ranson

AniMill said:

“ Apple denied any wrongdoing…” 

Ummm, I have great respect for most Apple products and business practices, but the Butterfly Keyboard was an unmitigated disaster in design and durability. I understand they have to deny culpability, but they should send this bill to Jony Ive. Maybe this (along with the Apple Watch tree removal fiasco) were the real reasons they pushed him out, and cut ties to his new venture.

To be clear, there is no wrongdoing here. Wrongdoing in the legal sense means with nefarious intent. Clearly Apple did not intend to make everyone's life miserable with this terrible keyboard design.

I'm glad AI decided to write about this project. The story first appeared on ArsTechnica last night (where Malcom probably first learned of it but chose not to give a shoutout), and over there they have much more detail into how it was made. It's not just that the dude designed and 3D printed a chassis, but rather that he demonstrated a very high level skill across multiple disciplines. The recreation took many months of painstaking work. The hardware and electrical engineering involved is particularly impressive. For example, the 10" 4:3 LCD screen he procured came with a nonfunctioning CFL backlight; it was refurbished and updated with more modern LED backlights. I definitely recommend watching the full video if you have 48 minutes to spare.

"[RCS] is too little, too late unless Google makes significant changes and improvements"

Andrew, I appreciate the article, but i'm curious about this statement. What significant changes to RCS should Google make? You don't bother to elaborate on any of that in the article. You mentioned that RCS doesn't support e2ee out of the box, but Google has already added it for one-on-one messages while groups are still in the clear. Is there anything else?

lowededwookie said:

Firefox is a has-been browser that has failed due to its own incompetence.

Its own code is hugely buggy, insecure, and resource intensive which is why Apple forced WebKit engines only on iOS devices.

Firefox had its time years ago.

Hell, even Opera ditched its own engine for Chromium as did Microsoft. Not that I think Chromium is better. I refuse to use Chrome and Google is not making me desire it with the stupid systems being implemented. But I’d prefer a Chromium browser to a Mozilla engined browser any day.

This is a really hot take, and I'm not sure what the point is of bashing an open source browser that is being maintained and improved by a community of volunteers.

It is unfortunate that more mainstream users (including myself) do not use Firefox, because it is actually a decent browser that is quite privacy-conscious.

"Hugely buggy" is certainly untrue - it objectively has about as many bugs and vulnerabilities as chrome and safari - measured by outstanding bug reports + cadence of issues fixed.

"Insecure" is patently false. In fact, a quick stroll over to any browser-related forum on ArsTechnica - a community of the most technical folks on the internet - shows that a measurable portion of the community has consciously switched from Chrome to Firefox in the last year - _because_ it is viewed by them as more secure and private. Firefox is the preferred browser of most Linux users. In fact, Safari could arguably be the _least_ secure, since it cannot currently be patched without a Apple issuing a new minor or bugfix OS release, whereas the others only require an update to the browser application itself. Meaning that actively exploited vulnerabilities can linger longer on Apple devices due to the time it takes them to publish an OS release and the time it takes most users to patch an OS versus getting automated app updates overnight while charging the device. And on iOS, since all browsers must use the OS-provided webkit library, that makes all browsers on iOS inherently more insecure than those browsers's releases on other platforms - and the browser maker can't even do anything about it (!!!). What Apple is doing with webkit lock-in on iOS should be illegal (and someday will be).

There was definitely a time where the quality/performance of FF was suspect. But over the last 5 or so years, they have largely rejoined the pack in those matters. It certainly hurt them at the time. But Mozilla's contention now (about which they are correct) is that, despite having a comparable browser to the rest of the pack, the largest forces in desktop and mobile OSes are making it increasingly harder for users to choose a browser other than one offered by the OS maker. That is exactly what got Microsoft in trouble in the late 90's over Internet Explorer, which cost them billions in antitrust fines.

clexman said:

The headline should be, "Person comes in 2nd, wants the same trophy as the person who came in 1st." Says, "Rules are not fair and shouldn't be followed."

I disagree here, because the circumstances are highly unusual. The reasons the Apple employee was not first to report the vulnerability are listed out in the article. In simplest terms, it boils down to someone who does not work at Apple and was not involved in discovering the vulnerability having effectively overheard the Apple team talking about their discovery during the hackathon and submitting the form first. The reporter likely just provided the steps to reproduce the attack to Google, all while the original discoverer was still working to author a deep technical description of the vulnerability and identify any similar or derivative methods of exploiting it.

Imagine physicist who makes an amazing discovery, or an astronomer who discovers a new asteroid or dwarf planet. And now imagine someone else who witnessed the discovery actually going to publication with details about it before the discoverer. That would be the death knell for the ninja's career because it's plagiarism.

When someone makes a novel discovery, everyone else should provide space and deference for the discoverer to confirm their findings and report them properly and completely. In the case of cybersecurity, this is especially important because denying someone a bounty for finding a vulnerability (much less, awarding it to someone completely disconnected from the discovery) will only encourage the discoverer to stop participating in the bounty program going forward. And since they are the one actually finding the vulnerabilities (and not the ninja), we absolutely want them to continue in the program, so as to ensure the most secure products that the vast majority of the world is using every day of their lives.

harrykatsaros said:

They shouldn't compromise on anything. If they start making compromises the Apple Vision ends up just becoming the Meta Quest with a different logo slapped on it. Just wait it out and let the Gen 1 Vision Pro become the lower cost entry level option when component prices drop as Gen 2 and Gen 3 devices get released. They just need to follow the same pattern they've been using with the iPhone where the older gen device evolves into a lower entry cost phone as the new iPhone is released. It's a proven strategy so why fix what isn't broken.

