2 years ago I got an Android phone on my own (not through my Operator). I called them to add 'data' to my plan and they wanted to know if it was an iPhone or an Android as they had 2 different plans. They were the same price so I investigated a bit. It turns out that they block http requests if the referrer field doesn't contain 'Android'. Like that's gonna stop me from using the phone as a 3G hotspot for the rest of the bus, right.
Not unusual. In North America, providers often provide data plans that vary by device. Here you can have Blackberry plans, "dumbphone" data plans, smartphone data plans, and hotspot dataplans (and those can come in regular and "vpn" variants).
Basically the gateway differs and they offer differeing levels of access. Blackberry obviously offers access to various Blackberry services and gateway access for apps. Dumbphone plans offer WAP access that's usually proxied and cached locally.
Smartphone plans normally offer HTTP(S) access, firewalled, NAT'ed, transparent proxies with recompression, etc. Laptop data plans typically are just NAT'ed out, with the VPN service offering a real live IP address without firewalling.
As an adjunct, the "tethering" modes of operation typically involve the modem telling the carrier that it's gone into modem operation - CDMA carriers like Sprint and Verizon know when you do this, and maybe some GSM ones. (The claimed reason is to offer you a real "pipe" but it's really for billing you extra even though they sometimes do take down some of the intervention)
The "fake proxy" utilities are invisible though as they rely on the phone itself to establish the connection as a proxy server. Hotspot utliities vary - the userlevel ones tend to use the existing data facilities, while the others use a real tethering solution that gets rid of the restrictions.
It's one reason why carriers charge extra fees for "tethering" and "hotspot" functionality. And they can tell. If you use your phone's data connection (which for most purposes of web surfing you don't care about downscaled images and the like) they can't tell the difference without traffic analysis, but enable real tethering they can (as it often uses a different gateway).
It's a nasty system and leaves many people wondering what they are paying for...
I wonder why that battery operated handheld TV receiver I had in the 90s doesn't count as a portable media device.
Because the only media it can play is... static? After all, you'll only get Canadian TV now. You could always hook it to a converter box I suppose, but that won't make it very portable now, will it?
Any thoughts on HTTPS only for the login page, or for all pages?
You can just steal the session cookie after login, so just doing the login page is almost useless. It prevents the attacker from learning the password and re-entering the system, but a) he can change the password and b) there is no reason he wouldn't get the job done within one session.
And that's what FireSheep does. If it can't steal login credentials, it steals session cookies (which will be sent in the clear). Most sites already do the whole "HTTPS for login" thing.
Now, session cookies can be time limited (but the server will have to enforce it), but again, there's no guarantees the attacker can't do what they need to do in one session.
The only real way to prevent session hijacking would be to logout of the site when done, but that just means the attacker has less time to do their deed since the session cookie is still valid for the duration.
Perhaps an option is to have session cookies change every use, and if someone uses an old cookie then a warning is shown that they need to log in again. An attacker has to be fast enough to use that cookie and the user clueless enough to keep entering their password. On the same IP, if it happens multiple times, then the account can be temporarily locked out...
On the other hand, at least Android users (flash is also vulnerable there) don't have to wait for their carriers to decide when they can update their flash runtime. I assume you can just update it right there from the marketplace.
Not sure about those Androids that ship with flash though - maybe they might be stuck?
iPhone and Windows Phone 7 don't even allow GPL'd software, so good luck with that.
Actually, GPLv3 software is unfortunately completely incompatible with the App Store model (it's in the GPLv3 terms). Microsoft explicitly calls out the GPLv3 in the agreement because it is fundamentally (and intentionally) incompatible.
The GPLv2 license is subject to interpretation. There's lots of GPLv2'd software in the Apple App Store.
The FSF case on GNU Chess (or Go?) was simple and succint, so Apple took it down promptly - I think it also helped that it was probably GPLv3. The VLC one took a few months while the devs bickered amongst themselves until Apple finally gave up and removed it. Funny enough, VLC hasn't seemed to make it on the Cydia app store, which is "open" but oh well.
And please make the distinction between GPLv2 and GPLv3 - they are two different (potentially incompatible) licenses - there are things you can do in GPLv2 you can't do in GPLv3. Whether or not those GPLv3 restrictions make it incompatible with GPLv2-only is up for debate (are they restrictions? Or closing loopholes?). No longer does GPL by itself make any sense - and it just serves to muddle the waters because there's still a lot of GPLv2 software out there and a growing set of GPLv3, and obligations are different.
Does it matter? Do we judge fairness by the lowest common denominator? The fact is that Apple was still happily signing people up for two year contacts with AT&T on brand freaking new iPhone 3Gs until last June. Now, it's ok that people who are contractually obligated to pay for service for the next 14+ months be left vulnerable to attack?
First, you're confusing the 3G and 3Gs. They are two different models of phones
The original iPhone was released in July 2007 (announced January/February 2007). The iPhone 3G, July 2008. iPhone 3GS was July 2009, and iPhone 4 (the 4 is "4th generation" of iPhone, because it follows iPhone, iPhone 3G, iPhone 3Gs) in July 2010. iPhone 5 will be July 2011 barring anything major.
