Author: Security – Computerworld

Will Brazil force Apple to admit App Store defeat?

Brazil’s antitrust body has joined a chorus of regulators to demand that Apple permit external payment methods in iOS apps. It’s just the latest page in an ongoing story, but might be enough to break this camel’s backbone. 

What this means, at the risk of stating the obvious, is that Apple now faces so much pressure to open up to external payment systems, it could finally make sense for it to bite the bullet and open up across all its territories rather than continue to fight. 

Apple has already been forced to open up in this way — and also to third-party app stores — in the EU, and to let US developers sell in-app content outside the App Store. It now faces similar pressure in the UK. But while it resists each of these moves, there is a cost to the company in legal fees and reputational damage attached to each battle in this conflict — at some point, it might make better business sense to cede the field.

A potential opportunity

While I don’t expect Apple is at all thrilled at how these cookies are crumbling, perhaps there is a way to turn all of this adversity into opportunity. If there’s ever been a time to add features and improvements to the payment systems Apple already provides, this is it.

It might also be time for Apple to take its payments infrastructure to other platforms and markets. Why shouldn’t you be able to pay for Android apps using Apple’s payment systems? Why not offer Apple payments to gamers from within Fortnite? Why not turn payments into products and grab an Apple-sized slice of the wider payments pie?

Customers from inside other ecosystems might be ready to embrace Apple’s rock-solid, highly secure, privacy-first payment system. What I’m saying is that Apple has a unique chance to compete, one from which it can continue to evangelize the advantages of the services (and platforms) it already provides for in-app purchases and everything else.  At the end of the day, the best way to keep people using its payments systems is to convince them that they want to use that system — even if they have a choice of others to use. 

With choice being imposed on the company, the company has an excuse to compete right back at competitors.

Who will lose?

Apple will not be blind to this, but support for external payment systems on its platforms remains very new and is only visible in a small number of markets. Given the potential risks of fraud and worse, it makes sense for Apple (and everyone else) to take a wait-and-see approach to extending this openness to new markets. It is just good practice to monitor what scams, frauds, and other attacks will emerge as third-party services are used on iOS in the EU. It’s not inconceivable that part of Apple’s reluctance to open up more widely yet (other than the money) is a desire to assess the perils and pitfalls of doing so — a trial in which Apple’s European customers are the crash test dummies.

But regulators don’t seem terribly keen to wait and see. Regulators in India, Brazil, UK, US, Japan, South Korea, and elsewhere now seem to agree that Apple must lift restrictions on payment methods for in-app purchases. It’s going to happen in the end.

What price platform integrity?

Even then, another problem Apple faces in that is that each nation could demand slightly different approaches to lifting those restrictions. The problem is that there is a development and infrastructure support cost, not to mention legal expenses, to each of those dictated approaches. What that means is that the less harmonious Apple lets payments on iOS become, the higher the cost of business. 

To avoid weakening the platform with a thousand cuts, it just makes more sense to lift the restrictions internationally, while also putting in place firm safeguards that permit Apple to swiftly remove any payment services identified as fraudulent or lax in security from its platforms. 

Now, I’m on the record arguing that I think there is a very high probability that once payment systems in apps are opened up this way we will see fraud, identity theft, and other forms of financial crime affect against Apple’s so-far highly secure platform. I think that’s inevitable.

Consumers will be damaged, and in the case of those using non-Apple payment services or app stores they cannot expect to get support from Apple. They may have accessed a non-Apple service on an Apple device, but the exchange will be between them and the service, not them and Apple. There will be confusion and broken hearts. This is what will happen.

Managed decline

But Apple can manage the experience and focus on showing the many ways it offers a better and safer system to use. It also means bowing to the inevitable and building something that satisfies regulators enough that they don’t choose to force Apple to build a system that dilutes its own platform. 

So, why has Apple resisted so much? Perhaps because it knows there are other criticisms reaching the anti-trust runway. Perhaps it feels that it makes sense to put up a fight on this particular hill in order to give it time to shore up better defenses on the other hills it currently holds.

All the same, the judgment coming out of Brazil suggests the company is running out of time to prepare for other battles, and now might be time to concede on this particular point. Despite which, if I were in Apple (or a regulator’s) shoes, I’d still try to delay any such move until the first casualties from the European experiment are identified and lessons learned. 

You can follow me on social media! Join me on BlueSky,  LinkedInMastodon, and MeWe

The biggest IT threat? That seemingly innocuous web browser

For decades, enterprises have allowed their workers to use whatever free browser they wanted to access the most sensitive files possible. CIOs believed that security software in the environment — such as endpoint security apps or supposedly secure web gateways — would deliver any needed protections.

And until 2020, that view was somewhat valid. But when various pandemic-fueled changes hit the workplace, almost everything changed. But as extreme browser exposure became far more dangerous, the shift was so gradual that almost no one in IT noticed any danger. Those changes included massive numbers of new remote sites; skyrocketing shifts away from on-premises tools and apps to the cloud; and far more SaaS deployments. 

The browser issue here actually arises from two distinct problems: virtually no limits on which browser can be used and no protections at the enterprise level that sit atop those browsers. 

The first is the most bizarre. 

