I've posted it elsewhere, but I'll repeat it - I don't care about Google, Facebook, Twitter, Yahoo, and Microsoft (through Bing and Hotmail) tracking for the purposes of ad revenue. That's their complete business model. I get what I paid for.
I'm angry at Bank of America, Mastercard, Visa, Comcast, Verizon, Sprint, AT&T, Costco, Sam's Club, Amazon.com, Best Buy, CVS Pharmacy, Riteaid Pharmacy, etc... they profit directly through financial transactions with me, but they still collect every scrap of data their tentacles can reach to sell anyway. I could host my own email server and do all of my searches for information in a library or with a phone book, and there would still be a dozen companies that can probably tell you where I drove yesterday, what I bought, and who I communicated with.
I disagree that Google is the biggest sinner. Google, Facebook, Yahoo, and Microsoft's Bing and Hotmail track us because that's their entire business model. Targeted advertising is what they do, that's all. That's evil, but it's open evil.
The biggest sinners are banks, cell phone companies, credit card companies, internet service providers, grocery stores, physical store retailers, and only retailers. They get our money directly, and they choose to track us extensively anyway. That's the real sin - "We pretend to have a straightforward pay-for-service relationship with you, but we also pull all the dirty tricks that Google, Facebook, and Yahoo do."
It's useless encryption, though. Thanks to the Patriot Act, the NSA can ask Google to decrypt and hand over any information on any person for no stated reason. Google can't even challenge the order in court. Google's decision to use encryption internally was a publicity stunt that only convinced people who didn't take five minutes to think about the value of that encryption (i.e. none).
Google and Facebook make their money through advertising. I expect them to track users for that reason. That doesn't concern me - when I don't want them to know what I'm doing, I use a different browser in which I never login to either service and I have third party cookies disabled.
But what about your cell phone company, your internet service provider, your bank, your physical retailer with an account system (warehouse retailers with memberships like Costco, grocery stores with outrageous prices if you don't get a membership, pharmacies), your online retailer. I pay them all directly, and they still track me extensively. I don't trust Google or Facebook to maintain my privacy, but I don't blame them for being data hoarders either. That's their entire business model. But PNC, Bank of America, Verizon, Comcast, Sprint, Amazon, Costco, Rite Aid, etc... already profit from my business, they're just assholes to collect additional information to sell to other companies and the government. I'd take my business elsewhere, but there are very few companies I can trust not to track me for profit.
Pandora's Box has been opened, no matter what Congress does we have no reason to believe the NSA's surveillance or corporate spying on citizens will ever get better.
I think the real solution to this is ignore the political side completely, and work on technological solutions. Make the next version of SMTP work like the Tor network. Make something like Diaspora or Status.net (open source social networks) so easy to setup and run that it's a few taps on an iPhone, Android phone, Windows, Mac OS X, Linux, etc... and it has no central hosting servers. Make the default behavior in web browsers strip out third party cookies, and switch the way fonts and plugins are enumerated so that web browsers no longer have unique footprints. Maybe convince companies to accept payments in Bitcoins, or the successor to Bitcoin, whatever that is, so that you buy Bitcoins from your normal bank account but then make your bill payments with Bitcoins, and thus your bank doesn't know your bills and the companies that bill you don't know your bank.
We can't trust the politicians to fix this - the spooks and the executives are salivating over everything they can do with additional information about us. The only fix is to make it computationally infeasible for them to learn about us. It's up to us, the engineers, to stop 1984.
1. There are cheap, cash-only grocery stores near me - but they're only open while I'm at work. So I have to shop at one of the places that offers "free" membership cards with a 30% discount. I'm lucky enough that I could refuse the membership card without completely breaking the household budget, and I could just live with the $50 or more extra I would spend per month on groceries without it. But most families can't afford the difference.
2. Paying cash for all of my fixed expenses, like the cell phone bill, electric bill, mortgage, car insurance, etc... involves a lot of driving and is a pain in the neck. If I mail out checks or use automatic bill pay - which is what most people do - my bank or credit union knows too much about me and my service vendors know which bank and account number I have. So that's information sharing that it's just not practical to work around. What do you do, get a big batch of cashier's checks from a different source every month and mail them out?
