Why don't they just make a restore partition with a minimal OS that can mount an ISO file and (re)install from that ? If you want to reclaim space, burn the ISO and delete the partition. Best of both worlds.
Users who have already jailbroken devices can protect themselves from this exploit by installing PDF Loading Warner which will warn you when you are at risk from executing exploitable files.
Seriously, what's next a video of teenagers putting all the macbooks and iMacs on meatspin (NSFW!) ? That's what some were displaying last time I was in the London Apple store.
It isn't just a prank. Installing a remotely accessible back door (SSHD) into the store's internal WiFi store network... that is seriously illegal stuff.
The sshd is no longer automatically installed with a jailbreak (and hasn't been for some time.)
Yea, because people would *never* fall for something like this [SARCASTIC RANTING] Won't happen because Apple has an *app store*. [MORE SARCASTIC RANTING]
I didn't claim it's impossible but don't underestimate the strong mental association between getting apps and the App Store. Normal users are heavily conditioned to get apps at the App Store because 100% of their apps where downloaded that way. Especially people who aren't very comfortable with technology and would be most at risk tend not to stray outside of their comfort zone. Aside from that point Apple also include to customary anti-phishing and anti malicious site protection in their mobile browser.
The difference here is the number of people who consider this a *good thing* that is occurring. I've said many a time that as we begin to realize these are general purpose computers more and more of this will happen and *no* device is immune from it, if you think that you are going to get away from it with either an iPhone, Android, or SuperPhoneOS.
I've said as much elsewhere in this thread.
For whatever reason many Apple users think they are safe from it because Apple will protect them from it in some mystical magical way (which that belief will make it easier to click on said links, after all *everyone* knows Apple doesn't have these things). Google doesn't talk about how they are immune to this type of thing and do not make a great deal of their sales from it either.
Your characterization of Apple users, taken is a whole, is just plain wrong; a stereotype used in "holy wars." Apple using the number of OSX viruses in the wild is no different than Linux users gloating over the number of Windows vulnerabilities compared to Linux all these years: it's juvenile but makes for good PR.
Good thing Android has never had a remote exploit huh ? (Oops.) At least Apple as very judicious about pushing out updates (and Apple users generally update very frequently) while some manufacturers send out handsets with old Android versions and don't care that much about providing their users with the latest and greatest.
This is one I have to say I hope Apple plugs quickly. It just sounds too scary to me.
It's old hat. There was a vulnerability back in iPhoneOS 1.1.2 that allowed pretty much the same thing, in fact the domain name dates from that period, and the sky didn't fall down on our heads then either.
I'm certain, absolutely certain that there will be no abuses of this. There will not be any nefarious person have a "must have" app that is so good that the app store refused and all you have to do are these easy steps right here on this web page! No, never happen - users would *never* be stupid enough to run things from a website - this is a great feature!
Yeah that could happen, it's unlikely though since users get their apps from the App Store. This isn't like Windows where users surf the web in search of apps. Besides what's new, all OS's have these types of flaws including as you point out Android. Still Apple will probably need to fix this in the next release of iOS.
Sounds like wishful thinking on his part. Note how long his movement has been at it.
I agree but it has a kernel of truth in it nonetheless. And since the OP asked what they were afraid of the above scenario is definitely it. There can be no dissent because the spice, sorry oil, must flow or the house of cards will come tumbling down.
'He warned that the Saudi royal family is no longer able to "impose" itself on people, arguing that deviations in carrying out the religious concepts that make up the basis of the Saudi government "have gotten out of our hands," so that the opposition views our acts as "interfering in people's private life and restricting their liberties."
"If we are wise, we must leave this country to its people, whose dislike for us is increasing," said Prince Turki, advising Saudi officials to escape with their families.'
More educated people might be more likely to be fooled since they "know" they are too smart to fall for any funny business. Nothing like arrogance to blind someone.
Most people don't even read the popups on their desktop OS's which they've used for years and you expect them to read, consider the implication of and then act on a message in a completely different format ? Yeah good luck with that. A phone should just work and not bother you with this stuff. I want to use my apps not fill out a questionnaire. What they're trying to do is force people to take ownership of the security administration of their phone but you can't force a thing like that, people will just tune out. Let a trusted third party audit the apps for problems and you'll get "good enough" security without the pain.
But if you do include malicious code you are running real risks. First off you can be ejected from the store, second all your revenue goes through Apple so maybe they can claw some of it back, third you have to have a legit business to accept the money coming through Apple which you have now opened up to lawsuits from both Apple for not adhering to store policies and your customers.
Android allows you to do more, but at the cost of a little extra complexity. I think an average user can handle it, I know a lot of people with average intelligence that have no problem with it. It's the users that aren't so smart that may have a hard time with it. Those users may want to consider an iPhone.
