Rixstep
 About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Industry Watch » The Technological

Vincent's Ear

Some artists do the more honourable thing.


Get It

Try It

Some artists aren't recognised in their lifetime. Some aren't recognised ever. Some artists, like Vincent, cut off their ear for a whore in a moment of desperation. Others just sell out.

There's one hitech company, somewhere in California, that's caught in a middle age crisis. Not particularly accustomed to success, they really don't know what to do once they achieve it - and even less know what to do when they're about to lose it again.

It's something like Joey Tribbiani calling all the girls he's dumped because, on one particular evening, he gets dumped himself. Make a few calls. See if anything can get patched up.

Question: what do you do with a company that's so amateurish that they neglect their core business for a quick win elsewhere? Only to find that the 'quick win', like Joey Tribbiani's latest flirtation, didn't net a reliable return on investment over time?

Try different colours. Keep making it look like you're improving things. Make people pay mad cash for essentially the same thing, over and over again. (As Chen of the NY Times claims.)

The market's bottomed out! What do you do? Go back to the lover you jilted?

Will (s)he take you back? Most importantly: is there anything to net from such an about-face, such a regression?

Let's assume this is about Apple for a moment. Of course it's not about Apple, but let's assume it is, as this makes it easier for you to follow along.

So let's assume that Apple Inc of Cupertino California jilted their core business, their base operating system, took away all active development and maintenance, totally convinced (obsessed) that they'd finally made a big 'win' elsewhere in the mobile market - only to finally find out that, despite new and somewhat inventive obsolescence every two years or so, with more and more gay colours and features you don't really need, the market was still no more? What would they do then?

This is a theoretical hypothesis only of course.

Could Apple revert to their base OS, the one they'd jilted?

OK, their base OS is a mess today, but even so?

The big hurdle is: making money. They have to make money. Make the money they're no longer making in the mobile market. Where does that money come from?

Oops.

For they give away their base OS today. What can they do?

Can they start charging money for it again?

The hitch is that their market's not impressive. Apple always liked to control things, to never let consumer bases grow too big. They put limericks - actual limericks, yes - in their kernel code, BEGGING people please don't steal. So, considering that this OS, once the jewel of the industry but today a joke so chaotic that it's not even very funny anymore, still doesn't have even as much as a 10% market share, and considering that they're already giving it away for free - where's the money?

Ah. But amazingly there's one chance left.

The Mac App Store.

The App Store that Steve Jobs denied some ten years ago.

Ten years ago, it was obvious to all but the fanboys that Apple had already prepared for something like this, that the code for a so-called 'kill switch' was eminently easy to insert into their base OS kernel at a moment's notice.

But they didn't dare. The outcry, the market reaction, would be incredible. Deafening. They'd be branded as the fascists some think they already are.

The important thing is to get independent software developers to join in on the App Store frenzy. And why? Commissions, baby! Commissions! One third of all revenues! One third FFS!

Homework: find some stats somewhere on Apple's annual turnover at their Mac App Store. Now multiply that by 30%. Now try to guesstimate how much cash changes hands annually on software sales in general for their platform, and multiply that by 30% again. And subtract the one from the other.

Some gurus and pundits estimate that number to be about six billion. US dollars. Per year. Six billion is a lot of money.

It also gives Apple complete control of what's seen by Joe Fanboy. More and more the fanboys will learn to not venture outside the 'walled garden'. It's dangerous out there! No, stick to what's available at Apple's App Store. DO NOT TRUST ANYTHING ELSE. Thank you!

They're hiding a lot from you, you know. You don't get to see what they're hiding because you don't dare look. Remember when Steve Bass and Bill Gates negotiated on a single icon for the Windows default desktop for AOL? Care to guess how much that cost?

Our sister company once produced a 'front end' for a popular anti-virus database. The entire IT media heaped praise on it. They never knew it was our people who'd done it.

The app was astoundingly trivial, as any developer would understand. But of course the media didn't have a clue. (They never do.) And all this app did was connect to an online service with a specified search key. That's all. And gosh but it was a success!

Get on the desktop. That's all you need to do. Apple's App Store is in your dock and on your menu. Of course it'll be all over the place. Mayfair and Park Lane, or Boardwalk and Park Place for those of you in the US.

Now if Apple can't force users to use only software they approve (for which they get their 30% commission) can they at least scare the bejeezus out of everyone so developers don't dare release software without their approval, so users get contact phobia for anything Apple will frown on?

You gotta coax people into it. But even this is difficult, as, for many long years, you've been telling people how SAFE the OS is! The 'Mac vs PC' ads. The 'Rock Solid Foundation' meme and logo. Drilled into people's consciousness for so long: what to do about that?

Ah don't worry too much. Fanboys are pretty thick, and they'll always get down on their knees for anything or anyone from Apple. They'll forget! Remember when they were told, over and over, how PowerPC was infinitely superior to that jalopy Intel 64-bit? No problem. Just leak a rumour that actually it's Intel that's better, let it stew a week or two, then come out and admit the rumour's true! No worries, matey!

Same thing here. We're going to improve security here. (Against what, you ask? Shut the F up, OK. just do it.) We're going to start 'signing' our software. Ah, but the catch is that only we can sign it for you! Let's say you were able to acquire your own root certificate: would that be OK? No it would not! (Isn't that laughable?)

And when you consider what security researchers already know, given as people in our own corporation have already done this specific research on assignment for a client... in a word: they can't be trusted. They can be compromised. You want security? Perhaps you should try BitCoin-type stuff. Root certificates? Not so much.

But there's another problem. For the code-signing sits as a new executable section on the application binaries, and the system's launch services are only going to check the consistency if they find something. Otherwise they don't care. But here's the big joke: if you remove that executable section, completely remove it, the system won't be wiser.

And we proved that this can be done - we proved it ten years ago.

Which of course led to our 'Steve Gambit' - which the 'Mac media' keep trying to ignore.

Your downloads get impregnated with Apple gunk. This gunk is seen by the launch services. And suddenly your name is Truman Burbank and you're on Seahaven Island and you can't get out.

Totally screwed.

But back to our painter now. We didn't forget the painter - did you?

'You know an app isn't signed and still want to open it.'

'Although Apple, and every user I'm sure, would much prefer only to run signed apps, there are times when apps can't be signed.'

'You should still be mindful that running any unsigned app is a significant security risk.'

'Apps without signatures cannot have their integrity checked at all. They're a prime target for malware, and always will be.'

'The smoke alarm has just gone off.'

'Why should you rush to assume that an app which can't be opened on its first run is safe to have on your Mac at all?'

'The most dangerous thing you can do is disable the security assessment subsystem altogether, using the spctl command, then try running the app.'

'Turn the whole subsystem off, and you going [sic] to be trying to force macOS to run something which is very likely to be malicious or damaged.'

'Removing the quarantine flag from a freshly downloaded app or installer isn't quite as bad, as signature checks still take place.'

'It's still playing with fire and putting your Mac at high risk of running malicious software.'

And so forth.

Some artists do the more honourable thing and just cut off an ear.

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.