3. Your internet service provider knows a lot about your browsing habits. If you use a VPN service, then all of that information about your browsing habits reside with the VPN service (and for all you know the whole damn company is an NSA front to keep a closer watch on paranoid users). Either way some company has access to your browsing habits unless your entire internet existence is spent on the Tor network or something similar.
4. If you have a cell phone, unless you leave it at home (and if you leave it at home, why have one?) your cell phone company knows your travel habits.
Your advice is useless. Paying cash when you get a pizza won't make any significant difference in your privacy.
I'm not sure I understand the problem. In your example, if Y has a public key, X encrypts the message with Y's public key, and Y's private key never gets to Google or Yahoo, then the NSA knows who sent the message and who received the message but not what it contained.
Again, that works in the real world. The problem isn't that the technology fails, the problem is that it's extra work. I can use public key encryption to secure my email. My wife, my parents, and my friends won't bother. If we that understand PGP band together and suddenly 0.03% of the SMTP traffic on the internet has encrypted message bodies, the volume is so low the NSA could designate resources to track the few people savvy enough to use encryption. Instead of getting more privacy, we get more surveillance on ourselves and no net benefit for the average citizen.
Google, Amazon, etc... are powerless to take steps to protect data because the Patriot Act allows the NSA to demand huge volumes of data, no questions asked, no right to refusal, and even no right to a public legal challenge to the move.
I genuinely don't think the customer data mining done by Google, Amazon, Microsoft, Mastercard, Bank of America, etc... etc.... is evil. But we have a government agency with agents already caught abusing their surveillance authority to watch spouses and significant others. There is currently nothing legal or technological in place to evolve the situation into something better and every indication it's only going to deteriorate.
Good point about the two nodes instead of three. I don't know why I had it stuck in my head that three were required.
With the multi-step, encrypted transmission process it would make sense to use Google, Yahoo, Microsoft, etc... as nodes in the process, but if you want real privacy you and your recipient should host your own mail or use some other mechanism to keep your unencrypted message bodies from being in the control of the hosting company at any step in the process.
I like the concepts used by LastPass and SpiderOak (assuming they're not lying their asses off...) for cloud storage. You choose your password. It gets hashed once, and that hash becomes your encryption key for AES or Triple-DES or some other symmetric encryption of your data. The encrypted data is uploaded to their servers, but never the encryption key. That encryption key gets concatenated with your password again, and hashed again, and that second hash becomes your authentication token for their respective cloud services.
So they hold your encrypted data, and they themselves don't have the original password or encryption key derived from it, so they can't decrypt it. SpiderOak has a web portal for emergency access to your data from any location, but they warn you in strong terms that using a web-only interface means they get access to your password and encryption key, and they advise against it.
Unfortunately, this doesn't work for hosted email because SMTP itself is a plain text protocol and of course your recipient won't have the same password (and thus, encryption key) as you. But I wrote this post because I think the very concept itself is cool and clever.
You don't have to trust all of the intermediaries, you only need one to be trustworthy for metadata privacy to remain intact. Otherwise, the worst they can do is block delivery of the message.
Consider that I have a message to send to my brother, and I route it through Tor nodes A, B, and C. I encrypt the message with my brother's public key and recipient address, then encrypt that with node C's public key and recipient address, then node B's public key and recipient address, then node A's public key (but not address). I upload the encrypted message directly to A. They know it came from me, but not the ultimate recipient or the contents. They decrypt their layer, and see it gets forwarded to B. They forward it to B. B knows it was routed through node A, but not that it came from me or the ultimate recipient or the contents. B decrypts their layer, and see it gets forwarded to C. They forward it to C. C knows it was routed through node AB, but not that it came from me or the contents. C decrypts their layer, and knows it goes to my brother. They send it to him, and he decrypts it with his personal key and reads the message.
