Shellshock does a good job of illustrating a fundamental security flaw in bash but also in Redhat. Redhat, Fedora and CentOS are the most at risk OSs because Redhat decided to make bash the default shell. This was a deeply flawed system design decision driven by NIH (not invented here syndrome). The problem is that bash was written and is maintained by Redhat. As a result scripts that should have been written in the Bourne shell are instead using bash. Even scripts that use Bourne (/bin/sh) are executing bash on Redhat systems as sh is symlinked from bash. This is not the case on Debian-based Linux (Ubuntu et al) as they don't symlink bash to sh or specify bash as the default shell script interpreter. Neither is it the case on the BSDs which don't even ship with bash.
So why then is bash an inappropriate choice for shell scripting? Bash is designed to be an interactive shell. As a result it a much larger program and has a correspondingly larger codebase than Bourne, most of which is dedicated to auto-completion and other interactive features. All else being equal (and it is in this case) more code correlates with less security. Bash is also not POSIX-compliant. As a result it is not cross-platform compatible nor are its features or design subject to substantial design review. This and other reasons (like security) are why all Unix and Linux distributions other than Redhat specify POSIX Bourne as the default shell scripting language.
Redhat aside many third party shell scripts are written in bash that use no bash features i.e., they would run with little or no modifications under sh. So why are these scripts written in bash? The primarily reasons are A) script authors don't understand or value cross-platform compatibility and B) don't know the differences between bash and sh (commonly due to familiarity with bash as an interactive shell). A third but equally important factor is the lack of formal Linux or Unix training.
Just as shell scripts should not be written in csh (or tcsh) they should also not use bash (or ksh). Shell script authors should A) keep it simple, B) be aware of cross-platform differences, C) value POSIX-compliance and D) value security. With these best practices bugs like shellshock won't have such an impact.
deprecation model: break the code so it can't possibly work, wait two years with no bug reports, remove. This is literally how a lot of rubbish no actual users cared
If only... More often bug reports are removed for lack of a "more detailed explanation" or lack of a patch.
Horrible backwards compatibility is Linux' Achilles heel and the reason it has utterly failed to displace MS and Apple on the desktop.
C) KIS (keep it simple (and cross-platform compatible))
D) hire the right people (i.e., open at least one freaking office in SV/SF)
E) it's all about management
Management has to be well connected to end-users and end-user sysadmins. Management has to know how to review code (diffs) and do good QA (used to be Canonical's leg up on RH). This isn't rocket science. It isn't pur s/w development or pure sysadmin either. It is, findamentally, an issue of experience and good management. To be sure Canonical is the best placed company to be _the_ Linux desktop but they have not, of late, demonstrated a good understanding of how to get from here to there.
KDE4 and Gnome3 have set the Linux desktop back nearly a decade. All of our plans to convert desktops from Windows have been put on hold, indefinitely.
Question is why. Why have these two key window managers not only gotten worse but become worse than any window manager since CDE?
Part of it has t be a lack of design guidelines. It also has to be due to a lack of leadership, designed by committee, lord of the flies and all that. But that can't be all there is. I know this isn't all because a friend of mine is one of the contributors and I know he works for Microsoft on the side. Open source desktops won't be viable, if you ask me, until they've solved these 3 fundamental issues.
Evaluation metrics, yea, that's the ticket. The reason Google sucks of late is partly because spam filtering is difficult but in this case it is especially difficult as they actually profit off of much of what we see as search spam. That is to say that our metrics (results) are different from theirs (profit and results). Of course they'll tell you that Adwords customers are shown no preference in search listing, but what else are they going to say...
This is no different than what happened at DEC's Alta Vista, whose search results used to be better than Google's are now. That was before the bean counters^H^H^H^H stock holders made a stink about the lack of "value appreciation". Sucks to have owners whose short term interests conflict with your (long term) business model.
I'm sorry to have to say this to you like this, but you have no idea what you're talking about.
Sorry but we do know. Whether the equipment you cited supports IPv6, well or otherwise, is irrelevant because 99.999% of the Internet is inaccessible to IPv6 nodes without NAT64 and NAT46.
Anybody who has tried to use IPv6 knows this. IPv6 will never reach more than 0.01% of the Internet without NAT64 and NAT46 and probably NAT66 as well.
