What threats do you think encryption will actually protect you from? If a browser transparently encrypts data as it is stored and transparently decrypts data as it is read then it's not going to help in any way at all if site A writes something and malicious site B reads it. It'll be plain text by then.
Perhaps it could stop a drive by somehow uploading the file. But that's why browsers randomize their storage paths to begin with so that's already covered.
So maybe it will stop a trojan or malicious plugin with local OS access (thereby able to search down random paths) from reading the file? Well not really since if a trojan can steal the file it can also steal the encryption key the browser used to scramble the file. Or it could log keystrokes to capture the user password used for the same purpose.
So basically encryption is basically false security. The old adage that a chain is as only strong as the weakest link applies here. Maybe encryption would be the icing on the cake but FAR more pressing would be making cross domain storage as stringent and secure by default; preventing cross domain access without explicit policy; enforcing limits on the amount of storage any site can use; setting small default limits to discourage sites dumping data to it; providing sensible management tools for the user to clear / delete / change the size limits globally or per site; providing preferences to expire / clear out data on exit or by age; and just generally testing this stuff within an inch of its life to ensure it is performant and secure.
I think the PS2 / PS3 originally supported another OS more as a tax ruse than anything else, to sell their consoles as computers and therefore avoid import duties in Europe.
Even so, I think the Linux for PS2 didn't worry Sony for a couple of reasons - 1) it was very expensive to buy the Linux kit (£120 IIRC for the DVD, hdd and keyboard) and 2) the bios could not be flashed. So the chances of using it as a successful crack were pretty low.
With the PS3 and Other OS, Sony relied on a hypervisor to protect the firmware because if the firmware were flashed the PS3 could be owned in software. So when viable hypervisor exploits began to appear and via Other OS, was clearly only a matter of time before the feature would go. Someone would have eventually perfected a bootable DVD which did nothing more than run the exploit and install the custom firmware.
So it's a hardly surprising turn of events. And while Sony did it purely to protect their multi billion platform, there are reasons for console owners to be glad they did too. After all, if piracy and cheating became endemic then the platform would have turned into a sea of shovelware shit because the margins wouldn't be there for publishers to try any harder. A bit like what happened with the DS and Wii.
Yes and you can skip it. As many people doubtless do. If you bothered to read the tracking preference draft spec you would see it is meant to represent an explicit user preference with a default behaviour of "unset". By defaulting to something else Microsoft have broken the spec and emasculated it. They could have posed the question in the setup and if the user skipped the question, then abide by the spec and use the default unset value.
The decision they were making has managed to destroy the do not track function entirely. Second, just because you Mr Anonymous Coward wanted that setting is by pure luck since they didn't bother to ask. Most people probably don't care as much as you do about the setting, and most people if they did care would appreciate a straightforward "Do you want to enable tracking question?" to make the choice explicit.
I expect Apache "sided" with advertisers is because they recognized the brokenness of a privacy setting which the user did not consent to. It would be very easy to fix and make the preference an explicit user choice.
MS did plenty wrong. They subverted an explicit user preference that said DO NOT TRACK by turning it on by default thereby eliminating that explicit preference and any reason advertisers might choose to honour it. They would have been better off to pose the explicit question during setup and if the user skipped the question then assume enable.
It was MS giving me what I want, and the Apache Software Foundation siding with the advertisers against me. Don't try to spin it into something different.
No. It was Microsoft making your decision for you, making it entirely justifiable for advertisers to ignore the preference entirely since it doesn't represent your preference. And more likely it had squat to do with them championing privacy and more to do with screwing over Google and other advertisers.
I'm sure a browser could pose the question with some information the first time the browser is launched to make the preference an explicit user choice.
I don't know why you're marked a troll. Many games and other apps pay no attention to the Windows dpi settings, metrics or theme engine. If the resolution increases they'll look proportionately smaller by comparison.
In the old days this increase in resolution was typically cancelled out by the fact that the higher the res, the larger the monitor typically was. But now we're talking about 11-12" laptops packing in the pixels that you wouldn't even see in a 27" display. I wouldn't be surprised if there are a lot of problem apps, especially games and it's bound to take a while to shake out the issues.
I think everyone is aware that CVS and Subversion are centralized and that the pristine copy refers to a snapshot.
