In talking with a four-flight NASA astronaut in 2002, I recall them mentioning that NASA pegged the odds of a catastrophic failure with the orbiter at about 1 in 40...which was a statement that came to mind just a few months later when Columbia exploded.
That said, after the initial batch, NASA wasn't building new orbiters, meaning that they had very little ability to iterate and improve. In contrast, and as you suggested, SpaceX has been able to learn from its mistakes and build new rockets in different ways, so it stands to reason that the odds ofany given launch failing should be better than what their historical failure rate might suggest. I.e. Even though their historical failure rate may be 2 in 54, the odds of launch #55 failing are less than that.
If their failure rate has been 3.7% up to now, and the odds of failure have gotten better since then, and the failure rate of the orbiter is the standard for what we consider acceptable, then the Falcon 9 may already be "good enough" for manned missions, or else very close.
The point is that geo-fencing is a misguided attempt to avoid liability since a user can be outside the EU and still be protected by the law.
You shouldn't believe everything you read online. Article 3 of the GDPR (see: page 110) specifies the "territorial scope" where the GDPR applies. While there are some details I'm glossing over, the gist of it is that the GDPR only applies when you, the company, or the target of the business is physically located in the EU. Notably, it makes no attempt at distinguishing between citizens and non-citizens, whether local or abroad, nor does it attempt to apply itself outside EU borders, except inasmuch as international law applies (e.g. reciprocal treaties, territories subject to EU member states, etc.).
So, if you're a person in Frankfurt trying to book a flight with Lufthansa, you get GDPR protection, regardless of if you're German, American, or anything else. The company is based in the EU and you're in the EU, so you get the protection.
If you're a person in New York trying to book a flight with Lufthansa, the company is still based in the EU, so you get GDPR protection, again without regard for your citizenship. This is a fact that—as an American—I am very much looking forward to, since it means that some of the benefits actually do extend to me over here.
If you're signing up for Netflix on its German-language site while in Frankfurt, you get GDPR protection. They're targeting people in the EU with their website, so they've made themselves subject to EU regulation. And again, the regulation applies, regardless of your nationality.
If you're signing up for Netflix on its English-language site while in New York, the company is neither targeting you in the EU nor is it based in the EU, so YOU DO NOT GET GDPR PROTECTION. And, as with the other examples, that's true whether you're from the EU or not.
As for what any of this has to do with geofencing, whether the GDPR applies to a foreign company boils down to whether they are targeting users located in the EU. If they engage in marketing in the EU, make their website available in the native language of an EU member state, or accept payment in Euros, those could be taken as proof that a company is targeting EU users and is subject to the GDPR. Conversely, geofencing the site to prevent users in the EU from accessing it is an effective way to proactively protect themselves from claims that they are targeting European users and should be subject to the terms of the GDPR.
All of which is to say, no, geofencing is not a misguided attempt at avoiding liability. It's actually a perfectly legal step that fully complies with the terms laid out in the GDPR. Moreover, the GDPR is completely unenforceable at a Starbucks in Iowa, not because the EU has no ability to enforce it there, but rather because the EU made no attempt to enforce it there. They respected the sovereignty of foreign regions.
You're essentially talking about implementing CAPTCHA for phone calls, but CAPTCHA only works in two circumstances: 1) Security through obscurity. If the CAPTCHA system you rely on is not widely used, no one will bother writing bots to circumvent it. 2) Rely on a skill that is trivial for humans but difficult for robots.
Responding with a preset response to a clearly-spoken, pre-recorded message is trivial to program, even if you let the recipient choose between a large number of preset choices. The only reason the bots haven't been updated to do so already is because Obi110 and its kind are a small enough segment of the market that they're not worth addressing yet. The moment Google, Apple, or anyone else running a large platform makes that sort of thing a built-in feature, the bots will all be updated with circumvention steps that simply fingerprint the pre-recorded audio clips, map them to the known solutions, and then reply appropriately.
You could try garbling the pre-recorded messages, but then you run the risk of making it impossible for anyone to respond correctly. You could try letting recipients provide instructions in their own voice, but parsing plainly-spoken numbers/letters from arbitrary voices is not particularly difficult for bots to do, so it wouldn't be much of a setback either.
The way to address this is either through the carriers (they should know where these calls are coming from and have the ability to block them, regardless of whatever spoofed data the caller may be putting in the caller ID header), or else through market forces (i.e. we get pushed into using Skype, WhatsApp, FaceTime, etc. for "phone calls"). Honestly, I suspect the latter may end up happening. For the people I "phone" regularly, none of us actually talk via traditional voice lines. It's all via data/Internet lines. Not that I'm holding my breath, but if Apple were to finally fulfill their long-ago promise to open-source FaceTime (FaceTime isn't just video chat, it can be audio-only as well), Google could adopt it and we could see a proliferation of low-cost, data-only devices that render traditional voice lines (and the problems associated with them) obsolete practically overnight.
A EU citizen sitting in Starbucks in the US is equally as protected as if they were sitting in France.
No they're not. The text of the GDPR doesn't mention "citizens" even once, but it does specify the cases where it applies:
Article 3(1): This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.
I.e. All European companies must comply.
Article 3(2): This regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to:
a. The offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or
b. The monitoring of their behavior as far as their behavior takes place within the Union.
I.e. Any foreign company selling to or monitoring someone physically located in the EU—regardless of their citizenship—must comply.
Article 3(3): This Regulation applies to the processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law.
I.e. Any foreign company who is otherwise required to comply by international law must comply.
And that's it. That's the exhaustive list. There are no other cases where it applies.
Notably absent from that list is anything even remotely resembling your claims. In fact, EU citizens traveling abroad are, generally speaking, NOT protected by the GDPR so long as they are abroad. And really, that's how it should be since it'd be wholly unenforceable in a jurisdiction outside of EU control. Jurisdictionally, it'd be no different than the US' recent, wrongful attempt to enforce its will outside its jurisdiction when it demanded that Microsoft hand over data contained in its European data centers.
So, contrary to your claim, if all a foreign company does is geofence their service, then yes, they should be just fine.
Forget liquidating the whole company. What if the company merely sells off a part of itself, such as its business interests in a market it's exiting? Do any customer names associated with the company remain with the portion of the company that goes to the buyer, or do they stay with the seller company, or do both the buyer and the seller get to have them since those are customers for both of them?
This is why we see things like poison pills occasionally pop up in the privacy policies of ethical companies: should they get bought out, the privacy policy either explicitly forbids the buyer from using the data, or else it would obligate the buyer to pay out vast sums of money to each customer should it try to use the data. Either way, it makes the use of the data infeasible, but it also limits the original company from angling for an eventual buyout or merger in many cases, which may be to their own detriment.
