I'm certainly not arguing that MS are perfect when it comes to support. After all, we're having a discussion about how badly MS may be treating their customers with Windows 10.
However, generally until the run up to Windows 10 my experience has been that they're a lot better than the likes of Apple and Google at supporting their products for extended periods. Not only do they publish much longer support periods for security fixes, in the past they've also reportedly to gone to extraordinary lengths to maintain backward compatibility in new Windows releases, so fewer customers would lose functionality following an upgrade.
The really impressive thing is that they did this even though the problem often wasn't really Microsoft's fault at all and was instead due to other software developers relying on undocumented behaviour and unpublished APIs where they shouldn't have been. I'm not sure we can expect that level of customer support from them any more, sadly.
Given that just about every PC, monitor, storage device, networking device, and other major peripheral around me as I type this has a formal warranty that indicates the minimum support period and the OS I'm running (Win7) has a published lifecycle that tells me exactly how long as a minimum I can expect security patches for, yes, I could. Short of the relevant businesses literally going under, in which case obviously no guarantee is worth much, I can count on support for these systems for several more years.
In contrast, as I've just highlighted in another comment, if I had bought a MacBook this time last year running OS X 10.9, there would already be at least one major security vulnerability that Apple has declined to patch in its OS. Or just look at the iOS 7 and App Store policies that make iPhones around generation 4-5 or iPads around generation 3 all but useless unless you chose to risk the OS upgrade, even though these devices were state of the art gear around 3 years ago and still run perfectly well in hardware terms today.
Just to be clear, I'm not talking about hardware issues here. I'm talking about not issuing security patches for serious vulnerabilities in versions of OS X that would have been shipping on brand new devices at little as a year ago.
There's really no excuse for not providing proper security fixes for the original OS supplied with a device for the useful lifetime of the device. Any security patch is by definition fixing a serious defect in the original product and clearly Apple's responsibility. I don't necessarily expect them to provide other updates and general improvements if the user isn't willing to update to the latest version of OS X as a whole, but not providing security fixes without insisting on updating other things the user might not want and didn't expect when they paid their money (and Yosemite was full of those) is a whole different thing.
They sold a broken product, and not a cheap one at that, and they should put that right without forcing other changes in the process. In fact, in my country, general consumer protection laws would probably compel them to if anyone chose to press the issue, or to provide other compensation or ultimately a refund for the defective product if they couldn't repair it properly. Whether the latter would be the better commercial strategy for Apple would presumably depend on how many people disliked the new OS enough to decline the general update and insist on a fix for their original version.
I don't care what they do with home versions, but I take issue with not being able to do this in Pro. An individual cannot buy Enterprise.
I've been wondering about that. If it's still going to be true once they've got their act together, then presumably that also affects most small businesses? That could be a very expensive strategic mistake. The hoi polloi will put up with a lot, and big businesses will do their own thing and probably not update for a long time anyway, but alienating the smaller and more agile businesses that might have updated sooner seems unwise, and alienating the geek community -- who run IT in those businesses and advise their less geeky friends -- seems downright commercially suicidal.
The flip side of that is that Apple's long-term support can be awful to non-existent.
Don't feel bad if that recommended and conveniently non-reversible update to iOS renders your three-year-old tablet or phone unusable. Here, try an iPad 7, that runs the new version just fine!
Oh, and that similarly ancient business laptop? You would have been secure against the malware you just got hit by if you'd only installed OS X Jungle Gryphon. Well, maybe. Or maybe you wouldn't. You see, we're not going to give you any sort of clear indication of how long we will support our hardware or OS versions for, and certainly not any sort of binding commitment, because that sort of nonsense is for chumps. Besides, even if we did, you'd have no idea which animal versions were included anyway.
If you're running automatic updates on 7 or 8 you already have the same "telemetry" components as well.
No, I don't. You see, the great thing about still being on Windows 7 is that I'm not forced to install whatever user-hostile updates Microsoft deems necessary. So I didn't.
By the way, neither did a lot of other people. Many of the professionals I know have been "security updates only" for quite a long time, even on personal use machines rather than work ones. Plenty more joined the fold recently after the Win10 nag message update.