Somehow, IT permits any browser to be used in their sensitive environments. Can you imagine that being permitted for anything else? How many CIOs would tell workers they can use whichever VPN app they want, including free consumer-grade VPNs? Would an enterprise CIO be OK with someone in finance ignoring the corporate license for Excel and instead opting to put sensitive payroll details into a freeware spreadsheet found at a gaming site in China? Or maybe an employee could forego a company-paid Zoom account for discussions of that upcoming acquisition and use a freebie service no one’s ever heard of? 

[Related: 10 tips for a secure browsing experience]

IT typically maintains strict controls over all software that touches their privileged areas, but browsers are a security free-for-all?

Let’s delve briefly into the history. When graphical browsers first moved into the enterprise in large numbers (don’t forget that the earliest browsers, such as Cello and Lynx, were pure text) around 1994, the goal was to make it as easy as possible for people to interact with the web. The internet at that point had been around for decades, but the web had only recently become popularized. 

The problem is that as environments became exponentially more complex and access to ultra-sensitive data soared, IT didn’t stop to reconsider ancient browser policies. 

If IT admins were to choose one specific browser to mandate, controls would become light-years easier. They could even require users to access the latest version from IT, allowing for updates to be strictly maintained. Internal web pages could be designed for that browser, making it far more likely to deliver an identical experience for all users. 

I routinely run into secure areas where critical text (such as the “next” button) is offscreen. That means trying three or four browsers until one works. Imagine that problem disappearing simply by mandating one browser for all. 

That kind of corporate mandate brings up a few issues:

  • Desktop vs. mobile. Some enterprises might need to consider standardizing on one browser for desktop and possibly a different browser for mobile. 
  • IT political issues. Some of the browsers with major market share are deeply integrated with one vendor’s environments, such as Google Chrome and Microsoft Edge. Depending on how your environments are integrated with different platforms, this could be an issue. 
  • Compliance. Some of the browser makers are more aggressive at pushing privacy and other data boundaries, especially when generative AI is involved. Standardizing on one of those might lead to corporate compliance issues, especially if you have a substantial presence in Western Europe, Australia or Canada. 
  • Geography. Beyond the compliance issues, there are language and other regional support issues to consider, especially if you have a major presence in Asia. 

That brings us to problem two. Browsers were never designed to be even a little bit secure in the early days — and not much has changed today. That’s why IT needs to insist that something act as a secure layer between your environment and any browser — even your hand-chosen favorite browser. 

Because the needs of every enterprise are different, there’s no one-size-fits-all browser security solution. The browser security layer must play well with your existing systems and your particular compliance needs — colored by geography and verticals — are critical factors.

“The browser is the number one app that everyone is using. The browsers of today are much more powerful than the older versions,” said Dor Zvi, CEO of security firm Red Access. “They allow you to run Javascript, login and tokens and render HTML. The browser today is so powerful that it acts almost like an operating system.”

Zvi argues that there is a reason those browser capabilities are so dangerous. 

“A lot of the attacks today can now happen entirely within the browser. It is happening inside the frame of the browser, which means it is not on the network side and not on the endpoint side. The browser now holds the cookies and tokens for all of your applications,” he said. “Let’s say someone is trying to steal my Okta two-factor authentication. [The attacker] can run it by solely using the browser privileges and no one will ever know about it.”

Another problem with allowing any browser from around the world to access your systems involves browser extensions. In the same way Apple and Google can’t adequately police their apps to detect and remove malicious ones, browser teams can’t verify the legitimacy of extensions. A malicious browser often has unlimited access to everything the browser can do or see. That’s why standardizing on one browser is important; it allows IT to also rein in browser extensions.

It’s a lot to think about — but preferably not right before bed. 

The biggest IT threat? That seemingly innocuous web browser

For decades, enterprises have allowed their workers to use whatever free browser they wanted to access the most sensitive files possible. CIOs believed that security software in the environment — such as endpoint security apps or supposedly secure web gateways — would deliver any needed protections.

And until 2020, that view was somewhat valid. But when various pandemic-fueled changes hit the workplace, almost everything changed. But as extreme browser exposure became far more dangerous, the shift was so gradual that almost no one in IT noticed any danger. Those changes included massive numbers of new remote sites; skyrocketing shifts away from on-premises tools and apps to the cloud; and far more SaaS deployments. 

The browser issue here actually arises from two distinct problems: virtually no limits on which browser can be used and no protections at the enterprise level that sit atop those browsers. 

The first is the most bizarre. 

Somehow, IT permits any browser to be used in their sensitive environments. Can you imagine that being permitted for anything else? How many CIOs would tell workers they can use whichever VPN app they want, including free consumer-grade VPNs? Would an enterprise CIO be OK with someone in finance ignoring the corporate license for Excel and instead opting to put sensitive payroll details into a freeware spreadsheet found at a gaming site in China? Or maybe an employee could forego a company-paid Zoom account for discussions of that upcoming acquisition and use a freebie service no one’s ever heard of? 

[Related: 10 tips for a secure browsing experience]

IT typically maintains strict controls over all software that touches their privileged areas, but browsers are a security free-for-all?

Let’s delve briefly into the history. When graphical browsers first moved into the enterprise in large numbers (don’t forget that the earliest browsers, such as Cello and Lynx, were pure text) around 1994, the goal was to make it as easy as possible for people to interact with the web. The internet at that point had been around for decades, but the web had only recently become popularized. 

The problem is that as environments became exponentially more complex and access to ultra-sensitive data soared, IT didn’t stop to reconsider ancient browser policies. 

