that subsequently jump-started the whole wave of Chromebooks
Chromebooks run Linux as their kernel, I'm aware. But until now, they haven't given the user ability to run GNU outside the self-destructing developer mode. Straight from the horse's mouth, with emphasis in the original:
Remember: Chrome OS devices are not general-purpose PCs.
So from first quarter 2013 through second quarter 2018, compact laptops usable as general-purpose GNU/Linux laptops were not widely available with a warranty in stores. Sure, netbooks are still scattered across pawn shops, but they haven't seen any updates, and at least one anonymous commenter on Slashdot has unironically suggested to stockpile the dwindling supply of old netbooks and maintain them by replacing lithium cells in their battery packs.
The new part is the ability for your Chromebrew installation and unpushed changes to survive someone turning on your Chromebook and following the prompts. A developer mode Chromebook prompts the user to press Space then Enter to perform a factory reset, and your non-technical roommate or children just might follow them.
Thanks for clarifying. You are correct that I do not own a Nintendo Switch, or a Wii U for that matter. Pretend I said "If Nintendo wants to keep SNK on board with its store".
How can they have missed out on the opportunity to call it "Nintendo Entertainment Online"?
SNK might object, as "NEO" might be too similar to SNK's "Neo Geo" arcade platform and consoles. If Nintendo wants to get SNK games into the store once this expands to a true Virtual Console successor, Nintendo marketing needs to tread carefully.
Microsoft developers managed to eat for about four decades just by making software people wanted to buy and platforms that were easy to develop for, without taking any cut of the revenues from other software running on their platform.
Microsoft started taking a cut in 2001 when the original Xbox came out. I thought Microsoft was founded in 1975, not 1961.
I thought developers could keep only 97% already, as the payment processor keeps 3% for the service of accepting credit cards. In addition, Microsoft's deployment framework handles download, installation, and updates, unlike out-of-Store distribution where the developer must implement that himself and will often run into the SmartScreen "Don't run" wall until several users of IE, Edge, or Windows 10 have installed it and clicked past SmartScreen.
Let's try a couple different answers that aren't quite so absolute: The majority of PC games released since January 1, 2013. Or the particular games that your friends play and want to play with you in online multiplayer.
I'd prefer to use a TLS client certificate, but the user interface for those in widely used web browsers needs a serious redesign before that can be practical.
First, the browser needs to make the button to select a client certificate more obvious. Second, split the list of available client certificates into three groups: anonymous (no certificate), certificates used on the same domain (ordered by most recent), and certificates used on other domains. Third, browsers' built-in password/bookmark/history synchronization mechanisms need to make synchronizing client certificates across devices painless. Might WebAuthn (a W3C Candidate Recommendation generalizing FIDO U2F) be a step in the right direction?
I found your comment difficult to read because of the lack of sentence-initial capital letters, quotation marks, and line breaks.
Ok, first stop using MD5? that sounds like a start.
RFC 2069 specifies that HTTP digest authentication shall use MD5. Switching from MD5 to anything else would require the use of JavaScript. The use of JavaScript would require counterpart functionality in the noscript element.
second, encypted session(lets get as secure as we can before we do any auth)
TLS. I'm with you so far.
Server says how do you expect me to believe you, here is an algorithm.. the same as the one you signed up with(you can even do a rolling algo with a flag in the database per user) also heres a salt to use.
What you describe is in essence what I described earlier as "Some zero-knowledge proof means", for which I warned: "This fails if the user has turned off automatic execution of script in the browser." Here's how the next step would play out in detail:
Client says "I am running the LibreJS extension. Before I run any code, I'll need to see that code's copyright license to ensure that my user has the right to audit the algorithm you are sending, in order to ensure that your program isn't unduly intrusive on my user's privacy or otherwise malicious, and share the results of this audit." Quoting FSF's Free Software Definition, the user will need the following rights:
The freedom to run the program as you wish, for any purpose (freedom 0).
The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
The freedom to redistribute copies so you can help others (freedom 2).
The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.
The GNU General Public License defines a work's "source code" as "the preferred form of the work for making modifications to it." A minified or obfuscated form of a script is instead called "object code", even if it is in superficially the same syntax as source code.
If you can't tell if it's video or not, you also wouldn't be able to play it
JavaScript code downloads a file, runs an algorithm on its bytes, and updates the pixel content of a <canvas> element. Is that video? How would a browser be able to tell?
