Late last night I posted to the comments section of the startup news site Hacker News that the code Apple uses is open source and so the bug should be easy to spot: https://news.ycombinator.com/item?id=7279261
I get a reply with the function, proving that the Internet works. And then an SSL expert at Google writes a blog post: https://www.imperialviolet.org/2014/02/22/applebug.html and The Guardian covers it and my Hacker News thread: http://www.theguardian.com/technology/2014/feb/22/apple-ios-software-hacking-risk
Kind of cool to see what impact there is in simply saying what the smart attackers already knew: the code is open source. As the problem was stated baldly in the security notice for the patch, I'm hoping open source will lead to responsible (private) disclosure of other bugs, once the code for 10.9.2 is published.
TL;DR Most modern browsers can animate these four properties cheaply. If you animate anything else chances are you'll bust your frame budget and miss out on 60fps.
Some fun ones in there too: "Deleting an image from the asset library did not delete cached versions of the image. This issue was addressed through improved cache management."
Another: "Safari may have autofilled user names and passwords
into a subframe from a different domain than the main frame. This
issue was addressed through improved origin tracking."
Or: "A person with physical access to the device may be able to
disable Find My iPhone without entering an iCloud password"
Wait, you can launch FaceTime audio calls from Safari? :@ "Safari did not consult the user before launching facetime-audio:// URLs. This issue was addressed with the addition of a confirmation prompt."
Oh and Apple also credited someone for exploiting a bug in mp4 encoding and posting it as a video link: http://www.ifans.com/forums/threads/clicking-this-link-will-crash-your-iphone-blue-screen.401510/
As an aside ... Having just seen that one guy in Finland made roughly $55k from bug bounties for Chrome, I wonder if I could make a side job out of security research. Might learn quite a bit too. :)
Or if you have to, fine, but here's a #ProTip:
Portrait-Landscape-Portrait-Landscape-Portrait in under 5 seconds while the keyboard is out ... would be a good time to take a bug report.
I can't tell you how many times I've shaken my phone in anger after that frustrates me. You can bet a bigger iPhone won't have this issue.
In fact, though I only know this as a developer who pays close attention to their videos, Apple waits until you tap the screen before they perform certain rotations -- that's how I learned if a device doesn't rotate, tapping the screen wakes it up. By now if they're smart, they've added "a quick shake," too.
Contrary to current code, rotating the screen is (a) context dependent and (b) not always necessary. At the very least, pop up a bar that says undo rotate or lock screen.
Android Studio 0.4
New: Additional Source Folders
If you have flavors, you can now have a variant specific source folders, for instance:
Note the camel-case naming, with lower case for first letter.
Their components (res, manifest, etc...) have higher priority than components from build type or flavors.
If your project has more than one dimension of flavors, there is also a source folder for each flavor combination (same as above without the build type). For instance:
Note that this is for all combinations of all dimensions. Its priority is higher than single-flavor source sets, but lower than build-types.
This is only for application projects, not library projects.
Revamped lint integration. Lint is now run as part of the check task, and will analyze all variants and then merge the results and create a report which lists which variants each error applies to (unless an error applies to all variants). You can also run lint on a specific variant, e.g. lintDebug or lintFreeRelease.
Lint will no longer report errors in AAR libraries. This version of the plugin also picks up some new lint checks.
A new DSL allows configuration of lint from build.gradle. This is read and used in Studio.
See 'basic' sample.
Build Config improvements
DSL Changes: buildConfigLine is replaced by buildConfigField:
buildConfigField "boolean", "MY_FLAG", "true"
You can override fields defined in default config in flavors or build types.
See 'basic' sample.
Build Config also now automatically contain more constants for PACKAGE_NAME, VERSION_CODE, VERSION_NAME, BUILD_TYPE, FLAVOR as well as FLAVOR_<group> if there are several flavor dimensions.
Support mode is now enabled. This will allow using Renderscript on older devices.
See 'rsSupportMode' sample.
DefaultConfig and flavors can be configured to package a subset of resource configurations.
All values from the default config and flavors get combined and passed to the -c option in aapt.
See 'basic' sample.
Switch to ProGuard 4.10
Added ability to test proguarded (obfuscated) apps.
Misc fixes and improvements
Jar files are now pre-dexed for faster dexing.
Incremental dexing is currently disabled, as we have uncovered some issues.
New test-related DSL properties on defaultConfig and flavors:
testHandlingProfiling: boolean, fills in the handleProfiling attribute on the instrumentation node in the manifest.
testFunctionalTest: boolean, fills in the functionalTest attribute on the instrumentation node in the manifest.
Fixed issue with parentActivityName when handling different package name in the manifest merger.
Allow files inside folder META-INF/ from jars to be packaged in the APK.
Plugin API Changes
1. New API to handle custom generated source folders.
Adding a source folder for the model (for IDE support):
Automatically adding dependency on the task, setting up the JavaCompile task inputs and propagating folder to the model:
variant.registerJavaGeneratingTask(task, sourceFolder1, sourceFolders2,...)
See 'genFolderApi' sample
2. New API to add extra artifacts on variants. This will let you register Java or (later) Android artifacts, for instance for alternative test artifacts (e.g. robolectric)
See 'artifactApi' sample for the API (sample is not meant to be used directly, it's for testing and to demonstrate the API).
3. The DeviceProvider test API has been updated to properly support CPU architecture filtering. 3rd Party plugin using this API will have to be updated.
- BiblioCommonsSoftware Engineer, 2012 - present
- Osgoode Hall Law SchoolWeb Desginer, 2010 - 2011
- Apple Inc.Campus Rep, 2010 - 2010
- York University, RecruitmentiPhone App Developer, 2009 - 2009
- York University, Faculty of ArtsStudent Technology Assistant, 2007 - 2008
- York UniversityDigital Media, 2007 - present
- SEED Alternative SchoolMath & Science, 2006 - 2007
- C.W. Jeffreys C.I.Computers, 2001 - 2002
- Earl Haig S.S.Visual Arts, 2000 - 2001
- Claude Watson School for the Arts (CWSA)Percussion, 1995 - 2000
Crunchyroll - Watch Naruto Shippuden, Bleach, Anime Videos and Episodes ...
Crunchyroll.com has free online anime videos including Naruto Shippuden, Bleach, Skip Beat, and Shugo Chara. Start watching episodes now. No
A free and open world depends on a free and open web. | Google
A free and open world depends on a free and open Internet. Governments alone, working behind closed doors, should not direct its future. The
The Best Free Management Applications for Mac OS X
The List. AppFresh Appfresh checks your system for software updates. It checks the entire Mac, including Apple and non-Apple software. Then
Drush.org | A command line shell and scripting interface for Drupal.
-r <path>, --root=<path>, Drupal root directory to use (default: current directory). -l http://example.com, --uri=http://example
Welcome to a smarter way to app with Windows Phone 7.5
Get a glimpse of the updated app experience on Windows Phone 7.5 and see how it truly offers a smarter way to app. Improved Live Tiles (mult
Time Traveler From The Year 1998 Warns Nation Not To Elect Newt Gingrich
WASHINGTON—Saying he came bearing an important message from the past, a stranger from the year 1998 appeared on the Capitol steps Thursday a
YouTube - "The The Impotence of Proofreading," by TAYLOR MALI
Create AccountSign In. Home. BrowseMoviesUpload. Hey there, this is not a commercial interruption. You're using an outdated browser, whi