If IT admins were to choose one specific browser to mandate, controls would become light-years easier. They could even require users to access the latest version from IT, allowing for updates to be strictly maintained. Internal web pages could be designed for that browser, making it far more likely to deliver an identical experience for all users. 

I routinely run into secure areas where critical text (such as the “next” button) is offscreen. That means trying three or four browsers until one works. Imagine that problem disappearing simply by mandating one browser for all. 

That kind of corporate mandate brings up a few issues:

  • Desktop vs. mobile. Some enterprises might need to consider standardizing on one browser for desktop and possibly a different browser for mobile. 
  • IT political issues. Some of the browsers with major market share are deeply integrated with one vendor’s environments, such as Google Chrome and Microsoft Edge. Depending on how your environments are integrated with different platforms, this could be an issue. 
  • Compliance. Some of the browser makers are more aggressive at pushing privacy and other data boundaries, especially when generative AI is involved. Standardizing on one of those might lead to corporate compliance issues, especially if you have a substantial presence in Western Europe, Australia or Canada. 
  • Geography. Beyond the compliance issues, there are language and other regional support issues to consider, especially if you have a major presence in Asia. 

That brings us to problem two. Browsers were never designed to be even a little bit secure in the early days — and not much has changed today. That’s why IT needs to insist that something act as a secure layer between your environment and any browser — even your hand-chosen favorite browser. 

Because the needs of every enterprise are different, there’s no one-size-fits-all browser security solution. The browser security layer must play well with your existing systems and your particular compliance needs — colored by geography and verticals — are critical factors.

“The browser is the number one app that everyone is using. The browsers of today are much more powerful than the older versions,” said Dor Zvi, CEO of security firm Red Access. “They allow you to run Javascript, login and tokens and render HTML. The browser today is so powerful that it acts almost like an operating system.”

Zvi argues that there is a reason those browser capabilities are so dangerous. 

“A lot of the attacks today can now happen entirely within the browser. It is happening inside the frame of the browser, which means it is not on the network side and not on the endpoint side. The browser now holds the cookies and tokens for all of your applications,” he said. “Let’s say someone is trying to steal my Okta two-factor authentication. [The attacker] can run it by solely using the browser privileges and no one will ever know about it.”

Another problem with allowing any browser from around the world to access your systems involves browser extensions. In the same way Apple and Google can’t adequately police their apps to detect and remove malicious ones, browser teams can’t verify the legitimacy of extensions. A malicious browser often has unlimited access to everything the browser can do or see. That’s why standardizing on one browser is important; it allows IT to also rein in browser extensions.

It’s a lot to think about — but preferably not right before bed. 

For Microsoft, will Trump’s antitrust and environmental views help or harm?

I recently wrote about how President-elect Donald J. Trump’s actions on AI might affect Microsoft. This week, I’m focused on what his antitrust regulation and environmental plans — and the biggest wildcard of all, his personal vendettas — could do to the company. 

What Microsoft can expect from antitrust lawsuits

Trump believes that the less regulation on big business, the better. So you would expect him to put an end to antitrust suits against the tech industry. But that’s not necessarily the case.

There’s no doubt that Lina Khan, the head of the US Federal Trade Commission (FTC) who has aggressively pursued antitrust prosecutions against tech, will be let go after Trump’s election. And many of Trump’s advisers, notably venture capitalist Marc Andreessen, would like to see tech antitrust prosecutions to stop. 

However, some advisers close to Trump, including Vice President-elect JD Vance, want the administration to take on Big Tech — mainly because they want to stop Meta and other social media companies from policing against misinformation, white supremacism, public-health health deceptions and election lies.

Microsoft has largely been spared Khan’s prosecutions, even as the Biden administration has targeted Google, Apple, Meta, Amazon, and Apple. The one recent federal antitrust action against Microsoft by the FTC, for buying the gaming giant Activision, didn’t go well for the feds. A judge let the purchase go through, although the FTC has since appealed the case.

That might make you think that Microsoft is in the clear under Trump. But The Washington Post reports the FTC will be investigating Microsoft’s cloud business for anticompetitive practices. In addition, the FTC appeal of the Activision case still stands, so that case could be revived.

Trump could demand that whomever he appoints to head the FTC drop those actions. Odds are, he won’t, thanks to his main tech adviser, entrepreneur Elon Musk. His AI startup, xAI, competes directly with Microsoft, and is now valued at $50 billion after investments this spring from Andreesen and others. Musk also recently amended an antitrust suit he filed against OpenAI, adding Microsoft as a defendant

Don’t be surprised if the FTC under Trump not only follows through on Khan’s investigations of Microsoft, but also files an AI suit against the company, thanks to Musk’s influence.

Trump, Microsoft, and climate change

Trump believes climate change is a hoax. He’s vowed to tear up environmental regulations and attack green energy. His campaign slogan, “Drill, Baby, Drill,” and his close friendship with the oil industry make clear that he’ll do everything he can to increase reliance on fossil fuels and kill clean sources of electricity.  

He was also a booster of nuclear power during his first administration, though he wasn’t quite as enthusiastic about it on the campaign trail. Even so, the stock market price of nuclear-power-related companies jumped the day after his election, and most people expect him to be a nuclear backer.

What does this have to do with Microsoft? Plenty. Microsoft has vowed to make itself carbon-negative by 2030, and Trump’s attack on green energy will make it more difficult for the company to find clean energy sources.

