Today Apple has announced updated 13-inch and 15-inch MacBook Air models, now with the M3 System on a Chip. According to Apple, the M3 processor in the MacBook Air is up to 60 percent faster than the M1 model, and up to 13 times faster than the last Intel-based MacBook Air.

The 13-inch M3 MacBook Air starts at $1099, with an 8-Core CPU, 8-Core GPU, and 16-core Neural Engine, and 256GB of storage. The 15-inch model offers the same specifications, except for the 15-inch screen, is $200 more and starts at $1299. You can configure up to 24GB of unified memory, and 2TB of storage.

The M3 MacBook Air does come with a three new features. The first is the AV1 decode engine built directly in the chip, making decoding even faster. This is not present in the M2 MacBook Air. The second feature is support for Wi-Fi 6E, which can result in faster Wi-Fi connections with the right access points.

The last, and arguably more meaningful feature for many users, is the ability to connect two external displays. This is more than the single display you could connect previously. The M3 MacBook Air can support the internal display and one external display up to 6K. In order to use two external displays, you will need to have the MacBook Air lid closed. This second display can be up to 5K resolution running at 60Hz.

You can order them today and they will be available starting this Friday, March 8th, 2024.

The 13-inch M2 MacBook Air remains on sale and now starts at $999 for an 8-core CPU, 8-Core GPU, 8GB of unified memory, and 256GB of storage. You can still configure the M2 MacBook Air with up to 24GB of unified memory, and 2TB of storage.

Source: Apple Newsroom

Apple’s Security Research team has published an article about how they are upgrading iMessage with improved security, specifically, with a new protocol called Post-Quantum 3, or PQ3. PQ3 should be resistant to its encryption being broken, even with a Quantum Computer. Before diving into the features of PQ3, a brief history, and comparison, of current encryption, starting with a brief history.

Brief History of Encryption

Encryption, at its most basic and fundamental level, is any method, or means, of taking readable text and making it unintelligible. This could be something as simple as a substitution cipher, like ROT13. ROT13 replaces each letter with one that is 13 characters ahead of it. For instance, the letter "A" would be replaced with "N", "B" would be replace with "O", and "C" would be replaced with "P". Given that there are 26 standard letters in the English alphabet, the letters end up being swapped. To illustrate what I mean, let us take the word "Apple". If you use ROT13 it would become "NCCYR". This is a very basic example of an encryption algorithm, and should not be used for anything sensitive, but it does provide a basic understanding.

Early computers did not take encryption into account, primarily because the computing power was not available. The first modern encryption protocols were developed by Netscape in 1995 and was called Secure Socket Layer, or SSL. SSL was eventually adopted by most browsers, and subsequently went through a number of revisions. Ultimately, to appease everyone involved, SSL was superseded by Transport Layer Security, or TLS, in 1999, and became an industry standard. TLS is currently at version 1.3.

Encryption is comprised of keys, and can be any length. The length of the key ends up indicating its security. The strength of a key is measured in bits, specifically the length of the key. The longer the key, the more difficult it is to break.. The first SSL algorithms could be up to 40 bits long. This was due to an export restriction by the United States government. However, that limitation has been lifted. The most common key lengths are 1024, 2048, and 4096. The longer the key length, the more difficult it would be to guess. The difficulty is not linear, instead it is logarithmic in terms of difficulty. The actual given length of time does depend on many factors, including the key length, but also the computers being used. You can easily calculate the possible number of keys, by taking 2 and raising it to the length of the key, minus 1. Therefore, for a 1024-bit key it would be 2 ^ 1023, or

possible keys. This would take an extremely long time to attempt to get the base keys used.

