Last Active
  • Intel Macs can't run Windows 11 without this workaround

    I did some research into the TPM issue. None of my Windows PCs have TPM enabled. The reason is that I like to boot Windows on an external SSD to test beta versions of the OS but in order to do that you have to change the firmware to boot using legacy mode rather than UFEI. You have to enable UFEI to enable TPM. If you do enable UFEI the firmware warns that you will probably have to reinstall Windows.
    My conclusion is that a large number of users may have TPM disabled in their firmware for various reasons and enabling it may require them to reinstall Windows. That's a significant hurdle for most people. If they can do it themselves, they should expect to spend a weekend to get their system up and running again. If they can't they should expect to pay a lot of money to someone to do it for them and lose access to their system and quite possibly risk their personal data getting lost or stolen.
    The work around presented here may not last forever. Microsoft seems to be motivated to close security holes like this one.
    There is a very real possibility that users may avoid upgrading to Windows 11. This in turn may cause developers to not support the new version if there are not enough users who have upgraded to it. If users that have migrated find that their software won't run on the new version they could downgrade back to Windows 10. Microsoft could be forced to continue to support for Windows 10 in parallel with Windows 11. Imagine how big of a mess that would be.
    Excellent analysis....
    I found it interesting that on Microsoft's Windows 11 page they suggested buying a new PC!  I though that was odd for a software company.

    There will, of course, be people out there who will justify getting a new PC in order to run WIndows 11.   I say "Go for it!".   That'll just leave more used PCs out there for me.  Will they be as secure as a new PC running Windows 11?  Probably not.  But I use other methods to gain security:  mostly I use different PCs for general use versus secure stuff like financials.  My financial PC is locked down and only visits a limited number of secure sites.  It's not bullet proof - but then nothing is.

    Microsoft recommended people buy a new PC to run Windows 95. It's not unprecedented.
  • Apple urges House Judiciary Committee to block antitrust legislation

    Well written by Mr Powderly. I would have liked to see the attachment he mentioned included with this article.
  • Apple's head of privacy doubles down on anti-sideloading stance

    nadriel said:
    Yes, free up sideloading. This won’t kill App Store nor create some kind of plague of “cool” apps to be sideloaded that are actually  Trojan horse, malware or whatever.. for example this would open up open source apps, it does cost to put apps on App Store you know? And finally I’m really skeptical of any success of outside stores.

    Answer how to do this? Just keep sandboxing stuff in and make it even safer, make toggles in the settings that shout at you that do this at your own peril and separate toggle to allow running per executable. It’s not as if App Store itself is curated well enough not to have malicious crap in there.

    Opening sideloading wouldn’t open some Pandora’s box like some think. And finally, I want iOS better (for me and I think I’m not alone, optional is not forcing others to do it) and just saying I should just pick Android if I’m not happy with something with iOS/macOS/watchOS in general is just lazy and unimaginative. They’re not perfect nor are any of Apples hardware.
    Please provide data to back up your assumptions. We have the history of Windows malware, Android malware and the Cydia store, and current phishing and website hacking schemes to draw from, among others.

    Security is always a trade-off. ALWAYS. Make things too hard for your users and they will find a way to bypass what you have put in place to safeguard them because you've accidentally made it too difficult to do what they want/need to do. Make it too easy and bad actors will bypass it.

    Apple's approach is working pretty well, all things considered. Frankly, if you're interested enough to install whatever software you want on your iPhone, you're interested enough to set up a developer account, grab an IPA file and re-sign it so that you can install it on your device. Not convenient? Too bad, you're trading the convenience Apple already gives you for the freedom to do what you want - decide which is more important to you. No action is free from unintended consequences.
  • Apple's head of privacy doubles down on anti-sideloading stance

    Hold on a sec. Many people have side loaded apps on several platforms without anything bad happening. I side loaded apps on the Oculus Quest. It was a great way to try technology, such as wireless VR, that was not yet ready for most users. Mr. Neuenschwander's arguments are ingenuine. First, there is no actual protection from scam apps on the iOS App Store. There is only the perception of safety. Scam apps keep making their way through the app review process no matter what Apple claims. Second, there is little evidence of users getting scammed by side loaded apps. The truth is that the kind of user that would choose to side load an app is the same type that would be careful and only download them from reputable sites having read reviews from other users. Apple could allow side loaded apps if it fire walled them from the rest of iOS. Give them their own file system and network access but do not allow them to share data with App Store apps.
    Emphasis added to the part of your post that seems like a fantasy. The kind of a user that would choose to side load an app is the same one that would hand over their credit card details for "age verification purposes only" on a porn site. Most people, having decided they want something, will move quickly and habitually to eliminate the obstacles to having that something. Look at how popular the jailbreaking community was in the early days of the iPhone, remember the number of people who had a friend jailbreak their device for them, remember the number of pirated apps on Cydia and other stores, remember how many apps were free but contained malware, etc, etc.

    I have far more faith in Apple's analysis of the outcomes than I do in any individual commentator: Apple have data from hundreds of millions of devices, collected over years. And the risk of a significant proportion of those devices being compromised by the requested functionality has to be proven to be exceedingly small before it's worth experimenting with (small risk multiplied by large possible impact = big risk).
  • iPhone hacking tool GrayKey techniques outlined in leaked instructions

    But we're safe because only law enforcement will have access to this device :eyeroll: