There’s definitely something new here, at least under US law. If the manufacture uses unique screw heads, the market can produce a cheap replacement tool, and you’re good. See Apple & pentalobe screws on iPhones.
Assuming this is in fact interpreted as DRM (and we’re not just throwing that word around for the knee-jerk) and thus covered by DMCA, it would be illegal, not merely inconvenient for you to attempt to repair the problem if the battery were deactivated. Even if it’s not a copy protection system under DMCA, you would surely be required to sign a contract stating that you agreed not to attempt to circumvent the lockout and would face some sort of financial penalty for doing so.
So in bygone years, if you “knew a guy” who could get you the tools, you were good and everything was still legal. Enter the Internet, and it’s pretty much a given that you can buy compatible tools for far less than the manufacturer would seek to charge you for them. But throw a computer chip in the works, and all of a sudden you’re breaking the law, probably even to *talk* about it, much less attempt it.
because it is unclear how its value will depreciate over time
If there’s a leasing company prepared to offer a lease on the battery, you can be absolutely assured that either the above is untrue (IE they have a perfectly clear understanding of how it will depreciate) or else the lease cost is inflated such that that they’re making the purchase cost plus a tidy profit over a conservatively short estimated lifetime of the battery. If you’re required to continue making lease payments beyond that short estimate, then it’s all pure profit for the leasing company (with losses due to accident, premature failure, etc. coming out of it to some degree, but that’s all worked in).
No leasing company (nor insurance company nor anything else actuarial in nature) ever goes into business unclear about what their risks are. The consumer will pay more (perhaps significantly more) than the outright purchase price, but broken into smaller installments. Maybe that does indeed allow you to purchase something you couldn’t otherwise “afford” to own with a lump payment, but considering cars are generally purchased on installment credit anyways, I find it hard to believe most consumers with the least bit of credit wouldn’t work out better amortizing the battery purchase cost in with the rest of the car cost and paying it all down as one loan instead of a loan plus a lease.
If the lease terms include essentially an infinite warranty on the battery (IE keep paying, and you’ll have a working battery even if we have to replace your original), then that might serve as a desirable form of insurance for some buyers. In the aggregate, consumers are still paying more than the total cost of batteries plus replacements or else the leasing company goes out of business, but for a particular consumer (maybe one who drives hard or uses the car in harsh climates), it could conceivably work out to a wash or perhaps slight benefit.
Leasing can make financial sense if you don’t plan to “use up” all of the value in the leased property before you discard it, but if that’s the case, just lease the whole car. The leasing company wins on this, and Reno gets to “sell” more cars with a lower “price,” so they probably win as well, but it seems like a pretty clear loss for the “buyer.”
Leasing the battery on an electric because it’s the most expensive part and tends to wear out makes as much sense as leasing the engine in a gasoline car: It’s also the most expensive part & tends to be the part that needs the most expensive repairs as it wears out.
Based on some of my friends who have bought hybrids & electrics, “Cause they’re, like green and stuff!” you would think wrong... I did more research buying my $16k Yaris than they did buying their $30k Prius or $35k Leaf.
I’m in the process of configuring a large Ubuntu roll-out for work desktops. I was thinking I wanted to disable all the Unity store crapware, and was just about to go Googling when I took a momentary detour to Slashdot. Perfect timing on this! One website with the entirety of what I needed to know to disable this junk. It’s all coded up in a Puppet class now.
Thank you, Canonical lawyers! You saved me the trouble of having to Google to figure out how to disable this garbage on 100 or so users’ desktops!
That is perhaps the more honest thing I’ve ever read from a bureaucrat. “Free at the point of use.” Yes... How often that oh-so-important qualifier is discarded.
