You don't, I don't, but we don't count. The majority out there does just that, so why bother building a cellphone that lasts? Yes, the 1% of people who actually care will be pissed, but they, too, will just buy a new cellphone. They'll just mutter profanities towards the manufacturer of their current phone while they buy a phone from the manufacturer they muttered profanities at 2 years ago when they bought the phone they are tossing now, while the rest of the people squeal "ohhh shiny!" while buying whatever phone has the latest bling.
In the end, we all buy. And that's all that counts to the makers of those phones.
It ain't that easy. As callous and indifferent as the US is when it comes to putting criminals down like dogs, as much ado the create around it to give it the pretense of legitimation.
I have done so in the past. Details can be found here. And as you can see back there, nobody bothered to answer. Apparently there is no answer, so I didn't bother to write the whole list again.
The main problem why Windows isn't replaced by "the masses" with Linux is not the OS. It's the hardware that is still manufactured with Windows in mind, with Linux being, at best, an afterthought, more likely though, it's just being ignored, unless it's some kind of server stuff. You can actually find better RAID controllers for Linux now than for Windows, but as soon as you're dealing with hardware the average user will have at home, your chances for a sensible Linux driver vanishes.
But as long as you can't use your desktop hardware sensibly in Linux, the "normal" user will not switch. The "year of the Linux desktop" will not come until we finally get drivers for desktop hardware. Now, of course you can say "But who has those 'special' mice and keyboards, and how many people actually have touchpads and digitizing tablets?" Easy. The people that use their computer for more than just browsing and emails, i.e. people who WANT to use that machine. People who enjoy it. Those are also the people, though, that buy software. And they are the ones that actually care about the data trail they leave on the internet because they spend more time there than Joe Randomsurfer.
And it does not matter whether we're talking about a MMO mouse with 30 buttons, a studio sound card, a digitizing tablet or a braille display. As soon as someone needs (or even just wants) to use a special kind of hardware that requires its own driver, chances are good that using it sensibly (or at all) in Linux at the very least requires a lot more knowledge and time investment than the average user is willing to spend. If it is possible at all.
And until those drivers exist, people will not switch. And with none of those high-investment people moving away from Windows, there is little incentive for software creators to take any other platform serious.
IT security is my business. I have had that dialogue. Numerous times. What you want is the security equivalent of the perpetuum mobile. Many have said they have one, only to fail if examined carefully. Pardon if I don't want to see your perpetuum mobile suggestion, I have seen enough to last a lifetime.
It already starts with "what is encryption?" Is using a file format you cannot read because you don't know the format encryption? Then you outlaw competition between companies because nobody may create a new file format. If not, well, how do you want to know whether the "picture" I just sent to a friend is just a graphics format you don't know or encrypted data? Or how about me sending a stream from/dev/urandom to fuck with your deep packet inspection for shits and giggles, is that outlawed too because it looks like encrypted data?
What you propose is that only "entitled" entities may communicate encrypted. Why? What makes their traffic more important than mine? Who may, anyway? Banks? Ok. What about companies? Maybe, they should, right? What is a company? Is that the mom'n'pop shop, too? Well, they should, shouldn't they? Else it would really kill competition if only big corporations may use encrypted communication. What keeps the terrorist from setting up a fake shop to be allowed encryption? What keeps me from doing the same for the sake of finally being in the "entitled to encrypt" group?
May I access https pages abroad where such insane laws do not exist? Because that traffic would certainly be encrypted with a key you do not have. Google for example is using HSTS, making unencrypted communication with their servers virtually impossible. The same is true for a lot of other pages. What about them?
And that's just what I come up in 5 minutes, if you need more, there's plenty of headaches left where this comes from.
You needn't know the ins and outs of metallurgy to make gun laws, but knowing that hot chocolate is probably not a great idea to pour down a barrel for maintenance should be required before you create laws that deal with rules that dictate what "in good repair" means when it comes to handgun conditions.
I don't expect him to know the ins and outs of encryption, not even that he can tell the difference between elliptic curve ciphers and block ciphers. I don't want him to implement one. But I do require him to understand the ramifications of laws that he proposes, which he very blatantly does not do.
