Once we got the IMAP proxy working, we were faced with another problem: how do we configure a device to use the proxy? We cannot expect users to manually enter IMAP and SMTP hostnames, choose the correct TLS settings, etc — it’s too tedious and error-prone. Fortunately, Apple provides a friendly way of setting up email accounts by using configuration profiles — a facility that is often used in enterprise deployments of iOS devices. Using this technique, we can simply ask the user for their email address and password, autodiscover the email provider settings, and send a configuration profile to the device. The user just needs to tap “ok” a few times, and then they have a new mail account.
The users have no idea why they are clicking OK, but once its done it works so they ask no questions. After all, they are Linkedin users, so they automatically aren't too bright.
Normally your device connects directly to the servers of your email provider (Gmail, Yahoo, AOL, etc.), but we can configure the device to connect to the Intro proxy server instead. The Intro proxy server speaks the IMAP protocol just like an email provider, but it doesn’t store messages itself. Instead, it forwards requests from the device to your email provider, and forwards responses from the email provider back to the device. En route, it inserts Intro information at the beginning of each message body — we call this the top bar.
Whats a matter Onyxruby, cat got your tongue after the AC posted the link? Awfully quiet from you. (not that we are complaining when a shill shuts up).
But at least that was in opensource, and was carefully vetted. There are others who are now taking another look at these patches with a much more skeptical eye.
Microsoft's crypt APIs are all back-doored to the NSA.
Citation please
O come on, do you really expect to find a Microsoft page with such a statement, or an NSA page? You are trying to send me on a fool's errand, because you are too lazy to try a bing or google search. You know you can't lose, because no mater what source I post, you will simply declare it non authoritative.
So do your own homework son. key three words into Google: nsa microsoft encryption, hit enter and start reading. You've got a lot of catching up to do. There is a world at your fingertips. Use it.
On the cost front your comment misses the mark completely.
You haven't made that case any more they the GP did.
Having something on the balance sheet is not a big deal. Every company has that, and the equipment works its way off the balance (depreciates) sheet fairly quickly, but often runs way longer than that. Depreciation is a tax write off. Smaller companies can expense things in the first year.
When the economy is tight, all you need is power and your own staff to keep your own servers operational. But putting all your operations in Azure means you have those bills too. You won't get buy with less staff using Azure. It takes people to manage it.
All it saves you is hardware purchase, and a small portion of the setup time. (Certainly not ALL the setup time).
Power, air conditioning, physical space, disk space, maintenance, and data transmission costs are all going to still be there, in your Azure bill.
There are a few people who believe the whole "I don't want a data center and IT staff" mantra, who go whole hog into services like Azure and Amazon. They pay. Dearly.
same here, i have not used microsoft since windows 2000 pro, and never bought any Apple products, if you seen the beat up old 686 i use you would laugh, but it keeps chugging along on Linux just fine
Then clearly this story is not for you. Move on. No need to weigh in with yet another "me neither" post.
To this, you have to add the distinct possibility that the intent was to leave a back door on purpose so that the tech support staff did not have to issue an RMA for users that simply forgot their password.
(Yes, a simple hardware reset switch would do, but that can actually be harder to do as you have to support a wipe-able storage for that).
A back door is not a security flaw. It's there by design not by accident.
A backdoor is a security flaw if a) the owners are not told that it is there (or) b) the owners can not turn it off (or) c) if the FTC says it is.
There are (deliberately vague) promises about security made on the IZON site.
IZON lets you watch & listen from anywhere, with secure access to the IZON video stream.
To not reveal a backdoor account has already been found by the FTC (see first link) as a violation which gets you 20 years worth of monitoring: Per the FTC in the TrendNet case:
The company also is required to obtain third-party assessments of its security programs every two years for the next 20 years.
People should know about these backdoors, no question.
On the other hand, the first linked story about the FTC crackdown on TrendNet makes no sense what so ever, when another branch of the government makes it their business to crack every possible privacy protection of anyone in the world.
The big item in today's announcement is the automated backup to the cloud of "data" on your in house server.