The same reason that white hat security researchers look for holes in software. Sure, finding those holes and eventually releasing patches can help hackers identify exploits that might still be unpatched on some machines, but *not* finding those holes doesn’t mean they automatically go unfound. If a white hat didn’t find & announce it, there’s still a pretty good chance a black hat (or the NSA...) found it and is exploiting it in the wild. I’d honestly rather have a zero-day with a patch “coming soon” than have no idea there’s even a bug that’s being actively exploited without anyone knowing about it and no patch forthcoming.
Looking for this type of unique tracking capability in devices is valuable because it helps understand what the threat model of carrying one is. I’ve no doubt the NSA has a division looking for exactly this kind of “attack” against devices. If device & OS manufacturers care at all about privacy (debatable...), knowing this type of situation exists is the first step in attempting to mitigate it.
And here I lose some karma for being an Apple fanboi, but...
At least in recent iOS, the device’s MAC addresses (both BT and WiFi) are not accessible to third-party apps. Best you can get is the new “advertising identifier” as of iOS 6.x which is unique only to the particular application and randomly generated for each app. So your app can track the user while it’s running, but you can’t correlate that to data collected from other apps nor is there any equivalent in a web-based app (other than plain old cookies).
Given the DRM requirement still present on iTunes video, you’re no better protected against “[company] may shut down” than you are with Netflix. If Apple goes out of business & their DRM servers go down, you won’t be able to watch your content on anything but the five machines you have authorized now. And if anything changes, upgrades, or iTunes doesn’t work on Windows version [whatever], you stand to lose even those five.
My father works for the power utility in New York. I’d be willing to bet the power-supply people are already outsourced in Connecticut. They are in New York.
Line workers & fleet repair are down to a skeleton crew actually on the utility’s payroll. They keep enough on staff to do daily install / disconnect type work, too few to actually keep up with necessary repairs to maintain the grid. If a storm causes damage, they have about a day’s ramp up time before they can pull in worker’s from afar to start any meaningful repairs. If the damage is wide-spread, expect to be out power for days since they can’t pull in enough workers to cover all their territory.
I live about 15 minutes outside the capital of New York, so it’s hardly rural nowhere we’re talking about either. My generator is among the better investments I’ve ever made... There have been four or five times over the past few years that I’ve needed to run on it for 12 hours or more.
I don’t see any chance that this would aid Apple in assisting with lawful unlock requests. Apple has the signing keys that allow them to load any code on any device they please. Assuming they are cooperating with LEO on unlocking cellphones, I would expect that they provide a specifically signed piece of (essentially) malware on a per-phone basis. They would provide code along with the signing tokens necessary to install the code “normally” on a particular device without requiring any jailbreak or other circumvention. That code could then unlock the flash-level encryption and provide a forensically sounds dump of the entire device contents without actually booting anything on the device. Essentially it would be a DFU boot loader that decrypts and puts the phone into “Target Disk Mode” to then be copied off for later analysis. No code present on the device beyond the initial mask ROM recovery bootloader would need to be executed, so any effort to make the phone self-destruct would fail.
Alternatively, Apple might just provide signed tokens for a hash to arbitrary code provided to them by LEO, thereby allowing such a forensics package to be installed on a particular phone without Apple having any knowledge of the payload.
Or for the extremely^W only slightly paranoid, Apple may have provided or (LEO may have obtained by less-than-overt channels) the private keys allowing them to sign any arbitrary code for any iDevice ever created.
Alas, that’s not settled case law in the US. Results are mixed at Federal district level, and there’s no settling ruling by SCOTUS. Depending on the jurisdiction you’re in, some have ruled that compelling a password is self incrimination whereas others have ruled that it’s the same as compelling the combination to a safe (which *is* settled to *not* be self incrimination).
The logic goes something like this: Revealing that you know the code reveals that the “container” (safe, phone, etc.) belongs to you. That might be incriminating, but if they can prove via other means that the container belongs to you (easy for a cell phone - check CellCo records), then you’re not incriminating yourself by revealing that you know the code since they already know it belongs to you. Revealing the code proves nothing that they don’t already know. Since the code itself is now not incrimination (only the contents that are revealed by it), you can be compelled to provide the code or rot in a cell until you do.
Some jurisdictions have been a bit more reasonable in realizing that the contents of a cell phone are likely to be more intimate and thus more deserving of additional protections than bank records sitting in a safe, but that’s not universal at all yet.
You don’t even need to disable power off. With the encrypted storage used since the 3GS, you just zero the 128 bit flash device key in the device’s crypto chip & reboot. The rest of the encrypted flash is nothing but entropy at that point. Should only take a few seconds to complete. This is what the “Find My Phone” remote wipe feature does.
That said... From a security standpoint I’d actually prefer the boot loader & rest of the pre-boot environment be impervious to jailbreaks. If it can be jailbroken, then attackers don’t mess around with the PIN unlock at all. Just subvert the boot environment to boot & decrypt the flash normally, then allow unfettered access to flash contents. No PIN nor print required.
Most banks at the $1 level are hitting you monthly fees for the privilege. Those add up in a hurry, and are actually worse than a larger minimum balance since you don't actually have the (small amount) of money to fall back on. Some credit unions will give you the $1 minimum no-fee option, but they're not always available in any particular place.
You can indeed buy fractional Bitcoins. Works like dollars and cents.
That comparison holds in the case where someone has a low income but at least has a home or some sort of environment where cooking is possible.
If you’re living on the streets, where are you going to cook your ground beef or eggs? Where are you going to refrigerate them so that you can take advantage of the lower per-meal cost spread over the course of several days? That type of economy of scale is only possible with a certain minimum level of capital. Namely that required to maintain or maintain access to a kitchen, IE a “home”.
Honestly, caffeinated sugar solution is a subjectively “good” choice if you’re broke and hungry. Granted, it lacks in protein, so long-term it sucks. Short-term, though, it gives you energy (sugar) and a stimulant boost (caffeine) which will tend to make you feel less hungry. You’ll be digesting your own organs before long, but at least you won’t feel “starving”.
You’d be better off trying to find some pre-cooked or raw-consumable, shelf-stable (no refrigeration required) protein, but I’m honestly at a loss to name any complete proteins that fit those requirements that are cheaper than a McWhatever...
Bus & train companies generally want money to move that single backpack (and the back carrying it) from point A to point B. Depending on how badly off you are, that may or may not be within your means. It also means moving from a place where you may have some kind of idea what meager options are available in terms of charity & pickup employment to a place you have no clue about and no connections to. That’s a terrifying thing to do if you’ve got a job waiting and cash in the bank to carry you for a while. Imagine doing it with nothing more than the clothes on your back.
See also: Mental illness, which can easily be an insurmountable block to relocating successfully.
Opening a US bank account generally requires a permanent address and proof of [traditional] employment. Not something the homeless are likely to get. Even an account established pre-homelessness likely had some minimum balance required to keep it open. Keeping that last $100 or so locked up to maintain an account when you’re hungry isn’t a choice I think many would make.
Network Operations Center. IE the kind of place Slashdot is presumably running in. Big expensive computers, your personal information, credit cards, possibly SSN’s, medical records, the list goes on. Security there is kind of a GoodThing(tm). Frequently it’s also a legally required thing in places where SarBox, HIPAA, etc. might apply.
As far as standing up for yourself, I want exactly this kind of security for any NOC that I’m involved in. Me, one of those downtrodden workers, actually feels that I benefit from this invasion. How could I be so willing to give up my precious liberties you ask? Simple: Hand geometry or other biometrics provides some level of assurance that the person using my ID to enter the NOC is actually ME. If someone stole my swipe card and could just waltz right in, cause mayhem, and leave with it all audited to me, I’d be in a world of hurt for something I didn’t do. Biometrics plus security cameras ensures that if anything malicious should occur, there’s a pretty good likelihood of pinning it on the individual actually responsible rather than some convenient patsy.
