Slashdot Mirror
Feedly Forces Its Users To Create Google+ Profiles
somegeekynick writes "Feedly users, a lot of whom migrated from the now-defunct Google Reader, are now finding out that they will not be able to login to the service without a Google+ Profile. In a blog post from Edwin Khodabakchian, which was posted almost at the same time the change rolled out, the reason for the change is stated as following Google's own move from using OAuth to Google+ for authentication. What has riled up a lot of users, as can be read in the comments, is that this change has come without warning and a lot of feeds are now being 'held hostage' by Feedly, especially for users who are reluctant to create Google+ Profiles."
The main Google Reader replacement.
We also understand that some people would prefer to have more identity choices. So we have been testing twitter, facebook and wordpress login options. We will be rolling them out over the next 7 weeks.
Apparently they are too busy looking for other ways to force you to have 3rd party accounts to realize the obvious solution and roll their own authentication system.
I am becoming gerund, destroyer of verbs.
Well thats one way to keep pumping up the Google+ numbers with more inactive accounts.
More importantly, this is a non-news story since they have since rolled back those changes.
This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
From TFA:
Nothing to see here. Move along.
Maybe it's because I'm not a hipster, but I just don't understand all of these companies with names that take some word and stick 'ly' at the end.
What is it even supposed to mean? What is 'Feedly' supposed to mean?
I'm f***ing sick of Google and their integration of Google+ into Youtube (and obviously their other, and 3rd party services). I don't like Google+. I like Youtube (less and less these days, however). I don't use GMail, or any other Google service (besides search when DuckDuckGo doesn't find me what I want). It's like they're trying to force-feed us their horrible social network via proxy (no pun intended). NO I DO NOT WANT TO POST MY YOUTUBE COMMENTS ON MY DESOLATE GOOGLE+ ACCOUNT. Just keep them separate, they were never meant to be tied together.
It is pitch black. You are likely to be eaten by a grue.
Use Google to search for an alternative you can use on your Android phone and sign up to it with your Gmail address.
If you have an android phone/a youtube account/ or a gmail address you have a g+ account.
....letting the websites you frequent spy on you across the Internet since 2006.
No one has two names (first/last) on the Internet. That's already a huge problem during registration.
Death by a thousand cuts. They'll do it again. This is all part of an apparently huge push to force g+ on people.
Gmail recently started requiring access to plus.google.com in order to login. Some of us block access to social networks.You must now regularly few (sometimes more than once a week) a g+ nag screen.
I am migrating my dozen+ accounts from gmail. Thanks for the push, google!
Were you going for a "funny" tag with this? Are you a software developer? You know that OpenSSH isn't a program for website user authentication, right?
Why should I give Google +1 user? There's nothing in it for me.
No, please DO NOT ask again me later
Death by a thousand cuts. They'll do it again. This is all part of an apparently huge push to force g+ on people.
Yes and so many of them are docile little consumers who bend over and spread their cheeks, so it will work. It's sad and unjust that thinking people are often burdened by what the majority deserves, but it's abundantly possible to never end up in that situation to begin with.
I am migrating my dozen+ accounts from gmail. Thanks for the push, google!
The attempts to track my web use without even asking if I consent made me stay away from all Google services years ago. I recommend you adopt the same zero-tolerance policy towards corporations that do things disrespectful of you as a human being. I use Startpage to get Google search results and I have never, ever, not once used any other online service Google provides. The tracking methods aren't difficult to defeat either, not with a few browser addons.
I have never seen any Facebook page either, nor any Myspace page before that. I imagine the crackhead thinks the idea of life without crack is absurd, an unrealistic pipe dream. Meanwhile those who had sense enough not to ever use crack consider life without it their normal everyday existence. Shady corporations are like this. Don't ever get involved with them for any reason and you'll find that you never miss them nor anything they offer. Or whine about their business practices while making a bunch of excuses for why you'll sell your soul for a little convenience. It's your choice, after all.
Feedly's login policy was what forced me to use Inoreader (www.inoreader.com), the only reader I was aware of that provided a standalone login. And boy am I happier for it. Light, fast and simple yet also feature rich. Just like the Google reader I used to know and love....
Says Coward, Anonymous to Guy, Linux.
It is not perfect, but the developers obviously care and
even at this stage it is quite useful to me and many others.
The only problem I've seen is that deleting old feed items
en masse can often cause Vienna to crash. But reloading
Vienna takes little time and it doesn't crash twice in a row
unless you again attempt a mass delete of old news items,
so I consider this a minor flaw.
Kudos to the developers !
http://www.vienna-rss.org
Software developer should NEVER try to roll their own authentication, just like they shouldn't try to roll their own encryption.
Security is the domain of PROFESSIONALS and EXPERTS only. Your average softdev should NEVER EVER EVER try to roll their own authentication.
It's better to use existing software written by PROFESSIONALS and EXPERTS. Like OpenSSH. That's what everybody should use for authentication.
Wow. How wrong could this be? Let me count the ways...
Nah. I have better things to do. I'll just say that a "real" developer uses tools developed by others to "roll their own" authentication. Nobody said you should to invent your own hashing algorithm or anything. Just follow recommended practices, use a known-to-be decent hash method, and be sure to salt.
It ain't rocket science.
"I am migrating my dozen+ accounts from gmail. Thanks for the push, google!"
Me too mate. When I started seeing Google+ crap trump my YouTube subscriptions, that was my final straw. Migrating all my stuff off of Google.
What is the issue with creating a Google+ account?
The issue is that using "John Doe" as your name when it is not your name is in violation of their Names Policy, you are subject to having the account suspended or canceled.
This is so much bullshit on so many levels. Using a real-life and permanent name in conjunction with social networking activity is, in my opinion, extremely stupid. Making this a requirement for participation is frightening.
