English is well supported in China because there are many Western employees working in China. All Chinese students are required to learn English as a second language as well.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
'XcodeGhost' Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents
- Thread starter MacRumors
- Start date
- Sort by reaction score
Well, Apple also gave OpenGL/CL the middle finger. The GPU standards wars are frustrating, and Apple isn't contributing to making things more cross-compatible. Guess it makes sense with their unique Mac hardware now.
Last edited:
So there was a non-Apple provided copy of XCode floating around rather than downloading it from Apple? Why would anyone do that? Or am I reading the problem wrong
The fact that those apps got in AT ALL is the problem of the AppStore not being able to prevent malicious apps.
I'm hoping, one day, these same opinions apply to MacOS. No more third-party software. App-store only. Watch them pivot on those opinions so fast.
I remember when the crowd here was "Mac is immune to malware" then went to "it's just less common" and is now... very quiet.
So now they fall onto iOS and have been crawfishing the entire way... "Apple protects you via the AppStore! You're safe!" -- to "well... it's just less common". Just waiting on the next crawfish move...
Truth be told, the only reason anyone is defending the AppStore is because that's all they know and they can't imagine Apple being able to function in any other way, so they are required to defend that idea. It's also why it falls apart so fast on a "real computer" like MacOS.
An alternate concept is some of us have seen some of the alternatives and view them as a worse solution; not that we think the App Store is perfect.
The development of those two markets was vastly different and resulted in different solutions, IMHO. YMMV HAND
“the highest standards” means there are numerous standards used for maintaining security and, where a choice is provided, Apple chooses the more secure version of the standard… or the “highest” standard. For example, there’s multiple standards for encryption. DES is one, AES is another, RSA is another. If RSA is the highest standard for encryption, and they’re using it, then that’s one of the highest standards they’re talking about. They’re saying that “For all the security methods that can reasonably be applied, when we apply them, we’re defaulting to the highest”. (100% of RSA encryption isn’t even a valid thing. Because, there’s no such thing as 30% of RSA encryption. You’re either using it and can encrypt/decrypt with it, or you’re NOT using it.)
But, just because you’re making the best effort at BEING secure, that doesn’t mean that you are 100% secure from all threats. It just means that the likelihood and potential impact of those threats are as low as possible. If you want something 100% secure, disconnect it from the internet and don’t interact with it in any way. However, that would make for quite the ineffective iCloud backup
Because downloading Xcode from Apples servers was too slow in China at the time, so developers in their infinite wisdom decided to download dodgy copies from local servers instead.
If you’ve ever used pirated software for macs you would be aware of the actual risk these sideloaded unauthenticated apps can have on your system. Yes it is voluntary to risk your Mac this way and it is the user who grants the Apps the permissions necessary to wreak that havoc. However, the point is that leaving that side-loading pathway open invites potential security compromise into the system.
Think about the logic behind vaccinating everyone vs vaccinating only a minority. The idea is that if we don’t vaccinate all, the non-vaccinated group may allow for a mutation that then compromises the immunity of the vaccinated. And in the same way, while allowing for side-loading apps in iOS may not affect the security of existing Apps at first, it may invite corruption into the system that may find its way into the secure part of the software. And most Apple users simply don’t want that. We are happy with the sandbox and would like the walls even higher.
A regulated sandbox is a working system that securely allows innovation to flourish without corruption. Yes there are limits and prices to pay, it’s an imperfect system but it’s working better than any other at the moment.
Well, it is less common. Mac malware has been around since forever, and it's nothing new. IDK who's claiming otherwise. iPhone malware is even rarer than Mac malware and a lot less harmful, from the App Store review and the app sandboxing respectively.
Last edited:
It would be a time bomb if you had an app for everything like on an iPhone. You're doing most of your stuff in the web browser. Imagine downloading a Mac app to log into your bank, and it's compromised by a fake Pizza Hut app via a root escalation exploit or simply editing a file the banking app foolishly relied on being safe. Edit: Or the fake app just encrypts ~/ and asks for a ransom.
Last edited:
Nobody who knows what they're talking about ever said the App Store was invulnerable. I've had arguments with the less educated claiming the refutation of the incredibly intellectual claim that "Macs don't get viruses" (sarcasm, for the uninitiated). The problem is that refuting such a foolish statement is rather foolish in its own way. Malware can get anywhere, the App Store is no exception. It is definitely the case however, that it is significantly more difficult to get malware on the app store than it is through other less curated environments, say (for example), the hacker's own website, BitTorrent, etc. It's not difficult to imagine ways a user might download malware outside the App Store, while it can be quite the challenge to do so on it."But... but... since the App Store is guarded by Apple, we're all the more safer. If we allow 3rd party app stores or people to download and install apps through the browser like with macOS, users will be exposed to malware" said the people who are against 3rd party app stores and downloading/installing apps through a browser.