It's not about smartness but intuitiveness. Apple doesn't want the user to have to learn a new OS (the different types of permissions, etc.) to be able to use his/her phone. The user should just be able to pick it up and do a task with as little interference as possible. We used to call this KISS and it's actually a lot harder to do correctly than to just offer up a bunch of options and configurations to the user. I picked up an android phone in a store the other day and my first thought was how busy the user interface was.
This is what Apple figured out : KISS, keep it simple and stupid. The user (even the ones that understand it) shouldn't be bothered with this shit, if you're going to sell apps through a store you might as well do quality control at that point by a third party. Of course that approach comes with its own set of well publicized drawbacks and no approach has a 100% success rate.
Did the Romans plant devices that could chop off the limbs of a playing child years or even decades after the conflict has ended, devices specifically intended to maim and kill indiscriminately ? And did they in fact spread this disease all over the world by exporting the stuff to every two bit warlord with the cash to buy them ?
I’m posting those excerpts because I’m concerned that we’re lionising wikileaks and forgetting that critical analysis that pretty much every other media outlet invites.
Wikileaks is not a media outlet, it's an information warehouse. It is just a manifestation of the fact that in this internet age it is impossible to keep a secret if anyone involved at any point does not want it to remain secret. Analysis is done by the "real media" or the critical observer, the data source just "is".
There's lots and lots of rare (and less rare) metals, it's the saudi arabia of lithium. According to wikipedia = "[Lithium is used in] high strength-to-weight alloys used in aircraft, and lithium batteries. Lithium also has important links to nuclear physics." They discovered this right before the war by the way, but I'm sure that's all coincidental.
Slashdot Mirror
Why don't they just make a restore partition with a minimal OS that can mount an ISO file and (re)install from that ? If you want to reclaim space, burn the ISO and delete the partition. Best of both worlds.
Users who have already jailbroken devices can protect themselves from this exploit by installing PDF Loading Warner which will warn you when you are at risk from executing exploitable files.
Seriously, what's next a video of teenagers putting all the macbooks and iMacs on meatspin (NSFW!) ? That's what some were displaying last time I was in the London Apple store.
It isn't just a prank. Installing a remotely accessible back door (SSHD) into the store's internal WiFi store network ... that is seriously illegal stuff.
The sshd is no longer automatically installed with a jailbreak (and hasn't been for some time.)
Where should we long time Slashdotters go then?
Pay Rusty a visit at www.kuro5hin.org. Then you'll really pine for the old days.
I'm not sure I see what you mean ...
"Pissing in the shower (3.00 / 3) (#23)
by rusty on Fri May 28, 2010 at 03:41:16 PM EST
...is environmentally responsible. You use gallons less water than if you showered and pissed separately.
Showering in piss alone would be even better. "
Yea, because people would *never* fall for something like this [SARCASTIC RANTING] Won't happen because Apple has an *app store*. [MORE SARCASTIC RANTING]
I didn't claim it's impossible but don't underestimate the strong mental association between getting apps and the App Store. Normal users are heavily conditioned to get apps at the App Store because 100% of their apps where downloaded that way. Especially people who aren't very comfortable with technology and would be most at risk tend not to stray outside of their comfort zone.
Aside from that point Apple also include to customary anti-phishing and anti malicious site protection in their mobile browser.
The difference here is the number of people who consider this a *good thing* that is occurring. I've said many a time that as we begin to realize these are general purpose computers more and more of this will happen and *no* device is immune from it, if you think that you are going to get away from it with either an iPhone, Android, or SuperPhoneOS.
I've said as much elsewhere in this thread.
For whatever reason many Apple users think they are safe from it because Apple will protect them from it in some mystical magical way (which that belief will make it easier to click on said links, after all *everyone* knows Apple doesn't have these things). Google doesn't talk about how they are immune to this type of thing and do not make a great deal of their sales from it either.
Your characterization of Apple users, taken is a whole, is just plain wrong; a stereotype used in "holy wars." Apple using the number of OSX viruses in the wild is no different than Linux users gloating over the number of Windows vulnerabilities compared to Linux all these years: it's juvenile but makes for good PR.
Good thing Android has never had a remote exploit huh ? (Oops.)
At least Apple as very judicious about pushing out updates (and Apple users generally update very frequently) while some manufacturers send out handsets with old Android versions and don't care that much about providing their users with the latest and greatest.
This is one I have to say I hope Apple plugs quickly. It just sounds too scary to me.
It's old hat. There was a vulnerability back in iPhoneOS 1.1.2 that allowed pretty much the same thing, in fact the domain name dates from that period, and the sky didn't fall down on our heads then either.
