Huawei has apparently posted fake reviews on Best Buy for its new Mate 10 Pro, which is available for pre-order in the U.S. despite not having any deals with U.S. carriers.
"Despite"? I thought "not having any deals with U.S. carriers" was a desirable feature in a phone. It assures customers that they get a device configured as the manufacturer intends, without the compromises that carriers compel manufacturers to make, and compatible with all major carriers.
Downloading Google Authenticator did not and does not require SMS. But associating Google Authenticator with a particular Google Account requires the account's owner to have set up 2FA through SMS on that Google Account. From the instructions:
Set up the app
1. If you haven’t already, turn on 2-Step Verification for your account using your phone number.
Another problem is sites that send SMS for every login attempt even for users who have a TOTP app set up as a second factor. This policy, adopted by Twitter among others, hurts users who choose TOTP because the user A. carries a tablet but not a cell phone, B. lives in North America and carries a cell phone on a pay-as-you-go plan (which costs less per month than an unlimited plan) and therefore pays for each incoming text message, or C. wants to reduce exposure to the vulnerabilities of SMS: exploiting known SS7 protocol security problems or social engineering the user's cellular carrier into issuing a replacement. But some companies that offer 2FA appear to just not care.
The following approach approach fixes cases A and B:
1. Enter username 2. Enter password 3. A form with a field for a number from a TOTP app and a button "Send a text message instead"
Google used to require SMS for 2FA but now appears to allow authentication using an Android device logged into Google Play Services.
By federal law, cable franchises are nonexclusive. So a slight correction: Utilities are granted rights of way to pull layer 1 (fiber or copper) "in exchange for having to maintain stipulated service standards."
Perhaps one thing that may make a cable franchise appear exclusive is a regulator requiring a buildout schedule that is prohibitively rapid for a franchisee with less capital, even if the prospective franchisee agrees to include a mix of high- and low-income neighborhoods in each stage of buildout.
IMEI blacklisting doesn't work when a thief uses a device on a carrier that has declined to import Verizon's IMEI blacklists, especially a foreign one.
They are not Verizon's phones. They are phones that Verizon customers own.
Before the customer buys a phone, it is Verizon's phone. After the customer buys a phone, it is a phone that a Verizon customer owns.
Locking a phone while it still belongs to Verizon helps to deter thieves from stealing a phone before a customer has a chance to buy it. This way Verizon can put the savings on its theft insurance policy into improving its network.
If it's "in line with the rest of the industry", it'll be within a year. Another U.S. carrier unlocks after 90 days on a postpaid plan or one year on a prepaid plan (source).
Do suspend and backlight brightness adjustment work? They don't on the TA according to the page I linked. I don't want to have to shut the thing all the way down, thereby losing the content of unread web pages open in tabs,[1] every time I transfer to a different bus.
[1] Restoring the web browser's session after a restart restores only the URL, not the content. This leaves me with "Cannot find server - please connect to the Internet" error pages instead of the pages that I had loaded with the intent of reading later.
If the "period of time after the purchase" is 3 to 12 months, as it is with T-Mobile, it won't affect someone who upgrades and sells on his old handset after one or two years.
It would have been slightly clearer in Europe as PC LOAD A4. Europe uses "A4" size paper, which doesn't share a name with a word that also generically means "document". Given the tech of the time, it might have been better to flash between two messages ADD PAPER and LETTER SIZE (or A4 SIZE for Europe).
Yep. If someone asks me what kind of laptop to buy, I don't even hesitate. I always say ASUS. It doesn't matter what kind of laptop they are looking for, or how much they want to spend, ASUS not only has an answer but it probably won't suck. [Praises Eee PC] and their driver support tends to be top-notch.
That would be a good analogy had the statement from Razer given a time frame for Linux support, comparable to the time frame "beginning between 28 and 365 days from now" implied by your comment.
Well, if someone isn't willing to spend the under $200/yr on code signing (or less as a student/academic), I don't want to run their code.
