If by run away you mean continue to manufacture in the USA while expanding and improving production, increasing economies of scale, all the while offsetting the carbon emissions in our world which was the primary purpose of the tax breaks in the first place, then I hope every company "runs away".
Speaking of taxpayers' money, you do realise this is based on USA sales and productions right? Meaning none of this money goes to this factory? I guess that doesn't suit your anti Tesla / anti government subsidy rant though.
It makes no sense financially, and on the odd chance that the few seconds a user has a page open + the overhead of sending the start of work and end of work back + the horrendous inefficiency of the CPU this will never make financial sense.
Plus users will be very quickly to throttle and block this in our brave new laptop / tablet world. Users may not care if their computers are slow but they will be very quick to react when their battery life is decimated.
WHich is why Google is making its browser combat it.
Or maybe it doesn't want to be associated with painfully slow browsing experience and a product which appears to peg the CPU.
If my computer is a 100 watt computer then even going full blast for 10 hours it would be worth ten cents of electricity. (And since I heat my home with electricity actually no cost at all in winter).
I prefer a cheaper and more environmentally friendly way of heating my house combined with a little bit of control over when I heat (i.e. not when the doors are open, in the summer etc.) I take it a 6 month hiatus from the internet is off the cards? In which case all you're doing is spending 10c more to cool your house.
And if I find it's tying up my computer then I just leave the web site.
Or we could do something such as throttle the website when it ties up the computer, and completely halt the process when the website itself isn't active. Kind of like what Google proposed.
google should be afraid.
No they shouldn't. The economics of mining on the CPU make even less sense than the economics of online adverts, especially when the end result is something incredibly unstable which could half in value overnight.
This was some pie in the sky idea that was trialled at one point. It is utterly pointless using this as a way to attempt to pay for websites.
Of course they are, they can be stolen. But you missed the point, this is not a "which is better" question. There's no reason to use an RSA-Token and NOT use a password. You should universally use both, the almighty number "2" in the "Two-Factor Authentication".
And that is relevant to a Chinese person living in China and having their experience mediated by the Chinese government behind the Chinese great firewall, why?
The RSA tokens had exactly the same exposure as the apps. If you gain access to the database of token IDs you know what key it is currently generating.
Pulling the cable makes something more secure. It drastically diminishes the number of potential intruders.
Not necessarily. Quite often pulling the cable makes everything less secure as it breeds a culture of complacency at best and breeds a better kind of idiot at worst. Pulling a cable is absolutely no substitute for actually having security thought through in the organisation, and I'll take well thought out firewall / VPN infrastructure any day over the pull the cable approach which by its nature necessitates bypassing the airgap.
Anything that doesn't need to be on the Internet shouldn't have a connection, so instead of a good firewall, you should chose the best firewall.
You've lost. Everything needs a network connection somewhere, and every network eventually needs a connection to the internet. The key is segregation in the design stage. Otherwise you'll end up with what we call box-rot, a set of computer systems isolated constantly being connected to and from with various mechanisms or best yet, ignored completely with security issues more wide open than a $2 hooker.
This 'need to be networked' thing is nice on paper
That paper is often one of the following: - Legal requirement - Technical limitation - Geographical limitation - Operational limitation
Most organisations would be unable to operate a local compressor without some access to a wider network let alone a country wide wind farm, energy grid, etc.
If you think everything has to be on the Internet, then in your words 'you are an idiot'.
But I repeat myself: Oh I see now you don't actually work in the industry.
Bottom line and... access to services for 1bn people?
What do you think the outcome of disobeying the Chinese would be? (Rhetorical question, we saw the answer a few years ago). Cut off the entire Chinese market from Google services. I'm sure all those people would be far better served by being restricted to state run and sanctioned search engines and content providers all for the sake of a single dissident.
The way I see it they took the least evil approach. At least now some content is able to slip through.
"Do No Evil" has become highly subjective at Google\YouTube\Alphabet.
Yes! Google should instead not bow to the Chinese government and get themselves firewalled off from 1billion people. That would make those people much better off as they can then move to... errr.... state run services.
Christ, how much influence over these tech giants does the Chinese government have?
Was this a serious question? Because within the great firewall the answer is 100% You want access to the market you play by the rules.
Actually the same is said for most countries. The only difference in the USA is that the government is at least open to lobbying and will often make decisions favourable to the companies in question. I take it you don't recall the panic in the industry about the no encryption laws earlier this year? The USA government has the same kind of power over these tech giants, they just make different decisions.
