I disallow third-party links and if things break, they keep the pieces.
When you discover that the first several results from a search on a search engine "break", good luck letting sites "keep the pieces" while keeping some sense that search engines are still useful. Imagine performing some random web search, but you discover that the first five results on the page that look relevant are broken due to your ad blocking policy. But you don't know they're actually broken until you've already spent time viewing them. Your back button is going to get a lot of workout, and you'll spend a lot of time looking at broken pages.
But an anti-ad browser can download the shit without actually rendering it.
Which defeats the use of content blocking tools to prevent extra usage charges from the user's Internet service provider. This becomes important when satellite and mobile ISPs are charging $5 to $15 per GB.
Render the ad in a memory bitmap, and pass it back to the checking sw. But don't actually display it.
Solve Media defeats that by requiring the user to type in text from the ad.
and if facebook/newspapers breaks on a work computer then it is a good thing for productivity!
But potentially a bad thing for employee morale, as blocking newspapers affects what an employee can do during 10 minute breaks. That which negatively affects employee morale eventually affects employee retention.
One side effect of moving to closed access, where articles are spread out across several publications each with its own monthly or annual subscription, is that it'll become cost prohibitive for an individual to sample the viewpoints of several different publications. This means people will end up sucked into the echo chamber of one single publication's editorial bias.
The requirement for client credentials in implementations of OAuth produces a couple practical problems.
OAuth 1 and OAuth 2 are unrelated protocols with similar names. The spec for each discourages servers from requiring client credentials (a client ID and client secret) in an API intended for use in an app that runs on the user's computer, such as a desktop or mobile app. As stated in section 4.6 of the OAuth 1 RFC:
In many cases, the client application will be under the control of potentially untrusted parties. For example, if the client is a desktop application with freely available source code or an executable binary, an attacker may be able to download a copy for analysis. In such cases, attackers will be able to recover the client credentials.
Native applications that use the authorization code grant type SHOULD do so without using client credentials, due to the native application's inability to keep client credentials confidential.
If a deployed app cannot keep the secret confidential, such as Javascript or native apps, then the secret is not used. [...] mobile apps must also use an OAuth flow that does not require a client secret.
Yet several service providers offering APIs built on OAuth 1 or OAuth 2, notably Twitter, require them. Despite it being trivial to pull client credentials out of an executable with tools such as strings, Twitter has been known to disable any client credentials that leak to the public. There are two workarounds, both cumbersome:
The first, recommended by OAuth 1 spec author Dick Hardt, is to proxy all API calls through a server that the app developer operates. The API keys then never leave this server. Yet the app developer needs to find some way to recover the cost of operating this proxy server.
The other, as recommended by Raffi Krikorian and Chris Steipp, requires each user to register with the service provider as a developer, obtain API credentials through the developer console, and enter those into the user's own copy of the application. Because providers tend to refuse to offer a means of automating application registration, each application has to include a walkthrough for registering a copy of an application and update this walkthrough whenever the service provider changes the design of the developer console. In addition, developer consoles tend to require a minimum age of 18 to rather than 13.
OpenID 2.0, an authentication protocol, did not require relying parties to obtain client credentials. It was intended that a user would paste his identifier URI into a form on the relying party's web site (or use a browser extension to autofill it), and the user would be briefly redirected to the identity provider's web site for verification. Very few identity providers required relying parties to register; the only one I could think of was PayPal.
But unlike OpenID 2.0, which was open by default, the OAuth 2-based OpenID Connect is closed by default. It requires each relying party to obtain client credentials from each identity provider's developer console, which requires O(n^2) contract executions. There's theoretically a way for a relying party to obtain client credentials automatically, called Dynamic Client Registration (dyn-reg), but to my knowledge
It's the same as with dead tree magazines - if you don't pay for it then that magazine is dead.
Which means the majority of articles would be dead to the majority of people, as the majority of people would not have the resources to maintain a subscription to the majority of periodicals, including the effort to obtain back issues. How does it benefit the public to make the majority of articles dead to the majority of people?
Next to nobody is willing to pay for a whole month just to read one article found through a search engine or through a citation shared by a friend. Imagine having to do this to read one article from each of ten different publications in a month.[1]
There's an application you have for "display a news article". It's a browser running HTML with no scripting enabled.
Without scripting, how does the user navigate through a photo gallery attached to a news article? Or did you mean reload the entire page when the user follows the "Next Photo" or "Previous Photo" link?
Then what means of deploying an application across platforms isn't fundamentally broken? Or should anyone who makes an app expect to have to make it six times, once for each platform (Windows, OS X, GNU/Linux, Android, iOS, and Windows Phone)?
So what do you do when a web search returns four results in a row that require you to turn off your blocker? Having to close a bunch of sites in a row makes searching the web more tedious.
