Apple Security Amounts to Trust

Macworld has a very reasonable article on whether you should trust Apple’s iMessages and it’s other security features such as FileVault2.

Basically…

However, iMessage and these other options aren’t open to outside review or “code auditing,” which would allow unaffiliated parties to examine the software both to confirm that there are no intentional back doors and to find and help repair any flaws that were missed.

It’s the lack of 3rd party scrutiny that is concerning. Apple’s closed door policy is really hurting it on security issues.

Review: Xbox One

Background
I picked up an Xbox One for my son and myself on Black Friday, 2014. I purchased the Assassin’s Creed $329 version of the unit from BestBuy.com. I’m a dedicated sci-fi fan so I have no interest in Assassin’s Creed and that game did not entice me to purchase the unit. My purchase was based on only 2 factors:

  1. My son wanted an Xbox One and I wanted to be on the same gaming platform that he was on.
  2. Price, since I had to buy two units, I wanted to limit the damage.

I haven’t bought any new hardware in years and the Xbox 360 was doing me fine. So what does the Xbox One bring me?

  1. A new menu structure that is arcane
  2. Superior graphics for sure
  3. Continued availability of Bungie’s Destiny
  4. Master Chief Collection

Initial Impressions
The Xbox One runs fine, not like the early 360’s that had so many heat and performance issues. While the unit is larger, it isn’t massive and comfortably rests on little shelf from Offi.com (no longer available, sorry).

My Setup
I use a wired connection for my Xbox One. It’s ethernet cable plugs right to my Airport Extreme. My NAT is now OPEN and performance seems solid on a Comcast 20MBPS download 6MBPS upload “Performance” connection. The unit comes with a wireless controller. I’ve added the Microsoft controller adapter and plugged my Astro A30 directly into the controller adapter, losing the 2012 Astro Mixamp in the process. This setup reduces the number of cords on my desk significantly and I like that.

UI
The Xbox One UI seems wedded to the idea that you would communicate with the unit via Kinect; that is, via voice control. I do not have or want an Xbox Kinect. So, given that I have to use a game controller to interface with a set of boxes, representing menu choices, it is understandably clunky. Some players complain about the clunky UI and I don’t blame them. Simple actions like inviting your entire party to a game is hard to find. Initially, I had a hard time finding my game invites but fellow gamers helped out there. There’s a tiny box in the upper left that if you highlight and press ‘A’ gives you a stream view of your invites. The Xbox One tutorial is quite useless.

Destiny
There are transitional load pauses in Destiny when crossing areas such as from ‘The Divide’ to the ‘Rocket Yard’ that I did not experience on the 360. This seems odd since the Xbox One specs are so much higher than the 360.

Master Chief Collection
I’m one of those players that prefers to play agains the AI rather than human players, although I do both. So I’ve only played Spartan Ops on this game so far. One of the reasons for not playing humans yet is that the controls and the visual depth of field seems so different from the Xbox 360 version. I’m still getting used to it after about 8 episodes. My son, 18, has no such issues and has dived right into matchmaking.

Conclusion
If you’re an Xbox 360 gamer your upgrade path will lead to the Xbox One at some point. To enjoy your games you don’t have to purchase this hardware. But it is the next generation console so it’s only a matter of time. And the graphics are noticeably better, so why not?

MacWorld joins others on encryption theme

MacWorld just published the first part of a series of articles on how to encrypt everything. They have a very reasonable bottomline:

…any method by which a government agent can access our data is a conduit for thieves, companies, and other governments to use as well. Law enforcement has to adapt; we need to protect ourselves, as they cannot.

Given that cell phones cannot be searched without a warrant and now that Apple and Google have taken a stance on cell phone encryption, I hope this is the beginning of mainstream acceptance that individuals can act even while Congress cannot.

