What do you need window edges for? Setup you window manager to use a modifier (alt in my case) key to interact with the window itself, eg: alt-button1: move alt-button2: resize alt-button3: lower/raise window Beats trying to grab edges, especially with "focus follows mouse" and a high anti focus stealing setting for the wm.
I'm living in a low density, pre-WW 2 era, low income neighborhood. Choices for internet access: -3 wireless providers (not counting MVO), my company phone max out a 6/1 Mbps. -2 satelite providers (20/2 max) -2 DSL providers (not counting resellers), max: 20/1 or 40/4 -1 cable provider, max 150/5 -1 open fibre network, max 500/500
This list is sorted on Mbps/price (max price is something like 70 EUR/month).
This hood wasn't bombed, unlike the city centre which contained hightech industry for that time. Strangely enough, the city center has no FttH sofar. Even more strange is the initial FttH projects in the higher density neighborhoods near the center failed.
"A part of the problem is that you have to spend quite a lot of money to get a router to handle the speed"
Routing 1Gbps is no problem, a plug computer (like a (guru|dream)plug) would do. NAT would be a problem I'd presume (never tried) it, but wouldn't a fairly recent PC with PCI express or multiple PCI busses do the job?
a: non technical people don't tend to know or care about these issues b: what did you expect, if a non-root app could circumvent permissions this app would be useless.
"I'm a little surprised Android hasn't copied iOS's behavior, where it asks the user whether or not to grant permissions to a specific thing (e.g Contacts or Location) at the time the app tries to do so - it just makes sense, and it's not like both OSes haven't copied from each other before."
Avon is making commercials for mobility scooter nowadays, not happening in any future: http://www.youtube.com/watch?v=ljBXnsiULQo I saw the advert a couple of times and had the nagging feeling I'd seen that guy before. After finding out it was Paul Darrow aka Avon, it was the trigger to acquire the DVDs and rewatch it after some 25 years.
"which makes sense since it is so common to brick your device, unintentionally"
I only had about 6 Android devices so far, all ran modded firmware and all (except a Desire Z) had a (pre)bootloader smart enough to recover the device from my mistakes (like flashing the wrong or a corrupt recovery image). The Desire Z was fixed by flashing the enginering bootloader to get fastboot support.
My TV and settopbox run on Linux, it isn't advertised anywhere on the box or while booting. Also had professional DECT basestations and SIP devices running Linux, still not advertised anywhere until you start digging around in firmwares. These devices are older than my ADP1 (the oldest being a Linksys WRT54G). So nothing to see here, please move along.
The problem is there is no connection between sending and receiving MTAs. But what your idea has been implemented lots of time: -SPF -DKIM -DMARC -you could use BATV as sender verification
They all fail in someway, and spammers are always the first to implement this in order to avoid spam scores.
SPAM exists because it works, people are clicking/buying stuff advertised through SPAM.
There is nothing wrong with email if you consider it the equivalent to mail. Anybody can stuff your mailbox with stuff you think is undesirable, only difference is stuffing your emailbox costs less.
Exactly, my archive is contains compressed mboxes and maildir folders spanning almost 20 years, depending on quantity of mail splitted per year. Mutt has no problem with this mixed setup, in cases where mutt fails to find the mail (there are some folders that contain gpg encrypted messages) I'm looking for I can always fallback to the standard unix text search tools.
"The only issue I have not been able to solve in this setup is if/when one disk fails, your data is only available read-only because the lvm-mirror is only "partial" and physical volumes are missing. If anybody knows a solution for that, please comment."
You could have used lvm on md. Disks fail all the time, I wouldn't risk my data on a setup that fails if 2 disks fail "at the same time". But the good news is that you still can switch: remove one disk, setup a raid1 with 1 missing, sync, add other disk to raid1. This setup can be "expanded" to raid 5 or raid 6 if you can add disks.
"Also, password is never sent in plain-text anywhere. Not even over encrypted link."
Not true, both sides need a shared secret. So there is a little problem at account creation time/password updates. Never the less, it is much much much more secure since passwords are only transmitted once.
>Thinking of an Android tablet as a Linux PC isn't very useful: Android is a very customized >version of Linux, so regular Linux software won't work.
"Android" is binary compatible with "Linux". Any static compiled binary for the architecture the tablet is running will work if display output is available. Building dynamic files is a little harder (it's not glibc environment). The hard part to get a generic distribution running is the storage, but if the installed Android environment has ext[234] FS support you can chroot to a full distro. I've been running a debian chroot on all my Android phones so far, at first for openvpn (is now available native), rsync and occasionaly firefox.
Because the remote machine has access to other networks, so I can just access that management network without portforwardings and editing/etc/hosts. Much faster and flexibel for me personally, my connection to work is much faster than the networks X Window System was designed for so there is no lag everybody always complains about.
BTW the option to run a remote firefox if you are running a local one, is -no-remote on the remote machine.
Please do give some sources for your claims. I suspect you are confusing cracking/hacking/breaking/bruteforcing encryption and finding leaks in key management.
