Tim Cook Delivers Speech Emphasizing Apple's Opposition to Sideloading

[Sophisticatednut]

My expert statement versus your non opinion and non-expertise.

I think my one is more dependable. I have a 30 year unbroken perfect track record of knowing future trends and every multi million and multi billion dollar company who has taken my advice has done better business and improved their operational efficiency and security.

You utterly rejected the world of cyber crime, malware, spyware, murdered journalists, scams that have looted billions of dollars, ransomware that has looted billions of dollars, and the cyber attacks between super powers.

When someone reject these realities, and just call it ‘fear mongering’, one can confidentially state that:

- either they are unqualified and ignorant.

- or they are professional trolls who are paid to spread misinformation and help open the doors for more cyber attacks.

Absolute fud. And going to an extreme to spread unreasonable and unsubstantiated fear.

The question is, when iOS allows users and developers to install signed code not present in the AppStore.

Will the cybersecurity risks increase 100%, 10%, 1% or negligible to what it already is.

Will it go from 1 attack in a million to 2 attacks in a million? Or 100 attacks in a million to 110 attacks in a million.

There is a sliding scale of reasonable fear or unreasonable fear compared to the freedoms you ether sacrificed or gained.

Edit: do you stop using your car when the security risk of you crashing increases with 1% because the air pressure dropped 0.01%?

These are undeniable facts.

They are so unquestionable facts not even apple have the numbers or data to support their claims in a court of law when it came to the malware exposure and problems that exist on MacOS compared to iOS.

 

[ponzicoinbro]

Will it go from 1 attack in a million to 2 attacks in a million? Or 100 attacks in a million to 110 attacks in a million.

So you don’t know how malware, botnets and viruses spread by themselves.

Well done.

BTW, it only takes 1 high profile cyber attack to badly harm a nation or a company.

1 attack against a CEO. 1 attack against a president or prime minister.

That’s why they often have custom locked down devices.

When they don’t, they find out the hard way.

 

[Sophisticatednut]

So you don’t know how malware, botnets and viruses spread by themselves.

Well done.

I know, it’s still a question of severity. They can spread irrespective of apples AppStore rules or apple’s review process that have the security of the TSA. Security by obscurity. We already have numerous cases of malware being infected on politicians iPhones.

BTW, it only takes 1 high profile cyber attack to badly harm a nation or a company.

1 attack against a CEO. 1 attack against a president or prime minister.

In What way is my phone’s secure an issue with apples internal server security they use?

This is already a possibility. They just have to download one wrong app on the AppStore, one wrong text message or one malicious link in their mail to ether compromise their entire device or brick their device beyond repair.

How does this reality (that we already live in) change if users can install signed apps(like the Mac) without interacting with the AppStore?

That’s why they often have custom locked down devices.

The president or the CEO as you said already have custom locked down devices. How is it a hindrance to consumer devices?

When they don’t, they find out the hard way.

So they can make the iPhone even more secure for their personal use.

 

[ponzicoinbro]

We already have numerous cases of malware being infected on politicians iPhones.

Pretty bad isn’t it.

Imagine if that was a systemic problem that affected almost everyone in the world. A systemic problem only means a small percentage of citizens being attacked to cause a very large ripple.

Nobody would forgive a device manufacturer or operating system developer for not preventing it.

It would be a disaster for society and PR disaster for companies and governments.

It’s like taking absolutely no preventative action against a pandemic or organized crime grabbing hold of parts of societies.

Just look at the way oligarchs side loaded themselves into society and now that they are being sanctioned citizens are asking why were they allowed to buy up property and buy up politicians in the first place.

Or the way extremist groups like ISIS side loaded themselves into Middle East or Q-anon side loaded themselves into the minds of so many Americans. Only takes a small number to cause a lot of harm.

This side loading issue should be seen in a broad context of national security.

It’s not just about “apps”. It’s about the way data and information travels, from device to device, from mind to mind.

Anyone who isn’t seeing it that way has entirely missed the big picture of what is happening in the world right now.