If the NSA or hackers or whoever compromises node A, they know I sent something. If they compromise node C, they know my brother received something. If they compromise node B, they know a message from someone to someone was routed through. But they only know I sent something to my brother if they compromised all three nodes.
Your point about email volume still stands - on the other hand, if we encrypt everything by default and reject automatically anything sent by unrecognized public keys, spam should go down so much that mail servers will have extra capacity!
But if I download your public key, and instead of getting your real public key I get a dupe, when I send you the message you won't be able to decrypt it. You'll contact me through some other channel and explain that I sent you something with the wrong key, and we'll know instantly that the key server has been compromised.
The system works. The real problem is that what grub in the grandparent post calls "virtually automatic" and "boneheaded easy" is still past the skill, understanding, and especially interest level of 99% of the population. Something even more automatic and easy is required if we expect the general public to have truly private email.
This is the same fundamental problem that makes the Diaspora distributed social-network project a non-starter. It requires too much technical knowledge and equipment for the average person to run their own node out of their house, which means that even if the general public had heard of the project and wanted to use it, they would be running it off publicly hosted servers run by businesses they don't know. Of course that totally negates the security and privacy advantages of a distributed social network. Something even easier, far easier, is required - like an application you install on your iPhone or Android phone with two taps of the finger that hooks up your private, distributed, encrypted, backed-up node on the NoAdvertisingNoNSABook network, and you don't do a damn thing to maintain it.
But I don't need the insurance if all it is going to cover is antibiotics and simple stitches and setting bones. So you're arguing for a hypocritical position, where the insurance against expensive medical events is purchased by people who don't use it, and not available for purchase, or at least not available for purchase at anything near an affordable cost, by the people that need it.
The whole free market angle on health insurance is complicated by the fact that the people who require the most expensive medical care can't work. This isn't like shopping for night classes, maids, smart phones, cars, or new housing - in all of those cases you have an income while you search for a deal on new service. With health insurance, if you desperately need expensive medical treatment there's a good chance you aren't able to work to pay for it.
In addition to that, while some people with expensive medical costs will never recover fully and will always be a net financial drain on the system and the economy, others can. If your cancer treatment fails or prolongs your life slightly but you still die of cancer, then that is tragic and expensive. But increasingly people do go into remission and live and work another ten, twenty, or forty years after their cancer diagnosis. Likewise surgery and care to recover from an accident, assault, etc... might take years but you could emerge at the other end a fully functioning member of society again.
Maybe for RT, but the File Explorer in Windows 8 behaves exactly like the earlier ones. I haven't seen it hang, but then I haven't used it with network drives or CD drives yet.
You're not listening to my argument. Those products exist, and are cheap, because of the GIMP. If there was no open source alternative to Photoshop or Paintshop, the prices would be much higher.
As I responded elsewhere - Visual Studio Express only exists because of GCC and LLVM. If there were no open source competitors to Microsoft's IDE/compiler combo, there would be no free version.
But what if your killer game is Starcraft 2? Or Halo? Bioshock? League of Legends?
You can get them to work on Linux, but it's not supported and if you're not already an IT geek (which is 98% of the population) it's not a possibility you'll seriously consider. So that giant portion of the population has an incentive not to buy a SteamBox... which means Blizzard, Microsoft, etc... have fewer incentives to port the games to Steam OS... the same momentum that put us where we are today continues indefinitely.
As much as I want to see this happen, I still can't imagine it. Even with Valve throwing it's weight behind Linux, it's the same chicken-and-egg problem that stopped Linux desktop from taking over the world for the last fifteen years:
1. Every time a person is looking to buy a Steam OS box, he's going to ask himself whether there's a game he really wants on the horizon that is currently Windows-only. The answer is always yes, so he won't buy.
2. Every time a company looks to port a game to Steam OS, they're going to check the market penetration of Steam OS to see if the port is worth the engineering effort. The answer is sometimes yes, but sometimes no - and that's all it takes to keep a handful of games most buyers want off the Steam OS list.
