China industry has shit to steal, so off course they're not a target...
The west would hit mostly millitary and governmental installations rather than industry one; and If you think that Chinese hacker are better than the west, you are kidding yourself. China would simply not admit to any hacking unless it has too; it would be losing face to do so.
The Us probably spends 10 times more on cyber warfare than any one else in the world, including China.
In this case, this was aimed more at Chinese people than people outside; so do you respect the fact China likes to f*up their own people? YEah.. So, much greatness there.
I have no idea what you're responding to, but none of that has anything to do with what I wrote.
Except for the fact that the U.S. are indeed spying on Western European CORPORATIONS, and not just military and government.
I wrote nothing at all about the competence of Chinese hackers, nor about the hackers, at all.
I merely wrote that Western hackers probably have little chance of getting in due to China's extremely restrictive network lockdown.
One has to wonder what the code review process is doing to miss stuff like this at such a scale so far. Somethings broken.
There is no way to determine precisely what an app is going to do from looking at compiled code. You can scan for certain known exploits that generate telltale code fragments, but an unknown exploit, let alone one deliberately obfuscated, is impossible to detect from looking at anything but source code, or running the app itself (which Apple does as part of their testing).
Apple can not demand that developers submit their source code. For one, various code licensing deals prohibit this, and for another, that would be like a chef having to post the exact recipe before being allowed to sell a meal. Microsoft Office would not exist for iPad if MS would have to hand over the source code. Nobody is that crazy, not even Microsoft.
sounds to me like it's a case of either laziness or intentionally using a compromised version of Xcode. how difficult is it to go to either the app store or apple developer website and download it?
And all of the article fail to explain this. How difficult? It varies from being impossible to trying a dozen times. Apple does not provide any check sum for the final downloaded files. And it either disconnected during the download or the final downloaded version being corrupted. *
I am having difficulties understanding why Apple manage to set up CDN for their App Store in China but not for their developer site.
Or is it their sloppiness on the services end AGAIN.
* Downloading Files from any site outside China requires going through GFW.
I have a legitimate copy of Xcode (6.1.1) installed from the app store, but this command fails for me: $ spctl --assess --verbose /Applications/Xcode.app /Applications/Xcode.app: rejected source=obsolete resource envelope
Another way to do this is to disable sideloading for OS X, effectively make it iOS.
That would effectively end my usage of OSX and the thing is, I have no doubt Apple is heading in that direction, oh I'll dread that day. Okay, that was a little melodramatic, I would be a little sad for about 10 seconds, say a nice farewell outloud and then just move on as I can switch OS's faster than I can a light bulb as everything I do on a computer is cross platformed. I also maintain multiple systems just for a scenario like that, well, that and I'm also a uber geek who enjoys doing so. I agree about your cloud IDE concept though, I use them now, love them, their fantastic. My ChomeBook Pixel is actually my main development machine because of how great these online IDE's are. There is absolutely not a single thing that I'm missing or compromising on doing so. In fact it's actually better now, everytime I run into a problem, I just go into my favorite programming forums, ask for help, send the person(s) who responded, temp credential(s) to login into my project site, than work together without stepping on each others toes, so very, very awesome.
Comments
I have no idea what you're responding to, but none of that has anything to do with what I wrote.
Except for the fact that the U.S. are indeed spying on Western European CORPORATIONS, and not just military and government.
I wrote nothing at all about the competence of Chinese hackers, nor about the hackers, at all.
I merely wrote that Western hackers probably have little chance of getting in due to China's extremely restrictive network lockdown.
There is no way to determine precisely what an app is going to do from looking at compiled code. You can scan for certain known exploits that generate telltale code fragments, but an unknown exploit, let alone one deliberately obfuscated, is impossible to detect from looking at anything but source code, or running the app itself (which Apple does as part of their testing).
Apple can not demand that developers submit their source code. For one, various code licensing deals prohibit this, and for another, that would be like a chef having to post the exact recipe before being allowed to sell a meal. Microsoft Office would not exist for iPad if MS would have to hand over the source code. Nobody is that crazy, not even Microsoft.
sounds to me like it's a case of either laziness or intentionally using a compromised version of Xcode. how difficult is it to go to either the app store or apple developer website and download it?
And all of the article fail to explain this. How difficult? It varies from being impossible to trying a dozen times. Apple does not provide any check sum for the final downloaded files. And it either disconnected during the download or the final downloaded version being corrupted. *
I am having difficulties understanding why Apple manage to set up CDN for their App Store in China but not for their developer site.
Or is it their sloppiness on the services end AGAIN.
* Downloading Files from any site outside China requires going through GFW.
$ spctl --assess --verbose /Applications/Xcode.app
/Applications/Xcode.app: rejected
source=obsolete resource envelope
Another way to do this is to disable sideloading for OS X, effectively make it iOS.
That would effectively end my usage of OSX and the thing is, I have no doubt Apple is heading in that direction, oh I'll dread that day. Okay, that was a little melodramatic, I would be a little sad for about 10 seconds, say a nice farewell outloud and then just move on as I can switch OS's faster than I can a light bulb as everything I do on a computer is cross platformed. I also maintain multiple systems just for a scenario like that, well, that and I'm also a uber geek who enjoys doing so. I agree about your cloud IDE concept though, I use them now, love them, their fantastic. My ChomeBook Pixel is actually my main development machine because of how great these online IDE's are. There is absolutely not a single thing that I'm missing or compromising on doing so. In fact it's actually better now, everytime I run into a problem, I just go into my favorite programming forums, ask for help, send the person(s) who responded, temp credential(s) to login into my project site, than work together without stepping on each others toes, so very, very awesome.