I thought I'd made it fairly clear that I felt that Unsanity's APE module was at fault for that problem, but that it was easily fixed.
Just to make things clear.
I believe that on that occasion, the fault for the problem was shared entirely between myself, because I installed, and did not disable between upgrades, an obviously unsupported hack, and Unsanity for failing to update the free version of Silk because it had been superceded by a paid version that was tested with the new OS version I had just installed.
The problem seems to be that idiots install APE and APE modules without appreciating that their functionality is specifically (and sometimes deliberately) unsupported, and then complain to the software authors or Apple when they affect applications in an undesirable way.
My first troubleshooting steps when installing new software that doesn't work is to check for old plists, and temporarily disable APE if that fails. Neither of these problems can or should be attributed to or mitigated by Apple.
I feel that I should mention that disabling APE hasn't helped yet, except in the specific instance of Silk 1 that I mentioned above, but deleting old plists certainly has.
"But you make one point that is entirely false that I have to address:
"as far as security goes, there's nothing that APE can do that a sneaky application can't do"
That is true in a sense that a malicious app could do the same thing that APE does, though it would be complicated to get all those pieces set up. The thing that APE provides a convenient framework for that. What most apps can't do is to look around in any user's running app's memory space and do whatever it wants with what it finds. Normal apps can't go poking around in another app's memory space at all. APE lets you write code to do that and a malicious coder could use this for lots and lots of bad things."
What I said is clearly true, both Silk and WindowShadeX, did exactly what you talk about without the APE framework, long before it was invented. It's been proven possible, nothing to see here, move along.
"It is analogous to creating a new app that runs as a daemon to do some cool peer to peer file sharing thing you really like, though it also allows remote users to run any commands on your system with no authentication. Even if you really like what the app does, the app is uncommon, and only runs on an obscure platform, it is still insecure by design."
No, that would be something which allows people to remotely run commands, APE has never been accused of anything like that. In fact, with Paranoid Android it does the exact opposite of what you just talked about.
A more valid analogy might be something like lookupd which serves a useful purpose but can in the event of a local compromise be used to modify the behaviour of applications so that they can perform malicious tasks.
Lookupd doesn't even need to inject code into programs to perform evil, should I be more or less scared because of that fact? The OS X/NeXT pasteboard server can inject characters into the input buffer of any running application, that's also pretty scary.
I'm sure if I sit here thinking about all the applications on my system I can come up with all sorts of paranoid theoretical fantasies about ways in which applications on my machine could be compromised.
The fact remains that if someone can get a piece of malware onto my system it's too late whether I have APE installed or not, and it's been proven by the unsanity hacks written before APE came into being that it's possible to inject code into running applications without APE's presence.
Neither APE nor any other method seem to be able to inject new modules into running applications without restarting them, so there's no advantage to using it for malware. Plus APE always brings up it's preference pane when it registers a new module, further decreasing the chance that someone is likely to use it for malware.
I'm not trying to argue that APE is inherently safe, but that it's not in any way equivalent to opening the door and throwing away the key to your computer. That's bullshit. All of the methods of exploiting it that you've mentioned would require a local compromise anyway. Which would be disastrous since my only Mac is a laptop, so the offender could simply walk off with it.
Finally, RCDefaultApp doesn't solve the problem of registering arbitrary URL handlers, leaving you possibly exposed to the worst variant of the latest bunch of security risks. The only way to protect yourself against that is to use Paranoid Android. Ironic that you're promoting security as a reason for remaining insecure.
FWIW, I use both RCDefaultApp and Paranoid Android, because the combination of both apps provides both proactive and reactive security should my disabling of protocol handlers turn out not to be enough. I recommend that everyone else do the same at least until Apple fix the problem properly.
Except of course that when an APE module goes awry it doesn't destabilize the base system, I don't have to reboot to remove the offending hack, it doesn't affect other user accounts, and APE modules can be safely enabled/disabled on the fly for testing.
Interesting that you should mention security, considering that so far the only APE plugin that has anything to do with the subject actually improves security.
You're arguing against a tangible increase in security (Paranoid Android) in favour of a theoretical decrease in security that no one has yet figured out how to exploit.
There is, as yet no reason to believe that APE makes your system insecure in any way, and it's hardly the sort of thing that Virus/Spyware writers could depend on being pre-installed.