End of story. I think the real "Linux on the Desktop" will be Android on x86_64. Touch screen laptops and monitors are becoming more common and cheaper, and in turn Android is getting more and more desktop user interface features and an ever-growing selection of applications. I think if Linux will ever own a significant portion of the desktop, that will be the route - not through the gamers, but through casual users. My kids already know how to use Android better than they know how to use Windows 7. If, five years from now, I give them a choice between a Windows laptop or the ASUS Transformer Prime or Android equivalent of the day, I think they'd opt for Android.
The counter-argument to your point about The reason many free programs suck is because no sane programmer in their right mind can produce and maintain a project of non-trivial size that doesn't have a sizable community of tinkerers and paid experts from which to draw from like linux has. is that many people - in fact, most of humanity - can't afford the technologically superior or more user-friendly proprietary alternatives.
The GIMP doesn't match up in features or usability to Adobe Photoshop. But if you don't have the money for Photoshop, GIMP is much better than nothing. Developing software for Windows on Visual Studio beats using Mingw - but that only makes sense if you're a professional developer planning to make a living by writing software for Windows. If you're trying to teach yourself software development, or you're a kid, or you just don't have $500 or $800 or whatever the hell it costs, then Mingw is the only thing that lets you even try. Most of our planet, most of humanity, are poor people. The successful IT professional can buy any proprietary program he or she needs - but we are not the typical human being. If they're going to reach our level, they have to do it through extremely cheap tools.
In the realm of encryption, it is increasingly difficult to trust proprietary products. With the Linux kernel, or Truecrypt, or any of the OpenPGP implementations, you can read the code yourself or hope that someone else trustworthy and skilled enough to detect backdoors has read it. With proprietary security products, how do you know?
But maybe most important of all, the competition against open source products continually forces the proprietary vendors to compete on features and price. If Linux didn't exist, maybe a copy of Windows 7 would be $600 instead of $200 and a cohttp://linux.slashdot.org/story/13/10/23/184236/torvalds-steamos-will-really-help-linux-on-the-desktop#py of Windows 2012 Server Standard Edition would be $8000 instead of $800 and Solaris or AIX would be $100,000 per core instead of whatever it is now. They keep the prices where they are for fear that people will decide an inferior free alternative and the extra work it involves is more cost-effective than their closed alternative.
Even if you only ever use proprietary software, you benefit tremendously from the existence of free software and its moral crusaders.
As a corollary to (1), Microsoft is reluctant to change many underlying pieces for fear of breaking compatibility with applications that depend upon very specific quirks and undocumented APIs in Microsoft applications.
I mean, that's the only possible explanation for the way that the explorer.exe file manager sucks compared to any of a dozen third party replacements and still hangs when you access some resources. (Having a small portion of your user interface become unresponsive when there's a problem reading the resource represented by that section of the user interface is fine. Having your user unable to read files on a local drive because it's having a problem accessing a network resource that has nothing to do with the local drive... that's obnoxious, and it's been a problem from before Windows XP through Windows 7 - and it may exist in Windows 8, I haven't tried it.)
I haven't done the cloudy cloud cloud cloud thing. I'm familiar with virtualization though - isn't it a bit more than two clicks, because you have to change the network address of each VM as it spins up? Or are you assuming that they use DHCP and you run a proxy server on the internet-facing side that figures out which VMs receive the external traffic?
But it also seems to me that killing a VM and replacing it only works if you have no state to preserve between the old VM and the new one (e.g. session attributes, etc...) That's the ideal way to architect a colossal web application, but I don't know common it is in real world scenarios.
I don't expect Facebook to offer indexing Google Plus, or vice versa. But what about the thousands of little third party clients that could benefit from indexing Plus? Sorry, not permitted - because Google is now an industry giant and will behave the same way as Facebook and Microsoft when it comes to blocking the next generation of innovators.
If Google has specific thresholds for what's allowed and what isn't, they should make that explicit in the terms of service instead of just saying "No servers". The problem with a blanket ban is that it leaves them the option to change the actual policy on a whim.
Slashdot Mirror
I've posted it elsewhere, but I'll repeat it - I don't care about Google, Facebook, Twitter, Yahoo, and Microsoft (through Bing and Hotmail) tracking for the purposes of ad revenue. That's their complete business model. I get what I paid for.
