Yeah, you are right. After thinking about if for 2 seconds (which I apparently didn't do when I posted...) you would need to be running as an administrative user in order to flush the system DNS cache. On a shared system this could also lead to unexpected results.
Still, this highlights the point, no browsing is truly private.
I have never broken a micro USB cable despite tripping over them many times.
I have, however, broken 2 lightning cables with very little force, the paddle (piece with the conductors on either side) breaks off easily.
You are giving up sturdiness (metal housing in a trapezoidal shape protecting the conductors) for convenience (no metal housing which allows reversible plug).
Actually... if you don't have to pay someone for land, then you are only paying for the data link going to the container(s)...
I would imagine that link *could* be cheaper than land cost in some places. Plus you never really have to worry about hurricanes or earthquakes wrecking your equipment.
It seems to me as though the "private" browsing bit has been an afterthought in every browser to date and it is left as an exercise of the developer to define what "private browsing" even means.
What doesn't surprise me is that every browser does private browsing differently.
MS made a mistake and mingles private cache data with non-private cache data. I can see how that could be a simple "efficiency bug". As we all know, most developers are not security experts, we see it over and over again.
The real question here is: now that MS knows about the flaw, will they fix it? Let's hold the pitchforks at bay until we know the answer to that, shall we?
And yet, no browser that I am aware of flushes the DNS cache on the system (even though they could if they were truly trying to make a "private" experience).
All this is doing is upping the ante a little bit by expanding on the idea of the "lock" icon. As in, we have visual cues that tell us when a connection is secure, why not have some visual cues for letting us know a connection is not secure.
As far as I know, nobody is talking about refusing connections to non-secure sites.
Also, this is a Chome only thing. If you don't like it, use a different browser. Google is known to use their market dominance as a bully pulpit.
Well, from what I understand Google's SPDY (which will become the next HTTP standard?) works over TLS and is significantly faster than HTTP 1.1
While I don't think that TLS is required for SPDY, I also don't think that it is going to be implemented without it.
So, basically, I think the next generation of HTTP protocol will (arbitrarily?) require TLS.
Other than that. I guess the other side of the argument to "why not use just use unencrypted HTTP?" is "if there is no cost involved and doesn't a lot of extra effort to set up, why NOT use encrypted HTTP?"
Encryption does raise the bar a little bit further on various attacks making them harder to accomplish as well. For example, with certificate pinning, you can be better assured that you are visiting the site you actually think you are.
I swear, techies are so egotistical and think that nobody can possibly understand stuff.
Just spend some time training instead of immediately assuming that people will be confused.
More likely, techies are just lazy or afraid of dealing with people and would rather find the "solution" that involves the least amount of face time possible.
Yeah, I made a sweeping statement there based on a few bad experiences.
Though, isn't the Nexus the flagship Google phone? I would be surprised if that phone didn't perform well. But I would also be surprised if it wasn't optimized by Google engineers.
The phone that comes to mind is a ZTE android-based phone I picked up at the AT&T store when I needed a cheap "stopgap" phone. That thing was so horrendous I literally could not run 2 apps at the same time. I would be listening to a netcast and try to use maps and the netcast app would close in order to free up enough resources for the maps app. The thing is, I am pretty sure that phone had 1GB of RAM.
My Nokia 520 Windows 8.1 phone had 512MB of RAM and had no issues running 3 or more apps simultaneously.
However, I can tell you that a house in the middle of the desert with no locks is probably less likely to be robbed than a house in a heavily populated city with locks.
Obviously one is "more secure" than the other, technically.
A platform may be riddled with bugs, but if nobody is exploiting it then the end result is that you are running on a system that doesn't get exploited.
This was the Mac argument for years. Mac is more secure because nobody writes malware that exploits it.
Yes, security through obscurity, which we know is not security.. but from an end user perspective it amounts to the same thing.
Sort of like wind chill... wind doesn't make the temperature colder, it only makes it feel that way. Windows Phone OS may be full of bugs (I am not saying it is, but it would be naïve to thing that there are NO bugs) but if they are never exploited then that still *feels* like security to an end user.
Apple wasn't always the darling it is today... there was a time when Apple was hemorrhaging money and the company almost didn't survive. Should they have just thrown in the towel?
The thing is, what is true today is not necessarily true tomorrow. Stuff changes and if you are not prepared to take advantage when the time comes then you will lose out.
If MS continues to keep its foot in the door by keeping a scaled back version of its mobile platform running, they will be ready when the time is right. Mobile computing is not going anywhere and it would be foolish for MS, a computing platform company, to completely abandon it. They know this and they have already stated that the platform is not going anywhere.
Slashdot Mirror
Yeah, you are right. After thinking about if for 2 seconds (which I apparently didn't do when I posted...) you would need to be running as an administrative user in order to flush the system DNS cache. On a shared system this could also lead to unexpected results.
Still, this highlights the point, no browsing is truly private.
pros:
1. cooling is not an issue (it's cool!)
2. immune to all surface weather and earthquakes
3. no property taxes and no land lord
cons:
1. sharks
Looks like the pros win!
Interesting.
I have never broken a micro USB cable despite tripping over them many times.
I have, however, broken 2 lightning cables with very little force, the paddle (piece with the conductors on either side) breaks off easily.
You are giving up sturdiness (metal housing in a trapezoidal shape protecting the conductors) for convenience (no metal housing which allows reversible plug).
