I wonder how many syn packets or christmas tree packets it takes to fill up a 9gbps pipe? Fortunately with a syn flood, one doesn't need to fill their pipe, not even close.
It's the server/computers IP stack which processes SYN packets and maintains the state table of TCP connections, which are awaiting being opened (syn), which ones are open (syn,ack), which are closing (syn,rst), and which are closed (rst,ack)
If you send a bunch of syn packets, their server will send back a syn,ack and await the last stage of handshaking, which of course you don't do, since you are busy sending out your next syn packet and don't want to keep track of all those connections yourself.
Once their servers IP stack state table is filled with these half open connections, awaiting for the final packets to setup the TCP connection (which will never happen), then until those half open connections start timing out and being dropped from the state table, no new legit connections can be established due to the state table being full.
So, you don't need to send enough syns to fill a 9gbps pipe, only send enough to fill their servers state table, and send them only faster than the IP stack timeouts those connections and drops them.
Chances are a constant syn storm sent at 10mbps will be enough to make their server stop answering legit requests.
And if their server happens to be an OS with a more advanced TCP stack, which can support syn cookies to stop syn floods, then all one needs to do is aim the attack at one of their routers and take IT down instead.
Not to defend the vigilante actions of "the industry" here; but who's to say that the fake torrents injected into the tracker by them were the ONLY ones on it? Surely if they could find trackers with backdoors, so could others. For all we know R3's tracker had become a clearinghouse for all sorts of "community mirroring" projects.
For R3's sake; with a highly accusational public post and the feds involved, I sure hope that MediaDefender's fake torrents were the only 'unauthorized' ones ever hosted by R3's tracker. Why? It doesn't really matter at all.
If I knew you bought illegal drugs, despite being a crime, that doesn't mean I should hope you were really buying illegal drugs when i murder you by shooting you in the head. No matter if you were buying illegal or legal drugs, I would still be in even more trouble for murdering you.
MediaDefender committed a felony here, while arguing the only reason they are allowed to commit this felony was because they thought R3 was breaking a civil copyright contract. No matter if they were breaking copyright or not, that has nothing to do with, nor justifies, nor makes it ok/allowed/legal to launch a denial of service attack.
It wasn't just Microsoft. NFS at one point in my life was synonymous with "no fucking security". It trusted the UserID that you transmitted with it. UserID 0 was a handy value to use... Thats exactly how NFS works, how its documentation states it works, how it was designed, and why you should only use NFS in an environment where that is acceptable.
That's not a case of security theater, that is just a case of someone using the wrong tool for the job.
If you want authentication on top of sharing files over a network, there are other options for that, none of which is NFS alone.
Granted today NFS tries to take authentication into the picture as well, but originally that was not its intent. There are now addons to it (such as keylogin) which can be used, and of course one can run NFS over a VPN which handles the authentication and possibly even encryption if you wish.
I have no interest in touching my screen until they invent technology impervious to fingerprints. These days, one can purchase a sapphire coated screen, which both reduces fingerprints surprisingly well (Never touched one with fingers covered in chocolate pudding for example, but streaking a finger and then palm along it left no marks), plus it can be coated with a blank tint, so you can still see the screen contents even in direct sunlight and glare.
Apple and Microsoft must have attained Mutually Assured IP Destruction by now - if they open the silo doors on their patent portfolios and press the red buttons then it won't be over until its Microsoft's patent on the universal Turing machine vs. Apple's patent on "representing information via a system of symbols" No no, you have that backwards. Microsoft has the patent on ones and zeros, so it must be Apple with the patent on turning machines;}
having a robust and well thought out definition for what constitutes patentable in terms of software will give the little indy developers a better leg to stand on than the wild west that was the internet 10 years ago (and in a lot of ways now too). There is only so many ways to write "2 + 2 = 4" before they are all patented up. I too fail to see how the little indy developer not being allowed to write software that calculates 2+2=4 is the good thing you make it out to be.
Just by adding 'with a computer' in order to get a patent does not mean you are advancing anything nor deserve any sort of exclusive right. Everything mathematically that can be done on a computer by an indy developer, or that can be stolen by a big evil corp, has all been done before. Long before.