And that purported "reverse" discrimination consisted of a single internship set aside for somebody who is not a heterosexual white male.
That's it: one internship.
So, how many institutional acts of discrimination would an organization need to engage in before you’d object? Because what you’re arguing here is that “it’s just a little one, so it’s okay.” At what point does the discrimination become too much for you?
Hearing what you’re saying, I’m reminded of an apocryphal conversation attributed to Winston Churchill:
Churchill: Madam, would you sleep with me for five million pounds?
Socialite: My goodness, Mr. Churchill... Well, I suppose... we would have to discuss terms, of course...
Churchill: Would you sleep with me for five pounds?
Socialite: Mr. Churchill, what kind of woman do you think I am?!
Churchill: Madam, we've already established that. Now we are haggling about the price.
Moreover, there’s nothing “purported” about it. They’re explicitly excluding people based on gender identity, nationality, and ethnicity. That’s straight up discrimination. You may be right in suggesting that he’s using this as a cover for his own prejudices, but don’t use your desire to call him out as a justification for condoning discrimination.
That's roughly where I was at for a number of years, but when my wife got pregnant last year we figured it was time to assemble some local storage on our network for keeping original copies of our photos and videos, storing our Time Machine backups, and hosting our Plex and (old, not-yet-stripped-of-DRM) iTunes content, so I picked up 4 x 5TB drives and slapped them in a directly-connected enclosure with a RAID 5 configuration. It's FAR more than we currently need, but Black Friday served up some steep discounts on large, high quality drives, and it's nice to know that we have room to grow without concern for many years. Plus, as a direct-connected enclosure, it gets backed up to Backblaze with the computer to which it's attached, whereas a NAS would require a separate backup plan.
At this point we're using about 1.5 of the 15 TB available for storage (the other 5 TB go to parity for RAID 5), but I still need to move our Time Machine backups to it and I'm still nowhere close to being done (re-)ripping the discs we own for Plex, so I expect we'll be closer to 3-5 TB by the time I'm done with what we currently have.
Came here to say just this. It'll be a shutdown, followed by a sell-off to a "completely different" company that is actually just the same people doing the same thing.
You're cutting off your nose to spite your face. Even if we grant that late passengers deserve to miss their flight, the plane has no awareness of their tardiness, so you're delaying the other passengers needlessly as they wait for a passenger who won't arrive on time anyway. If the airport can confirm that the person isn't present or is too far away, the plane can leave as soon as the passengers who are actually present are ready to go, helping keep everyone on schedule.
Likewise, if the last person to board would make it on time but could make it there sooner with the assistance of a motor cart or helpful directions from proactive airport staff, why not get them there sooner so that the plane can queue up for take-off earlier? Again, there's no sense in needlessly waiting.
And what about when the airline/airport is at fault for the person being late? I nearly experienced that last year while transiting through Frankfurt. I arrived early at the gate to which the airport displays directed me and waited for boarding to start. About 20 minutes before boarding, the gate agent announced a different flight, after which the displays updated to show that a gate change had occurred. The new gate was a 20 minute brisk jog/run away from the original gate (and I was carrying a week's worth of heavy luggage for two). I barely made it on time and the airport had to dispatch a number of motor carts to assist other passengers who weren't as capable. I later found out that the gate change had been made hours prior while we were over the Atlantic, but without a local data plan to receive e-mails/notifications we were dependent on the airport's displays being accurate, which they weren't.
As for the Orwellian concerns, the facial scans don't change anything. They already have your face on file and they already have you go through multiple identity checks to enter the secure areas of airports. They already know you're in the secure area. All these facial scans do is tell them where you are within the secure area, which is about the furthest thing from private info.
The 10 Commandments (1923) is different than The 10 Commandments (1956). Both were directed and produced by Cecil B. DeMille, but the former is a silent film that is set to be released into the public domain, whereas the latter stars Charlton Heston and Yul Brynner and is the one with which I suspect most of us here are more familiar.
Orphaned how? A Time Capsule device is just their Time Machine feature wrapped in a piece of hardware, but the feature exists without the Tim Capsule, and is, in fact, how most users are using it already. All you need for Time Machine is a hard drive connected to your Mac. The Time Capsule was just a simple way of putting that drive on your network instead of next to your machine.
Likewise, AirPlay works fine over any WiFi network, Airport or not. The only thing the Airport line brought to AirPlay was the addition of an AirPlay receiver with the Airport Express. I.e. The Express has an audio jack so you can play audio over your network, but there are already hundreds of speakers, docks, AVRs, and even apps for smartphones that allow you to stream AirPlay signals without the Express, so the feature is hardly orphaned. In fact, AirPlay 2 is the next version of the feature and is currently in the beta for the next iOS update.
Even with ordering regularly, I never got my money’s worth at the $50 student pricing level that I tried when I was in grad school. If I’m ordering online, I’m doing so because I care more about price than getting the item into my hands as quickly as possible, so whether it arrives in two days or ten days rarely matters to me. There isn’t much of a value-add there.
Likewise, because I’m content to wait, I nearly always order more than $25/$35/whatever at a time, meaning I qualify for free shipping anyway. Amazon once tried to sell me on Prime by misleadingly claiming I would have saved $70 in the prior year had I been a Prime member. When I checked the numbers, however, I had only spent $7 on shipping that entire year. Their “savings” were apparently based on a fictional scenario in which I paid full price for two day shipping on every single order: something I had no interest in doing.
The only time I am confident I hit break-even with Prime was about a decade after grad school when I bought an item that was available to Prime members for $50 less than anywhere else I could find. Amazon renewed me at the $50 price for some reason, despite the multi-year lapse in between, and then I got the item for $50 less than MSRP. I got my money’s worth that day, but I let the subscription lapse at the end of the term when they tried to renew me at $100, because for the remainder of the year the only value my wife and I got from the service were the $1 credits towards Prime Video rentals that we got with each order when we turned down free two-day shipping. We tried using other features (e.g. linking family accounts, free Prime videos, etc.), but ran into so many technical failures and headaches that it merely pushed us away faster.
Prime may be a great value to some people, but as a patient person who’s price conscious, I’m clearly not their target audience.
If they say Obama refused 21, and Trump has said fsck off to 26
You've got the situation reversed. When you're a law enforcement officer dealing with national security and want to request a warrant, you can't go to a normal court to ask for a warrant since it's a sensitive matter, so you instead go to a FISA court to ask for a warrant. The Presidential administration isn't refusing anything: they're the ones making the requests, and it's the FISA court refusing the requests of the intelligence/law enforcement agencies serving under the President.
Anyway, depending on how you interpret the information, this difference could mean a few different things: 1) If you assume that the FISA court has up to now been failing at its duty to provide oversight (which is a frequent complaint among many people here), then one interpretation is that the FISA court has finally started performing its duty instead of rubber-stamping everything that crosses their desks.
