Yeah new policy sucks, Steve won't change it even if you send thousand of letters, sometime he might bother to answer, but it'll be the same thing.
Although if he answers, that's great, because then you can publish it again and HN can be flooded with more "letters to Steve" and "Apple stole my teddy bear" stories.
I have written a letter about specific techniques that I suspect are covered under the ban that should not be. I don't intend to publish either it, or if I get a response, the response. Frankly, one shouldn't be publishing these notes without permission from Steve Jobs; this is no different than publishing other email.
I'm hopeful that my letter causes change, but I haven't asked for an outright removal of the ban, but a clarification on these techniques.
Even though it's insane all developers will suck it up as Apple has the power (boat load of users) and developers want to make money. They'll suck it up and keep developing what they are developing.
From Apple point of view this makes perfects sense, they are not loosing anything. They know as soon as they can keep the end-users happy developers will come. That what has been happening and it'll keep that until someone else comes up with a better marketing + product and take over a big chunk of the market. And Android is not ready for that kind of action yet.
"It is perhaps reasonable to specify the nature of the programs that can be sold in the AppStore. It is not reasonable to specify how developers create those programs so long as the end result meets the specified end result criteria."
Can you see the pattern?
About a couple of months ago we were swearing to Apple because of AppStore policies, and now AppStore policy to ban random apps is acceptable since they introduced even more ridiculous terms.
Why the hell one opens a website to choose password and serve it over clear-text (HTTP)?
Isn't that ironic? Trying to make something secure by actually making it totally insecure?
(Before someone jumps, even it's JS it doesn't mean safe against MITM as someone can inject JS before it loads and send all keystrokes to another server)
Seems like the real threat here is training a user that it's ok to use third party web sites to tell them what password to use. That's a very bad habit.
- If you don't like the person don't help, don't talk, walk away. Save your time.
- If you are not going to execute the idea give it to someone else so at least you'll help the world to be a better place (assuming you are not working on efficiency of drug smuggling)
- If you are going to do the idea yourself you don't say it to anyone, obviously!
- If you like the person and if you are not going to do the idea by yourself and still refuse the share ideas. "What's your problem?"
Maybe not everyone is aware so I want to point out these issues:
1. Don't use it if the page is over SSL (it'll include external JS over HTTP which means that you are vulnerable to MITM)
2. Don't use it if the website carries "sessionid"s over URL
3. Keep in mind that arc90's JS can actually read the cookies (I'm not saying they are but they can). That means if someone hack into their systems they can access to cookies in used websites. (think XSS). Obviously by using it you trust instapaper guys with your account in the active website.
Developers of Readability should point out these security issues clearly in their website.
