For better or worse, the only admissible evidence going forward will probably be either completely physical or originated in attestation-capable recording devices, i.e. something like a "forensics grade" camera with a signing key in trusted hardware issued by somebody deemed trustworthy.
Given the obvious personal safety upsell ("our phone/dashcam/... produces court-admissible evidence!"), I think we'll even see this in consumer devices before too long.
Yes, that is a major worry of mine, too. CCTV evidence is worth nil now (could be generated in whole or part), and even eye-witness testimony can be trusted (sure, a witness may think they saw the alleged perpetrator, but perhaps they just saw an AI-generated video/projection of someone).
Trials have rules for evidence. You can't just pull out some footage out of nowhere. Where did that come from? From what camera? What was the chain of custody on its footage? Etc.
If it means anything, I have a 1990 Almanac from an old encyclopedia that warns the exact same thing about digital photo manipulation. I don't think it really matters at this point
Multiple data sources, considering the trustworthiness of the source of the information, and accountability for lying.
You might generate an AI video of me committing a crime, But the CCTV on the street didn't show it happening and my phone cell tower logs show I was at home. For the legal system I don't think this is going to be the biggest problem. It's going to be social media that is hit hardest when a fake video can go viral far faster than fact checking can keep up.
CLI is great because now I can tell my AI agent to do it. “Fix all dependabot security issues (copy logs) and run tests to validate functionality. Create each dependency as its own stack (or commit) so that contributors may review each library update easily.”
Everyone will have their own way of structuring stacks, but I've found it great for the agent to plan a stack structure that mirrors the work to be done.
Am I the only one that uses a thunderbolt dock and a keyboard + mouse + monitor setup? The Macbook itself is always closed in clamshell mode.
The only time I ever use a Macbook as a proper laptop is during meetings, and even then it is brief - looking up materials or taking notes - not nearly enough time to encounter long-term strain in the wrists.
If you are working on a computer for 6+ hours a day professionally, you owe it to yourself to get a proper workstation setup. Hunching over a laptop for hours a day is terrible for your posture and health.
So if this is free to use on linux, what is to stop someone from doing what Colima did to Docker? Aka make a tiny Linux VM on MacOS and package Little Snitch within that?
It barely has any of the features of the MacOS version, there is no shortage of cracks for Little Snitch, and there is Lulu. Other than that, I am not sure.
Little Snitch requires packet inspection. If you ran it in a Linux VM, it will inspect packets within the VM. So... kind of useless for monitoring connections on the host.
Yep. People who have never tried to add Mac support to an existing organization do not realize how freaking expensive it is.
There are basically two cases. If you use Microsoft, you are often already paying for Entra ID and Intune, then still adding the Apple-side pieces for Mac support: Apple Business Manager and often Jamf or Kandji. If you do not use Microsoft, you are buying the full stack yourself: Okta or JumpCloud for identity, Jamf or Kandji for device management, and Apple Business Manager for enrollment. Apple Business Manager is free, but the rest is not, and the cost adds up fast.
This means that, in practice, a managed Mac can easily end up costing close to twice as much to support as a Windows device.
Actually Intune handles MacOS reasonably well, you don’t need Jamf; that’s the way we went, and it’s okay-ish for the most part. By far the annoyingest thing is getting Macs bought before we went down the Business Manager integration route into MDM.
You think there’s a standard way to do that? Just install company portal? That worked in exactly 1/20 cases. It’s an exciting new error on every single device. Awful. Just awful.
The only thing you need out of any of those to correctly support the Mac is an MDM, of which there are free ones and expensive ones and everything in between. So long as it can deploy configuration profiles and declarative management configs, you can spin up Munki to be your pkg/script runner and script the rest. Installomator to install and patch applications.
But if you also wanted identity, there are plenty of free selfhostable SSO/ID providers out there. If you're just starting out and not at the scale where a big Microsoft CoPilotM365OfficeWhatever contract makes sense, you probably don't even really have a need for a lot of this stuff. A minimum contract for Jamf Pro is like $5k a year or something. That's two well kitted developer MacBook Pros per year in license costs.
Dunno if you've ever had a business relationship with Apple but they're really good on that front. Proactive and helpful, along with always trying to sell you stuff, but proactive and helpful nonetheless.
A B2C relationship and a B2B relationship are not the same thing. Apple does well with the B2C pipeline, but they will only surpass Jamf in the B2B department if they play dirty.
I have managed multiple relationships with Apple business and the only thing I can think you could possibly be talking about is having a local store reserve devices for you to buy.
As far as identifying a bug in the software and getting it fixed, or requesting a feature, you run into a brick wall. Taking that feedback from customers is not the Apple way. This is why there is a market for third party MDM companies in the first place.
By excellent, you mean excellent at not being able to talk to someone about your real world problem and need to rely on your linkedin contacts to find someone to talk to?
I would say that most SMBs don't need Jamf because they provide overlapping features. The most important thing you want is remote erasure of company data (for compliance purposes), app assignment, and ensuring your devices have screen lock. This basically makes the most important parts of MDM for Apple devices totally free.
It's not apparent that this apple mdm will do internal distribution or just provide for encouraging a set of installed apps already on the app store. If it does, that would be the biggest reason for me to jump to the free product.
It’s also hard to hire for. Candidates for job openings must be between the ages of 21-31 years old. Yes they are legally forbidden from hiring anyone older.
Since they have a mandatory retirement age of 56 (if they're not retired earlier for health conditions) it's not crazy to have an age cutoff for intake. Why put someone through a 2 year training with a high failure rate if after they make it through all of that you'll get at most 10 years of work out of them?
AI can probably fool most court judges now. Or the defense can refute legitimate evidence by saying “it’s AI / false”. How would that be refuted?
reply