The iPhone 3G, which got the ill-conceived 4.0 and 4.1 updates that made it slower than molasses, will NOT be getting the 4.3 update. The iPhone 3Gs, meanwhile does have 4.3.
iPhone 3G is the same as the original iPhone, except it has a 3G modem in place of the 2G one. The iPhone 3GS upgraded the CPU with a 50% faster one (600MHz, up from 400MHz), a move from ARM11 to Cortex A8 (ARMv6 to ARMv7), and doubled the RAM from 128MB to 256MB. Hence the "S" for "Speed" - it was quite a bit faster over the 3G.
Incidentally, RAM issues and RAM management are one of the primary suspects in the reason why 4.0 sucks on the iPhone 3G, and why 4.x runs decently well on the iPhone 3GS.
The big issue is right now Apple still sells the 3GS as a low-end iPhone - how long will support last for it is a big unknown.
AACS was adopted on both formats. HD-DVD had the restriction against HD playback on component video connections turned on for some discs before the format war was over, Blu-Ray only recently activated the flag. Perhaps you would expand on what the difference in DRM between the two formats. I had always favored HD-DVD technically, but I am not familiar with its advantage in this area.
AACS is a MANDATORY feature on Blu-Ray - all commercial pressed discs must have an AACS key. HD-DVD supports optional AACS encryption. This means an indie filmmaker wanting to release high-def videos must either opt for the lame BDAV profile, or pay $5000 for an AACS key to even get through the front door to mastering a BDMV (regular movie BD you get in the store) disc.
Additionally, HD-DVD eliminated all region codes, Blu-Ray simplifies things into 3 regions, but they're still region coded. This has resulted in people importing HD-DVDs before the movie has even hit the local theatre.
Blu-Ray also has several other measures, including ROM-Mark that fingerprints the disc and the factory, as well as the BD+ protection.
Alas, one of the problems was that HD-DVD was a bit too consumer friendly - content makers want to lock things up tight, so they started going Blu-Ray.
The GPL does not allow additional restrictions to be added to compliant software (for example, a requirement that you contact the software author and ask for permission before you can modify and load modified code, would make the software GPL-incompatible).
FALSE.
The GPLv3 states that. GPLv2 only states that you make the source code available.
It's called TiVoization after TiVo, Inc., did that by releasing full source code to the LInux they run, but you cannot run anything you built from that code on an unmodified TiVo.
It's also why there's so many GPLv3 licenses available, Affero being the one used for web services because anyone can take a GPLv2 source code, modify it up the wazoo, and stick it running on a webserver, without having to distribute source code at all. Affero requires that simply offering the software output forces release of the source code, so web services use this so changes can be released.
GPLv3 came about because of web services, TiVoization, etc. Heck, GPLv2 is compatible with many app stores, though preferably a means of including the source with the file would be best, otherwise you'd have the same issues that all app stores have (Android, iOS, Windows Phone, Ovi, etc) - they don't distribute the source at all with the binary (this may or may not be a problem, depending on how you interpret the store).
In fact, TFS is wrong as well - Microsoft explicitly bans GPLv3, not GPLv2. The two licenses are not compatible (GPLv2+ can be used in GPLv3, but GPLv2 cannot be used with GPLv3 because v3 adds possible "restrictions" to use of the GPLv2 code) with each other, and the GPLv3 is not simply an upgrade to GPLv2. The only real similarities they have are "GPL" and the need to share source code.
GPLv3 is incompatible with Microsoft's and Apple's app store model, as it would be with say, Amazon's Android marketplace as well.
After obtaining a service manual for my AV Receiver, firmware updates are done by using a CD player with digital out, and hooking it to the TOSlink input on the front.
Put it in a special service mode, put a specially burned CD in the CD player, and hit play. The AV receiver grabs the firmware update information off the digital input.
Presumably there's safeguards to ensure that the firmware is transferred correctly, as well as various sync signals to ensure that if you accidentally seeked at the beginning or the player skipped it would be detected.
Probably not a simple modulated audio stream since that'll be quite slow.
As an active apple/iTunes purchaser and one of others I know. No one I know or have any connection to has heard of this happening. Oh, and how is a compromised iTunes account and buying apps any way helpful or useful? (no really, are the apps DRMed as the music? Can you swap and share apps?)
First of all, they compromise your iTunes account, which can be done either by keyloggers, or just using the same old email/password combination that they got by compromising another site.
The reason they do this is in the hopes the account has money in it or a linked card. They then buy certain apps in order to push the ranking of the app higher (especially with the ebooks) in the hopes others will buy those same apps.
Another reason is shady devs trying to make a quick buy by buying their app multiple times using dozens of accounts - basically a way to make some money 70% of price at a time. They often then go and put in high-priced in-app purchases so they don't have to keep getting new accounts - just make the new purchases and get easily $70 per "purchase" or more.
