Maybe before they found it easy to believe that voices like yours, although vocal, were not representative enough of "typical" users and not worth the cost/benefit ratio to fix.
But with ubiquitous telemetry, and mandatory feedback, those sorts of denials will become impossible.
"Apple said seven people for up to four weeks". Yeah, right. Like it takes that much effort to change a constant from 10 to 10000. And it's not like they'd have to put it through a full suite of validation tests afterwards - who cares if they can still make a phone call?
I think it'll take them 3 people for 1 week to do the first 90% of the work, and seven people for 8 weeks to do the remaining 90% of the work.
(So I think Apple are lowballing their estimate. I'm basing this on my industry experience of making small changes in huge corporate software bases. Also, sure they don't need a full suite of validation tests, but instead they'll HAVE TO INVENT NEW VALIDATION TESTS for the new remote-PIN-trying functionality that they're exposing, which takes much longer.)
The real problem is that if the FBI establish this precedent, next it will be the Chinese Government demanding the same for the phone of a US Embassy employee they suspect of being a CIA agent (upon pain of Apple being disallowed from further business in China).
You accuse me of "misinformation," I'm throwing down the gauntlet on that! I'm a software developer, and I say you're full of shit and don't even realize that software can be easily altered later to work with a different ID. There is no way to "lock" it so that can't happen. Even if it is a compiled binary file, it is easy to find and replace the ID because they already know the ID of the phone it would be written for.
Gauntlet right back at you. As I said in the GP, the firmware is signed by Apple's cryptographic key. There is no way to easily alter the firmware binary to work with a different phone ID: if you edited the firmware binary to check for a different ID, then the firmware's signature would no longer match, and it couldn't be uploaded to any iPhone. The only people who can ever alter the firmware later to work with a different ID are Apple themselves, by re-signing it after altering it. (or indeed anyone who has somehow obtained the signing key from Apple).
Please don't spread misinformation. This is a delicate case, and if the privacy-respecting tech community build their arguments on wrong assumptions then our case will fall over by default.
Firmware isn't "tied to a specific phone" that is just imaginary thinking that the prosecutor inserted into the request to make it sound better.
Apple firmware is not customized per-user, it is not made-to-order, a firmware file signed with Apple's key can be run on any phone with the right version numbers.
That's wrong. Firmware is just a piece of software. The court order asks, and Apple can technically accomplish, for a custom written piece of firmware which contains an IF check: "IF this phone doesn't have the correct hardware ID then crash. IF it does have the correct ID, then proceed with something that will allow brute-forcing the PIN".
Are you saying it is technically impossible for Apple to produce a build of their firmware that is customized in this way? I don't know how or why you'd come up with that position. Firmware is just software, and can have custom builds, and those custom builds can have custom checks.
The court order suggested Apple to use "iPhone DFU mode". It's the standard existing way to update firmware on a bricked phone. It doesn't boot the phone's OS, doesn't power up the screen, nothing. It's the iphone's built-in last-ditch way for updating the phone's firmware when the phone us (for whatever reason) unusable.
Obviously the existence of such a hack -- as well as the ability to load a locked phone with it -- is a dangerous tool that can be used on any iPhone.
That's not true. The deal is: apparently any firmware signed with Apple's key can be loaded onto the phone. The FBI is asking Apple to write a firmware which (1) is tied to this particular phone, (2) is signed by Apple's key, (3) allows rapid and repeated unlock attempts. The FBI is happy for Apple itself to load this firmware onto the phone.
This modified firmware wouldn't be usable on any iPhone because it would contain a check "if (PhysicalPhoneID != hardcoded_constant) abort;". The firmware couldn't be hacked to change the hardcoded constant because doing so would invalidate Apple's key-signing of the firmware blob.
RTFA. This is of course the single most important pivot of the study, and obviously it's addressed by the researchers, and it's spelled out in paragraph 2 of the article.
You've made a logical flaw. I don't know how to explain it because, well, your combining of the two sentences is wrong on a logical basis and also wrong on an "intuitively that's what it obviously means" basis and I don't know how or why you tried to combine them.
The average 1951-1980 just provides a baseline for comparison. Maybe 1635 was 2 degrees warmer than that baseline. Maybe 1856 was 2.5 degrees colder than that baseline. Maybe 2015 was 1.15 degrees warmer.
The baseline is just the "tare" or "zero calibration". It doesn't imply which years are compared to it.
