Slashdot Mirror

Did you read the relevant articles? The challenge didn't allow for more than one attempt, that I could see, whereas here's Johnny (heh) saying that it could take multiple attempts to exploit the race condition correctly [...]

I updated the stipulations to allow for an entire hour to delete the file on the desktop. If they want more time than that, I'd be willing to extend it.

The way these things work is that when someone hacks your hardware, you get an injunction to stop them from talking about it. If they talk about it, they go to jail for contempt of court. If you were to RTFA, you might get the very strong impression that he's under an injunction of this type.

Instead of letting us infer the facts, why not just say "because of a court order, we can't talk about it"? It happens all the time.

If there is a hack, I want to know. I'm not looking for details, I just want the answer to Jon Gruber's question: "Have Maynor and Ellch found a vulnerability that affects MacBooks using Apple's built-in cards and drivers?"

If the answer is "yes" or "no" just say so! If they're under a gag order, just say "We're under a gag order." Asking us to read between the lines isn't cutting it.

Not to mention that the ad-homs aren't helping his credibility...

You just don't understand. This is one of the most important things, if not the most important thing to John Gruber at the moment. Any failure to take up his offer is an admission of guilt.

It has absolutely nothing to do with this

So, is he going to take Daringfireball's challenge or not? I think his whole thing has tarnished him, and he won't recover.

It's striking how different this proposal sounds to how the Mac startup chime works.

Scoble dances around giving a full description, and it sounds like things are still being fleshed out, but the clear implication is that the plan here is to play some kind of music at either the login screen or (presumably if auto-login is turned on) when the current user gets to a working desktop. Implicitly, this is going to take a while, so they encouraging you to go for a walk and come back when the chime plays.

With a Mac, on the other hand, you get a polyphonic startup chime right when the machine is turned on. This fills a couple of functions, including welcoming the user to start working on the computer soon, and proving that the machine passed POST tests. Next the hardware is initialized, and system services start loading. Up until 10.3/Panther, the user would be presented with a series of frequently-vaguely-understood system services one by one as they loaded, but with 10.4/Tiger, the whole startup process was re-thought and replaced with launchd , which in turn made it possible to boot the system boot much faster (don't load unneeded services, delay non-critical ones until later, run as many of the others in parallel, etc) so that now you just have a sham progress bar as the system boots as fast as possible up to the login screen or desktop.

What is the better use of resources: figuring out how to make the system boot so fast that you don't have time to get that cup of coffee, or hiring 70s rockers to compose a melody to play once you've finished brewing another pot? Hmm.....

And before you say that Microsoft doesn't have as much control over the hardware, that's baloney. Be didn't have control over the hardware, and they had a hell of a lot less resources than Microsoft, and yet they still figured out how to get BeOS to cold boot to a functional desktop in 15 seconds or so. No OS shipping today that I'm aware of -- Windows, OSX, Linux, etc -- manages to do that as well as BeOS did a decade ago, and the hardware has only gotten better in that time. Why not? It's obviously doable. Figuring out how to get computers to do that again would be wonderful.

Personally, I think that everyone with their head on straight knows at this point that copying is something that everyone does on this level. You may be one of the holdouts to think that this is bad, but if it was bad and nobody would do it, where would we be today? Just taking the Mother of All Demos, nobody except the by Engelbart designated innovators would be given access to the stuff presented there: the mouse ("Bug"), video conferencing, email, hypertext... When people are bitching about "copying" or "stealing", I don't think they consider the alternative and how much more crappy it is.

There's also a thing as overdoing it and not inventing enough on your own, but I don't think any major vendor (Microsoft, Apple, Sun, Red Hat, Ubuntu, and so on) are doing that as of today. Apple's poking fun at Vista to rally the troops (it's a developer conference!) and to twiddle Microsoft's nose once more while they have the chance - it's marketing, not the universal truth.

I also think that 10.5 is misunderstood at this level. Take Time Machine: even if we discount the smoke-and-mirrors display of the thing or the fact that the OS helps you backup efficiently with a non-boot volume and four UI controls in its preference pane, the big innovation here is really that you can restore not only one file but that there are *built-in hooks* for "here's this old file and here's this new file" which means that you can cherry-pick old items from old database files. This is something very neat and very useful that in 99 cases of 100 couldn't be done before without resorting to poking and prodding the database files themselves; and now that it's built-in to some of Apple's apps, it's not only going to be tremendously useful there but there's going to be an onus on third-party developers to provide support for this, which means a better user experience for everyone.

As a developer, I'm very excited about 10.5. There's all sorts of new APIs, the old APIs have been extended in better ways, and the developer tools have reportedly gotten the biggest facelift since, well, *ever*. Xcode 3.0 may even trump the step from OS X's Project Builder to Xcode 1.0, and the Interface Builder has finally received some much-needed love. Gruber's right: "Complaining that the announcements at WWDC only appealed to 'the geeks' is like going to a rock concert and complaining that all they did was play loud music."

