner; and Microsoft Launcher on Android. Just so it happens, last week Wunderlist founder Christian Reber said that he'd like to buy Wunderlist back from Microsoft. Today he tweeted "GREAT timing," in regards to Microsoft's To Do makeover.

dryriver writes: The Amiga was a remarkable machine at the time it was released -- 1985. It had a multitasking capable GUI-driven OS and a mouse. It had a number of cleverly designed custom chips that gave the Amiga amazing graphics and sound capabilities far beyond the typical IBM/DOS PCs of its time. The Amiga was the multimedia beast of its time -- you could create animated and still 2D or 3D graphics on it, compose sophisticated electronic music, develop 2D or 3D 16-Bit games, edit and process digital video (using Video Toaster), and of course, play some amazing games. And after the Amiga -- as well as the Atari ST, Archimedes and so on -- died, everybody pretty much had to migrate to either the PC or Mac platforms. If Commodore and the Amiga had survived and thrived, there might have been four major desktop platforms in use today: Windows, OSX, AmigaOS and Linux. And who knows what the custom chips (ASICs? FPGAs?) of an Amiga in 2019 might have been capable of -- Amiga could possibly have been the platform that makes nearly life-like games and VR/AR a reality, and given Nvidia and AMD's GPUs a run for their money.

What do you think the computing landscape in 2019 would have looked like if the Amiga and AmigaOS as a platform had survived? Would Macs be as popular with digital content creators as they are today? Would AAA games target Windows 7/8/10 by default or tilt more towards the Amiga? Could there have been an Amiga hardware-based game console? Might AmigaOS and Linux have had a symbiotic existence of sorts, with AmigOS co-existing with Linux on many enthusiast's Amigas, or even becoming compatible with each other over time?

As promised, popular RSS reader NetNewsWire, which changed ownership last year, has released v5.0. From a blog post: NetNewsWire 5.0 is shipping! In case you haven't been following along until just now: NetNewsWire is an open source RSS reader for Mac. It's free! You can just download it and use it. No strings. It's designed to be stable, fast, and free of bugs. It doesn't have a lot of features yet, and that's because we prioritized quality over features. We will be adding more features, of course, but not quickly. We're also working on an iOS app.

Qantas airlines is now restricting MacBook Pro laptops from checked-in luggage on concern that batteries could catch fire. All 15-inch versions of Apple's MacBook Pro must be carried in the cabin and switched off, Qantas said in a statement Wednesday. The rule went into effect Tuesday morning. "Rival Virgin Australia went further on Aug. 26, banning all Apple laptops from checked-in luggage," adds Bloomberg. From the report: Australia's two biggest airlines join a growing list of carriers and jurisdictions across the world cracking down on the portable computers out of concern some could self-combust. The models in question are some 15-inch MacBook Pros sold from September 2015 to February 2017. Apple issued the recall in June, saying "in a limited number of older generation 15-inch MacBook Pro units, the battery may overheat and pose a fire safety risk." Singapore Airlines Ltd. and Thai Airways International PCL have already stopped passengers from taking any of the affected models on their aircraft.

An anonymous reader writes: Apple will launch three new iPhone models in an event next week. Two will be called "Pro" models and will replace the iPhone XS and XS Max. A third phone will replace the iPhone XR and will include dual cameras, Bloomberg reported Thursday. The Pro iPhones will feature triple rear cameras that will include a wide-angle lens, support for higher resolution photos, better low light performance, and better video recording capabilities. These Pro phones will also support reverse wireless charging similar to what Samsung offers with the Galaxy S10. This will allow the phones to charge the AirPods when used with their wireless charging case. Other details include a new, multi-angle, Face ID sensor which will allow the phone to sense your face while lying flat on a table, better waterproofing, and new shatter-resistance technology. Bloomberg doesn't specify which of the new models these features will come to. All the phones will reportedly include a faster A13 processor, as well as a new Matrix chip that could benefit computer vision and augmented reality performance. Outside of a new matte-colored finish, the Pro phones will look broadly similar to last year's models. 3D Touch has reportedly been dropped from all of this year's models and replaced with the Haptic Touch system that debuted with the iPhone XR last year.

Apple is also planning to release new 11-inch and 12.9-inch iPad Pros this year. Bloomberg says these will feature "upgraded cameras," although it doesn't mention whether they will have more than one camera on their rear. Faster processors are also expected, but their overall appearance will apparently remain the same. Bloomberg claims that Apple will discontinue its existing entry-level 9.7-inch iPad in favor of a new 10.2-inch model. Apple's 2019 MacBook Pros Bloomberg's report also corroborates previous rumors about Apple launching a new 16-inch MacBook Pro this year. The new laptop will reportedly be similar in size overall to the existing 15-inch MacBook Pro, but will be able to include a bigger screen because of a reduction in the size of its screen bezels.

A researcher known as MG has modified Lightning cables with extra components to let him remotely connect to the computers that the cables are connected to. "It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable," MG said. Motherboard reports: One idea is to take this malicious tool, dubbed O.MG Cable, and swap it for a target's legitimate one. MG suggested you may even give the malicious version as a gift to the target -- the cables even come with some of the correct little pieces of packaging holding them together. MG typed in the IP address of the fake cable on his own phone's browser, and was presented with a list of options, such as opening a terminal on my Mac. From here, a hacker can run all sorts of tools on the victim's computer.