Wait, what? The US unemployment rate if 4.8% is pretty much as low as it can go (the Fed thinks the natural unemployment rate is 4.6% to 5.4%). Your premise about high safety => high unemployment sounds reasonable but doesn't seem to hold out in practice for whatever reason.
Imagine a phone with NO ports. It uses wireless for charging. It uses Bluetooth for headphones. It uses wifi/cellular for voice and data. The battery isn't user-servicable. It doesn't need any ports. It could be manufactured in a factory-sealed seamless she'll for guaranteed waterproofing.
(except: I don't know how you'd do microphone or speakers...)
Say you're on a team of 10-20 devs in a mature product. Your day job is to work through the issue backlog, hopefully checking in fixes for three or so issues a day. You need to pick issues from the issue tracker (GitHub), read comments, maybe interact with the filer to get repros, submit a PR for code review by your peers (on GitHub), send it off for regression testing (via guthub messages), code review about 5 other fixes from other team members (GitHub). Also triage incoming issues (github). That's a heck of a lot more GitHub for someone in a larfe OSS software team, like we have in my team in Microsoft, than just 0.1%.
Developing major new features involves a heck of a lot less GitHub of course! But if your OSS software us widely used, you'll find a few orders of magnitude more issues than major features.
It's not a "magic" observer - it's just an observer who has become entangled in what's being observed.
There are good areas of physics where you can indeed rule out hidden variables that have any effect on the physical system. That does indeed provide a scientific proof of physicalism, at least in these areas.
Problem with that argument is that p-zombies are actually the dominant mode of human existence. Watch an episode of a popular soap like Eastenders or Coronation St. The lives they depict show no sign of consciousness nor introspection. And they're accurate depictions of the human state, far more so than any Descartes sitting at his desk trying to pin down his own mental states and getting misled.
What philosophers call consciousness is mostly just an typical artefact of someone writing about philosophy - not a typical state of the mind of most everyone.
The companies working on self-driving cars have complained that each state has different regulations about them. They asked the federal government to step in and make uniform regulations across the US. That's what Obama is doing.
Question: As a way of responding to terrorist threats, do you favor, oppose, or neither favor nor oppose government analysis of internet activities and communications, including those involving U.S. citizens, without a warrant, to watch for suspicious activity that might be connected to terrorism?
I don't understand this. What exactly is a respondent supposed to make of the term warrentless surveillance? I wholeheartedly support the government to analyze people's public twitter posts, and public facebook posts, and forums (including those that require subscription), and youtube channels. None of these searches require a warrant. So I would answer "yes I do support government analysis, without a warrant". Even though I strongly oppose government analysis of private communication.
I wonder if they picked a deliberately ambiguous question here?
Questions: How concerned are you about the chance that you or your family might be a victim of a terrorist attack? Would you say a great deal, somewhat, not too much, or not at all?
Questions: How concerned are you about the chance that you or your family might be a victim of a terrorist attack? Would you say a great deal, somewhat, not too much, or not at all? How concerned are you about the chance that you or your family might be a victim of an attack by Islamic extremists in the United States? Would you say a great deal, somewhat, not too much, or not at all? How concerned are you about the chance that you or your family might be a victim of domestic terrorism committed by American citizens? Would you say a great deal, somewhat, not too much, or not at all?
Question: How important do you think it is that each of the following groups is allowed to practice their religion freely in the United States?
Question: The following are some examples of rights and freedoms listed in the Bill of Rights or that are protected under various American laws and court rulings. For each one, please tell me if you think the U.S. government is doing a good job, poor job, or neither a good nor poor job of protecting that right or freedom.
Here, 60% of respondents think the government is not doing a good job of protecting the right to "freedom from unreasonable search and seizure". This probably guides us on how the ambiguous earlier question was interpreted by poll respondents.
Isn't the whole point of thesis work that you find some novel solution to a problem through your own research not enlisting others to do it for you?
That's maybe 5% of thesis work. Another 20% is the grunt-work to investigate the phenomena and gather up examples and counter-examples. Another 75% is getting a good understanding of the field and the existing state of the art.
I think the poster has picked a good place (here on slashdot) as part of building up that other 95%.
Slashdot Mirror
Maybe before they found it easy to believe that voices like yours, although vocal, were not representative enough of "typical" users and not worth the cost/benefit ratio to fix.
But with ubiquitous telemetry, and mandatory feedback, those sorts of denials will become impossible.
"Apple said seven people for up to four weeks". Yeah, right. Like it takes that much effort to change a constant from 10 to 10000. And it's not like they'd have to put it through a full suite of validation tests afterwards - who cares if they can still make a phone call?
