Twenty years ago, they probably would have been laughed out of the market and/or sued into the ground for selling the stuff they call software these days...
Actually, 20+ years ago, the code out there was MUCH worse than it is today from a security perspecitve. In the 1980s, my father once showed me the VAX-based system that ran the local hospital, because I was visting he knew I was "into computers." It crashed to a command prompt about 5 times during his demonstration, and he didn't once have to enter a password. I was salivating as a 12 year old proto-hacker, but was too scared to ever do anything (probably because of the security shock troops that descended on Broderick in War Games).
First, back then networks were in general far rarer and far less interconnected. The Internet was in relative infancy, and a lot of LAN-LAN bridging was done via modem. So security wasn't thought of much, because jsut getting connectivity was tough. The focus on secure computing was in preventing local privilege escalation, or privilege escalation from an attacker in the LAN.
Secondly, computers were a lot slower, so defensive coding checks and thorough input validation were often skipped in the name of efficiency.
Finally, attacks have gotten a lot more sophisticated over the years, with a lot of new techniques and a lot more automated tools. Writing secure C is nearly as tough as it was 20 years ago.
You obviously don't have a real job yet. Let us know when you get out of high school.
I've been in financial services for 12 years, and ~95% of our vendors, customers, parters, and competitors use Outlook, and perhaps more significantly they use it with Exchange Server. The other 5% use some variant of Notes.
Even our vendors who deal only with Linux or Unix have Outlook and Exchange. Exchange server is the killer app that sells Windows Servers into businesses. Notes is the only credible alternative, open source or otherwise. Open source competitiors are getting closer, but still have nowhere near the level of integrated functionality that the Outlook/Exchange combo offers.
Actually we discourage the use of Vista and say that we don't really support it. Any Windoze boxes we put online are XP. We beg our customer NOT to get Vista. These days we are encouraging our clients to really look at Sun and Linux. One of our big points is if your going to have to learn a new desktop and a new office suite. Why not make the change to Linux or Solaris and be done with client licenses, malware, spyware, viruses, blue screens O' death, changing desktops, and on and on...
See, here's the part where I realized you're just another slashdrone trying to make your reality fit your anti-MS worldview. No real outsourced help desk vendor would ever suggest the customer do something to decrease their reliance upon said vendor. If you do, in fact, work for an outsouced IT provider, you're likely near the bottom of the totem pole, and absolutely not in management. Your company, in reality, does not have any official polices to steer cusomters away from Vista. Am I right?
Like it or not, Microsoft is good for business, especially if you're in the business of providing support or consulting for their platform.
Who the f*** decided that sentences on the Internet shall no longer be formatted with two spaces after a period?!
They never were formatted with two spaces, or at least never should have been. Most browsers automatically reduce two spaces to one in any case.
With a proportinal-width font, you are supposed to use one space after a period (sometimes auto-kerned to 1.5 spaces in higher-end software). With a mono-spaced font, you use two spaces. I used to run the IT shop at a newspaper, and I was quickly elnightened that "single space after full stop" was the way things have always been done by everyone in the publishing industry, going back to the days of mechanical type in the 1800s. Why? Because it looks better on the page.
This seems to support my experience. As most web fonts are proportional-width, a single space after period would seem to be the correct usage.
Please write these test and your methodologies up and posit it somewhere. You can even probably get some ad revenue by doing that. I'm sure you'll also get a lot os suggestions as to what the trouble might be. I know I'd like to see the full details of each test myself.
What makes you think Firefox has more than 15% of the browser market? My own company's public site stats show it at less than 5%, and I know of no customer of ours (2500+ banks) that have deployed Firefox at all. Everybody just uses IE, mostly version 6, but a lot are deploying v7.
Google removed thier browser stats from Zeitgeist a while back, I think. What would be a better source for those numbers? And don't say Slashdot logs...
I choose to believe that this is a somewhat realistic representation of current market share of Linux.
You can choose to believe in Santa Claus as well, but belief does not imply reality. Your sample size is too small, and skewed towards Linux users. Here is a more realistic view of Linux client market share: 0.81%. Yeah, it's probably a lot larger in the server room, but good luck getting remotely accurate statistics on that.