So if you're suggesting that a malware author is going to use it as a road into the system internals, are you also suggesting that they are going to install APE, and then have APE register their APE module and restart every application so that the new module and APE can take effect, entirely without the user noticing?
While it's almost certainly possible that someone could exploit via APE, it seems impractical and improbable without an easy method to target APE users. Hyperbole and hysteria aside, there is really no reason for the bad rap that this very useful app has been given.
I'm not convinced that APE makes my system unstable/insecure. In my experience I've had no reduction in stability or speed, and an increase in security and convenience directly attributable to APE.
Finally, as far as security goes, there's nothing that APE can do that a sneaky application can't do; Silk and WindowShadeX were working long before APE came into being.
After all, APE is just a convenient framework for legitimate applications to access that same functionality without needing to worry whether their low level hooks are buggy or are going to interfere with other hacks that might be installed.
It's much more likely that malware would simply access those functions provided by APE directly rather than relying on the user installing some third party software.
After all, why would they limit their potential audience in that way?
You talk about instability issues with APE modules, yet I've been running half a dozen different ones for about a year, and I have never experienced any issues that required anything more than logging in with the shift key held down to fix, and that only happened once after a system upgrade, and was due to one APE module trying to trounce into an area Apple had modified, not APE.
I've never had to reboot my laptop because of an APE module, and regularly achieve uptimes of over a month with my PowerBook. I usually go from one software update to the next without rebooting.
I'm curious as to exactly what instability you have experienced as APE hasn't affected speed, security or stability on my machine. Could you name some specific APE incompatibilities you've had to repair, so that we can gain some insight into the problems you've experienced and how you diagnosed and resolved them?
Using this technique, an attacker can cause a disk image to open on your machine, the OS will then faithfully install any arbitrary URL handlers that applications on that disk image say they can handle (for example a deletefile: URL handler), then the same website can forward you to a deletefile://~ URL, thus deleting your home directory.
While it would be easy to tell that the web site is opening a disk image, and the application it starts would probably appear in the Dock, it doesn't make it easy to prevent the Application on the disk image from being executed using this method.
Monitor: PCs at least give the option of a cheap CRT - I've got plenty of desk space, there is zero advantage to me for an LCD. And as far as LCDs go, the garden-variety PC LCDs are generally cheaper. As far as quality goes, the LCDs are all made in the same factories for both PCs and Macs."
You seem to be implying that you can't just plug a normal monitor into a Mac.
You're aware that all desktop machines ship with a DVI and VGA port, and that the monitors come with adaptors to turn DVI into ADP right?
"The motherboards for the clones still had to be bought from Apple, with Apple's proprietary ROMs."
Bullshit. The proprietary ROMs had to be bought from Apple, but the manufacturers made their own boards, this lead to the situation where Power Computing were handing Apple their arse in hardware innovation. The exact opposite of the situation you talk about. Search google for information on the PowerTower Pro if you don't believe me.
Apple's problem at the time was that they spend so much time and money trying to do things "properly" with a stylish case and all the bells and whistles, that their competitors would have a machine out featuring the latest generation of CPU months before Apple. It's not like a real Mac, but it gets the job done.
The situation continues now with the G5. If Apple faced real competition, someone would have already slapped a G5 in a crappy laptop with 30 mins battery life and a fan that sounds like a 747 engine. That exact situation is what has happened with Intel and AMD processors long before a suitable mobile version has come along.
As for the idea of OS X for Intel goes, I think it will probably happen one day, when the time is right. At the moment Apple's developer community still has too much invested in the Carbon API layer which (as a general rule) lacks the bundle structure of Cocoa applications that would make it easily possible to distribute binaries that run on multiple architectures.
Also, they would likely face the removal of Microsoft's support for their platform, so Apple would need to have a reasonable alternative in order to be able to retain their current user base, let alone expand into Microsoft's traditional stronghold.
People seem to forget the possibility that Apple could just open up the underlying OpenStep architecture for other OS vendors to license from them. Apple has management and engineers experienced in running a business that uses this model from the NeXT acquisition, so it would probably be a fairly painless transition for them.
Licensing the Cocoa framework to other OS vendors would obviously not open Apple up to the same amount of liability should the company selling an OpenStep/X variant for X86 go belly-up.
