It's a tricky question. Functionality may indeed break in many cases. In that sense requiring password is not a bad idea. It can't however be the admin password as you suggested, because that would prevent different users from having different default applications for mail, http etc.
A message box asking if the application should be registered as the default application for a protocol would be the best I can currently think of right now. Protocol handlers should also not be automatically searched from a mounted image.
A change that may occur is a message box in Safari asking if you want to download a file. This might be for files that where automatically redirected.
Whatever the patch is going to be, I don't think we are going to see any dramatic changes in it. It is going to be *simple*.
I have to admit, I find slashdot's schizophrenic reactions to these Mac security issues quite interesting.
Slashdot is not one person. Therefore there will be different opinions about things.
I'm not usually for releasing vulnerabilities directly into the public, but this makes an exception. The findings of these new vulnerabilities are results of one conclusion after an other. In the end: does it matter if the final announcement is posted if you can read it between the lines from the earlier posts yourself?
I'm a bit amazed on how well the Mac community have co-operated in finding these security flaws. Even though the flaws are always bad things, this just shows how strong the community actually is. And it sure feels good to be a part of it.
What about the hogillion other frequencies that could be used to trigger the detonator?
I'm no expert in this matter, but I would think that terrorists that make these bombs get "standard instructions" on how to build the bombs. This way a government agency knows what frequencies are most likely to be used, and therefore easier to be jammed. Of course it is possible to make a bomb detonate on other frequencies too, but are the average terrorist capable of that?
What about a timed detonator.
If you want to strike at a moving convoy or something, timed bombs are not so easy to use. You would have to know the precise moment your target is in the range of the bomb.
If it is a stationary target the thing got a whole lot easier for the terrorist. But the timer still must be pretty precise, when security guards nowadays are on constant lookout for bombs. You would need to make sure that you have time to plant the bomb and get out. The bomb is most likely found in a couple of minutes if it is in a busy train station or so.
They'll find another way in a hurry, you can be sure about that.
Yes. Does that mean you should not try to stop it? Defiantly not.
We must still remember that jamming is probably going to be used only on special occasions where emergency staff is most likely to be nearby.
They are to protect them both. Innovators are funded by investors, who try to earn money from the innovations. If the investors don't get any money, neither does the innovators.
I'm not saying that this Cisco patent is any good, but there are products that have costed much money to develop, but are easy to copy. The ones developing the product need the money from the limited time monopoly to compensate the money that was used in the development process. If someone immediately just goes ahead and copies all the work the innovators have done and starts selling it, the innovators would sooner or later be out of cash.
Wouldn't your case prove that this new system in necessary? At the time the authorities notice the mismatch in the fingerprints and photos, they know that a person with fake identity has entered the country + they have the fingerprint AND the photo of this person, so they could probably identify him or her. The only problem is to solve out which one is the person. But if this system doesn't exist this people would go unnoticed.
I wouldn't like to give my photo/fingerprint to a foreign country, but as long as secure passports doesn't exist I think this solution is acceptable. Too many people can enter a country with faked passport nowadays.
It would need a new connector, because you can only get stereo stereo from the iPod as far as I can tell. And how do you get surround sound from a pair of headphones with only with a left and right channel? Or am I missing something here?
Your original mp3s are in stereo and not in surround, so you wont win anything by converting them to the new format as far as I understand it. They would still be stereo (converting from mono to stereo doesn't either make the sound stereo). This new format would just mean that you could make mp3s with surround sound in the future.
But then the story will be so changed it should really be called something else.
...and nobody would be interested.
I think it is wrong to expect exactly the image you have got after reading a book. It frustrates sometimes me too, but at least you could give one a chance. There's no way they could fit all those books into three and a half hour of theater as you pointed out.
Go read the books, just take your time and be sure to read The Hobbit first.
Maybe if you are a Tolkien fan of some sort. I watched The Lord of the Rings as a theater play maybe a year before the first film came out, and I really liked it - actually much better than the three films.
Good storytelling doesn't require you to repeat every small detail (or even the bigger ones). It is much more important to get the feeling of you being in that story. The films never gave me that feeling. The theater did. But I haven't read the books.
No. I haven't played with the files to be 100% sure, but AFAIK the restrictions apply only to files from iTunes music store - and those restrictions are still pretty loose. Apple doesn't like restrictions. And iTunes does still support mp3 encoding if you are unsure about AAC.