But a better question: WTF are you doing on slashdot if you don’t even know what a NOC is? Please turn in your nerd card, there’s no news here that matters for you.
Subtle point, but nothing in the way of app updates is implemented as a “push” in the current iOS. Apple pushes data (never code) in the form of push notifications. Apps are not executed in response to push notifications. Apps only execute and get CPU time if the user launches the app by choosing that push notification. There’s no opportunity for an app to “do something” in response to a push without user intervention as CPU control is never transferred to the app in response to a push notification. This was an intentional design decision as it makes it impossible for apps to track or otherwise nag you by sending push notifications and thus executing code in response.
App updates are purely a “pull” operation. The phone retrieves latest version numbers from AppStore servers and presents the update options to users. Even the app update doesn’t cause code to execute. Apps are updated in-place (killing any running instance first if necessary) and left in a non-running state unless/until the user launches the new version by tapping its icon, acknowledging a push notification, opening a URL the app handles, etc.
OS updates are done in a similar fashion. The device queries for available updates, and only downloads and installs them in response to user confirmation to do so.
There isn’t any (known) mechanism in iOS that provides Apple with a path to send binary code to devices in the field and cause them to begin executing it. Based on the level of scrutiny and analysis the platform receives from the jailbreak community, I would expect any such capability would be discovered.
At present, assuming there is no “search fingerprint” command in iOS 7, the only avenues to run this type of search would be:
1) Push an OS update to everyone that includes it.
1a) Based on UDID in the request for update check, push a specifically crafted iOS update to an individual of interest. (But if they have your phone UDID, they’re not looking for prints.)
2) Include the capability in one of the AppStore Apple apps (Find My Friends, Apple Store, etc.), wait for users to pull the update, relaunch the app, and then trigger the search. Possible but Apps would need to violate Sandbox restrictions in order to obtain access to the fingerprint hash. I don’t know if Apple can sign their apps in such a way that they are able to violate the sandbox (third party apps are denied access by the OS kernel to anything buy specific OS binaries outside their sandbox). Currently none of the deployed Apple apps violate the sandbox restrictions that “normal” apps are held to.
2a) As above, target a binary with necessary capabilities to a specific user based on UDID in version query.
All of that is certainly in the realm of what is possible, but we’re in movie plot territory at that point I think. (Attn: screenplay writers: Copyright (c) Now by Me. All rights reserved...)
Alright... I’m pretty freaking paranoid, but are you seriously suggesting that Apple wrote in capability to do a remote distributed fingerprint search of all iPhone 5s’s in the wild? Cause dude, that’s kind of crazy. Check your meds or something...
I’ll believe a lot when it comes to government spook conspiracy, but this one kinda fails the reasonable test as far as the tech effort required to implement it goes. Honestly, I doubt the NSA relies on fingerprints terribly often. They specialize in what you said, not what you touched.
It’s pretty easy to enforce actually./usr/local is owned by a mortal user, and you never run `make install` as root. Anything tries to write outside of that (to overwrite something in/usr/bin,/etc), it fails.
I can see how from a Windows background, that wouldn’t be immediately obvious. Running as a truly mortal user in Windows (much less installing *anything* as that user without elevating) is pretty much a lost cause. On ‘nix systems, with any reasonably maintained package, it’s trivial
Meanwhile on my 'nix system (happens to be a Mac, so flame away, I can take it...), I’ve got the core system and three different package maintenance systems (Darwin Ports, Brew, and Gentoo) all installing to different trees, owned by different mortals. Just su(do) to the appropriate user, run the update, drop back to your own user. Everybody plays nice.
Slashdot Mirror
There’s definitely something new here, at least under US law. If the manufacture uses unique screw heads, the market can produce a cheap replacement tool, and you’re good. See Apple & pentalobe screws on iPhones.
