You can not update a locked phone, at best you can wipe it. Even if Apple provides what they want, the ONLY way to get it on there, is to wipe the device.
To install new software on the phone, it requires that you unlock it, so that people can't do exactly what the court is requesting (though I doubt Apple had the courts in mind and probably was thinking general malicious code.
t seems like every time they do this for promotion they just claim everything as a "bug" without really individually investigating and reporting all of them, taking only some obviously wrong ones and then lumping the whole report onto the project's bug tracker, if we're lucky.
Yep, I've looked at the article and found a couple legitimate bugs, and the rest of it is the authors complete misunderstanding of what he's talking about. He doesn't seem to understand that strcpy and memcpy DO NOT DO THE SAME THING. He assumes that an extra tab means an if was done incorrectly, goes on about bad practices when its just that he doesn't know what the code is doing and taking 3 seconds to understand that a MACRO behaves differently on different architectures and maybe, just maybe, the hardcode 0 makes sense on that specific architecture and not on others... which he could have found had he simply checked the places where the MACRO was defined instead of just the one that was compiled.
This guy is just using this for slashvertisments, which is great, because we can now pick apart his shitty analysis and make fun of it:)
Or his linked in profile, or anything else as simple google result shows, which is what should have been done if you see his last name and an article touting a Russian name on a website in America (simply because Russians typically use Russian websites just like Americans typically use American websites).
Its just slashdot and timothy is a fucking moron who's too stupid to catch these sort of things.
So far every thing I've seen in their analysis is a bug in their software, and the very first one, rather than being a FreeBSD bug is a style bug that just looks bad, but is working as intended, yet they intentionally mislead by indicating that its a flaw. Its not, its badly formatted, but its working as intended and that if statement is only meant to control the first line.
Studio Analyzer is pretty good stuff, but this article starts off really shitty.
So basically you want some asstastic shithole style for your source code that no one else wants and you suck at reading C code?
You completely lose EVERY ounce of credibility when you decide that tabs are important.
You also show your typical ignorance by bitching about tabs and being one of those morons who thinks all code should look like you want it to look in whatever shitty editors you use that don't actually handle tabs correctly.
In short, your just another useless douche who thinks his way is the only way. Don't worry, FreeBSD devs and users are confident in the OS enough to not really be upset by what causes you so much butthurt.
No, just introducing another security flaw in general thanks to the mass number of ignorant people who think this is a good idea..
Now what will happen is you'll use a insecure sensor, apple will still allow the phone to boot, and a bunch of dumbasses will go ahead and use the phone with a compromised sensor... and then when China laughs at Cisco for trying to secure their source code, people will yell at Apple because some douche booted his phone with a compromised sensor... and continued to put his thumb on it again and again so it could be scanned again and again and silently send its data off to the 'janitor' walking around with the listening device, and then that leads to another method of exploit the phone they're about to steal.
The phone shouldn't boot, it should be entirely unusable so no one ignores the warning and tries to use it anyway.
Then, best story of all... it'll once again by Apples fault that they didn't disable the sensor completely.
The other great part about this is... its because people are cheaping out on a repair for a $650+ device. People are idiots. Buy a cheap repair, you deserve your phone bricked for stupidity.
Social engineering doesn't require they be alive or that you communicate with them.
If he finds out the password is the year they were born in, that's still social engineering. If he teases information out of the neighbors that leads him to guessing the right password, that's still social engineer.
You'll rarely succeed in a direct social engineering attack, people start to detect it when you ask too many questions of them directly. It works great when you target mom and dad, a sibling, a secretary or boss, or some other side channel.
Most social engineering attacks on business are accomplished via a subordinate like a secretary, most NEVER communicate with the actual target. Absolute most common is a secretary giving up an email password for the boss who can't be bothered to type out his retarded thoughts, so the secretary gets a call from IT, doesn't know any better and in the attempt to be helpful, destroys all security.
And for the reference, theres a REALLY REALLY good chance that you've had phone calls that have traversed one of the ubuntu machines that aren't for serious environments.
The fact that you make such a retarded statement shows how utterly clueless you are about Linux. You're one of those guys who thinks distros are different from each other... Just because Linux distros can't decide on where they want to put a given set of files and they all must use their own package manager that does the same thing as all the others... doesn't actually make them different.
It makes them different to people who don't know how to be an admin, but can add users on their preferred OS can as such call themselves an admin.
It just shows they don't mean a bit of it when they say how they hate Big Government. They just want Big Government on their own terms.