It frustrates me that the casual press keep repeating the dogma that the forced updates in Windows 10 are a good thing because security experts recommend applying all patches immediately or similar, as if Microsoft hasn't been pushing non-security updates for years.
It's worth pointing out that laws in this sort of area vary widely. I don't know where you're based, but I don't know a lot of lawyers who'd be comfortable defending that position in much of Europe, for example. On the other hand, it wouldn't surprise me at all to find the law allowed that kind of behaviour in the US.
Humans aren't smart enough to do central planning well (even though many try with many things even today), and certainly humans *in government* aren't smart enough to do central planning.
And yet the last time I got the train home and couldn't get a cab immediately outside the station, whatever time it was, was probably in the last millennium. I have never had a problem booking a cab for exactly the time I wanted if I had more than an hour or two of notice, and without that, the worst I've seen in recent years has been a delay of maybe 20-30 minutes instead of the usual 10-15 if I'm not in a central location.
The regulated rates we have here in the UK are nothing like surge pricing. They are fixed typically for years at a time with only a very small number of different rates based on things like working overnight or on public holidays. And yet despite your claims, my experience is that we're doing just fine with them as they are, and your hypothetical failures simply don't happen in practice. Taxi drivers make a reasonable but not excessive rate working typical hours, taxi companies co-ordinate their drivers pretty well and also make enough money doing so to be commercially viable, and taxi passengers have reasonably consistent service and predictable pricing. Taxi drivers already gravitate towards high-demand events when they happen, because they typically have flexible hours and they'll often put in a bit more time if there are effectively guaranteed fares available for a while.
The only way I can see a business like Uber managing to undercut the existing market to an extent that saves passengers a significant amount of money and yet still makes a worthwhile profit for Uber themselves is by cutting corners. For example, they could pass hidden running costs onto their drivers, or they could try to avoid subjecting the passenger-carrying vehicles to the same inspection routine that licensed taxis are required to follow. But obviously there are reasons the existing rules are what they are, and I see no good argument for allowing them to exploit their staff or compromise passenger safety so your ride can be maybe 20% cheaper.
You're right, there are basically two ways to go to combat the damage caused by incomplete or inaccurate disclosure: disclose more to try and fix the misleading parts and result in fairer judgements, or disclose less so making those judgements in the first place is unrealistic.
As you say, in an ideal world, the extreme transparency approach might not be so bad. However, it does rely not only on symmetry of who has information but also on symmetry of the power gained from having that information. Until you're as powerful individually as the employer or government or financial institution you're "negotiating" with, and all the individual humans working on behalf of those organisations can be trusted to make unbiased and rational judgements about you given comprehensive data, that power symmetry isn't going to be possible.
Knowledge might bring power, but money brings power too, and so does having property someone else needs, and short of armed revolution not much brings more power than controlling the police and courts and jails. Transparency will only ever equalize the first of these on its own, and while laws and regulations about discrimination and reviewing automated decisions and due process can go some way to mitigating those other imbalances, until humans give up prejudice and bigotry and fear of the different or unknown, there will always be a dramatic asymmetry in real power. Forcing those with more of it to make neutral, blind judgements is the most effective tool we've yet discovered for keeping things as fair as possible.
With traditional taxis, this doesn't happen: why should a driver bother driving at odd hours if they're not going to get paid more for it?
There is a simple, middle-ground alternative: if you have regulated taxis and fixed prices, you increase the regulated rates that cabbies can charge at busy or antisocial times, providing that incentive while also retaining regulated and therefore predictable pricing. We've been doing this in the UK just about forever.
I think scale matters. One or two people recognising you as you go about your day is probably no big deal whether you live in a city or a little country village.
On the other hand, a system recognising you visiting the same house after school every Tuesday, knowing from other information that the owners are out at that time so their 15-year-old daughter is home alone, knowing you are an unmarried 50-year-old male and knowing that you googled the girl's school recently as well starts to look like a recipe for aggressive intervention by the police and/or social services. If you survive that, a human might finally realise you were just helping your old friend's kid catch up with her maths homework, which they might have guessed sooner if they'd also noticed you were a maths teacher, but unfortunately no-one programmed the system to check for that detail.
It seems likely that that tactic would be very effective at getting you arrested and charged with something silly, except not that silly if you think about it. Which is the point, of course, but I'm not sure it's a price worth paying to make that point.