I'm angry at Bank of America, Mastercard, Visa, Comcast, Verizon, Sprint, AT&T, Costco, Sam's Club, Amazon.com, Best Buy, CVS Pharmacy, Riteaid Pharmacy, etc... they profit directly through financial transactions with me, but they still collect every scrap of data their tentacles can reach to sell anyway. I could host my own email server and do all of my searches for information in a library or with a phone book, and there would still be a dozen companies that can probably tell you where I drove yesterday, what I bought, and who I communicated with.
I disagree that Google is the biggest sinner. Google, Facebook, Yahoo, and Microsoft's Bing and Hotmail track us because that's their entire business model. Targeted advertising is what they do, that's all. That's evil, but it's open evil.
The biggest sinners are banks, cell phone companies, credit card companies, internet service providers, grocery stores, physical store retailers, and only retailers. They get our money directly, and they choose to track us extensively anyway. That's the real sin - "We pretend to have a straightforward pay-for-service relationship with you, but we also pull all the dirty tricks that Google, Facebook, and Yahoo do."
It's useless encryption, though. Thanks to the Patriot Act, the NSA can ask Google to decrypt and hand over any information on any person for no stated reason. Google can't even challenge the order in court. Google's decision to use encryption internally was a publicity stunt that only convinced people who didn't take five minutes to think about the value of that encryption (i.e. none).
Google and Facebook make their money through advertising. I expect them to track users for that reason. That doesn't concern me - when I don't want them to know what I'm doing, I use a different browser in which I never login to either service and I have third party cookies disabled.
But what about your cell phone company, your internet service provider, your bank, your physical retailer with an account system (warehouse retailers with memberships like Costco, grocery stores with outrageous prices if you don't get a membership, pharmacies), your online retailer. I pay them all directly, and they still track me extensively. I don't trust Google or Facebook to maintain my privacy, but I don't blame them for being data hoarders either. That's their entire business model. But PNC, Bank of America, Verizon, Comcast, Sprint, Amazon, Costco, Rite Aid, etc... already profit from my business, they're just assholes to collect additional information to sell to other companies and the government. I'd take my business elsewhere, but there are very few companies I can trust not to track me for profit.
Pandora's Box has been opened, no matter what Congress does we have no reason to believe the NSA's surveillance or corporate spying on citizens will ever get better.
I think the real solution to this is ignore the political side completely, and work on technological solutions. Make the next version of SMTP work like the Tor network. Make something like Diaspora or Status.net (open source social networks) so easy to setup and run that it's a few taps on an iPhone, Android phone, Windows, Mac OS X, Linux, etc... and it has no central hosting servers. Make the default behavior in web browsers strip out third party cookies, and switch the way fonts and plugins are enumerated so that web browsers no longer have unique footprints. Maybe convince companies to accept payments in Bitcoins, or the successor to Bitcoin, whatever that is, so that you buy Bitcoins from your normal bank account but then make your bill payments with Bitcoins, and thus your bank doesn't know your bills and the companies that bill you don't know your bank.
We can't trust the politicians to fix this - the spooks and the executives are salivating over everything they can do with additional information about us. The only fix is to make it computationally infeasible for them to learn about us. It's up to us, the engineers, to stop 1984.
1. There are cheap, cash-only grocery stores near me - but they're only open while I'm at work. So I have to shop at one of the places that offers "free" membership cards with a 30% discount. I'm lucky enough that I could refuse the membership card without completely breaking the household budget, and I could just live with the $50 or more extra I would spend per month on groceries without it. But most families can't afford the difference.
2. Paying cash for all of my fixed expenses, like the cell phone bill, electric bill, mortgage, car insurance, etc... involves a lot of driving and is a pain in the neck. If I mail out checks or use automatic bill pay - which is what most people do - my bank or credit union knows too much about me and my service vendors know which bank and account number I have. So that's information sharing that it's just not practical to work around. What do you do, get a big batch of cashier's checks from a different source every month and mail them out?