JavaScript code downloads a bunch of JPEG or PNG images and displays them in sequence on an <img> element. Is that video? How would a browser be able to tell?
When you've blocked muted autoplaying WebM or GIF, would you prefer that websites fall back to a sequence of JPEG or PNG images rotated by script? Or storing frames in a JPEG and using CSS animation to cycle among them?
When I was little, I was told a house made of strawbale and another made of wood failed to survive severe weather, particularly strong rain[1] and wind.[2] Or have I been duped all these years by the brick construction lobby?
Ergo, humanity must not exist, since we could not have existed before concrete.
The truth is probably somewhere in the middle. Some of us could have existed, others not. To understand why, ask yourself: What was the human population before the invention of concrete, and what is the human population now? At least some of this additional carrying capacity probably arises from inventions that rely on concrete.
Say you're playing a web-based video game. Every time something happens in the game, a sound effect plays. Do you want to have to click play 20 times for 20 sound effects?
In Firefox ESR 52, currently the default in Debian 9 "Stretch", this galloping horse got past media.autoplay.enabled = false. Does current Firefox add CSS animation blocking?
Block autoplaying muted video, and sites will fall back to autoplay methods that use even more CPU or bandwidth: animated GIF, FFmpeg's VP8 decoder compiled to asm.js or WebAssembly and rendering to a <canvas>, scripted JPEG/PNG rotation, or even pure CSS JPEG/PNG rotation.
Slashdot Mirror
But for what fraction of those "decades" have you been able to buy a compact GNU/Linux laptop in major electronics store chains?
Approximately since the ASUS eeePC started the "sub-notebook with Linux in your local store" craze
That craze covers fourth quarter 2007 through roughly fourth quarter 2012.
that subsequently jump-started the whole wave of Chromebooks
Chromebooks run Linux as their kernel, I'm aware. But until now, they haven't given the user ability to run GNU outside the self-destructing developer mode. Straight from the horse's mouth, with emphasis in the original:
So from first quarter 2013 through second quarter 2018, compact laptops usable as general-purpose GNU/Linux laptops were not widely available with a warranty in stores. Sure, netbooks are still scattered across pawn shops, but they haven't seen any updates, and at least one anonymous commenter on Slashdot has unironically suggested to stockpile the dwindling supply of old netbooks and maintain them by replacing lithium cells in their battery packs.
If Canonical tried that nowadays, The Tetris Company would sue Canonical and win. See article "US District Court: Game Elements In Tetris Clone Infringe Tetris Co.'s Copyright" from June 2012 about Tetris v. Xio.
Since when does Gentoo not support running Debian's userspace in a chroot?
I can run Linux programs on my Linux machine. I've been able to do that for decades.
But for what fraction of those "decades" have you been able to buy a compact GNU/Linux laptop in major electronics store chains?
The new part is the ability for your Chromebrew installation and unpushed changes to survive someone turning on your Chromebook and following the prompts. A developer mode Chromebook prompts the user to press Space then Enter to perform a factory reset, and your non-technical roommate or children just might follow them.
How is this different than developer mode which gives you full access to the system?
Developer mode self-destructs if someone turns on a Chromebook and looks at it funny. Verified mode does not.
It was also about what Anonymous Brave Guy referred to as "platforms". I took the use of plural to include platforms other than Windows.
Thanks for clarifying. You are correct that I do not own a Nintendo Switch, or a Wii U for that matter. Pretend I said "If Nintendo wants to keep SNK on board with its store".
How can they have missed out on the opportunity to call it "Nintendo Entertainment Online"?
SNK might object, as "NEO" might be too similar to SNK's "Neo Geo" arcade platform and consoles. If Nintendo wants to get SNK games into the store once this expands to a true Virtual Console successor, Nintendo marketing needs to tread carefully.
How do you expect to process buyers' payment and still keep 100%?
Microsoft developers managed to eat for about four decades just by making software people wanted to buy and platforms that were easy to develop for, without taking any cut of the revenues from other software running on their platform.
Microsoft started taking a cut in 2001 when the original Xbox came out. I thought Microsoft was founded in 1975, not 1961.
I thought developers could keep only 97% already, as the payment processor keeps 3% for the service of accepting credit cards. In addition, Microsoft's deployment framework handles download, installation, and updates, unlike out-of-Store distribution where the developer must implement that himself and will often run into the SmartScreen "Don't run" wall until several users of IE, Edge, or Windows 10 have installed it and clicked past SmartScreen.
