The topic has been addressed already to the point that the beaten horse has been dead long ago.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Releases iOS 9.3.5 With Fix for Three Critical Vulnerabilities Exploited by Hacking Group
- Thread starter MacRumors
- Start date
- Sort by reaction score
Best practice should be to notify users, explain the update within appropriate guidelines and then wait for user assent to install. Any installation can have unintended consequences including making the targeted device unresponsive until troubleshooting the cause to find a solution. That's reason enough to not have updates 'silently' install.
I'll need to bookmark this article for the next time a fanboi tells us all that IOS is superior in part because it is impervious to attacks ... HA!
And BTW if this is such a critical fix we should be allowed to download this over 4G / LTE. I'm annoyed I cannot plug this security hole at work since WiFi isn't available.
And BTW if this is such a critical fix we should be allowed to download this over 4G / LTE. I'm annoyed I cannot plug this security hole at work since WiFi isn't available.
Last edited:
So the issue there is that the target device can be bricked, that's because an update is faulty to begin with, which is the problem, not the installation method. The install can be both silent and successful.
Sure, why not get even more user input for the mundane aspects of maintaining their device. Why not send users to a specific part of the Apple website, ask them to download the update package and patch it themselves following the instructions in the readme file.
I'm talking about progress, specifically progressing the operating system beyond iMessage balloons and emoji. I thought there would be many more here interested in progressing Apple.
Exactly. I would never want auto updates for this reason. There are a lot of times updates come out and I am traveling and do not want to chance a problem when I am away from a computer to restore.
What's stupid is the fact that you're using the font as if you're special.
Patching the kernel in that fashion would leave the device inoperable for the same duration as a reboot if not even longer. As I mentioned, you don't know what you're talking about. Stop making pointless suggestions.
[doublepost=1472235404][/doublepost]
What you mentioned is not user input, it is inconvenience. Again, you don't know better than Apple's own designers.
Even if there's a 0.0001% chance that a device will experience issues after an update installed without their knowledge, that is far too much. Apple cannot account for every single usage scenario.
Last edited:
I don't want updates to happen automatically..especially if its a large download.
Your comments have been rather attacking, but I'll look past that. But if you must know, I am special, thank you. You can choose another font as well. I prefer the larger and rounded typeface, it is clearer to me when I read it.
You didn't read the article in the Linux Journal. Your ignorance is on show sadly. The device would remain operable while patching. Kpatch and kGraft offer patching on the fly, the user wouldn't even notice a missed beat. There are many ways to solve this problem.
And there we have it, your comment: "you don't know better than Apple's own designers". Your all revealing bias shown on display in this thread. Not all the great computer scientists and designers live at 1 Infinite Loop. They live all around the world. They join Apple, they leave Apple. I'm here offering my expertise. What is it exactly you are contributing?
[doublepost=1472236458][/doublepost]
I suspect this has to do with carrier charges and data. If the download size was reduced significantly and you didn't notice it, you might have a different view. Only talking about security updates here, not full system updates with new features.
The device would be partially operable, and as we both know, this is not something Apple would consider. At the very least, there would be a significant performance decrease. This is also out of the question. Servers and mobile devices cannot be compared.
You're naïvely suggesting that Apple didn't think this through already. There is nothing to contribute, and I don't appreciate 'special' attention-seekers.
Again, the possibility of an error is made worse by the fact that the user had no prior knowledge of the update. Silly suggestion.
Apple isn't perfect and they can't account for everything. Add in different scenarios to WB's -- waiting to receive or make a call concerning a deadlined business or legal matter, or something more personal like having phone access for emergencies or safety. What responsibility would Apple be held to because they pushed a silent update that caused failure? I'm sure their legal staff has considered this.
There are quite literally over a billion different scenarios to account for. The success rate would have to be 100% if Apple were to even consider this!
That's a no, no, no and a foot stamp from you. Nice.. You don't have any facts to back up your assertion of significant performance decreases or that Apple hasn't or isn't thinking this through. There is nothing silly about it. A little forethought, please, because if we all followed this thinking, we'd have blackberries in our pockets with physical keyboards.
