Are you f'ing kidding me?! I'd much rather have other drivers glance at their phones for a few seconds at a time than stare at them in awe as they continuously reboot!
I see that a lot. Then again, I'm one sarcastic MFer, so...
In all honesty, the direction Apple is moving in today saddens me. I was just becoming an Apple user in as Steve Jobs was dying and I began to see the signs of change shortly thereafter. I'm seeing it happening even more quickly now.
Some will say it's a good thing that Apple is branching out in other directions. I would agree with those people, except that Apple is not branching out, they're abandoning the direction that saved them from utter ruin over a decade ago ago, a direction that is proven and profitable, in favor of a new direction. I'm all for branching out, especially when talking about a company with plenty of capital to reach in multiple directions at once, and if that's what Apple was doing I'd be more than happy to see it. They're playing a dangerous game right now, though, and they have enough capital on hand that I fear they might not notice impending failure until they've been running full-speed ahead in the wrong direction for a decade or longer.
Actually, after giving the article another read-through, I think I got it wrong in the summary. The reboot cycle happens so quickly that, once you've entered it, you don't have the opportunity to turn WiFi off until you've left the range of the rogue AP. The article really isn't clear on that point, but it may well be that, if you have WiFi turned off already, you're safe.
As for sales figures. Apple is currently 6 weeks backordered on the new MacBook. They've sold every laptop they can make for the very least all through this quarter.
You know, there are no numbers in your statement. Maybe it's more they're limiting how many they make in order to make it seem like they're selling more. It's not like they've ever done that before, or anything, right?
Don't get me wrong, I'm not poking and prodding at Apple out of hatred, I'm doing so because, as an Apple user, I want them to succeed, but I also want them to keep going in a direction that is useful to me. As I see them shifting in a direction that is anything but, I prod them back in the direction that benefits not only myself, but also the largest number of users.
Of course, they're free to (and will) do whatever they want, but that doesn't mean they'll succeed if they do. They've got so much capital on hand that it will take decades of failure and moving in the wrong direction before they actually go out of business; I suppose that's a good thing, as it gives them plenty of time to try a few different CEOs and maybe save themselves. What you're seeing now is the last of Steve's momentum, things really are slowing down for Apple and I have a distinct feeling we're about to see them start losing their market in the next 2 or 3 years.
When that happens, I don't think they're necessarily done for. I'll take that opportunity to buy their stock cheap, though, knowing they'll either find another CEO like Steve Jobs or get bought by another company that will add value to their stock.
And that has precisely what to do with the point I was countering? It's a basic needs machine. Yes, it's a luxury item, so we'll call it a luxury basic needs machine, but it's still a basic needs machine, plain and simple. You didn't even attempt to argue, you only agreed with me without realizing it.
People still on XP are not buying a $1300-2k laptop, when there are laptops available for $300 with better performance / storage / features.
Unless they care about point #5.
But you still seem to have missed my point. There really is no market for the new MacBook. You're absolutely right that there are better machines available for 1/4 the price. Even people who buy luxury for the sake of luxury aren't complete morons and they'll seldom pay more than 2x the price of the "common person's" equivalent version of something, so this isn't even targeted at that crowd. It's the absolute most basic of basic needs machines, coming to you at a mobile workstation price; I'm too lazy to search out sales figures for it, but I'd be surprised if they've covered R&D at this point.
I, along with many others I know, only "upgraded" from Snow Leopard (10.6) because Apple dropped support for it. 3 days after I paid to upgrade to Mountain Lion in order to continue receiving support, Apple announced that future versions of OS X (including the then soon-to-be-released Mavericks) would be free. <sarc>That didn't leave a bad taste in my mouth or anything.</sarc>
No version of OS X since Snow Leopard has been as stable or performant. Because of this, I know a number of people who actually still use it despite the lack of security updates. Of them, only a couple use it in an offline-only capacity. I'm sure that's lightyears better than the decade-long support you say isn't necessary, though. Right?
No, Emusic probably can't do that, the there *are* other legitimate sources for movies; buying DRM'd content from iTunes is the problem, not the symptom, so let's treat it as such. That said, there currently exist no DRM-free legitimate sources for movies, though there are many that work on all platforms, including Linux (and Android), which can not be said for iTunes. All else being equal (and when it comes to video content, it is) iTunes was the wrong choice for that reason.