Assuming this is in fact interpreted as DRM (and we’re not just throwing that word around for the knee-jerk) and thus covered by DMCA, it would be illegal, not merely inconvenient for you to attempt to repair the problem if the battery were deactivated. Even if it’s not a copy protection system under DMCA, you would surely be required to sign a contract stating that you agreed not to attempt to circumvent the lockout and would face some sort of financial penalty for doing so.
So in bygone years, if you “knew a guy” who could get you the tools, you were good and everything was still legal. Enter the Internet, and it’s pretty much a given that you can buy compatible tools for far less than the manufacturer would seek to charge you for them. But throw a computer chip in the works, and all of a sudden you’re breaking the law, probably even to *talk* about it, much less attempt it.
If there’s a leasing company prepared to offer a lease on the battery, you can be absolutely assured that either the above is untrue (IE they have a perfectly clear understanding of how it will depreciate) or else the lease cost is inflated such that that they’re making the purchase cost plus a tidy profit over a conservatively short estimated lifetime of the battery. If you’re required to continue making lease payments beyond that short estimate, then it’s all pure profit for the leasing company (with losses due to accident, premature failure, etc. coming out of it to some degree, but that’s all worked in).
No leasing company (nor insurance company nor anything else actuarial in nature) ever goes into business unclear about what their risks are. The consumer will pay more (perhaps significantly more) than the outright purchase price, but broken into smaller installments. Maybe that does indeed allow you to purchase something you couldn’t otherwise “afford” to own with a lump payment, but considering cars are generally purchased on installment credit anyways, I find it hard to believe most consumers with the least bit of credit wouldn’t work out better amortizing the battery purchase cost in with the rest of the car cost and paying it all down as one loan instead of a loan plus a lease.
If the lease terms include essentially an infinite warranty on the battery (IE keep paying, and you’ll have a working battery even if we have to replace your original), then that might serve as a desirable form of insurance for some buyers. In the aggregate, consumers are still paying more than the total cost of batteries plus replacements or else the leasing company goes out of business, but for a particular consumer (maybe one who drives hard or uses the car in harsh climates), it could conceivably work out to a wash or perhaps slight benefit.
Leasing can make financial sense if you don’t plan to “use up” all of the value in the leased property before you discard it, but if that’s the case, just lease the whole car. The leasing company wins on this, and Reno gets to “sell” more cars with a lower “price,” so they probably win as well, but it seems like a pretty clear loss for the “buyer.”
Leasing the battery on an electric because it’s the most expensive part and tends to wear out makes as much sense as leasing the engine in a gasoline car: It’s also the most expensive part & tends to be the part that needs the most expensive repairs as it wears out.
Based on some of my friends who have bought hybrids & electrics, “Cause they’re, like green and stuff!” you would think wrong... I did more research buying my $16k Yaris than they did buying their $30k Prius or $35k Leaf.
I’m in the process of configuring a large Ubuntu roll-out for work desktops. I was thinking I wanted to disable all the Unity store crapware, and was just about to go Googling when I took a momentary detour to Slashdot. Perfect timing on this! One website with the entirety of what I needed to know to disable this junk. It’s all coded up in a Puppet class now.
Thank you, Canonical lawyers! You saved me the trouble of having to Google to figure out how to disable this garbage on 100 or so users’ desktops!
That is perhaps the more honest thing I’ve ever read from a bureaucrat. “Free at the point of use.” Yes... How often that oh-so-important qualifier is discarded.
TANSTAAFL!
The same reason that white hat security researchers look for holes in software. Sure, finding those holes and eventually releasing patches can help hackers identify exploits that might still be unpatched on some machines, but *not* finding those holes doesn’t mean they automatically go unfound. If a white hat didn’t find & announce it, there’s still a pretty good chance a black hat (or the NSA...) found it and is exploiting it in the wild. I’d honestly rather have a zero-day with a patch “coming soon” than have no idea there’s even a bug that’s being actively exploited without anyone knowing about it and no patch forthcoming.
