Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re: Not surprising (Score 1) 288

Nearly 4 years is way beyond the reasonable lifespan for a phone. Upgrade. Personally, I like a new one at least every year.

Please tell me that you are being sarcastic. The iPad 2 circa mid 2011 can run iOS 9. So that means it will be supported most likely at least until around September 2016.

Comment Re: Not really a flaw... (Score 2) 69

In short, to install this malware - 1) You need to install the mobile provisioning certificate - a web page cannot do it, as the user must tap "OK" to actually install it. A user can list and view such provisioning certificates at will. They self-expire after a year.

It's even harder to accidentally install enterprise certificates in iOS 9.


"(As noted above, the new iOS 9 requires users to manually set related provisioning profile as trusted in Settings before they can install Enterprise provisioned apps. This new feature is also helpful for preventing some security incidents caused by abusing enterprise certificates.)"

Any device that is compatible with iOS 8 is also compatible with iOS 9.

Comment Re: Samsung != Apple (Score 1) 133

Android phones are not driven in obsolescence by a team at Apple who urges developers to move onto the new API as soon as possible. So the App Store doesn't stop having current apps for Android phones for much, much longer than with Apple. Look at the number of current-version apps you can still get to run on a KitKat phone, and compare that to the apps you can get for a 3G iOS device today.

Xcode 6 supports iOS back to 6.0. That includes every iPad introduced except the first one and every iPhone introduced since the 3GS in 2009.

How many developers would waste time trying to support the iPhone or iPhone 3G - both had 128MB of RAM and a 400Ghz single CÃte processor.

Comment Re: Really? (Score 1) 123

First, bringing up the computer store is a red herring. The store where you buy your phone has nothing to do with it.

The store where you bought your computer is analogous to the carrier. You have to wait for both your manufacturer and your carrier to offer an update to your phone. This is true with even some Nexus devices. You had to wait for Verizon to update their version of the Nexus.

Second, if you bought a phone from a carrier that doesn't unlock your devices, that's your fuckup, similar to if you bought a device that the manufacturer would not unlock. Don't be a fuckup.

Your phone being unlocked by the carrier still doesn't mean you don't have to wait on the carrier and the manufacturer to update your device.

Third, Apple makes it effectively impossible to support their abandoned devices, at least with some Android devices it is possible.

It's possible to jailbreak every iPhone that has been abandoned by Apple. The latest iPhone that is not supported is the iPhone 4 released in 2010.

They do if they are running Windows XP and are unwilling to pay for a newer version of the OS. Android users may or may not get an update, but their updates are free.

So it's better to not have the option to update your OS than to have the option to pay for it? If you bought a computer with Windows 7 or Windows 8, Windows 10 and is a free upgrade.

In other words, every Windows conputer sold since before the introduction of Android is eligible for a free upgrade.

Comment Re: Really? (Score 1) 123

In order to use an iOS device as one would a normal computer, with freedom to choose software, one has to hack their way into it.

I've never had to wait on my PC manufacturer nor the computer store to update my computer with the latest OS or security patches the way that Android users have to wait on both the OEM and carrier to update their OS. That's far from what a "normal computer" user expects.

If one is going to do that, why not just get a Nexus device? It will get updates for around as long as an iDevice, and you can also load alternate ROMs onto it.

iOS 9 supports the iPhone 4s released in September 2011. Does Google still support the Nexus released in 2011?

"Loading alternate ROMs" isn't that "hacking your way into it?" "normal computer" users don't have to "load alternative" operating systems to get security updates.

Comment Re: Call for mass-forking of Android (Score 1) 123

Google sells an OS to the phone manufacturers who customize who then sell it to the carriers who customize it some more who then sell it to the users.
Google can't do shit to that chain. Mindbogglingly, it's actually what they wanted.

Microsoft sells an OS to computer manufacturers who customize it and they sometimes sell them to resellers who further customize it (i.e. Best Buy). Guess what? When Microsoft provides a security update, I don't wait on Dell or Best Buy for the patch.

When MS releases a new OS, they take responsible for creating drivers for the most common hardware. I was able to install Windows 7 on my old abandoned 2006 Core Duo Mac Mini without waiting on Apple to provide drivers.

Comment Re: Next... (Score 1) 169

Apple no longer uses complete system images for over the air updates. After so many people couldn't update their phone because of lack of storage space they went to just using diffs.

But a properly designed operating system that is meant for different hardware from different manufacturers like Android should be able to do modular updates. Microsoft has been able to do it for over 20 years. I don't have to wait on the hardware manufacturer to provide OS updates or even low level drivers to update the OS. Microsoft takes on that burden. When I installed Windows 7 on my 2006 Mac Mini (that Apple abandoned) it recognized all of my hardware.