There are a lot of small businesses that are running naked with minimal or haphazard backup. If they can get this widely accepted they will be doing those people a favor.
But then there is this:
Microsoft makes a point of noting that the data is encrypted on site at the customer’s premise before it is sent to Azure and the customer retains and manages the encryption key.
One has to assume the "Customer retains and manages one copy of the many encryption keys" that can decrypt their data. Microsoft's crypt APIs are all back-doored to the NSA.
True, most small businesses probably don't care all that much, as long as they can get their data back. But I would still opt for local and off site storage in physical media before trusting a company with Microsoft's track record.
Given the speed and travelled distance difference between cars and bicycles maybe per-hour accidents would be a better metric.
Exactly.
This metric is lost on people, but accident per mile traveled is a pretty bogus measurement, in fact even the NHTSA has recognized that its reporting of Fatality Rate per 100 Million Vehicle Miles of Travel paints a biased picture, where high mileage drivers, who actually have the best driving records, are "covering for" new drivers with few miles.
People only have so much time to devote to travel. It is not reasonable to commute much more than 4 hours for an 8 work day. (Even that number is at the high end of practicality). It doesn't matter what mode of transportation you are talking about. You are at risk in a car or on a bike only for the amount of time you are in transit. The relationship to distance covered is immaterial.
So accidents per hours of exposure is a more valid measure.
You appear to be talking about police reports of accidents. Police will show up at just about all non-injury accidents between motor vehicles , but most non-injury accidents between cars and bikes simply go unreported.
Cops mostly have a built in anti-bike bias. Because of this, and the largely politicized helmet hysteria, police were required to mark whether a helmet was worn by cyclists in any accident scenario. Sure enough, cyclists hit and dragged and killed by drunk drivers were reported not wearing a helmet, even when there were no head injuries.
(I wore a bike helmet for my entire 30 years of adult cycling, and never once compressed the styro liner. Yet I ate dirt and weeds on many a trails).
You're more likely to get seriously hurt when you get into an accident on a bike. That's just obvious, since you're cruising around in nothing but skintanium. There's no way -- none -- that a bike is going to come out ahead in a collision with a motorized vehicle.
As both the summary and the linked article mention, most bike accidents, even knockdowns, go largely un-reported unless someone goes to the hospital.
As you correctly point out, a biker can be knocked down, and the car won't even have a mark in the paint. If the cyclist doesn't do damage to the car, and no one goes to the hospital, its not going to get reported. (I've had Drivers offer to pay me not to report it ostensibly to cover "repairs" to my undamaged bike). An equal impact between two cars is almost always reported.
So the whole bottom tier of your analysis is stripped off, not present in the statistics, and simply gone. There are no (ZERO) reliable statistics on the number of cyclists that DON'T get in accidents. Your 1% of traffic figure is baseless, purely an estimate, usually gathered for political reasons, and highly regionalized, In truth, nobody knows.
In 30 years of cycling, (and yes, I did ride all winter long, with studs when needed), I've never been hit by a car or even had a close call, because defensive biking is actually fairly easy to learn. Cars can't move in unpredictable ways, and riding beside that tractor trailer rig is a lot safer than riding with other cyclists. The only injury accident I ever experienced in 30 years was from laying down the bike when a 5 year old darted out into the street. She was fine, I had a separated shoulder.
Still your analysis is largely correct regarding who is going to get hurt if there is an accident. But your own history suggests that accidents are rarer than most believe.
The process here is not to replace capacitors, the process it to replace the battery. Capacitors in a circuit have an entirely different reason for being there than the battery. They are for very short term storage of potential or smoothing of power switching.
If this works, and if it acquires any further attention and attracts funding, it might replace batteries in phones, but it won't replace capacitors in circuits.
Until there is a prison sentence or a fine involved there is no punishment.
If the police catch a bank robber, and merely take the money back and send him on his way, is that punishment? Is it a deterrence? Or is it just an admonition to be more clever next time?
The problem is that warrant-less searches are not themselves crimes. Not in any jurisdiction I'm aware of.
They are simply inadmissible as evidence.
