Apple has a 30-day return window for the iPhone. Presumably those crazy customers can determine whether or not the device actually works within that timeframe.
No, Chris Latner started clang while at UIUC. Apple hired him to continue.
Totally false. Chris Lattner started LLVM while at UIUC. Apple hired him in 2005 to continue LLVM, using GCC as the front-end. Apple didn't create Clang until approximately 2 years later (open-sourced in mid-2007), as they realized GCC wasn't adequate for their needs (one particular point being GCC moving to GPL3, another being the monolithic and unweildy GCC codebase).
I don't believe this. Botanists, really? And here I thought they were only good for fertilizing my plants. I'll have to stop composting them when I catch them prowling outside.
If we find out they can do other sapient stuff, like make fire and use Facebook, I may start feeling guilty about the whole composting thing.
There was no implication about insurance companies at all, because there was no discussion of insurance companies at all; just government fines. Complete text of the original posts:
When will companies be held liable for implementing incompetent security (or not implementing it all)?
The marketing weenies are all over getting the brand out, but don't give a shit about security.
Companies should be getting fined for crap like this. Between data beaches and gross incompetence at any form of security, trusting a marketing app is the height of stupid.
Never. Per the last few hundred years of legal precedent, the companies are the victims. It's in the same category as leaving a house unlocked. Legally, the person at fault is the one who decided to abuse the flaw and access information they aren't supposed to.
There is a case for negligence, but that requires that the negligent party be unreasonably incompetent, and at the moment, most companies with these kind of security problems are performing on par with most of America - the non-techies who don't understand security.
Now, whether they're correct or not I cannot say. But they were discussing government fines, nothing to do with insurance at all. That's not an abstract point, that's the facts of the conversation.
Utterly false. The phone needs to be unlocked (or the entire contents are encrypted) and the user needs to accept the computer as a trusted device from the phone.
The article you linked to describes phones with no passcode, or law enforcement brute-forcing the passcode (with a 4 digit code, not terribly difficult). One of its citations describes a tool that doesn't work on modern devices at all. And ultimately when police can't get in using the brute-force methods, they have to send the phone to Apple along with a warrant and Apple has some way to decrypt the system (iirc from earlier articles they also brute-force the pin, just more efficiently by bypassing much of the os & firmware). There's no evidence in that article or elsewhere that law enforcement can bypass the hardware encryption.
"If this post is marked Troll, I pissed off a fanboy again." Or maybe you made a snarky post falsely implying Apple doesn't do exactly the same thing, even though they do?
My mistake - I didn't notice the CW article had multiple pages (derp). It does say this:
Do you feel secure because you use PIN protection on your phone? You shouldn't, says Wood. "You don't need a user's PIN in order to pull raw data off the phone using the tool and methods I have used," he said. "So if a user's phone is stolen, regardless of being PIN-protected, you are able to bypass that and access the apps Library/Cache and pull the session.clslog file."
However, I don't buy it. If this researcher has found a way to bypass the hardware encryption on a locked iOS device, that sounds like a bigger and more interesting security hole than one in a shitty Starbucks app.
The summary is wrong. If you dig back to the original ComputerWorld article, it says, "The credentials were stored in such a way that anyone with access to the phone can see the passwords and usernames by connecting the phone to a PC. No jailbreaking of the phone is necessary." Nothing about bypassing the pin in a locked phone like the summary or shitty article the summary links to; you have to connect the phone to a computer, have it unlocked, and allow the computer access to the phone (this applies to iOS as well as Android). Even the ComputerWorld article's mention of jailbreaking is a bit of a non-sequitur.
Will my son get his gift card money back? I doubt it.
Apple sent out offers to refund any and all in-app purchases anyone thought were inappropriate a year ago the first time they settled this (the class-action suit). They contacted you both via email to the address registered to the affected account, and by physical mail to the physical address registered to the account. I think you missed the boat.
If he's running conduit there's no reason whatsoever to run all those unnecessary cables through it. The whole point of conduit is it makes it possible to pull whatever you need if and when you need it. I have conduit to at least three walls of each room in my house but I've only pulled cat 6 and tv cable to the specific walls I need at the moment. Why waste the money installing useless cable?
Note that the 16th December patch to Mavericks appears to fix bugs that exist in older versions of Mac OS, which did not receive an update. There are all security patches specifically, not just feature updates.
