Computer scientists say they found a way to sneak malicious programs into Apple’s exclusive app store without being detected by the mandatory review process that’s supposed to automatically flag such apps.

The researchers from the Georgia Institute of Technology used the technique to create what appeared to be a harmless app that Apple reviewers accepted into the iOS app store. They were later able to update the app to carry out a variety of malicious actions without triggering any security alarms. The app, which the researchers titled “Jekyll,” worked by taking the binary code that had already been digitally signed by Apple and rearranging it in a way that gave it new and malicious behaviors.

My two cents: As a developer, I am not alarmed by this, as much as surprised no one figured out a way to do this earlier. This is why Apple’s App Store model works. There’s a choke-point for this type of mechanism. It’ll be interesting to see Apple’s response.

The Good Eggs “farm-to-fridge” business model turns the supermarket model on its head. Instead of having one or several physical locations stocked with a standard, unchanging inventory, the Good Eggs storefront is online, and calls on local farms to deliver only what customers have ordered that day. Good Eggs essentially stocks and empties a grocery store every day, and because its inventory is based entirely on what each customer is ordering, it’s a different grocery store every day, too. The company has created an efficient new food system that’s elegant in its simplicity.

Due to their perishable cargo, grocery stores are notoriously difficult to migrate to an online model. The first attempt, Webvan, founded in the late 1990s, was considered one of the largest dot-com flops in history. Much has changed since then, including a stronger push for locally sourced goods. Interesting article. Will be interesting to see if Good Eggs and the like can overcome the inherent problems with shipping perishable goods in a cost-effective manner.

Jason Snell:

In its first major hardware upgrade in three years, TiVo introduced its fifth-generation hardware DVR series on Tuesday. On sale now with the odd nickname of “Roamio,” the new boxes promise a faster user interface and built-in streaming to iOS devices. At first glance, this new generation of TiVo looks like a big step up for cable TV subscribers who want to ditch their generic cable DVR.

I just bought this. It’ll make for a nice read on my upcoming flights.

The Canadian military has been secretly test-driving a $620,000 stealth snowmobile in its quest to quietly whisk troops on clandestine operations in the Arctic.

Clearly the stealth sled dog experiment didn’t work out.

After the massive success of the Mastering EZmix pack and by popular demand, here is a second collection of settings completely devoted to mastering. Just like the first volume, Mastering II EZmix Pack was designed by Mats “Limpan” Lindfors, senior engineer at the leading mastering studio in Scandinavia, Cutting Room.

Toontrack really does a nice job with these EZmix packs.

Looking at the pictures of the guitar and bass brings a tear to your eye.

Elmore passed away this morning at 7:15 AM at home surrounded by his loving family. More to follow.

Very sad news. Leonard, 87, had a writing career that spanned almost six decades. His area of speciality was crime fiction, though he got his start in westerns. He was also a popular subject of movie adaptations, with films like Get Shorty, Jackie Brown and 3:10 to Yuma. Leonard’s stories also became the basis for the FX television series Justified.

The U.S. Patent and Trademark Office on Tuesday published an Apple patent for a method of generating and manipulating a three-dimensional object on a computing device, with the process controlled by special gestures made above a touchscreen’s surface.

With the maturation of 3D printing and the emergence of technologies such as the Leap Motion Controller, this is a logical direction for Apple.

The document refers to a device that can detect the location of fingers with a combination of capacitive touch sensors and proximity sensors embedded in the display. These two components can be separate, or the capacitive sensors themselves can act as proximity sensors by measuring the capacitance of a nearby finger.

Proximity sensors mean that the gestures do not necessarily require touch, meaning you might rotate an object by rotating your hand. Tremendous possibilities.

There’s a trend emerging that I find very interesting. It started with people posting complicated guitar pieces, slowing things down a bit so you really get a handle on the complexity. For example, here’s a link to Frank Zappa’s Rat Tomago, slowed by 20%.

Today, I came across this post, slowing down the Dolly Parton song, Jolene, by 17%. I love the new guitar sound, but I was really taken by the change in vocal. What else you got for me internet?

Om Malik has been digging around for details on Samsung’s rumored smartwatch and believes he has some particulars on the device.

The retail giant’s main U.S. site went offline at approximately 3 p.m. ET on Monday. The cause of the outage remains unclear, but Amazon Web Services (AWS), including EC2, remained up and working on the most part unaffected, according to its status page.