Looking for this type of unique tracking capability in devices is valuable because it helps understand what the threat model of carrying one is. I’ve no doubt the NSA has a division looking for exactly this kind of “attack” against devices. If device & OS manufacturers care at all about privacy (debatable...), knowing this type of situation exists is the first step in attempting to mitigate it.
And here I lose some karma for being an Apple fanboi, but...
At least in recent iOS, the device’s MAC addresses (both BT and WiFi) are not accessible to third-party apps. Best you can get is the new “advertising identifier” as of iOS 6.x which is unique only to the particular application and randomly generated for each app. So your app can track the user while it’s running, but you can’t correlate that to data collected from other apps nor is there any equivalent in a web-based app (other than plain old cookies).
For the part of the US that matters (and can afford to buy politicians)? Sure! Haliburton et al. made quite the tidy profit from the whole affair.
Given the DRM requirement still present on iTunes video, you’re no better protected against “[company] may shut down” than you are with Netflix. If Apple goes out of business & their DRM servers go down, you won’t be able to watch your content on anything but the five machines you have authorized now. And if anything changes, upgrades, or iTunes doesn’t work on Windows version [whatever], you stand to lose even those five.
Sounds a lot like the argument made that atheists must be immoral because there’s nobody to watch them.
I stop at stop signs because it’s the safe thing to do, not because I might get a ticket if I don’t.
My father works for the power utility in New York. I’d be willing to bet the power-supply people are already outsourced in Connecticut. They are in New York.
Line workers & fleet repair are down to a skeleton crew actually on the utility’s payroll. They keep enough on staff to do daily install / disconnect type work, too few to actually keep up with necessary repairs to maintain the grid. If a storm causes damage, they have about a day’s ramp up time before they can pull in worker’s from afar to start any meaningful repairs. If the damage is wide-spread, expect to be out power for days since they can’t pull in enough workers to cover all their territory.
I live about 15 minutes outside the capital of New York, so it’s hardly rural nowhere we’re talking about either. My generator is among the better investments I’ve ever made... There have been four or five times over the past few years that I’ve needed to run on it for 12 hours or more.
Are you sure they were beginner’s mistakes and not just experts working for the NSA?
Sure... One to share for the whole factory, maybe.
What part is forced? iPhones won’t install OS updates unless you hit the button to confirm. They’ll nag you, but never force you.
I don’t see any chance that this would aid Apple in assisting with lawful unlock requests. Apple has the signing keys that allow them to load any code on any device they please. Assuming they are cooperating with LEO on unlocking cellphones, I would expect that they provide a specifically signed piece of (essentially) malware on a per-phone basis. They would provide code along with the signing tokens necessary to install the code “normally” on a particular device without requiring any jailbreak or other circumvention. That code could then unlock the flash-level encryption and provide a forensically sounds dump of the entire device contents without actually booting anything on the device. Essentially it would be a DFU boot loader that decrypts and puts the phone into “Target Disk Mode” to then be copied off for later analysis. No code present on the device beyond the initial mask ROM recovery bootloader would need to be executed, so any effort to make the phone self-destruct would fail.
Alternatively, Apple might just provide signed tokens for a hash to arbitrary code provided to them by LEO, thereby allowing such a forensics package to be installed on a particular phone without Apple having any knowledge of the payload.
Or for the extremely^W only slightly paranoid, Apple may have provided or (LEO may have obtained by less-than-overt channels) the private keys allowing them to sign any arbitrary code for any iDevice ever created.
Alas, that’s not settled case law in the US. Results are mixed at Federal district level, and there’s no settling ruling by SCOTUS. Depending on the jurisdiction you’re in, some have ruled that compelling a password is self incrimination whereas others have ruled that it’s the same as compelling the combination to a safe (which *is* settled to *not* be self incrimination).