Would you claim that a 12 inch PowerBook isn't really a portable comptuer because you can't run it the whole day on just batteries? I think it is silly to bash Apple, just because you don't WANT to use an external power source. It would have been an option you would have got for free. And there are still other options for you if you can't use/don't want to external power source like this story and TheRaven64 points out.
What's the point of having 10,000 songs if you can only listen to 7 hours worth in a sitting?
I'm just curious; where do you listen to your iPod or any music player for that matter 7 hours a row? Traveling maybe? I'm quite sure you would able to use external power source part of that time.
Personally I can't get up to 7 hours a day even if I listen every moment I can.
And would people please stop to post these iPod battery stories? The whole is has become highly exaggerated.
From my experience it does tolerate quite a bit. My iPod has fallen a couple of times to a hard surface. The biggest drop has been from my waist when, I was putting it into it's carrying case. It was turned on at the time being.
So I wouldn't worry too much about that. A bigger problem you might face is that the iPod gets really cold on low temperatures and the battery life will decrease considerably. It might however partly be because my iPod is more than a year old. I don't remeber having those problems the first winter, but I might remember wrongly.
PS. Didn't some company sell a snowboarding jacket specially designed for the iPod with special controlls in the arm or something like that?
The built-in keyboard isn't probably meant to play any real music on, so I have used the editor tool. I'm however considering to buy M-Audio Keystation 49e USB Midi Keyboard which Apple is recommending. It is for $99 (or 99 EUR), which I don't think is "significant cash" (you wouldn't even get a half of the cheapest iPod mini for that price.) Does anyone have any experiences? I'm not a musician and don't need the best keyboard available.
How hard can it be to implement a mechanism that ignores an IP address after a couple of tries? It would take a long time to brute force this and even though you would get trough this layer, there would still be the "real" layer left.
That is suposed to be a joke, but in reality I know many people who hasn't understood that Anakin is the same person as Darth Vader, even though I keep explaining it over and over again.
I don't know about Linus, but it is damn dark and cold here. The days are in the middle of December only a couple of hours long, and you see the sun only a couple of times a month. It is something like the darkness you see in LOTR. No wonder Tolkien was interested in Finland.:-P
Slashdot Mirror
It's a tricky question. Functionality may indeed break in many cases. In that sense requiring password is not a bad idea. It can't however be the admin password as you suggested, because that would prevent different users from having different default applications for mail, http etc.
A message box asking if the application should be registered as the default application for a protocol would be the best I can currently think of right now. Protocol handlers should also not be automatically searched from a mounted image.
A change that may occur is a message box in Safari asking if you want to download a file. This might be for files that where automatically redirected.
Whatever the patch is going to be, I don't think we are going to see any dramatic changes in it. It is going to be *simple*.
In the next release of Mac OS X however...
Slashdot is not one person. Therefore there will be different opinions about things.
I'm not usually for releasing vulnerabilities directly into the public, but this makes an exception. The findings of these new vulnerabilities are results of one conclusion after an other. In the end: does it matter if the final announcement is posted if you can read it between the lines from the earlier posts yourself?
I'm a bit amazed on how well the Mac community have co-operated in finding these security flaws. Even though the flaws are always bad things, this just shows how strong the community actually is. And it sure feels good to be a part of it.
I'm no expert in this matter, but I would think that terrorists that make these bombs get "standard instructions" on how to build the bombs. This way a government agency knows what frequencies are most likely to be used, and therefore easier to be jammed. Of course it is possible to make a bomb detonate on other frequencies too, but are the average terrorist capable of that?
If you want to strike at a moving convoy or something, timed bombs are not so easy to use. You would have to know the precise moment your target is in the range of the bomb.
If it is a stationary target the thing got a whole lot easier for the terrorist. But the timer still must be pretty precise, when security guards nowadays are on constant lookout for bombs. You would need to make sure that you have time to plant the bomb and get out. The bomb is most likely found in a couple of minutes if it is in a busy train station or so.
Yes. Does that mean you should not try to stop it? Defiantly not.
We must still remember that jamming is probably going to be used only on special occasions where emergency staff is most likely to be nearby.
Sounds like a new feature to be included in the next Mac OS X, 10.4 Tiger. Interesting to see what Apple has come up with this time.
They are to protect them both. Innovators are funded by investors, who try to earn money from the innovations. If the investors don't get any money, neither does the innovators.
I'm not saying that this Cisco patent is any good, but there are products that have costed much money to develop, but are easy to copy. The ones developing the product need the money from the limited time monopoly to compensate the money that was used in the development process. If someone immediately just goes ahead and copies all the work the innovators have done and starts selling it, the innovators would sooner or later be out of cash.