A paywall could be practical if it were possible to pay per page. But right now it's not because the credit card networks charge a swipe fee far too large for that to be practical. Even Bitcoin imposes a transaction fee of 0.0001 BTC (about 4.5 cents) payable to the miner who verifies your block.
Say you run a site that serves ads on your own domain. Now someone wants to advertise on your site but wants accurate reach metrics. How are you going to convince an advertiser that you are providing view counts and click counts that aren't inflated?
If the top four or five results from a DuckDuckGo or Google search are from sites that deploy anti-ad-blocking measures, it's going to become hard to find things through web search without having to waste your time clicking the back button more often than not.
And the elsewhere site is going to somehow support itself without any revenue from ads? How?
By being a public benefit corporation and accepting donations from its readers. One example of a public benefit corporation is SoylentNews, and that's where a lot of us will end up should Slashdice go full betard or put up anti-adblock measures.
I agree with you that Android's development model is too cathedral-like for some critics. But I was referring to the free software licenses that apply to the operating system (apart from Google Play). Linux and OpenJDK are under the GNU GPL version 2. Most of the rest of Android Open Source Project is under the Apache license.
In our discussions with companies and governments that use specialized or enterprise-level computer facilities, we found that sometimes these or- ganizations actually want their systems not to be under their own control. Rather than agreeing to this as a concession, or bowing to pressure, they ask for this as a preference. It is not clear that we need to interfere, and the main problem lies elsewhere.
While imposing technical barriers to modification is wrong regardless of circumstances, the areas where restricted devices are of the greatest practical concern today fall within the User Product definition. Most, if not all, technically-restricted devices running GPL-covered programs are consumer electronics devices, and we expect that to remain true in the near future. Moreover, the disparity in clout between the manufacturers and these users makes it difficult for the users to reject technical restrictions through their weak and unorganized market power. Even if limited to User Products, as defined in Draft 3, the provision still does the job that needs to be done. Therefore we have decided to limit the technical restrictions provisions to User Products in this draft.
And it's not a restriction on a particular field of use; it's a requirement for distribution in a particular form, namely preinstallation in a device. It's not much different from the requirement in GPLv2 to provide "scripts used to control compilation and installation" (my emphasis).
How come drugs have limits but a book of cat names can go multiple lifetimes? Ridiculous.
Because in theory, copyright doesn't apply to you if you've never had access to the older work. Patents apply to everyone. The longer term of a copyright is said to balance the possibility of independent creation.
Constitute a sufficiently large market to enable enough economies of scale to convince peripheral makers to support it rather than making peripherals compatible only with Macs and Windows PCs.
I disallow third-party links and if things break, they keep the pieces.
When you discover that the first several results from a search on a search engine "break", good luck letting sites "keep the pieces" while keeping some sense that search engines are still useful. Imagine performing some random web search, but you discover that the first five results on the page that look relevant are broken due to your ad blocking policy. But you don't know they're actually broken until you've already spent time viewing them. Your back button is going to get a lot of workout, and you'll spend a lot of time looking at broken pages.
But an anti-ad browser can download the shit without actually rendering it.
Which defeats the use of content blocking tools to prevent extra usage charges from the user's Internet service provider. This becomes important when satellite and mobile ISPs are charging $5 to $15 per GB.
Render the ad in a memory bitmap, and pass it back to the checking sw. But don't actually display it.
Solve Media defeats that by requiring the user to type in text from the ad.
and if facebook/newspapers breaks on a work computer then it is a good thing for productivity!
But potentially a bad thing for employee morale, as blocking newspapers affects what an employee can do during 10 minute breaks. That which negatively affects employee morale eventually affects employee retention.
One side effect of moving to closed access, where articles are spread out across several publications each with its own monthly or annual subscription, is that it'll become cost prohibitive for an individual to sample the viewpoints of several different publications. This means people will end up sucked into the echo chamber of one single publication's editorial bias.
So what's your revised prediction for deployment of Trusted Network Connect by home and mobile ISPs, which recently came up?
The requirement for client credentials in implementations of OAuth produces a couple practical problems.
OAuth 1 and OAuth 2 are unrelated protocols with similar names. The spec for each discourages servers from requiring client credentials (a client ID and client secret) in an API intended for use in an app that runs on the user's computer, such as a desktop or mobile app. As stated in section 4.6 of the OAuth 1 RFC:
Likewise section 9 of the OAuth 2 RFC:
And the article "OAuth 2 Simplified" by Aaron Parecki states:
Yet several service providers offering APIs built on OAuth 1 or OAuth 2, notably Twitter, require them. Despite it being trivial to pull client credentials out of an executable with tools such as strings, Twitter has been known to disable any client credentials that leak to the public. There are two workarounds, both cumbersome:
OpenID 2.0, an authentication protocol, did not require relying parties to obtain client credentials. It was intended that a user would paste his identifier URI into a form on the relying party's web site (or use a browser extension to autofill it), and the user would be briefly redirected to the identity provider's web site for verification. Very few identity providers required relying parties to register; the only one I could think of was PayPal.
