Researchers at Skycure have exposed an SSL certificate security flaw allowing them to create a ‘No iOS Zone’ where most apps on iPhones and iPads running iOS 8 will crash while connecting to the Internet, even crashing the devices themselves in some cases. While the exploit is normally triggered by users manually joining these rogue Wi-Fi networks, hackers can also take advantage of the WiFiGate vulnerability to create fake Wi-Fi networks with names that iOS devices on some carriers will automatically join — for example any iPhone on AT&T will join any nearby Wi-Fi network with the name “attwifi” without requiring any user interaction. Once the device is connected, either automatically or manually by the user, apps attempting to make a secure connection with a server will crash. Heavy use of the device while it is exposed to the fake Wi-Fi location can even cause the device’s OS to crash. In some instances that crash led to a repeatable boot cycle, rendering the device useless while within range of the fake Wi-Fi hotspot. Users can avoid the problem by disconnecting from the offending Wi-Fi network and generally avoiding connecting to suspicious free Wi-Fi networks, although in the case of carrier-defined Wi-Fi networks, the user may be required to move out of range of the Wi-Fi network entirely, as many of these carrier settings cannot be overridden. Skycure has reported the problem to Apple and speculates that iOS 8.3 may have fixed some of the underlying issues. [via 9to5Mac]
About 1,500 iOS apps have an HTTPS vulnerability leaving them open to attack, according to analytics service SourceDNA. The flaw stems from a weakness in version 2.5.1 of AFNetworking, an open-source code which provides networking capabilities for apps. Apps containing the code may not properly validate SSL certificates, leaving users of apps like Movies by Flixster with Rotten Tomatoes and Citrix OpenVoice Audio Conferencing vulnerable to spying over public Wi-Fi networks. AFNetworking has updated version 2.5.2 to fix the issue and companies like Yahoo, Microsoft and Uber have already issued fixes for affected apps. The full list of vulnerable apps still using version 2.5.1 has been kept private, but SourceDNA provides a search tool allowing users to see which of their apps might be affected. [via Ars Technica]
A security change in iOS 8.3 prevents some file manager and transfer utilities like iFunBox and iExplorer from accessing app directories on an iPhone, iPad or iPod touch, MacRumors notes. The apps allow users to manage, transfer and back up data between their iOS devices and a Mac or PC, but updated iOS 8.3 security features blocked the apps’ ability to control data in installed apps and games. Scrambling for a fix over the weekend, iFunBox released an updated version that partially addressed the problem, allowing any music file to be imported as a ringtone, and apps with “iTunes File Sharing” enabled to be opened for sandbox browsing. Any other apps are still not accessible in iOS 8.3. Macroplant’s iExplorer claims to be iOS 8.3 ready, making no mention of the security issues.
After being pulled from the App Store twice for objectionable content, the anonymous After School app is back with improved safety features, The Daily Dot reports. The app requires students to sign in with Facebook credentials to verify their location and school, then lets them post content anonymously to be viewed by others at their school. Bullies used that anonymity to torment other students, so After School’s parent company, One, spent three months improving the app’s safety. One co-founder Cory Levy said moderators now review every post before it goes live, with a “mature content” filter preventing anyone under 17 from accessing more adult posts. To verify age, the app will require a driver’s license scan. Students posting about harming or killing themselves will be referred to a 24/7 anonymous support team. Threats posted to the app will be flagged by an automated program that emails police and school officials. Even with the new safeguards, the App Store has After School rated 17+ for mature themes, mild sexual content, mild profanity and infrequent references to drug and alcohol use, among other things.
One of Apple’s small company acquisitions may have resulted in the more convenient search now found in the “Explore” tab in the App Store, according to TechCrunch. Ottocat, a small search startup focused on organizing apps based on “nested” categories, released a beta version of software designed to make it easier to find relevant apps in May 2013, claiming to have indexed every app in Apple’s App Store. By October 2013 the company was gone, with its website simply stating, “Ottocat is no longer available.” Little information is available on Apple’s acquisition of the company, aside from one of Ottocat’s co-founders authoring a patent as an employee of Apple and filing it in November 2013. It’s also unclear whether Edwin Cooper and Michelle Cooper, Ottocat’s founders, are still with Apple, but in June 2014 Apple unveiled the “Explore” tab in the App Store, sorting the store’s offerings into categories and subcategories, as Ottocat claimed to have done the previous year. No one from Apple or Ottocat has responded to the story.