Exacerbating Microsoft’s climate-change challenges is the fact that data centers that power AI require a tremendous amount of electricity. As I’ve noted before, Microsoft might be abandoning its promises to fight climate change because of that. And the company could also pour billions into reviving nuclear energy with a proposed deal to reopen Three Mile Island, the site of the worst nuclear power disaster in US history. 

Given Trump’s views about climate change and his support for AI, he’ll most likely do everything he can to give Microsoft and other AI companies all the electricity they want no matter the effect on the environment. And he’ll also likely let them go full speed ahead with nuclear power. In fact, Microsoft President Brad Smith recently said he expects Trump to cut environmental regulations to provide Microsoft with all the electricity it wants for its AI data centers

Gregory Allen, director of the Wadhwani AI Center at the Center for Strategic and International Studies — he worked on AI at issues the Department of Defense during the Trump and Biden presidencies — agrees. On a call hosted by The Information, he said Trump “can invoke emergency powers and waive a lot of environmental regulations to allow people to build new nuclear and other electrical generation capacity in order to power the big data centers that folks want for these advanced AI models.”

He added that he expects that to happen “pretty early in the Trump Administration.”

Trump’s vendettas and grievances

The president-elect is driven by vendettas and grievances more than he is by policy. And when it comes to tech, he has plenty of them.

In the 2020 election, Meta founder Mark Zuckerberg and his wife started a foundation “to ensure that everyone can vote and every vote can be counted.” Since then, Trump threatened to investigate him and send him to jail if re-elected, saying, “We are watching him closely, and if he does anything illegal this time, he will spend the rest of his life in prison.” 

Zuckerberg got the message, offering accolades, saying after last summer’s assassination attempt, “Seeing Donald Trump get up after getting shot in the face and pump his fist in the air with the American flag is one of the most badass things I’ve ever seen in my life…. On some level as an American, it’s like hard to not get kind of emotional about that spirit and that fight, and I think that that’s why a lot of people like the guy.”

Then there’s Amazon founder and Washington Post owner Jeff Bezos. When Trump was president, he frequently took aim at Amazon and Bezos because the Post published articles that angered Trump. He didn’t just criticize and threaten him; Trump also yanked a multi-billion-dollar cloud contract with the Defense Department from Amazon.

This time around, Bezos is doing Trump’s bidding. He canceled the Post’s planned endorsement of Vice President Kamala Harris even though the newspaper has endorsed candidates for president for decades. After Trump was elected, Bezos praised him, writing on X, “Big congratulations to our 45th and now 47th President on an extraordinary political comeback and decisive victory.”

Those are just two of tech titans who have praised Trump even though he had targeted them. Microsoft CEO Satya Nadella has so far managed to avoid getting on Trump’s bad side. He hasn’t gone out of his way to praise the president-elect, either, offering Trump only a pro forma congratulation after the election.

But with Musk as a Trump adviser, and what will likely be a big focus on AI in the new administration, it’s not clear whether Nadella will be able to stay out of Trump’s crosshairs. What’s also not clear is how Nadella will react if Trump threatens him — and how that might affect Microsoft’s financial future and its sense of itself as a moral company.

For Microsoft, will Trump’s antitrust and environmental views help or harm?

I recently wrote about how President-elect Donald J. Trump’s actions on AI might affect Microsoft. This week, I’m focused on what his antitrust regulation and environmental plans — and the biggest wildcard of all, his personal vendettas — could do to the company. 

What Microsoft can expect from antitrust lawsuits

Trump believes that the less regulation on big business, the better. So you would expect him to put an end to antitrust suits against the tech industry. But that’s not necessarily the case.

There’s no doubt that Lina Khan, the head of the US Federal Trade Commission (FTC) who has aggressively pursued antitrust prosecutions against tech, will be let go after Trump’s election. And many of Trump’s advisers, notably venture capitalist Marc Andreessen, would like to see tech antitrust prosecutions to stop. 

However, some advisers close to Trump, including Vice President-elect JD Vance, want the administration to take on Big Tech — mainly because they want to stop Meta and other social media companies from policing against misinformation, white supremacism, public-health health deceptions and election lies.

Microsoft has largely been spared Khan’s prosecutions, even as the Biden administration has targeted Google, Apple, Meta, Amazon, and Apple. The one recent federal antitrust action against Microsoft by the FTC, for buying the gaming giant Activision, didn’t go well for the feds. A judge let the purchase go through, although the FTC has since appealed the case.

That might make you think that Microsoft is in the clear under Trump. But The Washington Post reports the FTC will be investigating Microsoft’s cloud business for anticompetitive practices. In addition, the FTC appeal of the Activision case still stands, so that case could be revived.

Trump could demand that whomever he appoints to head the FTC drop those actions. Odds are, he won’t, thanks to his main tech adviser, entrepreneur Elon Musk. His AI startup, xAI, competes directly with Microsoft, and is now valued at $50 billion after investments this spring from Andreesen and others. Musk also recently amended an antitrust suit he filed against OpenAI, adding Microsoft as a defendant

Don’t be surprised if the FTC under Trump not only follows through on Khan’s investigations of Microsoft, but also files an AI suit against the company, thanks to Musk’s influence.

Trump, Microsoft, and climate change

Trump believes climate change is a hoax. He’s vowed to tear up environmental regulations and attack green energy. His campaign slogan, “Drill, Baby, Drill,” and his close friendship with the oil industry make clear that he’ll do everything he can to increase reliance on fossil fuels and kill clean sources of electricity.  

