Good call. I just checked their site, and you're right - it's been nearly a year since their last update, which is strange because they still sell them new, and before that, updates were released several times a year. I'm still going with "better than most" because my linksys required a bootloader flash to get third party firmware working, especially notable because the ea6900 has a well documented bootloader issue that the patch fixed.
I'm genuinely curious if any other router OEMs have a better track record. Someone else in the thread mentioned Microtek, but I've never heard of them - they don't seem to be stocked at Microcenter, Newegg, or ADI, so I've just never run into them.
I've generally preferred Asus routers to its peers for quite some time. They've been great with providing firmware updates four years after release (d-link, I'm looking at you), doing simultaneous dual-band as advertised (netgear, I'm looking at you), their firmware is responsive and generally very stable (Belkin, I'm looking at you). Their mid-range units support multi-wan and make excellent print servers, and they've been very supportive of the modding community - most of their gear supports merlin, padavan, ddwrt, openwrt, and tomato, and their recovery mode is near-brickproof. Yes, it's obnoxious that they had security issues, and yes, I replaced my N56U with a linksys ea6900 (and regretted until tomato was installed), but they're definitely better than most in my experience. More to the topic, I wonder if this will yield some case precedent for these requirements industry wide. I can dream...
Backblaze doesn't always choose the most reliable drive, we look at the total cost of ownership including the amount of power the drive will consume and the drive's failure rate and let a spreadsheet kick out the correct drive for us to purchase this month. It is rarely the most reliable drive.
You must be a force to be reckoned with in EVE Online.
Yes, there will always be those who cannot adapt. However, the problem attempting to be solved is that there is a majority of people for whom Tor is prohibitively complicated.
2) "what difference does it make?" Is that you Hillary? (It makes a lot of difference, I'll spare you the details)
No, it's not Hillary. I too know it makes a difference. The problem is that the perception of the implications for most people is that they are trivial. Hence, why this is a social issue as much as a technological one.
3) Having the restaurants location data and knowing where it is in relationship to yourself is convenient. ____, inc recording and storing the details of your location is the problem
Yes, but Tor doesn't solve this problem. Running a Google search through Tor will show me restaurants near the exit node rather than my actual location, and then store that data.
4) In my life, sadly of which too much is spent online, I have never encountered 'Tor ransomware'. But maybe this is a reality for some?
I fix computers for dozens of people, from home users to small businesses. I've run into ransomware a number of times, and almost invariably, the instructions were basically, "send 0.5 Bitcoin using this Tor address...", or some approximation thereof. Clearly, not the EFF's fault this happens, or that it happens that way...but when the two most common ways people hear about Tor are "Silk Road" and "Cryptowall", it's difficult to argue that the battle to legitimize Tor in the court of public opinion is a steeply uphill one.
5) My understanding of Tor is limited, but by reading what is published it sounds like the problem with tor performance is similar to the problem Verizon has with a fraction of a percentage of its data plan (ab)users: a few dumbasses downloading pirate bay torrents kills the experience for everyone else.
That may well be the case. Unfortunately, there's no meaningful way to prohibit that sort of use.
6) Again limited understanding of tor, but wouldn't more users help the anonymity problem more than hurt it?
Tor isn't like Bittorrent - there are lots more 'leechers' than 'seeders'. Using a Tor browser does not also require you to be an exit node, and being an exit node means that you may be legally liable for the traffic, depending on jurisdiction. Even if not, it means that your bandwidth will constantly be saturated by other people's data. Thus, there's every disincentive to be one.
Tor's issues with respect to going mainstream, in my opinion, are as follows:
1.) It's complicated. Yes, it can be streamlined, which is the goal, but even if it were, it's still inherently more complicated than "not using Tor". 2.) No need. "I'm just browsing Facebook and paying bills online...and if someone is really snooping that traffic, what difference does it make?" 3.) Location data is convenient. As much as I hate Google tracking me, I'd much prefer knowing about restaurants near me when I'm hungry, than ones in Malaysia. 4.) Many people's first encounters with Tor are the result of ransomware...which are usually a traumatic experience. That's not exactly great marketing. 5.) Tor slows down browsing significantly; adding additional users would exacerbate the issue. 6.) Even the "good guys" have questions about the utility of Tor (compromised exit nodes, honeypots, etc.) 7.) Tricky on mobile devices.
Honestly, I see Tor's problems having much less to do with technological problems than with sociological ones. For most people, Shari would have to establish a need for them to use Tor. I don't see her being effective in that - not because of who she is, but because of her audience.
If you can't muster support for a constitutional amendment, you have no business change the constitution in the name of reinterpretation.
To play devil's advocate here for a moment, even the difference between "sufficiently different to need an amendment" and simply "a clear implication and logical conclusion based on the principles expressed" can be a blurry line at times. Case in point, most of Slashdot agrees that while the fourth amendment says "...to be secure in their papers and effects", it applies to data on smartphones, too. While it's bleeding obvious that smartphone data wasn't referenced in the Constitution because they kinda sorta didn't exist 230 years ago, extending "papers and effects" to include that data could be considered a reinterpretation or a "clear implication" is itself a judgment call that would need to be made.
I'm with you in that the Constitution was not intended to mean "whatever is popular today, because interstate commerce"...but let's also not assume that it's always trivial to distinguish the line past which an amendment is needed.
Image Hosting: Piwigo (free to self-host; first party hosting available) Zenphoto (free to self-host; third party hosting available) JuiceBox (freemium; self-hosted only) Flickr Amazon Prime Photos (you have to be Prime)
Okay, I'm tired of adding links...but depending on what functions of Picasa you're looking to replace, there are plenty of alternatives.
For YEARS, I've hoped for GPS software that had three features:
1.) A "fewest number of turns" mode. Especially if I am in unfamiliar territory, I would rather a route that involves four turns and takes five more minutes and three more miles, than a route that saves me those five minutes and involves fifteen turns. Give me the route that is the simplest to memorize, even if it means a longer drive.
2.) An "avoid crappy intersections" mode. Yes, please, make my drive three minutes longer if it means I don't have to cut across four lanes of traffic within 100 feet to make a hairpin left at a five-way stop. Prioritize standard, right-angle intersections where possible.
3.) A "get the complete thought out" mode. One time, I was driving in Queens, trying to get back on the Jackie Robinson Parkway (I think). The GPS literally said "stay to the right...then...stay to the left...then...stay to the right...", to which I blurted out, "Cha cha now, y'all!". While yes, I was navigating through an intersection of three major highways (see #2), there were about four different roads I could get onto with that particular set of directions, and looking at the map to figure out which particular set of squiggly lines I was supposed to drive onto was not an option, given that I had to, y'know...avoid hitting another driver or ending up in oncoming traffic (yeah, I'm picky like that). If directions are going to be given in that quick succession, then tell me "head toward the Jackie Robinson Parkway"...and then, just start calculating rerouted directions in the background, under the assumption that I'll miss it.
Honestly, I think that these three features would be incredibly helpful...so, anyone who wants to code it, just get me a free copy.
If you look at a list of new computers, you will notice that a surprisingly large amount of PCs are already shipping with 128 GB or 256 GB SSD. That's gonna hold everything that most people need.