In some cases it is impossible to surrender such a key. If I store data that is already encrypted, you can threaten to hang me and I cannot provide the key. You can of course make it illegal to store data I have no key for, but that is the death spell to any and all cloud services your country would offer, because why the fuck would I store my data in your country? Even (or rather, especially) if I live in that country I would not want your service and go to one that honors my privacy.
A price worth paying... hanging that asshole from his nuts might hurt, but ensuring that at least he can't pass on his stupidity is a price worth paying.
When facing the choice of having a pedo, pirate and terrorist against me or the state, I choose the former. The potential damage is lower and the chance to get out alive and on top are way higher.
A system that was not only given away for free but where people were basically forced, tricked and cheated into accepting it, where it is virtually impossible to get any other MS-based OS for a new computer today (and considering that most people will buy a new PC every 3-5 years), a market share of 26% basically means that the majority of those that use it do so because they had no other choice left.
This is more than a disaster. This is basically your user base rejecting your system violently.
I think saying that you want to see every MS CxO (including everyone whose job description includes these prepended by "Vice") hanging from some lamppost isn't yet socially acceptable.
"And these are the GOOD sides of that train wreck!"
The problem is that Microsoft doesn't give a shit about your "user experience". They care about their bottom line and that means milking you dry. They know you can't easily move away, so they can milk you for all you're worth.
There is a reason many people are still using Win7. And will do so for as long as it's humanely possible, most likely long after EOL is reached, before they will actually start looking around for alternatives.
Well, consider the time we're living in. It's more and more common that software gets altered in ways you do not like. A former for-license model getting changed to a subscription pay-by-month model, or some additional "enhancements" that make the software unusable or send your lifetime history to its maker to sell. And that's just what I come up with in the minute this took to write.
In commercial software, your choice is to grin and bear it. For reference, see Windows in its latest incarnations.
In OSS, you can at least remove the shitty bits that are detrimental to your interests. Or wait, you don't have to, because they don't get baked into the package because the maker of the software KNOWS you'd immediately remove that bullshit, so why bother waste resources on creating it?
Encryption is or is not. If you outlaw encrypting email, then I will encrypt the attachment and leave you guessing whether I actually encrypted it or whether you just don't know the format I am sending. And if we outlaw attachments... well, good luck for that endeavor considering that 99% of the people who actually use the internet know no other way to get their grandkids' pictures delivered.
What is legitimate encrypted traffic and what is illegitimate one? From and to banks only? Can or cannot I have a SSL encrypted webserver? And if it can be, do I have to hand over the keys to the government? Why bother encrypting at all if the keys have to be compromised by design? And why do business with a company whose keys have to be compromised by design? Why should I trust such a transaction to be valid and not intercepted and altered by some actor?
Realize that there is no such thing as a "government only" backdoor. Such a backdoor constitutes the philosopher's stone of hacking. This is a high profile target, something that everyone wants, including but by no means limited to other governments, multinational actors and, well, pretty much anyone with deep pockets and/or a lot of criminal energy. At some point, some human will have to have access to such keys, and humans are by their very nature open to bribery, blackmail and extortion. One of the three works on pretty much every human. If everything fails, we kidnap your family and in exchange for a few bytes of data, i.e. the key, they can be back with you unharmed.
You think that's beyond states like North Korea?
And you think NKor wouldn't sell that info for a few hard Dollars to, well, whoever wants that info?
With maybe the difference that in closed source, nobody can pick up the slack and continue if he feels the software is worth supporting. Closed source maker going under, software is dead in the water. Sucks to be you if you depended on it.
No, they just patented it.
You don't, I don't, but we don't count. The majority out there does just that, so why bother building a cellphone that lasts? Yes, the 1% of people who actually care will be pissed, but they, too, will just buy a new cellphone. They'll just mutter profanities towards the manufacturer of their current phone while they buy a phone from the manufacturer they muttered profanities at 2 years ago when they bought the phone they are tossing now, while the rest of the people squeal "ohhh shiny!" while buying whatever phone has the latest bling.
In the end, we all buy. And that's all that counts to the makers of those phones.
It ain't that easy. As callous and indifferent as the US is when it comes to putting criminals down like dogs, as much ado the create around it to give it the pretense of legitimation.
Is it me or is is an awfully funny coincidence that this revelation occurs just as the drugs the US prisons needs to kill people are expiring?
What makes you think people shower just to buy shit? Have you ever been to Walmart? I'm already happy when they are wearing pajamas or underwear...
How about a stick of butter wrapped into some bacon and deep fried? We could call it "gastritis calzone".
Are you fatshaming here?
It's bile.
Or more accurately, none since it's artificially made today.
https://en.wikipedia.org/wiki/...
No, sorry, it wasn't his nuts. Nice myth, though.
Got me a +4 insightful, why should I complain?
I see it more as a symbiotic relationship.
I have done so in the past. Details can be found here. And as you can see back there, nobody bothered to answer. Apparently there is no answer, so I didn't bother to write the whole list again.
The main problem why Windows isn't replaced by "the masses" with Linux is not the OS. It's the hardware that is still manufactured with Windows in mind, with Linux being, at best, an afterthought, more likely though, it's just being ignored, unless it's some kind of server stuff. You can actually find better RAID controllers for Linux now than for Windows, but as soon as you're dealing with hardware the average user will have at home, your chances for a sensible Linux driver vanishes.
But as long as you can't use your desktop hardware sensibly in Linux, the "normal" user will not switch. The "year of the Linux desktop" will not come until we finally get drivers for desktop hardware. Now, of course you can say "But who has those 'special' mice and keyboards, and how many people actually have touchpads and digitizing tablets?" Easy. The people that use their computer for more than just browsing and emails, i.e. people who WANT to use that machine. People who enjoy it. Those are also the people, though, that buy software. And they are the ones that actually care about the data trail they leave on the internet because they spend more time there than Joe Randomsurfer.
And it does not matter whether we're talking about a MMO mouse with 30 buttons, a studio sound card, a digitizing tablet or a braille display. As soon as someone needs (or even just wants) to use a special kind of hardware that requires its own driver, chances are good that using it sensibly (or at all) in Linux at the very least requires a lot more knowledge and time investment than the average user is willing to spend. If it is possible at all.
And until those drivers exist, people will not switch. And with none of those high-investment people moving away from Windows, there is little incentive for software creators to take any other platform serious.
IT security is my business. I have had that dialogue. Numerous times. What you want is the security equivalent of the perpetuum mobile. Many have said they have one, only to fail if examined carefully. Pardon if I don't want to see your perpetuum mobile suggestion, I have seen enough to last a lifetime.
It already starts with "what is encryption?" Is using a file format you cannot read because you don't know the format encryption? Then you outlaw competition between companies because nobody may create a new file format. If not, well, how do you want to know whether the "picture" I just sent to a friend is just a graphics format you don't know or encrypted data? Or how about me sending a stream from /dev/urandom to fuck with your deep packet inspection for shits and giggles, is that outlawed too because it looks like encrypted data?
What you propose is that only "entitled" entities may communicate encrypted. Why? What makes their traffic more important than mine? Who may, anyway? Banks? Ok. What about companies? Maybe, they should, right? What is a company? Is that the mom'n'pop shop, too? Well, they should, shouldn't they? Else it would really kill competition if only big corporations may use encrypted communication. What keeps the terrorist from setting up a fake shop to be allowed encryption? What keeps me from doing the same for the sake of finally being in the "entitled to encrypt" group?
May I access https pages abroad where such insane laws do not exist? Because that traffic would certainly be encrypted with a key you do not have. Google for example is using HSTS, making unencrypted communication with their servers virtually impossible. The same is true for a lot of other pages. What about them?
And that's just what I come up in 5 minutes, if you need more, there's plenty of headaches left where this comes from.
You needn't know the ins and outs of metallurgy to make gun laws, but knowing that hot chocolate is probably not a great idea to pour down a barrel for maintenance should be required before you create laws that deal with rules that dictate what "in good repair" means when it comes to handgun conditions.
I don't expect him to know the ins and outs of encryption, not even that he can tell the difference between elliptic curve ciphers and block ciphers. I don't want him to implement one. But I do require him to understand the ramifications of laws that he proposes, which he very blatantly does not do.
In some cases it is impossible to surrender such a key. If I store data that is already encrypted, you can threaten to hang me and I cannot provide the key. You can of course make it illegal to store data I have no key for, but that is the death spell to any and all cloud services your country would offer, because why the fuck would I store my data in your country? Even (or rather, especially) if I live in that country I would not want your service and go to one that honors my privacy.
A price worth paying... hanging that asshole from his nuts might hurt, but ensuring that at least he can't pass on his stupidity is a price worth paying.
When facing the choice of having a pedo, pirate and terrorist against me or the state, I choose the former. The potential damage is lower and the chance to get out alive and on top are way higher.
MSG is bad for you, mmmkay?
Ah, so you have a Linux version of the software I have to use? Along with drivers for the hardware? Great, where I can I download them?
Sadly not all people are able to switch. Some of us need more than browser, mail, word processor and spreadsheet.
A system that was not only given away for free but where people were basically forced, tricked and cheated into accepting it, where it is virtually impossible to get any other MS-based OS for a new computer today (and considering that most people will buy a new PC every 3-5 years), a market share of 26% basically means that the majority of those that use it do so because they had no other choice left.
This is more than a disaster. This is basically your user base rejecting your system violently.
I think saying that you want to see every MS CxO (including everyone whose job description includes these prepended by "Vice") hanging from some lamppost isn't yet socially acceptable.
Give it a few months.
"And these are the GOOD sides of that train wreck!"
The problem is that Microsoft doesn't give a shit about your "user experience". They care about their bottom line and that means milking you dry. They know you can't easily move away, so they can milk you for all you're worth.
There is a reason many people are still using Win7. And will do so for as long as it's humanely possible, most likely long after EOL is reached, before they will actually start looking around for alternatives.
Well, consider the time we're living in. It's more and more common that software gets altered in ways you do not like. A former for-license model getting changed to a subscription pay-by-month model, or some additional "enhancements" that make the software unusable or send your lifetime history to its maker to sell. And that's just what I come up with in the minute this took to write.
In commercial software, your choice is to grin and bear it. For reference, see Windows in its latest incarnations.
In OSS, you can at least remove the shitty bits that are detrimental to your interests. Or wait, you don't have to, because they don't get baked into the package because the maker of the software KNOWS you'd immediately remove that bullshit, so why bother waste resources on creating it?
Encryption is or is not. If you outlaw encrypting email, then I will encrypt the attachment and leave you guessing whether I actually encrypted it or whether you just don't know the format I am sending. And if we outlaw attachments... well, good luck for that endeavor considering that 99% of the people who actually use the internet know no other way to get their grandkids' pictures delivered.
What is legitimate encrypted traffic and what is illegitimate one? From and to banks only? Can or cannot I have a SSL encrypted webserver? And if it can be, do I have to hand over the keys to the government? Why bother encrypting at all if the keys have to be compromised by design? And why do business with a company whose keys have to be compromised by design? Why should I trust such a transaction to be valid and not intercepted and altered by some actor?
Realize that there is no such thing as a "government only" backdoor. Such a backdoor constitutes the philosopher's stone of hacking. This is a high profile target, something that everyone wants, including but by no means limited to other governments, multinational actors and, well, pretty much anyone with deep pockets and/or a lot of criminal energy. At some point, some human will have to have access to such keys, and humans are by their very nature open to bribery, blackmail and extortion. One of the three works on pretty much every human. If everything fails, we kidnap your family and in exchange for a few bytes of data, i.e. the key, they can be back with you unharmed.
You think that's beyond states like North Korea?
And you think NKor wouldn't sell that info for a few hard Dollars to, well, whoever wants that info?
Damn, those RADs really get out of hand with what they dump automatically into your apps...
Wait, there is LESS crapware on iTunes?
Holy shit, now I gotta see what that android variant is like!
Because that never happened with closed source...
With maybe the difference that in closed source, nobody can pick up the slack and continue if he feels the software is worth supporting. Closed source maker going under, software is dead in the water. Sucks to be you if you depended on it.
Last set of panels.
That should give you an idea how it was meant.