He was also a booster of nuclear power during his first administration, though he wasn’t quite as enthusiastic about it on the campaign trail. Even so, the stock market price of nuclear-power-related companies jumped the day after his election, and most people expect him to be a nuclear backer.

What does this have to do with Microsoft? Plenty. Microsoft has vowed to make itself carbon-negative by 2030, and Trump’s attack on green energy will make it more difficult for the company to find clean energy sources.

Exacerbating Microsoft’s climate-change challenges is the fact that data centers that power AI require a tremendous amount of electricity. As I’ve noted before, Microsoft might be abandoning its promises to fight climate change because of that. And the company could also pour billions into reviving nuclear energy with a proposed deal to reopen Three Mile Island, the site of the worst nuclear power disaster in US history. 

Given Trump’s views about climate change and his support for AI, he’ll most likely do everything he can to give Microsoft and other AI companies all the electricity they want no matter the effect on the environment. And he’ll also likely let them go full speed ahead with nuclear power. In fact, Microsoft President Brad Smith recently said he expects Trump to cut environmental regulations to provide Microsoft with all the electricity it wants for its AI data centers

Gregory Allen, director of the Wadhwani AI Center at the Center for Strategic and International Studies — he worked on AI at issues the Department of Defense during the Trump and Biden presidencies — agrees. On a call hosted by The Information, he said Trump “can invoke emergency powers and waive a lot of environmental regulations to allow people to build new nuclear and other electrical generation capacity in order to power the big data centers that folks want for these advanced AI models.”

He added that he expects that to happen “pretty early in the Trump Administration.”

Trump’s vendettas and grievances

The president-elect is driven by vendettas and grievances more than he is by policy. And when it comes to tech, he has plenty of them.

In the 2020 election, Meta founder Mark Zuckerberg and his wife started a foundation “to ensure that everyone can vote and every vote can be counted.” Since then, Trump threatened to investigate him and send him to jail if re-elected, saying, “We are watching him closely, and if he does anything illegal this time, he will spend the rest of his life in prison.” 

Zuckerberg got the message, offering accolades, saying after last summer’s assassination attempt, “Seeing Donald Trump get up after getting shot in the face and pump his fist in the air with the American flag is one of the most badass things I’ve ever seen in my life…. On some level as an American, it’s like hard to not get kind of emotional about that spirit and that fight, and I think that that’s why a lot of people like the guy.”

Then there’s Amazon founder and Washington Post owner Jeff Bezos. When Trump was president, he frequently took aim at Amazon and Bezos because the Post published articles that angered Trump. He didn’t just criticize and threaten him; Trump also yanked a multi-billion-dollar cloud contract with the Defense Department from Amazon.

This time around, Bezos is doing Trump’s bidding. He canceled the Post’s planned endorsement of Vice President Kamala Harris even though the newspaper has endorsed candidates for president for decades. After Trump was elected, Bezos praised him, writing on X, “Big congratulations to our 45th and now 47th President on an extraordinary political comeback and decisive victory.”

Those are just two of tech titans who have praised Trump even though he had targeted them. Microsoft CEO Satya Nadella has so far managed to avoid getting on Trump’s bad side. He hasn’t gone out of his way to praise the president-elect, either, offering Trump only a pro forma congratulation after the election.

But with Musk as a Trump adviser, and what will likely be a big focus on AI in the new administration, it’s not clear whether Nadella will be able to stay out of Trump’s crosshairs. What’s also not clear is how Nadella will react if Trump threatens him — and how that might affect Microsoft’s financial future and its sense of itself as a moral company.

The M4 Pro Mac mini is a ‘triumph’

The “robust computer that’s very, very tiny” — introduced by Apple CEO Steve Jobs almost 20 years ago — just got even tinier. And once again, if you’re thinking of switching from Windows, there’s little excuse not to climb aboard; the “most affordable Mac ever” is also among the fastest consumer AI desktops money can buy.

While the Mac mini in hand is considerably smaller, its cost increased just a little and computational performance improved exponentially. These impressive changes allow the it to be a gateway for switchers, a second computer for any mobile Mac user, and a highly capable desktop for everyone else.

It’s also a server, a computer to which you can offload big tasks and it’s quite capable of handling the kind of cutting-edge productivity software you might use on a MacBook Pro, though perhaps not as efficiently. 

In the interests of objectivity, I should say up from I love the new Mac mini. It’s a triumph, a culmination of everything the first Mac mini aimed to be, but much, much better. Introduced along with the also superb MacBook Pro, Apple’s Mac line-up proves that, with Apple Silicon inside, the company is a the top of its game.

What you can expect under the hood

All this capability comes because of the amazing M-series processor Apple has slotted inside and reflects the device’s extensive processor history that straddles the company’s PowerPC chips on its first release, the Intel years, and today’s super-efficient, low-power chips that put Apple ahead of the industry. There’s a lot to love, starting at $599 (though the M4 Pro with 14‑core CPU and 20‑core GPU, 48GB, and 1TB SSD model I tested costs a lot more, $2,199.) That price tag might dent the superlatives a little, but probably not fatally. 

For a company made famous by the quality of its design, the Mac mini you see today isn’t a major departure from the models of yesteryear, other than size. This third major redesign remains faithful to the breed — a compact all-in-one metal box designed to work with the mouse, keyboard and display you already own. Now just 2-in. high, the 5-in.-by-5-in. (100% carbon neutral aluminum) box remains, resolutely, a Mac mini.

