I don't think many (outside of perhaps Apple PR?) have argued that fingerprint security is great, absolutely speaking. Relatively speaking, however, it is great, as many phone owners would otherwise not have any sort of locking security on their devices at all. Yes a fingerprint unlock is hackable, but it's a lot less hackable than your phone being open from the get go.
I think Apple are pretty aware of the limitations - they don't accept TouchID on first login after a restart, for the first purchase after a restart, if it's been 48 hours since an unlock or for resets/major config changes. For that you either need the PIN or, if you've opted for more security, the password.
Overall it feels that Apple's take is for day to day login it's better than a four digit PIN and it's better than no PIN.
>they don't accept TouchID on first login after a restart
That's because the hash of the print is stored on an encrypted volume of some kind, which requires your regular password to decrypt after a cold boot. Once the hash is in memory, the fingerprint can be used instead.
I'm not sure I'm following what you're saying a 100%, but based on this [1] i don't think the fingerprint hash is ever in memory. The TouchID camera sends the fingerprint hash directly to the secure enclave, where it is compared to the one saved there, and then the secure enclave sends a yes or no to memory, at least that's my interpretation
Is it because of that, or is it implemented that way because they wanted to ensure that TouchID couldn't be accepted after a fresh restart? I think you may have the causality backwards, since they could have easily stored things in such a way that your fingerprint worked after a fresh reboot if they wanted to.
Exactly. Touch ID (hopefully!) isn't designed to protect against a sophisticated adversary with time for preparations; it only has to hold out as long as it takes the device owner to realize that their gadget has gone missing. In the case of Apple Pay, they can then immediately disable the payment functionality.
Of course, this doesn't help against a sophisticated attacker who is interested in the data on a device; in that case, a secure passphrase would be preferable.
Unfortunately, it seems like iOS doesn't allow using different authentication methods for payments and for device unlocking; it would be really nice to be able to use Touch ID for the former, and a passphrase (or even a passphrase AND a fingerprint!) for the latter.
I used to be employed by a bank that gave me a such a system with TPM and secure BIOS with fingerprint reader.It was a dell one if i remember and used to take quite a lot of time with even simple things like booting.It was a specific project!
Even if the app is only around and viable for a year, if you use it every day, is it really so hard to justify spending $20 on it?
I'm really glad we have companies like Tapbots, Panic, etc., pushing against the "race to the bottom" trend with app prices that we've seen lately. Good apps are HARD to do, and there's no reason they shouldn't command a price commensurate with the effort involved.
>Even if the app is only around and viable for a year, if you use it every day, is it really so hard to justify spending $20 on it?
That's exactly what I'm worried about. It COULD be a year (and in that case, yes, it would be worth it), but no one can guarantee that. It could be tomorrow for all we know. And that is why I say it's a gamble I don't really want to take on a social networking app (no matter how nice the UI/UX is).
It's worth more to me to just use the browser Twitter app (has a few flaws but isn't THAT bad) for free then take a huge risk with $20.
> That's exactly what I'm worried about. It COULD be a year (and in that case, yes, it would be worth it), but no one can guarantee that. It could be tomorrow for all we know.
If they stopped supporting it tomorrow, it wouldn't disappear from your device. The earliest it would possibly break would be in the next major OS upgrade.
Y'know, in about a year.
The idea that a measly $20 is too much to pay for months of engineering and design work up to now, let alone going forward, is utterly absurd.
I'd expect it from Joe Random Entitled-Guy, but I'd expect a higher standard from HN, where presumably the sentiment is that devs ought to be able to subsist above the poverty line.
> If they stopped supporting it tomorrow, it wouldn't disappear from your device. The earliest it would possibly break would be in the next major OS upgrade.
That's not true at all. Twitter could revoke their API access or something that could break it tomorrow. Yes the actual app may still be on my device but nothing says it will actually still be able to work. That is all in Twitter's hands.
> The idea that a measly $20 is too much to pay for months of engineering and design work up to now, let alone going forward, is utterly absurd.
