Every single one of those, requires permission from the user to do - posting tweets an app cannot do directly, it brings up a sheet.
This example isn't correct. Apps can get access to the social framework, which allows them to do things directly to the Twitter web API, which as far as I know, includes posting Tweets. This is used for apps that want to have their own custom UIs but also have access to the user's Twitter data (for example, Twitter clients.)
Now, you are right in that this would spawn a dialog that requires user authorization. Trying to access the user's Twitter account token will cause the system to ask the user's permission, and it will tell the user you are allowing the app to post to your Twitter account. So the app can't just start posting things quietly.
But this isn't really that amazing in that any app on iOS that asks for your Twitter permissions could do things with them. So more of a reminder that yes, you should be careful what apps get permissions to your social network accounts.
I'm sorry but Apple deserves what they get as Jobs knew for a decade his time was running out but right up almost to the bitter end he refused to groom his replacement and make sure the company would continue down the path he set. You read the emails and other behind the scenes stuff and its really hard to get the impression all that Jobs cared about was Jobs and that the company tanking when he died would just boost his legend that much more which was fine by him.
Jobs had groomed his replacement for years in Jony Ive. And despite Tim Cook running the company because of his business background, look who's running all the Apple design devisions, and is single handedly determining the direction of major products like iOS 7? Looks he's doing what Steve used to do, and by initial accounts, is doing a damn good job after Forstall got shown the door?
If your thesis is that Jobs never groomed a successor, you're dead wrong.
RT pounces on Fox News, but is Fox News manufacturing the original story, or RT manufacturing the pounce?
I suppose my wording was inaccurate. In this particular case - and usually - Fox News wasn't lying outright. They just tried to omit the crucial facts to paint the picture the way they wanted to. RT pounced on that, pointing out the inconveniently omitted facts and the attempt to suppress them. Between the two, the overall set of facts that you got was accurate enough to make an accurate judgment for yourself.
But again, accurate according to who? As Steven Colbert would point out (or agree with, I suppose) just because your gut agrees with it doesn't make it accurate. Two bias sources doesn't necessarily result in a good judgement if both are wrong.
What does help someone parse news is trusting a source, which goes back to my original point. Combining two untrustworthy sources doesn't suddenly make a trustworthy one. That's like saying if you put two dishonest people in a room, you'll end up with the truth. We have Congress to disprove that idea...
Yes, you fact-check them against other news outlets. If one of them lies, others will happily pounce on that lie (a good example of that was how RT pounced on Fox News during the South Ossetian war) - this is precisely why they prefer to not manufacture outright lies, but more often lie by omission and recomposition instead.
But then we're back to the initial problem. RT pounces on Fox News, but is Fox News manufacturing the original story, or RT manufacturing the pounce? Again, we're back to not trusting a news network not meaning you can just pick and choose and balance things out and that's all ok.
Oh, there's plenty of truth on RT. The problem with them is that they cherry-pick truthful facts and arrange them in such a way as to present a different picture (but then Fox News and the like do the same also). So if you merely want to learn about the facts, it actually makes sense to include RT in your reading/viewing list - alongside with other similar outfits. What one of them will be silent on, the others will pick up, and vice versa.
And given that Russia Today is accused of being a propaganda arm of the Russian government, how does one separate what is truthful facts and what is not?
That's the basic problem. With the accusations in mind, should anyone take any random snippet of information on Russia Today as fact? The idea is that I'm supposed to take facts from site A and match them up with site B, but if I don't even know what's a fact and what's not where do I even start? Taking the word of a news outlet requires trust, but if I don't have trust in them then where do I start?
I never implied that there are not other problems on networks, I was just stating a truth. I feel unnecessary exposure exasperates the problem. This is not a attack on home based servers, I am very much keen on running them myself.
I'm confused. It's not like the article is saying everyone should turn on an http server. Just like how other users run Bittorrent servers, or Starcraft servers, or advertise any sort of port at all, why should people not be able to run web servers when they deem it necessary? I don't think the implication was that everybody should unnecessarily run web servers.
If we're out to prevent unnecessary exposure, why not ban all those all services that have server components and could use resources or be reverse engineered?
On the other hand, imagine the security nightmare a network like Google Fiber could become with 1gb uplinks and tons of rogue apps and sites infected by malware, bots, etc.
