"We truly believe a successful bug bounty program require happy and motivated researchers."
One would think they WOULD be happy and motivated... there are medications for both if not.
24 posts • joined 2 Jan 2008
"We truly believe a successful bug bounty program require happy and motivated researchers."
One would think they WOULD be happy and motivated... there are medications for both if not.
Its all just speculation so... If it was simple design to exploit the FBI would do it and not need Apple. Tim's email seems to imply that there needs to be hardware produced in combination with software and that it could be used on other devices. Probably a firmware or hardware certificate only known to Apple is needed and this combination might apply to a range of production units. Even a demonstration in principle could create a huge legal battle for Apple. I'm sure the army of "they should do it for god and country and to get those nasty terrorists" include a few ambulance chasers that would immediately class action sue the company for falsely claiming they can't access data when the FBI will very publicly announce that they did. You see in America suing is a national pastime. Hell you can sue someone for saving your life using CPR if the compression technique that was used leaves a boo-boo. A lobby group funded by trial-judges helped defeat laws to reduce patent troll cases - how dare someone ruin that fun. A woman sued 'cause her hot coffee was too hot - and won. So this case is just one of a string of cases that will provide entertainment and lobby groups $$ for years to come. Oh and if it does get pushed up to the Supreme Court - good luck politics will keep them out of commission for at least 1.5 years. Well time to make some popcorn and turn on C-SPAN its going to be a long long night.
No kidding. Five years - yah and there won't be any disruption or other technology that will come along during that time.... from vapour-ware to vapour-norm. Five years ago it was we'll have a phone any day to kill iPhone. So they have the phone. Few want it but that's ok, because soon we'll all crave it. Compelled by the amazingly similar features that all vendors are already producing. We'll all have one - in five years - what's the hook: well its really much the same as what we have now but with a different logo than android or iOS (robots and apples are just SO passé when you can have ... rectangles) and we'll all be driven to buy it because it's so 'enterprise'. After all consumer gadgets just reek enterprise.
"Windows people tend to have far fewer of those than OS-X or Linux users these days...."
Really? FYI Microsoft XP is no longer supported perhaps you should upgrade. Might explain why you aren't getting those patches anymore. I operate Win7-10 and not only is patch Tuesday still patch Tuesday but I reboot fairly frequently for incremental updates to various parts of the OS. Not to mention that after-patch Wednesday is the day new exploits go wild and usually thrive until the next patch Tuesday. There is a good argument from non-system don't-make-us work-hard-more-than-once-a-month" admins that security may benefit from a compressed cycle of updates now and again....
The article should be titled "click, click, click… We get paid for clicks". What an incredible non-story. Now the Register does its best to make fun of Apple and publish things that make fun of Apple - mostly pointing out that the devices are used for silly things. And of course the Register focuses on serious IT. As other authors on this thread have pointed out these devices are not competing in the same market as Windows laptops or the Surface. They weren't intended for that. As both an IT person, a teacher of computer sciences and having worked in private and public sector I can safely say that 99.9% of computer users are either doing Facebook, twitter or Instagram. They will get the new iPad and they'll be astonished about being able to see the whiskers on the picture of their pet cat. They'll take their new iPad to work, perhaps even the boardroom, and their compatriots we'll similarly be astonished. "I count 12 whiskers", " I count 14" And so on. The Register's moto is "biting the hand that feeds IT". You seem to forget that there's only one hand mentioned in that moto. As a matter of record I feel obliged to point out the rest of are pointing pictures of cats.
Uninformed Apple haters got to hate. At 10K its a half-price steal compared to the Apple Watch Edition
Yes, this law was exactly intended as such. And it's not self-righteous to point out that religious RESTORATION is a completely trumped up issue. There is nothing to Restore - the guarantee of religious freedom is only that - you can freely associate and choose a religion - and it's not been repealed. Christian paranoia about the erosion of the church usually gives examples like: not having civic government putting up nativity scenes, banning the ten commandments from hanging in court rooms, etc. But these are fallacious and non-facts - you can't restore something in government that is/was EXPLICITLY excluded by the Foundational documents. These things were NEVER supposed to be done in the first place and indeed - most of the Founding Fathers say as much:
"The government of the United States is not, in any sense, founded on the Christian religion." - George Washington
"Christianity neither is, nor ever was a part of the common law." - Thomas Jefferson
'The establishment of the chaplainship in Congress is a palpable violation of equal rights as well as of Constitutional principles. The danger of silent accumulations and encroachments by ecclesiastical bodies has not sufficiently engaged attention in the U.S."
"[T]here remains [in some parts of the country] a strong bias towards the old error, that without some sort of alliance or coalition between Govt. & Religion neither can be duly supported. Such indeed is the tendency to such a coalition, and such its corrupting influence on both parties, that the danger cannot be too carefully guarded agst."
― James Madison
Restoration is a red herring. What these laws are about is a pathetically paranoid, anachronistic, aging, caucasian and increasingly impotent group of racist, homophobic, xenophobic people angry because there are too many blacks, too many minorities, too many gays, too many high school graduates, in an increasingly changing world and they use the facade of occupying the religious moral high-ground to attack others and to create laws they can hide their bigotry behind.