We are fighting for civilisation. If nobody wanted to harm us or turn back the clock to the 17th century it would be a different story.

I said enough.

If that doesn’t sink in nothing will. Good luck with your life.

 

[Lihp8270]

Pretty bad isn’t it.

Imagine if that was a systemic problem that affected almost everyone in the world. A systemic problem only means a small percentage of citizens being attacked to cause a very large ripple.

Nobody would forgive a device manufacturer or operating system developer for not preventing it.

It would be a disaster for society and PR disaster for companies and governments.

It’s like taking absolutely no preventative action against a pandemic or organized crime grabbing hold of parts of societies.

Just look at the way oligarchs side loaded themselves into society and now that they are being sanctioned citizens are asking why were they allowed to buy up property and buy up politicians in the first place.

Or the way extremist groups like ISIS side loaded themselves into Middle East or Q-anon side loaded themselves into the minds of so many Americans. Only takes a small number to cause a lot of harm.

This side loading issue should be seen in a broad context of national security.

It’s not just about “apps”. It’s about the way data and information travels, from device to device, from mind to mind.

Anyone who isn’t seeing it that way has entirely missed the big picture of what is happening in the world right now.

We are fighting for civilisation. If nobody wanted to harm us or turn back the clock to the 17th century it would be a different story.

I said enough.

If that doesn’t sink in nothing will. Good luck with your life.

Would you therefore be in favour of locking down Linux so you cannot install applications other than from an officially support and moderated store?

Are you in support of preventing apps being downloaded in MacOS other than via the App Store?

Would you support the prevention of installing apps on Windows other than through the Microsoft store?

 

[BaldiMac]

The EULA is unenforceable in the EU.

People say the same thing about SLA's in the US. They are also wrong. A SLA/EULA is as enforceable as any other contract. Like other contracts, specific clauses may not be enforceable when the conflict with the law.

For example:

EU: infringement of software license agreement can result in an intellectual property infringement

The Court of Justice of the European Union (CJEU) ruled that the failure to comply with a clause relating to intellectual property rights in a…

www.lexology.com

Once you purchase software it is yours to do with as you wish.

That's obviously not true.

 

[Lihp8270]

People say the same thing about SLA's in the US. They are also wrong. A SLA/EULA is as enforceable as any other contract. Like other contracts, specific clauses may not be enforceable when the conflict with the law.

For example:

EU: infringement of software license agreement can result in an intellectual property infringement

The Court of Justice of the European Union (CJEU) ruled that the failure to comply with a clause relating to intellectual property rights in a…

www.lexology.com

That's obviously not true.

Every EULA would need to be tested individually by a court.

But generally if you’re not required to agree to the EULA prior to purchase the vendor/developer will have a very difficult time to enforce it. Unless you have reasonable time and opportunity to return the software for a full refund if you disagree to the EULA.

EULA within the EU at least are also unenforceable if they are too vague or are too complex for a lay person to properly understand.

 

[Sophisticatednut]

Pretty bad isn’t it.

Imagine if that was a systemic problem that affected almost everyone in the world. A systemic problem only means a small percentage of citizens being attacked to cause a very large ripple.

Speculation at best as we don’t have any data to support the worst case conclusion.

Nobody would forgive a device manufacturer or operating system developer for not preventing it.

It would be a disaster for society and PR disaster for companies and governments.

Microsoft, google and apple seems to be forgiven and the sky didn’t fall down.
Windows is open, android is open, macOS is open and a million other companies and software are openly allowing people to install their own software. The internet is practically built upon Linux, software so open its source code is open for anyone to peek and modify it.

It’s like taking absolutely no preventative action against a pandemic or organized crime grabbing hold of parts of societies.

Or it’s like Sweden, having preventative measures and telling people what they should do without forcing them.

Just look at the way oligarchs side loaded themselves into society and now that they are being sanctioned citizens are asking why were they allowed to buy up property and buy up politicians in the first place.

