Idealism of liberal copyrights aside, if Adobe is selling a product that is intended to keep people from copying your wares, and it is in fact it's not stopping them, then it's pretty clear who is at fault. It's a faulty product, the blame lies with Adobe. Of course if they had any brains they'd know that what they want to do is impossible, but since they're selling the product, it needs to work as advertised.
Based on what Apple has told developers since the start of the program, revocation appears to be certificate based; Apple is revoking the developer's certificate for that program, which breaks the authentication chain and prevents the application from running. As for what they can block, it does not look like this would be effective against a jailbroken kernel, since much of the authentication chain is patched out anyhow; in other words they wouldn't be able to revoke: the jailbreak, applications for it, and perhaps even regular applications once the jailbroken kernel is installed.
As for what they'll revoke, that's the bigger question. Apple has not shown to be particularly hostile towards the jailbreak community in the past; even if they could revoke it, I don't believe they will. The real test on this policy would be the NetShare application, it's an application Apple has ceased to allow post-release and if the revocation system were to be abused it would be the prime target. So far Apple has not revoked it, even though they've had ample time to do so.
That leaves us with malware. I don't find this to be something hard to define, but perhaps other Slashdot readers do. If the application is legit but has a problem (backdoor for exploiting the Mobile account, for example) I'd assume Apple will revoke the certificate for the bad application and let the author issue an updated version as long as they didn't intentionally create a problem (which is grounds for being expelled from the AppStore program). If it's outright malware that somehow passed Apple's QC, then they'll still revoke it, will not issue further certificates to the guilty party, and since they had to sign up for the program, track the guilty party down and sue them for computer crimes in some form.
I'm not too worried about this (I consider blocking malware from running a good thing) but I can see why other people here would be worried. In either case it's a well thought-out system that seems to cover every contingency, so there shouldn't be any "friendly fire" of applications being unintentionally revoked.
In theory? Sure, why not. In practice, it would be one of the greatest screwup in all history if this could be done. Presumably Apple is signing the list (via private/public keypairs) just like they do iPhone firmware updates; you sign this kind of stuff exactly so that hackers can't do stuff like this.
In other words no, I doubt this list can be exploited in that manner.
They also don't point out whether this breaks out of the IE sandbox or not. This makes a big difference, as if they can't break out of the sandbox, it makes any attack fairly useless on a correctly configured machine using IE. More details would have been nice.
Sorry to respond to myself (again), but now that TFA is working, it turns out we've been Inquirered. PC Authority was just reprinting an Inq article, which in retrospect makes perfect sense given the absurdity of the title and the summary.
Even the Inq basically took the story from somewhere else; you can find the source (and far more sensible) article at Information Week.
And while I'm at it, what the heck is up with CmdrTaco and stupid summaries? He's been on a roll lately posting summaries that don't match the article or are blown well out of proportion. Usually he's one of the better editors.
Indentured Servitude: An indentured servant is a form of debt bondage worker, in which the indentured individual is intentionally, unethically and illegally deprived of their human rights, their civil rights and their personal freedom and liberty.
Unfortunately TFA is Slashdotted right now so I can't read all of the details, but if the summary is anything to go by, I really, really doubt Apple was forcing these guys to work due to debt and/or was holding them captive. What they did do was make their workers work OT without paying them correctly, which is an inexcusably naughty practice, but it's hardly indentured servitude, slavery, or any other form of bondage.
Furthermore this shit is fairly common, Apple isn't the first company or the last company to stiff their employees on OT. That doesn't make it right and certainly knocks Apple down a few pegs in my own eyes, but get some perspective here people.
Don't get your hopes up guys, this is being made by the same Russian developers that produced the positively awful Tarr Chronicles back in September of 2007, Akella and Quazar Studio. Furthermore if you watch the Dark Horizon trailer and look at the dialog text, you'll find the name "De'khete" in there, that was one of the enemy factions from Tarr Chronicles.