Well, that's a bit difficult to generalize, which is a challenge that computer manufacturer's are having a bit more difficulty addressing. 128GB is fine for a browser/office suite computer, but with the OS taking 20-30GB of that (depending on OS/version/swap file size/hibernation file size), 128GB gets pretty cramped, pretty quickly, if a moderately sized iTunes library is involved. Moreover, phone backups / picture sync for images that are 10MP and higher will eat up that 128GB fairly quickly.
256GB is about the sweet spot for most laptop users, but it's surprisingly frequent that 256GB being enough space is largely contingent upon "data living somewhere else" - be it Teh Cloud (tm), a server share, a NAS of some kind, or an external drive. The ability to stream Netflix and Spotify and at least some iTunes content is definitely helpful, but anemic internal storage is only viable because "data living external to the device itself" has become a way of life for most of those users.
So what's everybody's favorite alternative, since SwiftKey is owned by a company that is nowadays renowned for its spyware and keylogging?
I've been a fan of Swype since the WinMo 6.5 days; stuck with it ever since. It's owned by Nuance now, the folks behind Dragon NaturallySpeaking and who provide some of the underlying tech behind Siri.
If you're a fan of SwiftKey, and want to keep it, and you have a rooted phone, you can use DroidWall or Xprivacy to deny it network access. It obviously won't pull language updates (and you won't be able to dictate with it), but your data stays on your phone - it's what I do for Swype.
1.) Self-hosted option. 2.) Integration with Outlook - send file attachments as links, without leaving the compose window. (ish) the ability to self-host and integrate with Outlook, as well as one of Barracuda's claims to fame - their spam filter - made sending secure e-mails with attachments a seamless process.
Indeed, because when Jobs was still in charge, there was some actual value in paying that premium. Now it's just name trade. How well has that worked out for Sony?
A Sony Walkman played the same cassette tapes as an Emerson or GE. a Discman played the same CDs as a Philips. A Sony TV connected with the same cable and showed the same channels as an RCA or Zenith. Sony's attempts at lock-in (Betamax*, Minidisc, ATRAC3, Memory Stick) never achieved critical mass, and were usually direct competitors to formats everyone else used by time they hit the market.
Apple played - and still plays - standard MP3s...but their vertical iTunes platform made it a lot more convenient to stick within the ecosystem for purchase and download, a system that provides disincentive to use a competitor. The use of standard MP3s requires much more manual work, thus requiring forethought, intent, and a willful forsaking of a lot of the streamlining that Apple makes possible. Good luck getting a video purchased from Apple running on anything other than an iDevice, or an App working on a non-iOS device, or text messages / picture messages to move from an iOS device to Android or Windows Phone.
So no, name trade didn't work out so hot for Sony, because they were competing in a time where getting a new portable cassette player was a near-disposable purchase, and every model was intercompatible with the content that was used on its predecessor. Apple competes with a certain amount of lock-in on its side - not a complete lock-in, but a hell of a lot more than what Sony had to work with.
*Yes, Betamax kept a niche in TV/video production for quite some time, as its frame-accurate seek system and better image quality served that niche better than VHS, and became a standard within it...but we're talking mass market adoption here.
People keep saying businesses just take profit and making things cheaper never brings prices down (look at gas stations and oil), but then they immediately claim competition will lower prices in the next sentence. I had to figure out how it really works, since people simultaneously arguing opposite behaviors as absolutes are obviously wrong.
Absolutes != generalizations. Saying "always" and "never" with respect to how businesses operate is silly, as you point out, because even the smallest of businesses still deal with hundreds of variables.
Here is how the two principles you're talking about harmonize:
Sprockets n' Things can sell a sprocket for $50, and sell them well, despite the markup of $10, as the total cost of making them ends up being $40. SnT has learned that selling them for $50 is a good price: customers are satisfied and quality is good. By shifting around their factory schedule around the time of day to minimize the amount of HVAC and peak electricity they're using, as well as making some larger quantity steel orders at a lower cost-per-ton, SnT was able to lower the production cost by $2. SnT could either sell the widget at $48 (passing the savings to the customer), $50 (increasing their profit with no impact on the product), or $49 (split the difference).
Widgets n' Stuff comes out the starting gate selling sprockets at $45, also making a $10 profit. Individual sprocket purchases could go either way (especially if SnT sprockets are deemed of higher quality or have some other value to justify the difference), but businesses who place orders of 10,000 units, a $5 difference turns into a $50,000 savings by purchasing from WnS.
Sprockets n Things would be more inclined to lower the price in order to keep the cost-sensitive customers that Widgets n' Stuff is gunning for, so long as WnS is around to provide a viable alternative to SnT. SnT is also much less likely to increase prices when they are competing with someone who can do it for less.
So yes, pocketing savings is, generally, the best option to take by businesses without meaningful competition. Passing along savings to a customer who has more market choice is generally a better business move.
And that is how those two general thoughts can live in harmony.
You're not the only one; slashdot is disproportionately high in this regard in comparison to the rest of society, so you're in relatively good company. Having said that, tracking is much easier for people to agree to if they get something out of it, something that wasn't possible in the past. I've found that attitudes toward malware and attitudes toward tracking are strangely similar - users don't call until their computer is ridiculously slow, but if the malware spent only 25% of the CPU time mining bitcoins, the users would never call. So too it is with tracking - it's much more difficult to get people to care when there's no perceived imposition on what they're looking to do, and let's face it - there's something to be said about being able to exchange "being tracked" for "avoiding massive amounts of traffic" or "finding a restaurant that's actually open at 11:00PM when I'm in a completely different part of the country where everything closes at 8".
Ultimately, the single biggest problem is the fact that, with everyone feeling constantly busy, starting a crusade based solely on principle is one that is a tough sell. My glimmer of hope is that there is a point at which people will, in fact, fight back. Near me, the school zone cameras were set to give tickets at 21mph, any time, day or night. While there *might* have been better acceptance of those cameras if they were kept to egregious levels (e.g. >30mph in a 15) rather than requiring NASA-grade spedometer calibration, and/or were disabled on evenings, weekends, and holidays, then there might have been less pushback. Instead, those cameras lasted about a year, and then the county threw in the towel. Once it unreasonably affects them, people will fight.
BravoCoin and CharlieCoin need a way to define what they're worth
That's not how floating exchange rates and currency exchange work. That is not how currencies have been valued in a long time.
If I get paid in AlphaCoins, and I'm at a McDonald's that only takes BravoCoins, I'll need to convert my currency if I want a Big Mac. Its value won't be defined solely in terms of some multiple of AlphaCoins, but there needs to be a meaningful way to make the conversion. If I'm in Europe and traveling to Japan, my 100 Euros will convert to 12,750 Yen. It's not a result of the Euro being defined as 12.75 Yen, but a result of the fact that I can expect to purchase approximately 23 Big Macs with the same amount of money.
Oh No! (Score:1) by Mister Liberty (769145) Alter Relationship on Saturday January 16, 2016 @02:30PM (#51314895) I was just about to inform my cells where the nuke is located!
I'd say the solution to that is for people to be able to declare that they aren't going to use $CURRENCY_UNIT any more and will instead use something else. So somebody has snagged up all the bitcoins or gold or matchsticks or whatever, and the rest of us trade with something else.
I'll take a look at the book, but even your solution here is easy to find the flaw...
