So if someone were to put the core into an environment that was more like that of a x86-64 core - it would still be limited by the environment it used to be put in?
It would not be. However, that's a big "if", as I don't expect Apple "to put the core into an environment that was more like that of a x86-64 core". Instead, I expect Apple to make Gatekeeper more strict on ARM than it currently is on x86-64.
Would it work to wear earbuds with a directional microphone that picks up the customer's voice, not the overhead speaker, and mixes it into what is said? It'd be like a "personal sound amplifier" (the over-the-counter counterpart to a hearing aid).
quick light bursts of information (news, weather, wikipedia maybe?).
Without ads, commercial news sites would become less useful as readers can no longer share paywalled articles with friends and family who happen to subscribe to a different publication. Without ads, Weather.com by The Weather Channel would have no revenue source, unless I'm missing something.
In a world with "nothing on the internet but personal sites like mine whos owners pay for it themselves like I do", would there still be enough demand for Internet connections to keep the Internet business profitable for phone and cable companies? Or would your personal site's viewers instead have to take a bus to a public or university library during regular hours?
The range of coding that can be done with an Android device, unrooted, right now, is in pretty rough shape.
Did rootless GNU environments, such as Termux and GNURoot, stop working in recent versions of Android? Some Slashdot users seem to swear by GNURoot combined with XSDL.
But, it's rare that I don't have connectivity. I'm happy to pay for the "unlimited" data plan. Between my wife and I, we blow through 60+ GB of traffic a month on two phones alone (we both have laptops, but both use a smartphone as a primary device). And frequently, the phone *is* the WiFi for my laptop.
Last I checked, carriers limited "unlimited" data plans' hotspot use (what you call "the phone *is* the WiFi for my laptop") to 10 GB per month. This means that for people who cancel home Internet in order to afford a cellular data plan, semiannual feature updates in Ubuntu or Windows might have to happen at a public library.
Smart cards have enabled [signing communications off the main CPU] for at least a dozen years and counting. They also happen to cost four times less than current USB sticks.
Even when you include the cost of a smart card reader that connects to one of the ports on the outside of a smartphone, tablet, or laptop computer? On my laptop, counterclockwise from top left, these are power, HDMI, USB, microSD, audio, USB, and USB. Last I checked, Square was charging $35 for a smart card reader that connects to a TRRS audio port, and I imagine that Square's might support only EMV application, not TLS application. If a consumer product computing device does have an ID-000 sized smart card slot, it's probably intended solely for authenticating to a cellular carrier, not to a particular website. Replace it with the card containing your bank's TLS certificate, and you no longer have Internet access through your device's cellular radio.
As you've probably guessed: I have no experience with ISO/IEC 7816 smart cards other than using the EMV chip on my credit card at merchants and inserting a SIM into a phone.
First of all, are you saying my web sites and the other things I do for free don't count because I'm paying for them out of my own pocket?
Of course hobbies count. Nowhere did I say they don't. They just need some other source of income to sustain them. I was just curious how you fund your websites and contributions to free software, or how any other artist for that matter should fund his or her art.
But, more and more, I just use a bluetooth keyboard from Omoton and use Termius to SSH in to my servers and the laptop from my phone.
That's fine if you already have a cellular data plan for other reasons or transit in your city has Wi-Fi. It's not so fine if, like me, you would have to upgrade from no data plan to a data plan in order to use the SSH client during the commute to and from the office. That's why I still carry a compact laptop for coding on transit.
The problem here is that the banks want a flat 0.30 USD for each transaction on top of a percentage of the total. This is true of both credit card transactions and ACH (checking account debit) transactions. This encourages merchants to reduce the percentage of revenue that goes to bank fees by adopting business models that increase the average transaction total. That's why you see monthly or annual subscriptions on news sites instead of pay-per-article.
there's nothing to say that websites can't sell ads to legitimate advertisers and put up advertisements.
This works for Daring Fireball and Read the Docs. But before you recommend requiring the ad-supported web at large to adopt their business model, please consider the following nothings:
1. A publisher selling ads on its own website has to somehow convince advertisers that the publisher exists in the first place, is worth the advertisers' time, and can detect and not charge for fraudulent page views or clicks. If a web publisher hired you to market the publisher's ad space to advertisers, what steps would you recommend taking to do so? 2. Interest-based advertising pays three times the CPM compared to context-based advertising according to a study by Beales and Eisenach.
