Slashdot Mirror

Dude "Built-in 27.3-watt-hour rechargeable lithium-polymer battery" http://www.apple.com/au/ipad-a..., the only way they will last five years is if you do not use them, the more you use them the quicker they will die. "Apple warrants the included hardware product and accessories against defects in materials and workmanship for one year from the date of original retail purchase. Apple does not warrant against normal wear and tear, nor damage caused by accident or abuse", this from their warranty page. So yeah your battery failing in months due to use, not even covered. So where are you getting five years from, with a built in battery guaranteed 100% to fail, the more you use it the quicker it will fail. Same goes for all the other purposefully designed to fail tablets, absofuckinglutely nothing to do with appearance and everything to do with designed obsolescence and letting psychopaths manage anything.

Apple doesn't want its iPads to be laptops

http://www.apple.com/shop/prod...

From TFA:
"With this new type of terror risk, authorities may begin relying more heavily on citizens reporting suspicious behavior of others."

And now you can report on your neighbor from your iPhone and Android phone!
https://itunes.apple.com/us/ap...
https://itunes.apple.com/us/ap...

It was said back in the 80's that the United States would become more like the Soviet Union and the Soviet Union would become more like the United States. Well that is coming to pass. Just do a web search on "United States to become more like Soviet Union".

From TFA:
"First, there was CIA director John Brennan, last seen deceiving the public about the CIA spying on Senate staffers, lamenting that privacy laws were to blame."

"Then thereâ(TM)s the question of why journalists always frame the encryption debate as a perilous balance between privacy and security. "

Franklin said it best!
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
- Benjamin Franklin

From TFA:
"With this new type of terror risk, authorities may begin relying more heavily on citizens reporting suspicious behavior of others."

And now you can report on your neighbor from your iPhone and Android phone!
https://itunes.apple.com/us/ap...
https://itunes.apple.com/us/ap...

It was said back in the 80's that the United States would become more like the Soviet Union and the Soviet Union would become more like the United States. Well that is coming to pass. Just do a web search on "United States to become more like Soviet Union".

From TFA:
"First, there was CIA director John Brennan, last seen deceiving the public about the CIA spying on Senate staffers, lamenting that privacy laws were to blame."

"Then thereâ(TM)s the question of why journalists always frame the encryption debate as a perilous balance between privacy and security. "

Franklin said it best!
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
- Benjamin Franklin

Programming as a hobby, is best done on an i or android device, so that the app can be made av available and even make some money.

Agreed for Android. I never said Android was locked down, only iOS. As of today, the peripherals to make an iOS device programmable cost $549: $499 for the Xcode license (which includes a free computer) and about $50 for a USB keyboard, USB mouse, and cable to your existing HDMI monitor. Parents and especially school districts are unlikely to be willing to spend that kind of money on a whim.

If I wanted to set up a kid for programming (mine are too young), I'd get them an old laptop to play with.

That could be fine for home, as I've seen off-lease Lenovo ThinkPad X61 computers on eBay in the neighborhood of $100 shipped. I bought one whose included copy of Windows failed to activate because it couldn't reach the volume license server, but it worked fine after I wiped it and installed Debian 8. But at the larger scale of a school district, it depends on how long its purchasing department can ensure a supply of suitable used laptops.

Or so you would like to think. Ever look at Little Snitch logs? Unless you spend a lot of time turning things off, OS X sure sends a lot of info back home to the Mothership.

I think I said that you had to turn off some stuff that was on by default. And if you consider 10 minutes or so "a lot of time", I think you are exaggerating about the time it takes to turn off that data collection in OS X.

But at least Apple makes it easy to do that, and, unlike certain other OSes, doesn't hide the fact that they collect certain info, what is collected, whether it is anonymized, how long it is kept, what it is used for, who they share it with, what they do when the Gummint comes knocking, and how to turn it off.

Google has an iOS app specifically for Gmail.

It was a security disaster because it was only ever intended to be an artist's tool and little thought went into making it secure.