But unlike OpenID 2.0, which was open by default, the OAuth 2-based OpenID Connect is closed by default. It requires each relying party to obtain client credentials from each identity provider's developer console, which requires O(n^2) contract executions. There's theoretically a way for a relying party to obtain client credentials automatically, called Dynamic Client Registration (dyn-reg), but to my knowledge
It's the same as with dead tree magazines - if you don't pay for it then that magazine is dead.
Which means the majority of articles would be dead to the majority of people, as the majority of people would not have the resources to maintain a subscription to the majority of periodicals, including the effort to obtain back issues. How does it benefit the public to make the majority of articles dead to the majority of people?
In this analogy, how would you avoid the existence of lava in the first place?
Next to nobody is willing to pay for a whole month just to read one article found through a search engine or through a citation shared by a friend. Imagine having to do this to read one article from each of ten different publications in a month.[1]
[1] "Adblockers say, 'Find a better business model.' But can you really?" posted on 2015-10-12
Advertisers choose the Internet over radio and TV in part because the Internet gives more detailed reach statistics than radio and TV.
There's an application you have for "display a news article". It's a browser running HTML with no scripting enabled.
Without scripting, how does the user navigate through a photo gallery attached to a news article? Or did you mean reload the entire page when the user follows the "Next Photo" or "Previous Photo" link?
Then encrypt the article with a key derived from the hash of the ad.
As in, have to watch the ads before you can see the ads.
That's nothing. The trailers before The Force Awakens are also ads before ads. Like Transformers and The Wizard, it's a two hour toy commercial.
I'm using Adblock and I can all the articles on Forbes without any problem. (??)
I too "can" all the articles on Forbes. I put them in the can, the trash can.
scripts are fundamentally broken.
Then what means of deploying an application across platforms isn't fundamentally broken? Or should anyone who makes an app expect to have to make it six times, once for each platform (Windows, OS X, GNU/Linux, Android, iOS, and Windows Phone)?
To block Forbes crap from resolving, add these lines to your hosts file:
So what do you do when a web search returns four results in a row that require you to turn off your blocker? Having to close a bunch of sites in a row makes searching the web more tedious.
A paywall could be practical if it were possible to pay per page. But right now it's not because the credit card networks charge a swipe fee far too large for that to be practical. Even Bitcoin imposes a transaction fee of 0.0001 BTC (about 4.5 cents) payable to the miner who verifies your block.
Say you run a site that serves ads on your own domain. Now someone wants to advertise on your site but wants accurate reach metrics. How are you going to convince an advertiser that you are providing view counts and click counts that aren't inflated?
Or just stop visiting their site.
If the top four or five results from a DuckDuckGo or Google search are from sites that deploy anti-ad-blocking measures, it's going to become hard to find things through web search without having to waste your time clicking the back button more often than not.
And the elsewhere site is going to somehow support itself without any revenue from ads? How?
By being a public benefit corporation and accepting donations from its readers. One example of a public benefit corporation is SoylentNews, and that's where a lot of us will end up should Slashdice go full betard or put up anti-adblock measures.
Then be choosier in what you buy. Nexus devices can officially be flashed with a rooted ROM.
I thought recent rulings at the Supreme Court had shut down the "prior art + on a computer = patentable" formula.
I agree with you that Android's development model is too cathedral-like for some critics. But I was referring to the free software licenses that apply to the operating system (apart from Google Play). Linux and OpenJDK are under the GNU GPL version 2. Most of the rest of Android Open Source Project is under the Apache license.
Google gplv3 "user product" brought me the article "GPLv3, User Products Clause" by Allison Randal, which links to the GPLv3 rationale document (PDF). However, the explanation to which Randal's article refers is in rationale for draft 3 (PDF), not rationale for draft 4 (PDF), to which the link to the rationale currently redirects. For convenience, I quote the relevant excerpt from the rationale for draft 3 here:
And it's not a restriction on a particular field of use; it's a requirement for distribution in a particular form, namely preinstallation in a device. It's not much different from the requirement in GPLv2 to provide "scripts used to control compilation and installation" (my emphasis).
How come drugs have limits but a book of cat names can go multiple lifetimes? Ridiculous.
Because in theory, copyright doesn't apply to you if you've never had access to the older work. Patents apply to everyone. The longer term of a copyright is said to balance the possibility of independent creation.
What can 327million people do that 700,000 can't?
Constitute a sufficiently large market to enable enough economies of scale to convince peripheral makers to support it rather than making peripherals compatible only with Macs and Windows PCs.