The last reason is why this dev is complaining - a simple way to purchase some fungible item in-app, pass that item to some big player who then sells it for real money. Basically gold farming except instead of manually doing some quest, it's get iTunes account, purchase a virtual item via in-app purchases, transfer that item to a master character who represents the farmer.
Don't worry Anrdoid owners - it's coming to Android soon as well. It could be something as simple as clickfraud given most android apps are free.
They advertised unlimited internet, and they are delivering unlimited internet.
Remember, "throttling" is *not* the same as "capping".
Almost certainly they do not advertise "unlimited" internet at specific speeds but rather the possibility of "up to" some speed.
The key here is to *know* what you are buying, and not make *assumptions*.
Going by TFS, they advertised they don't have upload or download limits, AND that they don't throttle. In fact, they make that claim twice - explicitly and implied when they compare themserlves to the competition.
From TFS: (because it's been removed from the site)
Usage is unlimited â" believe it. You can upload, download, and surf as much as you want for one low price with any of the CLEAR Internet plans. We don't slow down your connection â" the way some Internet providers do â" if we think you are using too much bandwidth
(Emphasis mine).
So they claim truly unlimited uploads and downloads, plus no throttling at all even if they think you're using too much. Unlike some other ISPs.
Why weren't these codes completely random? Why don't they have a database of valid and used codes, where codes only get inserted when they're printed on cards that are then shipped to stores? Perhaps most importantly, why would you EVER have a public web-accessible interface to generate codes on the fly?
You're confusing this article and the prepaid points cards. First, they were 160 points at a time. No prepaid card comes with such little points - I think the smallest I've every seen was 400 as part of some pack.
160 is $2 US. This sounds more like the website was for some points promo thing - do X, get 160 points free. What happened then was people figured out how to get 160 points without doing X, and with enough hackery, figure out the algorithm behind it.
I'm fairly certain Microsoft doesn't blanket enable all codes - when you redeem them, the backend checks to see what the code is for and if it's been issued. Problem is, if you have the algorithm, you just have to wait for someone to activate your code and use it before they do.
And we do know Microsoft does have a database of codes - you can't redeem a code twice, for example, and since the keys are the same as the CD-keys you get with other Microsoft software, they probably do check to make sure the code is issued first (of course, there's often lag between when the code is issued and when the code is used).
It has happened before - various websites do offer points from time to time and they're usually hammered quite hard and out of codes within a minute or two. This one was probably a longer promo...
Also as far as I know you can buy linux on laptops from Dell as well.
...and a sh!tload of internet connected appliances such as routers, mediatanks, blueray players and even TV's.
You forget, this is Pwn2Own. The winner gets to keep the hardware they pwned.
Even if you put up a pile of vulnerable blu-ray players and crappy dell laptops and such, they still won't go quickly because who cares about them?
You have a super-sweet MacBook Pro sitting there, so obviously most people desire that nice piece of hardware.
Hell, Pwn2Own will be far more interesting if they ran all the OSes on the same hardware - all MacBook Pros, rather than a really desirable laptop and two OK laptops.
Goes to show that even geeks care about formfactor and design despite Slashdot's objections.
(first order correction for the weight of the pip cutouts).
Any good game store will sell casino-quality dice that don't need pip cutout compensation because they're evenly weighted (the pips are filled in). They usually come in pairs - the pips of one filled by plastic of the other color. They're also sharp edged (casinos replace them when the edge wears down),
Speciality gaming stores will also sell calibrated dice which are not only filled in, but are weighed and their center of mass / center of gravity verified. Maybe even squareness, too.
he mistakenly believed it wouldn't be a permitted exploit for the competition.
Perhaps then he should perceive and do what he would have done if it was not permitted anyways.
Go find another vulnerability, develop an exploit for it, and earn that $15k.
Otherwise, consider his mistake a $15,000 lesson.
More like $15k lesson. I'm not sure if Pwn2Own can really be considered a "white hat" activity - CanSecWest is a white-hat convention for security professionals, yes, but given the way people act for Pwn2Own, it's like they suddenly see the money and turn into black-hats.
After all, they openly admit sitting on bugs for *years* so they can try to win that new shiny MacBook Pro (I'm not sure what fancy machine they use for Windows/Linux...) during Pwn2Own. (Of course, competition is fierce for the MacBooks because it's the nicest machine there, so it always falls first then all the "losers" focus on the runner up prizes of not-so-nice machines).
Sure they risk someone else finding the bugs and reporting it, but if the prize is $15k and a $2k computer, it sure beats reporting it and getting whatever paltry sum they can get.
It's both good and bad, I suppose - companies like Apple can't rely strictly on reports but should proactively search for bugs, but on the flip side, sitting on bugs for years so you can pull it out to try for Pwn2Own doesn't rub me the right way either.
Unlike the iPhone/iTouch/iPad which now require that all subscriptions(eg. Kindle, Netflix) be taxed 30%? Yeah right.
It's not all subscriptions. It's more of a referral fee. And it's also more of avoiding back-dooring Apple as well - offer your app for free, but pay $50 on our website to access full features!
