Posted in App, Uncategorized

Ulysses Turns 19


Ulysses 19 icon

Ulysses, a writing app and markdown editor, turns 19. It adds material sheets, mouse and track support on iPad and keywords in Markdown Files and provides various fixes.

Ulysses Sheet Layout

This writing app offers a different approach to turning your ideas into text. The basic unit is not so much a document but rather a “sheet.” A sheet is where the nugget of your idea, sentences or paragraphs are entered. Once you have created several sheets, you can order and nest them into groups for export in various ways.

Ulysses Cloud and Folder Support

By storing your Ulysses file in the cloud, you can work from your Mac or iOS device anytime the urge or impulse to write strikes you. The developer states “On iPad and iPhone, you’re now able to embed external folders from locations in the Files app, such as cloud storage providers or Git clients, and edit the contained files with Ulysses.” The ability to sync requires a subscription.

A main idea behind this writing app is to help the writer spend more time getting the thoughts down and less time worrying about formatting. The goal is to take the stress off of what the finished document will look like and help the attention be focused on the ease of entering the text and idea.

Ulysses Mouse Support Apple recently introduced mouse and trackpad support for iOS and Ulysses takes advantage of this.

You can try Ulysses for free. Download it from the App Store. All subscription plans contain a free trial. It is fully functional and syncs to all your Macs, iPads and iPhones.

So, if you are interested in trying out a new way to think about document creation, check out Ulysses.

Posted in Uncategorized

iWork for iOS Updates


Apple has release updates for iWork for Mac and iOS versions. The updates include trackpad support with iPad OS 13.4, new themes and iCloud Drive folder sharing.

Keynote has new features like:

  • Edit shared presentations while offline and your changes will upload when you’re back online. Requires iPadOS or iOS 13. Learn more
  • Touch and hold, then drag across multiple objects to select them. Learn more
  • Easily access your recently used themes in a redesigned theme chooser.
  • Print or export a PDF of your presentation with comments included. Learn more
  • Add a drop cap to make text stand out with a large, decorative first letter. Learn more
  • Enhance your presentations with a variety of new, editable shapes.

You can learn more about the updates for iOS here:

Pages

Keynote

Numbers

Posted in Uncategorized

Hanx Writer – Hi-Tech Keyboard Old School Feel


Hanx Writer is a really nifty app for those who enjoy typing or want to switch up the feel of your keyboard. Basically, the app gives you the opportunity to type using a realistic typewriter GUI. The sounds and motions of the moving parts are recreated with accuracy.

Your screen can be used as the keyboard or you can connect an extern blue tooth or Smart Keyboard to the iOS device to give you more screen room as seen below.

[The app states it is not compatible with the iPad Pro but the standard free version of the typewriter seems to work with my iPad Pro 12.9″ with Smart Keyboard.]

You get one “Free” keyboard as shown. You can use and enjoy the sites and sounds of that keyboard from within the app.

Third Party Keyboard Functionality

With an in app purchase, you can upgrade to get other typewriters or add additional functionality like working with multiple documents from within the app or hearing all of the sounds in other apps while using this third party keyboard. The least expensive upgrade costs 99¢ and includes the standard “Prime Select” keyboard.

Like other keyboard apps, you can add this third-party keyboard. Tap Settings > Keyboard > Add New Keyboard… and choose Hanx Writer. Then, tap on Allow Full Access.

Now, from your keyboard, tap and hold on the Globe at the bottom left and choose Hanx Writer.

With the in-app purchases, you can have the ability to change the font size, color, and look of your keyboard.

Conclusion

If you are looking for a fun way to type, jot down notes or share the fun of an old fashioned typewriter, check out Hanx Writer.

Posted in Uncategorized

iOS 10.3.2 is Out


Apple has just released iOS 10.3.2. To update your compatible iOS device, tap Settings > General > Software Update. Make sure you make a back up first.

The only information currently available is that the update improves the security of your iOS device and includes bug fixes.

According to Apple, the security updates includes:

Released May 15, 2017

AVEVideoEncoder

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to gain kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-6989: Adam Donenfeld (@doadam) of the Zimperium zLabs Team

CoreAudio

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2017-2502: Yangkang (@dnpushme) of Qihoo360 Qex Team

iBooks

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: A maliciously crafted book may open arbitrary websites without user permission

Description: A URL handling issue was addressed through improved state management.

CVE-2017-2497: Jun Kokatsu (@shhnjk)

iBooks

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with root privileges

Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization.

