Moral of the story might be: Don't upgrade before reading.
It might be nice of Sony to supply a changelog before the update on the machine itself. They present an EULA to the user, maybe below is the changelog (but we all know nobody reads the EULA).
But you didn't have to upgrade to a version without Other OS option, at the cost of losing other options (online play).
But I installed Linux on it and tried to use is, unless you had some use for the Cell SPEs it was useless. No GPU access, slow disk I/O and less RAM than a decade old machine. If you were targetting Cell/SPE from Linux you wouldn't have upgraded. To my understanding current GPU it much nicer target. For me nothing of value was lost, though I didn't gain anything in return.
Why would someone be connecting to random openvpn servers? But maybe you didn't get the idea, you only allow people to make connections to THEIR vpn servers, so they can do whatever they want without exposing your IP adres to the world.
There are a few options: -take part in an "open" network that has some accountability (eg FON (good luck finding a functioning hotspot)) -only allow VPN connections (good luck filtering) -tunnel your open network through TOR, you will not be implicated in any unlawful actions (slow but not my problem)
"Or how do you think the signature of com gets onto the public key of example.com? Magic?"
It doesn't. And you are confusing a web of trust with CA, it's like PGP. com. can only tell a dnssec user what it thinks the public KSK of example.com. is. That should have been communicated in a secure way to com. It is oneway trust between direct parent-child relations in the dns tree.
If you just kept reading instead of getting distracted by flash, you'd have seen the next link point to human readable text explaining (briefly) how dnssec works and how to implement it for a specific named. I just have to hope you read past flash this time.
Like I said, for the local market dnssec presence is huge, and last time I checked NLD is still part of the real world and it still has some influence on it (especially considering its size).
But.com has everything in place to do dnssec. So if an owner of a.com wants to get dnssec support, they should get a dutch dns provider, there are many that give the customer the option to activate dnssec.
But there are no CAs in DNSSEC. There are only public/private keypairs under control of the owner of the domain. www.example.com. has 3 pairs/signatures to check:
.
com.
example.com.
example.com. tells the com. authority what it's public KSK is. com. tells the root zone what it's public KSK is. The public KSK of the root is known by all people/software that want to check dnssec signatures (the weak point since how do you securely distribute and update that one?).
Math fail detected: 250*10^6 domains, 5*10^6.nl, 10^6.nl with dnssec. So atleast 0.4% of all domains are dnssec: 5/250/5 == 0.004 * 100% == 0.4% .nl is in the 5 top of most used country TLDs..nl is used for about 70% of the domains targetting the dutch market. So dnssec implementation is huge for the local market. And while it still might not be perfect, it is better than just plain DNS.
No catch, just a discount per domain registered for dnssec (0.28 EUR/year). I have about 1k.nl domains, I spend a few days figuring out what dnssec was about, how to implement, test and maintain it. Activated it on the corporate domain, some personal and a couple of test domains and waited 2 months to see if there were problems (none). So now it is active for all domains saving us 420 EUR till the discount ends in 2014-06. For us it was not enough to cover the expense of my time, but this had to be implemented eventually, so better do it now while you still get some discount.
"its certificate system is just as broken as the SSL cert system is now"
Can you explain this? DNSSEC hasn't got much common with the SSL cert system. There is only 1 root authority, the weak point during a key change. Each domain/tld has their own (multiple) keys. tld and domains should regenerate the short Zone Signing Keys fairly often (a couple of weeks), while the bigger Key Signing Keys should be regenerated about once in a year. If a tld is compromised it only has to create a new KSK, individual domains aren't affected (IIRC). If an individual nameserver or domain is affected only that server of domain needs to regenerate a KSK.
BTW dnssec adoption is amongst the highest for.nl in absolute numbers of domains, simply because there is a bounty for every domain signed. If you have a few hundred of domains the costs to implement are lower than the discount given till mid 2014 == profit for implementing dnssec. And since powerdns does all the hard work automatically and dynamically in a transparant way (except importing the DS key in the tld)
"Dunno about iOS, Android or Windows Phone, but MeeGo has a very effective battery-saving mode, which dims the screen, does not use data connections unless you manually start them and automatically disengages once you start charging it."
Well, I only used a more or less stock Android till 1.6. Cyanogen after that but: "sending files over Bluetooth n(of infrared for the models that had that)" used this once to send something to a stock Milestone years ago. It worked (OBEX). Wasn't available in 1.x.
"out of the box functionality to choose which phone calls can be directly diverted to/dev/null or voicemail." sending to voicemail is standard since 2.x. Ignore with an free app.
"It uses a decent profile system so when I'm at work I can set it to vibrate only with just changing profiles." I guess they are there since 2.x. But I used free apps for that long before.