2) If you assume that the rejection rate for requests being made under Trump is the same as prior rejection rates, that would mean that agencies under Trump are making SIGNIFICANTLY more requests than agencies serving under previous administrations.
3) If you assume that the FISA court is behaving impartially and otherwise the same as before, then this difference is evidence that Trump's administration is abusing the system by asking for unwarranted warrants on a regular basis.
4) If you assume that the FISA court is acting partially, this difference could be evidence that the judges serving on the FISA court are rejecting requests on account of who's the boss of the people making the requests.
Or it could be some combination of the above or other factors that I've failed to account for here. The fact is, a single data point doesn't really tell us much about what's going on. I'm hoping the FISA court is finally waking up to their duties, but I figure that it's likely a combination of #1, #3, and #4.
It's a 33 megapixel display. While there certainly are professional applications for displays of that pixel count, professionals already have ways of dealing with large numbers of pixels (e.g. zooming in, which in professional workflows would almost certainly remain the preferred way of interacting with images, since they need to be able to see what they're doing), whereas they don't have a great means for dealing with poor color accuracy if the display lacks good color reproduction, which is likely to be the case with the initial displays of this pixel count.
Outside of professional circles, the use cases pretty much disappear. The cameras in the hands of normal people that are taking images of this size are doing so because the manufacturers are trying to tick checkboxes (i.e. our phone has more megapixels than our competitors'!) rather than because they're interested in producing images of the highest quality. The images from those sensors are almost universally noisy, with the extra pixels essentially going to waste. Given that, the images wouldn't actually benefit from being able to see them more clearly. Rather, being able to see them more in more detail would simply reveal more flaws in the images themselves.
Google "Chat" is a protocol much like "SMS". It's not a service in and of itself but the underlying carriage for services to ride on top. Those services should absolutely include encryption but that is not the protocol's job to handle.
Actually, it is, because end-to-end encryption cannot feasibly exist* unless a key exchange mechanism is defined by the protocol. Moreover, it's clear that you're thoroughly confused both about what end-to-end encryption actually means and what Chat actually is.
Encrypting each link in the chain—which is what you're talking about when you suggest it's a server's/service's job to handle encryption—is not the same thing as end-to-end encryption. End-to-end encryption means that only the sender and the recipient are privy to the messages: not the server, not a service, not anyone else in the chain. For that to happen, the message that you're sending has to be encrypted on your device in a way that only your recipient's device can decrypt. For all of that to work, you need a key exchange mechanism baked into the protocol in some way, since otherwise your device would have no idea what keys to use. The individual links along the chain may additionally be encrypted, but even if they weren't the message would still be end-to-end encrypted.
At this point, end-to-end encryption is simply table stakes for anyone joining the chat game. Anyone trying to enter the field with a chat system that doesn't offer end-to-end encryption is declaring their intent to scan every single one of your private messages for profit.
As for your protestation that it's a protocol not a service, it actually is a service, in the same way that SMS is both a protocol and a service. Chat supports richer content and a few other niceties that put it above SMS, but it clings to almost all of SMS's flaws, in that it isn't end-to-end encrypted, it's dependent on carrier support, and it's been superseded by far superior products from other companies (e.g. iMessages, WhatsApp, etc.).
*Okay, technically it can, but what must necessarily happen when using those protocols is that people have to share their public keys with each other in some other manner, such as a real life exchange or a trusted, third-party service, at which point those practices become de facto aspects of the protocol as a result of their necessity. Moreover, no protocol of that sort is suitable for use by the general population, hence why those sorts of protocols are relegated to users who are willing to sacrifice any notion of convenience in the interest of achieving the best security.
I find it odd that he's referred to as "former SVP at Apple Tony Fadell" rather than by his most recent major stint as the "co-founder and former CEO of Nest who was forcibly ousted after squandering hundreds of millions of Google's dollars". It strikes me as a flagrant attempt by Wired to avoid undermining the credibility of the source who is giving them material that makes for a sensationalist headline.
To be fair, Fadell's prior work—both with founding Nest and prior to that at Apple with the iPod and iPhone—is outstanding, but, so far as I've seen, he really has rested on his laurels for the last few years as the worldhas passed him by, so I'm not sure why we should be listening to what he has to say now.
Basically, anything Trump flavored has had a pretty heavy tilt in its moderation, towards the pro-Trump.
It does seem like the extremes are over represented, but I suspect those are mostly just a few people using sock puppet accounts or AC. For my part, I find that if you arrive at a divisive story shortly after it’s been posted, the comments that have been moderated up disproportionately represent one side or the other. If you come back through a day or so later, things will have settled more in alignment with the general Slashdot groupthink.
I find that I’m much happier with the state of Slashdot (though I still miss its heydey) if I browse with anything under 3 hidden and wait at least a few hours before I read the comments.
The "establishing of the connection", the "online status" that is what goes via iCloud.
As soon as the two parties are connected all traffic goes over "the internet"... no secret iCloud middle man involved. What would be the point of that?
Despite seemingly being on "my side" in this, it's worth pointing out that iMessages are a form of asynchronous communication akin to text messages, so the two (or many more) devices don't actually connect to each other via the Internet in the way that you suggest. Moreover, iCloud actually is involved as a sort of middle man in the sending of each and every message (though it isn't privy to the contents of those messages), since in addition to being the pipe through which iMessages are sent, iCloud is also what Apple uses as their key exchange mechanism for the end-to-end encryption in iMessages.
For example, in the case that someone wants to send me an iMessage, their device needs to encrypt a copy for every single device I've registered with Apple. But how does their device know what key(s) to use? And how will the message reach my devices that aren't online right now? The answer is that iCloud provides the sender with the public key for each of my registered devices, allowing them to encrypt the message in such a way that only my device(s) can decrypt the message, and then iCloud holds onto those messages until each of my devices checks in. It's a secure way of doing things...
[Lengthy aside: It's theoretically possible for Apple to create a tool for evil that allows them to inject a device into your list of registered devices, thus allowing them to read every iMessage you receive (from then on). They would also need to suppress existing behavior in iOS, since iOS currently notifies you of new devices added to your account and gives you an opportunity to revoke their access. That said, the creation of such tools is in no way in Apple's best interests. Federal wiretapping laws prohibit law enforcement agencies at all levels of government from demanding that manufacturers create new tools to access communications, but the law also allows law enforcement to demand that manufacturers make use of existing systems to tap communications, the use of which would almost certainly undermine consumer trust in Apple's devices should it ever come to light. That's a large part of why Apple pushed back against the FBI a few years ago, since Apple knew that the moment they crossed that line there'd be no going back. Pandora's Box would have been open.]
...that is simple enough to be used by the masses.
