MonitorControl - for Apple Silicon and Intel

Controls your external display brightness and volume and shows native OSD. Use menulet sliders or the keyboard, including native Apple keys!

Download

Go to Releases and download the latest .dmg

Major features

Control your display's brightness, volume and contrast!
Shows native OSD for brightness and volume.
Supports multiple protocols to adjust brightness: DDC for external displays (brightness, contrast, volume), native Apple protocol for Apple and built-in displays, Gamma table control for software adjustment (recommended for OLED), shade control for AirPlay, Sidecar and Display Link devices.
Supports smooth brightness transitions.
Seamlessly combined hardware and software dimming extends dimming beyond the minimum brightness available on your display.
Synchronize brightness from built-in and Apple screens - replicate Ambient light sensor and touch bar induced changes to a non-Apple external display!
Sync up all your displays using a single slider or keyboard shortcuts.
Allows dimming to full black (advanced feature).
Support for custom keyboard shortcuts as well as standard brightness and media keys on Apple keyboards.
Dozens of customization options to tweak the inner workings of the app to suit your hardware and needs (don't forget to enable Show advanced settings in app Preferences).
Modern, stylish and highly customizable menulet reflecting the design of Control Center introduced in Big Sur.
Simple, unobstrusive UI to blend in to the general aesthetics of macOS (even the menu icon can be hidden).
Supports automatic updates for a hassle-free experience.
The best app of its kind, completely FREE (donations welcome) with the source code transparently available!

How to install and use the app

Download the app
Copy the MonitorControl app file from the .DMG to your Applications folder
Click on the MonitorControl app file
Add the app to Accessibility under System Preferences » Security & Privacy » Privacy as prompted (this is required only if you wish to use the native Apple keyboard brightness and media keys - if this is not the case, you can safely skip this step).
Use your keyboard or the sliders in the app menu (a brightness symbol in the macOS menubar as shown on the screenshot above) to control your displays.
Open Preferences... for customization options (enable Show advanced settings for even more options).
You can set up custom keyboard shortcuts under the Keyboard in Preferences (the app uses Apple media keys by default).
If you have any questions, go to Discussions!

Screenshots (Preferences)

Screenshot

macOS compatibility

MonitorControl version	macOS version
v4.0.0	Catalina 10.15*
v3.1.1	Mojave 10.14
v2.1.0	Sierra 10.12

* With some limitations - full functionality available on macOS 11 Big Sur or newer.

Supported displays

Most modern LCD displays from all major manufacturers supported implemented DDC/CI protocol via DisplayPort, HDMI, USB-C or VGA to allow for hardware backlight control.
Apple (and LG-Apple) displays and built-in displays are supported using native protocol.
LCD and LED Televisions usually do not implement DDC, these are supported using software alternatives to dim the image (some higher-end sets are able to translate this into hardware backlight dimming).
OLED or mini/micro-LED displays and televisions are fully supported using gamma table manipulation (this is a no-compromise solution for this class of displays).
DisplayLink, Airplay and Sidecar are supported using shade (dark overlay) control.
The app is compatible with BetterDummy mirrored sets.

Notable exceptions for hardware control compatibility:

Some displays (notably EIZO) use MCCS over USB or an entirely custom protocol for control. These displays are supported with software dimming only.
The HDMI port of the 2018 Intel Mac mini and 2020 M1 Mac mini prohibit DDC communication. Software control is still available. We recommend connecting the display via the USB-C port (USB-C to HDMI dongles usually work).
DisplayLink docks and dongles do not allow for DDC control on Macs, only software dimming is available for these connections.

Note to f.lux users - please activate Avoid gamma table manipulation under Preferences » Displays! This step is not needed if you use Night Shift.

How to help

You can greatly help out by financing the project with your donation or by being a Sponsor!
Open issues if you have a question, an enhancement to suggest or a bug you've found.
If you want, you can fork the code yourself and submit a pull request to improve the app (Note: accepting a PR is solely in the collective hands of the maintainers).

