I can't tell you about that funny Mac stuff... (thought the idea that a binary is specific to a specific OS release is really, really funny to me as a Windows user).

I didn't compile their app at all. I just found the "location.db" SQLite database on my phone, copied it over to my PC, and dumped it with an SQLite browser. I looked at the source of TFA's app to figure out what the timestamp epoch date was, but other than that I didn't use their app for anything.

Yep-- I resemble that remark.

I just dumped the file from my iPhone and imported it into a Google map. I had to check out the source code to the tool at TFA to figure out that the dates are based on an epoch of 2001-01-01 and not the usual Unix epoch date.

I'm looking forward to using this feature to help me track my location. Since the phone is already doing this "for free" it's not going to "cost" me any more battery power to use this log. It's not as accurate as GPS, but it's accurate enough for my needs.

Once I've got a cron job setup to offload the file from my (jailbroken) iPhone 3GS to a box on my network I'll work out how to wipe the file on the device after each upload (so that the device isn't carrying around weeks or months of my position data).

Without "trusted" hardware the user will always be able to override software "protections" designed to prevent arbitrary code execution. This is just another "leapfrog" in this arms race. Give me "trusted computing" where I control the keys and decide what software is "trusted" and I'd be fine w/ it. Otherwise, I'll take the current situation on personal computers because, at least, I can run arbitrary software. ("Don't turn my PC into an iPhone, bro!")

It's worse than that. The idea is to introduce pervasive and potentially legally-mandated "trusted computing".

NAP / NAC without trusted computing platforms on the client nodes is a stupid, pointless idea. Unless the client can be trusted not to lie about its "health status" there's no guarantee that the client isn't simply infected with something that's smart enough to hide from "health scans".

It seems like most everybody doesn't understand (or notice footnote 14 on page 5) that, in order for this to work, all the subject devices must have trusted processing capability. That means "TPM" chips, signed OS kernels / hypervisors, and the inability to run untrusted root-level code. Take a second to laugh at the idea that anyone will be able to introduce a bug-free hypervisor / TPM environment that can't run unsigned and untrusted code. After you're done laughing at that I'd recommend being angered at the notion of such a thing, since it will effectively eliminate control of the devices owned by consumers.. turning every device with a "clean bill of health" into a walled-garden appliance. As long as consumers own and control their general purpose devices there will never be a way to do what this paper describes. Frankly, I'm alright with that. We'd do a lot better to just assume that every device is untrusted and act accordingly.