You do need someone to verify the domain first time you access it unless you have some means of verifying it yourself. Otherwise you don't know that the server you are sending encrypted data to is the server you think it is. Without some form of verification (what we have now, broken as it is becoming, or some replacement system that is at least no more broken) anyone could create a server pretending to be amazon.com or yourbank.com, create a certificate saying that the server is the real one. All that is needed then is a DNS poisoning attack or other such and the data that you are sending is all nice and safely encrypted all the way to a server that you don't want to send it to. Now the owners of that pretend server can use you data to gain access to your accounts on the real servers and so forth.
Some verification system is absolutely required, so until something better is proposed, designed, implemented, tested and widely available we can't just drop the system we have now.
Not a suggestion that is free, but you could rent a small VPS, run OpenVPN on that, connect your local network to that OpenVPN instance, and send your DNS traffic through that link to Google's servers or some others that don't hijack NXDOMAIN responses. This would not be free, but you can grab a suitable small VPS for something like three dollars a month, and you could share that between a few affected users if that is still too much for you. You don't need much bandwidth as you would only be sending DNS traffic that way. Latency would be higher than normal for DNS requests of course, but no as much higher as it would be if using Tor.
Actually there is a way it could be done free: if you have a friend who uses an ISP which gives static IP addresses and allows server serivces to be hosted on the line and has a server running 24/7 anyway, or if you or a friend already has a VPS or dedicated server you could run the little VPN on. Running an instance if OpenVPN and adding a couple of iptables rules to route the traffic appropriately (and block none DNS traffic to avoid other users, should you allow them, to use more bandwidth than just DNS requests) adds practically zero load (CPU, RAM, I/O or bandwidth load) unless you are making it available to many users or plan to route traffic other than DNS requests through it.
OpenDNS is opt in.
Which means that if they suck you don't have to do business with them.
Which is fair point for the most part. The features they add to the breaking of NXDOMAIN (typo correction and such) might be useful to some people, which is worth considering. Though that doesn't alter the fact that not passing on the NXDOMAIN response is RFC ignorant and may break other things while fixing your typos, so users opting in should be informed to limit tech support problems elsewhere.
Also I believe some small ISPs use them as the default for their users to avoid a little bit of infrastructure cost running their own caching resolver, which means for those users it is not opt-in (though opting out is easy enough if the ISP doesn't block or redirect DNS requests to other hosts).
I avoid them because I prefer pure DNS, but I don't despise them because they don't force you to use them.
I avoid them because I prefer correct DNS, tohugh I inderstand that some people will find the features they add by breaking the system useful and may never experience the breakage possible as a consequence. One of these days I'll have to take a browse of their documentation to see if they have any info on diagnosing problems that could be caused by an NXDOMAIN being translated into something else.
Damn, should have actually read the preview... That should have been:
One of the reasons I lack enough confidence in Bing to start considering it over Google is MS's other search functions Every tried finding something in their documentation? I've often found much better results asking Google for "msdn <keywords>" then asking the MSDN site's own search function for "<keywords>".
I've certainly had the "looking for specs/review not a list of sites that are selling the thing or are just place-holders asking me to provide details, thanks" problem with Google as mentioned by Computershack, though I can't say I've used Bing much (in those cases I usually find what I want eventually with a little keyword tweaking and/or perseverance) so I don't know if it is better/worse there.
One of the reasons I lack enough confidence in Bing to start considering it over Google is MS's other search functions Every tried finding something in their documentation? I've often found much better results asking Google for "msdn " then asking the MSDN site's own search function for "".
OpenDNS does nothing with 404 responses. It will give bogus addresses in what should be NXDOMAIN responses, but any edited 404's if you are in fact seeing that will be your ISPs doing directly.
Doesn't OpenDNS return bogus results for what should be NXDOMAIN responses? http://www.opendns.com/home/basic/ suggests so with "The customizable OpenDNS Guide page appears when you try to access a non-existent website and displays relevant search results to help you get where you want to go" and no hint that it can be turned off (at least on the basic account).
I've been using Google's DNS service (8.8.8.8 and 8.8.4.4) since a little problem with my last ISP's servers one day last year, and they honour NXDOMAIN correctly.
The 386SX was a 32-bit CPU internally (but with a 24-bit external address bus and 16-bit external data bus 7 circuitry to split 32-bit wide requests into two 16-bit ones) and will run Linux just fine given enough RAM, but many boards designed with the SX in mind would only accept 4Mb (sometimes less) which is not going to be enough for a modern kernel.
The SX should run anything the DX would but slower for 32-bit code at any given clock rate due to 32-bit requests needing to be made using two due to the 16-bit data bus, and due to some boards for the DX having support for a small amounts of cache ram which the cheaper boards (probably including all SX ones) lacked.
Some early 386 chips were faulty and would not run 32-bit code 100% correctly. These were actually sold as working "16 bit only" chips - if you have some of those they are not going to run Linux successfully. I don't remember if that affected SX models as well or if it had been sorted before they were first released.
I remember running a Linux variant (some version of slackware IIRC) on my old 386SX40 (AMD made a version clocked that fast) with 4Mb RAM, though I never did anything useful with Linux until the early Pentium days.
It is probably more aimed at commercial entities installing their crap without asking, rather than malware authors. That way something that causes instability will at least have be mentioned to the user reducing the risk of Firefox itself being blamed - like an extension to the facility already present to disable extensions that are know to cause instability.
While a malware author won't think twice about hacking around such a measure, a "legitimate" company will if they think doing so will create an opportunity for a competitor to give them bad press.
"However, a mysterious key called Scroll Lock doesn't actually do anything."
30 years ago... as useless then as it is now.
It is useful in many speadsheet applications. With it on Excel, for instance, will scroll your viewport without altering your cursor position. I'm sure I've seen it used the same way in some turn-based strategy games too.
Why would someone write a virus that is targeted at 10% of the user base when they can target 90?
I'm assuming you are implementing sarcasm there, but in case you are not...
How about because you've got as large a chunk on the 90% as you are going to get any time soon in your botnet already, and you are having to fight every other botnet going to keep them? A chunk of that 10% could make a useful difference.
Or if you are installing a key logger to try purloin credit card details or authentication credentials, why not target the more-affluent-on-average users of that 10% who might actually take less effort to infect as they are complacent?
Or how about "just to prove you can". I'm guessing that in lieu of actually making money simple bragging rights still count for something in the hacker/cracker world.
One man's freedom protester is another man's unlawful rioter.
How deep. Grow up.
In fairness, with regard to RIM there is more to that pithy oft-repeated-by-people-who-don't-really-think-about-it-but-want-to-sound-clever phrase than just a pithy oft-repeated phrase.
RIM have always protested the end-to-end security of their system to be unwavering for anyone, they have state that they not only will not but can not hand over any useful information to authorities or other third parties (hence the little spat with India).
If they are will, and show they are able, to help in a situation where we would support them snooping on some users (the looting little fuckwits who should be shopped), how do we know that they can't be cajoled into helping governments and security forces here and in other countries to monitor the activity of its users in ways we find less palatable?
If they show capability now then those wanting their assistance will know they can give it no matter how hard they protest otherwise, and with their declining position they are less and less unlikely to be able to afford to take the stance their users expect/want in the face of being cut off from an entire country worth of potential users for refusing (their declining market share meaning they can't pull anything out of the hat like a "you wouldn't inconvenience your own people like this" argument worth a damn).
If they are ever forced to do this, and it becomes known they did, they've blown their own unique selling point out of the water and their decline to irrelevance will be sealed with little hope of recovery. The way their CEO recently stormed out of an interview with the BBC like a petulant child when the India question came up, might be an indication that they know how precarious a position that does put them in. Maybe the access they have given that government (see http://news.cnet.com/8301-1009_3-20028395-83.html amongst other reports) gives them more useful information then RIM would like people to think, maybe the fall from grace is nearly complete. It would have ramifications far away from the freedom-fighter/looting-cock dividing line - if a government department or security force has access to useful data about messages being sent, then there are people who might be bribable by a commercial entity in order to get information about messages sent between other commercial entities (traditionally RIM's core market) and even if the content of the messages can not be gleaned, the fact they exist at all could be useful information to a competitor. If I were a high-flying BB user I might be concerned.
A bit of wild speculation on my part there, I'll admit, but far from implausible IMO.
Yes their are. And many many arguments start because the truth is found!
Also in many relationships the partner 1 knows partner 2 watches porn, and partner 2 knows (or at least strongly suspects) that partner 1 knows, but it is just one of those things that is not discussed and is kept hidden.
Then again I live in repressed brit land, maybe in other parts of Europe these things are more openly accepted and not "hidden" as much. Though I'm guessing some other places (the highly indoctrinated bible-belt areas spring to mind) where it goes the other way and people lying and partners being naive enough to trust on the matter is the common case.
But would the 90% drop in price ($10..20 -> $1..2) increase the sales by 900% (needed to break even on the change) or more? Break even and a little more would not be nearly good enough either because the cost of providing the content to 1000 people at $1 each is going to be higher than the cost of providing it to 100 people for $10 each (there will be some bandwidth and management costs somewhere in the system for each viewer). Porn is not going to be a "just happened to be browsing the store and saw it" impulse buy in the same way you might happen upon something on iTunes, nor is it likely to "go viral" like Angry Birds.
Dropping the price would not increase sales that much: most people not already paying for porn wouldn't pay for it if it were cheaper either because they don't want it on a credit card or cable account bill (where others, like the wife, could find it) or in the case of cable because watching it via cable isn't as easy to do quite as surreptitiously.
So the price of a porn flick doesn't drop due to demand numbers like a big hollywood film would.
That, and there is the "what the market will bare" thing. The current price is where they would see a noticeable drop-off in sales were it any higher, or the extra sales would not be enough to make up for the difference if they made it lower.
I don't think I've every paid for porn unless you count using the Internet connection that I do pay for as indirectly paying for it, or if you count getting a beating for stealing my elder brother's stash (in earlier life) as payment. $2 or $10 makes no odds to me: I'll not pay anyway.
tombeard (126886) does make a fair point (I'm replying to your post rather than his to increase the chance you'll see this, assuming you have reply-notification-by-email turned on) though will a little unnecessary aggression.
The man page of ip is a reference for people that already know the tool generally but need reminding of details. Perhaps you could suggest a more introductory guide, either "from scratch" aimed at people wanting to transition from the older tools ip can replace?
the only thing you know is what alice-smith.uk-lon.1994@gmail.com says about herself.
All the people I am in contact with via G+ and facebook are either people I've physically met (and those are, aside from one or two family members who I don't block because I just don't want to bother with that argument, actually friends that I'd at least be happy to take to the pub and by a round for) or are people I've been introduced to through them.
Not that I care if my contacts want to use pseudonyms (if allowed to), but I don't have a problem with the network choosing to have a policy against and it chosing to enforce that policy. Some would ask "what about beaten wifes and people trying to explore their sexuality privately and so forth", but I'm not convinced that a pseudonym offers such people any real protection in the grand scheme of things, and they of course have the choice of not using a service that expects their real details.
And it hasn't any more veracity than what "asdf7890" tells about himself.
I'll admit that does look very hypocritical. I setup my account here as a throw-away (it was one of my "Someone on the Internet is WRONG!" moments, IIRC the first of many arguments with people who think browsers blindly accepting self-signed SSL certs is a practical solution to anything without side effects), but I ended up continuing to use it. As with all throw-away accounts I just hammered in a randomish username choice and I've not been bothered to change my profile since, which I probably should do at some point as I doubt there is anything I've posted here that I'd have any problem with being associated with the real me. If slashdot had required my real name I'd have either given it or not signed up depending upon my mood at the time. If I do sign up for a site that requires my real ID and they close my account for giving fake details, I certainly wouldn't bleat and moan about it not being fair as some have with G+ (though I would say that a polite "please correct the info or we'll have to close your account" first would be much better customer/product service).
I've seen the argument that requiring you use your real identity harms those under oppressive regimes, but I don't buy it.
Google+ existing does not reduce the number of outlets such people have for their views/ideas at all.
The other problem often sited is other people posting stuff about you.
But having a fake ID isn't going to stop someone posting something that includes your real name if they were going to do so already.
facebook is no more anonymous, at least according to the TOS at https://www.facebook.com/terms.php:
* You will not provide any false personal information on Facebook * You will keep your contact information accurate and up-to-date You can't give a fake name (a name is required, and you shouldn't provide false information) and they make it a requirement that any contact info you are daft enough to hand over be kept up to date (though how they would enforce that one I have no idea). How it this any different to Google+, other than the fact Google seem to be enforcing the policy and facebook don't seem to really care as long as your using their network? What existing system are they holding up as an example there anonymity is permitted/accepted/encouraged?