And also because it crashed a lot.

the fact is, Steve Jobs killed flash. People freaked out when the first iPhone didn't support flash, then freaked out further when SJ explained why. it's only been downhill since then.

Grrr

Clickable link for the lazy

Executive summary: It's a regular connector, with one side flattened so that it's slightly thinner. Means you have to insert the plug the right way around, which is a terrible idea. My vote: They won't do it. But then, I thought they wouldn't get rid of the magsafe connectors, and they have. In their defence, magsafe connectors are rather prone to dirt on the contacts preventing them from working

Since when have they gotten rid of Magsafe connectors (except on the low-end MacBook). The most recent refresh of the MacBook Pro which just happened about a month ago, sports a Magsafe 2 Connector.

This looks like $75 to me: http://www.apple.com/au/shop/p...

Albeit Australian dollars...

Developers making money is not a problem. Companies selling their computing infrastructure products with inscrutable software is.

LOL! Let me ask you: Just how far are you going to move those goalposts?

There is NOTHING "inscrutable" about pf. Not only is it a standard FreeBSD package, but Apple also provides ample documentation of the pf.conf file. This is, IIRC, all of the typical documentation that any "computing infrastructure product" is provided with in Linux, right? Apple just chose to only expose some of the many capabilities of pf, most of which the vast majority of users wouldn't have an interest in, in their standard GUI for pf.conf.

Nothing "inscrutable" here. Just the typical design decisions when a GUI is overlaid on a sophisticated OS, whether we're talking about OS X, Windows or Linux. And you very well know that; so do the Internets a favor and STFU.

Everything gets sent to Apple servers

if you define "everything" as your Spotlight searches. And as you point out, it's very easy to opt out.

The real annoyance I have with Apple and OS X is that unlike MS, unless you have a Time Machine backup there is pretty much no way to easily step back to the systems prior state after an upgrade... unless you re-install the prior release and lose all applications and settings you had up to that point.

Which is EXACTLY what happens in Windows when you use a System Restore Point. And as you say, they "Sometimes work"; in my experience, about 25 percent of the time.

...and now the Windows.old folder ( that worked for me at least ) that you can back out the Win10 "upgrade" from.

LOL! Talk about damning with faint praise! Even Microsoft knows that Windows 10 is SO shitty that they HAVE to give you a way out!

Here's a thought: Howabout not changing 80% of the UI in one version-change? Howabout not building an OS that bends over backwards to soy on you at every single turn?

Compared to that, OS X is a model of good User Interface design (I.e, there are FAR more similarities between the 1984 version of MacOS and El Capitan than there are between Windows 7 and 8), and Apple is the bastion of liberty (easily-defeatable Spotlight Suggestions vs. a SECRET list of 100 URLs that your every KEYSTROKE and MOUSE-CLICK get sent to).

You don't have a decent free firewall for OS X?

That $10 application is simply a GUI front end for OS X's built-in Firewall. Apple just doesn't provide a GUI for configuring OUTGOING filtering. That's what the $10 product is for. It simply provides a GUI frontend for the more advanced features of OS X's "PF" (Personal Firewall). It's all in there; but no GUI for the Outgoing stuff. But that shouldn't be a problem for a Linux guy like you. You could simply use OS X's command-line to configure the outgoing filtering, as I said in my original post... ;-)

I believe you'll find Siri collects similar data if you want full functionality.

This is true; but Apple anonymizes the data. But yes, be careful with any voice-recognition on any platform.

Here's some answers to what is collected, how it is used, how your identity is protected, and when it is deleted.

Hell, I *also* seem to recall a post from the other day that mentioned that if you didn't pay for the music service that you couldn't search for music - I don't know how valid that is, some subscription thingy for the Apple Music Store or whatever they called it.)