Remember, if the user subscribes through Apple's service, Apple dings the 30%. If the user subscribes through the provider's site, provider gets 100%. And a service like Netflix - are you really going to create an account on the iPhone? Or would you use Netflix at home first, and have it on your iPhone/iPad as more of a convenience option?
Of course, for publishers it's a raw deal. I mean, no marketing information to spam clients with and a 30% ding. At least if they subscribe through the publisher's site you get billing addresses (very valuable0, a phone numbe,r a name, all of which people pay good money for direct marketing. Use Google and you lose 10%, but you get a verified e-mail address with "pre-existing relationship". And it's probably linked to their Android account as well, for extra goodness.
But Apple? 30% loss, PLUS no marketing information. Not even an email address, unless you can convince the user to ante up.
The PS2 was released March 2000. The PS3 November 2006. If the XBOX team hasn't started yet, I'm surprised.
They probably have, but are still debating what it should do. Each console generation usually brings forth some major thing - vastly increased processing power, better graphics, etc. Xbox360/PS3 brought high-def to the market, PS2/Xbox brought better SD graphics.
What will the next-gen do? Even better graphics? There are dimishing returns here, and Nintendo has also shown there's a huge untapped market of non-gamers, hence Kinect and Move.
And we know the PS4 isn't ready yet given how Sony's gone all apeshit after the PS3 was cracked open, otherwise they'd basically stop all PS3 licenses and announce the PS4 is ready.
What should the next-gen console bring to the table? About the only thing right now is 3D - yet do people really want to spend hours playing with 3D glasses on? Without the hook, all you can do is throw more computing power in it and hope the graphics are so much better that people will notice the difference and upgrade.
Yeah this is really interesting. Especially because Apple are known for overpricing things. Does anyone else sort of get the feeling that they are losing money on the sales and making it back in app store? If they were doing that - it's a completely different to their usual strategy.
Perhaps, but not really. The iPad is considered to be Apple's lowest-margin product, but we're still talking about margins around 30-40% instead of Apple's more nominal 50%.
App store revenue is risky - if you buy 1 99 cent app a week, Apple doesn't make very much, especially after credit card fees, which can easily be 20-30 cents per transaction PLUS another 2-5% off the top. And nevermind the cost of the servers and all the free apps that Apple hosts for free. It's one reason why Apple charges your card at most once a week.
A good estimate would be iTunes makes Apple some money, but they make more selling people a new iPod than a pile of apps/music/movies/etc. Considering Apple really uses it as a way to sell hardware, any profit they make (however little) is just gravy, but it isn't a real profit center.
DVD region codes were meant to keep you from watching a movie that was unreleased in your territory (OH NOES!), not to charge poor people less.
Heck, it was one of the nails in the HD-DVD coffin during the HD-DVD/Blu-Ray battle. Theatres in other countries were suddenly finding less customers because it was cheaper and better to just import the HD-DVD that go to the theatre, OR the movie wasn't out in theatres yet!
So yes, there was that effect. Sony came out ablazing with "We haz region codes!" and thus ended one of the least DRM'd media around. (They also had "We haz multilayer DRM!" and the like, too. HD-DVD only had AACS to "protect", which was strictly optional so you could have DRM-free/encryption-free HD-DVDs as well).
Use a different marketplace, download.apk's directly from the net
Have you ever tried it? Very, very, very few apk's are actually available outside the marketplace. And alternative marketplaces are just as dismal. I've tried GetJar, SlideMe and APKtor. You'd be hard-pressed to find any that have more than around 10,000 apps. Especially places like GetJar and SlideMe.
Face it, the only way to get apps outside the Marketplace is... pirating via BitTorrent. Most devs only stick with the official Google Marketplace because it's easy.
And this whole "alternative marketplace" thing doesn't work when you don't know if the one you're using is legit. Ever hear of the Android botnets being spread in China? Mostly because of alternative marketplaces? "Stick to the official marketplace" only works when you can get it. I'm sure in China there's probably many phones running AOSP.
So, either Google Marketplace, piracy, or questionable marketplaces.
And no, you can't download APK's from Google Marketplace yourself. You have to use your phone, then use a file manager to copy it to your PC. And root if you want to copy "protected" apps.
I still fear that Apple will start to boil the OS X frog. They have code signing and an app store in place. They have a warning dialog if you try to run software downloaded from anywhere else. They're clearly repositioning OS X server versus the regular version in Lion. My fear is that the regular version of Lion (or perhaps the version after it) will have lock-in, and you'll have to buy a $500 pro version with the server stuff in order to get an open Mac. If that happens, I'll shed a tear and jump ship to Linux.
Apple can't lock down MacOS X even if they wanted to.
First, how do you develop apps for it? iOS can be locked down because it never has to run an unsigned application. The only way it can run an unsigned app is via a signed "mobileprovisioning" file that tells you a certain app can be unsigned, but only that app. This is so devs can beta-test their apps on real hardware. But for development purposes, the app can run under the simulator with a simple download of the SDK.