Actually Apple swapped a chunk of stock to Xerox in return for the GUI, that's precisely why they were so annoyed at other companies (Microsoft in particular) for getting what they saw as a free ride, while Apple had to pay.
Google for 'Apple Xerox Stock' if you want confirmation.
Thankfully, the author of this trojan was short sighted enough to make it delete the users home directory instantly, and probably all of the files they were sharing via p2p. The trojan will wipe itself out fairly quickly as people download the file, click on it, and erase everything in their home directory thus removing the trojan itself and disabling its most likely method of distribution (by deleting the p2p programs preferences).
It would have worked better if the program had just installed an invisible helper (or cron job) to delete the users home dir at a later date and then deliberately bombed out. It'd also be much harder to track it down to that broken Word demo that you downloaded the other day.
Nobody is withholding patches, they're withholding information as to exactly what they're patching. Where did you get the idea that they were withholding fixes for things. Please don't just take this guys word for it, actually go and check it out for yourself.
I read all the time about how Apple don't patch previous OS versions or they ignore security holes, in the end it turns out to be grossly exaggerated, or total bullshit.
By no means am I trying to say Apple are perfect, otherwise they wouldn't be patching anything. Hell they're not even as good as Debian, and Debian's security team is just a rag-tag bunch of geeks doing security in their spare time, so there's definitely room for improvement, but the bottom line is don't just take one sensationalist journalists view of things as being gospel.
There are plenty of perfectly rational people making perfectly rational comments about this article and then getting accused of being Apple shills etc etc. I use this OS every day. Trust me, I'd be pissed off if Apple were being lax about security, but I don't see any evidence of that (lately -there was that SSH bug a while back that they took 3 weeks to deliver a patch for)
And for the record, no I don't just blindly accept every bit of bullshit written about Microsoft's security either.
Hey, don't make fun of my country. There is a whole lot more happening in New Zealand than just Stonehenge v2.0a and Weta Digital. We have... uh... lots and lots of other interesting things going on... like The Second International Symposium on Transportation Network Reliability for example.
The word piracy is also grossly out of proportion with the crime being committed. In a world where there is still real piracy happening on the high seas, it's outrageous to equate license violation with the act of piracy.
Real pirates take actual property, murder, rape and abduct people. It's at least as injust to call copiers pirates as it is to call them thieves.
Leasing can be err... fiscally prudent for large organisations, as it removes the burden of having to rid themselves of obsolete hardware after a number of years, without having to worry about the non-transferrability of software licenses (which prevents them from making the computers free-for-removal by local geeks).
Anyway, back to the original subject.
My objections to attacking the retailer who sold me the computer are not so great that I'd screw myself in the arse to save someone else, but I like to believe I can achieve success by berating the people responsible. In this case AppleCare. I certainly intend(ed) to exhaust all avenues before going after the retailer. I have to confess that I'm glad that MagnumMac proved to be a bunch of tossers, because it makes the idea of going after them a lot more palatable, but I probably would seek recourse against them even if I thought they were saints if I thought it was my only option.
I just think it's unfortunate when the wrong people wear the cost. I'm certainly not strongly opposed to going after the retailer -and in fact, I intend to set up a website that will help NZ Apple customers to do just what we're talking about. ie; filing a claim with the disputes tribunal against the retailer, since (without an agreement with anyone else) they are the only people you can legally go after under NZ law.
At the very least, harassing AppleCare allows me to get the most value out of my $600+ AppleCare, plus ensuring that my plight won't go completely unnoticed.:)
I now have in my clammy little hands, a brand spanking new, and very shiny PowerBook G4 1GHz/60G/256Mb RAM PowerBook
I will be taking it in next week to have another 256Mb RAM and an Airport Extreme card added to bring it up to the spec of my old machine. (at no cost to myself of course)
So all's well that ends well.
Well almost all. It still disturbs me that the only reason this machine was replaced is because someone made a mistake at Renaissance. Not because they feel that I've had so many problems with my computer that I deserve a break (no pun intended), but because of a silly little slip of the fingers.
So while I'm one very happy customer indeed thanks in no small part to my AppleCare warranty, and a brand spanking new, and absolutely gorgeous computer. I'm still left with a lingering doubt about how well I would have done if I hadn't kept all the emails I recieved from Apple.