Personally, I'm happy to use a network where there is a small chance of the person I'm exchanging crap with is the person I think I'm exchanging crap with.
If you want something else, why not use something else. Or make your own. If there is something I don't want publicly known about me, I won't put it on any social network. When it comes down to what other people post that is linkable to me (truthfully or not), there is little I can do to control that no matter what policies the system has.
And your opinion of his opinion should be of consequence to anyone?
Thankyou good sir, for blessing us with your pithy little interjection. People who were going to follow that opinion like sheep will no doubt now follow yours. Dunt it make you proud. There was a little sarcasm there by the way. In case you missed it.
Could there be some confirmation bias that is clouding the true meaning of the collected stats?
It may not just be that the the remaining XP users are less careful/knowledgable/what-ever on average so aren't fully patched with service packs and so forth either by choice or ignorance. A lot of those XP installs have been around a long time, so have had a much longer period (compared to the average Windows 7 or Vista install) in which they could have been exposed to malware.
Many of the installs not properly patched up with security updates could be a symptom of this, rather than a cause, as there are plenty of examples of malware that block some or all updates from being installed (either accidentally due to the damage they do while hacking their way in, or deliberately as a self preservation measure).
I've not come across anything since shortly after SP3 came out that has had any trouble at all (I still run XP as my main home desktop, and in VMs at work). Even our more conservative clients that won't yet move away from IE6 are running SP3, so presumably they have no problems even with some of the ancient software they run that they don't want to update/replace for one reason or another.
That pushes some "useless" load onto another (innocent, at least in this instance) service though, so would be bad network etiquette. The load from just a couple of us would be as close to nothing as makes no difference, but if many people used such a plugin (and it would take many for it to have any effect on the overall results of the tracking) the load may become significant.
Slashdot Mirror
You do need someone to verify the domain first time you access it unless you have some means of verifying it yourself. Otherwise you don't know that the server you are sending encrypted data to is the server you think it is. Without some form of verification (what we have now, broken as it is becoming, or some replacement system that is at least no more broken) anyone could create a server pretending to be amazon.com or yourbank.com, create a certificate saying that the server is the real one. All that is needed then is a DNS poisoning attack or other such and the data that you are sending is all nice and safely encrypted all the way to a server that you don't want to send it to. Now the owners of that pretend server can use you data to gain access to your accounts on the real servers and so forth.
Some verification system is absolutely required, so until something better is proposed, designed, implemented, tested and widely available we can't just drop the system we have now.
Not a suggestion that is free, but you could rent a small VPS, run OpenVPN on that, connect your local network to that OpenVPN instance, and send your DNS traffic through that link to Google's servers or some others that don't hijack NXDOMAIN responses. This would not be free, but you can grab a suitable small VPS for something like three dollars a month, and you could share that between a few affected users if that is still too much for you. You don't need much bandwidth as you would only be sending DNS traffic that way. Latency would be higher than normal for DNS requests of course, but no as much higher as it would be if using Tor.
Actually there is a way it could be done free: if you have a friend who uses an ISP which gives static IP addresses and allows server serivces to be hosted on the line and has a server running 24/7 anyway, or if you or a friend already has a VPS or dedicated server you could run the little VPN on. Running an instance if OpenVPN and adding a couple of iptables rules to route the traffic appropriately (and block none DNS traffic to avoid other users, should you allow them, to use more bandwidth than just DNS requests) adds practically zero load (CPU, RAM, I/O or bandwidth load) unless you are making it available to many users or plan to route traffic other than DNS requests through it.
OpenDNS is opt in.
Which means that if they suck you don't have to do business with them.
Which is fair point for the most part. The features they add to the breaking of NXDOMAIN (typo correction and such) might be useful to some people, which is worth considering. Though that doesn't alter the fact that not passing on the NXDOMAIN response is RFC ignorant and may break other things while fixing your typos, so users opting in should be informed to limit tech support problems elsewhere.
Also I believe some small ISPs use them as the default for their users to avoid a little bit of infrastructure cost running their own caching resolver, which means for those users it is not opt-in (though opting out is easy enough if the ISP doesn't block or redirect DNS requests to other hosts).
