Presumably the U2F key is more hardened against key extraction attacks than, say, someone with physical access to your machine and your user account's.ssh folder.
What sort of man in the middle attacks do you envision the machine you're using will be able to perform between the dongle?
During the initial key exchange, when the U2F device sends its public key to the server, a man in the middle could substitute the public key generated by his own U2F device.
Almost everyone has a cell phone with free text messaging
Then I guess I'm not among "almost everyone", nor are other pay-as-you-go users in the United States market, which is Slashdot's home country. It's traditional for U.S. carriers to bill half the SMS toll to the sender and half to the recipient, and many SMS 2FA providers (such as those used by Twitter and Steam) can't make voice calls to landlines. To upgrade from pay-per-minute to unlimited would cost hundreds of dollars per year.
A universe where the only port you might have is a USB OTG receptacle, such as micro-AB or C, or a Lightning port. A U2F key with a USB A plug won't fit into those without an adapter.
Or a universe where all of your PC's external USB ports have been epoxied shut. Some shops use this to deter exfiltration of confidential data.
Or if your copy of the Steam client has lost the receipts that enable offline play of games that use Steam digital restrictions management. Early on, the only way to save receipts was to choose "Go Offline" while both your Internet connection and the Steam servers were running. Later, receipt caching was drastically improved, but I still occasionally read anecdotal reports that the client might lose receipts if it crashes.
Small businesses can use Windows 10 Pro, which supports the slower-moving "Current Branch for Business" release track. Or small businesses can develop on and for X11/Linux.
If distributing software designed for Windows to the public is a requirement, how does this "solo freelance developer" obtain an EV code signing certificate in the first place? You need one to ship drivers on Windows, or to ship applications on Windows without running a risk of SmartScreen blocking execution of your application because it is "not commonly downloaded".
It's absolutely not a copyright issue, but not for the reason mentioned in the article you cite. So long as the venue in which a rally is held holds a license from the publisher through the appropriate licensing agency, a rally's organizer can perform a musical work publicly. In the USA, this is either BMI or ASCAP depending on the song in question.
But this article is right about trademarks. An owner of a mark can use one of two legal theories: infringement or dilution. Infringement happens only within a field of use. Dilution applies to particularly famous trademarks and can cross fields of use, but it's quite a bit harder for a mark owner to prove fame.
I've been using Firefox 51 from the firefox-next PPA in Xubuntu on a 1-core, 2-thread Atom N450 laptop for a couple weeks now. Even if all tabs run in one process, scrolling still runs smoothly because it's in a separate process, though occasionally I outrun the rendered portion and there's a delay before the blank part fills in.
Firefox's pop-up blocker requires pop-ups to be initiated by a user event, in particular a click. If you don't want pop-ups, then don't click on the page.
So if Trump wants us to buy American and hire American, and Toyota is Japanese, then why is the featured product on big.ly's front page a toy Yoda? I guess even though Toyota is Japanese, the company hires Americans to build vehicles right here in America.
Adding certificate-revocation lookups compounds the problem and adds even more time.
There is a bit of overhead in TLS, but OCSP lookups don't have to be much of it. Every 24 hours or so, an HTTPS server can ask the CA to sign a message stating that its certificate hasn't been revoked. Then the server can include this message signed by the CA in the TLS handshake. This is called TLS Certificate Status Request, or "stapling" for short.
That'd be fine if there were a "Save All Tabs As" or "Print All Tabs to PDF" button that didn't present a file chooser for every single open HTML document.
Debian shipped Iceweasel, a rebranded version of Firefox, starting in 2006. At the time, the Firefox logo was licensed under terms that conflicted with the Debian Free Software Guidelines, and Mozilla demanded prior approval of any patches that Debian applied, such as patches to support additional instruction sets. But in February 2016, Mozilla realized that the Debian project hadn't been doing anything that would tarnish the Firefox brand, and so Mozilla allowed Debian to use Firefox's branding.
If you want to serve your own copy of a script, I have absolutely no problem with it. But search engines might, as they rank slowly loading documents lower, and they weigh commonly cached scripts served from CDNs as less of a contributor to slowness.
Cache hits for subsequent HTML documents retrieved from one site are fine if the user actually views multiple documents on the same site. But someone who reaches a site through a search engine, such as DuckDuckGo or Google, or through a news aggregator, such as SoylentNews or Slashdot, is likely to connect, retrieve one document, and continue to a different document on a different site. A cache per site doesn't help with this use case; a cache shared among several sites does.
Your Acer netbook is probably discontinued by now. Is there an affordable modern laptop with a 10" display and a warranty? Or do I need to settle for to a 13" mugger magnet?
Presumably the U2F key is more hardened against key extraction attacks than, say, someone with physical access to your machine and your user account's .ssh folder.
What sort of man in the middle attacks do you envision the machine you're using will be able to perform between the dongle?
During the initial key exchange, when the U2F device sends its public key to the server, a man in the middle could substitute the public key generated by his own U2F device.
