Skip to main content

Dropbox Modifies TCC.db to Give Itself Accessibility Access

Dropbox was using a sql attack on the tcc database to circumvent Apple’s authorization policy

Another issue like this and a lot of people will switch to iCloud Drive.


Trusting the government

The UK government had setup the Independent Commision on Freedom of Information with an eye to review the Freedom Of Information Act:

Last year, the government set up a commission to review the law, composed mostly of people who had expressed scepticism or concern about the scope of the FOIA, and with a clear brief to add restrictions to its workings.

Not my definition of independent.


Ad tech is killing the online experience

Apple blogger John Gruber started off a new debate about these issues recently, when he noted that a 537-word text post on the website weighed in at 14 megabytes. (Fourteen megabytes of text should correspond to about 7m words, or about 10 times the combined length of the Old and New Testaments.)

Gruber blamed, but really it’s not the website’s fault, since to a very large degree the owner of the website you’re visiting doesn’t actually control what you see, when you see it, how you see it, or even whether you see it. Instead, there are dozens of links in the advertising-technology chain, and every single one of them is optimising for financial value, rather than low-bandwidth user experience. Many pages, if you’re on a slow connection, simply time out; they never load at all.

When you are a website owner, you are responsible for all the content on your site. If you don't have any control over the ads, then that's a process issue that should be addressed.

Why not band together with a few large sites and create a standardised ad submission and review system that advertisers can integrate into their content tools and websites can set criteria about ads on their sites.

Maybe the bigger problem is that those websites cannot afford to reject ads.


Security through insecurity

Schneier explained how, initially, NSA Director General Keith Alexander claimed in 2013 that he had disrupted 54 terrorists plots. A few months later, this was revised down to 13, and then to "one or two." Eventually, the only success that the NSA could point to was the prevention of a San Diego man sending $8,500 to support a Somali militant group.

Doesn't sound like a worthy trade-off.


Modern technology

Today’s experience of trying to watch the formula 1 race at Silverstone was a frustration of modern technology and drm issues:

  • the Virgin media box only recorded the first hour of the BBC Broadcast. Disappointed.
  • I then navigated to the Virgin media version of BBC iPlayer. However it does not list Formula 1 races, due to licensing restrictions. sigh annoying.
  • I loaded up the iPhone version of the BBC iPlayer. It has the race but it visually it looks like an amateur YouTube video. Connecting it to the HDTV with the Av cable might tell the app to switch to an Hd stream, but alas the picture is twice as muddy. Frustrating.
  • Booted up the laptop to view the web version, which is as blurry as the iPhone version. Let’s download it perhaps it’s higher quality? Hopeful.
  • iPlayer desktop is installed then crashes. Typical.
  • Adobe Air wants to be updated which happens as the programming preventing the update just crashed. Really?
  • iPlayer desktop loads but does not let you browse any shows. Losing interest fast.
  • Downloading Formula one British Gran… 2.3Gb this is looking good. No streaming? I’ll start watching on the iPhone in the meantime. Tolerating.
  • 11 minutes later the abbreviated title expands to ’d prix qualifying’. Getting pissed.
  • downloading the actual grand prix. Watching more on the iPhone. Maybe this is as good as it gets?
  • connecting the laptop over HDMI. Download is finished! Turns out visuals are better but framerate is choppy. Can’t be arsed anymore. I’ll watch it on the laptop.

Does it have to be this hard, Virgin, BBC, Acer, Toshiba, Apple?


Rupert Murdoch facing BSkyB defeat as parties unite in call to drop takeover

Rupert Murdoch will today face the humiliation of the Commons issuing a unanimous all-party call for his scandal-ridden News Corporation to withdraw its £8bn bid for BSkyB, the great commercial prize he has been pursuing to cement his dominance of the British media landscape.

In an extraordinary volte-face, David Cameron will disown the media tycoon by leading his party through the lobbies to urge him to drop the bid. Murdoch can defy parliament and press ahead with the bid, prompting a Competition Commission inquiry, but he risks finding himself ostracised by a political class that once scrambled to bend to his wishes.

I'm sure it has nothing to do with MPs no longer wishing to be associated with a news organisation that might give them certain favours. I still have yet to find a convincing argument on BSkyB being related to the phone hacking scandal. Until then there must be other, presently unknown, reasons for this change in direction.

via The Guardian.



Mark Zuckerberg is TIME Magazine's Person of the Year? Where's the "dislike" button?

Facebook's users are not connecting directly with each other. They are speaking to Mr. Zuckerberg, who first writes down and files away everything said, and then maybe relays it to the intended destination, if it suits him.

Mark Zuckerberg is TIME Magazine's Person of the Year? Where's the "dislike" button?


Quote of the week

I'd post the other two examples, but I wouldn't want to take all the fun out of reading the manual.



Letter to Ministry of Sound

Dear sir/madam,
I am writing you to complain about the new ministry of sound website and the lack of data protection with regards to your users.

Earlier today I received an email notification about the new MoS website. The email also notified me that a new password was issued to use on the website. These are two characteristics of a phishing mail - in this case launching a new website and sending out new passwords, they could easily have been sent from a malicious source wanting me to login to their MoS-lookalike website and take my credit card details. You shouldn't send out a new password unless someone requests it on your website, because email can be forged. You also sent out my password in plain text email rather than on a secure part of your website. Anyone can read it and login to my account and purchase orders.

Also to my surprise while investigating the source of the mail, several of the links point to a domain (update: this domain name no longer exists!), the name doesn't help to improve the trust in your email. To my astonishment the link led to a webpage with the html email, again with my password in plain sight. Have a look (link removed), I changed my password already. Let's wait for Google to index it so that anyone can search for my account information. They already found other newsletters.

Finally, I used to buy my mp3s online. This site no longer works as an error comes up when it tries to redirect, due to a configuration error. My order history is gone, most of my profile is gone.

I'm very disappointed with your lack of security and care for your customers and unfortunately have come to the conclusion that I won't be using your service again, and I will recommend my friends and family to do the same, due to these trust issues.