G+ has taken some steps in the right direction, but IMO this has been more talk and less action than is necessary and their behavior with forcing G+ membership for Google store/youtube comments is abhorant.
Preserving anonymity, pseudonyms, and online identity separate from 'real life", insofar as is possible, is essential to a healthy Internet.
AC
Everyone will eventually have a Google+ account. Why fight it? Give in.
On the contrary, a well-informed user knows that depending on Google
for ANYTHING of importance is something that seasoned users of the web don't do.
Google has provided repeat examples that Google makes arbitrary decisions
which leave users who were dependent on various Google services high and dry.
][
A lot of sites make you use Facebook to use them, why should this be a problem?
What is in it for you? You get to use a Google service for free. That's what. Obviously nobody is forcing you. So there is little room to complain.
I did just that and it carried my fake name over to my gmail. Pain in my ass to clean that up. I'm glad feedly wised up and is rolling it back.
" I imagine the crackhead thinks the idea of life without crack is absurd, an unrealistic pipe dream."
Or an unrealistic pipeless dream, as the case may be.
We know where leadership by an anti-intellectual "strongman" who scapegoats minorities and likes boisterous rallies goes
There's all the room in the world to complain. A product is a product and taking to public venues to express your displeasure is how capitalism works. We all get upset because we recognize the initial symptoms of a death spiral at Google. Those of us old enough to have gone through a couple of boom-bust cycles know all to well what happens when the marketers gain the power to make product decisions. It always results in the demise of the company. We like a lot of the Google services that they're currently sabotaging, that's why it sucks. And if they keep on this road Google will go the way of Alta Vista and Lycos. Remember them? But, just like every stupid teenage male, Google thinks they're different and they'll be successful pulling the same shit everyone else failed at.
While Name, User watches from the sidelines.
Facebook is blocked in my company's routers. To be fair, we don't have any little girls working for us who might be expected to use Facebook, but it also blocks a lot of insane tracking through Facebook and sign-in through Facebook. Google+ isn't yet blocked, but I would not be shocked if in the future it is, particularly as the abuses mount. While we don't expect our employees to waste their time on Facebook or other social sites, we don't object to our programmers keeping current reading news feeds in their down time. But if a feed sets up rules that we must allow access to something that is blocked, the Preventer of Information Services will be much happier letting them cut them-self off rather than relaxing any routing rules.
I'm an American. I love this country and the freedoms that we used to have.
If it required a Hulu+ account, that would be mighty annoying ...
Priest: "Universe from nothing, no laws of physics, sped up time"+ huge discrepancies. Creationism? No. Big Bang Theory
I keep seeing the seeing these paranoid critters screaming bloody murder about being forced to use Google+. What exactly is the issue with creating a Google+ account and not adding any information you do not want to share? Please enlighten me!
Has the privacy disaster that is Facebook not once entered your brain after all these years?
People are losing jobs, and failing to get jobs, because of this nonsense, people are being forced to turn over social network account passwords, and the accounts, with or without passwords are being mined, not only by advertisers, but also by government agencies.
Look, its fine that you buy into this stuff, but don't drag me into it, just because you don't see a problem in your little world. Even teenagers are starting to realize facebook is a trap.
There is simply no reason to believe Google+ is going to be any different. You can see the creeping invasion already.
Sig Battery depleted. Reverting to safe mode.
Well, I have a middle name as well in real life:
"Your Name Here".
Have gnu, will travel.
What is in it for you? You get to use a Google service for free. That's what. Obviously nobody is forcing you. So there is little room to complain.
I look at their ads. Its not exactly free is it?
(And before someone thinks to school me on Adblock, I already have it. But there is a lot of stuff on the net you simply can't get to with Adblock turned on).
Sig Battery depleted. Reverting to safe mode.
What is the issue with creating a Google+ account?
The issue is that using "John Doe" as your name when it is not your name is in violation of their Names Policy, you are subject to having the account suspended or canceled.
This is so much bullshit on so many levels. Using a real-life and permanent name in conjunction with social networking activity is, in my opinion, extremely stupid. Making this a requirement for participation is frightening.
This! A thousand times this! At first, it was a friendly offer to sign up for G+ for free. OK, that's cool; not gonna use it, but thanks for the offer. Then it became "you must have a G+ account in order to participate in youtube or whatever". Now they are moving on to the new strategy of requiring a G+ account for participation in third party sites. So far, I have managed to avoid the G+ account requirement...but I have no doubt that someday soon I will finally be caught in their web. Sigh
I highly recommend setting up the free tt-rss service. There's also a nice mobile client.
How about talking about something more people know about.. like Youtube forcing you to use G+ to comments now too
The issue is that using "John Doe" as your name when it is not your name is in violation of their Names Policy [google.com], you are subject to having the account suspended or canceled.
Got any examples of that actually happening, outside of the handful of quickly-debunked reports that floated around when Google+ was first released?
Preserving anonymity, pseudonyms, and online identity separate from 'real life", insofar as is possible, is essential to a healthy Internet.
Been to Google+ lately? There are all sorts of pseudonymous accounts.
I simply don't trust myself to make a 100% secure server, as most should not be and are not qualified to do so. Why go through all the trouble and risk when a free alternate solution already exists?
Because some of the users that you want to serve disagree with the policies of one of the major authentication providers. For example, Answers.com isn't getting any answers from me because I have no Facebook account. (I graduated and lost my .edu mail before Facebook existed.)
There's all the room in the world to complain. A product is a product and taking to public venues to express your displeasure is how capitalism works. We all get upset because we recognize the initial symptoms of a death spiral at Google. Those of us old enough to have gone through a couple of boom-bust cycles know all to well what happens when the marketers gain the power to make product decisions. It always results in the demise of the company. We like a lot of the Google services that they're currently sabotaging, that's why it sucks. And if they keep on this road Google will go the way of Alta Vista and Lycos. Remember them? But, just like every stupid teenage male, Google thinks they're different and they'll be successful pulling the same shit everyone else failed at.
