I've been thinking of a new way to do email.. thinking that a DHT posting would be really anonymous and less trackable, but would have no protection from spam.
Essentially, you have the original message (headers + body), that gets encrypted to a public key for the recipient... that is the MSG, for the transmission you have...
This could intentionally have conflicting TO hashes, (was thinking CRC16, but that would be difficult to have better distribution/routing)... so there's no guarantee the TO is your target... the recipient can simply request all mail bits (to/from/date/key/conf) for messages TO their CRC, they can then check against the KEY/CONF pair to determin if it is for them before downloading the body.
The hard part would be setting up a torrent-like system where several people have peer2peer emails so that it can be wholly decentralized. The other issues are dealing with SPAM, and finally would need to have a relatively short expiration.. ie: messages are deleted from the pool's nodes after a week, if you don't have a computer grabbing your mail when you go on vacation you could lose it. Also, announcing your email address/public-key, or announcing a new key could be problematic.
I would consider myself very libertarian minded... What I've often said that I wouldn't mind seeing is a migration from currently federally paid for health care options (Medicare, Medicaid, VA, Federal Employees) to be migrated to a Federally Initiated non-profit health insurance company. The spending shouldn't go up, but it should allow for better management. From there, you could migrate the federally funded state level initiatives to said program and open it up to individual contribution. You could then allow for businesses to "sign up".
This would not be forced upon anyone not already getting federal benefits, but would allow for a baseline of competition. Much in the same way FedEx, UPS and others exist despite the USPS (whose own mismanagement, or inability to adapt not withstanding). This would force more competition instead of less, and allow for a baseline for anyone to buy into as an option.
From there, I would require all employers (of persons who work more than 10 hours a week) to provide health insurance at least as good as the baseline. None of the exceptions that are in Obamacare. And the reason for the 10 hour baseline, is the abuse of some businesses to have more "part time" workers to avoid providing coverage.
I know that some of these suggestions are far more about pragmatism than a libertarian idealogy... just the same, there are plenty of ways to provide broader coverage without a solution that makes things worse in reality.
I find about:config to often be easier than the UI navigation... plus, you can find some interesting settings in there... I usually have to go in to change my caching params in my dev environment anyway.
If you put them up as a gist, that would be cool... I've thought about doing the same thing, not so much for facebook, as other/various tracking and ad networks.
Depends... if said file weren't writable by end users.. and it was a locally installed service to overwrite the hosts file regularly, that might not be so bad... that said, handling it with an internal DNS server, and redirecting all DNS traffic through said server would be more effective.
I happen to prefer web-based applications to desktop apps (for most use cases)... this is essential to JS etc... Public facing web-apps are generally very useful as well... the problem is those that subvert the use... When I saw the first popover X-10 camera advertisement, I knew it was down hill from there.
I use adblock plus and ghostery... though I specifically unblock google ads, and disqus... the rest is pretty much blocked... it's annoying when certain sites won't work with them enabled (I just move on).
Yeah... tell that to the operators of all the compromised *nix systems over the years... Linux is so secure and so is osx. Windows had a *LOT* of security issues, the most exploited one in 1999 being the fact that email (outlook and outlook express) ran javascript, and put it in the *LOCAL* (unrestricted) security domain as opposed to say *UNTRUSTED*. That was 14 years ago... they have gotten a lot better. At this point, between Windows, OSX and Linux, I would probably put Windows slightly ahead. Most Windows exploits come from popular 3rd party apps/plugins (Acrobat, Flash, Java) and not so much the OS, or core parts.
With Linux, you *could* argue that a flaw in OpenSSL isn't an OS flaw, but considering windows is a lot more than the kernel, and most distros will use OpenSSL it can be included. They all have their flaws. Windows is more targeted as a numbers game... 90% of the users, running with 95% compatibility across versions... vs. OSX 10-13% of users with 85% compatibility, or Linux which has maybe 30% compatibility between differing systems. Linux attacks are precisely targeted, Windows are scatter-gun any exploit you can find, push it out, and OSX is mostly targeted via Trojans inside pirated software releases.
