Yes, the difference being is that in Apple's case the computers with the keys and the metadata - the only systems that can make sense of the encrypted blobs stored with Google et al. are all 100% under Apple's control. They're not on shared hosting, they're not VPSs in someone else's datacenter. They hold the keys to the kingdom and they're owned and operated by Apple. The only things that are stored on Google (and AWS and Azure) are encrypted blobs of data. These blobs are likely wrapped in a TLS session when travelling between the cloud storage and Apple's servers as well, but even if anyone were to pwn the Google instance, or intercept the data in flight, all they'd have is a lot of bytes that look like random data.
I can't see something like Spectre being an issue for the data hosted on 3rd party services. It's all stored as blobs of encrypted data. The keys to decrypt the data are stored on Apple-owned infrastructure, as are all the bits of metadata that determines what the data is for. Nowhere on AWS, Azure or Google Cloud are the keys to the encrypted data stored, just chunks of what would look like pure random noise to anyone else but Apple. Apple may use these third-party services but it doesn't mean that they have to trust them with the security of their customer's data.
That's a dishonest characterization, even if the end-result is the same.
Intel put "do not optimize non-Intel CPUs" code generation in their compiler. Which still equally sucks, but is far less evil from a purely capitalist competition standpoint.
Yep, and what's more (according to some of the linked sources above) is that Intel have then even had to hack the CPU detection in their own compiler to still apply optimisations to future releases of their own CPUs as the detection code that ran would only recognise very specific model and family numbers.
It's this specific detection that was letting AMD fall through the cracks, but it also meant that as-yet unreleased Intel CPUs would also run un-optimised code, so they had to hack in different checks to specifically identify Intel CPUs and still run the optimised code path.
Yep, I'm sure it was just a simple oversight that Intel's patch that hurt performance on Intel and AMD, and wasn't necessary on AMD, was applied by default to CPUs from both vendors. You know, Intel has only known about this for 6-7 months, so they were really rushed to get a working patch out in time./sarcasm.
Linux, back in the day, originally ran on 486 processors, and ran well. You could boot the system off 1.44 MB floppy disks and it booted in well under 11 minutes. Why reinvent the wheel and compile a modern linux when OG distros are still available - like Slack 1.01 from Feb 1995. Download all 13 floppy disk images (less than 20 MB!) from here: https://mirrors.slackware.com/....
Now that software companies are hooked on the recurring revenue of subscription-based pricing and their end users have seemingly accepted it with little fanfare, I don't see the subscription model going away any time soon.
The trap is that software companies now want to be seen as giving continual improvements (and therefore value) to their customers, so they push out annual updates (as most subscriptions are an annual subscription) just so that people are using WhateverApp 2018 instead of WhateverApp 2017. It's got a bigger number in it's name, it must be more better. Or, why am I paying a subscription for WhateverApp 2015 and it's nearly 2018? What has the vendor been doing for the last two years to deserve my money?
Yes, if you need to maintain compatibility with your existing fleet, instead of rolling over into new hardware then pretty much anything except for Windows is out of the running.
I know now that I'm responding with a viable alternative you'll shift the goalposts but macOS ticks all of those boxes for you Acrobat Pro - check Microsoft Office - check Exchange support - use either the in-built Mail.app or use Outlook 2016 from MS Office AD - check - you can bind to AD straight out of the box.
This could also be the start of a push to using ARM chips in Macs. It's not like Apple are scared of changing horses half way through the race having switched from M68k to PPC to x86 to x64 and then with 32-bit and 64-bit ARM cores running the same OS kernel on mobile devices.
The latest Apple A-series chips in the iPhone 8 and X also seem to hold their own in benchmarks against the x86 processors used in (the admittedly outdated hardware in) the MacBook Air and the (not quite as outdated) MacBook.
Isn't this more like an ARM A10 powered iMac Pro with an Intel x86 coprocessor for running existing legacy code on? The ARM handles booting up the machine and a lot of the security controls.
But they are active even if you are not using it. They sit listening on the first Ethernet port and will even grab a DHCP address. Given the access they have, and the inability to turn them off, if they can get exploited there is nothing you can do.