And you think this is different than any other politician? You seem to imply that with your wording, but if you think this is a 'republican' thing or 'right wing' thing, you're blind as a bat on the surface of the sun.
For containers (at least on FreeBSD) its far better to have one base install of the OS like you like it, and just use nullfs mounts to overlay that with a writable directory for each container.
Where ZFS's snapshots and clones will kick total ass is KVM virtual machines.
In either situation, at least on FBSD, you can allow the guest container/vm to manage their own ZFS, stays part of your larger pool and works as expected, but the children can create snapshots, clone, and filesystems in their little portion on the tree, and you can limit them with quotas.
TL;DR - Because its a stupid idea and you clearly haven't put more than a fuzzy seconds thought into it. Theres not really any point in doing so.
The first question is: WTF is a digital cam, other than some retarded idea you came up with because OMG DIGITAL DUDE!!@$#!@$. Don't use words you don't understand and don't make any sense at all.
The first statement is: The instant you said the cam shaft controls when the cylinder should fire... you made it completely clear that you don't know shit about engines since you can't even get basic terminology right. You've lost all credibility already by anyone with a clue.
Now lets get to the meat:
Any changes to the cam shaft are done in order to change the power band of the engine, what RPM range where it produces the desired output power and efficiency. Any change to it just changes the ideal power band, so unless your running across a wide power range, really going all over the place all the time, then this is pointless.
There is ultimately little reason to come up with some electronic gizmo to do this because an engine can simply be built to fit the task at hand. For most engines, the RPM range is very small and constant. Even cars have a relatively small RPM range when in motion thats limited to less than 1000 RPMs difference across the entire power cycle when the transmission is taken into account.
So awesome, you can gain %2 efficiency at the end of the power band in automobiles... and it'll break 1,000,000 times more often because the existing design is a single solid chunk of metal that sits in the second hottest most stressful part of the engine... and you want to replace with a bunch of moving bits and magnets.
You'll get more efficiency out of your engine by just using the proper oil than you're going to get out of a highly dynamic cam shaft.
When you exclude cars... then almost every engine remaining runs at a single given RPM ALL the time, meaning there is absolutely 0 value to a dynamic cam configuration and the net is a negative value due to increased complexity and decreased reliability.
Now go back to making a digital hammer and a digital screwdriver...
The story is from an author of utterly unknown email server software ranting about something he thinks he understands but doesn't, and the proceeds to tell us that the method he supports is the right one and all others suck... If he weren't biased I might have... Oh who am I kidding, dude doesn't know what he's talking about and utterly fails to understand how and why email is in the star it's in: hint... Your shiny new feature breaks compatibility with far too many PAYING CUSTOMERS, so some random no name vendor like yourself doesn't mean jack shit.
No one who matters is going to go hard TLS until everyone of their CUSTOMERS supports it. Your new shiny tech that you think will solve the problem will do the opposite, and just make it take longer.
So now when they get caught, they're going to be in trouble for everything they would have been in trouble for before... and on top of it for intentionally avoiding the checkpoints... and the app they have on the phone.
Why do I think this isn't going to work out like expected and heads are literally going to roll because of it?
They aren't there to teach you, they are there to take your money and make a profit.
Stop pretending this organizations are about education and you'll stop looking stupid when you talk about them. American Universities are profit centers, not educational facilities. I can't speak for the rest of the world, but in America, thats the case.
In any economy you do this in that isn't already under tight controls... the economy experiences an inflation period that effectively consumes the UBI payment and now people are worse off than they were before.
Why is it that tech people magically think they are different from every other industry?
Does a carpenter have any different way of working?
Does a janitor?
Does a secretary?
Does a doctor?
Why is it that techies think they are so different than the rest of the world?
Hint: We aren't, a lot of you just fucking whine about it more than the rest of the population.
If you think the 'tech industry is toxic' maybe you need to get off your ass and get a real job, try that for a few hours before you rage quit because you have no fucking clue what a real job is actually like.
And if they got rid of all binary blobs (which this one comes on the card by default and they're releasing UPDATED firmware as binary blobs) then you'd just start whining and bitching about the hardware not being open because you can't make it in your basement.
Seriously, STFU.
Assholes like you are why companies look at OS requests and blow them off, because they could do everything you wanted for you, including blowing you on command, and you'd still be just another prick bitching that it wasn't open enough.
The FIRMWARE isn't open, and fuck you if you don't like it. Don't use nVidia cards, problem solved, you can go use some other card that doesn't have closed source firmware... whats that? THERE ISN'T ANY CARD THAT DOESN'T HAVE PROPRIETARY TECHNOLOGY IN IT THAT THEY DON'T WANT TO JUST GIVE AWAY TO THE WORLD?