I think it'll take them 3 people for 1 week to do the first 90% of the work, and seven people for 8 weeks to do the remaining 90% of the work.
(So I think Apple are lowballing their estimate. I'm basing this on my industry experience of making small changes in huge corporate software bases. Also, sure they don't need a full suite of validation tests, but instead they'll HAVE TO INVENT NEW VALIDATION TESTS for the new remote-PIN-trying functionality that they're exposing, which takes much longer.)
The real problem is that if the FBI establish this precedent, next it will be the Chinese Government demanding the same for the phone of a US Embassy employee they suspect of being a CIA agent (upon pain of Apple being disallowed from further business in China).
That's a FUD stretch. There's been no suggestion that any telemetry stuff accepts inbound connections.
You accuse me of "misinformation," I'm throwing down the gauntlet on that! I'm a software developer, and I say you're full of shit and don't even realize that software can be easily altered later to work with a different ID. There is no way to "lock" it so that can't happen. Even if it is a compiled binary file, it is easy to find and replace the ID because they already know the ID of the phone it would be written for.
Gauntlet right back at you. As I said in the GP, the firmware is signed by Apple's cryptographic key. There is no way to easily alter the firmware binary to work with a different phone ID: if you edited the firmware binary to check for a different ID, then the firmware's signature would no longer match, and it couldn't be uploaded to any iPhone. The only people who can ever alter the firmware later to work with a different ID are Apple themselves, by re-signing it after altering it. (or indeed anyone who has somehow obtained the signing key from Apple).
Please don't spread misinformation. This is a delicate case, and if the privacy-respecting tech community build their arguments on wrong assumptions then our case will fall over by default.
Firmware isn't "tied to a specific phone" that is just imaginary thinking that the prosecutor inserted into the request to make it sound better.
Apple firmware is not customized per-user, it is not made-to-order, a firmware file signed with Apple's key can be run on any phone with the right version numbers.
That's wrong. Firmware is just a piece of software. The court order asks, and Apple can technically accomplish, for a custom written piece of firmware which contains an IF check: "IF this phone doesn't have the correct hardware ID then crash. IF it does have the correct ID, then proceed with something that will allow brute-forcing the PIN".
Are you saying it is technically impossible for Apple to produce a build of their firmware that is customized in this way? I don't know how or why you'd come up with that position. Firmware is just software, and can have custom builds, and those custom builds can have custom checks.
The court order suggested Apple to use "iPhone DFU mode". It's the standard existing way to update firmware on a bricked phone. It doesn't boot the phone's OS, doesn't power up the screen, nothing. It's the iphone's built-in last-ditch way for updating the phone's firmware when the phone us (for whatever reason) unusable.
Obviously the existence of such a hack -- as well as the ability to load a locked phone with it -- is a dangerous tool that can be used on any iPhone.
That's not true. The deal is: apparently any firmware signed with Apple's key can be loaded onto the phone. The FBI is asking Apple to write a firmware which (1) is tied to this particular phone, (2) is signed by Apple's key, (3) allows rapid and repeated unlock attempts. The FBI is happy for Apple itself to load this firmware onto the phone.
This modified firmware wouldn't be usable on any iPhone because it would contain a check "if (PhysicalPhoneID != hardcoded_constant) abort;". The firmware couldn't be hacked to change the hardcoded constant because doing so would invalidate Apple's key-signing of the firmware blob.
How do you know the sex of the seller? ...
RTFA. This is of course the single most important pivot of the study, and obviously it's addressed by the researchers, and it's spelled out in paragraph 2 of the article.
I'm curious - you say that the committe "long ago" lost credibility. When was that long ago? And over what?
(I've not heard mainstream criticism of the committee until this case right now...)
You've made a logical flaw. I don't know how to explain it because, well, your combining of the two sentences is wrong on a logical basis and also wrong on an "intuitively that's what it obviously means" basis and I don't know how or why you tried to combine them.
The average 1951-1980 just provides a baseline for comparison. Maybe 1635 was 2 degrees warmer than that baseline. Maybe 1856 was 2.5 degrees colder than that baseline. Maybe 2015 was 1.15 degrees warmer.
The baseline is just the "tare" or "zero calibration". It doesn't imply which years are compared to it.
Wait, what? The US unemployment rate if 4.8% is pretty much as low as it can go (the Fed thinks the natural unemployment rate is 4.6% to 5.4%). Your premise about high safety => high unemployment sounds reasonable but doesn't seem to hold out in practice for whatever reason.
Couldn't he shift into neutral ?