Let this serve as a cautionary tale about doing just that. Correspond by email when possible, take names, and hold people to their promises.
But most of all - kick up the biggest stink you can and be as loud and obnoxious as you can without alienating people. It's a fine line to tread, but it can be done.
Updated update. Renaissance were supposed to contact me today, and haven't. I wrote an email to Applecare asking what was going on, and they said it's being handled by Renaissance.
Will see what happens upon the morrow, and post more details here when I get them. Even though nobody is probably interested.:)
I'm in New Zealand, which has a wonderful piece of legislation known as the Consumer Guarantees Act, and a system in addition to Small Claims Court called the Disputes Tribunal which is a tribunal and not a court, basically I would go up against the manager of the store, no lawyers would be present, and we would explain our case to an adjudicator, whose decision would be final.
Appeals are only permitted if new evidence comes to light, that it can be proven was not available at the time. Like if, for instance the retailer found. once he had the machine, that I'd filled the machine with sewage prior to it failing. This is of course a highly tempting option now that they have agreed to give me a replacement machine.
Basically, my final option was to take the store that sold me the computer to court under the Consumer Guarantees Act, and have them replace the computer under the the premise that it is not fit for the purpose I purchased it from them for.
This is probably why I haven't had any problems with mine since I got the replacement 65W supply. The clever tech Navid who was at Logical Systems in Auckland at the time (kudos to Logical for service, and Navid whereever you are now!) wrapped the cable round the clips that the cord is supposed to be tied onto when it's not in use, about 3 times crossing back and forth, and then wrapped a twist tie around it to keep it in place and said to leave it there and see if it helped.
I have a moral problem with this approach, the store that sold it to me may be a bunch of unscrupulous arseholes, but I won't take them to court unless I really have no other options. It just hurts the store and does nothing whatsover in the way of modifying Apple's behaviour.
Slashdot Mirror
I thought I'd made it fairly clear that I felt that Unsanity's APE module was at fault for that problem, but that it was easily fixed.
Just to make things clear.
I believe that on that occasion, the fault for the problem was shared entirely between myself, because I installed, and did not disable between upgrades, an obviously unsupported hack, and Unsanity for failing to update the free version of Silk because it had been superceded by a paid version that was tested with the new OS version I had just installed.
The problem seems to be that idiots install APE and APE modules without appreciating that their functionality is specifically (and sometimes deliberately) unsupported, and then complain to the software authors or Apple when they affect applications in an undesirable way.
My first troubleshooting steps when installing new software that doesn't work is to check for old plists, and temporarily disable APE if that fails. Neither of these problems can or should be attributed to or mitigated by Apple.
I feel that I should mention that disabling APE hasn't helped yet, except in the specific instance of Silk 1 that I mentioned above, but deleting old plists certainly has.
"But you make one point that is entirely false that I have to address:
"as far as security goes, there's nothing that APE can do that a sneaky application can't do"
That is true in a sense that a malicious app could do the same thing that APE does, though it would be complicated to get all those pieces set up. The thing that APE provides a convenient framework for that. What most apps can't do is to look around in any user's running app's memory space and do whatever it wants with what it finds. Normal apps can't go poking around in another app's memory space at all. APE lets you write code to do that and a malicious coder could use this for lots and lots of bad things."
What I said is clearly true, both Silk and WindowShadeX, did exactly what you talk about without the APE framework, long before it was invented. It's been proven possible, nothing to see here, move along.
"It is analogous to creating a new app that runs as a daemon to do some cool peer to peer file sharing thing you really like, though it also allows remote users to run any commands on your system with no authentication. Even if you really like what the app does, the app is uncommon, and only runs on an obscure platform, it is still insecure by design."
No, that would be something which allows people to remotely run commands, APE has never been accused of anything like that. In fact, with Paranoid Android it does the exact opposite of what you just talked about.
A more valid analogy might be something like lookupd which serves a useful purpose but can in the event of a local compromise be used to modify the behaviour of applications so that they can perform malicious tasks.
Lookupd doesn't even need to inject code into programs to perform evil, should I be more or less scared because of that fact? The OS X/NeXT pasteboard server can inject characters into the input buffer of any running application, that's also pretty scary.
I'm sure if I sit here thinking about all the applications on my system I can come up with all sorts of paranoid theoretical fantasies about ways in which applications on my machine could be compromised.
