Soli

applemagic said:

Soli said:

Use the full keyboard for your passcode! Even add a simple long press character to make it crazy hard to crack without invoking much of a hassle for you.

@Soli, I have seen you mention this a few times in these forums. Could you please explain this a little more? I have a 6-digit password (numeric, though, which I guess I need to change), so I would like to try your suggestion. But, I am not sure I understand what 'use the full keyboard' and 'add a simple long press character' mean. I use an iPhone 6, running iOS 10.x.

1) By full keyboard I mean switching from the numbered to the incompletely-named alphanumeric keyboard in Settings » Touch ID & Password » Change Passcode » Passcode Options » Custom Alphanumeric Code.

2) If you use the "typical" character palette of upper case letters (26), lower case letters (26), numbers 10), you have 72 options per character, but why not use all those "special characters" that are also available which I think bring you another 35 options for a total of 107 options, which is more than any website I've seen which only give you a handful of extra character options based on their weak sense of security and the minimal effort they've had to put in so that the special characters don't mess with their database setup.

That means a 6-character passcode would be 107^6 for a total of 1.5 TRILLION possible combinations compared to your 6-digit PIN which is 10^6 for a total of 1 MILLION options. It really doesn't take much longer to input and because of Touch ID and Face ID not requiring you to unlock with your passcode constantly there's no reason not to have a more secure one.

3) If non-alphanumerics for passwords, like punctuation and other non-alphanumeric characters, are referred to as "special characters" I've deemed the much richer palette of characters available for the long-hold on the iOS virtual keyboard as "very special characters." For example, if you hold down the 'a' key on at the American English iOS keyboard (same for macOS, btw), you get the options (à, á, â, ä, æ, ã, å, ā). These are all valid for Apple OS passwords and they're all unique Unicodes so they won't be registered just the letter 'a'. But not all have so many options on the long-press. The ampersand (&), for example, only has the section sign (§) as an option.

By my last count—as I recall—of the American English iOS keyboard there are 210 options. That means that a 4-character passcode would be 1.944 BILLION options. Moving to 6-characters it's now 85.8 TRILLION. 


PS: I'll also reiterate what having emoji as options for password could do. Perhaps not all characters could be used because they're too similar in look, and cross platform characters can look very different, but even a basic array of pictograms could be useful. Some people could remember them better by creating a story from them as their password, even if just interjecting one or two. This could increase the complexity of the character palette to around 1000 characters—or BASE-1000—which would make these brute force attacks virtually impossible as they stand now, even for very short passcodes. A 4 character passcode that was not limited to just numbers and letters would have 1 TRILLION possibilities with just 4 characters, which the user could quickly type in. Move that to 6-characters and you now have 1 QUINTILLION. I don't expect to see emoji added for a long time, but I do see the benefit of allowing them to be used in some fashion.

tallest skil said:

StrangeDays said:

Check out 1Blocker, for iOS and macOS. 

I use it on my iDevices, but how does it compare to uBlock Origin (which I use now) on OS X for its adblocking power?

EDIT: Okay, this is either humorous or an actual cause for concern. Wait, unless this isn’t the real website; it seems uBlock Origin only has a GitHub page…
[image]

uBlock won't work with Safari in Mojave. You'll need a solution like 1Blocker or for uBlock to update their Extension to work through the new store.

MacPro said:

Soli said:

Rayz2016 said:

The folk who aren’t happy will complain. 
Tbe folk who are happy will just be happy. 

That general rule would be the same for all companies, so why has Cook fallen while others have risen?

Brownian motion

I think we can rule out randomness when the article states, "frequently they're forced to participate in Sunday conference calls, when other people would be unwinding before the weekday." That may be good for the company, but it's not good for employees. If Apple wants to treat personnel as being highly expendable, that's fine, as those employees have the option to get jobs elsewhere, but it would also explain why a CEO or other management aren't popular.

I didn't see Bezos in the Top 100, but I wouldn't expect to with this recent report.

• https://nypost.com/2018/04/16/amazon-warehouse-workers-pee-into-bottles-to-avoid-wasting-time-undercover-investigator/

lkrupp said:

Who knows but one thing is true. Apple can only go so far with security before it starts to affect usability and the customer experience. If you lock something down too tight it becomes too difficult to use.

While security traditionally comes at the cost of user convenience, it's not always the case, which is something Apple has proven with their biometrics. I see no reason why Apple can't advance their ML to know that a device isn't being unlocked via USB in a normal location (e.g.: a geo-fence location and/or WiFi network á la your home, which could mean requiring the passcode immediately even if it's a known computer), considering if the gyro and accelerometer are not moving enough (e.g.: like if it's placed flat on table while attempting to be unlocked repeatedly), and/or characters to unlock the device being entered with precise, digital timing like a machine—because it is—instead of like a human moving their fingers to press characters which would take a variable amount of time depending on the character distance and the user's personal typing pattern  (see Google's reCAPTCHA for a simplified example of how that might work to detect whether a human is involved).

And those are three things off the top of my head. Add in there the potential for new Apple silicon that will act as an extra layer of security between the system that will keep track of these actions even when the core system is reset in a way that keeps GreyKey's reset mechanism from wiping the device and I think Apple can end up making it increasingly harder for hackers without causing the user any additional effort.


PS: Regardless, I'd use Apple full keyboard instead of just a 6-digit PIN to access my device. With their American English keyboard you have nearly 2 billion combinations with just 4 characters if you employ their very special characters (á la long press on a key). If and when Emoji are ever allowed the palette opens up to around a BASE-1000 system and may even be easier for people to remember since ideograms can be more relatable to an individual than individual characters.

MplsP said:

coolfactor said:

SendMcjak said:

The measuring tape in this video made me think that you were going to compare the accuracy of the Measure app against a real, trusted standard.  Bummer.

Yah, it was a bit disappointing that they compared using a small, round odd-shaped object that's difficult to measure. Maybe a thick book would have been better?

I had the same thought. Maybe they could have measured the measuring tape? What are the minimum requirements for ARKit? WIll it run on my 6s? This seems like it would be incredibly handy to have at times, even if it’s not perfect, even getting to within ⅛~¼” would be nice.

Or a 12" ruler. I think measuring odd-shaped objects are great, but I'd like to see direct comparisons to every measurement with a physical device for measuring distance.