If a website charges $4 per month for ad-free access or nothing for access with ads, you can choose one of three things.
A. Access the website with ads B. Access the website ad-free for $4 per month C. Do not access the website
If you choose A, you are being paid $4 per month to view ads on that site. The site's operator just pockets the $4 in order to save on transaction fees with the bank. (Incidentally, swipe fees are why pay-per-article is not common.)
Also there used to be several "get paid to surf the web" companies during the first dot-com boom. They went by names such as AllAdvantage, Spedia, GetPaid4, and Ignifuge.
Which host are you with? I'm currently paying a lot more than that to WebFaction for shared hosting. And do these "hundreds of requests per second" include the video whose play button the user has clicked, or are you considering only text and small images?
Your websites are a hobby. Your contribution to Linux is a hobby. Your free software is a hobby. Your free artwork is a hobby. It's fine to have hobbies, but what puts food on the table and a roof over your head to support your hobbies?
There is no reason keys can't be stored in security modules or "smart cards" or even USB sticks for those dumb enough to require the security nightmare that is USB for user authentication.
If you're doing the signing on the computer, an attacker can copy the private key on its way from the module to the computer or copy it out of the browser process once it is in the computer. If you're doing the signing on the module, that is exactly what FIDO aims to do. What am I missing?
This is impossible to fix right? A completely new protocol is required to address this because browsers don't offer obvious sign out buttons for certificate and http auth.
I notice the sarcasm. It's required in a browser only because as of first quarter 2019, more customer-facing websites support FIDO than TLS client certificates.
All systems require a key to work. Whether on a USB stick or a smart card or embedded in a computers security module it's the same issue. Nothing prevents portability and regardless of which one you select the same keying material is being guarded.
The structure of FIDO ensures that the private key never leaves the device, unlike with a TLS client certificate whose key pair must be copied into the TLS stack's address space to be used. As I understand it, this safeguarding of the private key is necessary for the device to be considered a second factor, as "something you have" rather than "something you know", in case someone compromises your password manager.
They are not domain based they are signer based.
Who is the signer in common uses of TLS client certificates? In hypothetical use thereof on customer-facing websites, who would be the signer? How does the deprecation of the <keygen> element change this answer?
This is commonly used by "enterprise" systems rather than customer facing web sites.
In order to improve the usability of TLS client certificates to the point where customer-facing websites can use them, an overhaul of the user interface is needed. Feel free to contribute a pair of pull requests, one to Firefox and one to Chromium, that does this.
Why does everyone always start talking about the constraints of iOS when discussing ARM on the Mac?
Because makers of computing devices have used architecture transitions as an excuse to ramp up restrictions on developers. Microsoft did so with Windows Vista, which introduced mandatory kernel-mode code signing during the transition from x86 to x86-64. Microsoft also did so with Windows RT, which couldn't run code from outside the Windows Store without an (initially paid) developer account. Following this pattern, Apple might add mandatory Gatekeeper to macOS for ARM, such that turning it off works for only 7 days at a time like a free iOS developer account.
SQRL [...] can be used for anonymous login, which would be better for many purposes, such as blog comments where you only need to verify that some response belonged to the same author as some other so nobody could impersonate someone else.
So can client certificates in a web browser, if only their UX weren't so horrible. So can a "tripcode", or a self-assigned password whose hash salted by the email address is displayed publicly, as 4chan has demonstrated.
Seamless login is "something you have", and since it is part of your phone, it doesn't require your explicit consent to be checked.
Unless unlocking the phone's FIDO keystore requires your fingerprint (Touch ID) or a direct stare (Face ID) or your hand veins (Hand ID) or at least some other expression of consent. Does it?
It's not just a user experience difference. Devices implementing FIDO spec also tend to be more hardened against copying out the private key than a browser's certificate store is. I guess this is part of why browser developers have spent more time on FIDO than on TLS client cert UX.
One big difference between client certificates and U2F keys like this is that compared to a web browser's client certificate store, a U2F key is somewhat more hardened against attempts to copy out the private key. This lets a U2F key pass more tests for being "something you have."
