Re: First rule of security...
I saw a hardened device in March (sold as very secure), it was still sending packets off to China.
Eventually we harden it so much to stop the packets that it basically was unusable as a device :o
109 posts • joined 26 Mar 2013
I saw a hardened device in March (sold as very secure), it was still sending packets off to China.
Eventually we harden it so much to stop the packets that it basically was unusable as a device :o
Nothing is unhackable
Second rule of security
Don't put it on Android !!!
Android has so many known security holes (makes windows look good).
They promise jobs but don't invest in making sure they can deliver.
So typically they take the money and the students get usually good training (depends on the trainer), however then there is little support to find jobs afterwards (even worse if they shut down).
I feel sorry for the students who are promised jobs as the trainers end up trying to support the students, but don't have the resources to do so :(
Except his name is Paul David Pestor.
Not Peter !!!
"Perhaps a decent web security consultant might have been a better investment?"
I think an "app" security consultant would be better as apps also store data on the phone and synchronise between devices, which doesn't feature in web security.
I have trained so many web developers over the years in iOS programming and they are blown away about how much more complicated it is dealing with a device that can hold data and process it locally (plus synchronise through a cloud that they have no control over).
Web security is a very centralised view of the world, app development is far more distributed and can catch you out.
He probably had a web security consultant, which might be where he went wrong in the first place.
"Wall up the French end, use the tunnel as a reservoir to ease water shortages in the South East."
Err... the southeast has a set of massive chalk aquifers underneath it (North Downs, South Downs and the Thames valley).
Recompile the app in Xcode 8.
If the app was built well and the app developers didn't use 32 bit third party libraries, it should just need a few tweaks and a recompile and submit to the AppStore.
I've written apps for a few companies originally in iOS 7 that every two years may need two or three days work and a recompile, Xcode builds the app to the version of iOS you specify.
It just requires that you know what you are doing and that is the harder part :)
It's a hypothesis not a theory
Is the neural engine, first time a hardware neural network has been put into a consumer product.
Back in the mid 1990's I was a contractor at a large security company. I was asked to look at this new Windows NT 3.1 (became 3.5 soon after).
So eventually after installing the OS (many floppy disks later) I had a look at the local network and noticed I could see hundreds of C: drives that were shared (and access them) that you couldn't normally see from windows 3.1, being a good contractor I reported this security issue to the IT security department.
The IT security head assured me they would deal with this issue by the next day.
The next morning an email went out to the whole company (many thousands of people) that stated "Windows NT is not allowed to be installed on any machine in the company".
I learnt a real lesson about IT security departments that day :o
Currently if you build apps via Xcode you can either run them on the simulator or on an iOS device.
If you run it on the simulator it compiles down to intel machine code (you can see when it crashes), if however you run it on a device it compiles down to Arm machine code.
LLVM has allowed this for years and they can easily compile two versions so they don't need to emulate, the hard bit is to swap between them when the code is running. Could see this being done by breaking the code into closures/blocks and making the memory accessible by both versions, but they may have found a different way.
Currently they would easily be able to port all MacOS apps to Arm as it is just a compiler option.
I once had to look after self modifying code in the 1980s, it was a real lesson as overtime you listed code it was different :)
Making changes to the code that modified was fun as well as bugs tended to eat the whole system (you learn't the value of backups when developing).
I was then tasked with writing a report generator that looked at the system and worked out where the relevant data was and created the report. It is the only time in my career that I've had to use triple indirection (used double many times) and recursion together. I used to come home with stunning headaches and next day spend an hour working out what I'd written the previous day.
After a few weeks I'd got it working and written a user interface for selecting the data you wanted and how to layout the report type if you wanted a new report. All fully documented :)
I left a few months later and then came back a few years later to see that no-one else had ever generated another report type after I left. The reason... you had to understand data structures in the original system to build a report and no one could be bothered to learn. Some programmers tried building static programs to build reports, however when system modified they stopped working :)
Did an article about these basic monitors and it showed that all of them were useless if you wanted a true measure of your heart rate. They work by trying to see when the blood moves through your veins.
The only way to get a proper reading is to strap a device to your chest and measure electrical signals to the heart.
In the end they recommended getting a watch, put pressure on your wrist and measure it yourself, looks like apple got the watch part right ;)
Think god of the gaps.
So instead of some asking "why do galaxies rotate like that" and someone replying "God did it", we now say "it's due to Dark Matter".