That is their decision to make this bet. If I were to spend years and years making the perfect toaster and I charge $1,000 for it (to pay for the engineering and design work), you're saying it's absurd NOT to buy it? It's actually the opposite. It's absurd to assume that just because someone puts engineering and design into a product, that it automatically makes the product worth X price.
> If I were to spend years and years making the perfect toaster and I charge $1,000 for it (to pay for the engineering and design work), you're saying it's absurd NOT to buy it?
It's never absurd to choose not to buy anything. But your analogy gets in the way of what is absurd. We're not talking about charging $1000 dollars (the same price as a nice laptop, a middling DSLR, or a crappy used car) for a toaster.
We're talking about $20 (the same price as a delivered pizza, a middling steak, and less than two tickets for an hour and a half movie) for a polished piece of software.
What's absurd is asserting that that's too much to ask for the product of months of engineering and design work. You certainly don't have to buy it! It's totally ok if it's not worth $20 of your money, to you.
But asserting that the authors ought to value their work less than a pizza, that they're doing something wrong by asking a not-unreasonable pizza-money price for it, is entitled, race-to-the-bottom mentality crap.
Engineers are expensive, iOS engineers doubly so. This meme that their work is worth less than a candy bar, let alone a pizza, is a toxic devaluation of the worth of every engineer working in the software field
coda: They're currently both the #2 paid app and #2 top-grossing app in the App Store, so the demand is certainly there at $20. Devaluing their work by launching at less would have accomplished nothing but leaving money on the table.
Value is determined not by the amount of work put into it, but by the precedent set by the market. So long as there are free and sub-$3 clients, $20 is anomalous.
What gets me most about arguments like these is that you are pulling numbers out of thin air. You assert that $.99 is too little for an app, but provide no context nor any evidence to support that. Give me a number that demonstrates the monetary value to the consumer of an hour of development. You can't.
Insofar as there is no absolute value of development time— and, therefore, of apps— the only way to gauge value is based on market precedent. If everyone else is charging $2 for their apps, yeah, $20 is too much.
> Value is determined not by the amount of work put into it, but by the precedent set by the market.
directly contradicts:
> If everyone else is charging $2 for their apps, yeah, $20 is too much.
Let this sink in: Tweetbot for has been out for less than 24 hours. It is already #2 in sales and #2 in Mac App Store revenue.
The market completely disagrees with your latter statement.
What you're seeing here isn't that $20 is too much given that everyone else is selling at $2.
Rather, what you're seeing is that everyone else, operating under the received "wisdom" that apps are worth less than a cup of coffee, are leaving absolutely staggering amounts of money on the table by being afraid to ignore the nonsense and ask for real value in return for their work.
It's been one day. That is too short a period of time to determine anything. Given the rush of people buying it on the first day, a high rating is to be expected. What is your point?
Incidentally, I do think that apps ought to cost less than $4, because that is the precedent that has been set. If Tweetbot would prefer to charge the inordinate sum that they are, that is their choice. But, so long as people are selling great clients for much less or for free, that will be the standard and that will be the point from which I judge value.
It's the "iPad Killer" syndrome all over again. How many times has the iPad's or iPhone's death (and preceding that, Apple's) been predicted? And how many times has it actually happened?
I feel like every journalist who expresses this sentiment is hoping beyond hope that this time, this article, is the one that turns out to be timely and correct. But it's been a stupid bet thus far.
If you think a Linked List Item (on DF) is the same as a reference to a source article contained within an article that itself regurgitates wholesale the content of the linked piece, then you just don't get it.
> I'm sure that a lot of people with flash video delivery systems did not particularly enjoy converting to h.264
Flash is a wrapper, not a codec, and has in fact supported H.264 encoded video for some time. A "switch" from Flash to (likely MP4 wrapped) H.264 entails only removing the Flash wrapper, not a re-encode of the content. Apple not supporting Flash is not the same thing as Google not supporting H.264 (codec != container).
I know full well that Flash is not a codec; I never implied as such. The point is, many people served a non-h.264 codec through flash, and so they would not have just been able to supply the same source video through a <video> tag rather than through flash.