Everyone uses AlphaCoins to trade. The AlphaReserve becomes corrupted, and two splinter groups are born: BravoCoin and CharlieCoin. BravoCoin has a standardizing body, CharlieCoin does not. BravoCoin and CharlieCoin need a way to define what they're worth, so BravoCoin ends up trading at approximately 0.8*X AlphaCoins, while CharlieCoin is 1.2*X AlphaCoins. If AlphaCoin wants BravoCoin to win, they just have to fudge the values in a way that BravoCoin is shown to be more stable in terms of AlphaCoin. BravoCoin turns CharlieCoin into a niche currency, AlphaCoin starts to fade away, and now the cycle begins again with DeltaCoin and EchoCoin... Meanwhile, we end up with redundant currency in everyone's wallet. The government still only takes taxes in AlphaCoin, you get paid in BravoCoin, and Uber takes either AlphaCoin or CharlieCoin, with fares in CharlieCoin getting a 30% discount. At the end of the day, the answer would be, "let MasterCard sort it out", defeating every possible purpose of that system.
The point of those 'systemically important institutions' is that they're supposed to keep the playing field somewhat-level. They trade liberty for stability, and when it comes to money, that's a trade that most stable countries worldwide make in some form
And it's not suspicious to you that the powerful (nation states) are happy to trade our liberty for their stability?
Oh, I'm not saying it's a desirable or ideal situation...the problem is that "determining how much disparate objects are worth in relation to each other" is highly subjective. Without a central authority declaring how much a $CURRENCY_UNIT is worth, it's now a democratic decision, influenced primarily by people who possess large quantities of them, as is evident in the Bitcoin community.
Whenever currency is involved, there will always be *someone* in charge of determining the value of that currency in terms of the objects intended to be purchased with it. The Federal Reserve system and similar entities concentrate power in a way that easily lends itself to corruption, but (ideally) they are regulated and held accountable enough to prevent situations so egregious that they cause currency collapse. Now, we can certainly have the conversation that the present regulations aren't exactly the most effective, but that's a question of enforcement, not principle.
By ditching some form of centralized regulation, we inherently end up with 'de facto regulation' by people who end up with the most say, rather than a formally chartered entity. This works until greed and corruption come into play, where those with Bitcoin can either threaten to flood the market (reducing the price for everyone) or hoard them (defeating the purpose of an actual currency). We then easily end up with the problem demonstrated in the article, where Bitcoin XT, which attempted to solve a number of Bitcoin's problems, couldn't come to fruition due to the strong-arming of a number of people who simply had lots of Bitcoins and/or ran the community forums. Therefore, those who attempted to use Bitcoin as an actual-investment or currency found themselves in the situation where the value of their savings was being determined by people who were using leverage to retain their own power and/or greed, rather than a group of people tasked with retaining stability for everyone.
Is the Federal Reserve misused? Absolutely. Is there corruption? No question. Is there an option? Short of Gene Roddenberry's Utopian society founded upon altruism and self-control...the two options are "a centralized administration" or "tyranny by the wealthy". Pick your poison.
He says it is clear Bitcoin is on the verge of collapse, and lays out several compelling reasons why.
Actually, the article is a pretty good read. The tl;dr version would go something like this: a community founded on idealism and principle found out that those things invariably end up coming in second place when competing with greed and power...and a small group of people ended up with some power, and some greed.
Quoting: "What was meant to be a new, decentralized form of money that lacked 'systemically important institutions' and 'too big to fail' has become something even worse: a system completely controlled by just a handful of people.
Someone's never played a game of Monopoly. There will always be a "one percent" when it comes to money and power. The point of those 'systemically important institutions' is that they're supposed to keep the playing field somewhat-level. They trade liberty for stability, and when it comes to money, that's a trade that most stable countries worldwide make in some form - it's amongst the reasons (or at least indicators) that they're stable.
Moreover, currency itself only works when it actually facilitates trade. A few drug sales here and a Dell server there isn't going to actually allow the currency to get into people's hands in order to then spend it. Start telling me that 2/3 of my bills can be paid in Bitcoin, and it's as simple to use as a credit card, and then we can talk. Tell me that it could fluctuate in such a way that thousands of my hard-earned dollars could disappear and reappear on a daily basis, and that Mt. Gox (amongst the largest and most well-known names in the Bitcoin business) can't even stay afloat...and suddenly the Federal Reserve starts looking pretty good - for all its warts, I'm unlikely to be homeless because of the acts of two or three people in China...
Worse still, the network is on the brink of technical collapse. The mechanisms that should have prevented this outcome have broken down, and as a result there’s no longer much reason to think Bitcoin can actually be better than the existing financial system."
Well, the data of "every single transaction ever" needed to live somewhere...and distributed amongst everyone would only work as long as the average computer could handle it. Even after reading the article, the fact of the matter is that a decentralized record of financial transactions would never scale to the level of American Express - it's not like AmEx could process every purchase off just one desktop with a residential cable modem, but in practice, that was Bitcoin's logical conclusion. Eventually, there would have been some sort of abstraction layer that limited the need for everyone to keep records of every transaction, everywhere, ever...and whoever was in charge of that system would have been the de facto federal reserve...
Is the end of Bitcoin on the horizon?
That depends on how long one can continue to believe in the idea that idealism can win over greed.
I would assume that the manufacturer only has to be able to decrypt the phone AT SALE TIME.
I was thinking this as well - if the phone SHIPS decrypted, and during the intro has an option that says, "would you like to encrypt your stuff?" with 'yes' as the default, then one could argue that Google and Apple have done their due diligence. The problem is then the law gets amended, saying that the OEM cannot ship a phone that includes encryption technology, so they make it an app in the [App|Play] Store...then it becomes "the OEMs cannot provide software for doing this", at which point things start to get complicated...
They could certainly shuffle some money through the Cayman Islands to a shell company who makes the software, but even if the legislators don't follow the money, they get 'em on the flip side by saying, "you can veto apps in the app store that you completely control...right?" If the government puts 'em on the hook that way, then the choice gets even messier - either give up the pissing contest and sell phones that cannot be encrypted, give up control of their app store, or give up the fight against rooting and give their users root access in order to make the installation of low-level encryption tools possible. None of these things seem like options that either Apple or Google are going to be okay with...
Isn't that a little of an overreaction? Twice a day is not that much.
Maybe not...but the only other category of software that nags this much is malware, so...
We both know that if they put in a check box to turn it off, so many people would just click "never" because they do not want to be bothered with it
As is their right, on their hardware, to decide what software does and does not run on it. If they click 'never', it's not like the Windows 10 Media Creation Tool will cease to function. It's not like Microsoft couldn't do this in the form of a pinned start menu icon, and it's not like "Windows 10" isn't being discussed from time to time on Forbes and CNN.
but absolutely would benefit from an upgrade.
Maybe they would...but whether or not a given end user would benefit from an upgrade isn't for Microsoft to decide. Moreover, the GPP was referring to a number of hardware or software related cases where users *wouldn't* benefit from an upgrade, yet Microsoft doesn't treat them any different.
In the general case they should nag about upgrading to windows 10 for the same reason that they nag about general [security] upgrades.
The reason they nag about general security upgrades is because unpatched machines that contract malware end up infecting other machines or destroying data. Since those are not the core reasons for the Windows 10 upgrade, or the major benefits of running Windows 10, then no, it's not nearly the same thing.