It is frightening exactly how many patents one violates while teaching high school mathematics classes.
cosine (for calculating angles among other things) is patented #6434582
generating prime numbers is patented too, in #5373560
USPTO Application #20060095494 (sorry, cant seem to link to applications) is some company trying to patent using a program to divide integers. Yes, division. It hasnt been approved yet, but I have every fear that it will be.
The major complaint with software patents is that, no matter how much work you Think you did to make that formula, you didn't, nature did, and beat you to it by billions of years. All you did was discover it, or more than likely, re-discover it.
Even if you don't want to believe the whole nature made math thing, thats fine, there is still plenty of prior art. Trigonometry, as well as basic addition, subtraction, multiplication, and division, were all being done by the ancient greeks back before the american or english copyright/patent systems existed (or entire government existed, if you prefer.)
Not having used one much, let me ask how, exactly, you are supposed to deal with 'keys' that are substantially smaller than a fingertip and have no tactile feedback to boot? Everyone I know who uses one still has trouble getting it to input the letter they want. Or the lazy mans way: http://www.thinkgeek.com/computing/input/8193/
Perhaps she is trying to gather valuable information for the divorce. If that was the case, then a detached 3rd party who is a specialist in the field should be doing the forensics.
If she takes the computer in for repair with claims if running slow and suspect being the target of a directed attack, then that can be used as evidence. If joe schmoe guy who is her friend does the same, the court would most likely ignore or strike that evidence out, and also gives the husband an attack vector by claiming this guy planted it to undermine their marriage or trying to get into her pants, which would not only have the evidence thrown out, but look worse for her own case.
Sadly, this service will be expensive. You can't really trust best buy or geek squad to not just glaze their eyes over at your description, hear only 'virus', and just format the machine and reinstall. Now, if she just wants the keylogger gone, this is a good solution. However for gathering evidence, it is disastrous.
The problem is the poster never mentioned their intentions. The way to go about doing this is VASTLY different depending on if they want to find and prove its there, or just get rid of it.
In contrast, a far more dangerous bug [debian.org] in the openssl package used by Debian and its derivatives was discovered earlier this week, and doesn't seem to have made the Slashdot home page at all, even though it's probably relevant to a lot of the Slashdot readership and there is real action they can take to fix things. Go figure... It was on the slashdot front page on Tuesday
Law, and custom, dicate that the creator of an artistic work is entitled to the privilege of sole distribution rights to that work, and sole rights to profit from the distribution of that work. When you appropriate that work without their permission, they no longer have the privilege granted to them by law. You are, in fact, taking something away from them. And this university is doing exactly that. Appropriating my work and taking the privilege granted to me by law, to choose what license i distribute my music in. They have taken it upon them selfs to tell others a lie, that downloading my music is illegal, when in fact it is under an open license and free for anyone to download.
That is my right as defined by copyright law. Why do you think this university has the right to redefine my copyrighted works license?
In conclusion, I 100% agree with you, this university needs sued and smacked down hard for their violations of my copyright.
If SuSe is late, snip But suse CANT be late. Suse is a linux distro. The distro teams are the ones who will announce their release schedule, and he wants them to match.
If KDE wants to get the next version out, they know exactly what the deadline is for this group of distros, so know when too late is.
This way you dont get one distro including a beta, and another lagging behind, and all the distros having different versions and betas and whatnot. If for example KDE didnt deliver by the date, NONE of the distros will wait on KDE, they will release what they have. KDE will have to wait till the next release, for ALL the distros that agree to this.
Are you willing to pay a subscription fee for all content? What, you mean like all the people paying monthly for cable? The same people paying monthly for cable to tune in NBC?
Considering the fact when cable was new, it was marketed as 'no commercials because you paid in advance', which is even more funny in the fact that most shows on cable that arn't on a movie or PPV channel have usually right around 60% commercial to 40% content, and that is with your directly sending them money for getting that content.
Might as well point out the commercials and ads in DVDs too, another product I paid for and they keep trying to say I am stealing if I skip the commercials (so much so that they even try to disable FF in the ads!) I find it amazing that something that has a $20 price tag, which you PAY $20 for, you also stole if you skip commercials.
If the cable company can't take the money from their customers and use it to buy content with, then they need to fail and go away. If the content producer finds that no one is willing to pay multi-million dollars for a show, perhaps they should look at ways to make it cheaper or to lower the price, else yes they too should fail and go away.