If everyone else eventually failed, and yet somewhere in their time of existence they managed to be successful, then what you are describing isn't failure.
It's called a business cycle.
And it's a cycle that usually breeds millions or even billions for the investors, so don't expect a fucking thing to change, regardless of eventual outcome.
Google+ is the account system for Google.
Google accounts were around years before Google+ profiles. Even if someone has a Google account, that doesn't mean he wants to create a public Google+ profile with his legal name.
Yep. This is the number one reason I've stayed away from Google+. It would be one thing if they just threatened to delete your G+ account, but they say they will get rid of your G+ account, your Youtube account, your Gmail account and any other Google account you have. Unfortunately they did manage to create a Nano Flower G+ account finally when I hit the wrong button when trying to use Youtube. So I'm at risk of losing my accounts just because Google kept trying to force us to create and eventually succeeded.
Use Google to search for an alternative you can use on your Android phone
So what handheld computer should I use if I want to write my own software but don't want Google
If you have an android phone/a youtube account/ or a gmail address you have a g+ account.
No, you have a Google account. Google is requiring certain users who already have a Google account to add a Google+ profile to their Google account and associate all activity on their Google account with their Google+ profile.
So glad I went the TTRSS route and just host my own news aggregator. .
just accept that RSS was a failed excrement
What alternative to RSS do you recommend for aggregating headlines from multiple sources without having to go through FB or TWTR or a comparable bottleneck?
I have yet to encounter a site that requires facebook
Spotify used to require it. Answers.com still does; its native authentication system is closed to new users.
Just use PolarisMail like me. 25 GB of space for $25 a year. It's the best deal I've found on the Internet, and George (the owner) is a top-notch developer and very helpful, too.
https://www.polarismail.com/Enhanced-E-mail-hosting-service/
Slashdot Valentines Beta Massacre: iT WORKED! The boycotts killed Beta!!
When google fucked us over Reader a while back I tried many options, including rolling my own. I found the best of all worlds in CommaFeed . It is open-source and Libre software, and available hosted too. I think it's better than Reader ever was with less frou-frou.
I'm currently using the hosted version and paying for it to support the developer (and hopefully forestall a Reader-like fate). But I keep a current copy of the code so i can roll-my-own if anything happens.
Youtube is now impossible to use... The comments sections have been rendered useless - or about as useless as a wet blanket.
I simply don't trust myself to make a 100% secure server
:)
Funny, neither do I - So why would I use your code (for some non-literal value of "you") instead of my own?
Only half kidding here. Yes, I understand why we should generally avoid rolling our own unless necessary. But don't assume that just because someone else has written it already - Possibly someone far, far less experienced and less knowledgeable about security best practices - That you'll end up with a better result with something off the shelf than DIY.
Why go through all the trouble and risk when a free alternate solution already exists?
Well, because as the entire point of TFA, the "free alternate solution" that already exists requires signing up for a service that quite a few of us actively do not want.
In the case of using Google or Facebook or Twitter or the like to handle your auth, you can probably ignore my concern from above about quality. But then we get into concerns about deliberate weaknesses for the purpose of collecting data about us for their marketing departments.
"The issue is that using "John Doe" as your name when it is not your name is in violation of their Names Policy [google.com], you are subject to having the account suspended or canceled. "
I solve that as I solve many things, by not giving a shit. It's the Internet FFS!
Providers of free services need not care about their customers, and their customers have no moral imperative to care about their rules. Fuck Google's "rules" with George Carlin's proverbial big rubber dick! If they become too cumbersome to conveniently avoid I'll dump Google as I dumped Yahoo and, long ago, AOL.
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
I've actually never run into a problem using adblock. NoScript, yes, but not AdBlock.
I remember when some BBSes would require a real name only (no handles allowed). Those were usually creepy, Christian only or honeypot boards.
It is pitch black. You are likely to be eaten by a grue.
The big part of that problem of course is being forced to hand over passwords. Where the hell do people think they have the right to ask for those? Don't we have privacy laws? Some states at least have banned the practice, but it's quite telling that people think they can ask for that information in the first place. It's like asking someone for a copy of their diary, or personal mail to their friends. Say what you want about Google, but they've (so far) had a damn good record of keeping your information private (and presenting ads to you based on it of course). I currently consider it a fair trade.
Software developer should NEVER try to roll their own authentication, just like they shouldn't try to roll their own encryption.
No. Authentication is far easier to understand. Proof of knowledge is simple to perform, and is new authentication protocols can be built from the cryptographic primitives with ease. I'm certain you have no knowledge in this area, if you had some experience creating authentication systems you would know the same advice for ciphers does not apply to authentication. It's true
Furthemore, today we lack a widely adopted authentication standard that provides revocation, and optional anonymity. There current major competing authentication standards are all laughable due to their reliance on the broken SSL trust graph. Firefox - settings - Advanced - Certificates - View Certificates - Hong Kong Post & CNNIC. These are root certificates that can be used by the Chineese government to create a "valid" cert for Google.com or Yourbank.com without those domain's permission. Together with an unsigned DNS root infrastructure the entire security system of the web is completely and utterly a security theater. Your route passes through there servers and you've still got a big green bar saying yourbank.com is secure when you've been MITM'd by the Chinese, Russians, Iran, Turkey, etc. Folks we are actively at "cyber war" with. I say this to illustrate the FACT: You MUST write your own authentication system, because EVERYONE ELSE who we thought COULD be trusted SHOULD NOT BE TRUSTED; They're all worse than morons, they've PURPOSEFULLY built a fucked up system.