The other is that TLS client authentication have been a usability nightmare, particularly for non-technical users, in "all major browsers since the beginning of time itself."
No obvious button to "sign out" (use no client certificate) in order to retrieve a logged-out view of a resource or to switch between certificates associated with different user accounts.
Backing up certificates and moving them among devices isn't easy.
Certificates aren't associated to a domain. If the user uses the same certificate on all sites, this isn't quite as bad as sharing a password, but it does have the same cross-site tracking implications as third-party cookies. If the user uses a different certificate on each site, major browsers traditionally haven't helped the user figure out which certificate goes with each site
Browser publishers haven't prioritized improving client certificate UX because of the low user base of client certificates. I've seen them on only two sites: StartCom (a defunct TLS CA) and Kount (an e-commerce fraud risk assessment platform).. But browsers could improve this UI in a few ways:
When a TLS site requests a client certificate, show a key icon in the location bar next to the TLS lock icon. This opens the certificate chooser. The user can click it again to log out.
Group certificates in the certificate chooser by the registrable domain* with which they were last used.
Let the user drag certificate files in and out of the certificate chooser.
Include client certificates in the browser's password sync feature.
But good luck getting browser publishers to devote any time==money to this.
*A "registrable domain" is a public suffix, as defined by Mozilla's Public Suffix List, plus one name part. If "co.uk" is a public suffix, for example, then "ebay.co.uk" is registrable.
I didn't read the article because WIRED happens not to be part of my current subscription package. But based only on the quoted paragraph, I see two practical problems likely to arise.
The first is the requirement of "Android 7 or later". that last I checked, phones were still being sold multiple major versions of Android behind because newer versions of Android require more CPU and RAM than fit in the bill of material for a budget prepaid smartphone. Which entry-level phone ships with 64-bit Android 7 or later?
The second is that some major websites won't let the user set up 2-factor authentication through U2F or TOTP without first setting up 2-factor authentication through SMS. One example is Twitter, which 1. requires the user to set up SMS before setting up TOTP, 2. sends SMS on every login attempt even after TOTP has been set up, and 3. removes TOTP if the user removes SMS.
A requirement of SMS before U2F or TOTP causes problems in three situations I can think of. The first is people managing business accounts who may not have a cell phone at all at the office, instead relying on the office landline. The second is people on a pay-as-you-go plan, particularly in the United States where PAYG carriers charge for each incoming voice minute or SMS message. The third is people who know SMS isn't a reliable third factor because of the documented cases where a social engineer convinced the carrier to transmit some other subscriber's service to a new SIM without the subscriber's authorization, and then preceded to use that SIM to unlock the victim's email and other accounts.
The poor OS is not real, though. iOS is OSX, with different libraries for making GUI applications, but with the same underpinnings.
One critical piece of the underpinnings differs: it's impossible for iOS applications to flip a page from writable to executable. Only the system executable loader can do that. The strict W^X policy on iOS makes it impossible to run a compiler like that included with Xcode or a JIT like PyPy. Any tool for programming on a device must be a full interpreter, like CPython or Swift Playgrounds, and a user ends up wasting most of the performance of a powerful ARM CPU on the overhead of this interpreter. This is what I meant by the usefulness of the iPad product being hamstrung by Apple's policies embodied in the OS.
Let me try to restate my understanding of the engine/frame analogy more rigorously:
Even if ARM cores are powerful engines, the I/O and operating system wrapped around them in virtually all such ARM CPUs and SOCs make them unfriendly to serious productive computing.
You make a good point about the durability of detachables. As for RAM use:
Or what fundamental thing about computing has changed since then, other than the increasing aggressiveness of web analytics and adtech to eat RAM while continuously tracking viewers' browsing?
That's not enough?
Correct, it's not enough. The user can work around "the increasing aggressiveness of web analytics and adtech to eat RAM" by using a tracking blocker. This can be the built-in tracking protection feature of the Firefox web browser or the Disconnect extension for Google Chrome. Though the user will see fewer ads with a tracking blocker, it isn't really an ad blocker, as a tracking blocker allows publisher-hosted ads and any other script that isn't involved in cross-site surveillance of viewers' browsing history.