Now, how do you propose Apple do this for regular apps? Does it mean every time you run the compiler, you have to sign the app in order to run it? There's no simulator to run because you're developing on the target hardware. You can try a VM, but it seems unless the VM does all the hardware bits, it won't work.
Next issue, how does Apple keep a user from running these apps? If the dev can run the app, so can the user. If you expect the compiler to use a per-machine key so apps can only run "unsigned" on the computer that compiled it, the FSF will be all over OS X - an OS that enforces open-source distribution because you have to compile the app on your computer.
Finally, how does Apple prevent jailbreaking? On iOS devices, the interfaces to jailbreak are limited. On a Mac... let's see, you can take out the hard drive and edit it on a PC, you can use Target Disk Mode, you can use Boot Camp and a Windows/Linux install to modify the disk... The only way Apple can prevent this is use non-standard hardware (the Airs are closest, but it's still SATA, so someone can build an adapter), disable Target Disk Mode (one of the best recovery options available), and basically build the entire computer sealed with no ports or anything, to which no one would buy.
In short - it's going to be really hard to lock down OS X. And everything Apple's done has been undone - see the hackintoshes you can get. Hell, you can run OS X under VirtualBox and VMWare these days. And this is the latest Snow Leopard, too.
The only machine I have running IE6 is my Windows 2000 machine. Even when Windows 2000 was still supported I kept getting pleas to upgrade.
So I clicked "Upgrade" only to be met with "Your operating system is not supported". You'd think Microsoft would've been able to figure that out when it offered me a chance to upgrade...
Now that Windows 2000 has fallen out of support, there's no upgrade for it. Though, I don't use IE6 on it at all... (Firefox 3.5)
I meant, if you're running Android and having to do all sorts of tricks to save power, you might as well just save the complexity and use an ARM processor anyhow...
Not unusual. In North America, providers often provide data plans that vary by device. Here you can have Blackberry plans, "dumbphone" data plans, smartphone data plans, and hotspot dataplans (and those can come in regular and "vpn" variants).
Basically the gateway differs and they offer differeing levels of access. Blackberry obviously offers access to various Blackberry services and gateway access for apps. Dumbphone plans offer WAP access that's usually proxied and cached locally.
Smartphone plans normally offer HTTP(S) access, firewalled, NAT'ed, transparent proxies with recompression, etc. Laptop data plans typically are just NAT'ed out, with the VPN service offering a real live IP address without firewalling.
As an adjunct, the "tethering" modes of operation typically involve the modem telling the carrier that it's gone into modem operation - CDMA carriers like Sprint and Verizon know when you do this, and maybe some GSM ones. (The claimed reason is to offer you a real "pipe" but it's really for billing you extra even though they sometimes do take down some of the intervention)
The "fake proxy" utilities are invisible though as they rely on the phone itself to establish the connection as a proxy server. Hotspot utliities vary - the userlevel ones tend to use the existing data facilities, while the others use a real tethering solution that gets rid of the restrictions.
It's one reason why carriers charge extra fees for "tethering" and "hotspot" functionality. And they can tell. If you use your phone's data connection (which for most purposes of web surfing you don't care about downscaled images and the like) they can't tell the difference without traffic analysis, but enable real tethering they can (as it often uses a different gateway).
It's a nasty system and leaves many people wondering what they are paying for...
Because the only media it can play is... static? After all, you'll only get Canadian TV now. You could always hook it to a converter box I suppose, but that won't make it very portable now, will it?
And that's what FireSheep does. If it can't steal login credentials, it steals session cookies (which will be sent in the clear). Most sites already do the whole "HTTPS for login" thing.
Now, session cookies can be time limited (but the server will have to enforce it), but again, there's no guarantees the attacker can't do what they need to do in one session.
The only real way to prevent session hijacking would be to logout of the site when done, but that just means the attacker has less time to do their deed since the session cookie is still valid for the duration.
Perhaps an option is to have session cookies change every use, and if someone uses an old cookie then a warning is shown that they need to log in again. An attacker has to be fast enough to use that cookie and the user clueless enough to keep entering their password. On the same IP, if it happens multiple times, then the account can be temporarily locked out...
On the other hand, at least Android users (flash is also vulnerable there) don't have to wait for their carriers to decide when they can update their flash runtime. I assume you can just update it right there from the marketplace.
Not sure about those Androids that ship with flash though - maybe they might be stuck?
Actually, GPLv3 software is unfortunately completely incompatible with the App Store model (it's in the GPLv3 terms). Microsoft explicitly calls out the GPLv3 in the agreement because it is fundamentally (and intentionally) incompatible.
The GPLv2 license is subject to interpretation. There's lots of GPLv2'd software in the Apple App Store.
The FSF case on GNU Chess (or Go?) was simple and succint, so Apple took it down promptly - I think it also helped that it was probably GPLv3. The VLC one took a few months while the devs bickered amongst themselves until Apple finally gave up and removed it. Funny enough, VLC hasn't seemed to make it on the Cydia app store, which is "open" but oh well.
