If it doesn't happen, then good. The encryption is doing what it's supposed to do.
(I've seen brochures for products that can MITM encrypted Bittorrent connections in order to log what's being transferred, so yes, people will take advantage of weak encryption if it's easy enough to do so.)
Andrews & Arnold would be my guess. Though I'd prefer to describe things like rDNS delegation as something that any non-crap ISP will do, rather than geeky extras...
That's not the problem the GP is talking about. The problem is the default configuration of the browsers most people are using.
People who know what they're doing can change the configuration or seek out alternatives. However, in order to become a "person that knows what they're doing", you need to start somewhere. How are people ever going to learn about URLs if you munge the address bar?
They don't: dom.disable_window_status_change is true by default in Firefox. Google changes the actual destination of the link when you click on it. You can see it in action if you click and hold the mouse button (and if you drag the mouse off of the link before letting go of the mouse button, you'll note that the link destination stays set to Google's redirector.)
Personally, I disable Javascript on google.com with YesScript (which causes them to serve the plain HTML version of the search results, which has the outbound tracking addresses in each link from the start) then use this userscript to rewrite the links:
for (let link of document.querySelectorAll("a"))
if (link.href.match(/\/url\?q=([^&]+)/))
link.href = decodeURIComponent(RegExp.$1);
And then you end up either with an i7 4770 which has a locked multiplier, or a 4770K which doesn't do VT-d. Then you realize that there is no Intel CPU that'll do both. So then you start looking at AMD, in the hope that they don't pull shit like that with their CPU models. And then you're way over your hour or two budget.
I received this email earlier today. It made no mention of the fact that generating new SSL certificates for certificate authentication on their website broke years ago, and nobody could be bothered to fix it. It's still broken, in fact. I'm guessing their decision to shut it down was more out of apathy than anything else.
I found this: Solar power in Vermont which suggests a ratio of 7-8x is about reasonable. (Vermont is at 44 degrees north, Germany is at about 50 degrees north; I'm not sure how big a difference that makes.) By that estimate, Germany's July production would translate to about 7.5 * 5.1 TWh = 38.25 TWh in a year.
Which, interesting, is almost exactly the amount the nuclear plant in the great-grandparent post produces per year.
No, but the graph is from a German exchange. It's reasonable to expect most of the traffic over it to be German or European, where it was 1 AM. (Especially the Google part of the traffic, since they geolocate more of their traffic than pretty much any other company.)
No, they aren't. You can uniquely identify TCP/IP flows using the combination of source IP/port, destination IP/port and the protocol. In other words, you don't need to create a new local port for each probe; you can just look at the address/port the return packet comes from.
I can't help but think that being at 1 AM might have affected the size of the drop a bit, as might have averaging the two minute drop into a pixel representing a 5 minute time period.
Normally I would just sigh and move on when I see this, but you wrote "American's" three times in a single paragraph so I felt it warranted saying something.
It's "Americans". This word, like pretty much everything else in English, pluralizes without an apostrophe.
Can't say I had. It's not really what I want in a browser, although keyboard access to more functionality is nice. If I could get it to not take over the UI, status bar and a bunch of keyboard shortcuts, and only show up when I hit:, I might be more likely to leave it installed.
I had this experience too. I managed to get it running with a single X session, but XRandR only supports one "screen" (in X11 terms) per GPU, which means that you can drag windows between monitors on the same GPU, but the monitors on the other GPU are separate and you can't drag windows over to them. (Here's a corroborating mailing list post.) Window dragging works with Xinerama (windows maximized properly etc), but Xinerama doesn't work with 2D hardware acceleration, so you lose that.
Even with Xinerama, I still found some oddities. Menus in some programs (I guess probably "in some toolkits") would open aligned with the top of my smallest monitor -- if I maximized a program on my main monitor and tried to open the menu for it, the menu would show up a couple of inches away from the menu bar. XFCE's system menu on smaller monitors would try to open aligned with the top of the biggest monitor. The mouse behavior in the corners of monitors was terrible (either the mouse went into the dead zone, or it jumped several inches to fit onto the smaller monitor, depending on whether I was using Xinerama or XRandR), making it really difficult to hit anything in a corner.
None of this stuff happens on Windows. It just works. I don't have to give up 2D acceleration. And that's with XP, which is almost a decade older than the Linux version I was testing with. I was expecting the same from Linux, but... nope.
On the plus side, while writing this post I discovered that XRandR 1.4 is a thing now, and apparently it does include support for multiple GPUs. Maybe this stuff will actually work now.
Sixth: From the article: "In this vein, there is a discussion of removing the Add-on Bar completely, killing user-created custom toolbars, and having the main toolbar feature a dedicated area for add-on buttons and widgets instead."
Slashdot Mirror
If it doesn't happen, then good. The encryption is doing what it's supposed to do.
(I've seen brochures for products that can MITM encrypted Bittorrent connections in order to log what's being transferred, so yes, people will take advantage of weak encryption if it's easy enough to do so.)
No-one has a medical need to be in a wheelchair either. Wanting to get around without being carried does not count as a medical need.
On the other hand, y'know, maybe it does. As does needing a recording device due to memory-related issues.
You aren't turning the filters on. If they were on, access to non-BT DNS servers would be filtered.