I don’t think Theora and VP8 were widely used before the first browsers gained support for the <video> tag. Does Chrome support other codecs than those two?
Flash...has in fact supported H.264 encoded video for some time.
Could someone offer a citation for this? My understanding has been that the codec typically used for Flash video has long been almost-H.263, not H.264. Wikipedia, for what it's worth, currently reflects that version of history, saying "Commonly, Flash Video FLV files contain video bit streams which are a proprietary variant of the H.263 video standard", and "The most recent public releases of Flash Player...also support H.264 video".
The "what" being that, assuming the ideal is a move away from proprietary technologies like Flash, supporting WebM alone in the current environment is likely to have the opposite effect (and thus hurt web open standards, at least in the short to medium term).
I too liked Chrome's support of both WebM and H.264. Theirs is a disappointing move.
When the world gets into H.264 there's no way back but waiting for 20 years for patents to expire.
This was the last chance to at least try to keep the web video both open and free. It's a far shot, but it's at least a try. Before this move, the game seemed beyond lost, now it is only probably lost.
Flash will support WebM too, Skype is using it, so there are some chances. It's a very long way off, but now WebM has a fighting chance.
Too late. Seriously. The world got into H.264. We're here. It's it. What is WebM's fighting chance? Did you read the article? Do you have any counter points to Gruber's thesis? The web will continue to use H.264 and all Google is doing is ensuring that Chrome users (myself included) just get H.264 video in a flash wrapper. If we get WebM through Google/YouTube then great, but nobody else is going to bother serving it to us... why would they?
Only something incontestably better than h.264 will replace it. The consumer electronics industry doesn't waste resources going sideways, only forward.
I'm surprised Gruber didn't also pose a question about the murky patent landscape re: WebM. If Google decides to throw their full weight behind WebM, it wouldn't be at all surprising to see some legal action on the part of MPEG-LA.
That said, the "Who is happy about this?" question smacks as slightly unfair given Gruber's unabashed approval of Apple's decision to not support Flash (albeit, I too support this decision as a web developer).
Addendum: whereby I mean to say that there are undoubtedly numerous users who have been "harmed" (whether they know it or not) by the lack of Flash on iOS devices (e.g., because they could not view a given website on their device), even if the removal of Flash will be good for the web in the long term.
> That said, the "Who is happy about this?" question smacks as slightly unfair given Gruber's unabashed approval of Apple's decision to not support Flash (albeit, I too support this decision as a web developer).
The "Who is happy" test for Flash passes, though. I, for one, have desperately yearned for the death of Flash for years before Apple partisans took up the mantle. Why? I was partly responsible for maintenance and analytics of a terrible flash website that, superficially, looked kind of neat. All you have to do is have this trash plugged into something mission critical to start wishing for its demise.
And I'm not alone. Flash is a crappy, frustratingly ubiquitous technology whose marginalization is a godsend for anyone who cares about a usable web. Anyone who has ever tried to use a restaurant website is happy about the end of flash.
For one, millions of people play Flash games. They would not be happy if Flash was gone.
For a long time Flash was the best way to deliver video on the web. People who watched those videos would not be happy if Flash was gone.
Flash succeeded on the web based on merits, despite being in a relatively hostile environment (as every plugin is by the virtue of not being bundled with a browser and needing a separate action to install it).
The fact that it became ubiquitous is evidence that most people wanted it to have hence would be not happy if they didn't get it.
Your position on flash is valid as a personal opinion but you're wrong that Apple's decision to not support Flash passes "happy" test for their customers and users. It's just one more example of Apple's doing what Apple wants, users be damned; of arrogance born out of success.
"Who would be happy?" != "Would a majority be happy?"
I didn't assert everyone would be over the moon with Flash gone. I'm saying that you don't have to look hard for people who would be. Killing H.264, a popular format, in a growing browser is much more of a headscratcher.
>Apple's doing what Apple wants, users be damned; of arrogance born out of success.
I think you've got that mixed up. Apple's success is a function of its arrogance. Every smash hit they've had came from arrogance, whether you pick the iMac, with its embrace of USB, to iTunes, with its crazy, user-friendly licensing, or the iPod, with its paltry storage space and simplistic UI, or the iPhone, with its lack of a keyboard or stylus... etc.