They specifically said it was exploitable on Linux and Windows. They chose Mac OS X because they said that Mac users had a "smug" attitude about security and wanted to show something like this could be done on Mac OS X as well.

So no, it's not speculation that exploitable on other platforms, because the presenters themselves said it was, and specifically said they ultimately chose to demo it on the Apple platform for the reason stated above.

On that note, though, I do agree that the reasoning to use a third-party wireless card in the MacBook was shaky. They said they used it so as not to draw attention to the fact that the internal wireless card in the MacBook is vulnerable, even though they specifically state that the internal card is vulnerable. So how does this do anything to not draw attention to that, given that now, everyone thinks this is an exploit affecting only MacBooks, and not even any other Apple products with the Atheros card, much less any other platform under the sun?

John Gruber has a very good writeup on this issue here: http://daringfireball.net/2006/08/krebs_followup

As for "why not demo it on multiple platforms", it sounds like this little exploit is not nearly as easy to set up and take advantage of as they imply. The above writeup also touches on the motives of the presenters as well ("if you watch those 'Get a Mac' commercials enough, it eventually makes you want to stab one of those users in the eye with a lit cigarette or something"). Yeah, no bias there!

Daring Fireball has an interesting article on this. As it stands, it is unclear whether the actual internal MacBook wifi card (you know, the one everyone who owns a MacBook uses) is vulnerable as they used a third-party card for their demo, despite of the fact that all MacBooks come with an internal wifi card.

But did Krebs see the exploit work against a MacBook's built-in AirPort card? He says he stands by his reporting, but he did not report that the exploit works against the MacBook's built-in AirPort driver; he reported that Maynor and Ellch told him that it works against the MacBook's built-in AirPort driver. "I stand by that they told me the built-in driver is expoitable" is very different than "I stand by that the built-in driver is exploitable".

If it's true that this exploit does work against the MacBook's built-in AirPort driver, it's one of the most serious security exploits ever discovered against Mac OS X. Basing their demo video on a third-party card makes matters worse, not better, because it creates the perception that the majority of MacBook users are safe because they aren't using third-party cards

It may get 0wn3d some way, but probably not the way thats depicted in the article. you'll have to use a 3rd party device driver and card for the exploit to work instead of the wireless card and driver that are built in by apple.

or in other words: this is a non story.

Next?

The Washington Post's Brian Krebs reports on a supposed wireless networking exploit that allows a MacBook to be hijacked. I smell bullshit, though -- if you watch the video, the exploit apparently requires the MacBook to be using a third-party wireless card. Given that all MacBooks come with built-in AirPort support, how many MacBook users are actually susceptible to this? Any?

http://daringfireball.net/linked/2006/august#thu-0 3-krebs

Daring Fireball wrote about this recently. Here's the most important quote of the article:

The difference between the old Mac OS and Mac OS X isn't that it used to suck but now it's great. The difference is that Mac OS X's appeal is broader; it is good in more ways than the old Mac OS was.

Yeah, I did use and like Mac OS 9, Mac OS 8 and System 7. I did smoke lots of weed, but that had nothing to do with it. There are two things to consider: First, it went up against crap like Windows 3.11 and Windows 95. Second, it was the prettiest, most easy-to-use OS, even with cooperative multitasking and lack of memory protection.

Mac OS X added a lot to what makes a Mac great, but Mac OS 9 had a lot going for it, too.

Adobe cares about their professional customers and those people are having Quad or Dual G5 workstations with massive SCSI arrays etc right now.

Adobe doesn't give two shits about its customers anymore, and hasn't for a while. Adobe cares about forcing people to upgrade by releasing ever more bloated versions of its core apps in which the feature to boat ratio is dismal. The best synopsis I've ever seen comes from Daring FIreball:

Rather than expand into untapped creative markets, Adobe seems hell-bent on expanding into the jerks-wearing-suits market, a market that's completely at odds with the creative market they've dominated for nearly two decades.

Adobe's best and core products are their oldest, and they are graphics products: PostScript, the Adobe Type Library, Illustrator, and Photoshop. InDesign is relatively new but genuinely fits alongside these products. This is why Adobe's core customers -- who still use and love many of their products -- are dismayed and confused by the company's direction in recent years. But is it any surprise that a company that is run by jerks-wearing-suits is now targeting the jerks-wearing-suits software market?

