If they are using iPads with the latest version of iOS 8, they can just save the passwords using the keychain in safari with autofill (only works if a site is HTTPS, however)
it has no utility for anything other than payments. The use scenarios other devices use NFC for (because they can't be used for payments due to carrier interference) are better handled by better technologies, like Bluetooth LE.
Apple doesn't have a permission system? Have you used iOS? It has an excellent on-demand permission system. An app wants both location, camera, and microphone access? But you don't want it to have location access? Deny it! Only want it to have microphone access sometimes? OK!
Sadly, it does not automatically download. Even with automatic downloads on. It automatically appears in the list of purchases and automatically appears in iTunes in the Cloud (if you have that option enabled), but it didn't automatically download.
So if you can't id a user by any characteristics of the phone either (like device id or phone#), how can you create an external unique key to id the user in case he reinstalls? i.e. you effectively can't build an app that references your external server to provide data to that app?
(obviously not an Apple dev here...)
Correct. You're not supposed to. If a user uninstalls an app, ALL data relevant to the app must be deleted, including any UUID. UUIDs are keyed to a specific app install. There should be no way to uniquely identify a user across installs.
Have one absolute trusted password and one absolute trusted service. Encrypt all your site-specific passwords in there. Let the service fill out the passwords for you.
Make sure the service uses a Web of Trust style encryption so even defeating the password for the service won't leak any other data.
All this means is that companies like Apple and Mozilla happen not to have notified Microsoft of the infringement yet. So if you're worried about it, go tell Apple's legal department and Mozilla's.
Why should they have to? The store is supposed to be curated and given these examples, it's obvious it is not curated at all.
GAINESVILLE- We're on day 7 of the Pedro Andres Bravo trial. Bravo is being accused of the premeditated murder of his high school friend and UF student, Christian Aguilar. Bravo's phone records were reviewed.
"I need to hide my roommate," that is a picture found on Pedro Bravo's phone. In the picture you can see Siri responded, "Swamps? Dumps?"
The image was most likely a screenshot Bravo took from Facebook not an actual search he made. That was actually addressed by the jury who asked how he could do a Siri search when he had an iPhone 4 not 4s.
It was a screenshot (Shit Siri Says). His iPhone 4 was incapable of asking Siri anything.
Slashdot Mirror
If they are using iPads with the latest version of iOS 8, they can just save the passwords using the keychain in safari with autofill (only works if a site is HTTPS, however)
it has no utility for anything other than payments. The use scenarios other devices use NFC for (because they can't be used for payments due to carrier interference) are better handled by better technologies, like Bluetooth LE.
Apple doesn't even have permission systems.
Apple doesn't have a permission system? Have you used iOS? It has an excellent on-demand permission system. An app wants both location, camera, and microphone access? But you don't want it to have location access? Deny it! Only want it to have microphone access sometimes? OK!
Incorrect. iOS always encrypts all data with a master key based of secret data in the CPU. If you choose a pin/passcode, it is salted.
Not really up on this, are you? or know how to use an iOS device, do you?
You can only hide it if it is not on your device therefore, it is not taking up any storage space.
Sadly, it does not automatically download. Even with automatic downloads on. It automatically appears in the list of purchases and automatically appears in iTunes in the Cloud (if you have that option enabled), but it didn't automatically download.
so choose not to add it to your playlists. Really simple. If it's not in a playing playlist, it won't play.
Just a note: iTunes does not store the credentials. In fact, iTunes doesn't need to interact with iCloud at all.
They are the new number stations!
So if you can't id a user by any characteristics of the phone either (like device id or phone#), how can you create an external unique key to id the user in case he reinstalls? i.e. you effectively can't build an app that references your external server to provide data to that app?
(obviously not an Apple dev here...)
Correct. You're not supposed to. If a user uninstalls an app, ALL data relevant to the app must be deleted, including any UUID. UUIDs are keyed to a specific app install. There should be no way to uniquely identify a user across installs.
Yup, good news from Microsoft about Quality App Stores that never reject clearly bogus apps.
Have one absolute trusted password and one absolute trusted service. Encrypt all your site-specific passwords in there. Let the service fill out the passwords for you.
Make sure the service uses a Web of Trust style encryption so even defeating the password for the service won't leak any other data.
It's a little weird since a lot of the phones that took the photos aren't running iOS and some of the folders have Dropbox-specific files.
Don't use the same password on multiple sites!
I thought we already had this with the img tag's srcset attribute. Do we really need a new tag?
If so, I wonder if this is related to Chinese spies stealing US corn
If so, I wonder if this is related to Chinese spies stealing US corn?
Well, of course it came from humans. There is no natural source of CFCs on earth. They aren't a naturally occurring substance.
All this means is that companies like Apple and Mozilla happen not to have notified Microsoft of the infringement yet. So if you're worried about it, go tell Apple's legal department and Mozilla's.
Why should they have to? The store is supposed to be curated and given these examples, it's obvious it is not curated at all.
A people-based rating system would likely be an improvement, but it would have to be carefully designed to keep it honest.
I thought Apple already had a people-based rating system. Or does "Editor's Choice" not mean Choice by the Editors?
Also, Pedro Bravo was not the roommate of Christian Aguilar.
But this is /., who needs facts?!
GAINESVILLE- We're on day 7 of the Pedro Andres Bravo trial. Bravo is being accused of the premeditated murder of his high school friend and UF student, Christian Aguilar. Bravo's phone records were reviewed.
"I need to hide my roommate," that is a picture found on Pedro Bravo's phone. In the picture you can see Siri responded, "Swamps? Dumps?"
The image was most likely a screenshot Bravo took from Facebook not an actual search he made. That was actually addressed by the jury who asked how he could do a Siri search when he had an iPhone 4 not 4s.
It was a screenshot (Shit Siri Says). His iPhone 4 was incapable of asking Siri anything.
The Gainesville PD also said it never happened.
https://twitter.com/gainesvill...
Multiple reports of Bravo asking Siri to hide a roommate are incorrect... GPD Det. Goeckel certainly did not testify to that. #BravoTrial
Germany is shutting down all their nuclear reactors. Clearly they are the best at sciencing using logic.
Because it isn't testable.
String theory is math. Math is not science. This should not be in the "science" section of /.
I only said 10%, not 70% or any of the other high numbers in the July 2014 trend micro report.