The fact remains that if someone can get a piece of malware onto my system it's too late whether I have APE installed or not, and it's been proven by the unsanity hacks written before APE came into being that it's possible to inject code into running applications without APE's presence.
Neither APE nor any other method seem to be able to inject new modules into running applications without restarting them, so there's no advantage to using it for malware. Plus APE always brings up it's preference pane when it registers a new module, further decreasing the chance that someone is likely to use it for malware.
I'm not trying to argue that APE is inherently safe, but that it's not in any way equivalent to opening the door and throwing away the key to your computer. That's bullshit. All of the methods of exploiting it that you've mentioned would require a local compromise anyway. Which would be disastrous since my only Mac is a laptop, so the offender could simply walk off with it.
Finally, RCDefaultApp doesn't solve the problem of registering arbitrary URL handlers, leaving you possibly exposed to the worst variant of the latest bunch of security risks. The only way to protect yourself against that is to use Paranoid Android. Ironic that you're promoting security as a reason for remaining insecure.
FWIW, I use both RCDefaultApp and Paranoid Android, because the combination of both apps provides both proactive and reactive security should my disabling of protocol handlers turn out not to be enough. I recommend that everyone else do the same at least until Apple fix the problem properly.
Except of course that when an APE module goes awry it doesn't destabilize the base system, I don't have to reboot to remove the offending hack, it doesn't affect other user accounts, and APE modules can be safely enabled/disabled on the fly for testing.
What was the similarity with extensions again?
Interesting that you should mention security, considering that so far the only APE plugin that has anything to do with the subject actually improves security.
You're arguing against a tangible increase in security (Paranoid Android) in favour of a theoretical decrease in security that no one has yet figured out how to exploit.
There is, as yet no reason to believe that APE makes your system insecure in any way, and it's hardly the sort of thing that Virus/Spyware writers could depend on being pre-installed.
So if you're suggesting that a malware author is going to use it as a road into the system internals, are you also suggesting that they are going to install APE, and then have APE register their APE module and restart every application so that the new module and APE can take effect, entirely without the user noticing?
While it's almost certainly possible that someone could exploit via APE, it seems impractical and improbable without an easy method to target APE users. Hyperbole and hysteria aside, there is really no reason for the bad rap that this very useful app has been given.
I'm not convinced that APE makes my system unstable/insecure. In my experience I've had no reduction in stability or speed, and an increase in security and convenience directly attributable to APE.
Finally, as far as security goes, there's nothing that APE can do that a sneaky application can't do; Silk and WindowShadeX were working long before APE came into being.
After all, APE is just a convenient framework for legitimate applications to access that same functionality without needing to worry whether their low level hooks are buggy or are going to interfere with other hacks that might be installed.
It's much more likely that malware would simply access those functions provided by APE directly rather than relying on the user installing some third party software.
After all, why would they limit their potential audience in that way?
You talk about instability issues with APE modules, yet I've been running half a dozen different ones for about a year, and I have never experienced any issues that required anything more than logging in with the shift key held down to fix, and that only happened once after a system upgrade, and was due to one APE module trying to trounce into an area Apple had modified, not APE.
I've never had to reboot my laptop because of an APE module, and regularly achieve uptimes of over a month with my PowerBook. I usually go from one software update to the next without rebooting.
I'm curious as to exactly what instability you have experienced as APE hasn't affected speed, security or stability on my machine. Could you name some specific APE incompatibilities you've had to repair, so that we can gain some insight into the problems you've experienced and how you diagnosed and resolved them?
Actually, this IS an exploit.
Using this technique, an attacker can cause a disk image to open on your machine, the OS will then faithfully install any arbitrary URL handlers that applications on that disk image say they can handle (for example a deletefile: URL handler), then the same website can forward you to a deletefile://~ URL, thus deleting your home directory.
While it would be easy to tell that the web site is opening a disk image, and the application it starts would probably appear in the Dock, it doesn't make it easy to prevent the Application on the disk image from being executed using this method.
Heh, how many times can I be wrong in one thread? :D
You're absolutely right, I had it backwards.
The only Macs I have ever owned have been G4 PowerBooks, the old one had only VGA, the current one has only DVI.