You do know that s2disk supports encryption? man s2disk: " The uswsusp system supports encrypting the image written to disk and features a splash system, see uswsusp.conf(8) for more information"
encrypt
If the "encrypt" parameter is set to 'y', the s2disk and resume tools will use the Blowfish encryption algorithm to encrypt/decrypt the image. On resume and suspend
you will have to supply a passphrase. By using a pregenerated RSA key, you can avoid having to type a passphrase on suspend. See the "RSA key file" option for more
information.
man uswsusp.conf " RSA key file
If this option points to a valid RSA key, which can be created with suspend-keygen, the s2disk tool will generate a random key for the Blowfish encryption that will
be passed to the resume tool within the image header with the help of the RSA cipher. Consequently you only need to type a passphrase on resume."
To me it looks like there is no security issue with supporting restoring state from hibernate and secureboot.
The main difference and the main problem* to get older phones to run for me, is the amount of memory needed to run the next major version of Android.
1.x was happy with 96MB RAM available to the OS/apps. Trying to run 2.x on the G1 was doable but the constant battle for RAM kills performance and battery.
Upgrading to a G2 running 2.x I suddenly had more RAM unused than available on the G1, 384MB was plenty leaving a comfortable 100MB free. But trying to run 4.0.x on this phone results in the same situation als the G1 running 2.x, there is not enough RAM available for apps, even with compcache (swap in compressed RAM) it only leaves me with something like 30MB. Now if this phone only had a 100MB more it would just run 4.0.x fine even thought it is a single core 800Mhz CPU.
So now I'm waiting for a nice phone with 2GB+ RAM with a physical keyboard to replace the G2, but I doubt anybody will be releasing Android phones with keyboards anymore so maybe it will be a phablet next.
*:next to drivers, but hardware makers not making drivers available is not an Android versioning problem.
It's called the submission in SMTP, your company has to setup a MTA to accept authenticated TLS connections on port 587 (or any other than 25) to relay "its email domains" to the outside world via a SPF allowed host. That is a one time setup for you corporate email profile/MUA.
Slashdot Mirror
What do you need window edges for? Setup you window manager to use a modifier (alt in my case) key to interact with the window itself, eg:
alt-button1: move
alt-button2: resize
alt-button3: lower/raise window
Beats trying to grab edges, especially with "focus follows mouse" and a high anti focus stealing setting for the wm.
So how do you know the Victoria's Secret brand? It is only active in Canada, UK and US. But if your from the UK, you'd know what DLC sponsorship is.
I'm living in a low density, pre-WW 2 era, low income neighborhood. Choices for internet access:
-3 wireless providers (not counting MVO), my company phone max out a 6/1 Mbps.
-2 satelite providers (20/2 max)
-2 DSL providers (not counting resellers), max: 20/1 or 40/4
-1 cable provider, max 150/5
-1 open fibre network, max 500/500
This list is sorted on Mbps/price (max price is something like 70 EUR/month).
This hood wasn't bombed, unlike the city centre which contained hightech industry for that time. Strangely enough, the city center has no FttH sofar. Even more strange is the initial FttH projects in the higher density neighborhoods near the center failed.
"A part of the problem is that you have to spend quite a lot of money to get a router to handle the speed"
Routing 1Gbps is no problem, a plug computer (like a (guru|dream)plug) would do. NAT would be a problem I'd presume (never tried) it, but wouldn't a fairly recent PC with PCI express or multiple PCI busses do the job?
Judging from the stability of Fallout 3/New Vegas, the conclusion must be the pipboy runs Windows (tm).
a: non technical people don't tend to know or care about these issues
b: what did you expect, if a non-root app could circumvent permissions this app would be useless.
"I'm a little surprised Android hasn't copied iOS's behavior, where it asks the user whether or not to grant permissions to a specific thing (e.g Contacts or Location) at the time the app tries to do so - it just makes sense, and it's not like both OSes haven't copied from each other before."
There are apps for that, eg:
https://play.google.com/store/apps/details?id=com.lbe.security.lite
http://forum.xda-developers.com/showthread.php?t=1091065
But can you trust these kind of apps? So far I do, worst case scenario is there is now 1 more app that can access my data.
Avon is making commercials for mobility scooter nowadays, not happening in any future:
http://www.youtube.com/watch?v=ljBXnsiULQo
I saw the advert a couple of times and had the nagging feeling I'd seen that guy before. After finding out it was Paul Darrow aka Avon, it was the trigger to acquire the DVDs and rewatch it after some 25 years.
"which makes sense since it is so common to brick your device, unintentionally"
I only had about 6 Android devices so far, all ran modded firmware and all (except a Desire Z) had a (pre)bootloader smart enough to recover the device from my mistakes (like flashing the wrong or a corrupt recovery image). The Desire Z was fixed by flashing the enginering bootloader to get fastboot support.
My TV and settopbox run on Linux, it isn't advertised anywhere on the box or while booting. Also had professional DECT basestations and SIP devices running Linux, still not advertised anywhere until you start digging around in firmwares. These devices are older than my ADP1 (the oldest being a Linksys WRT54G). So nothing to see here, please move along.
