I'll grant that Enigmail rectifies the display problem...but Enigmail is neither the OS nor the application. By default, the uninitiated will see gross text and that is because (as I said) crypto isn't given first-class treatment in UIs.
TB sans Enigmail could at a bare minimum parse the guard lines and fold the contents into something like the UI for attachments. Or it could just incorporate Enigmail functions in the main program.
I'd like to add that I hate PGP signatures in email messages, too.
There is a lot that's wrong with the UI elements surrounding the crypto. For one, the operating systems and apps do not treat keys and sigs as first-class objects; they always end up looking like inlined ASCII barf, or little text files that have no informative icon + tooltips or associated apps. The presentation of crypto to the user practically begs the user to ignore it.
This is even true when you look as certs in web browsers. They are a monumental opportunity to educate people about crypto and give people the sense that crypto objects are tangible things, but the best we have seen are padlock icons in the address bar (while the handling of non-CA certs became fubar'ed with alarmist FUD warnings, further discouraging people from storing/managing public keys on their own).
With that said, I have to wonder if Moxie's outburst was somehow prompted by GPG's sudden funding windfall.
I simply asked him -- in a private email -- if there was a signature for Convergence someplace because I didn't see any online.
He accused me of being "inflammatory" and stated it was necessary to "take a leap of faith" (i.e. download and run it without verification). This was back in 2012, mind you. He appeared to be oddly anti-PGP back then, too.
Frankly, after that I had no appetite for any more of his, erm, style and forgot about Convergence. Years later, I had to abandon DoNotTrackMe (by a Moxie-run company, Abine) nee 'Blur' for Ghostery instead when the former got an update that kept hogging the CPU. An email to Abine just yielded a response to keep updating Blur, but the problem never went away.
And lets not forget the John Birch-er conspiracy theory that fluoridated drinking water is a government attempt at mind control (whether or not certain fluoride compounds cause problems, the conspiracy angle is irrational).
And lets not forget that, in general, denial of medical care on religious grounds is far and away dominated by right wing religious affiliation.
So, by eliding the nuclear and GMO issues with vaccines (or other medical care) you're trying to erect a rather disingenuous straw man. If anything seems to go hand-in-hand with anti-vaccination sentiment, its freemarket ideology among the "sovereign individuals" crowd. I think Rand Paul would agree.
"DEFINITION of 'Double Irish With A Dutch Sandwich'
A tax avoidance technique employed by certain large corporations, involving the use of a combination of Irish and Dutch subsidiary companies to shift profits to low or no tax jurisdictions. The double Irish with a Dutch sandwich technique involves sending profits first through one Irish company, then to a Dutch company and finally to a second Irish company headquartered in a tax haven. This technique has allowed certain corporations to dramatically reduce their overall corporate tax rates."
Signing doesn't change in any way whether AdBlock Plus can be blocked or not. We get complaints about it on occasion and it's still hosted on the official add-ons site.
Its not the same thing, and I'd hope you would have the sense to realize that.
Blacklisting an addon requires an action on the part of Mozilla. But now with the way the signing requirement appears to be implemented, the use of new or unusual addons can be stopped by simple neglect on Mozilla's part... LACK OF AN ACTION will now block addons!
And even that would be OK with me if you gave the user some way to click some extra buttons or context menus to make an exception as is done in Windows and OS X.
But no..... lets be inspired by iPhones and iPads.
I'm in favor of signing as a way to protect against MITM attacks when installing or updating addons. And I think Mozilla curating its own AMO site is a good thing. These two practices, implemented together flexibly, would be a boon a Firefox users if Mozilla had the sense to arrive that decision.
However, the way you're implementing this is cutting across PC culture by giving the user no recourse. That is a big mistake. Whether you intend it or not, a de-facto walled garden is still a walled garden.
Neither Windows nor OS X completely tie the users' hands when encountering un-signed programs, and there are good reasons for this.
...that makes neat features accessible to both developers and users.
And by "solid platform", I mean something that demonstrates a consistent philosophy and design from the UI and APIs down through the kernel and the hardware.
There should also be a specification (like Multi-Media PC was for Microsoft in the 90s) of what a minimum hardware configuration should look like for a given platform (mobile, desktop, etc) to support most of the apps users will find enticing.
If you build a consistent, feature-stable platform with neat features the app developers will come. Maybe not in droves, but you will start seeing some very interesting new ideas and apps written by the sort of people who do NOT like to tinker with kernel options in grub.cfg or have to dig through/etc with a text editor to get things working.
Tim Berners Lee wrote the first web browser on the NeXT platform which had a tiny user base. Now Ubuntu is trying to compete with iOS, which is the progeny of NeXT.
