* Posts by DougS

12862 posts • joined 12 Feb 2011

Doctor, doctor, I feel like my IoT-enabled vacuum cleaner is spying on me

DougS Silver badge

Re: superuser rights on the vacuum

All Unix OSes require root to do a lot of things, so avoiding the use of it isn't feasible. Perhaps they could have taken steps to minimize their use of root for network facing services, but the real problem was the same old story - not programming with security in mind. A shell script was able to be run with a %s argument supplied by the attacker.

No doubt the argument they supply is something of the form "foo; <command of your choice>". Those ';' (or & or | or whatever) attacks are as old as Unix, and easy to leave in place if you hire someone on the cheap who does the minimum possible to make things work according to spec, and neither management nor the programmers give security a passing thought. After all, who would want to break in to a vacuum, right?

As Corning unveils its latest Gorilla Glass, we ask: What happened to sapphire mobe screens?

DougS Silver badge

Re: Anyone remember this?

GT was greedy - they promised Apple they could make the silicon ingots in quantity, despite only having ever sold the furnaces and having no production experience except in very small scale for internal testing/validation purposes.

If they had told Apple "we can supply you the furnaces, but you will need to hire the expertise to mass produce on the scale you want" then they would have been fine if they delivered the furnaces even if Apple or whoever they hired to manufacture the ingots and cut the screens wasn't able to hold up their end.

But had they done that Apple might have said "no thanks" and their execs wouldn't have been able to cash in big time when their stock price went through the roof. They probably knew they couldn't do it, but didn't care because they knew they'd make millions before it blew up in their face.

DougS Silver badge

You are already getting what you want

I would gladly pay more for a screen that's literally a flat-square piece of glass (thus cheap and easy to replace) recessed inside a plastic shell with rounded corners. As it is, I end up buying plastic cases that replicate just that scenario

So you would "gladly pay more" to get that, but you are already paying more and getting EXACTLY THAT with a case. What do you gain by having it built in, other than by pissing off all the people who don't want a case, or who don't want to be restricted to the handful of choices the OEM would give them versus the literally thousands of options aftermarket cases give them? Not to mention the ability to change the case when it gets worn/dirty, the plastic protecting the screen gets scratched, etc.

If there was enough demand for what you want, there would be products that give it to you. Oh wait, there ARE such products, but I'm guessing you don't like those options so you want OEMs to change what they offer (despite the market having spoken and saying otherwise) to let you choose any phone you want?

DougS Silver badge

Re: Phone appearance

Cases also avoid some of the issues that making them built in would cause like plastic/rubber stuff getting worn out looking, and gross from oils from your hands etc. over months/years. Just take a look at some people's phone cases, and tell me that's what you want your phone to look like after a year or two.

No thanks. People who want a more durable phone without the horror of having buttons and ports slightly recessed can buy the ones built for that purpose. Oh, you don't like the lack of selection? Well I'm sure people who put all those cases with different patterns and looks don't want the lack of selection that would result from having built in cases in a handful of colors, either. Why should they compromise to give you the wide selection you feel you're entitled to?

The market has spoken, and people don't want phones with built in cases.

DougS Silver badge

Asking people to not drop phones

Seems a little optimistic. That's like saying we don't need seat belts or air bags because you have been driving for 20 years and never been in an accident, so everyone should just stop crashing.

DougS Silver badge

Anybody who says their sapphire watch face scratched

Either got lied to and ripped off, or it was scratched by the wife's wedding ring. Tungsten carbide is the only metal able to scratch sapphire, and to my knowledge no one is making bollards from it.

♫ The Core i9 clock cycles go up. Who cares where they come down?

DougS Silver badge

Intel promised OEMs 10nm CPUs

Then pulled the rug out from under them a few months ago when they admitted they couldn't produce shit on that process. Supposedly they provided OEMs with some "golden samples" of 10nm CPUs earlier this year, but designing your laptop around something Intel can't deliver in anything remotely approaching production quantity won't end well. It is still on the OEMs to have backup plans.