Andrews & Arnold would be my guess. Though I'd prefer to describe things like rDNS delegation as something that any non-crap ISP will do, rather than geeky extras...
That's not the problem the GP is talking about. The problem is the default configuration of the browsers most people are using.
People who know what they're doing can change the configuration or seek out alternatives. However, in order to become a "person that knows what they're doing", you need to start somewhere. How are people ever going to learn about URLs if you munge the address bar?
They don't: dom.disable_window_status_change is true by default in Firefox. Google changes the actual destination of the link when you click on it. You can see it in action if you click and hold the mouse button (and if you drag the mouse off of the link before letting go of the mouse button, you'll note that the link destination stays set to Google's redirector.)
Personally, I disable Javascript on google.com with YesScript (which causes them to serve the plain HTML version of the search results, which has the outbound tracking addresses in each link from the start) then use this userscript to rewrite the links:
for (let link of document.querySelectorAll("a"))
if (link.href.match(/\/url\?q=([^&]+)/))
link.href = decodeURIComponent(RegExp.$1);
And then you end up either with an i7 4770 which has a locked multiplier, or a 4770K which doesn't do VT-d. Then you realize that there is no Intel CPU that'll do both. So then you start looking at AMD, in the hope that they don't pull shit like that with their CPU models. And then you're way over your hour or two budget.
We may not be able to save Nokia, but maybe we can save the next company that would've fallen victim to this.
Any idiot can look at the code
But not if it's closed. Being open source may not be a magical panacea, but it is a prerequisite.
I received this email earlier today. It made no mention of the fact that generating new SSL certificates for certificate authentication on their website broke years ago, and nobody could be bothered to fix it. It's still broken, in fact. I'm guessing their decision to shut it down was more out of apathy than anything else.
There has to be more than 700 people who consider that to be simple.
I found this: Solar power in Vermont which suggests a ratio of 7-8x is about reasonable. (Vermont is at 44 degrees north, Germany is at about 50 degrees north; I'm not sure how big a difference that makes.) By that estimate, Germany's July production would translate to about 7.5 * 5.1 TWh = 38.25 TWh in a year.
Which, interesting, is almost exactly the amount the nuclear plant in the great-grandparent post produces per year.
No, but the graph is from a German exchange. It's reasonable to expect most of the traffic over it to be German or European, where it was 1 AM. (Especially the Google part of the traffic, since they geolocate more of their traffic than pretty much any other company.)
You're assuming they wait for one host to respond before starting to probe the next host. That is not a reasonable assumption.
No, they aren't. You can uniquely identify TCP/IP flows using the combination of source IP/port, destination IP/port and the protocol. In other words, you don't need to create a new local port for each probe; you can just look at the address/port the return packet comes from.
http://loopsofzen.co.uk/
I can't help but think that being at 1 AM might have affected the size of the drop a bit, as might have averaging the two minute drop into a pixel representing a 5 minute time period.
Not to mention the "For For $80".
Normally I would just sigh and move on when I see this, but you wrote "American's" three times in a single paragraph so I felt it warranted saying something.
It's "Americans". This word, like pretty much everything else in English, pluralizes without an apostrophe.
Can't say I had. It's not really what I want in a browser, although keyboard access to more functionality is nice. If I could get it to not take over the UI, status bar and a bunch of keyboard shortcuts, and only show up when I hit :, I might be more likely to leave it installed.
No, I'm saying that browser.tabs.onTop (and the associated functionality of displaying the tab bar below the toolbar) will be removed.
Yeah, I tried that and it mostly worked. Though there are a few issues.
Hopefully implementing Small Icons mode and an Add-ons Bar will be as easy...
Just like Tabs on Top, right?
(browser.tabs.onTop is being removed when Australis lands, which I guess will be in Firefox 25 or 26.)
I had this experience too. I managed to get it running with a single X session, but XRandR only supports one "screen" (in X11 terms) per GPU, which means that you can drag windows between monitors on the same GPU, but the monitors on the other GPU are separate and you can't drag windows over to them. (Here's a corroborating mailing list post.) Window dragging works with Xinerama (windows maximized properly etc), but Xinerama doesn't work with 2D hardware acceleration, so you lose that.
Even with Xinerama, I still found some oddities. Menus in some programs (I guess probably "in some toolkits") would open aligned with the top of my smallest monitor -- if I maximized a program on my main monitor and tried to open the menu for it, the menu would show up a couple of inches away from the menu bar. XFCE's system menu on smaller monitors would try to open aligned with the top of the biggest monitor. The mouse behavior in the corners of monitors was terrible (either the mouse went into the dead zone, or it jumped several inches to fit onto the smaller monitor, depending on whether I was using Xinerama or XRandR), making it really difficult to hit anything in a corner.
None of this stuff happens on Windows. It just works. I don't have to give up 2D acceleration. And that's with XP, which is almost a decade older than the Linux version I was testing with. I was expecting the same from Linux, but... nope.
On the plus side, while writing this post I discovered that XRandR 1.4 is a thing now, and apparently it does include support for multiple GPUs. Maybe this stuff will actually work now.
Sixth: From the article: "In this vein, there is a discussion of removing the Add-on Bar completely, killing user-created custom toolbars, and having the main toolbar feature a dedicated area for add-on buttons and widgets instead."
Heh. "Discussion". This is what discussion means.