How is it any different from instructing the garbage men to write down the lisence plates they see?
Unless they also go back to base and feed those licence plate records into a permanently stored, searchable database that is cross-referenced with arbitrary other data sets, I think it's quite different.
In any case, how many garbage men do you see systematically writing down the time and location of every vehicle they pass? None, I'm guessing, because it's not something anyone would normally expect a garbage man to be doing. Moreover, if someone really was going down your street making careful notes of all the cars without an obvious reason, I'd say there's a good chance that someone would challenge them and/or report it to the police as suspicious behaviour.
What is reasonable to demand as far as a sense of being anonymous?
I'd suggest that a good starting point for discussion might be "What would the situation be if these monitoring technologies were not used and you just went about a normal life?"
From an ethical perspective, I don't see much distinction between the issue we're talking about here and things like a modern-day Peeping Tom flying a drone with a camera outside your bedroom window, or modern transport infrastructure requiring smart cards to pay and then tying those smart cards back to their owners so everyone's personal movements are logged, or the virtual strip-search machines at airports. There's nothing inherently wrong with drones, cameras, using smartcards (or even monitoring the progress of those smartcards through a transport system) or modern imaging devices. The technology becomes creepy when someone starts using it to invade other people's privacy in ways that they wouldn't have suffered before.
That can be through the removal of anonymity, which as you rightly say is often the line that gets crossed. It can also be deploying technology in unexpected and asymmetric ways: the person at that airport scanner or with the see-through-walls imaging tech outside my home might not know me from Adam, but I think a lot of people would still feel an element of creepiness in being observed in ways no unassisted human could achieve, particularly if it's involuntary and/or covert. But again, it's all about context; the same imaging technology used in a medical or military context might have an entirely different ethical basis.
"This is a public street. You're not expecting privacy on a public street."
and my immediate reaction was "then perhaps you should be".
You aren't expecting not to have your car seen by someone passing in the street who wouldn't give it a second glance or remember it 10 seconds later. However, that's a totally different thing to having its identity and location digitally scanned, recorded indefinitely, and searchable in combination with arbitrary other data sources, giving rise to the reasonable privacy concerns mentioned in TFS and many more.
I wrote a whole post of separate points. Here are some of them again:
1. There is no standard, universally supported, efficient format for HTML5 audio or video.
2. There is no standardisation of how browser-provided controls look or work on HTML5 media elements, and in practice they frequently change from one browser version to the next.
3. There is no standardisation of embedded vs. full-screen behaviour, particularly on iOS devices, which makes it literally impossible to provide customised UIs when video is integrated into wider content and not the sole focus of the page.
4. There have been numerous bugs in the implementations of the JS APIs for controlling HTML5 media elements.
5. Some browsers have had very poor cache policies resulting in unnecessary broken playback in more demanding applications (multiple video streams sync'd together, very high resolution/low compression data, etc.).
Every one of those points was based on experience with real production projects, and whether or not you choose to believe it, we have plenty of hard data from months of experiments to back them up. You seem to be engaging in the most unconstructive kind of debate here, up to and including selective quoting, taking my comments out of context, or outright making things up like the post where you (I assume you're all the same AC) introduced some specific formats I'd never even mentioned and said I was making claims about them. If that kind of post makes you happy then great, but it doesn't change the reality.
Finally, I'm just going to point out that YouTube have repeatedly screwed up the UI for their HTML5 videos from day one. For example, they've only just within the past day or so fixed an obvious bug in their player's settings panel that seems to have been broken ever since they went to the new design. And that's with probably the simplest possible use case, a page specifically built around a single video that doesn't need to interact or co-ordinate with anything else. So thanks, but no, I'll not be following YouTube's example if I can help it.
We were talking about video codecs at that point, so I meant Theora rather than Vorbis, obviously. It's still awful, VP* still aren't supported in several major browsers and still don't have the same degree of support for hardware decoding, and VP8 still doesn't outperform H.264 even if the margin is smaller. If the nitpicking and selective quoting makes you feel good, knock yourself out, but my fundamental points still hold.