You are already a copy of you that thinks you are you. Sorry but by the age of 'you' necessary to post online every atom in your body has been replaced at least once. It seems if you do it slowly enough while replacing/destroying the original copy it's assuredly possible to maintain the fiction that you are you. It is also likely possible to maintain such a confabulation of youness while traveling at the speed of light.
I've had iPods and never had a problem loading files that didn't come from Apple's store as long as those files were transferred via iTunes. I never had problems adding MP3s to iTunes from a variety of sources and 'services'. I never had problems with rival/alternative formats translated via 3rd party tools so that they could be opened in iTunes and then placed onto the iPod. So then this case isn't about iPods wiping content not sourced from Apple but that iPods couldn't play files transferred directly from rival services - presumably because those files were encoded (encrypted really) using a rival DRM format, decoded by that software and placed (unsigned presumably) on the device. So aren't those other services culpable for choosing to encrypt their files in the first place such that only their own proprietary software was able to upload to the device? On what basis would a software manufacturer be allowed to sue because they aren't allowed to run their proprietary software when its specifically designed to reverse engineer someone else's proprietary hardware? Or even more simply - do hardware manufactures have to ensure they are compatible with what software companies provide or isn't the industry standard the other way around. It is also first and foremost a dedicated consumer device - one of many and many of which have proprietary interfaces. My car has a CPU should I be able to sue because it doesn't run android or Windows 8? Refrigerators need to be liberated as well. I'm pretty sure Apple enjoyed and protected its Monopolistic position with those updates and by wiping off third party data, but they were obligated to ensure their DRM was secure.Demonstrated ability to reverse engineer and then place other content on the device would compromise that. I think they had every right to do it and the device was flexible enough that content from ARTISTS could be consumed without barriers while providing compensation to those folks - the main purpose of the thing. The iPod didn't exist for RP to make money for hacking.
Awesome! Great post! And makes perfect sense - the number of clients per access point is very limited relative to the address space available - both physically in terms of distance and also router capacity.
This to me is the technical element that is interesting. Do these random MACs get generated and reused to poll a number of networks and expire, or does each router get broadcast a random MAC (this doesn't get around the problem but does influence the probability of occurrence - already calculated by another commenter). Even if its a low probability it is still possible. ARPish-like spoofing has occurred in the past and so MAC conflicts aren't new - sometimes even planned. OSI RFCs don't really cover this issue but to speculate: if random MACs are generated and cached without being used (for a short time) the device could listen to see if there is a MAC already being broadcast matching any of the random values (doesn't prove that it isn't in use but reduces the probability) and then send a MAC that wasn't already detected. The client could also send a packet with a random MAC that forces a response from a potential other client using that MAC (assuming that device is not just listening). I'm keen to see what Apple is doing - not paying $100 to be an iOS developer to access it early though.
Blah. Blah. Apple sucks blah. Theater blah. Oh maybe lets try having comments that meaningfully add to an article for once. Firstly, I'm not sure if Apple's framework is robust and don't really care since the idea and software will evolve. I think it is fair to argue that the future of social engineering (for ads, for exploits - whatever) is mining metadata and as such any static identifier is potentially bad news. MAC addresses have an essential engineering function in the OSI model but in personal mobile devices can function as a beacon, add this to GPS (or triangulation) data and you have a linked position. Throw these in to a spatial database and you can develop and do some very serious data mining - which actually happens to be my day job. The extent to which we can spy even now with commercially collected information is very scary. I'm not convinced the Googles of the World (or Apples) are really trustworthy. I applaud any attempt to anonymize these data but also think we should be looking at metadata in a very comprehensive way (other OSI layers, userland) etc. any place where our electronic devices leave 'residue'. I'm not suggesting I've added much to the debate but the "Windoze sucks", "Apple sucks", "you suck" trolling in the comments sections really - well - sucks.
Pretty much says it. I would like to think that rational people have come to the conclusion that the god hypothesis is indefensible and this is a trend based on evidence (from the internet et al). But somehow I know it is not. After all the internet is about porn. Information is just a side-effect. The study is specious and based on false correlation - unless some boobies are thrown in.
Entertain me Google Thrall. I will pay 1000 Quatloos.
