ranson

AniMill said:

“ Apple denied any wrongdoing…” 

Ummm, I have great respect for most Apple products and business practices, but the Butterfly Keyboard was an unmitigated disaster in design and durability. I understand they have to deny culpability, but they should send this bill to Jony Ive. Maybe this (along with the Apple Watch tree removal fiasco) were the real reasons they pushed him out, and cut ties to his new venture.

To be clear, there is no wrongdoing here. Wrongdoing in the legal sense means with nefarious intent. Clearly Apple did not intend to make everyone's life miserable with this terrible keyboard design.

sflocal said:

Nonsense.  People like you, wannabe developers, will literally make stuff up to further your agenda.  Whiners like you are not Apple's customers.  WE are Apple's customers, not developers, not you.  

You want the Wild West, go to Android and be done with it.

Wow, is it really necessary to attack people and call them names like wannabe and whiner?

"[RCS] is too little, too late unless Google makes significant changes and improvements"

Andrew, I appreciate the article, but i'm curious about this statement. What significant changes to RCS should Google make? You don't bother to elaborate on any of that in the article. You mentioned that RCS doesn't support e2ee out of the box, but Google has already added it for one-on-one messages while groups are still in the clear. Is there anything else?

This is an interesting choice with somewhat dubious reasoning: pay us $8 for the continuing privilege of using the least secure MFA mechanism.

Most likely, the SMS's were too costly for Elon's liking, while Authenticator apps are both more secure and effectively free for Twitter to support. So from a financial perspective, it makes a lot of sense. From a security posture, forcing users off of SMS and over to an Authenticator app is a good long-term decision.

However, the outright disabling of nonconforming users' existing SMS MFA on March 20 is a terrible idea, as it will expose what is likely millions and millions of accounts to being compromised, should their passwords have been previously harvested. This will particularly impact users who rarely access Twitter anymore, if at all. A better approach here would be to retain the SMS MFA on those users indefinitely, but require them to explicitly disable MFA or switch to an Authenticator app the next time they access Twitter after 3/20. You should never just turn someone's MFA off without their explicit approval.

clexman said:

The headline should be, "Person comes in 2nd, wants the same trophy as the person who came in 1st." Says, "Rules are not fair and shouldn't be followed."

I disagree here, because the circumstances are highly unusual. The reasons the Apple employee was not first to report the vulnerability are listed out in the article. In simplest terms, it boils down to someone who does not work at Apple and was not involved in discovering the vulnerability having effectively overheard the Apple team talking about their discovery during the hackathon and submitting the form first. The reporter likely just provided the steps to reproduce the attack to Google, all while the original discoverer was still working to author a deep technical description of the vulnerability and identify any similar or derivative methods of exploiting it.

Imagine physicist who makes an amazing discovery, or an astronomer who discovers a new asteroid or dwarf planet. And now imagine someone else who witnessed the discovery actually going to publication with details about it before the discoverer. That would be the death knell for the ninja's career because it's plagiarism.

When someone makes a novel discovery, everyone else should provide space and deference for the discoverer to confirm their findings and report them properly and completely. In the case of cybersecurity, this is especially important because denying someone a bounty for finding a vulnerability (much less, awarding it to someone completely disconnected from the discovery) will only encourage the discoverer to stop participating in the bounty program going forward. And since they are the one actually finding the vulnerabilities (and not the ninja), we absolutely want them to continue in the program, so as to ensure the most secure products that the vast majority of the world is using every day of their lives.

harrykatsaros said:

They shouldn't compromise on anything. If they start making compromises the Apple Vision ends up just becoming the Meta Quest with a different logo slapped on it. Just wait it out and let the Gen 1 Vision Pro become the lower cost entry level option when component prices drop as Gen 2 and Gen 3 devices get released. They just need to follow the same pattern they've been using with the iPhone where the older gen device evolves into a lower entry cost phone as the new iPhone is released. It's a proven strategy so why fix what isn't broken.