Apple has added Booking.com and Trip Advisor reviews to its Apple Maps app — previously, Apple Maps relied solely on Yelp for business reviews. Incorporation of Booking and Trip Advisor is still limited — only one of the three review providers is visible for any one business within Maps, with no clear way to determine which source you’ll be getting. And there’s no way to swap between review providers within the app. However, the addition of Booking seems to add more information about international destinations. Apple hasn’t commented on the additions and still lists Yelp as its sole review provider. [via 9to5Mac]
Apple has pulled The Whole Pantry app from its U.S. and Australian App Stores amid controversy surrounding the app’s creator, The Sydney Morning Herald reports. Australian app developer Belle Gibson’s claim of healing herself from terminal cancer without conventional treatment came under scrutiny last week after friends and doctors voiced doubts about her diagnosis, and charities reported that they hadn’t received funding Gibson had promised. The Whole Pantry — an app providing recipes and lifestyle guides — has been dropped from the App Store and is no longer featured on a page displaying Apple Watch apps.
Apple’s iOS 8.2 eliminated the FREAK security flaw in Safari, but FireEye researchers found a handful of popular iOS apps are still vulnerable to attack even when running on iOS 8.2. Hundreds of others still connect to vulnerable HTTPS servers, leaving them open to attack when running on iOS versions lower than iOS 8.2. Shopping, medical and finance apps were all mentioned as possible targets in FireEye’s plea for app developers to remedy the lingering issues.
Nintendo will finally develop games for smartphones, The Wall Street Journal reports. The company that for years refused to cater to the smartphone market has partnered with Japanese game provider DeNA Co. to set up a new mobile game platform, which should debut this fall. Analysts say Nintendo’s reluctance to license its characters has come at a heavy cost as the gaming industry shifted to smartphones. Nintendo posted three straight years of losses amid disappointing console sales, forcing the company to be more open to embracing the free-to-download game model dependent on in-game purchases for revenue.
Nintendo’s new game distribution portal, slated to debut this fall, will be the only place to download the company’s games, but those looking to download Nintendo classics won’t find them there. Although Nintendo has put “no limitations” on which of its properties will wind up in smartphone games, the company’s announcement said, “Only new original games optimized for smart device functionality will be created, rather than porting games created specifically for the Wii U home console or the Nintendo 3DS portable system.”
Apple has made another adjustment to its App Store review policies, this time cracking down on apps that display examples of gun-related violence in their icons or screenshots, PocketGamer reports. Citing reports from multiple developers, the report notes that Apple has begun rejecting both new games and updates from the App Store that include screenshots that “show people holding guns, or being maimed or killed.” Several examples are noted in the report, with developers being required to change screenshots and resubmit to meet this new restriction, which is reportedly just a more active enforcement of Section 3.6 of the App Store Review Guidelines. Section 3.6 states that “Apps with App icons, screenshots, and previews that do not adhere to the 4+ age rating will be rejected.” It’s worth noting that the rejections seem to be limited exclusively to content shown on the App Store page such as screenshots and icons; there have been no reports of Apple rejecting apps for any guns or violence shown within applications themselves, assuming the content is appropriate for the assigned age rating on the App Store.
Apple has changed course and decided to readmit a marijuana-related app to the App Store, according to a new report from the San Francisco Chronicle. In a controversial move some weeks ago, Apple pulled the app MassRoots from the App Store, despite its presence there from July 2013 until Nov 4, 2014. While the rejection was likely based on Section 2.18 of the App Store Review Guidelines, which states that “Apps that encourage excessive consumption of alcohol or illegal substances, or encourage minors to consume alcohol or smoke cigarettes, will be rejected,” it seems clear that Apple had not enforced this policy when the app was originally submitted, perhaps in part due to the varying legality of marijuana use between different jurisdictions. Following the app being removed from the App Store, the founder of MassRoots had reportedly contacted Apple, offering to restrict the use of the app based on geofencing to only operate in jurisdictions where marijuana is legal. However, at the time Apple “refused to budge.” The company apparently changed course last week, when an Apple representative contacted the founder and notified them that “cannabis social apps” would be permitted on the App Store, provided they are “geo-restricted to the 23 states that have legalized medicinal cannabis.”