3. Your internet service provider knows a lot about your browsing habits. If you use a VPN service, then all of that information about your browsing habits reside with the VPN service (and for all you know the whole damn company is an NSA front to keep a closer watch on paranoid users). Either way some company has access to your browsing habits unless your entire internet existence is spent on the Tor network or something similar.
4. If you have a cell phone, unless you leave it at home (and if you leave it at home, why have one?) your cell phone company knows your travel habits.
Your advice is useless. Paying cash when you get a pizza won't make any significant difference in your privacy.
I'm not sure I understand the problem. In your example, if Y has a public key, X encrypts the message with Y's public key, and Y's private key never gets to Google or Yahoo, then the NSA knows who sent the message and who received the message but not what it contained.
Again, that works in the real world. The problem isn't that the technology fails, the problem is that it's extra work. I can use public key encryption to secure my email. My wife, my parents, and my friends won't bother. If we that understand PGP band together and suddenly 0.03% of the SMTP traffic on the internet has encrypted message bodies, the volume is so low the NSA could designate resources to track the few people savvy enough to use encryption. Instead of getting more privacy, we get more surveillance on ourselves and no net benefit for the average citizen.
Google, Amazon, etc... are powerless to take steps to protect data because the Patriot Act allows the NSA to demand huge volumes of data, no questions asked, no right to refusal, and even no right to a public legal challenge to the move.
I genuinely don't think the customer data mining done by Google, Amazon, Microsoft, Mastercard, Bank of America, etc... etc.... is evil. But we have a government agency with agents already caught abusing their surveillance authority to watch spouses and significant others. There is currently nothing legal or technological in place to evolve the situation into something better and every indication it's only going to deteriorate.
Good point about the two nodes instead of three. I don't know why I had it stuck in my head that three were required.
With the multi-step, encrypted transmission process it would make sense to use Google, Yahoo, Microsoft, etc... as nodes in the process, but if you want real privacy you and your recipient should host your own mail or use some other mechanism to keep your unencrypted message bodies from being in the control of the hosting company at any step in the process.
I like the concepts used by LastPass and SpiderOak (assuming they're not lying their asses off...) for cloud storage. You choose your password. It gets hashed once, and that hash becomes your encryption key for AES or Triple-DES or some other symmetric encryption of your data. The encrypted data is uploaded to their servers, but never the encryption key. That encryption key gets concatenated with your password again, and hashed again, and that second hash becomes your authentication token for their respective cloud services.
So they hold your encrypted data, and they themselves don't have the original password or encryption key derived from it, so they can't decrypt it. SpiderOak has a web portal for emergency access to your data from any location, but they warn you in strong terms that using a web-only interface means they get access to your password and encryption key, and they advise against it.
Unfortunately, this doesn't work for hosted email because SMTP itself is a plain text protocol and of course your recipient won't have the same password (and thus, encryption key) as you. But I wrote this post because I think the very concept itself is cool and clever.
You don't have to trust all of the intermediaries, you only need one to be trustworthy for metadata privacy to remain intact. Otherwise, the worst they can do is block delivery of the message.
Consider that I have a message to send to my brother, and I route it through Tor nodes A, B, and C. I encrypt the message with my brother's public key and recipient address, then encrypt that with node C's public key and recipient address, then node B's public key and recipient address, then node A's public key (but not address). I upload the encrypted message directly to A. They know it came from me, but not the ultimate recipient or the contents. They decrypt their layer, and see it gets forwarded to B. They forward it to B. B knows it was routed through node A, but not that it came from me or the ultimate recipient or the contents. B decrypts their layer, and see it gets forwarded to C. They forward it to C. C knows it was routed through node AB, but not that it came from me or the contents. C decrypts their layer, and knows it goes to my brother. They send it to him, and he decrypts it with his personal key and reads the message.
If the NSA or hackers or whoever compromises node A, they know I sent something. If they compromise node C, they know my brother received something. If they compromise node B, they know a message from someone to someone was routed through. But they only know I sent something to my brother if they compromised all three nodes.
