Archive for August 17, 2017

Thursday, August 17, 2017 [Tweets] [Favorites]

New Google Docs Features Power Team Collaboration

Birkan Icacan:

Today, we’re introducing new updates to better help with “version control,” to customize tools for your workflows, and to help teams locate information when they need it.

[…]

Being able to assign custom names to versions of your document is a great way to keep a historical record of your team’s progress. It’s also helpful for communicating when a document is actually final. You can organize and track your team’s changes in one place under “Version history” (formerly known as “Revision history”) on the web. Select File > Version history > Name current version. For even quicker recall, there’s an option to select “Only show named versions” in Docs, Sheets or Slides.

[…]

Compare documents and review redlines instantly with Litera Change-Pro or Workshare Add-ons in Docs.

[…]

Teams use templates in Docs and Sheets to save time on formatting. At the same time, developers are building add-ons to customize functionality. We thought, why not bring these two together? That’s why today, we’re introducing new templates with built-in add-ons and the ability to create your own, so your templates not only look good—but they make sure the work gets done.

The Life, Death, and Legacy of iPhone Jailbreaking

Lorenzo Franceschi-Bicchierai and Brian Merchant (via Zac Cichy):

The world’s first jailbreaking step-by-step procedure, discovered in 2007, was posted online for all to see. Subsequent jailbreaks were used by millions of people. At one point, there was even a website—called jailbreakme.com—that was free for all to use and jailbroke your phone simply by visiting it.

[…]

Things, however, have changed. The jailbreaking community is fractured, with many of its former members having joined private security firms or Apple itself. The few people still doing it privately are able to hold out for big payouts for finding iPhone vulnerabilities. And users themselves have stopped demanding jailbreaks, because Apple simply took jailbreakers’ best ideas and implemented them into iOS.

[…]

“What do you get in the end?” he asks. “It used to be that you got killer features that almost were the reason you owned the phone. And now you get a small minor modification.”

“That turns into, like, a death spiral, where when you get fewer people bothering to jailbreak you get fewer developers targeting interesting things, which means there’s less reasons for people to jailbreak,” he added. “Which means there’s fewer people jailbreaking, which causes there to be less developers bothering to target it. And then you slowly die.”

Update (2017-10-16): Tim Jackson:

Here is an admission in black and white that prominent members of the jailbreaking community are giving up on attacking iOS devices. Apple created a system where their engineers, like soldiers in a castle under siege, were able to outlast the besieging army; throwing back assault after assault, until the attackers, deciding the siege was no longer worthwhile, packed up and headed home.

Ten years ago, finding a jailbreak was fairly doable, though it required skill. As iOS jailbreaks became harder to find, however, they became more valuable. Zerodium publicly announced it would pay $1 million, now increased to $1.5 million, for a remote jailbreak flaw (e.g. remote code execution) on iOS. This effectively priced the jailbreak community out of the market for iOS vulnerabilities. Markets only assign commodities such value when they are rare and difficult to obtain. If somehow you remain unconvinced, consider that the last publicly available untethered (e.g. persistent across reboots) jailbreak was discovered over a year ago, and was part of the government-quality attack tool Pegasus. The current generation of jailbreaks require the user to run a jailbreak app every time they reboot.

Bit Twiddling Hacks

Sean Eron Anderson (Reddit, Hacker News) has a long list of code snippets:

As of May 5, 2005, all the code has been tested thoroughly. Thousands of people have read it. Moreover, Professor Randal Bryant, the Dean of Computer Science at Carnegie Mellon University, has personally tested almost everything with his Uclid code verification system. What he hasn’t tested, I have checked against all possible inputs on a 32-bit machine.

It sounds like they’re correct, but that since the list dates to 2005 the performance characteristics may have changed.