Of course that's ludicrous. How could people find things to BUY on the iTunes store if they couldn't SEARCH? I expect more critical thinking from the likes of you... I think what you are thinking of is that there was a bug in the first version of iTunes that supported Apple Music that messed with some people's music collections depending on whether they were using "iTunes Match", but that was quickly fixed. ;-)

I'm off in Linux-land so I'm not terribly concerned

And yet you seem compelled to respond to nearly every post I make concerning Apple...

But, again, they [Windows Users] did consent to being tracked. They might not like that they did. They might not have been smart enough to read the EULA and understand it. But, they certainly gave consent either explicit or implied.

And yet you curiously didn't point out that "defense" when it came time for you to point fingers at Siri and iTunes; both of which contained EULAs, too...

Anyway, have a great Thanksgiving; and I look forward to our next sparring-match, LOL!

Apple has had their own missteps with regards to privacy concerns. Even if that wasn't the point, at all I might add, of my prior post.

Yosemite, default action (can be turned off at least), direct from Apple: https://support.apple.com/kb/P...

Everything gets sent to Apple servers, and it's on by default after upgrading to Yosemite.

I'm glad you could figure out what "chmod" was talking about. I thought he was talking about OS X Spying on you, like Windows 10.

By the way, what WAS he talking about?

Try reading the post, it's pretty damn obvious.

And yet OS X does the same thing that is being complained about here.

If you're talking about Spying; you're dead wrong. Apple has realized that Privacy is a "brand differentiator", and so has avoided the baked-in Spyware trend completely on both OS X and iOS. This is one of the biggest reasons why Mac sales are up globally 16% Year over Year.

And we primarily have Microsoft (and Windows 10) to thank for that.

Prove me wrong, or STFU.

Just like every other OS is heading or is already there? Always connected to the internet and always listening and watching what you are doing.

Speak for yourself. OS X doesn't do that crap. And the little that it does do they tell you about and is easily disabled.

And for those that would complain that OS X's built-in firewall (pf, which has now completely replaced ipfw) doesn't block OUTGOING traffic, apparently it can; but Apple has not made that available in the GUI. So, here's a nearly-free ($10) GUI manager for Apple's Firewall, that DOES support Outgoing controls, and is fully compatible with El Capitan. Full disclosure: I haven't tried this yet; but I think I will. BTW, if you're well-versed in the OS X Command-Line, you can do all this for free. But remember, you will likely have to defeat SIP on OS X 10.10 and above to write to /etc.

But all this stands in stark contrast to Windows 10, Spyware Edition, that produces a veritable flood of information back to the mothership, and which is relatively difficult to defeat, and even harder to keep defeated.

The Apple Recycling Program offers free and environmentally friendly disposal of your iPod and any manufacturer's mobile phone.

http://www.apple.com/recycling/ipod-cell-phone/

No. See, what they do is they "sell" all their patents to an Irish division of the company. That makes all the revenue they get from the US, "Irish profits".

Uhm, no. An Irish company will own all of Pfizer's and Allergan's operations, worldwide and in the future, only the proceeds from sales in the U.S. will be taxed in the U.S. Right now, all profits are being taxed first in the place where they are made and then again in the U.S., due to the strange tax laws in the U.S. Pfizer, like many American companies, wants to get rid of this double taxation scheme and I completely understand. It is unfair and illogical.

Do you believe that only 30% of Apple's profits are from US sales? Do you really believe that?

Since they make 31% of their sales revenue in the U.S., I think that sounds entirely reasonable. Don't forget that their market share in the U.S. is a lot bigger than it is anywhere else.

Ah yes, the first thing I would think of if I wanted a list of command shortcuts is to type: https://support.apple.com/kb/P... into my browser.

As a very recent rarely OS X user it was the first thing I thought about. Apple does publish short cuts ( https://support.apple.com/kb/P... ), a simple Google is enough.

> Then how do 95 percent of MacBook users set up Wi-Fi on their home routers?

You can set up Apple routers/cable modems wirelessly.

https://support.apple.com/en_US/manuals/airport

Beats Music is a streaming music service sort of like Spotify and Google Music. Like both those services, you could create playlists and I guess could "subscribe" to other people's playlists.