Everyone knows NAT works because everyone uses NAT, most of us aren't even aware of it. The only people who have a problem with NAT are ILECs like ATT, aggregators like Google, and wirters of trojans, viruses, spambots and other P2P malware. These groups know that access to us and our data would be much easier with NAT out of the way, and they think IPv6 is a way to make this happen. Claims that NAT is harmful only exist because the ATTs and Googles of the world have a lot of money to spend on astroturf.
Is this a rhetorical question or what? Considering that no equipment currently on the market does IPv4 to IPv6 NAT any IPv6 device would only be able to contact at best 0.001% of the Internet. Give me a break is right, just not a broken Internet. IPv6 is still a long way from being usable.
Not just Paypal but Wells Fargo as well. When I heard about Paypal and Amazon I went to the wikileaks website to make a donation. Not only was my charge denied but they put a hold on my card! Talk about harassment. It's bad enough when your own government breaks the law, worse when vendors decide to run a protection racket when they disagree with a customer's purchases/donations.
Re:Relax.. Take a deep breath..
on
Anxiety and IT?
·
· Score: 2, Insightful
You cannot "think" yourself out of stress
It's true you can't "think" yourself out of stress but you can meditate on your stress, its effect on your body and your thinking, and come to terms with it in that way. Meditation does not involve thinking i.e., internal dialog, but it does involve taking the time to sit quietly for a half hour or more and just focusing on what exactly the"stress" is. That's the only way to achieve real understanding of it, to come to terms with it, to live with it, and to mitigate its negative effects. It's the same for other types of pain.
If, like most people, you deal with stress by trying not to think about it, by staying busy, by drinking, taking drugs, watching TV, even by exercising (alone) you'll still suffer from it.
If you want to see what meditation is about download a few lectures from audiodharma (to your smartphone or PC) and listen to them while commuting or before bed.
Meditation techniques are even taught in hospitals in the US thanks to unequivocal research showing its beneficial effects. See also books/audiobooks by Jack Kornfield, Lama Surya Das, the Dalai Lama, or Alan Watts among many.
* Car-1 gets 27 MPG running gasoline. I pay $3.19 per gallon. $0.12 per mile
* Car-2 gets 40 MPG running diesel. I pay $3.79 per gallon. $0.09 per mile
Would be nice if that were the sole measure of cost per mile, but it fails to factor-in the cost of higher compression ratios, which A) will experience blow-by earlier than engines with lower rations. When that happens pollution will increase substantially and efficiency will drop until B) the engine gets a ring job, costing big bucks.
Diesel's actually not that bad. It gets a bad rap because it's used in a lot of truly awful applications, but it's not much worse than regular gasoline when combusted reasonably efficiently
Efficient or not Diesel exhaust contains a lot of particulate matter. The stuff accumulates in the lungs where it is far more damaging to human health than gasoline's non-particulate components.
Other than that, and the need for high compression ratios Diesel is pretty good. High compression, OTOH, is hard on piston rings and other parts of the drivetrain and kills efficiency when the inevitable early wear starts in. Replacing piston rings is also very expensive.
I'm not an expert on Android internals or anything, but I think this story is being significantly overblown.
Seriously understated... The problem with Oracle and Google is simply licensing. If Google had licensed Java like every other company doing a port like Android perhaps Sun would still be a viable company today. Perhaps it is unfortunate that Sun did not want to litigate, but you can't expect Oracle to drop the same ball.
The problem with the approach is that it's very difficult to do in a way that doesn't break backwards compatibility, and if you're going to break compatibility then you may as well fix other things at the same time.
Didn't have to be that way. We could have had an IPv5 with all the addresses and none of the backwards compatibility issues if not for special interests in the IETF:
NAT is only a problem if you are a Google, a Government, or some other entity who is effectively prevented from monitoring someone because they do not have a unique IP address. NAT is the most effective privacy tool on the Internet. The only people calling it evil are ILECs, doubleclicks, and spies.
Of course NAT is also good when you want to switch Internet providers, or have more than one ISP. Without it you would have to renumber all your internal hosts to change or fail-over. ILECs have so far blocked NAT in IPv6 because it will provide such good vendor lock-in.
NAT is also incredibly effective in firewalling outside hosts from getting a free pass to internal networks. Of course spies, "aggregators", and spyware vendors don't like this.
The sad part is that few will adopt IPv6 until it has a standardized NAT. ILECs don't really care if this never happens because they will make a bundle reselling addresses in the resulting IPv4 bubble. Not just ILECs of course, but companies like Cisco, HP, and even Allstate Insurance who registered millions of IP addresses decades ago, before the advent of CIDR.