Qubes handles video playback just fine even at FHD (although within a frame, to show security context).
The MS Office website says Excel requires DirectX "for acceleration". IOW, it runs without acceleration if DirectX hardware is not available. Its not something I really notice, given that Excel mainly deals with text on a grid.
If you really need 3D, Qubes can handle it as long as you supply an additional GPU that behaves well with an IOMMU, such as an Nvidia Quadro. Otherwise, you have to wait for ITL to incorporate GPU virtualization into the Qubes codebase... but virtual GPU tech has only been demonstrated by GPU vendors very recently.
Granted, 3D is an important feature in PCs today, but the inability to/safely/ incorporate it thus far highlights the kind of negligence that has held sway in the computer industry.
You'll have more luck 3D-wise with a Hyper-V server combined with Windows new RemoteFX technology. I know that this is unpopular option, and if anyone can set me straight on hypervisors and 3D for Windows guests not running on Windows hypervisors, please do. I've researched KVM, LXD, Jailhouse, or ESX, and of those, only ESX has experimental Windows 3D guest support.
Most hypervisors are designed for the convenience of users and sysadmins to either run another OS, or better manage server resources... Securing desktop PC features is secondary at best with them.
Its not FUD when a malware (or bug) with normal privs can open an avenue for physical attack.
If a website/MITM tricks your browser into putting up a tiny context menu, it can allow someone to walk up to your computer later and start messing with it.
Qubes graphics virtualization appears to prevent this attack, since there is no way a VM client can use specific X features (it can only report bitmap deltas to dom0) and it can't force a full-screen window (the user even has to jump through hoops to make that possible).
The Qubes OS community is interested in this laptop, but without a TPM chip Qubes' AEM firmware guarding feature won't work on the Librem. So they are looking at accommodating us in another way by employing some kind of user-generated cert to protect the system firmware.
Purism did, however, switch their CPU to an i7-770HQ (along with HM87 chipset) specifically to satisfy Qubes' requirement for I/O virtualization. Pending proper support in Coreboot, Qubes should run and provide great protection from remote exploits on the Librem.
But I get your reasoning... Shiny pocket computers are more important than dealing with servitude.
I don't have to read the whole website to see that all I said was correct.
My hero!!! His Xray vision even works over the Internet.
What is your fucking point anyway? That you are morally superior to me because you have a fair phone - no wait, you said you could get one if you wanted to.
My point (if you read it) is that choices exist out there that the Android market at least makes possible.
Me, I don't have any shiny pocket computers unlike you hypocrite. Fuck you.
You presume too much, kemosabe... I'm going on 8 years with the same dumb-phone now.
What's ridiculous is thinking Android users don't have a choice when it comes to ethics... http://www.fairphone.com/
At least it is something. And while you're reading that page I'd like to remind you of Apple's position as the both the largest and/richest/ smartphone vendor.
Barnes and Noble were shaping up to test a few of em in court - then Microsoft sidled up and 'partnered' with them. That's another part of the MS modus operandi. Wait for a company who you've hurt to be on the ropes financially, and then offer to help if they'll kiss and make up. Happened with Apple and MS too.
MS have claimed numerous patents which they will STILL not disclose. FAT32 is only a known factor because it is also an issue with cameras, audio players and such.
At the end of the day, if I decide to install Windows on a system bearing Linux, then that Linux system is in peril. If a user receives a Linux ext3-formatted SD card and puts it into a running Windows system, the user will be told the card is unusable until it is formatted.
Where office formats and disk formats are concerned, MS still only has two modes: Pretend its noise that should be erased, or freakout send a SWAT team of marketing psychologists and lobbyists to get you to switch back.
Its nice that MS makes FOSS-friendly noises in the server/cloud space. That is what bullies do when they get their asses kicked. If MS gets the upper hand and their vendor lock-in starts working here, then the friendliness WILL evaporate.
Slashdot Mirror
I'll grant that Enigmail rectifies the display problem ...but Enigmail is neither the OS nor the application. By default, the uninitiated will see gross text and that is because (as I said) crypto isn't given first-class treatment in UIs.
TB sans Enigmail could at a bare minimum parse the guard lines and fold the contents into something like the UI for attachments. Or it could just incorporate Enigmail functions in the main program.
I'd like to add that I hate PGP signatures in email messages, too.
There is a lot that's wrong with the UI elements surrounding the crypto. For one, the operating systems and apps do not treat keys and sigs as first-class objects; they always end up looking like inlined ASCII barf, or little text files that have no informative icon + tooltips or associated apps. The presentation of crypto to the user practically begs the user to ignore it.