In contrast, end-to-end encrypted systems that are aimed at people with significant security concerns (e.g. whistleblowers, people in oppressive states, etc.) are anything but simple to use, since they rely on implementing their key exchange mechanism via off-platform channels (e.g. users have to physically meet in person or send their public keys via some other trusted system). For those sorts of systems, it isn't possible for a middle man to inject their own devices into the conversation like that, but users are still either having to put their mutual trust in some other system for key exchange or else must engage in the arduous practice of being in physical proximity to each and every person/device with which they want to communicate before being able to communicate.
All of which is to say, iMessages are end-to-end encrypted, but iCloud still plays a vital role in sending them. It isn't just there to facilitate a connection between two devices.
Apple doesn't claim to have decryption keys for everything that goes through iCloud, nor have they ever. Quite the contrary, in fact, since they explicitly state in their security white papers that they don't have the keys for much of it. For instance, iMessages, which go through iCloud, are end-to-end encrypted, with the sending device encrypting the message once for each receiving device. Likewise, FaceTime and many other services are end-to-end encrypted.
There are some things that they can decrypt (e.g. iCloud Backup contents, documents stored in iCloud, etc.), but those are mostly the items actually being stored there, rather than merely passing through it.
a part is “counterfeit” if it is masquerading as an original manufacturer part rather than an aftermarket one
I.e. It's a counterfeit if it bears a company's logo but isn't from that company. It's fine to sell aftermarket screens, but it's not fine to sell aftermarket screens that falsely bear a company's trademark. If a product bears Apple's logo, Apple actually may have a say in who gets to sell them. Oh, but there's a wrinkle in this case, of course:
This definition seems straightforward, but is further muddied because often broken parts—with original manufacturer logos—are sent back to China to be refurbished and sent back to independent repair companies. [...] [The defendant] imported 67 iPhone 6 and iPhone 6S screens that fell into this grey area. They were seized by Norwegian customs officials because Apple logos on the inside components of the screens “had been covered up by ink marker. The ink marker could be removed with rubbing alcohol,” [...]
So, these were screens manufactured for Apple that Apple had rejected for whatever reason. At that point, despite bearing Apple's logo they were no longer "official" Apple screens and could not be marketed or sold as such. As such, should an unscrupulous repair shop try to pass them off as official Apple screens, they could find themselves in hot water. Thankfully, this guy wasn't doing that:
[The defendant] told me [...] that they were “refurbished screens assembled by a third party.” [The defendant] told the court that ‘the logo is covered up because it has never been relevant to market the products as Apple products,” the court decision states. “[The repair shop] has never removed the coverup of the Apple logo on the screens that have been imported and has no interest in doing so. [The repair shop] does not pretend or market itself as Apple authorized and does not give any indication that the repair comes with an Apple warranty.”
Had he been making repairs while claiming he was using official Apple parts, he'd have been defrauding customers and rightly would have been in trouble, but that's not what he was doing. Had those parts not had their logos covered up, he'd have run afoul of EU laws governing the use of trademarks, but that's not what happened here. The fact is, he's using parts sourced from a third-party supplier who is clearly making an effort to ensure that the parts are not mistaken for official ones. He never claimed they were official parts, never claimed he was authorized by Apple, and went to every reasonable effort to ensure that there would be no confusion.
Apple is well within its rights to prevent counterfeit parts from being used by unscrupulous repair shops, but the defendant here was doing no such thing, so the decision makes perfect sense while also not having any wide-reaching impact on Apple's ability to prevent unlawful use of its trademark.
Great question, but this is actually quite similar to existing restrictions on free speech. For instance, according to federal wiretapping laws it’s already illegal in all states to record a private conversation without consent (the question of whose consent is necessary varies from state to state). In a sense, this law is proposing to extend that restriction to various forms of asynchronous communication, rather than just synchronous, real-time communication, ensuring that what you say in “private conversation” to a Facebook or Google stays between the two of you unless you consent for them to share it with others.
More broadly, while the First Amendment is incredibly important, it’s also important to remember that it has never been universal. Whether it’s shouting “Fire!” in a theater, slandering or libeling a political opponent, swatting an online foe, or falsely claiming that your quack medicine is proven to cure all ailments, we’ve had restrictions on the right to free speech from the every beginning. The fact that we allow state secrets to be published shows you just how important it is, but that doesn’t mean it isn’t without limitations, and that’s a very good thing
No, it's not. They may be handled as part of the same step in some implementations (e.g. providing your username and password at the same time), but claiming to be X (i.e. identification, e.g. "Hi, I'm Joe") is not the same as proving one is X (i.e. authentication, e.g. "Here's my driver's license") is not the same as consenting to an action (i.e. authorization, e.g. "And here's my signature on the dotted line"). Put differently: - Identification: Let's make sure we know who we're talking about - Authentication: Let's make sure you're who you claim to be - Authorization: Let's make sure we have your consent
Identification must always precede authentication must always precede authorization. The fact that these three are conflated is a large part of why there are so many security issues with logins today. Biometrics are great at identification (each person has a unique identifier), but they're a bit hit-and-miss at authentication (bad actors can intercept or replicate them with varying degrees of ease), and their usefulness for authorization differs wildly based on implementation, since some of them are starting to stray into the territory of passive actions, rather than purposeful actions. For instance, Apple's Touch ID requires a purposeful action, making it clear that the user consents to the request, but Face ID seems as if it could be activated inadvertently, making it less clear whether authorization was actually intended to be granted.
So, let me get this straight: I refer to it as a “passing fad”, “ridiculous”, and “appeal[ing] to undiscerning buyers”, and you somehow come away thinking that I’m a prisoner defending my captor?
At least you had the guts to put your name on your flagrant display of poor reading comprehension. It’s usually just the ACs who post such drivel.
Exactly. Apple took a limitation of the current technology and "owned" that limitation by styling it as a defining characteristic, rather than trying to hide it as others have done. And that was a great marketing decision on their part, because in doing so they've put themselves at the forefront of a fad they created. But make no mistake: the notch is designed to be a passing fad. Just as soon as the technology develops to where they want it to be, Apple will drop it and the models (both theirs and their competitors') that still have one will seem antiquated with their ridiculous notches.
As for the Android question at the top, the answer is, of course, "it depends". If they're doing it because they're facing those same technical limitations and the notch is an easier approach than designing an alternative, sure, embrace the notch and enjoy the fact that you won't have to do the hard work of convincing people it's an acceptable design. If they don't have those technical limitations and they're simply adding a notch to keep up with the fad, then it makes no sense to add one, other than to appeal to undiscerning buyers (which, frankly, is a valid demographic to target since there's good money to be made there).
Slashdot Mirror
Astronauts are safest on the ground.
Tell that to the family of the crew of Apollo 1.