Game developer NimbleBit has announced that its upcoming iOS game Letterpad will feature Apple Watch support, TouchArcade reports. The developer previously announced that it was looking for testers for the upcoming game, which challenges users to come up with words relating to specific topics from a provided grid of nine letters. With the game nearing completion, NimbleBit has announced that the game will also be playable on the forthcoming Apple Watch. While no release date has been set, Letterpad is expected to come with 200 different puzzles and also include the ability for users to create their own puzzles and share them. It’s also unclear at this point whether the game will run standalone on the Apple Watch or require the user to have their paired iPhone in proximity.
In a new blog post on their site, iOS game developer ustwo provides some interesting insight into the economics of its hit game, Monument Valley. Titled Monument Valley in Numbers, the infographic reveals that more than 80 percent of the game’s $5.85 million revenue came from the iOS side, with over 1.7 million official sales on iOS devices. Factoring in multiple devices from single sales, the report indicates that the game was actually installed on over 10 million unique devices – a ratio of approximately four devices for every one sale. The post also shows revenue over time, with clear spikes in sales following the game’s initial release, receipt of various awards, and the Christmas season. Revenue is also broken down by country, and additional information is provided on development costs and other more esoteric statistics such as in-game camera usage, most played chapters, and number of totems drowned.
Apple will begin requiring app updates submitted to the App Store after June 1, 2015 to include 64-bit support and be built with the iOS 8 SDK, as outlined in an e-mail sent out today to registered iOS Developers. As the e-mail noted, Apple had previously announced this requirement back in October for new iOS apps, scheduled to take effect February 1, 2015. However, this note indicates that Apple will also be applying this policy to updates to existing apps. This only affects updates submitted by developers, however, and since developers are not required to submit updates, apps built with the older SDK can likely remain available on the App Store in their present form until they otherwise need to be updated.
Microsoft has unleashed an entire series of MSN Apps for iOS devices, providing comprehensive apps across categories including news and sports, finance, fitness and health, and food and drink. While these apps were previously available for Windows Mobile devices under the “Bing” brand, Microsoft has released them for the iPhone and iPad platforms not just as mere second-rate ports, but as elegantly designed iOS apps in their own right that take advantage of many of the new features and UI designs in iOS 8.
MSN Food & Drink (free) — This is a recipe and food information app that provides access to hundreds of thousands of recipes curated from magazines, world-famous chefs, and other online sources, complete with straightforward instructions and elegantly presented photos. An extensive set of wine and cocktails guides are also included, along with tasting notes and reviews on more than 1.5 million wines. Recipes can be searched and filtered by type of cuisine, source, ingredients, dietary needs, difficulty, methods, prep time, and more. A collection of how-to videos with cooking school tips and techniques is also provided.
MSN Health & Fitness (free) — Microsoft’s app for Health and Fitness provides not only news and information, but a set of fitness tracking tools, including a pedometer and run tracker in the iPhone version, allowing users to track steps taken, calories burned, distance, time, and pace. A Diet Tracker provides the ability to track daily caloric intake by recording meals from a large database of foods, and a Cardio Tracker tracks cardio training. The app also provides access to over 1000+ exercise and workout videos and nutritional and medical reference material. The app is even integrated with Apple’s iOS HealthKit for storing all of your tracking data, and the Medical Reference section includes a Symptom Checker for looking up possible health conditions, and an interactive 3D Human Body for learning human anatomy. As with the other apps, everything can be synced to MSN Health & Fitness on the web and to other iOS devices sharing the same account.
Apple has announced its Best of 2014 picks on iTunes, a list that chooses the best content selected by Apple’s iTunes Editorial team in each of the various sections of the App Store. Apple’s 2014 App of the Year was Elevate - Brain Training (free) by Elevate, with Instagram’s Hyperlapse (free) coming in as runner-up. Other notable runners up for Apps include Yahoo News Digest (free), SwiftKey Keyboard (free), 1Password (free), and Camera+ ($3).
The Top Game of the Year was Sirvo’s Threes ($3), with Leo’s Fortune ($5) by 1337 & Senri as the runner-up in the Games category. Other notable runners-up in the category include Monument Valley ($4), Hitman Go ($5), and Smash Hit (free).
New Apps + Games
Caviar (free) — Out of Square’s purchase of the online delivery service Caviar comes an iOS app by the same name, allowing you to order food from your favorite restaurants in an immersive experience that lets you browse photos of food, customize your meal, and track your delivery right in the app. While limited right now to only nine major urban areas, the app provides delivery from restaurants ranging from favorite little local places to high-end Michelin-rated venues, and the gallery of food includes stunning photography, all taken by Caviar’s team.
