By John Gruber

• Archive
• The Talk Show
• Dithering
• Projects
• Contact
• Colophon
• Feeds / Social
• Sponsorship

Linked List: October 25, 2016

Tuesday, 25 October 2016

Six Colors’ Coverage of Apple’s Q4 Results and Analyst Call ★

Charts and graphs, and snap coverage of Apple’s analyst conference call.

Apple Q4 2016 Results ★

Pretty much in line with expectations.

Images of New MacBook Pro With Magic Toolbar Leaked in MacOS Sierra 10.12.1 ★

Something something doubling down on secrecy.

Noteworthy: there is no hardware Esc key.

iPhone 7 Plus’s Portrait Mode in Real Life ★

Nice collection of iPhone 7 Plus portrait mode photos submitted by iMore readers.

HomeKit’s Stringent Security Requirements ★

Here’s a report by Aaron Tilley for Forbes, from July of last year:

It’s been more than a year since Apple announced HomeKit, its system for connecting smart home devices through iOS. And as with all things Apple, expectations are high. Maybe too high.

So far, only five companies have launched HomeKit-certified smart home devices. What’s the hold up? Apple has thrown a plethora of challenges at hardware makers, and some developers say one of the biggest is complying with Apple’s strict security requirements on Bluetooth low energy devices.

Apple allows for either WiFi or Bluetooth low energy (LE)-enabled devices to get certified as a HomeKit accessory. Apple is requiring device makers using both WiFi and Bluetooth LE to use complicated encryption with 3072-bit keys, as well as the super secure Curve25519, which is an elliptic curve used for digital signatures and exchanging encrypted keys.

“These security protocols are bleeding edge,” said Diogo Monica, a security lead at Docker and an IEEE security expert.

This story makes more sense today, given all the recent outages and attacks based on exploits of insecure “internet of things” devices.