There have been rumors for years about Apple switching to their own ARM SoCs for their Mac line, this fiasco is just giving them all the more reason to do so. After all, the A11 is faster than the i9 running at its default clock (the speed at which it apparently still throttles) They're still left with the problem that their ARM SoCs running x86 code will be far slower, but they've done 'fat binaries' and ISA transitions a couple times before so Apple knows how to handle that part.

Dell might need to finally have some serious talks with AMD, since it looks like they will have 7nm CPUs from GF well before Intel can hope to produce any of their 10nm stuff in quantity (foundry 7nm is roughly equal to Intel 10nm, so if they were both out they'd be fairly comparable from a process standpoint)

Why Google won't break a sweat about EU ruling

DougS Silver badge

Re: The Fuschia's so bright

If Google drops Android and switches to Fuchsia, why would all the OEMs follow them? Some will, some won't, but I think we'd see a big split and the bulk of phones would remain Android since that's what people know.

The lower end phones are sold on razor thin margins, so why would those OEMs want to switch to something else and increase cost/risk?

Splitting your own market in half is one way to satisfy the authorities worried about lack of competition, though.

DougS Silver badge

Re: Some change is inevitable

Why would it set a precedent? Apple doesn't have a dominant share in anything but "app stores used on iOS", which is not a relevant market when determining monopoly status by anyone's definition.

The reason why they're going after Google is because it is the OS running on phones sold by 99% of the OEMs selling smartphones, while Apple's is on only one OEM's phones.

DougS Silver badge

How does having root

Give you "total control" over your computer? Unless you have full source to everything you run (including firmware) and compile it yourself or implicitly trust whoever compiled it, you don't have total control.

Having root lets you tweak some things in Android you weren't able to tweak before. But it won't stop Google collecting data on you when you run Google Search or Google Maps. You'd have to give up all their proprietary non open source apps if you want to avoid that. Being able to prevent data collection is kind of one of the big things that "total control" implies, at least to me.

Y'know... Publishing tech specs may be fair use, says appeals court

DougS Silver badge

Re: Ok, put it another way...

Codes should be about safety, not convenience or "what people want to buy". You could have a code requiring skylights or a three car garage to insure people can find the houses they want to buy, or you could leave it up to the builders to go where the market leads them - builders who fail to do so will find they have houses they can't sell, or are forced to sell at a reduced price, and they'll either learn their lesson or go bankrupt and be replaced by builders who will.

Letting the government decide what people want instead of the free market is why the USSR is now a footnote in history, and the US and UK are still around after hundreds of years.

DougS Silver badge

Re: Ok, put it another way...

Fine, that's an argument for someone building a home choosing to put more outlets closer together. Its not an argument for code requiring that.

There are a lot of things that are convenient for home owners that you should want in a home, but code shouldn't require them. Because maybe I don't plug in a lot of stuff, and maybe you don't care about having to go up steps from your garage to your house and think zero entry is a waste of money, etc.

DougS Silver badge

Re: Ok, put it another way...

There's nothing wrong with outlet strips. Fire officials dislike them because fires have been caused by plugging in too many things and overloading the circuit, though in a properly wired home with functioning circuit breakers a simple overload isn't a concern. Even if you have a duplex receptacle on a circuit by itself you can overload it if you plug two high draw items like an electric toaster and a microwave into the two outlets. So if this was really a concern they should ban duplex receptacles or series circuits and require every individual outlet be on a separate circuit!