Noda (free) — Underneath the deceptive simplicity of this new puzzle game lies a more challenging experience than you’d expect. The objectives are simple: swipe numbered dots around to divide and combine values, with the goal of arranging them into the required results. Swipe an even number, and it splits into two equal numbers, while odd numbers split, well, oddly. Dragging dots together adds the two numbers, but no two dots can add up to more than 9. Working within this framework, with a limited number of moves, and two colors to work with, you’re challenged to create a required number of dots with the right number and color. The app features cool, flowing animations in a minimalist interface, and 120 levels to work through. There are no timers – only move limits, which you can undo and rework as often as you like, making this far more of a meditative puzzle experience than a fast-paced adventure. The app is a free download for the first 48 levels, so it’s definitely worth a look if you’re a fan of puzzlers like Threes, and once you’re addicted, you can unlock the remaining 72 levels – and apparently all future levels – for only $1.
Peggle Blast (free) — A new entry into Popcap’s well-known Peggle games, Peggle Blast takes players through another series of ball-and-peg smashing adventures, as the mystical Peggle Masters take you through multiple worlds and teach their special powers unique to each level. The free-to-play version provides access to at least the first 20 levels, and a collection of additional tricks and power-ups such as gem drops, time bombs, and rainbows, keeps the action fresh and exciting. New to Peggle Blast is the de-linking of those power-ups from Peggle Masters—you can use multiple powers kept in reserve, a la Bejeweled Blast—and the addition of a multi-ball end-of-level bonus point tally. The app is notably presented in portrait orientation rather than landscape.
A new job posting on Apple’s web site suggests that the company is looking to expand upon certain features in the iOS Maps application for “crowdsourcing improvements to the Maps experience.” The job opening, for a “Maps Community Client Software Engineer,” appears to be primarily focused on the user interface and architecture for the “Report a Problem” feature in the iOS Maps app, but also interestingly notes that the position will involve work on frameworks and plugins to integrate Maps with Siri and Passbook to “extend and enhance the feedback experience.” Apple has struggled with data accuracy since the inception of its own Maps app in iOS 6, and although the company has become much more responsive to user reports in recent months, it appears to also be seeking to streamline the reporting process itself. [via 9to5Mac]
A version of Mozilla’s Firefox for iOS looks to be in the works, according to a new tweet from Mozilla Release Manager Lukas Blakk. Mozilla had previously stated that Firefox would not be coming to iOS unless Apple permitted its web engine to be used, rather than the WebKit engine currently required by Apple. But with a new CEO at the helm, Mozilla’s position in this regard may be softening.
We need to be where our users are so we're going to get Firefox on iOS #mozlandia— Lukas Blakk (@lsblakk) December 2, 2014
Although Mozilla released Firefox Home four years ago, this was designed simply to provide a more seamless experience for iOS users who preferred to use the Firefox browser on their Mac or PC and keep information such as bookmarks in sync with their iOS device; Firefox Home did not provide its own browser, but instead simply synced bookmarks between Firefox on the desktop and the iOS app, allowing users to access them using the built-in Safari browser. While it’s unclear how Firefox will approach porting its browser to iOS, it seems most likely that they will have to play by Apple’s rules and simply develop a version based on the WebKit engine, wrapping a Firefox user experience around it. [via TechCrunch]
New Apps + Games
The Longest Journey Remastered ($7) — Funcom’s critically acclaimed PC adventure game comes to the iPhone and iPad in a new “Remastered” version that provides touchscreen optimized controls and a new introduction narrated by original series creator Ragnar Tørnquist. With its iOS release, the epic adventure game puts a new generation of players into the shoes of the young art student who discovers that she can travel between dimensions, and must then set out on a quest to restore the balance between the twin worlds of magic and science. The iOS version remains true to the original with over 150 locations to travel to across the two different worlds, a compelling and extensive cast of characters and a gripping, detailed storyline that provides over 50 hours of gameplay.
Facebook Groups (free) — Users who spent a lot of time hanging out in Facebook’s multi-user discussion groups will appreciate the company’s latest new iOS app. Facebook Groups, as the name implies, puts the focus on participating in, creating, and managing groups on the popular social media service. Users can post information and photos, keep track of what’s going on in each group, and more easily control per-group notification settings. A discovery tool helps users find new groups that they might want to participate in based on their Facebook profile.