Almost everyone has a cell phone with free text messaging
Then I guess I'm not among "almost everyone", nor are other pay-as-you-go users in the United States market, which is Slashdot's home country. It's traditional for U.S. carriers to bill half the SMS toll to the sender and half to the recipient, and many SMS 2FA providers (such as those used by Twitter and Steam) can't make voice calls to landlines. To upgrade from pay-per-minute to unlimited would cost hundreds of dollars per year.
SMS 2FA on Twitter doesn't work with a landline and is expensive with pay-as-you-go mobile, and Twitter refuses to support TOTP or U2F.
A universe where the only port you might have is a USB OTG receptacle, such as micro-AB or C, or a Lightning port. A U2F key with a USB A plug won't fit into those without an adapter.
Or a universe where all of your PC's external USB ports have been epoxied shut. Some shops use this to deter exfiltration of confidential data.
Animals need to conserve energy as well. Why didn't they evolve thrusters?
But how do you install a game on an additional PC while Steam is down?
It exists all right. It just moved to Goatse.info after Christmas Island decided it didn't want to enable male porn.
Or if your copy of the Steam client has lost the receipts that enable offline play of games that use Steam digital restrictions management. Early on, the only way to save receipts was to choose "Go Offline" while both your Internet connection and the Steam servers were running. Later, receipt caching was drastically improved, but I still occasionally read anecdotal reports that the client might lose receipts if it crashes.
Small businesses can use Windows 10 Pro, which supports the slower-moving "Current Branch for Business" release track. Or small businesses can develop on and for X11/Linux.
If distributing software designed for Windows to the public is a requirement, how does this "solo freelance developer" obtain an EV code signing certificate in the first place? You need one to ship drivers on Windows, or to ship applications on Windows without running a risk of SmartScreen blocking execution of your application because it is "not commonly downloaded".
The rear end of this vehicle is almost shaped like a mermaid tail. Any reason why it uses thrusters for propulsion and not, say, a fluke?
It's absolutely not a copyright issue, but not for the reason mentioned in the article you cite. So long as the venue in which a rally is held holds a license from the publisher through the appropriate licensing agency, a rally's organizer can perform a musical work publicly. In the USA, this is either BMI or ASCAP depending on the song in question.
But this article is right about trademarks. An owner of a mark can use one of two legal theories: infringement or dilution. Infringement happens only within a field of use. Dilution applies to particularly famous trademarks and can cross fields of use, but it's quite a bit harder for a mark owner to prove fame.
Hey, if EAFP worked for Guido van Rossum and his Python Software Foundation, it can work for Microsoft.
Organizations that need detailed configuration control can shell out for Windows 10 Enterprise.
Why can't an app proxy non-compliant accesses through a server controlled by the developer?
You can self host your own DNS server inside of your own network.
Great for my own Wi-Fi, not so great for restaurant Wi-Fi or cellular data.
I've been using Firefox 51 from the firefox-next PPA in Xubuntu on a 1-core, 2-thread Atom N450 laptop for a couple weeks now. Even if all tabs run in one process, scrolling still runs smoothly because it's in a separate process, though occasionally I outrun the rendered portion and there's a delay before the blank part fills in.
Firefox's pop-up blocker requires pop-ups to be initiated by a user event, in particular a click. If you don't want pop-ups, then don't click on the page.
So if Trump wants us to buy American and hire American, and Toyota is Japanese, then why is the featured product on big.ly's front page a toy Yoda? I guess even though Toyota is Japanese, the company hires Americans to build vehicles right here in America.
Adding certificate-revocation lookups compounds the problem and adds even more time.
There is a bit of overhead in TLS, but OCSP lookups don't have to be much of it. Every 24 hours or so, an HTTPS server can ask the CA to sign a message stating that its certificate hasn't been revoked. Then the server can include this message signed by the CA in the TLS handshake. This is called TLS Certificate Status Request, or "stapling" for short.
That'd be fine if there were a "Save All Tabs As" or "Print All Tabs to PDF" button that didn't present a file chooser for every single open HTML document.
Debian shipped Iceweasel, a rebranded version of Firefox, starting in 2006. At the time, the Firefox logo was licensed under terms that conflicted with the Debian Free Software Guidelines, and Mozilla demanded prior approval of any patches that Debian applied, such as patches to support additional instruction sets. But in February 2016, Mozilla realized that the Debian project hadn't been doing anything that would tarnish the Firefox brand, and so Mozilla allowed Debian to use Firefox's branding.
If you want to serve your own copy of a script, I have absolutely no problem with it. But search engines might, as they rank slowly loading documents lower, and they weigh commonly cached scripts served from CDNs as less of a contributor to slowness.
Cache hits for subsequent HTML documents retrieved from one site are fine if the user actually views multiple documents on the same site. But someone who reaches a site through a search engine, such as DuckDuckGo or Google, or through a news aggregator, such as SoylentNews or Slashdot, is likely to connect, retrieve one document, and continue to a different document on a different site. A cache per site doesn't help with this use case; a cache shared among several sites does.
Your Acer netbook is probably discontinued by now. Is there an affordable modern laptop with a 10" display and a warranty? Or do I need to settle for to a 13" mugger magnet?