But checking out directories is a useful feature and it does no good to deny it. For example the company might use Subversion for documentation storage and someone might only be interested in one folder and Subversion supports that. For documentation and other forms of binary content the whole idea of decentralization is highly questionable since its not like merge tools will make a good job of a spreadsheet or a diagram or even a word doc so the whole staging, pushing and pulling is largely redundant overhead.
For source code or text content it is another matter and Git is clearly a better choice in most scenarios.
Can't blame the tool for that. Git makes it easy to merge and that's 90% of the battle.
I have to do periodic merges between CVS branches and I have to set aside several hours to do it thanks to all the tagging that has to go on before and after the merge to ensure it happens properly. The fact it takes so damned long it discourages me from doing it more often.
For a long time the EGit plugin for Eclipse sucked balls but it is at a point now where it's pretty easy to use at least for the day to day workflow. As a general rule though don't mix command line git and Egit on the same project at the same time because it can get confused. I often see msysgit get confused by line endings, regardless of what line ending conversion settings or gitattributes are in the project after Egit has been at the files.
On the flip side, Subversion stores a pristine copy of every file to avoid a network round trip when doing stuff like diffs. So if you have a 500MB working directory, it's backed by another 500MB worth of pristine copy. A typical Git clone can hold the entire history of the project in less space than that because it is packed down during the clone operation.
But definitely the ability to check out just a few folders or files is an advantage of CVS and Subversion. Git forces everything to be cloned although you can avoid dragging down the entire change history. Submodules are Git's way of decomposing projects into smaller ones and they tend to be hit and miss.
TortoiseGit puts a nice UI over Git that does pretty much everything in the normal developer workflow. I'm not sure why you would be rebasing so much since that would typically be a final act for a large, long lived branch that you intended to squash and make relative to the head of another branch prior to merging it over.
I think you're just twisting to avoid the obvious point. An adequate gaming PC costs more than a console and yet piracy is endemic. Because PCs are an open platform and lack any adequate form of copy protection or DRM. Thus piracy is higher as can be seen just by visiting any torrent site and observing the number of seeds for popular games.
The issue here (aside from the differences being more subtle) is how does this master bookz distributor obtain 5 copies of the same book without them being in the wild in the first place? Does he solicit people to send him books or upload them somewhere? Remember if the books are in the wild you are screwed.
So you have to upload your book to somewhere secret where you trust and hope Mr Bookz will will strip out your id. And if your uploaded book does leak into the wild (because Mr Bookz is an asshole or incompetent about stripping the id), you've just incriminated yourself for no reason. If there is a book in the wild already why risk uploading another copy at all? Why even buy a copy in the first place if you are uploading books and therefore not especially concerned about the ethics of piracy?
Of course I suppose 1000 people could crowd compile a book, each submitting a page each to produce a frankenbook from the pieces but it would still have to be canonicalized in case the markup, contents, style rule names embedding the id somehow. Perhaps the frankenbook would hash each canonicalized page and the pages that have the same hash are used when the book is stitched together.
But for all the effort maybe it's easier to scan the paper book in the first place, or hook up a cracked Kindle / Nook / tablet to a flat bed scanner or a screen capture device and make extensive use of analogue hole to strip out most of the watermark.
Throw some extra spaces here or there where it doesn't matter, use similar characters like the different forms of apostrophe or hyphens, twiddle the underlying markup, add unused style rules or inconsequential differences in styling. You could easily find enough bits in there to to "watermark" a book without it being obvious. You'd practically have to canonicalize both books and do a comparison and keep working on the canonicalizer until the results were the same. Chances are by that point that the book would be mangled out of all recognition.
Someone would have to possess an another copy of the same book (more or less defeating the point of sharing the their own and incurring a personal risk) in the same published form in order to even know that the differences were intentional. Even then it doesn't make them easy to remove, if for example style names or other marks in the book were randomized.
Similar measures would have easily found the culprit of a mass leak of information like wikileaks. Every page could contain 1 bit of variation based on the user's id and the result page. Each bit you could glean from a page would cut the search space of culprits in half so you'd nail the perp in no time. Even if the document was canonicalized it cannot strip out all the ways that this bit of variation could be sent and wikileaks would be extremely unlikely to be in possession of two independent copies of the same document to even know what to look for.
The custom firmware scene for the PS3 is background noise. Practically non existent by comparison to other consoles. And of course it would have been vastly worse if Sony had sat by and done nothing whatsoever.