I guess all this is not really so sad when you consider that what's really sad is our (US) government, who can't even see what's coming down the pike.
NAT is only evil if you are a Google, a Government, or some other entity who is effectively prevented from monitoring someone because they do not have a unique IP address. NAT is the most effective privacy tool on the Internet. The only people calling it evil are ILECs, doubleclicks, and spies.
Of course NAT is also good when you want to switch Internet providers, or have more than one ISP. Without it you would have to renumber all your internal hosts to change or fail-over. ILECs have so far blocked NAT in IPv6 because it will provide such good vendor lock-in.
NAT is also incredibly effective in firewalling outside hosts from getting a free pass to internal networks. Of course spies, "aggregators", and spyware vendors don't like this.
The sad part is that few will adopt IPv6 until it has a standardized NAT. ILECs don't really care if this never happens because they will make a bundle reselling addresses in the resulting IPv4 bubble. Not just ILECs of course, but companies like Cisco, HP, and even Allstate Insurance who registered millions of IP addresses decades ago, before the advent of CIDR.
I guess all this is not really so sad when you consider that what's really sad is our (US) government, who can't even see what's coming down the pike.
The media just reflects what is acceptable to society
No it doesn't. The media reflects what sells. Any correlation with social values is purely coincidental.
One thing you have to keep in mind, when reading the OP, is that this is the perspective of someone who watches a lot of TV, and hangs out with other people who watch a lot of TV.
Now that MySQL is owned by Oracle it looks like Postgres may, over time, become the only truly FOSS RDBMS.
When I read that there is a major FreeBSD replication bug that MySQL developers have not fixed for some time I have to wonder whether these are the same dirty tricks that Sun employed to advantage some OSs over others. If so this would tend to validate the rumor that Oracle may buy RedHat. Then the gloves would come off no doubt, and Oracle's preferred platforms would get all the bug fixes while other distributions and OSs would get crumbs, like they've done with the Oracle DB for years.
As always, software that is developed cross-platform, on multiple OSs, will be better than software that is developed on a single or smaller number of distributions and OSs. Oracle (and IBM's) efforts to secure vendor lock-in will only work short-term. In the long run their plans won't work out so well but until then I'm sticking with Postgres (and Ubuntu, Debian, FreeBSD, and OpenBSD).
Cannot believe the hype this is getting. I even heard about it on anti-technical NPR radio this morning. No experienced engineers, however, are taking it seriously. It is clearly an excess of marketing / PR with a very low signal to noise (substance to hype) ratio.
Does Google seriously think this "feature" will be popular? If so I fear for their future. Casting about for new ideas this far off-base indicates either their marketing department is overstaffed or they are going down the path of Yahoo...
Google not only prioritizes its own services it also provides "priority placement" to its direct customers. Ever notice how often paid services like springersource and experts-exchange rank high in search results despite only being available to paying customers?
went to consumerwatchdog.org and used their search engine
We know consumerwatchdog is astroturfing for Microsoft, but where's the harm in that (as long as we know whose paying for it)? Considering Google subcontracts to at least as many astroturfing PR firms, many of whom are less transparent than consumerwatchdog, there's nothing to stop them from making the same criticisms of Bing, Hotmail, Windows...
In both of these cases the criticisms are valid and pro-consumer. Isn't that what competition is about? I mean come on, we're not talking rhetoric here.
If you really don't understand the value of privacy then would you, for the sake of verifying your sincerity, posting your own browsing history for the last few days?
If not the average person would have to assume that you have some financial stake in (other's) browsing history. We know Google owns doubleclick and pays PR firms to astroturf i.e., pose as people who "don't understand" in various public forums. All we don't know is who those 'turfers work for.
I think it is unrealistic and impractical. It's quite reasonable for an average person to fail to understand the magic that can
happen in the Internet
Sounds like what Google and other data mining and marketing companies would like us to believe, but I've found that it really doesn't take much for an average person to learn to protect themselves from this tracking. Yes you do need to use Firefox with a smart cookie blocker (and flash cookie blocker), and yes you do need to use Scroogle in place of Google, and avoid Yahoo, Hotmail, Gmail and a few other freemail services, but that's not a big change for most people.