Claiming we need more outlets or they should be closer together because we plug in more things - given all that extra stuff we plug in are extremely low electronic items like phone chargers, wifi repeaters, streaming TV boxes and the like is silly. There's no compromise of safety by plugging 20 things that collectively draw 400 watts into a really big outlet strip, or plugging several power strips into another power strip that's plugged into the wall to get those 20 things plugged in (or to provide proper reach if your outlets are too far apart)

There should be some exceptions to these rules for circuits that have properly wired and fully tested circuits with breakers and GFCI/AFCI that meets code (AFCI/GFCI protection automatically extends to everything in a circuit, whether directly or via outlet strips)

The crowd roars and Ruckus joins in with 802.11ax kit

DougS Silver badge

Re: 1024 QAM?

Just because it supports QAM 1024 doesn't mean it is required. Like previous wifi standards it'll step down until it has an acceptable SNR.

The headline feature of 802.11ax is the subcarriers allowing multiple clients to be transmitting and receiving at once in the same channel, not the usual wifi blather about how many Gbps it can theoretically do.

Unless you count QAM 1024, and it sounds like you agree with me that you shouldn't, wifi speeds haven't increased at all in the past five years. They've just make access points able to use progressively larger and larger chunks of radio spectrum at once. Which is nice for marketing folks trying to sell them, or people who live where they don't have neighbors close enough to interfere and have gigabit internet speeds, but useless for wifi in public places, businesses, etc.

DougS Silver badge

If that held us back, we'd still be using 802.11b and 2G. Phones and laptops which support 802.11ax will begin appearing before long, and after a few years more devices that support it will be in use than devices that don't.

The nice thing about having multiple radios on an AP is that some radios can serve efficient 802.11ax, and others can serve inefficient 802.11ac and older, and as 802.11ax takes over fewer resources will be required by the legacy stuff.

Fork it! Google fined €4.34bn over Android, has 90 days to behave

DougS Silver badge

Re: "really it greedy to provide a free OS"

So then you wouldn't buy phones from an OEM that modified Android to force you to Bing and prevents installing Google Search, makes you use a version of Mapquest from 1999 and takes your data and sells it to the mob.

There'd be other OEMs that would default search to Bing because Microsoft pays them but allow you to switch that to Google or DuckDuckGo if you wish, and offer an option where you pay a little more in exchange for a promise not to collect any of your data.

DougS Silver badge

Re: "really it greedy to provide a free OS"

You pay for Android, by letting Google take your data when you use your phone, use Google Search, etc. Don't act like Google is developing Android out of the kindness of their heart.

DougS Silver badge

Re: Apple

If manufactures don't want to use android they should go and do what google did and build their own OS.

The problem they have with Google is leveraging their dominance in smartphone OSes to further their massive dominance in online search and advertising. What usually triggers these type of actions (especially in the EU which is more aggressive policing it than the US) is that sort of leveraging. Just having a dominant market share isn't a problem if you aren't using it to control other markets.

DougS Silver badge

Re: Choice on Apple?

Apple takes 30%, not 70% - same cut as Google takes.

DougS Silver badge

Re: Meh ... (@David 164)

The major issue they identified was Google leveraging Android to strengthen their dominance of the online search and advertising markets (i.e. where they make all their money) which are markets Apple doesn't even participate in. Not to mention Apple has a minority of the market in the EU and all individual countries. Hard to abuse a monopoly if you don't have one.

Wearable hybrids prove the bloated smartwatch is one of Silly Valley's biggest mistakes

DougS Silver badge

You don't need a killer app

To produce a nice business selling stuff to a niche market. A killer app is what would be needed for smart watches to become ubiquitous like smartphones are, but Apple is making a crapton of money selling watches that don't have a killer app and every other business in the world would love to create a product that did as well.

DougS Silver badge

Re: Well done Mr O

The Apple Watch is equivalent in size to a Fortune 300 company - i.e. Netflix or eBay - and outsells the entire Swiss watch industry. In units, probably not revenue depending on the industry's exact Swatch vs Rolex sales mix...

I would agree it is a solution looking for a problem, but enough people have identified a problem its a solution for (even if the problem was "I want to spend money on something I don't really need") that Apple has made a business out of it that's huge by almost any measure. It just doesn't seem like it because it is dwarfed by Apple's iPhone business.

