Forgot your password?

Comment: Re:Nope (Score 1, Interesting) 117

by macs4all (#46556399) Attached to: One Billion Android Devices Open To Privilege Escalation

But if I install an app that asks for it on an Android 4.0 device, the app will install without any warnings. If the device is then upgraded to 4.2, the app will silently get the "Across_users" permission activated. So now we have a user-installed app which has a permission that it could never legitimately have that lets it bypass security and the sandbox, and the user will be unaware of the problem.

Mod Parent UP.

That is EXACTLY it in a nutshell. Perfectly described.

Pretty devious way for someone like the NSA (or a Prince from Nairobi) to get their hooks into your Android.


Comment: Re:Nope (Score 0) 117

by macs4all (#46556371) Attached to: One Billion Android Devices Open To Privilege Escalation

Interesting how you play down Android vulnerabilities whilst playing up iOS ones.

And, unlike the case with the vast majority of Android Devices, since Apple actually pushes update notices to iOS Devices, there is actually a pretty good chance that yours will be on the list."

And before the haters cry that the latest ssl patch wasn't pushed out to iOS 5 users (or before), remember that the ssl vulnerability came with iOS 6; iOS 5 and before did not have the vulnerability.

Comment: Re: Nothing about colour accuracy? (Score 2) 222

by macs4all (#45214399) Attached to: OS X 10.9 Mavericks Review
But you conveniently fail to mention three very important facts: 1. Apple has brought back nearly all of the capabilities of FCP 7. There isn't a mass-exodus anymore (actually, ther never was. Most FCP 6 or 7 users simply continued to use those versions until FCPX matured), and many Pros have actually switched back. 2. Apple launched a campaign this March, specifically targeted at video professionals, effectively saying "Come on in. FCPX is ready" 3. The recent "paradigm-shift" update to Logic Pro, making it look more like FCPX, has been nearly universally Praised; PARTICULARLY for the fact that all, or nearly all, of the "old features" have been retained, along with the added benefit of the re-factored GUI. So, Apple DOES care about Pros and their Pro Apps, and Apple DOES learn from its mistakes. Now, here comes the ad Hominem attack based on my Username...

Comment: Re: Bring a rifle. (Score 1) 472

by macs4all (#44108221) Attached to: Ask Slashdot: Getting Hired As a Self-Taught Old Guy?
Exactly. As an autodidactic embedded dev. With over 3 decades of paid experience, who now has to content myself writing Windows business-apps, THE biggest problem in securing a job that isn't a "handshake deal" is getting past the HR weenie with the buzzword-checklist. If your can't get past that person, you'll never be able to talk to the person that will understand that you can walk the walk...

Comment: Re:Sigh. (Score 0) 84

by macs4all (#43324503) Attached to: Does Apple Need To Get Serious About Security?

Seriously, don't use iOS for anything requiring real security.

I hate those FTFY posts, but in this case I believe it's called for: Don't use a phone of any kind for anything requiring real security.

I'll see that, and raise it to the more effective method of "Don't keep sensitive information anywhere but your brain."

Comment: Re:Who says they aren't? (Score -1) 84

by macs4all (#43324421) Attached to: Does Apple Need To Get Serious About Security?

The protection they rely on is holding the device like they should. If it's taken the PIN will be trivially bypassed anyway. Now I feel like an idiot for replying to what probably amounts to a troll, but you never know.


That's why I don't store extensive Contact information in my phone (that's what my personal protein-based storage is for), and ZERO really juicy information. My Apple ID is stored somewhere in the phone, but not my very non-trivial password.

That way, if my phone is lost and compromised, or simply compromised, all the data-thief gets is... wait for it... a PHONE.

BTW, this is also why I don't participate in any of the voluntary data-gathering that is disguised as "social networking". It's bad enough that I have a gmail account; but I don't use that for anything anyone would be able to gain any more interesting information about me than could be gleaned by looking at my grocery-store receipts. And it's bad enough that the last 4 digits of my debit card appears on them...

Bottom line: Stop trusting others' coding and/or algorithmic prowess for your security! Security begins by not storing stuff in places other than your brain. If someone wants to kidnap me and get out the fingernail-pullers, they can have any information they want, and in short order. But absent that, unless someone successfully does a fairly-complicated (I would imagine) MITM attack between my bank's secure website and me, there's little of REAL value that could be gained by examining any of my online data, or by stealing my phone, tablet, work laptop, or home computers. They simply don't HAVE the information. My brain does.

Has my method occasionally caused me inconvenience? You bet! But security and convenience are pretty much mutually exclusive concepts, anyway, right?

Comment: Re:CRT Burn in is now LCD Retina Glacouma (Score 1) 195

by macs4all (#43200677) Attached to: Apple Faces Lawsuit For Retina MacBook Pro 'Ghosting' Issue

13 inc MBRP are having same issue and so are the new iMacs. Not looking good.

Well, on the 15 inch rMBP, the new version of the LG display, p/n LP154WT1-SJA2, (the "2"at the end being the all-important difference), dose NOT seem to exhibit IR; so, I would imagine that similar fixes for the 13 MBP and the iMacs are either in the pipe, or already on store shelves.

Having said all that, I'm not particularly proud of the way Apple has handled this; but I suspect that the Contract Manufacturer, (presumably Foxconn) has a measure of blame in how long this has taken to resolve. That's because CMs tend to but stuff in bulk, and are loathe to throw away "perfectly-good" components, rather than just burning through the old stuff...

Comment: Re:CRT Burn in is now LCD Retina Glacouma (Score 2) 195

by macs4all (#43188397) Attached to: Apple Faces Lawsuit For Retina MacBook Pro 'Ghosting' Issue

LCDs have lazy pixels. OLEDs, however, have burn-in as well.

That's a BIG 10-4!!! One recent product design I was working on was an industrial motor controller/drive.For the design refresh, I desperately wanted to switch out the venerable 7-seg LED display with a nice graphical OLED display. Had a nice long-life (75 k hrs.) amber monochrome OLED display picked out, was nice and bright, cost was reasonable, display fit in the package, things were looking good...

Unfortunately, these displays typically would be showing a static image for LOOOOONG periods of time. OLEDS had a big time problem with burn-in, and the usual workaround (walk the displayed image slowly around in a small grid of pixels) was simply an attempt to smear the damage over a wider area.

The LCD vendors, however, produced displays that exhibited NO burn-in (but were deemed unsuitable by management, because they weren't nice, lambertian light sources, like LEDs). But I digress...

The test of intelligent tinkering is to save all the parts. -- Aldo Leopold