I make my money doing production and pre-press, and have for the last fifteen or so years. The last five years of Adobe's product upgrades have been the most bug- and problem-ridden I have ever seen. For me, the straw which broke the camel's back was the InDesign launch. Adobe promised a program which would revolutionize desktop publishing. Instead we got a program which fell somewhere between PageMaker and older versions of Quark, a program which came nowhere near Adobe's promises. I think Adobe felt the animus against Quark would be enough for them to take over the market. Much to their surprise, but not to mine, it hasn't happened. To add insult to injury, the latest version of ID still isn't feature complete with Quark and has one of the worst interfaces I have ever seen for a typography program.

So, while I agree that there's no reason for me to upgrade my G5 until the next round of dtp programs are Intel-native, I have no illusions as to why Adobe is delaying the release of CS3. It's all about profit, all the time.

Professionals does not throw out $20k mission critical workstations because Steve Jobs became Intel fanboy recently. :)

Actually, we upgrade whenever the workload demands it. If I started to get a lot of heavy Photoshop work you bet your bippy I would go out and buy a pimped out dual dual-core G5, because the machine would pay for itself pretty quickly.

..people want to attack bigger targets more than smaller ones.

Twelve thousand machines was the entire vulnerable and exposed population, and Witty infected them all -- worldwide -- in 45 minutes. It's the first worm that quickly corrupted a small population. Previous worms targeting small populations such as Scalper and Slapper were glacially slow.

I've come to the conclusion that the biggest reason for why the Mac is a more secure platform isn't because of technology, but because the Mac userbase tends to be a lot more savvy than the Windows userbase.

I'd hazard a guess that the vast majority of Windows malware comes not from the inherent insecurity of the Windows platform but from users doing dumb things. Someone who installs some stupid little weather applet and gets infected with spyware got infected not because of a flaw in the system, but because they didn't bother to determine whether or not the source of their software was credible or not. Even if they got a prompt like Vista and OS X present they'll still authorize the program. There's no patch that can be applied to a system to prevent stupid users from mucking it up.

John Gruber wrote a really astute article on why Macs don't have the level of malware that one would think they would. If Apple has roughlt 5% marketshare, why isn't 5% of the total malware population targeting Macs? I think he's right when he notes:

We all benefit from the fact that the Mac community has zero tolerance for vulnerabilities. Not just zero tolerance for security exploits, but zero tolerance for vulnerabilities. In fact, there is zero tolerance in the Mac community for crapware of any kind.

If some "freeware" software for the Mac surreptitiously installed some sort of adware/spyware/crapware, there'd be reports all over the Mac web within days. Uninstallation instructions would be posted (and thus made available to all via Google), and the developer who shipped the app would be excoriated.

Zero tolerance, on the part of the user community, is the only policy that can work.

It's similar to the "broken windows" theory of urban decay, which holds that if a single window is left unrepaired in a building, in fairly short order, the remaining windows in the building will be broken. Fixing windows as soon as they are broken sends a message: that vandalism will not be tolerated. But not fixing windows also sends a message: that vandalism is acceptable. Worse, once a problem such as vandalism starts, if left unchecked, it flourishes.

Macs are more secure because Mac users have a much tougher stance towards crapware. Mac users tend to be much more technically proficient than the average. If that "zero-tolerance" policy changes, I'm not so sure we'll see an increase in the amount of malware targeting Macs.

OS X does a great job of providing technical barriers against malware, but nothing can prevent malware that uses social engineering to do its work. Mac users are safer because they choose to be - but if you get a group of users who have no awareness of security and will blindly execute anything they come across, even if the system specifically tells them not to, that could change very quickly.

I'm told that Coke frowns on their employees publicly drinking Pepsi, too. Or try showing up to work at GM with a Honda.

Who cares? Well, some very smart people do. (Of those, Tim Bray himself switching as well.)

Whether you personally know or respect Mark, Tim and Cory, they're being looked to by a huge amount of others for guidance. This isn't a lightly made switch - "oh you know, I have a spare box lying around and I'm going to see how this shiny new OS works out, and then next week I'll go and play with Gentoo, and I've always been meaning to give Solaris a try as well". This is people with a tremendous amount of experience and knowledge, having spent their whole life on Macs, deciding that enough is enough, that the bough has broken, and that they care more about their data than about anything else. They all have a huge following, and their thoughts will reverberate.

Most people who will actually read their thoughts (rather than going for the knee-jerk "no, it's Monday so apple is good!" slashdot reaction that I've seen far too many posters here resort to) will probably be set thinking because of it. And everyone will make up their own minds, and most people will probably decide not to switch, for reasons that for them will be very valid. But you can sure as hell bet that the importance of open data formats and lack of DRM will become more of a talking point in the months to come, and that if Apple doesn't heed this warning, more and more people will come to the same conclusions as Mark, Time and Cory have.