To save money, I tend to use laptop computers until replacement battery packs are no longer readily available. Thus I was able to keep my daily tasks (software development and web browsing) usably fast on a laptop with 1 GB of RAM until 2015 and 2 GB of RAM until 2018. Tracking blockers were a big part of what made this possible.
Slashdot Mirror
So if someone were to put the core into an environment that was more like that of a x86-64 core - it would still be limited by the environment it used to be put in?
It would not be. However, that's a big "if", as I don't expect Apple "to put the core into an environment that was more like that of a x86-64 core". Instead, I expect Apple to make Gatekeeper more strict on ARM than it currently is on x86-64.
Would it work to wear earbuds with a directional microphone that picks up the customer's voice, not the overhead speaker, and mixes it into what is said? It'd be like a "personal sound amplifier" (the over-the-counter counterpart to a hearing aid).
quick light bursts of information (news, weather, wikipedia maybe?).
Without ads, commercial news sites would become less useful as readers can no longer share paywalled articles with friends and family who happen to subscribe to a different publication. Without ads, Weather.com by The Weather Channel would have no revenue source, unless I'm missing something.
In a world with "nothing on the internet but personal sites like mine whos owners pay for it themselves like I do", would there still be enough demand for Internet connections to keep the Internet business profitable for phone and cable companies? Or would your personal site's viewers instead have to take a bus to a public or university library during regular hours?
The range of coding that can be done with an Android device, unrooted, right now, is in pretty rough shape.
Did rootless GNU environments, such as Termux and GNURoot, stop working in recent versions of Android? Some Slashdot users seem to swear by GNURoot combined with XSDL.
But, it's rare that I don't have connectivity. I'm happy to pay for the "unlimited" data plan. Between my wife and I, we blow through 60+ GB of traffic a month on two phones alone (we both have laptops, but both use a smartphone as a primary device). And frequently, the phone *is* the WiFi for my laptop.
Last I checked, carriers limited "unlimited" data plans' hotspot use (what you call "the phone *is* the WiFi for my laptop") to 10 GB per month. This means that for people who cancel home Internet in order to afford a cellular data plan, semiannual feature updates in Ubuntu or Windows might have to happen at a public library.
Smart cards have enabled [signing communications off the main CPU] for at least a dozen years and counting. They also happen to cost four times less than current USB sticks.
Even when you include the cost of a smart card reader that connects to one of the ports on the outside of a smartphone, tablet, or laptop computer? On my laptop, counterclockwise from top left, these are power, HDMI, USB, microSD, audio, USB, and USB. Last I checked, Square was charging $35 for a smart card reader that connects to a TRRS audio port, and I imagine that Square's might support only EMV application, not TLS application. If a consumer product computing device does have an ID-000 sized smart card slot, it's probably intended solely for authenticating to a cellular carrier, not to a particular website. Replace it with the card containing your bank's TLS certificate, and you no longer have Internet access through your device's cellular radio.
As you've probably guessed: I have no experience with ISO/IEC 7816 smart cards other than using the EMV chip on my credit card at merchants and inserting a SIM into a phone.
Or they could take up coding.
How does writing a computer program and distributing it as free software pay the bills?
First of all, are you saying my web sites and the other things I do for free don't count because I'm paying for them out of my own pocket?
Of course hobbies count. Nowhere did I say they don't. They just need some other source of income to sustain them. I was just curious how you fund your websites and contributions to free software, or how any other artist for that matter should fund his or her art.
But, more and more, I just use a bluetooth keyboard from Omoton and use Termius to SSH in to my servers and the laptop from my phone.
That's fine if you already have a cellular data plan for other reasons or transit in your city has Wi-Fi. It's not so fine if, like me, you would have to upgrade from no data plan to a data plan in order to use the SSH client during the commute to and from the office. That's why I still carry a compact laptop for coding on transit.
I'll gladly fork over .99-1.99
The problem here is that the banks want a flat 0.30 USD for each transaction on top of a percentage of the total. This is true of both credit card transactions and ACH (checking account debit) transactions. This encourages merchants to reduce the percentage of revenue that goes to bank fees by adopting business models that increase the average transaction total. That's why you see monthly or annual subscriptions on news sites instead of pay-per-article.
there's nothing to say that websites can't sell ads to legitimate advertisers and put up advertisements.
