Please note: This site is now an archive, visit Atomic Ninja Labs for the latest content and updates.
Jesper speaks with a clear and (in my humble opinion) wise voice in his post The Sliding Scale of Right.
The real takeaway is that when Apple does shit like this, it degrades Software Update and the extent to which people can unconditionally recommend it as a useful and convenient security precaution. Good security precautions don’t come with caveats.
Apple has dropped the ball here. And it is as simple as that. Automatic select-and-install of anything the user hasn’t specifically said “yes, please install application n, I approve that action by selection” by default is bad form. It’s wrong.
The Operating System in question is irrelevant, the principle is the same. Do not install shit I do not ask for, especially if you try and hide it as an “update”, purposefully or no. Apple’s software update hasn’t done this in the past (at least not on the Windows platform) and whilst it’s obvious Apple seeks to push their browser of choice, it should never be at the expense of user knowledge or by sneak attack.
The single best option is to revert the action back to what it had always been prior to the latest release of Safari. That is what the user expects. And thus that is what it should be — if I have not requested installation of the application, it remains un-installed.
The dailyapps crew on the iPhone 1.1.2 Update:
The Cat and Mouse game is on, and this time its Apple that’s got the upper hand over the Hackers. Apple has just released the firmware update to Apple iPhone.
As expected the TIFF vulnerability has been fixed, thus the usual jailbreak methodologies fail. Using vulnerabilities to open up a platform to third party applications has always struck me as one-hundred-and-ten percent the wrong ideology to follow. Sure, it may work.. for a time.
But using a failure in security to then punch an even larger, risker hole through to run third-party applications? It’s an inevitable recipe for disaster and someone is going to take advantage of that, eventually.
"Well Paul, frankly, if I was John Gruber I’d call you a Jack-ass." — amen. Thurrot is less relevant as each day passes. The solution was to (some time ago) remove his material from my RSS inbox, with no adverse affect as a result.
I note there seems to be yet another reason for part of the Apple community to complain first and ask questions later. This time, rather than consumer cries of unfair practices, it’s Java developers that are raging against the machine.
It does appear some cooler heads have surfaced with a little voice of reason regarding the decision by Apple to not roll Sun Java 1.6 into the first release of Leopard. Ben Galbraith, co-founder of Ajaxian, has stepped up and writes:
"So, what, there are some bugs in OS X 10.5.0? They didn't have 1.6 ready out-of-the-chutes? Big deal. Give it time, just like we have with every release of Java since OS X first shipped with 10.3."
Ben also points out a working solution for anyone looking to develop that has made noises about shifting platforms:
".. now, thanks to Parallels/Fusion, we actually have a great alternative for the impatient."
It's not exactly breaking new ground using a virtual environment for development, indeed some might suggest it's the ideal approach. So as Gruber has pointed out, this is little more than a storm in a teacup.
He's not alone in that view either as Eric Burke points out:
"Panic! Panic! No, wait. Let’s learn from history. I spent some time this afternoon putting together [a] timeline comparing Sun’s Java releases with Apple’s Java release.."
The timeline clearly shows that Java updates have universally occurred within short order of a major milestone release. Certainly for both Panther and Tiger. This isn't a new thing. It's also not just an Apple thing. Unlike our solar system's celestial bodies, most Operating Systems do not revolve around Sun.
From my point-of-view, Java may well be one of 'the' platforms of choice for the mobile space, but it's place is far less cemented on the desktop. Where Leopard is in use. I seldom see Java outside of the web browser, be it in Windows, OS X or even Linux; indeed aside from a small handful of applications, few actually will.
"Here’s how I recommend installing major new OS releases for typical users." — Mr Gruber with some of the most sensible upgrade advice I have read in a very long time. And he is right on the money.
There has been a recent trend of late that suggests suspending good sense, logic and reason is the order of the day.
I believe an example is in order. Tony Celeste
writes:
Does Steve Jobs have some secret business vision that none of us can comprehend, or has he just reached the point of being so […]
This is a question that
Michael Gartenberg has asked.
His article goes into a little detail regarding a recent experience regarding a pre-loaded Vista system, much of which is on point. I did note, however, a key statement made that highlights an issue Microsoft ironically helped, indeed forced, into the market —
he writes:
Of course Microsoft […]
"I’ve bought a few at $1.29; I’m calling my lawyer in the morning and plan to sue." — whilst Gruber may well remark in jest, it’s within the realms of possibility (certainly given recent history) that *someone* in the Apple community will complain.
"Apple said today that a firmware update to the iPhone due to be released later this week "will likely result" in SIM-unlocked iPhones turning into very expensive bricks." — the cat has caught the mouse this week, no word yet on mouse striking back.
"The best thing that could happen to Apple this year would be for Microsoft’s Zune 2.0 to be a kick-ass product, both technologically and in terms of being designed to make customers happy, not entertainment conglomerates. Apple needs competition." — given recent activity, actual competition would keep Apple engaged and honest; right now they have the mobile phone and media player markets sewn up - complacency breeds contempt.
"The point of any company should be to make customers want to give it money, NOT to get money from customers. It’s a subtle distinction that is the difference between good and evil."