Your point about email volume still stands - on the other hand, if we encrypt everything by default and reject automatically anything sent by unrecognized public keys, spam should go down so much that mail servers will have extra capacity!
But if I download your public key, and instead of getting your real public key I get a dupe, when I send you the message you won't be able to decrypt it. You'll contact me through some other channel and explain that I sent you something with the wrong key, and we'll know instantly that the key server has been compromised.
The system works. The real problem is that what grub in the grandparent post calls "virtually automatic" and "boneheaded easy" is still past the skill, understanding, and especially interest level of 99% of the population. Something even more automatic and easy is required if we expect the general public to have truly private email.
This is the same fundamental problem that makes the Diaspora distributed social-network project a non-starter. It requires too much technical knowledge and equipment for the average person to run their own node out of their house, which means that even if the general public had heard of the project and wanted to use it, they would be running it off publicly hosted servers run by businesses they don't know. Of course that totally negates the security and privacy advantages of a distributed social network. Something even easier, far easier, is required - like an application you install on your iPhone or Android phone with two taps of the finger that hooks up your private, distributed, encrypted, backed-up node on the NoAdvertisingNoNSABook network, and you don't do a damn thing to maintain it.
But I don't need the insurance if all it is going to cover is antibiotics and simple stitches and setting bones. So you're arguing for a hypocritical position, where the insurance against expensive medical events is purchased by people who don't use it, and not available for purchase, or at least not available for purchase at anything near an affordable cost, by the people that need it.
The whole free market angle on health insurance is complicated by the fact that the people who require the most expensive medical care can't work. This isn't like shopping for night classes, maids, smart phones, cars, or new housing - in all of those cases you have an income while you search for a deal on new service. With health insurance, if you desperately need expensive medical treatment there's a good chance you aren't able to work to pay for it.
In addition to that, while some people with expensive medical costs will never recover fully and will always be a net financial drain on the system and the economy, others can. If your cancer treatment fails or prolongs your life slightly but you still die of cancer, then that is tragic and expensive. But increasingly people do go into remission and live and work another ten, twenty, or forty years after their cancer diagnosis. Likewise surgery and care to recover from an accident, assault, etc... might take years but you could emerge at the other end a fully functioning member of society again.
Maybe for RT, but the File Explorer in Windows 8 behaves exactly like the earlier ones. I haven't seen it hang, but then I haven't used it with network drives or CD drives yet.
You're not listening to my argument. Those products exist, and are cheap, because of the GIMP. If there was no open source alternative to Photoshop or Paintshop, the prices would be much higher.
As I responded elsewhere - Visual Studio Express only exists because of GCC and LLVM. If there were no open source competitors to Microsoft's IDE/compiler combo, there would be no free version.
Would Visual Studio Express exist if there was no GCC and no LLVM? Of course not.
It's only free because of GCC and LLVM. If those two products didn't exist, there would be no Visual Studio Express.
But what if your killer game is Starcraft 2? Or Halo? Bioshock? League of Legends?
You can get them to work on Linux, but it's not supported and if you're not already an IT geek (which is 98% of the population) it's not a possibility you'll seriously consider. So that giant portion of the population has an incentive not to buy a SteamBox... which means Blizzard, Microsoft, etc... have fewer incentives to port the games to Steam OS... the same momentum that put us where we are today continues indefinitely.
As much as I want to see this happen, I still can't imagine it. Even with Valve throwing it's weight behind Linux, it's the same chicken-and-egg problem that stopped Linux desktop from taking over the world for the last fifteen years:
1. Every time a person is looking to buy a Steam OS box, he's going to ask himself whether there's a game he really wants on the horizon that is currently Windows-only. The answer is always yes, so he won't buy.
2. Every time a company looks to port a game to Steam OS, they're going to check the market penetration of Steam OS to see if the port is worth the engineering effort. The answer is sometimes yes, but sometimes no - and that's all it takes to keep a handful of games most buyers want off the Steam OS list.
