the evil-looking eagle says "Piracy is not a Victimless Crime"
If someone downloads an infringing copy of the motion picture Song of the South, to what reasonable extent is The Walt Disney Company a victim? Disney isn't even publishing or exhibiting that motion picture.
You have to put your Chromebook into developer mode
And there's the deal breaker. The Chromebook firmware, when put into developer mode, practically invites anyone who turns it on to wipe the whole thing. At power on, it displays "OS verification is OFF -- Press Space to re-enable" (screenshot), but the owner's roommate doesn't know that she can push Ctrl+D to proceed with booting. Instead, she'll probably press Space, see a message to the effect "Reenabling OS verification will erase everything. Press Enter to continue" and do what it says.
I can handle the command line stuff. I can't handle the constant threat of loss of work that isn't committed yet and the use of the machine until I can return home to install media.
An online strategy works only where Internet connections support a high enough traffic volume. A store like GameStop might do better in an Internet desert where the home ISP choice is between 10 GB/mo satellite and 10 GB/mo fixed cellular.
Oh yeah, ancient used players choice versions of popular Nintendo games selling for $20 gets on my nerves.
If you're referring to used copies of the Player's Choice version of Super Smash Bros. Melee for Nintendo GameCube, it's probably demand from tourney[cigarettes]. A quick Google search shows it going for $60-$70 across multiple sellers.
Redbox and DVD.Netflix happened to Blockbuster and Hollywood Video. This left Family Video as the biggest U.S. brick-and-mortar movie and game disc rental chain carrying older titles.
The same kind that decided a decade ago that PC games were no longer worth carrying.
That was decided for GameStop when Valve introduced Steam. Before Steam was a download store for PC games, it was the Internet activation method for Half-Life 2. Once more PC game publishers adopted Internet activation, GameStop could no longer accept used PC games.
Not likely as long as domain registrars that bundle DNS service charge extra for DNSSec. <cough>GoDaddy</cough>
someone in the same coffee shop will be able to passively snoop, but won't realistically be able to be in the middle of the communication unless the infrastructure is badly broken.
It is in fact "badly broken." If Starbucks Wi-Fi is "attwifi" (as it often is) and an attacker with two radios makes a bridge with the other end having the SSID "Starbucks", a first-time visitor won't know the difference and will likely choose to associate to the rogue AP.
At that point, your endpoint is untrusted
In the case of Fullscreen API, HTTPS strengthens the identity of the entity that made the endpoint appear less trusted. Under current policy, when an origin goes full-screen for the first time, the browser presents a "cancel or allow" prompt showing the hostname in big letters. But with cleartext HTTP, the user can't be sure that he's communicating with the intended origin instead of an active attacker.
It's not always a home ISP that's doing subtle MITM modification. It might be someone malicious in the same coffee shop as you. Or it might be a government agency using the Fullscreen API to spoof the chrome of the entire desktop environment.
if there is a difference it's that insignificant during game play.
The typical pattern is that the Xbox One version of a game would run at 1280x720 before upscaling for output, while the PlayStation 4 version of the same game could run at 1600x900 with the same frame rate due to faster memory. (Meanwhile, PC masters got to enjoy their 1920x1080, 2560x1440, or whatever else the aftermarket GPU was capable of.)
The drive could, at least with the early drive chips. Nintendo just didn't want to have to pay DVD FLLC for every Wii console it shipped. Microsoft did the same thing with the original Xbox (2001), putting licensed DVD player software on a separate memory card in the remote receiver. It's unclear whether Nintendo could have likewise offered something like "PowerDVD now available in Wii Shop Channel for 2000 Nintendo Points".
People love digital downloads. They love not having to look for a disc with the game on it
Perhaps in the land of FTTH, cable, or VDSL. But if the only Internet access where they live is satellite or fixed cellular, they don't love the overage fees associated with downloads in the double digit GB.
Or is the answer "don't, let the customer have 2 TVs"?
Correct.
Case in point: Look at how many games nowadays support only online multiplayer, not same-screen multiplayer. Publishers rationalize the decision not to spend time=money on same-screen multiplayer by claiming limited GPU and RAM resources, as well as the fact that the average age of a gamer has trended upward since the NES and Super NES era.
