Article <v69ltj$3dqr1$6@dont-email.me>

Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connections
Warning: mysqli::query(): Couldn't fetch mysqli in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\index.php on line 66
Article <v69ltj$3dqr1$6@dont-email.me>

Deutsch English Français Italiano

<v69ltj$3dqr1$6@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!2.eu.feeder.erje.net!3.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Alan <nuh-uh@nope.com>
Newsgroups: misc.phone.mobile.iphone,comp.sys.mac.system,comp.sys.mac.advocacy
Subject: Re: Is everyone as blissfully ignorant as the Apple zealots are?
Date: Fri, 5 Jul 2024 13:43:31 -0700
Organization: A noiseless patient Spider
Lines: 80
Message-ID: <v69ltj$3dqr1$6@dont-email.me>
References: <v66duj$19j2$1@nnrp.usenet.blueworldhosting.com>
 <leo4v3Fkdk4U3@mid.individual.net>
 <v66v8d$1m0h$1@nnrp.usenet.blueworldhosting.com> <v672bj$6e7v$1@solani.org>
 <v69cnt$3cthk$1@dont-email.me> <v69esn$7sdm$1@solani.org>
 <v69ise$3dqr1$2@dont-email.me> <v69jgj$7utd$1@solani.org>
 <v69k8q$3dqr1$4@dont-email.me> <v69ld8$7vvs$1@solani.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 05 Jul 2024 22:43:31 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="085621f7384e2df0d001de5407d0d000";
	logging-data="3599201"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX19zKPBLdYr81WEPtM49LC0hh9xKqYHsxOc="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:fYSJG3EMpwgIcqTk/zNTbH1dsvw=
Content-Language: en-CA
In-Reply-To: <v69ld8$7vvs$1@solani.org>
Bytes: 4584

On 2024-07-05 13:34, badgolferman wrote:
> Alan <nuh-uh@nope.com> wrote:
>> On 2024-07-05 13:02, badgolferman wrote:
>>> Alan <nuh-uh@nope.com> wrote:
>>>> On 2024-07-05 11:43, badgolferman wrote:
>>>>> Chris <ithinkiam@gmail.com> wrote:
>>>>>> badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
>>>>>>> Andrew <andrew@spam.net> wrote:
>>>>>>
>>>>>> [snip typical nonsense]
>>>>>>
>>>>>>>
>>>>>>> Personally I think they are so invested in the perfection of Apple that
>>>>>>> they cannot bear the thought of there being flaws in its products. If
>>>>>>> someone exposes such flaws, it invalidates everything they stand for.
>>>>>>
>>>>>> The other side of the coin is that some people are so eager to find flaws
>>>>>> in Apple they forget to check basic facts. Like is this even anything
>>>>>> within Apple's control? Hint: nope.
>>>>>>
>>>>>>
>>>>>
>>>>> If Apple software is dependent upon someone else’s software, it’s Apple’s
>>>>> responsibility to ensure that software is safe. After all, it’s Apple who
>>>>> tells us they are focused on safety and security.
>>>>>
>>>>
>>>> Which you'll argue while at the same time arguing that Apple is wrong to
>>>> do what it can to increase safety and security by using an app store.
>>>>
>>>
>>> I have no problem with the App Store. But I do think the option to use
>>> other stores should exist, with all warnings and check marks required for
>>> you to advance. Apple shouldn’t be responsible for software they have not
>>> vetted and if the customer still wants it then they are culpable if
>>> something goes wrong.
>>
>> So now you say that Apple shouldn't be responsible.
>>
>> Make up your mind, huh?
>>
>>>
>>> But this is a different situation. Apple used someone else’s software and
>>> didn’t correctly vet that. It perpetuated itself deeper and has caused
>>> security problems now. That’s on Apple.
>>>
>>
>> CocoaPods is a dependency manager; a software tool you use to create
>> software. It manages the dependencies you're using. It isn't software
>> that itself winds up IN your software.
>>
>> So how could Apple reasonably check if some third-party software was
>> built using it?
>>
> 
> Maybe I misunderstood, but I thought this problem also affected the Apple
> software engineers.

Where did you read that?

> 
> In any case, I’m sure it’s virtually impossible to keep track of everything
> but a company that touts its safety and security presence must do more.
> Look at LastPass, they’ve become a joke.

Again:

What CocoaPods is is a tool used during software development for 
managing the libraries that a software developer uses, and after the 
software is deployed, the developer continues to use it to track updates 
to those libraries...

....but all of that takes place in a manner that is completely opaque to 
Apple.

There is no practical way for Apple to detect the fact that the 
developers of CocoaPods screwed up and created a system that let bad 
actors claim ownership of the "Pods" (external libraries) that CocoaPods 
tracks and insert malicious code in them.