Trump wants to work with Russia on infosec. Security experts: lol no

DougS Silver badge

Re: Does this start with....

More than that, Kaspersky will be mandatory and all other AV solutions will be illegal. Only the Russians can protect us from those evil hackers in countries out to get us like Mexico, Canada, Germany and "why does no longer call it England anymore".

Crooks swipe plutonium, cesium from US govt nuke wranglers' car. And yes, it's still missing

DougS Silver badge

Radium dial watch

You didn't have the radium directly against your body, it was sealed up in the watch.

DougS Silver badge

Re: That dirty yard in the neighbourhood

That's kind of hilarious how blase they were about radioactivity back in the day. Even though the dangers are way overhyped (as the queen surviving just fine for 61 years since that demonstrates) I imagine if William and Kate wanted to pick up a hunk of plutonium to see if it was warm their security would quickly disabuse them of that idea.

The big problem with plutonium is inhaling it, if it would be made airborne and spread out. It'll stay in your tissues and cause problems - sort of like if instead of just picking up a hunk of it the queen was given a necklace made of it. I doubt she would have been cancer-free having plutonium against her neck since 1957.

Submarine cables at risk from sea water, boffins warn. Wait, what?

DougS Silver badge

Land "just beyond the end of the glaciers"?

Florida and the Mississippi river delta are hardly just beyond the end of the glaciers, unless 1000 miles counts as "just beyond".

It may have reached further in previous ice ages (from which the rebound would have presumably already happened) but didn't even fully cover Minnesota and Wisconsin in the most recent one. It never got further than the southern edge of Illinois at any point in the Pleistocene.

DougS Silver badge

Not really a big issue

Sea level rises slowly, and there aren't a whole lot of these cables so they could easily take them offline to move/protect infrastructure as needed. This is like item number 37,552 in the order of importance of things we should be worried about with sea level rise.

Sub-Prime: Amazon's big day marred by server crashes, staff strikes

DougS Silver badge

Re: Mr Amazon gets richer

Pretty sure Bezos can't spend $150 billion on stuff like that, he'll have to give it away at some point since even starting money losing companies would require some serious scale to make a dent in that pile. Especially if it keeps growing.

Sad Nav: How a cheap GPS spoofer gizmo can tell drivers to get lost

DougS Silver badge

You could get around this with dead reckoning

Doesn't need to be super accurate, just enough that you can't suddenly move miles away from your previous location. I suppose an attack that slowly and subtly changed your "location" would still be possible if it stayed below the detection threshold of the dead reckoning hardware, but that would require an attacker be pretty close for quite a long time - increasing the chance of detection.

Probably would also help if cars used somewhat directional antennas that only looked up (or rather, not horizontally) While technically GPS satellites can be used anywhere above the horizon, in practice its designed so you don't need the ones that are very low on the horizon so throwing out results that are less than 10* above it should be fine. Then you'd just need to worry about attackers following you in a drone...

Apple gives MacBook Pro keyboard rubber pants

DougS Silver badge

Interesting that Apple isn't touting this

They only talk about it being quieter. They already basically admitted the previous butterly keyboards were crap, by giving those extra extended warranties, so they are pretty well protected from class action suits (if Apple is repairing it for free, you don't have much to sue about)

I wonder if this is because they aren't sure this will really address the problems, so they don't want to claim it does only to have people start reporting the same issues? They'd have considerable egg on their face if they did. While it isn't a good look to appear to not be doing anything about a publicly acknowledged issue that gave them a lot of bad press, if it turns out it is fixed they don't have to keep quiet about it forever...

Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help

DougS Silver badge

Re: "Thats how these games are played."

Well let's assume he's right and the Russians found some heretofore undiscovered stuff on Hillary they planned to unleash or use as leverage after she won the election. Wouldn't it be smart to have a backup plan and also find some stuff on Trump to unleash or use as leverage should he win the election?

