Linked by Thom Holwerda on Sat 9th Feb 2013 01:01 UTC
Apple "Over the last half a week, Apple has been hit with the largest mass-hacking incident in its history. And the perpetrators were the company's own users. Nearly seven million iPhone, iPad and iPod touch owners have cracked Apple's restrictions on their devices using the jailbreaking tool Evasi0n since the tool was released Monday morning, according to the latest count from Jay Freeman, the administrator of the app store for jailbroken devices known as Cydia. That makes the iOS-hacking app the fastest-adopted jailbreak software of all time, Freeman says." Because, of course, only nerds and geeks jailbreak. There's also a technical analysis of the jailbreak.
Thread beginning with comment 551984
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: I ssee both sides of this
by hackbod on Sat 9th Feb 2013 07:26 UTC in reply to "RE[2]: I ssee both sides of this"
Member since:

As if. I know quite a lot of people with Android - phones and only the nerds understand permissions, not a single non-nerd. The availability of the permissions tab under Android has done fuck all about this. And why? Well, because you need to consciously seek them, you're not at any point asked about the permissions during normal operation, you're not allowed to change the permissions and they're way, WAY too vague to actually tell anything meaningful. You need to already have understanding about the topic to have even the vaguest idea about what each particular item on the permissions tab entails, and even then you're just not given enough details about any of them to really know if it's a good or a bad thing to allow it through.

While I would never claim that Android's permissions are perfect or anything like the end-all be-all that solves all security issues, they have certainly done more than fuck-all.

Two examples:

(1) It is not uncommon for Android applications that request excessive permissions to have people publicly complain about them and get the developer to clean up their act. This was honestly the best that I had hoped for with the permissions system: that they would raise awareness of what applications are doing to the people who care about this stuff and pay attention, who can then provide pressure and publicity to help protect normal users. And this has happened multiple times, and has helped all users of the platform.

(2) When my wife got her Android phone and started installing apps on it, she fairly quickly came across a game that needed permission to access her contacts. She was told this prior to the point of buying/installing the game (which is by design), got scared by the idea of this thing getting her contacts, and decided it wasn't worth it. This is a normal user, not a geek in any way, but it was clear enough to her that the app was going to be able to access her private data that she wasn't comfortable with. This is of course just one example, but we do put a lot of work into making the permissions shown to users as understandable as possible, and have continually done work to improve this, in pretty much every release, including the major update to the side loading permissions UI last year -- has some example screen shots. (To be honest, that screen shot is not the best example of what would stop a normal user from installing an app, since that app doesn't actually request permission to any personal data or other things that a normal user would understand or care about. One of our ongoing goals has also been to use other tools to reduce the number of spammy less interesting permissions applications must request to do certain things.)

Reply Parent Score: 3

WereCatf Member since:

but we do put a lot of work into making the permissions shown to users as understandable as possible

Well, you need to put a lot more work into it. When e.g. an application requests permission to use USB-storage what files, exactly, is it requesting for permission to use -- its own files, or all the files on the storage device? You never know because the system makes no distinction about this and certainly doesn't tell anything useful!

Also, the system makes no distinction between what features require what functionality -- is it core functionality that requires access to e.g. your contacts, or is it some extra functionality that not everyone will use? Nor does the system allow one to deny permissions, you either accept all the requested permissions as-is or you don't get to install the app at all.

(To be honest, that screen shot is not the best example of what would stop a normal user from installing an app

That screenshot is not the best example of a user installing stuff anyways because Average Joe doesn't install stuff from downloaded apks.

Reply Parent Score: 3