Monitor: PCs at least give the option of a cheap CRT - I've got plenty of desk space, there is zero advantage to me for an LCD. And as far as LCDs go, the garden-variety PC LCDs are generally cheaper. As far as quality goes, the LCDs are all made in the same factories for both PCs and Macs."
You seem to be implying that you can't just plug a normal monitor into a Mac.
You're aware that all desktop machines ship with a DVI and VGA port, and that the monitors come with adaptors to turn DVI into ADP right?
"The motherboards for the clones still had to be bought from Apple, with Apple's proprietary ROMs."
Bullshit. The proprietary ROMs had to be bought from Apple, but the manufacturers made their own boards, this lead to the situation where Power Computing were handing Apple their arse in hardware innovation. The exact opposite of the situation you talk about. Search google for information on the PowerTower Pro if you don't believe me.
Apple's problem at the time was that they spend so much time and money trying to do things "properly" with a stylish case and all the bells and whistles, that their competitors would have a machine out featuring the latest generation of CPU months before Apple. It's not like a real Mac, but it gets the job done.
The situation continues now with the G5. If Apple faced real competition, someone would have already slapped a G5 in a crappy laptop with 30 mins battery life and a fan that sounds like a 747 engine. That exact situation is what has happened with Intel and AMD processors long before a suitable mobile version has come along.
As for the idea of OS X for Intel goes, I think it will probably happen one day, when the time is right. At the moment Apple's developer community still has too much invested in the Carbon API layer which (as a general rule) lacks the bundle structure of Cocoa applications that would make it easily possible to distribute binaries that run on multiple architectures.
Also, they would likely face the removal of Microsoft's support for their platform, so Apple would need to have a reasonable alternative in order to be able to retain their current user base, let alone expand into Microsoft's traditional stronghold.
People seem to forget the possibility that Apple could just open up the underlying OpenStep architecture for other OS vendors to license from them. Apple has management and engineers experienced in running a business that uses this model from the NeXT acquisition, so it would probably be a fairly painless transition for them.
Licensing the Cocoa framework to other OS vendors would obviously not open Apple up to the same amount of liability should the company selling an OpenStep/X variant for X86 go belly-up.
Actually Apple swapped a chunk of stock to Xerox in return for the GUI, that's precisely why they were so annoyed at other companies (Microsoft in particular) for getting what they saw as a free ride, while Apple had to pay.
Google for 'Apple Xerox Stock' if you want confirmation.
Thankfully, the author of this trojan was short sighted enough to make it delete the users home directory instantly, and probably all of the files they were sharing via p2p. The trojan will wipe itself out fairly quickly as people download the file, click on it, and erase everything in their home directory thus removing the trojan itself and disabling its most likely method of distribution (by deleting the p2p programs preferences).
It would have worked better if the program had just installed an invisible helper (or cron job) to delete the users home dir at a later date and then deliberately bombed out. It'd also be much harder to track it down to that broken Word demo that you downloaded the other day.
Nobody is withholding patches, they're withholding information as to exactly what they're patching. Where did you get the idea that they were withholding fixes for things. Please don't just take this guys word for it, actually go and check it out for yourself.
I read all the time about how Apple don't patch previous OS versions or they ignore security holes, in the end it turns out to be grossly exaggerated, or total bullshit.
By no means am I trying to say Apple are perfect, otherwise they wouldn't be patching anything. Hell they're not even as good as Debian, and Debian's security team is just a rag-tag bunch of geeks doing security in their spare time, so there's definitely room for improvement, but the bottom line is don't just take one sensationalist journalists view of things as being gospel.
There are plenty of perfectly rational people making perfectly rational comments about this article and then getting accused of being Apple shills etc etc. I use this OS every day. Trust me, I'd be pissed off if Apple were being lax about security, but I don't see any evidence of that (lately -there was that SSH bug a while back that they took 3 weeks to deliver a patch for)
And for the record, no I don't just blindly accept every bit of bullshit written about Microsoft's security either.
Hey, don't make fun of my country. There is a whole lot more happening in New Zealand than just Stonehenge v2.0a and Weta Digital. We have... uh... lots and lots of other interesting things going on... like The Second International Symposium on Transportation Network Reliability for example.
and just as many people give a fuck.
The word piracy is also grossly out of proportion with the crime being committed. In a world where there is still real piracy happening on the high seas, it's outrageous to equate license violation with the act of piracy.