What are you even talking about here? Since the iPhone 11, they've released Pro and non-Pro versions of the iPhone every year at the same time. The non-pro version comes with a less powerful screen (60hz max without ProMotion), a less powerful camera array that lacks telephoto zoom and lidar, a less powerful cpu/gpu, and a slower modem. These are consistent differentiators between the pro and non-pro lines every year. Why would they not do the same w/ Vision?

The EyeSight feature provides no benefit to the user/wearer of the device. It's nothing but a shiny bell, requiring a custom, curved oled screen and multiple sensors, that is unnecessary for an entry-level device. Removing it would make the headset not only cheaper, but thinner, lighter and less power-hungry. When they showed off EyeSight in the launch video, I literally rolled my eyes at how much more expensive the device would cost for such uselessness, and mused that I'd happily pay for a cheaper version that didn't include it.

Apple's primary goal is profit. You make profits by selling in high volume (to the detriment of your competition) at excellent margins. You can't do that when a product is too expensive because you've baked in bells and whistles that few users would actually care about, thus diminishing demand for the product. Apple is likely discovering through their own consumer research studies that, while EyeSight is a killer feature, it is not enough of a draw for people to justify spending an additional $3K over just buying a Valve or Meta headset.

There are other opportunities for Apple to save here too, by farming out some of the built-in features of Vision Pro Gen1 to other parts of the Apple ecosystem. For example, consider the sensors that are constantly trained on your hands to detect finger taps. You may recall that the latest Apple Watch now detects the same gesture.  So they could remove those sensors from an entry level Vision device, and allow the user to instead wear an Apple Watch to enable the feature. At the same time, this would address some of the reliability issues of that feature on Vision Pro when the hands might be obscured from the cameras.

aderutter said:

They can choose the real App Store so no problem. They should be grateful to Apple. 

These are developers who spend weeks and weeks of their own time, receiving absolutely no compensation (and even having to fork over $100 to Apple for a developer account) to create a FREE APP that will never make them a penny. But yes, they should be so grateful to Apple for hopefully letting their app go in to the Apple-blessed App Store. And they won't even know if it is blessed until after they have spent those weeks completing/submitting the app and Apple has had a chance to review it. And all that work could be for naught if Apple rejects it on a whim.

And so they should be grateful to Apple if it is approved for the official App Store? No. Apple, and the people who would use the app, should be grateful to the developer for putting in the time and taking the risk to offer the product of their work, all while asking for NOTHING in return.

Good effing grief.

What a ridiculous, misinformed, clickbait article. Nobody's thermostats are being tampered with. They opted into a program that allows this, and in exchange they receive financial perks on their power bill (including the power company providing the smart thermostats to them for free). This article needs a major overhaul, or to be retracted completely.

I have been reading AI for over 20 years, but if you keep churning out trash like this, you will quickly fall off of my bookmarks. There are plenty of other reputable sites covering Apple that post the same news as you do, just as timely. Clearly they are more informed about the topics they are reporting.

Engadget similarly posted a trash story about smart thermostats a few years back (here), and I promptly removed them from my news feed and have not been back.

rob53 said:

I want, no DEMAND, that this Developer Mode setting include a way for the iPhone operator/owner to lock out the ability for it to be changed by anyone except the iPhone user as defined in iCloud settings. Further, I want to make sure the iCloud settings require either a password, passkey or something no person other than the logged in user has access to. I CHOOSE to only use the Apple App Store and since it's my device with my personal information on it, I have a right to protect that information, especially from non-governmental people, like developers. I CHOOSE what goes on my OS devices, not developers or governments. A "bad actor" has several ways to get past any iOS setting but it's more difficult when there aren't settings that would easily allow the beginning of opening an iOS device. This mode is a semi-locked door when it currently is a wall with no way to get through. 

I don't quite understand this rant. The setting is part of the phone OS and thus will be protected by your passcode/biometrics? A bad actor would be required to have physical access to your unlocked phone, then enable this setting, reboot, etc. It's not like anyone can just do it remotely. So nothing about this setting violates any of your freedoms to choose what software you put on your phone or from where it comes, etc.

Sure, let's suggest the user be required to re-authenticate their AppleID as well if it will make you sleep better at night. But that is completely aside from any rant about limiting your choice. This setting actually gives everyone more choice.

I do understand and agree with posts wanting tight controls around this setting for kids' phones. I'm sure that is part of the final solution if not already there.

40domi said:

Hardly surprising, their content is as woke and poor as Disney +
I've had numerous opportunities to have it for free...not interested, it's rubbish ߘ᦬t;/div>

If you have declined the free trial for AppleTV+ repeatedly, how do you know it is rubbish? I don't watch a lot of ATV+ content, but do occasionally. There are some great shows and movies including Ted Lasso, Lessons in Chemistry, Foundation, Killers of the Flower Moon, and more. Maybe you tried the service early on when it lacked a lot of content. But the library is growing regularly and has a number of titles worth watching on a free trial.