This argument gets made a lot as well, but ignores the reality that a lot of the potential vulnerabilities in functionality that used to be done in Flash and is increasingly handled natively in browsers isn't really done by either itself because they are just providing more direct access to the underlying hardware and OS services. Thus we see concerns about WebGL, the recent DRM-related multimedia plugins, font rendering, and so on.
Unless browsers are going to start including half a modern operating system and graphics drivers for all major video hardware as standard -- and we really shouldn't put that kind of idea into their developers' heads -- shifting the mechanism for accessing the functions from Flash to browsers doesn't really gain much in terms of reducing the attack surface, even if there are multiple browsers in play.
The claim that Vorbis, Opus, VP8 and VP9 use twice as many bits as MP3, AAC and H.264 is just plain wrong.
Sorry, but having spent several months looking into this not so long ago, you're wrong, at least for the kind of videos we were testing with for that project. VP8 results in noticeably larger video files than H.264 at similar quality, though in that case it's not usually twice the size in our experience. But Vorbis is awful, and getting as close as only twice the size for the same video even with lower final quality was considered a good result by the end of those tests. VP9 is better, but comparing it to H.264 is something of an apples-to-oranges comparison because of the generation gap.
Of course, this is all glossing over my original point about standardisation. The open video formats most worth using on performance grounds, VP8 and VP9, aren't supported by several major browsers. There is also a practical difference in that hardware acceleration for H.264 and probably H.265 in due course is more widely available than for other formats, even where the browser software does support them.
I think something's wrong with your computer.
Perhaps, but that same computer had no such troubles playing in some cases exactly the same videos through the old Flash player. It also does various real-time 3D rendering at greater than HD resolutions with less stress on the graphics card than just playing a simple HD video using HTML5 on YouTube seems to cause today. It's true that AMD's workstation drivers are annoyingly aggressive at pushing up the core speeds and temperatures on the generation of card I've got in this particular machine, and it always has been, but that doesn't explain why playing the exact same content is apparently so much more demanding through HTML5 video than through Flash or various native video players.
Yeah, wake me up when browsers can stream audio and video
I think you're letting them off very lightly.
As someone who makes web sites that sometimes include multimedia content, I'd rather the browsers could play standard formats of audio and video so I don't have to regenerate everything in different formats. It would be even better if one of those standard formats was an efficient one, not just a collection of open formats that avoid patent issues but also use twice as many bits for the same content.
I'd quite like the browsers to not keep moving the video controls around every other update, too. Then it would be possible to sensibly integrate video with other content if you wanted to do something more sophisticated than just having a video-centric player like YouTube or Vimeo. While they're at it, if Apple hadn't insisted on always playing video full screen on iPhones, my users could have been seen both the carefully sized videos and the carefully sized related content at once if they chose to, just like the people with Android phones.
It would also be nice if the JS APIs to control videos actually worked properly and consistently across browsers.
Even if those things were all fixed, it won't help for demanding applications until the awful cache-related policies of some of the big name browsers are fixed to avoid almost inevitable buffering.
And as someone who also watches videos on-line, it would be great if I could hear the audio over the fans on my graphics card one day, too. It can do video decoding without breaking a sweat in a Flash player, so the hardware seems to be up to the job if the software is.
But yay, HTML5 has a <video> element. It's a start.
You are a statistical anomaly. Even in 2015, a heavy majority of web users don't even have a basic ad blocker installed, which is why on-line advertising is still an extremely profitable industry. Consider a parallel with sites have those really annoying pop-ups when you arrive: enough people actually do sign up for their newsletter that the technique works, even though it might alienate a few people who really will leave... but actually, most people won't, even though they protest that they will when they post on Slashdot. For the same reason, using Flash content is still effective in many cases.
The people running sites that use these techniques understand that your final paragraph has it backwards. Someone who really will actively block these things or go somewhere else is far less likely to be a good customer and far more likely to cause customer support headaches in other respects even if they do join or buy something. Professionally run sites want those people to go away as early as possible, they don't need you to visit their site, and they are happy if you go cause trouble for their competitors instead.
Slashdot Mirror
I'm certainly not arguing that MS are perfect when it comes to support. After all, we're having a discussion about how badly MS may be treating their customers with Windows 10.