Trump says negative things about every single world leader, save one. Even his staunchest defenders can't come up with a reasonable explanation for why he can trash the leaders of allies like Canada, the UK and Germany but never say anything but good things about the leader of a country that is not necessarily an 'enemy', sure isn't an ally of the US and western governments in general.

It would also be 1000x easier to find undiscovered dirt on Trump than on Hillary, since she's been scrutinized for 25 years, while Trump had really only been scrutinized for less than one prior to election day. There's a ton of dirt from his business dealings out there, much of which undoubtedly Mueller has dug up but if the Russians ever hacked into Trump HQ's email they'd have a lot of dirt about him. He didn't use email, but his statements, decisions, financial details etc. would be in emails between his subordinates, and outside partners/agencies.

DougS Silver badge

Re: What difference did Russia allegedly make?

The fact Hillary was the ultimate insider, ran a poor campaign, made tactical mistakes etc. etc. doesn't mean that Russian interference didn't help - or provide just enough push for her to lose. She lost three states by a combined 100K or 150K votes or so - Michigan by barely 10K, that had she won would have made her president. One can claim she "deserved to lose" but one could easily make the same claim about Trump. Unfortunately one of them had to win, had there been a viable third alternative it would have been an easy choice for many people over these two deeply flawed and not particularly likeable candidates.

The Russian hacking and drip drip drip release of her emails - timed (whether in collusion with Trump officials or by their own plans) exactly to take the focus off Trump controversies like the pussy grabbing tape, or (hoped for) positive publicity like the convention, wouldn't have to keep that many would be Clinton voters deciding to stay home to have made a difference. Obviously we'll never know, but to claim it is impossible that Russia's interference didn't provide that boost Trump needed to win is as ridiculous as to claim that it was definitely responsible. We can't know, but it didn't need to swing that many votes to change the outcome.

DougS Silver badge

Re: I bet the democrats

I think after any election loss the losing party second guesses their choices. If McCain hadn't chosen Palin as his running mate in 2008 I would have voted for him, but that told me he'd completely sold his soul to the right wing nut job fringe. Would there be enough people of like mind to have swung the election his way, who knows, but the people who were excited about Palin were still going to vote for McCain over Obama, so it was a politically stupid move.

PC shipments just rose, thanks to Windows 10

DougS Silver badge

Re: by units sold?

Yes #4 in worldwide units sold at nearly 4.4 million (3% increase from same quarter last year) and 7.1% market share.

Apple collects nearly 90% of the smartphone market's total profit, so I'm kind of curious what that figure would be for PCs. HP and Dell may sell a lot (around 13.5 million each, 3x as many as Apple) but Apple's are mostly $1000+ while HP and Dell's are sold for far less. They aren't taking 90% of the PC market's profit I'm sure, but no doubt they get a helluva lot more than 7.1%.

They make a ton of money selling Macs, but nobody talks about that anymore because it is a drop in the bucket compared to what they make selling iPhones. Heck, their Watch business alone is the size of a Fortune 300 company, which is to say around the size of Paypal or John Deere.

Tim? Larry? We need to talk about smartphones and privacy

DougS Silver badge

Re: Google will have a big get out clause

As if the current administration that bends over and spreads them for corporations, or the previous administration while perhaps less business friendly in general but more Silicon Valley friendly than the current one, would ever limit the ability of a company to steal people's data and misuse it. This is the US, not the EU!

The ability of a phone to know its location for 911 doesn't require that the information ever be transmitted back to home base. It only needs to be sent along with the 911 call. IIRC that's how Apple does it, and they clarified that policy because they recently improved the accuracy of 911 location information.

DougS Silver badge

I'm sure Cook is looking forward to this, since Apple has a much better story to tell on this than Google does, and it will give him a chance to highlight the difference. He's probably hoping what he says versus what Page says makes the evening news, though unless Trump forgets to charge his Twitter phone they'll probably be talking about other things that night.