It is emphatically *not* that they are more secure... also, you do *NOT* need root for an effective exploit.. most user systems only have a single user account, and as long as that account is compromised, you have all you need.
I remember seeing some drive by plugin installs in earlier versions of firefox (1.3 or there about) as it was becoming popular... they worked in OSX... haven't seen nearly as much (at least nothing obvious) lately though. Most browsers will have issues... I think it would be good to have a TOR socks proxy client that can use other browsers too (chromium, opera, etc).
Not only that, but we need to raise a *LOT* more grazing animals in order to reduce/revert desertification... if you ask me, what we really need is a bit more demand (and production of) grazing animals like cows, with controlled migration of large herds.
I am specifically referring to ARM systems, the multi core allows you to run multiple instances... A many-core ARM system could be a pretty great NodeJS server for example (with multiple processes on said system). Per-CPU doesn't need to be as heavy as x86 is, and you can get really good throughput at less power usage. The trouble is when I've looked into ARM servers, the pricing is way more than is competitive.
I understand what you are saying.. I am saying that when I checked into ARM servers, the per-cpu cost was actually higher than x86.. it was rather ridiculous, since opteron/xeon servers could do about equal cpu load to electricity usage under load... If they were priced comparably to say per-cpu for even $80/core it would be an easier choice.. but that isn't where they are pricing these things.
There are a few companies offering ARM systems for the server room.. unfortunately cost/performance wise they're so much more than x86 it doesn't come close to offsetting the power savings compared to a 4socket AMD or Intel server.
Especially on I/O bound applications... When I've read articles on some of the multi-core arm systems being worked on, my natural thought is they would pair well with an application platform that does async operations to database servers, and other backend systems.. fielding lots of users.
They could just do a signed copy of Android on the same device for that matter... The RT tablets were made from the same components Android devices use.
What bugs me, is the likes of Twitter and Pandora asking for every privilege under the sun. I'm sticking with a prior version of twitter for that reason.. it will suck when I have to change out phones again. I don't use most games for the same reasons... it's wrong on so many levels. I wish I could remove privileges from installed apps, like you can with facebook "apps" (setting their posts to only visible to you, etc)... at least then you could work around the crap/spyware.
For me, the killer feature for rooting early on was wifi tethering.. in my G1 it was necessary to root for a lot of functionality... my N4, I haven't felt the need to root at all, and it includes tethering (though I tether to my laptop via bluetooth, the same rules apply)
I was honestly thinking of all the restaurant chains with tchotchke items... They're very plastic, and even more so in the instances where they are photographs... having an actual painting on a canvas with real texture is much more appealing, even if it is mass produced. I have bought and created a few oil paintings over the years, and to be able to have/create an image then send it of to be "printed" is appealing.. even being able to maybe choose a style of rendering the painting would be cool. There's a lot of possibility here. (but think of the artists) doesn't mean that all artists will be replaced with these robots any more than they were replaced with cameras (a similar cry in the past), it's just a new medium.
Google may make a little money off the Youtube ads.. this device, with two predicted extensions, is a *really* natural fit for something I've wanted... I've had many occasions where I've had a youtube clip up on my tablet and wanted to be able to click a button to watch it on the TV. Netflix to a slightly lesser extent, I often pull a video into my queue on my tablet to pull it up on my TV (since searching/navigating on a roku is a bit more cumbersome). This fill that niche for me. I'm thinking that Plex will likely support this within a really short turn around of an SDK from google, and may get me to finally pay for an android version. The only down side is that neither of my TVs apparently provide (enough) power from the HDMI slot, so it needs the power cable. I've been pretty happy with mine so far (it arrived friday afternoon, had to order from best buy, since amazon was sold out).
Slashdot Mirror
I've been thinking of a new way to do email.. thinking that a DHT posting would be really anonymous and less trackable, but would have no protection from spam.
Essentially, you have the original message (headers + body), that gets encrypted to a public key for the recipient... that is the MSG, for the transmission you have...