Eh? XP doesn't support *any* of the HTTPS ciphers that haven'te been utterly and completely proven worthless. This has nothing to do with DRM; the software works just fine locally (including playback of DRM'd media), the only thing it can't do now is connect back to Apple's servers via HTTPS.
The "New MacBook" is just the thing for people with basic needs. Before you argue, sit and consider who else it might be a good fit for. When you can't come up with another answer, ask yourself which you'd rather admit: that I'm right or that Apple released a product line with no target market.
And re #5, OSX is as close as they're going to get to that if they have to move away from XP.
Thank you for prompting me to check, it does look like they switched to Intel for their 64-bit instances. I know my 32-bit instances were running on Opterons, but I couldn't tell you which exact part numbers at this point.
Probably the same way it affects Windows and Linux users with Intel CPUs? Or users of any other OS like for example, any of the BSDs. Android on x86 is typically based on the Atom platform, so also Intel. Thankfully, my servers and cloud hosts use AMD.
Oh, I get along with Apple users just fine. I am one, along with my wife, my best friend, and his wife. I'm the only one out of the group who uses an Android phone, but I'm very happy with both of my MacBook Pros, my iPad, and my iPod. What I can't stand, and I feel this may be the case for most Android users, is the type of idiot who fully buys into the "Apple made it so it's perfectly secure" marketing bullshit.
For reference, I'm not the AC you were replying to. I can tell, however, that the target of their attack is precisely the type of idiot I mentioned, and not the intelligent Apple users who realize that anything can be made vulnerable; the question is, which are there more of? It's hard to say, since the idiots are so vocal.
Yes, you keep both in the repository. Some app might only be compatible with that version. That, of course, makes that particular app insecure, but your system is, overall, more secure than the current system. Of course, you only keep the libraries specified in the manifests of installed apps locally; there is no need to keep unused versions locally.
What happens if an app is incompatible with the new version?
Then you keep using the old version. That, of course, makes that particular app insecure, but your system is, overall, more secure than the current system.
What if the old version is insecure, and the new version incompatible?
Then you keep using the old version. That, of course, makes that particular app insecure, but your system is, overall, more secure than the current system.
Do you go for insecure-but-working, or broken-but-secure?
Insecure but working. That, of course, makes that particular app insecure, but your system is, overall, more secure than the current system.
What if the developer isn't around anymore to fix it?
Then you run into the same problem we have today. That, of course, makes apps using that particular library insecure, but your system is, overall, more secure than the current system.
Then there's security - if you come up with a way to do this, how do you isolate the data from one another?
The data belongs to the application, not the library. It shouldn't be too difficult to do nothing and let the data continue belonging to the application and not the library.
How do you keep the library (which has access to everyone's data) from accessing and passing around the information?
You don't, you don't need to, and your assumption is incorrect. The library gets linked into the application; it, therefore, has only the application's permissions and can access only what the application can access. The worst case is no worse than what we have today, where a malicious library can access data belonging to the app it is linked into and perform any actions that app can perform; the best case is that libraries with vulnerabilities can be patched and apps that are only compatible with versions of libraries with critical vulnerabilities can be pulled until they have been updated.
Perhaps a malicious update goes and accesses everyone's information then dumps it to another app for uploading?
This is why Apple would manage the repository of libraries (e.g. "You", in all of the examples above, would be Apple). It's also a non-issue, since the library gets linked into the application and, therefore, has only the application's permissions and can access only what the application can access. The worst case is no worse than what we have today, where a malicious library can access data belonging to the app it is linked into and perform any actions that app can perform; the best case is that libraries with vulnerabilities can be patched and apps that are only compatible with versions of libraries with critical vulnerabilities can be pulled until they have been updated.
You'll see that I kept it simple by repeating a lot of my clauses, so you don't have to parse as much in order to understand how wrong you are.
On one hand yes, the developers should have updated their apps and submitted those updated versions as soon as the library was fixed and each of these apps would have been patched in 4-7 days. On the other hand, if Apple were managing a repository of libraries they could have updated the library in a matter of minutes.
Sure, developers might have stupidly decided to statically link the library in their app despite it being available in Apples repository, and those apps would still have the same issue, but Apple would have gotten some good PR out of this, being able to point at all of the apps using the version in their repository and say "but these apps were all fixed within minutes, with no action from the developers". Who doesn't want that in their platform? Developers? We like not having to match security vulns ourselves;.Net is popular for a reason. Users? We like not having to rely on a developer who may have moved on to another project to eventually get around to fixing their app and we like not having to update our apps in the first place. Platform devs? I'm pretty sure they like being able to point at issues like this and say "my platform doesn't have that problem". So, I guess the answer to that question is nobody doesn't want that.