DougS Silver badge

Re: Beating up some foam ...

Not necessarily. If stuff you say in front of a Google device while it is listening for "OK, Google" is sent back to Google, the CIA/NSA would know that. But they probably wouldn't know whether Google is 1) deleting that data without ever processing it beyond determining it wasn't "Ok, Google" 2) storing it away somewhere in case it someday somehow becomes useful to them 3) Using what you say to help improve their ad targeting (just in case, don't talk about sex toys in front of your Google Home, or you might start seeing some 'interesting' ads)

DougS Silver badge

Re: Google will have a big get out clause

I don't see how that would get them an out. If they've built the functionality into Android, they will need to fess up. If Samsung et al have modified it, presumably that modification would be to either 1) remove that functionality and restore user privacy (yeah right) or 2) have the private data go to them instead of to Google.

FBI for the Apple guy: Bloke accused of stealing robo-car tech

DougS Silver badge

Zero risk for a Chinese company

The Chinese government isn't going to sanction them and they're beyond the reach of US law, so all the risk is on whatever sucker(s) a Chinese company finds to try to steal US (or UK or whatever) tech like this. Even if 99% of them bungle the job and get caught, 1% will succeed.

Its sort of like being able to spin a roulette wheel and if you hit the right number you win $1 million, and any other number means someone gets killed. A psychopath (or a corporation, but I repeat myself) doesn't care about the rando getting killed, they'll keep spinning the wheel until they win the million bucks.

DougS Silver badge

If Apple wanted to give the FBI a backdoor, wouldn't be it more like "plug this obscure 2003 era USB mouse into the phone and it'll bypass the lockout timer"? A backdoor that's easily discoverable isn't much of a backdoor, because once discovered it has to be fixed like any other bug. What are they going to do say "oh sorry, we meant to do that so we won't fix it, but we can't tell you why"?

Not that Apple should need to bribe the FBI to get them to do their job and arrest a guy for theft...

DougS Silver badge

Re: Jobs is probably spinning in his grave at this...

I agree that "act like you're allowed to be doing something" lets you get away with almost anything most of the time. I had an experience with that once, where I was supposed to be doing something that would have looked like grand theft, and nothing was said at the time, but my boss tried to use it against me at a later date believing I had been up to no good - luckily I was able to have him talk to the VP of Engineering whose permission I had!

I wonder how well acting like you're allowed to be doing something would work at a famously secretive and paranoid company like Apple though. Their security is probably told it is better to delay someone leaving a few minutes than let them leave with something they shouldn't.

I'll bet if you are supposed to be taking a piece of Apple-owned hardware out the door of the spaceship you need some paperwork, and probably have to leave through specific exits. And should plan for it maybe taking a little time in case your paperwork isn't in order...

DougS Silver badge

Re: Incompetent timing

Was just going say the same thing. Do we keep hearing about all this criminally stupid criminals because most criminals are stupid, or the ones getting caught just the tip of the iceberg, and the more clueful criminals are simply not being caught?

It seems like such an obvious thing to me. If nothing else, a lot of companies will walk you out the door the moment you give your notice, and even if they didn't normally search employees at the exit they might do so for ones working on extremely secret projects like this one as they're being escorted out.

I think I can kind of understand the reason though - if I stole something valuable from an employer and then went to work the next day, I'd feel guilty and probably be afraid security will walk in at any moment and say "we have some questions for you". It is human nature to want to avoid that sort of conflict, so by doing it on your last day you insure that you won't face that situation. It doesn't stop you from getting caught though, and instead of corporate security coming to see you in your office, the police come to see you at your home.

DougS Silver badge

Re: Jobs is probably spinning in his grave at this...

I wouldn't necessarily assume the "server" is the size of what we think of as a server. If it is designed to fit in a car, even a prototype would be considerably smaller. After all, a Raspberry Pi can be a server, and you could fit it in your pocket even wearing skinny jeans.