Slashdot Mirror
Shellshock does a good job of illustrating a fundamental security flaw in
bash but also in Redhat. Redhat, Fedora and CentOS are the most at risk
OSs because Redhat decided to make bash the default shell. This was a
deeply flawed system design decision driven by NIH (not invented here
syndrome). The problem is that bash was written and is maintained by
Redhat. As a result scripts that should have been written in the Bourne
shell are instead using bash. Even scripts that use Bourne (/bin/sh) are
executing bash on Redhat systems as sh is symlinked from bash. This is
not the case on Debian-based Linux (Ubuntu et al) as they don't symlink
bash to sh or specify bash as the default shell script interpreter.
Neither is it the case on the BSDs which don't even ship with bash.
So why then is bash an inappropriate choice for shell scripting? Bash is
designed to be an interactive shell. As a result it a much larger
program and has a correspondingly larger codebase than Bourne, most of
which is dedicated to auto-completion and other interactive features.
All else being equal (and it is in this case) more code correlates with
less security. Bash is also not POSIX-compliant. As a result it is not
cross-platform compatible nor are its features or design subject to
substantial design review. This and other reasons (like security) are
why all Unix and Linux distributions other than Redhat specify POSIX
Bourne as the default shell scripting language.
Redhat aside many third party shell scripts are written in bash that use
no bash features i.e., they would run with little or no modifications
under sh. So why are these scripts written in bash? The primarily
reasons are A) script authors don't understand or value cross-platform
compatibility and B) don't know the differences between bash and sh
(commonly due to familiarity with bash as an interactive shell). A third
but equally important factor is the lack of formal Linux or Unix
training.
Just as shell scripts should not be written in csh (or tcsh) they should
also not use bash (or ksh). Shell script authors should A) keep it
simple, B) be aware of cross-platform differences, C) value
POSIX-compliance and D) value security. With these best practices bugs
like shellshock won't have such an impact.
Given Google's collusion with AT&T on wireless network neutrality you have to wonder whether AT$T influenced this decision as well.
deprecation model: break the code so it can't possibly work, wait two years with no bug reports, remove. This is literally how a lot of rubbish no actual users cared
If only... More often bug reports are removed for lack of a "more detailed explanation" or lack of a patch.
Horrible backwards compatibility is Linux' Achilles heel and the reason it has utterly failed to displace MS and Apple on the desktop.
What would you suggest Canonical do instead?
A) support Trinity.
B) fork Trinity if it goes the way of KDE4
C) KIS (keep it simple (and cross-platform compatible))
D) hire the right people (i.e., open at least one freaking office in SV/SF)
E) it's all about management
Management has to be well connected to end-users and end-user sysadmins. Management has to know how to review code (diffs) and do good QA (used to be Canonical's leg up on RH). This isn't rocket science. It isn't pur s/w development or pure sysadmin either. It is, findamentally, an issue of experience and good management. To be sure Canonical is the best placed company to be _the_ Linux desktop but they have not, of late, demonstrated a good understanding of how to get from here to there.
have to agree they suck at the moment
KDE4 and Gnome3 have set the Linux desktop back nearly a decade. All of our plans to convert desktops from Windows have been put on hold, indefinitely.
Question is why. Why have these two key window managers not only gotten worse but become worse than any window manager since CDE?
Part of it has t be a lack of design guidelines. It also has to be due to a lack of leadership, designed by committee, lord of the flies and all that. But that can't be all there is. I know this isn't all because a friend of mine is one of the contributors and I know he works for Microsoft on the side. Open source desktops won't be viable, if you ask me, until they've solved these 3 fundamental issues.
according to the evaluation metrics
Evaluation metrics, yea, that's the ticket. The reason Google sucks of late is partly because spam filtering is difficult but in this case it is especially difficult as they actually profit off of much of what we see as search spam. That is to say that our metrics (results) are different from theirs (profit and results). Of course they'll tell you that Adwords customers are shown no preference in search listing, but what else are they going to say...
This is no different than what happened at DEC's Alta Vista, whose search results used to be better than Google's are now. That was before the bean counters^H^H^H^H stock holders made a stink about the lack of "value appreciation". Sucks to have owners whose short term interests conflict with your (long term) business model.
I'm sorry to have to say this to you like this, but you have no idea what you're talking about.
Sorry but we do know. Whether the equipment you cited supports IPv6, well or otherwise, is irrelevant because 99.999% of the Internet is inaccessible to IPv6 nodes without NAT64 and NAT46.
Anybody who has tried to use IPv6 knows this. IPv6 will never reach more than 0.01% of the Internet without NAT64 and NAT46 and probably NAT66 as well.