Bad developers will always make stupid decisions, but that doesn't mean good developers can't offer them better solutions.
I don't think he was saying it was Apple's fault, just that Apple didn't prevent it. There's a huge distinction. I mean, anyone posting here was alive on 9-11-2001 and none of us prevented it; are you saying we all caused it? I mean, it's true that if we had all done things a little differently, it could have been prevented, right?
The fact is that Apple could have implemented a system that would have at least made this an avoidable situation. Of course, it wouldn't have stopped developers from statically linking this or any other library, leading to the same problem, but it would have made it much less likely. It is, however, Apple's fault that the current situation was the only option; the headline could have, instead, read "App Developers Not Using Apple's Security Measures, Creating Vulnerable Apps", which would read as a good bit of PR for Apple and bad press for those developers, whereas the current situation has people pointing the finger at both sides.
As far as which is the better technical decision, that's a debate that will continue indefinitely. For marketing purposes[1][2], offering a signed repository of libraries would have protected Apple's interests in this instance, even if it didn't prevent developers from statically linking this library.
[1] And what is Apple, really, if not a marketing firm that just happens to produce some electronic devices?
[2] Don't get me wrong, I quite enjoy my 2 MacBook Pros, iPad, and 3rd gen iPod, but let's not delude ourselves by thinking they're really better than the competition and anything but marketing.
Are you f'ing kidding me?! I'd much rather have other drivers glance at their phones for a few seconds at a time than stare at them in awe as they continuously reboot!
It's my first accepted submission (to be fair, my first legitimate submission); I've been here for a while.
OH! I get it! You were playing on stereotypes!
Proofreading... apparently I don't do it. Please excuse the added "in" in the 2nd paragraph and the extra "ago" in the 3rd.
I see that a lot. Then again, I'm one sarcastic MFer, so...
In all honesty, the direction Apple is moving in today saddens me. I was just becoming an Apple user in as Steve Jobs was dying and I began to see the signs of change shortly thereafter. I'm seeing it happening even more quickly now.
Some will say it's a good thing that Apple is branching out in other directions. I would agree with those people, except that Apple is not branching out, they're abandoning the direction that saved them from utter ruin over a decade ago ago, a direction that is proven and profitable, in favor of a new direction. I'm all for branching out, especially when talking about a company with plenty of capital to reach in multiple directions at once, and if that's what Apple was doing I'd be more than happy to see it. They're playing a dangerous game right now, though, and they have enough capital on hand that I fear they might not notice impending failure until they've been running full-speed ahead in the wrong direction for a decade or longer.
Actually, after giving the article another read-through, I think I got it wrong in the summary. The reboot cycle happens so quickly that, once you've entered it, you don't have the opportunity to turn WiFi off until you've left the range of the rogue AP. The article really isn't clear on that point, but it may well be that, if you have WiFi turned off already, you're safe.
You seem to have missed the point of my post. Don't worry, I understand that sarcasm doesn't come through very well in text.
As for sales figures. Apple is currently 6 weeks backordered on the new MacBook. They've sold every laptop they can make for the very least all through this quarter.
You know, there are no numbers in your statement. Maybe it's more they're limiting how many they make in order to make it seem like they're selling more. It's not like they've ever done that before, or anything, right?
Don't get me wrong, I'm not poking and prodding at Apple out of hatred, I'm doing so because, as an Apple user, I want them to succeed, but I also want them to keep going in a direction that is useful to me. As I see them shifting in a direction that is anything but, I prod them back in the direction that benefits not only myself, but also the largest number of users.
Of course, they're free to (and will) do whatever they want, but that doesn't mean they'll succeed if they do. They've got so much capital on hand that it will take decades of failure and moving in the wrong direction before they actually go out of business; I suppose that's a good thing, as it gives them plenty of time to try a few different CEOs and maybe save themselves. What you're seeing now is the last of Steve's momentum, things really are slowing down for Apple and I have a distinct feeling we're about to see them start losing their market in the next 2 or 3 years.
When that happens, I don't think they're necessarily done for. I'll take that opportunity to buy their stock cheap, though, knowing they'll either find another CEO like Steve Jobs or get bought by another company that will add value to their stock.
There are NO places where you can buy legal digital copies of movies without DRM.
I think I said that, actually.