Timehop admits to more data leakage, details GDPR danger

DougS Silver badge

Re: TimeHop is used in Facebook

Even if Cambridge Analytica's didn't, we shouldn't assume other third parties who "worked with" Facebook didn't get exactly that. If they were around long enough, even without access to deleted stuff they had a chance to grab it before deletion.

I found it interesting when it was recently reported that Google was letting third parties access people's actual GMail accounts, which begs the question what else they've given permission to root around in. Governments of the world wouldn't need explicit cooperation from Facebook/Google if posing as various third parties let them grab what they want while providing Zuck and Page deniability when asked "do you give government X access to user data without a warrant?"

Technically they wouldn't be lying if the access was granted to a Cambridge Analytica like front for the NSA, or multiple fronts that each collect different data. Then even Facebook and Google don't quite know the extent of what the government is looking at (which only helps them be able to keep a straighter face when saying "we do not provide access to any of our data without a warrant")

DougS Silver badge

TimeHop is used in Facebook

I didn't even know it was a separate company until I saw this article, I assumed it was a part of Facebook since that's the only place I'd ever seen it. I wonder if all the compromised accounts were people who accessed TimeHop directly, or if some of them were people who had only ever used it via Facebook?

Given how freely Facebook seems to let third parties access data, especially one that seems particularly closely integrated like TimeHop is, I think I know the answer to that...

Would Facebook face any penalties under the GDPR if they gave TimeHop access to the user data but it was TimeHop who screwed up and let it escape? TimeHop probably has little in the way of resources, so I know which one I'd rather go after!

NAND the beat goes on: Samsung to fling out 96-layer 3D NAND chip

DougS Silver badge

Re: Exponential development

EEPROMs have a MUCH longer unpowered lifetime than flash, so if you have a device that might be unpowered for months you definitely do not want to use flash to store the boot ROM, or there's a good chance it will have lost bits and fail to boot. EEPROM has a 10-15 year shelf life. Mask ROM lasts forever, which is why those 70s/80s era calculators still work...

I see you're trying to leak a file! US military seeks Clippy-like AI to stop future Snowdens

DougS Silver badge

Two in a box

I thought their solution was to have sysadmins work in pairs, so one guy can't make off with everything? The regular users who are limited by classification and SCI compartments can't download 'everything' like Snowden did, so no point in AI watching over them.

Apple emits iPhone cop-block update – plus iOS, macOS, Safari patches

DougS Silver badge

Re: Preventing it from going into USB restricted mode

No it is easy to fix. The bug happens because the timer counting down to 1 hour is reset when an unknown USB device is connected. Not sure why that should be hard to correct.

Evil third-party screens on smartphones are able to see all that you poke

DougS Silver badge

Re: What?

I wouldn't be so sure that the code only runs inside a chip on the screen. Some devices have downloadable drivers, or download code that's inserted in the drivers. Then it is running at full kernel level permissions, and it would be easy for it to get the data it stole off your phone and to those who will use it against you.

Even if you knew for sure data the screen captured couldn't find its way to the outside world, there's an easy solution for that - give people a one year guarantee on the dodgy screen, and have it automatically "break" after it finds something especially juicy, like bank passwords for someone with a balance of $5M. They'll go get a free replacement, and the evildoers get their hands on the data inside the "bad" screen.

DougS Silver badge

Re: A gift to Apple

How would 'testing a screen' insure that it doesn't have malicious code? Testing can only determine that it meets the software specs, not that it doesn't do 'extra' stuff or verify that the hardware specs (i.e. calibration etc.) are met.

I do agree that Apple went about it the wrong way, what it should have done is produced a warning that the screen isn't a genuine Apple part and may not function properly when you boot. You can click through that and ignore at your own risk, or complain to whoever replaced it / sold you the part if you were told it was a genuine Apple part.

Biting the hand that feeds IT © 1998–2019