Actually... if you don't have to pay someone for land, then you are only paying for the data link going to the container(s)...
I would imagine that link *could* be cheaper than land cost in some places. Plus you never really have to worry about hurricanes or earthquakes wrecking your equipment.
Yeah, something tells me that if this was Apple or Google doing this, the sentiment would be a lot different...
Meh, just another buzzcronym to learn and cert exam fee...
Ain't no such thing as a free lunch my friend.
We are always "stealing" energy from somewhere...
It seems to me as though the "private" browsing bit has been an afterthought in every browser to date and it is left as an exercise of the developer to define what "private browsing" even means.
What doesn't surprise me is that every browser does private browsing differently.
MS made a mistake and mingles private cache data with non-private cache data. I can see how that could be a simple "efficiency bug". As we all know, most developers are not security experts, we see it over and over again.
The real question here is: now that MS knows about the flaw, will they fix it? Let's hold the pitchforks at bay until we know the answer to that, shall we?
Pretty much. Edge is very immature at this point. It is the classic "release it!" software distribution mentality.
Now, if they don't fix it, that's another issue.
The browser knows which pages you are browsing to and writes that information to a cache file. BIG BROTHAR GET OUT OF MY COMPATUR!
Yeah, because inspecting the browser's cache file is within the skill level of so many people....
And yet, no browser that I am aware of flushes the DNS cache on the system (even though they could if they were truly trying to make a "private" experience).
As a matter of fact, isn't the browsing history the basis for the (in)famous crashsafari dot com?
I know that, at least in FF, you can re-enable the /https?/ prefix in about:config.
I don't think anyone has ever said that.
All this is doing is upping the ante a little bit by expanding on the idea of the "lock" icon. As in, we have visual cues that tell us when a connection is secure, why not have some visual cues for letting us know a connection is not secure.
As far as I know, nobody is talking about refusing connections to non-secure sites.
Also, this is a Chome only thing. If you don't like it, use a different browser. Google is known to use their market dominance as a bully pulpit.
Well, from what I understand Google's SPDY (which will become the next HTTP standard?) works over TLS and is significantly faster than HTTP 1.1
While I don't think that TLS is required for SPDY, I also don't think that it is going to be implemented without it.
So, basically, I think the next generation of HTTP protocol will (arbitrarily?) require TLS.
Other than that. I guess the other side of the argument to "why not use just use unencrypted HTTP?" is "if there is no cost involved and doesn't a lot of extra effort to set up, why NOT use encrypted HTTP?"
Encryption does raise the bar a little bit further on various attacks making them harder to accomplish as well. For example, with certificate pinning, you can be better assured that you are visiting the site you actually think you are.
Exactly right.
I swear, techies are so egotistical and think that nobody can possibly understand stuff.
Just spend some time training instead of immediately assuming that people will be confused.
More likely, techies are just lazy or afraid of dealing with people and would rather find the "solution" that involves the least amount of face time possible.
I thought the web was primarily spam and Netflix these days...
Unfortunately, they killed off the Android bridge project.
However, the iOS bridge for Windows 10 is still happening.
Yeah, I made a sweeping statement there based on a few bad experiences.
Though, isn't the Nexus the flagship Google phone? I would be surprised if that phone didn't perform well. But I would also be surprised if it wasn't optimized by Google engineers.
The phone that comes to mind is a ZTE android-based phone I picked up at the AT&T store when I needed a cheap "stopgap" phone. That thing was so horrendous I literally could not run 2 apps at the same time. I would be listening to a netcast and try to use maps and the netcast app would close in order to free up enough resources for the maps app. The thing is, I am pretty sure that phone had 1GB of RAM.
My Nokia 520 Windows 8.1 phone had 512MB of RAM and had no issues running 3 or more apps simultaneously.
LOL, yeah, that is a good catch.
Completely unconscious, I assure you :)
That may be true. I don't know what I don't know.
However, I can tell you that a house in the middle of the desert with no locks is probably less likely to be robbed than a house in a heavily populated city with locks.
Obviously one is "more secure" than the other, technically.
I disagree with you there.
A platform may be riddled with bugs, but if nobody is exploiting it then the end result is that you are running on a system that doesn't get exploited.
This was the Mac argument for years. Mac is more secure because nobody writes malware that exploits it.
Yes, security through obscurity, which we know is not security.. but from an end user perspective it amounts to the same thing.
Sort of like wind chill... wind doesn't make the temperature colder, it only makes it feel that way. Windows Phone OS may be full of bugs (I am not saying it is, but it would be naïve to thing that there are NO bugs) but if they are never exploited then that still *feels* like security to an end user.
Stuff changes.
Apple wasn't always the darling it is today... there was a time when Apple was hemorrhaging money and the company almost didn't survive. Should they have just thrown in the towel?
The thing is, what is true today is not necessarily true tomorrow. Stuff changes and if you are not prepared to take advantage when the time comes then you will lose out.
If MS continues to keep its foot in the door by keeping a scaled back version of its mobile platform running, they will be ready when the time is right. Mobile computing is not going anywhere and it would be foolish for MS, a computing platform company, to completely abandon it. They know this and they have already stated that the platform is not going anywhere.
an older version of the Android OS that they and Google no longer support.
Isn't that every version of Android except maybe the latest version?
Same goes for iOS.
Say what you will about MS, but at least they historically have a track record of clearly spelling out support lifecycles for their products.