Moving your connection too another NIC can stop it from communicating, but it is still active and waiting.
I don't know about this - I've got a PC with a 7-series (Kaby Lake) intel CPU. I'm using onboard Ethernet. I've checked my DHCP leases and there are no unknown devices requesting an IP on my network.
The smaller the percentage of a work used, the more likely it is to fall under fair use provisions. As a rule of thumb, the use of up to 10% of a work us usually considered fair use (depending, of course, on the context in which it's used).
Using a single still frame from a motion picture is a fraction of a percent and is highly unlikely to be prosecuted as copyright infringement.
Yeah, everyone except for the conspiracy theorists who think it was landed on a remote jungle island or flown under the radar to some particular country, or abducted by aliens or... etc.
You can enable/disable Mobile Data on a per-app basis in iOS - go to Settings > App Name and you can turn on/off Mobile Data for any apps that have registered as using mobile data on your device.
re: big corps that use unpublished APIs, this used to be the case, but Apple have cracked down on it significantly. There are a number of apps that are permitted to run in the background, Facebook is not one of them, however Facebook "accidentally" registered their app as a media player and they'd play a silent mp3 in the background to get around iOS trying to freeze the app when it wasn't in use. Apple had a quiet chat to Facebook and this has apparently stopped.
As far as I know, if you force-quit an App, it has no way to re-launch itself in the background and start using data again.
Two orders of magnitude actually. 24 hours × 365 days × 100 Watts = 876,000 Watt-hours = 876 kW/h 876 kW/h at $0.12c per kW/h is $105.12 per year.
Think about your annual power bill - if it cost $1,000 to run a 100W globe for a year, we'd all be sitting around in the dark. In a house with, say, 10 light globes running them each for 8 hours per day, your power bill for lighting alone would be over $3,000
Wait... you actually use an email address at the domain as the contact email for the domain? Yikes.
Or do you mean that you can change the email on the domain? Because that may or may not be true, depending on whether you crack the account of the admin contact, the tech contact, or the billing contact.
Some CAs will only do email verification to a subset of defined email addresses at the domain in question - e.g. hostmaster@example.com, postmaster@example.com etc.
Although I've seen it myself, I simply fail to understand how people can continue to give out the wrong email address after being notified it's not their email. What do they hope to gain? That by giving it out that it will magically somehow become theirs? It's not like they see a single email sent to that address, so it seems to me like it defeats the whole purpose...
I know someone who signed up for Apple's Mobile Me (before it became iCloud) with firstname@me.com - even though she has 2FA on, she has to deal with having her account locked 2-3 times per week as someone else decides that it must be their email address and tries to guess the password too many times, thereby locking the account. She has a long and complex password on the account and has two-factor authentication, but Apple can't do anything about the literal DOS on her account of frequently having people lock the account after incorrectly guessing the password too many times. It's really frustrating, but as she's been using the account for so long now, with so many services linked to that email address, she doesn't want to change - plus that would be like admitting defeat... I am continually amazed at how so many people (or maybe it's just the same person every time?) don't know their own email address - or maybe they think that they deserve the account more than the actual owner, so keep trying to guess in the hope that they'll get in one day.
Slashdot Mirror
Yes, the difference being is that in Apple's case the computers with the keys and the metadata - the only systems that can make sense of the encrypted blobs stored with Google et al. are all 100% under Apple's control. They're not on shared hosting, they're not VPSs in someone else's datacenter. They hold the keys to the kingdom and they're owned and operated by Apple.
The only things that are stored on Google (and AWS and Azure) are encrypted blobs of data. These blobs are likely wrapped in a TLS session when travelling between the cloud storage and Apple's servers as well, but even if anyone were to pwn the Google instance, or intercept the data in flight, all they'd have is a lot of bytes that look like random data.
I can't see something like Spectre being an issue for the data hosted on 3rd party services. It's all stored as blobs of encrypted data. The keys to decrypt the data are stored on Apple-owned infrastructure, as are all the bits of metadata that determines what the data is for. Nowhere on AWS, Azure or Google Cloud are the keys to the encrypted data stored, just chunks of what would look like pure random noise to anyone else but Apple.
Apple may use these third-party services but it doesn't mean that they have to trust them with the security of their customer's data.