NAT works
Everyone knows NAT works because everyone uses NAT, most of us aren't even aware of it. The only people who have a problem with NAT are ILECs like ATT, aggregators like Google, and wirters of trojans, viruses, spambots and other P2P malware. These groups know that access to us and our data would be much easier with NAT out of the way, and they think IPv6 is a way to make this happen. Claims that NAT is harmful only exist because the ATTs and Googles of the world have a lot of money to spend on astroturf.
Upgrade your systems to IPv6 already
Is this a rhetorical question or what? Considering that no equipment currently on the market does IPv4 to IPv6 NAT any IPv6 device would only be able to contact at best 0.001% of the Internet. Give me a break is right, just not a broken Internet. IPv6 is still a long way from being usable.
Not just Paypal but Wells Fargo as well. When I heard about Paypal and Amazon I went to the wikileaks website to make a donation. Not only was my charge denied but they put a hold on my card! Talk about harassment. It's bad enough when your own government breaks the law, worse when vendors decide to run a protection racket when they disagree with a customer's purchases/donations.
You cannot "think" yourself out of stress
It's true you can't "think" yourself out of stress but you can meditate on your stress, its effect on your body and your thinking, and come to terms with it in that way. Meditation does not involve thinking i.e., internal dialog, but it does involve taking the time to sit quietly for a half hour or more and just focusing on what exactly the"stress" is. That's the only way to achieve real understanding of it, to come to terms with it, to live with it, and to mitigate its negative effects. It's the same for other types of pain.
If, like most people, you deal with stress by trying not to think about it, by staying busy, by drinking, taking drugs, watching TV, even by exercising (alone) you'll still suffer from it.
If you want to see what meditation is about download a few lectures from audiodharma (to your smartphone or PC) and listen to them while commuting or before bed.
Meditation techniques are even taught in hospitals in the US thanks to unequivocal research showing its beneficial effects. See also books/audiobooks by Jack Kornfield, Lama Surya Das, the Dalai Lama, or Alan Watts among many.
* Car-1 gets 27 MPG running gasoline. I pay $3.19 per gallon. $0.12 per mile
* Car-2 gets 40 MPG running diesel. I pay $3.79 per gallon. $0.09 per mile
Would be nice if that were the sole measure of cost per mile, but it fails to factor-in the cost of higher compression ratios, which A) will experience blow-by earlier than engines with lower rations. When that happens pollution will increase substantially and efficiency will drop until B) the engine gets a ring job, costing big bucks.
Diesel's actually not that bad. It gets a bad rap because it's used in a lot of truly awful applications, but it's not much worse than regular gasoline when combusted reasonably efficiently
Efficient or not Diesel exhaust contains a lot of particulate matter. The stuff accumulates in the lungs where it is far more damaging to human health than gasoline's non-particulate components.
Other than that, and the need for high compression ratios Diesel is pretty good. High compression, OTOH, is hard on piston rings and other parts of the drivetrain and kills efficiency when the inevitable early wear starts in. Replacing piston rings is also very expensive.
I'm not an expert on Android internals or anything, but I think this story is being significantly overblown.
Seriously understated... The problem with Oracle and Google is simply licensing. If Google had licensed Java like every other company doing a port like Android perhaps Sun would still be a viable company today. Perhaps it is unfortunate that Sun did not want to litigate, but you can't expect Oracle to drop the same ball.
The problem with the approach is that it's very difficult to do in a way that doesn't break backwards compatibility, and if you're going to break compatibility then you may as well fix other things at the same time.
Didn't have to be that way. We could have had an IPv5 with all the addresses and none of the backwards compatibility issues if not for special interests in the IETF:
http://bill.herrin.us/network/ipxl.html
Gets my vote for IPv7...
NAT is only a problem if you are a Google, a Government, or some other entity who is effectively prevented from
monitoring someone because they do not have a unique IP address. NAT is the most effective privacy tool on the
Internet. The only people calling it evil are ILECs, doubleclicks, and spies.
Of course NAT is also good when you want to switch Internet providers, or have more than one ISP. Without it you
would have to renumber all your internal hosts to change or fail-over. ILECs have so far blocked NAT in IPv6
because it will provide such good vendor lock-in.
NAT is also incredibly effective in firewalling outside hosts from getting a free pass to internal networks. Of
course spies, "aggregators", and spyware vendors don't like this.
The sad part is that few will adopt IPv6 until it has a standardized NAT. ILECs don't really care if this never
happens because they will make a bundle reselling addresses in the resulting IPv4 bubble. Not just ILECs of course,
but companies like Cisco, HP, and even Allstate Insurance who registered millions of IP addresses decades ago,
before the advent of CIDR.