End of story. I think the real "Linux on the Desktop" will be Android on x86_64. Touch screen laptops and monitors are becoming more common and cheaper, and in turn Android is getting more and more desktop user interface features and an ever-growing selection of applications. I think if Linux will ever own a significant portion of the desktop, that will be the route - not through the gamers, but through casual users. My kids already know how to use Android better than they know how to use Windows 7. If, five years from now, I give them a choice between a Windows laptop or the ASUS Transformer Prime or Android equivalent of the day, I think they'd opt for Android.
The counter-argument to your point about The reason many free programs suck is because no sane programmer in their right mind can produce and maintain a project of non-trivial size that doesn't have a sizable community of tinkerers and paid experts from which to draw from like linux has. is that many people - in fact, most of humanity - can't afford the technologically superior or more user-friendly proprietary alternatives.
The GIMP doesn't match up in features or usability to Adobe Photoshop. But if you don't have the money for Photoshop, GIMP is much better than nothing. Developing software for Windows on Visual Studio beats using Mingw - but that only makes sense if you're a professional developer planning to make a living by writing software for Windows. If you're trying to teach yourself software development, or you're a kid, or you just don't have $500 or $800 or whatever the hell it costs, then Mingw is the only thing that lets you even try. Most of our planet, most of humanity, are poor people. The successful IT professional can buy any proprietary program he or she needs - but we are not the typical human being. If they're going to reach our level, they have to do it through extremely cheap tools.
In the realm of encryption, it is increasingly difficult to trust proprietary products. With the Linux kernel, or Truecrypt, or any of the OpenPGP implementations, you can read the code yourself or hope that someone else trustworthy and skilled enough to detect backdoors has read it. With proprietary security products, how do you know?
But maybe most important of all, the competition against open source products continually forces the proprietary vendors to compete on features and price. If Linux didn't exist, maybe a copy of Windows 7 would be $600 instead of $200 and a cohttp://linux.slashdot.org/story/13/10/23/184236/torvalds-steamos-will-really-help-linux-on-the-desktop#py of Windows 2012 Server Standard Edition would be $8000 instead of $800 and Solaris or AIX would be $100,000 per core instead of whatever it is now. They keep the prices where they are for fear that people will decide an inferior free alternative and the extra work it involves is more cost-effective than their closed alternative.
Even if you only ever use proprietary software, you benefit tremendously from the existence of free software and its moral crusaders.
As a corollary to (1), Microsoft is reluctant to change many underlying pieces for fear of breaking compatibility with applications that depend upon very specific quirks and undocumented APIs in Microsoft applications.
I mean, that's the only possible explanation for the way that the explorer.exe file manager sucks compared to any of a dozen third party replacements and still hangs when you access some resources. (Having a small portion of your user interface become unresponsive when there's a problem reading the resource represented by that section of the user interface is fine. Having your user unable to read files on a local drive because it's having a problem accessing a network resource that has nothing to do with the local drive... that's obnoxious, and it's been a problem from before Windows XP through Windows 7 - and it may exist in Windows 8, I haven't tried it.)
I think you're right. I'm thinking too much about small scale deployments - because that's what I know.
I haven't done the cloudy cloud cloud cloud thing. I'm familiar with virtualization though - isn't it a bit more than two clicks, because you have to change the network address of each VM as it spins up? Or are you assuming that they use DHCP and you run a proxy server on the internet-facing side that figures out which VMs receive the external traffic?
But it also seems to me that killing a VM and replacing it only works if you have no state to preserve between the old VM and the new one (e.g. session attributes, etc...) That's the ideal way to architect a colossal web application, but I don't know common it is in real world scenarios.
I don't expect Facebook to offer indexing Google Plus, or vice versa. But what about the thousands of little third party clients that could benefit from indexing Plus? Sorry, not permitted - because Google is now an industry giant and will behave the same way as Facebook and Microsoft when it comes to blocking the next generation of innovators.
If Google has specific thresholds for what's allowed and what isn't, they should make that explicit in the terms of service instead of just saying "No servers". The problem with a blanket ban is that it leaves them the option to change the actual policy on a whim.