Because this never ever ever happens on machines that aren't web servers.
Go ahead and watch online: Two channels in English. Sad that there is a demand for news bent to the side of a human right abuser like Russia. But the Obama administration (like the Bush administration) before has been so corrupt that outside views are needed.
We're tired of inaccurate, bias media so let's go watch other inaccurate, bias media?
It's not like the two somehow even out and you end up with the truth. They're both just making random crap up as they go.
I like my iPhone well enough, but I find the way it stores data, sandboxed into each app, absolutely painful, and having to use that hideous iTunes app is an even greater agony. I love my Nexus 7. I have Dropbox, Google Docs or a USB cable and can move files back and forth with ease. So while there are aspects of iOS I like (I like the calendar/scheduling app in iOS, just feels more complete), when I give my old iPhone to my kid, I'm looking at getting an unlocked Android phone.
The lack of an accessible file system is mostly due to Apple's priorities and focus (I know this may not please the Slashdot crowd) on moving files to the cloud.
iCloud's premise is that your local files and your cloud files co-exist in one big bucket transparently, and iOS's implementation is the realization of this. Whatever iOS device you get on, your files are there. You don't have to copy them to a USB key or find them on the file system or manage different versions. Each file has a "truth" version in the cloud. Having access to the file system as a end user function breaks this illusion. You're back to worrying about what's on disk, what folder everything is in, etc etc... And while that's more of a design choice, it also wouldn't surprise me if Apple starts really messing with iOS's file system on a technical data to make it even less friendly to traditional file browsing. I could see them going for a totally metadata based file system in the future.
OS X is a legacy OS, so it is much more of a reflection of the mess of having two user facing buckets. The iCloud implementation on OS X is just hands down awful compared to iOS. Separate file browsers, bad user experience, ugh... OS X Mavericks moves towards fixing this a bit by adding file browsing based on metadata based instead of file paths. Because both local and iCloud files can have metadata they're all back to living in the same bucket, and the user experience is much better.
So Apple's lack of a file browser isn't necessarily because they are paranoid and want to lock down the device, or because Steve Jobs didn't like it, it's because they're likely considering at some point totally abandoning a traditional file system, and they don't want to get users attached to a function they're probably going to take away.
NeXTSTEP was one of the many closed source OSes kicking about in the early 80s to mid-90s. When Steve Jobs returned to Apple he turned NeXTSTEP into MacOS X. GNUStep is an open source API based on the NeXTSTEP API.
Kind of, this simplifies things a bit...
When Steve Jobs was at NeXT, the programming interfaces were standardized and turned into an open specification that any platform could implemented. This was called OpenStep. There were several implementations of OpenStep. OpenStep for Mach was what NeXTStep morphed into after the specification was released. Sun shipped a version of OpenStep for Solaris. A Windows NT port was created called OpenStep Enterprise. And then finally for Linux the GNUStep project was created (GNUStep actually started a bit before the OpenStep specification was released).
So while NeXTStep was mostly (not entirely) closed, the entire API around it was designed to be open and implemented on different platforms. GNUStep is the project to implement the open spec on Linux, still going long after that spec got wrapped into OS X and unstandardized.
There was a time that Apple considered still running with the ideas behind OpenStep. It was called Rhapsody, and it had both a full operating system that ran on both Intel and PowerPC hardware, and an environment for Windows NT and legacy Mac OS. For whatever political reasons this project didn't work out (Adobe and Microsoft had particularly strong objections to having to port to OpenStep.)
Short version: Things are a little more complicated than NeXTStep being "closed source."
Think it's too drastic or too expensive? I can't possibly see it costing more than the hit that Steve Ballmer's way of doing things cost the company.
Or Microsoft can just get out. It costs them nothing, and gives them more resources to concentrate on places where they are doing well. That's probably the best option for them. Windows may lose it's monopoly, but there's always money in Exchange and Office, both of which could survive in a post-Windows world.
Seems like a better idea than throwing all their money at something that nobody wants anyway.
I've never seen as much misinformation on anything on Slashdot as I have on UEFI.
UEFI does not imply secure boot. Microsoft recently baked secure boot into the most recent UEFI standard, but even if your machine is on that version, you can do a UEFI boot without going through secure boot.