Yes, and cast parts have the same strength as forged or machined parts.
That's a dishonest characterization, even if the end-result is the same.
Intel put "do not optimize non-Intel CPUs" code generation in their compiler. Which still equally sucks, but is far less evil from a purely capitalist competition standpoint.
Yep, and what's more (according to some of the linked sources above) is that Intel have then even had to hack the CPU detection in their own compiler to still apply optimisations to future releases of their own CPUs as the detection code that ran would only recognise very specific model and family numbers.
It's this specific detection that was letting AMD fall through the cracks, but it also meant that as-yet unreleased Intel CPUs would also run un-optimised code, so they had to hack in different checks to specifically identify Intel CPUs and still run the optimised code path.
Yep, I'm sure it was just a simple oversight that Intel's patch that hurt performance on Intel and AMD, and wasn't necessary on AMD, was applied by default to CPUs from both vendors. You know, Intel has only known about this for 6-7 months, so they were really rushed to get a working patch out in time. /sarcasm.
power loss = reset passwords ????
Even more to the point, power loss at a local facility = reset passwords for gmail ???
Linux, back in the day, originally ran on 486 processors, and ran well. You could boot the system off 1.44 MB floppy disks and it booted in well under 11 minutes.
Why reinvent the wheel and compile a modern linux when OG distros are still available - like Slack 1.01 from Feb 1995.
Download all 13 floppy disk images (less than 20 MB!) from here: https://mirrors.slackware.com/....
Wouldn't more editor input be the way to improve /. or is improving it not the aim?
You must be new round here ^_^
Yes /thread
Now that software companies are hooked on the recurring revenue of subscription-based pricing and their end users have seemingly accepted it with little fanfare, I don't see the subscription model going away any time soon.
The trap is that software companies now want to be seen as giving continual improvements (and therefore value) to their customers, so they push out annual updates (as most subscriptions are an annual subscription) just so that people are using WhateverApp 2018 instead of WhateverApp 2017. It's got a bigger number in it's name, it must be more better. Or, why am I paying a subscription for WhateverApp 2015 and it's nearly 2018? What has the vendor been doing for the last two years to deserve my money?
You can bet every intelligence organization on the planet is after Intel's ME keys. Sooner or later someone will get them.
You're making the assumption that they don't already have them.
Yes, if you need to maintain compatibility with your existing fleet, instead of rolling over into new hardware then pretty much anything except for Windows is out of the running.
I know now that I'm responding with a viable alternative you'll shift the goalposts but macOS ticks all of those boxes for you
Acrobat Pro - check
Microsoft Office - check
Exchange support - use either the in-built Mail.app or use Outlook 2016 from MS Office
AD - check - you can bind to AD straight out of the box.
What else did you want?
This could also be the start of a push to using ARM chips in Macs. It's not like Apple are scared of changing horses half way through the race having switched from M68k to PPC to x86 to x64 and then with 32-bit and 64-bit ARM cores running the same OS kernel on mobile devices.
The latest Apple A-series chips in the iPhone 8 and X also seem to hold their own in benchmarks against the x86 processors used in (the admittedly outdated hardware in) the MacBook Air and the (not quite as outdated) MacBook.
Isn't this more like an ARM A10 powered iMac Pro with an Intel x86 coprocessor for running existing legacy code on?
The ARM handles booting up the machine and a lot of the security controls.
But they are active even if you are not using it. They sit listening on the first Ethernet port and will even grab a DHCP address. Given the access they have, and the inability to turn them off, if they can get exploited there is nothing you can do.
Moving your connection too another NIC can stop it from communicating, but it is still active and waiting.
I don't know about this - I've got a PC with a 7-series (Kaby Lake) intel CPU. I'm using onboard Ethernet. I've checked my DHCP leases and there are no unknown devices requesting an IP on my network.
The smaller the percentage of a work used, the more likely it is to fall under fair use provisions. As a rule of thumb, the use of up to 10% of a work us usually considered fair use (depending, of course, on the context in which it's used).
Using a single still frame from a motion picture is a fraction of a percent and is highly unlikely to be prosecuted as copyright infringement.
