This is for apps distributed outside the App Store. Apple's cost is limited to signing the developer's cert every couple of years and having their timestamping server provide attestation exactly once each time that a new version of the app gets released. I'm pretty sure I could literally handle that much network traffic and crypto processing for every iOS app developer company in all of Brazil Brazil on a single 2007 Mac Mini on my lowly 50/10 Comcast Business cable modem connection at my house and still have enough bandwidth and CPU cycles left over to probably handle most of the rest of the world.

Their cost is so close to zero that it isn't worth serious consideration.

And because they knew the product was going to die anyway. Open source alternatives have caught up and there's nothing to keep customers from switching.

This isn't a justification, but it's an explanation. If they thought VMWare would be a long-term cash cow, they would keep it going. They know that won't happen, so they've opted to squeeze as much cash from it as possible, as quickly as possible. They recognize that will accelerate its demise, but apparently believe it will make them more money, since they won't have to invest anything in maintaining or marketing it.

I'm surprised they aren't more worried about legal action, though. It seems like it would be safer to continue complying with the contracts, perhaps with far inferior (and far cheaper) support quality until those ended. As for the perpetual licenses, it would seem safest to just shrug and say "Yeah, you can keep using it, and we'll keep giving you every update we release", while cutting the engineering team down to nothing. The aggressive approach they're taking seems likely to net them some ugly fines after some uglier legal fees.

Fine. Target the spending like this bill does.

In theory, yes. In practice, that is true only if the government is not having to spend more and more money to counterbalance wealth disparity, e.g with social programs to feed the poor, house the homeless, etc. And as long as it is much harder to solve that problem than to raise revenue, you can safely assume that governments will choose to raise revenue. :-)

IMO, the right thing to do here is to have an annual 0.5% property tax that covers non-cash financial implements, with an exception for the first ten million dollars or so, with the threshold automatically adjusted annually for inflation, tied to the CPI or some other standard inflationary metric. Require companies doing business with Californians to automatically report this to the FTB. Do not require individuals to do anything unless the value of their securities exceed that threshold. Send an assessment to anyone whose securities exceed that threshold.

There are five things about my proposal that make it superior:

• It applies more equally to a larger number of people who have far greater than average wealth, as well as corporations headquartered within the state.
• It is not a sudden huge tax burden that would be adequate to cause people to suddenly move out.
• It is an ongoing revenue stream, which means the impact on state revenue is more predictable.
• It won't cause people to wonder whether the government is going to decide to do it again at some arbitrary date in the future (less uncertainty).
• It will result in a small, but meaningful long-term reduction in the wealth gap between the wealthiest and poorest Californians on an ongoing basis.

Just saying. I'm not going to be upset if the bill passes, but I think there are much better ways to achieve the same goal in a fashion that will have a more meaningful, more long-term impact, rather than being a quick money grab that causes a short-term boost at the expense of potentially long-term losses.

Not remotely. US hospitals are required by federal law to provide emergency care, regardless of ability to pay.

It's absolutely not even the thousandth time a researcher has submitted an invalid report, then whined about not getting paid for it.

This is correct. Mod parent up.

But it's not a vuln. So it would be worth nothing.

For a report that isn't a vulnerability? Well, it would have cost them $50k, and they'd have gotten nothing for that money -- other than to encourage researchers to submit invalid reports.

From section B, existing companies appear to be required to immediately issue new stock such that the government owns half. Basically, at some magic threshold, you have to give half the company away. Seems like a good way to make the stock market crater. Also seems like a good way for AI companies to end up with hundreds of subsidiary companies with their own stock issues to keep the revenue of each individual company under that threshold.

In short, this is nuts.

Yeah, this can't work for all the reasons listed.

It's also not clear how you would even do something like that for a company like Google, where more than half the voting rights are controlled by the founders. Even if the company acquired every share that anyone puts on the market and gave them to the government, they can't compel individuals to sell their shares, so the government would never achieve a controlling interest.

And trying to do so such a mass acquisition would cause total chaos in the stock market, because it would take 17 years of investing the company's entire net profit for share buybacks, and the end result would effectively turn Google into a private company again.

This just doesn't seem well-thought-out to me. Start by passing laws requiring public companies to have at least two-thirds of their shares held by people who are not and have never been employees. Require companies to create new shares as needed until they are in compliance, spread over a maximum of... say ten years. Then tax net AI revenue at a higher rate, and use the additional funds to buy stock in those companies, if that's actually something the government wants to do. That approach actually makes sense, unlike what's proposed above (if I understand the proposal correctly).

Imagine if Toyota required all gas pumps to have a connector specific to Toyota with an authentication chip. :-D

I'm not sure how it's even possible for an iOS device to connect to an unpaired Bluetooth device unless the device is designed wrong (not asking for authentication). So for that one, I'd put at least half of the blame on the device manufacturer. On the flip side, it is mainly designed for elderly folks who usually aren't tech savvy, so I can at least understand why they might do that, so there's plenty of blame on Apple for auto-connecting without asking as well.

I would even argue that this is a potential security bug at that point. Connecting to an unknown device now gives that device the ability to send data to the iOS device in ways that would otherwise be unavailable to it. If any of those code paths contains a security vulnerability, combining that vulnerability with this auto-connect behavior creates the opportunity for literal drive-by attacks on iOS devices.

If you're a developer, please file a bug against Apple and mark it as an urgent security bug. Maybe that will get the real root cause (Apple's lack of any sort of option for asking the user before connecting to Bluetooth devices) fixed.

No, but you see, I don't want any commission on apps that aren't sold by Apple, for which Apple has no role in the creation or distribution of the app. They're not doing anything to earn that money.

The cost of developing the OS is paid for by the people buying hardware. After all, you can't sell hardware without the OS.

And while you could argue that the cost of developing the developer tools should be borne by developers (including Apple, who use those tools to building the OS, of course), Apple's rules mandating the use of their tools makes doing so problematic from an antitrust perspective. And either way, a software license that effectively takes a cut of sales on anything developed with that software is problematic at multiple levels. Nobody in their right minds would choose a product under those terms, absent some sort of monopolistic restrictions that compel such a choice.

The correct percentage is zero, with, at absolute most, some small fixed annual fee for program participation to compensate Apple for the limited overhead incurred in signing developers' keys. Any higher cost is effectively holding users' devices hostage, and is fundamentally unjust from a consumer protection perspective.

The only question is how long it takes for various countries' governments to come to the same conclusion and demand that mobile devices be liberated from compulsory profit-sharing done under the guise of "security".