What are you even talking about here? Since the iPhone 11, they've released Pro and non-Pro versions of the iPhone every year at the same time. The non-pro version comes with a less powerful screen (60hz max without ProMotion), a less powerful camera array that lacks telephoto zoom and lidar, a less powerful cpu/gpu, and a slower modem. These are consistent differentiators between the pro and non-pro lines every year. Why would they not do the same w/ Vision?

The EyeSight feature provides no benefit to the user/wearer of the device. It's nothing but a shiny bell, requiring a custom, curved oled screen and multiple sensors, that is unnecessary for an entry-level device. Removing it would make the headset not only cheaper, but thinner, lighter and less power-hungry. When they showed off EyeSight in the launch video, I literally rolled my eyes at how much more expensive the device would cost for such uselessness, and mused that I'd happily pay for a cheaper version that didn't include it.

Apple's primary goal is profit. You make profits by selling in high volume (to the detriment of your competition) at excellent margins. You can't do that when a product is too expensive because you've baked in bells and whistles that few users would actually care about, thus diminishing demand for the product. Apple is likely discovering through their own consumer research studies that, while EyeSight is a killer feature, it is not enough of a draw for people to justify spending an additional $3K over just buying a Valve or Meta headset.

There are other opportunities for Apple to save here too, by farming out some of the built-in features of Vision Pro Gen1 to other parts of the Apple ecosystem. For example, consider the sensors that are constantly trained on your hands to detect finger taps. You may recall that the latest Apple Watch now detects the same gesture.  So they could remove those sensors from an entry level Vision device, and allow the user to instead wear an Apple Watch to enable the feature. At the same time, this would address some of the reliability issues of that feature on Vision Pro when the hands might be obscured from the cameras.

The OLED panels used in the current iPad Pro displays are known as a "single-stack product," 

What? The current iPad Pro displays are Mini-LED. iPads have NEVER used OLED panels! This site has really gone downhill in quality. Typos everywhere; Basic, well-known facts being completely wrong. We readers point out the problems, and nobody cares to correct the article.

What a ridiculous, misinformed, clickbait article. Nobody's thermostats are being tampered with. They opted into a program that allows this, and in exchange they receive financial perks on their power bill (including the power company providing the smart thermostats to them for free). This article needs a major overhaul, or to be retracted completely.

I have been reading AI for over 20 years, but if you keep churning out trash like this, you will quickly fall off of my bookmarks. There are plenty of other reputable sites covering Apple that post the same news as you do, just as timely. Clearly they are more informed about the topics they are reporting.

Engadget similarly posted a trash story about smart thermostats a few years back (here), and I promptly removed them from my news feed and have not been back.

rob53 said:

I want, no DEMAND, that this Developer Mode setting include a way for the iPhone operator/owner to lock out the ability for it to be changed by anyone except the iPhone user as defined in iCloud settings. Further, I want to make sure the iCloud settings require either a password, passkey or something no person other than the logged in user has access to. I CHOOSE to only use the Apple App Store and since it's my device with my personal information on it, I have a right to protect that information, especially from non-governmental people, like developers. I CHOOSE what goes on my OS devices, not developers or governments. A "bad actor" has several ways to get past any iOS setting but it's more difficult when there aren't settings that would easily allow the beginning of opening an iOS device. This mode is a semi-locked door when it currently is a wall with no way to get through. 

I don't quite understand this rant. The setting is part of the phone OS and thus will be protected by your passcode/biometrics? A bad actor would be required to have physical access to your unlocked phone, then enable this setting, reboot, etc. It's not like anyone can just do it remotely. So nothing about this setting violates any of your freedoms to choose what software you put on your phone or from where it comes, etc.

Sure, let's suggest the user be required to re-authenticate their AppleID as well if it will make you sleep better at night. But that is completely aside from any rant about limiting your choice. This setting actually gives everyone more choice.

I do understand and agree with posts wanting tight controls around this setting for kids' phones. I'm sure that is part of the final solution if not already there.

AppleInsider's "Unlikely" rating for this rumor is spot-on.  If this were true, Apple certainly would have made it a major talking point as part of their big reveal last month, given the general lack of substance around Day 1 content and app offerings.