On Thu, Jul 30, 2015 at 1:20 PM, Warren Young <wyml at etr-usa.com> wrote: > On Jul 29, 2015, at 5:40 PM, Chris Murphy <lists at colorremedies.com> wrote: > > > > On Wed, Jul 29, 2015 at 4:37 PM, Warren Young <wyml at etr-usa.com> wrote: > > > >> Security is *always* opposed to convenience. > > > > False. OS X by default runs only signed binaries, and if they come > > from the App Store they run in a sandbox. User gains significant > > security with this, and are completely unaware of it. There is no > > inconvenience. > > You must not use OS X regularly, else you’d know there is plenty of > inconvenience in this policy. There’s a whole lot of good software that is > both unsigned and not in the App Store. Examples: > > a. Most open source software. Many of these projects (e.g. KiCad) can > barely manage to serve community-provided unsigned binaries on OS X as it > is. Signing apps and managing the App Store submission process is out of > the question. The next version of OS X will block all the third-party app > repositories (e.g. Homebrew) by default, in order to provide better > security: > > http://www.imore.com/os-x-el-capitan-faq > > b. Most network monitoring software, because putting en0 into promiscuous > mode violates the Gatekeeper rules. (Wireshark, etc.) Some App Store > networking software (e.g. RubberNet) manages to get around this by offering > a second app download from the author’s web page. You don’t call that > inconvenient? > > c. Low-level utilities, such as Karabiner and Scroll Reverser, since they > also need to bypass the sandbox guidelines to do their job. > > On top of all that, to bypass Gatekeeper, you need to right-click an app > and disable Gatekeeper for it on the first launch. Another inconvenience. > > I’m not saying Gatekeeper and such are bad, only that they are in fact > exemplars of the rule: better security always causes greater inconvenience. > > > What is the inconvenience of encrypting your device compared to the > > security? > > I can’t hook my iPad up to my PC and browse it as just another filesystem, > as I can with any other digital camera or MP3 player. Apple must do this > in order to prevent sideloading malicious apps. > > Did you see my exchange with James Byrne? His bogus counter to my claim > that iPads > +Snip+ Can someone mod this thread, I'm sure everyone has an opinion about this I know I do and obviously so do other but I think the fedora mail list would be more suited to this discussion. I think enough points and counter points have been said, lets move onto more relevant Centos Topics. Thanks