And please make the distinction between GPLv2 and GPLv3 - they are two different (potentially incompatible) licenses - there are things you can do in GPLv2 you can't do in GPLv3. Whether or not those GPLv3 restrictions make it incompatible with GPLv2-only is up for debate (are they restrictions? Or closing loopholes?). No longer does GPL by itself make any sense - and it just serves to muddle the waters because there's still a lot of GPLv2 software out there and a growing set of GPLv3, and obligations are different.
First, you're confusing the 3G and 3Gs. They are two different models of phones
The original iPhone was released in July 2007 (announced January/February 2007). The iPhone 3G, July 2008. iPhone 3GS was July 2009, and iPhone 4 (the 4 is "4th generation" of iPhone, because it follows iPhone, iPhone 3G, iPhone 3Gs) in July 2010. iPhone 5 will be July 2011 barring anything major.
The iPhone 3G, which got the ill-conceived 4.0 and 4.1 updates that made it slower than molasses, will NOT be getting the 4.3 update. The iPhone 3Gs, meanwhile does have 4.3.
iPhone 3G is the same as the original iPhone, except it has a 3G modem in place of the 2G one. The iPhone 3GS upgraded the CPU with a 50% faster one (600MHz, up from 400MHz), a move from ARM11 to Cortex A8 (ARMv6 to ARMv7), and doubled the RAM from 128MB to 256MB. Hence the "S" for "Speed" - it was quite a bit faster over the 3G.
Incidentally, RAM issues and RAM management are one of the primary suspects in the reason why 4.0 sucks on the iPhone 3G, and why 4.x runs decently well on the iPhone 3GS.
The big issue is right now Apple still sells the 3GS as a low-end iPhone - how long will support last for it is a big unknown.
AACS is a MANDATORY feature on Blu-Ray - all commercial pressed discs must have an AACS key. HD-DVD supports optional AACS encryption. This means an indie filmmaker wanting to release high-def videos must either opt for the lame BDAV profile, or pay $5000 for an AACS key to even get through the front door to mastering a BDMV (regular movie BD you get in the store) disc.
Additionally, HD-DVD eliminated all region codes, Blu-Ray simplifies things into 3 regions, but they're still region coded. This has resulted in people importing HD-DVDs before the movie has even hit the local theatre.
Blu-Ray also has several other measures, including ROM-Mark that fingerprints the disc and the factory, as well as the BD+ protection.
Alas, one of the problems was that HD-DVD was a bit too consumer friendly - content makers want to lock things up tight, so they started going Blu-Ray.
FALSE.
The GPLv3 states that. GPLv2 only states that you make the source code available.
It's called TiVoization after TiVo, Inc., did that by releasing full source code to the LInux they run, but you cannot run anything you built from that code on an unmodified TiVo.
It's also why there's so many GPLv3 licenses available, Affero being the one used for web services because anyone can take a GPLv2 source code, modify it up the wazoo, and stick it running on a webserver, without having to distribute source code at all. Affero requires that simply offering the software output forces release of the source code, so web services use this so changes can be released.
GPLv3 came about because of web services, TiVoization, etc. Heck, GPLv2 is compatible with many app stores, though preferably a means of including the source with the file would be best, otherwise you'd have the same issues that all app stores have (Android, iOS, Windows Phone, Ovi, etc) - they don't distribute the source at all with the binary (this may or may not be a problem, depending on how you interpret the store).
In fact, TFS is wrong as well - Microsoft explicitly bans GPLv3, not GPLv2. The two licenses are not compatible (GPLv2+ can be used in GPLv3, but GPLv2 cannot be used with GPLv3 because v3 adds possible "restrictions" to use of the GPLv2 code) with each other, and the GPLv3 is not simply an upgrade to GPLv2. The only real similarities they have are "GPL" and the need to share source code.
GPLv3 is incompatible with Microsoft's and Apple's app store model, as it would be with say, Amazon's Android marketplace as well.
After obtaining a service manual for my AV Receiver, firmware updates are done by using a CD player with digital out, and hooking it to the TOSlink input on the front.
Put it in a special service mode, put a specially burned CD in the CD player, and hit play. The AV receiver grabs the firmware update information off the digital input.
Presumably there's safeguards to ensure that the firmware is transferred correctly, as well as various sync signals to ensure that if you accidentally seeked at the beginning or the player skipped it would be detected.
Probably not a simple modulated audio stream since that'll be quite slow.
First of all, they compromise your iTunes account, which can be done either by keyloggers, or just using the same old email/password combination that they got by compromising another site.
The reason they do this is in the hopes the account has money in it or a linked card. They then buy certain apps in order to push the ranking of the app higher (especially with the ebooks) in the hopes others will buy those same apps.
Another reason is shady devs trying to make a quick buy by buying their app multiple times using dozens of accounts - basically a way to make some money 70% of price at a time. They often then go and put in high-priced in-app purchases so they don't have to keep getting new accounts - just make the new purchases and get easily $70 per "purchase" or more.