Because their are far more idiots that will just click "never" without even reading it, than their are intelligent, informed people who would benefit from the chose.
Perhaps...but again, those same idiots will be screaming bloody murder because the start menu is different. Those same idiots will be upset because their software doesn't work (maybe not Word and IE, but there are a LOT of very important, corner-case software titles). Those same idiots will tell people like you and me to "get it back to the way it was". Those same idiots probably *shouldn't* be upgrading their OS by themselves to begin with. Having to Google "how do I upgrade to windows 10" or calling their technically inclined nephew is probably a GOOD THING for those idiots...and if not, then it's not like humanity is worse off because the technologically disinclined stick with their existing version of Windows.
Even knowing what a phones ipv6 address is I still can't make a direct connection to it on Verizon wireless. Why even give us an ipv6 address if its just as useless as a natted ipv4 address?
Because 99.99% of Verizon Wireless phones that would receive an inbound SSH connection would be attempts to pwn those phones from China or Russia, thus requiring people to run firewalls on their phones, which would be terrible on battery life. The 0.01% of legitimate SSH connections would, by definition, be going to rooted phones, since SSH connectivity is disabled on the WAN side unless explicitly allowed, which requires root. Given that Verizon has been mandating locked bootloaders for some time now and in some cases retroactively locking them (no, I'm not bitter about my Note 2, why do you ask?), its clear that they're no friends of rooted devices on their network. There's no chance that Verizon will find themselves in a place where allowing SSH connectivity by default would end up in their best interest, or the interest of 99.99% of their customers.
Why IPv6 addresses then? because they've got a lot of devices on their network, and there are only so many NAT layers they can add before Facebook and Instagram start to break...
Who cares? Why are you afraid of others knowing you like sex accessories? Grow up, its 2015.
Because one's spouse sees the charge on the statement and has seen nothing new in the bedroom, so they immediately assume the worst and start divorce proceedings. Nevermind that it was a gag gift for a friend's anniversary, even if that conversation happens and the divorce is dropped, it's now made a huge mess and cost lots of money. Also, perhaps the person is a politician or some form of religious figure where people *should* be able to understand that if they want to use a butt plug with their spouse in their bedroom then that's their business, but societally, we unfortunately don't.
Now yes, the bleeding obvious argument is that a spouse willing to file for divorce as an avenue of first resort to a questionable credit card charge does not reflect well on the marriage, and that is indeed accurate...however, the fact of life is that there is such a thing as unhealthy marriages, and people are in them, and there are any number of reasons why "just go through with the divorce" isn't practical...in those cases, it's infinitely easier to just pay cash than have yet another drawn out argument that may get messy in other ways.
Ultimately, these nuances leave me to believe that there is still a place for cash.
The biggest mistake they ever made in security is not adopting default-deny from the start. Rather than making people think about what they need to allow, it seems the entire industry is thinking about what to block.
Let's roll with this line of reasoning. Keep in mind that we're talking about an issue with a 'deny any any' on an *outbound* firewall, not an inbound one. I have a handful of services on exposed, high ports. They all have some variant of fail2ban on them, and my pfSense is set to summarily deny inbound traffic from anywhere except the US. If that were my problem with Sophos, I'd still be running it. So, let's think through the thought that every time I had outbound traffic, I needed to make a rule for it. Windows updates? new rule. IRC? new rule. IRC on a nonstandard port? new rule. Remote Desktop? new rule. Remote desktop on a nonstandard port? new rule. Remote desktop on another nonstanard port? new rule. E-mail? a new rule for POP, a new rule for SMTP, a new rule for two different IMAP ports, a new rule for Activesync. Two new rules for FTP, three rules for Usenet - two down, one up (though that may be covered through the e-mail rule). New rule for Retroshare, new rules for a dozen different video games...exactly how much time am I supposed to be spending making outbound rules in this firewall?
Indecently, if you wanted "actual router" mode, it should technically allow everything in both directions, which is the routers job. But most people want a firewall too, which has the job of blocking, so it should do its job and block everything.
Welcome to the never-ending balancing act between security and convenience. I'm not even opposed to your notion of having a default-deny-all configuration, but the thing is that Sophos seemed to configure the system that way without streamlining the initial whitelisting. Simple way to do that? Make it possible to create NAT/firewall rules out of blocked traffic logs. Have a list with checkboxes that shows a set of common outbound applications to just automatically allow out. Have a client side agent detect things and spawn a uac-like prompt to allow outbound traffic rules to be made rapidly. Give it a 'learning mode' where traffic is set to 'deny all' for ten minutes, and a common list of ports and destinations are shown in a table for batch creation of rules.
The link you provided certainly makes much more sense with the example given in the post - yes, whitelist specific traffic on a public-facing load balancer that has a very small list of traffic types and ports over which to send and recieve traffic. By all means, do that - that list is maybe a dozen rules long and involves a primarily-uploading set of servers that are intended to respond to requests. For a home network, and even most small business networks, trying to make rules for every edge case of outbound traffic would likely end up making a firewall either so ruthless that it impedes worker productivity, or so full of rules that trying to compare such traffic against a whitelist ends up adding latency because the list is a mile long, or ends up with so many outbound 'allow' rules as to not offer much in the way of protection vs. the amount of system resources required.
UTM 9 IS open source excep for the gui and FAR better and FAR more features than pfsense. Not even close to being in the same leuage. (no commercial interest, just a satisfied UTM 9 user (not customer))
Amusingly, I dealt with this very scenario just this week, except in reverse.
I installed the Sophos UTM on a Vista-vintage Optiplex. It was fine and responsive, and yes, the UI was beautiful, with lots of enterprise-grade features. The problem I had was that Sophos seemed to have a default 'deny any any' sort of rule in place that allowed HTTP, DNS, and...basically nothing else. I couldn't RDP out via nonstandard ports, I couldn't access IMAP mail, I couldn't get new Usenet articles in Agent, and that damn 'yellow triangle of limited connectivity' was proudly shown on all the Windows boxen on my LAN. I spent about two hours trying to get it to let SOMETHING through, Googled around, and...apparently there's some sort of voodoo that everyone else 'just knows' to make Sophos be a bit less strict, but for me it was like debating with the great-grandson of HAL9000: "Open the port 3389 doors, HAL." "I'm sorry Joey, I can't do that." Between that and the fact that Sophos went to the Sonicwall school of port forwarding hell, I installed pfSense.
pfSense allows traffic to flow the way one would expect a router to work; all the things that didn't work in Sophos worked just fine on pfSense. Port forwards can be as simple as a Linksys router (source port, destination port, IP address), or as complex as a Sonicwall. It's UI isn't nearly as pretty, but it's highly functional. The transparent proxy helps speed up HTTP traffic, which is helpful as I'm stuck with 2mbit/768k DSL for the immediate term.
I'm sure this is all a PEBKAC situation, and I do understand that Sophos's "assume the worst" stance has its place, but especially for being labeled for home users, I would have at least expected some sort of option in the initial config wizard to have the option between 'paranoid mode' and 'actual router' mode.
Slashdot Mirror
Good call. I just checked their site, and you're right - it's been nearly a year since their last update, which is strange because they still sell them new, and before that, updates were released several times a year. I'm still going with "better than most" because my linksys required a bootloader flash to get third party firmware working, especially notable because the ea6900 has a well documented bootloader issue that the patch fixed.