It looks like this is the sequel to Tarr Chronicles under a different name to hide the fact that it's related to that flop. I hate to judge developers before they even get their work out, but when their last title was an abomination and their next title is a sequel coming out a mere year later, I wouldn't put much faith in the game being anything more than a hunk of junk even more rushed than their last game. Go read the reviews for Tarr Chronicles, Dark Horizon is probably just going to be the same thing all over again.
For those of you wondering what that query is about and what it's being used for, here's TFA:
Via b1ff.org, here's the Nexis search that US Department of Justice White House liaisons ran on job candidates to determine their political leanings:[Emphasis mine]
So there you go. The Justice Department was using a screwy LexisNexis query to try to determine the political leanings and affiliations of people they were looking to hire, because they were illegally filtering out applications people (non-repubs/conservatives) based on their political affiliations.
You really should drink more coffee in the morning before you start posting, Taco.
Is it me, or does page count seem like a poor metric to compare search engines by? Somehow I don't think Google is failing to notice 2 trillion pages, so either the numbers are off or Cuil is somehow spidering a lot of redundant pages. In either case I would find it hard to believe that there would be something on Cuil that's not on Google unless it's brand-new or spam.
Have any of the news articles made it clear who the 3 kids in the story are? TFA makes it clear that the dead 3 year-old was Davidson's daughter, but they keep calling the older girl "a teenage girl" and the infant "a 8 month-old boy" and such. Since they aren't attaching a family relationship to Davidson, I'm left wondering who they are and what their involvement is.
Why would an unrelated teenage girl and an infant be with a guy about to kill himself and his family? What else was going on here besides a jailbreak and a murder-suicide?
Here here! This year's E3 was a success in working as it was designed. Restricted crowds meant that journalists and buyers could easily see (and try!) everything they needed to, and unlike last year everything was located close-by so that people weren't so spread apart. For an event that's about the quick & effective dissemination of information, this year was marked by... the quick & effective dissemination of information.
The only problem with this year's event was that there was very little to show. The few publishers that had stuff were tempted to throw their own events so that they could hog the spotlight for the day, and everyone else is mid-development cycle after the hulking mass of games released in 2007. The fact that publishers didn't have much to show off and everyone was accordingly unexcited has nothing to do with E3, that's a matter of poor planning on their part.
This was an exceptionally insightful comment made on Voodoo Extreme that I am reposting, with full credit to the author. It hits the nail on the head, so to speak.
ProphecyVE
Its become what it should have always been in the first place, an industry trade show. What it turned into before they switched the format was just a nightmare. A huge convention center packed with millions of sweaty nerds all clamoring to see an actual GIRL who is playing a VIDEOGAME. OMGOMG. It wasn't a trade show, it was just a marketing free for all.
And of course the execs don't like it. They got to feel like they were rockstars before, watching guys with huge guts packed underneath Star Wars parody t-shirts salivate for their crappy port of Unoriginal Game 9. At the current E3, they have to act like actual business people, and answer actual questions.
I'd just like to add that even the Gamecube was more powerful than the PS2, so we're talking about a pretty big delta here. The PS2 is a good console, but out of the last generation consoles the developers working on multiplatform titles (e.g. Star Wars Battlefront) all found the same thing: the PS2 was the weakest of the consoles. Ithad the weakest central processor and the weakest video processor, it was already the least common denominator for the last generation. A good port from the last generation would target the Xbox (the most powerful) and then scale it down for the GC and PS2.
Meanwhile porting a PS2 game to the Gamecube without making any changes was lazy, porting it to the Wii is downright criminal.
I'm on the Pacific timezone, so everyone out here got the short end of the stick. AT&T is selling the phones and setting up the contracts, but they can do little else besides make a token effort to activate the phone and then send people home to activate it later. I just sold my soul and gave $200 to AT&T, I'd really like to play with my iPhone.
Question: Will telecommunications firms be prosecuted for helping the intelligence community conduct warrantless surveillance of Americans?
Benson: Although the Bush administration had wanted the telephone providers who cooperated with the surveillance program to receive outright retroactive immunity, this bill sets up a process for judicial review.