Just a different name for our ignorance.
John Sculley pushed apple to build the Newton because Steve Jobs had spoken about such an idea with him in the early 1980's (read various biographies). Jobs wanted to build an iPad like device for years but the technology didn't exist (to slow, to big...etc).
It also seem to be forgotten that the iPhone was a spin off from the iPad project.
Also as someone who had a Newton it always stuck me as curious at the time that Apple didn't release the software into the public domain for the community to maintain after it was killed off. After the iPhone was released I realised why, very similar interface.
Some of us are old enough to remember early handheld computers in the 1980's (I think Sharp and Tandy might have done one), everyone thought that was the way things were going strange how things turn out.
As a computer scientist and a physicist I've hated how people assume that they can model everything on a computer.
Unfortunately when things become to complex you have to make assumptions to build a model, this inevitably means something gets missed out e.g. most climate models cannot model clouds very well and many economic models don't take real data.
So the models diverge from reality.
In the last few years I've seen people actually questioning reality when it doesn't fit the model (No your model is wrong!!).
So it is great to see people actually doing experiments because it is to complexed :)
On Einstein not being wrong.
As a physicist I have seen this so many times and Einstein wins every time.
Gravitational waves were discovered before they even ran tests on the detection equipment, they turned on the detector and there they were :o
Also Einstein's work is based on very simple principles all other theories are based on very complicated hypotheses so are more likely to fail.
Special and General Relativity have been tested to very precise levels (10^16) even quantum mechanics is only accurate to (10^8) - Voyager passing Jupiter.
1) does is break the second law of thermodynamics, if so fail !!!!
2) does it contradict General Relativity, if so fail !!
"Doubly appropriate, given the Micro:Bit’s two ARM Cortex MPUs are descended from the Risc chips of that old Acorn machine."
The model B had a 6502 not a Risc chip.
That first appeared in the Acorn Archimedes.
Ok 6502 was its inspiration but it wasn't a Risc chip.
The 20th Century is scattered with examples of governments coming to power (by fair means or foul) that have then used the apparatus of power to remove the liberty of their citizens.
The problem of what is the "best interest of the people" is decided by a group of people who have a viewpoint that may not be in my interest or a majority of the population.
What is currently being demanded by governments both here in the UK and US may not be abused by the current governments, however if these attempt are successful they put into statute, laws that can be used by a future government to suppress the rights of their citizens.
You just need to look at history to see that can very easily happen.
Even in my lifetime I have seen British Governments complain that the courts should not undermine their rights to govern (thank goodness the courts have not buckled) however in the 1920's, 30's and currently in Russia there are many examples where the courts just become an extension of the ruling party. If the governments then have laws that allow you to be constantly or occasionally monitored (legally) without being suspected of a crime it becomes easy to find fault to put free thinking and innocent people in prison.
It has happened before it will happen again.
Go read Animal Farm the laws get rewritten.
The walled garden what do you expect?
The walled garden does stop you doing what you like with your device, however as a developer I've never found this a problem. The reason is that even though I can't put stuff on the app store that uses private APIs. I can write the app and just use it privately.
Apple also can't be held responsible for this so the poor individuals are screwed :(
I've seen so many people turn up to courses, with jailbroken iPhones complaining that something, doesn't work on their iPhone and it is usually down to them jailbreaking it or even worse they've gone back to a shop they bought a iPhone from (not Apple) and been given a replacement that was previously jailbroken. If you are just Joe Public leave it alone or buy an Android or Windows phone (will cost you less as well).
If you buy an expensive iPhone don't jailbreak it unless you know what your doing and realise that you open it to being hacked easily.
Often it's down to someone's mate saying you should do this to your iPhone to get free apps that you pay for on the AppStore. Their mate usually knows very little about computers but just enough to be dangerous, plus they are depriving developers of income, which as a developer pisses me off as I have to feed my kids, I can't live on fresh air (I'm sure if they went to work and were told at the end of the week that they weren't getting paid as there boss wanted their work for free they'd be pissed off).
Unfortunately it is a fact of life that if you want a completely open system, someone can easily hack it.
Open systems are open and security is complicated :(
It is due to the slowing of the Chinese economy all stocks around the word are suffering, not just the tech ones.
So combined with European countries being in recession there are real concerns that this will hit the global economy.