I guess all this is not really so sad when you consider that what's really sad is our (US) government, who can't
even see what's coming down the pike.
NAT is only evil if you are a Google, a Government, or some other entity who is effectively prevented from monitoring someone because they do not have a unique IP address. NAT is the most effective privacy tool on the Internet. The only people calling it evil are ILECs, doubleclicks, and spies.
Of course NAT is also good when you want to switch Internet providers, or have more than one ISP. Without it you would have to renumber all your internal hosts to change or fail-over. ILECs have so far blocked NAT in IPv6 because it will provide such good vendor lock-in.
NAT is also incredibly effective in firewalling outside hosts from getting a free pass to internal networks. Of course spies, "aggregators", and spyware vendors don't like this.
The sad part is that few will adopt IPv6 until it has a standardized NAT. ILECs don't really care if this never happens because they will make a bundle reselling addresses in the resulting IPv4 bubble. Not just ILECs of course, but companies like Cisco, HP, and even Allstate Insurance who registered millions of IP addresses decades ago, before the advent of CIDR.
I guess all this is not really so sad when you consider that what's really sad is our (US) government, who can't even see what's coming down the pike.
The media just reflects what is acceptable to society
No it doesn't. The media reflects what sells. Any correlation with social values is purely coincidental.
One thing you have to keep in mind, when reading the OP, is that this is the perspective of someone who watches a lot of TV, and hangs out with other people who watch a lot of TV.
Now that MySQL is owned by Oracle it looks like Postgres may, over time, become the only truly FOSS RDBMS.
When I read that there is a major FreeBSD replication bug that MySQL developers have not fixed for some time I have to wonder whether these are the same dirty tricks that Sun employed to advantage some OSs over others. If so this would tend to validate the rumor that Oracle may buy RedHat. Then the gloves would come off no doubt, and Oracle's preferred platforms would get all the bug fixes while other distributions and OSs would get crumbs, like they've done with the Oracle DB for years.
As always, software that is developed cross-platform, on multiple OSs, will be better than software that is developed on a single or smaller number of distributions and OSs. Oracle (and IBM's) efforts to secure vendor lock-in will only work short-term. In the long run their plans won't work out so well but until then I'm sticking with Postgres (and Ubuntu, Debian, FreeBSD, and OpenBSD).
Can someone really sell a property in AU without the owner's signature? Hmmm.
A more likely scenario includes the real estate agent as scam leader, and looking forward to the commissions.
Cannot believe the hype this is getting. I even heard about it on anti-technical NPR radio this morning. No experienced engineers, however, are taking it seriously. It is clearly an excess of marketing / PR with a very low signal to noise (substance to hype) ratio.
Does Google seriously think this "feature" will be popular? If so I fear for their future. Casting about for new ideas this far off-base indicates either their marketing department is overstaffed or they are going down the path of Yahoo...
Google not only prioritizes its own services it also provides "priority placement" to its direct customers. Ever notice how often paid services like springersource and experts-exchange rank high in search results despite only being available to paying customers?
went to consumerwatchdog.org and used their search engine
We know consumerwatchdog is astroturfing for Microsoft, but where's the harm in that (as long as we know whose paying for it)? Considering Google subcontracts to at least as many astroturfing PR firms, many of whom are less transparent than consumerwatchdog, there's nothing to stop them from making the same criticisms of Bing, Hotmail, Windows...
In both of these cases the criticisms are valid and pro-consumer. Isn't that what competition is about? I mean come on, we're not talking rhetoric here.
I don't get the concern
If you really don't understand the value of privacy then would you, for the sake of verifying your sincerity, posting your own browsing history for the last few days?
If not the average person would have to assume that you have some financial stake in (other's) browsing history. We know Google owns doubleclick and pays PR firms to astroturf i.e., pose as people who "don't understand" in various public forums. All we don't know is who those 'turfers work for.
I think it is unrealistic and impractical. It's quite reasonable for an average person to fail to understand the magic that can
happen in the Internet
Sounds like what Google and other data mining and marketing companies would like us to believe, but I've found that it really doesn't take much for an average person to learn to protect themselves from this tracking. Yes you do need to use Firefox with a smart cookie blocker (and flash cookie blocker), and yes you do need to use Scroogle in place of Google, and avoid Yahoo, Hotmail, Gmail and a few other freemail services, but that's not a big change for most people.