The act itself might be chargeable as breaking and entering, but in the present case, nothing was broken into, and no place was entered. Our constitution forbids some powers from being used by the government, but never lists any penalties. Consequently, things like secret tracking to discover a crime without a warrant is inadmissible, but not punishable.
Once a police action is inadmissible you expect it to stop, but the police have turned to "parallel construction" to hide these practices, so they continue to be done in the background.
And there are seldom any penalties for officers or departments involved.
I care less and less about wikipedia as time goes on,
Yet its too big to ignore. Its been cited in court cases, news media, and by the police.
Independent verification is a standard which is unevenly applied, and at best a shirking of responsibility. When the ONLY verifiable source says something why does that require independent verification, but the wiki contributor was able to make something up of whole cloth with no independent verification.
The idea that any lie can be justified by finding it in print somewhere else is fundamentally flawed.
The government has often tried to use this argument in the past.
And unfortunately, they have succeeded at it most of the time.
There is potential for greater good in this ruling (if this court decision, which in our crazy patchwork application of the Equal Protection Clause, only applies in the Third District, is followed elsewhere.).
It could be construed to mean that if the police need a warrant to use their GPS tracker they might also need a warrant to use MY GPS tracker (our phones).
However, these rulings really make no sense as long as the courts continue to meekly allow wholesale collection and monitoring of our digital life. Ignoring the 800 pound gorilla merely to avoid angering it is not a long term plan solution.
Slashdot Mirror
It is possible. Read what they say on their own web page:
Once we got the IMAP proxy working, we were faced with another problem: how do we configure a device to use the proxy? We cannot expect users to manually enter IMAP and SMTP hostnames, choose the correct TLS settings, etc — it’s too tedious and error-prone.
Fortunately, Apple provides a friendly way of setting up email accounts by using configuration profiles — a facility that is often used in enterprise deployments of iOS devices. Using this technique, we can simply ask the user for their email address and password, autodiscover the email provider settings, and send a configuration profile to the device. The user just needs to tap “ok” a few times, and then they have a new mail account.
The users have no idea why they are clicking OK, but once its done it works so they ask no questions.
After all, they are Linkedin users, so they automatically aren't too bright.
They just proxy all mail.
Normally your device connects directly to the servers of your email provider (Gmail, Yahoo, AOL, etc.), but we can configure the device to connect to the Intro proxy server instead.
The Intro proxy server speaks the IMAP protocol just like an email provider, but it doesn’t store messages itself. Instead, it forwards requests from the device to your email provider, and forwards responses from the email provider back to the device. En route, it inserts Intro information at the beginning of each message body — we call this the top bar.
http://engineering.linkedin.com/mobile/linkedin-intro-doing-impossible-ios
I wonder if he will be so smug when they perp walk him out of his office.
Pretty smug and self congratulatory.
Everyone make sure you put Martin Kleppmann on your DO NOT HIRE list.
I hope Apple steps up and kicks them out of the App Store.
Whats a matter Onyxruby, cat got your tongue after the AC posted the link?
Awfully quiet from you. (not that we are complaining when a shill shuts up).
http://rt.com/usa/microsoft-nsa-snowden-leak-971/
But at least that was in opensource, and was carefully vetted.
There are others who are now taking another look at these patches with a much more skeptical eye.
Citation please
O come on, do you really expect to find a Microsoft page with such a statement, or an NSA page?
You are trying to send me on a fool's errand, because you are too lazy to try a bing or google search.
You know you can't lose, because no mater what source I post, you will simply declare it non authoritative.
So do your own homework son.
key three words into Google: nsa microsoft encryption, hit enter and start reading. You've got a lot of catching up to do.
There is a world at your fingertips. Use it.
Then he puts it on Windows?
Today's captcha is horsefly
If Truecrypt calls ANY windows APIs, especially the crypto APIs, putting it on is exactly the wrong thing to do.
If on the other hand it has its own built in crypto functions in the source code you might feel a little better about it.
(I haven't looked, so I actually don't know if it uses MS APIs or not.)
On the cost front your comment misses the mark completely.
You haven't made that case any more they the GP did.