HP should'a bought 'em. Perhaps they'll snap up LeftHand instead.
The last LeftHand engineer I talked to seemed to think that might happen. Apparently, LeftHand could get out of the custom hardware business sometime next year, sunsetting the NSM-* line to focus on the HP and IBM-server based offerings. Better hardware, and the speed is the same. The also have a VMware virtual appliance that runs SAN/iQ, so maybe that's a potential buyer.
This won't hurt the LeftHand product a bit, as it is just software running on commodity boxes (the NSM-160s were made by SuperMicro anyway I think). LeftHand's cluster architecture is designed to handle the loss of an entire nodes, unlike EqualLogic, where the redundancy is within each node (and that requires custom hardware).
As for price, well, LeftHand is $30K for a 9 TB module based on the HP DL320s. That ain't exactly cheap, considering the HP hardware with 9TB is only $11K. But still quite a bit cheaper than EqualLogic.
I implemented Openfiler, but the poor clustering options (active/passive only) made it a non-starter for anything remotely ctriical in my organization. A SAN simply has to be available, with no interruptions (even a few seconds of failover time breaks many database applications). With Openfiler, clusters essentially have to be local, active/passive, and failover isn't exactly seamless.
iSCSI Gear like EqualLogic and LeftHand go way beyond this... new devices simply join the cluster, and data is restriped dynamically ammongst all nodes according to the replication policies for each volume. You can also have multi-site clusters with appropriate bandwidth settings, remote scheduled snapshots, MPIO, etc. Blow a module and things keep working without any interruption at all.
We're using openfiler for archival and backup storage now, but I don't see anything in the project roadmap to make me think it will compete with commercial iSCSI SAN and NAS solutions anytime soon. Maybe they can get something working with OCFS2
I submit that unless you have equivalent training, education, and experience as those with whom you disagree on a fundamentally scientific issue, your opinion COUNTS LESS.
And I submit that the opinions of same scientists and their pet fear-mongering politicians on the economics of carbon output and climate change COUNT LESS than the opinions of say, business leaders and the heads of international financial organizations. Al Gore was a journalist for a few years, and half-finished a law degree. He and his ilk are NOT QUALIFIED to demand immediate, sweeping changes that are likely to have drastic effects on the economies of both developed and developing countries. You can't have it both ways.
The solution, of course, is to get a bunch of really smart, qualified people from all relevant fields in a room and have them figure how big the problem really is and what to do about it. But organizing that requires politics, and the process would be inherently poisoned from the start by the politics of those already involved. It would be great to have a "Global Warming Manhattan Project", but I fear that would require an immediate, visible threat to get everyone to put politics aside and work together. It took World War II to make the Manhattan Project politically and economically viable.
Q: How in the high FUCK can you get a pistol or CCW permit in Chicago?
A: Be a realative, family firend, or former business associate of Mayor Richard Daley. Remeber, this is Chicago, where the motto is "Vote Early, Vote Often!" Everything in city government is for sale.
I just inked a $500K+ managed hosting deal for my company. I first heard of the hosting provider via banner ad here on Slashdot years ago, and they have received a lot of positive feedback in many comment threads since then. After just two months with this hosting provider, I agree with everything I heard on slashdot: the support is unbelievably good, and their engineers are unbelievably competent.
So yeah, I did a lot of other due diligence, and evaluated four other options. But in the end, the positive feedback from so many on slashdot broke the cost/benefit tie bewteen two very similar proposals.
I think some advertisers understand this about slashdot's audience. Yes, there are a lot of pinko college kids and IT worker bees that would block or ignore ads. But the quality of the slashdot audience for a tech vendor is still very high. As the slashdot audience ages, a lot of those former pinko college kids and IT worker bees are in IT management, and are therefore in a position to make or at least strongly influence big-ticket buying decisions.
I ran across those HOWTO pages. They are not good documentation, they are just are a reasonably categorized collection of quick HOW-TOs aimed at command-line monkeys: "type this in if you want to do x".