Saying UEFI and secure boot are the same thing is like saying HTML and JavaScript are the same thing. Yes, you usually find one with the other, but they're not the same thing and have different use cases. EFI is actually a pretty great boot system.
According to the Chrome security lead, that is not correct. You as the user are required to provide that password, but any program can trivially make an API call which grabs data from the keychain so long as it uses your session. This is, he noted, a prime example of the kind of false security that everyone is demanding.
Then the Chrome security lead would be wrong. If your application is signed on Mac OS X, only application's that match that signing can access that password without user intervention. And even that "user intervention" step is fuzzy. Apple has threatened to even more restrict a differently-signed apps permissions to the keychain.
Application signing means the OS can sandbox data and dish it out per app. The user can unlock any encrypted password using their master key, but a application cannot simply troll the database because the OS knows that password belongs to another app.
The motivation behind Bitcoin wasn't to create a currency that government would choose not to regulate; it was to create one that government could not regulate.
In theory the government can't regulate cash changing hands either. That won't stop them from bringing you up on charges of tax fraud if you're found out and you didn't file that income on your taxes.
If that was the thinking behind Bitcoin maybe that should have been thought over a little better.
A master password doesn't help, the malware can just get the passwords after I've entered the master password to decrypt them for use (assuming it can't just get the master password when I enter it).
Not if you've sandboxed using code signing (a la OS X.)
Of course your sandbox would have to be free of bugs, but that's not impossible. iOS can be jailbroken, but that has to be user induced.
If your browser can read the passwords and use them on the web, so can a local user. No surprise. Unless you set a master password (firefox offers this, not sure about chrome), there's no way to fix this. It's just how computers work.
Not on OS X/Safari. All my saved passwords are locked by a master password. A user without that master password can see that the entries exist, but they can't decode the passwords without first entering the master password. And, where things get really different, they are sandboxed, so only the original application that entered the password can read it without user intervention.
... is that, either literally or metaphorically, it's vulnerable to someone holding a gun to your head and demanding the key. We're seeing this (the literal version) in the USA already. I agree with the thesis of the original article: The farther you can keep your data from USA-entangled entity, the better.
If someone is holding a gun to your head, you probably have bigger problems than the information that's been encrypted. What's the threat of the information being revealed to the threat of imminent death?
I'm talking about the patents that Apple refused to license from SAMSUNG.
So am I. They're FRAND patents. Strangely enough the EU is already investigating Samsung about using FRAND patents to pressure competitors inappropriately and illegally. Sound familiar?
Samsung offered fair and reasonable terms. The ITC agreed that they did. Apple just kept saying "no", hoping to get a lower price. The ITC saw that they were being unreasonable and rightly blamed them for the failure to reach an agreement.
No, the ITC said that Samsung was working in good faith, not that they had made a reasonable offer. The offer was considered a reasonable starting point for negotiation, not an actual reasonable value.
Samsung wanted 2.4% of each iPhone, which is many times higher than any other patent payment Apple makes, on a patent that was both low value and FRAND. It's also very likely well beyond what any other company pays (which violates the discriminatory portion of FRAND) so as a final number it would be entirely unreasonable.
And Apple has refused to license those patents. They have refused to negotiate to license them. They have even stated that they will not accept a court-ordered license fee unless they happen to think it's low enough.
Tell me, oh wise one, what other recourse did Samsung have?
in the apple world, it's normal to tune for particular screen pixel-count.
No, it's not. Auto-layout will use point (not pixel) values as offsets, but that's it. Aside from that, it does relative layout that reacts to screen size changes.
- An iOS Developer Who Actually Knows What He's Talking About
Group texts are NOT BUILT INTO SMS. It's kind of a kludge and iMessage from apple makes it worse because group texts in iMessage are not even SMS. They use data and the apple servers, so you get all sorts of weirdness there.
Ah.
"Why is the Samsung Stratosphere so awful?" "It's Apple's fault!"
Slashdot Mirror
But can you build it and use it in your OS X system?
Yes.
There are even delta patches posted to match it to your current OS X system.
It's "OS X" not "OS-X". It's also not a "variant". It is Unix.
a highly-modified closed-source BSD kernel is only reminiscent of unix.