Those are going away with no way to recover them.

So, no, they don't get to keep what they bought. Like pretty much every cloud software, once the servers put down, whatever data you had stored in them is gone forever.

Errhm. https://www.apple.com/music/me...

What happens to my Beats Music service?
You can easily move your current Beats Music subscription over to Apple Music. Just open Beats Music on your iOS device and you’ll be prompted to join Apple Music. Once you’ve signed up, the playlists you’ve created or subscribed to and the albums you’ve saved in your Beats Music library will all be available to you in Apple Music.

Nice straw man you have there. The OP was describing the number of naive Mac users who have heard - and believe/repeat - the message that Macs aren't affected by malware. (Even if OP used the word "virus.") Which you seem to also acknowledge is BS. Those of us who aren't fanbois have heard this story time and again from uneducated Mac users, and Apple itself intentionally clouded with the "Macs don't get PC viruses" marketing bullshit.

I think that at this point, most users, even "naive" Mac users, are aware that Trojans exist, and that no amount of AV can protect you from being click-happy.

However, OS X's FIFTEEN-YEAR unblemished record stands: No Malware that did not require User Intervention to perform the initial infection, period. That isn't fanboiism. That isn't naivety. That's a fact.

And it is not "marketing bullshit" to state that Macs don't get Windows viruses. It is an important marketing distinction, especially when used under the auspices of their "Mac vs. PC" campaign.

And what you disingenuously don't point out is that Apple was careful to add the disclaimer (small, and at the bottom, like all disclaimers) that no computer was completely immune from attack. I can't find a copy of the original webpages; but the disclaimer was much like this one from the "OS X Security" Page, that states:

"While no system can be 100 percent immune from every threat, OS X lets you do even more to keep your information as safe as possible."

The whole suggestion that fingerprints cannot be hashed or are unhashable is rather preposterous. The author points out that a tiny flaw in a fingerprint can result in the hash being different, and he may very well be right that that happens, but that's an implementation issue, not an inherent problem with hashing fingerprints. After all, if you're doing things properly, you won't be hashing the raw raster scan of the fingerprint itself, but rather a normalized/filtered vectorization of the fingerprint that can be trained to ignore slight discrepancies like those.

Will it be perfect? Nope. Will it allow for mismatches (i.e. hash collisions)? Absolutely, but if you implement your normalization/filtering properly the hash collisions should only occur once in a blue moon, just the same as they do with normal passwords (e.g. Apple says the chances of a random match are 1 in 50,000 with Touch ID; see page 8 of their iOS Security document).

When you get down to it, this problem isn't much different from how YouTube or Shazam do their content matching, namely, they can take some sort of noisy data, apply a set of filters, generate a hash/fingerprint of the relevant data, then do a quick search based on that hash, rather than trying to actually match the noise in the coffee shop I'm in against the millions of tracks they've sampled. There are differences between those problems and this one, to be sure, and simply encrypting the fingerprint instead of hashing it does make things a LOT easier to implement (e.g. Apple doesn't hash fingerprints, but they do take the extra step of discarding minute details that would be necessary to reproduce a fingerprint before they encrypt it for later use), but to suggest that fingerprints are unhashable just seems silly. We're in the early days of fingerprint scanners in widespread use, and I'd expect that things will head in that direction with time.

Personal (non DEP) devices can have Mobile Device Management installed on them. It is common for companies who let employees bring their own devices. The only difference is that DEP devices can do it automatically over the air rather than needing to go to a website or sign into an account to set it up. https://www.apple.com/business/dep/

Personal (non DEP) devices can have Mobile Device Management installed on them. It is common for companies who let employees bring their own devices. The only difference is that DEP devices can do it automatically over the air rather than needing to go to a website or sign into an account to set it up. https://www.apple.com/business/dep/

Yep, you knew it had to be true: iPhone and Android.