I avoid them because I prefer pure DNS, but I don't despise them because they don't force you to use them.
I avoid them because I prefer correct DNS, tohugh I inderstand that some people will find the features they add by breaking the system useful and may never experience the breakage possible as a consequence. One of these days I'll have to take a browse of their documentation to see if they have any info on diagnosing problems that could be caused by an NXDOMAIN being translated into something else.
One of the reasons I lack enough confidence in Bing to start considering it over Google is MS's other search functions Every tried finding something in their documentation? I've often found much better results asking Google for "msdn <keywords>" then asking the MSDN site's own search function for "<keywords>".
I've certainly had the "looking for specs/review not a list of sites that are selling the thing or are just place-holders asking me to provide details, thanks" problem with Google as mentioned by Computershack, though I can't say I've used Bing much (in those cases I usually find what I want eventually with a little keyword tweaking and/or perseverance) so I don't know if it is better/worse there.
One of the reasons I lack enough confidence in Bing to start considering it over Google is MS's other search functions Every tried finding something in their documentation? I've often found much better results asking Google for "msdn " then asking the MSDN site's own search function for "".
OpenDNS does nothing with 404 responses. It will give bogus addresses in what should be NXDOMAIN responses, but any edited 404's if you are in fact seeing that will be your ISPs doing directly.
Doesn't OpenDNS return bogus results for what should be NXDOMAIN responses? http://www.opendns.com/home/basic/ suggests so with "The customizable OpenDNS Guide page appears when you try to access a non-existent website and displays relevant search results to help you get where you want to go" and no hint that it can be turned off (at least on the basic account).
I've been using Google's DNS service (8.8.8.8 and 8.8.4.4) since a little problem with my last ISP's servers one day last year, and they honour NXDOMAIN correctly.
The 386SX was a 32-bit CPU internally (but with a 24-bit external address bus and 16-bit external data bus 7 circuitry to split 32-bit wide requests into two 16-bit ones) and will run Linux just fine given enough RAM, but many boards designed with the SX in mind would only accept 4Mb (sometimes less) which is not going to be enough for a modern kernel.
The SX should run anything the DX would but slower for 32-bit code at any given clock rate due to 32-bit requests needing to be made using two due to the 16-bit data bus, and due to some boards for the DX having support for a small amounts of cache ram which the cheaper boards (probably including all SX ones) lacked.
Some early 386 chips were faulty and would not run 32-bit code 100% correctly. These were actually sold as working "16 bit only" chips - if you have some of those they are not going to run Linux successfully. I don't remember if that affected SX models as well or if it had been sorted before they were first released.
I remember running a Linux variant (some version of slackware IIRC) on my old 386SX40 (AMD made a version clocked that fast) with 4Mb RAM, though I never did anything useful with Linux until the early Pentium days.
It is probably more aimed at commercial entities installing their crap without asking, rather than malware authors. That way something that causes instability will at least have be mentioned to the user reducing the risk of Firefox itself being blamed - like an extension to the facility already present to disable extensions that are know to cause instability.
While a malware author won't think twice about hacking around such a measure, a "legitimate" company will if they think doing so will create an opportunity for a competitor to give them bad press.
FTA:
"However, a mysterious key called Scroll Lock doesn't actually do anything."
30 years ago... as useless then as it is now.
It is useful in many speadsheet applications. With it on Excel, for instance, will scroll your viewport without altering your cursor position. I'm sure I've seen it used the same way in some turn-based strategy games too.
Why would someone write a virus that is targeted at 10% of the user base when they can target 90?
I'm assuming you are implementing sarcasm there, but in case you are not...
How about because you've got as large a chunk on the 90% as you are going to get any time soon in your botnet already, and you are having to fight every other botnet going to keep them? A chunk of that 10% could make a useful difference.
Or if you are installing a key logger to try purloin credit card details or authentication credentials, why not target the more-affluent-on-average users of that 10% who might actually take less effort to infect as they are complacent?
Or how about "just to prove you can". I'm guessing that in lieu of actually making money simple bragging rights still count for something in the hacker/cracker world.
One man's freedom protester is another man's unlawful rioter.
How deep. Grow up.