Another example, for a 4096 bit key, the number of combinations would be 522194440706576253345876355358312191289982124523691890192116741641976953985778728424413405967498779170445053357219631418993786719092896803631618043925682638972978488271854999170180795067191859157214035005927973113188159419698856372836167342172293308748403954352901852035642024370059304557233988891799014503343469488440893892973452815095130470299789726716411734651513348221529512507986199933857107770846917779942645743159118957217248367043905936319748237550094520674504208530837546834166925275516486044134775384991808184705966507606898412918594045916828375610659246423184062775112999150206172392431297837246097308511903252956622805412865917690043804311051417135098849101156584508839003337597742539960818209685142687562392007453579567729991395256699805775897135553415567045292136442139895777424891477161767258532611634530697452993846501061481697843891439474220308003706472837459911525285821188577408160690315522951458068463354171428220365223949985950890732881736611925133626529949897998045399734600887312408859224933727829625089164535236559716582775403784110923285873186648442456409760158728501220463308455437074192539205964902261490928669488824051563042951500651206733594863336608245755565801460390869016718045121902354170201577095168 possible combinations.

As you can see, it’s not just that it gets longer, but significantly longer.

There are a number of different means of generating the keys. These means are what is called a cipher suite, or set of algorithms. There are a number of different cipher suites, including Rivest–Shamir–Adleman (RSA), Data Encryption Standard (DES), or Advanced Encryption Standard (AES). The suite used depends on the intended usage.

There are two different types of encryption, symmetrical and asymmetrical encryption. Symmetrical encryption is where you use the same key to encrypt as well as decrypt the data.

Asymmetric encryption uses two keys, a private and public key, for encryption and decryption. Asymmetrical encryption is the basis for TLS. These two keys work in conjunction to be able to encrypt and decrypt. Only these two keys will work together. Another public key cannot function with the private key.

DES and AES are used for symmetric key cryptography, while RSA is used for public key cryptography.

How Keys Are Exchanged

One of the more common tasks for any type of encryption is the exchanging of keys. The way that this works is as follows:

1. The client sends a synchronization packet to the server.
2. The server sends a synchronization acknowledgment packet back to the client.
3. The client sends an acknowledgment back to the server, along with a Client Hello packet.
4. The server sends back a Server Hello, certificate, and Server Hello Done packet back to the client.
5. The client sends Client Key exchange, Change Cipher Specification, and Finished packet to the server.
6. The server sends a Change Cipher Specification and Finished packet to the client.

At this point, the ciphers to be used, and the public keys are established. There is a lot more information that is contained within these six steps. I will not go into detail for all of them. You can learn more about that by reading an article from CloudFlare titled What happens in a TLS handshake?, but this is a brief overview.

There are a few things that need to be pointed out. First, during the initial exchange the client sends which TLS protocols that it can understand. This is needed because the server or client may not be able to handle a particular protocol. The client and server should agree upon the highest level protocol that both can support.

The second thing to mention is that it may seem like this interaction would take a long time, but as you can probably guess, today’s devices are fast enough to support this and have this interaction take, at most, a few seconds, but in most situations this is much faster.

Now that we have a basic understanding of how key exchanges occur, let us look at how encryption works with iMessage.

How iMessage Encryption works

According to Apple’s "iMessage security overview" support article, quote:

When a user turns on iMessage on a device, the device generates encryption and signing pairs of keys for use with the service. For encryption, there is an encryption RSA 1280-bit key as well as an encryption EC 256-bit key on the NIST P-256 curve. For signatures, Elliptic Curve Digital Signature Algorithm (ECDSA) 256-bit signing keys are used. The private keys are saved in the device’s keychain and only available after first unlock. The public keys are sent to Apple Identity Service (IDS), where they are associated with the user’s phone number or email address, along with the device’s APNs address.

For iMessage keys, there would be 2^1279 possible combinations, so it is not likely that anybody could guess your private key. There is no way to derived from your private key from your public key.

Using today’s hardware, it will take an extremely long time to decrypt the data. While it may take a significantly long time on today’s hardware, that will not always be the case. This is where being proactive with post-quantum

Post Quantum Cryptography with iMessage

In Apple’s security article, Apple has outlined how it is incorporating this new PQ3 protocol into iMessage, starting with iOS 17.4.

