On Windows you have to change a few settings, on Mac you're suggesting all third-party software to manage core functionality. Apples Vs. oranges.
I mean, yes, Windows has PowerToys which is an installed add-on, but on Mac we're not talking about Mac Vs. PowerToys, Mac isn't even competing with basic Windows features. PowerToys is competing with the PAID third-party software for Mac.
So how did you identify this as a breach? I'm struggling to find this credible, and you've yet to provide specifics.
Right now it comes across as "just enough knowledge to be dangerous"-levels, meaning: you've seen things, don't understand those things, and draw an unfounded conclusion.
Feel free to provide specifics, like log entry lines, that show this breach.
Please feel free to ignore this sub-thread. I'm merely happy that Apple finally shipped an iPad that would last (for me! no claims about anyone else!) more than a few weeks without falling over.
To learn iOS forensics, try Corellium iPhone emulated VMs that are available to security researchers, the open-source QEMU emulation of iPhone 11 [1] where iOS behavior can be observed directly, paid training [2] on iOS forensics, or enter keywords from that course outline into web search/LLM for a crash course.
I worked at Corellium tracking sophisticated threats. Nothing you’ve posted is indicative of a compromise. If you’re convinced I’d be happy to go through your IOCs and try to explain them to you.
Thanks. In this thread, I was trying to share a positive story about the recent iPad Pro _NOT_ exhibiting the many issues I observed over 5 years and multiple generations of iPhones and iPad Pros. If any new issues surface, I'll archive immutable logs for others to review.
With the link I provided, a hacker can use iOS emulated in QEMU for:
• Restore / Boot
• Software rendering
• Kernel and userspace debugging
• Pairing with the host
• Serial / SSH access
• Multitouch
• Network
• Install and run any arbitrary IPA
Unlike a locked-down physical Apple device. It's a good starting point.
I'm much more convinced that you're competent in the field of forensics. But I still don't think suspicious network traffic can be categorically defined as a 'device breach.'
For all you know, the traffic you've observed and deem malicious could just as well have been destined for Apple servers.
Apple traffic goes to 17.0.0.0/8 + CDNs aliased to .apple.com, which my egress router blocks except for Apple-documented endpoints for notifications and software update, https://support.apple.com/en-us/101555
They said upthread that they had blocked 17.0.0.0/8 ("Apple"), but maybe there are teams inside Apple that are somehow operating services outside of Apple's /8 in the name of Velocity? I kind of doubt it, though, because they don't seem like the kind of company that would allow for that kind of cowboying.
I don't doubt it in the slightest. Every corporate surveillance firm—I mean, third-party CDN in existence ostensibly operates in the name of 'velocity'.
It means any aircraft transitioning over the area at high altitude isn't impacted, because they're too high to care.
It is a ground and "everything near the ground" stop. Meaning low altitude helicopters and private aircraft have to consider it, even transitioning, but realistically commercial aircraft not taking off/landing in the area won't.
They also added strange hacked on half-support for alpha-transparency in modern MS Paint. Meaning there is an alpha layer, and imported staff may utilize it, but if you need to do anything with that layer, you're basically SOL.
Better to have no alpha-transparency than whatever this is. At least old Paint just turned it white, and you could manipulate the white layer, with this working with the alpha layer is a nightmare.
You cannot claim you're "against feature bloat" while then in the same breath say that it is acceptable that a basic text editor have an entire additional render pipeline.
If you want Markdown use VSCode, it is a first class citizen. Don't take an intentionally stripped down text editor and bolt on VSCode-like features.
As I posted in a sibling, I thought the whole point of markdown was that it was simplified to the point that rendering it was easy to do from scratch. But we fumbled that because we (collectively) have no idea what we are doing.
The whole point of markdown is that it is easily readable and editable and the structure is evident without being rendered. That it doesn't strictly need to be rendered in all or any context is its utility.
>But we fumbled that because we (collectively) have no idea what we are doing.
Because, almost entirely, the software development industry has disclaimed all responsibility. It's super common for people to try to do shit they have no experience or skill at, push their effort to be adopted by others, then when it crashes and burns they have no accountability. If software "engineers" adopted the rigors and accountability and dignity of traditional engineering, the industry would be very different.
And on top of that, now we have people letting LLMs go to town on their work, even though the things can't program worth a damn, all because those people can't be assed to actually program (you know, their job). We're entering very dark days for software quality, unfortunately.
People keep repeating this uncritically. There is a car-debt crisis, and wages haven't kept up with house/car costs.
We have one person saying "well in Californian wages..." and another saying essentially that 50K isn't a lot of money when the average SALARY is $66K/year.
I also believe this $50,000 stat is the mean car price which is likely to be pushed up by luxury car sales that cost 2-4x what a typical car costs, whereas a median price would give a better indication of what most people are actually spending. I did a quick Google search and wasn't able to find any data on median price, though.
$50000 stat is the mean transaction price, which includes the dealership stuff that gets added on. While it’s true that it is an average, companies are increasingly not making cheaper models. Sub $30k new cars are almost a myth at this point. You get sedans and hatchback models that start in the high 20s as the base price but we all know you’re not walking out of that dealership with a base model or just paying the advertised rate. SUVs on the other hand, which most people prefer these days are closer to $40k.
To what degree is this caused by car prices versus Americans' compulsion to keep buying new cars? Anecdotally, the folks I know struggling with car payments are almost exclusively in the latter bucket. But I'm open to having my mind changed with data.
Not entirely true; there are at least the lease, rental, and commercial fleet markets supplying predictable inventory of used cars to the public market.
I have 2014 Tesla S which which I recently had drive unit and battery replaced ($20k total). my friends all think I am nuts, but they all have $1k+ payments (some for 72m) while I haven’t had a car payment since 2017 and won’t have another one till 2036 :)
If your friends dumped $20K into paying off those loans they’d be a lot closer to paid off or maybe paid off completely, though. And that’s on a newer, lower mileage car.
I’m all for maintaining vehicles and keeping them on the road, but I don’t think you’re in a place to criticize your friends with $1K car payments after putting almost 2 years worth of those payments into a car that’s over a decade old.
I have spent exactly $0.00 on maintenance since 2014 when I bought the car (other than tires, 5G modem and internal battery). not sure what “paying for the car” means, it was paid off in 2017.
to simplify the math:
1. I spent total $90k
2. to have a car from 2014 through 2035-ish
for a $1k/month that would be $252k for my friends :)
nothing till 2035 and even then I might just replace the battery again. people look at EVs as like some disposable thing, when battery deteriorates you chuck it (shows in the pricing of 'used' EVs, my friend bought a 3-year old eTron that was originally purchased for $93k for $35k - 19k miles on it). my tesla is rock n roll now and will be good for the next decade
I wonder how much of this ridiculous car money was previously buy-a-house money. If you don't think you'll ever buy a house, you might as well spend it on a car.
Yep; it is just a matter of time before that is thrown back in their face when they add the ads. No way shareholders will let a revenue stream go unutilized particularly if a competitor proofs the market for them.
I mean, yes, Windows has PowerToys which is an installed add-on, but on Mac we're not talking about Mac Vs. PowerToys, Mac isn't even competing with basic Windows features. PowerToys is competing with the PAID third-party software for Mac.
reply