The logic goes something like this: Revealing that you know the code reveals that the “container” (safe, phone, etc.) belongs to you. That might be incriminating, but if they can prove via other means that the container belongs to you (easy for a cell phone - check CellCo records), then you’re not incriminating yourself by revealing that you know the code since they already know it belongs to you. Revealing the code proves nothing that they don’t already know. Since the code itself is now not incrimination (only the contents that are revealed by it), you can be compelled to provide the code or rot in a cell until you do.
Some jurisdictions have been a bit more reasonable in realizing that the contents of a cell phone are likely to be more intimate and thus more deserving of additional protections than bank records sitting in a safe, but that’s not universal at all yet.
You don’t even need to disable power off. With the encrypted storage used since the 3GS, you just zero the 128 bit flash device key in the device’s crypto chip & reboot. The rest of the encrypted flash is nothing but entropy at that point. Should only take a few seconds to complete. This is what the “Find My Phone” remote wipe feature does.
That said... From a security standpoint I’d actually prefer the boot loader & rest of the pre-boot environment be impervious to jailbreaks. If it can be jailbroken, then attackers don’t mess around with the PIN unlock at all. Just subvert the boot environment to boot & decrypt the flash normally, then allow unfettered access to flash contents. No PIN nor print required.
Most banks at the $1 level are hitting you monthly fees for the privilege. Those add up in a hurry, and are actually worse than a larger minimum balance since you don't actually have the (small amount) of money to fall back on. Some credit unions will give you the $1 minimum no-fee option, but they're not always available in any particular place.
You can indeed buy fractional Bitcoins. Works like dollars and cents.
That comparison holds in the case where someone has a low income but at least has a home or some sort of environment where cooking is possible.
If you’re living on the streets, where are you going to cook your ground beef or eggs? Where are you going to refrigerate them so that you can take advantage of the lower per-meal cost spread over the course of several days? That type of economy of scale is only possible with a certain minimum level of capital. Namely that required to maintain or maintain access to a kitchen, IE a “home”.
Honestly, caffeinated sugar solution is a subjectively “good” choice if you’re broke and hungry. Granted, it lacks in protein, so long-term it sucks. Short-term, though, it gives you energy (sugar) and a stimulant boost (caffeine) which will tend to make you feel less hungry. You’ll be digesting your own organs before long, but at least you won’t feel “starving”.
You’d be better off trying to find some pre-cooked or raw-consumable, shelf-stable (no refrigeration required) protein, but I’m honestly at a loss to name any complete proteins that fit those requirements that are cheaper than a McWhatever...
Bus & train companies generally want money to move that single backpack (and the back carrying it) from point A to point B. Depending on how badly off you are, that may or may not be within your means. It also means moving from a place where you may have some kind of idea what meager options are available in terms of charity & pickup employment to a place you have no clue about and no connections to. That’s a terrifying thing to do if you’ve got a job waiting and cash in the bank to carry you for a while. Imagine doing it with nothing more than the clothes on your back.
See also: Mental illness, which can easily be an insurmountable block to relocating successfully.
Opening a US bank account generally requires a permanent address and proof of [traditional] employment. Not something the homeless are likely to get. Even an account established pre-homelessness likely had some minimum balance required to keep it open. Keeping that last $100 or so locked up to maintain an account when you’re hungry isn’t a choice I think many would make.
Network Operations Center. IE the kind of place Slashdot is presumably running in. Big expensive computers, your personal information, credit cards, possibly SSN’s, medical records, the list goes on. Security there is kind of a GoodThing(tm). Frequently it’s also a legally required thing in places where SarBox, HIPAA, etc. might apply.
As far as standing up for yourself, I want exactly this kind of security for any NOC that I’m involved in. Me, one of those downtrodden workers, actually feels that I benefit from this invasion. How could I be so willing to give up my precious liberties you ask? Simple: Hand geometry or other biometrics provides some level of assurance that the person using my ID to enter the NOC is actually ME. If someone stole my swipe card and could just waltz right in, cause mayhem, and leave with it all audited to me, I’d be in a world of hurt for something I didn’t do. Biometrics plus security cameras ensures that if anything malicious should occur, there’s a pretty good likelihood of pinning it on the individual actually responsible rather than some convenient patsy.