Localizations

MonitorControl supports localization. We gladly welcome your contribution with a new language! See the opening post of the relevant discussion on how to add your translation!

How to build

Required

Xcode
Swiftlint
SwiftFormat
BartyCrouch (for updating localizations)

Build steps

Clone the project via this Terminal command:

git clone https://github.com/MonitorControl/MonitorControl.git

If you want to clone one of the branches, add --single-branch --branch [branchname] after the clone option.
You're all set! Now open the MonitorControl.xcodeproj with Xcode! The dependencies will automatically get downloaded once you open the project. If they don't: File > Packages > Resolve Package Versions

Third party dependencies

Maintainers

Thanks

@mathew-kurian (original developer)
@Tyilo (fork)
@Bensge - (used some code from his project NativeDisplayBrightness)
@nhurden (for the original MediaKeyTap)
@kfix (for ddcctl)
@reitermarkus (for Intel DDC support)
@alin23 (generally spearheaded M1 DDC support and figured out a many of the caveats)
javierocasio (app icon background)

Download Details:

Author: MonitorControl
Source Code: https://github.com/MonitorControl/MonitorControl
License: MIT license

#swift #macos #keyboard #apple

How can I get a human at Apple to report problem?

**How Do I Report a Problem to Apple Customer Service?
**

There are times when you may find some issue with your Apple product however you rarely see an issue. You can report a problem if you want to. All you need is to perform a few simple steps and here are the steps that you should perform. Go through them.

**How can I get human at Apple?
**

• First and foremost, you need to go to reportaproblem.apple.com.
• Next, you have to sign in to your Apple account by entering your Apple ID and Password.
• In case you see a Report or Report a Problem option next to the item in which you see a problem, click it.
• After that, you need to follow the onscreen instructions and select a reason why you want to report a problem.
• Lastly, you need to submit your request.

**How do you get through to Apple Support?
**

With this, you can report online for your Apple product. In case you want to contact Apple customer service to report a problem, you can do that in the given ways.

Over a Phone Call - Dial the customer service phone number to get help for any problem that you see with your Apple account. Also, you can report the problem on a single phone call.
You can speak to a human at Apple technical support: (800) APL–CARE (800–275–2273)
Through Live Chat - By requesting a live chat, you will be in touch with a representative who will assist you thoroughly to report a problem that you see with your Apple account.
Via Email - The most common way to report a problem on Apple is email. You can compose an email explaining the issue that you see with the service and report it. Once your email is received, the tech support team acknowledges the issue and provides you all information within the least possible time.

By choosing any of the desired ways to report a problem, you can complain about the issue to the tech support team (Apple customer service). Also, you will no longer wonder how to get a human at Apple support. The above information will help you in all manners and let you experience the hassle-free service of Apple. So, dial the number or send an email, but get help from the experts.

#how can i get a human at apple #how do i reach a human at apple? #how do i call apple support? #contact apple support #call apple support #apple's online support

Hollie Ratke

1597554000

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules

Intel is warning of a rare critical-severity vulnerability affecting several of its motherboards, server systems and compute modules. The flaw could allow an unauthenticated, remote attacker to achieve escalated privileges.

The recently patched flaw (CVE-2020-8708) ranks 9.6 out of 10 on the CVSS scale, making it critical. Dmytro Oleksiuk, who discovered the flaw, told Threatpost that it exists in the firmware of Emulex Pilot 3. This baseboard-management controller is a service processor that monitors the physical state of a computer, network server or other hardware devices via specialized sensors.

Click to register!

Emulex Pilot 3 is used by various motherboards, which aggregate all the server components into one system. Also impacted are various server operating systems, and some Intel compute modules, which are electronic circuits, packaged onto a circuit board, that provide various functions.

The critical flaw stems from improper-authentication mechanisms in these Intel products before version 1.59.

In bypassing authentication, an attacker would be able to access to the KVM console of the server. The KVM console can access the system consoles of network devices to monitor and control their functionality. The KVM console is like a remote desktop implemented in the baseboard management controller – it provides an access point to the display, keyboard and mouse of the remote server, Oleksiuk told Threatpost.