In talking with a four-flight NASA astronaut in 2002, I recall them mentioning that NASA pegged the odds of a catastrophic failure with the orbiter at about 1 in 40...which was a statement that came to mind just a few months later when Columbia exploded.
That said, after the initial batch, NASA wasn't building new orbiters, meaning that they had very little ability to iterate and improve. In contrast, and as you suggested, SpaceX has been able to learn from its mistakes and build new rockets in different ways, so it stands to reason that the odds ofany given launch failing should be better than what their historical failure rate might suggest. I.e. Even though their historical failure rate may be 2 in 54, the odds of launch #55 failing are less than that.
If their failure rate has been 3.7% up to now, and the odds of failure have gotten better since then, and the failure rate of the orbiter is the standard for what we consider acceptable, then the Falcon 9 may already be "good enough" for manned missions, or else very close.
The point is that geo-fencing is a misguided attempt to avoid liability since a user can be outside the EU and still be protected by the law.
You shouldn't believe everything you read online. Article 3 of the GDPR (see: page 110) specifies the "territorial scope" where the GDPR applies. While there are some details I'm glossing over, the gist of it is that the GDPR only applies when you, the company, or the target of the business is physically located in the EU. Notably, it makes no attempt at distinguishing between citizens and non-citizens, whether local or abroad, nor does it attempt to apply itself outside EU borders, except inasmuch as international law applies (e.g. reciprocal treaties, territories subject to EU member states, etc.).
So, if you're a person in Frankfurt trying to book a flight with Lufthansa, you get GDPR protection, regardless of if you're German, American, or anything else. The company is based in the EU and you're in the EU, so you get the protection.
If you're a person in New York trying to book a flight with Lufthansa, the company is still based in the EU, so you get GDPR protection, again without regard for your citizenship. This is a fact that—as an American—I am very much looking forward to, since it means that some of the benefits actually do extend to me over here.
If you're signing up for Netflix on its German-language site while in Frankfurt, you get GDPR protection. They're targeting people in the EU with their website, so they've made themselves subject to EU regulation. And again, the regulation applies, regardless of your nationality.
If you're signing up for Netflix on its English-language site while in New York, the company is neither targeting you in the EU nor is it based in the EU, so YOU DO NOT GET GDPR PROTECTION. And, as with the other examples, that's true whether you're from the EU or not.
As for what any of this has to do with geofencing, whether the GDPR applies to a foreign company boils down to whether they are targeting users located in the EU. If they engage in marketing in the EU, make their website available in the native language of an EU member state, or accept payment in Euros, those could be taken as proof that a company is targeting EU users and is subject to the GDPR. Conversely, geofencing the site to prevent users in the EU from accessing it is an effective way to proactively protect themselves from claims that they are targeting European users and should be subject to the terms of the GDPR.
All of which is to say, no, geofencing is not a misguided attempt at avoiding liability. It's actually a perfectly legal step that fully complies with the terms laid out in the GDPR. Moreover, the GDPR is completely unenforceable at a Starbucks in Iowa, not because the EU has no ability to enforce it there, but rather because the EU made no attempt to enforce it there. They respected the sovereignty of foreign regions.
You're essentially talking about implementing CAPTCHA for phone calls, but CAPTCHA only works in two circumstances:
1) Security through obscurity. If the CAPTCHA system you rely on is not widely used, no one will bother writing bots to circumvent it.
2) Rely on a skill that is trivial for humans but difficult for robots.
Responding with a preset response to a clearly-spoken, pre-recorded message is trivial to program, even if you let the recipient choose between a large number of preset choices. The only reason the bots haven't been updated to do so already is because Obi110 and its kind are a small enough segment of the market that they're not worth addressing yet. The moment Google, Apple, or anyone else running a large platform makes that sort of thing a built-in feature, the bots will all be updated with circumvention steps that simply fingerprint the pre-recorded audio clips, map them to the known solutions, and then reply appropriately.
You could try garbling the pre-recorded messages, but then you run the risk of making it impossible for anyone to respond correctly. You could try letting recipients provide instructions in their own voice, but parsing plainly-spoken numbers/letters from arbitrary voices is not particularly difficult for bots to do, so it wouldn't be much of a setback either.
The way to address this is either through the carriers (they should know where these calls are coming from and have the ability to block them, regardless of whatever spoofed data the caller may be putting in the caller ID header), or else through market forces (i.e. we get pushed into using Skype, WhatsApp, FaceTime, etc. for "phone calls"). Honestly, I suspect the latter may end up happening. For the people I "phone" regularly, none of us actually talk via traditional voice lines. It's all via data/Internet lines. Not that I'm holding my breath, but if Apple were to finally fulfill their long-ago promise to open-source FaceTime (FaceTime isn't just video chat, it can be audio-only as well), Google could adopt it and we could see a proliferation of low-cost, data-only devices that render traditional voice lines (and the problems associated with them) obsolete practically overnight.
A EU citizen sitting in Starbucks in the US is equally as protected as if they were sitting in France.
No they're not. The text of the GDPR doesn't mention "citizens" even once, but it does specify the cases where it applies:
Article 3(1): This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.
I.e. All European companies must comply.
Article 3(2): This regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to:
a. The offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or
b. The monitoring of their behavior as far as their behavior takes place within the Union.
I.e. Any foreign company selling to or monitoring someone physically located in the EU—regardless of their citizenship—must comply.
Article 3(3): This Regulation applies to the processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law.
I.e. Any foreign company who is otherwise required to comply by international law must comply.
And that's it. That's the exhaustive list. There are no other cases where it applies.
Notably absent from that list is anything even remotely resembling your claims. In fact, EU citizens traveling abroad are, generally speaking, NOT protected by the GDPR so long as they are abroad. And really, that's how it should be since it'd be wholly unenforceable in a jurisdiction outside of EU control. Jurisdictionally, it'd be no different than the US' recent, wrongful attempt to enforce its will outside its jurisdiction when it demanded that Microsoft hand over data contained in its European data centers.
So, contrary to your claim, if all a foreign company does is geofence their service, then yes, they should be just fine.
Forget liquidating the whole company. What if the company merely sells off a part of itself, such as its business interests in a market it's exiting? Do any customer names associated with the company remain with the portion of the company that goes to the buyer, or do they stay with the seller company, or do both the buyer and the seller get to have them since those are customers for both of them?
This is why we see things like poison pills occasionally pop up in the privacy policies of ethical companies: should they get bought out, the privacy policy either explicitly forbids the buyer from using the data, or else it would obligate the buyer to pay out vast sums of money to each customer should it try to use the data. Either way, it makes the use of the data infeasible, but it also limits the original company from angling for an eventual buyout or merger in many cases, which may be to their own detriment.
And that purported "reverse" discrimination consisted of a single internship set aside for somebody who is not a heterosexual white male.