Real pirates take actual property, murder, rape and abduct people. It's at least as injust to call copiers pirates as it is to call them thieves.
Leasing can be err... fiscally prudent for large organisations, as it removes the burden of having to rid themselves of obsolete hardware after a number of years, without having to worry about the non-transferrability of software licenses (which prevents them from making the computers free-for-removal by local geeks).
:)
Anyway, back to the original subject.
My objections to attacking the retailer who sold me the computer are not so great that I'd screw myself in the arse to save someone else, but I like to believe I can achieve success by berating the people responsible. In this case AppleCare. I certainly intend(ed) to exhaust all avenues before going after the retailer. I have to confess that I'm glad that MagnumMac proved to be a bunch of tossers, because it makes the idea of going after them a lot more palatable, but I probably would seek recourse against them even if I thought they were saints if I thought it was my only option.
I just think it's unfortunate when the wrong people wear the cost. I'm certainly not strongly opposed to going after the retailer -and in fact, I intend to set up a website that will help NZ Apple customers to do just what we're talking about. ie; filing a claim with the disputes tribunal against the retailer, since (without an agreement with anyone else) they are the only people you can legally go after under NZ law.
At the very least, harassing AppleCare allows me to get the most value out of my $600+ AppleCare, plus ensuring that my plight won't go completely unnoticed.
You left out all the steps after install foo, which is roughly equivalent to step b in the first example.
I now have in my clammy little hands, a brand spanking new, and very shiny PowerBook G4 1GHz/60G/256Mb RAM PowerBook
:D
I will be taking it in next week to have another 256Mb RAM and an Airport Extreme card added to bring it up to the spec of my old machine. (at no cost to myself of course)
So all's well that ends well.
Well almost all. It still disturbs me that the only reason this machine was replaced is because someone made a mistake at Renaissance. Not because they feel that I've had so many problems with my computer that I deserve a break (no pun intended), but because of a silly little slip of the fingers.
So while I'm one very happy customer indeed thanks in no small part to my AppleCare warranty, and a brand spanking new, and absolutely gorgeous computer. I'm still left with a lingering doubt about how well I would have done if I hadn't kept all the emails I recieved from Apple.
Let this serve as a cautionary tale about doing just that. Correspond by email when possible, take names, and hold people to their promises.
But most of all - kick up the biggest stink you can and be as loud and obnoxious as you can without alienating people. It's a fine line to tread, but it can be done.
Remember - The squeaky wheel gets the oil!
Hi Steeviant,
:)
Updated update. Renaissance were supposed to contact me today, and haven't. I wrote an email to Applecare asking what was going on, and they said it's being handled by Renaissance.
Will see what happens upon the morrow, and post more details here when I get them. Even though nobody is probably interested.
I'm in New Zealand, which has a wonderful piece of legislation known as the Consumer Guarantees Act, and a system in addition to Small Claims Court called the Disputes Tribunal which is a tribunal and not a court, basically I would go up against the manager of the store, no lawyers would be present, and we would explain our case to an adjudicator, whose decision would be final.
Appeals are only permitted if new evidence comes to light, that it can be proven was not available at the time. Like if, for instance the retailer found. once he had the machine, that I'd filled the machine with sewage prior to it failing. This is of course a highly tempting option now that they have agreed to give me a replacement machine.
Basically, my final option was to take the store that sold me the computer to court under the Consumer Guarantees Act, and have them replace the computer under the the premise that it is not fit for the purpose I purchased it from them for.
AHA!
This is probably why I haven't had any problems with mine since I got the replacement 65W supply. The clever tech Navid who was at Logical Systems in Auckland at the time (kudos to Logical for service, and Navid whereever you are now!) wrapped the cable round the clips that the cord is supposed to be tied onto when it's not in use, about 3 times crossing back and forth, and then wrapped a twist tie around it to keep it in place and said to leave it there and see if it helped.
It did, this power supply has been rock solid.
I have a moral problem with this approach, the store that sold it to me may be a bunch of unscrupulous arseholes, but I won't take them to court unless I really have no other options. It just hurts the store and does nothing whatsover in the way of modifying Apple's behaviour.
That'd be great!
How soon do you think they can get a tech out to New Zealand?
You're right.
:)
Uh, oops. Forgive me.