Imagine a phone with NO ports. It uses wireless for charging. It uses Bluetooth for headphones. It uses wifi/cellular for voice and data. The battery isn't user-servicable. It doesn't need any ports. It could be manufactured in a factory-sealed seamless she'll for guaranteed waterproofing.
(except: I don't know how you'd do microphone or speakers...)
Say you're on a team of 10-20 devs in a mature product. Your day job is to work through the issue backlog, hopefully checking in fixes for three or so issues a day. You need to pick issues from the issue tracker (GitHub), read comments, maybe interact with the filer to get repros, submit a PR for code review by your peers (on GitHub), send it off for regression testing (via guthub messages), code review about 5 other fixes from other team members (GitHub). Also triage incoming issues (github). That's a heck of a lot more GitHub for someone in a larfe OSS software team, like we have in my team in Microsoft, than just 0.1%.
Developing major new features involves a heck of a lot less GitHub of course! But if your OSS software us widely used, you'll find a few orders of magnitude more issues than major features.
It's not a "magic" observer - it's just an observer who has become entangled in what's being observed.
There are good areas of physics where you can indeed rule out hidden variables that have any effect on the physical system. That does indeed provide a scientific proof of physicalism, at least in these areas.
Problem with that argument is that p-zombies are actually the dominant mode of human existence. Watch an episode of a popular soap like Eastenders or Coronation St. The lives they depict show no sign of consciousness nor introspection. And they're accurate depictions of the human state, far more so than any Descartes sitting at his desk trying to pin down his own mental states and getting misled.
What philosophers call consciousness is mostly just an typical artefact of someone writing about philosophy - not a typical state of the mind of most everyone.
The companies working on self-driving cars have complained that each state has different regulations about them. They asked the federal government to step in and make uniform regulations across the US. That's what Obama is doing.
What's your idea for malware? I don't see how it helps any.
Imagine a new tech idea that wasn't used to enhance my shopping or ad-consuming experience...
I wonder if maybe the risk of psychological harm is exceptionally high?
Are you the same guy who invented the five-color terror alert scale and no one knows what the different colors mean?
We have a puce alert in the browser bar!
What about the effect of diffraction around obstacles?
900Mhz has a wavelength of 30cm, compared to 5cm for 5Ghz, so I'd expect them to diffract around typical household corners differently...
Here is the actual link to the survey: http://www.apnorc.org/PDFs/Sec...
Question: As a way of responding to terrorist threats, do you favor, oppose, or neither favor nor oppose government analysis of
internet activities and communications, including those involving U.S. citizens, without a warrant, to watch for suspicious activity
that might be connected to terrorism?
I don't understand this. What exactly is a respondent supposed to make of the term warrentless surveillance? I wholeheartedly support the government to analyze people's public twitter posts, and public facebook posts, and forums (including those that require subscription), and youtube channels. None of these searches require a warrant. So I would answer "yes I do support government analysis, without a warrant". Even though I strongly oppose government analysis of private communication.
I wonder if they picked a deliberately ambiguous question here?
Questions: How concerned are you about the chance that you or your family might be a victim of a terrorist attack? Would you say a
great deal, somewhat, not too much, or not at all?
Questions: How concerned are you about the chance that you or your family might be a victim of a terrorist attack? Would you say a
great deal, somewhat, not too much, or not at all? How concerned are you about the chance that you or your family might be a victim
of an attack by Islamic extremists in the United States? Would you say a great deal, somewhat, not too much, or not at all? How
concerned are you about the chance that you or your family might be a victim of domestic terrorism committed by American
citizens? Would you say a great deal, somewhat, not too much, or not at all?
Question: How important do you think it is that each of the following groups is allowed to practice their religion freely in the United
States?
Question: The following are some examples of rights and freedoms listed in the Bill of Rights or that are protected under various
American laws and court rulings. For each one, please tell me if you think the U.S. government is doing a good job, poor job, or neither
a good nor poor job of protecting that right or freedom.
Here, 60% of respondents think the government is not doing a good job of protecting the right to "freedom from unreasonable search and seizure". This probably guides us on how the ambiguous earlier question was interpreted by poll respondents.
Isn't the whole point of thesis work that you find some novel solution to a problem through your own research not enlisting others to do it for you?
That's maybe 5% of thesis work. Another 20% is the grunt-work to investigate the phenomena and gather up examples and counter-examples. Another 75% is getting a good understanding of the field and the existing state of the art.
I think the poster has picked a good place (here on slashdot) as part of building up that other 95%.