That site doesn't document in detail how every option of every LVM tool works. Yeah, there are some conceptual basics on how VGs relate to PVs and LVs (which is obvious to anybody who reads the MAN pages or understands sotarge virtualization on any platform), but the exhaustive details of LMV2 simply aren't documented there, or anywhere else I could find.
I decided your linked HOWTO page was not a good documentation resource to use when I kept running across pages like this. There are no explanations as to what any of those commands mean, nor why they might need to be different in some use cases. The majority of that HOWTO is similarly constructed.
Where is the comprehensive reference that documents every option of LVM2? Why is there only one nearly incomprehensible page about disaster recovery of an LVM system, which should be the most important topic? I didn't find any true documentation back in 2005, and I still haven't run across it. Compare that to Sun's documentation for ZFS, and you'll see why I think LVM documentation sucks.
I know C, and even wrote a simple C compiler as an undergrad back in the early 1990s. But I don't code C regularly anymore, and I am certainly not going to try to decipher C source as documentation. I don't have time, and neither do most other IT folks. Professionals do not consider source code documentation. My developers write design and architecture documentation for all of their code, which is then passed on to technical writers so it becomes actual documentation for end users and system administrators. It seems in most open source projects, coders write the documentation themselves, which leads to documentation being perpetually incomplete. Writing documentation is not what coders are good at, nor is it what they enjoy doing.
At least OSX has the option for "Archive & Install", which might get past this
Windows has had the "files and settings transfer wizard" since XP's release in 2001, which is designed to facilitate switching machines or doing clean re-installs or upgrades. It doesn't transfer every setting for programs that store things in odd places, but it mostly works as designed.
As you say, though, a full backup should be done before any upgrade, regardless of OS. Yes, even - or perhaps especially? - Linux.
It was the other poster who threw in Apache, Postgress and all of the add-on apps which would then make his "comparison" to Windows also include the entire MS product line and those of all Windows software vendors, shareware included, to be fair.
No, I explicitly mentioned "Apache Tomcat, Sendmail, ntpd or even X configuration". ALl of which have perfect analogues included with Windows Server editions (IIS/ASP.net, SMTPsvc, w32time, and the Windows GDI).
I mentioned Postgres as a positive example in the open source world. It has documentation nearly as good as that which comes with MS SQL Server (which I believe is Microsoft's best individual product).
Yes, 30-year-old GNU utilites are well documented in man pages. But man pages don't cut it for a lot of other,more complex software. Tyring to figure out LVM2 the first time I used it from the man pages was very painful, and the man pages were the best documentation available at that time.
You're joking, right? The documentation for a vast majority of open source software is so nonexistent or so out of date as to be laughable. Sure, the big slatwart projects have some reasonable documentation, but even then, you can't tell me widely used stuff like Apache Tomcat, Sendmail, ntpd or even X configuration is intiutive or well-documented. You usually end up trolling through newsgroup posts or a half-dozen pporly organized Wikis to try to find your answer in the open source world.
The issue in the open source world is that every single piece of software has its own configuration file format and command line syntax for the most part. They are all quite different, and documentation in open source projects typically comes last (PostegreSQL is a major exception). It's quite comparable to editing the Windows registry by hand or by command line to do all configuration. At least in the Windows world, you usually get a graphical representation of the configuration using some GUI tool, and that helps you make some sense of things.
We use a large mix of both open source and Microsoft software on about 30 servers in my shop. While speed, functionality, and reliability are the strong points of open source, in my experience documentation and consistency are certainly weak points. You have far more obscure, arcane, and poorly documented stuff to deal with in the open source world.
You're wrong on every other point too, if that helps.
What an ingeniuos debate tactic.
Please explain to me how "every other point" is wrong, providing a reasonable argument. I'll concede I was wrong about you not mentioning root certificates, as I didn't read the great grandparent of my first post.
No ISP has done what you describe, because getting users to trust those certifiactes is hard, and it would cause an uproar in technical circles. Also, intercepting SSL traffic also carries a lot of legal liability that no sane corporation would want.