For obeying the law in the country in which they do business? Yeah I'm sure simply cutting off a billion people from the internet and their services forcing them to go back to truly government owned services would be far better for humanity.
Is that your security philosophy? If that's the case then you're an idiot. Pulling a cable doesn't make something secure. You need an entire culture of security to do that.
None whatsoever!
Oh I see now you don't actually work in the industry. Sorry but there's a myriad of reasons that these systems need to be networked over a wide scale, the least of which isn't that they don't work otherwise.
If you need constant monitoring of stuff, give someone a job to monitor.
Any bets the majority of compromised computers ran a version of windows? We need to stop using Windows in these environments.
And THIS is the exact kind of thinking that causes big gaping security issues for companies. The idea that there's a single solution rather than an entire philosophy to security is not only absurd, it's absolutely downright dangerous.
Not running Windows protects you from random online malware designed specifically to attack as large of an install base as possible to maximise return. It does NOTHING for a targeted attack. Have you learnt nothing from the likes of Stuxnet? A piece of malware coded specifically against a vulnerability of a specific model of a specific PLC?
I really hope you're not in the security industry, but if you are let me know where. I'm... errr... asking for a Russian.... friend.
And just how is this supposed stalker supposed to target the individual phone ID? In the advertising world the individual's ID is the goose that lays the golden eggs for the advertiser service provider. You would need to carefully profile the target and then hope no one else fitting the profile is in the location that you're targeting since Google et al, would never hand over or let you target the ID itself.
At which point, why not just stalk the traditional way. Cost is not the issue here, it just seems like a ludicrously stupid way of tracking someone.
I don't know of any other company that has a monthly release cycle for security updates, even for zero day bugs! Google you are evil, you should be like Micros... oh.
My great grandfather came to this country from Canada via Germany LEGALLY!
My great grandfather bought Heroin from the corner drug store to help treat his grandma's headache LEGALLY! It's amazing how the laws have changed over the years, especially immigration law which at the time of your grandfather would have required... errr.... just coming in. Referencing the past as some comparison to the present only serves to show how little you understand of the world.
Watching a few videos of something that burns and doesn't explode doesn't change anything. I could watch them all day and not feel at risk because, and I can't stress this enough, really I can't, and it doesn't matter how many James Bond films you see, and it doesn't matter how many times you incorrectly use the word bazooka: I feel no risk because burning a hole in the fuselage with thermite or your mythical entire briefcase full of lithium batteries which aren't allowed on the plane anyway WOULD NOT KILL PEOPLE ON A PLANE.
What do you think why it is already forbidden to carry lith ion batteries in cargo?
Fire risk in an inaccessible area setting fire to the tinderbox that is the belongings of 300 people. That *could* cause problems for a lot of people through major smoke and fire risk.
But if it just burnt its way through the fuselage then all you'd experience is a drop of pressure and a controlled and orderly landing at the nearest airport. Whoop de fucking do.
Microsoft has a history of mixed bags. Part fantastic, part absolute turds. Any generalisation of a company like that doesn't make much sense, unlike your Toyota and Ford example who's products have been very consistent over many years.
Mind you as of late I wouldn't touch a German car with a 10 foot pole for all their reliability problems either. So things can and often do eventually change.
It doesn't. This is the combination of two things:
a) Your HTTPS connections appear broken and insecure due to HSTS demanding an SSL certificate for a site previously visited securely and the public wifi login page being unable to provide the correct one. b) Your browser not recognising the need to redirect because of the SSL error.
This isn't the public wifi's fault. All you need to do is open a know non-https page that will force the redirect to the login page. Sometimes this won't work if you force your DNS settings.
There's little reason why publicly available non-controversial information should be encrypted
We live in a world where the consumption of publicly available information is criminal. This isn't even limited to shithole dictator regimes, but now we are starting to see it in the west too.
The only person who can decide if it is important for the information to be encrypted is the person who stands to be persecuted for consuming it.
Take US taxpayers' money and run away!
If by run away you mean continue to manufacture in the USA while expanding and improving production, increasing economies of scale, all the while offsetting the carbon emissions in our world which was the primary purpose of the tax breaks in the first place, then I hope every company "runs away".
Speaking of taxpayers' money, you do realise this is based on USA sales and productions right? Meaning none of this money goes to this factory? I guess that doesn't suit your anti Tesla / anti government subsidy rant though.