My mind was just blown... I can't imagine what these manufactures are thinking... they are so stupid and you're so brilliant... its like you're the one running the multibillion dollar business with every thing you do given away as public domain and they are some dude in their moms basement hiding the GPU goodness from you... right?
Again, just STFU asshole. nVidia isn't going to give you their special source so you can pretend that you can do something with it while you sit around and bitch that no one else is doing something with it to provide you more free shit. Silly statements like yours come from people who aren't about software freedom, you're about not paying for the work others have done. You're just another leech that uses OSS as a battle cry.
Hate to break it to you, but rights are a human construct.
You aren't 'born with rights', society grants them too you.
Its really pretty much entirely arbitrary to say people have rights but corporations don't.
I'm not disagreeing with the idea the corporations don't, but to pretend there is some factual reason why this is the case is simply wrong. Its all subjective.
I just set it to exactly midnight EPOCH, I set it to before epoch and I set it back to now. Rebooted multiple times all along the way.
My phone works fine.
I got kicked out of anything authenticated the instant I did the change since doing so effectively renders every certificate on the device invalid as it is suddenly years before the certs were 'issued' but thats exactly as expected.
I pretty much can't find any truth in the story. It claims you can't scroll back that far in the date/time picker without open and closing multiple times, yet here I am with just a bunch of finger flicks looking at the date/time as Dec 1969 right this very moment and I did so without having to enter it multiple times.
Dear slashdot, you have been trolled. Please stop believing the random shit you read on the internet.
Slashdot Mirror
A more important question is ...
WHY THE FUCK IS THIS POSTED ON SLASHDOT?
It has nothing to do with any technology that isn't 150 years old other than the website of the jackass slashvertisement.
You're missing his point.
You can not update a locked phone, at best you can wipe it. Even if Apple provides what they want, the ONLY way to get it on there, is to wipe the device.
To install new software on the phone, it requires that you unlock it, so that people can't do exactly what the court is requesting (though I doubt Apple had the courts in mind and probably was thinking general malicious code.
t seems like every time they do this for promotion they just claim everything as a "bug" without really individually investigating and reporting all of them, taking only some obviously wrong ones and then lumping the whole report onto the project's bug tracker, if we're lucky.
Yep, I've looked at the article and found a couple legitimate bugs, and the rest of it is the authors complete misunderstanding of what he's talking about. He doesn't seem to understand that strcpy and memcpy DO NOT DO THE SAME THING. He assumes that an extra tab means an if was done incorrectly, goes on about bad practices when its just that he doesn't know what the code is doing and taking 3 seconds to understand that a MACRO behaves differently on different architectures and maybe, just maybe, the hardcode 0 makes sense on that specific architecture and not on others ... which he could have found had he simply checked the places where the MACRO was defined instead of just the one that was compiled.
This guy is just using this for slashvertisments, which is great, because we can now pick apart his shitty analysis and make fun of it :)
Uhm, he works for them, of course his biased, and he has astroturfed for them all along.
https://mvp.microsoft.com/en-u...
Or his linked in profile, or anything else as simple google result shows, which is what should have been done if you see his last name and an article touting a Russian name on a website in America (simply because Russians typically use Russian websites just like Americans typically use American websites).
Its just slashdot and timothy is a fucking moron who's too stupid to catch these sort of things.
So far every thing I've seen in their analysis is a bug in their software, and the very first one, rather than being a FreeBSD bug is a style bug that just looks bad, but is working as intended, yet they intentionally mislead by indicating that its a flaw. Its not, its badly formatted, but its working as intended and that if statement is only meant to control the first line.
Studio Analyzer is pretty good stuff, but this article starts off really shitty.
So basically you want some asstastic shithole style for your source code that no one else wants and you suck at reading C code?
You completely lose EVERY ounce of credibility when you decide that tabs are important.
You also show your typical ignorance by bitching about tabs and being one of those morons who thinks all code should look like you want it to look in whatever shitty editors you use that don't actually handle tabs correctly.
In short, your just another useless douche who thinks his way is the only way. Don't worry, FreeBSD devs and users are confident in the OS enough to not really be upset by what causes you so much butthurt.
No, just introducing another security flaw in general thanks to the mass number of ignorant people who think this is a good idea..