Which is why STEP #1 was to add (and trust) Comcast's certificate.
You didn't describe step #1 anywhere in your post. But it still would not work. Comcast would have to get their certificate into the trusted root stores of IE, Firefox, Safari, etc., hoping that nobody would notice. And they would also have to dynamically generate a Comcast-signed certificate for each domain their users visit, on demannd, so the browsers would not report DNS name mismatches.
I suggest you try it out.
Okay, I am a Comcast customer. So I use their service every day, and believe me, they cannot intercept and proxy SSL connections, because I have no Comcast certificate in my trusted root in Firefox (or IE for that matter). As for "trying it out", I can't, because the hypothetical "evil Comcast root certificate" doesn't seem to exist anywhere. Adding my own self-signed certificate to the root store would enable ME to spoof SSL sites on my own machine. But that's just not possible for an entity like Comcast.
Besides, there is no way Comcast would want the liability associated with decrypting SSL traffic. Corporations are run by businessmen, and they are generally risk-averse.
The closest thing I've seen to a free market is illegal drugs.
This is a very poor example. The supply side is artificially constrained by the government... how is that a free market?
The closest thing to a truly free market is something like the early days of eBay, where prices were truly set by demand, and the supply of goods and services was nearly unrestricted.
Today on eBay there are crimials, cartels, and shills driving to manipulate auction prices and defraud buyers. So eBay has become far more heavily regulated, and therefore far less open a market.
Not true in the slightest. The SSL/TLS proxy accepts whatever cert and encryption level the website is using, decrypts it for inspection, then re-encrypts it (with Comcast's cert) and sends it to your browser. There are SSL/TLS proxies already available, so I don't understand how you can claim it's impossible.
Because a transparent SSL proxy simply isn't possible. That's the whole point of SSL/TLS - to protect against evesdropping and man-in-the-middle attacks.
A hypthetical SSL proxy such as you describe would throw broweser certificate warnings on every secure site acces, as the DNS names of secure sites wouldn't match the certificate. You would need a browser with intentionally degraded SSL functionaliy (hacked or with some sort of nefarious plug-in to "trust" the Comcast certificate to impersonate other sites) to do what you describe in a manner transparent to the user.
This is a rather ignorant and VERY Microsoft-centric world-view... Use any other operating system, and you can start playing the video while it's being transferred.
Huh? Windows Media player starts playing most media file types as they download. It's been like that for years, at least as far back as I can remember Windows Media Player existing (Win 98?). I just verified it with an mpeg demo file at this link.
From what I remember when I worked for a newspaper 10 years ago, the Chicago Manual of Style's rules on "punctuation always goes inside quotes" is simply based on the fact that it looks much better visually in print when fonts are properly kerned on a typeset page. It really has nothing to do with meaning or context.
Slashdot Mirror
You have a Mac Mini at work? Where the hell do you work, at a Prada retail store or something?
Actually, 20+ years ago, the code out there was MUCH worse than it is today from a security perspecitve. In the 1980s, my father once showed me the VAX-based system that ran the local hospital, because I was visting he knew I was "into computers." It crashed to a command prompt about 5 times during his demonstration, and he didn't once have to enter a password. I was salivating as a 12 year old proto-hacker, but was too scared to ever do anything (probably because of the security shock troops that descended on Broderick in War Games).
First, back then networks were in general far rarer and far less interconnected. The Internet was in relative infancy, and a lot of LAN-LAN bridging was done via modem. So security wasn't thought of much, because jsut getting connectivity was tough. The focus on secure computing was in preventing local privilege escalation, or privilege escalation from an attacker in the LAN.
Secondly, computers were a lot slower, so defensive coding checks and thorough input validation were often skipped in the name of efficiency.
Finally, attacks have gotten a lot more sophisticated over the years, with a lot of new techniques and a lot more automated tools. Writing secure C is nearly as tough as it was 20 years ago.
You obviously don't have a real job yet. Let us know when you get out of high school.