That's it: one internship.
So, how many institutional acts of discrimination would an organization need to engage in before you’d object? Because what you’re arguing here is that “it’s just a little one, so it’s okay.” At what point does the discrimination become too much for you?
Hearing what you’re saying, I’m reminded of an apocryphal conversation attributed to Winston Churchill:
Churchill: Madam, would you sleep with me for five million pounds?
Socialite: My goodness, Mr. Churchill... Well, I suppose... we would have to discuss terms, of course...
Churchill: Would you sleep with me for five pounds?
Socialite: Mr. Churchill, what kind of woman do you think I am?!
Churchill: Madam, we've already established that. Now we are haggling about the price.
Moreover, there’s nothing “purported” about it. They’re explicitly excluding people based on gender identity, nationality, and ethnicity. That’s straight up discrimination. You may be right in suggesting that he’s using this as a cover for his own prejudices, but don’t use your desire to call him out as a justification for condoning discrimination.
That's roughly where I was at for a number of years, but when my wife got pregnant last year we figured it was time to assemble some local storage on our network for keeping original copies of our photos and videos, storing our Time Machine backups, and hosting our Plex and (old, not-yet-stripped-of-DRM) iTunes content, so I picked up 4 x 5TB drives and slapped them in a directly-connected enclosure with a RAID 5 configuration. It's FAR more than we currently need, but Black Friday served up some steep discounts on large, high quality drives, and it's nice to know that we have room to grow without concern for many years. Plus, as a direct-connected enclosure, it gets backed up to Backblaze with the computer to which it's attached, whereas a NAS would require a separate backup plan.
At this point we're using about 1.5 of the 15 TB available for storage (the other 5 TB go to parity for RAID 5), but I still need to move our Time Machine backups to it and I'm still nowhere close to being done (re-)ripping the discs we own for Plex, so I expect we'll be closer to 3-5 TB by the time I'm done with what we currently have.
Came here to say just this. It'll be a shutdown, followed by a sell-off to a "completely different" company that is actually just the same people doing the same thing.
The late passengers should miss their plane.
You're cutting off your nose to spite your face. Even if we grant that late passengers deserve to miss their flight, the plane has no awareness of their tardiness, so you're delaying the other passengers needlessly as they wait for a passenger who won't arrive on time anyway. If the airport can confirm that the person isn't present or is too far away, the plane can leave as soon as the passengers who are actually present are ready to go, helping keep everyone on schedule.
Likewise, if the last person to board would make it on time but could make it there sooner with the assistance of a motor cart or helpful directions from proactive airport staff, why not get them there sooner so that the plane can queue up for take-off earlier? Again, there's no sense in needlessly waiting.
And what about when the airline/airport is at fault for the person being late? I nearly experienced that last year while transiting through Frankfurt. I arrived early at the gate to which the airport displays directed me and waited for boarding to start. About 20 minutes before boarding, the gate agent announced a different flight, after which the displays updated to show that a gate change had occurred. The new gate was a 20 minute brisk jog/run away from the original gate (and I was carrying a week's worth of heavy luggage for two). I barely made it on time and the airport had to dispatch a number of motor carts to assist other passengers who weren't as capable. I later found out that the gate change had been made hours prior while we were over the Atlantic, but without a local data plan to receive e-mails/notifications we were dependent on the airport's displays being accurate, which they weren't.
As for the Orwellian concerns, the facial scans don't change anything. They already have your face on file and they already have you go through multiple identity checks to enter the secure areas of airports. They already know you're in the secure area. All these facial scans do is tell them where you are within the secure area, which is about the furthest thing from private info.
The 10 Commandments (1923) is different than The 10 Commandments (1956). Both were directed and produced by Cecil B. DeMille, but the former is a silent film that is set to be released into the public domain, whereas the latter stars Charlton Heston and Yul Brynner and is the one with which I suspect most of us here are more familiar.
Orphaned how? A Time Capsule device is just their Time Machine feature wrapped in a piece of hardware, but the feature exists without the Tim Capsule, and is, in fact, how most users are using it already. All you need for Time Machine is a hard drive connected to your Mac. The Time Capsule was just a simple way of putting that drive on your network instead of next to your machine.
Likewise, AirPlay works fine over any WiFi network, Airport or not. The only thing the Airport line brought to AirPlay was the addition of an AirPlay receiver with the Airport Express. I.e. The Express has an audio jack so you can play audio over your network, but there are already hundreds of speakers, docks, AVRs, and even apps for smartphones that allow you to stream AirPlay signals without the Express, so the feature is hardly orphaned. In fact, AirPlay 2 is the next version of the feature and is currently in the beta for the next iOS update.
Even with ordering regularly, I never got my money’s worth at the $50 student pricing level that I tried when I was in grad school. If I’m ordering online, I’m doing so because I care more about price than getting the item into my hands as quickly as possible, so whether it arrives in two days or ten days rarely matters to me. There isn’t much of a value-add there.
Likewise, because I’m content to wait, I nearly always order more than $25/$35/whatever at a time, meaning I qualify for free shipping anyway. Amazon once tried to sell me on Prime by misleadingly claiming I would have saved $70 in the prior year had I been a Prime member. When I checked the numbers, however, I had only spent $7 on shipping that entire year. Their “savings” were apparently based on a fictional scenario in which I paid full price for two day shipping on every single order: something I had no interest in doing.
The only time I am confident I hit break-even with Prime was about a decade after grad school when I bought an item that was available to Prime members for $50 less than anywhere else I could find. Amazon renewed me at the $50 price for some reason, despite the multi-year lapse in between, and then I got the item for $50 less than MSRP. I got my money’s worth that day, but I let the subscription lapse at the end of the term when they tried to renew me at $100, because for the remainder of the year the only value my wife and I got from the service were the $1 credits towards Prime Video rentals that we got with each order when we turned down free two-day shipping. We tried using other features (e.g. linking family accounts, free Prime videos, etc.), but ran into so many technical failures and headaches that it merely pushed us away faster.
Prime may be a great value to some people, but as a patient person who’s price conscious, I’m clearly not their target audience.
If they say Obama refused 21, and Trump has said fsck off to 26
You've got the situation reversed. When you're a law enforcement officer dealing with national security and want to request a warrant, you can't go to a normal court to ask for a warrant since it's a sensitive matter, so you instead go to a FISA court to ask for a warrant. The Presidential administration isn't refusing anything: they're the ones making the requests, and it's the FISA court refusing the requests of the intelligence/law enforcement agencies serving under the President.
Anyway, depending on how you interpret the information, this difference could mean a few different things:
1) If you assume that the FISA court has up to now been failing at its duty to provide oversight (which is a frequent complaint among many people here), then one interpretation is that the FISA court has finally started performing its duty instead of rubber-stamping everything that crosses their desks.