The problem is there is no connection between sending and receiving MTAs. But what your idea has been implemented lots of time:
-SPF
-DKIM
-DMARC
-you could use BATV as sender verification
They all fail in someway, and spammers are always the first to implement this in order to avoid spam scores.
"...except, SPAM exists because SMTP is broken"
SPAM exists because it works, people are clicking/buying stuff advertised through SPAM.
There is nothing wrong with email if you consider it the equivalent to mail. Anybody can stuff your mailbox with stuff you think is undesirable, only difference is stuffing your emailbox costs less.
Exactly, my archive is contains compressed mboxes and maildir folders spanning almost 20 years, depending on quantity of mail splitted per year. Mutt has no problem with this mixed setup, in cases where mutt fails to find the mail (there are some folders that contain gpg encrypted messages) I'm looking for I can always fallback to the standard unix text search tools.
"3) Don't backup huge encrypted containers. Mount them, and then backup the contents (to another encrypted location)."
Or don't use containers but a filebased encryptions scheme (like encfs).
"The only issue I have not been able to solve in this setup is if/when one disk fails, your data is only available read-only because the lvm-mirror is only "partial" and physical volumes are missing. If anybody knows a solution for that, please comment."
You could have used lvm on md. Disks fail all the time, I wouldn't risk my data on a setup that fails if 2 disks fail "at the same time". But the good news is that you still can switch: remove one disk, setup a raid1 with 1 missing, sync, add other disk to raid1. This setup can be "expanded" to raid 5 or raid 6 if you can add disks.
What are you talking about? There is only one matrix movie.
"Also, password is never sent in plain-text anywhere. Not even over encrypted link."
Not true, both sides need a shared secret. So there is a little problem at account creation time/password updates. Never the less, it is much much much more secure since passwords are only transmitted once.
It ran fine on my 286 in 1999. It had an original ne2000 IIRC, but it was only useful as a terminal.
>Thinking of an Android tablet as a Linux PC isn't very useful: Android is a very customized
>version of Linux, so regular Linux software won't work.
"Android" is binary compatible with "Linux". Any static compiled binary for the architecture the tablet is running will work if display output is available. Building dynamic files is a little harder (it's not glibc environment). The hard part to get a generic distribution running is the storage, but if the installed Android environment has ext[234] FS support you can chroot to a full distro. I've been running a debian chroot on all my Android phones so far, at first for openvpn (is now available native), rsync and occasionaly firefox.
Chrooting has been around since the first android device (ADP/G1). The problem is having a driver that enables monitor mode.
Because the remote machine has access to other networks, so I can just access that management network without portforwardings and editing /etc/hosts. Much faster and flexibel for me personally, my connection to work is much faster than the networks X Window System was designed for so there is no lag everybody always complains about.
BTW the option to run a remote firefox if you are running a local one, is -no-remote on the remote machine.
Please do give some sources for your claims. I suspect you are confusing cracking/hacking/breaking/bruteforcing encryption and finding leaks in key management.
You do know that s2disk supports encryption?
man s2disk:
" The uswsusp system supports encrypting the image written to disk and features a splash system, see uswsusp.conf(8) for more information"
encrypt
If the "encrypt" parameter is set to 'y', the s2disk and resume tools will use the Blowfish encryption algorithm to encrypt/decrypt the image. On resume and suspend
you will have to supply a passphrase. By using a pregenerated RSA key, you can avoid having to type a passphrase on suspend. See the "RSA key file" option for more
information.
man uswsusp.conf
" RSA key file
If this option points to a valid RSA key, which can be created with suspend-keygen, the s2disk tool will generate a random key for the Blowfish encryption that will
be passed to the resume tool within the image header with the help of the RSA cipher. Consequently you only need to type a passphrase on resume."
To me it looks like there is no security issue with supporting restoring state from hibernate and secureboot.
The main difference and the main problem* to get older phones to run for me, is the amount of memory needed to run the next major version of Android.
1.x was happy with 96MB RAM available to the OS/apps. Trying to run 2.x on the G1 was doable but the constant battle for RAM kills performance and battery.
Upgrading to a G2 running 2.x I suddenly had more RAM unused than available on the G1, 384MB was plenty leaving a comfortable 100MB free. But trying to run 4.0.x on this phone results in the same situation als the G1 running 2.x, there is not enough RAM available for apps, even with compcache (swap in compressed RAM) it only leaves me with something like 30MB. Now if this phone only had a 100MB more it would just run 4.0.x fine even thought it is a single core 800Mhz CPU.
So now I'm waiting for a nice phone with 2GB+ RAM with a physical keyboard to replace the G2, but I doubt anybody will be releasing Android phones with keyboards anymore so maybe it will be a phablet next.
*:next to drivers, but hardware makers not making drivers available is not an Android versioning problem.
It's called the submission in SMTP, your company has to setup a MTA to accept authenticated TLS connections on port 587 (or any other than 25) to relay "its email domains" to the outside world via a SPF allowed host. That is a one time setup for you corporate email profile/MUA.