Absolutely not. I didn't mention the fact that I screwed up and tried out Google Fi. It FORCE tied my phone to my google account. There is no way to untie it now. I have been all the way to the developer level and they said that is by design. So since I used a Google fi account tied to my gmail account, I can no longer part with my phone. If I carry my companies loaner phone and try to check my personal email while on a work visit to another area, there is no way I can do it without also carrying my cell phone to get the authentication text. Their stated goal is tie one to the other and that goal is slowly creeping into other services they offer.
I don't WANT there to be any tie in between my user account and my device. I want my accounts to both secure AND as anonymous as possible. I don't want Google's repeated efforts of tieing a specific human to a specific user account. That is not for them to know and I trust them even less than malware creators.
I was just talking about this this morning with co-workers as it pertains to phones. ALL the choices for phones are equally bad in different ways.
Apple: No configurability, everything dumbed down. It's my way or the highway approach. Better privacy but still completely unacceptable that using the device to its fullest potential requires cloud services
Android: Horrible privacy, actively works to pester you into doing things in ways that decrease your privacy even more. Better configurability
Both are walled gardens and pay to play where Apple/Google have more control over what is on your phone or who you do business with than you do. Neither allow fully local backups of apps, data or device without hacking it.
All of it is completely unacceptable. I will on the Librem 5 so fast it will make your head spin when it reaches market.
Not JUST that. The fact that AI is a looong way away from running locally. 20 years ago we all looked as AI as sitting on a really smart computer that was within walking distance of us and controlled for the most part by the people within walking distance of it. AI now is possibly hundreds of miles away controlled by people who look at us as a dollar bill. I'll use all the wonders of AI when it is sitting on a device completely and utterly under my control unless it is the beginning of the singularity. Then I'll have to apologize to it for all the porn I made it look up for me.
How about software written that doesn't try to force you into the cloud. How about controls that truly limit information leaks from your browser that can be used to fingerprint you, such as always reply with the same font list regardless of what you have on your computer, or refuse to give up mouse hover location, and do not send keystrokes in real time, require a click or OK to send form data as a completed field rather than streamed. Take away every avenue used for unique identification by default at the browser level. Unique identification should only be possible if the user signs in with credentials.
Companies bulding encryption into their product is absolutely worthless. I don't trust any app that provides its own security/encryption. I don't trust the company to not give it up. For example any cloud company wanting me to use their service. I'll encrypt my data locally using encryption tools that I control and upload a pre-encrypted blob to your cloud if I want to use your service.
Google just keeps on doing things to aggravate users who care about their privacy and security into doing things that cause them to sacrifice it. Google instant was one of the first things. Anyone who is a touch typist (doesn't have to look at the keyboard to type) likely despise the fact that the screen changes and lags as you type. No way to disable it permanently without logging in and confirming your identity. Another example is how hard it has gotten to use Google services without giving them your phone number and a way to tie the account to a real human. The whole goal of using web services for many is a way to have an anonymous identity. If you use project fi for your voice services, then there is no way to keep your phone and email separate. Even if you turn off 2 factor auth through your phone, it still requires it if you use Project Fi. This is just another case of Google disguising actions as security which reduce the level of privacy and security you have. They look at security/privacy as something they provide for you and what they say is best. They refuse to see that there are many of us who refuse to give up our privacy and security to someone else and that it is very likely Google and other corporations who we are trying to protect ourselves from.
As do I. Its the lunacy of app stores coming to PC's. The OWNER of the PC controls its security, not the app developer or OS developer other than writing secure code that is hopefully open source so other people can confirm.
At least original specifications leaves room for argument. Many devices are general purpose computing devices. Just because they may be sold with software that cripples the capability of the hardware, it can be argued that the original specification of the HARDWARE is to have a feature enabled... or even that the original specification of the HARDWARE is that of a general purpose computing device where the only limitations are the imagination of the person writing the software. This is the first step in a foothold for enshrining that hardware and software are two separate things.
This is why open standards should be codified by law. Encryption and DRM should NOT be allowed to be used to lock you into the PLAYER/VIEWER/APPLICATION software to use content. If the content was free'd to be used in any application by law, then this type of shit wouldn't be happening.
I don't necessarily agree with this. I think you are correct that Gnome 3 and Unity were both horrible. Horrible in the aspect of trying to force everyone to touch style interfaces. Horrible if you used the system for real work. Horrible if you used multiple screens, especially in a over/under format. Gnome 2 was much better at matching Windows than both KDE or Gnome 3 but even it fell short. But Cinnamon on top of Gnome 3 is absolutely fantastic. In my opinion it is better than all the other competitors. I think it is the most useful and full featured desktop to be here yet in linux and its defaults are sane for those coming from Windows but granular enough to satisfy people who have been using linux for a while. KDE is OK, but still falls short especially in sane defaults department. Its definitely customizable to anything you want it to be. But useful and familiar right out of the box... no.
Umm.. that is exactly what I said. The ability of the owner of a device to snoop their own device traffic AT THE ENDPOINT needs to enshrined in law. Our devices are being weaponized against us.
The OWNER of endpoints should always be able to see what is flowing over the encrypted channel. Man in the middle is ALWAYS bad. If there are designed in ways for the owner of endpoint devices to inspect their traffic, then man in the middle is irrelevant. But what we have now is different levels of bad depending on the class of device we're talking about. For enterprise devices, the corporate owner should technically already have the ability to enforce a proxy or to enforce software installation that allows inspection of any and all traffic. But the real problem is Internet of things and home user class devices where vendors are weaponizing our devices against us and treating us as the thing that needs to be secured against. I should be able to see, decrypt, analyze and authorize every byte of traffic leaving my home, whether it comes from my smart TV, my PC, my phone or any apps on those devices. And it should be done without the defeating the security with a man in the middle. Just the fact that I own the device means I should be able to inspect all traffic coming and going through the interface before or after decryption but in a state not controlled or limited by any application that I don't have complete control of. The only way this will ever happen is if a consumer bill of rights ever comes.
Thats just it. I imply above that I'm going to come to the table with data to support my argument. But I'm not going to change my argument to prop up someones emotional or political motivations. If you bring better data and prove me wrong, you've made me a better person... I can take it. I also understand there are areas where there different weights placed on different points and we may come at a problem while weighing different things as the most important factor. Present the data come up with a mutually agreeable weighting on pros and cons and deal with it.
There are also politically or emotionally motivated tasks in the workplace. Many people do them and know they are bullshit, but don't speak up because its someones pet project or there is an emotional investment. Call bullshit bullshit and move on. People shouldn't get offended, prove your idea is better with data or gtfo. Getting offended because you have an emotional or political reason for continuing down a bullshit path offends me.
This sentiment is bullshit. Empathy has nothing to do with this and being anti-social has nothing to do with it. I'm not going to try and argue that Linus isn't an asshole toward people, but I DO argue that political correctness and emotion have no place in a work environment. Half of the bad decisions out there come from people doing what they know is bullshit just because it someones pet project who they don't want to upset... usually because that person is higher up in the hiearchy in a traditional business structure. But I argue that open source is better in many cases because that hierarchy doesnt exist. People CAN and DO call bullshit on things when its bullshit. I don't care if you are offended if someone says your code or thing is bullshit. Back it up with data or go the hell on. No one is here to keep you feeling good about yourself. Do good work or fix your shit when someone calls you out on it. I think that is WAY better than the typically emotionally motivated bullshit that goes on in most companies.
Owners should have complete control of their software/hardware even if it is a car. The fact that they can change it any way, the fact that they can restrict your ability to change configurable settings with your device/thingy/car/anything is unacceptable. Sure put a warning on it that you may be changing things that affect the longevity of your thing. But its your decision and anyone having control of anything on someone elses thing that wasn't explicitly allowed by the owner is operating malware. Teslas come preloaded with malware that allows this.
"Keep the operating safe from harm". That's both hilariousand fucked up. It needs to be the other way around. Run a sandboxed chrome OS inside of a linux container that is under the OWNERS control. Is security. The definition of malware is software not under the owners control, so by definition chromeOS is a security risk to the owner of the device.
I'll take $20 for my efforts and me and my air compressor will get you handled. If we get you aimed right, we may even be able to handle some target practice.
Slashdot Mirror
Absolutely not. I didn't mention the fact that I screwed up and tried out Google Fi. It FORCE tied my phone to my google account. There is no way to untie it now. I have been all the way to the developer level and they said that is by design. So since I used a Google fi account tied to my gmail account, I can no longer part with my phone. If I carry my companies loaner phone and try to check my personal email while on a work visit to another area, there is no way I can do it without also carrying my cell phone to get the authentication text. Their stated goal is tie one to the other and that goal is slowly creeping into other services they offer.
I don't WANT there to be any tie in between my user account and my device. I want my accounts to both secure AND as anonymous as possible. I don't want Google's repeated efforts of tieing a specific human to a specific user account. That is not for them to know and I trust them even less than malware creators.
I was just talking about this this morning with co-workers as it pertains to phones. ALL the choices for phones are equally bad in different ways.
Apple: No configurability, everything dumbed down. It's my way or the highway approach. Better privacy but still completely unacceptable that using the device to its fullest potential requires cloud services
Android: Horrible privacy, actively works to pester you into doing things in ways that decrease your privacy even more. Better configurability
Both are walled gardens and pay to play where Apple/Google have more control over what is on your phone or who you do business with than you do. Neither allow fully local backups of apps, data or device without hacking it.
All of it is completely unacceptable. I will on the Librem 5 so fast it will make your head spin when it reaches market.
I'll monitor my own shit thank you. I trust YOU (Google) even less than the bad guys.
Not JUST that. The fact that AI is a looong way away from running locally. 20 years ago we all looked as AI as sitting on a really smart computer that was within walking distance of us and controlled for the most part by the people within walking distance of it. AI now is possibly hundreds of miles away controlled by people who look at us as a dollar bill. I'll use all the wonders of AI when it is sitting on a device completely and utterly under my control unless it is the beginning of the singularity. Then I'll have to apologize to it for all the porn I made it look up for me.
How about software written that doesn't try to force you into the cloud. How about controls that truly limit information leaks from your browser that can be used to fingerprint you, such as always reply with the same font list regardless of what you have on your computer, or refuse to give up mouse hover location, and do not send keystrokes in real time, require a click or OK to send form data as a completed field rather than streamed. Take away every avenue used for unique identification by default at the browser level. Unique identification should only be possible if the user signs in with credentials.
Companies bulding encryption into their product is absolutely worthless. I don't trust any app that provides its own security/encryption. I don't trust the company to not give it up. For example any cloud company wanting me to use their service. I'll encrypt my data locally using encryption tools that I control and upload a pre-encrypted blob to your cloud if I want to use your service.
Everywhere
Is the same as doing heart surgery in the hospital toilet. It can work in theory, but you end up swimming in shit.
Mulligan
Google just keeps on doing things to aggravate users who care about their privacy and security into doing things that cause them to sacrifice it. Google instant was one of the first things. Anyone who is a touch typist (doesn't have to look at the keyboard to type) likely despise the fact that the screen changes and lags as you type. No way to disable it permanently without logging in and confirming your identity. Another example is how hard it has gotten to use Google services without giving them your phone number and a way to tie the account to a real human. The whole goal of using web services for many is a way to have an anonymous identity. If you use project fi for your voice services, then there is no way to keep your phone and email separate. Even if you turn off 2 factor auth through your phone, it still requires it if you use Project Fi. This is just another case of Google disguising actions as security which reduce the level of privacy and security you have. They look at security/privacy as something they provide for you and what they say is best. They refuse to see that there are many of us who refuse to give up our privacy and security to someone else and that it is very likely Google and other corporations who we are trying to protect ourselves from.
As do I. Its the lunacy of app stores coming to PC's. The OWNER of the PC controls its security, not the app developer or OS developer other than writing secure code that is hopefully open source so other people can confirm.
At least original specifications leaves room for argument. Many devices are general purpose computing devices. Just because they may be sold with software that cripples the capability of the hardware, it can be argued that the original specification of the HARDWARE is to have a feature enabled... or even that the original specification of the HARDWARE is that of a general purpose computing device where the only limitations are the imagination of the person writing the software. This is the first step in a foothold for enshrining that hardware and software are two separate things.
This is why open standards should be codified by law. Encryption and DRM should NOT be allowed to be used to lock you into the PLAYER/VIEWER/APPLICATION software to use content. If the content was free'd to be used in any application by law, then this type of shit wouldn't be happening.