But... But I thought the Internet came on CDs from AOL.
Wouldn't your case prove that this new system in necessary? At the time the authorities notice the mismatch in the fingerprints and photos, they know that a person with fake identity has entered the country + they have the fingerprint AND the photo of this person, so they could probably identify him or her. The only problem is to solve out which one is the person. But if this system doesn't exist this people would go unnoticed.
I wouldn't like to give my photo/fingerprint to a foreign country, but as long as secure passports doesn't exist I think this solution is acceptable. Too many people can enter a country with faked passport nowadays.
It would need a new connector, because you can only get stereo stereo from the iPod as far as I can tell. And how do you get surround sound from a pair of headphones with only with a left and right channel? Or am I missing something here?
Your original mp3s are in stereo and not in surround, so you wont win anything by converting them to the new format as far as I understand it. They would still be stereo (converting from mono to stereo doesn't either make the sound stereo). This new format would just mean that you could make mp3s with surround sound in the future.
Tell me if I'm wrong.
...and nobody would be interested.
I think it is wrong to expect exactly the image you have got after reading a book. It frustrates sometimes me too, but at least you could give one a chance. There's no way they could fit all those books into three and a half hour of theater as you pointed out.
I'll do that. :-)
Maybe if you are a Tolkien fan of some sort. I watched The Lord of the Rings as a theater play maybe a year before the first film came out, and I really liked it - actually much better than the three films.
Good storytelling doesn't require you to repeat every small detail (or even the bigger ones). It is much more important to get the feeling of you being in that story. The films never gave me that feeling. The theater did. But I haven't read the books.
No. I haven't played with the files to be 100% sure, but AFAIK the restrictions apply only to files from iTunes music store - and those restrictions are still pretty loose. Apple doesn't like restrictions. And iTunes does still support mp3 encoding if you are unsure about AAC.
What iPod DRM? What iTunes music store downloads?
Since when has Apple been offering music downloads outside the US? I'm still getting a warning about that you need an US billing address.
At least those frickin' robots don't have frickin' laser beams attached to their heads.
Would you claim that a 12 inch PowerBook isn't really a portable comptuer because you can't run it the whole day on just batteries? I think it is silly to bash Apple, just because you don't WANT to use an external power source. It would have been an option you would have got for free. And there are still other options for you if you can't use/don't want to external power source like this story and TheRaven64 points out.
I'm just curious; where do you listen to your iPod or any music player for that matter 7 hours a row? Traveling maybe? I'm quite sure you would able to use external power source part of that time.
Personally I can't get up to 7 hours a day even if I listen every moment I can.
And would people please stop to post these iPod battery stories? The whole is has become highly exaggerated.
From my experience it does tolerate quite a bit. My iPod has fallen a couple of times to a hard surface. The biggest drop has been from my waist when, I was putting it into it's carrying case. It was turned on at the time being.
So I wouldn't worry too much about that. A bigger problem you might face is that the iPod gets really cold on low temperatures and the battery life will decrease considerably. It might however partly be because my iPod is more than a year old. I don't remeber having those problems the first winter, but I might remember wrongly.
PS. Didn't some company sell a snowboarding jacket specially designed for the iPod with special controlls in the arm or something like that?
It was the swamp gas from the weather balloon that was trapped in a thermal pocket and reflected the light from Venus to be precise!
The built-in keyboard isn't probably meant to play any real music on, so I have used the editor tool. I'm however considering to buy M-Audio Keystation 49e USB Midi Keyboard which Apple is recommending. It is for $99 (or 99 EUR), which I don't think is "significant cash" (you wouldn't even get a half of the cheapest iPod mini for that price.) Does anyone have any experiences? I'm not a musician and don't need the best keyboard available.
How hard can it be to implement a mechanism that ignores an IP address after a couple of tries? It would take a long time to brute force this and even though you would get trough this layer, there would still be the "real" layer left.
Is the site slashdotted...
...or do I have to knock my way in?
That is suposed to be a joke, but in reality I know many people who hasn't understood that Anakin is the same person as Darth Vader, even though I keep explaining it over and over again.
It does if you like hockey. I'm a big fan myself and go to games every now and then. :-)
I don't know about Linus, but it is damn dark and cold here. The days are in the middle of December only a couple of hours long, and you see the sun only a couple of times a month. It is something like the darkness you see in LOTR. No wonder Tolkien was interested in Finland. :-P
PS. The bandwidth is pretty expensive here too.