It makes no sense financially, and on the odd chance that the few seconds a user has a page open + the overhead of sending the start of work and end of work back + the horrendous inefficiency of the CPU this will never make financial sense.
Plus users will be very quickly to throttle and block this in our brave new laptop / tablet world. Users may not care if their computers are slow but they will be very quick to react when their battery life is decimated.
WHich is why Google is making its browser combat it.
Or maybe it doesn't want to be associated with painfully slow browsing experience and a product which appears to peg the CPU.
If my computer is a 100 watt computer then even going full blast for 10 hours it would be worth ten cents of electricity. (And since I heat my home with electricity actually no cost at all in winter).
I prefer a cheaper and more environmentally friendly way of heating my house combined with a little bit of control over when I heat (i.e. not when the doors are open, in the summer etc.) I take it a 6 month hiatus from the internet is off the cards? In which case all you're doing is spending 10c more to cool your house.
And if I find it's tying up my computer then I just leave the web site.
Or we could do something such as throttle the website when it ties up the computer, and completely halt the process when the website itself isn't active. Kind of like what Google proposed.
google should be afraid.
No they shouldn't. The economics of mining on the CPU make even less sense than the economics of online adverts, especially when the end result is something incredibly unstable which could half in value overnight.
This was some pie in the sky idea that was trialled at one point. It is utterly pointless using this as a way to attempt to pay for websites.
Of course they are, they can be stolen. But you missed the point, this is not a "which is better" question. There's no reason to use an RSA-Token and NOT use a password. You should universally use both, the almighty number "2" in the "Two-Factor Authentication".
Mod parent +1 Funny, please ...
I appreciate the support. I have to admit it did not occur to me that a moderator may not have a sense of humour and may need instructions.
And that is relevant to a Chinese person living in China and having their experience mediated by the Chinese government behind the Chinese great firewall, why?
The RSA tokens had exactly the same exposure as the apps. If you gain access to the database of token IDs you know what key it is currently generating.
This actually happened back in 2011 https://arstechnica.com/inform...
Do we just point out Chrome isn't crashing computers with their security updates, thus training their users to turn off automatic updates?
Huh? You can turn off security updates in Chrome and Windows?
Pulling the cable makes something more secure. It drastically diminishes the number of potential intruders.
Not necessarily. Quite often pulling the cable makes everything less secure as it breeds a culture of complacency at best and breeds a better kind of idiot at worst. Pulling a cable is absolutely no substitute for actually having security thought through in the organisation, and I'll take well thought out firewall / VPN infrastructure any day over the pull the cable approach which by its nature necessitates bypassing the airgap.
Anything that doesn't need to be on the Internet shouldn't have a connection, so instead of a good firewall, you should chose the best firewall.
You've lost. Everything needs a network connection somewhere, and every network eventually needs a connection to the internet. The key is segregation in the design stage. Otherwise you'll end up with what we call box-rot, a set of computer systems isolated constantly being connected to and from with various mechanisms or best yet, ignored completely with security issues more wide open than a $2 hooker.
This 'need to be networked' thing is nice on paper
That paper is often one of the following:
- Legal requirement
- Technical limitation
- Geographical limitation
- Operational limitation
Most organisations would be unable to operate a local compressor without some access to a wider network let alone a country wide wind farm, energy grid, etc.
If you think everything has to be on the Internet, then in your words 'you are an idiot'.
But I repeat myself: Oh I see now you don't actually work in the industry.
Bottom line and ... access to services for 1bn people?
What do you think the outcome of disobeying the Chinese would be? (Rhetorical question, we saw the answer a few years ago). Cut off the entire Chinese market from Google services. I'm sure all those people would be far better served by being restricted to state run and sanctioned search engines and content providers all for the sake of a single dissident.
The way I see it they took the least evil approach. At least now some content is able to slip through.
"Do No Evil" has become highly subjective at Google\YouTube\Alphabet.
Yes! Google should instead not bow to the Chinese government and get themselves firewalled off from 1billion people. That would make those people much better off as they can then move to ... errr .... state run services.
Christ, how much influence over these tech giants does the Chinese government have?
Was this a serious question? Because within the great firewall the answer is 100% You want access to the market you play by the rules.
Actually the same is said for most countries. The only difference in the USA is that the government is at least open to lobbying and will often make decisions favourable to the companies in question. I take it you don't recall the panic in the industry about the no encryption laws earlier this year? The USA government has the same kind of power over these tech giants, they just make different decisions.