What ISPs have unpublished bandwidth caps? Comcast in a lot of areas does. In other areas they publish the cap but its different depending where you get it from (comercial, TOS, any most every phone rep will give different numbers) Then on other areas they out right lie and claim there is no caps when not only is that technically impossible but they DO cap you above and beyond the line speed.
Vundo is really a bloody scourge. It took 5 malware scanners to remove it. Why the hell doesn't Windows let one force delete a file, or at least let me know what process is using it so I can kill it, and then delete the file. This program might help you out with that, when I was on windows I always had it installed, to make the filesystem locking work more sane.
Everyone is trying to limit information on an unlimited information supply. They can't understand what the word unlimited really means. You mean they all work at comcast?
I'm not trolling, but maybe open source isn't ready for the enterprise. Well, if you want 'enterprise' you should be using real enterprise software, like a solution from IBM, Sun Microsystems, or RedHat Linux. These companys will sell you a contract that DOES give your business recourse when something goes wrong.
Most businesses don't need enterprise software though, so they stick with linux, bsd, windows, and mac os.
Great... just when I had mostly convinced the PHBs in management that yes, open source software was trustworthy, and that yes, good developers write Linux, and snip Also it's worth pointing out, this one bug has zero to do with linux or opensource. OpenSSL IS secure. One guy broke the package and introduced this problem. It is still a bad problem, and there are alot of debian users, but just compared to all the linux distros out there, it is still only a percentage and under 100% (by Far under 100)
What you are saying is basically that because I personally can download an opensource program, change (aka break) it, and give it to someone, that opensource in whole is broken, untrustworthy, and bad.
Clearly that is just stupid.
I suppose if you don't trust openssl anymore, for a problem that effects only debian users, compared to MS's bugs that give admin access to anyone on the internet from win NT4 up to Vista SP1, then that is your call. (I am curious how you might justify that to your PHB though) http://www.microsoft.com/technet/security/bulletin/MS08-001.mspx
Thats akin to saying "I no longer trust the guy at the store since he shorted me $0.03 in change, so i'm gunna just trust the crackwhore at the corner to by the same stuff from."
it's not only a question of whether or not killing embryos at this stage would be wrong, it's als oa question of what the consequences of not carrying out this sort of research. would it morally/ethically be wrong to stifle this kind of research to protect the life of these embryos while millions suffer and die from diseases that could have been treated using this research? I'm not advocating one position or another in this case, just pointing out the other side of this. To answer your first point, no, it is ethically wrong to force even 1 person to give up their life for others, be it 2, more, or less, unless they agree.
So it all comes back around to defining what a person is. If it is a person, it is wrong to kill it, otherwise its fine. That is the only part the debate is over anymore.
what was so special about this code that the samba developers couldn't have just written a patch rather than a work around? Well, if you wrote a program with a bug, and I wrote a program that used yours, and i found your bug, what would you expect me to do if i told you about it and you said "that isnt a bug, and we wont be fixing it"?
Why would I write a fix to give to you when I know you wont be adding it to your program at all?
Why would I write it at all? Specifically in this case, its usually considered 'bad' for a user level application to require you to patch your kernel, and only on a certain OS but none of the others. I realize this is done, but no one likes it. Especially when you can replace 'if you are on bsd, you must patch your kernel' with the current 'you do nothing, the software will figure it out and it will just work'.
The samba team can not force the BSD team to change bits of their software. All the samba team can control is their own code, which they used to code the work around so it would still work, without having to tell bsd users "sorry, a feature of your os (that every other os calls a bug) prevents our software from running". Someone else would patch samba to work around this non-bug 'feature' and then you get the same situation as now.
Of course of the original bsd dev would have dropped his ego and code-political agenda for a minute and just admit it was a bug, none of this would have happened, and it would have been fixed right after it was reported the first time.
The shallow bugs argument basically says that if enough people stare at the code, they will find the bugs. Clearly that did not happen here. But it was reported before.. twice!
You can't say reporting it twice means no one ever saw it, since clearly at least three times it was noticed, the first two times when it was reported, then later when the samba devs coded around it after they were ignored by the bsd devs.
In this case, I would say the shallow bugs argument holds up perfectly, and annoying politics let us down.
but in 1995 did you have 1/2 gig flash storage devices? Hell in 1995 did you have 1/2 a gig of anything? Exactly. My memory of that period was that my machine bought new came with an 80mb (mega) drive, with an optional 120mb, and I purchased an external scsi 1gb quantum fireball drive, which at the time i thought was an insane amount of space i would never fill.