Now what will happen is you'll use a insecure sensor, apple will still allow the phone to boot, and a bunch of dumbasses will go ahead and use the phone with a compromised sensor ... and then when China laughs at Cisco for trying to secure their source code, people will yell at Apple because some douche booted his phone with a compromised sensor ... and continued to put his thumb on it again and again so it could be scanned again and again and silently send its data off to the 'janitor' walking around with the listening device, and then that leads to another method of exploit the phone they're about to steal.
The phone shouldn't boot, it should be entirely unusable so no one ignores the warning and tries to use it anyway.
Then, best story of all ... it'll once again by Apples fault that they didn't disable the sensor completely.
The other great part about this is ... its because people are cheaping out on a repair for a $650+ device. People are idiots. Buy a cheap repair, you deserve your phone bricked for stupidity.
Social engineering doesn't require they be alive or that you communicate with them.
If he finds out the password is the year they were born in, that's still social engineering. If he teases information out of the neighbors that leads him to guessing the right password, that's still social engineer.
You'll rarely succeed in a direct social engineering attack, people start to detect it when you ask too many questions of them directly. It works great when you target mom and dad, a sibling, a secretary or boss, or some other side channel.
Most social engineering attacks on business are accomplished via a subordinate like a secretary, most NEVER communicate with the actual target. Absolute most common is a secretary giving up an email password for the boss who can't be bothered to type out his retarded thoughts, so the secretary gets a call from IT, doesn't know any better and in the attempt to be helpful, destroys all security.
I use both.
And for the reference, theres a REALLY REALLY good chance that you've had phone calls that have traversed one of the ubuntu machines that aren't for serious environments.
The fact that you make such a retarded statement shows how utterly clueless you are about Linux. You're one of those guys who thinks distros are different from each other ... Just because Linux distros can't decide on where they want to put a given set of files and they all must use their own package manager that does the same thing as all the others ... doesn't actually make them different.
It makes them different to people who don't know how to be an admin, but can add users on their preferred OS can as such call themselves an admin.
It just shows they don't mean a bit of it when they say how they hate Big Government. They just want Big Government on their own terms.
And you think this is different than any other politician? You seem to imply that with your wording, but if you think this is a 'republican' thing or 'right wing' thing, you're blind as a bat on the surface of the sun.
For containers (at least on FreeBSD) its far better to have one base install of the OS like you like it, and just use nullfs mounts to overlay that with a writable directory for each container.
Where ZFS's snapshots and clones will kick total ass is KVM virtual machines.
In either situation, at least on FBSD, you can allow the guest container/vm to manage their own ZFS, stays part of your larger pool and works as expected, but the children can create snapshots, clone, and filesystems in their little portion on the tree, and you can limit them with quotas.
Liar.
Show me this ZFS on windows.
If you pick your file system because its GPL, you're pretty retarded. And yes, retarded is the appropriate word here.
TL;DR - Because its a stupid idea and you clearly haven't put more than a fuzzy seconds thought into it. Theres not really any point in doing so.
The first question is: WTF is a digital cam, other than some retarded idea you came up with because OMG DIGITAL DUDE!!@$#!@$. Don't use words you don't understand and don't make any sense at all.
The first statement is: The instant you said the cam shaft controls when the cylinder should fire ... you made it completely clear that you don't know shit about engines since you can't even get basic terminology right. You've lost all credibility already by anyone with a clue.
Now lets get to the meat:
Any changes to the cam shaft are done in order to change the power band of the engine, what RPM range where it produces the desired output power and efficiency. Any change to it just changes the ideal power band, so unless your running across a wide power range, really going all over the place all the time, then this is pointless.
There is ultimately little reason to come up with some electronic gizmo to do this because an engine can simply be built to fit the task at hand. For most engines, the RPM range is very small and constant. Even cars have a relatively small RPM range when in motion thats limited to less than 1000 RPMs difference across the entire power cycle when the transmission is taken into account.
So awesome, you can gain %2 efficiency at the end of the power band in automobiles ... and it'll break 1,000,000 times more often because the existing design is a single solid chunk of metal that sits in the second hottest most stressful part of the engine ... and you want to replace with a bunch of moving bits and magnets.
You'll get more efficiency out of your engine by just using the proper oil than you're going to get out of a highly dynamic cam shaft.
When you exclude cars ... then almost every engine remaining runs at a single given RPM ALL the time, meaning there is absolutely 0 value to a dynamic cam configuration and the net is a negative value due to increased complexity and decreased reliability.
Now go back to making a digital hammer and a digital screwdriver ...