Having something on the balance sheet is not a big deal. Every company has that, and the equipment works its way off the balance (depreciates) sheet fairly quickly, but often runs way longer than that. Depreciation is a tax write off. Smaller companies can expense things in the first year.
When the economy is tight, all you need is power and your own staff to keep your own servers operational. But putting all your operations in Azure means you have those bills too. You won't get buy with less staff using Azure. It takes people to manage it.
All it saves you is hardware purchase, and a small portion of the setup time. (Certainly not ALL the setup time).
Power, air conditioning, physical space, disk space, maintenance, and data transmission costs are all going to still be there, in your Azure bill.
There are a few people who believe the whole "I don't want a data center and IT staff" mantra, who go whole hog into services like Azure and Amazon. They pay. Dearly.
same here, i have not used microsoft since windows 2000 pro, and never bought any Apple products, if you seen the beat up old 686 i use you would laugh, but it keeps chugging along on Linux just fine
Then clearly this story is not for you.
Move on. No need to weigh in with yet another "me neither" post.
To this, you have to add the distinct possibility that the intent was to leave a back door on purpose so that the tech support staff did not have to issue an RMA for users that simply forgot their password.
(Yes, a simple hardware reset switch would do, but that can actually be harder to do as you have to support a wipe-able storage for that).
A back door is not a security flaw. It's there by design not by accident.
A backdoor is a security flaw if
a) the owners are not told that it is there (or)
b) the owners can not turn it off (or)
c) if the FTC says it is.
There are (deliberately vague) promises about security made on the IZON site.
IZON lets you watch & listen from anywhere, with secure access to the IZON video stream.
To not reveal a backdoor account has already been found by the FTC (see first link) as a violation which
gets you 20 years worth of monitoring: Per the FTC in the TrendNet case:
The company also is required to obtain third-party assessments of its security programs every two years for the next 20 years.
People should know about these backdoors, no question.
On the other hand, the first linked story about the FTC crackdown on TrendNet makes no sense what so ever, when another branch of the government makes it their business to crack every possible privacy protection of anyone in the world.
The big item in today's announcement is the automated backup to the cloud of "data" on your in house server.
There are a lot of small businesses that are running naked with minimal or haphazard backup. If they can get this
widely accepted they will be doing those people a favor.
But then there is this:
Microsoft makes a point of noting that the data is encrypted on site at the customer’s premise before it is sent to Azure and the customer retains and manages the encryption key.
One has to assume the "Customer retains and manages one copy of the many encryption keys" that can decrypt their data.
Microsoft's crypt APIs are all back-doored to the NSA.
True, most small businesses probably don't care all that much, as long as they can get their data back.
But I would still opt for local and off site storage in physical media before trusting a company with Microsoft's
track record.
Given the speed and travelled distance difference between cars and bicycles maybe per-hour accidents would be a better metric.
Exactly.
This metric is lost on people, but accident per mile traveled is a pretty bogus measurement, in fact even the NHTSA has recognized that its reporting of Fatality Rate per 100 Million Vehicle Miles of Travel paints a biased picture, where high mileage drivers, who actually have the best driving records, are "covering for" new drivers with few miles.
People only have so much time to devote to travel. It is not reasonable to commute much more than 4 hours for an 8 work day. (Even that number is at the high end of practicality). It doesn't matter what mode of transportation you are talking about. You are at risk in a car or on a bike only for the amount of time you are in transit. The relationship to distance covered is immaterial.
So accidents per hours of exposure is a more valid measure.
You appear to be talking about police reports of accidents. Police will show up at just about all non-injury accidents between motor vehicles , but most non-injury accidents between cars and bikes simply go unreported.
Cops mostly have a built in anti-bike bias. Because of this, and the largely politicized helmet hysteria, police were required to mark whether a helmet was worn by cyclists in any accident scenario. Sure enough, cyclists hit and dragged and killed by drunk drivers were reported not wearing a helmet, even when there were no head injuries.
(I wore a bike helmet for my entire 30 years of adult cycling, and never once compressed the styro liner. Yet I ate dirt and weeds on many a trails).