"importantly, with offline navigation" While Nokia maps are great, there is an app (free) for that.
"Added software" This is where the new smartphones have the real advantage. I'm switching profiles with Tasker based on time, place (either cell towers (uses no extra energie), gsm positioning, wifi accesspoints or gps), calendar item and running apps. Not only ring profiles but whether to activate wifi, gps, screen orientation/timeouts/brightness and what not.
"And, of cource, a lot of models have a decent keyboard" So did all my android phones, it is a shame new phones are lacking them. But current high resolution screens might leave enough screen estate with a compact on screen keyboard.
So conclusion is that while the Symbian had some extra functionality out of the box, there are no features you mention that can't be added by using 3rd party apps. Except for battery life, this is where the old phones win.
"Symbian phones were very feature complete (much more so than Android and iOS, my E72 has functionality that even now isn't standard on those) and I don't like to see it go."
So what are the others missing? Please tell us so we can still get a decent Symbian phone before they are gone.
Put the driver for the standardized/interop filesystem in a (comparitive small 1%) fat16 partition* on the same media. Include nice installers and use the autorun features of the OS. Problem solved.
*: I had an older 512Gb USB drive that included the drivers for retarded windows versions on a seperate device, it emulated a cd with iso9960 of UDF.
B.S. you just had to buy a non branded phone. I never had a branded/locked GSM. Sure branded/locked phones might be cheaper, so you get what you pay for.
How is it beside the point if you claim to use cat because you can't remember what argument to give to read from file? There is no argument to read from file, every last string not preceded by an option is to be parsed as file to read input from (after -- if you want to read file named "-x" or "--foo"). You absolutely want to a extra program to do stuff the second one can already do, you should use dog. It is a better than cat.
Slashdot Mirror
It was news on slashdot before the firmware release:
http://games.slashdot.org/story/10/03/29/0227251/install-other-os-feature-removed-from-the-ps3
Moral of the story might be:
Don't upgrade before reading.
It might be nice of Sony to supply a changelog before the update on the machine itself. They present an EULA to the user, maybe below is the changelog (but we all know nobody reads the EULA).
But you didn't have to upgrade to a version without Other OS option, at the cost of losing other options (online play).
But I installed Linux on it and tried to use is, unless you had some use for the Cell SPEs it was useless. No GPU access, slow disk I/O and less RAM than a decade old machine. If you were targetting Cell/SPE from Linux you wouldn't have upgraded. To my understanding current GPU it much nicer target. For me nothing of value was lost, though I didn't gain anything in return.
You block dns?
Why would someone be connecting to random openvpn servers? But maybe you didn't get the idea, you only allow people to make connections to THEIR vpn servers, so they can do whatever they want without exposing your IP adres to the world.
There are a few options:
-take part in an "open" network that has some accountability (eg FON (good luck finding a functioning hotspot))
-only allow VPN connections (good luck filtering)
-tunnel your open network through TOR, you will not be implicated in any unlawful actions (slow but not my problem)
"Or how do you think the signature of com gets onto the public key of example.com? Magic?"
It doesn't. And you are confusing a web of trust with CA, it's like PGP. com. can only tell a dnssec user what it thinks the public KSK of example.com. is. That should have been communicated in a secure way to com. It is oneway trust between direct parent-child relations in the dns tree.
If you just kept reading instead of getting distracted by flash, you'd have seen the next link point to human readable text explaining (briefly) how dnssec works and how to implement it for a specific named. I just have to hope you read past flash this time.
Like I said, for the local market dnssec presence is huge, and last time I checked NLD is still part of the real world and it still has some influence on it (especially considering its size).
But .com has everything in place to do dnssec. So if an owner of a .com wants to get dnssec support, they should get a dutch dns provider, there are many that give the customer the option to activate dnssec.
But there are no CAs in DNSSEC. There are only public/private keypairs under control of the owner of the domain.
www.example.com. has 3 pairs/signatures to check:
example.com. tells the com. authority what it's public KSK is.
com. tells the root zone what it's public KSK is.
The public KSK of the root is known by all people/software that want to check dnssec signatures (the weak point since how do you securely distribute and update that one?).
Math fail detected: 250*10^6 domains, 5*10^6 .nl, 10^6 .nl with dnssec. So atleast 0.4% of all domains are dnssec:
.nl is in the 5 top of most used country TLDs. .nl is used for about 70% of the domains targetting the dutch market. So dnssec implementation is huge for the local market. And while it still might not be perfect, it is better than just plain DNS.
