I was not referring to a time where Apple was 3% of its current size but to pc vendors that do take their business serious (as Apple once did)
I'd favor Michael Dell over the current crop of traitors of Apple's legacy
Last edited:
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
macOS 'Quick Look' Bug Can Leak Encrypted Data Through Thumbnail Caches
- Thread starter MacRumors
- Start date
- Sort by reaction score
I'd favor Michael Dell over the current crop of traitors of Apple's legacy
Which is a shame because currently iOS is a steaming pile of hot garbage too.
Without the Mac there would be no iPhone/iPad revenue. If I’m not using a Mac I’m not using an iPhone.
I agree this is a flaw, and a potentially serious one for some of users.
I cannot agree, however, that "most users are not going to be happy to learn that their Mac records file paths and thumbnails of documents from every storage device that's been attached to it.". I suspect that most users, like 99% of them, don't give a damn.
You sound simultaneously like an apologist for Apple but also a Linux user. That's a strange combination.
I cannot agree, however, that "most users are not going to be happy to learn that their Mac records file paths and thumbnails of documents from every storage device that's been attached to it.". I suspect that most users, like 99% of them, don't give a damn.
You sound simultaneously like an apologist for Apple but also a Linux user. That's a strange combination.
Mac sales are flat. The only reason revenue has increased is due to the price rises of the MBP. They have been cash cowing the Mac for years. They care about the revenue but not about the Mac itself.
[doublepost=1529402690][/doublepost]
He shouldn’t have to workaround a bug that has known about and not fixed for 8 years. The reason many people buy a Mac rather than a Windows PC is so they don’t have to work around bugs. Macs are supposed to just work properly. Without that comfort blanket you might as well save a fortune and just buy a Windows PC instead.
Sure, a flaw that has existed for eight years is an indication that things have become worse lately.
It is not whining to point out that it is up to Apple to correct the bug, not up to the user to start learning Unix commands to compensate for Apple’s negligence.
We are sold Apple products on the basis that they’re easier to use than Linux/Windows, and that protecting your data is a matter of clicking a few buttons in an app, not learning terminal commands...The average user doesn’t have time for that.
But still, thank you for the tip. It IS useful for the more technically inclined users like us ( but that’s the tiny minority of users , not the majority )
I love this logic: FileVault doesn't provide any security benefits because you only need to bypass FileVault to negate those benefits.
The engineer that designed cached previews didn’t have security in mind, apparently.
When being transferred to another sw team (as per Cook’s business model) the more compelling question is whether he (or the process) has improved and how that will benefit this orphaned MacOS part
So when did Apple take their business serious? And how many new models did it release per year back then?
[doublepost=1529403858][/doublepost]
With a similar logic one could call Time Machine a security flaw. I might delete (or even secure-delete) a file or encrypt it after having received it. But if Time Machine has managed to backup that file and it ends up in one of those snapshots that don't get purged over time, it's still accessible from the Time Maschine backup.
[doublepost=1529403931][/doublepost]
I am not sure this is working for me:
> qlmanage -r cache
qlmanage: call reset on cache
But this simply just isn’t a true statement. Millions and millions of Apple customers are using an iPhone or an iPad and have never owned a Mac.
You do, I do and mostly everyone here does. I love having a Mac,iPhone and iPad trio.
But to say without a Mac there would be no iPhone revenue is lol...
Maybe developers would struggle to create apps on the App Store, but they would just move over to a more powerful PC for less money. Profit.
That was at times when Apple’s quality/stability were at best of industry level, which might be too long ago for you to recall. The number of models released by then does hardly matter, now that Apple should be able to do 20x times more by now - compared to its current size/momentum.
It remains unclear what your benchmarking standards are, but they seem outdated and hamper the relevance of your conversation.
Last edited:
Nice false false equivalency. One is a potentially critical bug and the other is a secure feature.
Except that you've chosen to use TimeMachine, it's doing exactly what it says on the tin. Hardly the same as a process an average user is going to be completely unaware of.
Last edited:
Yes and no. A very large number of people use TM and the average user won't realise what it all preserves. Maybe the average user will know that a file they kept in a folder could still be in some TM snapshots, but will the average user be aware of things like an internet browser's history (and caches) still being around in TM snapshots after the user deleting it? Or go even further, and extend that to log files? Or image caches inside a DAM (Lightroom, Photos)? Or TM backups of caches of clipboard managers?
We leave so many digital traces, it is extremely hard to all cover them. To some degree all the things we do to protect against data loss, backups in the most general sense, stand in direct conflict with our desire for privacy and security.
[doublepost=1529408736][/doublepost]
Do you remember the 'critical bug' that allows you to see the fully rendered webpage when you hit the back button in Safari (or use the two-finger swipe to do the same)? The reason you see the previous webpage fully rendered without any delay is because Safari keeps JPEG snapshots of the view of every webpage you visit and when you hit the back button what it shows you is this JPEG while it re-renders the webpage in the background. Those JPEGs might easily show content that is behind a login, which are now stored as unencrypted as those QuickLook caches on your boot drive. Oops.
[doublepost=1529408872][/doublepost]
Sure, supporting 20x as many different hardware configuration only takes 20x more resources.
I have no idea what you think my benchmarking standards are.
[doublepost=1529409636][/doublepost]
Sure, my TM backups are publicly available the same way your boot drive with the QuickLook caches is. Or what was your point?He may have opened public access to his TimeMachine backups
(...but who’d even care)
Yes, definitely which is why this whole article is moot. I would imagine Apple hasn't 'fixed' this yet because they don't intend do, as its not really a bug. This is what I would call a feature request.
...and your point being..?He may have opened public access to his TimeMachine backups
(...but who’d even care
It is user responsibility to keep they're files safe.
All this hooha for nothing of any significance...
But as they say - ignorance is bliss...
Kinda reminds me of that story a few days ago about a company being able to access your iMessages... if they have your password and one of your devices.
Then you never heard or even remotely understand what common platform strategies are.
Ok, that was a bad phrasing of the issue. The point I was trying to make was that more versions require more support at the software level on an ongoing basis beyond designing the hardware.
But that probably isn't the main reason why Apple still has a fairly low number of products. The main reason is that it helps the majority of customers who are put off by too much choice (were 'helping' also includes 'making it less of a hurdle to make a purchasing decision' which translates into more sales for Apple). The paradox of choice is real.
Last edited:
You could also suspect that this bug hasn't actually resulted in any significant problems for end users if it's been around for so long. Where are the cases of law enforcement abuse of it? There don't appear to be any.
I think it is relevant for people that keep some files on additionally encrypted volumes (eg, an encrypted disk image). It is also a reminder that fully obscuring your digital footprints is not that simple as information might lurk in cache or log files.