As for it being "expensive", most PCs are more expensive again. Guess which platform suffers worse piracy. Cost has nothing to do with it so much as lack of copy protection or circumvention controls.
I played around with Yellow Dog Linux on the PS3. It provided a full GNOME desktop but it really wasn't very fast. The PS3 only has 256MB, an inline CPU and was sitting over a hypervisor which blocked access to the 3D GPU. I think in time someone might have been able to put those SPUs to work to accelerate the graphics to some degree (e.g. mesa over SPUs, video decoding). Maybe someone would have made a dist that booted into a front end for playing arcade / SNES / Sega / Atari / C64 / PS1 games or MythTV.
But OtherOS really never attracted a whole amount of interest before the threat of removal became a reality. Then people who never used it were whining to the high heavens about evil Sony. Of course Sony was just protecting their platform - removing an esoteric feature which was massively exploitable. I expect the PS3 would died a death if piracy had taken hold and one way to ensure that was to leave OtherOS in there.
That's the real world for you. Sony were faced with two choices:
Watch their multi billion investment and revenue model go to shit as a viable exploit allowed people install to custom firmware primarily to play warez. Even if the exploit were experimental to begin with but you can guarantee that it would be perfected to the point that burning and booting from an ISO would root a PS3. Even if Sony patched this exploit there would likely be another, and another, and another.
Take out OtherOS and thus the entire risk and endure some whining from people, most of whom never used it in the first place and probably never would have either.
It sucks it was taken out (and I had used it myself BTW). But what would have sucked a LOT more is seeing the console I spent a lot of money go into terminal decline as it became a wasteland of shovelware shit because piracy was endemic. Or if the multiplayer was taken over cheating bastards and griefers thanks to modded firmware.
Given that the PS3 was the least pirated console of this generation by a large margin I would suggest that Sony got something right even if they angered some people in the process.
I'm not sure I trust Sony not to be an asshole regarding DRM. It doesn't have that good a track record. It is a good bet the moment the marketing hype dies down, and the stock holders start pressing, they will tighten their DRM.
I expect Sony's gameplan is to push really hard on PSN+ and digital downloads (which are non transferrable) with the expectation in the fullness of time that physical discs will simply die out. So no point kicking up shit about it especially when it's a chance to deliver a well aimed kick in the balls to Microsoft.
Of course on the flip side, Microsoft could potentially install the full disc onto the HDD and let you play it without the disc at all since it's unique (embedded serial somewhere) and bound to your account now. I could see that being a significant advantage.
The value in these devices might be if you could take your phone, plug it into a dock and suddenly it becomes a full blown Linux desktop. That's a useful thing to strive for. Otherwise not so much.
Exactly. iGoogle is a really useful homepage. Google have nothing to replace it (Google+ is not a replacement). So I'll just jump over to Yahoo. I'll probably do a large chunk of my searches through Yahoo too.
The up front permissions is better than nothing but it's not good enough.
Android really needs to ask the user to grant / deny a permission each time it is accessed, with a checkbox to remember the decision. Some apps can be incredibly annoying, such as Facebook which is constantly turning on GPS which saps battery power. I should be able to disable that permission and force it to use a less precise location system or none at all. Another app might have a genuine need to launch the dialler, to call someone in its contacts list, but I want to be asked each time just so it doesn't surreptitiously dial a premium number in Ghana during the night. Perhaps for numbers, it's the number which is added to a whitelist when I say remember the decision. And so on.
Apps might also have installed broadcast receivers / services which might hit permissions. They could be suspended until I grant / deny the permission they require. Perhaps I can completely disable these receivers / services from running at all except when their app is in the foreground.
Slashdot Mirror
Perhaps it could stop a drive by somehow uploading the file. But that's why browsers randomize their storage paths to begin with so that's already covered.
So maybe it will stop a trojan or malicious plugin with local OS access (thereby able to search down random paths) from reading the file? Well not really since if a trojan can steal the file it can also steal the encryption key the browser used to scramble the file. Or it could log keystrokes to capture the user password used for the same purpose.
So basically encryption is basically false security. The old adage that a chain is as only strong as the weakest link applies here. Maybe encryption would be the icing on the cake but FAR more pressing would be making cross domain storage as stringent and secure by default; preventing cross domain access without explicit policy; enforcing limits on the amount of storage any site can use; setting small default limits to discourage sites dumping data to it; providing sensible management tools for the user to clear / delete / change the size limits globally or per site; providing preferences to expire / clear out data on exit or by age; and just generally testing this stuff within an inch of its life to ensure it is performant and secure.