There are actually currently four levels of cryptography, Level 0 to Level 3, with future levels possible. Level 0 and 1 are part of the "Classical Cryptography", while Level 2 and 3 are "Post-Quantium Cryptography".

Level 0

Level 0 is no-end-to-end encryption, or what is commonly called "clear-text" communications. This includes apps like Telegram, WeChat, SMS, and Skype.

Level 1

Level 1 is services that have encryption enabled by default. This includes the previous version of iMessage, as well as other apps like WhatsApp, Line, and previous versions of Signal.

Level 2

Level 2 contains services who have Post-Quantum Cryptography for key establishment only. This means that the methods used to generate the encryption keys are resistant to being broken by current day computers, as well as quantum computers. The only app that has this is Signal.

Level 3

Level 3 is similar to Level 2, except it also includes ongoing Post Quantum Cryptography rekeying . The only service that will support this, for now, is iMessage starting in iOS 17.4. Let us look at this re-keying a bit in depth.

Protecting Data

One of the possible issues with any encryption is that computers will get better and may be able to easily break previous encryption schemes. With most encryption, if a key is compromised then all of the previous messages, as well as any future messages using the same key, would be easily decrypted.

In order to protect against a key being compromised, Apple’s PQ3 takes this into account by adding the level 3 feature of ongoing rekeying. The way that this works is by changing the keys on a regular basis. Per Apple’s security article:

PQ3 employs a hybrid design that combines Elliptic Curve cryptography with post-quantum encryption both during the initial key establishment and during rekeying. Thus, the new cryptography is purely additive, and defeating PQ3 security requires defeating both the existing, classical ECC cryptography and the new post-quantum primitives. It also means the protocol benefits from all the experience we accumulated from deploying the ECC protocol and its implementations.

This re-keying should go a long way to being able to protect conversations should a key get compromised. And even if a flaw s found in a cipher,

Closing Thoughts

Quantum computers being capable of breaking encryption is not anything that one needs to worry about right now. Even though there is no current worry, it is best to be proactive and Apple is doing just that. With iOS 17.4 they are updating the encryption of iMessage to include cryptography that is not only resistant to being broken by today’s computers, but also resistant to quantum computers.

Apple could match Signal and just have post-quantum keys, but instead they are going beyond that to re-keying on a regular basis and minimizing the ability to access data even if a key is compromised at some point. Even if a post-quantum cipher is broken, the current level of cryptography will still protect

This post is just an overview, and Apple’s security article has a lot more in-depth information about the ciphers used, the encryption algorithms, and additional details, should you be interested.

Today Apple has made a number of announcements with many of these being related to complying with the European Union Digital Markets Act, or DMA. The DMA requires big technology companies, like Apple, to comply with a number of various new regulations.

There is a lot of information. I could attempt to detail all of the changes, but I would do a poor job of it. Instead, I am going to provide a brief overview of each of the changes, with links to a much more in-depth article. Most of these will be limited to the EU, but there are some new items that are not.

Request for Improved Interoperability

Developers can now make a request improved interoperability with the iOS hardware and software. This request form does not guarantee that a feature will be implemented. Developers will need to be explicit in their request and why they are requesting it. There are, of course, limitations. Anything that would weaken security will be rejected. This request is limited to EU developers.

You can read more information at MacRumors

Third-Party App Stores in the EU

The biggest requirement for the DMA is that Apple will be required to allow side-loading of apps from third-party app stores. These companies will be required to comply with. One requirement is that the companies must have a 1 million euro line of credit with an A-Plus rating. This is to be able to make sure they can pay some fees, but more on that in a bit.

Apps that are made available on these marketplaces will be required to be notarized through Apple, which will ensure safety and security checks, but they will not be checked for content.

More details are available at 9to5Mac.

Reduced Commissions in the EU

The third item announced is that there will be a reduced commission structure for EU developers. The new structure will drop down to 10% for Small Developers, down from 15%. For larger developers, it will be 17%. Apps that are within third-party app marketplaces can use any payment processor that they want. Including Apple’s. If they opt to use Apple’s, they will pay an additional 3% fee.