TO: CRC32(to-address)
FROM: CRC32(from-address)
DATE: ISO8601 (UTC date-time) MSG: ENC(data)
KEY: CRC32(msg)
CONF: CRC32(msg + to-address)
This could intentionally have conflicting TO hashes, (was thinking CRC16, but that would be difficult to have better distribution/routing)... so there's no guarantee the TO is your target... the recipient can simply request all mail bits (to/from/date/key/conf) for messages TO their CRC, they can then check against the KEY/CONF pair to determin if it is for them before downloading the body.
The hard part would be setting up a torrent-like system where several people have peer2peer emails so that it can be wholly decentralized. The other issues are dealing with SPAM, and finally would need to have a relatively short expiration.. ie: messages are deleted from the pool's nodes after a week, if you don't have a computer grabbing your mail when you go on vacation you could lose it. Also, announcing your email address/public-key, or announcing a new key could be problematic.
Competent != (moral || lawful)
I would consider myself very libertarian minded... What I've often said that I wouldn't mind seeing is a migration from currently federally paid for health care options (Medicare, Medicaid, VA, Federal Employees) to be migrated to a Federally Initiated non-profit health insurance company. The spending shouldn't go up, but it should allow for better management. From there, you could migrate the federally funded state level initiatives to said program and open it up to individual contribution. You could then allow for businesses to "sign up".
This would not be forced upon anyone not already getting federal benefits, but would allow for a baseline of competition. Much in the same way FedEx, UPS and others exist despite the USPS (whose own mismanagement, or inability to adapt not withstanding). This would force more competition instead of less, and allow for a baseline for anyone to buy into as an option.
From there, I would require all employers (of persons who work more than 10 hours a week) to provide health insurance at least as good as the baseline. None of the exceptions that are in Obamacare. And the reason for the 10 hour baseline, is the abuse of some businesses to have more "part time" workers to avoid providing coverage.
I know that some of these suggestions are far more about pragmatism than a libertarian idealogy... just the same, there are plenty of ways to provide broader coverage without a solution that makes things worse in reality.
I find about:config to often be easier than the UI navigation... plus, you can find some interesting settings in there... I usually have to go in to change my caching params in my dev environment anyway.
I find the about:config method easier than hunting through UI tabs myself, but to each their own.
If you put them up as a gist, that would be cool... I've thought about doing the same thing, not so much for facebook, as other/various tracking and ad networks.
Depends... if said file weren't writable by end users.. and it was a locally installed service to overwrite the hosts file regularly, that might not be so bad... that said, handling it with an internal DNS server, and redirecting all DNS traffic through said server would be more effective.
I happen to prefer web-based applications to desktop apps (for most use cases)... this is essential to JS etc... Public facing web-apps are generally very useful as well... the problem is those that subvert the use... When I saw the first popover X-10 camera advertisement, I knew it was down hill from there.
I use adblock plus and ghostery... though I specifically unblock google ads, and disqus... the rest is pretty much blocked... it's annoying when certain sites won't work with them enabled (I just move on).
Yeah... tell that to the operators of all the compromised *nix systems over the years... Linux is so secure and so is osx. Windows had a *LOT* of security issues, the most exploited one in 1999 being the fact that email (outlook and outlook express) ran javascript, and put it in the *LOCAL* (unrestricted) security domain as opposed to say *UNTRUSTED*. That was 14 years ago... they have gotten a lot better. At this point, between Windows, OSX and Linux, I would probably put Windows slightly ahead. Most Windows exploits come from popular 3rd party apps/plugins (Acrobat, Flash, Java) and not so much the OS, or core parts.
With Linux, you *could* argue that a flaw in OpenSSL isn't an OS flaw, but considering windows is a lot more than the kernel, and most distros will use OpenSSL it can be included. They all have their flaws. Windows is more targeted as a numbers game... 90% of the users, running with 95% compatibility across versions... vs. OSX 10-13% of users with 85% compatibility, or Linux which has maybe 30% compatibility between differing systems. Linux attacks are precisely targeted, Windows are scatter-gun any exploit you can find, push it out, and OSX is mostly targeted via Trojans inside pirated software releases.