This is even true when you look as certs in web browsers. They are a monumental opportunity to educate people about crypto and give people the sense that crypto objects are tangible things, but the best we have seen are padlock icons in the address bar (while the handling of non-CA certs became fubar'ed with alarmist FUD warnings, further discouraging people from storing/managing public keys on their own).
With that said, I have to wonder if Moxie's outburst was somehow prompted by GPG's sudden funding windfall.
I simply asked him -- in a private email -- if there was a signature for Convergence someplace because I didn't see any online.
He accused me of being "inflammatory" and stated it was necessary to "take a leap of faith" (i.e. download and run it without verification). This was back in 2012, mind you. He appeared to be oddly anti-PGP back then, too.
Frankly, after that I had no appetite for any more of his, erm, style and forgot about Convergence. Years later, I had to abandon DoNotTrackMe (by a Moxie-run company, Abine) nee 'Blur' for Ghostery instead when the former got an update that kept hogging the CPU. An email to Abine just yielded a response to keep updating Blur, but the problem never went away.
Nurse Quarantined By Christie Comes Back To Haunt Him On Vaccines
Parents Fighting Against Gov't. Vaccination Agenda - The John Birch Society
Scott Brown Rents Out Email List To Anti-Vaccine Conspiracy Theorist
And lets not forget the John Birch-er conspiracy theory that fluoridated drinking water is a government attempt at mind control (whether or not certain fluoride compounds cause problems, the conspiracy angle is irrational).
And lets not forget that, in general, denial of medical care on religious grounds is far and away dominated by right wing religious affiliation.
So, by eliding the nuclear and GMO issues with vaccines (or other medical care) you're trying to erect a rather disingenuous straw man. If anything seems to go hand-in-hand with anti-vaccination sentiment, its freemarket ideology among the "sovereign individuals" crowd. I think Rand Paul would agree.
Have a nice day.
You should read up on the irish-dutch sandwitch tax dodge. That is exactly what they are doing.
http://www.investopedia.com/te...
"DEFINITION of 'Double Irish With A Dutch Sandwich'
A tax avoidance technique employed by certain large corporations, involving the use of a combination of Irish and Dutch subsidiary companies to shift profits to low or no tax jurisdictions. The double Irish with a Dutch sandwich technique involves sending profits first through one Irish company, then to a Dutch company and finally to a second Irish company headquartered in a tax haven. This technique has allowed certain corporations to dramatically reduce their overall corporate tax rates."
Signing doesn't change in any way whether AdBlock Plus can be blocked or not. We get complaints about it on occasion and it's still hosted on the official add-ons site.
Its not the same thing, and I'd hope you would have the sense to realize that.
Blacklisting an addon requires an action on the part of Mozilla. But now with the way the signing requirement appears to be implemented, the use of new or unusual addons can be stopped by simple neglect on Mozilla's part... LACK OF AN ACTION will now block addons!
And even that would be OK with me if you gave the user some way to click some extra buttons or context menus to make an exception as is done in Windows and OS X.
But no..... lets be inspired by iPhones and iPads.
I'm in favor of signing as a way to protect against MITM attacks when installing or updating addons. And I think Mozilla curating its own AMO site is a good thing. These two practices, implemented together flexibly, would be a boon a Firefox users if Mozilla had the sense to arrive that decision.
However, the way you're implementing this is cutting across PC culture by giving the user no recourse. That is a big mistake. Whether you intend it or not, a de-facto walled garden is still a walled garden.
Neither Windows nor OS X completely tie the users' hands when encountering un-signed programs, and there are good reasons for this.
...that makes neat features accessible to both developers and users.
And by "solid platform", I mean something that demonstrates a consistent philosophy and design from the UI and APIs down through the kernel and the hardware.
There should also be a specification (like Multi-Media PC was for Microsoft in the 90s) of what a minimum hardware configuration should look like for a given platform (mobile, desktop, etc) to support most of the apps users will find enticing.
If you build a consistent, feature-stable platform with neat features the app developers will come. Maybe not in droves, but you will start seeing some very interesting new ideas and apps written by the sort of people who do NOT like to tinker with kernel options in grub.cfg or have to dig through /etc with a text editor to get things working.
Tim Berners Lee wrote the first web browser on the NeXT platform which had a tiny user base. Now Ubuntu is trying to compete with iOS, which is the progeny of NeXT.
The hypocrisy from the ad industry is so thick you could cut it with a knife.
Qubes handles video playback just fine even at FHD (although within a frame, to show security context).