For developers who have more than 1 million installs per year, they will need to pay a Core Technology Fee, or CTF. This is €0.50 per install. This fee will need to be paid regardless of where the app is installed, via Apple or via a third-party marketplace.

Third-party Marketplaces will need to pay the Core Technology Fee for apps downloaded through the marketplace. There is no threshold for marketplaces.

You can read additional details via target="_new">9to5Mac.

Web Browsers and Near Field Communications

Apple will be opening up iOS to allow apps to access the Near Field Communication, or NFC, chip. This will allow apps to offer non-Apple "Tap to Pay" options. Details are available at MacRumors.

For the entire lifetime of iOS, there has only been a single browser engine, WebKit. To date, third-party browsers, like Chrome, Firefox, and Edge, have all had to use the WebKit engine on iOS and iPadOS. This will change. They will now be able to use their own browser engine. Users will even be prompted to choose a default. This is similar to the Browser Ballet that Microsoft had to implement on Windows in the European Union.

Additional details are available on 9to5Mac.

New Gaming Streaming Options

The gaming landscape has changed significantly since iOS was initially released in 2007. When it was released, physical games were prominent. iOS has contributed to digital games being even more prevalent. One of the downsides to modern games is that they can be rather large in size. Along with this, internet speeds have become much faster. In order to limit the needs to constant updates, as well as be able to game on anything, streaming games have become more commonplace.

To date, Apple has required developers to submit every game as a discrete app. This was an untenable solution for streaming games. This will no longer be the case. This change will allow services like Xbox Game Pass and GeForce Now to be viable options via an App on the App Store. Previously these were only available via a web browser. This will apply to the App Store world wide, not just in the EU.

More details can be found on MacRumors.

New Developer Reports

The last item that was announced is that developers will be getting access to 50 new additional reporting metrics. Four of the new metrics will be engagement of users, additional details with in-app purchases, improved app usage, like crashes and deletions. The one that might be the most interesting is framework usage. This will allow developers to see how their app interacts with frameworks like Widgets, CarPlay, and PhotoPicker.

There will be more information available in March about the new metrics and reports that will be available.

Additional information can be found on MacRumors.

Closing Thoughts

Apple has clearly indicated that they will not be brining any of the EU-specific changes to any other markets, unless required to by law, so do not expect these changes to come to other markets without changes in laws.

Many of the changes announced are specific to the European Union. However, I think the new streaming game option could be a big boon to the Apple TV. This is possibly a boon because more people might opt to purchase an Apple TV and game controller and use that with Xbox Game Pass instead of purchasing an Xbox Console. Beyond this, having access to Xbox Game Pass available natively on an iPad can improve the experience overall.

Apple Vision Pro pre-orders have begun with initial availability in two weeks, February 2nd, 2024. As outlined before, Apple Visoin Pro starts at $3499 for the 256GB model. While there has been some additional previous available, but that information was limited. I thought it would make sense to provide additional specs and options available, because these have not been previously announced.

Pre-Order Needs

In order to pre-order an Apple Vision Pro you need to have an iPhone with Face ID, since face scanning is done to determine the proper light shield and headband size. On January 8th, Apple announced what would be included with the Apple Vision Pro as well as lens options. There are two lens options, readers for $99 and prescription lenses for $149. One thing that was not previously outlined, but has seen been made known is that you will need to have a current and valid prescription from a provider.

Included with Apple Vision Pro

The Apple Vision Pro does come with some items within the package. This list of items included is

• A Solo Knit Band
• A Dual Loop Band
• A Light Seal
• Two Light Seal Cushions
• An Apple Vision Pro Cover
• A Polishing Cloth
• Battery Pack
• USB-C Charge Cable
• USB-C Power Adapter

Additional Specs

At the announcement of the Apple Vision Pro, Apple indicated that it would have an M2 processor, but the details of the processor were not specified at the time. The Apple Vision Pro will come with an 8-Core CPU that has 4 performance cores and 4 efficiency cores. Along with this is a 10-core GPU, a 16-Core Neural Engine, and 16GB of unified memory.

