Forums before death by AOL, social media and spammers... "We can't have nice things"
| comp.sys.mac.advocacy | Steve Jobs fetishistic worship forum | 120,746 messages |
[ << oldest | < older | list | newer > | newest >> ]
| Message 119,919 of 120,746 |
| Maria Sophia to Maria Sophia |
| Re: Why does iOS ask for your passwd eve |
| 11 Jan 26 06:51:41 |
XPost: misc.phone.mobile.iphone From: mariasophia@comprehension.com Maria Sophia wrote: > Android & Windows deliberately avoid all of these poor design choices. The > resulting differences in behavior are the direct consequence of Apple's > architectural decisions, which only iOS users (no other OS does this). Moving forward... To help teach the folks on this newsgroup how iOS is different from all other operating systems when it comes to its rather poor design choices, here's a summary of the coupling choices that only iOS devices enforce. A. Identity coupling comparison 1. iOS a. Apple ID is a single, universal identity for App Store, iCloud, Find My, Activation Lock, device restore, purchases, subscriptions, and keychain sync. b. Many short-lived tokens must remain valid simultaneously. c. Expired tokens can block system-level operations. 2. macOS a. Apple ID is important but not required for device operation. b. iCloud services fail when tokens expire, but the OS remains usable. c. Activation Lock applies only after a wipe/reset on T2/Apple Silicon. 3. Android a. A Google account is not required to install software b. Even so, the account is not the single identity for the whole device. c. Expired tokens only break Google services. d. Device functionality is never restricted. 4. Windows a. Microsoft account is optional. b. Expired tokens only affect cloud services. c. Local login and OS functionality remain intact. B. Security state coupling comparison 1. iOS a. Apple ID token validity is tied to Activation Lock, Find My, restore authorization & device association. b. If tokens cannot refresh, the OS may block: i. signing out ii. disabling Find My iii. restoring the device iv. completing setup after reboot c. This can create a "soft brick" scenario. 2. macOS a. Apple ID is not tied to core device security during normal use. b. Activation Lock only applies after a wipe/reset. c. Expired tokens never restrict macOS functionality. 3. Android a. Security features (FRP) are isolated from token expiry. b. Android never restricts functionality due to refusal to sign in. c. Only a factory reset triggers FRP. 4. Windows a. Security features (BitLocker, Secure Boot) are independent of Microsoft account authentication. b. Expired tokens never affect device usability. c. Cloud services simply stop syncing. C. Token strategy comparison 1. iOS a. Many short-lived, tightly scoped tokens: i. ID tokens ii. App Store session tokens iii. purchase validation tokens iv. StoreKit transaction tokens v. renewal info tokens b. Failure to refresh some tokens blocks system operations. 2. macOS a. Uses Apple ID tokens but with looser coupling. b. Expiry affects cloud services, not OS functionality. 3. Android a. Fewer tokens, longer-lived, broader scope. b. Expiry rarely affects anything beyond Google apps. 4. Windows a. Minimal token complexity. b. Long-lived tokens for cloud services only. Only iOS ties account-token validity directly to device security and system operations. Android, Windows, and macOS do not. The question is why? -- The amount of energy required to get folks on this newsgroup to understand how iOS works is so immense, they'll never get to why. --- SoupGate-Win32 v1.05 * Origin: you cannot sedate... all the things you hate (1:229/2) |
(c) 1994, bbs@darkrealms.ca