HTTP AUTH already exists and is supported in every web browser. Since it asks for authentication before displaying any content it is the right direction (unlike EVERY OTHER AUTHENTICATION). However HTTP-AUTH is clunky and most redardedly HTTP and TLS do not know about each other so the nonce you send as proof of knowledge in the clear which could instead be used to key your TLS/SSL stream cipher DOES NOT do so.
All the well used existing authentication standards are fucking jokes. OAuth? Don't make me laugh: It's the best way to phish passwords EVER! Just make, say, a google or facebook login logo and have it redirect to a page that is not google or facebook to collect their password. Sure 2 factor exists, but it's not commonly used and even it has gaping huge holes.
So, what we need are PRE-REQUEST authentication systems. A browser plugin that detects you're about to visit a secured site (perhaps from its database of prior authentications) then it pops up the browser password dialog NOT ON THE PAGE and perform the secure handshake providing proof of knowledge of a key and another nonce to hash with you password [or HMAC(domain, pw) ] to generate a session cipher key and then immediately begin send encrypted data back and forth without any PKI bullshit needed at all since the endpoints already have a pre-shared secret with which to generate a session secret. The ONLY time you need Public Key crypto is when you register an account and establish the pre-shared key. That window is so small, and impractical since the shared key is not useful unless a permanently maintained MITM attack is performed on every connection attempt that it makes PKI hierarchy essentially moot (esp: considering that PKI is useless due to aforementioned explicit trust of enemy actors as roots).
Your advice to not create your own authentication system is the absolute WORSE advice you can possibly give since ALL prominent authentication standards are complete and utter rubbish. You at least have a CHANCE of creating something more secure than the blatant SECURITY THEATER that is everything else.
To be perfectly clear, this is infinitely better than everything else: Browser plugin asks for master password; For any domain, Domain GUID = HMAC( userID, domain ), HMAC( HMAC( Master PW + Salt ), domain + nonce ) = session cipher key; Send Domain GUID, nonce, and your encrypted data to the server.
why use a browser add-on that only works in one browser when the god damn hosts file works for everything on the system? I mean, just how hard is it to setup a hosts file now? Sure people aren't keeping the online versions updated but instead of bitching, why don't we get back to sharing the damn things and blocking shit that needs blocking?
Right now, I'm not blocking all of google's shit but once I migrate from Gmail (have to download a decade of messages), I'm going to be killing my account with them along with deleting all information they've accumulated (yea like they'll actually honor that). My ISP gives me a couple of GB of space for my email and I can accept some pretty large files if needed (will have to adjust settings). The only problem is the fact that I wont have as effective an anti-spam filter. About the only thing I like about Google now. Fuck em and the cockroach they road in on. I'll take my business elsewhere.
Mod me up/Mod me down: I wont frown as I've no crown
Last time I tried, I can't have an account under the only name I really care about ("seebs"). In theory they allow nyms, but in practice, I've never heard of anyone being able to get them to do this unless they're famous. Heck, I haven't even heard of anyone being able to get a non-form-letter response, or an opportunity to so much as write a single sentence in defense of their desire to be allowed to use a particular name.
So I do have a G+ account with a name they accept. It's not my name, but they've said at least once that it doesn't have to be your name, just a reasonably people-looking name. The real problem is, some people are uncomfortable if they see "fake names", by which they mean "names that don't follow a fairly conventional first/last name style and sound reasonably normal". So they aren't trying to solve the anonymity problem, they're trying to solve the problem of a few people getting uncomfortable when they see "handles" instead of "names". But not the problem of people getting uncomfortable when they're told they can't use the name they've been using for everything they do for the last couple of decades. Or the problem of people getting uncomfortable when their stalker has an easier time finding them.
Google wandered away from "don't be evil" a long time ago.
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
Now we're just waiting for YouTube to do the same....
I understand your point, if another way of saying it is like this:
No one wants their porn-video store membership linked in any way to their catholic church membership. Nor would anyone want their Sam's club membership linked to their gym membership.
Also you mentioned a healthy internet. Um, wtf is that? Is that the one where we can play mental dress-up or something? Why are so many people weary about their identity online, and at the same time, so many log into facebook as themselves, and log all of their personal lives' "data", daily. Such extremes.
Google bought YouTube, so the original design for YouTube is gone, dead, no more. Now Google is trying to link together all of it's possessions, and it only makes sense to utilize one authentication mechanism for all. It's silly that everyone wants things both ways, all the time, things just don't work like that. Just stop using YouTube if you don't like it. Currently, unless you want to comment, you can still watch all videos. Be thankful, because what if they drop YouTube access for anyone but members, as in, youtube.com just points you directly to the google sign in page. Just hope that Google never buys Facebook, or the other way around.
Politics; n. : A religion whereby man is god.
> Has the privacy disaster that is Facebook not once entered your brain after all these years?
For the eleventh time, nobody is forcing you to add any information you do not want to share. If you have G+ account with no information in it, that is pretty close to not having an account. Do not add any information to it that you do not want to be public. Is that really hard?
I find Feedly far more annoying for other reasons, like the incessant nagging every time I login to upgrade to Feedly Pro, both top-of-screen dismissible alerts, and non-dismissible stuff on the right side of the screen. It's one thing to have a premium service. It's another to repeatedly and constantly pester people about it.
Please help metamoderate.
Oh, it's much easier than that.
I just refuse to sign up for Google Plus.
Done.
Sig Battery depleted. Reverting to safe mode.
there is a lot of stuff on the net you simply can't get to with Adblock turned on).
Report the problem sites at the Adblock forum -- the people behind the extension & EasyList-type subscriptions really want to know about those incidents so they can tweak the filters to prevent that problem. (While Ican usually find a filter that's interfering with a site, I've now seen a few sites that detect Adblock's mere presence and refuse to load, so I'm guessing you mean that sort of trouble.)