But a better question: WTF are you doing on slashdot if you don’t even know what a NOC is? Please turn in your nerd card, there’s no news here that matters for you.
Subtle point, but nothing in the way of app updates is implemented as a “push” in the current iOS. Apple pushes data (never code) in the form of push notifications. Apps are not executed in response to push notifications. Apps only execute and get CPU time if the user launches the app by choosing that push notification. There’s no opportunity for an app to “do something” in response to a push without user intervention as CPU control is never transferred to the app in response to a push notification. This was an intentional design decision as it makes it impossible for apps to track or otherwise nag you by sending push notifications and thus executing code in response.
App updates are purely a “pull” operation. The phone retrieves latest version numbers from AppStore servers and presents the update options to users. Even the app update doesn’t cause code to execute. Apps are updated in-place (killing any running instance first if necessary) and left in a non-running state unless/until the user launches the new version by tapping its icon, acknowledging a push notification, opening a URL the app handles, etc.
OS updates are done in a similar fashion. The device queries for available updates, and only downloads and installs them in response to user confirmation to do so.
There isn’t any (known) mechanism in iOS that provides Apple with a path to send binary code to devices in the field and cause them to begin executing it. Based on the level of scrutiny and analysis the platform receives from the jailbreak community, I would expect any such capability would be discovered.
At present, assuming there is no “search fingerprint” command in iOS 7, the only avenues to run this type of search would be:
1) Push an OS update to everyone that includes it.
1a) Based on UDID in the request for update check, push a specifically crafted iOS update to an individual of interest. (But if they have your phone UDID, they’re not looking for prints.)
2) Include the capability in one of the AppStore Apple apps (Find My Friends, Apple Store, etc.), wait for users to pull the update, relaunch the app, and then trigger the search. Possible but Apps would need to violate Sandbox restrictions in order to obtain access to the fingerprint hash. I don’t know if Apple can sign their apps in such a way that they are able to violate the sandbox (third party apps are denied access by the OS kernel to anything buy specific OS binaries outside their sandbox). Currently none of the deployed Apple apps violate the sandbox restrictions that “normal” apps are held to.
2a) As above, target a binary with necessary capabilities to a specific user based on UDID in version query.
All of that is certainly in the realm of what is possible, but we’re in movie plot territory at that point I think. (Attn: screenplay writers: Copyright (c) Now by Me. All rights reserved...)
Alright... I’m pretty freaking paranoid, but are you seriously suggesting that Apple wrote in capability to do a remote distributed fingerprint search of all iPhone 5s’s in the wild? Cause dude, that’s kind of crazy. Check your meds or something...
I’ll believe a lot when it comes to government spook conspiracy, but this one kinda fails the reasonable test as far as the tech effort required to implement it goes. Honestly, I doubt the NSA relies on fingerprints terribly often. They specialize in what you said, not what you touched.
It’s pretty easy to enforce actually. /usr/local is owned by a mortal user, and you never run `make install` as root. Anything tries to write outside of that (to overwrite something in /usr/bin, /etc), it fails.
I can see how from a Windows background, that wouldn’t be immediately obvious. Running as a truly mortal user in Windows (much less installing *anything* as that user without elevating) is pretty much a lost cause. On ‘nix systems, with any reasonably maintained package, it’s trivial
Meanwhile on my 'nix system (happens to be a Mac, so flame away, I can take it...), I’ve got the core system and three different package maintenance systems (Darwin Ports, Brew, and Gentoo) all installing to different trees, owned by different mortals. Just su(do) to the appropriate user, run the update, drop back to your own user. Everybody plays nice.