Over the years I have worked on many systems where the client wants to categorise something.
Generally it works for man made objects, however like all things there are exceptions (is an infrared lamp a lamp or a heater? It's technically both people don't like this)
If you look at the planets each on is unique in some way, but we just like putting things in a box.
If you work extensively with logic you begin to realise that categorisation is a cognitive thing rather than real. You can write the same program in procedural, object oriented, functional and protocol oriented paradigms they are all isomorphic with each outer it is just a different way of categorising a problem.
Personally under the dwarf planet definition I would shove Mercury in there as it so close to the Sun that the Sun clears the region (it also almost cleared out Mercury as it used to be bigger, like Pluto).
So it is just a putting it in a box exercise, driven by administration not science. Light used to be just a wave in the 19th century until the photoelectric effect was discovered and Einstein screwed it all up with the photon :)
My understanding of plate tectonics on earth is that it is driven by the water allowing the plates to lubricate when they slide over each other, it has also been suggested that microbial life is also important for this process.
Venus had no plate tectonics and Mars exhibits pre-plate tectonics which suggests that water wasn't there in the abundance that we find on Earth or for very long.
Given the above, if water wasn't around long enough to get plate tectonics going properly, much as I'd love to find evidence of life on Mars it's probably very unlikely :(
The best requirements gathering, the best design...etc
But if your code is crap then it is all a waste of time, good coders are worth their weight in gold (or even saffron)
I remember when the iPhone was announced everyone said it was too big, the trend was for smaller phones and it was too expensive.
Then the iPad was announced everyone said it was dead in the water as MS couldn't sell the concept and that it was just a big iPhone.
Apple watch ugly (Vogue have already disagreed) no-one needs one (I've been using a pebble for 9 months and it is really useful on a packed London train)...blah blah blah.
Time will tell.
What has made me really me laugh is the IT people being asked their opinion who have said it is not stylish (these guys are very fat, sweaty and have the dress sense of an IT bloke), it is not us in the IT crowd who are going to make or break this produc (I know many IT friends who have windows 8 phones)t, it's the public and from what I've heard already they might do well again.
Even if it wasn't next day it would be (if you read his biography)
We'll you read wrong
It is quite clear that the leak is through third party apps like chrome.
Do you actually program iOS apps?
Or is are you just holding your finger in the air and seeing which way you think the wind is blowing?
You can only use a web view via a native app, and then fire off the URL as an action from the webview.
Google is blaming Apple here for an app that it wrote, whereas safari (written by apple) doesn't have this issue (yet uses the same web view). QED Google has written there app to the same standard as usual which is as water tight as sieve !!!
Indeed a very good comment.
If you have a Turing complete programming language (and both Objective-C and Swift are Turing Complete) there is always a way to subvert the system. The problems get caught in the testing.
Well you'll have to write a native app first :)
Do you want to sign up for some training courses?
then you have to decide if you want to do it in Objective-C or Swift
'The document also explains that something called the "tel URL scheme is used to launch the Phone app on iOS devices and initiate dialing of the specified phone number."'
This has been there for years all the way back from iOS 2
I have written apps that open maps and then find a route or make phone calls and they have never prompted, however my apps have to go via the App Store so are screened first (obviously this is as good as the screening), also if Apple discover you are doing something not allowed they take down the app.
If you jailbreak your phone and download an app from another source you on your own and where these native apps are likely to be lurking.
Had that got out it would be a nightmare!
When DNA analysis was done on smallpox it shared more hits with human kind than anything else, Smallpox is our natural predator. We have had 40 years of absence in the most of the world it is uncertain if there is any natural resistance left (maybe some of us who were immunised).
Smallpox has the ability to dismantle our immune system, if it got out in a big city it would be similar to what happened when it landed in the new world :(
I was immunised against smallpox as a baby in the 60's and the vaccination caused terrible eczema (I was covered from head to foot) the vaccination for people susceptible to eczema and asthma is almost as dangerous as catching smallpox itself.
I hope it never gets out as we could not scale up vaccine fast enough. My father who was a medic used to tell of an operation where the patient had smallpox and the theatre staff were unaware. No-one survived exposure even though some were vaccinated as they were exposed to such a high dose of the virus.
The stuff of nightmares :(
Well I've written a couple of apps that use I beacons, so unless you make your phone an iBeacon or carry one around with you you can't be tracked by them.