(If you want to get the whole story, I'd read the following articles in this order:

1. Mark Pilgrim: Bye Apple
2. Mark Pilgrim: When the Bough Breaks
3. John Gruber: And Oranges
4. Mark Pilgrim: Juggling Oranges
5. Tim Bray: Time to Switch?
6. Cory Doctorow: Mark Pilgrim's list of Ubuntu essentials for ex-Mac users

Who cares? Well, some very smart people do. (Of those, Tim Bray himself switching as well.)

Whether you personally know or respect Mark, Tim and Cory, they're being looked to by a huge amount of others for guidance. This isn't a lightly made switch - "oh you know, I have a spare box lying around and I'm going to see how this shiny new OS works out, and then next week I'll go and play with Gentoo, and I've always been meaning to give Solaris a try as well". This is people with a tremendous amount of experience and knowledge, having spent their whole life on Macs, deciding that enough is enough, that the bough has broken, and that they care more about their data than about anything else. They all have a huge following, and their thoughts will reverberate.

Most people who will actually read their thoughts (rather than going for the knee-jerk "no, it's Monday so apple is good!" slashdot reaction that I've seen far too many posters here resort to) will probably be set thinking because of it. And everyone will make up their own minds, and most people will probably decide not to switch, for reasons that for them will be very valid. But you can sure as hell bet that the importance of open data formats and lack of DRM will become more of a talking point in the months to come, and that if Apple doesn't heed this warning, more and more people will come to the same conclusions as Mark, Time and Cory have.

(If you want to get the whole story, I'd read the following articles in this order:

1. Mark Pilgrim: Bye Apple
2. Mark Pilgrim: When the Bough Breaks
3. John Gruber: And Oranges
4. Mark Pilgrim: Juggling Oranges
5. Tim Bray: Time to Switch?
6. Cory Doctorow: Mark Pilgrim's list of Ubuntu essentials for ex-Mac users

I wonder where you could have come up with such an idea.

My opinion may be incorrect. After all, I formed it only after reading some of Enderle's quotes and writings here and there. But he made enough of a negative impression that I remember him by name.

Anyway, I decided to glance around on the internet for a few anti-Enderle web pages. See here, here, here, and here. Here's a good quote from the second to last link:

Enderle's presence is a warning sign. I see a quote from him I get the message. The reporter is out of ideas and has decided to cut corners.

"need to repair permissions after each update (why macs need this?)..."

They don't. 5 current Macs, all running OSX since 10.1.5, I have NEVER had any problem that was fixable by "repairing permissions"

It's a placebo.

http://daringfireball.net/2006/04/repair_permissio ns
http://daringfireball.net/2006/04/repair_permissio ns_voodoo

Apple does not state *anywhere* in their documentation that repairing permissions is required or even desireable afer updates.

"need to repair permissions after each update (why macs need this?)..."

They don't. 5 current Macs, all running OSX since 10.1.5, I have NEVER had any problem that was fixable by "repairing permissions"

It's a placebo.

http://daringfireball.net/2006/04/repair_permissio ns
http://daringfireball.net/2006/04/repair_permissio ns_voodoo

Apple does not state *anywhere* in their documentation that repairing permissions is required or even desireable afer updates.

Of course, if your users are anything like the ones I know, you'll then have to make their favourite WYSWIG editor output Markdown before they'll go anywhere near it :(

If you don't like blogs, don't read 'em.

I understand why you wouldn't want to read the "Why I like the color pink" blog, or the "I just took a dump" blog.

But you're bashing on an entire medium. Hell, even television has a lot of good content hidden among the chaff. When you discount blogging out of hand, you're lumping sites like Daring Fireball, The Technology Liberation Front and IP Democracy in with the navel-gazers.

Sure, there are a lot of useless blogs. There are also a lot of useless magazines and books. Personally I prefer a world where there are more mediums of expression, not fewer. Slashdot is an excellent example of this. It could easily be considered a group blog, filled with useless opinions, but it is obviously more than that. Get all your information and all of your opininions from Big Media if you want. I like having more options.

Thats an interesting point. I figured since most windows virii work by exploiting windows APIs, their authors would lack the knowledge (and desire to learn how) to program them in OSX. I fail to see how this explains a tremendous explosion of virus activity on OSX, however, and the ridiculous article about it gets quite skewered by DF.

the program was apparently too slow to test unless it was installed on the absolutely most-tricked-out, highly-upgraded Power Mac G5 you can lay your hands on

Remember that Mac OS X 10.0, when it was released, was also painfully slow. Far slower than Aperture 1.0 on a G4, even.

If you have a slow system, it's a fairly straightforward exercise to optimize it, which is exactly what Apple has done: every major version of Mac OS X has been noticably faster, on the same hardware. I have no reason to believe that Aperture will be any different.

If you can't build a user interface to save your life, though, you can't just spray on a better user experience.