Each version of the Mac OS that has been released has had major architectural changes under the hood. Many of those changes such as sandboxing and 64-bit adoption are exactly the same kinds of changes that Microsoft released between versions of their operating system. As for Apple jettisoning old users of its hardware – check your facts Mavericks runs on computers that are six years old (it supports 2007 iMac's). On those systems there's actually a slight increase in speed. A speed bump on all of my computers in fact has happened. I recall Windows Vista machines that were only two years old that really didn't have the appropriate specifications for that operating system – yes Microsoft officially "supported" those two-year-old systems but Vista didn't run on them. Windows 7 has been long criticized as an operating system that simply fixed the problems with Windows Vista. I wouldn't call it a service pack - not least of all because of the $200+ price tag - but the only real new "features" it offered was it 'ran'. I also can't remember a time when a new Microsoft operating system installed on older hardware improved the performance of the older hardware (has that ever happened? - except with Windows 7 maybe because it was a bug fix for Vista?). I started this by using the phrase "improvements under the hood" - that's important - most of the "new features" at the user level are just eye candy (for both operating systems) - ultimately the question is whether or not an operating system lets you do your work more effectively and more efficiently. Each and every version of the Mac OS has provided me with something that helps get the job done. On most of my Windows computers I spend days and weeks trying to fix software after an upgrade and often the operating system is pushed back in someway that interferes with my workflows. I anticipated the release of Mavericks and it was rolled out in my organization within a day of its release– but my institution has said it is going to wait until the end of life for Windows 7 before supporting any other Microsoft operating system. I've heard the same thing from many other companies I work with – and that is the big difference between the Mac OS and Windows.
Every software company producing software that requires admin privileges to install and uses cloud services can potentially create opportunities for man-in-the-middle attacks. Even the suggestion of local public keys isn't an answer. These can be compromised since the overall system/application architecture is controlled by Apple, MS, Adobe etc - and with sufficient political and legal pressure these companies can be made to implement measures. ISPs can be compelled to keep logs of transmissions (with or without knowledge of content) at any time. I don't trust any company that says its cipher solution is completely secure. Lastly, current SSL implementations may already be broken - in that event cooperation of Apple et al is superfluous. The real issue here is not Apple's ability or not to access iMessage it is the complete intrusion of governments in the secure free exchange of ideas - all under the premise of public "safety". Russia created the KGB almost 70 years ago to spy on "subversives" but ran out of money - the US just found a cheaper way to implement those policies.
The constitutional challenge has happened - women enjoy the same rights as men. And I get to watch.
F**ing Perfect Society
This isn't an app store effect. Apple has open sourced most of its foundation technologies (or uses enhanced versions of open source), Mach/BSD, launchd, WebKit, OpenCL, OpenGL, Clang/LLVM, etc. and now GCD. They have had a pretty consistent business strategy - they sell the Quartz layer and services that make use of the Coca frameworks plugging into that layer. So if you don't mind paying for your window manager (I know that a bit of an oversimplification) then buy Mac OS X - if not then there's always Gnome. With GCD (and eventual ports of OpenCL) to linux - science just got a lot faster for *nix.
Anonymous coward is correct - it is clearly a giant sperm - although sadly extra flagella are a sure sign of genetic defects. Makes me wonder what the Scots are up to in the lake. Had the same problem with a hot tub in a condo I used to live in - always closed off when the sperm count got too high....
At the heart of the current Word document patent is a 2006 patent by Microsoft claiming that they developed CSS - some 3 or so years after the original work was done. Part of this is idea poaching and imitation - something M$ does well since they don't ever seem to have an original idea - and part of this is because companies make frivolous patent claims constantly in the US. Its like playing the lotto. All you need to do is come up with some vague general statement - put it in a patent and wait for someone to actually invent something useful that even remotely matches the patent description. Then go to Texas file an infringement claim and WHAM - instant millionaire since most companies prefer to settle than waste money proving the patent was frivolous in the first place.
Bunch of fucktards.
El Reg commenters are all tards.
I am really mad! Every BMW is way too expensive. All other cars have four wheels why do they keeps selling theirs for so much money? What a bad business model! I'm going to buy a Ford or a Dodge they are way less expensive even if they aren't BMW. In fact I think I'll make a commercial where I take a teenage girl and her mom and go to a bunch of different car lots like Toyota, BMW and Honda and then good old GM and choose a nice cheap Pontiac and gloat about how much money I save "seems like a lot of money just for the brand."
I have used Safari since it came out - I like the fact that its cleaner and has a more Mac (obviously) UI than Firefox. I had a couple of crashes on my MB Pro unibody after installing v4 but none since then and I have it running on 4 machines from PPC to Intel. The update was optional - and I have waited on one machine - mostly because of laziness and because the beta is pretty good. I wonder what the actual 'failure' rate is. There are a few folks in the comments that have reported specific problems, but the vast majority of comments that are negative are simply that - negative - too much flaming in the comments section in general. Most are positive. I seem to recall that the last major update to Firefox was less than smooth... and Chrome... it hasn't even got a stable port outside of Windows. I look forward to updates to these great products - with the likely bumps in the road. At least these three products have attempted to maintain web standards. For those of you drawing parallels with MS Explorer 8... MS still has problems with CSS1 and 2 - it is hardly a comparison when that product is more than 1/2 a decade behind every other web browser in terms of rendering engines.
Locking out unsafe formats? They invented the binary format used in these files didn't they? MS keeps trying to convince everyone that they are focused on security and I applaud them for their efforts this surely demonstrates their commitment as they clearly are willing to take aim at themselves when necessary to protect my files. Hopefully in the near future they will block pc's from booting XP because of its unsafe operating system structure so that we can all be saved by Vista and Office 2007! Hooray for MS - I'm glad I have a Mac.
Biting the hand that feeds IT © 1998–2018