> Apple's challenge is they want to maintain privacy, which means doing everything on-device.
Apple is not trying to do everything on-device, though it prefers this as much as possible. This is why it built Private Cloud Compute (PCC) and as I understand it, it’s within a PCC environment that Google’s Gemini (for Apple’s users) will be hosted as well.
So Telnet as a client is not dead though, right? A long time ago, I used to use the Telnet client to talk to SMTP servers (on port 25) and send spoofed emails to friends for fun.
With port blocking widening in scope, I’ve long believed that we would one day have every service and protocol listening on port 443. Since all other ports are being knocked off in the name of security, we’ll end up having one port that makes port based filtering useless.
I've never really understood why it's a thing to use a telnet client for transmitting text on a socket for purposes other than telnet. My understanding is that telnet is a proper protocol with escape sequences/etc, and even that HTTP/SMTP/etc require things like \r\n for line breaks. Are these protocols just... close enough that it's not a problem in practice for text data?
Because for a long time, on most computers, the telnet client was the closest thing to an "open a tcp socket to this ip/port and connect the i/o from it to stdin/stdout" application you can get without installing something or coding it up yourself.
These days we have netcat/socat and others, but they're not reliably installed, while telnet used to be generally available because telnetting to another machine was more common.
These days, the answer would be to use a netcat variant. In the past, telnet was the best we could be confident would be there.
In corporate environments, netcat was often banned as it was seen as a "hacking" tool. Having it installed would sometimes get the attention of the security folks, depending how tightly they controlled things.
The telnet protocol with escapes, etc. is only used by the telnet client if you’re connecting to the telnet port. If you’re connecting to HTTP, SMTP or something else, the telnet protocol is not enabled.
The point is not that this particular binary is huge, the point is that we tend to strip images of anything that is not useful for the actual application shipped. So we strip everything. Also: small things adds up. On AI prompt can be handled reasonably by a single machine, millions of concurrent ones involve huge datacenters and whole energy plants being restarted/built.
The point of reducing the amount of binaries shipped with the image is also to reduce the amount of CVEs/vulns in your reports that wouldn't be relevant for your app but woulld still be raised by their presence.
Thanks, sounds like a recent development. I don't use macOS, but on other peoples macOS computer it was always there, even when they are not developers. But it could very well be that these computers are ten years old.
I mean technically MS Windows 10 is ten years old, but the big upgrade wave to 10 only happened like 4 years ago, which is quite recently. Maybe that is similar to macOS users, I don't know that.
If it's alright to be pedantic, anyone with programming knowledge can do the same without these tools. What these offer is tried and tested secure code for client side needs, clear options and you don't need to hand roll code for.
I don’t remember how I did it but when I was about 12 years old I somehow managed to send SMS from Telnet to cell phones, and to the receiver they appeared to be sent by an official Telecom account - good that I was still an innocent child, had I discovered this a few years later I may have tried doing something nefarious with it.
None of this affects the use of telnet the client program nor the ability to run a telnetd on your own host (but do be sure it's patched!).
What's happened is that global routing on the internet (or big chunks of it, it's not really clear) has started blocking telnet's default port to protect presumably-unpatched/unpatchable dinosaur systems from automated attack. So you can no longer (probably) rely on getting to a SMTP server to deliver that spoofed email unless you can do it from its own local environment.
Presumably not on the SMTP servers they were connecting to. There are millions of IPs with port 25 open, without them email wouldn't work, so I'm not sure what you mean
They probably mean that port 25 is blocked on consumer ISPs/residential IP blocks to prevent malware from running an smtpd on an infected home computer or router (which used to happen a lot), but on a higher level of course no one blocks SMTP.
You would still be able to use the telnet client to connect to an SMTP server on TCP port 25, just not port 23, right? I don't think that part changed here.
It's... not super clear from the article whether this is a port block or a stateful protocol thing. But yes, you're probably right and SMTP spoofing is probably safe for now.
I have one observation that doesn’t seem to be reported on this thread. The home page is very heavy, loading several MBs of images. It took half a minute to load completely for me on mobile.
That’s exactly what I thought too when I saw “$12 annually”. Then I read the “$15 when billed monthly” and realized this is a monthly price. OP, please correct this.
With that setup on boot or after a long sleep one first must log in into an account with longer password. Then one logs out of that and switches to the primary account with a short password.
I wonder what exactly Microsoft did with “New Teams” that was supposedly written in Rust and uses the system browser engine or whatever instead of Electron. On release it seemed better, but now it seems as bloated, slow and annoying as the Electron one. MS Teams seems to have some incurable infection.
If I could, MS Teams would be the second tool I’d eject out (after Outlook and Exchange). But the company I work in is tied to MS 365 and will not give up on Teams and its useless cousin SharePoint.
Gold has a few properties: one is that it has had value through history and another is that it’s a physical asset, and because of these two properties, it’s quite liquid. It’s also a metal that doesn’t naturally corrode.
Central banks of countries hold various kinds of assets, including bonds and currencies of other countries. But bonds and currencies are just “paper”…or are more vulnerable than gold to shocks in certain conditions.
The disadvantage of physical gold is that it doesn’t generate any income by itself, as compared to bonds.
During times of higher uncertainty, people and institutions (including central banks) flock to gold.
Sadly, this site requires a login or registration with an email just to get the shortcut. I guess I may be able to find a similar one that’s just shared by someone on their iCloud storage.
Oh that sucks. Wasn't trying to shill for that site. I've got this one but I can't remember where I got it from and it doesn't work for youtube links. There's probably a better one out there if you look around.
Apple is not trying to do everything on-device, though it prefers this as much as possible. This is why it built Private Cloud Compute (PCC) and as I understand it, it’s within a PCC environment that Google’s Gemini (for Apple’s users) will be hosted as well.
reply