I was under the impression that many platforms required a code signing certificate specific to that platform. So how many platforms does that "under $200/yr" cover? For example, macOS and iOS don't accept any certificate other than Apple's, and no other platform accepts Apple's.
The full suite of hardware is not that much (you can use used/borrowed hardware for testing)
What infrastructure exists to let amateur developers obtain such "borrowed hardware for testing"?
I also note you left out my "just run one of the many bundlers that create a 'native app' out of JS/HTML/CSS"
Many anti-JavaScript hardliners are against "the many bundlers that create a 'native app' out of JS/HTML/CSS" for the same reason that they're against JavaScript, with the additional complication that the output of Electron, one of the most popular of these "bundlers", tends to be a RAM hog because it loads an entire copy of Chromium for each application built using it.
It's hard if the platform curator gates the ability to "[X] Remember this answer" behind some sort of review process that individual developers are unlikely to pass.
Or can you find anything else on the market which is popular but where only one company is producing them (a category, not a brand - don't say "iPhone").
Konami essentially owns the foot-operated rhythm game market.
There will always be exceptions to the general rule and there are outlier cases in the PC world but in the Android world that's the norm. You can always find some niche combination of variables and point to that as an example of the exception to the rule but that doesn't prove anything we don't already know.
Is the category of small laptops itself "some niche combination of variables"? Many if not most 11.6 inch or smaller laptops since the end of 2012 that I'm aware of have been either expensive, a Chromebook (whose firmware nags the user to wipe the hard drive if an OS other than Chrome OS is installed), or some underdocumented detachable.
Yeah, most open source licenses allow others to fork the code and/or redistribute it, clearly indicated as such, since the creator still owns and legally controls the original code. Github telling a creator they can't delete their own repository would go far beyond that
"You have deleted your repository. But prior to that, we have exercised our right under the GNU General Public License to fork your repository and make it available to the public through the same URL."
Would you prefer to do shopping, banking, and trading through the Postal Service instead of online? Or what third option am I missing other than online and through mail for products and services not offered within reasonable cycling distance of your home?
We have tons of solutions to native application portability: Java
Last I checked, Java wasn't ported to iOS or UWP, and Swing wasn't ported to Android.
.NET (esp. with Xamarin or Unity for games)
Xamarin and Unity are proprietary software priced on a subscription model. A web browser and associated IDE are free software.
C++ and XWindows or other crossplatform UX
Which such "other crossplatform UX" covers all six of Windows desktop, Windows UWP, X11/Linux, Android, macOS, and iOS? And how ought an individual free software developer to afford hardware on which to build executables for all these platforms as well as code signing certificates for all these platforms?
from eschewing any reminder of the freedom to run, inspect, share, and modify published computer software like calling the installed OS "Linux" even when Debian calls their system GNU/Linux and the proper name is on the screenshot
I too write the term "GNU/Linux" in part because it's a convenient way to say I don't mean Android. But this particular point isn't quite the strongest in your argument because practically, until enough drivers are ported to let the user interact meaningfully with the GNU operating environment, it's still "Linux".
Pay-as-you-go cellular plans in the United States still charge for incoming calls
prepaid cell phones are usually unlimited talk and text at the bare minimum. Trust me, I pay 50.00 for mine and I even have unlimited data.
"Pay-as-you-go" and "unmetered prepaid" are not the same thing. The lowest tier prepaid plan at T-Mobile is $3.00 per month and comes with 30 voice minutes, texts, or a combination thereof in a month, with 10 cents for each additional, and no data.
Besides, that isn't the only thing wrong with Twitter's mentality of using TOTP as a backup for SMS as opposed to the other way around. If someone social-engineers your carrier or exploits SS7 flaws, he can get into your SMS and from there into your account.
Slashdot Mirror
From the summary, with my emphasis:
Huawei has apparently posted fake reviews on Best Buy for its new Mate 10 Pro, which is available for pre-order in the U.S. despite not having any deals with U.S. carriers.