Aperture 1 was great except for the speed. Lightroom 1 will be great except for the UI. I suspect Aperture 2 (or 3, or 4...) will be the professional counterpart to Final Cut Pro, and Lightroom 2 will try to compete by adding more features. You know, how Preview.app is a pretty good PDF viewer, and Acrobat Reader is a huge pile of crap (with 40,000 features).

If "it's slow" and "the image processing quality needs tweaking" are the worst things you can say about Aperture, I'd say they're doing bloody great.

Anyway, almost all reports (including those by "real" journalists) ignore an important part of the original ruling.

Whether he [Jason O'Grady] fits the definition of a journalist, reporter, blogger, or anything else need not be decided at this juncture for this fundamental reason: there is no license conferred on anyone to violate valid criminal laws. [...] III. CONCLUSION AND DISPOSITION In this case, accepting for present purposes that Apple's allegations about trade secrets are true, the information divulged falls squarely under the UTSA and Penal Code 499c definitions. As such it is stolen property, just as any physical item, such as a laptop computer containing the same information on its hard drive (or not) would be. The information remains the same and is not transformed by its form or who receives it.9 Therefore, the Court used the charged word "fence" to describe parties who acted as go-betweens between the generator of the secret property and the recipients of it. Although specifically asked of counsel for movants, the Court did not hear rebuttal to the analogy at the hearing. The bottom line is there is no exception or exemption in either the UTSA or the Penal Code for journalists - however defined - or anyone else.

Much of the movants' papers and their oral argument stressed the public's interest in Apple and its products. Movants miss the point. Of course the public is interested in Apple. It is a company which has achieved iconic status. One need no further proof of this point than to review the personal history of movant O'Grady who, according to his own declaration "has been working with Macintosh computers since 1985 ... co-founded the first dedicated Apple Power Book User Group ... in the United States ... has contributed articles to MacWEEK, MacWorld, MacAddict, MacPower(Japan) ...[and] written chapters for The Macintosh Bible." Movant's Opening Brief at 4: 8-20. Mr. O'Grady is far from alone: the public has had, and continues to have a profound interest in gossip about Apple. Therefore it is not surprising that hundreds of thousands of "hits" on a website about Apple have and will happen. But an interested public is not the same as the public interest.

At the hearing the Court specifically asked what public interest was served by publishing private, proprietary product information that was ostensibly stolen and turned over to those with no business reason for getting it. Movants' response was to again reiterate the self-evident interest of the public in Apple, rather than justifying why citizens have a right to know the private and secret information of a business entity, be it Apple, H-P, a law firm, a newspaper, Coca-Cola, a restaurant, or anyone else. Unlike the whistleblower who discloses a health, safety, or welfare hazard affecting all, or the government employee who reveals mismanagement or worse by our public officials, the movants are doing nothing more than feeding the public's insatiable desire for information.

[...] Mr. O'Grady is far from alone: the public has had, and continues to have a profound interest in gossip about Apple. Therefore it is not surprising that hundreds of thousands of "hits" on a website about Apple have and will happen. But an interested public is not the same as the public interest.

At the hearing the Court specifically asked what public interest was served by publishing private, proprietary product information that was ostensibly stolen and turned over to those with no business reason for getting it. Movants' response was to again reiterate the self-evident interest of the public in Apple, rather than justifying why citizens have a right to know the private and secret information of a business entity, be it Apple, H-P, a law firm, a newspaper, Coca-Cola, a restaurant, or anyone else. Unlike the whistleblower who discloses a health, safety, or welfare hazard affecting all, or the government employee who reveals mismanagement or worse by our public officials, the movants are doing nothing more than feeding the public's insatiable desire for information. -- On the Discovery Ruling in 'Apple v. Does'

...was compliments of Tantek Çelik, standards evangelist, and main designer of the Tasman rendering engine which drove IE for Mac. In digging for his history with the project, I note a few things:

• Daring Fireball's archived recap of the history of IE for Mac leading up to its cancellation,
• A blog entry describing how after Tantek was finished with IE for Mac, Microsoft moved him over to ...WebTV (?!),
• An entry on the IE Blog where it looks like Microsoft is advertising for various open positions, and many people are responding with mixed emotions.

As for TFA... gah. Don't get me started on TFA. It doesn't mention IE for Mac at all (perhaps the Publications Coordinator who wrote TFA never heard of it?) and makes some innocent and half-assed assumptions about Web Standards—mostly their lack of existence.

And the marginalization of other browsers? Her argument basically runs that other browsers don't stand a chance against IE's installed base, while conveniently overlooking the fact that IE itself was once an "other" browser and citing ways that IE got the leg-up on Netscape without ever noting that those other browsers are doing the same things to IE. The argument basically runs "Yes, things changed in the past, but things will remain as they are now because they're the way they are now." Buh?

• Ahem?
• I said, "ahem?" (look at this page in IE, then in Firefox.)
• I said "AHEM," damnit! (note what computer the man in the hammock is using.)