However, after we first published this post, at 3:14 p.m. ET, the AWS Management Console was experiencing elevated error rates across all regions of the world, including North America and Europe. There was also a flagged issue with a North Virginia data center that was quickly resolved.

Affected sites were restored about 25 minutes later, as was the AWS Management Console, though it was still experiencing “elevated error rates” during its recovery. Amazon said it experienced “an increased error rate for CreateTags and DeleteTags APIs in the US-EAST-1 region.”

The cause of the outage is not clear. Interesting that Amazon-owned Audible.com was down as well.

F-Sim Space Shuttle is a fun and highly realistic flight simulator for iOS. Your goal is to land one of the most amazing aircrafts ever built: the Space Shuttle Orbiter. Flight dynamics and the head-up display are simulated in great detail and accuracy. During descent the orbiter is an extremely heavy, unpowered glider, so there’s only one chance to get it right. Air speeds two times faster and glide slopes seven times steeper than a typical airliner approach make for a unique challenge.

Landing a space shuttle is not easy, but there are several landing aids and tutorials that will help you make your first safe landing. Every landing is rated, and more experienced pilots can try a perfect landing or add more challenges (night approaches, crosswind landings, system failures, and much more). A landing analysis screen shows how you performed and how you can improve future landings. You’ll also get a score that can be uploaded to Game Center. You can watch breathtaking replays of your flight from different camera angles and even record your replays to the camera roll in full HD.

One of the least-known Monty Python rarities is “The Great Birds Eye Peas Relaunch of 1971,” a short advertising film that was made for the Birds Eye company’s internal use and then apparently locked away from the public eye (and probably the Python’s, too) until it magically appeared on YouTube.

So great to see something from the Pythons that I’ve never seen before.

Federico often posts some of the most comprehensive app reviews on the Internet, but he really outdid himself this time—he basically wrote a book on this new app. I’m not joking. Much respect Viticci.

He plays The Police, Slayer, Pantera and a little bit of everything else. Very impressive acoustic playing.

There are some great old fonts here.

In an odd turn of events, Windows 8 has been banned from HWBot, one of the world’s top benchmarking and overclocking communities. All existing benchmarks recorded by Windows 8 have been disqualified. This is due to a fault in Windows 8′s real-time clock (RTC), which all benchmarking tools use as a baseline.

This seems fixable, but to have your flagship OS banned from one of the top benchmarking sites is a remarkable turn of events.

They forgot better looking too.

For all of you guitar fans who love history, here’s a look at Jimmy Page’s rhythm guitar parts from Led Zeppelin’s classic hit “Whole Lotta Love.” The song might’ve ripped off Willie Dixon, but it exposed millions of kids to maybe the world’s most basic blues riff.

Jimmy Page is one of my favorite guitar players.

This is a really interesting article by Steve Cheney.

Sadly, this is happening all over the world these days.

They did such a great job resurrecting this guitar. I love that they left a lot of the fire damage there and gave the guitar its own serial number and name.

Fans of the fledgling cryptocurrency known as Bitcoin got quite a shock in recent days as some clever thieves worked out yet another method to swipe virtual cash from unsuspecting users. The source of the theft was traced to a bug in Android, and now Google has acknowledged the flaw exists.

Another day, another Android flaw.

Fascinating story.

Gates has been prolific in filing patent applications over the past few years, mostly through a partnership with friends at Intellectual Ventures (IV). That’s one of the world’s largest patent holding companies, typically described as a patent troll because of its practice of acquiring patents and using them to file lawsuits (notably against Motorola), despite not using the patents to make technology of its own.

It would be funny if the company sued Gates.

I’d like to thank Storm Sim for sponsoring this week’s RSS feed on The Loop. Storm Sim is the audio experience of a thunderstorm in your pocket. The app is more than a pre-recorded loop; it dynamically generates storms in real-time so it’s always unique and it never repeats.

It supports nearly infinite customization. Add more lightning, dial back the rain, or include a splash of freight train; get that perfect night’s sleep or just relax after a busy day.

Includes sleep and wake timers, AirPlay, LED Clock, add-on packs, and more. It’s a Universal app for iPhone and iPad that supports iOS 5 or higher.

Jim’s note: I showed this app to my wife and not only did she like it, she said she wished she had when the kids were smaller.