A U.S. District Court judge hearing a pending case will determine whether the telecommunications provider received from the government letters which indicated the president had authorized the warrantless surveillance and that the program was considered lawful. If so, the lawsuit will be thrown out.
Opponents argue this is a sham and say that the telecommunications are essentially being granted retroactive immunity because Mike McConnell, the director of national intelligence (DNI), testified at a congressional hearing that all of the telephone carriers did receive government certifications.
Some Republican supporters have called this process a "formality" and even Democratic proponents indicate it is likely that most, if not all, of the cases against the telephone companies will be dismissed.
In short: They aren't outright granted immunity, but instead a hearing will be held where they will undoubtedly be granted immunity. Bloody Democrats, they never have a spine when they need one.
PS: Hello to whatever TLA is currently monitoring this
In all seriousness, why on Earth would I want to use the Second Life client to do what you recommend? We already have the World Wide Web and it works quite well for those things. "The same thing, but harder to use" isn't going to be much of a selling point.
Speaking of Mac support, what the heck is up with OpenGL support under the Mac version of WINE? Under Linux everything is great, a fair number of games can be used and everyone is happy. On the Mac side of things the OpenGL implementation is completely FUBAR and you can't do any 3D gaming with stock WINE; you have to use Codeweaver's CrossOver Gaming, which isn't free as in speech, free as in beer, or as good as stock WINE on Linux. Crossover makes it work, so whatever is broken can't be that hard to fix, can it?
Anyhow what the heck is going on as far as OpenGL is concerned? It's been broken for ages and I think everyone would like to know when it's going to get fixed.
Re:If that was the case...
on
Terminal Chaos
·
· Score: 1
Viva la Coast Starlate, one of the most delayed trains in the United States. If it's ever on time be very, very afraid, the apocalypse can't be far behind.
We go through this about twice a year with the same results every time. "Someone" releases a trojan, presumably as proof that Mac OS X has security holes. Then everyone gets whipped in a frenzy and ultimately no one is infected by the damn thing in the first place. Mac OS X does have its holes (some of which are quite unreasonable), but trying to scare the users (in to buying anti-virus software, perhaps?) gets tiring after a while. No one has yet to do anything that matters with these trojans and security vulnerabilities, the real troublemakers continue to target Windows.
Mac OS X's day will definitely come at some point, but if people keep crying wolf every time someone whips up a theoretical and entirely implausible situation, no one is going to believe the security community once some black-hat does finally decide to attack the Macs.
Because running as the user is basically just as good. The user doesn't care what a piece of malware has infected or destroyed, only that it has done so.
Slashdot Mirror
So does that mean Texas can change the tax instead? Because right now no one is paying the tax, and that's not correct.
Idealism of liberal copyrights aside, if Adobe is selling a product that is intended to keep people from copying your wares, and it is in fact it's not stopping them, then it's pretty clear who is at fault. It's a faulty product, the blame lies with Adobe. Of course if they had any brains they'd know that what they want to do is impossible, but since they're selling the product, it needs to work as advertised.
Neocron!? That's an EVE-Online reference, you insensitive clod!
Based on what Apple has told developers since the start of the program, revocation appears to be certificate based; Apple is revoking the developer's certificate for that program, which breaks the authentication chain and prevents the application from running. As for what they can block, it does not look like this would be effective against a jailbroken kernel, since much of the authentication chain is patched out anyhow; in other words they wouldn't be able to revoke: the jailbreak, applications for it, and perhaps even regular applications once the jailbroken kernel is installed.
As for what they'll revoke, that's the bigger question. Apple has not shown to be particularly hostile towards the jailbreak community in the past; even if they could revoke it, I don't believe they will. The real test on this policy would be the NetShare application, it's an application Apple has ceased to allow post-release and if the revocation system were to be abused it would be the prime target. So far Apple has not revoked it, even though they've had ample time to do so.