However, generally until the run up to Windows 10 my experience has been that they're a lot better than the likes of Apple and Google at supporting their products for extended periods. Not only do they publish much longer support periods for security fixes, in the past they've also reportedly to gone to extraordinary lengths to maintain backward compatibility in new Windows releases, so fewer customers would lose functionality following an upgrade.
The really impressive thing is that they did this even though the problem often wasn't really Microsoft's fault at all and was instead due to other software developers relying on undocumented behaviour and unpublished APIs where they shouldn't have been. I'm not sure we can expect that level of customer support from them any more, sadly.
Given that just about every PC, monitor, storage device, networking device, and other major peripheral around me as I type this has a formal warranty that indicates the minimum support period and the OS I'm running (Win7) has a published lifecycle that tells me exactly how long as a minimum I can expect security patches for, yes, I could. Short of the relevant businesses literally going under, in which case obviously no guarantee is worth much, I can count on support for these systems for several more years.
In contrast, as I've just highlighted in another comment, if I had bought a MacBook this time last year running OS X 10.9, there would already be at least one major security vulnerability that Apple has declined to patch in its OS. Or just look at the iOS 7 and App Store policies that make iPhones around generation 4-5 or iPads around generation 3 all but useless unless you chose to risk the OS upgrade, even though these devices were state of the art gear around 3 years ago and still run perfectly well in hardware terms today.
Just to be clear, I'm not talking about hardware issues here. I'm talking about not issuing security patches for serious vulnerabilities in versions of OS X that would have been shipping on brand new devices at little as a year ago.
There's really no excuse for not providing proper security fixes for the original OS supplied with a device for the useful lifetime of the device. Any security patch is by definition fixing a serious defect in the original product and clearly Apple's responsibility. I don't necessarily expect them to provide other updates and general improvements if the user isn't willing to update to the latest version of OS X as a whole, but not providing security fixes without insisting on updating other things the user might not want and didn't expect when they paid their money (and Yosemite was full of those) is a whole different thing.
They sold a broken product, and not a cheap one at that, and they should put that right without forcing other changes in the process. In fact, in my country, general consumer protection laws would probably compel them to if anyone chose to press the issue, or to provide other compensation or ultimately a refund for the defective product if they couldn't repair it properly. Whether the latter would be the better commercial strategy for Apple would presumably depend on how many people disliked the new OS enough to decline the general update and insist on a fix for their original version.
I don't care what they do with home versions, but I take issue with not being able to do this in Pro. An individual cannot buy Enterprise.
I've been wondering about that. If it's still going to be true once they've got their act together, then presumably that also affects most small businesses? That could be a very expensive strategic mistake. The hoi polloi will put up with a lot, and big businesses will do their own thing and probably not update for a long time anyway, but alienating the smaller and more agile businesses that might have updated sooner seems unwise, and alienating the geek community -- who run IT in those businesses and advise their less geeky friends -- seems downright commercially suicidal.
The flip side of that is that Apple's long-term support can be awful to non-existent.
Don't feel bad if that recommended and conveniently non-reversible update to iOS renders your three-year-old tablet or phone unusable. Here, try an iPad 7, that runs the new version just fine!
Oh, and that similarly ancient business laptop? You would have been secure against the malware you just got hit by if you'd only installed OS X Jungle Gryphon. Well, maybe. Or maybe you wouldn't. You see, we're not going to give you any sort of clear indication of how long we will support our hardware or OS versions for, and certainly not any sort of binding commitment, because that sort of nonsense is for chumps. Besides, even if we did, you'd have no idea which animal versions were included anyway.
If you're running automatic updates on 7 or 8 you already have the same "telemetry" components as well.
No, I don't. You see, the great thing about still being on Windows 7 is that I'm not forced to install whatever user-hostile updates Microsoft deems necessary. So I didn't.
By the way, neither did a lot of other people. Many of the professionals I know have been "security updates only" for quite a long time, even on personal use machines rather than work ones. Plenty more joined the fold recently after the Win10 nag message update.
It frustrates me that the casual press keep repeating the dogma that the forced updates in Windows 10 are a good thing because security experts recommend applying all patches immediately or similar, as if Microsoft hasn't been pushing non-security updates for years.