The flaw is dangerous as it’s remotely exploitable, and attackers don’t need to be authenticated to exploit it – though they need to be located in the same network segment as the vulnerable server, Oleksiuk told Threatpost.

“The exploit is quite simple and very reliable because it’s a design flaw,” Oleksiuk told Threatpost.

Beyond this critical flaw, Intel also fixed bugs tied to 22 critical-, high-, medium- and low-severity CVEs affecting its server board, systems and compute modules. Other high-severity flaws include a heap-based overflow (CVE-2020-8730) that’s exploitable as an authenticated user; incorrect execution-assigned permissions in the file system (CVE-2020-8731); and a buffer overflow in daemon (CVE-2020-8707) — all three of which enable escalated privileges.

Click to enlarge.

Oleksiuk was credited with reporting CVE-2020-8708, as well as CVE-2020-8706, CVE-2020-8707. All other CVEs were found internally by Intel.

Affected server systems include: The R1000WT and R2000WT families, R1000SP, LSVRP and LR1304SP families and R1000WF and R2000WF families.

Impacted motherboards include: The S2600WT family, S2600CW family, S2600KP family, S2600TP family, S1200SP family, S2600WF family, S2600ST family and S2600BP family.

Finally, impacted compute modules include: The HNS2600KP family, HNS2600TP family and HNS2600BP family. More information regarding patches is available in Intel’s security advisory.

Intel also issued an array of other security advisories addressing high-severity flaws across its product lines, including ones that affect Intel Graphics Drivers, Intel’s RAID web console 3 for Windows, Intel Server Board M10JNP2SB and Intel NUCs.

#vulnerabilities #compute module #critical flaw #cve-2020-8708 #intel #intel critical flaw #intel flaw #intel motherboard #intel server board #patch #privilege escalation #security vulnerability #server system

Seamus Quitzon

1593152820

Apple Pays $100K Bounty for Critical 'Sign in With Apple' Flaw

Apple has fixed a critical flaw in its Sign in with Apple feature, which could have been abused by attackers to takeover victims’ third-party applications.

A researcher recently found a critical Apple vulnerability that, if exploited, could enable remote attackers to abuse the “Sign in with Apple” feature to take over victims’ third-party application accounts. The security researcher, Bhavuk Jain, reported the flaw to Apple via its bug bounty program, and was awarded $100,000 for the find.

The flaw stemmed from the “Sign in with Apple” feature, which was introduced by Apple at its Worldwide Developers Conference last year. Sign in with Apple aimed to make it easy and secure for Apple users to sign into third-party apps and websites. It did this by implementing an Apple-backed authentication system to replace social logins on third-party services.

“In the month of April, I found a zero-day in Sign in with Apple that affected third-party applications which were using it and didn’t implement their own additional security measures,” said Jain, in his disclosure of the bug on Sunday. “This bug could have resulted in a full account takeover of user accounts on that third party application irrespective of a victim having a valid Apple ID or not.”

Apple has since fixed the flaw. Threatpost has reached out to Apple for further comment.

One of the highlights of Sign in with Apple is that users could sign up with third-party services without needing to disclose their Apple ID email address to these services. This worked because Sign in with Apple would first validate users on the client side, and then initiate a JSON Web Token (JWT) request from Apple’s authentication services. This JWT would then be used by the third-party app to confirm the user’s identity.

The issue was that after Apple validated the user on the client side via their Apple ID email address, it did not verify that the JWT request was from that actual user account. An attacker could abuse this flaw by providing an Apple ID email that belongs to the victim and tricking Apple servers into generating a valid JWT payload. Once an attacker does this, he can then sign into a third-party app using the victim’s identity.

“I found I could request JWTs for any Email ID from Apple and when the signature of these tokens was verified using Apple’s public key, they showed as valid,” he said. “This means an attacker could forge a JWT by linking any Email ID to it and gaining access to the victim’s account.”