Such is the classic simplicity of Apple design, if you’d been abducted by aliens two decades ago and taken to the peaceful planet Zog to hang out with and learn from an enlightened species, you’d still recognize this as a Mac mini when you returned. (Though you’d probably be disappointed at the state of enlightenment here on Terra Ferma.)

But alien adventures aside, because it aims to work with kit you already own, connectivity has always been important to the mini. The new model offers two USB-C ports, HDMI, Gigabit Ethernet, three Thunderbolt 5 ports, a headphone jack, Wi-Fi 6E, and Bluetooth 5.3 — though you no longer get USB-A, putting that standard even further back in history. You also don’t get an SD card slot, but you didn’t in the last model, either.  You can now drive up to three external displays, which is amazing, really, and I bet many of us take that for granted.

The power button (which you rarely, if ever, need to touch) is on the lower left corner of the 1.6-pound device; that positioning raised many critical cat calls when it was spotted, but if that’s all the critics have then Apple has got something right.

What it does

Apple says the Mac mini with M4 Pro is up to 20x faster than the fastest Intel-based Mac mini. The benchmark results I got back that assertion up, and more. I was a little open-jawed at the results I got and had to run tests multiple times they impressed me so very much.

Time for some benchmarks:

Geekbench 6.3

  • Single Core: 3,8715.
  • Multi Core: 22,314.
  • OpenCL: 69,013

The CPU results are incredibly impressive. If you check the Geekbench Mac charts, you will find they mean the Mac mini delivers at least as much punch as the currently available Mac Studio, or last year’s 16-in. M3 Max MacBook Pro. There is no performance compromise whatsoever in this machine.

Cinebench R23

  • 22,737 CPU multi core (a top three position, up there with Intel Xeon W and AMD Ryzen Threadripper 2992WX).
  • 2,137 CPU single core (leader of the pack).

Valley

FPS 101.3 

It is important to note that Valley isn’t optimized for Apple Silicon and relies on Apple’s Rosetta technology, so it’s not a fair comparative test. But it does illustrate just how performant these little Macs have become.

You’ll find additional benchmark tests at MacStadium, where new M4 Mac minis are already being put into service as servers in real-life, mission-critical environments. They note that the M4 Pro, “tears past all the previously available Mac mini models, and even puts some of the older Studio models to shame.” 

You’ll find a similarly fabulous statement from an impressed Jeff Geerling, who says: “The chip isn’t the fastest at everything, but it’s certainly the most efficient CPU I’ve ever tested. And that scales down to idle power, too — it hovers between 3-4W at idle — which is about the same as a Raspberry Pi.” 

It is worth noting that most of the time the power efficiency means it will barely feel warm to the touch, no matter how hard you push it. These results, and those of all the other M4-powered Macs, absolutely illustrate the extent to which the shift to Apple Silicon has turned the processor industry upside down, putting once last-place Apple in bidding distance for the throne.

Take it anywhere

The Mac mini is small. You can put it anywhere you need it — on a bookshelf, certainly under a reception desk, anywhere in an office, and in almost any situation where you might need a computer on warehouse or factory floors. The front-mounted USB-C ports and headphone jack make its usage flexible, too. While it is not and nor is it intended to be a portable device, it is worth noting that so long as you have a keyboard, mouse, and display wherever you intend to go, the Mac mini is a computer you can take with you.

What about Thunderbolt 5?

Apple celebrated the introduction of Thunderbolt 5 on these Macs when they were announced. All the same, for most users it means very little. Sure, if you use a compatible Thunderbolt 5 cable and a compatible device, you’ll get data transfer speeds of 120Gbps, but right now those who have those things skew toward being pro gamers and video professionals. That will change of course as Thunderbolt 5 proliferates and becomes cheaper, though it is nice to know that you can use this tiny Mac to power multiple 6K displays.

Thunderbolt 5 will also be important to those who choose to use the new macOS feature that lets them use larger Mac apps that are stored on external SSD drives.

Time to upgrade?

The new model stacks up proudly against Apple’s first M1-series Mac mini. You’ll see significant performance gains, and while the M1 Mac mini I’ve used as my daily drive ever since it was introduced has never let me down, I did experience a perceptible difference in performance.

Four years later, is it time to upgrade? I think it might be, and the fact I’ve had four trouble-free years with an M1 gives me a lot of confidence to expect more great years with an M4 model.

However, in contrast to the Intel Macs, the question of whether or whether not to upgrade shouldn’t be a question at all — of course, you should. The difference in performance was like night and day when the M1 models first appeared; with the M4 series, you’ll feel like you just swallowed a glass of iced water in hell, as someone once said.

Unlike the performance compromise Mac mini represented back in the day, with Apple Silicon you can look forward to pro performance at a price that’s more within reach. 

A dream realized

The thing about the price is important. It’s hard to ignore a computer that starts at $599 and can kick out this level of performance. As a desktop, it ticks most boxes:

  • Windows switchers will like that they might be able to continue using existing kit with the system, and they’ll like it even more once they realize these Macs are so powerful they’ll run Windows better in VM mode than some PCs. 
  • Pro users will quickly find these Macs are capable of pro level performance that matches or exceeds some of last year’s more expensive Mac models.
  • Enterprises can be confident that these machines can be deployed across a wide array of situations and handle their tasks really well.
  • And every Mac mini user will appreciate that there is enough processor “oomph” inside these devices that we will still be enjoying a great experience using them in three, four, five or more years’ time. As mentioned above, my M1 Mac mini has never missed its stride and is four years old.