You knew it was only a matter of time.
For obeying the law in the country in which they do business? Yeah I'm sure simply cutting off a billion people from the internet and their services forcing them to go back to truly government owned services would be far better for humanity.
Is that your security philosophy? If that's the case then you're an idiot. Pulling a cable doesn't make something secure. You need an entire culture of security to do that.
None whatsoever!
Oh I see now you don't actually work in the industry. Sorry but there's a myriad of reasons that these systems need to be networked over a wide scale, the least of which isn't that they don't work otherwise.
If you need constant monitoring of stuff, give someone a job to monitor.
Err no. Get a clue.
Any bets the majority of compromised computers ran a version of windows? We need to stop using Windows in these environments.
And THIS is the exact kind of thinking that causes big gaping security issues for companies. The idea that there's a single solution rather than an entire philosophy to security is not only absurd, it's absolutely downright dangerous.
Not running Windows protects you from random online malware designed specifically to attack as large of an install base as possible to maximise return. It does NOTHING for a targeted attack. Have you learnt nothing from the likes of Stuxnet? A piece of malware coded specifically against a vulnerability of a specific model of a specific PLC?
I really hope you're not in the security industry, but if you are let me know where. I'm ... errr ... asking for a Russian .... friend.
And just how is this supposed stalker supposed to target the individual phone ID? In the advertising world the individual's ID is the goose that lays the golden eggs for the advertiser service provider. You would need to carefully profile the target and then hope no one else fitting the profile is in the location that you're targeting since Google et al, would never hand over or let you target the ID itself.
At which point, why not just stalk the traditional way. Cost is not the issue here, it just seems like a ludicrously stupid way of tracking someone.
I don't know of any other company that has a monthly release cycle for security updates, even for zero day bugs! Google you are evil, you should be like Micros... oh.
My great grandfather came to this country from Canada via Germany LEGALLY!
My great grandfather bought Heroin from the corner drug store to help treat his grandma's headache LEGALLY! It's amazing how the laws have changed over the years, especially immigration law which at the time of your grandfather would have required ... errr.... just coming in. Referencing the past as some comparison to the present only serves to show how little you understand of the world.
Yeah, so we can become like Malmo, Sweden
It would be a major step up for many American cities.
Watching a few videos of something that burns and doesn't explode doesn't change anything. I could watch them all day and not feel at risk because, and I can't stress this enough, really I can't, and it doesn't matter how many James Bond films you see, and it doesn't matter how many times you incorrectly use the word bazooka: I feel no risk because burning a hole in the fuselage with thermite or your mythical entire briefcase full of lithium batteries which aren't allowed on the plane anyway WOULD NOT KILL PEOPLE ON A PLANE.
What do you think why it is already forbidden to carry lith ion batteries in cargo?
Fire risk in an inaccessible area setting fire to the tinderbox that is the belongings of 300 people. That *could* cause problems for a lot of people through major smoke and fire risk.
But if it just burnt its way through the fuselage then all you'd experience is a drop of pressure and a controlled and orderly landing at the nearest airport. Whoop de fucking do.
There are three factors for authentication. Something you know, something you have and something you are.
Why would we give up one in favour of another when we could adopt the radical idea of using TWO AT ONCE.
Or it burns a hole into the hull and kills every one.
Okay, too many action movies for you. I think it's time you went to bed.
Microsoft has a history of mixed bags. Part fantastic, part absolute turds. Any generalisation of a company like that doesn't make much sense, unlike your Toyota and Ford example who's products have been very consistent over many years.
Mind you as of late I wouldn't touch a German car with a 10 foot pole for all their reliability problems either. So things can and often do eventually change.
It doesn't. This is the combination of two things:
a) Your HTTPS connections appear broken and insecure due to HSTS demanding an SSL certificate for a site previously visited securely and the public wifi login page being unable to provide the correct one.
b) Your browser not recognising the need to redirect because of the SSL error.
This isn't the public wifi's fault. All you need to do is open a know non-https page that will force the redirect to the login page. Sometimes this won't work if you force your DNS settings.
There's little reason why publicly available non-controversial information should be encrypted
We live in a world where the consumption of publicly available information is criminal. This isn't even limited to shithole dictator regimes, but now we are starting to see it in the west too.
The only person who can decide if it is important for the information to be encrypted is the person who stands to be persecuted for consuming it.