Even so, I think the Linux for PS2 didn't worry Sony for a couple of reasons - 1) it was very expensive to buy the Linux kit (£120 IIRC for the DVD, hdd and keyboard) and 2) the bios could not be flashed. So the chances of using it as a successful crack were pretty low.
With the PS3 and Other OS, Sony relied on a hypervisor to protect the firmware because if the firmware were flashed the PS3 could be owned in software. So when viable hypervisor exploits began to appear and via Other OS, was clearly only a matter of time before the feature would go. Someone would have eventually perfected a bootable DVD which did nothing more than run the exploit and install the custom firmware.
So it's a hardly surprising turn of events. And while Sony did it purely to protect their multi billion platform, there are reasons for console owners to be glad they did too. After all, if piracy and cheating became endemic then the platform would have turned into a sea of shovelware shit because the margins wouldn't be there for publishers to try any harder. A bit like what happened with the DS and Wii.
Yes and you can skip it. As many people doubtless do. If you bothered to read the tracking preference draft spec you would see it is meant to represent an explicit user preference with a default behaviour of "unset". By defaulting to something else Microsoft have broken the spec and emasculated it. They could have posed the question in the setup and if the user skipped the question, then abide by the spec and use the default unset value.
I expect Apache "sided" with advertisers is because they recognized the brokenness of a privacy setting which the user did not consent to. It would be very easy to fix and make the preference an explicit user choice.
MS did plenty wrong. They subverted an explicit user preference that said DO NOT TRACK by turning it on by default thereby eliminating that explicit preference and any reason advertisers might choose to honour it. They would have been better off to pose the explicit question during setup and if the user skipped the question then assume enable.
Bogus analogy is bogus.
This reluctance may be fed by the sense that Bitcoin poses a threat to the banking industry.
Or more likely from the sense it could draw the full weight of federal law down on them for facilitating money laundering.
It was MS giving me what I want, and the Apache Software Foundation siding with the advertisers against me. Don't try to spin it into something different.
No. It was Microsoft making your decision for you, making it entirely justifiable for advertisers to ignore the preference entirely since it doesn't represent your preference. And more likely it had squat to do with them championing privacy and more to do with screwing over Google and other advertisers.
I'm sure a browser could pose the question with some information the first time the browser is launched to make the preference an explicit user choice.
In the old days this increase in resolution was typically cancelled out by the fact that the higher the res, the larger the monitor typically was. But now we're talking about 11-12" laptops packing in the pixels that you wouldn't even see in a 27" display. I wouldn't be surprised if there are a lot of problem apps, especially games and it's bound to take a while to shake out the issues.
But checking out directories is a useful feature and it does no good to deny it. For example the company might use Subversion for documentation storage and someone might only be interested in one folder and Subversion supports that. For documentation and other forms of binary content the whole idea of decentralization is highly questionable since its not like merge tools will make a good job of a spreadsheet or a diagram or even a word doc so the whole staging, pushing and pulling is largely redundant overhead.
For source code or text content it is another matter and Git is clearly a better choice in most scenarios.
I have to do periodic merges between CVS branches and I have to set aside several hours to do it thanks to all the tagging that has to go on before and after the merge to ensure it happens properly. The fact it takes so damned long it discourages me from doing it more often.
For a long time the EGit plugin for Eclipse sucked balls but it is at a point now where it's pretty easy to use at least for the day to day workflow. As a general rule though don't mix command line git and Egit on the same project at the same time because it can get confused. I often see msysgit get confused by line endings, regardless of what line ending conversion settings or gitattributes are in the project after Egit has been at the files.
But definitely the ability to check out just a few folders or files is an advantage of CVS and Subversion. Git forces everything to be cloned although you can avoid dragging down the entire change history. Submodules are Git's way of decomposing projects into smaller ones and they tend to be hit and miss.
TortoiseGit puts a nice UI over Git that does pretty much everything in the normal developer workflow. I'm not sure why you would be rebasing so much since that would typically be a final act for a large, long lived branch that you intended to squash and make relative to the head of another branch prior to merging it over.
I think you're just twisting to avoid the obvious point. An adequate gaming PC costs more than a console and yet piracy is endemic. Because PCs are an open platform and lack any adequate form of copy protection or DRM. Thus piracy is higher as can be seen just by visiting any torrent site and observing the number of seeds for popular games.