According to The Hacker News, the flaw could be exploited even if users had decided to hide their email IDs from third-party services. It could also be exploited to sign up new accounts with victims’ Apple IDs.

There are two hoops that attackers would need to jump through to make this exploit work. First, they would need an email ID for an Apple user – though that could be any Apple user’s email ID. Second, they would need to log into a third-party app via Sign in with Apple that didn’t require any further security measures.

Jain said the impact of this vulnerability is “quite critical” as it could allow full account takeover. Many developers have integrated Sign in with Apple into their services, including Dropbox, Spotify, Airbnb, and Giphy.

“These applications were not tested but could have been vulnerable to a full account takeover if there weren’t any other security measures in place while verifying a user,” Jain said.

Jain said that Apple conducted an investigation of their logs and determined there was no misuse or account compromise due to this vulnerability. The researcher found the flaw in April and reported it via Apple’s bug bounty program which earned him $100,000. Threatpost has reached out to Jain for further details on the timeline of discovering and reporting the flaw.

#mobile security #vulnerabilities #web security #app takeover #apple #apple bug bounty #apple flaw #bug bounty #critical flaw #security vulnerability #sign in with apple #third party app

Hertha Mayer

1597850760

A software engineer explains why Apple is moving to its own silicon

Apple’s Worldwide Developer Conference, which kicked off at the end of June, brought a slew of software changes to all of its devices. We finally got to see widgets on the home screen of iPads and iPhones, and macOS has received its biggest visual update since macOS Yosemite. But, the biggest announcement was saved for the end of the Keynote, where CEO Tim Cook announced over the next two years, their Mac lineup would transition away from Intel to their own Apple Silicon.

Let’s break down what this means.

Here’s me explaining why Apple has taken this move to move to their own silicon

As a software engineer who has done a 4 year computer science degree, I thought I’d try to explain exactly what this change means, and why I think Apple has decided to go down this path.

Let me begin by explaining what happens when software is built. Every app on your phone, website built or program on your PC is backed by code. The code describes exactly how everything on screen is displayed, and what happens when you click a button or tap an image. Even when you use a tool like Wix or Squarespace to create your website, even though you don’t need to write any code, in the background they are generating code for you, as this is what web browsers need to display the website.

Image for post

An example of some code used to generate an app

And, each of these programs, websites or apps needs to be understood by the hardware in your computer. The CPU or processor, the graphics card and the memory all need to be told what to do in order to display and run the app you have just downloaded. But, this hardware doesn’t directly understand the code that a software developer has written. In fact, the code that the developer is writing is often very far removed from how the processor in your computer or phone runs the program.

Image for post

Computer hardware — Photo by Thomas Jensen on Unsplash

The best way to explain this is through a metaphor. Imagine you need to get 5 basic robots to bake you a cake. The robots only know a few basic words — move their arms up or down, clasp their hands, and release their hands. Basically, they have the motor skills to bake a cake, but they have no idea how to open a packet of chocolate chips, or that eggs need to be combined with flour.

So, what you could do is spend a lot of time meticulously telling them every step along the way:

Grasp the packet of chocolate chips
Lift your arms up
Keep one arm still
Move the other arm in the opposite direction etc.

But, this process is tedious, and if you had to write it down and give it to the robots before they started baking the cake, and you couldn’t modify it while they were baking it, you’d probably find they’d make a lot of mistakes because you’ve missed some steps.

And, this is the same with programming or coding a program. The processor is the robots, and the processor only understands very basic commands — although it can do a lot of them at once. So, if you wanted to write a simple program to multiply two numbers together, you’d need to specify a large number of steps to get it to multiply the numbers, like pull the first number out of memory, pull the second number out of memory, multiply the numbers, and then put the product back into memory. This is tedious, and it’s easy for a software developer to make mistakes.

So, some smart person invented the idea of compiled programming languages. The idea being, you can write some code, and a program compiles, or converts the code into much simpler commands that the processor can understand.

#apple #hardware #apple-silicon #mac #ios

Rupert Beatty

1665737475