All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com

Thank you for buying via links and ads on this site,
which earn me advertising fees or commissions.
As an Amazon Associate I earn from qualifying purchases.

Other World Computing...
B&H Photo...
Amazon
As an Amazon Associate I earn from qualifying purchases.
Upgrade the memory of your 2020 iMac up to 128GB
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$348 $298
SAVE $50

$170 $120
SAVE $50

$300 $175
SAVE $125

$989 $869
SAVE $120

$400 $310
SAVE $90

$1470 $1299
SAVE $171

$322 $242
SAVE $80

$1470 $1299
SAVE $171

$180 $140
SAVE $40

$500 $275
SAVE $225

$180 $156
SAVE $24

$130 $100
SAVE $30

$3498 $2998
SAVE $500

$1699 $1149
SAVE $550

$280 $230
SAVE $50

$1899 $1499
SAVE $400

$4499 $3499
SAVE $1000

$2198 $1998
SAVE $200

$3998 $3498
SAVE $500

$1799 $1699
SAVE $100

$18599 $16599
SAVE $2000

$1149 $849
SAVE $300

$650 $450
SAVE $200

$199 $119
SAVE $80

$280 $200
SAVE $80

$1399 $1049
SAVE $350

$1199 $779
SAVE $420

$250 $220
SAVE $30

$1699 $1149
SAVE $550

$195 $125
SAVE $70

$79 $49
SAVE $30

$120 $30
SAVE $90

$198 $148
SAVE $50

$3899 $1499
SAVE $2400

$2999 $1999
SAVE $1000

$1699 $849
SAVE $850

$1698 $1198
SAVE $500

$1149 $849
SAVE $300

$1399 $1049
SAVE $350

$1498 $998
SAVE $500

$2797 $2497
SAVE $300

$280 $230
SAVE $50

$799 $449
SAVE $350

$899 $549
SAVE $350

$420 $170
SAVE $250

$1699 $1149
SAVE $550

The Implications of a Centralized App Store and Centralization in General: Single Point of Failure

As always, one should be very careful in installing any software. My own policy is “only the absolute essentials needed for my work”.

MacWorld Magazine reports Researchers find more versions of digitally signed Mac OS X spyware.

The malware was initially discovered last week on the Mac laptop of an Angolan activist at the Oslo Freedom Forum, a human rights conference in Norway, by security researcher and privacy activist Jacob Appelbaum.

The most interesting aspect of KitM is that it was signed with a valid Apple Developer ID, a code-signing certificate, issued by Apple to someone named “Rajinder Kumar.” Applications signed with a valid Apple Developer ID bypass the Gatekeeper security feature in Mac OS X Mountain Lion, which verifies the origin of files to determine whether they pose any risks to the system.

Worrisome. I would like to hear Apple’s position on what has happened here. One does have to count on Apple’s vetting process for developers, which I do not want to count on myself.

OS X Security & Privacy preferences

The broader issue

The implications here go far beyond this case this case.

Do you put all your money and all your assets in one bank/broker? All your assets into one stock or bond? Why not?

As the Net and 'Cloud' become increasingly centralized and concentrated, the risks grow exponentially: massive physical data centers (physical attack) and massive virtual services (Apple AppStore, Amazon S3, etc). What a juicy prize (to a hacker).

Beyond any form of denial of service (blowing up a data center or cutting its power or data lines), and beyond taking out a specific service with a massive 'bot' attack, there are far more damaging possibilities.

Consider the “emperor ’s clothes” hazard of placing all your trust in a single party like Apple: with system updates and application downloads, compromising the Apple services or Apple digital signing process doesn’t just mean your machine might be compromised, it means 100 million or more. Or whatever. Talk about a mess (and I’m not singling out Apple here). And the risks mean governments too, not just organized brilliant hackers. What about a secret court order? Low odds of an “event” (we hope), but with massive potential for compromised systems.

No problem, just restore your system from... the central server!

As network researchers have shown, failure of even a few nodes of a global network can effectively take down the entire network in ways that are hard to imagine or even fathom. So in general, I look with unease on the way online services are trending and the rental of software from centralized servers.

I am not in favor of a centralized computing approach any more than I like the idea of having one huge power plant lighting up half a state— it’s just bad design, because there is no fault tolerance when everything relies on one provider.

In the ugly world we live in, the reality is that “cutting one cord” (using that figuratively) could take down the entire country economically, and put at risk millions of people as water, food, power are cut off by failure of power or transportation systems. As the ugliest case, consider an EMP pulse from a North Korean missile high in the atmosphere. But one need not worry about extremes to see that less extreme events could have very big implications.

Privacy

UPDATE: events after I wrote the above have exposed a look at the tip of the privacy iceberg and the sleezy underworld: the Snowden affair (massive constitutionally dubious government spying). Apple has issued a statement on customer privacy, but of course this is fairly meaningless in the context of secret court orders, and probably completely meaningless in some countries.

OWC Accelsior 4M2 PCIe SSD
6000 MB/sec!
Mac or PC.


Ideal for Lightroom, Photoshop, video.
Capacity up to 16TB!
OWC Thunderblade Thunderbolt 3 SSD

Blazing fast, up to 16TB.

YEE HAH!



√ No more slow and noisy hard drives!
OWC Envoy Express

World’s first Thunderbolt 3 M.2 NVME SSD enclosure.

Super fast, bus-powered, 3.3 oz, DIY easy, rugged and compact!


See also OWC Express 4M2
√ No more slow and noisy hard drives!
OWC Envoy Pro EX SSD
Blazingly fast Thunderbolt 3 SSD!

Up to 4TB capacity, USB-C compatible.

USB-C model also available


Great for travel or for desktop!

Save the tax, we pay you back, instantly!
View all handpicked deals...

Lexar 128GB Professional 2000x UHS-II SDXC Memory Card
$170 $120
SAVE $50

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__