With its new – and still unmistakably Apple Mac mini design — the new model looks good, is whisper quiet, runs almost every application you might want to run, and demands hardly any desk space. If you need an Apple desktop or need to put an Apple system together at as low a price as possible, then the great thing about these Macs is you won’t feel at all compromised – these things shift!

All in all, this is a triumph, an absolute accomplishment of the journey Apple set out on when the first ever Mac mini models appeared. I can’t recommend it enough. 

You can follow me on social media! Join me on BlueSky,  LinkedInMastodon, and MeWe

Can you read your manager’s emails via Copilot?

Microsoft has released a new collection of tools and a guide to fix security issues that have arisen around the way the company’s generative AI (genAI) Copilot assistant handles information. Namely, the tool’s indexing of an organization’s internal data can lead to the AI ​​assistant sharing sensitive information when it shouldn’t.

A Microsoft employee familiar with customer complaints tells Business Insider: “Now, when Joe Blow logs into an account and starts Copilot, they can see everything. All of a sudden, Joe Blow can see the CEO’s email.”

Business Insider reports that the behavior prompted several organizations to delay using Copilot for security reasons. “Many data governance challenges associated with AI were not caused by AI’s arrival,” a Microsoft spokesperson told the publication.

Instead, according to the spokesperson, AI tools like Copilot highlight how companies need to take proactive responsibility for how they manage internal documents and other information.

Windows Recall is now available to test in limited preview

After a series of delays, Microsoft’s Windows Recall feature is now available in a limited preview for Copilot+ PCs. 

Recall, which takes regular snapshots of a user’s screen to provide a searchable timeline of actions, drew criticism from security and privacy experts when it was unveiled earlier this year. 

On Friday, Microsoft announced a new Windows 11 build for Windows Insider’s Dev Channel that includes Recall and Click To Do, another Copilot+ feature in preview that provides an interactive overlay on a user’s screen. 

The number of Windows Insiders testing the features is likely to be small at this stage, as Windows 11 Insider Preview Build 26120.2415 (KB5046723) can only be accessed on Copilot+ PCs with a Qualcomm Snapdragon chip. Support for devices running AMD and Intel chips is “coming soon,” Microsoft said in a blog post

 The announcement marks the next step toward a full release for a feature that was labeled a “privacy nightmare” upon its announcement in May. 

A planned rollout in June was postponed in response, and Microsoft has attempted to address security and privacy concerns with several updates. This includes making the feature “opt-in,” requiring biometric authentication with Windows Hello prior to use, blocking detection of personal details such as credit card details and passwords, and the addition of a “virtualization-based security enclave” (VBS Enclave) to secure data on a user’s device.

Intel’s CHIPS Act grant reduced as production delays and losses mount

The US government has scaled back Intel’s preliminary CHIPS Act grant from $8.5 billion to under $8 billion, reflecting concerns over the company’s delayed investments and financial woes, The New York Times reported. The funding was part of the government’s effort to boost domestic semiconductor manufacturing amid growing global competition.

Intel, originally seen as the largest beneficiary of the CHIPS Act, has struggled to meet expectations following its biggest quarterly loss in its 56-year history. The cut coincides with a $3 billion military contract offered to Intel to produce chips for the Department of Defense, the report said citing sources who did not wish to be identified.

In March 2024, the Biden administration and Intel signed a preliminary memorandum of terms (PMT) for an $8.5 billion funding package. This support was part of Intel’s broader plan to invest over $100 billion in expanding its US manufacturing operations, including the construction of new chip facilities in Arizona, Ohio, Oregon, and New Mexico.

The agreement also included up to $11 billion in additional loans from the US government, aimed at strengthening Intel’s position as a key player in the evolving AI-driven semiconductor landscape.

The decision to reduce the grant underscores the challenges Intel faces as it attempts to reclaim technological leadership while fulfilling the US administration’s vision of revitalizing domestic chip manufacturing.

However, there is no clarity on the other terms and conditions of the reduced grant package.

Investment delays and strategic setbacks

The funding reduction comes as Intel pushes back the timeline for completing its Ohio chip manufacturing project from 2025 to the end of the decade. The delay, coupled with persistent challenges in matching the technological advancements of rivals like Taiwan Semiconductor Manufacturing Company (TSMC), has dampened confidence in the company’s ability to deliver on its commitments.

“The delay in Intel’s investment is especially concerning given the current surge in demand for chips, driven by the rise of AI,”  said Rachita Rao, senior analyst at Everest Group. “With AI transforming the industry, the existing IT infrastructure is becoming insufficient to handle its processing requirements.”

Intel’s difficulties come as the Biden administration seeks to reduce US reliance on Asian supply chains through the CHIPS Act, a $39 billion initiative aimed at boosting domestic chip production. In March, President Joe Biden highlighted Intel’s role in transforming the semiconductor industry during a high-profile visit to Arizona.

However, Intel’s setbacks now present significant hurdles to achieving that vision, the report noted.

Oversight and milestones

Commerce Department officials, tasked with ensuring accountability for CHIPS Act funding, have set stringent performance benchmarks, such as building plants, producing chips, and securing customer commitments for domestically made products.

Intel’s struggles to meet these goals reportedly complicated its negotiations for the final grant terms, according to the report.