John Gruber over at Daring Fireball made me laugh with this.

"Scheduled to be in beta for the next four years.

Also, it doesn't (yet?) support Safari, and informs you of this with a JavaScript alert that reads:

'Sorry, Google Calendar does not support your browser yet, so things may break in unexpected ways. Press OK to see a list of browsers that we support. Or cancel to try to use it anyways.'

$121 billion market cap and they have someone writing error messages who thinks "anyways" is acceptable English."

The reason this [boot OS X on any Intel-powered PC] isn't going to happen -- at least not soon -- is that it doesn't fit with Apple's aforementioned business, selling computer hardware. Boot Camp fits because it makes it more likely that more people will buy Mac hardware, and doesn't make it any more likely that existing Mac users will switch to buying computers from some other company.

Asher, I think you might benefit from reading John's analysis of Boot Camp and Apple's overall strategy. Maybe you'll find it illuminating.

You might also want to consider writing a follow-up article in a year, so you can tell everyone about what you predicted back in 2006. Then again, maybe you shouldn't do that.

John Gruber of Daring Fireball wrote up the most logical and clear-headed analysis of Apple's Boot Camp play that I've seen thus far. In typical Gruber fashion he doesn't pull any punches when he thinks others have got it wrong, but I have to agree with him.

This article ought to have been the one linked in the main story.

I think it is perfectly reasonable of you to make purchase decisions based on what you expect to be able to do with the hardware and the software. It's your money.

On the other hand, I think it is probably OK with Apple to lose you as a customer. This is because the profit they would make from sales to people like you would not match the profits they would lose from Mac users foregoing Mac purchases to run OS X on a PC. They make much more money from a hardware sale than an OS X sale.

I think the opinion piece at Daring Fireball had a great analysis of the situation. Apple will take steps that are likely to increase the sales of hardware at the profitable end of the market, but they won't take steps (like marketing OS X on a PC) that are likely to decimate their hardware sales. They tried this before; if they license the OS to run on non-Apple hardware, they will _not_ simply add OS X users -- it is certain that many people that were already buying their hardware and using OS X will make their next hardware purchase a non-Apple product. Obviously this is great for consumers, but no company is going to make a decision that will slash their profitablitly for the sake of a tenuous possibility of a gain somewhere down the road.

My initial reaction was to try and regurgitate what Gruber wrote last week, but then I realized that he's a much better writer than I am, so what's the point.

May I recommend Several Asinine and/or Risky Ideas Regarding Apple's Strategy That Boot Camp Does Not Portend or Windows, The New Classic.

My initial reaction was to try and regurgitate what Gruber wrote last week, but then I realized that he's a much better writer than I am, so what's the point.

May I recommend Several Asinine and/or Risky Ideas Regarding Apple's Strategy That Boot Camp Does Not Portend or Windows, The New Classic.

I've lost count of the number of people I've seen talking about this who clearly haven't read either of the two recent Daring Fireball posts on the subject of Boot Camp, and really need to if they want to have a clue regarding it.

Both are fantastic, but in this context, it's the second link with which people really need to be hit over the head. If you haven't read them, I think you're going to get a lot of things wrong about what Boot Camp's really all about for Apple. I got some of it, but still found things in those write ups that I'd missed.

Boot Camp isn't about converting the mass market of Windows users. Repeat that to yourself until you understand it, and why it's true.

Tech writers also need to get it through their heads that licensing OS X for non-Apple hardware is a bad move that will never happen. There's no money in it, when you compare it to Apple's currently-booming hardware business.

I've lost count of the number of people I've seen talking about this who clearly haven't read either of the two recent Daring Fireball posts on the subject of Boot Camp, and really need to if they want to have a clue regarding it.

Both are fantastic, but in this context, it's the second link with which people really need to be hit over the head. If you haven't read them, I think you're going to get a lot of things wrong about what Boot Camp's really all about for Apple. I got some of it, but still found things in those write ups that I'd missed.

Boot Camp isn't about converting the mass market of Windows users. Repeat that to yourself until you understand it, and why it's true.

Tech writers also need to get it through their heads that licensing OS X for non-Apple hardware is a bad move that will never happen. There's no money in it, when you compare it to Apple's currently-booming hardware business.

Everyone should read this:

http://daringfireball.net/2006/04/asinine_and_or_r isky_ideas

which gives all the reasons why these types of stories are crap.

The BETA isn't supported by Apple. When Leopard is released though, and "Boot Camp" (or whatever they decide to call the final product) is integrated into the OS, and trumpeted as a feature, they're going to start supporting it. Probably not to the extent of helping users remove spyware, etc (Does Microsoft even provide that kind of support?), but enough to help users get Windows up and running on their Mac.

