jogu
About
- Username
- jogu
- Joined
- Visits
- 9
- Last Active
- Roles
- member
- Points
- 14
- Badges
- 0
- Posts
- 9
Reactions
-
Backblaze updates Cloud Backup 7.0 with macOS Catalina support
The auto updates are actually quite broken and the lead up to this release has been a poorly communicated mess (see https://www.reddit.com/r/backblaze/comments/de1179/macos_610338_manual_vital_upgrade_prompt_lack_of/?utm_source=share&utm_medium=ios_app&utm_name=iossmf ).
I really hope backblaze up their game as a result of this. I really don’t care if my backup app looks nice on high resolution displays or not, but it hugely worries me that they don’t seem to feel it necessary to apply normal engineering practices like issuing change logs or having the app tell users when auto updating is failing.
(That said, they’re still miles ahead of crashplan - I evaluated crashplan for our company and quickly realised it is a security nightmare we shouldn’t touch with a barge pole.) -
'Sign in with Apple' may only limit tracking, not eliminate it
mjtomlin said:Since no one outside of Apple knows exactly how "Sign in with Apple" works anything said or compared is purely conjecture.I seriously doubt Apple "copied" OpenID...They are very capable of coming up with their own implementation even if some of things happen to "appear" similar. Anyone who's every designed anything knows there's a huge difference between implementation and appearance.
OpenID obviously has an issue with Apple (probably not joining their group), otherwise, what would they care? This reaction reminds me a lot of CurrentC.
As long as we have an option that is NOT Google or Facebook, (or any group supported by either) count me in!
I 100% agree that it's brilliant Apple are doing SIWA - I'm massively looking forward to as many apps as possible supporting SIWA. -
'Sign in with Apple' may only limit tracking, not eliminate it
luxuriant said:The OpenID Foundation has pointed out that Apple's technology bears a lot of similarities with OpenID Connect, but has serious gaps affecting security and development.
Given its membership (https://openid.net/foundation/sponsoring-members/) I regret that I have to take any pronouncement from this source with a large grain of salt.
Luckily the foundation published the full technical details of how they differ from the standard implementation here:
https://bitbucket.org/openid/connect/src/default/How-Sign-in-with-Apple-differs-from-OpenID-Connect.md
You're very welcome to review that and form a considered opinion as to whether or not Apple has issues in their implementation of OpenID Connect that could cause security and interoperability issues or not.
-
OpenID Foundation says 'Sign in with Apple' has critical gaps, urges changes
godofbiscuits said:I trust OpenID if they say there are security holes. And given the importance and visibility to Apple, I’m sure they’ll address the security issues before releasing SIWA.
‘As for compatibility with generic OpenID? Nice for OpenID, but it would only muddy the waters when it comes to customers understanding what SIWA is all about. Id be surprised if Apple makes that a priority.
Compatibility with OpenID Connect matters for developers and anyone that wants to add 'Sign In With Apple' to their website. OpenID compatible means it's a tweak to configuration to add an extra OpenID provider (if the website already has OpenID integrated, e.g. has 'sign in with google') - if SIWA isn't OpenID compatible then it will require changes at the source code level, which may mean waiting for an upstream software vendor to release a version of their product that is compatible with the SIWA oddities and (depending how long it is since they last upgraded) a potentially long test / fix cycle before they can roll out SIWA support.
As an end user, I would personally prefer that Apple did everything in their power to make 'Sign in with Apple' as easy for developers to use as they can, and I think being interoperable with existing OpenID Connect libraries would help with that, especially as Apple are already using the OpenID standard.
I really really want to see app developers supporting SIWA rather than having to create new accounts, verify emails, etc, every time I install a new app that needs an account creating. (And whilst SIWA is going to be mandatory for apps that supported third party logins, it will be completely optional for apps that use their own first-party login system - it's this category of apps that have the choice of whether to adopt SIWA or not, and that choice will be a lot easier if SIWA is easy to implement for developers.)