2) If you assume that the rejection rate for requests being made under Trump is the same as prior rejection rates, that would mean that agencies under Trump are making SIGNIFICANTLY more requests than agencies serving under previous administrations.
3) If you assume that the FISA court is behaving impartially and otherwise the same as before, then this difference is evidence that Trump's administration is abusing the system by asking for unwarranted warrants on a regular basis.
4) If you assume that the FISA court is acting partially, this difference could be evidence that the judges serving on the FISA court are rejecting requests on account of who's the boss of the people making the requests.
Or it could be some combination of the above or other factors that I've failed to account for here. The fact is, a single data point doesn't really tell us much about what's going on. I'm hoping the FISA court is finally waking up to their duties, but I figure that it's likely a combination of #1, #3, and #4.
It's a 33 megapixel display. While there certainly are professional applications for displays of that pixel count, professionals already have ways of dealing with large numbers of pixels (e.g. zooming in, which in professional workflows would almost certainly remain the preferred way of interacting with images, since they need to be able to see what they're doing), whereas they don't have a great means for dealing with poor color accuracy if the display lacks good color reproduction, which is likely to be the case with the initial displays of this pixel count.
Outside of professional circles, the use cases pretty much disappear. The cameras in the hands of normal people that are taking images of this size are doing so because the manufacturers are trying to tick checkboxes (i.e. our phone has more megapixels than our competitors'!) rather than because they're interested in producing images of the highest quality. The images from those sensors are almost universally noisy, with the extra pixels essentially going to waste. Given that, the images wouldn't actually benefit from being able to see them more clearly. Rather, being able to see them more in more detail would simply reveal more flaws in the images themselves.
Google "Chat" is a protocol much like "SMS". It's not a service in and of itself but the underlying carriage for services to ride on top. Those services should absolutely include encryption but that is not the protocol's job to handle.
Actually, it is, because end-to-end encryption cannot feasibly exist* unless a key exchange mechanism is defined by the protocol. Moreover, it's clear that you're thoroughly confused both about what end-to-end encryption actually means and what Chat actually is.
Encrypting each link in the chain—which is what you're talking about when you suggest it's a server's/service's job to handle encryption—is not the same thing as end-to-end encryption. End-to-end encryption means that only the sender and the recipient are privy to the messages: not the server, not a service, not anyone else in the chain. For that to happen, the message that you're sending has to be encrypted on your device in a way that only your recipient's device can decrypt. For all of that to work, you need a key exchange mechanism baked into the protocol in some way, since otherwise your device would have no idea what keys to use. The individual links along the chain may additionally be encrypted, but even if they weren't the message would still be end-to-end encrypted.
At this point, end-to-end encryption is simply table stakes for anyone joining the chat game. Anyone trying to enter the field with a chat system that doesn't offer end-to-end encryption is declaring their intent to scan every single one of your private messages for profit.
As for your protestation that it's a protocol not a service, it actually is a service, in the same way that SMS is both a protocol and a service. Chat supports richer content and a few other niceties that put it above SMS, but it clings to almost all of SMS's flaws, in that it isn't end-to-end encrypted, it's dependent on carrier support, and it's been superseded by far superior products from other companies (e.g. iMessages, WhatsApp, etc.).
*Okay, technically it can, but what must necessarily happen when using those protocols is that people have to share their public keys with each other in some other manner, such as a real life exchange or a trusted, third-party service, at which point those practices become de facto aspects of the protocol as a result of their necessity. Moreover, no protocol of that sort is suitable for use by the general population, hence why those sorts of protocols are relegated to users who are willing to sacrifice any notion of convenience in the interest of achieving the best security.
I find it odd that he's referred to as "former SVP at Apple Tony Fadell" rather than by his most recent major stint as the "co-founder and former CEO of Nest who was forcibly ousted after squandering hundreds of millions of Google's dollars". It strikes me as a flagrant attempt by Wired to avoid undermining the credibility of the source who is giving them material that makes for a sensationalist headline.
To be fair, Fadell's prior work—both with founding Nest and prior to that at Apple with the iPod and iPhone—is outstanding, but, so far as I've seen, he really has rested on his laurels for the last few years as the worldhas passed him by, so I'm not sure why we should be listening to what he has to say now.
Basically, anything Trump flavored has had a pretty heavy tilt in its moderation, towards the pro-Trump.
It does seem like the extremes are over represented, but I suspect those are mostly just a few people using sock puppet accounts or AC. For my part, I find that if you arrive at a divisive story shortly after it’s been posted, the comments that have been moderated up disproportionately represent one side or the other. If you come back through a day or so later, things will have settled more in alignment with the general Slashdot groupthink.
I find that I’m much happier with the state of Slashdot (though I still miss its heydey) if I browse with anything under 3 hidden and wait at least a few hours before I read the comments.
WTF, has no one any clue anymore?
The "establishing of the connection", the "online status" that is what goes via iCloud.
As soon as the two parties are connected all traffic goes over "the internet" ... no secret iCloud middle man involved. What would be the point of that?
Despite seemingly being on "my side" in this, it's worth pointing out that iMessages are a form of asynchronous communication akin to text messages, so the two (or many more) devices don't actually connect to each other via the Internet in the way that you suggest. Moreover, iCloud actually is involved as a sort of middle man in the sending of each and every message (though it isn't privy to the contents of those messages), since in addition to being the pipe through which iMessages are sent, iCloud is also what Apple uses as their key exchange mechanism for the end-to-end encryption in iMessages.
For example, in the case that someone wants to send me an iMessage, their device needs to encrypt a copy for every single device I've registered with Apple. But how does their device know what key(s) to use? And how will the message reach my devices that aren't online right now? The answer is that iCloud provides the sender with the public key for each of my registered devices, allowing them to encrypt the message in such a way that only my device(s) can decrypt the message, and then iCloud holds onto those messages until each of my devices checks in. It's a secure way of doing things...
[Lengthy aside: It's theoretically possible for Apple to create a tool for evil that allows them to inject a device into your list of registered devices, thus allowing them to read every iMessage you receive (from then on). They would also need to suppress existing behavior in iOS, since iOS currently notifies you of new devices added to your account and gives you an opportunity to revoke their access. That said, the creation of such tools is in no way in Apple's best interests. Federal wiretapping laws prohibit law enforcement agencies at all levels of government from demanding that manufacturers create new tools to access communications, but the law also allows law enforcement to demand that manufacturers make use of existing systems to tap communications, the use of which would almost certainly undermine consumer trust in Apple's devices should it ever come to light. That's a large part of why Apple pushed back against the FBI a few years ago, since Apple knew that the moment they crossed that line there'd be no going back. Pandora's Box would have been open.]