28 + 3 = 31.30 page brief? The non-frivolous argument must have been in the missing page. So _YOU_ were that kid in school who always cut up little strips of paper when turning in homework, whenever you didn't use a full sheet of paper!
I mean, there's no way the OLPC is going to be able to run the common Windows software packages that I'm sure the leaders think are desirable Seriously, what is it with geeks and power? XP is 7 years old. It ran quite correctly on P3 with 256MB RAM, why would it NOT run on the OLPC? Since when is Windows XP considered a Windows software package???
A "Windows software package" is a package of software that runs ON WINDOWS. By definition, Windows itself can not be labeled as such.
To quote you again
why would it NOT run on the OLPC? So to answer your question:
http://wiki.laptop.org/wiki/Hardware_specification CPU: x86-compatible processor with 64KB each L1 I and D cache; at least 128KB L2 cache AMD Geode LX-700@0.8W clock speed: 433 Mhz RAM: DRAM memory: 256 MiB dynamic RAM; data rate: dual-DDR333-166Mhz *** 256MiB = 32 MB HD : Mass storage: 1024 MiB SLC NAND flash, high-speed flash controller *** 1024MiB = 128 MB
http://support.microsoft.com/kb/285342 CPU: Office XP requires a Pentium processor with a clock speed of at least 133 megahertz (MHz). RAM: 128 megabytes (MB) of RAM is required for the operating system, plus an additional 8 MB of RAM for each program running simultaneously. HD : Standard 191 MB, Professional 230 MB, Professional with FrontPage 276 MB
Comparison: CPU: OLPC is fast enough to run office (433 > 133) RAM: OLPC does NOT have enough ram (32mb < 128+8mb) HD : OLPC does NOT have enough storage (128mb < 191mb and 128mb < 276mb)
Seriously, what is it with geeks and power? I guess us geeks just don't expect to squeeze a program needing 128mb ram into 32mb ram and call the machine over powered still. Silly us!
Maybe it's just me, but am I the only one who's sitting here thinking that using this hack is tantamount to stealing service? No it is not just you. Unfortunately it is still incorrect despite the fact others see it that way too.
Since everyone is different and has different morals, sure, it can easily be morally wrong. But legally and technically, it isn't wrong at all.
Clearly their service allows iPhones to access for free, and stupidly it asks the users computer if it is an iPhone or not, so lying and saying 'yes' shouldn't be enough for access, but apparently is.
They are just asking the users computer if it is an iPhone, and if that computer says 'yes', it becomes authorized. My guess is they did not intend for that, but that is the way it is setup.
So, anyone who makes their computer lie and say it is an iPhone, becomes authorized. Hard to use an unauthorized service when you are decidedly authorized to use it by their own software.
Slashdot Mirror
It's the server/computers IP stack which processes SYN packets and maintains the state table of TCP connections, which are awaiting being opened (syn), which ones are open (syn,ack), which are closing (syn,rst), and which are closed (rst,ack)
If you send a bunch of syn packets, their server will send back a syn,ack and await the last stage of handshaking, which of course you don't do, since you are busy sending out your next syn packet and don't want to keep track of all those connections yourself.
Once their servers IP stack state table is filled with these half open connections, awaiting for the final packets to setup the TCP connection (which will never happen), then until those half open connections start timing out and being dropped from the state table, no new legit connections can be established due to the state table being full.
So, you don't need to send enough syns to fill a 9gbps pipe, only send enough to fill their servers state table, and send them only faster than the IP stack timeouts those connections and drops them.
Chances are a constant syn storm sent at 10mbps will be enough to make their server stop answering legit requests.
And if their server happens to be an OS with a more advanced TCP stack, which can support syn cookies to stop syn floods, then all one needs to do is aim the attack at one of their routers and take IT down instead.
If I knew you bought illegal drugs, despite being a crime, that doesn't mean I should hope you were really buying illegal drugs when i murder you by shooting you in the head. No matter if you were buying illegal or legal drugs, I would still be in even more trouble for murdering you.
MediaDefender committed a felony here, while arguing the only reason they are allowed to commit this felony was because they thought R3 was breaking a civil copyright contract.
No matter if they were breaking copyright or not, that has nothing to do with, nor justifies, nor makes it ok/allowed/legal to launch a denial of service attack.