We're talking about computers here, not tiny 5" hand held computational devices.
A convertible laptop consists of a tablet, generally 10" or larger, and a keyboard and trackpad that attach to the bottom. Is it a "computer" or a "tiny hand held computational device"?
Would it be possible and practical to run "regular" Linux applications, those that have been neither remade as web apps or nor ported to Android, on a Chromebook using something like the Debian and XSDL apps?
Personally I "stream" my media over NFS within my network.
I imagine that Android, iOS, and Windows clients don't ship with an NFS client. If they do, when did they start?
What are you using that utilizes the Fullscreen API?
In theory, the server side is GNU MediaGoblin or other web-based media server applications, and the client side is anything with a modern web browser, particularly devices brought by visiting friends and family.
It's not PayPal itself, but the login page for Phil's Hobby Shop can work without JavaScript. The only part that changes with script off is that you have to submit with a blank password in order to enable "Show password as I type".
The situation DarkOx describes is not your home connection but "corporate clients that do SSL intercept". In other words, it's a self-described legitimate business that wishes to communicate only with other apparently legitimate businesses.
Is it illegal to rewrite from scratch the contributions of those few authors who cannot be reached if alive or whose estate cannot be reached if deceased?
LetsEncrypt now offers a no cost solution to replace self-signed certs.
This is true only for servers with fully qualified domain names, not for internal servers with private IP addresses or made-up TLDs such as.local or.internal. Is every householder supposed to buy a domain to make HTTPS communication across the LAN with a router, printer, or streaming media server work?
Not if the VPN service's subscribers don't know the VPN service is selling their data.
the evil-looking eagle says "Piracy is not a Victimless Crime"
If someone downloads an infringing copy of the motion picture Song of the South, to what reasonable extent is The Walt Disney Company a victim? Disney isn't even publishing or exhibiting that motion picture.
in MANY parts of the country there is only one real ISP available.
As sglewis, Zero__Kelvin, Bengie, FlyHelicopters, and others pointed out, there is more than one part of the country available.
You have to put your Chromebook into developer mode
And there's the deal breaker. The Chromebook firmware, when put into developer mode, practically invites anyone who turns it on to wipe the whole thing. At power on, it displays "OS verification is OFF -- Press Space to re-enable" (screenshot), but the owner's roommate doesn't know that she can push Ctrl+D to proceed with booting. Instead, she'll probably press Space, see a message to the effect "Reenabling OS verification will erase everything. Press Enter to continue" and do what it says.
I can handle the command line stuff. I can't handle the constant threat of loss of work that isn't committed yet and the use of the machine until I can return home to install media.
An online strategy works only where Internet connections support a high enough traffic volume. A store like GameStop might do better in an Internet desert where the home ISP choice is between 10 GB/mo satellite and 10 GB/mo fixed cellular.
Oh yeah, ancient used players choice versions of popular Nintendo games selling for $20 gets on my nerves.
If you're referring to used copies of the Player's Choice version of Super Smash Bros. Melee for Nintendo GameCube, it's probably demand from tourney[cigarettes]. A quick Google search shows it going for $60-$70 across multiple sellers.
Redbox and DVD.Netflix happened to Blockbuster and Hollywood Video. This left Family Video as the biggest U.S. brick-and-mortar movie and game disc rental chain carrying older titles.
The same kind that decided a decade ago that PC games were no longer worth carrying.
That was decided for GameStop when Valve introduced Steam. Before Steam was a download store for PC games, it was the Internet activation method for Half-Life 2. Once more PC game publishers adopted Internet activation, GameStop could no longer accept used PC games.
Assuming DNSSec gets deployed as it should
Not likely as long as domain registrars that bundle DNS service charge extra for DNSSec. <cough>GoDaddy</cough>
someone in the same coffee shop will be able to passively snoop, but won't realistically be able to be in the middle of the communication unless the infrastructure is badly broken.
It is in fact "badly broken." If Starbucks Wi-Fi is "attwifi" (as it often is) and an attacker with two radios makes a bridge with the other end having the SSID "Starbucks", a first-time visitor won't know the difference and will likely choose to associate to the rogue AP.