What plans have you made for 20 months from now when security updates for the Windows 7 operating system on these refurbs dry up?
Let's try a couple different answers that aren't quite so absolute: The majority of PC games released since January 1, 2013. Or the particular games that your friends play and want to play with you in online multiplayer.
What applications do these "nontechie relatives" use that has no replacement on macOS?
I'd prefer to use a TLS client certificate, but the user interface for those in widely used web browsers needs a serious redesign before that can be practical.
First, the browser needs to make the button to select a client certificate more obvious. Second, split the list of available client certificates into three groups: anonymous (no certificate), certificates used on the same domain (ordered by most recent), and certificates used on other domains. Third, browsers' built-in password/bookmark/history synchronization mechanisms need to make synchronizing client certificates across devices painless. Might WebAuthn (a W3C Candidate Recommendation generalizing FIDO U2F) be a step in the right direction?
I found your comment difficult to read because of the lack of sentence-initial capital letters, quotation marks, and line breaks.
Ok, first stop using MD5? that sounds like a start.
RFC 2069 specifies that HTTP digest authentication shall use MD5. Switching from MD5 to anything else would require the use of JavaScript. The use of JavaScript would require counterpart functionality in the noscript element.
second, encypted session(lets get as secure as we can before we do any auth)
TLS. I'm with you so far.
Server says how do you expect me to believe you, here is an algorithm.. the same as the one you signed up with(you can even do a rolling algo with a flag in the database per user) also heres a salt to use.
What you describe is in essence what I described earlier as "Some zero-knowledge proof means", for which I warned: "This fails if the user has turned off automatic execution of script in the browser." Here's how the next step would play out in detail:
Client says "I am running the LibreJS extension. Before I run any code, I'll need to see that code's copyright license to ensure that my user has the right to audit the algorithm you are sending, in order to ensure that your program isn't unduly intrusive on my user's privacy or otherwise malicious, and share the results of this audit." Quoting FSF's Free Software Definition, the user will need the following rights:
The GNU General Public License defines a work's "source code" as "the preferred form of the work for making modifications to it." A minified or obfuscated form of a script is instead called "object code", even if it is in superficially the same syntax as source code.
If you can't tell if it's video or not, you also wouldn't be able to play it
JavaScript code downloads a file, runs an algorithm on its bytes, and updates the pixel content of a <canvas> element. Is that video? How would a browser be able to tell?
JavaScript code downloads a bunch of JPEG or PNG images and displays them in sequence on an <img> element. Is that video? How would a browser be able to tell?
An element has a JPEG background image whose position within its container is advanced by steps using a CSS animation. Is that video? How would a browser be able to tell?
Let users decide if they want to waste all their bandwidth downloading video.
With the numerous ways to animate something in the web platform, good luck detecting "video" before it's downloaded.
When you've blocked muted autoplaying WebM or GIF, would you prefer that websites fall back to a sequence of JPEG or PNG images rotated by script? Or storing frames in a JPEG and using CSS animation to cycle among them?
When I was little, I was told a house made of strawbale and another made of wood failed to survive severe weather, particularly strong rain[1] and wind.[2] Or have I been duped all these years by the brick construction lobby?
[1] "The Pros and Cons of Straw Bale Wall Construction In Green Building"
[2] "The Three Little Pigs" by Joseph Jacobs
Ergo, humanity must not exist, since we could not have existed before concrete.
The truth is probably somewhere in the middle. Some of us could have existed, others not. To understand why, ask yourself: What was the human population before the invention of concrete, and what is the human population now? At least some of this additional carrying capacity probably arises from inventions that rely on concrete.
Say you're playing a web-based video game. Every time something happens in the game, a sound effect plays. Do you want to have to click play 20 times for 20 sound effects?
In Firefox ESR 52, currently the default in Debian 9 "Stretch", this galloping horse got past media.autoplay.enabled = false. Does current Firefox add CSS animation blocking?
Block autoplaying muted video, and sites will fall back to autoplay methods that use even more CPU or bandwidth: animated GIF, FFmpeg's VP8 decoder compiled to asm.js or WebAssembly and rendering to a <canvas>, scripted JPEG/PNG rotation, or even pure CSS JPEG/PNG rotation.