For a closed source BSD kernel, it's remarkably easy to download from Apple's web site.
http://opensource.apple.com/source/xnu/xnu-2050.7.9/
Either that, or you'd be wrong.... But no. That's totally crazy!
Every single one of those, requires permission from the user to do - posting tweets an app cannot do directly, it brings up a sheet.
This example isn't correct. Apps can get access to the social framework, which allows them to do things directly to the Twitter web API, which as far as I know, includes posting Tweets. This is used for apps that want to have their own custom UIs but also have access to the user's Twitter data (for example, Twitter clients.)
Now, you are right in that this would spawn a dialog that requires user authorization. Trying to access the user's Twitter account token will cause the system to ask the user's permission, and it will tell the user you are allowing the app to post to your Twitter account. So the app can't just start posting things quietly.
But this isn't really that amazing in that any app on iOS that asks for your Twitter permissions could do things with them. So more of a reminder that yes, you should be careful what apps get permissions to your social network accounts.
I'm sorry but Apple deserves what they get as Jobs knew for a decade his time was running out but right up almost to the bitter end he refused to groom his replacement and make sure the company would continue down the path he set. You read the emails and other behind the scenes stuff and its really hard to get the impression all that Jobs cared about was Jobs and that the company tanking when he died would just boost his legend that much more which was fine by him.
Jobs had groomed his replacement for years in Jony Ive. And despite Tim Cook running the company because of his business background, look who's running all the Apple design devisions, and is single handedly determining the direction of major products like iOS 7? Looks he's doing what Steve used to do, and by initial accounts, is doing a damn good job after Forstall got shown the door?
If your thesis is that Jobs never groomed a successor, you're dead wrong.
RT pounces on Fox News, but is Fox News manufacturing the original story, or RT manufacturing the pounce?
I suppose my wording was inaccurate. In this particular case - and usually - Fox News wasn't lying outright. They just tried to omit the crucial facts to paint the picture the way they wanted to. RT pounced on that, pointing out the inconveniently omitted facts and the attempt to suppress them. Between the two, the overall set of facts that you got was accurate enough to make an accurate judgment for yourself.
But again, accurate according to who? As Steven Colbert would point out (or agree with, I suppose) just because your gut agrees with it doesn't make it accurate. Two bias sources doesn't necessarily result in a good judgement if both are wrong.
What does help someone parse news is trusting a source, which goes back to my original point. Combining two untrustworthy sources doesn't suddenly make a trustworthy one. That's like saying if you put two dishonest people in a room, you'll end up with the truth. We have Congress to disprove that idea...
Yes, you fact-check them against other news outlets. If one of them lies, others will happily pounce on that lie (a good example of that was how RT pounced on Fox News during the South Ossetian war) - this is precisely why they prefer to not manufacture outright lies, but more often lie by omission and recomposition instead.
But then we're back to the initial problem. RT pounces on Fox News, but is Fox News manufacturing the original story, or RT manufacturing the pounce? Again, we're back to not trusting a news network not meaning you can just pick and choose and balance things out and that's all ok.
Oh, there's plenty of truth on RT. The problem with them is that they cherry-pick truthful facts and arrange them in such a way as to present a different picture (but then Fox News and the like do the same also). So if you merely want to learn about the facts, it actually makes sense to include RT in your reading/viewing list - alongside with other similar outfits. What one of them will be silent on, the others will pick up, and vice versa.
And given that Russia Today is accused of being a propaganda arm of the Russian government, how does one separate what is truthful facts and what is not?
That's the basic problem. With the accusations in mind, should anyone take any random snippet of information on Russia Today as fact? The idea is that I'm supposed to take facts from site A and match them up with site B, but if I don't even know what's a fact and what's not where do I even start? Taking the word of a news outlet requires trust, but if I don't have trust in them then where do I start?
I never implied that there are not other problems on networks, I was just stating a truth. I feel unnecessary exposure exasperates the problem. This is not a attack on home based servers, I am very much keen on running them myself.
I'm confused. It's not like the article is saying everyone should turn on an http server. Just like how other users run Bittorrent servers, or Starcraft servers, or advertise any sort of port at all, why should people not be able to run web servers when they deem it necessary? I don't think the implication was that everybody should unnecessarily run web servers.
If we're out to prevent unnecessary exposure, why not ban all those all services that have server components and could use resources or be reverse engineered?