That is correct for Apps. But a configuration profile can be downloaded from a website or sent by a mail server when you try to log in to it. The user would need to accept it and enter the devices passcode, but no Apple ID is needed. iPhone User Guide: iPhone in Business

How to tell if an iPhone, iPad, or iPod touch is supervised
https://support.apple.com/en-u...

"Can you turn off rootless mode on OS X 10.11 with this tool?)" What is "rootless mode" supposed to be?

Another name used for the mode where System Integrity Protection is enabled.

Or you can just buy a brand name that you know certifies and tests their products instead of going generic. Kind of the point of the brand name.

• Google store version
• Apple store version

The GPS Watch: The Garmin Forerunner 10. It's waterproof and fairly minimal in terms of features. It does exactly what a runner's GPS watch should do and nothing more. https://buy.garmin.com/en-US/U...

The iPod: The current generation of iPod Nano has built in Bluetooth. Sweat being a problem - don't wear it on the arm. Get a clip to stick it on the waistband. The HHiCase (or roocase) works pretty well. http://www.apple.com/ipod-nano... http://www.amazon.com/iPod-Nan...

The Headphones: YurBuds makes an excellent product (Liberty Wireless) that wraps over the ear, resists sweat and water, and allows ambient noise to reach the wearer for safety. http://www.yurbuds.com/en/wire...

I used all three of these in my first Marathon last year. Nothing failed.

However, once again, you demonstrate that you do not own an iOS device because there is a whole lot more than an emoji that is new or significantly improved.

Name something.

Go ahead.

I'll wait.

https://support.apple.com/kb/D... . gee, that was hard to find.

They already offer the Nimbus Steel Series game controller as an AppleTV "Accessory" (even prominently showing it on the main AppleTV Product Page); so obviously, they don't have any illusions that the standard Siri Remote is going to be adequate for all games in all situations.

What they don't want to do, is to create entire categories of games that have NO WAY of playing with the Siri Remote.

As for the incremental download stuff, that is intended to avoid a frustrating wait (and unnecessary server load and download-cap teasing) while scene after scene, level after level, loads in, which most casual gamers won't even get to in that session.

On the other hand, they didn't want to price themselves out of the settop-box market, by making the AppleTV cost as much as a PS4 or XBox 1.

They made their engineering choices VERY wisely. This was NOT intended to be the next PS4/XBox. It was intended to be a Set Top Box that would let a couple of family-members play fairly nice games, but as only ONE of the types of uses, not in any way the central one, which is delivering streaming entertainment through your TV.

Sorry, everything doesn't have to do everything equally well. That's why our DVD Players don't make Toast. Or, more properly, why you CAN make Toast in a "Toaster Oven"; but most of them pretty well suck as Toasters, compared to the dedicated appliance for that function.

I have a 2.5 year old phone that I otherwise love and while it's EOL, I still use it extensively.

The idea that a phone can be not even 3 years old and not have any hope of getting updates is something I balk STRONGLY at.

I have a solution for that...

I think the best thing Apple could do is make the AppleTV and iOS device, so that the Apps can run on it.

Um, which is EXACTLY what they did. Except Amazon. And that is AMAZON's doing, NOT Apple's.

There really isn't an excuse for Chromecast, but not supporting or selling Apple TV makes perfect sense.

Only a complete Apple Fanboy could complain about a streaming service not supporting Apple TV as an ANTITRUST issue, since the main reason streaming services don't support Apple TV is that Apple wants to take 30% of their GROSS on every transaction if they do "support" it.

Then why has there been a Kindle App and Amazon Prime Video TV App on the Apple App Store for a long time?

There really isn't an excuse for Chromecast, but not supporting or selling Apple TV makes perfect sense.

Only a complete Apple Fanboy could complain about a streaming service not supporting Apple TV as an ANTITRUST issue, since the main reason streaming services don't support Apple TV is that Apple wants to take 30% of their GROSS on every transaction if they do "support" it.

Then why has there been a Kindle App and Amazon Prime Video TV App on the Apple App Store for a long time?