You're more likely to get seriously hurt when you get into an accident on a bike. That's just obvious, since you're cruising around in nothing but skintanium. There's no way -- none -- that a bike is going to come out ahead in a collision with a motorized vehicle.
As both the summary and the linked article mention, most bike accidents, even knockdowns, go largely un-reported unless someone goes to the hospital.
As you correctly point out, a biker can be knocked down, and the car won't even have a mark in the paint. If the cyclist doesn't do damage to the car, and no one goes to the hospital, its not going to get reported. (I've had Drivers offer to pay me not to report it ostensibly to cover "repairs" to my undamaged bike). An equal impact between two cars is almost always reported.
So the whole bottom tier of your analysis is stripped off, not present in the statistics, and simply gone. There are no (ZERO) reliable statistics on the number of cyclists that DON'T get in accidents. Your 1% of traffic figure is baseless, purely an estimate, usually gathered for political reasons, and highly regionalized, In truth, nobody knows.
In 30 years of cycling, (and yes, I did ride all winter long, with studs when needed), I've never been hit by a car or even had a close call, because defensive biking is actually fairly easy to learn. Cars can't move in unpredictable ways, and riding beside that tractor trailer rig is a lot safer than riding with other cyclists. The only injury accident I ever experienced in 30 years was from laying down the bike when a 5 year old darted out into the street. She was fine, I had a separated shoulder.
Still your analysis is largely correct regarding who is going to get hurt if there is an accident. But your own history suggests that accidents are rarer than most believe.
Same page dupe.
I mean, scroll down for god sake!
Why not?
Well, I suppose it could, but that is not the focus of this research. What we use now in circuits is outrageously cheap, and fulfilling the need.
What we have now in battery technology is very expensive, and barely keeping up with demand.
Not the same thing at all.
The process here is not to replace capacitors, the process it to replace the battery.
Capacitors in a circuit have an entirely different reason for being there than the battery. They are for very short term storage of potential or smoothing of power switching.
If this works, and if it acquires any further attention and attracts funding, it might replace batteries in phones, but it won't replace capacitors in circuits.
Its far from normal. Its a corner case.
Changing language in Windows is not perfectly straightforward either. There are a lot of fiddly things that need changing after the fact.
Until there is a prison sentence or a fine involved there is no punishment.
If the police catch a bank robber, and merely take the money back and send him on his way, is that punishment?
Is it a deterrence?
Or is it just an admonition to be more clever next time?
Had you let her do the original install in Chinese, you would not be in this mess.
Seems YOU are the problem here.
Astonishing isn't it? Warrant-less searches are, themselves crimes.
The problem is that warrant-less searches are not themselves crimes. Not in any jurisdiction I'm aware of.
They are simply inadmissible as evidence.
The act itself might be chargeable as breaking and entering, but in the present case, nothing was broken into, and no place was entered.
Our constitution forbids some powers from being used by the government, but never lists any penalties.
Consequently, things like secret tracking to discover a crime without a warrant is inadmissible, but not punishable.
Once a police action is inadmissible you expect it to stop, but the police have turned to "parallel construction" to hide these practices, so they continue to be done in the background.
And there are seldom any penalties for officers or departments involved.
I care less and less about wikipedia as time goes on,
Yet its too big to ignore.
Its been cited in court cases, news media, and by the police.
Independent verification is a standard which is unevenly applied, and at best a shirking of responsibility. When the ONLY verifiable source says something why does that require independent verification, but the wiki contributor was able to make something up of whole cloth with no independent verification.
The idea that any lie can be justified by finding it in print somewhere else is fundamentally flawed.
The government has often tried to use this argument in the past.
And unfortunately, they have succeeded at it most of the time.
There is potential for greater good in this ruling (if this court decision, which in our crazy patchwork application of the Equal Protection Clause, only applies in the Third District, is followed elsewhere.).
It could be construed to mean that if the police need a warrant to use their GPS tracker they might also need a warrant to use MY GPS tracker (our phones).
However, these rulings really make no sense as long as the courts continue to meekly allow wholesale collection and monitoring of our digital life. Ignoring the 800 pound gorilla merely to avoid angering it is not a long term plan solution.