At that point, your endpoint is untrusted
In the case of Fullscreen API, HTTPS strengthens the identity of the entity that made the endpoint appear less trusted. Under current policy, when an origin goes full-screen for the first time, the browser presents a "cancel or allow" prompt showing the hostname in big letters. But with cleartext HTTP, the user can't be sure that he's communicating with the intended origin instead of an active attacker.
It's not always a home ISP that's doing subtle MITM modification. It might be someone malicious in the same coffee shop as you. Or it might be a government agency using the Fullscreen API to spoof the chrome of the entire desktop environment.
And are you related to the late Dr. Florence Goodenough, who invented the Draw-A-Person intelligence test in the 1920s?
I ask because Simon Baron Cohen, who invented the Sally-Anne test for autism, is the cousin of the comedian who played Borat.
Uno.
Wild card -- draw four, one card for each year since #dealwithit.
if there is a difference it's that insignificant during game play.
The typical pattern is that the Xbox One version of a game would run at 1280x720 before upscaling for output, while the PlayStation 4 version of the same game could run at 1600x900 with the same frame rate due to faster memory. (Meanwhile, PC masters got to enjoy their 1920x1080, 2560x1440, or whatever else the aftermarket GPU was capable of.)
having a DVD-R that couldn't play a movie DVD
The drive could, at least with the early drive chips. Nintendo just didn't want to have to pay DVD FLLC for every Wii console it shipped. Microsoft did the same thing with the original Xbox (2001), putting licensed DVD player software on a separate memory card in the remote receiver. It's unclear whether Nintendo could have likewise offered something like "PowerDVD now available in Wii Shop Channel for 2000 Nintendo Points".
People love digital downloads. They love not having to look for a disc with the game on it
Perhaps in the land of FTTH, cable, or VDSL. But if the only Internet access where they live is satellite or fixed cellular, they don't love the overage fees associated with downloads in the double digit GB.
Or is the answer "don't, let the customer have 2 TVs"?
Correct.
Case in point: Look at how many games nowadays support only online multiplayer, not same-screen multiplayer. Publishers rationalize the decision not to spend time=money on same-screen multiplayer by claiming limited GPU and RAM resources, as well as the fact that the average age of a gamer has trended upward since the NES and Super NES era.
I also hate "ALWAYS ON" connections for anything but mobile games
I hate them even for mobile games. A tablet might not be in range of Wi-Fi, nor might a smartphone on a prepaid plan that includes voice and not data.
We're talking about computers here, not tiny 5" hand held computational devices.
A convertible laptop consists of a tablet, generally 10" or larger, and a keyboard and trackpad that attach to the bottom. Is it a "computer" or a "tiny hand held computational device"?
Would it be possible and practical to run "regular" Linux applications, those that have been neither remade as web apps or nor ported to Android, on a Chromebook using something like the Debian and XSDL apps?
Personally I "stream" my media over NFS within my network.
I imagine that Android, iOS, and Windows clients don't ship with an NFS client. If they do, when did they start?
What are you using that utilizes the Fullscreen API?
In theory, the server side is GNU MediaGoblin or other web-based media server applications, and the client side is anything with a modern web browser, particularly devices brought by visiting friends and family.
Why are you encrypting traffic within your own private network?
To avoid loss of functionality once the Fullscreen API becomes limited to secure contexts. Browsers no longer support sensitive JavaScript APIs over cleartext HTTP. There are plans to make Fullscreen API unavailable over cleartext HTTP because of demonstrated phishing attacks. Without the Fullscreen API, streaming video from a home NAS will be limited to a window.
It's not PayPal itself, but the login page for Phil's Hobby Shop can work without JavaScript. The only part that changes with script off is that you have to submit with a blank password in order to enable "Show password as I type".
The situation DarkOx describes is not your home connection but "corporate clients that do SSL intercept". In other words, it's a self-described legitimate business that wishes to communicate only with other apparently legitimate businesses.
Is it illegal to rewrite from scratch the contributions of those few authors who cannot be reached if alive or whose estate cannot be reached if deceased?
LetsEncrypt now offers a no cost solution to replace self-signed certs.
This is true only for servers with fully qualified domain names, not for internal servers with private IP addresses or made-up TLDs such as .local or .internal. Is every householder supposed to buy a domain to make HTTPS communication across the LAN with a router, printer, or streaming media server work?