It's worth pointing out that laws in this sort of area vary widely. I don't know where you're based, but I don't know a lot of lawyers who'd be comfortable defending that position in much of Europe, for example. On the other hand, it wouldn't surprise me at all to find the law allowed that kind of behaviour in the US.
Humans aren't smart enough to do central planning well (even though many try with many things even today), and certainly humans *in government* aren't smart enough to do central planning.
And yet the last time I got the train home and couldn't get a cab immediately outside the station, whatever time it was, was probably in the last millennium. I have never had a problem booking a cab for exactly the time I wanted if I had more than an hour or two of notice, and without that, the worst I've seen in recent years has been a delay of maybe 20-30 minutes instead of the usual 10-15 if I'm not in a central location.
The regulated rates we have here in the UK are nothing like surge pricing. They are fixed typically for years at a time with only a very small number of different rates based on things like working overnight or on public holidays. And yet despite your claims, my experience is that we're doing just fine with them as they are, and your hypothetical failures simply don't happen in practice. Taxi drivers make a reasonable but not excessive rate working typical hours, taxi companies co-ordinate their drivers pretty well and also make enough money doing so to be commercially viable, and taxi passengers have reasonably consistent service and predictable pricing. Taxi drivers already gravitate towards high-demand events when they happen, because they typically have flexible hours and they'll often put in a bit more time if there are effectively guaranteed fares available for a while.
The only way I can see a business like Uber managing to undercut the existing market to an extent that saves passengers a significant amount of money and yet still makes a worthwhile profit for Uber themselves is by cutting corners. For example, they could pass hidden running costs onto their drivers, or they could try to avoid subjecting the passenger-carrying vehicles to the same inspection routine that licensed taxis are required to follow. But obviously there are reasons the existing rules are what they are, and I see no good argument for allowing them to exploit their staff or compromise passenger safety so your ride can be maybe 20% cheaper.
You're right, there are basically two ways to go to combat the damage caused by incomplete or inaccurate disclosure: disclose more to try and fix the misleading parts and result in fairer judgements, or disclose less so making those judgements in the first place is unrealistic.
As you say, in an ideal world, the extreme transparency approach might not be so bad. However, it does rely not only on symmetry of who has information but also on symmetry of the power gained from having that information. Until you're as powerful individually as the employer or government or financial institution you're "negotiating" with, and all the individual humans working on behalf of those organisations can be trusted to make unbiased and rational judgements about you given comprehensive data, that power symmetry isn't going to be possible.
Knowledge might bring power, but money brings power too, and so does having property someone else needs, and short of armed revolution not much brings more power than controlling the police and courts and jails. Transparency will only ever equalize the first of these on its own, and while laws and regulations about discrimination and reviewing automated decisions and due process can go some way to mitigating those other imbalances, until humans give up prejudice and bigotry and fear of the different or unknown, there will always be a dramatic asymmetry in real power. Forcing those with more of it to make neutral, blind judgements is the most effective tool we've yet discovered for keeping things as fair as possible.
With traditional taxis, this doesn't happen: why should a driver bother driving at odd hours if they're not going to get paid more for it?
There is a simple, middle-ground alternative: if you have regulated taxis and fixed prices, you increase the regulated rates that cabbies can charge at busy or antisocial times, providing that incentive while also retaining regulated and therefore predictable pricing. We've been doing this in the UK just about forever.
I think scale matters. One or two people recognising you as you go about your day is probably no big deal whether you live in a city or a little country village.
On the other hand, a system recognising you visiting the same house after school every Tuesday, knowing from other information that the owners are out at that time so their 15-year-old daughter is home alone, knowing you are an unmarried 50-year-old male and knowing that you googled the girl's school recently as well starts to look like a recipe for aggressive intervention by the police and/or social services. If you survive that, a human might finally realise you were just helping your old friend's kid catch up with her maths homework, which they might have guessed sooner if they'd also noticed you were a maths teacher, but unfortunately no-one programmed the system to check for that detail.
The first thing theives do is change the plate.
If that's true then how exactly will the scanners we're talking about ever do anything useful to deter or recover after vehicle theft?
It seems likely that that tactic would be very effective at getting you arrested and charged with something silly, except not that silly if you think about it. Which is the point, of course, but I'm not sure it's a price worth paying to make that point.