I don't necessarily agree with this. I think you are correct that Gnome 3 and Unity were both horrible. Horrible in the aspect of trying to force everyone to touch style interfaces. Horrible if you used the system for real work. Horrible if you used multiple screens, especially in a over/under format. Gnome 2 was much better at matching Windows than both KDE or Gnome 3 but even it fell short. But Cinnamon on top of Gnome 3 is absolutely fantastic. In my opinion it is better than all the other competitors. I think it is the most useful and full featured desktop to be here yet in linux and its defaults are sane for those coming from Windows but granular enough to satisfy people who have been using linux for a while. KDE is OK, but still falls short especially in sane defaults department. Its definitely customizable to anything you want it to be. But useful and familiar right out of the box... no.
I'm more likely to be on board with selective culling of PEOPLE than eating less meat. Heck, I'd eat the culled people before I'd stop eating meat.
Umm.. that is exactly what I said. The ability of the owner of a device to snoop their own device traffic AT THE ENDPOINT needs to enshrined in law. Our devices are being weaponized against us.
The OWNER of endpoints should always be able to see what is flowing over the encrypted channel. Man in the middle is ALWAYS bad. If there are designed in ways for the owner of endpoint devices to inspect their traffic, then man in the middle is irrelevant. But what we have now is different levels of bad depending on the class of device we're talking about. For enterprise devices, the corporate owner should technically already have the ability to enforce a proxy or to enforce software installation that allows inspection of any and all traffic. But the real problem is Internet of things and home user class devices where vendors are weaponizing our devices against us and treating us as the thing that needs to be secured against. I should be able to see, decrypt, analyze and authorize every byte of traffic leaving my home, whether it comes from my smart TV, my PC, my phone or any apps on those devices. And it should be done without the defeating the security with a man in the middle. Just the fact that I own the device means I should be able to inspect all traffic coming and going through the interface before or after decryption but in a state not controlled or limited by any application that I don't have complete control of. The only way this will ever happen is if a consumer bill of rights ever comes.
Thats just it. I imply above that I'm going to come to the table with data to support my argument. But I'm not going to change my argument to prop up someones emotional or political motivations. If you bring better data and prove me wrong, you've made me a better person... I can take it. I also understand there are areas where there different weights placed on different points and we may come at a problem while weighing different things as the most important factor. Present the data come up with a mutually agreeable weighting on pros and cons and deal with it.
There are also politically or emotionally motivated tasks in the workplace. Many people do them and know they are bullshit, but don't speak up because its someones pet project or there is an emotional investment. Call bullshit bullshit and move on. People shouldn't get offended, prove your idea is better with data or gtfo. Getting offended because you have an emotional or political reason for continuing down a bullshit path offends me.
This sentiment is bullshit. Empathy has nothing to do with this and being anti-social has nothing to do with it. I'm not going to try and argue that Linus isn't an asshole toward people, but I DO argue that political correctness and emotion have no place in a work environment. Half of the bad decisions out there come from people doing what they know is bullshit just because it someones pet project who they don't want to upset... usually because that person is higher up in the hiearchy in a traditional business structure. But I argue that open source is better in many cases because that hierarchy doesnt exist. People CAN and DO call bullshit on things when its bullshit. I don't care if you are offended if someone says your code or thing is bullshit. Back it up with data or go the hell on. No one is here to keep you feeling good about yourself. Do good work or fix your shit when someone calls you out on it. I think that is WAY better than the typically emotionally motivated bullshit that goes on in most companies.
Owners should have complete control of their software/hardware even if it is a car. The fact that they can change it any way, the fact that they can restrict your ability to change configurable settings with your device/thingy/car/anything is unacceptable. Sure put a warning on it that you may be changing things that affect the longevity of your thing. But its your decision and anyone having control of anything on someone elses thing that wasn't explicitly allowed by the owner is operating malware. Teslas come preloaded with malware that allows this.
"Keep the operating safe from harm". That's both hilariousand fucked up. It needs to be the other way around. Run a sandboxed chrome OS inside of a linux container that is under the OWNERS control. Is security. The definition of malware is software not under the owners control, so by definition chromeOS is a security risk to the owner of the device.
I'll take $20 for my efforts and me and my air compressor will get you handled. If we get you aimed right, we may even be able to handle some target practice.
Both are equally insecure. When the owner of the device isn't the one in control of the security landscape then the OS itself is malware.