Additional Options

When the Apple Vision Pro pre-orders were announced, the $3499 price included the 256GB model. You can order a 512GB or 1TB model. The prices for these are $3699 for the 512GB and $3899 for the 1TB.

AppleCare+ for the Apple Vision Pro is $499 for two years of coverage, or $24.99 for monthly coverage.

The Apple Vision Pro can be powered by a battery pack, which provides up to 2 hours of regular usage and 2 1/2 hours of vidoe playback. If you wish to purchase an additional battery pack, it will cost $199.

Closing Thoughts

As of this writing pre-orders have slipped to mid February for the 256GB model, with the 512GB and 1TB model still having launch day pickup or delivery.

Today Apple has announced that the Apple Vision Pro pre-orders will begin next Friday, January 19th, 2024 at 5 a.m. Pacific Time. While pre-orders will start then, the product itself will begin arriving on February 2nd, 2024.

While Apple has provided some basic information, like the starting price, there were some other pieces of information that has not been known.

As previously stated, the Apple Vision Pro will be available starting at $3,499 (U.S.). What is new is that this will come with 256GB of storage. The Apple Vision Pro will be available at all U.S. Apple Store locations and the U.S. Apple Store online.

One item that has not been known is how much the lenses that are used with the Apple Vision Pro will cost. Apple's press release deliniates this. Optical Inserts that are Readers will cost $99 and prescription-based inserst will be $149.

The Apple Vision Pro needs to be secured to one's face. This is done using a band. The Apple Vision Pro comes with a Solo Knit Band and Dual Loop Band. This gives users two options for the fit that works best for them. Apple Vision Pro also includes a Light Seal, two Light Seal Cushions, an Apple Vision Pro Cover for the front of the device, Polishing Cloth, Battery, USB-C Charge Cable, and USB-C Power Adapter.

There are something things that we do not yet know, like the cost of additional battery packs, how many units will be available, and what additional storage tiers (if any) are available. I am sure that information will come out in due course.

Source: Apple Newsroom

Today Apple has announced that the next Swift Student Challenge. This is much earlier than in previous years, but this is by design. According to the Apple Developer site,

We're releasing new coding resources, working with community partners, and announcing the Challenge earlier than in previous years so students can dive deep into Swift and the development process — and educators can get a head start in supporting them.

There is an additional change, according to the "The next challenge will open in February 2024, and will include a new category recognizing 50 Distinguished Winners, who will be named for standout submissions."

In order to help everyone learn to code, Apple has provided some new resources for educators.

Apple's new Everyone Can Code Projects provide step-by-step resources to help educators guide students through every step of their coding and app development journey, and develop essential skills while creating apps that solve problems they care about.

Everyone Can Code Projects can be integrated into any subject area, and are perfect for the classroom or coding clubs. They introduce students to SwiftUI — the modern way to build user interfaces with surprisingly little code — and use the latest app-building technologies in Swift Playgrounds. As they code, students can see how their app changes in real time with App Preview.

Four new Projects available today include:

• Design a Simple App: Students can create an app prototype in Keynote to learn the fundamentals of app design, practice rapid prototyping, and collect feedback, following the same steps as professional developers.
• Build with Stacks and Shapes: Students can take the first steps of building an app in Swift Playgrounds and code a self-portrait or a work of art using SwiftUI to learn the fundamentals of user interface design.
• Build Custom Shapes: Students can bring an app interface to the next level by designing a shape, learning how to plot the coordinates, and coding their custom shape using SwiftUI and the About Me sample app within Swift Playgrounds.
• Design an App Icon: Students can learn and apply app design principles to create a unique and memorable app icon that communicates an idea; practice rapid prototyping; collect feedback; and upload the icon to Swift Playgrounds to become part of an app.

If you are a student you will be able to apply for three weeks in February, so stay tuned to the Swift Student Challenge site to find out when applications open.

Source: Apple Newsroom