I'm genuinely curious if any other router OEMs have a better track record. Someone else in the thread mentioned Microtek, but I've never heard of them - they don't seem to be stocked at Microcenter, Newegg, or ADI, so I've just never run into them.
I've generally preferred Asus routers to its peers for quite some time. They've been great with providing firmware updates four years after release (d-link, I'm looking at you), doing simultaneous dual-band as advertised (netgear, I'm looking at you), their firmware is responsive and generally very stable (Belkin, I'm looking at you). Their mid-range units support multi-wan and make excellent print servers, and they've been very supportive of the modding community - most of their gear supports merlin, padavan, ddwrt, openwrt, and tomato, and their recovery mode is near-brickproof.
Yes, it's obnoxious that they had security issues, and yes, I replaced my N56U with a linksys ea6900 (and regretted until tomato was installed), but they're definitely better than most in my experience.
More to the topic, I wonder if this will yield some case precedent for these requirements industry wide. I can dream...
Backblaze doesn't always choose the most reliable drive, we look at the total cost of ownership including the amount of power the drive will consume and the drive's failure rate and let a spreadsheet kick out the correct drive for us to purchase this month. It is rarely the most reliable drive.
You must be a force to be reckoned with in EVE Online.
1) My grandmother thought the VCR was complicated
Yes, there will always be those who cannot adapt. However, the problem attempting to be solved is that there is a majority of people for whom Tor is prohibitively complicated.
2) "what difference does it make?" Is that you Hillary? (It makes a lot of difference, I'll spare you the details)
No, it's not Hillary. I too know it makes a difference. The problem is that the perception of the implications for most people is that they are trivial. Hence, why this is a social issue as much as a technological one.
3) Having the restaurants location data and knowing where it is in relationship to yourself is convenient. ____, inc recording and storing the details of your location is the problem
Yes, but Tor doesn't solve this problem. Running a Google search through Tor will show me restaurants near the exit node rather than my actual location, and then store that data.
4) In my life, sadly of which too much is spent online, I have never encountered 'Tor ransomware'. But maybe this is a reality for some?
I fix computers for dozens of people, from home users to small businesses. I've run into ransomware a number of times, and almost invariably, the instructions were basically, "send 0.5 Bitcoin using this Tor address...", or some approximation thereof. Clearly, not the EFF's fault this happens, or that it happens that way...but when the two most common ways people hear about Tor are "Silk Road" and "Cryptowall", it's difficult to argue that the battle to legitimize Tor in the court of public opinion is a steeply uphill one.
5) My understanding of Tor is limited, but by reading what is published it sounds like the problem with tor performance is similar to the problem Verizon has with a fraction of a percentage of its data plan (ab)users: a few dumbasses downloading pirate bay torrents kills the experience for everyone else.
That may well be the case. Unfortunately, there's no meaningful way to prohibit that sort of use.
6) Again limited understanding of tor, but wouldn't more users help the anonymity problem more than hurt it?
Tor isn't like Bittorrent - there are lots more 'leechers' than 'seeders'. Using a Tor browser does not also require you to be an exit node, and being an exit node means that you may be legally liable for the traffic, depending on jurisdiction. Even if not, it means that your bandwidth will constantly be saturated by other people's data. Thus, there's every disincentive to be one.
7) https://play.google.com/store/...
Android is the easy one. iOS...not so much.
Tor's issues with respect to going mainstream, in my opinion, are as follows:
1.) It's complicated. Yes, it can be streamlined, which is the goal, but even if it were, it's still inherently more complicated than "not using Tor".
2.) No need. "I'm just browsing Facebook and paying bills online...and if someone is really snooping that traffic, what difference does it make?"
3.) Location data is convenient. As much as I hate Google tracking me, I'd much prefer knowing about restaurants near me when I'm hungry, than ones in Malaysia.
4.) Many people's first encounters with Tor are the result of ransomware...which are usually a traumatic experience. That's not exactly great marketing.
5.) Tor slows down browsing significantly; adding additional users would exacerbate the issue.
6.) Even the "good guys" have questions about the utility of Tor (compromised exit nodes, honeypots, etc.)
7.) Tricky on mobile devices.
Honestly, I see Tor's problems having much less to do with technological problems than with sociological ones. For most people, Shari would have to establish a need for them to use Tor. I don't see her being effective in that - not because of who she is, but because of her audience.
If you can't muster support for a constitutional amendment, you have no business change the constitution in the name of reinterpretation.
To play devil's advocate here for a moment, even the difference between "sufficiently different to need an amendment" and simply "a clear implication and logical conclusion based on the principles expressed" can be a blurry line at times. Case in point, most of Slashdot agrees that while the fourth amendment says "...to be secure in their papers and effects", it applies to data on smartphones, too. While it's bleeding obvious that smartphone data wasn't referenced in the Constitution because they kinda sorta didn't exist 230 years ago, extending "papers and effects" to include that data could be considered a reinterpretation or a "clear implication" is itself a judgment call that would need to be made.
I'm with you in that the Constitution was not intended to mean "whatever is popular today, because interstate commerce"...but let's also not assume that it's always trivial to distinguish the line past which an amendment is needed.
Photo organizers, locally installed, Windows:
Zoner Photo Studio
xnView
Nero Mediahome
Windows Live Photo Gallery
Media Pro (Not Freeware)
ACDSee (Not Freeware>
Corel Aftershot (Not Freeware)
Photo editors, browser based:
Pixlr
Polarr
Fotor
iPiccy
Image Hosting:
Piwigo (free to self-host; first party hosting available)
Zenphoto (free to self-host; third party hosting available)
JuiceBox (freemium; self-hosted only)
Flickr
Amazon Prime Photos (you have to be Prime)
Okay, I'm tired of adding links...but depending on what functions of Picasa you're looking to replace, there are plenty of alternatives.
For YEARS, I've hoped for GPS software that had three features:
1.) A "fewest number of turns" mode. Especially if I am in unfamiliar territory, I would rather a route that involves four turns and takes five more minutes and three more miles, than a route that saves me those five minutes and involves fifteen turns. Give me the route that is the simplest to memorize, even if it means a longer drive.
2.) An "avoid crappy intersections" mode. Yes, please, make my drive three minutes longer if it means I don't have to cut across four lanes of traffic within 100 feet to make a hairpin left at a five-way stop. Prioritize standard, right-angle intersections where possible.
3.) A "get the complete thought out" mode. One time, I was driving in Queens, trying to get back on the Jackie Robinson Parkway (I think). The GPS literally said "stay to the right...then...stay to the left...then...stay to the right...", to which I blurted out, "Cha cha now, y'all!". While yes, I was navigating through an intersection of three major highways (see #2), there were about four different roads I could get onto with that particular set of directions, and looking at the map to figure out which particular set of squiggly lines I was supposed to drive onto was not an option, given that I had to, y'know...avoid hitting another driver or ending up in oncoming traffic (yeah, I'm picky like that). If directions are going to be given in that quick succession, then tell me "head toward the Jackie Robinson Parkway"...and then, just start calculating rerouted directions in the background, under the assumption that I'll miss it.
Honestly, I think that these three features would be incredibly helpful...so, anyone who wants to code it, just get me a free copy.
If you look at a list of new computers, you will notice that a surprisingly large amount of PCs are already shipping with 128 GB or 256 GB SSD. That's gonna hold everything that most people need.