How is it any different from instructing the garbage men to write down the lisence plates they see?
Unless they also go back to base and feed those licence plate records into a permanently stored, searchable database that is cross-referenced with arbitrary other data sets, I think it's quite different.
In any case, how many garbage men do you see systematically writing down the time and location of every vehicle they pass? None, I'm guessing, because it's not something anyone would normally expect a garbage man to be doing. Moreover, if someone really was going down your street making careful notes of all the cars without an obvious reason, I'd say there's a good chance that someone would challenge them and/or report it to the police as suspicious behaviour.
What is reasonable to demand as far as a sense of being anonymous?
I'd suggest that a good starting point for discussion might be "What would the situation be if these monitoring technologies were not used and you just went about a normal life?"
From an ethical perspective, I don't see much distinction between the issue we're talking about here and things like a modern-day Peeping Tom flying a drone with a camera outside your bedroom window, or modern transport infrastructure requiring smart cards to pay and then tying those smart cards back to their owners so everyone's personal movements are logged, or the virtual strip-search machines at airports. There's nothing inherently wrong with drones, cameras, using smartcards (or even monitoring the progress of those smartcards through a transport system) or modern imaging devices. The technology becomes creepy when someone starts using it to invade other people's privacy in ways that they wouldn't have suffered before.
That can be through the removal of anonymity, which as you rightly say is often the line that gets crossed. It can also be deploying technology in unexpected and asymmetric ways: the person at that airport scanner or with the see-through-walls imaging tech outside my home might not know me from Adam, but I think a lot of people would still feel an element of creepiness in being observed in ways no unassisted human could achieve, particularly if it's involuntary and/or covert. But again, it's all about context; the same imaging technology used in a medical or military context might have an entirely different ethical basis.
Indeed. I read this
"This is a public street. You're not expecting privacy on a public street."
and my immediate reaction was "then perhaps you should be".
You aren't expecting not to have your car seen by someone passing in the street who wouldn't give it a second glance or remember it 10 seconds later. However, that's a totally different thing to having its identity and location digitally scanned, recorded indefinitely, and searchable in combination with arbitrary other data sources, giving rise to the reasonable privacy concerns mentioned in TFS and many more.
I wrote a whole post of separate points. Here are some of them again:
1. There is no standard, universally supported, efficient format for HTML5 audio or video.
2. There is no standardisation of how browser-provided controls look or work on HTML5 media elements, and in practice they frequently change from one browser version to the next.
3. There is no standardisation of embedded vs. full-screen behaviour, particularly on iOS devices, which makes it literally impossible to provide customised UIs when video is integrated into wider content and not the sole focus of the page.
4. There have been numerous bugs in the implementations of the JS APIs for controlling HTML5 media elements.
5. Some browsers have had very poor cache policies resulting in unnecessary broken playback in more demanding applications (multiple video streams sync'd together, very high resolution/low compression data, etc.).
Every one of those points was based on experience with real production projects, and whether or not you choose to believe it, we have plenty of hard data from months of experiments to back them up. You seem to be engaging in the most unconstructive kind of debate here, up to and including selective quoting, taking my comments out of context, or outright making things up like the post where you (I assume you're all the same AC) introduced some specific formats I'd never even mentioned and said I was making claims about them. If that kind of post makes you happy then great, but it doesn't change the reality.
Finally, I'm just going to point out that YouTube have repeatedly screwed up the UI for their HTML5 videos from day one. For example, they've only just within the past day or so fixed an obvious bug in their player's settings panel that seems to have been broken ever since they went to the new design. And that's with probably the simplest possible use case, a page specifically built around a single video that doesn't need to interact or co-ordinate with anything else. So thanks, but no, I'll not be following YouTube's example if I can help it.
In case you're interested, I addressed the diversity argument in another post.
We were talking about video codecs at that point, so I meant Theora rather than Vorbis, obviously. It's still awful, VP* still aren't supported in several major browsers and still don't have the same degree of support for hardware decoding, and VP8 still doesn't outperform H.264 even if the margin is smaller. If the nitpicking and selective quoting makes you feel good, knock yourself out, but my fundamental points still hold.