That said, there currently exist no DRM-free legitimate sources for movies,
I then continued to clarify:
though there are many that work on all platforms, including Linux (and Android), which can not be said for iTunes.
Did you not read the sentence immediately preceding the one you quoted? Hmm?
So what you're saying is "people should pirate, or not have digital copies of movies"
Where did I say anything about piracy?
iTunes isn't any worse than any other mechanism
Except for the whole "doesn't work on Android" part.
The only other one I'm even aware of is Ultraviolet
How about Amazon? Or Google Play? In addition to Google's native support on Android (obviously), they both work in-browser and both have iOS apps available: Amazon Instant Video for iOS Google Play Movies & TV for iOS.
Platform support alone makes both of those better options than iTunes. I'm not sure if you missed my point or if you were simply ignoring it.
Legacy support makes cents.
And Apple chases dollars.
People still on XP are not buying a $1300-2k laptop, when there are laptops available for $300 with better performance / storage / features.
Unless they care about point #5.
But you still seem to have missed my point. There really is no market for the new MacBook. You're absolutely right that there are better machines available for 1/4 the price. Even people who buy luxury for the sake of luxury aren't complete morons and they'll seldom pay more than 2x the price of the "common person's" equivalent version of something, so this isn't even targeted at that crowd. It's the absolute most basic of basic needs machines, coming to you at a mobile workstation price; I'm too lazy to search out sales figures for it, but I'd be surprised if they've covered R&D at this point.
I, along with many others I know, only "upgraded" from Snow Leopard (10.6) because Apple dropped support for it. 3 days after I paid to upgrade to Mountain Lion in order to continue receiving support, Apple announced that future versions of OS X (including the then soon-to-be-released Mavericks) would be free. <sarc>That didn't leave a bad taste in my mouth or anything.</sarc>
No version of OS X since Snow Leopard has been as stable or performant. Because of this, I know a number of people who actually still use it despite the lack of security updates. Of them, only a couple use it in an offline-only capacity. I'm sure that's lightyears better than the decade-long support you say isn't necessary, though. Right?
So then... This is the year of the Linux desktop?
No, Emusic probably can't do that, the there *are* other legitimate sources for movies; buying DRM'd content from iTunes is the problem, not the symptom, so let's treat it as such. That said, there currently exist no DRM-free legitimate sources for movies, though there are many that work on all platforms, including Linux (and Android), which can not be said for iTunes. All else being equal (and when it comes to video content, it is) iTunes was the wrong choice for that reason.
I value Justin Bieber's music. When I hear it, I know there's someone nearby I'm gonna want to punch.
Eh? XP doesn't support *any* of the HTTPS ciphers that haven'te been utterly and completely proven worthless. This has nothing to do with DRM; the software works just fine locally (including playback of DRM'd media), the only thing it can't do now is connect back to Apple's servers via HTTPS.
The "New MacBook" is just the thing for people with basic needs. Before you argue, sit and consider who else it might be a good fit for. When you can't come up with another answer, ask yourself which you'd rather admit: that I'm right or that Apple released a product line with no target market.
And re #5, OSX is as close as they're going to get to that if they have to move away from XP.
Thank you for prompting me to check, it does look like they switched to Intel for their 64-bit instances. I know my 32-bit instances were running on Opterons, but I couldn't tell you which exact part numbers at this point.
The gamut of crap, I'm sure, is what GP was referring to.
Uh, if the website can launch programs to manipulate your CPU cache, that's a problem.
If a program can't manipulate the CPU, it's not much of a program now, is it?
Probably the same way it affects Windows and Linux users with Intel CPUs? Or users of any other OS like for example, any of the BSDs. Android on x86 is typically based on the Atom platform, so also Intel. Thankfully, my servers and cloud hosts use AMD.
Oh, I get along with Apple users just fine. I am one, along with my wife, my best friend, and his wife. I'm the only one out of the group who uses an Android phone, but I'm very happy with both of my MacBook Pros, my iPad, and my iPod. What I can't stand, and I feel this may be the case for most Android users, is the type of idiot who fully buys into the "Apple made it so it's perfectly secure" marketing bullshit.
For reference, I'm not the AC you were replying to. I can tell, however, that the target of their attack is precisely the type of idiot I mentioned, and not the intelligent Apple users who realize that anything can be made vulnerable; the question is, which are there more of? It's hard to say, since the idiots are so vocal.
What happens when an update comes out?
You build it and add it to the repository.
Do you keep both versions?