But then you'd have to explain this

Turn on FileVault to encrypt the drive. Set a firmware password. Make sure there are no guest accounts. See https://support.apple.com/kb/P... and https://support.apple.com/en-u... . Turn off iCloud and don't enter an AppleID. Use an encrypted text editor on top of this with a 3rd password. This won't stop the NSA, but will stop most hack attempts. Putting documents on an encrypted SD card is not a bad idea.

Turn on FileVault to encrypt the drive. Set a firmware password. Make sure there are no guest accounts. See https://support.apple.com/kb/P... and https://support.apple.com/en-u... . Turn off iCloud and don't enter an AppleID. Use an encrypted text editor on top of this with a 3rd password. This won't stop the NSA, but will stop most hack attempts. Putting documents on an encrypted SD card is not a bad idea.

trailers.apple.com

So? I could already control Windows computers with an iOS device.

Simple.

1. Remove the flash.
2. Mount it with a non Apple device.
3. Run a dictionary attack on the password.

With the right equipment, it would only take a few hours depending on the complexity of the user's password.

Am I missing something?

Yes you are missing a lot.
https://www.apple.com/business...
https://developer.apple.com/li...

Apple has done a lot of work to improve their systems.
So has Microsoft, FWIW.

It was public knowledge even before the breach at Sony that system failures and
the naive use of systems by customers would prove to be trouble. Those without
their head up their exit port could read the writing on the wall.

Another less discussed topic is IPv6 and the internet of things.
Some minimum safety existed behind home NAT but with IPv6
this little dirty sand box will get worse. The phones and tablets
in my home all are lighting up IPv6 addresses.

Who knows what the neighbors Nest is doing...

Simple.

1. Remove the flash.
2. Mount it with a non Apple device.
3. Run a dictionary attack on the password.

With the right equipment, it would only take a few hours depending on the complexity of the user's password.

Am I missing something?

Yes you are missing a lot.
https://www.apple.com/business...
https://developer.apple.com/li...

Apple has done a lot of work to improve their systems.
So has Microsoft, FWIW.

It was public knowledge even before the breach at Sony that system failures and
the naive use of systems by customers would prove to be trouble. Those without
their head up their exit port could read the writing on the wall.

Another less discussed topic is IPv6 and the internet of things.
Some minimum safety existed behind home NAT but with IPv6
this little dirty sand box will get worse. The phones and tablets
in my home all are lighting up IPv6 addresses.

Who knows what the neighbors Nest is doing...

If Google's solution is not at least partially hardware-based, then it is only a partial solution, which is tantamount to Security Theatre.

That's not my reading of the situation. The benefit of Android is that it will run on many different devices. The drawbacks of Android is that it has to run on many different devices. Some Android devices have all the hardware in place to implement full encryption. Some already have. But since Google cannot dictate what hardware runs on Android, it can only dictate minimums.

Ok, then I will revise my comment to read "On Devices which do not provide for some hardware security component with keys that are unknown and unreadable except within said security component (e.g., Apple's Security Enclave), Google's approach is tantamount to Security Theatre; because said methods are at least potentially compromise-able through legal process or "rubber-hose" crypto-analysis techniques."

There, is that precise enough for ya?

We have that now. It's called iOS 9. Developers like Netflix and Amazon and Hulu just have to make their content searchable using Core Spotlight.

https://www.apple.com/business...

According to Apple, one of the many keys in the chain is unique to each device, imprinted into the silicon when the chip is fabricated, and not exposed on any pins of the chip. This doc is a great read, and even goes into how each file is encrypted with a different key.

Doesn't matter if it's encrypted. There are only 10,000 four-digit PIN combinations, and iPhones don't self-destruct after a certain number of tries. Pretty easy to brute force it.

Encryption is a necessary but not sufficient condition for security.

Apple recently moved to six-digit codes minimum for all phones, by default. With the presence of finger reader this is not much of an issue.

You can reduce or increase the security requirements of the passcode, but that is a personal choice.

Ref: https://support.apple.com/en-g...