

IPhone. Single. Looking to make friends on any network. - polo
http://tech.cyberclip.com/iphone-single-looking-to-make-friends-on-any

======
jpxxx
This is what Bonjour (nee Rendezvous aka Zeroconf) does in life, and Windows
machines do the same thing. Hostnames are not private otherwise why would you
need a name in the first place?

~~~
Umofomia
This brings up an interesting question; since by default on iOS the hostname
is based on the user's name, what will happen when two people with the same
hostname (e.g., john-smith-iphone.local) both connect to a public WiFi
network? Is there automatic conflict resolution?

~~~
alexdias
From what I can see on my Macbook Pro, yes, there is. One of the hostnames
(the one that connected after the original) is automatically changed (in my
experience it either appends a number to your current hostname or it
completely changes your hostname, to something based on the network).

PS: I'm guessing here that the iOS behaviour when it comes to hostnames is
similar to Lion's.

------
wingo
Sounds like a business opportunity for a "who is around you that is within 3
degrees of you on linkedin" app. There probably is one already.

~~~
benmccann
Too bad the LinkedIn API only lets you see one level deep into your network.

------
nyellin
On a tangential note, apps like HandsOff and LittleSnitch aren't effective at
sandboxing malicious software. (This should be obvious, but it apparently
requires saying.)

The easiest way to bypass HandsOff/LittleSnitch is by temporarily replacing a
trusted executable with another binary - there is no mechanism in place to
verify that the binary itself hasn't changed since it was granted permissions.

<http://natanyellin.com/2011/11/03/bypassing-little-snitch/>

~~~
WiseWeasel
If you're running as a non-administrator, like you should be, that would
prompt an admin login request.

~~~
nyellin
Nope. OS X binaries are usually installed by dragging them to the
/Applications/ folder. They are user-owned.

~~~
WiseWeasel
That's incorrect. Maybe you don't notice it if you're running as an admin, but
the /Applications directory is admin-owned; since I'm running as a regular
user, I need admin credentials to move items to that directory. I also get
asked for admin credentials to perform any file operation in the /Applications
directory, including those affecting apps I put there under my non-admin
account (with admin credentials). You can make a ~/Applications directory for
user-owned apps, and you won't need admin privileges to change that, but it
would be less secure.

~~~
nyellin
Sorry, but that's another common misconception.

As non-admin, you have authenticate to create or delete items in
/Applications/. However, all items you move to /Applications/ remain under the
ownership of your user.

You can confirm this without even opening the terminal: move the directory
Foo/ to /Applications/Foo and notice that /Applications/Foo/bar is user-
writable.

(Furthermore, admin on OS X (and many modern Linuxes) isn't equivalent to the
traditional root account. Using a non-admin account doesn't make the
difference you think it does.)

~~~
WiseWeasel
OK, it seems to ask me to authenticate to move a folder to certain directories
in /Applications, apparently those created by installers running with admin
privileges, but I am able to move a folder to a folder that I've moved to the
/Applications directory under my regular user account with authentication
without needing to re-authenticate. But since the majority of my apps are not
in their own directories, I am still asked for admin privileges to modify
them. I am aware that the admin account is not in the root wheel, but the
/Applications directory is owned solely by the 'admin' account; just not
necessarily all sub-directories apparently.

~~~
nyellin
Every app _is_ its own directory!

Look at blog post I referenced above. It has an example for modifying the
binaries inside Firefox.

~~~
WiseWeasel
It does work for Firefox, which I don't use on my Mac, but not for Safari,
which I do. It seems first party apps and ones installed with a proper
installer are not susceptible to this vulnerability, so you would have to rely
on the presence of third party apps that don't get installed with installers.
I would guess Mac App Store apps are also protected, but I am unable to test
that. You are right that there is a vulnerability, though it's extent is
questionable.

------
joss82
To a lonely girl obviously waiting for her date in a public place:

"You must be <name snatched from her ipod/ipad>?"

"Yes?"

"He's not coming."

Very big security problem, indeed.

------
kennystone
It's a great feature, isn't it? Apple's products automatically connect your
devices to each other, and once they have authenticated, are allowed to easily
sync and transfer files.

------
akg
Sounds like a great way to break the ice with that pretty girl you've been
eyeing. If their hostname has their name, you can even play the psychic ;-)

~~~
slig
> you can even play the psychic ;-)

Or the creep.

~~~
true_religion
I think that people who give flirting advice should be forced to include a
disclaimer like lawyers or stock tippers.

For example:

I am not a playboy. I do not offer personalized dating advice, or comment on
the suitability of any individual statement to potential romantic partner.
Remember, poor flirting can cause total loss of social credibility and you
should always consult with your conscience before flirting or beginning a
romantic relationship.