Now mostly at Usenet:comp.misc & SoylentNews.org (it's made of people!)
Icebike is probably talking about the small minority of sites that are coded to detect Adblock's mere presence and refuse to load. Here's one error page (can't figure out which site it originally came from) that I noticed in my older browser history earlier:
https://adscendmedia.com/gateway_adblock.php?p=13727
Now mostly at Usenet:comp.misc & SoylentNews.org (it's made of people!)
Can't you just create a Goole+ Page instead? The things that organizations, companies, or clubs use? Then you don't need to use name that sounds like a person.
On the other hand, at least it's not Facebook.
There were actually quite a few verified cases where Google suspended or even purged accounts over the names policy. A few links I found from a quick search:
Wikipedia's "Nymwars" article names a few
Google Plus deleting accounts en masse
Limor “Ladyada” Fried's brief post on being suspended
Violet Blue: Too Much Unnecessary Drama
William Shatner's Profile Temporarily Removed From Google+
Last Iheard, Google was allowing obvious pseudonyms in the "also known as"type field, but still required a "realistic"name for the account. (I use a "realistic"pseudonym myself.)
Now mostly at Usenet:comp.misc & SoylentNews.org (it's made of people!)
A tool by others, like facebook or google login? Or maybe you meant a middle ground between reuse nothing vs. reuse everything?
I read the comment as not baking the pie from scratch when a good flour is on the grocery shelves. And if you grow your own wheat, you deserve the inevitable problems.
Let's have some balance and reason, I don't ask for anything unreasonable.
I stayed away from G+until recently for the same reason... Online I've gone by a few different handles, one of which matches the nickname I've gone by IRL since I was 10 years old -- just my first or first & last initials. Google+ doesn't accept that. I don't want to use my last name, because it's unusual enough to act like a "come harass me" beacon to an abusive ex-BF stalker I don't want any contact with.
Idon't buy that it's for those users' comfort at all, though... Google has been partnering increasingly with stores (which, based on my grocery store, then pester customers to link their G+and clubcard accounts), and when it comes to selling user data after gathering &cross-referencing it to get as much info as possible, real names are much more valuable than fake ones. Ithink that's the real reason Google wants us to use our "real"names -- not for civility or users' comfort, but because they can sell the cross-referenced grocery-shopping, app store purchases, home address, etc. of a "real"person for a lot more than they can sell just a pseudonym and a few purchases
Now mostly at Usenet:comp.misc & SoylentNews.org (it's made of people!)
So my kid wants her own tablet that she doesn't have to share for Christmas.
Until the latest google developments (google+ insistence, making KitKat basically a google services frontend), a Nexus 7 (old or new depending on budget) was a no brainer, because of the price.
Now she's going to get an iPad mini. I don't hold any illusions about better privacy, but at least Apple isn't trying to cram a social network down my throat on every login.
There's any difference?
When the OP has a cocky attitude and a capslock syndrome, yes it is.
Why are so many people weary about their identity online, and at the same time, so many log into facebook as themselves, and log all of their personal lives' "data", daily. Such extremes.
Because the 3 billion people online aren't actually 3 billion clones but actually different people?
Basically your question boils down to: why do different people do different things.
I think the answer should now be obvious to you.
SJW n. One who posts facts.
You should do what Google wants. What's the big deal? What's wrong with you?
Providers of free services don't need to, well, pretty much anything, but not everything is a free service, including some of those made by google and some that depend on google's authentication. Or facebook's, for that matter.
Over a hundred comments and still no mention of Mozilla Persona / BrowserID. It's the best of both worlds, saving you from having your own authentication system (and users from having another password to remember), while still not giving personal data to Google. It's dead simple to implement, why don't more websites do it?
PlusFive Slashdot reader for Android. Can post comments.
The surprise isn't that Google would push G+, it's that other companies are stupid enough to fall for it, although they seem to be doing the same with Facebook, so I guess it shouldn't be a surprise. I wonder at what goes on in the heads of management at these companies though.
For a medium sized Internet business like this, the biggest threat is that a company with a lot more budget than them will roll out a similar service and take all of their customers. The two companies most likely to do this are Google and Facebook. Microsoft might also try, but they don't seem to have had much success lately. So why on earth would you think that the best way of protecting yourself is to require that your customers already have an account with your potential competitor? If Google decides to add RSS aggregation to G+ (actually, I thought G+ could do that already?), then Feedly's business model is gone: all of their customers would have a G+ account that they need to log in to Feedly, and now they've got everything they wanted without using Feedly.
My only guess is that they think that Google will decide that they want to replace Reader and will buy Feedly instead of reimplementing it. Given that they still have the Google Reader code, and they're not short of people with experience developing web apps, this seems unlikely. The only reason that they'd want to buy Feedly would be to get the customer base but if Feedly makes all of their users get G+ accounts even this reason evaporates. Since their users would really be G+ users, there's also less reason for anyone else to buy the company.
I am TheRaven on Soylent News
Yes, I know, I can look it up on my own, but can somebody tell me what the fuck a "Feedly" actually is?
Reading comprehension problem, AC? "Feedly users, a lot of whom migrated from the now-defunct Google Reader". I never heard of Feedly either but that sentence explains it.
Sheesh, you guys are always ragging timothy and even when he posts an excellent summary, even using "whom" correctly, you still bitch. WTF?
Free Martian Whores!
The surprise isn't that Google would push G+, it's that other companies are stupid enough to fall for it, although they seem to be doing the same with Facebook
It's almost mandatory these days. My 26 year old daughter tells me I need a facebook account to pimp my book. Maybe I'll have her do it for me, I waste enough time at slashdot.
I signed up for G+ when it was invitation-only but haven't logged in in over a year. I found it pretty boring after a very short while.