This argument gets made a lot as well, but ignores the reality that a lot of the potential vulnerabilities in functionality that used to be done in Flash and is increasingly handled natively in browsers isn't really done by either itself because they are just providing more direct access to the underlying hardware and OS services. Thus we see concerns about WebGL, the recent DRM-related multimedia plugins, font rendering, and so on.
Unless browsers are going to start including half a modern operating system and graphics drivers for all major video hardware as standard -- and we really shouldn't put that kind of idea into their developers' heads -- shifting the mechanism for accessing the functions from Flash to browsers doesn't really gain much in terms of reducing the attack surface, even if there are multiple browsers in play.
The claim that Vorbis, Opus, VP8 and VP9 use twice as many bits as MP3, AAC and H.264 is just plain wrong.
Sorry, but having spent several months looking into this not so long ago, you're wrong, at least for the kind of videos we were testing with for that project. VP8 results in noticeably larger video files than H.264 at similar quality, though in that case it's not usually twice the size in our experience. But Vorbis is awful, and getting as close as only twice the size for the same video even with lower final quality was considered a good result by the end of those tests. VP9 is better, but comparing it to H.264 is something of an apples-to-oranges comparison because of the generation gap.
Of course, this is all glossing over my original point about standardisation. The open video formats most worth using on performance grounds, VP8 and VP9, aren't supported by several major browsers. There is also a practical difference in that hardware acceleration for H.264 and probably H.265 in due course is more widely available than for other formats, even where the browser software does support them.
I think something's wrong with your computer.
Perhaps, but that same computer had no such troubles playing in some cases exactly the same videos through the old Flash player. It also does various real-time 3D rendering at greater than HD resolutions with less stress on the graphics card than just playing a simple HD video using HTML5 on YouTube seems to cause today. It's true that AMD's workstation drivers are annoyingly aggressive at pushing up the core speeds and temperatures on the generation of card I've got in this particular machine, and it always has been, but that doesn't explain why playing the exact same content is apparently so much more demanding through HTML5 video than through Flash or various native video players.
Of course, but unfortunately using a dedicated video player in a browser isn't an option we currently have available as web developers.
But then adding the functionality you used to get via Flash back into the browser expands the attack surface again.
Yeah, wake me up when browsers can stream audio and video
I think you're letting them off very lightly.
As someone who makes web sites that sometimes include multimedia content, I'd rather the browsers could play standard formats of audio and video so I don't have to regenerate everything in different formats. It would be even better if one of those standard formats was an efficient one, not just a collection of open formats that avoid patent issues but also use twice as many bits for the same content.
I'd quite like the browsers to not keep moving the video controls around every other update, too. Then it would be possible to sensibly integrate video with other content if you wanted to do something more sophisticated than just having a video-centric player like YouTube or Vimeo. While they're at it, if Apple hadn't insisted on always playing video full screen on iPhones, my users could have been seen both the carefully sized videos and the carefully sized related content at once if they chose to, just like the people with Android phones.
It would also be nice if the JS APIs to control videos actually worked properly and consistently across browsers.
Even if those things were all fixed, it won't help for demanding applications until the awful cache-related policies of some of the big name browsers are fixed to avoid almost inevitable buffering.
And as someone who also watches videos on-line, it would be great if I could hear the audio over the fans on my graphics card one day, too. It can do video decoding without breaking a sweat in a Flash player, so the hardware seems to be up to the job if the software is.
But yay, HTML5 has a <video> element. It's a start.
For better or worse, your argument is flawed.
You are a statistical anomaly. Even in 2015, a heavy majority of web users don't even have a basic ad blocker installed, which is why on-line advertising is still an extremely profitable industry. Consider a parallel with sites have those really annoying pop-ups when you arrive: enough people actually do sign up for their newsletter that the technique works, even though it might alienate a few people who really will leave... but actually, most people won't, even though they protest that they will when they post on Slashdot. For the same reason, using Flash content is still effective in many cases.
The people running sites that use these techniques understand that your final paragraph has it backwards. Someone who really will actively block these things or go somewhere else is far less likely to be a good customer and far more likely to cause customer support headaches in other respects even if they do join or buy something. Professionally run sites want those people to go away as early as possible, they don't need you to visit their site, and they are happy if you go cause trouble for their competitors instead.