Well, that's a bit difficult to generalize, which is a challenge that computer manufacturer's are having a bit more difficulty addressing. 128GB is fine for a browser/office suite computer, but with the OS taking 20-30GB of that (depending on OS/version/swap file size/hibernation file size), 128GB gets pretty cramped, pretty quickly, if a moderately sized iTunes library is involved. Moreover, phone backups / picture sync for images that are 10MP and higher will eat up that 128GB fairly quickly.
256GB is about the sweet spot for most laptop users, but it's surprisingly frequent that 256GB being enough space is largely contingent upon "data living somewhere else" - be it Teh Cloud (tm), a server share, a NAS of some kind, or an external drive. The ability to stream Netflix and Spotify and at least some iTunes content is definitely helpful, but anemic internal storage is only viable because "data living external to the device itself" has become a way of life for most of those users.
So what's everybody's favorite alternative, since SwiftKey is owned by a company that is nowadays renowned for its spyware and keylogging?
I've been a fan of Swype since the WinMo 6.5 days; stuck with it ever since. It's owned by Nuance now, the folks behind Dragon NaturallySpeaking and who provide some of the underlying tech behind Siri.
If you're a fan of SwiftKey, and want to keep it, and you have a rooted phone, you can use DroidWall or Xprivacy to deny it network access. It obviously won't pull language updates (and you won't be able to dictate with it), but your data stays on your phone - it's what I do for Swype.
I believe there are two(ish) things:
1.) Self-hosted option.
2.) Integration with Outlook - send file attachments as links, without leaving the compose window.
(ish) the ability to self-host and integrate with Outlook, as well as one of Barracuda's claims to fame - their spam filter - made sending secure e-mails with attachments a seamless process.
So yeah, it had its niche.
Indeed, because when Jobs was still in charge, there was some actual value in paying that premium. Now it's just name trade. How well has that worked out for Sony?
A Sony Walkman played the same cassette tapes as an Emerson or GE. a Discman played the same CDs as a Philips. A Sony TV connected with the same cable and showed the same channels as an RCA or Zenith. Sony's attempts at lock-in (Betamax*, Minidisc, ATRAC3, Memory Stick) never achieved critical mass, and were usually direct competitors to formats everyone else used by time they hit the market.
Apple played - and still plays - standard MP3s...but their vertical iTunes platform made it a lot more convenient to stick within the ecosystem for purchase and download, a system that provides disincentive to use a competitor. The use of standard MP3s requires much more manual work, thus requiring forethought, intent, and a willful forsaking of a lot of the streamlining that Apple makes possible. Good luck getting a video purchased from Apple running on anything other than an iDevice, or an App working on a non-iOS device, or text messages / picture messages to move from an iOS device to Android or Windows Phone.
So no, name trade didn't work out so hot for Sony, because they were competing in a time where getting a new portable cassette player was a near-disposable purchase, and every model was intercompatible with the content that was used on its predecessor. Apple competes with a certain amount of lock-in on its side - not a complete lock-in, but a hell of a lot more than what Sony had to work with.
*Yes, Betamax kept a niche in TV/video production for quite some time, as its frame-accurate seek system and better image quality served that niche better than VHS, and became a standard within it...but we're talking mass market adoption here.
People keep saying businesses just take profit and making things cheaper never brings prices down (look at gas stations and oil), but then they immediately claim competition will lower prices in the next sentence. I had to figure out how it really works, since people simultaneously arguing opposite behaviors as absolutes are obviously wrong.
Absolutes != generalizations. Saying "always" and "never" with respect to how businesses operate is silly, as you point out, because even the smallest of businesses still deal with hundreds of variables.
Here is how the two principles you're talking about harmonize:
Sprockets n' Things can sell a sprocket for $50, and sell them well, despite the markup of $10, as the total cost of making them ends up being $40. SnT has learned that selling them for $50 is a good price: customers are satisfied and quality is good. By shifting around their factory schedule around the time of day to minimize the amount of HVAC and peak electricity they're using, as well as making some larger quantity steel orders at a lower cost-per-ton, SnT was able to lower the production cost by $2. SnT could either sell the widget at $48 (passing the savings to the customer), $50 (increasing their profit with no impact on the product), or $49 (split the difference).
Widgets n' Stuff comes out the starting gate selling sprockets at $45, also making a $10 profit. Individual sprocket purchases could go either way (especially if SnT sprockets are deemed of higher quality or have some other value to justify the difference), but businesses who place orders of 10,000 units, a $5 difference turns into a $50,000 savings by purchasing from WnS.
Sprockets n Things would be more inclined to lower the price in order to keep the cost-sensitive customers that Widgets n' Stuff is gunning for, so long as WnS is around to provide a viable alternative to SnT. SnT is also much less likely to increase prices when they are competing with someone who can do it for less.
So yes, pocketing savings is, generally, the best option to take by businesses without meaningful competition. Passing along savings to a customer who has more market choice is generally a better business move.
And that is how those two general thoughts can live in harmony.
You're not the only one; slashdot is disproportionately high in this regard in comparison to the rest of society, so you're in relatively good company. Having said that, tracking is much easier for people to agree to if they get something out of it, something that wasn't possible in the past. I've found that attitudes toward malware and attitudes toward tracking are strangely similar - users don't call until their computer is ridiculously slow, but if the malware spent only 25% of the CPU time mining bitcoins, the users would never call. So too it is with tracking - it's much more difficult to get people to care when there's no perceived imposition on what they're looking to do, and let's face it - there's something to be said about being able to exchange "being tracked" for "avoiding massive amounts of traffic" or "finding a restaurant that's actually open at 11:00PM when I'm in a completely different part of the country where everything closes at 8".
Ultimately, the single biggest problem is the fact that, with everyone feeling constantly busy, starting a crusade based solely on principle is one that is a tough sell. My glimmer of hope is that there is a point at which people will, in fact, fight back. Near me, the school zone cameras were set to give tickets at 21mph, any time, day or night. While there *might* have been better acceptance of those cameras if they were kept to egregious levels (e.g. >30mph in a 15) rather than requiring NASA-grade spedometer calibration, and/or were disabled on evenings, weekends, and holidays, then there might have been less pushback. Instead, those cameras lasted about a year, and then the county threw in the towel. Once it unreasonably affects them, people will fight.
BravoCoin and CharlieCoin need a way to define what they're worth
That's not how floating exchange rates and currency exchange work. That is not how currencies have been valued in a long time.
If I get paid in AlphaCoins, and I'm at a McDonald's that only takes BravoCoins, I'll need to convert my currency if I want a Big Mac. Its value won't be defined solely in terms of some multiple of AlphaCoins, but there needs to be a meaningful way to make the conversion. If I'm in Europe and traveling to Japan, my 100 Euros will convert to 12,750 Yen. It's not a result of the Euro being defined as 12.75 Yen, but a result of the fact that I can expect to purchase approximately 23 Big Macs with the same amount of money.
Oh No! (Score:1)
by Mister Liberty (769145) Alter Relationship on Saturday January 16, 2016 @02:30PM (#51314895)
I was just about to inform my cells where the nuke is located!
Username checks out.