Yes, you keep both in the repository. Some app might only be compatible with that version. That, of course, makes that particular app insecure, but your system is, overall, more secure than the current system. Of course, you only keep the libraries specified in the manifests of installed apps locally; there is no need to keep unused versions locally.
What happens if an app is incompatible with the new version?
Then you keep using the old version. That, of course, makes that particular app insecure, but your system is, overall, more secure than the current system.
What if the old version is insecure, and the new version incompatible?
Then you keep using the old version. That, of course, makes that particular app insecure, but your system is, overall, more secure than the current system.
Do you go for insecure-but-working, or broken-but-secure?
Insecure but working. That, of course, makes that particular app insecure, but your system is, overall, more secure than the current system.
What if the developer isn't around anymore to fix it?
Then you run into the same problem we have today. That, of course, makes apps using that particular library insecure, but your system is, overall, more secure than the current system.
Then there's security - if you come up with a way to do this, how do you isolate the data from one another?
The data belongs to the application, not the library. It shouldn't be too difficult to do nothing and let the data continue belonging to the application and not the library.
How do you keep the library (which has access to everyone's data) from accessing and passing around the information?
You don't, you don't need to, and your assumption is incorrect. The library gets linked into the application; it, therefore, has only the application's permissions and can access only what the application can access. The worst case is no worse than what we have today, where a malicious library can access data belonging to the app it is linked into and perform any actions that app can perform; the best case is that libraries with vulnerabilities can be patched and apps that are only compatible with versions of libraries with critical vulnerabilities can be pulled until they have been updated.
Perhaps a malicious update goes and accesses everyone's information then dumps it to another app for uploading?
This is why Apple would manage the repository of libraries (e.g. "You", in all of the examples above, would be Apple). It's also a non-issue, since the library gets linked into the application and, therefore, has only the application's permissions and can access only what the application can access. The worst case is no worse than what we have today, where a malicious library can access data belonging to the app it is linked into and perform any actions that app can perform; the best case is that libraries with vulnerabilities can be patched and apps that are only compatible with versions of libraries with critical vulnerabilities can be pulled until they have been updated.
You'll see that I kept it simple by repeating a lot of my clauses, so you don't have to parse as much in order to understand how wrong you are.
On one hand yes, the developers should have updated their apps and submitted those updated versions as soon as the library was fixed and each of these apps would have been patched in 4-7 days. On the other hand, if Apple were managing a repository of libraries they could have updated the library in a matter of minutes.
.Net is popular for a reason. Users? We like not having to rely on a developer who may have moved on to another project to eventually get around to fixing their app and we like not having to update our apps in the first place. Platform devs? I'm pretty sure they like being able to point at issues like this and say "my platform doesn't have that problem". So, I guess the answer to that question is nobody doesn't want that.
Sure, developers might have stupidly decided to statically link the library in their app despite it being available in Apples repository, and those apps would still have the same issue, but Apple would have gotten some good PR out of this, being able to point at all of the apps using the version in their repository and say "but these apps were all fixed within minutes, with no action from the developers". Who doesn't want that in their platform? Developers? We like not having to match security vulns ourselves;
Bad developers will always make stupid decisions, but that doesn't mean good developers can't offer them better solutions.
I don't think he was saying it was Apple's fault, just that Apple didn't prevent it. There's a huge distinction. I mean, anyone posting here was alive on 9-11-2001 and none of us prevented it; are you saying we all caused it? I mean, it's true that if we had all done things a little differently, it could have been prevented, right?
The fact is that Apple could have implemented a system that would have at least made this an avoidable situation. Of course, it wouldn't have stopped developers from statically linking this or any other library, leading to the same problem, but it would have made it much less likely. It is, however, Apple's fault that the current situation was the only option; the headline could have, instead, read "App Developers Not Using Apple's Security Measures, Creating Vulnerable Apps", which would read as a good bit of PR for Apple and bad press for those developers, whereas the current situation has people pointing the finger at both sides.
As far as which is the better technical decision, that's a debate that will continue indefinitely. For marketing purposes[1][2], offering a signed repository of libraries would have protected Apple's interests in this instance, even if it didn't prevent developers from statically linking this library.
[1] And what is Apple, really, if not a marketing firm that just happens to produce some electronic devices?
[2] Don't get me wrong, I quite enjoy my 2 MacBook Pros, iPad, and 3rd gen iPod, but let's not delude ourselves by thinking they're really better than the competition and anything but marketing.
That'll work until you're the last one left.