The last reason is why this dev is complaining - a simple way to purchase some fungible item in-app, pass that item to some big player who then sells it for real money. Basically gold farming except instead of manually doing some quest, it's get iTunes account, purchase a virtual item via in-app purchases, transfer that item to a master character who represents the farmer.
Don't worry Anrdoid owners - it's coming to Android soon as well. It could be something as simple as clickfraud given most android apps are free.
Going by TFS, they advertised they don't have upload or download limits, AND that they don't throttle. In fact, they make that claim twice - explicitly and implied when they compare themserlves to the competition.
From TFS: (because it's been removed from the site)
(Emphasis mine).
So they claim truly unlimited uploads and downloads, plus no throttling at all even if they think you're using too much. Unlike some other ISPs.
They advertised truly unlimited service.
You're confusing this article and the prepaid points cards. First, they were 160 points at a time. No prepaid card comes with such little points - I think the smallest I've every seen was 400 as part of some pack.
160 is $2 US. This sounds more like the website was for some points promo thing - do X, get 160 points free. What happened then was people figured out how to get 160 points without doing X, and with enough hackery, figure out the algorithm behind it.
I'm fairly certain Microsoft doesn't blanket enable all codes - when you redeem them, the backend checks to see what the code is for and if it's been issued. Problem is, if you have the algorithm, you just have to wait for someone to activate your code and use it before they do.
And we do know Microsoft does have a database of codes - you can't redeem a code twice, for example, and since the keys are the same as the CD-keys you get with other Microsoft software, they probably do check to make sure the code is issued first (of course, there's often lag between when the code is issued and when the code is used).
It has happened before - various websites do offer points from time to time and they're usually hammered quite hard and out of codes within a minute or two. This one was probably a longer promo...
You forget, this is Pwn2Own. The winner gets to keep the hardware they pwned.
Even if you put up a pile of vulnerable blu-ray players and crappy dell laptops and such, they still won't go quickly because who cares about them?
You have a super-sweet MacBook Pro sitting there, so obviously most people desire that nice piece of hardware.
Hell, Pwn2Own will be far more interesting if they ran all the OSes on the same hardware - all MacBook Pros, rather than a really desirable laptop and two OK laptops.
Goes to show that even geeks care about formfactor and design despite Slashdot's objections.
Microsoft has one too that basically crippled their email for a few days - Bedlam DL3 they call it.
http://msexchangeteam.com/archive/2004/04/08/109626.aspx
It didn't help that Exchange had a bug in it that made things even worse.
Any good game store will sell casino-quality dice that don't need pip cutout compensation because they're evenly weighted (the pips are filled in). They usually come in pairs - the pips of one filled by plastic of the other color. They're also sharp edged (casinos replace them when the edge wears down),
Speciality gaming stores will also sell calibrated dice which are not only filled in, but are weighed and their center of mass / center of gravity verified. Maybe even squareness, too.
<videogame>It's POWERED armor!</videogame>
Ye olde power-assisted armor trick for videogames - always a nice way to explain away all the excessive weight and such.
Of course, the dynamics change a lot in non-intuitive ways because unfortunately, *mass* is still there...
More like $15k lesson. I'm not sure if Pwn2Own can really be considered a "white hat" activity - CanSecWest is a white-hat convention for security professionals, yes, but given the way people act for Pwn2Own, it's like they suddenly see the money and turn into black-hats.
After all, they openly admit sitting on bugs for *years* so they can try to win that new shiny MacBook Pro (I'm not sure what fancy machine they use for Windows/Linux...) during Pwn2Own. (Of course, competition is fierce for the MacBooks because it's the nicest machine there, so it always falls first then all the "losers" focus on the runner up prizes of not-so-nice machines).
Sure they risk someone else finding the bugs and reporting it, but if the prize is $15k and a $2k computer, it sure beats reporting it and getting whatever paltry sum they can get.
It's both good and bad, I suppose - companies like Apple can't rely strictly on reports but should proactively search for bugs, but on the flip side, sitting on bugs for years so you can pull it out to try for Pwn2Own doesn't rub me the right way either.
It's not all subscriptions. It's more of a referral fee. And it's also more of avoiding back-dooring Apple as well - offer your app for free, but pay $50 on our website to access full features!
Remember, if the user subscribes through Apple's service, Apple dings the 30%. If the user subscribes through the provider's site, provider gets 100%. And a service like Netflix - are you really going to create an account on the iPhone? Or would you use Netflix at home first, and have it on your iPhone/iPad as more of a convenience option?
Of course, for publishers it's a raw deal. I mean, no marketing information to spam clients with and a 30% ding. At least if they subscribe through the publisher's site you get billing addresses (very valuable0, a phone numbe,r a name, all of which people pay good money for direct marketing. Use Google and you lose 10%, but you get a verified e-mail address with "pre-existing relationship". And it's probably linked to their Android account as well, for extra goodness.
But Apple? 30% loss, PLUS no marketing information. Not even an email address, unless you can convince the user to ante up.