I agree that making Feedly users log in via G+ is retarded. Someone must have had what my mom calls a "senior moment" (younger folks call it a "brain fart").
Free Martian Whores!
Grow up, kid.
Free Martian Whores!
Just use the geektools whois:
http://www.geektools.com/whois.php
Domain Name: STARTPAGE.COM
Registry Domain ID:
Registrar WHOIS Server: whois.networksolutions.com
Registrar URL: http//www.networksolutions.com/en_US/
Updated Date: 2012-05-31
Creation Date: 1997-10-11
Registrar Registration Expiration Date: 2018-10-10
Registrar: NETWORK SOLUTIONS, LLC.
Registrar IANA ID: 2
Registrar Abuse Contact Email: abuse@web.com
Registrar Abuse Contact Phone: 1-800-333-7680
Reseller:
Domain Status: clientTransferProhibited
Registry Registrant ID:
Registrant Name: SURFBOARD HOLDING B.V
Registrant Organization: SURFBOARD HOLDING B.V
Registrant Street: ATTN insert domain name here care of Network Solutions PO Box 459
Registrant City: Drums
Registrant State: PA
Registrant Postal Code: 18222
Registrant Country: US
Registrant Phone: 570-708-8780
Registrant Phone Ext:
Registrant Fax:
Registrant Email:
Registry Admin ID:
Admin Name: Beens, Robert
Admin Organization: Surfboard Holding BV
Admin Street: ATTN insert domain name here care of Network Solutions PO Box 459
Admin City: Drums
Admin State: PA
Admin Postal Code: 18222
Admin Country: US
Admin Phone: 570-708-8780
Admin Phone Ext:
Admin Fax:
Admin Email: fh7p922w7z5@networksolutionsprivateregistration.com
Registry Tech ID:
Tech Name: Beens, Robert
Tech Organization: Surfboard Holding BV
Tech Street: ATTN insert domain name here care of Network Solutions PO Box 459
Tech City: Drums
Tech State: PA
Tech Postal Code: 18222
Tech Country: US
Tech Phone: 570-708-8780
Tech Phone Ext:
Tech Fax:
Tech Email: fh7p922w7z5@networksolutionsprivateregistration.com
Name Server: NS1.P27.DYNECT.NET
Name Server: NS2.P27.DYNECT.NET
Name Server: NS3.P27.DYNECT.NET
Name Server: NS4.P27.DYNECT.NET
DNSSEC:
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of whois database: Sat, 09 Nov 2013 12:52:29 UTC
The Truth is a Virus!!!
I have[...] a vagina.
If you're not made of a polymer, you are far better than most here can hope for.
Amen - that social networking garbage is for the millennial's.... Google+ is big pile of dog cr@p! I hate the Google is turning into the next Microsoft - "use our stuff or die!" attitude. I shouldn't be FORCED into using their POS social networking cr@p if I don't want to use it. Many sites now are forcing you to use Google+ authentication now - I skip EVERY site that does - don't look back. People that have been forced to create Google+ accounts should post very derogatory stuff about Google there, state what a big pile of dog cr@p G+ is. Maybe they will get the friggen hint!
The Truth is a Virus!!!
Just use Tiny Tiny RSS.
We'll never make it.......oh! we made it! http://www.youtube.com/watch?v=SWf3iJjqYCM&list=FL7kKrE4eTs17mQl7eyvJIOg
Yep, same here
I "noscript block" anything coming from google, block cookies, and only allow them when someone finally calls me to say "hey I sent you an email why don't you answer ?"
I temporarily then accept the cookies, check the mail, block and clean again
I unfortunately have many mails there, but more than that, it's the way I'm supposed to be reached for important notifications, or, say, recover a lost password (from slashdot among others)
So it will take some time, but, I'll be closing this account with great satisfaction soon enough
I guess that explains all of the new google+ accounts named FeedlySucks1, FeedlySucks2, etc.
'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
I've gone from having an easy to manage YouTube account, to now having a Google account, with no Google+ page and no YouTube account, but which is linked to my old YouTube account, which now has a new Google+ page, but no Google account. I'm not sure how to manage these pages and accounts, and I'm not even allowed to comment on my own videos on YouTube anymore. I hope this will eventually result in an absolute mind-fuck of introspection for the Google design team.
Signature intentionally left blank.
If you follow a bunch of smaller-scale news or opinion websites that don't necessarily update every day, it can become harder to check them all.
So what handheld computer should I use if I want to write my own software
An iOS device
The privilege of writing my own software for an iOS device would cost $748 to replace my current computer with a sufficiently recent Mac mini and buy an iOS developer license plus $99 for each additional year to keep my programs from stopping working at the end of the year.
a Windows phone/tablet
I was under the impression that Windows Phone 7 and Windows Phone 8 had a similar developer license business model to iOS. In fact, Apple copied the price ($99 per year plus 30% of sales) from a Microsoft product in the first place; I can give details if you want.
And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.
Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man; and his number is Six hundred threescore and six.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
The transition can be pretty easy. The first step is to forward your gmail somewhere else - either all of it, or using specific filters. Specific filters are more versatile. You can also use ! not expressions.
Then work on getting the senders to use an alternate destination address.
Gmail is nice for holding and searching my archives of mailing list traffic. I would like to continue using it for that, but the rate of bullshit changes is growing, so I don't think it will be viable for much longer.
Another gmail tip is to use the basic html interface, and no javascript. The really great thing about that is that it isn't constantly changing with the up-sell gimmick fad of the week. Try explaining to your 83 year old grandparent why google keeps changing their gmail interface.
Using one service to describe another service is doing a huge no-no in definitions. Namely using the term you want to define in the definition. So in this example, what if you have no idea what Google Reader was? That is a total assumption on TFS editor's part. I certainly had no idea what either was until I went to the site and did a bit of investigation.