It is emphatically *not* that they are more secure... also, you do *NOT* need root for an effective exploit.. most user systems only have a single user account, and as long as that account is compromised, you have all you need.
I remember seeing some drive by plugin installs in earlier versions of firefox (1.3 or there about) as it was becoming popular... they worked in OSX... haven't seen nearly as much (at least nothing obvious) lately though. Most browsers will have issues... I think it would be good to have a TOR socks proxy client that can use other browsers too (chromium, opera, etc).
Not only that, but we need to raise a *LOT* more grazing animals in order to reduce/revert desertification... if you ask me, what we really need is a bit more demand (and production of) grazing animals like cows, with controlled migration of large herds.
[sarcasm] suck it vegans [/scarcasm]
I am specifically referring to ARM systems, the multi core allows you to run multiple instances... A many-core ARM system could be a pretty great NodeJS server for example (with multiple processes on said system). Per-CPU doesn't need to be as heavy as x86 is, and you can get really good throughput at less power usage. The trouble is when I've looked into ARM servers, the pricing is way more than is competitive.
I understand what you are saying.. I am saying that when I checked into ARM servers, the per-cpu cost was actually higher than x86.. it was rather ridiculous, since opteron/xeon servers could do about equal cpu load to electricity usage under load... If they were priced comparably to say per-cpu for even $80/core it would be an easier choice.. but that isn't where they are pricing these things.
Yet...
There are a few companies offering ARM systems for the server room.. unfortunately cost/performance wise they're so much more than x86 it doesn't come close to offsetting the power savings compared to a 4socket AMD or Intel server.
Especially on I/O bound applications... When I've read articles on some of the multi-core arm systems being worked on, my natural thought is they would pair well with an application platform that does async operations to database servers, and other backend systems.. fielding lots of users.
They could just do a signed copy of Android on the same device for that matter... The RT tablets were made from the same components Android devices use.
I would think that most people are familiar with the word/statement/phrase.
That's pretty awesome... waiting for my N4 to get the OTA update to 4.3, my N7 already has it. :-)
What bugs me, is the likes of Twitter and Pandora asking for every privilege under the sun. I'm sticking with a prior version of twitter for that reason.. it will suck when I have to change out phones again. I don't use most games for the same reasons... it's wrong on so many levels. I wish I could remove privileges from installed apps, like you can with facebook "apps" (setting their posts to only visible to you, etc)... at least then you could work around the crap/spyware.
For me, the killer feature for rooting early on was wifi tethering.. in my G1 it was necessary to root for a lot of functionality... my N4, I haven't felt the need to root at all, and it includes tethering (though I tether to my laptop via bluetooth, the same rules apply)
I was honestly thinking of all the restaurant chains with tchotchke items... They're very plastic, and even more so in the instances where they are photographs... having an actual painting on a canvas with real texture is much more appealing, even if it is mass produced. I have bought and created a few oil paintings over the years, and to be able to have/create an image then send it of to be "printed" is appealing.. even being able to maybe choose a style of rendering the painting would be cool. There's a lot of possibility here. (but think of the artists) doesn't mean that all artists will be replaced with these robots any more than they were replaced with cameras (a similar cry in the past), it's just a new medium.
Google may make a little money off the Youtube ads.. this device, with two predicted extensions, is a *really* natural fit for something I've wanted... I've had many occasions where I've had a youtube clip up on my tablet and wanted to be able to click a button to watch it on the TV. Netflix to a slightly lesser extent, I often pull a video into my queue on my tablet to pull it up on my TV (since searching/navigating on a roku is a bit more cumbersome). This fill that niche for me. I'm thinking that Plex will likely support this within a really short turn around of an SDK from google, and may get me to finally pay for an android version. The only down side is that neither of my TVs apparently provide (enough) power from the HDMI slot, so it needs the power cable. I've been pretty happy with mine so far (it arrived friday afternoon, had to order from best buy, since amazon was sold out).