And somehow the idea that they won't be forced to and don't have to use the 3rd party app store is lost on them
Plus, it does not surprise me in the least that this happened in China. The infected version of Xcode likely came from the government. Recent history suggests that infecting Xcode wouldn't be such a big deal to them, considering what they've infected the world with recently.
*raises hand* Umm... why the hell would anyone download XCode from anywhere but Apple itself. It's free.
This post is very misleading. It made it seem like Apple actually cared about its users when they were not. Go read about it at Ars for a more thorough report.
arstechnica.com
Apple brass discussed disclosing 128-million iPhone hack, then decided not to
Emails entered into Epic Games lawsuit show execs contradicting Apple talking points.
arstechnica.com
That it is held to the highest standards I understand to mean that efforts are made such that those standards are satisfied. Not that they are satisfied of course. I'm very skeptical of that the confusion you describe is widespread.
"Highest standard" to me means that no other major mobile app store is safer. That's probably true. You're quoting all their marketing, all technically true statements but not meaningful. Like, yes every app is screened automatically, doesn't mean the screening can magically identify bad human intent.Yes, we still have police and crime still exists. But at the same time, the police aren't telling us that their ability to police and protect us are "held to the highest standards"
What does "the highest standards" mean to you?
For me, it means 100% because there's nothing higher than that; It's the highest you can go.
App Store
The App Store gives people around the world a safe and trusted place to discover apps that meet our high standards for privacy, security, and content.www.apple.com
"For over a decade, the App Store has proved to be a safe and trusted place to discover and download apps. And a big part of those experiences is ensuring that the apps we offer are held to the highest standards for privacy, security, and content. Privacy and security. Built into everything we do.100% of apps are automatically screened for known malware.Dedicated to trust and safety."
But as we can see, the App Store is not 100% secure. How can Apple claim that their App Store "has proved to be a safe... place" and that they ensure that the apps they offer are "held to the highest standards for... security" when malware gets in?
Fakes, scams and malware are not, collectively, uncommon on iOS. But that isn't my reason for supporting side-loading and alternatives to the App Store on iOS.
Look what Steam has done for gaming on the PC. Would gaming on the PC be as robust as it is if the MS store was all we had? Choice and competition is a *good* thing.
If Epic wants to host a curated store of iOS games and related applications, then by all means they should be able to do so, and those who want to do business with Epic and download those games should be able to.
iOS devices are not toys, they are computers, general computing devices in fact, and as such should be under the full control of their owners and not Apple. And by full control I mean root control.
Look what Steam has done for gaming on the PC. Would gaming on the PC be as robust as it is if the MS store was all we had? Choice and competition is a *good* thing.
If Epic wants to host a curated store of iOS games and related applications, then by all means they should be able to do so, and those who want to do business with Epic and download those games should be able to.
iOS devices are not toys, they are computers, general computing devices in fact, and as such should be under the full control of their owners and not Apple. And by full control I mean root control.
The meaningfulness is in context though. The sentence is “And a big part of those experiences is ensuring that the apps we offer are held to the highest standards for privacy, security, and content.” and it means something as a whole. Randomly pulling “highest standards” out of context is virtually meaningless. That would be like reading “Because we offer nearly two million apps — and we want you to feel good about using every single one of them.”, pulling out “feel good” and then going off on a tangent about how “Apps can’t feel good, they’re not even physical, so you can’t even feel them!”
”general computing devices” is only used as a phrase by people that want to build a case for allowing companies other than Apple and Google to do the same thing Apple and Google are doing.
I’m ok with the vendor taking a 30% cut but ONLY if that vendor does not have a 5 letter name starting with A or a 6 letter name starting with G. That’s how arbitrary that is.No. Not even close. I want to have root control over my devices because I want full ownership rights over them. That's what I say, and that is what I mean.”general computing devices” is only used as a phrase by people that want to build a case for allowing companies other than Apple and Google to do the same thing Apple and Google are doing.
Agreed, like how MacOS allows you to install any third party software. MacOS is so insecure and malware ridden it's insane!
Oh.. wait.
That's what I mean. The apps are held to the highest standards of privacy, security, and content. I consider that statement accurate. You don't get it better elsewhere.
Oh, I understand what YOU want. And, you should only buy things that give you root control over your devices. It would make absolutely no sense for you to buy something, like an Xbox or a Playstation, that you don’t have root control over. Some companies simply don’t offer products that you have root control over, and that’s fine.
I wouldn't buy those products. Unfortunately circumstances conspired to force me to own a smartphone. If I could get away with it I'd live without one.
So live with an Android or a Linux phone if you "need" root access. You have a choice.