durandal_1707

misa said:

Like if it's one thing that's truely annoying in the software world, it's that version numbers are often meaningless except as a compatibility cudgel. "Chrome doesn't support Windows XP anymore"... yeah but that choice is being made by the Chrome developers, there is nothing actually stopping Chrome from supporting Windows XP except the developers unwillingness to maintain the build target. Look at ScummVM, there are literately builds for 68K Atari's, Amiga (OS4) 's and Dreamcast's, While I don't really care that Chrome and Firefox are't supplying builds to obsolete OS versions, I do care that the OS developers feel the need to increment the version numbers for no reason at all, and as a result "version number inflation" happens to "license" products.

Sorry, but this attitude kind of irks me. Supporting obsolete OS versions is quite a lot of work, actually, and often becomes impractical beyond a certain point. I don't do much development for Windows, but in each version of OS X, Apple adds new APIs that you can't use if you're targeting an old OS version, deprecates old APIs that you have to use if you're targeting an old OS version, and tweaks behaviors in ways that can break things when you're targeting old OS versions. Sometimes, Apple even adds new language features in new OS versions (hello, Swift, ARC, blocks, the modern runtime, GC, etc.). And often to be a good citizen on the new OS version, you have to take advantage of features that break compatibility with old OS versions past a certain point, so supporting the old OS requires writing tons of boilerplate and alternate code paths. And then you have to test all this stuff, so you'll need people using every combination of old software and old hardware that you can think of, because it's very easy to introduce weird bugs that only occur on older OS versions, unnoticed by the developers, who are probably on something more recent.

Being backward compatible to ancient OS releases is very time-consuming and error-prone, and is nowhere near as simple as non-developers tend to think it is.

Oh, and you shouldn't be using Windows XP anymore anyway. Microsoft ended support for it a long time ago. It's a security minefield.

Like does anyone really need to use the current version of MS Office, doesn't Office 95 have everything you'd ever need? No, probably not, but the average person is being told they need "to upgrade" when they do not.

Office 95 can't even open .docx files.

And that is the entire problem. I consider OS X, any version to be "one version" for the sake of compatibility as I haven't run into anything that doesn't work on 10.11 that used to work on 10.4 except for some Java or Xwindows Unix ports of software.

All Classic software won't work on Leopard or later. Lion, which removed Rosetta, breaks PowerPC OS X software. Apple's claiming that they're planning to remove libauto in the next version of OS X, so that will break all garbage-collected software as well, and sooner or later they're bound to remove 32-bit support, which will break, among other things, all Carbon apps. And then some things just break. EV Nova sadly quit working for me a few OS X versions ago.

This is why I dislike shell scripts. Way too easy to make a simple typo, or simply overlook something, and cause things like this.

The iTunes 2.0 installer contained a similar bug, back in the day, that could erase entire hard drives, all because someone forgot to put quote marks around a path variable.

melgross said:

I love it! I get this crap about how secure open source is because there are so many "eyes" on it. That total nonsense. Open source is as vulnerable as any proprietary software is, often more so.

Well, except that:

1) the flaw wasn't really in Sparkle itself; it comes from the fact that they used Apple's WebView, which allows JavaScript by default, and the fact that the Finder can apparently download executables from FTP servers without setting the quarantine flag,

2) this was patched pretty much immediately as soon as it was revealed (unlike the Finder bug, which hasn't been fixed yet), and:

3) it only affects apps that are using HTTP rather than HTTPS to load resources, which has been discouraged for quite some time now (in El Cap, in fact, HTTP is disabled by default by App Transport Security, and you have to jump through some hoops before it'll allow you to use it at all in the first place).

edit: it appears that this is relying on a bug in the Finder's FTP support. Apparently, if the Finder is set as the default FTP handler, it can download executable files from FTP servers without setting the quarantine flag, so that Gatekeeper is bypassed. I hope Apple patches this soon, because it's kind of huge, and it doesn't seem specific to Sparkle. To me, it looks like someone could use this trick basically to intercept any Web traffic, including normal browsing via Safari or Chrome.

edit 2: Here's a post containing some tips on how to defend against this attack.

SpamSandwich said:

dynamicmange said:

I just installed 10.11.3 on a month old Macbook Pro 15" (w/ discrete gfx). I have never had a system crash or problem on this MBP at all. Within 10 minutes of installing the 10.11.3 update, my keyboard and touchpad became unresponsive while using Chrome. The force click sound of the touchpad was gone. I could put the laptop to sleep, but the keyboard still wouldn't respond after waking up which made it impossible to log in, so I had to hard boot it. Yay.

Sounds like another "must avoid" update.

Oh come on, has there ever been any software update in the history of anything where someone hasn't posted about how it made their computer explode?