In fairness, with regard to RIM there is more to that pithy oft-repeated-by-people-who-don't-really-think-about-it-but-want-to-sound-clever phrase than just a pithy oft-repeated phrase.
RIM have always protested the end-to-end security of their system to be unwavering for anyone, they have state that they not only will not but can not hand over any useful information to authorities or other third parties (hence the little spat with India).
If they are will, and show they are able, to help in a situation where we would support them snooping on some users (the looting little fuckwits who should be shopped), how do we know that they can't be cajoled into helping governments and security forces here and in other countries to monitor the activity of its users in ways we find less palatable?
If they show capability now then those wanting their assistance will know they can give it no matter how hard they protest otherwise, and with their declining position they are less and less unlikely to be able to afford to take the stance their users expect/want in the face of being cut off from an entire country worth of potential users for refusing (their declining market share meaning they can't pull anything out of the hat like a "you wouldn't inconvenience your own people like this" argument worth a damn).
If they are ever forced to do this, and it becomes known they did, they've blown their own unique selling point out of the water and their decline to irrelevance will be sealed with little hope of recovery. The way their CEO recently stormed out of an interview with the BBC like a petulant child when the India question came up, might be an indication that they know how precarious a position that does put them in. Maybe the access they have given that government (see http://news.cnet.com/8301-1009_3-20028395-83.html amongst other reports) gives them more useful information then RIM would like people to think, maybe the fall from grace is nearly complete. It would have ramifications far away from the freedom-fighter/looting-cock dividing line - if a government department or security force has access to useful data about messages being sent, then there are people who might be bribable by a commercial entity in order to get information about messages sent between other commercial entities (traditionally RIM's core market) and even if the content of the messages can not be gleaned, the fact they exist at all could be useful information to a competitor. If I were a high-flying BB user I might be concerned.
A bit of wild speculation on my part there, I'll admit, but far from implausible IMO.
Yes their are. And many many arguments start because the truth is found!
Also in many relationships the partner 1 knows partner 2 watches porn, and partner 2 knows (or at least strongly suspects) that partner 1 knows, but it is just one of those things that is not discussed and is kept hidden.
Then again I live in repressed brit land, maybe in other parts of Europe these things are more openly accepted and not "hidden" as much. Though I'm guessing some other places (the highly indoctrinated bible-belt areas spring to mind) where it goes the other way and people lying and partners being naive enough to trust on the matter is the common case.
But would the 90% drop in price ($10..20 -> $1..2) increase the sales by 900% (needed to break even on the change) or more? Break even and a little more would not be nearly good enough either because the cost of providing the content to 1000 people at $1 each is going to be higher than the cost of providing it to 100 people for $10 each (there will be some bandwidth and management costs somewhere in the system for each viewer). Porn is not going to be a "just happened to be browsing the store and saw it" impulse buy in the same way you might happen upon something on iTunes, nor is it likely to "go viral" like Angry Birds.
Dropping the price would not increase sales that much: most people not already paying for porn wouldn't pay for it if it were cheaper either because they don't want it on a credit card or cable account bill (where others, like the wife, could find it) or in the case of cable because watching it via cable isn't as easy to do quite as surreptitiously.
So the price of a porn flick doesn't drop due to demand numbers like a big hollywood film would.
That, and there is the "what the market will bare" thing. The current price is where they would see a noticeable drop-off in sales were it any higher, or the extra sales would not be enough to make up for the difference if they made it lower.
I don't think I've every paid for porn unless you count using the Internet connection that I do pay for as indirectly paying for it, or if you count getting a beating for stealing my elder brother's stash (in earlier life) as payment. $2 or $10 makes no odds to me: I'll not pay anyway.
Surely if you've watched that same 5 minutes so many times you can just, err, do it from memory?
Eventually they agreed, rather than being booted out of China
That is enough for many people. They were eventually willing to compromise on what was seen as a moral stance, for commercial gain.
tombeard (126886) does make a fair point (I'm replying to your post rather than his to increase the chance you'll see this, assuming you have reply-notification-by-email turned on) though will a little unnecessary aggression.
The man page of ip is a reference for people that already know the tool generally but need reminding of details. Perhaps you could suggest a more introductory guide, either "from scratch" aimed at people wanting to transition from the older tools ip can replace?
the only thing you know is what alice-smith.uk-lon.1994@gmail.com says about herself.