CVE-2017-6981: evi1m0 of YSRC (sec.ly.com)

IOSurface

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to gain kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-6979: Adam Donenfeld of Zimperium zLabs

Kernel

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed through improved locking.

CVE-2017-2501: Ian Beer of Google Project Zero

Kernel

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2017-2507: Ian Beer of Google Project Zero

CVE-2017-6987: Patrick Wardle of Synack

Notifications

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to cause a denial of service

Description: A denial of service issue was addressed through improved memory handling.

CVE-2017-6982: Vincent Desmurs (vincedes3), Sem Voigtlander (OxFEEDFACE), and Joseph Shenton of CoffeeBreakers

Safari

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Visiting a maliciously crafted webpage may lead to an application denial of service

Description: An issue in Safari’s history menu was addressed through improved memory handling.

CVE-2017-2495: Tubasa Iinuma (@llamakko_cafe) of Gehirn Inc.

Security

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Update to the certificate trust policy

Description: A certificate validation issue existed in the handling of untrusted certificates. This issue was addressed through improved user handling of trust acceptance.

CVE-2017-2498: Andrew Jerman

SQLite

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: A maliciously crafted SQL query may lead to arbitrary code execution

Description: A use after free issue was addressed through improved memory management.

CVE-2017-2513: found by OSS-Fuzz

SQLite

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: A maliciously crafted SQL query may lead to arbitrary code execution

Description: A buffer overflow issue was addressed through improved memory handling.

CVE-2017-2518: found by OSS-Fuzz

CVE-2017-2520: found by OSS-Fuzz

SQLite

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: A maliciously crafted SQL query may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-2519: found by OSS-Fuzz

SQLite

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2017-6983: Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro’s Zero Day Initiative

CVE-2017-6991: Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro’s Zero Day Initiative

TextInput

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Parsing maliciously crafted data may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-2524: Ian Beer of Google Project Zero

WebKit

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-2496: Apple

CVE-2017-2505: lokihardt of Google Project Zero

CVE-2017-2506: Zheng Huang of the Baidu Security Lab working with Trend Micro’s Zero Day Initiative

CVE-2017-2514: lokihardt of Google Project Zero

CVE-2017-2515: lokihardt of Google Project Zero

CVE-2017-2521: lokihardt of Google Project Zero

CVE-2017-2525: Kai Kang (4B5F5F4B) of Tencent’s Xuanwu Lab (tencent.com) working with Trend Micro’s Zero Day Initiative

CVE-2017-2526: Kai Kang (4B5F5F4B) of Tencent’s Xuanwu Lab (tencent.com) working with Trend Micro’s Zero Day Initiative

CVE-2017-2530: an anonymous researcher

CVE-2017-2531: lokihardt of Google Project Zero

CVE-2017-2538: Richard Zhu (fluorescence) working with Trend Micro’s Zero Day Initiative

CVE-2017-2539: Richard Zhu (fluorescence) working with Trend Micro’s Zero Day Initiative

CVE-2017-2544: 360 Security (@mj0011sec) working with Trend Micro’s Zero Day Initiative

CVE-2017-2547: lokihardt of Google Project Zero, Team Sniper (Keen Lab and PC Mgr) working with Trend Micro’s Zero Day Initiative

CVE-2017-6980: lokihardt of Google Project Zero

CVE-2017-6984: lokihardt of Google Project Zero

WebKit

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to universal cross site scripting

Description: A logic issue existed in the handling of WebKit Editor commands. This issue was addressed with improved state management.

CVE-2017-2504: lokihardt of Google Project Zero

WebKit

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to universal cross site scripting

Description: A logic issue existed in the handling of WebKit container nodes. This issue was addressed with improved state management.

CVE-2017-2508: lokihardt of Google Project Zero

WebKit

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to universal cross site scripting

Description: A logic issue existed in the handling of pageshow events. This issue was addressed with improved state management.

CVE-2017-2510: lokihardt of Google Project Zero

WebKit

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to universal cross site scripting

Description: A logic issue existed in the handling of WebKit cached frames. This issue was addressed with improved state management.

CVE-2017-2528: lokihardt of Google Project Zero

WebKit

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues with addressed through improved memory handling.

CVE-2017-2536: Samuel Groß and Niklas Baumstark working with Trend Micro’s Zero Day Initiative

WebKit

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to universal cross site scripting

Description: A logic issue existed in frame loading. This issue was addressed with improved state management.

CVE-2017-2549: lokihardt of Google Project Zero

WebKit Web Inspector

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to execute unsigned code

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-2499: George Dan (@theninjaprawn)