On the other hand, imagine the security nightmare a network like Google Fiber could become with 1gb uplinks and tons of rogue apps and sites infected by malware, bots, etc.
Because this never ever ever happens on machines that aren't web servers.
Go ahead and watch online: Two channels in English. Sad that there is a demand for news bent to the side of a human right abuser like Russia. But the Obama administration (like the Bush administration) before has been so corrupt that outside views are needed.
We're tired of inaccurate, bias media so let's go watch other inaccurate, bias media?
It's not like the two somehow even out and you end up with the truth. They're both just making random crap up as they go.
I like my iPhone well enough, but I find the way it stores data, sandboxed into each app, absolutely painful, and having to use that hideous iTunes app is an even greater agony. I love my Nexus 7. I have Dropbox, Google Docs or a USB cable and can move files back and forth with ease. So while there are aspects of iOS I like (I like the calendar/scheduling app in iOS, just feels more complete), when I give my old iPhone to my kid, I'm looking at getting an unlocked Android phone.
The lack of an accessible file system is mostly due to Apple's priorities and focus (I know this may not please the Slashdot crowd) on moving files to the cloud.
iCloud's premise is that your local files and your cloud files co-exist in one big bucket transparently, and iOS's implementation is the realization of this. Whatever iOS device you get on, your files are there. You don't have to copy them to a USB key or find them on the file system or manage different versions. Each file has a "truth" version in the cloud. Having access to the file system as a end user function breaks this illusion. You're back to worrying about what's on disk, what folder everything is in, etc etc... And while that's more of a design choice, it also wouldn't surprise me if Apple starts really messing with iOS's file system on a technical data to make it even less friendly to traditional file browsing. I could see them going for a totally metadata based file system in the future.
OS X is a legacy OS, so it is much more of a reflection of the mess of having two user facing buckets. The iCloud implementation on OS X is just hands down awful compared to iOS. Separate file browsers, bad user experience, ugh... OS X Mavericks moves towards fixing this a bit by adding file browsing based on metadata based instead of file paths. Because both local and iCloud files can have metadata they're all back to living in the same bucket, and the user experience is much better.
So Apple's lack of a file browser isn't necessarily because they are paranoid and want to lock down the device, or because Steve Jobs didn't like it, it's because they're likely considering at some point totally abandoning a traditional file system, and they don't want to get users attached to a function they're probably going to take away.
NeXTSTEP was one of the many closed source OSes kicking about in the early 80s to mid-90s. When Steve Jobs returned to Apple he turned NeXTSTEP into MacOS X.
GNUStep is an open source API based on the NeXTSTEP API.
Kind of, this simplifies things a bit...
When Steve Jobs was at NeXT, the programming interfaces were standardized and turned into an open specification that any platform could implemented. This was called OpenStep. There were several implementations of OpenStep. OpenStep for Mach was what NeXTStep morphed into after the specification was released. Sun shipped a version of OpenStep for Solaris. A Windows NT port was created called OpenStep Enterprise. And then finally for Linux the GNUStep project was created (GNUStep actually started a bit before the OpenStep specification was released).
So while NeXTStep was mostly (not entirely) closed, the entire API around it was designed to be open and implemented on different platforms. GNUStep is the project to implement the open spec on Linux, still going long after that spec got wrapped into OS X and unstandardized.
There was a time that Apple considered still running with the ideas behind OpenStep. It was called Rhapsody, and it had both a full operating system that ran on both Intel and PowerPC hardware, and an environment for Windows NT and legacy Mac OS. For whatever political reasons this project didn't work out (Adobe and Microsoft had particularly strong objections to having to port to OpenStep.)
Short version: Things are a little more complicated than NeXTStep being "closed source."
Think it's too drastic or too expensive? I can't possibly see it costing more than the hit that Steve Ballmer's way of doing things cost the company.
Or Microsoft can just get out. It costs them nothing, and gives them more resources to concentrate on places where they are doing well. That's probably the best option for them. Windows may lose it's monopoly, but there's always money in Exchange and Office, both of which could survive in a post-Windows world.
Seems like a better idea than throwing all their money at something that nobody wants anyway.
I just finished outfitting the rest of my family with 7" Android tablets, each costing about $70.
$70 tablets? You must not like your family very much...