I'm certain, absolutely certain that there will be no abuses of this. There will not be any nefarious person have a "must have" app that is so good that the app store refused and all you have to do are these easy steps right here on this web page! No, never happen - users would *never* be stupid enough to run things from a website - this is a great feature!
Yeah that could happen, it's unlikely though since users get their apps from the App Store. This isn't like Windows where users surf the web in search of apps.
Besides what's new, all OS's have these types of flaws including as you point out Android. Still Apple will probably need to fix this in the next release of iOS.
All OS's have security flaws. How else do Android users "root" their phones ?
Sounds like wishful thinking on his part. Note how long his movement has been at it.
I agree but it has a kernel of truth in it nonetheless. And since the OP asked what they were afraid of the above scenario is definitely it. There can be no dissent because the spice, sorry oil, must flow or the house of cards will come tumbling down.
What are they afraid of, some guy might exchange Blackberry PINs with an unmarried woman?
Prince warns S. Arabia of apocalypse
'He warned that the Saudi royal family is no longer able to "impose" itself on people, arguing that deviations in carrying out the religious concepts that make up the basis of the Saudi government "have gotten out of our hands," so that the opposition views our acts as "interfering in people's private life and restricting their liberties."
"If we are wise, we must leave this country to its people, whose dislike for us is increasing," said Prince Turki, advising Saudi officials to escape with their families.'
What the machine doesn't get, the guilty knowledge is actually the suspect having an illicit affair with the interrogator's wife...
You think the machine can handle the difference?
Plausible deniability has never been so much fun.
Enhance!
There's an app for that !
yeah exactly!
And how hard is it to get an operator job in a call-center?
If someone really wants information low-paid operators have access too, how about getting a job there and have access to whatever you like?
It's more risky if they know who you are and are physically on site, not to mention a lot more time consuming.
More educated people might be more likely to be fooled since they "know" they are too smart to fall for any funny business. Nothing like arrogance to blind someone.
Or do they summon Captain Planet? ...or Wilford Brimley?
Gozer of course. "Are you the keymaster ?"
Most people don't even read the popups on their desktop OS's which they've used for years and you expect them to read, consider the implication of and then act on a message in a completely different format ? Yeah good luck with that. A phone should just work and not bother you with this stuff. I want to use my apps not fill out a questionnaire. What they're trying to do is force people to take ownership of the security administration of their phone but you can't force a thing like that, people will just tune out. Let a trusted third party audit the apps for problems and you'll get "good enough" security without the pain.
But if you do include malicious code you are running real risks. First off you can be ejected from the store, second all your revenue goes through Apple so maybe they can claw some of it back, third you have to have a legit business to accept the money coming through Apple which you have now opened up to lawsuits from both Apple for not adhering to store policies and your customers.
God help anybody who used facebook and this app... there's every chance they will get home tonight and find an imposter in bed with their wife.
Sex with your wife
(42 people like this)
Android allows you to do more, but at the cost of a little extra complexity. I think an average user can handle it, I know a lot of people with average intelligence that have no problem with it. It's the users that aren't so smart that may have a hard time with it. Those users may want to consider an iPhone.
It's not about smartness but intuitiveness. Apple doesn't want the user to have to learn a new OS (the different types of permissions, etc.) to be able to use his/her phone. The user should just be able to pick it up and do a task with as little interference as possible. We used to call this KISS and it's actually a lot harder to do correctly than to just offer up a bunch of options and configurations to the user. I picked up an android phone in a store the other day and my first thought was how busy the user interface was.
This is what Apple figured out : KISS, keep it simple and stupid. The user (even the ones that understand it) shouldn't be bothered with this shit, if you're going to sell apps through a store you might as well do quality control at that point by a third party. Of course that approach comes with its own set of well publicized drawbacks and no approach has a 100% success rate.
Did the Romans plant devices that could chop off the limbs of a playing child years or even decades after the conflict has ended, devices specifically intended to maim and kill indiscriminately ? And did they in fact spread this disease all over the world by exporting the stuff to every two bit warlord with the cash to buy them ?
I’m posting those excerpts because I’m concerned that we’re lionising wikileaks and forgetting that critical analysis that pretty much every other media outlet invites.
Wikileaks is not a media outlet, it's an information warehouse. It is just a manifestation of the fact that in this internet age it is impossible to keep a secret if anyone involved at any point does not want it to remain secret. Analysis is done by the "real media" or the critical observer, the data source just "is".
There's lots and lots of rare (and less rare) metals, it's the saudi arabia of lithium. According to wikipedia = "[Lithium is used in] high strength-to-weight alloys used in aircraft, and lithium batteries. Lithium also has important links to nuclear physics." They discovered this right before the war by the way, but I'm sure that's all coincidental.