I've been in financial services for 12 years, and ~95% of our vendors, customers, parters, and competitors use Outlook, and perhaps more significantly they use it with Exchange Server. The other 5% use some variant of Notes.
Even our vendors who deal only with Linux or Unix have Outlook and Exchange. Exchange server is the killer app that sells Windows Servers into businesses. Notes is the only credible alternative, open source or otherwise. Open source competitiors are getting closer, but still have nowhere near the level of integrated functionality that the Outlook/Exchange combo offers.
See, here's the part where I realized you're just another slashdrone trying to make your reality fit your anti-MS worldview. No real outsourced help desk vendor would ever suggest the customer do something to decrease their reliance upon said vendor. If you do, in fact, work for an outsouced IT provider, you're likely near the bottom of the totem pole, and absolutely not in management. Your company, in reality, does not have any official polices to steer cusomters away from Vista. Am I right?
Like it or not, Microsoft is good for business, especially if you're in the business of providing support or consulting for their platform.
Actually, the high number of tech workers out of jobs in the Valley would drive wages down, not up. What exactly did you mean by "competitive"?
They never were formatted with two spaces, or at least never should have been. Most browsers automatically reduce two spaces to one in any case.
With a proportinal-width font, you are supposed to use one space after a period (sometimes auto-kerned to 1.5 spaces in higher-end software). With a mono-spaced font, you use two spaces. I used to run the IT shop at a newspaper, and I was quickly elnightened that "single space after full stop" was the way things have always been done by everyone in the publishing industry, going back to the days of mechanical type in the 1800s. Why? Because it looks better on the page.
This seems to support my experience. As most web fonts are proportional-width, a single space after period would seem to be the correct usage.
Please write these test and your methodologies up and posit it somewhere. You can even probably get some ad revenue by doing that. I'm sure you'll also get a lot os suggestions as to what the trouble might be. I know I'd like to see the full details of each test myself.
What makes you think Firefox has more than 15% of the browser market? My own company's public site stats show it at less than 5%, and I know of no customer of ours (2500+ banks) that have deployed Firefox at all. Everybody just uses IE, mostly version 6, but a lot are deploying v7.
Google removed thier browser stats from Zeitgeist a while back, I think. What would be a better source for those numbers? And don't say Slashdot logs...
You can choose to believe in Santa Claus as well, but belief does not imply reality. Your sample size is too small, and skewed towards Linux users. Here is a more realistic view of Linux client market share: 0.81%. Yeah, it's probably a lot larger in the server room, but good luck getting remotely accurate statistics on that.
The last LeftHand engineer I talked to seemed to think that might happen. Apparently, LeftHand could get out of the custom hardware business sometime next year, sunsetting the NSM-* line to focus on the HP and IBM-server based offerings. Better hardware, and the speed is the same. The also have a VMware virtual appliance that runs SAN/iQ, so maybe that's a potential buyer.
This won't hurt the LeftHand product a bit, as it is just software running on commodity boxes (the NSM-160s were made by SuperMicro anyway I think). LeftHand's cluster architecture is designed to handle the loss of an entire nodes, unlike EqualLogic, where the redundancy is within each node (and that requires custom hardware).
As for price, well, LeftHand is $30K for a 9 TB module based on the HP DL320s. That ain't exactly cheap, considering the HP hardware with 9TB is only $11K. But still quite a bit cheaper than EqualLogic.
I implemented Openfiler, but the poor clustering options (active/passive only) made it a non-starter for anything remotely ctriical in my organization. A SAN simply has to be available, with no interruptions (even a few seconds of failover time breaks many database applications). With Openfiler, clusters essentially have to be local, active/passive, and failover isn't exactly seamless.
iSCSI Gear like EqualLogic and LeftHand go way beyond this... new devices simply join the cluster, and data is restriped dynamically ammongst all nodes according to the replication policies for each volume. You can also have multi-site clusters with appropriate bandwidth settings, remote scheduled snapshots, MPIO, etc. Blow a module and things keep working without any interruption at all.