Personally, I hope it turns out that Windows really does become the new Classic, as many pundits have said. Imagine being able to launch those 2 or 3 Windows apps you can't live without from within MacOS X - THAT would be something to talk about. John Gruber has some intriguing thoughts on that possibility.

All in all, I really can't see why iPod is so successful, given all the alternatives...

This insightful article will answer all of your questions about the iPod and it's current position.

Although I do think you are not really Apple's target market for the iPod, being the
7. The 2GB apple nano is actually HUGE, despite the name.

No you're seriously trolling...

The iPod/iTunes system will move into a niche with Macintosh computers because Steve Jobs has again stuck with closed architecture and total control.

This is becoming extremely annoying. I can't say it any better than Jon Gruber already did: these writers need to stop pretending that 2006 is 1985.

As for the old saw about cellphones overtaking iPods, this is exactly why nobody has come close to toppling the iPod so far. People who take this view insist that because cellphones are ubiquitous, they will miraculously overwhelm the iPod. If that were true, we'd all be watching TV from our refrigerators.

If I were a device manufacturer attempting to go after Apple, I'd: Think about what works for users. Recognize that if the hardware and software work together extremely smoothly, customers will be happy and will gladly fork over the dough for your device. Don't think about how many features you can cram into the feature list. Don't insist that the form factor of a freakin' cellphone is actually suited to use as a music and video device. Don't think about how happy Verizon will be if you team up with them to make exorbitantly-priced music downloads over crappy networks. Don't dismiss design as an afterthought ("I know, we'll make ours RED!"). Maybe, just maybe, think about how to work with Apple, rather than with Microsoft. After all, past performance is certainly no guarantee of future performance, as Microsoft's botched efforts in digital music have already demonstrated.

The hidden assumption in all of this prognostication about Apple's supposed weakness in iPod/iTunes is that somehow the 800 lb. gorilla from Redmond will eventually swamp Appple. Microsoft has tried everything it can to unseat Apple in this market, and they've fallen flat on their face. Apple has sidestepped Microsoft's OS dominance, and made iPod/iTunes the dominant player. Market effects don't just work in Microsoft's favor.

http://daringfireball.net/2006/03/ipod_juggernaut

Someone obviously hasn't been reading John Gruber's latest pieces. Idiots.

Maybe TMO could start an "iPod Death Watch" to go along with their "Apple Death Watch", which, IIRC, is up to something like 60 now.

No, I didn't dignify the glaring fearmongering of The Age by reading TFA. That was exactly what they wanted you to do, and Slashdot fell for it, hook, line, and sinker.

Someone obviously hasn't been reading John Gruber's latest pieces. Idiots.

Maybe TMO could start an "iPod Death Watch" to go along with their "Apple Death Watch", which, IIRC, is up to something like 60 now.

No, I didn't dignify the glaring fearmongering of The Age by reading TFA. That was exactly what they wanted you to do, and Slashdot fell for it, hook, line, and sinker.

Posted a week ago in Daring Fireball: http://daringfireball.net/2006/03/ipod_juggernaut Anything familiar?

Really lame. I'd pen a post lamenting what Slashdot has come to these days, but that would only serve to convey an expectation of something greater, which, frankly, is just sad...

So SM posts this for shits and giggles. Fair enough. It brings the Gentoo Ricer crowd out, which is entertaining for the rest of us and generates page views ergo ad revenue. I can almost see a four steps to profit cliché here, but I'll leave that to someone else.

Seriously though, what a load of bollocks. I certainly can't claim to have the vintage of some of the 20+ years sysadmins on here, but I've been a Linux user for 7-8 years now and that is evidently long enough to come to understand the merits of package management. Yes, when you're fat and fifteen and still living in your parent['s|s'] basement with nothing better to do all day than stick it out watching makefile lines scroll by, Gentoo seems like a good idea. If you're really fucking sad, you might even notice a perceptible difference.

But fuck, please stop trolling like a bunch of Mac/Ogg/etc zealots telling the rest of us about it - we don't fucking care. We have jobs to do, partners to go home to, lives to get on with. If I did still care for Linux on my main machine, Ubuntu would have me up and running in an hour or so - I couldn't have my computer out of action for a day because it's...er...compiling.

Now don't get me wrong - I understand the mentality. I know the mentality. It's the same mentality that led me to reinstall Windows anything as frequently as once a week for a period in an attempt to get it running tip top. It's about the struggle, the fun of getting there, the war, the conflict, the strife - that's the fun part. I am of a computing generation that cut its teeth editing CONFIG.SYS and AUTOEXEC.BAT files with elaborate startup menu configurations to optimise memory availability for specific applications (remember expanded memory, anyone?).* And it was great - we loved it, well, some of us did - until we actually had to get some work done.