All the people I am in contact with via G+ and facebook are either people I've physically met (and those are, aside from one or two family members who I don't block because I just don't want to bother with that argument, actually friends that I'd at least be happy to take to the pub and by a round for) or are people I've been introduced to through them.
Not that I care if my contacts want to use pseudonyms (if allowed to), but I don't have a problem with the network choosing to have a policy against and it chosing to enforce that policy. Some would ask "what about beaten wifes and people trying to explore their sexuality privately and so forth", but I'm not convinced that a pseudonym offers such people any real protection in the grand scheme of things, and they of course have the choice of not using a service that expects their real details.
And it hasn't any more veracity than what "asdf7890" tells about himself.
I'll admit that does look very hypocritical. I setup my account here as a throw-away (it was one of my "Someone on the Internet is WRONG!" moments, IIRC the first of many arguments with people who think browsers blindly accepting self-signed SSL certs is a practical solution to anything without side effects), but I ended up continuing to use it. As with all throw-away accounts I just hammered in a randomish username choice and I've not been bothered to change my profile since, which I probably should do at some point as I doubt there is anything I've posted here that I'd have any problem with being associated with the real me. If slashdot had required my real name I'd have either given it or not signed up depending upon my mood at the time. If I do sign up for a site that requires my real ID and they close my account for giving fake details, I certainly wouldn't bleat and moan about it not being fair as some have with G+ (though I would say that a polite "please correct the info or we'll have to close your account" first would be much better customer/product service).
I've seen the argument that requiring you use your real identity harms those under oppressive regimes, but I don't buy it. Google+ existing does not reduce the number of outlets such people have for their views/ideas at all.
The other problem often sited is other people posting stuff about you. But having a fake ID isn't going to stop someone posting something that includes your real name if they were going to do so already.
facebook is no more anonymous, at least according to the TOS at https://www.facebook.com/terms.php:
* You will not provide any false personal information on Facebook
* You will keep your contact information accurate and up-to-date
You can't give a fake name (a name is required, and you shouldn't provide false information) and they make it a requirement that any contact info you are daft enough to hand over be kept up to date (though how they would enforce that one I have no idea). How it this any different to Google+, other than the fact Google seem to be enforcing the policy and facebook don't seem to really care as long as your using their network? What existing system are they holding up as an example there anonymity is permitted/accepted/encouraged?
Personally, I'm happy to use a network where there is a small chance of the person I'm exchanging crap with is the person I think I'm exchanging crap with. If you want something else, why not use something else. Or make your own. If there is something I don't want publicly known about me, I won't put it on any social network. When it comes down to what other people post that is linkable to me (truthfully or not), there is little I can do to control that no matter what policies the system has.
And your opinion of his opinion should be of consequence to anyone?
Thankyou good sir, for blessing us with your pithy little interjection. People who were going to follow that opinion like sheep will no doubt now follow yours. Dunt it make you proud. There was a little sarcasm there by the way. In case you missed it.
Could there be some confirmation bias that is clouding the true meaning of the collected stats?
It may not just be that the the remaining XP users are less careful/knowledgable/what-ever on average so aren't fully patched with service packs and so forth either by choice or ignorance. A lot of those XP installs have been around a long time, so have had a much longer period (compared to the average Windows 7 or Vista install) in which they could have been exposed to malware.
Many of the installs not properly patched up with security updates could be a symptom of this, rather than a cause, as there are plenty of examples of malware that block some or all updates from being installed (either accidentally due to the damage they do while hacking their way in, or deliberately as a self preservation measure).
Which applications does it break?
I've not come across anything since shortly after SP3 came out that has had any trouble at all (I still run XP as my main home desktop, and in VMs at work). Even our more conservative clients that won't yet move away from IE6 are running SP3, so presumably they have no problems even with some of the ancient software they run that they don't want to update/replace for one reason or another.
That pushes some "useless" load onto another (innocent, at least in this instance) service though, so would be bad network etiquette. The load from just a couple of us would be as close to nothing as makes no difference, but if many people used such a plugin (and it would take many for it to have any effect on the overall results of the tracking) the load may become significant.
I run noscript. But that won't guarantee a payload transferred by etag won't get through.
And anyway, a method of adding polluted data to their pool rather than adding none at all appeals to my sense of mischief.