The MS Office website says Excel requires DirectX "for acceleration". IOW, it runs without acceleration if DirectX hardware is not available. Its not something I really notice, given that Excel mainly deals with text on a grid.
If you really need 3D, Qubes can handle it as long as you supply an additional GPU that behaves well with an IOMMU, such as an Nvidia Quadro. Otherwise, you have to wait for ITL to incorporate GPU virtualization into the Qubes codebase... but virtual GPU tech has only been demonstrated by GPU vendors very recently.
Granted, 3D is an important feature in PCs today, but the inability to /safely/ incorporate it thus far highlights the kind of negligence that has held sway in the computer industry.
You'll have more luck 3D-wise with a Hyper-V server combined with Windows new RemoteFX technology. I know that this is unpopular option, and if anyone can set me straight on hypervisors and 3D for Windows guests not running on Windows hypervisors, please do. I've researched KVM, LXD, Jailhouse, or ESX, and of those, only ESX has experimental Windows 3D guest support.
Most hypervisors are designed for the convenience of users and sysadmins to either run another OS, or better manage server resources... Securing desktop PC features is secondary at best with them.
Its designed to run Windows 7 as a guest OS.
Its not FUD when a malware (or bug) with normal privs can open an avenue for physical attack.
If a website/MITM tricks your browser into putting up a tiny context menu, it can allow someone to walk up to your computer later and start messing with it.
Qubes graphics virtualization appears to prevent this attack, since there is no way a VM client can use specific X features (it can only report bitmap deltas to dom0) and it can't force a full-screen window (the user even has to jump through hoops to make that possible).
As entropy in the universe increases, so does the amount of space.
Vpro?
They're avoiding Vpro specifically because of security concerns.
But using my signature.
I want secure boot from beginning to desktop, with the knowledge that the NSA has not dicked with my computer beyond its initial state.
They are looking into it... https://groups.google.com/d/ms...
The Qubes OS community is interested in this laptop, but without a TPM chip Qubes' AEM firmware guarding feature won't work on the Librem. So they are looking at accommodating us in another way by employing some kind of user-generated cert to protect the system firmware.
Purism did, however, switch their CPU to an i7-770HQ (along with HM87 chipset) specifically to satisfy Qubes' requirement for I/O virtualization. Pending proper support in Coreboot, Qubes should run and provide great protection from remote exploits on the Librem.
Given the track record of Fedora, the update will hit the mirrors in about 2 days.
Well clearly nothing is good enough for you. Try making your criticism constructive sometime.
You obviously didn't read the website.
But I get your reasoning... Shiny pocket computers are more important than dealing with servitude.
I don't have to read the whole website to see that all I said was correct.
My hero!!! His Xray vision even works over the Internet.
What is your fucking point anyway? That you are morally superior to me because you have a fair phone - no wait, you said you could get one if you wanted to.
My point (if you read it) is that choices exist out there that the Android market at least makes possible.
Me, I don't have any shiny pocket computers unlike you hypocrite. Fuck you.
You presume too much, kemosabe... I'm going on 8 years with the same dumb-phone now.
You obviously didn't read the website.
But I get your reasoning... Shiny pocket computers are more important than dealing with servitude.
Do you have a solution to the problem to propose?
Fairphone for starters:
http://www.fairphone.com/
What's ridiculous is thinking Android users don't have a choice when it comes to ethics... http://www.fairphone.com/
At least it is something. And while you're reading that page I'd like to remind you of Apple's position as the both the largest and /richest/ smartphone vendor.
Barnes and Noble were shaping up to test a few of em in court - then Microsoft sidled up and 'partnered' with them. That's another part of the MS modus operandi. Wait for a company who you've hurt to be on the ropes financially, and then offer to help if they'll kiss and make up. Happened with Apple and MS too.
They also did this with Corel and Novell.
MS have claimed numerous patents which they will STILL not disclose. FAT32 is only a known factor because it is also an issue with cameras, audio players and such.
At the end of the day, if I decide to install Windows on a system bearing Linux, then that Linux system is in peril. If a user receives a Linux ext3-formatted SD card and puts it into a running Windows system, the user will be told the card is unusable until it is formatted.
Where office formats and disk formats are concerned, MS still only has two modes: Pretend its noise that should be erased, or freakout send a SWAT team of marketing psychologists and lobbyists to get you to switch back.
Its nice that MS makes FOSS-friendly noises in the server/cloud space. That is what bullies do when they get their asses kicked. If MS gets the upper hand and their vendor lock-in starts working here, then the friendliness WILL evaporate.
They have both bifold and trifold. Don't know how well they work, though.