Fact: Parts of the kernel would have to be edited and replaced.
Fact: Every single part of the kernel is required for one reason or another.
Fact: Therefore editing the kernel would render some functionality temporarily unavailable.
So Apple designed the entire iOS update mechanism without "thinking it through"?
Interesting phrasing there, as the foot stomping seems to be coming from somewhere else.
Uhh... You know it's not Google's fault, right? Android runs on many different pieces of hardware, made by different manufacturers, and has to work on many different carrier networks. If Google releases an Android update it falls on both the device manufacturers and carriers to get those updates out to customers, because Android is tailored to each of their specific needs and you can't just push a blanket update and expect it to work on hundreds of different phones and carriers.
If someone's specific device doesn't get an update blame it on the manufacturer or carrier for being too cheap to put the time or money into developing and customizing an updated OS to seed out (not to mention load all their custom bloatware on to it). Most of the time the carriers want you to be stuck on an old OS version so you'd be more inclined to upgrade your phone.
It has nothing to do with Google and everything to do with the time and money spent tweaking a new Adroid OS version to work on a specific phone and carrier, that sadly most of those companies have no interest in doing.
Last edited:
Who knows what Apple is or will be thinking, they have the current system as it is today, but it doesn't mean it won't or can't change or improve for the better.
By the way, from your response, it's clear you never read the article I posted. If you're a nerd like myself, you'll recognise that it's really cool technology. I'll copy one part of the article: http://www.linuxjournal.com/content/no-reboot-kernel-patching-and-why-you-should-care
"Kpatch freezes every process and then reroutes system calls from the old kernel functions to the new, patched functions, before removing the old code. Because it handles every running process in one sweeping move, it runs quite fast - one to forty milliseconds and it's done. However, during this time the processes are frozen, which means there is some downtime - a mere fraction of a second, but in certain situations, that may be unacceptable.
kGraft, on the other hand, handles each thread one by one, as they make system calls (without forcing them to freeze first) until all of the threads are running the patched code. At this point, the patch is fully installed and the old code is replaced. This process takes longer to complete the patch, but it does it without any downtime."
kGraft, on the other hand, handles each thread one by one, as they make system calls (without forcing them to freeze first) until all of the threads are running the patched code. At this point, the patch is fully installed and the old code is replaced. This process takes longer to complete the patch, but it does it without any downtime."
Just awesome.
Last edited:
The problem is that Apple only releases "OS updates" that require full restart instead of providing security patches like most others do. With Apple it's never a question of "should we require a restart with this update, for example, has the kernel been updated?", it's simply required every time because the update system is not flexible enough. And it should be - service managers like launchd are certainly up to the task.
Now, with 9.3.5 the kernel has been updated, so it's "ok" to require a restart, but bundling security fixes into a few-times-a-year OS update is a lazy, 90s design. Just ask Microsoft, they already travelled that road after being a laughing stock for over a decade.
Only those that update the kernel. Most happen in the background without bothering the user. Hell, even graphics drivers can be updated without a restart since what, 2006's Vista?
And yet my Surface Pro 3 has to restart every time there's a Windows 10 Update. Every time.
Maybe you just don't notice the updates that happen without your intervention? I certainly don't have to restart my PC with every update.
3 million dollars had to be paid for an ios hack. That shows how secure iOS is, that so much resources has to be spent. And I hope whoever laid that sum of money got their money's worth, because their hacking tools just became a lot more impotent today.
iOS can be more secure than Android and still be hacked. It's like me locking the door of my house as opposed to just leaving the door wide open. It doesn't mean thieves can never break into my house, but at least they will really have to work for it, rather than simply be able to just waltz into my living room uncontested.
So when Apple releases updates are there usually things in them that would typically require a restart?
Actually every jailbreak is a hack, typically with multiple vulnerabilities. Based on this iOS has been hacked continuously since inception. The only thing that has changed is that some individuals or hackers have realised the value of their work and now sell these vulnerabilities to the highest bidder instead of just giving it away in a jailbreak.