They probably have, but are still debating what it should do. Each console generation usually brings forth some major thing - vastly increased processing power, better graphics, etc. Xbox360/PS3 brought high-def to the market, PS2/Xbox brought better SD graphics.
What will the next-gen do? Even better graphics? There are dimishing returns here, and Nintendo has also shown there's a huge untapped market of non-gamers, hence Kinect and Move.
And we know the PS4 isn't ready yet given how Sony's gone all apeshit after the PS3 was cracked open, otherwise they'd basically stop all PS3 licenses and announce the PS4 is ready.
What should the next-gen console bring to the table? About the only thing right now is 3D - yet do people really want to spend hours playing with 3D glasses on? Without the hook, all you can do is throw more computing power in it and hope the graphics are so much better that people will notice the difference and upgrade.
Perhaps, but not really. The iPad is considered to be Apple's lowest-margin product, but we're still talking about margins around 30-40% instead of Apple's more nominal 50%.
App store revenue is risky - if you buy 1 99 cent app a week, Apple doesn't make very much, especially after credit card fees, which can easily be 20-30 cents per transaction PLUS another 2-5% off the top. And nevermind the cost of the servers and all the free apps that Apple hosts for free. It's one reason why Apple charges your card at most once a week.
A good estimate would be iTunes makes Apple some money, but they make more selling people a new iPod than a pile of apps/music/movies/etc. Considering Apple really uses it as a way to sell hardware, any profit they make (however little) is just gravy, but it isn't a real profit center.
Heck, it was one of the nails in the HD-DVD coffin during the HD-DVD/Blu-Ray battle. Theatres in other countries were suddenly finding less customers because it was cheaper and better to just import the HD-DVD that go to the theatre, OR the movie wasn't out in theatres yet!
So yes, there was that effect. Sony came out ablazing with "We haz region codes!" and thus ended one of the least DRM'd media around. (They also had "We haz multilayer DRM!" and the like, too. HD-DVD only had AACS to "protect", which was strictly optional so you could have DRM-free/encryption-free HD-DVDs as well).
Have you ever tried it? Very, very, very few apk's are actually available outside the marketplace. And alternative marketplaces are just as dismal. I've tried GetJar, SlideMe and APKtor. You'd be hard-pressed to find any that have more than around 10,000 apps. Especially places like GetJar and SlideMe.
Face it, the only way to get apps outside the Marketplace is ... pirating via BitTorrent. Most devs only stick with the official Google Marketplace because it's easy.
And this whole "alternative marketplace" thing doesn't work when you don't know if the one you're using is legit. Ever hear of the Android botnets being spread in China? Mostly because of alternative marketplaces? "Stick to the official marketplace" only works when you can get it. I'm sure in China there's probably many phones running AOSP.
So, either Google Marketplace, piracy, or questionable marketplaces.
And no, you can't download APK's from Google Marketplace yourself. You have to use your phone, then use a file manager to copy it to your PC. And root if you want to copy "protected" apps.
Apple can't lock down MacOS X even if they wanted to.
First, how do you develop apps for it? iOS can be locked down because it never has to run an unsigned application. The only way it can run an unsigned app is via a signed "mobileprovisioning" file that tells you a certain app can be unsigned, but only that app. This is so devs can beta-test their apps on real hardware. But for development purposes, the app can run under the simulator with a simple download of the SDK.
Now, how do you propose Apple do this for regular apps? Does it mean every time you run the compiler, you have to sign the app in order to run it? There's no simulator to run because you're developing on the target hardware. You can try a VM, but it seems unless the VM does all the hardware bits, it won't work.
Next issue, how does Apple keep a user from running these apps? If the dev can run the app, so can the user. If you expect the compiler to use a per-machine key so apps can only run "unsigned" on the computer that compiled it, the FSF will be all over OS X - an OS that enforces open-source distribution because you have to compile the app on your computer.
Finally, how does Apple prevent jailbreaking? On iOS devices, the interfaces to jailbreak are limited. On a Mac... let's see, you can take out the hard drive and edit it on a PC, you can use Target Disk Mode, you can use Boot Camp and a Windows/Linux install to modify the disk... The only way Apple can prevent this is use non-standard hardware (the Airs are closest, but it's still SATA, so someone can build an adapter), disable Target Disk Mode (one of the best recovery options available), and basically build the entire computer sealed with no ports or anything, to which no one would buy.
In short - it's going to be really hard to lock down OS X. And everything Apple's done has been undone - see the hackintoshes you can get. Hell, you can run OS X under VirtualBox and VMWare these days. And this is the latest Snow Leopard, too.
The only machine I have running IE6 is my Windows 2000 machine. Even when Windows 2000 was still supported I kept getting pleas to upgrade.
So I clicked "Upgrade" only to be met with "Your operating system is not supported". You'd think Microsoft would've been able to figure that out when it offered me a chance to upgrade...
Now that Windows 2000 has fallen out of support, there's no upgrade for it. Though, I don't use IE6 on it at all... (Firefox 3.5)
I meant, if you're running Android and having to do all sorts of tricks to save power, you might as well just save the complexity and use an ARM processor anyhow...