I can't trick myself into believing that
That's not a case of security theater, that is just a case of someone using the wrong tool for the job.
If you want authentication on top of sharing files over a network, there are other options for that, none of which is NFS alone.
Granted today NFS tries to take authentication into the picture as well, but originally that was not its intent.
There are now addons to it (such as keylogin) which can be used, and of course one can run NFS over a VPN which handles the authentication and possibly even encryption if you wish.
I too fail to see how the little indy developer not being allowed to write software that calculates 2+2=4 is the good thing you make it out to be.
Just by adding 'with a computer' in order to get a patent does not mean you are advancing anything nor deserve any sort of exclusive right.
Everything mathematically that can be done on a computer by an indy developer, or that can be stolen by a big evil corp, has all been done before. Long before.
It is frightening exactly how many patents one violates while teaching high school mathematics classes.
cosine (for calculating angles among other things) is patented #6434582
generating prime numbers is patented too, in #5373560
USPTO Application #20060095494 (sorry, cant seem to link to applications) is some company trying to patent using a program to divide integers. Yes, division. It hasnt been approved yet, but I have every fear that it will be.
The major complaint with software patents is that, no matter how much work you Think you did to make that formula, you didn't, nature did, and beat you to it by billions of years. All you did was discover it, or more than likely, re-discover it.
Even if you don't want to believe the whole nature made math thing, thats fine, there is still plenty of prior art.
Trigonometry, as well as basic addition, subtraction, multiplication, and division, were all being done by the ancient greeks back before the american or english copyright/patent systems existed (or entire government existed, if you prefer.)
If she takes the computer in for repair with claims if running slow and suspect being the target of a directed attack, then that can be used as evidence.
If joe schmoe guy who is her friend does the same, the court would most likely ignore or strike that evidence out, and also gives the husband an attack vector by claiming this guy planted it to undermine their marriage or trying to get into her pants, which would not only have the evidence thrown out, but look worse for her own case.
Sadly, this service will be expensive. You can't really trust best buy or geek squad to not just glaze their eyes over at your description, hear only 'virus', and just format the machine and reinstall.
Now, if she just wants the keylogger gone, this is a good solution. However for gathering evidence, it is disastrous.
The problem is the poster never mentioned their intentions. The way to go about doing this is VASTLY different depending on if they want to find and prove its there, or just get rid of it.
http://it.slashdot.org/article.pl?sid=08/05/13/1533212
That is my right as defined by copyright law. Why do you think this university has the right to redefine my copyrighted works license?
In conclusion, I 100% agree with you, this university needs sued and smacked down hard for their violations of my copyright.
If KDE wants to get the next version out, they know exactly what the deadline is for this group of distros, so know when too late is.
This way you dont get one distro including a beta, and another lagging behind, and all the distros having different versions and betas and whatnot.
If for example KDE didnt deliver by the date, NONE of the distros will wait on KDE, they will release what they have. KDE will have to wait till the next release, for ALL the distros that agree to this.
Considering the fact when cable was new, it was marketed as 'no commercials because you paid in advance', which is even more funny in the fact that most shows on cable that arn't on a movie or PPV channel have usually right around 60% commercial to 40% content, and that is with your directly sending them money for getting that content.
Might as well point out the commercials and ads in DVDs too, another product I paid for and they keep trying to say I am stealing if I skip the commercials (so much so that they even try to disable FF in the ads!)
I find it amazing that something that has a $20 price tag, which you PAY $20 for, you also stole if you skip commercials.
If the cable company can't take the money from their customers and use it to buy content with, then they need to fail and go away.
If the content producer finds that no one is willing to pay multi-million dollars for a show, perhaps they should look at ways to make it cheaper or to lower the price, else yes they too should fail and go away.
In other areas they publish the cap but its different depending where you get it from (comercial, TOS, any most every phone rep will give different numbers)
Then on other areas they out right lie and claim there is no caps when not only is that technically impossible but they DO cap you above and beyond the line speed.
Google for site:slashdot.org comcast
http://ccollomb.free.fr/unlocker/
These companys will sell you a contract that DOES give your business recourse when something goes wrong.