That leaves us with malware. I don't find this to be something hard to define, but perhaps other Slashdot readers do. If the application is legit but has a problem (backdoor for exploiting the Mobile account, for example) I'd assume Apple will revoke the certificate for the bad application and let the author issue an updated version as long as they didn't intentionally create a problem (which is grounds for being expelled from the AppStore program). If it's outright malware that somehow passed Apple's QC, then they'll still revoke it, will not issue further certificates to the guilty party, and since they had to sign up for the program, track the guilty party down and sue them for computer crimes in some form.
I'm not too worried about this (I consider blocking malware from running a good thing) but I can see why other people here would be worried. In either case it's a well thought-out system that seems to cover every contingency, so there shouldn't be any "friendly fire" of applications being unintentionally revoked.
In theory? Sure, why not. In practice, it would be one of the greatest screwup in all history if this could be done. Presumably Apple is signing the list (via private/public keypairs) just like they do iPhone firmware updates; you sign this kind of stuff exactly so that hackers can't do stuff like this.
In other words no, I doubt this list can be exploited in that manner.
They also don't point out whether this breaks out of the IE sandbox or not. This makes a big difference, as if they can't break out of the sandbox, it makes any attack fairly useless on a correctly configured machine using IE. More details would have been nice.
Sorry to respond to myself (again), but now that TFA is working, it turns out we've been Inquirered. PC Authority was just reprinting an Inq article, which in retrospect makes perfect sense given the absurdity of the title and the summary.
Even the Inq basically took the story from somewhere else; you can find the source (and far more sensible) article at Information Week.
And while I'm at it, what the heck is up with CmdrTaco and stupid summaries? He's been on a roll lately posting summaries that don't match the article or are blown well out of proportion. Usually he's one of the better editors.
Indentured Servitude: An indentured servant is a form of debt bondage worker, in which the indentured individual is intentionally, unethically and illegally deprived of their human rights, their civil rights and their personal freedom and liberty.
Unfortunately TFA is Slashdotted right now so I can't read all of the details, but if the summary is anything to go by, I really, really doubt Apple was forcing these guys to work due to debt and/or was holding them captive. What they did do was make their workers work OT without paying them correctly, which is an inexcusably naughty practice, but it's hardly indentured servitude, slavery, or any other form of bondage.
Furthermore this shit is fairly common, Apple isn't the first company or the last company to stiff their employees on OT. That doesn't make it right and certainly knocks Apple down a few pegs in my own eyes, but get some perspective here people.
Don't get your hopes up guys, this is being made by the same Russian developers that produced the positively awful Tarr Chronicles back in September of 2007, Akella and Quazar Studio. Furthermore if you watch the Dark Horizon trailer and look at the dialog text, you'll find the name "De'khete" in there, that was one of the enemy factions from Tarr Chronicles.
It looks like this is the sequel to Tarr Chronicles under a different name to hide the fact that it's related to that flop. I hate to judge developers before they even get their work out, but when their last title was an abomination and their next title is a sequel coming out a mere year later, I wouldn't put much faith in the game being anything more than a hunk of junk even more rushed than their last game. Go read the reviews for Tarr Chronicles, Dark Horizon is probably just going to be the same thing all over again.
For those of you wondering what that query is about and what it's being used for, here's TFA:
So there you go. The Justice Department was using a screwy LexisNexis query to try to determine the political leanings and affiliations of people they were looking to hire, because they were illegally filtering out applications people (non-repubs/conservatives) based on their political affiliations.
You really should drink more coffee in the morning before you start posting, Taco.
Is it me, or does page count seem like a poor metric to compare search engines by? Somehow I don't think Google is failing to notice 2 trillion pages, so either the numbers are off or Cuil is somehow spidering a lot of redundant pages. In either case I would find it hard to believe that there would be something on Cuil that's not on Google unless it's brand-new or spam.
Have any of the news articles made it clear who the 3 kids in the story are? TFA makes it clear that the dead 3 year-old was Davidson's daughter, but they keep calling the older girl "a teenage girl" and the infant "a 8 month-old boy" and such. Since they aren't attaching a family relationship to Davidson, I'm left wondering who they are and what their involvement is.