We're using openfiler for archival and backup storage now, but I don't see anything in the project roadmap to make me think it will compete with commercial iSCSI SAN and NAS solutions anytime soon. Maybe they can get something working with OCFS2
And I submit that the opinions of same scientists and their pet fear-mongering politicians on the economics of carbon output and climate change COUNT LESS than the opinions of say, business leaders and the heads of international financial organizations. Al Gore was a journalist for a few years, and half-finished a law degree. He and his ilk are NOT QUALIFIED to demand immediate, sweeping changes that are likely to have drastic effects on the economies of both developed and developing countries. You can't have it both ways.
The solution, of course, is to get a bunch of really smart, qualified people from all relevant fields in a room and have them figure how big the problem really is and what to do about it. But organizing that requires politics, and the process would be inherently poisoned from the start by the politics of those already involved. It would be great to have a "Global Warming Manhattan Project", but I fear that would require an immediate, visible threat to get everyone to put politics aside and work together. It took World War II to make the Manhattan Project politically and economically viable.
A: Be a realative, family firend, or former business associate of Mayor Richard Daley. Remeber, this is Chicago, where the motto is "Vote Early, Vote Often!" Everything in city government is for sale.
If only "virii" was an actual word, you'd have me conviced.
I just inked a $500K+ managed hosting deal for my company. I first heard of the hosting provider via banner ad here on Slashdot years ago, and they have received a lot of positive feedback in many comment threads since then. After just two months with this hosting provider, I agree with everything I heard on slashdot: the support is unbelievably good, and their engineers are unbelievably competent.
So yeah, I did a lot of other due diligence, and evaluated four other options. But in the end, the positive feedback from so many on slashdot broke the cost/benefit tie bewteen two very similar proposals.
I think some advertisers understand this about slashdot's audience. Yes, there are a lot of pinko college kids and IT worker bees that would block or ignore ads. But the quality of the slashdot audience for a tech vendor is still very high. As the slashdot audience ages, a lot of those former pinko college kids and IT worker bees are in IT management, and are therefore in a position to make or at least strongly influence big-ticket buying decisions.
I ran across those HOWTO pages. They are not good documentation, they are just are a reasonably categorized collection of quick HOW-TOs aimed at command-line monkeys: "type this in if you want to do x".
That site doesn't document in detail how every option of every LVM tool works. Yeah, there are some conceptual basics on how VGs relate to PVs and LVs (which is obvious to anybody who reads the MAN pages or understands sotarge virtualization on any platform), but the exhaustive details of LMV2 simply aren't documented there, or anywhere else I could find.
I decided your linked HOWTO page was not a good documentation resource to use when I kept running across pages like this. There are no explanations as to what any of those commands mean, nor why they might need to be different in some use cases. The majority of that HOWTO is similarly constructed.
Where is the comprehensive reference that documents every option of LVM2? Why is there only one nearly incomprehensible page about disaster recovery of an LVM system, which should be the most important topic? I didn't find any true documentation back in 2005, and I still haven't run across it. Compare that to Sun's documentation for ZFS, and you'll see why I think LVM documentation sucks.
I know C, and even wrote a simple C compiler as an undergrad back in the early 1990s. But I don't code C regularly anymore, and I am certainly not going to try to decipher C source as documentation. I don't have time, and neither do most other IT folks. Professionals do not consider source code documentation. My developers write design and architecture documentation for all of their code, which is then passed on to technical writers so it becomes actual documentation for end users and system administrators. It seems in most open source projects, coders write the documentation themselves, which leads to documentation being perpetually incomplete. Writing documentation is not what coders are good at, nor is it what they enjoy doing.
Windows has had the "files and settings transfer wizard" since XP's release in 2001, which is designed to facilitate switching machines or doing clean re-installs or upgrades. It doesn't transfer every setting for programs that store things in odd places, but it mostly works as designed.
As you say, though, a full backup should be done before any upgrade, regardless of OS. Yes, even - or perhaps especially? - Linux.
No, I explicitly mentioned "Apache Tomcat, Sendmail, ntpd or even X configuration". ALl of which have perfect analogues included with Windows Server editions (IIS/ASP.net, SMTPsvc, w32time, and the Windows GDI).