This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
After a long and thorough search, I chose InoReader to replace Google Reader. The UI is quite similar, clean and to the point, but with some neat extra bells and whistles. There are many authentication options. Data can be easily moved in and out. Highly recommended.
In order to perform certain actions on Facebook with a non-edu e-mail account, or in some cases just to log in, a user needs to verify an account by linking a unique mobile phone number, shared by no other Facebook user, that can send and receive SMS text messages. This costs money if a user uses a land line or a wireless phone that can't text (such as several landline-replacement adapters sold by wireless carriers), if there are fewer mobile phones in a household than Facebook users (my cousin's case), or if the user is on one of the pay-per-text plans typical of low-minute plans intended to replace payphones (my case). I am not the only affected person. Google facebook roadblock phone to see others.
Free was not one of your original criteria.
I apologize for the omission. Or did you consider $748 for the first year plus $99 for each additional year a reasonable part of a device's total cost of ownership for hobbyist developers?
However, all the necessary Microsoft tools for developing for Windows phone are free
It requires a Microsoft account. That might be acceptable if Microsoft requires less personal information than Google requires. Is this the case?
It also requires Windows 8, which people might not already have for one of at least four reasons. The first is people who use Linux on a PC built from parts to avoid buying Windows in the first place. The second is people who bought a computer prior to Windows 8's general availability on October 26, 2012, and haven't yet dropped $120 (source: microsoftstore.com) on upgrading from Windows 7 to Windows 8. The third is people who prefer the user interface of Windows pre-8 and are unaware of Classic Shell. And the fourth is Mac owners. True, Mac owners are more likely to buy an iPhone, but a Mac owner might consider buying a Windows Phone 8 phone to avoid the $99 per year fee associated with running one's own software on an iPhone. Or are only an insignificant number of users affected by these four cases?
More importantly, this is a non-news story since they have since rolled back those changes.
They rolled back because of the huge negative reaction. That is the story.
Software developer should NEVER try to roll their own authentication, just like they shouldn't try to roll their own encryption.
It depends on what you mean by "roll". For both authentication and encryption, I think that it is wise today to use solid tools developed by experts (ideally open source tools), but to deploy your own system in order to keep your data (keys, passwords, etc...) under your control.
Apparently.
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
My eyeball time.
I have nothing to lose but my bindings.
"A tool by others, like facebook or google login?"
No, I meant tools like Authlogic and Devise.
Your authentication should be at a low level or you're wasting your time. And given a choice, I would never build a site to use 3rd-party authentication. I don't like what those 3rd parties do with customers' information.
You talk about encryption for all this, but neglect trust. You complain about not being able to trust the root CA's, but who can you trust? When I connect to
EFF
Slashdot
Reddit
Email provider
Bank1
Bank2
Secret Message Board
How do I establish trust? Will I have to establish trust with every browser (desktop/laptop/mobile/friend/work) I use?
Will I have to establish OUT OF BAND trust with every browser (desktop/laptop/mobile/friend/work) I use?
My goodnes, I loved your answer.
No. Authentication is far easier to understand. Proof of knowledge is simple to perform, and is new authentication protocols can be built from the cryptographic primitives with ease.
As long as you don't do things like store passwords as plaintext or simple hashes without salts :)
Even if sites did only that, you have a win for DIY compared to using authentication providers: compromise the one account, and only that one account is screwed. Compromise a Facebook login, and oooh, what trouble that is!
There current major competing authentication standards are all laughable due to their reliance on the broken SSL trust graph. Firefox - settings - Advanced - Certificates - View Certificates - Hong Kong Post & CNNIC. These are root certificates that can be used by the Chineese government to create a "valid" cert for Google.com or Yourbank.com without those domain's permission. Together with an unsigned DNS root infrastructure the entire security system of the web is completely and utterly a security theater. Your route passes through there servers and you've still got a big green bar saying yourbank.com is secure when you've been MITM'd by the Chinese, Russians, Iran, Turkey, etc. Folks we are actively at "cyber war" with. I say this to illustrate the FACT: You MUST write your own authentication system, because EVERYONE ELSE who we thought COULD be trusted SHOULD NOT BE TRUSTED; They're all worse than morons, they've PURPOSEFULLY built a fucked up system.
I don't know how much everyone has been failing to notice how comprised the Public Key Infrastructure has been getting lately. I guess it's too much of an eye-glazing subject. Whatever it is, people are not catching the implication of bad actors' being able to impersonate CA's: we're screwed!
HTTP AUTH already exists and is supported in every web browser. Since it asks for authentication before displaying any content it is the right direction (unlike EVERY OTHER AUTHENTICATION).
Not to mention that HTTP digest authentication has the nifty property of being able to work reliably even over an unencrypted connection. Too bad that MITM is so easy into plaintext streams, but that method is a start.
So, what we need are PRE-REQUEST authentication systems. A browser plugin that detects you're about to visit a secured site (perhaps from its database of prior authentications) then it pops up the browser password dialog NOT ON THE PAGE and perform the secure handshake providing proof of knowledge of a key and another nonce to hash with you password [or HMAC(domain, pw) ] to generate a session cipher key and then immediately begin send encrypted data back and forth without any PKI bullshit needed at all since the endpoints already have a pre-shared secret with which to generate a session secret. The ONLY time you need Public Key crypto is when you register an account and establish the pre-shared key. That window is so small, and impractical since the shared key is not useful unless a permanently maintained MITM attack is performed on every connection attempt that it makes PKI hierarchy essentially moot (esp: considering that PKI is useless due to aforementioned explicit trust of enemy actors as roots).
What a dandy idea! Whare it is a terrible idea it would be, though, the browser plugin is specific to only one browser, especially a notoriously insecure one. How are you at writing RFC's? I wouldn't be happy with such a solution unless it could work in cURL.