Comment Re: Next... (Score 1) 169

No, and neither would they. Again:

You claimed that Google shouldn't have to patch WebKit because it was "third party" code. WebKit -- that Google had just as many commits to as Apple -- is much less "third party code" than the Linux kernel, but it is just as much Google's responsibility to patch security holes found in WebKit as it is the Linux kernel if it affects Android.

Since the kernel is part of AOSP, if the kernel is patched, the patches are put into AOSP.

So are you saying that it is not Google's responsibility to patch security vulnerabilities and that they should wait for someone else to do it? Should Apple have waited to patch the "goto fail" bug that was part of the open source Darwin kernel?

And for access to directions, drive times, weather, stocks, and the plethora of other information I can train Google Now to display on my lock screen whenever it might actually be relevant to me (and hide at other times)?

So being on the lock screen is a major advantage over unlocking your phone just by grabbing it, having it unlock automatically with your fingerprint and sliding down to get to the notification centers "Today tab" where you can also see drive times based on your behavior, weather, stocks, appointments, flight times based on your emails, etc.? If that's not good enough -- you can install the Google app on an iPhone and get the same notifications in the Today view....

Go ahead and insist that I must be a Fandroid, though. Ignorance in the face of repeated correction seems to suit you well.

Right, I'm the one that thought "WebKit" was a "third party library" when Google actually had more commits to the WebKit repository when the security issue was found in Google's implementation of it.

Comment Re: Next... (Score 2) 169

But the system images are. That's kind of the point.

What good are the "system images" if you can't update your phone with it -- unless you are one of the tiny minority that have non-Verizon Nexus devices?

Actually, that's:
- Three years from when the device first became available on the Google Store
- Or, 18 months after the device stopped being sold on the Google Store
For how long does Apple promise to support their handsets?

Lets look at history:

iPhone 3GS
-release 6/2009
-discontinued 6/2011
-last update 2/2014

iPhone 4 -
-released 6/2010
  discontinued 6/2013
- dropped support with iOS 8 (9/2014)

iPhone 4s
-released 9/2011
-discontinued 9/2014
-still receiving updates

iPhone 5
-released 9/2012
-discontinued 9/2013 still receiving updates

iPhone 5c
-released 9/2013
-discontinued 9/2015
-still receiving updates

iPhone 5s and later are still being sold

So if you bought any iPhone when they were the top of the line phone, you got at least four years of support. If you bought any Nexus phone when they were the top of the line phone, do you still receive updates after four years.

But Nexus phones have never been top sellers. So most Android users aren't buying Nexus phones.

You do realize that the security hole in question is a bug in WebKit, which is more Apple's than Google's; Blink, which replaced WebKit in Android in 2013, is a fork of WebKit, and the issue has been patched there already. Google hasn't actively developed Apple's WebKit since it forked off Blink. Also, Google didn't say they wouldn't issue a patch, only that they wouldn't write one:

WebKit was not "more Apple's than Google's". Before Google split Blink from WebKit, they had just as many commits to the code base as Apple.

Even if that's not the case would you argue that they shouldn't make a security patch in Android that was found in the Linux kernel because it wasn't "theirs"?

Could Apple get away with not patching a vulnerability found in the Darwin kernel because it was actually an issue with BSD?

And the issue was with Google's implementation of the WebView that uses WebKit, iOS didn't have the same vulnerability.

Also, Google not writing their own patch for a 3rd-party library (WebKit) does not negate the 24hr turnaround I've seen on many issues since I've had a Nexus device; something, again, Apple and Microsoft literally never do.

WebKit was not a "third party" library. It was an open source library that Google committed just as much code to as Apple. The code in question was integrated in the AOSP.

Android's ability to be customized to allow for quick access to apps and information (literally tap from the lock screen, then unlock)

Huh? For access to notifications you just swipe down on a locked phone to get to the notification and you swipe right on the actually notification to do some application defined event with it.

Or the notification pop ups directly on the screen depending on how you have notifications set for the app.

Comment Re: Next... (Score 1) 169

You get updates without waiting for the carrier AND the manufacturer only if you own a Nexus phone - a phone a relatively few people own -- and if the carrier allows it. Verizon (the largest carrier in the US) still blocks immediate updates for Nexus phones

Most security updates aren't hardware specific. If Google pushes an update you still have to wait on both your manufacturer and your carrier unless you are one of the tiny minority of Android users who own a Nexus phone that is not on Verizin and then Google only promises updates for 18 months.

Contrast that with IOS. When Apple pushes an update, all iOS users worldwide regardless of carrier can get the update within 24 hours. Apple is currently supporting every phone that has been released since 9/2011. How many Android phones are getting support that far back?

Last year when Apple patched the goto fail vulnerability around February. it released an update for not only iOS 7 that supported phones released since 6/2010, it also patched iOS 6 to support the 3GS that was released 6/2009. How many Androif devices received a security patch 5 years after they were released?

As far as Google patching security holes faster:

Porsche: there simply is no substitute. -- Risky Business