So you have to upload your book to somewhere secret where you trust and hope Mr Bookz will will strip out your id. And if your uploaded book does leak into the wild (because Mr Bookz is an asshole or incompetent about stripping the id), you've just incriminated yourself for no reason. If there is a book in the wild already why risk uploading another copy at all? Why even buy a copy in the first place if you are uploading books and therefore not especially concerned about the ethics of piracy?
Of course I suppose 1000 people could crowd compile a book, each submitting a page each to produce a frankenbook from the pieces but it would still have to be canonicalized in case the markup, contents, style rule names embedding the id somehow. Perhaps the frankenbook would hash each canonicalized page and the pages that have the same hash are used when the book is stitched together.
But for all the effort maybe it's easier to scan the paper book in the first place, or hook up a cracked Kindle / Nook / tablet to a flat bed scanner or a screen capture device and make extensive use of analogue hole to strip out most of the watermark.
In summary, it would be a hard problem to crack.
Someone would have to possess an another copy of the same book (more or less defeating the point of sharing the their own and incurring a personal risk) in the same published form in order to even know that the differences were intentional. Even then it doesn't make them easy to remove, if for example style names or other marks in the book were randomized.
Similar measures would have easily found the culprit of a mass leak of information like wikileaks. Every page could contain 1 bit of variation based on the user's id and the result page. Each bit you could glean from a page would cut the search space of culprits in half so you'd nail the perp in no time. Even if the document was canonicalized it cannot strip out all the ways that this bit of variation could be sent and wikileaks would be extremely unlikely to be in possession of two independent copies of the same document to even know what to look for.
As for it being "expensive", most PCs are more expensive again. Guess which platform suffers worse piracy. Cost has nothing to do with it so much as lack of copy protection or circumvention controls.
The interesting exploitable hardware. As it turned out they didn't protect it well enough even with a hypervisor so the entire OtherOS had to go.
But OtherOS really never attracted a whole amount of interest before the threat of removal became a reality. Then people who never used it were whining to the high heavens about evil Sony. Of course Sony was just protecting their platform - removing an esoteric feature which was massively exploitable. I expect the PS3 would died a death if piracy had taken hold and one way to ensure that was to leave OtherOS in there.
It sucks it was taken out (and I had used it myself BTW). But what would have sucked a LOT more is seeing the console I spent a lot of money go into terminal decline as it became a wasteland of shovelware shit because piracy was endemic. Or if the multiplayer was taken over cheating bastards and griefers thanks to modded firmware.
Given that the PS3 was the least pirated console of this generation by a large margin I would suggest that Sony got something right even if they angered some people in the process.
I'm not sure I trust Sony not to be an asshole regarding DRM. It doesn't have that good a track record. It is a good bet the moment the marketing hype dies down, and the stock holders start pressing, they will tighten their DRM.
I expect Sony's gameplan is to push really hard on PSN+ and digital downloads (which are non transferrable) with the expectation in the fullness of time that physical discs will simply die out. So no point kicking up shit about it especially when it's a chance to deliver a well aimed kick in the balls to Microsoft.
Of course on the flip side, Microsoft could potentially install the full disc onto the HDD and let you play it without the disc at all since it's unique (embedded serial somewhere) and bound to your account now. I could see that being a significant advantage.
The value in these devices might be if you could take your phone, plug it into a dock and suddenly it becomes a full blown Linux desktop. That's a useful thing to strive for. Otherwise not so much.
Exactly. iGoogle is a really useful homepage. Google have nothing to replace it (Google+ is not a replacement). So I'll just jump over to Yahoo. I'll probably do a large chunk of my searches through Yahoo too.
Android really needs to ask the user to grant / deny a permission each time it is accessed, with a checkbox to remember the decision. Some apps can be incredibly annoying, such as Facebook which is constantly turning on GPS which saps battery power. I should be able to disable that permission and force it to use a less precise location system or none at all. Another app might have a genuine need to launch the dialler, to call someone in its contacts list, but I want to be asked each time just so it doesn't surreptitiously dial a premium number in Ghana during the night. Perhaps for numbers, it's the number which is added to a whitelist when I say remember the decision. And so on.
Apps might also have installed broadcast receivers / services which might hit permissions. They could be suspended until I grant / deny the permission they require. Perhaps I can completely disable these receivers / services from running at all except when their app is in the foreground.