I'd say the solution to that is for people to be able to declare that they aren't going to use $CURRENCY_UNIT any more and will instead use something else. So somebody has snagged up all the bitcoins or gold or matchsticks or whatever, and the rest of us trade with something else.
I'll take a look at the book, but even your solution here is easy to find the flaw...
Everyone uses AlphaCoins to trade. The AlphaReserve becomes corrupted, and two splinter groups are born: BravoCoin and CharlieCoin. BravoCoin has a standardizing body, CharlieCoin does not. BravoCoin and CharlieCoin need a way to define what they're worth, so BravoCoin ends up trading at approximately 0.8*X AlphaCoins, while CharlieCoin is 1.2*X AlphaCoins. If AlphaCoin wants BravoCoin to win, they just have to fudge the values in a way that BravoCoin is shown to be more stable in terms of AlphaCoin. BravoCoin turns CharlieCoin into a niche currency, AlphaCoin starts to fade away, and now the cycle begins again with DeltaCoin and EchoCoin...
Meanwhile, we end up with redundant currency in everyone's wallet. The government still only takes taxes in AlphaCoin, you get paid in BravoCoin, and Uber takes either AlphaCoin or CharlieCoin, with fares in CharlieCoin getting a 30% discount. At the end of the day, the answer would be, "let MasterCard sort it out", defeating every possible purpose of that system.
The point of those 'systemically important institutions' is that they're supposed to keep the playing field somewhat-level. They trade liberty for stability, and when it comes to money, that's a trade that most stable countries worldwide make in some form
And it's not suspicious to you that the powerful (nation states) are happy to trade our liberty for their stability?
Oh, I'm not saying it's a desirable or ideal situation...the problem is that "determining how much disparate objects are worth in relation to each other" is highly subjective. Without a central authority declaring how much a $CURRENCY_UNIT is worth, it's now a democratic decision, influenced primarily by people who possess large quantities of them, as is evident in the Bitcoin community.
Whenever currency is involved, there will always be *someone* in charge of determining the value of that currency in terms of the objects intended to be purchased with it. The Federal Reserve system and similar entities concentrate power in a way that easily lends itself to corruption, but (ideally) they are regulated and held accountable enough to prevent situations so egregious that they cause currency collapse. Now, we can certainly have the conversation that the present regulations aren't exactly the most effective, but that's a question of enforcement, not principle.
By ditching some form of centralized regulation, we inherently end up with 'de facto regulation' by people who end up with the most say, rather than a formally chartered entity. This works until greed and corruption come into play, where those with Bitcoin can either threaten to flood the market (reducing the price for everyone) or hoard them (defeating the purpose of an actual currency). We then easily end up with the problem demonstrated in the article, where Bitcoin XT, which attempted to solve a number of Bitcoin's problems, couldn't come to fruition due to the strong-arming of a number of people who simply had lots of Bitcoins and/or ran the community forums. Therefore, those who attempted to use Bitcoin as an actual-investment or currency found themselves in the situation where the value of their savings was being determined by people who were using leverage to retain their own power and/or greed, rather than a group of people tasked with retaining stability for everyone.
Is the Federal Reserve misused? Absolutely. Is there corruption? No question. Is there an option? Short of Gene Roddenberry's Utopian society founded upon altruism and self-control...the two options are "a centralized administration" or "tyranny by the wealthy". Pick your poison.
He says it is clear Bitcoin is on the verge of collapse, and lays out several compelling reasons why.
Actually, the article is a pretty good read. The tl;dr version would go something like this: a community founded on idealism and principle found out that those things invariably end up coming in second place when competing with greed and power...and a small group of people ended up with some power, and some greed.
Quoting: "What was meant to be a new, decentralized form of money that lacked 'systemically important institutions' and 'too big to fail' has become something even worse: a system completely controlled by just a handful of people.
Someone's never played a game of Monopoly. There will always be a "one percent" when it comes to money and power. The point of those 'systemically important institutions' is that they're supposed to keep the playing field somewhat-level. They trade liberty for stability, and when it comes to money, that's a trade that most stable countries worldwide make in some form - it's amongst the reasons (or at least indicators) that they're stable.
Moreover, currency itself only works when it actually facilitates trade. A few drug sales here and a Dell server there isn't going to actually allow the currency to get into people's hands in order to then spend it. Start telling me that 2/3 of my bills can be paid in Bitcoin, and it's as simple to use as a credit card, and then we can talk. Tell me that it could fluctuate in such a way that thousands of my hard-earned dollars could disappear and reappear on a daily basis, and that Mt. Gox (amongst the largest and most well-known names in the Bitcoin business) can't even stay afloat...and suddenly the Federal Reserve starts looking pretty good - for all its warts, I'm unlikely to be homeless because of the acts of two or three people in China...
Worse still, the network is on the brink of technical collapse. The mechanisms that should have prevented this outcome have broken down, and as a result there’s no longer much reason to think Bitcoin can actually be better than the existing financial system."
Well, the data of "every single transaction ever" needed to live somewhere...and distributed amongst everyone would only work as long as the average computer could handle it. Even after reading the article, the fact of the matter is that a decentralized record of financial transactions would never scale to the level of American Express - it's not like AmEx could process every purchase off just one desktop with a residential cable modem, but in practice, that was Bitcoin's logical conclusion. Eventually, there would have been some sort of abstraction layer that limited the need for everyone to keep records of every transaction, everywhere, ever...and whoever was in charge of that system would have been the de facto federal reserve...
Is the end of Bitcoin on the horizon?
That depends on how long one can continue to believe in the idea that idealism can win over greed.
I would assume that the manufacturer only has to be able to decrypt the phone AT SALE TIME.
I was thinking this as well - if the phone SHIPS decrypted, and during the intro has an option that says, "would you like to encrypt your stuff?" with 'yes' as the default, then one could argue that Google and Apple have done their due diligence. The problem is then the law gets amended, saying that the OEM cannot ship a phone that includes encryption technology, so they make it an app in the [App|Play] Store...then it becomes "the OEMs cannot provide software for doing this", at which point things start to get complicated...
They could certainly shuffle some money through the Cayman Islands to a shell company who makes the software, but even if the legislators don't follow the money, they get 'em on the flip side by saying, "you can veto apps in the app store that you completely control...right?" If the government puts 'em on the hook that way, then the choice gets even messier - either give up the pissing contest and sell phones that cannot be encrypted, give up control of their app store, or give up the fight against rooting and give their users root access in order to make the installation of low-level encryption tools possible. None of these things seem like options that either Apple or Google are going to be okay with...
Isn't that a little of an overreaction? Twice a day is not that much.
Maybe not...but the only other category of software that nags this much is malware, so...
We both know that if they put in a check box to turn it off, so many people would just click "never" because they do not want to be bothered with it
As is their right, on their hardware, to decide what software does and does not run on it. If they click 'never', it's not like the Windows 10 Media Creation Tool will cease to function. It's not like Microsoft couldn't do this in the form of a pinned start menu icon, and it's not like "Windows 10" isn't being discussed from time to time on Forbes and CNN.
but absolutely would benefit from an upgrade.
Maybe they would...but whether or not a given end user would benefit from an upgrade isn't for Microsoft to decide. Moreover, the GPP was referring to a number of hardware or software related cases where users *wouldn't* benefit from an upgrade, yet Microsoft doesn't treat them any different.
In the general case they should nag about upgrading to windows 10 for the same reason that they nag about general [security] upgrades.