5/250/5 == 0.004 * 100% == 0.4%
No catch, just a discount per domain registered for dnssec (0.28 EUR/year). I have about 1k .nl domains, I spend a few days figuring out what dnssec was about, how to implement, test and maintain it. Activated it on the corporate domain, some personal and a couple of test domains and waited 2 months to see if there were problems (none). So now it is active for all domains saving us 420 EUR till the discount ends in 2014-06. For us it was not enough to cover the expense of my time, but this had to be implemented eventually, so better do it now while you still get some discount.
"its certificate system is just as broken as the SSL cert system is now"
Can you explain this? DNSSEC hasn't got much common with the SSL cert system. There is only 1 root authority, the weak point during a key change. Each domain/tld has their own (multiple) keys. tld and domains should regenerate the short Zone Signing Keys fairly often (a couple of weeks), while the bigger Key Signing Keys should be regenerated about once in a year. If a tld is compromised it only has to create a new KSK, individual domains aren't affected (IIRC). If an individual nameserver or domain is affected only that server of domain needs to regenerate a KSK.
Nobody is using them? 1/5 of the .nl domains are registered DNSSEC domains:
http://xs.powerdns.com/dnssec-nl-graph/
Why choose this instead of powerdnssec? I strongly suggest the dnssec training at http://www.dnsseccourse.nl/en/player.html (flash) to improve one's understanding of the dnssec protocol. And powerdns to implement it http://doc.powerdns.com/powerdnssec-auth.html
BTW dnssec adoption is amongst the highest for .nl in absolute numbers of domains, simply because there is a bounty for every domain signed. If you have a few hundred of domains the costs to implement are lower than the discount given till mid 2014 == profit for implementing dnssec. And since powerdns does all the hard work automatically and dynamically in a transparant way (except importing the DS key in the tld)
"Dunno about iOS, Android or Windows Phone, but MeeGo has a very effective battery-saving mode, which dims the screen, does not use data connections unless you manually start them and automatically disengages once you start charging it."
There is an app for that.
Never tried this one, I use Navigator (beta) with OSM:
https://play.google.com/store/apps/details?id=com.mapfactor.navigator
Works well for me.
Well, I only used a more or less stock Android till 1.6. Cyanogen after that but:
"sending files over Bluetooth n(of infrared for the models that had that)"
used this once to send something to a stock Milestone years ago. It worked (OBEX). Wasn't available in 1.x.
"out of the box functionality to choose which phone calls can be directly diverted to /dev/null or voicemail."
sending to voicemail is standard since 2.x. Ignore with an free app.
"It uses a decent profile system so when I'm at work I can set it to vibrate only with just changing profiles."
I guess they are there since 2.x. But I used free apps for that long before.
"importantly, with offline navigation"
While Nokia maps are great, there is an app (free) for that.
"Added software"
This is where the new smartphones have the real advantage. I'm switching profiles with Tasker based on time, place (either cell towers (uses no extra energie), gsm positioning, wifi accesspoints or gps), calendar item and running apps. Not only ring profiles but whether to activate wifi, gps, screen orientation/timeouts/brightness and what not.
"And, of cource, a lot of models have a decent keyboard"
So did all my android phones, it is a shame new phones are lacking them. But current high resolution screens might leave enough screen estate with a compact on screen keyboard.
So conclusion is that while the Symbian had some extra functionality out of the box, there are no features you mention that can't be added by using 3rd party apps. Except for battery life, this is where the old phones win.
"Symbian phones were very feature complete (much more so than Android and iOS, my E72 has functionality that even now isn't standard on those) and I don't like to see it go."
So what are the others missing? Please tell us so we can still get a decent Symbian phone before they are gone.
Put the driver for the standardized/interop filesystem in a (comparitive small 1%) fat16 partition* on the same media. Include nice installers and use the autorun features of the OS. Problem solved.
*: I had an older 512Gb USB drive that included the drivers for retarded windows versions on a seperate device, it emulated a cd with iso9960 of UDF.
Turn on auto correction/completion in your shell if possible (or switch shell).
Strangely enough I had to import my first android device from the USA.
B.S. you just had to buy a non branded phone. I never had a branded/locked GSM. Sure branded/locked phones might be cheaper, so you get what you pay for.
How is it beside the point if you claim to use cat because you can't remember what argument to give to read from file? There is no argument to read from file, every last string not preceded by an option is to be parsed as file to read input from (after -- if you want to read file named "-x" or "--foo"). You absolutely want to a extra program to do stuff the second one can already do, you should use dog. It is a better than cat.
You never noticed that just about all *nix commands reads input from a file (without any arguments to point out the file)?
Never do a full bounce, only send headers. Drop the body. Sending full bounces you get listed (rightfully so).