This works for Daring Fireball and Read the Docs. But before you recommend requiring the ad-supported web at large to adopt their business model, please consider the following nothings:
1. A publisher selling ads on its own website has to somehow convince advertisers that the publisher exists in the first place, is worth the advertisers' time, and can detect and not charge for fraudulent page views or clicks. If a web publisher hired you to market the publisher's ad space to advertisers, what steps would you recommend taking to do so?
2. Interest-based advertising pays three times the CPM compared to context-based advertising according to a study by Beales and Eisenach.
If a website charges $4 per month for ad-free access or nothing for access with ads, you can choose one of three things.
A. Access the website with ads
B. Access the website ad-free for $4 per month
C. Do not access the website
If you choose A, you are being paid $4 per month to view ads on that site. The site's operator just pockets the $4 in order to save on transaction fees with the bank. (Incidentally, swipe fees are why pay-per-article is not common.)
Also there used to be several "get paid to surf the web" companies during the first dot-com boom. They went by names such as AllAdvantage, Spedia, GetPaid4, and Ignifuge.
Which host are you with? I'm currently paying a lot more than that to WebFaction for shared hosting. And do these "hundreds of requests per second" include the video whose play button the user has clicked, or are you considering only text and small images?
And what is it that you do that's worth being paid for, exactly? Is it being part of the Internet's mechanisms that are ultimately funded by ads?
Some time ago, I had a conversation about this topic with Slashdot user bingoUV, who recommended that people who can no longer make a living in information publication might try working in a butcher shop.
Your websites are a hobby. Your contribution to Linux is a hobby. Your free software is a hobby. Your free artwork is a hobby. It's fine to have hobbies, but what puts food on the table and a roof over your head to support your hobbies?
There is no reason keys can't be stored in security modules or "smart cards" or even USB sticks for those dumb enough to require the security nightmare that is USB for user authentication.
If you're doing the signing on the computer, an attacker can copy the private key on its way from the module to the computer or copy it out of the browser process once it is in the computer. If you're doing the signing on the module, that is exactly what FIDO aims to do. What am I missing?
This is impossible to fix right? A completely new protocol is required to address this because browsers don't offer obvious sign out buttons for certificate and http auth.
I notice the sarcasm. It's required in a browser only because as of first quarter 2019, more customer-facing websites support FIDO than TLS client certificates.
All systems require a key to work. Whether on a USB stick or a smart card or embedded in a computers security module it's the same issue. Nothing prevents portability and regardless of which one you select the same keying material is being guarded.
The structure of FIDO ensures that the private key never leaves the device, unlike with a TLS client certificate whose key pair must be copied into the TLS stack's address space to be used. As I understand it, this safeguarding of the private key is necessary for the device to be considered a second factor, as "something you have" rather than "something you know", in case someone compromises your password manager.
They are not domain based they are signer based.
Who is the signer in common uses of TLS client certificates? In hypothetical use thereof on customer-facing websites, who would be the signer? How does the deprecation of the <keygen> element change this answer?
This is commonly used by "enterprise" systems rather than customer facing web sites.
In order to improve the usability of TLS client certificates to the point where customer-facing websites can use them, an overhaul of the user interface is needed. Feel free to contribute a pair of pull requests, one to Firefox and one to Chromium, that does this.
Why does everyone always start talking about the constraints of iOS when discussing ARM on the Mac?
Because makers of computing devices have used architecture transitions as an excuse to ramp up restrictions on developers. Microsoft did so with Windows Vista, which introduced mandatory kernel-mode code signing during the transition from x86 to x86-64. Microsoft also did so with Windows RT, which couldn't run code from outside the Windows Store without an (initially paid) developer account. Following this pattern, Apple might add mandatory Gatekeeper to macOS for ARM, such that turning it off works for only 7 days at a time like a free iOS developer account.
SQRL [...] can be used for anonymous login, which would be better for many purposes, such as blog comments where you only need to verify that some response belonged to the same author as some other so nobody could impersonate someone else.
So can client certificates in a web browser, if only their UX weren't so horrible. So can a "tripcode", or a self-assigned password whose hash salted by the email address is displayed publicly, as 4chan has demonstrated.
Seamless login is "something you have", and since it is part of your phone, it doesn't require your explicit consent to be checked.