"Despite"? I thought "not having any deals with U.S. carriers" was a desirable feature in a phone. It assures customers that they get a device configured as the manufacturer intends, without the compromises that carriers compel manufacturers to make, and compatible with all major carriers.
Downloading Google Authenticator did not and does not require SMS. But associating Google Authenticator with a particular Google Account requires the account's owner to have set up 2FA through SMS on that Google Account. From the instructions:
Only the other 2FA method that uses Google Play Services instead of the Google Authenticator app can be added without first adding a phone number.
Another problem is sites that send SMS for every login attempt even for users who have a TOTP app set up as a second factor. This policy, adopted by Twitter among others, hurts users who choose TOTP because the user A. carries a tablet but not a cell phone, B. lives in North America and carries a cell phone on a pay-as-you-go plan (which costs less per month than an unlimited plan) and therefore pays for each incoming text message, or C. wants to reduce exposure to the vulnerabilities of SMS: exploiting known SS7 protocol security problems or social engineering the user's cellular carrier into issuing a replacement. But some companies that offer 2FA appear to just not care.
The following approach approach fixes cases A and B:
1. Enter username
2. Enter password
3. A form with a field for a number from a TOTP app and a button "Send a text message instead"
Google used to require SMS for 2FA but now appears to allow authentication using an Android device logged into Google Play Services.
How so? Cable franchises in the United States are nonexclusive by federal law.
By federal law, cable franchises are nonexclusive. So a slight correction: Utilities are granted rights of way to pull layer 1 (fiber or copper) "in exchange for having to maintain stipulated service standards."
Perhaps one thing that may make a cable franchise appear exclusive is a regulator requiring a buildout schedule that is prohibitively rapid for a franchisee with less capital, even if the prospective franchisee agrees to include a mix of high- and low-income neighborhoods in each stage of buildout.
In this age, YouTube handles the needs of "public access" television.
YouTube isn't affordable to view in what the previous story about Comcast suing Vermont referred to as "un-cabled areas".
IMEI blacklisting doesn't work when a thief uses a device on a carrier that has declined to import Verizon's IMEI blacklists, especially a foreign one.
They are not Verizon's phones. They are phones that Verizon customers own.
Before the customer buys a phone, it is Verizon's phone.
After the customer buys a phone, it is a phone that a Verizon customer owns.
Locking a phone while it still belongs to Verizon helps to deter thieves from stealing a phone before a customer has a chance to buy it. This way Verizon can put the savings on its theft insurance policy into improving its network.
If it's "in line with the rest of the industry", it'll be within a year. Another U.S. carrier unlocks after 90 days on a postpaid plan or one year on a prepaid plan (source).
Do suspend and backlight brightness adjustment work? They don't on the TA according to the page I linked. I don't want to have to shut the thing all the way down, thereby losing the content of unread web pages open in tabs,[1] every time I transfer to a different bus.
[1] Restoring the web browser's session after a restart restores only the URL, not the content. This leaves me with "Cannot find server - please connect to the Internet" error pages instead of the pages that I had loaded with the intent of reading later.
If the "period of time after the purchase" is 3 to 12 months, as it is with T-Mobile, it won't affect someone who upgrades and sells on his old handset after one or two years.
It would have been slightly clearer in Europe as PC LOAD A4. Europe uses "A4" size paper, which doesn't share a name with a word that also generically means "document". Given the tech of the time, it might have been better to flash between two messages ADD PAPER and LETTER SIZE (or A4 SIZE for Europe).
Yep. If someone asks me what kind of laptop to buy, I don't even hesitate. I always say ASUS. It doesn't matter what kind of laptop they are looking for, or how much they want to spend, ASUS not only has an answer but it probably won't suck. [Praises Eee PC] and their driver support tends to be top-notch.
On the other hand, ASUS made the Transformer Book T100TA, which Debian contributors still haven't managed to get working after several years.
That would be a good analogy had the statement from Razer given a time frame for Linux support, comparable to the time frame "beginning between 28 and 365 days from now" implied by your comment.
Well, if someone isn't willing to spend the under $200/yr on code signing (or less as a student/academic), I don't want to run their code.