(I jest, but seriously, $70 aren't known for their... quality.)
I've never seen as much misinformation on anything on Slashdot as I have on UEFI.
UEFI does not imply secure boot. Microsoft recently baked secure boot into the most recent UEFI standard, but even if your machine is on that version, you can do a UEFI boot without going through secure boot.
Saying UEFI and secure boot are the same thing is like saying HTML and JavaScript are the same thing. Yes, you usually find one with the other, but they're not the same thing and have different use cases. EFI is actually a pretty great boot system.
According to the Chrome security lead, that is not correct. You as the user are required to provide that password, but any program can trivially make an API call which grabs data from the keychain so long as it uses your session. This is, he noted, a prime example of the kind of false security that everyone is demanding.
Then the Chrome security lead would be wrong. If your application is signed on Mac OS X, only application's that match that signing can access that password without user intervention. And even that "user intervention" step is fuzzy. Apple has threatened to even more restrict a differently-signed apps permissions to the keychain.
Application signing means the OS can sandbox data and dish it out per app. The user can unlock any encrypted password using their master key, but a application cannot simply troll the database because the OS knows that password belongs to another app.
The motivation behind Bitcoin wasn't to create a currency that government would choose not to regulate; it was to create one that government could not regulate.
In theory the government can't regulate cash changing hands either. That won't stop them from bringing you up on charges of tax fraud if you're found out and you didn't file that income on your taxes.
If that was the thinking behind Bitcoin maybe that should have been thought over a little better.
A master password doesn't help, the malware can just get the passwords after I've entered the master password to decrypt them for use (assuming it can't just get the master password when I enter it).
Not if you've sandboxed using code signing (a la OS X.)
Of course your sandbox would have to be free of bugs, but that's not impossible. iOS can be jailbroken, but that has to be user induced.
If your browser can read the passwords and use them on the web, so can a local user. No surprise. Unless you set a master password (firefox offers this, not sure about chrome), there's no way to fix this. It's just how computers work.
Not on OS X/Safari. All my saved passwords are locked by a master password. A user without that master password can see that the entries exist, but they can't decode the passwords without first entering the master password. And, where things get really different, they are sandboxed, so only the original application that entered the password can read it without user intervention.
... is that, either literally or metaphorically, it's vulnerable to someone holding a gun to your head and demanding the key. We're seeing this (the literal version) in the USA already. I agree with the thesis of the original article: The farther you can keep your data from USA-entangled entity, the better.
If someone is holding a gun to your head, you probably have bigger problems than the information that's been encrypted. What's the threat of the information being revealed to the threat of imminent death?
I'm talking about the patents that Apple refused to license from SAMSUNG.
So am I. They're FRAND patents. Strangely enough the EU is already investigating Samsung about using FRAND patents to pressure competitors inappropriately and illegally. Sound familiar?
Samsung offered fair and reasonable terms. The ITC agreed that they did. Apple just kept saying "no", hoping to get a lower price. The ITC saw that they were being unreasonable and rightly blamed them for the failure to reach an agreement.
No, the ITC said that Samsung was working in good faith, not that they had made a reasonable offer. The offer was considered a reasonable starting point for negotiation, not an actual reasonable value.
Samsung wanted 2.4% of each iPhone, which is many times higher than any other patent payment Apple makes, on a patent that was both low value and FRAND. It's also very likely well beyond what any other company pays (which violates the discriminatory portion of FRAND) so as a final number it would be entirely unreasonable.
And Apple has refused to license those patents. They have refused to negotiate to license them. They have even stated that they will not accept a court-ordered license fee unless they happen to think it's low enough.
Tell me, oh wise one, what other recourse did Samsung have?
To stop infringing on those patents.
in the apple world, it's normal to tune for particular screen pixel-count.
No, it's not. Auto-layout will use point (not pixel) values as offsets, but that's it. Aside from that, it does relative layout that reacts to screen size changes.
- An iOS Developer Who Actually Knows What He's Talking About
Group texts are NOT BUILT INTO SMS. It's kind of a kludge and iMessage from apple makes it worse because group texts in iMessage are not even SMS. They use data and the apple servers, so you get all sorts of weirdness there.
Ah.
"Why is the Samsung Stratosphere so awful?"
"It's Apple's fault!"