The cable comes with various payloads, or scripts and commands that an attacker can run on the victim's machine. A hacker can also remotely "kill" the USB implant, hopefully hiding some evidence of its use or existence. MG made the cables by hand, painstakingly modifying real Apple cables to include the implant. "In the end, I was able to create 100 percent of the implant in my kitchen and then integrate it into a cable. And these prototypes at Def con were mostly done the same way," he said. MG did point to other researchers who worked on the implant and graphical user interface. He is selling the cables for $200 each.

Just a few months ago, the editor of the recently-departed Linux Journal wrote that in many ways the golden age of Linux and FOSS was 2007. "Linux was now mainstream in corporate IT, and it was much rarer to meet much resistance when you wanted to set up Linux servers, unless your company was a 100% Windows shop... FOSS companies were making a lot of money, and developers were being paid to work on Linux and FOSS full time."

He also wrote that when Linux Journal later folded (the first time), "It became clearer than ever to me that while Linux and FOSS had won the battle over the tech giants a decade before, new ones had taken their place in the meantime, and we were letting them win."

And he offered this final assessment in April: Today, Linux has wide hardware support, and a number of vendors offer hardware with Linux pre-installed and supported. The internet itself is full of FOSS projects, and one of the first things people do when they are about to start on a software project is to look on GitHub to see if anything that meets their needs already exists. Linux absolutely dominates the cloud in terms of numbers of VMs that run it, and much cloud infrastructure also runs FOSS services. Linux also is in many people's pockets and home appliances. Linux and FOSS are more ubiquitous than ever.

Linux and FOSS also are more hidden than ever. So many of those FOSS projects on GitHub ultimately are used as building blocks for proprietary software. So many companies that seem to champion FOSS by helping upstream projects they rely on also choose to keep the projects they write themselves proprietary. Although Linux dominates the cloud, more and more developers and system administrators who use the cloud do so via proprietary APIs and proprietary services. New developers and sysadmins get less exposure to Linux servers and FOSS services if they use the cloud how the providers intended. And, while Linux runs in your pocket and in your home, it's hidden underneath a huge layer of proprietary applications.

For the most part, the FOSS philosophy that defined Linux in its early days is hidden as well. Many people in the community tout FOSS only in terms of the ability to see code or as a way to avoid writing code themselves. It has become rarer for people to tout the importance of the freedoms that come along with FOSS and the problems that come from proprietary software. Indeed, most Linux application development in the cloud these days is done on Mac or Windows machines -- something that would have been considered unthinkable in the early days of Linux... I encourage everyone from all corners of the community not to take FOSS and Linux for granted. The world of readily available code and mostly open protocols you enjoy today isn't a given. If current trends continue, we could be back to a world of proprietary software, vendor lock-in and closed protocols like the world before 1994.

This new battle we find ourselves in is much more insidious. The ways that proprietary software and protocols have spread, in particular on mobile devices, has made it much more challenging for FOSS to win compared to in the past. If we want to win this battle, we need the whole community to work together toward a common goal.

Long-time Slashdot reader Huxley_Dunsany writes: After much work rebuilding and upgrading it, my Macintosh SE/30 from 1989 is now connected via Ethernet to the Web, and is hosting a simple website and old-style "guestbook." The site has been online for a few days (other than semi-frequent reboots of the system when it gets overloaded with requests), and has served nearly 20,000 visitors. For a machine with a 16MHz CPU and 68 megabytes of ram, it's held up remarkably well!

I'm basically inviting a "Slashdotting" of my old Mac, but I thought this project might bring a few smiles here. Enjoy!
"Awesome," wrote one visitor in the guestbook, adding "You should join a webring!"

Apple says it will offer up to $1 million for hackers who can find vulnerabilities in iPhones and Macs. "That's up from $200,000, and in the fall the program will be open to all researchers," reports Forbes. "Previously only those on the company's invite-only bug bounty program were eligible to receive rewards." From the report: As Forbes reported on Monday, Apple is also launching a Mac bug bounty, which was confirmed Thursday, but it's also extending it to watchOS and its Apple TV operating system. The announcements came in Las Vegas at the Black Hat conference, where Apple's head of security engineering Ivan Krstic gave a talk on iOS and macOS security. Forbes also revealed on Monday that Apple was to give bug bounty participants "developer devices" -- iPhones that let hackers dive further into iOS. They can, for instance, pause the processor to look at what's happening with data in memory. Krstic confirmed the iOS Security Research Device program would be by application only. It will arrive next year.

The full $1 million will go to researchers who can find a hack of the kernel -- the core of iOS -- with zero clicks required by the iPhone owner. Another $500,000 will be given to those who can find a "network attack requiring no user interaction." There's also a 50% bonus for hackers who can find weaknesses in software before it's released. Apple is increasing those rewards in the face of an increasingly profitable private market where hackers sell the same information to governments for vast sums.