Most businesses don't need enterprise software though, so they stick with linux, bsd, windows, and mac os. Great... just when I had mostly convinced the PHBs in management that yes, open source software was trustworthy, and that yes, good developers write Linux, and snip Also it's worth pointing out, this one bug has zero to do with linux or opensource. OpenSSL IS secure. One guy broke the package and introduced this problem.
It is still a bad problem, and there are alot of debian users, but just compared to all the linux distros out there, it is still only a percentage and under 100% (by Far under 100)
What you are saying is basically that because I personally can download an opensource program, change (aka break) it, and give it to someone, that opensource in whole is broken, untrustworthy, and bad.
Clearly that is just stupid.
I suppose if you don't trust openssl anymore, for a problem that effects only debian users, compared to MS's bugs that give admin access to anyone on the internet from win NT4 up to Vista SP1, then that is your call. (I am curious how you might justify that to your PHB though)
http://www.microsoft.com/technet/security/bulletin/MS08-001.mspx
Thats akin to saying "I no longer trust the guy at the store since he shorted me $0.03 in change, so i'm gunna just trust the crackwhore at the corner to by the same stuff from."
So it all comes back around to defining what a person is.
If it is a person, it is wrong to kill it, otherwise its fine. That is the only part the debate is over anymore.
Why would I write a fix to give to you when I know you wont be adding it to your program at all?
Why would I write it at all? Specifically in this case, its usually considered 'bad' for a user level application to require you to patch your kernel, and only on a certain OS but none of the others. I realize this is done, but no one likes it.
Especially when you can replace 'if you are on bsd, you must patch your kernel' with the current 'you do nothing, the software will figure it out and it will just work'.
The samba team can not force the BSD team to change bits of their software. All the samba team can control is their own code, which they used to code the work around so it would still work, without having to tell bsd users "sorry, a feature of your os (that every other os calls a bug) prevents our software from running". Someone else would patch samba to work around this non-bug 'feature' and then you get the same situation as now.
Of course of the original bsd dev would have dropped his ego and code-political agenda for a minute and just admit it was a bug, none of this would have happened, and it would have been fixed right after it was reported the first time.
You can't say reporting it twice means no one ever saw it, since clearly at least three times it was noticed, the first two times when it was reported, then later when the samba devs coded around it after they were ignored by the bsd devs.
In this case, I would say the shallow bugs argument holds up perfectly, and annoying politics let us down.
A 400mb drive seems an exact fit for the time
A "Windows software package" is a package of software that runs ON WINDOWS. By definition, Windows itself can not be labeled as such.
To quote you again why would it NOT run on the OLPC? So to answer your question:
http://wiki.laptop.org/wiki/Hardware_specification
CPU: x86-compatible processor with 64KB each L1 I and D cache; at least 128KB L2 cache AMD Geode LX-700@0.8W clock speed: 433 Mhz
RAM: DRAM memory: 256 MiB dynamic RAM; data rate: dual-DDR333-166Mhz *** 256MiB = 32 MB
HD : Mass storage: 1024 MiB SLC NAND flash, high-speed flash controller *** 1024MiB = 128 MB
http://support.microsoft.com/kb/285342
CPU: Office XP requires a Pentium processor with a clock speed of at least 133 megahertz (MHz).
RAM: 128 megabytes (MB) of RAM is required for the operating system, plus an additional 8 MB of RAM for each program running simultaneously.
HD : Standard 191 MB, Professional 230 MB, Professional with FrontPage 276 MB
Comparison:
CPU: OLPC is fast enough to run office (433 > 133)
RAM: OLPC does NOT have enough ram (32mb < 128+8mb)
HD : OLPC does NOT have enough storage (128mb < 191mb and 128mb < 276mb) Seriously, what is it with geeks and power? I guess us geeks just don't expect to squeeze a program needing 128mb ram into 32mb ram and call the machine over powered still.
Silly us!
Since everyone is different and has different morals, sure, it can easily be morally wrong.
But legally and technically, it isn't wrong at all.
Clearly their service allows iPhones to access for free, and stupidly it asks the users computer if it is an iPhone or not, so lying and saying 'yes' shouldn't be enough for access, but apparently is.
They are just asking the users computer if it is an iPhone, and if that computer says 'yes', it becomes authorized.
My guess is they did not intend for that, but that is the way it is setup.
So, anyone who makes their computer lie and say it is an iPhone, becomes authorized.
Hard to use an unauthorized service when you are decidedly authorized to use it by their own software.