The iCloud Mental Model is Mental

From Apple’s support page

An unsaved document created with any of Apple’s Documents in the Cloud apps is automatically saved to iCloud in these circumstances:

  • The document is autosaved when you first create the document and edit it.
  • The document is periodically autosaved as you continue to edit the document.
  • On iOS devices and iCloud.com, the document is autosaved when you close the document or close the app.
  • On Macs, the document is autosaved when you close the document, but only if you opened the document from iCloud or manually saved it to iCloud.

Who on Earth thinks like this?

Google and the Future

The Guardian reports on what Google and Ray Kurzweil are doing —

Google will know the answer to your question before you have asked it, he says. It will have read every email you’ve ever written, every document, every idle thought you’ve ever tapped into a search-engine box. It will know you better than your intimate partner does. Better, perhaps, than even yourself.

I ask, why would I want that?
Answer, I certainly don’t want that at all. I find that terrifying.

OS X Yosemite Phones Home

By now, the reported kerfuffle is on many sites.

Wired has a decent, if incomplete, story but it does identify how to fix your OS X 10.10 Yosemite install from phoning home on Spotlight searches.

Luckily, Yosemite’s search-snooping can be switched off in seconds. In Mac OS X’s System Preferences, the functions can be found under “Spotlight” and then “Search Results.” From there you need to disable “Spotlight Suggestions,” “Bookmarks and History,” and “Bing Web Searches.” If you use Safari you will then need to disable the same “Spotlight Suggestions” function in the browser (under “Preferences” and then “Search”) to avoid having terms you type into its address bar shared with Apple by default too.

TheVerge does a bit better with the phrase ‘shared with Apple’.

From Apple’s statement —

… For Spotlight Suggestions we minimize the amount of information sent to Apple. Apple doesn’t retain IP addresses from users’ devices. Spotlight blurs the location on the device so it never sends an exact location to Apple. Spotlight doesn’t use a persistent identifier, so a user’s search history can’t be created by Apple or anyone else. Apple devices only use a temporary anonymous session ID for a 15-minute period before the ID is discarded.
We also worked closely with Microsoft to protect our users’ privacy. Apple forwards only commonly searched terms and only city-level location information to Bing. Microsoft does not store search queries or receive users’ IP addresses.

Here is Apple’s support page on Spotlight.

From my point of view there are still some problems here.

  1. You have to opt-out rather than opt-in. This isn’t how privacy should be handled. Apple goofed.
  2. Opting out requires multiple changes to System Preferences —> Spotlight —> Search Results as well as changes to Safari Preferences —> Search.
  3. How does one vendor, Apple, have such a trustworthy ‘trust relationship’ with Microsoft that it knows Microsoft’s behavior? And over time? How would Apple know if Microsoft’s implementation or behavior changed?

If you want a python script to make the changes to your system fix-macosx.com has the answer.

[Update, Oct. 31st, 2014] Tidbits has a very good article here by Rich Mogull.

My Take on AppleCare

I’ve tailored my purchase of AppleCare to my computer lifestyle over the past 14 years. Perhaps your current situation will match one of the paragraphs below.

When I started out with Apple computers I used AppleCare on all the computers I bought from Apple. That was because I had no experience with Apple hardware and I wanted protection under those circumstances. For me, this period lasted about 4 years, or 2 MacBook Pros.

Then when I bought my kids a white MacBook I bought AppleCare again, and for my laptop since I was commuting by train a lot. My assumption was that commuting would cause more wear and tear. My kids handled their white MacBook well and it died long after AppleCare expired.

I still have a laptop, but since I’m not commuting as much I have opted out of AppleCare. I haven’t bought AppleCare for any of my last 3 computers, and I’m still OK, knock on wood.

But then I’m very familiar with computers and I’m not afraid to go to iFixIt and take my casing off to replace RAM or the SSD which I have done. No big deal. Replacing RAM or the SSD extends the life of the unit. Sometimes doing this may break the warranty too, I think, but I don’t care.

I will note that AppleCare does run out and Apple Computers seem to last longer than AppleCare does. If AppleCare lasted 5 years I think it might be a no-brainer.