Meanwhile, TSMC has secured a $6.6 billion grant under the program while committing over $65 billion of its own funds to US factory construction.

“Additionally, Intel is pursuing riskier strategies at a time when TSMC is focusing on a low-risk, high-production model that appears to be yielding strong results,” Rao noted. “Given Intel’s inability to effectively compete in the current market, the reduction in funding seems justified to some extent.”

This, certainly, is not a piece of good news for Intel which has been grappling with significant financial challenges at the moment. The company reported an 85% year-on-year decline in profits and announced plans to cut 15,000 jobs recently. Additionally, the financial downturn has prompted Intel to suspend dividend payments.

The path ahead for US chip manufacturing

The Biden administration viewed the funding as a strategic initiative to lessen reliance on foreign semiconductor supply chains. The US has highlighted the program’s success in driving factory construction, pointing out that the country will soon host facilities from all five of the world’s leading chipmakers.

“Intel is struggling to keep pace with its competitors, particularly TSMC, which dominates the market with its competitive pricing and significant market share,” Rao said.

Intel’s success is vital not just for the company, but for the broader US semiconductor ecosystem. As AI is poised to drive future demand for advanced chips, Intel’s manufacturing capabilities and technological innovations will be crucial in ensuring the US remains competitive in the global market.

However, the reduction in Intel’s grant underscores the challenges of balancing federal investments with corporate accountability. A query to Intel remains unanswered.

Intel’s CHIPS Act grant reduced as production delays and losses mount

The US government has scaled back Intel’s preliminary CHIPS Act grant from $8.5 billion to under $8 billion, reflecting concerns over the company’s delayed investments and financial woes, The New York Times reported. The funding was part of the government’s effort to boost domestic semiconductor manufacturing amid growing global competition.

Intel, originally seen as the largest beneficiary of the CHIPS Act, has struggled to meet expectations following its biggest quarterly loss in its 56-year history. The cut coincides with a $3 billion military contract offered to Intel to produce chips for the Department of Defense, the report said citing sources who did not wish to be identified.

In March 2024, the Biden administration and Intel signed a preliminary memorandum of terms (PMT) for an $8.5 billion funding package. This support was part of Intel’s broader plan to invest over $100 billion in expanding its US manufacturing operations, including the construction of new chip facilities in Arizona, Ohio, Oregon, and New Mexico.

The agreement also included up to $11 billion in additional loans from the US government, aimed at strengthening Intel’s position as a key player in the evolving AI-driven semiconductor landscape.

The decision to reduce the grant underscores the challenges Intel faces as it attempts to reclaim technological leadership while fulfilling the US administration’s vision of revitalizing domestic chip manufacturing.

However, there is no clarity on the other terms and conditions of the reduced grant package.

Investment delays and strategic setbacks

The funding reduction comes as Intel pushes back the timeline for completing its Ohio chip manufacturing project from 2025 to the end of the decade. The delay, coupled with persistent challenges in matching the technological advancements of rivals like Taiwan Semiconductor Manufacturing Company (TSMC), has dampened confidence in the company’s ability to deliver on its commitments.

“The delay in Intel’s investment is especially concerning given the current surge in demand for chips, driven by the rise of AI,”  said Rachita Rao, senior analyst at Everest Group. “With AI transforming the industry, the existing IT infrastructure is becoming insufficient to handle its processing requirements.”

Intel’s difficulties come as the Biden administration seeks to reduce US reliance on Asian supply chains through the CHIPS Act, a $39 billion initiative aimed at boosting domestic chip production. In March, President Joe Biden highlighted Intel’s role in transforming the semiconductor industry during a high-profile visit to Arizona.

However, Intel’s setbacks now present significant hurdles to achieving that vision, the report noted.

Oversight and milestones

Commerce Department officials, tasked with ensuring accountability for CHIPS Act funding, have set stringent performance benchmarks, such as building plants, producing chips, and securing customer commitments for domestically made products.

Intel’s struggles to meet these goals reportedly complicated its negotiations for the final grant terms, according to the report.

Meanwhile, TSMC has secured a $6.6 billion grant under the program while committing over $65 billion of its own funds to US factory construction.

“Additionally, Intel is pursuing riskier strategies at a time when TSMC is focusing on a low-risk, high-production model that appears to be yielding strong results,” Rao noted. “Given Intel’s inability to effectively compete in the current market, the reduction in funding seems justified to some extent.”

This, certainly, is not a piece of good news for Intel which has been grappling with significant financial challenges at the moment. The company reported an 85% year-on-year decline in profits and announced plans to cut 15,000 jobs recently. Additionally, the financial downturn has prompted Intel to suspend dividend payments.

The path ahead for US chip manufacturing

The Biden administration viewed the funding as a strategic initiative to lessen reliance on foreign semiconductor supply chains. The US has highlighted the program’s success in driving factory construction, pointing out that the country will soon host facilities from all five of the world’s leading chipmakers.

“Intel is struggling to keep pace with its competitors, particularly TSMC, which dominates the market with its competitive pricing and significant market share,” Rao said.

Intel’s success is vital not just for the company, but for the broader US semiconductor ecosystem. As AI is poised to drive future demand for advanced chips, Intel’s manufacturing capabilities and technological innovations will be crucial in ensuring the US remains competitive in the global market.

However, the reduction in Intel’s grant underscores the challenges of balancing federal investments with corporate accountability. A query to Intel remains unanswered.