Now I have to get work done, so I use a Mac. And countless Linux sysadmins out there will say the same thing - in the real world, you have to deliver results. Real, actual results. Dependability. Not downing the server every evening for a recompile. Reliability. Actual rather than theoretical uptime. We simply don't have time to be sitting round waiting for X to build so we can just sling some graphics on the screen.

And if y'all were doing something useful with your lives, neither would you...

iqu :|

(* Kudos to John Gruber for reminding me (through quoting someone else) of the glory days of MS-DOS - choice quote: "As a PC user, enduring the grotesqueries of that experience is something that we are actually proud of.")

Really lame. I'd pen a post lamenting what Slashdot has come to these days, but that would only serve to convey an expectation of something greater, which, frankly, is just sad...

So SM posts this for shits and giggles. Fair enough. It brings the Gentoo Ricer crowd out, which is entertaining for the rest of us and generates page views ergo ad revenue. I can almost see a four steps to profit cliché here, but I'll leave that to someone else.

Seriously though, what a load of bollocks. I certainly can't claim to have the vintage of some of the 20+ years sysadmins on here, but I've been a Linux user for 7-8 years now and that is evidently long enough to come to understand the merits of package management. Yes, when you're fat and fifteen and still living in your parent['s|s'] basement with nothing better to do all day than stick it out watching makefile lines scroll by, Gentoo seems like a good idea. If you're really fucking sad, you might even notice a perceptible difference.

But fuck, please stop trolling like a bunch of Mac/Ogg/etc zealots telling the rest of us about it - we don't fucking care. We have jobs to do, partners to go home to, lives to get on with. If I did still care for Linux on my main machine, Ubuntu would have me up and running in an hour or so - I couldn't have my computer out of action for a day because it's...er...compiling.

Now don't get me wrong - I understand the mentality. I know the mentality. It's the same mentality that led me to reinstall Windows anything as frequently as once a week for a period in an attempt to get it running tip top. It's about the struggle, the fun of getting there, the war, the conflict, the strife - that's the fun part. I am of a computing generation that cut its teeth editing CONFIG.SYS and AUTOEXEC.BAT files with elaborate startup menu configurations to optimise memory availability for specific applications (remember expanded memory, anyone?).* And it was great - we loved it, well, some of us did - until we actually had to get some work done.

Now I have to get work done, so I use a Mac. And countless Linux sysadmins out there will say the same thing - in the real world, you have to deliver results. Real, actual results. Dependability. Not downing the server every evening for a recompile. Reliability. Actual rather than theoretical uptime. We simply don't have time to be sitting round waiting for X to build so we can just sling some graphics on the screen.

And if y'all were doing something useful with your lives, neither would you...

iqu :|

(* Kudos to John Gruber for reminding me (through quoting someone else) of the glory days of MS-DOS - choice quote: "As a PC user, enduring the grotesqueries of that experience is something that we are actually proud of.")

This is *exactly* the point I was waiting for. This has been brought up before -- just look at this Daring Fireball article. This dates back to 2004 -- it is a safe option to have default URL handlers turned off in a few cases. Having default action disabled downloads the file -- but double-clicking it in Finder, or even Ctrl-clicking and using "Open" submenu action does not cause any harm...

Um, I'm admittedly not looking at my OS X box right now, but unless this change was made in the 10.4.4 update (the one released just in the past few days via Software Update), the ".app" extension is hidden on most Applications, at least with the general "hide extensions" preference turned on in the Finder.

The MP3Concept trojan didn't disguise itself because the Finder was hiding the ".app" extension, anyway. It's filename really was "MP3Concept.mp3". If you had gone in and looked at it via the Terminal, that's what you would have seen.

It was an executable because of the way its metadata was set: it had a "type" of APPL, for application, thus it would execute when double-clicked. The icon came because the creator had simply given the iTunes MP3 file icon as the application bundle's custom icon resource (this is the same way a legitimage application sets itself to a custom icon). It wasn't being assigned automatically by the Finder or anything else. This type of exploit isn't really new, it would have worked just as well on MacOS9 (and probably even better); back in the day there were lots of dumb little tricks that you could do to take advantage of the same thing (you could make small applications that put up rude dialog boxes, for instance, and disguise them as documents).

And (as screenshots on the link below show), if you had looked at the MP3Concept.mp3 file in the Finder's list view, it would be correctly reported as an Application, not a Document. (Because the Finder looks at the file metadata in addition to the filename, when determining what it is.)

Without appending ".app" to the end of every Carbon application out there still in use, which in some cases might cause problems, and then not letting the user turn off the displaying of extensions (which would piss off a lot of longtime Mac users), I don't think there's really any way to prevent this. I find the change you're saying Apple made somewhat doubtful, although I'm open to any evidence you have.

More info on the MP3Concept trojan:
http://daringfireball.net/2004/04/crying_wolf