Or the way extremist groups like ISIS side loaded themselves into Middle East or Q-anon side loaded themselves into the minds of so many Americans. Only takes a small number to cause a lot of harm.

Side loading doesn’t even hold that meaning you present it.

It would be like saying freedom of speech and thought are responsible for. And that’s unfortunately the price you pay with freedoms with responsibility. You reap both the benefit and the harm if you believe in q-anon, or you can live under a ruler who tells you how wand what to think and treat you like children

This side loading issue should be seen in a broad context of national security.

It’s indeed national security, in the same vein like the patriot act was for security.
And fascist as you described earlier love to remove your freedoms in the name of security

It’s not just about “apps”. It’s about the way data and information travels, from device to device, from mind to mind.

And unfortunately the trust and options should be up to people. Companies aren’t good or virtuous, they have their own self interests. And compared to what the state can do to people, it’s a billion times easier to pressure private companies to control the narrative or the flow of information in the interest of the government.

Anyone who isn’t seeing it that way has entirely missed the big picture of what is happening in the world right now.

It’s not a question of missing the bigger picture, but a question of priorities. Freedom and maximum personal responsibility vs dictatorship and minimum personal responsibility

We are fighting for civilisation. If nobody wanted to harm us or turn back the clock to the 17th century it would be a different story.

So you are full onboards with the American governments reasoning after 9/11? Maximum security at the cost of freedom and responsibilities? I think I rather take the European route of more personal freedoms and rights in the private market. Compared to companies having all the control.

I said enough.

If that doesn’t sink in nothing will. Good luck with your life.

Thank goodness EU are the consumer side.

 

[BaldiMac]

Every EULA would need to be tested individually by a court.

Nope. As I said, individual clauses may be unenforceable if they conflict with the law, just like any other contract.

But generally if you’re not required to agree to the EULA prior to purchase the vendor/developer will have a very difficult time to enforce it. Unless you have reasonable time and opportunity to return the software for a full refund if you disagree to the EULA.

EULA within the EU at least are also unenforceable if they are too vague or are too complex for a lay person to properly understand.

An SLA/EULA is enforceable in the EU. Just like any other contract.

For example:

CJEU: Breach of a Software Licence Agreement Considered an Infringement of Intellectual Property Rights - Hannes Snellman Finland

www.hannessnellman.com

 

[Sophisticatednut]

Nope. As I said, individual clauses may be unenforceable if they conflict with the law, just like any other contract.

Unfair contract terms directive

Details of an EU law related to the language of consumer contracts that aims to prevent imbalances in the rights consumers and sellers/suppliers.

ec.europa.eu

Standard contract terms have to be drafted in plain intelligible language and ambiguities are to be interpreted in favour of consumers.

Contract terms are unfair and, therefore, not binding on consumers if, contrary to the requirements of good faith, they cause significant imbalance in the parties’ rights and obligations to the detriment of the consumer.

An SLA/EULA is enforceable in the EU. Just like any other contract.

For example:

CJEU: Breach of a Software Licence Agreement Considered an Infringement of Intellectual Property Rights - Hannes Snellman Finland

www.hannessnellman.com

Only if the terms are provided before purchase. If terms are provided afterwards then it doesn’t matter

EU highest court says software licence terms can be ignored

In 2012 the European Union's highest court, The Court of Justice for the European Union (CJEU) in the case UsedSoft v Oracle made the following…

www.lexology.com

 

[ponzicoinbro]

Speculation at best

I left it as is. Take it or leave it. You didn’t have to write dozens of more sentences of amateur and ignorant stuff.

I don’t speculate.

I arrived at these positions after 30 years of seeing everything that is happening.

My observations are spot on. Not one fallacy otherwise I would know it before I even type it.

My conclusions are mirrored conclusions of every serious security firm and researcher.

They are the same thing Cook and Apple are highlighting because as the biggest tech firm they are obviously seeing cyber attacks around the clock. Their security teams are telling it as it is.