The reason they nag about general security upgrades is because unpatched machines that contract malware end up infecting other machines or destroying data. Since those are not the core reasons for the Windows 10 upgrade, or the major benefits of running Windows 10, then no, it's not nearly the same thing.
Because their are far more idiots that will just click "never" without even reading it, than their are intelligent, informed people who would benefit from the chose.
Perhaps...but again, those same idiots will be screaming bloody murder because the start menu is different. Those same idiots will be upset because their software doesn't work (maybe not Word and IE, but there are a LOT of very important, corner-case software titles). Those same idiots will tell people like you and me to "get it back to the way it was". Those same idiots probably *shouldn't* be upgrading their OS by themselves to begin with. Having to Google "how do I upgrade to windows 10" or calling their technically inclined nephew is probably a GOOD THING for those idiots...and if not, then it's not like humanity is worse off because the technologically disinclined stick with their existing version of Windows.
Even knowing what a phones ipv6 address is I still can't make a direct connection to it on Verizon wireless. Why even give us an ipv6 address if its just as useless as a natted ipv4 address?
Because 99.99% of Verizon Wireless phones that would receive an inbound SSH connection would be attempts to pwn those phones from China or Russia, thus requiring people to run firewalls on their phones, which would be terrible on battery life. The 0.01% of legitimate SSH connections would, by definition, be going to rooted phones, since SSH connectivity is disabled on the WAN side unless explicitly allowed, which requires root. Given that Verizon has been mandating locked bootloaders for some time now and in some cases retroactively locking them (no, I'm not bitter about my Note 2, why do you ask?), its clear that they're no friends of rooted devices on their network. There's no chance that Verizon will find themselves in a place where allowing SSH connectivity by default would end up in their best interest, or the interest of 99.99% of their customers.
Why IPv6 addresses then? because they've got a lot of devices on their network, and there are only so many NAT layers they can add before Facebook and Instagram start to break...
Who cares? Why are you afraid of others knowing you like sex accessories? Grow up, its 2015.
Because one's spouse sees the charge on the statement and has seen nothing new in the bedroom, so they immediately assume the worst and start divorce proceedings. Nevermind that it was a gag gift for a friend's anniversary, even if that conversation happens and the divorce is dropped, it's now made a huge mess and cost lots of money. Also, perhaps the person is a politician or some form of religious figure where people *should* be able to understand that if they want to use a butt plug with their spouse in their bedroom then that's their business, but societally, we unfortunately don't.
Now yes, the bleeding obvious argument is that a spouse willing to file for divorce as an avenue of first resort to a questionable credit card charge does not reflect well on the marriage, and that is indeed accurate...however, the fact of life is that there is such a thing as unhealthy marriages, and people are in them, and there are any number of reasons why "just go through with the divorce" isn't practical...in those cases, it's infinitely easier to just pay cash than have yet another drawn out argument that may get messy in other ways.
Ultimately, these nuances leave me to believe that there is still a place for cash.
The biggest mistake they ever made in security is not adopting default-deny from the start. Rather than making people think about what they need to allow, it seems the entire industry is thinking about what to block.
Let's roll with this line of reasoning. Keep in mind that we're talking about an issue with a 'deny any any' on an *outbound* firewall, not an inbound one. I have a handful of services on exposed, high ports. They all have some variant of fail2ban on them, and my pfSense is set to summarily deny inbound traffic from anywhere except the US. If that were my problem with Sophos, I'd still be running it. So, let's think through the thought that every time I had outbound traffic, I needed to make a rule for it. Windows updates? new rule. IRC? new rule. IRC on a nonstandard port? new rule. Remote Desktop? new rule. Remote desktop on a nonstandard port? new rule. Remote desktop on another nonstanard port? new rule. E-mail? a new rule for POP, a new rule for SMTP, a new rule for two different IMAP ports, a new rule for Activesync. Two new rules for FTP, three rules for Usenet - two down, one up (though that may be covered through the e-mail rule). New rule for Retroshare, new rules for a dozen different video games...exactly how much time am I supposed to be spending making outbound rules in this firewall?
Indecently, if you wanted "actual router" mode, it should technically allow everything in both directions, which is the routers job. But most people want a firewall too, which has the job of blocking, so it should do its job and block everything.
Welcome to the never-ending balancing act between security and convenience. I'm not even opposed to your notion of having a default-deny-all configuration, but the thing is that Sophos seemed to configure the system that way without streamlining the initial whitelisting. Simple way to do that? Make it possible to create NAT/firewall rules out of blocked traffic logs. Have a list with checkboxes that shows a set of common outbound applications to just automatically allow out. Have a client side agent detect things and spawn a uac-like prompt to allow outbound traffic rules to be made rapidly. Give it a 'learning mode' where traffic is set to 'deny all' for ten minutes, and a common list of ports and destinations are shown in a table for batch creation of rules.
The link you provided certainly makes much more sense with the example given in the post - yes, whitelist specific traffic on a public-facing load balancer that has a very small list of traffic types and ports over which to send and recieve traffic. By all means, do that - that list is maybe a dozen rules long and involves a primarily-uploading set of servers that are intended to respond to requests. For a home network, and even most small business networks, trying to make rules for every edge case of outbound traffic would likely end up making a firewall either so ruthless that it impedes worker productivity, or so full of rules that trying to compare such traffic against a whitelist ends up adding latency because the list is a mile long, or ends up with so many outbound 'allow' rules as to not offer much in the way of protection vs. the amount of system resources required.
UTM 9 IS open source excep for the gui and FAR better and FAR more features than pfsense.
Not even close to being in the same leuage.
(no commercial interest, just a satisfied UTM 9 user (not customer))
Amusingly, I dealt with this very scenario just this week, except in reverse.
I installed the Sophos UTM on a Vista-vintage Optiplex. It was fine and responsive, and yes, the UI was beautiful, with lots of enterprise-grade features. The problem I had was that Sophos seemed to have a default 'deny any any' sort of rule in place that allowed HTTP, DNS, and...basically nothing else. I couldn't RDP out via nonstandard ports, I couldn't access IMAP mail, I couldn't get new Usenet articles in Agent, and that damn 'yellow triangle of limited connectivity' was proudly shown on all the Windows boxen on my LAN. I spent about two hours trying to get it to let SOMETHING through, Googled around, and...apparently there's some sort of voodoo that everyone else 'just knows' to make Sophos be a bit less strict, but for me it was like debating with the great-grandson of HAL9000: "Open the port 3389 doors, HAL." "I'm sorry Joey, I can't do that." Between that and the fact that Sophos went to the Sonicwall school of port forwarding hell, I installed pfSense.
pfSense allows traffic to flow the way one would expect a router to work; all the things that didn't work in Sophos worked just fine on pfSense. Port forwards can be as simple as a Linksys router (source port, destination port, IP address), or as complex as a Sonicwall. It's UI isn't nearly as pretty, but it's highly functional. The transparent proxy helps speed up HTTP traffic, which is helpful as I'm stuck with 2mbit/768k DSL for the immediate term.
I'm sure this is all a PEBKAC situation, and I do understand that Sophos's "assume the worst" stance has its place, but especially for being labeled for home users, I would have at least expected some sort of option in the initial config wizard to have the option between 'paranoid mode' and 'actual router' mode.