The story is from an author of utterly unknown email server software ranting about something he thinks he understands but doesn't, and the proceeds to tell us that the method he supports is the right one and all others suck ... If he weren't biased I might have ... Oh who am I kidding, dude doesn't know what he's talking about and utterly fails to understand how and why email is in the star it's in: hint ... Your shiny new feature breaks compatibility with far too many PAYING CUSTOMERS, so some random no name vendor like yourself doesn't mean jack shit.
No one who matters is going to go hard TLS until everyone of their CUSTOMERS supports it. Your new shiny tech that you think will solve the problem will do the opposite, and just make it take longer.
So now when they get caught, they're going to be in trouble for everything they would have been in trouble for before ... and on top of it for intentionally avoiding the checkpoints ... and the app they have on the phone.
Why do I think this isn't going to work out like expected and heads are literally going to roll because of it?
Awe, thats cute.
You've just discovered something thats been happening since civilization started.
Cities rise and fall based on their usefulness at the time, not your nostalgic feelings about them.
The universe does not play favorites and isn't a fanboy, it doesn't artificially prop up things that should cease to exist, like worthless cities.
Its not just American cities, its all cities, across the entire world.
You're not an Assange fanboy or anything ... are you?
Yea, I thought that might be clouding your judgement
Really? When is this silliness going to end?
They aren't there to teach you, they are there to take your money and make a profit.
Stop pretending this organizations are about education and you'll stop looking stupid when you talk about them. American Universities are profit centers, not educational facilities. I can't speak for the rest of the world, but in America, thats the case.
Not really all the interesting.
In any economy you do this in that isn't already under tight controls ... the economy experiences an inflation period that effectively consumes the UBI payment and now people are worse off than they were before.
Why is it that tech people magically think they are different from every other industry?
Does a carpenter have any different way of working?
Does a janitor?
Does a secretary?
Does a doctor?
Why is it that techies think they are so different than the rest of the world?
Hint: We aren't, a lot of you just fucking whine about it more than the rest of the population.
If you think the 'tech industry is toxic' maybe you need to get off your ass and get a real job, try that for a few hours before you rage quit because you have no fucking clue what a real job is actually like.
And if they got rid of all binary blobs (which this one comes on the card by default and they're releasing UPDATED firmware as binary blobs) then you'd just start whining and bitching about the hardware not being open because you can't make it in your basement.
Seriously, STFU.
Assholes like you are why companies look at OS requests and blow them off, because they could do everything you wanted for you, including blowing you on command, and you'd still be just another prick bitching that it wasn't open enough.
The FIRMWARE isn't open, and fuck you if you don't like it. Don't use nVidia cards, problem solved, you can go use some other card that doesn't have closed source firmware ... whats that? THERE ISN'T ANY CARD THAT DOESN'T HAVE PROPRIETARY TECHNOLOGY IN IT THAT THEY DON'T WANT TO JUST GIVE AWAY TO THE WORLD?
My mind was just blown ... I can't imagine what these manufactures are thinking ... they are so stupid and you're so brilliant ... its like you're the one running the multibillion dollar business with every thing you do given away as public domain and they are some dude in their moms basement hiding the GPU goodness from you ... right?
Again, just STFU asshole. nVidia isn't going to give you their special source so you can pretend that you can do something with it while you sit around and bitch that no one else is doing something with it to provide you more free shit. Silly statements like yours come from people who aren't about software freedom, you're about not paying for the work others have done. You're just another leech that uses OSS as a battle cry.
People like you suck ass, and not for pleasure.
Natural born people have rights.
Hate to break it to you, but rights are a human construct.
You aren't 'born with rights', society grants them too you.
Its really pretty much entirely arbitrary to say people have rights but corporations don't.
I'm not disagreeing with the idea the corporations don't, but to pretend there is some factual reason why this is the case is simply wrong. Its all subjective.
No, it isn't.
A) because it doesn't actually break in the first place
B) Brick means unrecoverable, recovery here is trivial if it were to work as the story goes.
C) You've been trolled, the phone doesn't actually brick in the first place, worst you bought into something this silly.
Its also bullshit on iOS 9.2.1.
I just set it to exactly midnight EPOCH, I set it to before epoch and I set it back to now. Rebooted multiple times all along the way.
My phone works fine.
I got kicked out of anything authenticated the instant I did the change since doing so effectively renders every certificate on the device invalid as it is suddenly years before the certs were 'issued' but thats exactly as expected.
I pretty much can't find any truth in the story. It claims you can't scroll back that far in the date/time picker without open and closing multiple times, yet here I am with just a bunch of finger flicks looking at the date/time as Dec 1969 right this very moment and I did so without having to enter it multiple times.
Dear slashdot, you have been trolled. Please stop believing the random shit you read on the internet.