Funny, if you go a museum that covers the history of secure communications, you see what a huge difficulty the key-distribution problem has been. The PKI is a nice way around that, but as we've seen, we need to find how to minimize our reliance on it.
HI. I have an online identity that a few thousand people know me by (It's a pen name). I have a few stalkers of that identity too. Creepy fanboy types. I'd very much like to use G+ to post things having to do with that identity, but I'm not about to put my real name out there attached to that pen name. So the mere act of having a real name attached to G+ is information I don't want out there. I also have 0 desire to have my account taken down due to real name policy. It's easier to just use a tumblr or twitter or blogger than dealing with account suspension.
So, in short, fuck you.
This is exactly what I'm doing :)
Well, submitter and editor were both probably writing for slashdot regulars; there were iirc dupes of the reader shutdown when it was posted. Granted, not very n00b-friendly, but gees, NERDS. We act like nerds and other nerds act like nerds by criticizing us for acting like nerds. Meanwhile, where are the comments about the actual topic? Which isn't about timothy's editing abilities (jees, he's not an english major, he's a NERD).
Free Martian Whores!
Accounting for the cost of the computer is disingenuous. There are multiple platforms and operating systems and no matter which one you choose others will be incompatible with it.
I plead guilty to having overstated the expected price of a Mac. If only 10% of households have a Mac, then there's a 90 percent chance that one does own a Mac. So instead of $650, I should have used an expected value of of 0.90 * $650 = $585 as the average cost for a Mac mini between me and the proverbial next guy.
No one said they should roll their own. There are plenty of existing authentication frameworks they could have just deployed. The point is that they used a third party SERVICE, not just software/protocol.
I left alone my mind was blank
I needed time to think to get the memories from my mind
What did I see can I believe that what I saw
That night was real and not just fantasy
Just what I saw in my own dreams were they
Reflections of my warped mind staring back at me
'Cause in my dreams it's always there
The evil face that twists my mind and brings me to despair
Yeah... !
The night was black was no use holding back
'Cause I just had to see was someone watching me
In the mist dark figures move and twist
Was all this for real or some kind of hell
666 the number of the beast
Hell and fire were spawned to be released
Torches blazed and sacred chants were praised
As they start to cry hand held to the sky
In the night the fires are burning bright
The ritual has begun Satan's work is done
666 the number of the beast
Sacrifice is going on tonight
This can't go on I must inform the lord
Can this still be real or just some crazy dream
But I feel drawn towards the evil chanting hordes
They seem to mesmerize... can't avoid their eyes
666 the number of the beast
666 the one for you you and me
I'm coming back I will return
And I'll possess your body and I'll make you burn
I have the fire I have the force
I have the power to make my evil take it's course
Google Plus is if the is search engine that I created Google stoled it um from me and the the thing they call Google Plus am I at date my blog or anything I update Googles have a lawyer working on it as we speak
Which is your favourite? Mine is the one that goes thum-diddle-umm-diddle-um-diddle-um-thrum a bit and then goes widdly-widdly-widdly quite a lot.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
They're using the nasty, loathsome, combatative aspect of YouTube comments to justify this requirement. Because, real names mean people have to stand behind their comments, yadda yadda yadda blah blah blah. They could have easily given us the means to globally delete objectionable posters from our youtube on an individual basis, but that would have been too simple, and wouldn't have led to very much exploitable personal information.
It's impossible to anticipate every angle for how they're going to exploit your information when they've got a whole office building filled with smart motherfuckers whose full-time job is thinking up new angles.
They didn't force us to use Google Plus before now, yet they made enough money to fill Scrooge McDuck's swimming pool. They're changing the terms of the arrangement in a way that will make users more vulnerable to everything from trolls to stalkers to idenity thieves, and have Google positioned to take our information in a more comprehensive and intrusive way. All the time they're telling us they're doing it to deal with trolls, but they could have easily allowed us to globally remove offending users from our youtube with a couple of clicks.
As a 55 year old male attic dweller, I'm not worth stalking, and my identity isn't worth stealing, but I feel bound by a sense of community not to bend over for the GOOGLE PhalLUS, Migrating is going to require archiving seven years of Gmail, and about 200 youtube uploads, finding a new blog host and possibly learning some blogging software. I am annoyed, especially when corporate fanboys tell me I have no right to complain because Google didn't charge me moiney for allowing them to put ads on the videos I uploaded that got a third of a million views.
It's important to understand that the Google user isn't the customer. We're the product, which Google sells to advertisers. The advertisers are the cusomer, and they want MOOOOORE INFORMATION. And the customer is always right.
> You should do what Google wants. What's the big deal? What's wrong with you?
In exchange for creating a G+ profile, Google offers many services. Some of us think that is a fair transaction. We don't put anything in the G+ profile we don't want shared with the rest of the world. Many of us are willing to live with this compromise.
Nobody can guarantee your privacy online. Not Facebook, not Apple, not Microsoft and not Google. If you don't want something shared with the world. Do not put it up there. Once you start treating all of these as equally insecure places, then you'll start to wonder why people are bitching about one in particular.
I don't block ads. I wouldn't dream of depriving a site of that revenue. You want my real name? Fuck you. But I NEVER block ads.
I recently read that Facebook collects data on users from posts of other users, and from other websites. So much for "just don't add any information you don't want to share".
But it's more than that. The point of Gmail is that it unites all your google services. If you've been using google services exclusively for eight or nine years like I have, that's afholy fuckload of information, assembled and organized. I don't think we can can really anticipate what that all adds up to.
I'm not saying that they're forcing you. I'm saying you're a severely an idiot if you take the deal, and you should anticipate more pressure. IIf you're using Gmail, the time to shop for a new provider is now.
Exactly. Nobody needs a Youtube/G+ account to watch Youtube.