...that is simple enough to be used by the masses.
In contrast, end-to-end encrypted systems that are aimed at people with significant security concerns (e.g. whistleblowers, people in oppressive states, etc.) are anything but simple to use, since they rely on implementing their key exchange mechanism via off-platform channels (e.g. users have to physically meet in person or send their public keys via some other trusted system). For those sorts of systems, it isn't possible for a middle man to inject their own devices into the conversation like that, but users are still either having to put their mutual trust in some other system for key exchange or else must engage in the arduous practice of being in physical proximity to each and every person/device with which they want to communicate before being able to communicate.
All of which is to say, iMessages are end-to-end encrypted, but iCloud still plays a vital role in sending them. It isn't just there to facilitate a connection between two devices.
Apple doesn't claim to have decryption keys for everything that goes through iCloud, nor have they ever. Quite the contrary, in fact, since they explicitly state in their security white papers that they don't have the keys for much of it. For instance, iMessages, which go through iCloud, are end-to-end encrypted, with the sending device encrypting the message once for each receiving device. Likewise, FaceTime and many other services are end-to-end encrypted.
There are some things that they can decrypt (e.g. iCloud Backup contents, documents stored in iCloud, etc.), but those are mostly the items actually being stored there, rather than merely passing through it.
The article specifically answers your question:
a part is “counterfeit” if it is masquerading as an original manufacturer part rather than an aftermarket one
I.e. It's a counterfeit if it bears a company's logo but isn't from that company. It's fine to sell aftermarket screens, but it's not fine to sell aftermarket screens that falsely bear a company's trademark. If a product bears Apple's logo, Apple actually may have a say in who gets to sell them. Oh, but there's a wrinkle in this case, of course:
This definition seems straightforward, but is further muddied because often broken parts—with original manufacturer logos—are sent back to China to be refurbished and sent back to independent repair companies. [...] [The defendant] imported 67 iPhone 6 and iPhone 6S screens that fell into this grey area. They were seized by Norwegian customs officials because Apple logos on the inside components of the screens “had been covered up by ink marker. The ink marker could be removed with rubbing alcohol,” [...]
So, these were screens manufactured for Apple that Apple had rejected for whatever reason. At that point, despite bearing Apple's logo they were no longer "official" Apple screens and could not be marketed or sold as such. As such, should an unscrupulous repair shop try to pass them off as official Apple screens, they could find themselves in hot water. Thankfully, this guy wasn't doing that:
[The defendant] told me [...] that they were “refurbished screens assembled by a third party.” [The defendant] told the court that ‘the logo is covered up because it has never been relevant to market the products as Apple products,” the court decision states. “[The repair shop] has never removed the coverup of the Apple logo on the screens that have been imported and has no interest in doing so. [The repair shop] does not pretend or market itself as Apple authorized and does not give any indication that the repair comes with an Apple warranty.”
Had he been making repairs while claiming he was using official Apple parts, he'd have been defrauding customers and rightly would have been in trouble, but that's not what he was doing. Had those parts not had their logos covered up, he'd have run afoul of EU laws governing the use of trademarks, but that's not what happened here. The fact is, he's using parts sourced from a third-party supplier who is clearly making an effort to ensure that the parts are not mistaken for official ones. He never claimed they were official parts, never claimed he was authorized by Apple, and went to every reasonable effort to ensure that there would be no confusion.
Apple is well within its rights to prevent counterfeit parts from being used by unscrupulous repair shops, but the defendant here was doing no such thing, so the decision makes perfect sense while also not having any wide-reaching impact on Apple's ability to prevent unlawful use of its trademark.
Great question, but this is actually quite similar to existing restrictions on free speech. For instance, according to federal wiretapping laws it’s already illegal in all states to record a private conversation without consent (the question of whose consent is necessary varies from state to state). In a sense, this law is proposing to extend that restriction to various forms of asynchronous communication, rather than just synchronous, real-time communication, ensuring that what you say in “private conversation” to a Facebook or Google stays between the two of you unless you consent for them to share it with others.
More broadly, while the First Amendment is incredibly important, it’s also important to remember that it has never been universal. Whether it’s shouting “Fire!” in a theater, slandering or libeling a political opponent, swatting an online foe, or falsely claiming that your quack medicine is proven to cure all ailments, we’ve had restrictions on the right to free speech from the every beginning. The fact that we allow state secrets to be published shows you just how important it is, but that doesn’t mean it isn’t without limitations, and that’s a very good thing
Actually, authentication is identification.
No, it's not. They may be handled as part of the same step in some implementations (e.g. providing your username and password at the same time), but claiming to be X (i.e. identification, e.g. "Hi, I'm Joe") is not the same as proving one is X (i.e. authentication, e.g. "Here's my driver's license") is not the same as consenting to an action (i.e. authorization, e.g. "And here's my signature on the dotted line"). Put differently:
- Identification: Let's make sure we know who we're talking about
- Authentication: Let's make sure you're who you claim to be
- Authorization: Let's make sure we have your consent
Identification must always precede authentication must always precede authorization. The fact that these three are conflated is a large part of why there are so many security issues with logins today. Biometrics are great at identification (each person has a unique identifier), but they're a bit hit-and-miss at authentication (bad actors can intercept or replicate them with varying degrees of ease), and their usefulness for authorization differs wildly based on implementation, since some of them are starting to stray into the territory of passive actions, rather than purposeful actions. For instance, Apple's Touch ID requires a purposeful action, making it clear that the user consents to the request, but Face ID seems as if it could be activated inadvertently, making it less clear whether authorization was actually intended to be granted.
So, let me get this straight: I refer to it as a “passing fad”, “ridiculous”, and “appeal[ing] to undiscerning buyers”, and you somehow come away thinking that I’m a prisoner defending my captor?
At least you had the guts to put your name on your flagrant display of poor reading comprehension. It’s usually just the ACs who post such drivel.
Exactly. Apple took a limitation of the current technology and "owned" that limitation by styling it as a defining characteristic, rather than trying to hide it as others have done. And that was a great marketing decision on their part, because in doing so they've put themselves at the forefront of a fad they created. But make no mistake: the notch is designed to be a passing fad. Just as soon as the technology develops to where they want it to be, Apple will drop it and the models (both theirs and their competitors') that still have one will seem antiquated with their ridiculous notches.
As for the Android question at the top, the answer is, of course, "it depends". If they're doing it because they're facing those same technical limitations and the notch is an easier approach than designing an alternative, sure, embrace the notch and enjoy the fact that you won't have to do the hard work of convincing people it's an acceptable design. If they don't have those technical limitations and they're simply adding a notch to keep up with the fad, then it makes no sense to add one, other than to appeal to undiscerning buyers (which, frankly, is a valid demographic to target since there's good money to be made there).