Unless unlocking the phone's FIDO keystore requires your fingerprint (Touch ID) or a direct stare (Face ID) or your hand veins (Hand ID) or at least some other expression of consent. Does it?
It's not just a user experience difference. Devices implementing FIDO spec also tend to be more hardened against copying out the private key than a browser's certificate store is. I guess this is part of why browser developers have spent more time on FIDO than on TLS client cert UX.
One big difference between client certificates and U2F keys like this is that compared to a web browser's client certificate store, a U2F key is somewhat more hardened against attempts to copy out the private key. This lets a U2F key pass more tests for being "something you have."
The other is that TLS client authentication have been a usability nightmare, particularly for non-technical users, in "all major browsers since the beginning of time itself."
Browser publishers haven't prioritized improving client certificate UX because of the low user base of client certificates. I've seen them on only two sites: StartCom (a defunct TLS CA) and Kount (an e-commerce fraud risk assessment platform).. But browsers could improve this UI in a few ways:
But good luck getting browser publishers to devote any time==money to this.
*A "registrable domain" is a public suffix, as defined by Mozilla's Public Suffix List, plus one name part. If "co.uk" is a public suffix, for example, then "ebay.co.uk" is registrable.
I didn't read the article because WIRED happens not to be part of my current subscription package. But based only on the quoted paragraph, I see two practical problems likely to arise.
The first is the requirement of "Android 7 or later". that last I checked, phones were still being sold multiple major versions of Android behind because newer versions of Android require more CPU and RAM than fit in the bill of material for a budget prepaid smartphone. Which entry-level phone ships with 64-bit Android 7 or later?
The second is that some major websites won't let the user set up 2-factor authentication through U2F or TOTP without first setting up 2-factor authentication through SMS. One example is Twitter, which 1. requires the user to set up SMS before setting up TOTP, 2. sends SMS on every login attempt even after TOTP has been set up, and 3. removes TOTP if the user removes SMS.
A requirement of SMS before U2F or TOTP causes problems in three situations I can think of. The first is people managing business accounts who may not have a cell phone at all at the office, instead relying on the office landline. The second is people on a pay-as-you-go plan, particularly in the United States where PAYG carriers charge for each incoming voice minute or SMS message. The third is people who know SMS isn't a reliable third factor because of the documented cases where a social engineer convinced the carrier to transmit some other subscriber's service to a new SIM without the subscriber's authorization, and then preceded to use that SIM to unlock the victim's email and other accounts.
The poor OS is not real, though. iOS is OSX, with different libraries for making GUI applications, but with the same underpinnings.
One critical piece of the underpinnings differs: it's impossible for iOS applications to flip a page from writable to executable. Only the system executable loader can do that. The strict W^X policy on iOS makes it impossible to run a compiler like that included with Xcode or a JIT like PyPy. Any tool for programming on a device must be a full interpreter, like CPython or Swift Playgrounds, and a user ends up wasting most of the performance of a powerful ARM CPU on the overhead of this interpreter. This is what I meant by the usefulness of the iPad product being hamstrung by Apple's policies embodied in the OS.
Let me try to restate my understanding of the engine/frame analogy more rigorously:
Even if ARM cores are powerful engines, the I/O and operating system wrapped around them in virtually all such ARM CPUs and SOCs make them unfriendly to serious productive computing.
You make a good point about the durability of detachables. As for RAM use:
Or what fundamental thing about computing has changed since then, other than the increasing aggressiveness of web analytics and adtech to eat RAM while continuously tracking viewers' browsing?
That's not enough?
Correct, it's not enough. The user can work around "the increasing aggressiveness of web analytics and adtech to eat RAM" by using a tracking blocker. This can be the built-in tracking protection feature of the Firefox web browser or the Disconnect extension for Google Chrome. Though the user will see fewer ads with a tracking blocker, it isn't really an ad blocker, as a tracking blocker allows publisher-hosted ads and any other script that isn't involved in cross-site surveillance of viewers' browsing history.
To save money, I tend to use laptop computers until replacement battery packs are no longer readily available. Thus I was able to keep my daily tasks (software development and web browsing) usably fast on a laptop with 1 GB of RAM until 2015 and 2 GB of RAM until 2018. Tracking blockers were a big part of what made this possible.