On Tuesday, July 9, Apple significantly improved the MacBook lineup by updating Air, Pro and removing the stale, 12-inch MacBook model introduced in 2015.
Air has a True Tone display and is now $100 cheaper, with a retail price of $1,099. The MacBook Pro update was a more interesting surprise - it got the latest 8th-gen quad-core CPU, True Tone Retina display and a Touch Bar! This means Apple no longer offers MacBook Pro without a Touch Bar, and all MacBooks have a T2 chip, which offers interesting security features.
Don’t think that the new Pro is underpowered because its CPU clocks at merely 1.4 GHz, a 0.9 GHz lower than a duo-core model from 2017. For starters, it’s a quad-core CPU, and it’s an 8th generation CPU. According to Geekbench tests, it’s up to 80% faster than the previous model in a multi-core test, while Apple says it’s up to two times faster.
I think this update is a well welcomed one. An Air with a True Tone display is always better than an Air without it. But the the Pro model is where it gets really interesting. Now you can get a Touch ID equipped, T2 chip protected MacBook for $500 less than a week ago! And that’s great news. Of course, the presence of the Touch Bar is debatable - I wouldn’t call myself a big fan of it, but’s it’s not like I can’t live with it either. I don’t think the Touch Bar has a large fan base, and so an option to buy a MacBook Pro without the Touch Bar would definitely also be a welcome addition. It is always valuable to send feedback to Apple, but if I were to bet my money on it, I’d say that the Touch Bar is here to stay.
Updated models, both Air and Pro, have a third-generation butterfly keyboard, introduced in May 2019, and are covered by the butterfly keyboard service program.
Alongside the updated MacBook models, we got cheaper upgrades of an SSD storage option. As Benjamin Mayo reports for 9to5Mac.com (bolds mine):
For example, the 4 TB SSD of the 512 GB 15-inch MacBook Pro used to cost $2800. It now costs $1,400. These savings are seen across the iMac, iMac Pro, Mac mini, and MacBook Air line.
Apple’s SSD price drops are comprehensive, applying to Mac notebooks and desktops. The general pattern is that the first upgrade still costs the same, with price reductions applied to the bigger capacities.
As Micheal Tsai points out, this is great news, but it’s not cheap at all.
This is great news, although the prices still seem inflated. For comparison, Apple is charging $400 to go from 256 GB to 1 TB, but you can get a highly regarded 1 TB Samsung SSD for $137. And there’s now a 2 TB Intel one for $103. Granted, this is not as fast as what Apple ships, but for many people the tradeoff would be worth it for that amount of storage. And it would certainly be an improvement over the spinning hard drive in the 2019 iMac.
As you probably know, websites can request to open a Mac application via Safari. So, a third-party developer of an Awesome app can ask you, from their awesomeapp.com website, if you want to run the Awesome macOS app. Safari displays an alert and you can decide to either allow or deny the request.
Zoom is a video conferencing app, mostly used by companies, with more than four million users. Zoom decided that this Safari safety feature - because it indeed is a safety feature - is too much hassle for their users. Who on Earth would like to perform yet another click just to open the app?! So, they decided to fix the issue. They approached this „problem” by quietly installing additional software - a web server - when a user installs the Zoom app.
On Monday, July 8, Jonathan Leitschuh published an extensive report about a vulnerability in the aforementioned Zoom software that allowed websites to access the Mac camera without user consent. The web server has been responsible for the loophole. At this point, you may think that’s unfortunate and that bugs happen, and that it should be an easy fix. „I can uninstall Zoom and everything goes back to normal”. As it turns out, it’s not really the case. As Leitschuh writes:
Additionally, if you’ve ever installed the Zoom client and then uninstalled it, you still have a localhost web server on your machine that will happily re-install the Zoom client for you, without requiring any user interaction on your behalf besides visiting a webpage. This re-install ‘feature’ continues to work to this day.
If that wasn’t enough, it took Zoom almost 2,5 months to react to the Leitschuh report. Leitschuh informed Zoom about the problem back on March 26th.
The first actual meeting about how the vulnerability would be patched occurred on June 11th, 2019, only 18 days before the end of the 90-day public disclosure deadline. (…)
Ultimately, Zoom failed at quickly confirming that the reported vulnerability actually existed and they failed at having a fix to the issue delivered to customers in a timely manner. An organization of this profile and with such a large user base should have been more proactive in protecting their users from attack.
And then on Thursday, Apple made a great checkmate move by pushing a silent update to remove hidden Zoom local server without the need of any user interaction. The update also ensures that from now on, it won’t be possible to open apps automatically.
It is satisfying to know that someone keeps an eye on your security. Thank you, Jonathan Leitschuh! Great move, Apple!
Every year after Apple publishes a public beta of their software, I think about installing it. Checking those new shiny features should be fun, right? But after the initial spasm of joy after the keynote, rational thinking kicks in and I decide to wait and I wonder: should I? Or maybe not? Then comes news that proves that not installing the beta was the right move and I don’t ever think about installing it anymore. A few years ago, it was about widespread WiFi problems on macOS beta - how are you supposed to use a Mac without the Internet? There are of course some steps you can take to mitigate the potential problems, like installing a beta on a separate hard drive. But this year’s hiccup is even more problematic because current betas can corrupt your iCloud data! And that’s something an external drive cannot protect you from. Take a look at the Ulysses blog for more details.