Why would an unrelated teenage girl and an infant be with a guy about to kill himself and his family? What else was going on here besides a jailbreak and a murder-suicide?
Here here! This year's E3 was a success in working as it was designed. Restricted crowds meant that journalists and buyers could easily see (and try!) everything they needed to, and unlike last year everything was located close-by so that people weren't so spread apart. For an event that's about the quick & effective dissemination of information, this year was marked by... the quick & effective dissemination of information.
The only problem with this year's event was that there was very little to show. The few publishers that had stuff were tempted to throw their own events so that they could hog the spotlight for the day, and everyone else is mid-development cycle after the hulking mass of games released in 2007. The fact that publishers didn't have much to show off and everyone was accordingly unexcited has nothing to do with E3, that's a matter of poor planning on their part.
This was an exceptionally insightful comment made on Voodoo Extreme that I am reposting, with full credit to the author. It hits the nail on the head, so to speak.
I'd just like to add that even the Gamecube was more powerful than the PS2, so we're talking about a pretty big delta here. The PS2 is a good console, but out of the last generation consoles the developers working on multiplatform titles (e.g. Star Wars Battlefront) all found the same thing: the PS2 was the weakest of the consoles. Ithad the weakest central processor and the weakest video processor, it was already the least common denominator for the last generation. A good port from the last generation would target the Xbox (the most powerful) and then scale it down for the GC and PS2.
Meanwhile porting a PS2 game to the Gamecube without making any changes was lazy, porting it to the Wii is downright criminal.
It's a 40 minute TV show, that's worth $2 not $4.
I'm on the Pacific timezone, so everyone out here got the short end of the stick. AT&T is selling the phones and setting up the contracts, but they can do little else besides make a token effort to activate the phone and then send people home to activate it later. I just sold my soul and gave $200 to AT&T, I'd really like to play with my iPhone.
From CNN
In short: They aren't outright granted immunity, but instead a hearing will be held where they will undoubtedly be granted immunity. Bloody Democrats, they never have a spine when they need one.
PS: Hello to whatever TLA is currently monitoring this
In all seriousness, why on Earth would I want to use the Second Life client to do what you recommend? We already have the World Wide Web and it works quite well for those things. "The same thing, but harder to use" isn't going to be much of a selling point.
Yeah, except that said option doesn't exist, at least not for free users. The only way to remove the damn warning is to follow the GP's instructions.
Speaking of Mac support, what the heck is up with OpenGL support under the Mac version of WINE? Under Linux everything is great, a fair number of games can be used and everyone is happy. On the Mac side of things the OpenGL implementation is completely FUBAR and you can't do any 3D gaming with stock WINE; you have to use Codeweaver's CrossOver Gaming, which isn't free as in speech, free as in beer, or as good as stock WINE on Linux. Crossover makes it work, so whatever is broken can't be that hard to fix, can it?
Anyhow what the heck is going on as far as OpenGL is concerned? It's been broken for ages and I think everyone would like to know when it's going to get fixed.
Viva la Coast Starlate, one of the most delayed trains in the United States. If it's ever on time be very, very afraid, the apocalypse can't be far behind.
We go through this about twice a year with the same results every time. "Someone" releases a trojan, presumably as proof that Mac OS X has security holes. Then everyone gets whipped in a frenzy and ultimately no one is infected by the damn thing in the first place. Mac OS X does have its holes (some of which are quite unreasonable), but trying to scare the users (in to buying anti-virus software, perhaps?) gets tiring after a while. No one has yet to do anything that matters with these trojans and security vulnerabilities, the real troublemakers continue to target Windows.
Mac OS X's day will definitely come at some point, but if people keep crying wolf every time someone whips up a theoretical and entirely implausible situation, no one is going to believe the security community once some black-hat does finally decide to attack the Macs.
Because running as the user is basically just as good. The user doesn't care what a piece of malware has infected or destroyed, only that it has done so.