I was under the impression that many platforms required a code signing certificate specific to that platform. So how many platforms does that "under $200/yr" cover? For example, macOS and iOS don't accept any certificate other than Apple's, and no other platform accepts Apple's.
The full suite of hardware is not that much (you can use used/borrowed hardware for testing)
What infrastructure exists to let amateur developers obtain such "borrowed hardware for testing"?
I also note you left out my "just run one of the many bundlers that create a 'native app' out of JS/HTML/CSS"
Many anti-JavaScript hardliners are against "the many bundlers that create a 'native app' out of JS/HTML/CSS" for the same reason that they're against JavaScript, with the additional complication that the output of Electron, one of the most popular of these "bundlers", tends to be a RAM hog because it loads an entire copy of Chromium for each application built using it.
It's hard if the platform curator gates the ability to "[X] Remember this answer" behind some sort of review process that individual developers are unlikely to pass.
I would hope you'd verify the codebase on first use.
How is that done on a new machine?
Or can you find anything else on the market which is popular but where only one company is producing them (a category, not a brand - don't say "iPhone").
Konami essentially owns the foot-operated rhythm game market.
There will always be exceptions to the general rule and there are outlier cases in the PC world but in the Android world that's the norm. You can always find some niche combination of variables and point to that as an example of the exception to the rule but that doesn't prove anything we don't already know.
Is the category of small laptops itself "some niche combination of variables"? Many if not most 11.6 inch or smaller laptops since the end of 2012 that I'm aware of have been either expensive, a Chromebook (whose firmware nags the user to wipe the hard drive if an OS other than Chrome OS is installed), or some underdocumented detachable.
Yeah, most open source licenses allow others to fork the code and/or redistribute it, clearly indicated as such, since the creator still owns and legally controls the original code. Github telling a creator they can't delete their own repository would go far beyond that
"You have deleted your repository. But prior to that, we have exercised our right under the GNU General Public License to fork your repository and make it available to the public through the same URL."
This should be a seldomly used operation, so it's not going to be invasive.
Taking 30 screenshots per second when preparing a tutorial video for some application might be more invasive.
Would you prefer to do shopping, banking, and trading through the Postal Service instead of online? Or what third option am I missing other than online and through mail for products and services not offered within reasonable cycling distance of your home?
We have tons of solutions to native application portability: Java
Last I checked, Java wasn't ported to iOS or UWP, and Swing wasn't ported to Android.
.NET (esp. with Xamarin or Unity for games)
Xamarin and Unity are proprietary software priced on a subscription model. A web browser and associated IDE are free software.
C++ and XWindows or other crossplatform UX
Which such "other crossplatform UX" covers all six of Windows desktop, Windows UWP, X11/Linux, Android, macOS, and iOS? And how ought an individual free software developer to afford hardware on which to build executables for all these platforms as well as code signing certificates for all these platforms?
from eschewing any reminder of the freedom to run, inspect, share, and modify published computer software like calling the installed OS "Linux" even when Debian calls their system GNU/Linux and the proper name is on the screenshot
I too write the term "GNU/Linux" in part because it's a convenient way to say I don't mean Android. But this particular point isn't quite the strongest in your argument because practically, until enough drivers are ported to let the user interact meaningfully with the GNU operating environment, it's still "Linux".
Pay-as-you-go cellular plans in the United States still charge for incoming calls
prepaid cell phones are usually unlimited talk and text at the bare minimum. Trust me, I pay 50.00 for mine and I even have unlimited data.
"Pay-as-you-go" and "unmetered prepaid" are not the same thing. The lowest tier prepaid plan at T-Mobile is $3.00 per month and comes with 30 voice minutes, texts, or a combination thereof in a month, with 10 cents for each additional, and no data.
Besides, that isn't the only thing wrong with Twitter's mentality of using TOTP as a backup for SMS as opposed to the other way around. If someone social-engineers your carrier or exploits SS7 flaws, he can get into your SMS and from there into your account.