Next the phone can only pretend to be one beacon at a time so if you have two apps trying to set up the phone as their own iBeacon with different ids then you will get a clash between the apps.
In your scenario you are saying that Apple will monitor which beacons you go by (however you need to know what iBeacon ids your looking for) and send the data back, well in theory yes this could be possible, however in practice most iBeacons run on Batteries which don't last as long as most producers claim and there are not many mains powered iBeacons on the market (though you could build one with a Raspberry Pi as per the Reg article http://www.theregister.co.uk/2013/11/29/feature_diy_apple_ibeacons/). so it would be a hell of a lot of maintenance for very little gain.
To be honest you may as well just use GPS and if your that worried it might be worth investigating buying one of these http://zapatopi.net/afdb/ ;)
iBeacons don't track you it is the app on the phone that sees the iBeacons. All iBeacons are is low power bluetooth transmitters that transmit an id and you program your app to see certain ids.
So if the app is tracking you de-install it, you have control.
Whereas with MAC address scanning it is done without your knowledge, thus you have no control.
I train Objective-C it is currently one of the most used languages due to the app store.
I've had a look at swift and it is similar to Scalar, so it will be straightforward for coders to convert.
It seems to remove all the brackets :)
Bet your not a FTSE 100 CEO then ;)
The big thing now seems to release an app that can only work with your cloud :(
This is the equivalent of having to have a separate disk drive for each program you run on a computer!
I've downloaded office for iPad but don't use it as I haven't got a 365 account, I'd rather use Dropbox or iCloud.
The best apps give you flexibility of use and I don't begrudge a fee for that usability, but I'm dammed if I'm going to pay an annual fee to store stuff on a cloud that I never wanted to use in the first place :(
The BBC used to be a place where the researched things thoroughly. The great shows like the Burke Special, Horizon (before it was dumbed down), tomorrows world (I know it could be crap at times)...etc
Now what they put out on horizon would have taken up 5 minutes 20 years ago, the amount of recaps, pre-caps...etc
The news is based on reading an article on wikipedia half the time and when they are not doing that they are placing articles in the news to subconsciously suggest things about the next article, while sweeping their own dirty laundry under the carpet :(
In the past I've had to complain numerous times about blatant inaccuracies and it is only after you complain about the initial reply that they take it seriously. They should rename it the ministry of misinformation :(
My kids don't watch it because they have brains and 90% of the current output is either written for the in-crowd by the in-crowd or to brainwash the masses with Eastenders :(
Mr Grade (the one who cancelled Dr Who...etc) has a lot to answer for.
The BBC used to be great for its output, whereas now it is pretty on the eyes but doesn't make your brain do any work, that's why they don't attract the young I only watch out of habit, but when my brain engages i change channel or put on some music (If you have cable or satellite go and watch PBS some great documentaries).
This is a classic example of business stealing others work, thank goodness they don't apply in the UK :)
I'm sure I wrote programs in the 70's and 80's that I could have held to whole industry to ransom with, however I just was just delighted to come up with something new and original, that can't be patented.
Even today it is fun when you come up with a solution that is better than solution you can find on stack overflow etc.. and the joy of sharing the solution with your fellow coders is it's own reward (had one recently that was infinitely simpler and efficient than any other solution, it was just neat and I was very pleased shared it straight away) :)
This is what helps innovation where people share ideas and build something better, thank goodness Sir Tim had the same view with www.
Part of claim 27 is quite specific on hardware to be used
"The microcomputer 411 for controlling the transmission rate stores a constant amount of MPEG1-formatted data in a buffer memory 412. The formatted data is passed through an interface circuit 413 and a card connector 414 and reaches a harddisk drive 415. The card connector 414 is configured on the PCMCIA standards and thus contains 68 pins. The harddisk drive 415 is sized to a memory card and subject to the PC card standards defined by the PCMCIA (Personal Computer Memory Card International Association)."
I don't remember a PCMCIA being used on an iPhone (maybe on an apple newton that predates the patent).
One or two issues with lost connections with my phone but generally a very good experience :)
when I'm on the train and i get a message/email I can see if it's worth getting the phone out to read.
Also if I get a phone call it shows who it is from and I can either pick it up or reject it by pressing a button on the watch.Additionally notifications and calendar reminders are also forwarded.
I gave a pebble also to one of my children and they've liked using it as well.