Apple's success comes from having the balls to say "Fuck you guys, we're doing it this way, because it's better." As usual, they got it right with Flash. And history has shown that in the end, users were at the very center of those decisions, even if the consequences were initially unfamiliar.
Killing H.264, a popular format, in a growing browser is much more of a headscratcher.
H.264 is not open. WebM is. WebM also has the technical quality to rival H.264 (which Theora does not) Certainly there are downsides to this decision but doesn't seem like a total headscratcher to me.
And history has shown that in the end, users were at the very center of those decisions, even if the consequences were initially unfamiliar.
You realize you could say the exact same thing about Google's decision now?
Has mp3 not being "open" prevented people from making, listening to, and sharing music? Have Linux MP3 players been erased from the face of the earth by evil patent trolls?
I'm aware that the software world, and FOSS in particular, frequently bumps heads with this patent nonsense. But throwing existing technical solutions out the window to deal with a broken legal/economic complex seems backwards.
(There are parallels that could be drawn to Apple's blocking of Flash, but that arguably has as much to do with quality as openness/control. Flash's performance and stability is contentious at best. H264, on the other hand, is typically regarded as a best-of-breed codec.)
Just as an interesting datapoint, SanDisk (the number two "mp3" player manufacturer the last time I checked) has dropped AAC support from some of their recent models, while still supporting free formats like Vorbis and FLAC, as well patented ones like as mp3 and WMA. Obviously the fees can have an impact even on big names.
> Anyone who has ever tried to use a restaurant website is happy about the end of flash.
Anyone in the small user segment who knows what Flash is and can discern when they are or are not using it? My mother has been using the internet regularly for 10 years and I doubt she knows what Flash is or is impeded by sites using it.
I'd like for Flash to disappear, too, but don't buy this notion that it's hated beyond certain geeks and special cases.
In a similar vein, anyone who cares about being build their own encoder or decoder for web video (or even just anyone who wants to compile from source their own build of a codec) is happy about having an unencumbered web video format instead of H.264.
> it wouldn't be at all surprising to see some legal action on the part of MPEG-LA
It would be pretty unlikely actually. MPEG-LA has been threatening about Vorbis for the last 11 years and nothing has happened so far, same thing with theora. The last thing MPGEG-LA want is to reveal what patents exactly are being used by WebM (if any), they'd rather spread FUD and make companies pay for licenses out of fear like they always have as the patent troll that they are. I (and probably Google too) would actually love for them to start suing so we can finally debunk those patents, which is why they probably won't.
The difference being that Vorbis has almost no commercial traction. If large, popular services (like YouTube, for instance) decided to go with a codec like WebM, the MPEG-LA might finally decide to make good on those threats.
YouTube announced months ago that they're transcoding pretty much everything they have to WebM. They've been working on it ever since; a significant fraction of YouTube videos are available in WebM right this second.
Vorbis is being used in many of the biggest games, the gaming industry is a multi-billion dollar one, why not sue them? Doesn't make sense unless they really secretly hate google and only want to sue them...
True, but Vorbis is an audio spec, not a video one. Theora, which would arguably be more on MPEG-LA's radar, is used in only a handful of titles: http://wiki.xiph.org/Games_that_use_Theora
* Apple has a very well documented case that Flash contributes to significant instability on their platform, hence they didn't want it on iOS
* Flash was/is a significant consumer of CPU cycles, resulting in reduced battery life, which didn't allow them to meet performance targets
Regardless of your position on Flash as a proprietary piece of software, its presence would have had a very real impact on the performance and reliability of Apple's product at launch. That's not to say there wasn't an ideological component, because Steve Jobs himself included one in his anti-Flash rant, but I find it a little easier to excuse apple for leaving Flash out in the cold on iOS than I do Google shutting the door on H.264.
Not disagreeing with Apple's case against Flash, but at the same time Google also has pretty strong reasons to actively try to bring H.264 down, both as a browser maker and a video site operator.