There's this pesky little thing called "fair use"
https://fairuse.stanford.edu/o...
https://en.wikipedia.org/wiki/...
Yeah, everyone except for the conspiracy theorists who think it was landed on a remote jungle island or flown under the radar to some particular country, or abducted by aliens or... etc.
Hey! Less ports just means there's less vectors for something bad to get into your computer. Right? ^_^
Are you on drugs?
.. .DS_Store .SiriTodayViewExtension
[kai@blackmac ~]$ cd ~/Library/Group\ Containers/
[kai@blackmac ~/Library/Group Containers]$ ls -1a
.
2BUA8C4S2C.com.agilebits
68MH8658M5.com.getharvest.Harvest.Documents
8HSTZV64A5.com.acqualia.soulver
Adobe-Hub-App
DPA6233TPQ.com.macphun.aurorahdr
DPA6233TPQ.com.macphun.aurorahdrPro
G69SCX94XU.duck
N66CZ3Y3BX.com.twitter.twitter-mac.today-group
TKTL7FHMW5.com.coppertino
UBF8T346G9.Office
UBF8T346G9.OfficeOsfWebHost
UBF8T346G9.OneDriveSyncClientSuite
UBF8T346G9.ms
XXKJ396S2Y.123D-3DPrintReadyAppsSuite
com.adobe.accmac.explinder
com.apple.InputMethodKit.TextReplacementService
com.apple.MessagesLegacyTransferArchive
com.apple.Preview
com.apple.PreviewLegacySignaturesConversion
com.codeux.apps.textual
com.getdropbox.dropbox.garcon
group.com.apple.notes
[kai@blackmac ~/Library/Group Containers]$
Now, tell me, what am I not seeing that is actually there but somehow hidden from ls?
You can enable/disable Mobile Data on a per-app basis in iOS - go to Settings > App Name and you can turn on/off Mobile Data for any apps that have registered as using mobile data on your device.
re: big corps that use unpublished APIs, this used to be the case, but Apple have cracked down on it significantly. There are a number of apps that are permitted to run in the background, Facebook is not one of them, however Facebook "accidentally" registered their app as a media player and they'd play a silent mp3 in the background to get around iOS trying to freeze the app when it wasn't in use. Apple had a quiet chat to Facebook and this has apparently stopped.
As far as I know, if you force-quit an App, it has no way to re-launch itself in the background and start using data again.
Two orders of magnitude actually.
24 hours × 365 days × 100 Watts = 876,000 Watt-hours = 876 kW/h
876 kW/h at $0.12c per kW/h is $105.12 per year.
Think about your annual power bill - if it cost $1,000 to run a 100W globe for a year, we'd all be sitting around in the dark.
In a house with, say, 10 light globes running them each for 8 hours per day, your power bill for lighting alone would be over $3,000
Wait... you actually use an email address at the domain as the contact email for the domain? Yikes.
Or do you mean that you can change the email on the domain? Because that may or may not be true, depending on whether you crack the account of the admin contact, the tech contact, or the billing contact.
Some CAs will only do email verification to a subset of defined email addresses at the domain in question - e.g. hostmaster@example.com, postmaster@example.com etc.
Although I've seen it myself, I simply fail to understand how people can continue to give out the wrong email address after being notified it's not their email. What do they hope to gain? That by giving it out that it will magically somehow become theirs?
It's not like they see a single email sent to that address, so it seems to me like it defeats the whole purpose...
I know someone who signed up for Apple's Mobile Me (before it became iCloud) with firstname@me.com - even though she has 2FA on, she has to deal with having her account locked 2-3 times per week as someone else decides that it must be their email address and tries to guess the password too many times, thereby locking the account.
She has a long and complex password on the account and has two-factor authentication, but Apple can't do anything about the literal DOS on her account of frequently having people lock the account after incorrectly guessing the password too many times.
It's really frustrating, but as she's been using the account for so long now, with so many services linked to that email address, she doesn't want to change - plus that would be like admitting defeat...
I am continually amazed at how so many people (or maybe it's just the same person every time?) don't know their own email address - or maybe they think that they deserve the account more than the actual owner, so keep trying to guess in the hope that they'll get in one day.