spheric

MplsP said:

spheric said:

.band "files" are packages (folders).  

Context-click one one to see its contents. 

Yeah, I get that, but my admittedly limited understanding of how this works with OS X is that when you double click on the file, it opens the associated program which in turn opens the file that you clicked on, similar to opening the program and selecting File -> open. If the package contains an executable, why would GarageBand do anything with it?

The point is the same as with every buffer overrun exploit: 

Put extremely simply, anytime you input a value into a program, whether it's text or numbers or audio or a password or whathaveyou, whatever exceeds the length the program is expecting is truncated and ignored, or will otherwise throw up an error to the user.

If you have an improperly terminated input, where somebody just forgot to account for there being more data than expected and this doesn't happen, whatever data exceeds the limit the program is designed to handle will theoretically DIRECTLY PASS THROUGH THE CPU. If you carefully craft malicious code to exploit just such a hole, you can add your own program to the end of useful and innocuous data, and IT WILL BE EXECUTED BY THE CPU. 

So if, for example, the exploit were in a password-entry field, you could exploit the machine by typing the password and then tacking on a whole bunch of executable code to the end of that. Normally, code would be in place to reject that. But if it were forgotten or improperly coded, you could access the machine that way and have it do virtually whatever you wanted (depending upon where in user-/adminspace the program is running). SOME file within the GarageBand package was susceptible to just that kind of attack. 

The uploader of the video can decide whether ads should be shown before, during, or after the video, and also whether they are skippable or not. The advertiser has no say in this.

This is not a new connector, and it is apparently nothing Apple themselves intend to use. They've merely certified it to be used for "Made for iOS" Lightning adapters and accessories. It's in use by various manufacturers as yet another standard USB connector. https://arstechnica.com/apple/2017/02/no-apple-isnt-developing-an-all-new-port-for-accessory-makers/

lito_lupena said:

what about garageband on macOS?

That got Touch Bar support about two months ago. Minor update available today; no Alchemy patches at this point, though.

Soli said:

dk49 said:

They should also bump the base RAM in 13 inch Macbook pro to 16GB.

Is that possible with the dual-core Core chips they're using?

Dual-Core 13" MacBooks have supported 16 GB RAM since at least 2011 (one model in 2010 IIRC).