It works with both iOS and Android :D
The pebble is simple but what it does it does well, I can recommend it.
I thought they'd stopped doing that after Salem :o
Not many as he also recommended the Windows phone and not many of them have been bought either ;)
It depends where the network encryption is being carried out.
"the Knox environment provides a virtualised secure container that's meant to protect sensitive data from attack"
Given that this is virtualised will mean that it has to communicate at some point to the underlying OS and then Hardware via the implementation stack.
Keeping anything virtualised secure is a real nightmare as the MITM can be implemented by hacking the environment that provides the virtualisation.
Hardware encryption is usually more secure (as long as there are no bugs) as the encryption and de-encryption are carried out in hardware not in software.
Additionally Java has been a horror show on the security front for many many years now (I hear Java 7 is much much better, but only time will tell) and given that parts of Android's implementation was based on Sun's original implementation (which was a watertight as a tea strainer) there may be some very nasty surprises buried deep (that have not been thoroughly stress tested).
They are using android phones to organise the protest :D
"but the fourth quarter is traditionally Apple's strongest, and the three-month period didn't include a full three months of iPhone 5S and 5C sales"
So given that many people buy Christmas gifts in the three week before, what is the point of drawing conclusions?
Such as "Android claimed 55.7 per cent of the market, and iOS 30.6 per cent, with Windows Phone at 10 per cent".
Since you don't have all the data, absolutely a waste of time!!!
Once all the data is collected then give the figures
"You clearly haven't done any kind of development."
UI and UX design are not just about using tools, it's about trying things out with testing apps for different people and not thinking of things from a developers perspective.
Also I have done loads of development and overhauled apps for companies as the original developer had made a real pigs ear of the UI and UX.
I will often build an app and then road test it with friends and family on different formats for a few months, it is amazing how many points come out and sometimes you have to go back to the drawing board (literally). What works great on a phone can look bare and empty on a tablet (or slightly larger phone), whereas when you scale down apps you often need to remove or rethink how to present it in a smaller format.
If however you just bang out apps you don't think about these things, the difference between an ok app and a great app is that developer/designer have thought about the form factor first.
So you can carry on believing I haven't done any development, however maybe you should consider that some developers take pride in what they develop and like others to enjoy the UX :)
is that they were trying to make the brand appear more exclusive on the high end phones.
However as they run Android it makes it hard to distinguish high end from low end, if Samsung could get some traction on their own OS then it might be a possibility. Also as their strategy for handsets is to make just about every conceivable combination they end up with the same issue that Apple had in the mid 1990's (you can't give a good reason why one model is better than another) this means that profits per model become lower due to the economy of scale.
As Android is available to all handset makers if someone brings out a much better android phone then it become hard to counteract the threat (given that there is an annual cycle of new models), Nokia ended up in this situation.
Lastly as a developer with android you have to make a choice as to which handset format you will develop for (as there are so many formats) thus it is hard to get the same apps for all handsets. You can see this problem with the Galaxy gear watch as it will only work with a very small selection of Samsung phones.
And as for different being able to run the latest version of Android on your phone/device don't even go there..
Andy Scott said "The fingerprint reader sounds great until you learn it can be bypassed by entering the the 4 digit pin."
or you could turn on the options in settings to use a password instead of a 4 digit pin, you can then make it as long as you want and hence more secure :D
"As for the post MS world, I wouldn't bet my house on it. The staggering amount of legacy MS Office documents in medium/large organizations makes me skeptical on this matter."
This is true, however each user thinks they can sort it out and most organisations pay a pittance for IT staff to maintain them :(
Unfortunately the 2000's have seen companies trying to commoditise IT skills by offshoring, paying lower wages, calling us nerds...etc
Also most IT jobs these days tend to be what we used to call "Computer operator" jobs.
What is amazes me is that companies get a real shock when they want someone to write some code for them as they don't realise that to write good code you need skills and experience.
Sure you could get a kid straight out of college (who'll only have learn't Java/python if your lucky) they will be cheap, however it'll be crap and when you need new features it will not be easy as it was not designed for expansion (I've had to pick up a few of these, they are unmaintainable and usually need to be completely rewritten).
Also these days IT departments are run by people who've been on a one week Prince 2 training course (if your lucky) and wouldn't know the difference between a computer and a kid's Vtech toy.
Happy New year :(
Biting the hand that feeds IT © 1998–2018