I mentioned Postgres as a positive example in the open source world. It has documentation nearly as good as that which comes with MS SQL Server (which I believe is Microsoft's best individual product).
Yes, 30-year-old GNU utilites are well documented in man pages. But man pages don't cut it for a lot of other,more complex software. Tyring to figure out LVM2 the first time I used it from the man pages was very painful, and the man pages were the best documentation available at that time.
You're joking, right? The documentation for a vast majority of open source software is so nonexistent or so out of date as to be laughable. Sure, the big slatwart projects have some reasonable documentation, but even then, you can't tell me widely used stuff like Apache Tomcat, Sendmail, ntpd or even X configuration is intiutive or well-documented. You usually end up trolling through newsgroup posts or a half-dozen pporly organized Wikis to try to find your answer in the open source world.
The issue in the open source world is that every single piece of software has its own configuration file format and command line syntax for the most part. They are all quite different, and documentation in open source projects typically comes last (PostegreSQL is a major exception). It's quite comparable to editing the Windows registry by hand or by command line to do all configuration. At least in the Windows world, you usually get a graphical representation of the configuration using some GUI tool, and that helps you make some sense of things.
We use a large mix of both open source and Microsoft software on about 30 servers in my shop. While speed, functionality, and reliability are the strong points of open source, in my experience documentation and consistency are certainly weak points. You have far more obscure, arcane, and poorly documented stuff to deal with in the open source world.
What an ingeniuos debate tactic.
Please explain to me how "every other point" is wrong, providing a reasonable argument. I'll concede I was wrong about you not mentioning root certificates, as I didn't read the great grandparent of my first post.
No ISP has done what you describe, because getting users to trust those certifiactes is hard, and it would cause an uproar in technical circles. Also, intercepting SSL traffic also carries a lot of legal liability that no sane corporation would want.
You didn't describe step #1 anywhere in your post. But it still would not work. Comcast would have to get their certificate into the trusted root stores of IE, Firefox, Safari, etc., hoping that nobody would notice. And they would also have to dynamically generate a Comcast-signed certificate for each domain their users visit, on demannd, so the browsers would not report DNS name mismatches.
Okay, I am a Comcast customer. So I use their service every day, and believe me, they cannot intercept and proxy SSL connections, because I have no Comcast certificate in my trusted root in Firefox (or IE for that matter). As for "trying it out", I can't, because the hypothetical "evil Comcast root certificate" doesn't seem to exist anywhere. Adding my own self-signed certificate to the root store would enable ME to spoof SSL sites on my own machine. But that's just not possible for an entity like Comcast.
Besides, there is no way Comcast would want the liability associated with decrypting SSL traffic. Corporations are run by businessmen, and they are generally risk-averse.
This is a very poor example. The supply side is artificially constrained by the government... how is that a free market?
The closest thing to a truly free market is something like the early days of eBay, where prices were truly set by demand, and the supply of goods and services was nearly unrestricted.Today on eBay there are crimials, cartels, and shills driving to manipulate auction prices and defraud buyers. So eBay has become far more heavily regulated, and therefore far less open a market.
Because a transparent SSL proxy simply isn't possible. That's the whole point of SSL/TLS - to protect against evesdropping and man-in-the-middle attacks.
A hypthetical SSL proxy such as you describe would throw broweser certificate warnings on every secure site acces, as the DNS names of secure sites wouldn't match the certificate. You would need a browser with intentionally degraded SSL functionaliy (hacked or with some sort of nefarious plug-in to "trust" the Comcast certificate to impersonate other sites) to do what you describe in a manner transparent to the user.
Huh? Windows Media player starts playing most media file types as they download. It's been like that for years, at least as far back as I can remember Windows Media Player existing (Win 98?). I just verified it with an mpeg demo file at this link.
From what I remember when I worked for a newspaper 10 years ago, the Chicago Manual of Style's rules on "punctuation always goes inside quotes" is simply based on the fact that it looks much better visually in print when fonts are properly kerned on a typeset page. It really has nothing to do with meaning or context.