Slashdot Mirror
Not in cases of permanent deforestation, which is a huge problem in many parts of the world.
Apple has a 30-day return window for the iPhone. Presumably those crazy customers can determine whether or not the device actually works within that timeframe.
Fair may not be a legal term, but unconscionable is.
BattleApple posted this earlier in the thread: http://www.laserpointersafety....
No, Chris Latner started clang while at UIUC. Apple hired him to continue.
Totally false. Chris Lattner started LLVM while at UIUC. Apple hired him in 2005 to continue LLVM, using GCC as the front-end. Apple didn't create Clang until approximately 2 years later (open-sourced in mid-2007), as they realized GCC wasn't adequate for their needs (one particular point being GCC moving to GPL3, another being the monolithic and unweildy GCC codebase).
14 15 16 17 18 19 20 21 22...!
You need to count faster or this shit will take forever, man.
And his bag in a movie theater affects you how? You haven't answered. In fact, there's nothing rational in anything you've said in this sub-thread.
I don't believe this. Botanists, really? And here I thought they were only good for fertilizing my plants. I'll have to stop composting them when I catch them prowling outside.
If we find out they can do other sapient stuff, like make fire and use Facebook, I may start feeling guilty about the whole composting thing.
Uh huh, and his having a laptop in a bag in a theater affects you how?
Perhaps he doesn't want to leave his bag on the ground outside and then spend the whole movie praying it's still there when he gets back out.
Now, whether they're correct or not I cannot say. But they were discussing government fines, nothing to do with insurance at all. That's not an abstract point, that's the facts of the conversation.
Utterly false. The phone needs to be unlocked (or the entire contents are encrypted) and the user needs to accept the computer as a trusted device from the phone.
The article you linked to describes phones with no passcode, or law enforcement brute-forcing the passcode (with a 4 digit code, not terribly difficult). One of its citations describes a tool that doesn't work on modern devices at all. And ultimately when police can't get in using the brute-force methods, they have to send the phone to Apple along with a warrant and Apple has some way to decrypt the system (iirc from earlier articles they also brute-force the pin, just more efficiently by bypassing much of the os & firmware). There's no evidence in that article or elsewhere that law enforcement can bypass the hardware encryption.
Grandparents were discussing legal liability.
"If this post is marked Troll, I pissed off a fanboy again." Or maybe you made a snarky post falsely implying Apple doesn't do exactly the same thing, even though they do?
However, I don't buy it. If this researcher has found a way to bypass the hardware encryption on a locked iOS device, that sounds like a bigger and more interesting security hole than one in a shitty Starbucks app.
Did insurance companies become the law while I wasn't looking?
The summary is wrong. If you dig back to the original ComputerWorld article, it says, "The credentials were stored in such a way that anyone with access to the phone can see the passwords and usernames by connecting the phone to a PC. No jailbreaking of the phone is necessary." Nothing about bypassing the pin in a locked phone like the summary or shitty article the summary links to; you have to connect the phone to a computer, have it unlocked, and allow the computer access to the phone (this applies to iOS as well as Android). Even the ComputerWorld article's mention of jailbreaking is a bit of a non-sequitur.
Will my son get his gift card money back? I doubt it.
Apple sent out offers to refund any and all in-app purchases anyone thought were inappropriate a year ago the first time they settled this (the class-action suit). They contacted you both via email to the address registered to the affected account, and by physical mail to the physical address registered to the account. I think you missed the boat.
False.
I know I can't figure out my AT&T bill, no matter how I try. I imagine Apple has imitated that art.
It is truly complicated.
If he's running conduit there's no reason whatsoever to run all those unnecessary cables through it. The whole point of conduit is it makes it possible to pull whatever you need if and when you need it. I have conduit to at least three walls of each room in my house but I've only pulled cat 6 and tv cable to the specific walls I need at the moment. Why waste the money installing useless cable?
Or they normalize your password to lowercase/uppercase before testing against the hash, which they created the same way.
Note that the 16th December patch to Mavericks appears to fix bugs that exist in older versions of Mac OS, which did not receive an update. There are all security patches specifically, not just feature updates.
Mavericks 10.9.1: http://support.apple.com/kb/HT6084 "OS X Mavericks v10.9.1 includes the security content of Safari 7.0.1."
The same update that appears for Lion and Mountain Lion on the same day (the security issues were not present in Safari 5). You are a liar.
Bloody autocorrect, that's PPC.