I have also seen certain things that I have alluded to but cannot speak about otherwise it would be dangerous and you would panic and never sleep. There are terrible things going on by terrible people that are best left to intelligence agencies and the good side of tech.

I want side loading in the perfect world. I cannot have side loading or support sideloading because of the world we live in today.

 

[BaldiMac]

Standard contract terms have to be drafted in plain intelligible language and ambiguities are to be interpreted in favour of consumers.

Contract terms are unfair and, therefore, not binding on consumers if, contrary to the requirements of good faith, they cause significant imbalance in the parties’ rights and obligations to the detriment of the consumer.

Correct. Just like any other contract.

Only if the terms are provided before purchase. If terms are provided afterwards then it doesn’t matter

EU highest court says software licence terms can be ignored

In 2012 the European Union's highest court, The Court of Justice for the European Union (CJEU) in the case UsedSoft v Oracle made the following…

www.lexology.com

Again, the case you cited has nothing to do with your point. UsedSoft v Oracle is about transfer of a software LICENSE. Which contradicts your claim that the license doesn't matter.

 

[Sophisticatednut]

Correct. Just like any other contract.

And what’s not standard is you can’t have a terms of use or conditions for how private expertly is to be used.

Again, the case you cited has nothing to do with your point. UsedSoft v Oracle is about transfer of a software LICENSE. Which contradicts your claim that the license doesn't matter.

Again you should read the court case. A small snippet the consequences of this ruling:

This decision does not mean only that software developers cannot prevent second hand sales of their software by their European licensees. It means software licence agreements and all their terms and conditions (not just the one prohibiting transfer) can be ignored by European courts if the licence period is indefinite, and probably even if it is tied to the lengthy period of copyright in Europe - 70 years after death of last surviving programmer. Such a licence will be regarded as a simple sale and sales of personal property cannot be tagged with conditions on how the property can be used.

What the Court said

Under the EU's software copyright law (Software Directive 2009) the first sale in the EU of a copy of a computer program by the right-holder, exhausts the distribution right (provided by copyright) within the EU of that copy. Oracle argued there was no sale as its licensees did not own the copy on their servers but were merely licensed to use it. The CJEU said a sale was "an agreement by which a person, in return for payment, transfers to another person his rights of ownership in an item of tangible or intangible property belonging to him". It said that Oracle's licence transaction coupled with making available the software by download to its customers for their permanent use constitutes a 'first sale ... of a copy of a program' with the result that under the Directive Oracle's right to control further distribution was extinguished

 

[BaldiMac]

And what’s not standard is you can’t have a terms of use or conditions for how private expertly is to be used.

I think you have some typos or some words missing in that sentence.

Again you should read the court case. A small snippet the consequences of this ruling:

This decision does not mean only that software developers cannot prevent second hand sales of their software by their European licensees. It means software licence agreements and all their terms and conditions (not just the one prohibiting transfer) can be ignored by European courts if the licence period is indefinite, and probably even if it is tied to the lengthy period of copyright in Europe - 70 years after death of last surviving programmer. Such a licence will be regarded as a simple sale and sales of personal property cannot be tagged with conditions on how the property can be used.

What the Court said

Under the EU's software copyright law (Software Directive 2009) the first sale in the EU of a copy of a computer program by the right-holder, exhausts the distribution right (provided by copyright) within the EU of that copy. Oracle argued there was no sale as its licensees did not own the copy on their servers but were merely licensed to use it. The CJEU said a sale was "an agreement by which a person, in return for payment, transfers to another person his rights of ownership in an item of tangible or intangible property belonging to him". It said that Oracle's licence transaction coupled with making available the software by download to its customers for their permanent use constitutes a 'first sale ... of a copy of a program' with the result that under the Directive Oracle's right to control further distribution was extinguished

It's pretty funny that you are quoting a company that specializes in reselling license codes for a legal opinion.

Again, all the case is about is whether you can resell currently valid licenses. The ruling simply extends your distribution rights to the sale of your license. It doesn't invalidate the license.